2 * Copyright (C) 1991, 1992 Linus Torvalds
6 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
7 * or rs-channels. It also implements echoing, cooked mode etc.
9 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
11 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
12 * tty_struct and tty_queue structures. Previously there was an array
13 * of 256 tty_struct's which was statically allocated, and the
14 * tty_queue structures were allocated at boot time. Both are now
15 * dynamically allocated only when the tty is open.
17 * Also restructured routines so that there is more of a separation
18 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
19 * the low-level tty routines (serial.c, pty.c, console.c). This
20 * makes for cleaner and more compact code. -TYT, 9/17/92
22 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
23 * which can be dynamically activated and de-activated by the line
24 * discipline handling modules (like SLIP).
26 * NOTE: pay no attention to the line discipline code (yet); its
27 * interface is still subject to change in this version...
30 * Added functionality to the OPOST tty handling. No delays, but all
31 * other bits should be there.
32 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
34 * Rewrote canonical mode and added more termios flags.
35 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
37 * Reorganized FASYNC support so mouse code can share it.
38 * -- ctm@ardi.com, 9Sep95
40 * New TIOCLINUX variants added.
41 * -- mj@k332.feld.cvut.cz, 19-Nov-95
43 * Restrict vt switching via ioctl()
44 * -- grif@cs.ucr.edu, 5-Dec-95
46 * Move console and virtual terminal code to more appropriate files,
47 * implement CONFIG_VT and generalize console device interface.
48 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
50 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
51 * -- Bill Hawes <whawes@star.net>, June 97
53 * Added devfs support.
54 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
56 * Added support for a Unix98-style ptmx device.
57 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
59 * Reduced memory usage for older ARM systems
60 * -- Russell King <rmk@arm.linux.org.uk>
62 * Move do_SAK() into process context. Less stack use in devfs functions.
63 * alloc_tty_struct() always uses kmalloc()
64 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
67 #include <linux/types.h>
68 #include <linux/major.h>
69 #include <linux/errno.h>
70 #include <linux/signal.h>
71 #include <linux/fcntl.h>
72 #include <linux/sched.h>
73 #include <linux/interrupt.h>
74 #include <linux/tty.h>
75 #include <linux/tty_driver.h>
76 #include <linux/tty_flip.h>
77 #include <linux/devpts_fs.h>
78 #include <linux/file.h>
79 #include <linux/fdtable.h>
80 #include <linux/console.h>
81 #include <linux/timer.h>
82 #include <linux/ctype.h>
85 #include <linux/string.h>
86 #include <linux/slab.h>
87 #include <linux/poll.h>
88 #include <linux/proc_fs.h>
89 #include <linux/init.h>
90 #include <linux/module.h>
91 #include <linux/device.h>
92 #include <linux/wait.h>
93 #include <linux/bitops.h>
94 #include <linux/delay.h>
95 #include <linux/seq_file.h>
96 #include <linux/serial.h>
97 #include <linux/ratelimit.h>
99 #include <linux/uaccess.h>
101 #include <linux/kbd_kern.h>
102 #include <linux/vt_kern.h>
103 #include <linux/selection.h>
105 #include <linux/kmod.h>
106 #include <linux/nsproxy.h>
108 #undef TTY_DEBUG_HANGUP
109 #ifdef TTY_DEBUG_HANGUP
110 # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args)
112 # define tty_debug_hangup(tty, f, args...) do { } while (0)
115 #define TTY_PARANOIA_CHECK 1
116 #define CHECK_TTY_COUNT 1
118 struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
119 .c_iflag = ICRNL | IXON,
120 .c_oflag = OPOST | ONLCR,
121 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
122 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
123 ECHOCTL | ECHOKE | IEXTEN,
127 /* .c_line = N_TTY, */
130 EXPORT_SYMBOL(tty_std_termios);
132 /* This list gets poked at by procfs and various bits of boot up code. This
133 could do with some rationalisation such as pulling the tty proc function
136 LIST_HEAD(tty_drivers); /* linked list of tty drivers */
138 /* Mutex to protect creating and releasing a tty */
139 DEFINE_MUTEX(tty_mutex);
141 static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
142 static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
143 ssize_t redirected_tty_write(struct file *, const char __user *,
145 static unsigned int tty_poll(struct file *, poll_table *);
146 static int tty_open(struct inode *, struct file *);
147 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
149 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
152 #define tty_compat_ioctl NULL
154 static int __tty_fasync(int fd, struct file *filp, int on);
155 static int tty_fasync(int fd, struct file *filp, int on);
156 static void release_tty(struct tty_struct *tty, int idx);
159 * free_tty_struct - free a disused tty
160 * @tty: tty struct to free
162 * Free the write buffers, tty queue and tty memory itself.
164 * Locking: none. Must be called after tty is definitely unused
167 static void free_tty_struct(struct tty_struct *tty)
169 tty_ldisc_deinit(tty);
170 put_device(tty->dev);
171 kfree(tty->write_buf);
172 tty->magic = 0xDEADDEAD;
176 static inline struct tty_struct *file_tty(struct file *file)
178 return ((struct tty_file_private *)file->private_data)->tty;
181 int tty_alloc_file(struct file *file)
183 struct tty_file_private *priv;
185 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
189 file->private_data = priv;
194 /* Associate a new file with the tty structure */
195 void tty_add_file(struct tty_struct *tty, struct file *file)
197 struct tty_file_private *priv = file->private_data;
202 spin_lock(&tty->files_lock);
203 list_add(&priv->list, &tty->tty_files);
204 spin_unlock(&tty->files_lock);
208 * tty_free_file - free file->private_data
210 * This shall be used only for fail path handling when tty_add_file was not
213 void tty_free_file(struct file *file)
215 struct tty_file_private *priv = file->private_data;
217 file->private_data = NULL;
221 /* Delete file from its tty */
222 static void tty_del_file(struct file *file)
224 struct tty_file_private *priv = file->private_data;
225 struct tty_struct *tty = priv->tty;
227 spin_lock(&tty->files_lock);
228 list_del(&priv->list);
229 spin_unlock(&tty->files_lock);
234 * tty_name - return tty naming
235 * @tty: tty structure
237 * Convert a tty structure into a name. The name reflects the kernel
238 * naming policy and if udev is in use may not reflect user space
243 const char *tty_name(const struct tty_struct *tty)
245 if (!tty) /* Hmm. NULL pointer. That's fun. */
250 EXPORT_SYMBOL(tty_name);
252 const char *tty_driver_name(const struct tty_struct *tty)
254 if (!tty || !tty->driver)
256 return tty->driver->name;
259 static int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
262 #ifdef TTY_PARANOIA_CHECK
264 pr_warn("(%d:%d): %s: NULL tty\n",
265 imajor(inode), iminor(inode), routine);
268 if (tty->magic != TTY_MAGIC) {
269 pr_warn("(%d:%d): %s: bad magic number\n",
270 imajor(inode), iminor(inode), routine);
277 /* Caller must hold tty_lock */
278 static int check_tty_count(struct tty_struct *tty, const char *routine)
280 #ifdef CHECK_TTY_COUNT
284 spin_lock(&tty->files_lock);
285 list_for_each(p, &tty->tty_files) {
288 spin_unlock(&tty->files_lock);
289 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
290 tty->driver->subtype == PTY_TYPE_SLAVE &&
291 tty->link && tty->link->count)
293 if (tty->count != count) {
294 tty_warn(tty, "%s: tty->count(%d) != #fd's(%d)\n",
295 routine, tty->count, count);
303 * get_tty_driver - find device of a tty
304 * @dev_t: device identifier
305 * @index: returns the index of the tty
307 * This routine returns a tty driver structure, given a device number
308 * and also passes back the index number.
310 * Locking: caller must hold tty_mutex
313 static struct tty_driver *get_tty_driver(dev_t device, int *index)
315 struct tty_driver *p;
317 list_for_each_entry(p, &tty_drivers, tty_drivers) {
318 dev_t base = MKDEV(p->major, p->minor_start);
319 if (device < base || device >= base + p->num)
321 *index = device - base;
322 return tty_driver_kref_get(p);
327 #ifdef CONFIG_CONSOLE_POLL
330 * tty_find_polling_driver - find device of a polled tty
331 * @name: name string to match
332 * @line: pointer to resulting tty line nr
334 * This routine returns a tty driver structure, given a name
335 * and the condition that the tty driver is capable of polled
338 struct tty_driver *tty_find_polling_driver(char *name, int *line)
340 struct tty_driver *p, *res = NULL;
345 for (str = name; *str; str++)
346 if ((*str >= '0' && *str <= '9') || *str == ',')
352 tty_line = simple_strtoul(str, &str, 10);
354 mutex_lock(&tty_mutex);
355 /* Search through the tty devices to look for a match */
356 list_for_each_entry(p, &tty_drivers, tty_drivers) {
357 if (strncmp(name, p->name, len) != 0)
365 if (tty_line >= 0 && tty_line < p->num && p->ops &&
366 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
367 res = tty_driver_kref_get(p);
372 mutex_unlock(&tty_mutex);
376 EXPORT_SYMBOL_GPL(tty_find_polling_driver);
379 static int is_ignored(int sig)
381 return (sigismember(¤t->blocked, sig) ||
382 current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
386 * tty_check_change - check for POSIX terminal changes
389 * If we try to write to, or set the state of, a terminal and we're
390 * not in the foreground, send a SIGTTOU. If the signal is blocked or
391 * ignored, go ahead and perform the operation. (POSIX 7.2)
396 int __tty_check_change(struct tty_struct *tty, int sig)
399 struct pid *pgrp, *tty_pgrp;
402 if (current->signal->tty != tty)
406 pgrp = task_pgrp(current);
408 spin_lock_irqsave(&tty->ctrl_lock, flags);
409 tty_pgrp = tty->pgrp;
410 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
412 if (tty_pgrp && pgrp != tty->pgrp) {
413 if (is_ignored(sig)) {
416 } else if (is_current_pgrp_orphaned())
419 kill_pgrp(pgrp, sig, 1);
420 set_thread_flag(TIF_SIGPENDING);
427 tty_warn(tty, "sig=%d, tty->pgrp == NULL!\n", sig);
432 int tty_check_change(struct tty_struct *tty)
434 return __tty_check_change(tty, SIGTTOU);
436 EXPORT_SYMBOL(tty_check_change);
438 static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
439 size_t count, loff_t *ppos)
444 static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
445 size_t count, loff_t *ppos)
450 /* No kernel lock held - none needed ;) */
451 static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
453 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
456 static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
459 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
462 static long hung_up_tty_compat_ioctl(struct file *file,
463 unsigned int cmd, unsigned long arg)
465 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
468 static int hung_up_tty_fasync(int fd, struct file *file, int on)
473 static const struct file_operations tty_fops = {
478 .unlocked_ioctl = tty_ioctl,
479 .compat_ioctl = tty_compat_ioctl,
481 .release = tty_release,
482 .fasync = tty_fasync,
485 static const struct file_operations console_fops = {
488 .write = redirected_tty_write,
490 .unlocked_ioctl = tty_ioctl,
491 .compat_ioctl = tty_compat_ioctl,
493 .release = tty_release,
494 .fasync = tty_fasync,
497 static const struct file_operations hung_up_tty_fops = {
499 .read = hung_up_tty_read,
500 .write = hung_up_tty_write,
501 .poll = hung_up_tty_poll,
502 .unlocked_ioctl = hung_up_tty_ioctl,
503 .compat_ioctl = hung_up_tty_compat_ioctl,
504 .release = tty_release,
505 .fasync = hung_up_tty_fasync,
508 static DEFINE_SPINLOCK(redirect_lock);
509 static struct file *redirect;
512 void proc_clear_tty(struct task_struct *p)
515 struct tty_struct *tty;
516 spin_lock_irqsave(&p->sighand->siglock, flags);
517 tty = p->signal->tty;
518 p->signal->tty = NULL;
519 spin_unlock_irqrestore(&p->sighand->siglock, flags);
524 * proc_set_tty - set the controlling terminal
526 * Only callable by the session leader and only if it does not already have
527 * a controlling terminal.
