tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / drivers / tty / tty_io.c
at v5.12-rc1 3662 lines 91 kB view raw
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (C) 1991, 1992 Linus Torvalds 4 */ 5 6/* 7 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles 8 * or rs-channels. It also implements echoing, cooked mode etc. 9 * 10 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0. 11 * 12 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the 13 * tty_struct and tty_queue structures. Previously there was an array 14 * of 256 tty_struct's which was statically allocated, and the 15 * tty_queue structures were allocated at boot time. Both are now 16 * dynamically allocated only when the tty is open. 17 * 18 * Also restructured routines so that there is more of a separation 19 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and 20 * the low-level tty routines (serial.c, pty.c, console.c). This 21 * makes for cleaner and more compact code. -TYT, 9/17/92 22 * 23 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines 24 * which can be dynamically activated and de-activated by the line 25 * discipline handling modules (like SLIP). 26 * 27 * NOTE: pay no attention to the line discipline code (yet); its 28 * interface is still subject to change in this version... 29 * -- TYT, 1/31/92 30 * 31 * Added functionality to the OPOST tty handling. No delays, but all 32 * other bits should be there. 33 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993. 34 * 35 * Rewrote canonical mode and added more termios flags. 36 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94 37 * 38 * Reorganized FASYNC support so mouse code can share it. 39 * -- ctm@ardi.com, 9Sep95 40 * 41 * New TIOCLINUX variants added. 42 * -- mj@k332.feld.cvut.cz, 19-Nov-95 43 * 44 * Restrict vt switching via ioctl() 45 * -- grif@cs.ucr.edu, 5-Dec-95 46 * 47 * Move console and virtual terminal code to more appropriate files, 48 * implement CONFIG_VT and generalize console device interface. 49 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97 50 * 51 * Rewrote tty_init_dev and tty_release_dev to eliminate races. 52 * -- Bill Hawes <whawes@star.net>, June 97 53 * 54 * Added devfs support. 55 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998 56 * 57 * Added support for a Unix98-style ptmx device. 58 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 59 * 60 * Reduced memory usage for older ARM systems 61 * -- Russell King <rmk@arm.linux.org.uk> 62 * 63 * Move do_SAK() into process context. Less stack use in devfs functions. 64 * alloc_tty_struct() always uses kmalloc() 65 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01 66 */ 67 68#include <linux/types.h> 69#include <linux/major.h> 70#include <linux/errno.h> 71#include <linux/signal.h> 72#include <linux/fcntl.h> 73#include <linux/sched/signal.h> 74#include <linux/sched/task.h> 75#include <linux/interrupt.h> 76#include <linux/tty.h> 77#include <linux/tty_driver.h> 78#include <linux/tty_flip.h> 79#include <linux/devpts_fs.h> 80#include <linux/file.h> 81#include <linux/fdtable.h> 82#include <linux/console.h> 83#include <linux/timer.h> 84#include <linux/ctype.h> 85#include <linux/kd.h> 86#include <linux/mm.h> 87#include <linux/string.h> 88#include <linux/slab.h> 89#include <linux/poll.h> 90#include <linux/ppp-ioctl.h> 91#include <linux/proc_fs.h> 92#include <linux/init.h> 93#include <linux/module.h> 94#include <linux/device.h> 95#include <linux/wait.h> 96#include <linux/bitops.h> 97#include <linux/delay.h> 98#include <linux/seq_file.h> 99#include <linux/serial.h> 100#include <linux/ratelimit.h> 101#include <linux/compat.h> 102 103#include <linux/uaccess.h> 104 105#include <linux/kbd_kern.h> 106#include <linux/vt_kern.h> 107#include <linux/selection.h> 108 109#include <linux/kmod.h> 110#include <linux/nsproxy.h> 111 112#undef TTY_DEBUG_HANGUP 113#ifdef TTY_DEBUG_HANGUP 114# define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 115#else 116# define tty_debug_hangup(tty, f, args...) do { } while (0) 117#endif 118 119#define TTY_PARANOIA_CHECK 1 120#define CHECK_TTY_COUNT 1 121 122struct ktermios tty_std_termios = { /* for the benefit of tty drivers */ 123 .c_iflag = ICRNL | IXON, 124 .c_oflag = OPOST | ONLCR, 125 .c_cflag = B38400 | CS8 | CREAD | HUPCL, 126 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK | 127 ECHOCTL | ECHOKE | IEXTEN, 128 .c_cc = INIT_C_CC, 129 .c_ispeed = 38400, 130 .c_ospeed = 38400, 131 /* .c_line = N_TTY, */ 132}; 133 134EXPORT_SYMBOL(tty_std_termios); 135 136/* This list gets poked at by procfs and various bits of boot up code. This 137 could do with some rationalisation such as pulling the tty proc function 138 into this file */ 139 140LIST_HEAD(tty_drivers); /* linked list of tty drivers */ 141 142/* Mutex to protect creating and releasing a tty */ 143DEFINE_MUTEX(tty_mutex); 144 145static ssize_t tty_read(struct kiocb *, struct iov_iter *); 146static ssize_t tty_write(struct kiocb *, struct iov_iter *); 147static __poll_t tty_poll(struct file *, poll_table *); 148static int tty_open(struct inode *, struct file *); 149#ifdef CONFIG_COMPAT 150static long tty_compat_ioctl(struct file *file, unsigned int cmd, 151 unsigned long arg); 152#else 153#define tty_compat_ioctl NULL 154#endif 155static int __tty_fasync(int fd, struct file *filp, int on); 156static int tty_fasync(int fd, struct file *filp, int on); 157static void release_tty(struct tty_struct *tty, int idx); 158 159/** 160 * free_tty_struct - free a disused tty 161 * @tty: tty struct to free 162 * 163 * Free the write buffers, tty queue and tty memory itself. 164 * 165 * Locking: none. Must be called after tty is definitely unused 166 */ 167 168static void free_tty_struct(struct tty_struct *tty) 169{ 170 tty_ldisc_deinit(tty); 171 put_device(tty->dev); 172 kfree(tty->write_buf); 173 tty->magic = 0xDEADDEAD; 174 kfree(tty); 175} 176 177static inline struct tty_struct *file_tty(struct file *file) 178{ 179 return ((struct tty_file_private *)file->private_data)->tty; 180} 181 182int tty_alloc_file(struct file *file) 183{ 184 struct tty_file_private *priv; 185 186 priv = kmalloc(sizeof(*priv), GFP_KERNEL); 187 if (!priv) 188 return -ENOMEM; 189 190 file->private_data = priv; 191 192 return 0; 193} 194 195/* Associate a new file with the tty structure */ 196void tty_add_file(struct tty_struct *tty, struct file *file) 197{ 198 struct tty_file_private *priv = file->private_data; 199 200 priv->tty = tty; 201 priv->file = file; 202 203 spin_lock(&tty->files_lock); 204 list_add(&priv->list, &tty->tty_files); 205 spin_unlock(&tty->files_lock); 206} 207 208/* 209 * tty_free_file - free file->private_data 210 * 211 * This shall be used only for fail path handling when tty_add_file was not 212 * called yet. 213 */ 214void tty_free_file(struct file *file) 215{ 216 struct tty_file_private *priv = file->private_data; 217 218 file->private_data = NULL; 219 kfree(priv); 220} 221 222/* Delete file from its tty */ 223static void tty_del_file(struct file *file) 224{ 225 struct tty_file_private *priv = file->private_data; 226 struct tty_struct *tty = priv->tty; 227 228 spin_lock(&tty->files_lock); 229 list_del(&priv->list); 230 spin_unlock(&tty->files_lock); 231 tty_free_file(file); 232} 233 234/** 235 * tty_name - return tty naming 236 * @tty: tty structure 237 * 238 * Convert a tty structure into a name. The name reflects the kernel 239 * naming policy and if udev is in use may not reflect user space 240 * 241 * Locking: none 242 */ 243 244const char *tty_name(const struct tty_struct *tty) 245{ 246 if (!tty) /* Hmm. NULL pointer. That's fun. */ 247 return "NULL tty"; 248 return tty->name; 249} 250 251EXPORT_SYMBOL(tty_name); 252 253const char *tty_driver_name(const struct tty_struct *tty) 254{ 255 if (!tty || !tty->driver) 256 return ""; 257 return tty->driver->name; 258} 259 260static int tty_paranoia_check(struct tty_struct *tty, struct inode *inode, 261 const char *routine) 262{ 263#ifdef TTY_PARANOIA_CHECK 264 if (!tty) { 265 pr_warn("(%d:%d): %s: NULL tty\n", 266 imajor(inode), iminor(inode), routine); 267 return 1; 268 } 269 if (tty->magic != TTY_MAGIC) { 270 pr_warn("(%d:%d): %s: bad magic number\n", 271 imajor(inode), iminor(inode), routine); 272 return 1; 273 } 274#endif 275 return 0; 276} 277 278/* Caller must hold tty_lock */ 279static int check_tty_count(struct tty_struct *tty, const char *routine) 280{ 281#ifdef CHECK_TTY_COUNT 282 struct list_head *p; 283 int count = 0, kopen_count = 0; 284 285 spin_lock(&tty->files_lock); 286 list_for_each(p, &tty->tty_files) { 287 count++; 288 } 289 spin_unlock(&tty->files_lock); 290 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 291 tty->driver->subtype == PTY_TYPE_SLAVE && 292 tty->link && tty->link->count) 293 count++; 294 if (tty_port_kopened(tty->port)) 295 kopen_count++; 296 if (tty->count != (count + kopen_count)) { 297 tty_warn(tty, "%s: tty->count(%d) != (#fd's(%d) + #kopen's(%d))\n", 298 routine, tty->count, count, kopen_count); 299 return (count + kopen_count); 300 } 301#endif 302 return 0; 303} 304 305/** 306 * get_tty_driver - find device of a tty 307 * @device: device identifier 308 * @index: returns the index of the tty 309 * 310 * This routine returns a tty driver structure, given a device number 311 * and also passes back the index number. 312 * 313 * Locking: caller must hold tty_mutex 314 */ 315 316static struct tty_driver *get_tty_driver(dev_t device, int *index) 317{ 318 struct tty_driver *p; 319 320 list_for_each_entry(p, &tty_drivers, tty_drivers) { 321 dev_t base = MKDEV(p->major, p->minor_start); 322 if (device < base || device >= base + p->num) 323 continue; 324 *index = device - base; 325 return tty_driver_kref_get(p); 326 } 327 return NULL; 328} 329 330/** 331 * tty_dev_name_to_number - return dev_t for device name 332 * @name: user space name of device under /dev 333 * @number: pointer to dev_t that this function will populate 334 * 335 * This function converts device names like ttyS0 or ttyUSB1 into dev_t 336 * like (4, 64) or (188, 1). If no corresponding driver is registered then 337 * the function returns -ENODEV. 338 * 339 * Locking: this acquires tty_mutex to protect the tty_drivers list from 340 * being modified while we are traversing it, and makes sure to 341 * release it before exiting. 