2 * Copyright (C) 1991, 1992 Linus Torvalds
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
67 #include <linux/types.h>
68 #include <linux/major.h>
69 #include <linux/errno.h>
70 #include <linux/signal.h>
71 #include <linux/fcntl.h>
72 #include <linux/sched.h>
73 #include <linux/interrupt.h>
74 #include <linux/tty.h>
75 #include <linux/tty_driver.h>
76 #include <linux/tty_flip.h>
77 #include <linux/devpts_fs.h>
78 #include <linux/file.h>
79 #include <linux/fdtable.h>
80 #include <linux/console.h>
81 #include <linux/timer.h>
82 #include <linux/ctype.h>
85 #include <linux/string.h>
86 #include <linux/slab.h>
87 #include <linux/poll.h>
88 #include <linux/proc_fs.h>
89 #include <linux/init.h>
90 #include <linux/module.h>
91 #include <linux/device.h>
92 #include <linux/wait.h>
93 #include <linux/bitops.h>
94 #include <linux/delay.h>
95 #include <linux/seq_file.h>
96 #include <linux/serial.h>
97 #include <linux/ratelimit.h>
99 #include <linux/uaccess.h>
101 #include <linux/kbd_kern.h>
102 #include <linux/vt_kern.h>
103 #include <linux/selection.h>
105 #include <linux/kmod.h>
106 #include <linux/nsproxy.h>
108 #undef TTY_DEBUG_HANGUP
110 #define TTY_PARANOIA_CHECK 1
111 #define CHECK_TTY_COUNT 1
113 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
114 .c_iflag = ICRNL | IXON,
115 .c_oflag = OPOST | ONLCR,
116 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
117 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
118 ECHOCTL | ECHOKE | IEXTEN,
124 EXPORT_SYMBOL(tty_std_termios);
126 /* This list gets poked at by procfs and various bits of boot up code. This
127 could do with some rationalisation such as pulling the tty proc function
130 LIST_HEAD(tty_drivers); /* linked list of tty drivers */
132 /* Mutex to protect creating and releasing a tty. This is shared with
133 vt.c for deeply disgusting hack reasons */
134 DEFINE_MUTEX(tty_mutex);
135 EXPORT_SYMBOL(tty_mutex);
137 /* Spinlock to protect the tty->tty_files list */
138 DEFINE_SPINLOCK(tty_files_lock);
140 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
141 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
142 ssize_t redirected_tty_write(struct file *, const char __user *,
144 static unsigned int tty_poll(struct file *, poll_table *);
145 static int tty_open(struct inode *, struct file *);
146 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
148 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
151 #define tty_compat_ioctl NULL
153 static int __tty_fasync(int fd, struct file *filp, int on);
154 static int tty_fasync(int fd, struct file *filp, int on);
155 static void release_tty(struct tty_struct *tty, int idx);
156 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
157 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
160 * alloc_tty_struct - allocate a tty object
162 * Return a new empty tty structure. The data fields have not
163 * been initialized in any way but has been zeroed
168 struct tty_struct *alloc_tty_struct(void)
170 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
174 * free_tty_struct - free a disused tty
175 * @tty: tty struct to free
177 * Free the write buffers, tty queue and tty memory itself.
179 * Locking: none. Must be called after tty is definitely unused
182 void free_tty_struct(struct tty_struct *tty)
187 put_device(tty->dev);
188 kfree(tty->write_buf);
189 tty->magic = 0xDEADDEAD;
193 static inline struct tty_struct *file_tty(struct file *file)
195 return ((struct tty_file_private *)file->private_data)->tty;
198 int tty_alloc_file(struct file *file)
200 struct tty_file_private *priv;
202 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
206 file->private_data = priv;
211 /* Associate a new file with the tty structure */
212 void tty_add_file(struct tty_struct *tty, struct file *file)
214 struct tty_file_private *priv = file->private_data;
219 spin_lock(&tty_files_lock);
220 list_add(&priv->list, &tty->tty_files);
221 spin_unlock(&tty_files_lock);
225 * tty_free_file - free file->private_data
227 * This shall be used only for fail path handling when tty_add_file was not
230 void tty_free_file(struct file *file)
232 struct tty_file_private *priv = file->private_data;
234 file->private_data = NULL;
238 /* Delete file from its tty */
239 static void tty_del_file(struct file *file)
241 struct tty_file_private *priv = file->private_data;
243 spin_lock(&tty_files_lock);
244 list_del(&priv->list);
245 spin_unlock(&tty_files_lock);
250 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
253 * tty_name - return tty naming
254 * @tty: tty structure
255 * @buf: buffer for output
257 * Convert a tty structure into a name. The name reflects the kernel
258 * naming policy and if udev is in use may not reflect user space
263 char *tty_name(struct tty_struct *tty, char *buf)
265 if (!tty) /* Hmm. NULL pointer. That's fun. */
266 strcpy(buf, "NULL tty");
268 strcpy(buf, tty->name);
272 EXPORT_SYMBOL(tty_name);
274 int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
277 #ifdef TTY_PARANOIA_CHECK
280 "null TTY for (%d:%d) in %s\n",
281 imajor(inode), iminor(inode), routine);
284 if (tty->magic != TTY_MAGIC) {
286 "bad magic number for tty struct (%d:%d) in %s\n",
287 imajor(inode), iminor(inode), routine);
294 static int check_tty_count(struct tty_struct *tty, const char *routine)
296 #ifdef CHECK_TTY_COUNT
300 spin_lock(&tty_files_lock);
301 list_for_each(p, &tty->tty_files) {
304 spin_unlock(&tty_files_lock);
305 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
306 tty->driver->subtype == PTY_TYPE_SLAVE &&
307 tty->link && tty->link->count)
309 if (tty->count != count) {
310 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
311 "!= #fd's(%d) in %s\n",
312 tty->name, tty->count, count, routine);
320 * get_tty_driver - find device of a tty
321 * @dev_t: device identifier
322 * @index: returns the index of the tty
324 * This routine returns a tty driver structure, given a device number
325 * and also passes back the index number.
327 * Locking: caller must hold tty_mutex
330 static struct tty_driver *get_tty_driver(dev_t device, int *index)
332 struct tty_driver *p;
334 list_for_each_entry(p, &tty_drivers, tty_drivers) {
335 dev_t base = MKDEV(p->major, p->minor_start);
336 if (device < base || device >= base + p->num)
338 *index = device - base;
339 return tty_driver_kref_get(p);
344 #ifdef CONFIG_CONSOLE_POLL
347 * tty_find_polling_driver - find device of a polled tty
348 * @name: name string to match
349 * @line: pointer to resulting tty line nr
351 * This routine returns a tty driver structure, given a name
352 * and the condition that the tty driver is capable of polled
355 struct tty_driver *tty_find_polling_driver(char *name, int *line)
357 struct tty_driver *p, *res = NULL;
362 for (str = name; *str; str++)
363 if ((*str >= '0' && *str <= '9') || *str == ',')
369 tty_line = simple_strtoul(str, &str, 10);
371 mutex_lock(&tty_mutex);
372 /* Search through the tty devices to look for a match */
373 list_for_each_entry(p, &tty_drivers, tty_drivers) {
374 if (strncmp(name, p->name, len) != 0)
382 if (tty_line >= 0 && tty_line < p->num && p->ops &&
383 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
384 res = tty_driver_kref_get(p);
389 mutex_unlock(&tty_mutex);
393 EXPORT_SYMBOL_GPL(tty_find_polling_driver);
397 * tty_check_change - check for POSIX terminal changes
400 * If we try to write to, or set the state of, a terminal and we're
401 * not in the foreground, send a SIGTTOU. If the signal is blocked or
402 * ignored, go ahead and perform the operation. (POSIX 7.2)
407 int tty_check_change(struct tty_struct *tty)
412 if (current->signal->tty != tty)
415 spin_lock_irqsave(&tty->ctrl_lock, flags);
418 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
421 if (task_pgrp(current) == tty->pgrp)
423 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
424 if (is_ignored(SIGTTOU))
426 if (is_current_pgrp_orphaned()) {
430 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
431 set_thread_flag(TIF_SIGPENDING);
436 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
440 EXPORT_SYMBOL(tty_check_change);
442 static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
443 size_t count, loff_t *ppos)
448 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
449 size_t count, loff_t *ppos)
454 /* No kernel lock held - none needed ;) */
455 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
457 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
460 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
463 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
466 static long hung_up_tty_compat_ioctl(struct file *file,
467 unsigned int cmd, unsigned long arg)
469 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
472 static const struct file_operations tty_fops = {
477 .unlocked_ioctl = tty_ioctl,
478 .compat_ioctl = tty_compat_ioctl,
480 .release = tty_release,
481 .fasync = tty_fasync,
484 static const struct file_operations console_fops = {
487 .write = redirected_tty_write,
489 .unlocked_ioctl = tty_ioctl,
490 .compat_ioctl = tty_compat_ioctl,
492 .release = tty_release,
493 .fasync = tty_fasync,
496 static const struct file_operations hung_up_tty_fops = {
498 .read = hung_up_tty_read,
499 .write = hung_up_tty_write,
500 .poll = hung_up_tty_poll,
501 .unlocked_ioctl = hung_up_tty_ioctl,
502 .compat_ioctl = hung_up_tty_compat_ioctl,
503 .release = tty_release,
506 static DEFINE_SPINLOCK(redirect_lock);
507 static struct file *redirect;
510 * tty_wakeup - request more data
513 * Internal and external helper for wakeups of tty. This function
514 * informs the line discipline if present that the driver is ready
515 * to receive more output data.
518 void tty_wakeup(struct tty_struct *tty)
520 struct tty_ldisc *ld;
522 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
523 ld = tty_ldisc_ref(tty);
525 if (ld->ops->write_wakeup)
526 ld->ops->write_wakeup(tty);
530 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
533 EXPORT_SYMBOL_GPL(tty_wakeup);
536 * tty_signal_session_leader - sends SIGHUP to session leader
537 * @tty controlling tty
538 * @exit_session if non-zero, signal all foreground group processes
540 * Send SIGHUP and SIGCONT to the session leader and its process group.