529 * Caller must hold: tty_lock()
530 * a readlock on tasklist_lock
533 static void __proc_set_tty(struct tty_struct *tty)
537 spin_lock_irqsave(&tty->ctrl_lock, flags);
539 * The session and fg pgrp references will be non-NULL if
540 * tiocsctty() is stealing the controlling tty
542 put_pid(tty->session);
544 tty->pgrp = get_pid(task_pgrp(current));
545 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
546 tty->session = get_pid(task_session(current));
547 if (current->signal->tty) {
548 tty_debug(tty, "current tty %s not NULL!!\n",
549 current->signal->tty->name);
550 tty_kref_put(current->signal->tty);
552 put_pid(current->signal->tty_old_pgrp);
553 current->signal->tty = tty_kref_get(tty);
554 current->signal->tty_old_pgrp = NULL;
557 static void proc_set_tty(struct tty_struct *tty)
559 spin_lock_irq(¤t->sighand->siglock);
561 spin_unlock_irq(¤t->sighand->siglock);
564 struct tty_struct *get_current_tty(void)
566 struct tty_struct *tty;
569 spin_lock_irqsave(¤t->sighand->siglock, flags);
570 tty = tty_kref_get(current->signal->tty);
571 spin_unlock_irqrestore(¤t->sighand->siglock, flags);
574 EXPORT_SYMBOL_GPL(get_current_tty);
576 static void session_clear_tty(struct pid *session)
578 struct task_struct *p;
579 do_each_pid_task(session, PIDTYPE_SID, p) {
581 } while_each_pid_task(session, PIDTYPE_SID, p);
585 * tty_wakeup - request more data
588 * Internal and external helper for wakeups of tty. This function
589 * informs the line discipline if present that the driver is ready
590 * to receive more output data.
593 void tty_wakeup(struct tty_struct *tty)
595 struct tty_ldisc *ld;
597 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
598 ld = tty_ldisc_ref(tty);
600 if (ld->ops->write_wakeup)
601 ld->ops->write_wakeup(tty);
605 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
608 EXPORT_SYMBOL_GPL(tty_wakeup);
611 * tty_signal_session_leader - sends SIGHUP to session leader
612 * @tty controlling tty
613 * @exit_session if non-zero, signal all foreground group processes
615 * Send SIGHUP and SIGCONT to the session leader and its process group.
616 * Optionally, signal all processes in the foreground process group.
618 * Returns the number of processes in the session with this tty
619 * as their controlling terminal. This value is used to drop
620 * tty references for those processes.
622 static int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
624 struct task_struct *p;
626 struct pid *tty_pgrp = NULL;
628 read_lock(&tasklist_lock);
630 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
631 spin_lock_irq(&p->sighand->siglock);
632 if (p->signal->tty == tty) {
633 p->signal->tty = NULL;
634 /* We defer the dereferences outside fo
638 if (!p->signal->leader) {
639 spin_unlock_irq(&p->sighand->siglock);
642 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
643 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
644 put_pid(p->signal->tty_old_pgrp); /* A noop */
645 spin_lock(&tty->ctrl_lock);
646 tty_pgrp = get_pid(tty->pgrp);
648 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
649 spin_unlock(&tty->ctrl_lock);
650 spin_unlock_irq(&p->sighand->siglock);
651 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
653 read_unlock(&tasklist_lock);
657 kill_pgrp(tty_pgrp, SIGHUP, exit_session);
665 * __tty_hangup - actual handler for hangup events
668 * This can be called by a "kworker" kernel thread. That is process
669 * synchronous but doesn't hold any locks, so we need to make sure we
670 * have the appropriate locks for what we're doing.
672 * The hangup event clears any pending redirections onto the hung up
673 * device. It ensures future writes will error and it does the needed
674 * line discipline hangup and signal delivery. The tty object itself
679 * redirect lock for undoing redirection
680 * file list lock for manipulating list of ttys
681 * tty_ldiscs_lock from called functions
682 * termios_rwsem resetting termios data
683 * tasklist_lock to walk task list for hangup event
684 * ->siglock to protect ->signal/->sighand
686 static void __tty_hangup(struct tty_struct *tty, int exit_session)
688 struct file *cons_filp = NULL;
689 struct file *filp, *f = NULL;
690 struct tty_file_private *priv;
691 int closecount = 0, n;
698 spin_lock(&redirect_lock);
699 if (redirect && file_tty(redirect) == tty) {
703 spin_unlock(&redirect_lock);
707 if (test_bit(TTY_HUPPED, &tty->flags)) {
712 /* inuse_filps is protected by the single tty lock,
713 this really needs to change if we want to flush the
714 workqueue with the lock held */
715 check_tty_count(tty, "tty_hangup");
717 spin_lock(&tty->files_lock);
718 /* This breaks for file handles being sent over AF_UNIX sockets ? */
719 list_for_each_entry(priv, &tty->tty_files, list) {
721 if (filp->f_op->write == redirected_tty_write)
723 if (filp->f_op->write != tty_write)
726 __tty_fasync(-1, filp, 0); /* can't block */
727 filp->f_op = &hung_up_tty_fops;
729 spin_unlock(&tty->files_lock);
731 refs = tty_signal_session_leader(tty, exit_session);
732 /* Account for the p->signal references we killed */
736 tty_ldisc_hangup(tty, cons_filp != NULL);
738 spin_lock_irq(&tty->ctrl_lock);
739 clear_bit(TTY_THROTTLED, &tty->flags);
740 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
741 put_pid(tty->session);
745 tty->ctrl_status = 0;
746 spin_unlock_irq(&tty->ctrl_lock);
749 * If one of the devices matches a console pointer, we
750 * cannot just call hangup() because that will cause
751 * tty->count and state->count to go out of sync.
752 * So we just call close() the right number of times.
756 for (n = 0; n < closecount; n++)
757 tty->ops->close(tty, cons_filp);
758 } else if (tty->ops->hangup)
759 tty->ops->hangup(tty);
761 * We don't want to have driver/ldisc interactions beyond the ones
762 * we did here. The driver layer expects no calls after ->hangup()
763 * from the ldisc side, which is now guaranteed.
765 set_bit(TTY_HUPPED, &tty->flags);
772 static void do_tty_hangup(struct work_struct *work)
774 struct tty_struct *tty =
775 container_of(work, struct tty_struct, hangup_work);
777 __tty_hangup(tty, 0);
781 * tty_hangup - trigger a hangup event
782 * @tty: tty to hangup
784 * A carrier loss (virtual or otherwise) has occurred on this like
785 * schedule a hangup sequence to run after this event.
788 void tty_hangup(struct tty_struct *tty)
790 tty_debug_hangup(tty, "hangup\n");
791 schedule_work(&tty->hangup_work);
794 EXPORT_SYMBOL(tty_hangup);
797 * tty_vhangup - process vhangup
798 * @tty: tty to hangup
800 * The user has asked via system call for the terminal to be hung up.
801 * We do this synchronously so that when the syscall returns the process
802 * is complete. That guarantee is necessary for security reasons.
805 void tty_vhangup(struct tty_struct *tty)
807 tty_debug_hangup(tty, "vhangup\n");
808 __tty_hangup(tty, 0);
811 EXPORT_SYMBOL(tty_vhangup);
815 * tty_vhangup_self - process vhangup for own ctty
817 * Perform a vhangup on the current controlling tty
820 void tty_vhangup_self(void)
822 struct tty_struct *tty;
824 tty = get_current_tty();
832 * tty_vhangup_session - hangup session leader exit
833 * @tty: tty to hangup
835 * The session leader is exiting and hanging up its controlling terminal.
836 * Every process in the foreground process group is signalled SIGHUP.
838 * We do this synchronously so that when the syscall returns the process
839 * is complete. That guarantee is necessary for security reasons.
842 static void tty_vhangup_session(struct tty_struct *tty)
844 tty_debug_hangup(tty, "session hangup\n");
845 __tty_hangup(tty, 1);
849 * tty_hung_up_p - was tty hung up
850 * @filp: file pointer of tty
852 * Return true if the tty has been subject to a vhangup or a carrier
856 int tty_hung_up_p(struct file *filp)
858 return (filp && filp->f_op == &hung_up_tty_fops);
861 EXPORT_SYMBOL(tty_hung_up_p);
864 * disassociate_ctty - disconnect controlling tty
865 * @on_exit: true if exiting so need to "hang up" the session
867 * This function is typically called only by the session leader, when
868 * it wants to disassociate itself from its controlling tty.
870 * It performs the following functions:
871 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
872 * (2) Clears the tty from being controlling the session
873 * (3) Clears the controlling tty for all processes in the
876 * The argument on_exit is set to 1 if called when a process is
877 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
880 * BTM is taken for hysterical raisins, and held when
881 * called from no_tty().