342 */ 343int tty_dev_name_to_number(const char *name, dev_t *number) 344{ 345 struct tty_driver *p; 346 int ret; 347 int index, prefix_length = 0; 348 const char *str; 349 350 for (str = name; *str && !isdigit(*str); str++) 351 ; 352 353 if (!*str) 354 return -EINVAL; 355 356 ret = kstrtoint(str, 10, &index); 357 if (ret) 358 return ret; 359 360 prefix_length = str - name; 361 mutex_lock(&tty_mutex); 362 363 list_for_each_entry(p, &tty_drivers, tty_drivers) 364 if (prefix_length == strlen(p->name) && strncmp(name, 365 p->name, prefix_length) == 0) { 366 if (index < p->num) { 367 *number = MKDEV(p->major, p->minor_start + index); 368 goto out; 369 } 370 } 371 372 /* if here then driver wasn't found */ 373 ret = -ENODEV; 374out: 375 mutex_unlock(&tty_mutex); 376 return ret; 377} 378EXPORT_SYMBOL_GPL(tty_dev_name_to_number); 379 380#ifdef CONFIG_CONSOLE_POLL 381 382/** 383 * tty_find_polling_driver - find device of a polled tty 384 * @name: name string to match 385 * @line: pointer to resulting tty line nr 386 * 387 * This routine returns a tty driver structure, given a name 388 * and the condition that the tty driver is capable of polled 389 * operation. 390 */ 391struct tty_driver *tty_find_polling_driver(char *name, int *line) 392{ 393 struct tty_driver *p, *res = NULL; 394 int tty_line = 0; 395 int len; 396 char *str, *stp; 397 398 for (str = name; *str; str++) 399 if ((*str >= '0' && *str <= '9') || *str == ',') 400 break; 401 if (!*str) 402 return NULL; 403 404 len = str - name; 405 tty_line = simple_strtoul(str, &str, 10); 406 407 mutex_lock(&tty_mutex); 408 /* Search through the tty devices to look for a match */ 409 list_for_each_entry(p, &tty_drivers, tty_drivers) { 410 if (!len || strncmp(name, p->name, len) != 0) 411 continue; 412 stp = str; 413 if (*stp == ',') 414 stp++; 415 if (*stp == '\0') 416 stp = NULL; 417 418 if (tty_line >= 0 && tty_line < p->num && p->ops && 419 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) { 420 res = tty_driver_kref_get(p); 421 *line = tty_line; 422 break; 423 } 424 } 425 mutex_unlock(&tty_mutex); 426 427 return res; 428} 429EXPORT_SYMBOL_GPL(tty_find_polling_driver); 430#endif 431 432static ssize_t hung_up_tty_read(struct kiocb *iocb, struct iov_iter *to) 433{ 434 return 0; 435} 436 437static ssize_t hung_up_tty_write(struct kiocb *iocb, struct iov_iter *from) 438{ 439 return -EIO; 440} 441 442/* No kernel lock held - none needed ;) */ 443static __poll_t hung_up_tty_poll(struct file *filp, poll_table *wait) 444{ 445 return EPOLLIN | EPOLLOUT | EPOLLERR | EPOLLHUP | EPOLLRDNORM | EPOLLWRNORM; 446} 447 448static long hung_up_tty_ioctl(struct file *file, unsigned int cmd, 449 unsigned long arg) 450{ 451 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 452} 453 454static long hung_up_tty_compat_ioctl(struct file *file, 455 unsigned int cmd, unsigned long arg) 456{ 457 return cmd == TIOCSPGRP ? -ENOTTY : -EIO; 458} 459 460static int hung_up_tty_fasync(int fd, struct file *file, int on) 461{ 462 return -ENOTTY; 463} 464 465static void tty_show_fdinfo(struct seq_file *m, struct file *file) 466{ 467 struct tty_struct *tty = file_tty(file); 468 469 if (tty && tty->ops && tty->ops->show_fdinfo) 470 tty->ops->show_fdinfo(tty, m); 471} 472 473static const struct file_operations tty_fops = { 474 .llseek = no_llseek, 475 .read_iter = tty_read, 476 .write_iter = tty_write, 477 .splice_read = generic_file_splice_read, 478 .splice_write = iter_file_splice_write, 479 .poll = tty_poll, 480 .unlocked_ioctl = tty_ioctl, 481 .compat_ioctl = tty_compat_ioctl, 482 .open = tty_open, 483 .release = tty_release, 484 .fasync = tty_fasync, 485 .show_fdinfo = tty_show_fdinfo, 486}; 487 488static const struct file_operations console_fops = { 489 .llseek = no_llseek, 490 .read_iter = tty_read, 491 .write_iter = redirected_tty_write, 492 .splice_read = generic_file_splice_read, 493 .splice_write = iter_file_splice_write, 494 .poll = tty_poll, 495 .unlocked_ioctl = tty_ioctl, 496 .compat_ioctl = tty_compat_ioctl, 497 .open = tty_open, 498 .release = tty_release, 499 .fasync = tty_fasync, 500}; 501 502static const struct file_operations hung_up_tty_fops = { 503 .llseek = no_llseek, 504 .read_iter = hung_up_tty_read, 505 .write_iter = hung_up_tty_write, 506 .poll = hung_up_tty_poll, 507 .unlocked_ioctl = hung_up_tty_ioctl, 508 .compat_ioctl = hung_up_tty_compat_ioctl, 509 .release = tty_release, 510 .fasync = hung_up_tty_fasync, 511}; 512 513static DEFINE_SPINLOCK(redirect_lock); 514static struct file *redirect; 515 516/** 517 * tty_wakeup - request more data 518 * @tty: terminal 519 * 520 * Internal and external helper for wakeups of tty. This function 521 * informs the line discipline if present that the driver is ready 522 * to receive more output data. 523 */ 524 525void tty_wakeup(struct tty_struct *tty) 526{ 527 struct tty_ldisc *ld; 528 529 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) { 530 ld = tty_ldisc_ref(tty); 531 if (ld) { 532 if (ld->ops->write_wakeup) 533 ld->ops->write_wakeup(tty); 534 tty_ldisc_deref(ld); 535 } 536 } 537 wake_up_interruptible_poll(&tty->write_wait, EPOLLOUT); 538} 539 540EXPORT_SYMBOL_GPL(tty_wakeup); 541 542/** 543 * tty_release_redirect - Release a redirect on a pty if present 544 * @tty: tty device 545 * 546 * This is available to the pty code so if the master closes, if the 547 * slave is a redirect it can release the redirect. It returns the 548 * filp for the redirect, which must be fput when the operations on 549 * the tty are completed. 550 */ 551struct file *tty_release_redirect(struct tty_struct *tty) 552{ 553 struct file *f = NULL; 554 555 spin_lock(&redirect_lock); 556 if (redirect && file_tty(redirect) == tty) { 557 f = redirect; 558 redirect = NULL; 559 } 560 spin_unlock(&redirect_lock); 561 562 return f; 563} 564 565/** 566 * __tty_hangup - actual handler for hangup events 567 * @tty: tty device 568 * @exit_session: if non-zero, signal all foreground group processes 569 * 570 * This can be called by a "kworker" kernel thread. That is process 571 * synchronous but doesn't hold any locks, so we need to make sure we 572 * have the appropriate locks for what we're doing. 573 * 574 * The hangup event clears any pending redirections onto the hung up 575 * device. It ensures future writes will error and it does the needed 576 * line discipline hangup and signal delivery. The tty object itself 577 * remains intact. 578 * 579 * Locking: 580 * BTM 581 * redirect lock for undoing redirection 582 * file list lock for manipulating list of ttys 583 * tty_ldiscs_lock from called functions 584 * termios_rwsem resetting termios data 585 * tasklist_lock to walk task list for hangup event 586 * ->siglock to protect ->signal/->sighand 587 */ 588static void __tty_hangup(struct tty_struct *tty, int exit_session) 589{ 590 struct file *cons_filp = NULL; 591 struct file *filp, *f; 592 struct tty_file_private *priv; 593 int closecount = 0, n; 594 int refs; 595 596 if (!tty) 597 return; 598 599 f = tty_release_redirect(tty); 600 601 tty_lock(tty); 602 603 if (test_bit(TTY_HUPPED, &tty->flags)) { 604 tty_unlock(tty); 605 return; 606 } 607 608 /* 609 * Some console devices aren't actually hung up for technical and 610 * historical reasons, which can lead to indefinite interruptible 611 * sleep in n_tty_read(). The following explicitly tells 612 * n_tty_read() to abort readers. 613 */ 614 set_bit(TTY_HUPPING, &tty->flags); 615 616 /* inuse_filps is protected by the single tty lock, 617 this really needs to change if we want to flush the 618 workqueue with the lock held */ 619 check_tty_count(tty, "tty_hangup"); 620 621 spin_lock(&tty->files_lock); 622 /* This breaks for file handles being sent over AF_UNIX sockets ? */ 623 list_for_each_entry(priv, &tty->tty_files, list) { 624 filp = priv->file; 625 if (filp->f_op->write_iter == redirected_tty_write) 626 cons_filp = filp; 627 if (filp->f_op->write_iter != tty_write) 628 continue; 629 closecount++; 630 __tty_fasync(-1, filp, 0); /* can't block */ 631 filp->f_op = &hung_up_tty_fops; 632 } 633 spin_unlock(&tty->files_lock); 634 635 refs = tty_signal_session_leader(tty, exit_session); 636 /* Account for the p->signal references we killed */ 637 while (refs--) 638 tty_kref_put(tty); 639 640 tty_ldisc_hangup(tty, cons_filp != NULL); 641 642 spin_lock_irq(&tty->ctrl_lock); 643 clear_bit(TTY_THROTTLED, &tty->flags); 644 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 645 put_pid(tty->session); 646 put_pid(tty->pgrp); 647 tty->session = NULL; 648 tty->pgrp = NULL; 649 tty->ctrl_status = 0; 650 spin_unlock_irq(&tty->ctrl_lock); 651 652 /* 653 * If one of the devices matches a console pointer, we 654 * cannot just call hangup() because that will cause 655 * tty->count and state->count to go out of sync. 656 * So we just call close() the right number of times. 657 */ 658 if (cons_filp) { 659 if (tty->ops->close) 660 for (n = 0; n < closecount; n++) 661 tty->ops->close(tty, cons_filp); 662 } else if (tty->ops->hangup) 663 tty->ops->hangup(tty); 664 /* 665 * We don't want to have driver/ldisc interactions beyond the ones 666 * we did here. The driver layer expects no calls after ->hangup() 667 * from the ldisc side, which is now guaranteed. 668 */ 669 set_bit(TTY_HUPPED, &tty->flags); 670 clear_bit(TTY_HUPPING, &tty->flags); 671 tty_unlock(tty); 672 673 if (f) 674 fput(f); 675} 676 677static void do_tty_hangup(struct work_struct *work) 678{ 679 struct tty_struct *tty = 680 container_of(work, struct tty_struct, hangup_work); 681 682 __tty_hangup(tty, 0); 683} 684 685/** 686 * tty_hangup - trigger a hangup event 687 * @tty: tty to hangup 688 * 689 * A carrier loss (virtual or otherwise) has occurred on this like 690 * schedule a hangup sequence to run after this event. 691 */ 692 693void tty_hangup(struct tty_struct *tty) 694{ 695 tty_debug_hangup(tty, "hangup\n"); 696 schedule_work(&tty->hangup_work); 697} 698 699EXPORT_SYMBOL(tty_hangup); 700 701/** 702 * tty_vhangup - process vhangup 703 * @tty: tty to hangup 704 * 705 * The user has asked via system call for the terminal to be hung up. 706 * We do this synchronously so that when the syscall returns the process 707 * is complete. That guarantee is necessary for security reasons. 