541 * Optionally, signal all processes in the foreground process group.
543 * Returns the number of processes in the session with this tty
544 * as their controlling terminal. This value is used to drop
545 * tty references for those processes.
547 static int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
549 struct task_struct *p;
551 struct pid *tty_pgrp = NULL;
553 read_lock(&tasklist_lock);
555 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
556 spin_lock_irq(&p->sighand->siglock);
557 if (p->signal->tty == tty) {
558 p->signal->tty = NULL;
559 /* We defer the dereferences outside fo
563 if (!p->signal->leader) {
564 spin_unlock_irq(&p->sighand->siglock);
567 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
568 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
569 put_pid(p->signal->tty_old_pgrp); /* A noop */
570 spin_lock(&tty->ctrl_lock);
571 tty_pgrp = get_pid(tty->pgrp);
573 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
574 spin_unlock(&tty->ctrl_lock);
575 spin_unlock_irq(&p->sighand->siglock);
576 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
578 read_unlock(&tasklist_lock);
582 kill_pgrp(tty_pgrp, SIGHUP, exit_session);
590 * __tty_hangup - actual handler for hangup events
593 * This can be called by a "kworker" kernel thread. That is process
594 * synchronous but doesn't hold any locks, so we need to make sure we
595 * have the appropriate locks for what we're doing.
597 * The hangup event clears any pending redirections onto the hung up
598 * device. It ensures future writes will error and it does the needed
599 * line discipline hangup and signal delivery. The tty object itself
604 * redirect lock for undoing redirection
605 * file list lock for manipulating list of ttys
606 * tty_ldiscs_lock from called functions
607 * termios_rwsem resetting termios data
608 * tasklist_lock to walk task list for hangup event
609 * ->siglock to protect ->signal/->sighand
611 static void __tty_hangup(struct tty_struct *tty, int exit_session)
613 struct file *cons_filp = NULL;
614 struct file *filp, *f = NULL;
615 struct tty_file_private *priv;
616 int closecount = 0, n;
623 spin_lock(&redirect_lock);
624 if (redirect && file_tty(redirect) == tty) {
628 spin_unlock(&redirect_lock);
632 /* some functions below drop BTM, so we need this bit */
633 set_bit(TTY_HUPPING, &tty->flags);
635 /* inuse_filps is protected by the single tty lock,
636 this really needs to change if we want to flush the
637 workqueue with the lock held */
638 check_tty_count(tty, "tty_hangup");
640 spin_lock(&tty_files_lock);
641 /* This breaks for file handles being sent over AF_UNIX sockets ? */
642 list_for_each_entry(priv, &tty->tty_files, list) {
644 if (filp->f_op->write == redirected_tty_write)
646 if (filp->f_op->write != tty_write)
649 __tty_fasync(-1, filp, 0); /* can't block */
650 filp->f_op = &hung_up_tty_fops;
652 spin_unlock(&tty_files_lock);
654 refs = tty_signal_session_leader(tty, exit_session);
655 /* Account for the p->signal references we killed */
660 * it drops BTM and thus races with reopen
661 * we protect the race by TTY_HUPPING
663 tty_ldisc_hangup(tty);
665 spin_lock_irq(&tty->ctrl_lock);
666 clear_bit(TTY_THROTTLED, &tty->flags);
667 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
668 put_pid(tty->session);
672 tty->ctrl_status = 0;
673 spin_unlock_irq(&tty->ctrl_lock);
676 * If one of the devices matches a console pointer, we
677 * cannot just call hangup() because that will cause
678 * tty->count and state->count to go out of sync.
679 * So we just call close() the right number of times.
683 for (n = 0; n < closecount; n++)
684 tty->ops->close(tty, cons_filp);
685 } else if (tty->ops->hangup)
686 (tty->ops->hangup)(tty);
688 * We don't want to have driver/ldisc interactions beyond
689 * the ones we did here. The driver layer expects no
690 * calls after ->hangup() from the ldisc side. However we
691 * can't yet guarantee all that.
693 set_bit(TTY_HUPPED, &tty->flags);
694 clear_bit(TTY_HUPPING, &tty->flags);
702 static void do_tty_hangup(struct work_struct *work)
704 struct tty_struct *tty =
705 container_of(work, struct tty_struct, hangup_work);
707 __tty_hangup(tty, 0);
711 * tty_hangup - trigger a hangup event
712 * @tty: tty to hangup
714 * A carrier loss (virtual or otherwise) has occurred on this like
715 * schedule a hangup sequence to run after this event.
718 void tty_hangup(struct tty_struct *tty)
720 #ifdef TTY_DEBUG_HANGUP
722 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
724 schedule_work(&tty->hangup_work);
727 EXPORT_SYMBOL(tty_hangup);
730 * tty_vhangup - process vhangup
731 * @tty: tty to hangup
733 * The user has asked via system call for the terminal to be hung up.
734 * We do this synchronously so that when the syscall returns the process
735 * is complete. That guarantee is necessary for security reasons.
738 void tty_vhangup(struct tty_struct *tty)
740 #ifdef TTY_DEBUG_HANGUP
743 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
745 __tty_hangup(tty, 0);
748 EXPORT_SYMBOL(tty_vhangup);
752 * tty_vhangup_self - process vhangup for own ctty
754 * Perform a vhangup on the current controlling tty
757 void tty_vhangup_self(void)
759 struct tty_struct *tty;
761 tty = get_current_tty();
769 * tty_vhangup_session - hangup session leader exit
770 * @tty: tty to hangup
772 * The session leader is exiting and hanging up its controlling terminal.
773 * Every process in the foreground process group is signalled SIGHUP.
775 * We do this synchronously so that when the syscall returns the process
776 * is complete. That guarantee is necessary for security reasons.
779 static void tty_vhangup_session(struct tty_struct *tty)
781 #ifdef TTY_DEBUG_HANGUP
784 printk(KERN_DEBUG "%s vhangup session...\n", tty_name(tty, buf));
786 __tty_hangup(tty, 1);
790 * tty_hung_up_p - was tty hung up
791 * @filp: file pointer of tty
793 * Return true if the tty has been subject to a vhangup or a carrier
797 int tty_hung_up_p(struct file *filp)
799 return (filp->f_op == &hung_up_tty_fops);
802 EXPORT_SYMBOL(tty_hung_up_p);
804 static void session_clear_tty(struct pid *session)
806 struct task_struct *p;
807 do_each_pid_task(session, PIDTYPE_SID, p) {
809 } while_each_pid_task(session, PIDTYPE_SID, p);
813 * disassociate_ctty - disconnect controlling tty
814 * @on_exit: true if exiting so need to "hang up" the session
816 * This function is typically called only by the session leader, when
817 * it wants to disassociate itself from its controlling tty.
819 * It performs the following functions:
820 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
821 * (2) Clears the tty from being controlling the session
822 * (3) Clears the controlling tty for all processes in the
825 * The argument on_exit is set to 1 if called when a process is
826 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
829 * BTM is taken for hysterical raisins, and held when
830 * called from no_tty().
831 * tty_mutex is taken to protect tty
832 * ->siglock is taken to protect ->signal/->sighand
833 * tasklist_lock is taken to walk process list for sessions
834 * ->siglock is taken to protect ->signal/->sighand
837 void disassociate_ctty(int on_exit)
839 struct tty_struct *tty;
841 if (!current->signal->leader)
844 tty = get_current_tty();
846 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
847 tty_vhangup_session(tty);
849 struct pid *tty_pgrp = tty_get_pgrp(tty);
851 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
852 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
858 } else if (on_exit) {
859 struct pid *old_pgrp;
860 spin_lock_irq(¤t->sighand->siglock);
861 old_pgrp = current->signal->tty_old_pgrp;
862 current->signal->tty_old_pgrp = NULL;
863 spin_unlock_irq(¤t->sighand->siglock);
865 kill_pgrp(old_pgrp, SIGHUP, on_exit);
866 kill_pgrp(old_pgrp, SIGCONT, on_exit);
872 spin_lock_irq(¤t->sighand->siglock);
873 put_pid(current->signal->tty_old_pgrp);
874 current->signal->tty_old_pgrp = NULL;
875 spin_unlock_irq(¤t->sighand->siglock);
877 tty = get_current_tty();
880 spin_lock_irqsave(&tty->ctrl_lock, flags);
881 put_pid(tty->session);
885 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
888 #ifdef TTY_DEBUG_HANGUP
889 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
894 /* Now clear signal->tty under the lock */
895 read_lock(&tasklist_lock);
896 session_clear_tty(task_session(current));
897 read_unlock(&tasklist_lock);
902 * no_tty - Ensure the current process does not have a controlling tty
906 /* FIXME: Review locking here. The tty_lock never covered any race
907 between a new association and proc_clear_tty but possible we need
908 to protect against this anyway */
909 struct task_struct *tsk = current;
910 disassociate_ctty(0);
916 * stop_tty - propagate flow control
919 * Perform flow control to the driver. For PTY/TTY pairs we
920 * must also propagate the TIOCKPKT status. May be called
921 * on an already stopped device and will not re-call the driver
924 * This functionality is used by both the line disciplines for
925 * halting incoming flow and by the driver. It may therefore be
926 * called from any context, may be under the tty atomic_write_lock
930 * Uses the tty control lock internally
933 void stop_tty(struct tty_struct *tty)
936 spin_lock_irqsave(&tty->ctrl_lock, flags);
938 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
942 if (tty->link && tty->link->packet) {
943 tty->ctrl_status &= ~TIOCPKT_START;
944 tty->ctrl_status |= TIOCPKT_STOP;
945 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
947 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
949 (tty->ops->stop)(tty);
952 EXPORT_SYMBOL(stop_tty);
955 * start_tty - propagate flow control
958 * Start a tty that has been stopped if at all possible. Perform
959 * any necessary wakeups and propagate the TIOCPKT status. If this
960 * is the tty was previous stopped and is being started then the
961 * driver start method is invoked and the line discipline woken.