882 * tty_mutex is taken to protect tty
883 * ->siglock is taken to protect ->signal/->sighand
884 * tasklist_lock is taken to walk process list for sessions
885 * ->siglock is taken to protect ->signal/->sighand
888 void disassociate_ctty(int on_exit)
890 struct tty_struct *tty;
892 if (!current->signal->leader)
895 tty = get_current_tty();
897 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
898 tty_vhangup_session(tty);
900 struct pid *tty_pgrp = tty_get_pgrp(tty);
902 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
904 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
910 } else if (on_exit) {
911 struct pid *old_pgrp;
912 spin_lock_irq(¤t->sighand->siglock);
913 old_pgrp = current->signal->tty_old_pgrp;
914 current->signal->tty_old_pgrp = NULL;
915 spin_unlock_irq(¤t->sighand->siglock);
917 kill_pgrp(old_pgrp, SIGHUP, on_exit);
918 kill_pgrp(old_pgrp, SIGCONT, on_exit);
924 spin_lock_irq(¤t->sighand->siglock);
925 put_pid(current->signal->tty_old_pgrp);
926 current->signal->tty_old_pgrp = NULL;
928 tty = tty_kref_get(current->signal->tty);
931 spin_lock_irqsave(&tty->ctrl_lock, flags);
932 put_pid(tty->session);
936 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
939 tty_debug_hangup(tty, "no current tty\n");
941 spin_unlock_irq(¤t->sighand->siglock);
942 /* Now clear signal->tty under the lock */
943 read_lock(&tasklist_lock);
944 session_clear_tty(task_session(current));
945 read_unlock(&tasklist_lock);
950 * no_tty - Ensure the current process does not have a controlling tty
954 /* FIXME: Review locking here. The tty_lock never covered any race
955 between a new association and proc_clear_tty but possible we need
956 to protect against this anyway */
957 struct task_struct *tsk = current;
958 disassociate_ctty(0);
964 * stop_tty - propagate flow control
967 * Perform flow control to the driver. May be called
968 * on an already stopped device and will not re-call the driver
971 * This functionality is used by both the line disciplines for
972 * halting incoming flow and by the driver. It may therefore be
973 * called from any context, may be under the tty atomic_write_lock
980 void __stop_tty(struct tty_struct *tty)
989 void stop_tty(struct tty_struct *tty)
993 spin_lock_irqsave(&tty->flow_lock, flags);
995 spin_unlock_irqrestore(&tty->flow_lock, flags);
997 EXPORT_SYMBOL(stop_tty);
1000 * start_tty - propagate flow control
1001 * @tty: tty to start
1003 * Start a tty that has been stopped if at all possible. If this
1004 * tty was previous stopped and is now being started, the driver
1005 * start method is invoked and the line discipline woken.
1011 void __start_tty(struct tty_struct *tty)
1013 if (!tty->stopped || tty->flow_stopped)
1016 if (tty->ops->start)
1017 tty->ops->start(tty);
1021 void start_tty(struct tty_struct *tty)
1023 unsigned long flags;
1025 spin_lock_irqsave(&tty->flow_lock, flags);
1027 spin_unlock_irqrestore(&tty->flow_lock, flags);
1029 EXPORT_SYMBOL(start_tty);
1031 static void tty_update_time(struct timespec *time)
1033 unsigned long sec = get_seconds();
1036 * We only care if the two values differ in anything other than the
1037 * lower three bits (i.e every 8 seconds). If so, then we can update
1038 * the time of the tty device, otherwise it could be construded as a
1039 * security leak to let userspace know the exact timing of the tty.
1041 if ((sec ^ time->tv_sec) & ~7)
1046 * tty_read - read method for tty device files
1047 * @file: pointer to tty file
1049 * @count: size of user buffer
1052 * Perform the read system call function on this terminal device. Checks
1053 * for hung up devices before calling the line discipline method.
1056 * Locks the line discipline internally while needed. Multiple
1057 * read calls may be outstanding in parallel.
1060 static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
1064 struct inode *inode = file_inode(file);
1065 struct tty_struct *tty = file_tty(file);
1066 struct tty_ldisc *ld;
1068 if (tty_paranoia_check(tty, inode, "tty_read"))
1070 if (!tty || tty_io_error(tty))
1073 /* We want to wait for the line discipline to sort out in this
1075 ld = tty_ldisc_ref_wait(tty);
1077 return hung_up_tty_read(file, buf, count, ppos);
1079 i = ld->ops->read(tty, file, buf, count);
1082 tty_ldisc_deref(ld);
1085 tty_update_time(&inode->i_atime);
1090 static void tty_write_unlock(struct tty_struct *tty)
1092 mutex_unlock(&tty->atomic_write_lock);
1093 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
1096 static int tty_write_lock(struct tty_struct *tty, int ndelay)
1098 if (!mutex_trylock(&tty->atomic_write_lock)) {
1101 if (mutex_lock_interruptible(&tty->atomic_write_lock))
1102 return -ERESTARTSYS;
1108 * Split writes up in sane blocksizes to avoid
1109 * denial-of-service type attacks
1111 static inline ssize_t do_tty_write(
1112 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
1113 struct tty_struct *tty,
1115 const char __user *buf,
1118 ssize_t ret, written = 0;
1121 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
1126 * We chunk up writes into a temporary buffer. This
1127 * simplifies low-level drivers immensely, since they
1128 * don't have locking issues and user mode accesses.
1130 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1133 * The default chunk-size is 2kB, because the NTTY
1134 * layer has problems with bigger chunks. It will
1135 * claim to be able to handle more characters than
1138 * FIXME: This can probably go away now except that 64K chunks
1139 * are too likely to fail unless switched to vmalloc...
1142 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1147 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1148 if (tty->write_cnt < chunk) {
1149 unsigned char *buf_chunk;
1154 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1159 kfree(tty->write_buf);
1160 tty->write_cnt = chunk;
1161 tty->write_buf = buf_chunk;
1164 /* Do the write .. */
1166 size_t size = count;
1170 if (copy_from_user(tty->write_buf, buf, size))
1172 ret = write(tty, file, tty->write_buf, size);
1181 if (signal_pending(current))
1186 tty_update_time(&file_inode(file)->i_mtime);
1190 tty_write_unlock(tty);
1195 * tty_write_message - write a message to a certain tty, not just the console.
1196 * @tty: the destination tty_struct
1197 * @msg: the message to write
1199 * This is used for messages that need to be redirected to a specific tty.
1200 * We don't put it into the syslog queue right now maybe in the future if
1203 * We must still hold the BTM and test the CLOSING flag for the moment.
1206 void tty_write_message(struct tty_struct *tty, char *msg)
1209 mutex_lock(&tty->atomic_write_lock);
1211 if (tty->ops->write && tty->count > 0)
1212 tty->ops->write(tty, msg, strlen(msg));
1214 tty_write_unlock(tty);
1221 * tty_write - write method for tty device file
1222 * @file: tty file pointer
1223 * @buf: user data to write
1224 * @count: bytes to write
1227 * Write data to a tty device via the line discipline.
1230 * Locks the line discipline as required
1231 * Writes to the tty driver are serialized by the atomic_write_lock
1232 * and are then processed in chunks to the device. The line discipline
1233 * write method will not be invoked in parallel for each device.
1236 static ssize_t tty_write(struct file *file, const char __user *buf,
1237 size_t count, loff_t *ppos)
1239 struct tty_struct *tty = file_tty(file);
1240 struct tty_ldisc *ld;
1243 if (tty_paranoia_check(tty, file_inode(file), "tty_write"))
1245 if (!tty || !tty->ops->write || tty_io_error(tty))
1247 /* Short term debug to catch buggy drivers */
1248 if (tty->ops->write_room == NULL)
1249 tty_err(tty, "missing write_room method\n");
1250 ld = tty_ldisc_ref_wait(tty);
1252 return hung_up_tty_write(file, buf, count, ppos);
1253 if (!ld->ops->write)
1256 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1257 tty_ldisc_deref(ld);
1261 ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1262 size_t count, loff_t *ppos)
1264 struct file *p = NULL;
1266 spin_lock(&redirect_lock);
1268 p = get_file(redirect);
1269 spin_unlock(&redirect_lock);
1273 res = vfs_write(p, buf, count, &p->f_pos);
1277 return tty_write(file, buf, count, ppos);
1281 * tty_send_xchar - send priority character
1283 * Send a high priority character to the tty even if stopped
1285 * Locking: none for xchar method, write ordering for write method.
1288 int tty_send_xchar(struct tty_struct *tty, char ch)
1290 int was_stopped = tty->stopped;
1292 if (tty->ops->send_xchar) {
1293 down_read(&tty->termios_rwsem);
1294 tty->ops->send_xchar(tty, ch);
1295 up_read(&tty->termios_rwsem);
1299 if (tty_write_lock(tty, 0) < 0)
1300 return -ERESTARTSYS;
1302 down_read(&tty->termios_rwsem);
1305 tty->ops->write(tty, &ch, 1);
1308 up_read(&tty->termios_rwsem);
1309 tty_write_unlock(tty);
1313 static char ptychar[] = "pqrstuvwxyzabcde";
1316 * pty_line_name - generate name for a pty
1317 * @driver: the tty driver in use
1318 * @index: the minor number
1319 * @p: output buffer of at least 6 bytes
1321 * Generate a name from a driver reference and write it to the output
1326 static void pty_line_name(struct tty_driver *driver, int index, char *p)
1328 int i = index + driver->name_base;
1329 /* ->name is initialized to "ttyp", but "tty" is expected */
1330 sprintf(p, "%s%c%x",
1331 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1332 ptychar[i >> 4 & 0xf], i & 0xf);
1336 * tty_line_name - generate name for a tty
1337 * @driver: the tty driver in use
1338 * @index: the minor number
1339 * @p: output buffer of at least 7 bytes
1341 * Generate a name from a driver reference and write it to the output
1346 static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p)
1348 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE)
1349 return sprintf(p, "%s", driver->name);
1351 return sprintf(p, "%s%d", driver->name,
1352 index + driver->name_base);
1356 * tty_driver_lookup_tty() - find an existing tty, if any
1357 * @driver: the driver for the tty
1358 * @idx: the minor number
1360 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the
1361 * driver lookup() method returns an error.
1363 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref.
1365 static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1366 struct file *file, int idx)
1368 struct tty_struct *tty;
1370 if (driver->ops->lookup)
1371 tty = driver->ops->lookup(driver, file, idx);
1373 tty = driver->ttys[idx];
1381 * tty_init_termios - helper for termios setup
1382 * @tty: the tty to set up
1384 * Initialise the termios structures for this tty. Thus runs under
1385 * the tty_mutex currently so we can be relaxed about ordering.