708 */ 709 710void tty_vhangup(struct tty_struct *tty) 711{ 712 tty_debug_hangup(tty, "vhangup\n"); 713 __tty_hangup(tty, 0); 714} 715 716EXPORT_SYMBOL(tty_vhangup); 717 718 719/** 720 * tty_vhangup_self - process vhangup for own ctty 721 * 722 * Perform a vhangup on the current controlling tty 723 */ 724 725void tty_vhangup_self(void) 726{ 727 struct tty_struct *tty; 728 729 tty = get_current_tty(); 730 if (tty) { 731 tty_vhangup(tty); 732 tty_kref_put(tty); 733 } 734} 735 736/** 737 * tty_vhangup_session - hangup session leader exit 738 * @tty: tty to hangup 739 * 740 * The session leader is exiting and hanging up its controlling terminal. 741 * Every process in the foreground process group is signalled SIGHUP. 742 * 743 * We do this synchronously so that when the syscall returns the process 744 * is complete. That guarantee is necessary for security reasons. 745 */ 746 747void tty_vhangup_session(struct tty_struct *tty) 748{ 749 tty_debug_hangup(tty, "session hangup\n"); 750 __tty_hangup(tty, 1); 751} 752 753/** 754 * tty_hung_up_p - was tty hung up 755 * @filp: file pointer of tty 756 * 757 * Return true if the tty has been subject to a vhangup or a carrier 758 * loss 759 */ 760 761int tty_hung_up_p(struct file *filp) 762{ 763 return (filp && filp->f_op == &hung_up_tty_fops); 764} 765 766EXPORT_SYMBOL(tty_hung_up_p); 767 768/** 769 * stop_tty - propagate flow control 770 * @tty: tty to stop 771 * 772 * Perform flow control to the driver. May be called 773 * on an already stopped device and will not re-call the driver 774 * method. 775 * 776 * This functionality is used by both the line disciplines for 777 * halting incoming flow and by the driver. It may therefore be 778 * called from any context, may be under the tty atomic_write_lock 779 * but not always. 780 * 781 * Locking: 782 * flow_lock 783 */ 784 785void __stop_tty(struct tty_struct *tty) 786{ 787 if (tty->stopped) 788 return; 789 tty->stopped = 1; 790 if (tty->ops->stop) 791 tty->ops->stop(tty); 792} 793 794void stop_tty(struct tty_struct *tty) 795{ 796 unsigned long flags; 797 798 spin_lock_irqsave(&tty->flow_lock, flags); 799 __stop_tty(tty); 800 spin_unlock_irqrestore(&tty->flow_lock, flags); 801} 802EXPORT_SYMBOL(stop_tty); 803 804/** 805 * start_tty - propagate flow control 806 * @tty: tty to start 807 * 808 * Start a tty that has been stopped if at all possible. If this 809 * tty was previous stopped and is now being started, the driver 810 * start method is invoked and the line discipline woken. 811 * 812 * Locking: 813 * flow_lock 814 */ 815 816void __start_tty(struct tty_struct *tty) 817{ 818 if (!tty->stopped || tty->flow_stopped) 819 return; 820 tty->stopped = 0; 821 if (tty->ops->start) 822 tty->ops->start(tty); 823 tty_wakeup(tty); 824} 825 826void start_tty(struct tty_struct *tty) 827{ 828 unsigned long flags; 829 830 spin_lock_irqsave(&tty->flow_lock, flags); 831 __start_tty(tty); 832 spin_unlock_irqrestore(&tty->flow_lock, flags); 833} 834EXPORT_SYMBOL(start_tty); 835 836static void tty_update_time(struct timespec64 *time) 837{ 838 time64_t sec = ktime_get_real_seconds(); 839 840 /* 841 * We only care if the two values differ in anything other than the 842 * lower three bits (i.e every 8 seconds). If so, then we can update 843 * the time of the tty device, otherwise it could be construded as a 844 * security leak to let userspace know the exact timing of the tty. 845 */ 846 if ((sec ^ time->tv_sec) & ~7) 847 time->tv_sec = sec; 848} 849 850/* 851 * Iterate on the ldisc ->read() function until we've gotten all 852 * the data the ldisc has for us. 853 * 854 * The "cookie" is something that the ldisc read function can fill 855 * in to let us know that there is more data to be had. 856 * 857 * We promise to continue to call the ldisc until it stops returning 858 * data or clears the cookie. The cookie may be something that the 859 * ldisc maintains state for and needs to free. 860 */ 861static int iterate_tty_read(struct tty_ldisc *ld, struct tty_struct *tty, 862 struct file *file, struct iov_iter *to) 863{ 864 int retval = 0; 865 void *cookie = NULL; 866 unsigned long offset = 0; 867 char kernel_buf[64]; 868 size_t count = iov_iter_count(to); 869 870 do { 871 int size, copied; 872 873 size = count > sizeof(kernel_buf) ? sizeof(kernel_buf) : count; 874 size = ld->ops->read(tty, file, kernel_buf, size, &cookie, offset); 875 if (!size) 876 break; 877 878 if (size < 0) { 879 /* Did we have an earlier error (ie -EFAULT)? */ 880 if (retval) 881 break; 882 retval = size; 883 884 /* 885 * -EOVERFLOW means we didn't have enough space 886 * for a whole packet, and we shouldn't return 887 * a partial result. 888 */ 889 if (retval == -EOVERFLOW) 890 offset = 0; 891 break; 892 } 893 894 copied = copy_to_iter(kernel_buf, size, to); 895 offset += copied; 896 count -= copied; 897 898 /* 899 * If the user copy failed, we still need to do another ->read() 900 * call if we had a cookie to let the ldisc clear up. 901 * 902 * But make sure size is zeroed. 903 */ 904 if (unlikely(copied != size)) { 905 count = 0; 906 retval = -EFAULT; 907 } 908 } while (cookie); 909 910 /* We always clear tty buffer in case they contained passwords */ 911 memzero_explicit(kernel_buf, sizeof(kernel_buf)); 912 return offset ? offset : retval; 913} 914 915 916/** 917 * tty_read - read method for tty device files 918 * @file: pointer to tty file 919 * @buf: user buffer 920 * @count: size of user buffer 921 * @ppos: unused 922 * 923 * Perform the read system call function on this terminal device. Checks 924 * for hung up devices before calling the line discipline method. 925 * 926 * Locking: 927 * Locks the line discipline internally while needed. Multiple 928 * read calls may be outstanding in parallel. 929 */ 930 931static ssize_t tty_read(struct kiocb *iocb, struct iov_iter *to) 932{ 933 int i; 934 struct file *file = iocb->ki_filp; 935 struct inode *inode = file_inode(file); 936 struct tty_struct *tty = file_tty(file); 937 struct tty_ldisc *ld; 938 939 if (tty_paranoia_check(tty, inode, "tty_read")) 940 return -EIO; 941 if (!tty || tty_io_error(tty)) 942 return -EIO; 943 944 /* We want to wait for the line discipline to sort out in this 945 situation */ 946 ld = tty_ldisc_ref_wait(tty); 947 if (!ld) 948 return hung_up_tty_read(iocb, to); 949 i = -EIO; 950 if (ld->ops->read) 951 i = iterate_tty_read(ld, tty, file, to); 952 tty_ldisc_deref(ld); 953 954 if (i > 0) 955 tty_update_time(&inode->i_atime); 956 957 return i; 958} 959 960static void tty_write_unlock(struct tty_struct *tty) 961{ 962 mutex_unlock(&tty->atomic_write_lock); 963 wake_up_interruptible_poll(&tty->write_wait, EPOLLOUT); 964} 965 966static int tty_write_lock(struct tty_struct *tty, int ndelay) 967{ 968 if (!mutex_trylock(&tty->atomic_write_lock)) { 969 if (ndelay) 970 return -EAGAIN; 971 if (mutex_lock_interruptible(&tty->atomic_write_lock)) 972 return -ERESTARTSYS; 973 } 974 return 0; 975} 976 977/* 978 * Split writes up in sane blocksizes to avoid 979 * denial-of-service type attacks 980 */ 981static inline ssize_t do_tty_write( 982 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t), 983 struct tty_struct *tty, 984 struct file *file, 985 struct iov_iter *from) 986{ 987 size_t count = iov_iter_count(from); 988 ssize_t ret, written = 0; 989 unsigned int chunk; 990 991 ret = tty_write_lock(tty, file->f_flags & O_NDELAY); 992 if (ret < 0) 993 return ret; 994 995 /* 996 * We chunk up writes into a temporary buffer. This 997 * simplifies low-level drivers immensely, since they 998 * don't have locking issues and user mode accesses. 999 * 1000 * But if TTY_NO_WRITE_SPLIT is set, we should use a 1001 * big chunk-size.. 1002 * 1003 * The default chunk-size is 2kB, because the NTTY 1004 * layer has problems with bigger chunks. It will 1005 * claim to be able to handle more characters than 1006 * it actually does. 1007 * 1008 * FIXME: This can probably go away now except that 64K chunks 1009 * are too likely to fail unless switched to vmalloc... 1010 */ 1011 chunk = 2048; 1012 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags)) 1013 chunk = 65536; 1014 if (count < chunk) 1015 chunk = count; 1016 1017 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */ 1018 if (tty->write_cnt < chunk) { 1019 unsigned char *buf_chunk; 1020 1021 if (chunk < 1024) 1022 chunk = 1024; 1023 1024 buf_chunk = kmalloc(chunk, GFP_KERNEL); 1025 if (!buf_chunk) { 1026 ret = -ENOMEM; 1027 goto out; 1028 } 1029 kfree(tty->write_buf); 1030 tty->write_cnt = chunk; 1031 tty->write_buf = buf_chunk; 1032 } 1033 1034 /* Do the write .. */ 1035 for (;;) { 1036 size_t size = count; 1037 if (size > chunk) 1038 size = chunk; 1039 1040 ret = -EFAULT; 1041 if (copy_from_iter(tty->write_buf, size, from) != size) 1042 break; 1043 1044 ret = write(tty, file, tty->write_buf, size); 1045 if (ret <= 0) 1046 break; 1047 1048 written += ret; 1049 if (ret > size) 1050 break; 1051 1052 /* FIXME! Have Al check this! */ 1053 if (ret != size) 1054 iov_iter_revert(from, size-ret); 1055 1056 count -= ret; 1057 if (!count) 1058 break; 1059 ret = -ERESTARTSYS; 1060 if (signal_pending(current)) 1061 break; 1062 cond_resched(); 1063 } 1064 if (written) { 1065 tty_update_time(&file_inode(file)->i_mtime); 1066 ret = written; 1067 } 1068out: 1069 tty_write_unlock(tty); 1070 return ret; 1071} 1072 1073/** 1074 * tty_write_message - write a message to a certain tty, not just the console. 1075 * @tty: the destination tty_struct 1076 * @msg: the message to write 1077 * 1078 * This is used for messages that need to be redirected to a specific tty. 1079 * We don't put it into the syslog queue right now maybe in the future if 1080 * really needed. 1081 * 1082 * We must still hold the BTM and test the CLOSING flag for the moment. 1083 */ 1084 1085void tty_write_message(struct tty_struct *tty, char *msg) 1086{ 1087 if (tty) { 1088 mutex_lock(&tty->atomic_write_lock); 1089 tty_lock(tty); 1090 if (tty->ops->write && tty->count > 0) 1091 tty->ops->write(tty, msg, strlen(msg)); 1092 tty_unlock(tty); 1093 tty_write_unlock(tty); 1094 } 1095 return; 1096} 1097 1098 1099/** 1100 * tty_write - write method for tty device file 1101 * @file: tty file pointer 1102 * @buf: user data to write 1103 * @count: bytes to write 1104 * @ppos: unused 1105 * 1106 * Write data to a tty device via the line discipline. 