967 void start_tty(struct tty_struct *tty)
970 spin_lock_irqsave(&tty->ctrl_lock, flags);
971 if (!tty->stopped || tty->flow_stopped) {
972 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
976 if (tty->link && tty->link->packet) {
977 tty->ctrl_status &= ~TIOCPKT_STOP;
978 tty->ctrl_status |= TIOCPKT_START;
979 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
981 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
983 (tty->ops->start)(tty);
984 /* If we have a running line discipline it may need kicking */
988 EXPORT_SYMBOL(start_tty);
990 /* We limit tty time update visibility to every 8 seconds or so. */
991 static void tty_update_time(struct timespec *time)
993 unsigned long sec = get_seconds() & ~7;
994 if ((long)(sec - time->tv_sec) > 0)
999 * tty_read - read method for tty device files
1000 * @file: pointer to tty file
1002 * @count: size of user buffer
1005 * Perform the read system call function on this terminal device. Checks
1006 * for hung up devices before calling the line discipline method.
1009 * Locks the line discipline internally while needed. Multiple
1010 * read calls may be outstanding in parallel.
1013 static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1017 struct inode *inode = file_inode(file);
1018 struct tty_struct *tty = file_tty(file);
1019 struct tty_ldisc *ld;
1021 if (tty_paranoia_check(tty, inode, "tty_read"))
1023 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
1026 /* We want to wait for the line discipline to sort out in this
1028 ld = tty_ldisc_ref_wait(tty);
1030 i = (ld->ops->read)(tty, file, buf, count);
1033 tty_ldisc_deref(ld);
1036 tty_update_time(&inode->i_atime);
1041 void tty_write_unlock(struct tty_struct *tty)
1042 __releases(&tty->atomic_write_lock)
1044 mutex_unlock(&tty->atomic_write_lock);
1045 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1048 int tty_write_lock(struct tty_struct *tty, int ndelay)
1049 __acquires(&tty->atomic_write_lock)
1051 if (!mutex_trylock(&tty->atomic_write_lock)) {
1054 if (mutex_lock_interruptible(&tty->atomic_write_lock))
1055 return -ERESTARTSYS;
1061 * Split writes up in sane blocksizes to avoid
1062 * denial-of-service type attacks
1064 static inline ssize_t do_tty_write(
1065 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1066 struct tty_struct *tty,
1068 const char __user *buf,
1071 ssize_t ret, written = 0;
1074 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1079 * We chunk up writes into a temporary buffer. This
1080 * simplifies low-level drivers immensely, since they
1081 * don't have locking issues and user mode accesses.
1083 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1086 * The default chunk-size is 2kB, because the NTTY
1087 * layer has problems with bigger chunks. It will
1088 * claim to be able to handle more characters than
1091 * FIXME: This can probably go away now except that 64K chunks
1092 * are too likely to fail unless switched to vmalloc...
1095 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1100 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1101 if (tty->write_cnt < chunk) {
1102 unsigned char *buf_chunk;
1107 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1112 kfree(tty->write_buf);
1113 tty->write_cnt = chunk;
1114 tty->write_buf = buf_chunk;
1117 /* Do the write .. */
1119 size_t size = count;
1123 if (copy_from_user(tty->write_buf, buf, size))
1125 ret = write(tty, file, tty->write_buf, size);
1134 if (signal_pending(current))
1139 tty_update_time(&file_inode(file)->i_mtime);
1143 tty_write_unlock(tty);
1148 * tty_write_message - write a message to a certain tty, not just the console.
1149 * @tty: the destination tty_struct
1150 * @msg: the message to write
1152 * This is used for messages that need to be redirected to a specific tty.
1153 * We don't put it into the syslog queue right now maybe in the future if
1156 * We must still hold the BTM and test the CLOSING flag for the moment.
1159 void tty_write_message(struct tty_struct *tty, char *msg)
1162 mutex_lock(&tty->atomic_write_lock);
1164 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
1166 tty->ops->write(tty, msg, strlen(msg));
1169 tty_write_unlock(tty);
1176 * tty_write - write method for tty device file
1177 * @file: tty file pointer
1178 * @buf: user data to write
1179 * @count: bytes to write
1182 * Write data to a tty device via the line discipline.
1185 * Locks the line discipline as required
1186 * Writes to the tty driver are serialized by the atomic_write_lock
1187 * and are then processed in chunks to the device. The line discipline
1188 * write method will not be invoked in parallel for each device.
1191 static ssize_t tty_write(struct file *file, const char __user *buf,
1192 size_t count, loff_t *ppos)
1194 struct tty_struct *tty = file_tty(file);
1195 struct tty_ldisc *ld;
1198 if (tty_paranoia_check(tty, file_inode(file), "tty_write"))
1200 if (!tty || !tty->ops->write ||
1201 (test_bit(TTY_IO_ERROR, &tty->flags)))
1203 /* Short term debug to catch buggy drivers */
1204 if (tty->ops->write_room == NULL)
1205 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1207 ld = tty_ldisc_ref_wait(tty);
1208 if (!ld->ops->write)
1211 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1212 tty_ldisc_deref(ld);
1216 ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1217 size_t count, loff_t *ppos)
1219 struct file *p = NULL;
1221 spin_lock(&redirect_lock);
1223 p = get_file(redirect);
1224 spin_unlock(&redirect_lock);
1228 res = vfs_write(p, buf, count, &p->f_pos);
1232 return tty_write(file, buf, count, ppos);
1235 static char ptychar[] = "pqrstuvwxyzabcde";
1238 * pty_line_name - generate name for a pty
1239 * @driver: the tty driver in use
1240 * @index: the minor number
1241 * @p: output buffer of at least 6 bytes
1243 * Generate a name from a driver reference and write it to the output
1248 static void pty_line_name(struct tty_driver *driver, int index, char *p)
1250 int i = index + driver->name_base;
1251 /* ->name is initialized to "ttyp", but "tty" is expected */
1252 sprintf(p, "%s%c%x",
1253 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1254 ptychar[i >> 4 & 0xf], i & 0xf);
1258 * tty_line_name - generate name for a tty
1259 * @driver: the tty driver in use
1260 * @index: the minor number
1261 * @p: output buffer of at least 7 bytes
1263 * Generate a name from a driver reference and write it to the output
1268 static void tty_line_name(struct tty_driver *driver, int index, char *p)
1270 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
1271 strcpy(p, driver->name);
1273 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1277 * tty_driver_lookup_tty() - find an existing tty, if any
1278 * @driver: the driver for the tty
1279 * @idx: the minor number
1281 * Return the tty, if found or ERR_PTR() otherwise.
1283 * Locking: tty_mutex must be held. If tty is found, the mutex must
1284 * be held until the 'fast-open' is also done. Will change once we
1285 * have refcounting in the driver and per driver locking
1287 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1288 struct inode *inode, int idx)
1290 if (driver->ops->lookup)
1291 return driver->ops->lookup(driver, inode, idx);
1293 return driver->ttys[idx];
1297 * tty_init_termios - helper for termios setup
1298 * @tty: the tty to set up
1300 * Initialise the termios structures for this tty. Thus runs under
1301 * the tty_mutex currently so we can be relaxed about ordering.
1304 int tty_init_termios(struct tty_struct *tty)
1306 struct ktermios *tp;
1307 int idx = tty->index;
1309 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1310 tty->termios = tty->driver->init_termios;
1312 /* Check for lazy saved data */
1313 tp = tty->driver->termios[idx];
1317 tty->termios = tty->driver->init_termios;
1319 /* Compatibility until drivers always set this */
1320 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1321 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
1324 EXPORT_SYMBOL_GPL(tty_init_termios);
1326 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1328 int ret = tty_init_termios(tty);
1332 tty_driver_kref_get(driver);
1334 driver->ttys[tty->index] = tty;
1337 EXPORT_SYMBOL_GPL(tty_standard_install);
1340 * tty_driver_install_tty() - install a tty entry in the driver
1341 * @driver: the driver for the tty
1344 * Install a tty object into the driver tables. The tty->index field
1345 * will be set by the time this is called. This method is responsible
1346 * for ensuring any need additional structures are allocated and
1349 * Locking: tty_mutex for now
1351 static int tty_driver_install_tty(struct tty_driver *driver,
1352 struct tty_struct *tty)
1354 return driver->ops->install ? driver->ops->install(driver, tty) :
1355 tty_standard_install(driver, tty);
1359 * tty_driver_remove_tty() - remove a tty from the driver tables
1360 * @driver: the driver for the tty
1361 * @idx: the minor number
1363 * Remvoe a tty object from the driver tables. The tty->index field
1364 * will be set by the time this is called.
1366 * Locking: tty_mutex for now
1368 void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1370 if (driver->ops->remove)
1371 driver->ops->remove(driver, tty);
1373 driver->ttys[tty->index] = NULL;
1377 * tty_reopen() - fast re-open of an open tty
1378 * @tty - the tty to open
1380 * Return 0 on success, -errno on error.
1382 * Locking: tty_mutex must be held from the time the tty was found
1383 * till this open completes.
1385 static int tty_reopen(struct tty_struct *tty)
1387 struct tty_driver *driver = tty->driver;
1389 if (test_bit(TTY_CLOSING, &tty->flags) ||
1390 test_bit(TTY_HUPPING, &tty->flags))
1393 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1394 driver->subtype == PTY_TYPE_MASTER) {
1396 * special case for PTY masters: only one open permitted,
1397 * and the slave side open count is incremented as well.
1406 WARN_ON(!tty->ldisc);
1412 * tty_init_dev - initialise a tty device
1413 * @driver: tty driver we are opening a device on
1414 * @idx: device index
1415 * @ret_tty: returned tty structure
1417 * Prepare a tty device. This may not be a "new" clean device but
1418 * could also be an active device. The pty drivers require special
1419 * handling because of this.
1422 * The function is called under the tty_mutex, which
1423 * protects us from the tty struct or driver itself going away.
1425 * On exit the tty device has the line discipline attached and
1426 * a reference count of 1. If a pair was created for pty/tty use
1427 * and the other was a pty master then it too has a reference count of 1.