1388 void tty_init_termios(struct tty_struct *tty)
1390 struct ktermios *tp;
1391 int idx = tty->index;
1393 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1394 tty->termios = tty->driver->init_termios;
1396 /* Check for lazy saved data */
1397 tp = tty->driver->termios[idx];
1400 tty->termios.c_line = tty->driver->init_termios.c_line;
1402 tty->termios = tty->driver->init_termios;
1404 /* Compatibility until drivers always set this */
1405 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios);
1406 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios);
1408 EXPORT_SYMBOL_GPL(tty_init_termios);
1410 int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty)
1412 tty_init_termios(tty);
1413 tty_driver_kref_get(driver);
1415 driver->ttys[tty->index] = tty;
1418 EXPORT_SYMBOL_GPL(tty_standard_install);
1421 * tty_driver_install_tty() - install a tty entry in the driver
1422 * @driver: the driver for the tty
1425 * Install a tty object into the driver tables. The tty->index field
1426 * will be set by the time this is called. This method is responsible
1427 * for ensuring any need additional structures are allocated and
1430 * Locking: tty_mutex for now
1432 static int tty_driver_install_tty(struct tty_driver *driver,
1433 struct tty_struct *tty)
1435 return driver->ops->install ? driver->ops->install(driver, tty) :
1436 tty_standard_install(driver, tty);
1440 * tty_driver_remove_tty() - remove a tty from the driver tables
1441 * @driver: the driver for the tty
1442 * @idx: the minor number
1444 * Remvoe a tty object from the driver tables. The tty->index field
1445 * will be set by the time this is called.
1447 * Locking: tty_mutex for now
1449 static void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty)
1451 if (driver->ops->remove)
1452 driver->ops->remove(driver, tty);
1454 driver->ttys[tty->index] = NULL;
1458 * tty_reopen() - fast re-open of an open tty
1459 * @tty - the tty to open
1461 * Return 0 on success, -errno on error.
1462 * Re-opens on master ptys are not allowed and return -EIO.
1464 * Locking: Caller must hold tty_lock
1466 static int tty_reopen(struct tty_struct *tty)
1468 struct tty_driver *driver = tty->driver;
1470 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1471 driver->subtype == PTY_TYPE_MASTER)
1477 if (test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN))
1483 return tty_ldisc_reinit(tty, tty->termios.c_line);
1489 * tty_init_dev - initialise a tty device
1490 * @driver: tty driver we are opening a device on
1491 * @idx: device index
1492 * @ret_tty: returned tty structure
1494 * Prepare a tty device. This may not be a "new" clean device but
1495 * could also be an active device. The pty drivers require special
1496 * handling because of this.
1499 * The function is called under the tty_mutex, which
1500 * protects us from the tty struct or driver itself going away.
1502 * On exit the tty device has the line discipline attached and
1503 * a reference count of 1. If a pair was created for pty/tty use
1504 * and the other was a pty master then it too has a reference count of 1.
1506 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1507 * failed open. The new code protects the open with a mutex, so it's
1508 * really quite straightforward. The mutex locking can probably be
1509 * relaxed for the (most common) case of reopening a tty.
1512 struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
1514 struct tty_struct *tty;
1518 * First time open is complex, especially for PTY devices.
1519 * This code guarantees that either everything succeeds and the
1520 * TTY is ready for operation, or else the table slots are vacated
1521 * and the allocated memory released. (Except that the termios
1522 * and locked termios may be retained.)
1525 if (!try_module_get(driver->owner))
1526 return ERR_PTR(-ENODEV);
1528 tty = alloc_tty_struct(driver, idx);
1531 goto err_module_put;
1535 retval = tty_driver_install_tty(driver, tty);
1540 tty->port = driver->ports[idx];
1542 WARN_RATELIMIT(!tty->port,
1543 "%s: %s driver does not set tty->port. This will crash the kernel later. Fix the driver!\n",
1544 __func__, tty->driver->name);
1546 tty->port->itty = tty;
1549 * Structures all installed ... call the ldisc open routines.
1550 * If we fail here just call release_tty to clean up. No need
1551 * to decrement the use counts, as release_tty doesn't care.
1553 retval = tty_ldisc_setup(tty, tty->link);
1555 goto err_release_tty;
1556 /* Return the tty locked so that it cannot vanish under the caller */
1561 free_tty_struct(tty);
1563 module_put(driver->owner);
1564 return ERR_PTR(retval);
1566 /* call the tty release_tty routine to clean out this slot */
1569 tty_info_ratelimited(tty, "ldisc open failed (%d), clearing slot %d\n",
1571 release_tty(tty, idx);
1572 return ERR_PTR(retval);
1575 static void tty_free_termios(struct tty_struct *tty)
1577 struct ktermios *tp;
1578 int idx = tty->index;
1580 /* If the port is going to reset then it has no termios to save */
1581 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS)
1584 /* Stash the termios data */
1585 tp = tty->driver->termios[idx];
1587 tp = kmalloc(sizeof(struct ktermios), GFP_KERNEL);
1590 tty->driver->termios[idx] = tp;
1596 * tty_flush_works - flush all works of a tty/pty pair
1597 * @tty: tty device to flush works for (or either end of a pty pair)
1599 * Sync flush all works belonging to @tty (and the 'other' tty).
1601 static void tty_flush_works(struct tty_struct *tty)
1603 flush_work(&tty->SAK_work);
1604 flush_work(&tty->hangup_work);
1606 flush_work(&tty->link->SAK_work);
1607 flush_work(&tty->link->hangup_work);
1612 * release_one_tty - release tty structure memory
1613 * @kref: kref of tty we are obliterating
1615 * Releases memory associated with a tty structure, and clears out the
1616 * driver table slots. This function is called when a device is no longer
1617 * in use. It also gets called when setup of a device fails.
1620 * takes the file list lock internally when working on the list
1621 * of ttys that the driver keeps.
1623 * This method gets called from a work queue so that the driver private
1624 * cleanup ops can sleep (needed for USB at least)
1626 static void release_one_tty(struct work_struct *work)
1628 struct tty_struct *tty =
1629 container_of(work, struct tty_struct, hangup_work);
1630 struct tty_driver *driver = tty->driver;
1631 struct module *owner = driver->owner;
1633 if (tty->ops->cleanup)
1634 tty->ops->cleanup(tty);
1637 tty_driver_kref_put(driver);
1640 spin_lock(&tty->files_lock);
1641 list_del_init(&tty->tty_files);
1642 spin_unlock(&tty->files_lock);
1645 put_pid(tty->session);
1646 free_tty_struct(tty);
1649 static void queue_release_one_tty(struct kref *kref)
1651 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1653 /* The hangup queue is now free so we can reuse it rather than
1654 waste a chunk of memory for each port */
1655 INIT_WORK(&tty->hangup_work, release_one_tty);
1656 schedule_work(&tty->hangup_work);
1660 * tty_kref_put - release a tty kref
1663 * Release a reference to a tty device and if need be let the kref
1664 * layer destruct the object for us
1667 void tty_kref_put(struct tty_struct *tty)
1670 kref_put(&tty->kref, queue_release_one_tty);
1672 EXPORT_SYMBOL(tty_kref_put);
1675 * release_tty - release tty structure memory
1677 * Release both @tty and a possible linked partner (think pty pair),
1678 * and decrement the refcount of the backing module.
1682 * takes the file list lock internally when working on the list
1683 * of ttys that the driver keeps.
1686 static void release_tty(struct tty_struct *tty, int idx)
1688 /* This should always be true but check for the moment */
1689 WARN_ON(tty->index != idx);
1690 WARN_ON(!mutex_is_locked(&tty_mutex));
1691 if (tty->ops->shutdown)
1692 tty->ops->shutdown(tty);
1693 tty_free_termios(tty);
1694 tty_driver_remove_tty(tty->driver, tty);
1695 tty->port->itty = NULL;
1697 tty->link->port->itty = NULL;
1698 tty_buffer_cancel_work(tty->port);
1700 tty_kref_put(tty->link);
1705 * tty_release_checks - check a tty before real release
1706 * @tty: tty to check
1707 * @o_tty: link of @tty (if any)
1708 * @idx: index of the tty
1710 * Performs some paranoid checking before true release of the @tty.
1711 * This is a no-op unless TTY_PARANOIA_CHECK is defined.
1713 static int tty_release_checks(struct tty_struct *tty, int idx)
1715 #ifdef TTY_PARANOIA_CHECK
1716 if (idx < 0 || idx >= tty->driver->num) {
1717 tty_debug(tty, "bad idx %d\n", idx);
1721 /* not much to check for devpts */
1722 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)
1725 if (tty != tty->driver->ttys[idx]) {
1726 tty_debug(tty, "bad driver table[%d] = %p\n",
1727 idx, tty->driver->ttys[idx]);
1730 if (tty->driver->other) {
1731 struct tty_struct *o_tty = tty->link;
1733 if (o_tty != tty->driver->other->ttys[idx]) {
1734 tty_debug(tty, "bad other table[%d] = %p\n",
1735 idx, tty->driver->other->ttys[idx]);
1738 if (o_tty->link != tty) {
1739 tty_debug(tty, "bad link = %p\n", o_tty->link);
1748 * tty_release_struct - release a tty struct
1750 * @idx: index of the tty
1752 * Performs the final steps to release and free a tty device. It is
1753 * roughly the reverse of tty_init_dev.
1755 void tty_release_struct(struct tty_struct *tty, int idx)
1758 * Ask the line discipline code to release its structures
1760 tty_ldisc_release(tty);
1762 /* Wait for pending work before tty destruction commmences */
1763 tty_flush_works(tty);
1765 tty_debug_hangup(tty, "freeing structure\n");
1767 * The release_tty function takes care of the details of clearing
1768 * the slots and preserving the termios structure. The tty_unlock_pair
1769 * should be safe as we keep a kref while the tty is locked (so the
1770 * unlock never unlocks a freed tty).
1772 mutex_lock(&tty_mutex);
1773 release_tty(tty, idx);
1774 mutex_unlock(&tty_mutex);
1776 EXPORT_SYMBOL_GPL(tty_release_struct);
1779 * tty_release - vfs callback for close
1780 * @inode: inode of tty
1781 * @filp: file pointer for handle to tty
1783 * Called the last time each file handle is closed that references
1784 * this tty. There may however be several such references.
1787 * Takes bkl. See tty_release_dev
1789 * Even releasing the tty structures is a tricky business.. We have
1790 * to be very careful that the structures are all released at the
1791 * same time, as interrupts might otherwise get the wrong pointers.
1793 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1794 * lead to double frees or releasing memory still in use.
1797 int tty_release(struct inode *inode, struct file *filp)
1799 struct tty_struct *tty = file_tty(filp);
1800 struct tty_struct *o_tty = NULL;
1801 int do_sleep, final;
1806 if (tty_paranoia_check(tty, inode, __func__))
1810 check_tty_count(tty, __func__);
1812 __tty_fasync(-1, filp, 0);
1815 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1816 tty->driver->subtype == PTY_TYPE_MASTER)
1819 if (tty_release_checks(tty, idx)) {
1824 tty_debug_hangup(tty, "releasing (count=%d)\n", tty->count);
1826 if (tty->ops->close)
1827 tty->ops->close(tty, filp);
1829 /* If tty is pty master, lock the slave pty (stable lock order) */
1830 tty_lock_slave(o_tty);
1833 * Sanity check: if tty->count is going to zero, there shouldn't be
1834 * any waiters on tty->read_wait or tty->write_wait. We test the
1835 * wait queues and kick everyone out _before_ actually starting to
1836 * close. This ensures that we won't block while releasing the tty
1839 * The test for the o_tty closing is necessary, since the master and
1840 * slave sides may close in any order. If the slave side closes out
1841 * first, its count will be one, since the master side holds an open.