1107 * 1108 * Locking: 1109 * Locks the line discipline as required 1110 * Writes to the tty driver are serialized by the atomic_write_lock 1111 * and are then processed in chunks to the device. The line discipline 1112 * write method will not be invoked in parallel for each device. 1113 */ 1114 1115static ssize_t file_tty_write(struct file *file, struct kiocb *iocb, struct iov_iter *from) 1116{ 1117 struct tty_struct *tty = file_tty(file); 1118 struct tty_ldisc *ld; 1119 ssize_t ret; 1120 1121 if (tty_paranoia_check(tty, file_inode(file), "tty_write")) 1122 return -EIO; 1123 if (!tty || !tty->ops->write || tty_io_error(tty)) 1124 return -EIO; 1125 /* Short term debug to catch buggy drivers */ 1126 if (tty->ops->write_room == NULL) 1127 tty_err(tty, "missing write_room method\n"); 1128 ld = tty_ldisc_ref_wait(tty); 1129 if (!ld) 1130 return hung_up_tty_write(iocb, from); 1131 if (!ld->ops->write) 1132 ret = -EIO; 1133 else 1134 ret = do_tty_write(ld->ops->write, tty, file, from); 1135 tty_ldisc_deref(ld); 1136 return ret; 1137} 1138 1139static ssize_t tty_write(struct kiocb *iocb, struct iov_iter *from) 1140{ 1141 return file_tty_write(iocb->ki_filp, iocb, from); 1142} 1143 1144ssize_t redirected_tty_write(struct kiocb *iocb, struct iov_iter *iter) 1145{ 1146 struct file *p = NULL; 1147 1148 spin_lock(&redirect_lock); 1149 if (redirect) 1150 p = get_file(redirect); 1151 spin_unlock(&redirect_lock); 1152 1153 /* 1154 * We know the redirected tty is just another tty, we can can 1155 * call file_tty_write() directly with that file pointer. 1156 */ 1157 if (p) { 1158 ssize_t res; 1159 res = file_tty_write(p, iocb, iter); 1160 fput(p); 1161 return res; 1162 } 1163 return tty_write(iocb, iter); 1164} 1165 1166/* 1167 * tty_send_xchar - send priority character 1168 * 1169 * Send a high priority character to the tty even if stopped 1170 * 1171 * Locking: none for xchar method, write ordering for write method. 1172 */ 1173 1174int tty_send_xchar(struct tty_struct *tty, char ch) 1175{ 1176 int was_stopped = tty->stopped; 1177 1178 if (tty->ops->send_xchar) { 1179 down_read(&tty->termios_rwsem); 1180 tty->ops->send_xchar(tty, ch); 1181 up_read(&tty->termios_rwsem); 1182 return 0; 1183 } 1184 1185 if (tty_write_lock(tty, 0) < 0) 1186 return -ERESTARTSYS; 1187 1188 down_read(&tty->termios_rwsem); 1189 if (was_stopped) 1190 start_tty(tty); 1191 tty->ops->write(tty, &ch, 1); 1192 if (was_stopped) 1193 stop_tty(tty); 1194 up_read(&tty->termios_rwsem); 1195 tty_write_unlock(tty); 1196 return 0; 1197} 1198 1199static char ptychar[] = "pqrstuvwxyzabcde"; 1200 1201/** 1202 * pty_line_name - generate name for a pty 1203 * @driver: the tty driver in use 1204 * @index: the minor number 1205 * @p: output buffer of at least 6 bytes 1206 * 1207 * Generate a name from a driver reference and write it to the output 1208 * buffer. 1209 * 1210 * Locking: None 1211 */ 1212static void pty_line_name(struct tty_driver *driver, int index, char *p) 1213{ 1214 int i = index + driver->name_base; 1215 /* ->name is initialized to "ttyp", but "tty" is expected */ 1216 sprintf(p, "%s%c%x", 1217 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name, 1218 ptychar[i >> 4 & 0xf], i & 0xf); 1219} 1220 1221/** 1222 * tty_line_name - generate name for a tty 1223 * @driver: the tty driver in use 1224 * @index: the minor number 1225 * @p: output buffer of at least 7 bytes 1226 * 1227 * Generate a name from a driver reference and write it to the output 1228 * buffer. 1229 * 1230 * Locking: None 1231 */ 1232static ssize_t tty_line_name(struct tty_driver *driver, int index, char *p) 1233{ 1234 if (driver->flags & TTY_DRIVER_UNNUMBERED_NODE) 1235 return sprintf(p, "%s", driver->name); 1236 else 1237 return sprintf(p, "%s%d", driver->name, 1238 index + driver->name_base); 1239} 1240 1241/** 1242 * tty_driver_lookup_tty() - find an existing tty, if any 1243 * @driver: the driver for the tty 1244 * @file: file object 1245 * @idx: the minor number 1246 * 1247 * Return the tty, if found. If not found, return NULL or ERR_PTR() if the 1248 * driver lookup() method returns an error. 1249 * 1250 * Locking: tty_mutex must be held. If the tty is found, bump the tty kref. 1251 */ 1252static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver, 1253 struct file *file, int idx) 1254{ 1255 struct tty_struct *tty; 1256 1257 if (driver->ops->lookup) 1258 if (!file) 1259 tty = ERR_PTR(-EIO); 1260 else 1261 tty = driver->ops->lookup(driver, file, idx); 1262 else 1263 tty = driver->ttys[idx]; 1264 1265 if (!IS_ERR(tty)) 1266 tty_kref_get(tty); 1267 return tty; 1268} 1269 1270/** 1271 * tty_init_termios - helper for termios setup 1272 * @tty: the tty to set up 1273 * 1274 * Initialise the termios structure for this tty. This runs under 1275 * the tty_mutex currently so we can be relaxed about ordering. 1276 */ 1277 1278void tty_init_termios(struct tty_struct *tty) 1279{ 1280 struct ktermios *tp; 1281 int idx = tty->index; 1282 1283 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1284 tty->termios = tty->driver->init_termios; 1285 else { 1286 /* Check for lazy saved data */ 1287 tp = tty->driver->termios[idx]; 1288 if (tp != NULL) { 1289 tty->termios = *tp; 1290 tty->termios.c_line = tty->driver->init_termios.c_line; 1291 } else 1292 tty->termios = tty->driver->init_termios; 1293 } 1294 /* Compatibility until drivers always set this */ 1295 tty->termios.c_ispeed = tty_termios_input_baud_rate(&tty->termios); 1296 tty->termios.c_ospeed = tty_termios_baud_rate(&tty->termios); 1297} 1298EXPORT_SYMBOL_GPL(tty_init_termios); 1299 1300int tty_standard_install(struct tty_driver *driver, struct tty_struct *tty) 1301{ 1302 tty_init_termios(tty); 1303 tty_driver_kref_get(driver); 1304 tty->count++; 1305 driver->ttys[tty->index] = tty; 1306 return 0; 1307} 1308EXPORT_SYMBOL_GPL(tty_standard_install); 1309 1310/** 1311 * tty_driver_install_tty() - install a tty entry in the driver 1312 * @driver: the driver for the tty 1313 * @tty: the tty 1314 * 1315 * Install a tty object into the driver tables. The tty->index field 1316 * will be set by the time this is called. This method is responsible 1317 * for ensuring any need additional structures are allocated and 1318 * configured. 1319 * 1320 * Locking: tty_mutex for now 1321 */ 1322static int tty_driver_install_tty(struct tty_driver *driver, 1323 struct tty_struct *tty) 1324{ 1325 return driver->ops->install ? driver->ops->install(driver, tty) : 1326 tty_standard_install(driver, tty); 1327} 1328 1329/** 1330 * tty_driver_remove_tty() - remove a tty from the driver tables 1331 * @driver: the driver for the tty 1332 * @tty: tty to remove 1333 * 1334 * Remvoe a tty object from the driver tables. The tty->index field 1335 * will be set by the time this is called. 1336 * 1337 * Locking: tty_mutex for now 1338 */ 1339static void tty_driver_remove_tty(struct tty_driver *driver, struct tty_struct *tty) 1340{ 1341 if (driver->ops->remove) 1342 driver->ops->remove(driver, tty); 1343 else 1344 driver->ttys[tty->index] = NULL; 1345} 1346 1347/** 1348 * tty_reopen() - fast re-open of an open tty 1349 * @tty: the tty to open 1350 * 1351 * Return 0 on success, -errno on error. 1352 * Re-opens on master ptys are not allowed and return -EIO. 1353 * 1354 * Locking: Caller must hold tty_lock 1355 */ 1356static int tty_reopen(struct tty_struct *tty) 1357{ 1358 struct tty_driver *driver = tty->driver; 1359 struct tty_ldisc *ld; 1360 int retval = 0; 1361 1362 if (driver->type == TTY_DRIVER_TYPE_PTY && 1363 driver->subtype == PTY_TYPE_MASTER) 1364 return -EIO; 1365 1366 if (!tty->count) 1367 return -EAGAIN; 1368 1369 if (test_bit(TTY_EXCLUSIVE, &tty->flags) && !capable(CAP_SYS_ADMIN)) 1370 return -EBUSY; 1371 1372 ld = tty_ldisc_ref_wait(tty); 1373 if (ld) { 1374 tty_ldisc_deref(ld); 1375 } else { 1376 retval = tty_ldisc_lock(tty, 5 * HZ); 1377 if (retval) 1378 return retval; 1379 1380 if (!tty->ldisc) 1381 retval = tty_ldisc_reinit(tty, tty->termios.c_line); 1382 tty_ldisc_unlock(tty); 1383 } 1384 1385 if (retval == 0) 1386 tty->count++; 1387 1388 return retval; 1389} 1390 1391/** 1392 * tty_init_dev - initialise a tty device 1393 * @driver: tty driver we are opening a device on 1394 * @idx: device index 1395 * 1396 * Prepare a tty device. This may not be a "new" clean device but 1397 * could also be an active device. The pty drivers require special 1398 * handling because of this. 1399 * 1400 * Locking: 1401 * The function is called under the tty_mutex, which 1402 * protects us from the tty struct or driver itself going away. 1403 * 1404 * On exit the tty device has the line discipline attached and 1405 * a reference count of 1. If a pair was created for pty/tty use 1406 * and the other was a pty master then it too has a reference count of 1. 1407 * 1408 * WSH 06/09/97: Rewritten to remove races and properly clean up after a 1409 * failed open. The new code protects the open with a mutex, so it's 1410 * really quite straightforward. The mutex locking can probably be 1411 * relaxed for the (most common) case of reopening a tty. 1412 * 1413 * Return: returned tty structure 1414 */ 1415 1416struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx) 1417{ 1418 struct tty_struct *tty; 1419 int retval; 1420 1421 /* 1422 * First time open is complex, especially for PTY devices. 1423 * This code guarantees that either everything succeeds and the 1424 * TTY is ready for operation, or else the table slots are vacated 1425 * and the allocated memory released. (Except that the termios 1426 * may be retained.) 1427 */ 1428 1429 if (!try_module_get(driver->owner)) 1430 return ERR_PTR(-ENODEV); 1431 1432 tty = alloc_tty_struct(driver, idx); 1433 if (!tty) { 1434 retval = -ENOMEM; 1435 goto err_module_put; 1436 } 1437 1438 tty_lock(tty); 1439 retval = tty_driver_install_tty(driver, tty); 1440 if (retval < 0) 1441 goto err_free_tty; 1442 1443 if (!tty->port) 1444 tty->port = driver->ports[idx]; 1445 1446 if (WARN_RATELIMIT(!tty->port, 1447 "%s: %s driver does not set tty->port. This would crash the kernel. Fix the driver!\n", 1448 __func__, tty->driver->name)) { 1449 retval = -EINVAL; 1450 goto err_release_lock; 1451 } 1452 1453 retval = tty_ldisc_lock(tty, 5 * HZ); 1454 if (retval) 1455 goto err_release_lock; 1456 tty->port->itty = tty; 1457 1458 /* 1459 * Structures all installed ... call the ldisc open routines. 