1429 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1430 * failed open. The new code protects the open with a mutex, so it's
1431 * really quite straightforward. The mutex locking can probably be
1432 * relaxed for the (most common) case of reopening a tty.
1435 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1437 struct tty_struct *tty;
1441 * First time open is complex, especially for PTY devices.
1442 * This code guarantees that either everything succeeds and the
1443 * TTY is ready for operation, or else the table slots are vacated
1444 * and the allocated memory released. (Except that the termios
1445 * and locked termios may be retained.)
1448 if (!try_module_get(driver->owner))
1449 return ERR_PTR(-ENODEV);
1451 tty = alloc_tty_struct();
1454 goto err_module_put;
1456 initialize_tty_struct(tty, driver, idx);
1459 retval = tty_driver_install_tty(driver, tty);
1461 goto err_deinit_tty;
1464 tty->port = driver->ports[idx];
1466 WARN_RATELIMIT(!tty->port,
1467 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1468 __func__, tty->driver->name);
1470 tty->port->itty = tty;
1473 * Structures all installed ... call the ldisc open routines.
1474 * If we fail here just call release_tty to clean up. No need
1475 * to decrement the use counts, as release_tty doesn't care.
1477 retval = tty_ldisc_setup(tty, tty->link);
1479 goto err_release_tty;
1480 /* Return the tty locked so that it cannot vanish under the caller */
1485 deinitialize_tty_struct(tty);
1486 free_tty_struct(tty);
1488 module_put(driver->owner);
1489 return ERR_PTR(retval);
1491 /* call the tty release_tty routine to clean out this slot */
1494 printk_ratelimited(KERN_INFO "tty_init_dev: ldisc open failed, "
1495 "clearing slot %d\n", idx);
1496 release_tty(tty, idx);
1497 return ERR_PTR(retval);
1500 void tty_free_termios(struct tty_struct *tty)
1502 struct ktermios *tp;
1503 int idx = tty->index;
1505 /* If the port is going to reset then it has no termios to save */
1506 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1509 /* Stash the termios data */
1510 tp = tty->driver->termios[idx];
1512 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1514 pr_warn("tty: no memory to save termios state.\n");
1517 tty->driver->termios[idx] = tp;
1521 EXPORT_SYMBOL(tty_free_termios);
1524 * tty_flush_works - flush all works of a tty
1525 * @tty: tty device to flush works for
1527 * Sync flush all works belonging to @tty.
1529 static void tty_flush_works(struct tty_struct *tty)
1531 flush_work(&tty->SAK_work);
1532 flush_work(&tty->hangup_work);
1536 * release_one_tty - release tty structure memory
1537 * @kref: kref of tty we are obliterating
1539 * Releases memory associated with a tty structure, and clears out the
1540 * driver table slots. This function is called when a device is no longer
1541 * in use. It also gets called when setup of a device fails.
1544 * takes the file list lock internally when working on the list
1545 * of ttys that the driver keeps.
1547 * This method gets called from a work queue so that the driver private
1548 * cleanup ops can sleep (needed for USB at least)
1550 static void release_one_tty(struct work_struct *work)
1552 struct tty_struct *tty =
1553 container_of(work, struct tty_struct, hangup_work);
1554 struct tty_driver *driver = tty->driver;
1556 if (tty->ops->cleanup)
1557 tty->ops->cleanup(tty);
1560 tty_driver_kref_put(driver);
1561 module_put(driver->owner);
1563 spin_lock(&tty_files_lock);
1564 list_del_init(&tty->tty_files);
1565 spin_unlock(&tty_files_lock);
1568 put_pid(tty->session);
1569 free_tty_struct(tty);
1572 static void queue_release_one_tty(struct kref *kref)
1574 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1576 /* The hangup queue is now free so we can reuse it rather than
1577 waste a chunk of memory for each port */
1578 INIT_WORK(&tty->hangup_work, release_one_tty);
1579 schedule_work(&tty->hangup_work);
1583 * tty_kref_put - release a tty kref
1586 * Release a reference to a tty device and if need be let the kref
1587 * layer destruct the object for us
1590 void tty_kref_put(struct tty_struct *tty)
1593 kref_put(&tty->kref, queue_release_one_tty);
1595 EXPORT_SYMBOL(tty_kref_put);
1598 * release_tty - release tty structure memory
1600 * Release both @tty and a possible linked partner (think pty pair),
1601 * and decrement the refcount of the backing module.
1605 * takes the file list lock internally when working on the list
1606 * of ttys that the driver keeps.
1609 static void release_tty(struct tty_struct *tty, int idx)
1611 /* This should always be true but check for the moment */
1612 WARN_ON(tty->index != idx);
1613 WARN_ON(!mutex_is_locked(&tty_mutex));
1614 if (tty->ops->shutdown)
1615 tty->ops->shutdown(tty);
1616 tty_free_termios(tty);
1617 tty_driver_remove_tty(tty->driver, tty);
1618 tty->port->itty = NULL;
1620 tty->link->port->itty = NULL;
1621 cancel_work_sync(&tty->port->buf.work);
1624 tty_kref_put(tty->link);
1629 * tty_release_checks - check a tty before real release
1630 * @tty: tty to check
1631 * @o_tty: link of @tty (if any)
1632 * @idx: index of the tty
1634 * Performs some paranoid checking before true release of the @tty.
1635 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1637 static int tty_release_checks(struct tty_struct *tty, struct tty_struct *o_tty,
1640 #ifdef TTY_PARANOIA_CHECK
1641 if (idx < 0 || idx >= tty->driver->num) {
1642 printk(KERN_DEBUG "%s: bad idx when trying to free (%s)\n",
1643 __func__, tty->name);
1647 /* not much to check for devpts */
1648 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1651 if (tty != tty->driver->ttys[idx]) {
1652 printk(KERN_DEBUG "%s: driver.table[%d] not tty for (%s)\n",
1653 __func__, idx, tty->name);
1656 if (tty->driver->other) {
1657 if (o_tty != tty->driver->other->ttys[idx]) {
1658 printk(KERN_DEBUG "%s: other->table[%d] not o_tty for (%s)\n",
1659 __func__, idx, tty->name);
1662 if (o_tty->link != tty) {
1663 printk(KERN_DEBUG "%s: bad pty pointers\n", __func__);
1672 * tty_release - vfs callback for close
1673 * @inode: inode of tty
1674 * @filp: file pointer for handle to tty
1676 * Called the last time each file handle is closed that references
1677 * this tty. There may however be several such references.
1680 * Takes bkl. See tty_release_dev
1682 * Even releasing the tty structures is a tricky business.. We have
1683 * to be very careful that the structures are all released at the
1684 * same time, as interrupts might otherwise get the wrong pointers.
1686 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1687 * lead to double frees or releasing memory still in use.
1690 int tty_release(struct inode *inode, struct file *filp)
1692 struct tty_struct *tty = file_tty(filp);
1693 struct tty_struct *o_tty;
1694 int pty_master, tty_closing, o_tty_closing, do_sleep;
1698 if (tty_paranoia_check(tty, inode, __func__))
1702 check_tty_count(tty, __func__);
1704 __tty_fasync(-1, filp, 0);
1707 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1708 tty->driver->subtype == PTY_TYPE_MASTER);
1709 /* Review: parallel close */
1712 if (tty_release_checks(tty, o_tty, idx)) {
1717 #ifdef TTY_DEBUG_HANGUP
1718 printk(KERN_DEBUG "%s: %s (tty count=%d)...\n", __func__,
1719 tty_name(tty, buf), tty->count);
1722 if (tty->ops->close)
1723 tty->ops->close(tty, filp);
1727 * Sanity check: if tty->count is going to zero, there shouldn't be
1728 * any waiters on tty->read_wait or tty->write_wait. We test the
1729 * wait queues and kick everyone out _before_ actually starting to
1730 * close. This ensures that we won't block while releasing the tty
1733 * The test for the o_tty closing is necessary, since the master and
1734 * slave sides may close in any order. If the slave side closes out
1735 * first, its count will be one, since the master side holds an open.
1736 * Thus this test wouldn't be triggered at the time the slave closes,
1739 * Note that it's possible for the tty to be opened again while we're
1740 * flushing out waiters. By recalculating the closing flags before
1741 * each iteration we avoid any problems.
1744 /* Guard against races with tty->count changes elsewhere and
1745 opens on /dev/tty */
1747 mutex_lock(&tty_mutex);
1748 tty_lock_pair(tty, o_tty);
1749 tty_closing = tty->count <= 1;
1750 o_tty_closing = o_tty &&
1751 (o_tty->count <= (pty_master ? 1 : 0));
1755 if (waitqueue_active(&tty->read_wait)) {
1756 wake_up_poll(&tty->read_wait, POLLIN);
1759 if (waitqueue_active(&tty->write_wait)) {
1760 wake_up_poll(&tty->write_wait, POLLOUT);
1764 if (o_tty_closing) {
1765 if (waitqueue_active(&o_tty->read_wait)) {
1766 wake_up_poll(&o_tty->read_wait, POLLIN);
1769 if (waitqueue_active(&o_tty->write_wait)) {
1770 wake_up_poll(&o_tty->write_wait, POLLOUT);
1777 printk(KERN_WARNING "%s: %s: read/write wait queue active!\n",
1778 __func__, tty_name(tty, buf));
1779 tty_unlock_pair(tty, o_tty);
1780 mutex_unlock(&tty_mutex);
1785 * The closing flags are now consistent with the open counts on
1786 * both sides, and we've completed the last operation that could
1787 * block, so it's safe to proceed with closing.
1789 * We must *not* drop the tty_mutex until we ensure that a further
1790 * entry into tty_open can not pick up this tty.