1842 * Thus this test wouldn't be triggered at the time the slave closed,
1848 if (tty->count <= 1) {
1849 if (waitqueue_active(&tty->read_wait)) {
1850 wake_up_poll(&tty->read_wait, POLLIN);
1853 if (waitqueue_active(&tty->write_wait)) {
1854 wake_up_poll(&tty->write_wait, POLLOUT);
1858 if (o_tty && o_tty->count <= 1) {
1859 if (waitqueue_active(&o_tty->read_wait)) {
1860 wake_up_poll(&o_tty->read_wait, POLLIN);
1863 if (waitqueue_active(&o_tty->write_wait)) {
1864 wake_up_poll(&o_tty->write_wait, POLLOUT);
1873 tty_warn(tty, "read/write wait queue active!\n");
1875 schedule_timeout_killable(timeout);
1876 if (timeout < 120 * HZ)
1877 timeout = 2 * timeout + 1;
1879 timeout = MAX_SCHEDULE_TIMEOUT;
1883 if (--o_tty->count < 0) {
1884 tty_warn(tty, "bad slave count (%d)\n", o_tty->count);
1888 if (--tty->count < 0) {
1889 tty_warn(tty, "bad tty->count (%d)\n", tty->count);
1894 * We've decremented tty->count, so we need to remove this file
1895 * descriptor off the tty->tty_files list; this serves two
1897 * - check_tty_count sees the correct number of file descriptors
1898 * associated with this tty.
1899 * - do_tty_hangup no longer sees this file descriptor as
1900 * something that needs to be handled for hangups.
1905 * Perform some housekeeping before deciding whether to return.
1907 * If _either_ side is closing, make sure there aren't any
1908 * processes that still think tty or o_tty is their controlling
1912 read_lock(&tasklist_lock);
1913 session_clear_tty(tty->session);
1915 session_clear_tty(o_tty->session);
1916 read_unlock(&tasklist_lock);
1919 /* check whether both sides are closing ... */
1920 final = !tty->count && !(o_tty && o_tty->count);
1922 tty_unlock_slave(o_tty);
1925 /* At this point, the tty->count == 0 should ensure a dead tty
1926 cannot be re-opened by a racing opener */
1931 tty_debug_hangup(tty, "final close\n");
1933 tty_release_struct(tty, idx);
1938 * tty_open_current_tty - get locked tty of current task
1939 * @device: device number
1940 * @filp: file pointer to tty
1941 * @return: locked tty of the current task iff @device is /dev/tty
1943 * Performs a re-open of the current task's controlling tty.
1945 * We cannot return driver and index like for the other nodes because
1946 * devpts will not work then. It expects inodes to be from devpts FS.
1948 static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
1950 struct tty_struct *tty;
1953 if (device != MKDEV(TTYAUX_MAJOR, 0))
1956 tty = get_current_tty();
1958 return ERR_PTR(-ENXIO);
1960 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1963 tty_kref_put(tty); /* safe to drop the kref now */
1965 retval = tty_reopen(tty);
1968 tty = ERR_PTR(retval);
1974 * tty_lookup_driver - lookup a tty driver for a given device file
1975 * @device: device number
1976 * @filp: file pointer to tty
1977 * @index: index for the device in the @return driver
1978 * @return: driver for this inode (with increased refcount)
1980 * If @return is not erroneous, the caller is responsible to decrement the
1981 * refcount by tty_driver_kref_put.
1983 * Locking: tty_mutex protects get_tty_driver
1985 static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp,
1988 struct tty_driver *driver;
1992 case MKDEV(TTY_MAJOR, 0): {
1993 extern struct tty_driver *console_driver;
1994 driver = tty_driver_kref_get(console_driver);
1995 *index = fg_console;
1999 case MKDEV(TTYAUX_MAJOR, 1): {
2000 struct tty_driver *console_driver = console_device(index);
2001 if (console_driver) {
2002 driver = tty_driver_kref_get(console_driver);
2004 /* Don't let /dev/console block */
2005 filp->f_flags |= O_NONBLOCK;
2009 return ERR_PTR(-ENODEV);
2012 driver = get_tty_driver(device, index);
2014 return ERR_PTR(-ENODEV);
2021 * tty_open_by_driver - open a tty device
2022 * @device: dev_t of device to open
2023 * @inode: inode of device file
2024 * @filp: file pointer to tty
2026 * Performs the driver lookup, checks for a reopen, or otherwise
2027 * performs the first-time tty initialization.
2029 * Returns the locked initialized or re-opened &tty_struct
2031 * Claims the global tty_mutex to serialize:
2032 * - concurrent first-time tty initialization
2033 * - concurrent tty driver removal w/ lookup
2034 * - concurrent tty removal from driver table
2036 static struct tty_struct *tty_open_by_driver(dev_t device, struct inode *inode,
2039 struct tty_struct *tty;
2040 struct tty_driver *driver = NULL;
2044 mutex_lock(&tty_mutex);
2045 driver = tty_lookup_driver(device, filp, &index);
2046 if (IS_ERR(driver)) {
2047 mutex_unlock(&tty_mutex);
2048 return ERR_CAST(driver);
2051 /* check whether we're reopening an existing tty */
2052 tty = tty_driver_lookup_tty(driver, filp, index);
2054 mutex_unlock(&tty_mutex);
2059 mutex_unlock(&tty_mutex);
2060 retval = tty_lock_interruptible(tty);
2061 tty_kref_put(tty); /* drop kref from tty_driver_lookup_tty() */
2063 if (retval == -EINTR)
2064 retval = -ERESTARTSYS;
2065 tty = ERR_PTR(retval);
2068 retval = tty_reopen(tty);
2071 tty = ERR_PTR(retval);
2073 } else { /* Returns with the tty_lock held for now */
2074 tty = tty_init_dev(driver, index);
2075 mutex_unlock(&tty_mutex);
2078 tty_driver_kref_put(driver);
2083 * tty_open - open a tty device
2084 * @inode: inode of device file
2085 * @filp: file pointer to tty
2087 * tty_open and tty_release keep up the tty count that contains the
2088 * number of opens done on a tty. We cannot use the inode-count, as
2089 * different inodes might point to the same tty.
2091 * Open-counting is needed for pty masters, as well as for keeping
2092 * track of serial lines: DTR is dropped when the last close happens.
2093 * (This is not done solely through tty->count, now. - Ted 1/27/92)
2095 * The termios state of a pty is reset on first open so that
2096 * settings don't persist across reuse.
2098 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev.
2099 * tty->count should protect the rest.
2100 * ->siglock protects ->signal/->sighand
2102 * Note: the tty_unlock/lock cases without a ref are only safe due to
2106 static int tty_open(struct inode *inode, struct file *filp)
2108 struct tty_struct *tty;
2110 dev_t device = inode->i_rdev;
2111 unsigned saved_flags = filp->f_flags;
2113 nonseekable_open(inode, filp);
2116 retval = tty_alloc_file(filp);
2120 tty = tty_open_current_tty(device, filp);
2122 tty = tty_open_by_driver(device, inode, filp);
2125 tty_free_file(filp);
2126 retval = PTR_ERR(tty);
2127 if (retval != -EAGAIN || signal_pending(current))
2133 tty_add_file(tty, filp);
2135 check_tty_count(tty, __func__);
2136 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count);
2139 retval = tty->ops->open(tty, filp);
2142 filp->f_flags = saved_flags;
2145 tty_debug_hangup(tty, "open error %d, releasing\n", retval);
2147 tty_unlock(tty); /* need to call tty_release without BTM */
2148 tty_release(inode, filp);
2149 if (retval != -ERESTARTSYS)
2152 if (signal_pending(current))
2157 * Need to reset f_op in case a hangup happened.
2159 if (tty_hung_up_p(filp))
2160 filp->f_op = &tty_fops;
2163 clear_bit(TTY_HUPPED, &tty->flags);
2166 read_lock(&tasklist_lock);
2167 spin_lock_irq(¤t->sighand->siglock);
2168 noctty = (filp->f_flags & O_NOCTTY) ||
2169 (IS_ENABLED(CONFIG_VT) && device == MKDEV(TTY_MAJOR, 0)) ||
2170 device == MKDEV(TTYAUX_MAJOR, 1) ||
2171 (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2172 tty->driver->subtype == PTY_TYPE_MASTER);
2175 current->signal->leader &&
2176 !current->signal->tty &&
2177 tty->session == NULL) {
2179 * Don't let a process that only has write access to the tty
2180 * obtain the privileges associated with having a tty as
2181 * controlling terminal (being able to reopen it with full
2182 * access through /dev/tty, being able to perform pushback).
2183 * Many distributions set the group of all ttys to "tty" and
2184 * grant write-only access to all terminals for setgid tty
2185 * binaries, which should not imply full privileges on all ttys.
2187 * This could theoretically break old code that performs open()
2188 * on a write-only file descriptor. In that case, it might be
2189 * necessary to also permit this if
2190 * inode_permission(inode, MAY_READ) == 0.
2192 if (filp->f_mode & FMODE_READ)
2193 __proc_set_tty(tty);
2195 spin_unlock_irq(¤t->sighand->siglock);
2196 read_unlock(&tasklist_lock);
2204 * tty_poll - check tty status
2205 * @filp: file being polled
2206 * @wait: poll wait structures to update
2208 * Call the line discipline polling method to obtain the poll
2209 * status of the device.
2211 * Locking: locks called line discipline but ldisc poll method
2212 * may be re-entered freely by other callers.
2215 static unsigned int tty_poll(struct file *filp, poll_table *wait)
2217 struct tty_struct *tty = file_tty(filp);
2218 struct tty_ldisc *ld;
2221 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll"))
2224 ld = tty_ldisc_ref_wait(tty);
2226 return hung_up_tty_poll(filp, wait);
2228 ret = ld->ops->poll(tty, filp, wait);
2229 tty_ldisc_deref(ld);
2233 static int __tty_fasync(int fd, struct file *filp, int on)
2235 struct tty_struct *tty = file_tty(filp);
2236 unsigned long flags;
2239 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync"))
2242 retval = fasync_helper(fd, filp, on, &tty->fasync);
2250 spin_lock_irqsave(&tty->ctrl_lock, flags);
2253 type = PIDTYPE_PGID;
2255 pid = task_pid(current);
2259 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2260 __f_setown(filp, pid, type, 0);
2268 static int tty_fasync(int fd, struct file *filp, int on)
2270 struct tty_struct *tty = file_tty(filp);
2271 int retval = -ENOTTY;
2274 if (!tty_hung_up_p(filp))
2275 retval = __tty_fasync(fd, filp, on);
2282 * tiocsti - fake input character
2283 * @tty: tty to fake input into
2284 * @p: pointer to character
2286 * Fake input to a tty device. Does the necessary locking and
2289 * FIXME: does not honour flow control ??