1460 * If we fail here just call release_tty to clean up. No need 1461 * to decrement the use counts, as release_tty doesn't care. 1462 */ 1463 retval = tty_ldisc_setup(tty, tty->link); 1464 if (retval) 1465 goto err_release_tty; 1466 tty_ldisc_unlock(tty); 1467 /* Return the tty locked so that it cannot vanish under the caller */ 1468 return tty; 1469 1470err_free_tty: 1471 tty_unlock(tty); 1472 free_tty_struct(tty); 1473err_module_put: 1474 module_put(driver->owner); 1475 return ERR_PTR(retval); 1476 1477 /* call the tty release_tty routine to clean out this slot */ 1478err_release_tty: 1479 tty_ldisc_unlock(tty); 1480 tty_info_ratelimited(tty, "ldisc open failed (%d), clearing slot %d\n", 1481 retval, idx); 1482err_release_lock: 1483 tty_unlock(tty); 1484 release_tty(tty, idx); 1485 return ERR_PTR(retval); 1486} 1487 1488/** 1489 * tty_save_termios() - save tty termios data in driver table 1490 * @tty: tty whose termios data to save 1491 * 1492 * Locking: Caller guarantees serialisation with tty_init_termios(). 1493 */ 1494void tty_save_termios(struct tty_struct *tty) 1495{ 1496 struct ktermios *tp; 1497 int idx = tty->index; 1498 1499 /* If the port is going to reset then it has no termios to save */ 1500 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) 1501 return; 1502 1503 /* Stash the termios data */ 1504 tp = tty->driver->termios[idx]; 1505 if (tp == NULL) { 1506 tp = kmalloc(sizeof(*tp), GFP_KERNEL); 1507 if (tp == NULL) 1508 return; 1509 tty->driver->termios[idx] = tp; 1510 } 1511 *tp = tty->termios; 1512} 1513EXPORT_SYMBOL_GPL(tty_save_termios); 1514 1515/** 1516 * tty_flush_works - flush all works of a tty/pty pair 1517 * @tty: tty device to flush works for (or either end of a pty pair) 1518 * 1519 * Sync flush all works belonging to @tty (and the 'other' tty). 1520 */ 1521static void tty_flush_works(struct tty_struct *tty) 1522{ 1523 flush_work(&tty->SAK_work); 1524 flush_work(&tty->hangup_work); 1525 if (tty->link) { 1526 flush_work(&tty->link->SAK_work); 1527 flush_work(&tty->link->hangup_work); 1528 } 1529} 1530 1531/** 1532 * release_one_tty - release tty structure memory 1533 * @work: work of tty we are obliterating 1534 * 1535 * Releases memory associated with a tty structure, and clears out the 1536 * driver table slots. This function is called when a device is no longer 1537 * in use. It also gets called when setup of a device fails. 1538 * 1539 * Locking: 1540 * takes the file list lock internally when working on the list 1541 * of ttys that the driver keeps. 1542 * 1543 * This method gets called from a work queue so that the driver private 1544 * cleanup ops can sleep (needed for USB at least) 1545 */ 1546static void release_one_tty(struct work_struct *work) 1547{ 1548 struct tty_struct *tty = 1549 container_of(work, struct tty_struct, hangup_work); 1550 struct tty_driver *driver = tty->driver; 1551 struct module *owner = driver->owner; 1552 1553 if (tty->ops->cleanup) 1554 tty->ops->cleanup(tty); 1555 1556 tty->magic = 0; 1557 tty_driver_kref_put(driver); 1558 module_put(owner); 1559 1560 spin_lock(&tty->files_lock); 1561 list_del_init(&tty->tty_files); 1562 spin_unlock(&tty->files_lock); 1563 1564 put_pid(tty->pgrp); 1565 put_pid(tty->session); 1566 free_tty_struct(tty); 1567} 1568 1569static void queue_release_one_tty(struct kref *kref) 1570{ 1571 struct tty_struct *tty = container_of(kref, struct tty_struct, kref); 1572 1573 /* The hangup queue is now free so we can reuse it rather than 1574 waste a chunk of memory for each port */ 1575 INIT_WORK(&tty->hangup_work, release_one_tty); 1576 schedule_work(&tty->hangup_work); 1577} 1578 1579/** 1580 * tty_kref_put - release a tty kref 1581 * @tty: tty device 1582 * 1583 * Release a reference to a tty device and if need be let the kref 1584 * layer destruct the object for us 1585 */ 1586 1587void tty_kref_put(struct tty_struct *tty) 1588{ 1589 if (tty) 1590 kref_put(&tty->kref, queue_release_one_tty); 1591} 1592EXPORT_SYMBOL(tty_kref_put); 1593 1594/** 1595 * release_tty - release tty structure memory 1596 * @tty: tty device release 1597 * @idx: index of the tty device release 1598 * 1599 * Release both @tty and a possible linked partner (think pty pair), 1600 * and decrement the refcount of the backing module. 1601 * 1602 * Locking: 1603 * tty_mutex 1604 * takes the file list lock internally when working on the list 1605 * of ttys that the driver keeps. 1606 * 1607 */ 1608static void release_tty(struct tty_struct *tty, int idx) 1609{ 1610 /* This should always be true but check for the moment */ 1611 WARN_ON(tty->index != idx); 1612 WARN_ON(!mutex_is_locked(&tty_mutex)); 1613 if (tty->ops->shutdown) 1614 tty->ops->shutdown(tty); 1615 tty_save_termios(tty); 1616 tty_driver_remove_tty(tty->driver, tty); 1617 if (tty->port) 1618 tty->port->itty = NULL; 1619 if (tty->link) 1620 tty->link->port->itty = NULL; 1621 if (tty->port) 1622 tty_buffer_cancel_work(tty->port); 1623 if (tty->link) 1624 tty_buffer_cancel_work(tty->link->port); 1625 1626 tty_kref_put(tty->link); 1627 tty_kref_put(tty); 1628} 1629 1630/** 1631 * tty_release_checks - check a tty before real release 1632 * @tty: tty to check 1633 * @idx: index of the tty 1634 * 1635 * Performs some paranoid checking before true release of the @tty. 1636 * This is a no-op unless TTY_PARANOIA_CHECK is defined. 1637 */ 1638static int tty_release_checks(struct tty_struct *tty, int idx) 1639{ 1640#ifdef TTY_PARANOIA_CHECK 1641 if (idx < 0 || idx >= tty->driver->num) { 1642 tty_debug(tty, "bad idx %d\n", idx); 1643 return -1; 1644 } 1645 1646 /* not much to check for devpts */ 1647 if (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) 1648 return 0; 1649 1650 if (tty != tty->driver->ttys[idx]) { 1651 tty_debug(tty, "bad driver table[%d] = %p\n", 1652 idx, tty->driver->ttys[idx]); 1653 return -1; 1654 } 1655 if (tty->driver->other) { 1656 struct tty_struct *o_tty = tty->link; 1657 1658 if (o_tty != tty->driver->other->ttys[idx]) { 1659 tty_debug(tty, "bad other table[%d] = %p\n", 1660 idx, tty->driver->other->ttys[idx]); 1661 return -1; 1662 } 1663 if (o_tty->link != tty) { 1664 tty_debug(tty, "bad link = %p\n", o_tty->link); 1665 return -1; 1666 } 1667 } 1668#endif 1669 return 0; 1670} 1671 1672/** 1673 * tty_kclose - closes tty opened by tty_kopen 1674 * @tty: tty device 1675 * 1676 * Performs the final steps to release and free a tty device. It is the 1677 * same as tty_release_struct except that it also resets TTY_PORT_KOPENED 1678 * flag on tty->port. 1679 */ 1680void tty_kclose(struct tty_struct *tty) 1681{ 1682 /* 1683 * Ask the line discipline code to release its structures 1684 */ 1685 tty_ldisc_release(tty); 1686 1687 /* Wait for pending work before tty destruction commmences */ 1688 tty_flush_works(tty); 1689 1690 tty_debug_hangup(tty, "freeing structure\n"); 1691 /* 1692 * The release_tty function takes care of the details of clearing 1693 * the slots and preserving the termios structure. 1694 */ 1695 mutex_lock(&tty_mutex); 1696 tty_port_set_kopened(tty->port, 0); 1697 release_tty(tty, tty->index); 1698 mutex_unlock(&tty_mutex); 1699} 1700EXPORT_SYMBOL_GPL(tty_kclose); 1701 1702/** 1703 * tty_release_struct - release a tty struct 1704 * @tty: tty device 1705 * @idx: index of the tty 1706 * 1707 * Performs the final steps to release and free a tty device. It is 1708 * roughly the reverse of tty_init_dev. 1709 */ 1710void tty_release_struct(struct tty_struct *tty, int idx) 1711{ 1712 /* 1713 * Ask the line discipline code to release its structures 1714 */ 1715 tty_ldisc_release(tty); 1716 1717 /* Wait for pending work before tty destruction commmences */ 1718 tty_flush_works(tty); 1719 1720 tty_debug_hangup(tty, "freeing structure\n"); 1721 /* 1722 * The release_tty function takes care of the details of clearing 1723 * the slots and preserving the termios structure. 1724 */ 1725 mutex_lock(&tty_mutex); 1726 release_tty(tty, idx); 1727 mutex_unlock(&tty_mutex); 1728} 1729EXPORT_SYMBOL_GPL(tty_release_struct); 1730 1731/** 1732 * tty_release - vfs callback for close 1733 * @inode: inode of tty 1734 * @filp: file pointer for handle to tty 1735 * 1736 * Called the last time each file handle is closed that references 1737 * this tty. There may however be several such references. 1738 * 1739 * Locking: 1740 * Takes bkl. See tty_release_dev 1741 * 1742 * Even releasing the tty structures is a tricky business.. We have 1743 * to be very careful that the structures are all released at the 1744 * same time, as interrupts might otherwise get the wrong pointers. 1745 * 1746 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could 1747 * lead to double frees or releasing memory still in use. 1748 */ 1749 1750int tty_release(struct inode *inode, struct file *filp) 1751{ 1752 struct tty_struct *tty = file_tty(filp); 1753 struct tty_struct *o_tty = NULL; 1754 int do_sleep, final; 1755 int idx; 1756 long timeout = 0; 1757 int once = 1; 1758 1759 if (tty_paranoia_check(tty, inode, __func__)) 1760 return 0; 1761 1762 tty_lock(tty); 1763 check_tty_count(tty, __func__); 1764 1765 __tty_fasync(-1, filp, 0); 1766 1767 idx = tty->index; 1768 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 1769 tty->driver->subtype == PTY_TYPE_MASTER) 1770 o_tty = tty->link; 1771 1772 if (tty_release_checks(tty, idx)) { 1773 tty_unlock(tty); 1774 return 0; 1775 } 1776 1777 tty_debug_hangup(tty, "releasing (count=%d)\n", tty->count); 1778 1779 if (tty->ops->close) 1780 tty->ops->close(tty, filp); 1781 1782 /* If tty is pty master, lock the slave pty (stable lock order) */ 1783 tty_lock_slave(o_tty); 1784 1785 /* 1786 * Sanity check: if tty->count is going to zero, there shouldn't be 1787 * any waiters on tty->read_wait or tty->write_wait. We test the 1788 * wait queues and kick everyone out _before_ actually starting to 1789 * close. This ensures that we won't block while releasing the tty 1790 * structure. 