1793 if (--o_tty->count < 0) {
1794 printk(KERN_WARNING "%s: bad pty slave count (%d) for %s\n",
1795 __func__, o_tty->count, tty_name(o_tty, buf));
1799 if (--tty->count < 0) {
1800 printk(KERN_WARNING "%s: bad tty->count (%d) for %s\n",
1801 __func__, tty->count, tty_name(tty, buf));
1806 * We've decremented tty->count, so we need to remove this file
1807 * descriptor off the tty->tty_files list; this serves two
1809 * - check_tty_count sees the correct number of file descriptors
1810 * associated with this tty.
1811 * - do_tty_hangup no longer sees this file descriptor as
1812 * something that needs to be handled for hangups.
1817 * Perform some housekeeping before deciding whether to return.
1819 * Set the TTY_CLOSING flag if this was the last open. In the
1820 * case of a pty we may have to wait around for the other side
1821 * to close, and TTY_CLOSING makes sure we can't be reopened.
1824 set_bit(TTY_CLOSING, &tty->flags);
1826 set_bit(TTY_CLOSING, &o_tty->flags);
1829 * If _either_ side is closing, make sure there aren't any
1830 * processes that still think tty or o_tty is their controlling
1833 if (tty_closing || o_tty_closing) {
1834 read_lock(&tasklist_lock);
1835 session_clear_tty(tty->session);
1837 session_clear_tty(o_tty->session);
1838 read_unlock(&tasklist_lock);
1841 mutex_unlock(&tty_mutex);
1842 tty_unlock_pair(tty, o_tty);
1843 /* At this point the TTY_CLOSING flag should ensure a dead tty
1844 cannot be re-opened by a racing opener */
1846 /* check whether both sides are closing ... */
1847 if (!tty_closing || (o_tty && !o_tty_closing))
1850 #ifdef TTY_DEBUG_HANGUP
1851 printk(KERN_DEBUG "%s: %s: final close\n", __func__, tty_name(tty, buf));
1854 * Ask the line discipline code to release its structures
1856 tty_ldisc_release(tty, o_tty);
1858 /* Wait for pending work before tty destruction commmences */
1859 tty_flush_works(tty);
1861 tty_flush_works(o_tty);
1863 #ifdef TTY_DEBUG_HANGUP
1864 printk(KERN_DEBUG "%s: %s: freeing structure...\n", __func__, tty_name(tty, buf));
1867 * The release_tty function takes care of the details of clearing
1868 * the slots and preserving the termios structure. The tty_unlock_pair
1869 * should be safe as we keep a kref while the tty is locked (so the
1870 * unlock never unlocks a freed tty).
1872 mutex_lock(&tty_mutex);
1873 release_tty(tty, idx);
1874 mutex_unlock(&tty_mutex);
1880 * tty_open_current_tty - get tty of current task for open
1881 * @device: device number
1882 * @filp: file pointer to tty
1883 * @return: tty of the current task iff @device is /dev/tty
1885 * We cannot return driver and index like for the other nodes because
1886 * devpts will not work then. It expects inodes to be from devpts FS.
1888 * We need to move to returning a refcounted object from all the lookup
1889 * paths including this one.
1891 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1893 struct tty_struct *tty;
1895 if (device != MKDEV(TTYAUX_MAJOR, 0))
1898 tty = get_current_tty();
1900 return ERR_PTR(-ENXIO);
1902 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1905 /* FIXME: we put a reference and return a TTY! */
1906 /* This is only safe because the caller holds tty_mutex */
1911 * tty_lookup_driver - lookup a tty driver for a given device file
1912 * @device: device number
1913 * @filp: file pointer to tty
1914 * @noctty: set if the device should not become a controlling tty
1915 * @index: index for the device in the @return driver
1916 * @return: driver for this inode (with increased refcount)
1918 * If @return is not erroneous, the caller is responsible to decrement the
1919 * refcount by tty_driver_kref_put.
1921 * Locking: tty_mutex protects get_tty_driver
1923 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1924 int *noctty, int *index)
1926 struct tty_driver *driver;
1930 case MKDEV(TTY_MAJOR, 0): {
1931 extern struct tty_driver *console_driver;
1932 driver = tty_driver_kref_get(console_driver);
1933 *index = fg_console;
1938 case MKDEV(TTYAUX_MAJOR, 1): {
1939 struct tty_driver *console_driver = console_device(index);
1940 if (console_driver) {
1941 driver = tty_driver_kref_get(console_driver);
1943 /* Don't let /dev/console block */
1944 filp->f_flags |= O_NONBLOCK;
1949 return ERR_PTR(-ENODEV);
1952 driver = get_tty_driver(device, index);
1954 return ERR_PTR(-ENODEV);
1961 * tty_open - open a tty device
1962 * @inode: inode of device file
1963 * @filp: file pointer to tty
1965 * tty_open and tty_release keep up the tty count that contains the
1966 * number of opens done on a tty. We cannot use the inode-count, as
1967 * different inodes might point to the same tty.
1969 * Open-counting is needed for pty masters, as well as for keeping
1970 * track of serial lines: DTR is dropped when the last close happens.
1971 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1973 * The termios state of a pty is reset on first open so that
1974 * settings don't persist across reuse.
1976 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
1977 * tty->count should protect the rest.
1978 * ->siglock protects ->signal/->sighand
1980 * Note: the tty_unlock/lock cases without a ref are only safe due to
1984 static int tty_open(struct inode *inode, struct file *filp)
1986 struct tty_struct *tty;
1988 struct tty_driver *driver = NULL;
1990 dev_t device = inode->i_rdev;
1991 unsigned saved_flags = filp->f_flags;
1993 nonseekable_open(inode, filp);
1996 retval = tty_alloc_file(filp);
2000 noctty = filp->f_flags & O_NOCTTY;
2004 mutex_lock(&tty_mutex);
2005 /* This is protected by the tty_mutex */
2006 tty = tty_open_current_tty(device, filp);
2008 retval = PTR_ERR(tty);
2011 driver = tty_lookup_driver(device, filp, &noctty, &index);
2012 if (IS_ERR(driver)) {
2013 retval = PTR_ERR(driver);
2017 /* check whether we're reopening an existing tty */
2018 tty = tty_driver_lookup_tty(driver, inode, index);
2020 retval = PTR_ERR(tty);
2027 retval = tty_reopen(tty);
2030 tty = ERR_PTR(retval);
2032 } else /* Returns with the tty_lock held for now */
2033 tty = tty_init_dev(driver, index);
2035 mutex_unlock(&tty_mutex);
2037 tty_driver_kref_put(driver);
2039 retval = PTR_ERR(tty);
2043 tty_add_file(tty, filp);
2045 check_tty_count(tty, __func__);
2046 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2047 tty->driver->subtype == PTY_TYPE_MASTER)
2049 #ifdef TTY_DEBUG_HANGUP
2050 printk(KERN_DEBUG "%s: opening %s...\n", __func__, tty->name);
2053 retval = tty->ops->open(tty, filp);
2056 filp->f_flags = saved_flags;
2058 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
2059 !capable(CAP_SYS_ADMIN))
2063 #ifdef TTY_DEBUG_HANGUP
2064 printk(KERN_DEBUG "%s: error %d in opening %s...\n", __func__,
2067 tty_unlock(tty); /* need to call tty_release without BTM */
2068 tty_release(inode, filp);
2069 if (retval != -ERESTARTSYS)
2072 if (signal_pending(current))
2077 * Need to reset f_op in case a hangup happened.
2079 if (filp->f_op == &hung_up_tty_fops)
2080 filp->f_op = &tty_fops;
2086 mutex_lock(&tty_mutex);
2088 spin_lock_irq(¤t->sighand->siglock);
2090 current->signal->leader &&
2091 !current->signal->tty &&
2092 tty->session == NULL)
2093 __proc_set_tty(current, tty);
2094 spin_unlock_irq(¤t->sighand->siglock);
2096 mutex_unlock(&tty_mutex);
2099 mutex_unlock(&tty_mutex);
2100 /* after locks to avoid deadlock */
2101 if (!IS_ERR_OR_NULL(driver))
2102 tty_driver_kref_put(driver);
2104 tty_free_file(filp);
2111 * tty_poll - check tty status
2112 * @filp: file being polled
2113 * @wait: poll wait structures to update
2115 * Call the line discipline polling method to obtain the poll
2116 * status of the device.
2118 * Locking: locks called line discipline but ldisc poll method
2119 * may be re-entered freely by other callers.
2122 static unsigned int tty_poll(struct file *filp, poll_table *wait)
2124 struct tty_struct *tty = file_tty(filp);
2125 struct tty_ldisc *ld;
2128 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll"))
2131 ld = tty_ldisc_ref_wait(tty);
2133 ret = (ld->ops->poll)(tty, filp, wait);
2134 tty_ldisc_deref(ld);
2138 static int __tty_fasync(int fd, struct file *filp, int on)
2140 struct tty_struct *tty = file_tty(filp);
2141 struct tty_ldisc *ldisc;
2142 unsigned long flags;
2145 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync"))
2148 retval = fasync_helper(fd, filp, on, &tty->fasync);
2152 ldisc = tty_ldisc_ref(tty);
2154 if (ldisc->ops->fasync)
2155 ldisc->ops->fasync(tty, on);
2156 tty_ldisc_deref(ldisc);
2163 spin_lock_irqsave(&tty->ctrl_lock, flags);
2166 type = PIDTYPE_PGID;
2168 pid = task_pid(current);
2172 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2173 retval = __f_setown(filp, pid, type, 0);
2180 static int tty_fasync(int fd, struct file *filp, int on)
2182 struct tty_struct *tty = file_tty(filp);
2186 retval = __tty_fasync(fd, filp, on);
2193 * tiocsti - fake input character
2194 * @tty: tty to fake input into
2195 * @p: pointer to character
2197 * Fake input to a tty device. Does the necessary locking and
2200 * FIXME: does not honour flow control ??
2203 * Called functions take tty_ldiscs_lock
2204 * current->signal->tty check is safe without locks
2206 * FIXME: may race normal receive processing
2209 static int tiocsti(struct tty_struct *tty, char __user *p)
2212 struct tty_ldisc *ld;
2214 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2216 if (get_user(ch, p))
2218 tty_audit_tiocsti(tty, ch);
2219 ld = tty_ldisc_ref_wait(tty);
2220 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2221 tty_ldisc_deref(ld);
2226 * tiocgwinsz - implement window query ioctl
2228 * @arg: user buffer for result
2230 * Copies the kernel idea of the window size into the user buffer.