2292 * Called functions take tty_ldiscs_lock
2293 * current->signal->tty check is safe without locks
2295 * FIXME: may race normal receive processing
2298 static int tiocsti(struct tty_struct *tty, char __user *p)
2301 struct tty_ldisc *ld;
2303 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2305 if (get_user(ch, p))
2307 tty_audit_tiocsti(tty, ch);
2308 ld = tty_ldisc_ref_wait(tty);
2311 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2312 tty_ldisc_deref(ld);
2317 * tiocgwinsz - implement window query ioctl
2319 * @arg: user buffer for result
2321 * Copies the kernel idea of the window size into the user buffer.
2323 * Locking: tty->winsize_mutex is taken to ensure the winsize data
2327 static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2331 mutex_lock(&tty->winsize_mutex);
2332 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2333 mutex_unlock(&tty->winsize_mutex);
2335 return err ? -EFAULT: 0;
2339 * tty_do_resize - resize event
2340 * @tty: tty being resized
2341 * @rows: rows (character)
2342 * @cols: cols (character)
2344 * Update the termios variables and send the necessary signals to
2345 * peform a terminal resize correctly
2348 int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2353 mutex_lock(&tty->winsize_mutex);
2354 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2357 /* Signal the foreground process group */
2358 pgrp = tty_get_pgrp(tty);
2360 kill_pgrp(pgrp, SIGWINCH, 1);
2365 mutex_unlock(&tty->winsize_mutex);
2368 EXPORT_SYMBOL(tty_do_resize);
2371 * tiocswinsz - implement window size set ioctl
2372 * @tty; tty side of tty
2373 * @arg: user buffer for result
2375 * Copies the user idea of the window size to the kernel. Traditionally
2376 * this is just advisory information but for the Linux console it
2377 * actually has driver level meaning and triggers a VC resize.
2380 * Driver dependent. The default do_resize method takes the
2381 * tty termios mutex and ctrl_lock. The console takes its own lock
2382 * then calls into the default method.
2385 static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2387 struct winsize tmp_ws;
2388 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2391 if (tty->ops->resize)
2392 return tty->ops->resize(tty, &tmp_ws);
2394 return tty_do_resize(tty, &tmp_ws);
2398 * tioccons - allow admin to move logical console
2399 * @file: the file to become console
2401 * Allow the administrator to move the redirected console device
2403 * Locking: uses redirect_lock to guard the redirect information
2406 static int tioccons(struct file *file)
2408 if (!capable(CAP_SYS_ADMIN))
2410 if (file->f_op->write == redirected_tty_write) {
2412 spin_lock(&redirect_lock);
2415 spin_unlock(&redirect_lock);
2420 spin_lock(&redirect_lock);
2422 spin_unlock(&redirect_lock);
2425 redirect = get_file(file);
2426 spin_unlock(&redirect_lock);
2431 * fionbio - non blocking ioctl
2432 * @file: file to set blocking value
2433 * @p: user parameter
2435 * Historical tty interfaces had a blocking control ioctl before
2436 * the generic functionality existed. This piece of history is preserved
2437 * in the expected tty API of posix OS's.
2439 * Locking: none, the open file handle ensures it won't go away.
2442 static int fionbio(struct file *file, int __user *p)
2446 if (get_user(nonblock, p))
2449 spin_lock(&file->f_lock);
2451 file->f_flags |= O_NONBLOCK;
2453 file->f_flags &= ~O_NONBLOCK;
2454 spin_unlock(&file->f_lock);
2459 * tiocsctty - set controlling tty
2460 * @tty: tty structure
2461 * @arg: user argument
2463 * This ioctl is used to manage job control. It permits a session
2464 * leader to set this tty as the controlling tty for the session.
2467 * Takes tty_lock() to serialize proc_set_tty() for this tty
2468 * Takes tasklist_lock internally to walk sessions
2469 * Takes ->siglock() when updating signal->tty
2472 static int tiocsctty(struct tty_struct *tty, struct file *file, int arg)
2477 read_lock(&tasklist_lock);
2479 if (current->signal->leader && (task_session(current) == tty->session))
2483 * The process must be a session leader and
2484 * not have a controlling tty already.
2486 if (!current->signal->leader || current->signal->tty) {
2493 * This tty is already the controlling
2494 * tty for another session group!
2496 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2500 session_clear_tty(tty->session);
2507 /* See the comment in tty_open(). */
2508 if ((file->f_mode & FMODE_READ) == 0 && !capable(CAP_SYS_ADMIN)) {
2515 read_unlock(&tasklist_lock);
2521 * tty_get_pgrp - return a ref counted pgrp pid
2524 * Returns a refcounted instance of the pid struct for the process
2525 * group controlling the tty.
2528 struct pid *tty_get_pgrp(struct tty_struct *tty)
2530 unsigned long flags;
2533 spin_lock_irqsave(&tty->ctrl_lock, flags);
2534 pgrp = get_pid(tty->pgrp);
2535 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2539 EXPORT_SYMBOL_GPL(tty_get_pgrp);
2542 * This checks not only the pgrp, but falls back on the pid if no
2543 * satisfactory pgrp is found. I dunno - gdb doesn't work correctly
2546 * The caller must hold rcu lock or the tasklist lock.
2548 static struct pid *session_of_pgrp(struct pid *pgrp)
2550 struct task_struct *p;
2551 struct pid *sid = NULL;
2553 p = pid_task(pgrp, PIDTYPE_PGID);
2555 p = pid_task(pgrp, PIDTYPE_PID);
2557 sid = task_session(p);
2563 * tiocgpgrp - get process group
2564 * @tty: tty passed by user
2565 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2568 * Obtain the process group of the tty. If there is no process group
2571 * Locking: none. Reference to current->signal->tty is safe.
2574 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2579 * (tty == real_tty) is a cheap way of
2580 * testing if the tty is NOT a master pty.
2582 if (tty == real_tty && current->signal->tty != real_tty)
2584 pid = tty_get_pgrp(real_tty);
2585 ret = put_user(pid_vnr(pid), p);
2591 * tiocspgrp - attempt to set process group
2592 * @tty: tty passed by user
2593 * @real_tty: tty side device matching tty passed by user
2596 * Set the process group of the tty to the session passed. Only
2597 * permitted where the tty session is our session.
2599 * Locking: RCU, ctrl lock
2602 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2606 int retval = tty_check_change(real_tty);
2612 if (!current->signal->tty ||
2613 (current->signal->tty != real_tty) ||
2614 (real_tty->session != task_session(current)))
2616 if (get_user(pgrp_nr, p))
2621 pgrp = find_vpid(pgrp_nr);
2626 if (session_of_pgrp(pgrp) != task_session(current))
2629 spin_lock_irq(&tty->ctrl_lock);
2630 put_pid(real_tty->pgrp);
2631 real_tty->pgrp = get_pid(pgrp);
2632 spin_unlock_irq(&tty->ctrl_lock);
2639 * tiocgsid - get session id
2640 * @tty: tty passed by user
2641 * @real_tty: tty side of the tty passed by the user if a pty else the tty
2642 * @p: pointer to returned session id
2644 * Obtain the session id of the tty. If there is no session
2647 * Locking: none. Reference to current->signal->tty is safe.
2650 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2653 * (tty == real_tty) is a cheap way of
2654 * testing if the tty is NOT a master pty.
2656 if (tty == real_tty && current->signal->tty != real_tty)
2658 if (!real_tty->session)
2660 return put_user(pid_vnr(real_tty->session), p);
2664 * tiocsetd - set line discipline
2666 * @p: pointer to user data
2668 * Set the line discipline according to user request.
2670 * Locking: see tty_set_ldisc, this function is just a helper
2673 static int tiocsetd(struct tty_struct *tty, int __user *p)
2678 if (get_user(disc, p))
2681 ret = tty_set_ldisc(tty, disc);
2687 * tiocgetd - get line discipline
2689 * @p: pointer to user data
2691 * Retrieves the line discipline id directly from the ldisc.
2693 * Locking: waits for ldisc reference (in case the line discipline
2694 * is changing or the tty is being hungup)
2697 static int tiocgetd(struct tty_struct *tty, int __user *p)
2699 struct tty_ldisc *ld;
2702 ld = tty_ldisc_ref_wait(tty);
2705 ret = put_user(ld->ops->num, p);
2706 tty_ldisc_deref(ld);
2711 * send_break - performed time break
2712 * @tty: device to break on
2713 * @duration: timeout in mS
2715 * Perform a timed break on hardware that lacks its own driver level
2716 * timed break functionality.
2719 * atomic_write_lock serializes
2723 static int send_break(struct tty_struct *tty, unsigned int duration)
2727 if (tty->ops->break_ctl == NULL)
2730 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2731 retval = tty->ops->break_ctl(tty, duration);
2733 /* Do the work ourselves */
2734 if (tty_write_lock(tty, 0) < 0)
2736 retval = tty->ops->break_ctl(tty, -1);
2739 if (!signal_pending(current))
2740 msleep_interruptible(duration);
2741 retval = tty->ops->break_ctl(tty, 0);
2743 tty_write_unlock(tty);
2744 if (signal_pending(current))
2751 * tty_tiocmget - get modem status
2753 * @file: user file pointer
2754 * @p: pointer to result
2756 * Obtain the modem status bits from the tty driver if the feature
2757 * is supported. Return -EINVAL if it is not available.
2759 * Locking: none (up to the driver)
2762 static int tty_tiocmget(struct tty_struct *tty, int __user *p)
2764 int retval = -EINVAL;
2766 if (tty->ops->tiocmget) {
2767 retval = tty->ops->tiocmget(tty);
2770 retval = put_user(retval, p);
2776 * tty_tiocmset - set modem status
2778 * @cmd: command - clear bits, set bits or set all
2779 * @p: pointer to desired bits
2781 * Set the modem status bits from the tty driver if the feature
2782 * is supported. Return -EINVAL if it is not available.