1791 * 1792 * The test for the o_tty closing is necessary, since the master and 1793 * slave sides may close in any order. If the slave side closes out 1794 * first, its count will be one, since the master side holds an open. 1795 * Thus this test wouldn't be triggered at the time the slave closed, 1796 * so we do it now. 1797 */ 1798 while (1) { 1799 do_sleep = 0; 1800 1801 if (tty->count <= 1) { 1802 if (waitqueue_active(&tty->read_wait)) { 1803 wake_up_poll(&tty->read_wait, EPOLLIN); 1804 do_sleep++; 1805 } 1806 if (waitqueue_active(&tty->write_wait)) { 1807 wake_up_poll(&tty->write_wait, EPOLLOUT); 1808 do_sleep++; 1809 } 1810 } 1811 if (o_tty && o_tty->count <= 1) { 1812 if (waitqueue_active(&o_tty->read_wait)) { 1813 wake_up_poll(&o_tty->read_wait, EPOLLIN); 1814 do_sleep++; 1815 } 1816 if (waitqueue_active(&o_tty->write_wait)) { 1817 wake_up_poll(&o_tty->write_wait, EPOLLOUT); 1818 do_sleep++; 1819 } 1820 } 1821 if (!do_sleep) 1822 break; 1823 1824 if (once) { 1825 once = 0; 1826 tty_warn(tty, "read/write wait queue active!\n"); 1827 } 1828 schedule_timeout_killable(timeout); 1829 if (timeout < 120 * HZ) 1830 timeout = 2 * timeout + 1; 1831 else 1832 timeout = MAX_SCHEDULE_TIMEOUT; 1833 } 1834 1835 if (o_tty) { 1836 if (--o_tty->count < 0) { 1837 tty_warn(tty, "bad slave count (%d)\n", o_tty->count); 1838 o_tty->count = 0; 1839 } 1840 } 1841 if (--tty->count < 0) { 1842 tty_warn(tty, "bad tty->count (%d)\n", tty->count); 1843 tty->count = 0; 1844 } 1845 1846 /* 1847 * We've decremented tty->count, so we need to remove this file 1848 * descriptor off the tty->tty_files list; this serves two 1849 * purposes: 1850 * - check_tty_count sees the correct number of file descriptors 1851 * associated with this tty. 1852 * - do_tty_hangup no longer sees this file descriptor as 1853 * something that needs to be handled for hangups. 1854 */ 1855 tty_del_file(filp); 1856 1857 /* 1858 * Perform some housekeeping before deciding whether to return. 1859 * 1860 * If _either_ side is closing, make sure there aren't any 1861 * processes that still think tty or o_tty is their controlling 1862 * tty. 1863 */ 1864 if (!tty->count) { 1865 read_lock(&tasklist_lock); 1866 session_clear_tty(tty->session); 1867 if (o_tty) 1868 session_clear_tty(o_tty->session); 1869 read_unlock(&tasklist_lock); 1870 } 1871 1872 /* check whether both sides are closing ... */ 1873 final = !tty->count && !(o_tty && o_tty->count); 1874 1875 tty_unlock_slave(o_tty); 1876 tty_unlock(tty); 1877 1878 /* At this point, the tty->count == 0 should ensure a dead tty 1879 cannot be re-opened by a racing opener */ 1880 1881 if (!final) 1882 return 0; 1883 1884 tty_debug_hangup(tty, "final close\n"); 1885 1886 tty_release_struct(tty, idx); 1887 return 0; 1888} 1889 1890/** 1891 * tty_open_current_tty - get locked tty of current task 1892 * @device: device number 1893 * @filp: file pointer to tty 1894 * @return: locked tty of the current task iff @device is /dev/tty 1895 * 1896 * Performs a re-open of the current task's controlling tty. 1897 * 1898 * We cannot return driver and index like for the other nodes because 1899 * devpts will not work then. It expects inodes to be from devpts FS. 1900 */ 1901static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp) 1902{ 1903 struct tty_struct *tty; 1904 int retval; 1905 1906 if (device != MKDEV(TTYAUX_MAJOR, 0)) 1907 return NULL; 1908 1909 tty = get_current_tty(); 1910 if (!tty) 1911 return ERR_PTR(-ENXIO); 1912 1913 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */ 1914 /* noctty = 1; */ 1915 tty_lock(tty); 1916 tty_kref_put(tty); /* safe to drop the kref now */ 1917 1918 retval = tty_reopen(tty); 1919 if (retval < 0) { 1920 tty_unlock(tty); 1921 tty = ERR_PTR(retval); 1922 } 1923 return tty; 1924} 1925 1926/** 1927 * tty_lookup_driver - lookup a tty driver for a given device file 1928 * @device: device number 1929 * @filp: file pointer to tty 1930 * @index: index for the device in the @return driver 1931 * @return: driver for this inode (with increased refcount) 1932 * 1933 * If @return is not erroneous, the caller is responsible to decrement the 1934 * refcount by tty_driver_kref_put. 1935 * 1936 * Locking: tty_mutex protects get_tty_driver 1937 */ 1938static struct tty_driver *tty_lookup_driver(dev_t device, struct file *filp, 1939 int *index) 1940{ 1941 struct tty_driver *driver = NULL; 1942 1943 switch (device) { 1944#ifdef CONFIG_VT 1945 case MKDEV(TTY_MAJOR, 0): { 1946 extern struct tty_driver *console_driver; 1947 driver = tty_driver_kref_get(console_driver); 1948 *index = fg_console; 1949 break; 1950 } 1951#endif 1952 case MKDEV(TTYAUX_MAJOR, 1): { 1953 struct tty_driver *console_driver = console_device(index); 1954 if (console_driver) { 1955 driver = tty_driver_kref_get(console_driver); 1956 if (driver && filp) { 1957 /* Don't let /dev/console block */ 1958 filp->f_flags |= O_NONBLOCK; 1959 break; 1960 } 1961 } 1962 if (driver) 1963 tty_driver_kref_put(driver); 1964 return ERR_PTR(-ENODEV); 1965 } 1966 default: 1967 driver = get_tty_driver(device, index); 1968 if (!driver) 1969 return ERR_PTR(-ENODEV); 1970 break; 1971 } 1972 return driver; 1973} 1974 1975static struct tty_struct *tty_kopen(dev_t device, int shared) 1976{ 1977 struct tty_struct *tty; 1978 struct tty_driver *driver; 1979 int index = -1; 1980 1981 mutex_lock(&tty_mutex); 1982 driver = tty_lookup_driver(device, NULL, &index); 1983 if (IS_ERR(driver)) { 1984 mutex_unlock(&tty_mutex); 1985 return ERR_CAST(driver); 1986 } 1987 1988 /* check whether we're reopening an existing tty */ 1989 tty = tty_driver_lookup_tty(driver, NULL, index); 1990 if (IS_ERR(tty) || shared) 1991 goto out; 1992 1993 if (tty) { 1994 /* drop kref from tty_driver_lookup_tty() */ 1995 tty_kref_put(tty); 1996 tty = ERR_PTR(-EBUSY); 1997 } else { /* tty_init_dev returns tty with the tty_lock held */ 1998 tty = tty_init_dev(driver, index); 1999 if (IS_ERR(tty)) 2000 goto out; 2001 tty_port_set_kopened(tty->port, 1); 2002 } 2003out: 2004 mutex_unlock(&tty_mutex); 2005 tty_driver_kref_put(driver); 2006 return tty; 2007} 2008 2009/** 2010 * tty_kopen_exclusive - open a tty device for kernel 2011 * @device: dev_t of device to open 2012 * 2013 * Opens tty exclusively for kernel. Performs the driver lookup, 2014 * makes sure it's not already opened and performs the first-time 2015 * tty initialization. 2016 * 2017 * Returns the locked initialized &tty_struct 2018 * 2019 * Claims the global tty_mutex to serialize: 2020 * - concurrent first-time tty initialization 2021 * - concurrent tty driver removal w/ lookup 2022 * - concurrent tty removal from driver table 2023 */ 2024struct tty_struct *tty_kopen_exclusive(dev_t device) 2025{ 2026 return tty_kopen(device, 0); 2027} 2028EXPORT_SYMBOL_GPL(tty_kopen_exclusive); 2029 2030/** 2031 * tty_kopen_shared - open a tty device for shared in-kernel use 2032 * @device: dev_t of device to open 2033 * 2034 * Opens an already existing tty for in-kernel use. Compared to 2035 * tty_kopen_exclusive() above it doesn't ensure to be the only user. 2036 * 2037 * Locking is identical to tty_kopen() above. 2038 */ 2039struct tty_struct *tty_kopen_shared(dev_t device) 2040{ 2041 return tty_kopen(device, 1); 2042} 2043EXPORT_SYMBOL_GPL(tty_kopen_shared); 2044 2045/** 2046 * tty_open_by_driver - open a tty device 2047 * @device: dev_t of device to open 2048 * @filp: file pointer to tty 2049 * 2050 * Performs the driver lookup, checks for a reopen, or otherwise 2051 * performs the first-time tty initialization. 2052 * 2053 * Returns the locked initialized or re-opened &tty_struct 2054 * 2055 * Claims the global tty_mutex to serialize: 2056 * - concurrent first-time tty initialization 2057 * - concurrent tty driver removal w/ lookup 2058 * - concurrent tty removal from driver table 2059 */ 2060static struct tty_struct *tty_open_by_driver(dev_t device, 2061 struct file *filp) 2062{ 2063 struct tty_struct *tty; 2064 struct tty_driver *driver = NULL; 2065 int index = -1; 2066 int retval; 2067 2068 mutex_lock(&tty_mutex); 2069 driver = tty_lookup_driver(device, filp, &index); 2070 if (IS_ERR(driver)) { 2071 mutex_unlock(&tty_mutex); 2072 return ERR_CAST(driver); 2073 } 2074 2075 /* check whether we're reopening an existing tty */ 2076 tty = tty_driver_lookup_tty(driver, filp, index); 2077 if (IS_ERR(tty)) { 2078 mutex_unlock(&tty_mutex); 2079 goto out; 2080 } 2081 2082 if (tty) { 2083 if (tty_port_kopened(tty->port)) { 2084 tty_kref_put(tty); 2085 mutex_unlock(&tty_mutex); 2086 tty = ERR_PTR(-EBUSY); 2087 goto out; 2088 } 2089 mutex_unlock(&tty_mutex); 2090 retval = tty_lock_interruptible(tty); 2091 tty_kref_put(tty); /* drop kref from tty_driver_lookup_tty() */ 2092 if (retval) { 2093 if (retval == -EINTR) 2094 retval = -ERESTARTSYS; 2095 tty = ERR_PTR(retval); 2096 goto out; 2097 } 2098 retval = tty_reopen(tty); 2099 if (retval < 0) { 2100 tty_unlock(tty); 2101 tty = ERR_PTR(retval); 2102 } 2103 } else { /* Returns with the tty_lock held for now */ 2104 tty = tty_init_dev(driver, index); 2105 mutex_unlock(&tty_mutex); 2106 } 2107out: 2108 tty_driver_kref_put(driver); 2109 return tty; 2110} 2111 2112/** 2113 * tty_open - open a tty device 2114 * @inode: inode of device file 2115 * @filp: file pointer to tty 2116 * 2117 * tty_open and tty_release keep up the tty count that contains the 2118 * number of opens done on a tty. We cannot use the inode-count, as 2119 * different inodes might point to the same tty. 2120 * 2121 * Open-counting is needed for pty masters, as well as for keeping 2122 * track of serial lines: DTR is dropped when the last close happens. 2123 * (This is not done solely through tty->count, now. - Ted 1/27/92) 2124 * 2125 * The termios state of a pty is reset on first open so that 2126 * settings don't persist across reuse. 