2232 * Locking: tty->winsize_mutex is taken to ensure the winsize data
2236 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2240 mutex_lock(&tty->winsize_mutex);
2241 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2242 mutex_unlock(&tty->winsize_mutex);
2244 return err ? -EFAULT: 0;
2248 * tty_do_resize - resize event
2249 * @tty: tty being resized
2250 * @rows: rows (character)
2251 * @cols: cols (character)
2253 * Update the termios variables and send the necessary signals to
2254 * peform a terminal resize correctly
2257 int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2260 unsigned long flags;
2263 mutex_lock(&tty->winsize_mutex);
2264 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2266 /* Get the PID values and reference them so we can
2267 avoid holding the tty ctrl lock while sending signals */
2268 spin_lock_irqsave(&tty->ctrl_lock, flags);
2269 pgrp = get_pid(tty->pgrp);
2270 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2273 kill_pgrp(pgrp, SIGWINCH, 1);
2278 mutex_unlock(&tty->winsize_mutex);
2281 EXPORT_SYMBOL(tty_do_resize);
2284 * tiocswinsz - implement window size set ioctl
2285 * @tty; tty side of tty
2286 * @arg: user buffer for result
2288 * Copies the user idea of the window size to the kernel. Traditionally
2289 * this is just advisory information but for the Linux console it
2290 * actually has driver level meaning and triggers a VC resize.
2293 * Driver dependent. The default do_resize method takes the
2294 * tty termios mutex and ctrl_lock. The console takes its own lock
2295 * then calls into the default method.
2298 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2300 struct winsize tmp_ws;
2301 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2304 if (tty->ops->resize)
2305 return tty->ops->resize(tty, &tmp_ws);
2307 return tty_do_resize(tty, &tmp_ws);
2311 * tioccons - allow admin to move logical console
2312 * @file: the file to become console
2314 * Allow the administrator to move the redirected console device
2316 * Locking: uses redirect_lock to guard the redirect information
2319 static int tioccons(struct file *file)
2321 if (!capable(CAP_SYS_ADMIN))
2323 if (file->f_op->write == redirected_tty_write) {
2325 spin_lock(&redirect_lock);
2328 spin_unlock(&redirect_lock);
2333 spin_lock(&redirect_lock);
2335 spin_unlock(&redirect_lock);
2338 redirect = get_file(file);
2339 spin_unlock(&redirect_lock);
2344 * fionbio - non blocking ioctl
2345 * @file: file to set blocking value
2346 * @p: user parameter
2348 * Historical tty interfaces had a blocking control ioctl before
2349 * the generic functionality existed. This piece of history is preserved
2350 * in the expected tty API of posix OS's.
2352 * Locking: none, the open file handle ensures it won't go away.
2355 static int fionbio(struct file *file, int __user *p)
2359 if (get_user(nonblock, p))
2362 spin_lock(&file->f_lock);
2364 file->f_flags |= O_NONBLOCK;
2366 file->f_flags &= ~O_NONBLOCK;
2367 spin_unlock(&file->f_lock);
2372 * tiocsctty - set controlling tty
2373 * @tty: tty structure
2374 * @arg: user argument
2376 * This ioctl is used to manage job control. It permits a session
2377 * leader to set this tty as the controlling tty for the session.
2380 * Takes tty_mutex() to protect tty instance
2381 * Takes tasklist_lock internally to walk sessions
2382 * Takes ->siglock() when updating signal->tty
2385 static int tiocsctty(struct tty_struct *tty, int arg)
2388 if (current->signal->leader && (task_session(current) == tty->session))
2391 mutex_lock(&tty_mutex);
2393 * The process must be a session leader and
2394 * not have a controlling tty already.
2396 if (!current->signal->leader || current->signal->tty) {
2403 * This tty is already the controlling
2404 * tty for another session group!
2406 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2410 read_lock(&tasklist_lock);
2411 session_clear_tty(tty->session);
2412 read_unlock(&tasklist_lock);
2418 proc_set_tty(current, tty);
2420 mutex_unlock(&tty_mutex);
2425 * tty_get_pgrp - return a ref counted pgrp pid
2428 * Returns a refcounted instance of the pid struct for the process
2429 * group controlling the tty.
2432 struct pid *tty_get_pgrp(struct tty_struct *tty)
2434 unsigned long flags;
2437 spin_lock_irqsave(&tty->ctrl_lock, flags);
2438 pgrp = get_pid(tty->pgrp);
2439 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2443 EXPORT_SYMBOL_GPL(tty_get_pgrp);
2446 * tiocgpgrp - get process group
2447 * @tty: tty passed by user
2448 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2451 * Obtain the process group of the tty. If there is no process group
2454 * Locking: none. Reference to current->signal->tty is safe.
2457 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2462 * (tty == real_tty) is a cheap way of
2463 * testing if the tty is NOT a master pty.
2465 if (tty == real_tty && current->signal->tty != real_tty)
2467 pid = tty_get_pgrp(real_tty);
2468 ret = put_user(pid_vnr(pid), p);
2474 * tiocspgrp - attempt to set process group
2475 * @tty: tty passed by user
2476 * @real_tty: tty side device matching tty passed by user
2479 * Set the process group of the tty to the session passed. Only
2480 * permitted where the tty session is our session.
2482 * Locking: RCU, ctrl lock
2485 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2489 int retval = tty_check_change(real_tty);
2490 unsigned long flags;
2496 if (!current->signal->tty ||
2497 (current->signal->tty != real_tty) ||
2498 (real_tty->session != task_session(current)))
2500 if (get_user(pgrp_nr, p))
2505 pgrp = find_vpid(pgrp_nr);
2510 if (session_of_pgrp(pgrp) != task_session(current))
2513 spin_lock_irqsave(&tty->ctrl_lock, flags);
2514 put_pid(real_tty->pgrp);
2515 real_tty->pgrp = get_pid(pgrp);
2516 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2523 * tiocgsid - get session id
2524 * @tty: tty passed by user
2525 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2526 * @p: pointer to returned session id
2528 * Obtain the session id of the tty. If there is no session
2531 * Locking: none. Reference to current->signal->tty is safe.
2534 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2537 * (tty == real_tty) is a cheap way of
2538 * testing if the tty is NOT a master pty.
2540 if (tty == real_tty && current->signal->tty != real_tty)
2542 if (!real_tty->session)
2544 return put_user(pid_vnr(real_tty->session), p);
2548 * tiocsetd - set line discipline
2550 * @p: pointer to user data
2552 * Set the line discipline according to user request.
2554 * Locking: see tty_set_ldisc, this function is just a helper
2557 static int tiocsetd(struct tty_struct *tty, int __user *p)
2562 if (get_user(ldisc, p))
2565 ret = tty_set_ldisc(tty, ldisc);
2571 * send_break - performed time break
2572 * @tty: device to break on
2573 * @duration: timeout in mS
2575 * Perform a timed break on hardware that lacks its own driver level
2576 * timed break functionality.
2579 * atomic_write_lock serializes
2583 static int send_break(struct tty_struct *tty, unsigned int duration)
2587 if (tty->ops->break_ctl == NULL)
2590 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2591 retval = tty->ops->break_ctl(tty, duration);
2593 /* Do the work ourselves */
2594 if (tty_write_lock(tty, 0) < 0)
2596 retval = tty->ops->break_ctl(tty, -1);
2599 if (!signal_pending(current))
2600 msleep_interruptible(duration);
2601 retval = tty->ops->break_ctl(tty, 0);
2603 tty_write_unlock(tty);
2604 if (signal_pending(current))
2611 * tty_tiocmget - get modem status
2613 * @file: user file pointer
2614 * @p: pointer to result
2616 * Obtain the modem status bits from the tty driver if the feature
2617 * is supported. Return -EINVAL if it is not available.
2619 * Locking: none (up to the driver)
2622 static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2624 int retval = -EINVAL;
2626 if (tty->ops->tiocmget) {
2627 retval = tty->ops->tiocmget(tty);
2630 retval = put_user(retval, p);
2636 * tty_tiocmset - set modem status
2638 * @cmd: command - clear bits, set bits or set all
2639 * @p: pointer to desired bits
2641 * Set the modem status bits from the tty driver if the feature
2642 * is supported. Return -EINVAL if it is not available.
2644 * Locking: none (up to the driver)
2647 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2651 unsigned int set, clear, val;
2653 if (tty->ops->tiocmset == NULL)
2656 retval = get_user(val, p);
2672 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2673 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2674 return tty->ops->tiocmset(tty, set, clear);
2677 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2679 int retval = -EINVAL;
2680 struct serial_icounter_struct icount;
2681 memset(&icount, 0, sizeof(icount));
2682 if (tty->ops->get_icount)
2683 retval = tty->ops->get_icount(tty, &icount);
2686 if (copy_to_user(arg, &icount, sizeof(icount)))
2691 struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2693 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2694 tty->driver->subtype == PTY_TYPE_MASTER)
2698 EXPORT_SYMBOL(tty_pair_get_tty);
2700 struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2702 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2703 tty->driver->subtype == PTY_TYPE_MASTER)
2707 EXPORT_SYMBOL(tty_pair_get_pty);
2710 * Split this up, as gcc can choke on it otherwise..