2784 * Locking: none (up to the driver)
2787 static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd,
2791 unsigned int set, clear, val;
2793 if (tty->ops->tiocmset == NULL)
2796 retval = get_user(val, p);
2812 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2813 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2814 return tty->ops->tiocmset(tty, set, clear);
2817 static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2819 int retval = -EINVAL;
2820 struct serial_icounter_struct icount;
2821 memset(&icount, 0, sizeof(icount));
2822 if (tty->ops->get_icount)
2823 retval = tty->ops->get_icount(tty, &icount);
2826 if (copy_to_user(arg, &icount, sizeof(icount)))
2831 static void tty_warn_deprecated_flags(struct serial_struct __user *ss)
2833 static DEFINE_RATELIMIT_STATE(depr_flags,
2834 DEFAULT_RATELIMIT_INTERVAL,
2835 DEFAULT_RATELIMIT_BURST);
2836 char comm[TASK_COMM_LEN];
2839 if (get_user(flags, &ss->flags))
2842 flags &= ASYNC_DEPRECATED;
2844 if (flags && __ratelimit(&depr_flags))
2845 pr_warning("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n",
2846 __func__, get_task_comm(comm, current), flags);
2850 * if pty, return the slave side (real_tty)
2851 * otherwise, return self
2853 static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2855 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2856 tty->driver->subtype == PTY_TYPE_MASTER)
2862 * Split this up, as gcc can choke on it otherwise..
2864 long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2866 struct tty_struct *tty = file_tty(file);
2867 struct tty_struct *real_tty;
2868 void __user *p = (void __user *)arg;
2870 struct tty_ldisc *ld;
2872 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
2875 real_tty = tty_pair_get_tty(tty);
2878 * Factor out some common prep work
2886 retval = tty_check_change(tty);
2889 if (cmd != TIOCCBRK) {
2890 tty_wait_until_sent(tty, 0);
2891 if (signal_pending(current))
2902 return tiocsti(tty, p);
2904 return tiocgwinsz(real_tty, p);
2906 return tiocswinsz(real_tty, p);
2908 return real_tty != tty ? -EINVAL : tioccons(file);
2910 return fionbio(file, p);
2912 set_bit(TTY_EXCLUSIVE, &tty->flags);
2915 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2919 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags);
2920 return put_user(excl, (int __user *)p);
2923 if (current->signal->tty != tty)
2928 return tiocsctty(real_tty, file, arg);
2930 return tiocgpgrp(tty, real_tty, p);
2932 return tiocspgrp(tty, real_tty, p);
2934 return tiocgsid(tty, real_tty, p);
2936 return tiocgetd(tty, p);
2938 return tiocsetd(tty, p);
2940 if (!capable(CAP_SYS_ADMIN))
2946 unsigned int ret = new_encode_dev(tty_devnum(real_tty));
2947 return put_user(ret, (unsigned int __user *)p);
2952 case TIOCSBRK: /* Turn break on, unconditionally */
2953 if (tty->ops->break_ctl)
2954 return tty->ops->break_ctl(tty, -1);
2956 case TIOCCBRK: /* Turn break off, unconditionally */
2957 if (tty->ops->break_ctl)
2958 return tty->ops->break_ctl(tty, 0);
2960 case TCSBRK: /* SVID version: non-zero arg --> no break */
2961 /* non-zero arg means wait for all output data
2962 * to be sent (performed above) but don't send break.
2963 * This is used by the tcdrain() termios function.
2966 return send_break(tty, 250);
2968 case TCSBRKP: /* support for POSIX tcsendbreak() */
2969 return send_break(tty, arg ? arg*100 : 250);
2972 return tty_tiocmget(tty, p);
2976 return tty_tiocmset(tty, cmd, p);
2978 retval = tty_tiocgicount(tty, p);
2979 /* For the moment allow fall through to the old method */
2980 if (retval != -EINVAL)
2987 /* flush tty buffer and allow ldisc to process ioctl */
2988 tty_buffer_flush(tty, NULL);
2993 tty_warn_deprecated_flags(p);
2996 if (tty->ops->ioctl) {
2997 retval = tty->ops->ioctl(tty, cmd, arg);
2998 if (retval != -ENOIOCTLCMD)
3001 ld = tty_ldisc_ref_wait(tty);
3003 return hung_up_tty_ioctl(file, cmd, arg);
3005 if (ld->ops->ioctl) {
3006 retval = ld->ops->ioctl(tty, file, cmd, arg);
3007 if (retval == -ENOIOCTLCMD)
3010 tty_ldisc_deref(ld);
3014 #ifdef CONFIG_COMPAT
3015 static long tty_compat_ioctl(struct file *file, unsigned int cmd,
3018 struct tty_struct *tty = file_tty(file);
3019 struct tty_ldisc *ld;
3020 int retval = -ENOIOCTLCMD;
3022 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl"))
3025 if (tty->ops->compat_ioctl) {
3026 retval = tty->ops->compat_ioctl(tty, cmd, arg);
3027 if (retval != -ENOIOCTLCMD)
3031 ld = tty_ldisc_ref_wait(tty);
3033 return hung_up_tty_compat_ioctl(file, cmd, arg);
3034 if (ld->ops->compat_ioctl)
3035 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
3037 retval = n_tty_compat_ioctl_helper(tty, file, cmd, arg);
3038 tty_ldisc_deref(ld);
3044 static int this_tty(const void *t, struct file *file, unsigned fd)
3046 if (likely(file->f_op->read != tty_read))
3048 return file_tty(file) != t ? 0 : fd + 1;
3052 * This implements the "Secure Attention Key" --- the idea is to
3053 * prevent trojan horses by killing all processes associated with this
3054 * tty when the user hits the "Secure Attention Key". Required for
3055 * super-paranoid applications --- see the Orange Book for more details.
3057 * This code could be nicer; ideally it should send a HUP, wait a few
3058 * seconds, then send a INT, and then a KILL signal. But you then
3059 * have to coordinate with the init process, since all processes associated
3060 * with the current tty must be dead before the new getty is allowed
3063 * Now, if it would be correct ;-/ The current code has a nasty hole -
3064 * it doesn't catch files in flight. We may send the descriptor to ourselves
3065 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
3067 * Nasty bug: do_SAK is being called in interrupt context. This can
3068 * deadlock. We punt it up to process context. AKPM - 16Mar2001
3070 void __do_SAK(struct tty_struct *tty)
3075 struct task_struct *g, *p;
3076 struct pid *session;
3081 session = tty->session;
3083 tty_ldisc_flush(tty);
3085 tty_driver_flush_buffer(tty);
3087 read_lock(&tasklist_lock);
3088 /* Kill the entire session */
3089 do_each_pid_task(session, PIDTYPE_SID, p) {
3090 tty_notice(tty, "SAK: killed process %d (%s): by session\n",
3091 task_pid_nr(p), p->comm);
3092 send_sig(SIGKILL, p, 1);
3093 } while_each_pid_task(session, PIDTYPE_SID, p);
3095 /* Now kill any processes that happen to have the tty open */
3096 do_each_thread(g, p) {
3097 if (p->signal->tty == tty) {
3098 tty_notice(tty, "SAK: killed process %d (%s): by controlling tty\n",
3099 task_pid_nr(p), p->comm);
3100 send_sig(SIGKILL, p, 1);
3104 i = iterate_fd(p->files, 0, this_tty, tty);
3106 tty_notice(tty, "SAK: killed process %d (%s): by fd#%d\n",
3107 task_pid_nr(p), p->comm, i - 1);
3108 force_sig(SIGKILL, p);
3111 } while_each_thread(g, p);
3112 read_unlock(&tasklist_lock);
3116 static void do_SAK_work(struct work_struct *work)
3118 struct tty_struct *tty =
3119 container_of(work, struct tty_struct, SAK_work);
3124 * The tq handling here is a little racy - tty->SAK_work may already be queued.
3125 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
3126 * the values which we write to it will be identical to the values which it
3127 * already has. --akpm
3129 void do_SAK(struct tty_struct *tty)
3133 schedule_work(&tty->SAK_work);
3136 EXPORT_SYMBOL(do_SAK);
3138 static int dev_match_devt(struct device *dev, const void *data)
3140 const dev_t *devt = data;
3141 return dev->devt == *devt;
3144 /* Must put_device() after it's unused! */
3145 static struct device *tty_get_device(struct tty_struct *tty)
3147 dev_t devt = tty_devnum(tty);
3148 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
3155 * This subroutine allocates and initializes a tty structure.
3157 * Locking: none - tty in question is not exposed at this point
3160 struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
3162 struct tty_struct *tty;
3164 tty = kzalloc(sizeof(*tty), GFP_KERNEL);
3168 kref_init(&tty->kref);
3169 tty->magic = TTY_MAGIC;
3170 tty_ldisc_init(tty);
3171 tty->session = NULL;
3173 mutex_init(&tty->legacy_mutex);
3174 mutex_init(&tty->throttle_mutex);
3175 init_rwsem(&tty->termios_rwsem);
3176 mutex_init(&tty->winsize_mutex);
3177 init_ldsem(&tty->ldisc_sem);
3178 init_waitqueue_head(&tty->write_wait);
3179 init_waitqueue_head(&tty->read_wait);
3180 INIT_WORK(&tty->hangup_work, do_tty_hangup);
3181 mutex_init(&tty->atomic_write_lock);
3182 spin_lock_init(&tty->ctrl_lock);
3183 spin_lock_init(&tty->flow_lock);
3184 spin_lock_init(&tty->files_lock);
3185 INIT_LIST_HEAD(&tty->tty_files);
3186 INIT_WORK(&tty->SAK_work, do_SAK_work);
3188 tty->driver = driver;
3189 tty->ops = driver->ops;
3191 tty_line_name(driver, idx, tty->name);
3192 tty->dev = tty_get_device(tty);
3198 * tty_put_char - write one character to a tty
3202 * Write one byte to the tty using the provided put_char method
3203 * if present. Returns the number of characters successfully output.
3205 * Note: the specific put_char operation in the driver layer may go
3206 * away soon. Don't call it directly, use this method
3209 int tty_put_char(struct tty_struct *tty, unsigned char ch)
3211 if (tty->ops->put_char)
3212 return tty->ops->put_char(tty, ch);
3213 return tty->ops->write(tty, &ch, 1);
3215 EXPORT_SYMBOL_GPL(tty_put_char);
3217 struct class *tty_class;
3219 static int tty_cdev_add(struct tty_driver *driver, dev_t dev,
3220 unsigned int index, unsigned int count)
3224 /* init here, since reused cdevs cause crashes */
3225 driver->cdevs[index] = cdev_alloc();
3226 if (!driver->cdevs[index])
3228 driver->cdevs[index]->ops = &tty_fops;
3229 driver->cdevs[index]->owner = driver->owner;
3230 err = cdev_add(driver->cdevs[index], dev, count);
3232 kobject_put(&driver->cdevs[index]->kobj);
3237 * tty_register_device - register a tty device
3238 * @driver: the tty driver that describes the tty device
3239 * @index: the index in the tty driver for this tty device
3240 * @device: a struct device that is associated with this tty device.