2127 * 2128 * Locking: tty_mutex protects tty, tty_lookup_driver and tty_init_dev. 2129 * tty->count should protect the rest. 2130 * ->siglock protects ->signal/->sighand 2131 * 2132 * Note: the tty_unlock/lock cases without a ref are only safe due to 2133 * tty_mutex 2134 */ 2135 2136static int tty_open(struct inode *inode, struct file *filp) 2137{ 2138 struct tty_struct *tty; 2139 int noctty, retval; 2140 dev_t device = inode->i_rdev; 2141 unsigned saved_flags = filp->f_flags; 2142 2143 nonseekable_open(inode, filp); 2144 2145retry_open: 2146 retval = tty_alloc_file(filp); 2147 if (retval) 2148 return -ENOMEM; 2149 2150 tty = tty_open_current_tty(device, filp); 2151 if (!tty) 2152 tty = tty_open_by_driver(device, filp); 2153 2154 if (IS_ERR(tty)) { 2155 tty_free_file(filp); 2156 retval = PTR_ERR(tty); 2157 if (retval != -EAGAIN || signal_pending(current)) 2158 return retval; 2159 schedule(); 2160 goto retry_open; 2161 } 2162 2163 tty_add_file(tty, filp); 2164 2165 check_tty_count(tty, __func__); 2166 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 2167 2168 if (tty->ops->open) 2169 retval = tty->ops->open(tty, filp); 2170 else 2171 retval = -ENODEV; 2172 filp->f_flags = saved_flags; 2173 2174 if (retval) { 2175 tty_debug_hangup(tty, "open error %d, releasing\n", retval); 2176 2177 tty_unlock(tty); /* need to call tty_release without BTM */ 2178 tty_release(inode, filp); 2179 if (retval != -ERESTARTSYS) 2180 return retval; 2181 2182 if (signal_pending(current)) 2183 return retval; 2184 2185 schedule(); 2186 /* 2187 * Need to reset f_op in case a hangup happened. 2188 */ 2189 if (tty_hung_up_p(filp)) 2190 filp->f_op = &tty_fops; 2191 goto retry_open; 2192 } 2193 clear_bit(TTY_HUPPED, &tty->flags); 2194 2195 noctty = (filp->f_flags & O_NOCTTY) || 2196 (IS_ENABLED(CONFIG_VT) && device == MKDEV(TTY_MAJOR, 0)) || 2197 device == MKDEV(TTYAUX_MAJOR, 1) || 2198 (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2199 tty->driver->subtype == PTY_TYPE_MASTER); 2200 if (!noctty) 2201 tty_open_proc_set_tty(filp, tty); 2202 tty_unlock(tty); 2203 return 0; 2204} 2205 2206 2207 2208/** 2209 * tty_poll - check tty status 2210 * @filp: file being polled 2211 * @wait: poll wait structures to update 2212 * 2213 * Call the line discipline polling method to obtain the poll 2214 * status of the device. 2215 * 2216 * Locking: locks called line discipline but ldisc poll method 2217 * may be re-entered freely by other callers. 2218 */ 2219 2220static __poll_t tty_poll(struct file *filp, poll_table *wait) 2221{ 2222 struct tty_struct *tty = file_tty(filp); 2223 struct tty_ldisc *ld; 2224 __poll_t ret = 0; 2225 2226 if (tty_paranoia_check(tty, file_inode(filp), "tty_poll")) 2227 return 0; 2228 2229 ld = tty_ldisc_ref_wait(tty); 2230 if (!ld) 2231 return hung_up_tty_poll(filp, wait); 2232 if (ld->ops->poll) 2233 ret = ld->ops->poll(tty, filp, wait); 2234 tty_ldisc_deref(ld); 2235 return ret; 2236} 2237 2238static int __tty_fasync(int fd, struct file *filp, int on) 2239{ 2240 struct tty_struct *tty = file_tty(filp); 2241 unsigned long flags; 2242 int retval = 0; 2243 2244 if (tty_paranoia_check(tty, file_inode(filp), "tty_fasync")) 2245 goto out; 2246 2247 retval = fasync_helper(fd, filp, on, &tty->fasync); 2248 if (retval <= 0) 2249 goto out; 2250 2251 if (on) { 2252 enum pid_type type; 2253 struct pid *pid; 2254 2255 spin_lock_irqsave(&tty->ctrl_lock, flags); 2256 if (tty->pgrp) { 2257 pid = tty->pgrp; 2258 type = PIDTYPE_PGID; 2259 } else { 2260 pid = task_pid(current); 2261 type = PIDTYPE_TGID; 2262 } 2263 get_pid(pid); 2264 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 2265 __f_setown(filp, pid, type, 0); 2266 put_pid(pid); 2267 retval = 0; 2268 } 2269out: 2270 return retval; 2271} 2272 2273static int tty_fasync(int fd, struct file *filp, int on) 2274{ 2275 struct tty_struct *tty = file_tty(filp); 2276 int retval = -ENOTTY; 2277 2278 tty_lock(tty); 2279 if (!tty_hung_up_p(filp)) 2280 retval = __tty_fasync(fd, filp, on); 2281 tty_unlock(tty); 2282 2283 return retval; 2284} 2285 2286/** 2287 * tiocsti - fake input character 2288 * @tty: tty to fake input into 2289 * @p: pointer to character 2290 * 2291 * Fake input to a tty device. Does the necessary locking and 2292 * input management. 2293 * 2294 * FIXME: does not honour flow control ?? 2295 * 2296 * Locking: 2297 * Called functions take tty_ldiscs_lock 2298 * current->signal->tty check is safe without locks 2299 * 2300 * FIXME: may race normal receive processing 2301 */ 2302 2303static int tiocsti(struct tty_struct *tty, char __user *p) 2304{ 2305 char ch, mbz = 0; 2306 struct tty_ldisc *ld; 2307 2308 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) 2309 return -EPERM; 2310 if (get_user(ch, p)) 2311 return -EFAULT; 2312 tty_audit_tiocsti(tty, ch); 2313 ld = tty_ldisc_ref_wait(tty); 2314 if (!ld) 2315 return -EIO; 2316 if (ld->ops->receive_buf) 2317 ld->ops->receive_buf(tty, &ch, &mbz, 1); 2318 tty_ldisc_deref(ld); 2319 return 0; 2320} 2321 2322/** 2323 * tiocgwinsz - implement window query ioctl 2324 * @tty: tty 2325 * @arg: user buffer for result 2326 * 2327 * Copies the kernel idea of the window size into the user buffer. 2328 * 2329 * Locking: tty->winsize_mutex is taken to ensure the winsize data 2330 * is consistent. 2331 */ 2332 2333static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg) 2334{ 2335 int err; 2336 2337 mutex_lock(&tty->winsize_mutex); 2338 err = copy_to_user(arg, &tty->winsize, sizeof(*arg)); 2339 mutex_unlock(&tty->winsize_mutex); 2340 2341 return err ? -EFAULT: 0; 2342} 2343 2344/** 2345 * tty_do_resize - resize event 2346 * @tty: tty being resized 2347 * @ws: new dimensions 2348 * 2349 * Update the termios variables and send the necessary signals to 2350 * peform a terminal resize correctly 2351 */ 2352 2353int tty_do_resize(struct tty_struct *tty, struct winsize *ws) 2354{ 2355 struct pid *pgrp; 2356 2357 /* Lock the tty */ 2358 mutex_lock(&tty->winsize_mutex); 2359 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 2360 goto done; 2361 2362 /* Signal the foreground process group */ 2363 pgrp = tty_get_pgrp(tty); 2364 if (pgrp) 2365 kill_pgrp(pgrp, SIGWINCH, 1); 2366 put_pid(pgrp); 2367 2368 tty->winsize = *ws; 2369done: 2370 mutex_unlock(&tty->winsize_mutex); 2371 return 0; 2372} 2373EXPORT_SYMBOL(tty_do_resize); 2374 2375/** 2376 * tiocswinsz - implement window size set ioctl 2377 * @tty: tty side of tty 2378 * @arg: user buffer for result 2379 * 2380 * Copies the user idea of the window size to the kernel. Traditionally 2381 * this is just advisory information but for the Linux console it 2382 * actually has driver level meaning and triggers a VC resize. 2383 * 2384 * Locking: 2385 * Driver dependent. The default do_resize method takes the 2386 * tty termios mutex and ctrl_lock. The console takes its own lock 2387 * then calls into the default method. 2388 */ 2389 2390static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg) 2391{ 2392 struct winsize tmp_ws; 2393 if (copy_from_user(&tmp_ws, arg, sizeof(*arg))) 2394 return -EFAULT; 2395 2396 if (tty->ops->resize) 2397 return tty->ops->resize(tty, &tmp_ws); 2398 else 2399 return tty_do_resize(tty, &tmp_ws); 2400} 2401 2402/** 2403 * tioccons - allow admin to move logical console 2404 * @file: the file to become console 2405 * 2406 * Allow the administrator to move the redirected console device 2407 * 2408 * Locking: uses redirect_lock to guard the redirect information 2409 */ 2410 2411static int tioccons(struct file *file) 2412{ 2413 if (!capable(CAP_SYS_ADMIN)) 2414 return -EPERM; 2415 if (file->f_op->write_iter == redirected_tty_write) { 2416 struct file *f; 2417 spin_lock(&redirect_lock); 2418 f = redirect; 2419 redirect = NULL; 2420 spin_unlock(&redirect_lock); 2421 if (f) 2422 fput(f); 2423 return 0; 2424 } 2425 if (file->f_op->write_iter != tty_write) 2426 return -ENOTTY; 2427 if (!(file->f_mode & FMODE_WRITE)) 2428 return -EBADF; 2429 if (!(file->f_mode & FMODE_CAN_WRITE)) 2430 return -EINVAL; 2431 spin_lock(&redirect_lock); 2432 if (redirect) { 2433 spin_unlock(&redirect_lock); 2434 return -EBUSY; 2435 } 2436 redirect = get_file(file); 2437 spin_unlock(&redirect_lock); 2438 return 0; 2439} 2440 2441/** 2442 * tiocsetd - set line discipline 2443 * @tty: tty device 2444 * @p: pointer to user data 2445 * 2446 * Set the line discipline according to user request. 2447 * 2448 * Locking: see tty_set_ldisc, this function is just a helper 2449 */ 2450 2451static int tiocsetd(struct tty_struct *tty, int __user *p) 2452{ 2453 int disc; 2454 int ret; 2455 2456 if (get_user(disc, p)) 2457 return -EFAULT; 2458 2459 ret = tty_set_ldisc(tty, disc); 2460 2461 return ret; 2462} 2463 2464/** 2465 * tiocgetd - get line discipline 2466 * @tty: tty device 2467 * @p: pointer to user data 2468 * 2469 * Retrieves the line discipline id directly from the ldisc. 2470 * 2471 * Locking: waits for ldisc reference (in case the line discipline 2472 * is changing or the tty is being hungup) 2473 */ 2474 2475static int tiocgetd(struct tty_struct *tty, int __user *p) 2476{ 2477 struct tty_ldisc *ld; 2478 int ret; 2479 2480 ld = tty_ldisc_ref_wait(tty); 2481 if (!ld) 2482 return -EIO; 2483 ret = put_user(ld->ops->num, p); 2484 tty_ldisc_deref(ld); 2485 return ret; 2486} 2487 2488/** 2489 * send_break - performed time break 2490 * @tty: device to break on 2491 * @duration: timeout in mS 2492 * 2493 * Perform a timed break on hardware that lacks its own driver level 2494 * timed break functionality. 2495 * 2496 * Locking: 2497 * atomic_write_lock serializes 2498 * 2499 */ 2500 2501static int send_break(struct tty_struct *tty, unsigned int duration) 2502{ 2503 int retval; 2504 2505 if (tty->ops->break_ctl == NULL) 2506 return 0; 2507 2508 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK) 2509 retval = tty->ops->break_ctl(tty, duration); 2510 else { 2511 /* Do the work ourselves */ 2512 if (tty_write_lock(tty, 0) < 0) 2513 return -EINTR; 2514 retval = tty->ops->break_ctl(tty, -1); 2515 if (retval) 2516 goto out; 2517 if (!signal_pending(current)) 2518 msleep_interruptible(duration); 2519 retval = tty->ops->break_ctl(tty, 0); 2520out: 2521 tty_write_unlock(tty); 2522 if (signal_pending(current)) 2523 retval = -EINTR; 2524 } 2525 return retval; 2526} 2527 2528/** 2529 * tty_tiocmget - get modem status 2530 * @tty: tty device 2531 * @p: pointer to result 2532 * 2533 * Obtain the modem status bits from the tty driver if the feature 2534 * is supported. Return -EINVAL if it is not available. 2535 * 2536 * Locking: none (up to the driver) 2537 */ 2538 2539static int tty_tiocmget(struct tty_struct *tty, int __user *p) 2540{ 2541 int retval = -EINVAL; 2542 2543 if (tty->ops->tiocmget) { 2544 retval = tty->ops->tiocmget(tty); 2545 2546 if (retval >= 0) 2547 retval = put_user(retval, p); 2548 } 2549 return retval; 2550} 2551 2552/** 2553 * tty_tiocmset - set modem status 2554 * @tty: tty device 2555 * @cmd: command - clear bits, set bits or set all 2556 * @p: pointer to desired bits 2557 * 2558 * Set the modem status bits from the tty driver if the feature 2559 * is supported. Return -EINVAL if it is not available. 