2712 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2714 struct tty_struct *tty = file_tty(file);
2715 struct tty_struct *real_tty;
2716 void __user *p = (void __user *)arg;
2718 struct tty_ldisc *ld;
2720 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
2723 real_tty = tty_pair_get_tty(tty);
2726 * Factor out some common prep work
2734 retval = tty_check_change(tty);
2737 if (cmd != TIOCCBRK) {
2738 tty_wait_until_sent(tty, 0);
2739 if (signal_pending(current))
2750 return tiocsti(tty, p);
2752 return tiocgwinsz(real_tty, p);
2754 return tiocswinsz(real_tty, p);
2756 return real_tty != tty ? -EINVAL : tioccons(file);
2758 return fionbio(file, p);
2760 set_bit(TTY_EXCLUSIVE, &tty->flags);
2763 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2767 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2768 return put_user(excl, (int __user *)p);
2771 if (current->signal->tty != tty)
2776 return tiocsctty(tty, arg);
2778 return tiocgpgrp(tty, real_tty, p);
2780 return tiocspgrp(tty, real_tty, p);
2782 return tiocgsid(tty, real_tty, p);
2784 return put_user(tty->ldisc->ops->num, (int __user *)p);
2786 return tiocsetd(tty, p);
2788 if (!capable(CAP_SYS_ADMIN))
2794 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2795 return put_user(ret, (unsigned int __user *)p);
2800 case TIOCSBRK: /* Turn break on, unconditionally */
2801 if (tty->ops->break_ctl)
2802 return tty->ops->break_ctl(tty, -1);
2804 case TIOCCBRK: /* Turn break off, unconditionally */
2805 if (tty->ops->break_ctl)
2806 return tty->ops->break_ctl(tty, 0);
2808 case TCSBRK: /* SVID version: non-zero arg --> no break */
2809 /* non-zero arg means wait for all output data
2810 * to be sent (performed above) but don't send break.
2811 * This is used by the tcdrain() termios function.
2814 return send_break(tty, 250);
2816 case TCSBRKP: /* support for POSIX tcsendbreak() */
2817 return send_break(tty, arg ? arg*100 : 250);
2820 return tty_tiocmget(tty, p);
2824 return tty_tiocmset(tty, cmd, p);
2826 retval = tty_tiocgicount(tty, p);
2827 /* For the moment allow fall through to the old method */
2828 if (retval != -EINVAL)
2835 /* flush tty buffer and allow ldisc to process ioctl */
2836 tty_buffer_flush(tty);
2841 if (tty->ops->ioctl) {
2842 retval = (tty->ops->ioctl)(tty, cmd, arg);
2843 if (retval != -ENOIOCTLCMD)
2846 ld = tty_ldisc_ref_wait(tty);
2848 if (ld->ops->ioctl) {
2849 retval = ld->ops->ioctl(tty, file, cmd, arg);
2850 if (retval == -ENOIOCTLCMD)
2853 tty_ldisc_deref(ld);
2857 #ifdef CONFIG_COMPAT
2858 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2861 struct tty_struct *tty = file_tty(file);
2862 struct tty_ldisc *ld;
2863 int retval = -ENOIOCTLCMD;
2865 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
2868 if (tty->ops->compat_ioctl) {
2869 retval = (tty->ops->compat_ioctl)(tty, cmd, arg);
2870 if (retval != -ENOIOCTLCMD)
2874 ld = tty_ldisc_ref_wait(tty);
2875 if (ld->ops->compat_ioctl)
2876 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2878 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
2879 tty_ldisc_deref(ld);
2885 static int this_tty(const void *t, struct file *file, unsigned fd)
2887 if (likely(file->f_op->read != tty_read))
2889 return file_tty(file) != t ? 0 : fd + 1;
2893 * This implements the "Secure Attention Key" --- the idea is to
2894 * prevent trojan horses by killing all processes associated with this
2895 * tty when the user hits the "Secure Attention Key". Required for
2896 * super-paranoid applications --- see the Orange Book for more details.
2898 * This code could be nicer; ideally it should send a HUP, wait a few
2899 * seconds, then send a INT, and then a KILL signal. But you then
2900 * have to coordinate with the init process, since all processes associated
2901 * with the current tty must be dead before the new getty is allowed
2904 * Now, if it would be correct ;-/ The current code has a nasty hole -
2905 * it doesn't catch files in flight. We may send the descriptor to ourselves
2906 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2908 * Nasty bug: do_SAK is being called in interrupt context. This can
2909 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2911 void __do_SAK(struct tty_struct *tty)
2916 struct task_struct *g, *p;
2917 struct pid *session;
2922 session = tty->session;
2924 tty_ldisc_flush(tty);
2926 tty_driver_flush_buffer(tty);
2928 read_lock(&tasklist_lock);
2929 /* Kill the entire session */
2930 do_each_pid_task(session, PIDTYPE_SID, p) {
2931 printk(KERN_NOTICE "SAK: killed process %d"
2932 " (%s): task_session(p)==tty->session\n",
2933 task_pid_nr(p), p->comm);
2934 send_sig(SIGKILL, p, 1);
2935 } while_each_pid_task(session, PIDTYPE_SID, p);
2936 /* Now kill any processes that happen to have the
2939 do_each_thread(g, p) {
2940 if (p->signal->tty == tty) {
2941 printk(KERN_NOTICE "SAK: killed process %d"
2942 " (%s): task_session(p)==tty->session\n",
2943 task_pid_nr(p), p->comm);
2944 send_sig(SIGKILL, p, 1);
2948 i = iterate_fd(p->files, 0, this_tty, tty);
2950 printk(KERN_NOTICE "SAK: killed process %d"
2951 " (%s): fd#%d opened to the tty\n",
2952 task_pid_nr(p), p->comm, i - 1);
2953 force_sig(SIGKILL, p);
2956 } while_each_thread(g, p);
2957 read_unlock(&tasklist_lock);
2961 static void do_SAK_work(struct work_struct *work)
2963 struct tty_struct *tty =
2964 container_of(work, struct tty_struct, SAK_work);
2969 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2970 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2971 * the values which we write to it will be identical to the values which it
2972 * already has. --akpm
2974 void do_SAK(struct tty_struct *tty)
2978 schedule_work(&tty->SAK_work);
2981 EXPORT_SYMBOL(do_SAK);
2983 static int dev_match_devt(struct device *dev, const void *data)
2985 const dev_t *devt = data;
2986 return dev->devt == *devt;
2989 /* Must put_device() after it's unused! */
2990 static struct device *tty_get_device(struct tty_struct *tty)
2992 dev_t devt = tty_devnum(tty);
2993 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2998 * initialize_tty_struct
2999 * @tty: tty to initialize
3001 * This subroutine initializes a tty structure that has been newly
3004 * Locking: none - tty in question must not be exposed at this point
3007 void initialize_tty_struct(struct tty_struct *tty,
3008 struct tty_driver *driver, int idx)
3010 memset(tty, 0, sizeof(struct tty_struct));
3011 kref_init(&tty->kref);
3012 tty->magic = TTY_MAGIC;
3013 tty_ldisc_init(tty);
3014 tty->session = NULL;
3016 mutex_init(&tty->legacy_mutex);
3017 mutex_init(&tty->throttle_mutex);
3018 init_rwsem(&tty->termios_rwsem);
3019 mutex_init(&tty->winsize_mutex);
3020 init_ldsem(&tty->ldisc_sem);
3021 init_waitqueue_head(&tty->write_wait);
3022 init_waitqueue_head(&tty->read_wait);
3023 INIT_WORK(&tty->hangup_work, do_tty_hangup);
3024 mutex_init(&tty->atomic_write_lock);
3025 spin_lock_init(&tty->ctrl_lock);
3026 INIT_LIST_HEAD(&tty->tty_files);
3027 INIT_WORK(&tty->SAK_work, do_SAK_work);
3029 tty->driver = driver;
3030 tty->ops = driver->ops;
3032 tty_line_name(driver, idx, tty->name);
3033 tty->dev = tty_get_device(tty);
3037 * deinitialize_tty_struct
3038 * @tty: tty to deinitialize
3040 * This subroutine deinitializes a tty structure that has been newly
3041 * allocated but tty_release cannot be called on that yet.
3043 * Locking: none - tty in question must not be exposed at this point
3045 void deinitialize_tty_struct(struct tty_struct *tty)
3047 tty_ldisc_deinit(tty);
3051 * tty_put_char - write one character to a tty
3055 * Write one byte to the tty using the provided put_char method
3056 * if present. Returns the number of characters successfully output.
3058 * Note: the specific put_char operation in the driver layer may go
3059 * away soon. Don't call it directly, use this method
3062 int tty_put_char(struct tty_struct *tty, unsigned char ch)
3064 if (tty->ops->put_char)
3065 return tty->ops->put_char(tty, ch);
3066 return tty->ops->write(tty, &ch, 1);
3068 EXPORT_SYMBOL_GPL(tty_put_char);
3070 struct class *tty_class;
3072 static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
3073 unsigned int index, unsigned int count)
3075 /* init here, since reused cdevs cause crashes */
3076 cdev_init(&driver->cdevs[index], &tty_fops);
3077 driver->cdevs[index].owner = driver->owner;
3078 return cdev_add(&driver->cdevs[index], dev, count);
3082 * tty_register_device - register a tty device
3083 * @driver: the tty driver that describes the tty device
3084 * @index: the index in the tty driver for this tty device
3085 * @device: a struct device that is associated with this tty device.
3086 * This field is optional, if there is no known struct device
3087 * for this tty device it can be set to NULL safely.
3089 * Returns a pointer to the struct device for this tty device
3090 * (or ERR_PTR(-EFOO) on error).
3092 * This call is required to be made to register an individual tty device
3093 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3094 * that bit is not set, this function should not be called by a tty
3100 struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3101 struct device *device)
3103 return tty_register_device_attr(driver, index, device, NULL, NULL);
3105 EXPORT_SYMBOL(tty_register_device);
3107 static void tty_device_create_release(struct device *dev)
3109 pr_debug("device: '%s': %s\n", dev_name(dev), __func__);
3114 * tty_register_device_attr - register a tty device
3115 * @driver: the tty driver that describes the tty device
3116 * @index: the index in the tty driver for this tty device
3117 * @device: a struct device that is associated with this tty device.
3118 * This field is optional, if there is no known struct device
3119 * for this tty device it can be set to NULL safely.
3120 * @drvdata: Driver data to be set to device.
3121 * @attr_grp: Attribute group to be set on device.
3123 * Returns a pointer to the struct device for this tty device
3124 * (or ERR_PTR(-EFOO) on error).