3241 * This field is optional, if there is no known struct device
3242 * for this tty device it can be set to NULL safely.
3244 * Returns a pointer to the struct device for this tty device
3245 * (or ERR_PTR(-EFOO) on error).
3247 * This call is required to be made to register an individual tty device
3248 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3249 * that bit is not set, this function should not be called by a tty
3255 struct device *tty_register_device(struct tty_driver *driver, unsigned index,
3256 struct device *device)
3258 return tty_register_device_attr(driver, index, device, NULL, NULL);
3260 EXPORT_SYMBOL(tty_register_device);
3262 static void tty_device_create_release(struct device *dev)
3264 dev_dbg(dev, "releasing...\n");
3269 * tty_register_device_attr - register a tty device
3270 * @driver: the tty driver that describes the tty device
3271 * @index: the index in the tty driver for this tty device
3272 * @device: a struct device that is associated with this tty device.
3273 * This field is optional, if there is no known struct device
3274 * for this tty device it can be set to NULL safely.
3275 * @drvdata: Driver data to be set to device.
3276 * @attr_grp: Attribute group to be set on device.
3278 * Returns a pointer to the struct device for this tty device
3279 * (or ERR_PTR(-EFOO) on error).
3281 * This call is required to be made to register an individual tty device
3282 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3283 * that bit is not set, this function should not be called by a tty
3288 struct device *tty_register_device_attr(struct tty_driver *driver,
3289 unsigned index, struct device *device,
3291 const struct attribute_group **attr_grp)
3294 dev_t devt = MKDEV(driver->major, driver->minor_start) + index;
3295 struct device *dev = NULL;
3296 int retval = -ENODEV;
3299 if (index >= driver->num) {
3300 pr_err("%s: Attempt to register invalid tty line number (%d)\n",
3301 driver->name, index);
3302 return ERR_PTR(-EINVAL);
3305 if (driver->type == TTY_DRIVER_TYPE_PTY)
3306 pty_line_name(driver, index, name);
3308 tty_line_name(driver, index, name);
3310 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3311 retval = tty_cdev_add(driver, devt, index, 1);
3317 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3324 dev->class = tty_class;
3325 dev->parent = device;
3326 dev->release = tty_device_create_release;
3327 dev_set_name(dev, "%s", name);
3328 dev->groups = attr_grp;
3329 dev_set_drvdata(dev, drvdata);
3331 retval = device_register(dev);
3340 cdev_del(driver->cdevs[index]);
3341 driver->cdevs[index] = NULL;
3343 return ERR_PTR(retval);
3345 EXPORT_SYMBOL_GPL(tty_register_device_attr);
3348 * tty_unregister_device - unregister a tty device
3349 * @driver: the tty driver that describes the tty device
3350 * @index: the index in the tty driver for this tty device
3352 * If a tty device is registered with a call to tty_register_device() then
3353 * this function must be called when the tty device is gone.
3358 void tty_unregister_device(struct tty_driver *driver, unsigned index)
3360 device_destroy(tty_class,
3361 MKDEV(driver->major, driver->minor_start) + index);
3362 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3363 cdev_del(driver->cdevs[index]);
3364 driver->cdevs[index] = NULL;
3367 EXPORT_SYMBOL(tty_unregister_device);
3370 * __tty_alloc_driver -- allocate tty driver
3371 * @lines: count of lines this driver can handle at most
3372 * @owner: module which is repsonsible for this driver
3373 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags
3375 * This should not be called directly, some of the provided macros should be
3376 * used instead. Use IS_ERR and friends on @retval.
3378 struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner,
3379 unsigned long flags)
3381 struct tty_driver *driver;
3382 unsigned int cdevs = 1;
3385 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1))
3386 return ERR_PTR(-EINVAL);
3388 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
3390 return ERR_PTR(-ENOMEM);
3392 kref_init(&driver->kref);
3393 driver->magic = TTY_DRIVER_MAGIC;
3394 driver->num = lines;
3395 driver->owner = owner;
3396 driver->flags = flags;
3398 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) {
3399 driver->ttys = kcalloc(lines, sizeof(*driver->ttys),
3401 driver->termios = kcalloc(lines, sizeof(*driver->termios),
3403 if (!driver->ttys || !driver->termios) {
3409 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) {
3410 driver->ports = kcalloc(lines, sizeof(*driver->ports),
3412 if (!driver->ports) {
3419 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL);
3420 if (!driver->cdevs) {
3427 kfree(driver->ports);
3428 kfree(driver->ttys);
3429 kfree(driver->termios);
3430 kfree(driver->cdevs);
3432 return ERR_PTR(err);
3434 EXPORT_SYMBOL(__tty_alloc_driver);
3436 static void destruct_tty_driver(struct kref *kref)
3438 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
3440 struct ktermios *tp;
3442 if (driver->flags & TTY_DRIVER_INSTALLED) {
3444 * Free the termios and termios_locked structures because
3445 * we don't want to get memory leaks when modular tty
3446 * drivers are removed from the kernel.
3448 for (i = 0; i < driver->num; i++) {
3449 tp = driver->termios[i];
3451 driver->termios[i] = NULL;
3454 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
3455 tty_unregister_device(driver, i);
3457 proc_tty_unregister_driver(driver);
3458 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)
3459 cdev_del(driver->cdevs[0]);
3461 kfree(driver->cdevs);
3462 kfree(driver->ports);
3463 kfree(driver->termios);
3464 kfree(driver->ttys);
3468 void tty_driver_kref_put(struct tty_driver *driver)
3470 kref_put(&driver->kref, destruct_tty_driver);
3472 EXPORT_SYMBOL(tty_driver_kref_put);
3474 void tty_set_operations(struct tty_driver *driver,
3475 const struct tty_operations *op)
3479 EXPORT_SYMBOL(tty_set_operations);
3481 void put_tty_driver(struct tty_driver *d)
3483 tty_driver_kref_put(d);
3485 EXPORT_SYMBOL(put_tty_driver);
3488 * Called by a tty driver to register itself.
3490 int tty_register_driver(struct tty_driver *driver)
3497 if (!driver->major) {
3498 error = alloc_chrdev_region(&dev, driver->minor_start,
3499 driver->num, driver->name);
3501 driver->major = MAJOR(dev);
3502 driver->minor_start = MINOR(dev);
3505 dev = MKDEV(driver->major, driver->minor_start);
3506 error = register_chrdev_region(dev, driver->num, driver->name);
3511 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) {
3512 error = tty_cdev_add(driver, dev, 0, driver->num);
3514 goto err_unreg_char;
3517 mutex_lock(&tty_mutex);
3518 list_add(&driver->tty_drivers, &tty_drivers);
3519 mutex_unlock(&tty_mutex);
3521 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3522 for (i = 0; i < driver->num; i++) {
3523 d = tty_register_device(driver, i, NULL);
3526 goto err_unreg_devs;
3530 proc_tty_register_driver(driver);
3531 driver->flags |= TTY_DRIVER_INSTALLED;
3535 for (i--; i >= 0; i--)
3536 tty_unregister_device(driver, i);
3538 mutex_lock(&tty_mutex);
3539 list_del(&driver->tty_drivers);
3540 mutex_unlock(&tty_mutex);
3543 unregister_chrdev_region(dev, driver->num);
3547 EXPORT_SYMBOL(tty_register_driver);
3550 * Called by a tty driver to unregister itself.
3552 int tty_unregister_driver(struct tty_driver *driver)
3556 if (driver->refcount)
3559 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3561 mutex_lock(&tty_mutex);
3562 list_del(&driver->tty_drivers);
3563 mutex_unlock(&tty_mutex);
3567 EXPORT_SYMBOL(tty_unregister_driver);
3569 dev_t tty_devnum(struct tty_struct *tty)
3571 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3573 EXPORT_SYMBOL(tty_devnum);
3575 void tty_default_fops(struct file_operations *fops)
3581 * Initialize the console device. This is called *early*, so
3582 * we can't necessarily depend on lots of kernel help here.
3583 * Just do some early initializations, and do the complex setup
3586 void __init console_init(void)
3590 /* Setup the default TTY line discipline. */
3594 * set up the console device so that later boot sequences can
3595 * inform about problems etc..
3597 call = __con_initcall_start;
3598 while (call < __con_initcall_end) {
3604 static char *tty_devnode(struct device *dev, umode_t *mode)
3608 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3609 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3614 static int __init tty_class_init(void)
3616 tty_class = class_create(THIS_MODULE, "tty");
3617 if (IS_ERR(tty_class))
3618 return PTR_ERR(tty_class);
3619 tty_class->devnode = tty_devnode;
3623 postcore_initcall(tty_class_init);
3625 /* 3/2004 jmc: why do these devices exist? */
3626 static struct cdev tty_cdev, console_cdev;
3628 static ssize_t show_cons_active(struct device *dev,
3629 struct device_attribute *attr, char *buf)
3631 struct console *cs[16];
3637 for_each_console(c) {
3642 if ((c->flags & CON_ENABLED) == 0)
3645 if (i >= ARRAY_SIZE(cs))
3649 int index = cs[i]->index;
3650 struct tty_driver *drv = cs[i]->device(cs[i], &index);
3652 /* don't resolve tty0 as some programs depend on it */
3653 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR))
3654 count += tty_line_name(drv, index, buf + count);
3656 count += sprintf(buf + count, "%s%d",
3657 cs[i]->name, cs[i]->index);
3659 count += sprintf(buf + count, "%c", i ? ' ':'\n');
3665 static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL);
3667 static struct attribute *cons_dev_attrs[] = {
3668 &dev_attr_active.attr,
3672 ATTRIBUTE_GROUPS(cons_dev);
3674 static struct device *consdev;
3676 void console_sysfs_notify(void)
3679 sysfs_notify(&consdev->kobj, NULL, "active");
3683 * Ok, now we can initialize the rest of the tty devices and can count
3684 * on memory allocations, interrupts etc..
3686 int __init tty_init(void)
3688 cdev_init(&tty_cdev, &tty_fops);
3689 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3690 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3691 panic("Couldn't register /dev/tty driver\n");
3692 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty");
3694 cdev_init(&console_cdev, &console_fops);
3695 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3696 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3697 panic("Couldn't register /dev/console driver\n");
3698 consdev = device_create_with_groups(tty_class, NULL,
3699 MKDEV(TTYAUX_MAJOR, 1), NULL,
3700 cons_dev_groups, "console");
3701 if (IS_ERR(consdev))
3705 vty_init(&console_fops);
projects / karo-tx-linux.git / blob