3126 * This call is required to be made to register an individual tty device
3127 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3128 * that bit is not set, this function should not be called by a tty
3133 struct device *tty_register_device_attr(struct tty_driver *driver,
3134 unsigned index, struct device *device,
3136 const struct attribute_group **attr_grp)
3139 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
3140 struct device *dev = NULL;
3141 int retval = -ENODEV;
3144 if (index >= driver->num) {
3145 printk(KERN_ERR "Attempt to register invalid tty line number "
3147 return ERR_PTR(-EINVAL);
3150 if (driver->type == TTY_DRIVER_TYPE_PTY)
3151 pty_line_name(driver, index, name);
3153 tty_line_name(driver, index, name);
3155 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3156 retval = tty_cdev_add(driver, devt, index, 1);
3162 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3169 dev->class = tty_class;
3170 dev->parent = device;
3171 dev->release = tty_device_create_release;
3172 dev_set_name(dev, "%s", name);
3173 dev->groups = attr_grp;
3174 dev_set_drvdata(dev, drvdata);
3176 retval = device_register(dev);
3185 cdev_del(&driver->cdevs[index]);
3186 return ERR_PTR(retval);
3188 EXPORT_SYMBOL_GPL(tty_register_device_attr);
3191 * tty_unregister_device - unregister a tty device
3192 * @driver: the tty driver that describes the tty device
3193 * @index: the index in the tty driver for this tty device
3195 * If a tty device is registered with a call to tty_register_device() then
3196 * this function must be called when the tty device is gone.
3201 void tty_unregister_device(struct tty_driver *driver, unsigned index)
3203 device_destroy(tty_class,
3204 MKDEV(driver->major, driver->minor_start) + index);
3205 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC))
3206 cdev_del(&driver->cdevs[index]);
3208 EXPORT_SYMBOL(tty_unregister_device);
3211 * __tty_alloc_driver -- allocate tty driver
3212 * @lines: count of lines this driver can handle at most
3213 * @owner: module which is repsonsible for this driver
3214 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3216 * This should not be called directly, some of the provided macros should be
3217 * used instead. Use IS_ERR and friends on @retval.
3219 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3220 unsigned long flags)
3222 struct tty_driver *driver;
3223 unsigned int cdevs = 1;
3226 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
3227 return ERR_PTR(-EINVAL);
3229 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
3231 return ERR_PTR(-ENOMEM);
3233 kref_init(&driver->kref);
3234 driver->magic = TTY_DRIVER_MAGIC;
3235 driver->num = lines;
3236 driver->owner = owner;
3237 driver->flags = flags;
3239 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3240 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3242 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3244 if (!driver->ttys || !driver->termios) {
3250 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3251 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3253 if (!driver->ports) {
3260 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3261 if (!driver->cdevs) {
3268 kfree(driver->ports);
3269 kfree(driver->ttys);
3270 kfree(driver->termios);
3272 return ERR_PTR(err);
3274 EXPORT_SYMBOL(__tty_alloc_driver);
3276 static void destruct_tty_driver(struct kref *kref)
3278 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3280 struct ktermios *tp;
3282 if (driver->flags & TTY_DRIVER_INSTALLED) {
3284 * Free the termios and termios_locked structures because
3285 * we don't want to get memory leaks when modular tty
3286 * drivers are removed from the kernel.
3288 for (i = 0; i < driver->num; i++) {
3289 tp = driver->termios[i];
3291 driver->termios[i] = NULL;
3294 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3295 tty_unregister_device(driver, i);
3297 proc_tty_unregister_driver(driver);
3298 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3299 cdev_del(&driver->cdevs[0]);
3301 kfree(driver->cdevs);
3302 kfree(driver->ports);
3303 kfree(driver->termios);
3304 kfree(driver->ttys);
3308 void tty_driver_kref_put(struct tty_driver *driver)
3310 kref_put(&driver->kref, destruct_tty_driver);
3312 EXPORT_SYMBOL(tty_driver_kref_put);
3314 void tty_set_operations(struct tty_driver *driver,
3315 const struct tty_operations *op)
3319 EXPORT_SYMBOL(tty_set_operations);
3321 void put_tty_driver(struct tty_driver *d)
3323 tty_driver_kref_put(d);
3325 EXPORT_SYMBOL(put_tty_driver);
3328 * Called by a tty driver to register itself.
3330 int tty_register_driver(struct tty_driver *driver)
3337 if (!driver->major) {
3338 error = alloc_chrdev_region(&dev, driver->minor_start,
3339 driver->num, driver->name);
3341 driver->major = MAJOR(dev);
3342 driver->minor_start = MINOR(dev);
3345 dev = MKDEV(driver->major, driver->minor_start);
3346 error = register_chrdev_region(dev, driver->num, driver->name);
3351 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3352 error = tty_cdev_add(driver, dev, 0, driver->num);
3354 goto err_unreg_char;
3357 mutex_lock(&tty_mutex);
3358 list_add(&driver->tty_drivers, &tty_drivers);
3359 mutex_unlock(&tty_mutex);
3361 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3362 for (i = 0; i < driver->num; i++) {
3363 d = tty_register_device(driver, i, NULL);
3366 goto err_unreg_devs;
3370 proc_tty_register_driver(driver);
3371 driver->flags |= TTY_DRIVER_INSTALLED;
3375 for (i--; i >= 0; i--)
3376 tty_unregister_device(driver, i);
3378 mutex_lock(&tty_mutex);
3379 list_del(&driver->tty_drivers);
3380 mutex_unlock(&tty_mutex);
3383 unregister_chrdev_region(dev, driver->num);
3387 EXPORT_SYMBOL(tty_register_driver);
3390 * Called by a tty driver to unregister itself.
3392 int tty_unregister_driver(struct tty_driver *driver)
3396 if (driver->refcount)
3399 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3401 mutex_lock(&tty_mutex);
3402 list_del(&driver->tty_drivers);
3403 mutex_unlock(&tty_mutex);
3407 EXPORT_SYMBOL(tty_unregister_driver);
3409 dev_t tty_devnum(struct tty_struct *tty)
3411 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3413 EXPORT_SYMBOL(tty_devnum);
3415 void proc_clear_tty(struct task_struct *p)
3417 unsigned long flags;
3418 struct tty_struct *tty;
3419 spin_lock_irqsave(&p->sighand->siglock, flags);
3420 tty = p->signal->tty;
3421 p->signal->tty = NULL;
3422 spin_unlock_irqrestore(&p->sighand->siglock, flags);
3426 /* Called under the sighand lock */
3428 static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3431 unsigned long flags;
3432 /* We should not have a session or pgrp to put here but.... */
3433 spin_lock_irqsave(&tty->ctrl_lock, flags);
3434 put_pid(tty->session);
3436 tty->pgrp = get_pid(task_pgrp(tsk));
3437 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3438 tty->session = get_pid(task_session(tsk));
3439 if (tsk->signal->tty) {
3440 printk(KERN_DEBUG "tty not NULL!!\n");
3441 tty_kref_put(tsk->signal->tty);
3444 put_pid(tsk->signal->tty_old_pgrp);
3445 tsk->signal->tty = tty_kref_get(tty);
3446 tsk->signal->tty_old_pgrp = NULL;
3449 static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3451 spin_lock_irq(&tsk->sighand->siglock);
3452 __proc_set_tty(tsk, tty);
3453 spin_unlock_irq(&tsk->sighand->siglock);
3456 struct tty_struct *get_current_tty(void)
3458 struct tty_struct *tty;
3459 unsigned long flags;
3461 spin_lock_irqsave(¤t->sighand->siglock, flags);
3462 tty = tty_kref_get(current->signal->tty);
3463 spin_unlock_irqrestore(¤t->sighand->siglock, flags);
3466 EXPORT_SYMBOL_GPL(get_current_tty);
3468 void tty_default_fops(struct file_operations *fops)
3474 * Initialize the console device. This is called *early*, so
3475 * we can't necessarily depend on lots of kernel help here.
3476 * Just do some early initializations, and do the complex setup
3479 void __init console_init(void)
3483 /* Setup the default TTY line discipline. */
3487 * set up the console device so that later boot sequences can
3488 * inform about problems etc..
3490 call = __con_initcall_start;
3491 while (call < __con_initcall_end) {
3497 static char *tty_devnode(struct device *dev, umode_t *mode)
3501 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3502 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3507 static int __init tty_class_init(void)
3509 tty_class = class_create(THIS_MODULE, "tty");
3510 if (IS_ERR(tty_class))
3511 return PTR_ERR(tty_class);
3512 tty_class->devnode = tty_devnode;
3516 postcore_initcall(tty_class_init);
3518 /* 3/2004 jmc: why do these devices exist? */
3519 static struct cdev tty_cdev, console_cdev;
3521 static ssize_t show_cons_active(struct device *dev,
3522 struct device_attribute *attr, char *buf)
3524 struct console *cs[16];
3530 for_each_console(c) {
3535 if ((c->flags & CON_ENABLED) == 0)
3538 if (i >= ARRAY_SIZE(cs))
3542 count += sprintf(buf + count, "%s%d%c",
3543 cs[i]->name, cs[i]->index, i ? ' ':'\n');
3548 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3550 static struct device *consdev;
3552 void console_sysfs_notify(void)
3555 sysfs_notify(&consdev->kobj, NULL, "active");
3559 * Ok, now we can initialize the rest of the tty devices and can count
3560 * on memory allocations, interrupts etc..
3562 int __init tty_init(void)
3564 cdev_init(&tty_cdev, &tty_fops);
3565 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3566 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3567 panic("Couldn't register /dev/tty driver\n");
3568 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3570 cdev_init(&console_cdev, &console_fops);
3571 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3572 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3573 panic("Couldn't register /dev/console driver\n");
3574 consdev = device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
3576 if (IS_ERR(consdev))
3579 WARN_ON(device_create_file(consdev, &dev_attr_active) < 0);
3582 vty_init(&console_fops);
projects / GitHub / exynos8895 / android_kernel_samsung_universal8895.git / blob