2560 * 2561 * Locking: none (up to the driver) 2562 */ 2563 2564static int tty_tiocmset(struct tty_struct *tty, unsigned int cmd, 2565 unsigned __user *p) 2566{ 2567 int retval; 2568 unsigned int set, clear, val; 2569 2570 if (tty->ops->tiocmset == NULL) 2571 return -EINVAL; 2572 2573 retval = get_user(val, p); 2574 if (retval) 2575 return retval; 2576 set = clear = 0; 2577 switch (cmd) { 2578 case TIOCMBIS: 2579 set = val; 2580 break; 2581 case TIOCMBIC: 2582 clear = val; 2583 break; 2584 case TIOCMSET: 2585 set = val; 2586 clear = ~val; 2587 break; 2588 } 2589 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2590 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP; 2591 return tty->ops->tiocmset(tty, set, clear); 2592} 2593 2594/** 2595 * tty_get_icount - get tty statistics 2596 * @tty: tty device 2597 * @icount: output parameter 2598 * 2599 * Gets a copy of the tty's icount statistics. 2600 * 2601 * Locking: none (up to the driver) 2602 */ 2603int tty_get_icount(struct tty_struct *tty, 2604 struct serial_icounter_struct *icount) 2605{ 2606 memset(icount, 0, sizeof(*icount)); 2607 2608 if (tty->ops->get_icount) 2609 return tty->ops->get_icount(tty, icount); 2610 else 2611 return -EINVAL; 2612} 2613EXPORT_SYMBOL_GPL(tty_get_icount); 2614 2615static int tty_tiocgicount(struct tty_struct *tty, void __user *arg) 2616{ 2617 struct serial_icounter_struct icount; 2618 int retval; 2619 2620 retval = tty_get_icount(tty, &icount); 2621 if (retval != 0) 2622 return retval; 2623 2624 if (copy_to_user(arg, &icount, sizeof(icount))) 2625 return -EFAULT; 2626 return 0; 2627} 2628 2629static int tty_tiocsserial(struct tty_struct *tty, struct serial_struct __user *ss) 2630{ 2631 static DEFINE_RATELIMIT_STATE(depr_flags, 2632 DEFAULT_RATELIMIT_INTERVAL, 2633 DEFAULT_RATELIMIT_BURST); 2634 char comm[TASK_COMM_LEN]; 2635 struct serial_struct v; 2636 int flags; 2637 2638 if (copy_from_user(&v, ss, sizeof(*ss))) 2639 return -EFAULT; 2640 2641 flags = v.flags & ASYNC_DEPRECATED; 2642 2643 if (flags && __ratelimit(&depr_flags)) 2644 pr_warn("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n", 2645 __func__, get_task_comm(comm, current), flags); 2646 if (!tty->ops->set_serial) 2647 return -ENOTTY; 2648 return tty->ops->set_serial(tty, &v); 2649} 2650 2651static int tty_tiocgserial(struct tty_struct *tty, struct serial_struct __user *ss) 2652{ 2653 struct serial_struct v; 2654 int err; 2655 2656 memset(&v, 0, sizeof(v)); 2657 if (!tty->ops->get_serial) 2658 return -ENOTTY; 2659 err = tty->ops->get_serial(tty, &v); 2660 if (!err && copy_to_user(ss, &v, sizeof(v))) 2661 err = -EFAULT; 2662 return err; 2663} 2664 2665/* 2666 * if pty, return the slave side (real_tty) 2667 * otherwise, return self 2668 */ 2669static struct tty_struct *tty_pair_get_tty(struct tty_struct *tty) 2670{ 2671 if (tty->driver->type == TTY_DRIVER_TYPE_PTY && 2672 tty->driver->subtype == PTY_TYPE_MASTER) 2673 tty = tty->link; 2674 return tty; 2675} 2676 2677/* 2678 * Split this up, as gcc can choke on it otherwise.. 2679 */ 2680long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 2681{ 2682 struct tty_struct *tty = file_tty(file); 2683 struct tty_struct *real_tty; 2684 void __user *p = (void __user *)arg; 2685 int retval; 2686 struct tty_ldisc *ld; 2687 2688 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2689 return -EINVAL; 2690 2691 real_tty = tty_pair_get_tty(tty); 2692 2693 /* 2694 * Factor out some common prep work 2695 */ 2696 switch (cmd) { 2697 case TIOCSETD: 2698 case TIOCSBRK: 2699 case TIOCCBRK: 2700 case TCSBRK: 2701 case TCSBRKP: 2702 retval = tty_check_change(tty); 2703 if (retval) 2704 return retval; 2705 if (cmd != TIOCCBRK) { 2706 tty_wait_until_sent(tty, 0); 2707 if (signal_pending(current)) 2708 return -EINTR; 2709 } 2710 break; 2711 } 2712 2713 /* 2714 * Now do the stuff. 2715 */ 2716 switch (cmd) { 2717 case TIOCSTI: 2718 return tiocsti(tty, p); 2719 case TIOCGWINSZ: 2720 return tiocgwinsz(real_tty, p); 2721 case TIOCSWINSZ: 2722 return tiocswinsz(real_tty, p); 2723 case TIOCCONS: 2724 return real_tty != tty ? -EINVAL : tioccons(file); 2725 case TIOCEXCL: 2726 set_bit(TTY_EXCLUSIVE, &tty->flags); 2727 return 0; 2728 case TIOCNXCL: 2729 clear_bit(TTY_EXCLUSIVE, &tty->flags); 2730 return 0; 2731 case TIOCGEXCL: 2732 { 2733 int excl = test_bit(TTY_EXCLUSIVE, &tty->flags); 2734 return put_user(excl, (int __user *)p); 2735 } 2736 case TIOCGETD: 2737 return tiocgetd(tty, p); 2738 case TIOCSETD: 2739 return tiocsetd(tty, p); 2740 case TIOCVHANGUP: 2741 if (!capable(CAP_SYS_ADMIN)) 2742 return -EPERM; 2743 tty_vhangup(tty); 2744 return 0; 2745 case TIOCGDEV: 2746 { 2747 unsigned int ret = new_encode_dev(tty_devnum(real_tty)); 2748 return put_user(ret, (unsigned int __user *)p); 2749 } 2750 /* 2751 * Break handling 2752 */ 2753 case TIOCSBRK: /* Turn break on, unconditionally */ 2754 if (tty->ops->break_ctl) 2755 return tty->ops->break_ctl(tty, -1); 2756 return 0; 2757 case TIOCCBRK: /* Turn break off, unconditionally */ 2758 if (tty->ops->break_ctl) 2759 return tty->ops->break_ctl(tty, 0); 2760 return 0; 2761 case TCSBRK: /* SVID version: non-zero arg --> no break */ 2762 /* non-zero arg means wait for all output data 2763 * to be sent (performed above) but don't send break. 2764 * This is used by the tcdrain() termios function. 2765 */ 2766 if (!arg) 2767 return send_break(tty, 250); 2768 return 0; 2769 case TCSBRKP: /* support for POSIX tcsendbreak() */ 2770 return send_break(tty, arg ? arg*100 : 250); 2771 2772 case TIOCMGET: 2773 return tty_tiocmget(tty, p); 2774 case TIOCMSET: 2775 case TIOCMBIC: 2776 case TIOCMBIS: 2777 return tty_tiocmset(tty, cmd, p); 2778 case TIOCGICOUNT: 2779 return tty_tiocgicount(tty, p); 2780 case TCFLSH: 2781 switch (arg) { 2782 case TCIFLUSH: 2783 case TCIOFLUSH: 2784 /* flush tty buffer and allow ldisc to process ioctl */ 2785 tty_buffer_flush(tty, NULL); 2786 break; 2787 } 2788 break; 2789 case TIOCSSERIAL: 2790 return tty_tiocsserial(tty, p); 2791 case TIOCGSERIAL: 2792 return tty_tiocgserial(tty, p); 2793 case TIOCGPTPEER: 2794 /* Special because the struct file is needed */ 2795 return ptm_open_peer(file, tty, (int)arg); 2796 default: 2797 retval = tty_jobctrl_ioctl(tty, real_tty, file, cmd, arg); 2798 if (retval != -ENOIOCTLCMD) 2799 return retval; 2800 } 2801 if (tty->ops->ioctl) { 2802 retval = tty->ops->ioctl(tty, cmd, arg); 2803 if (retval != -ENOIOCTLCMD) 2804 return retval; 2805 } 2806 ld = tty_ldisc_ref_wait(tty); 2807 if (!ld) 2808 return hung_up_tty_ioctl(file, cmd, arg); 2809 retval = -EINVAL; 2810 if (ld->ops->ioctl) { 2811 retval = ld->ops->ioctl(tty, file, cmd, arg); 2812 if (retval == -ENOIOCTLCMD) 2813 retval = -ENOTTY; 2814 } 2815 tty_ldisc_deref(ld); 2816 return retval; 2817} 2818 2819#ifdef CONFIG_COMPAT 2820 2821struct serial_struct32 { 2822 compat_int_t type; 2823 compat_int_t line; 2824 compat_uint_t port; 2825 compat_int_t irq; 2826 compat_int_t flags; 2827 compat_int_t xmit_fifo_size; 2828 compat_int_t custom_divisor; 2829 compat_int_t baud_base; 2830 unsigned short close_delay; 2831 char io_type; 2832 char reserved_char; 2833 compat_int_t hub6; 2834 unsigned short closing_wait; /* time to wait before closing */ 2835 unsigned short closing_wait2; /* no longer used... */ 2836 compat_uint_t iomem_base; 2837 unsigned short iomem_reg_shift; 2838 unsigned int port_high; 2839 /* compat_ulong_t iomap_base FIXME */ 2840 compat_int_t reserved; 2841}; 2842 2843static int compat_tty_tiocsserial(struct tty_struct *tty, 2844 struct serial_struct32 __user *ss) 2845{ 2846 static DEFINE_RATELIMIT_STATE(depr_flags, 2847 DEFAULT_RATELIMIT_INTERVAL, 2848 DEFAULT_RATELIMIT_BURST); 2849 char comm[TASK_COMM_LEN]; 2850 struct serial_struct32 v32; 2851 struct serial_struct v; 2852 int flags; 2853 2854 if (copy_from_user(&v32, ss, sizeof(*ss))) 2855 return -EFAULT; 2856 2857 memcpy(&v, &v32, offsetof(struct serial_struct32, iomem_base)); 2858 v.iomem_base = compat_ptr(v32.iomem_base); 2859 v.iomem_reg_shift = v32.iomem_reg_shift; 2860 v.port_high = v32.port_high; 2861 v.iomap_base = 0; 2862 2863 flags = v.flags & ASYNC_DEPRECATED; 2864 2865 if (flags && __ratelimit(&depr_flags)) 2866 pr_warn("%s: '%s' is using deprecated serial flags (with no effect): %.8x\n", 2867 __func__, get_task_comm(comm, current), flags); 2868 if (!tty->ops->set_serial) 2869 return -ENOTTY; 2870 return tty->ops->set_serial(tty, &v); 2871} 2872 2873static int compat_tty_tiocgserial(struct tty_struct *tty, 2874 struct serial_struct32 __user *ss) 2875{ 2876 struct serial_struct32 v32; 2877 struct serial_struct v; 2878 int err; 2879 2880 memset(&v, 0, sizeof(v)); 2881 memset(&v32, 0, sizeof(v32)); 2882 2883 if (!tty->ops->get_serial) 2884 return -ENOTTY; 2885 err = tty->ops->get_serial(tty, &v); 2886 if (!err) { 2887 memcpy(&v32, &v, offsetof(struct serial_struct32, iomem_base)); 2888 v32.iomem_base = (unsigned long)v.iomem_base >> 32 ? 2889 0xfffffff : ptr_to_compat(v.iomem_base); 2890 v32.iomem_reg_shift = v.iomem_reg_shift; 2891 v32.port_high = v.port_high; 2892 if (copy_to_user(ss, &v32, sizeof(v32))) 2893 err = -EFAULT; 2894 } 2895 return err; 2896} 2897static long tty_compat_ioctl(struct file *file, unsigned int cmd, 2898 unsigned long arg) 2899{ 2900 struct tty_struct *tty = file_tty(file); 2901 struct tty_ldisc *ld; 2902 int retval = -ENOIOCTLCMD; 2903 2904 switch (cmd) { 2905 case TIOCOUTQ: 2906 case TIOCSTI: 2907 case TIOCGWINSZ: 2908 case TIOCSWINSZ: 2909 case TIOCGEXCL: 2910 case TIOCGETD: 2911 case TIOCSETD: 2912 case TIOCGDEV: 2913 case TIOCMGET: 2914 case TIOCMSET: 2915 case TIOCMBIC: 2916 case TIOCMBIS: 2917 case TIOCGICOUNT: 2918 case TIOCGPGRP: 2919 case TIOCSPGRP: 2920 case TIOCGSID: 2921 case TIOCSERGETLSR: 2922 case TIOCGRS485: 2923 case TIOCSRS485: 2924#ifdef TIOCGETP 2925 case TIOCGETP: 2926 case TIOCSETP: 2927 case TIOCSETN: 2928#endif 2929#ifdef TIOCGETC 2930 case TIOCGETC: 2931 case TIOCSETC: 2932#endif 2933#ifdef TIOCGLTC 2934 case TIOCGLTC: 2935 case TIOCSLTC: 2936#endif 2937 case TCSETSF: 2938 case TCSETSW: 2939 case TCSETS: 2940 case TCGETS: 2941#ifdef TCGETS2 2942 case TCGETS2: 2943 case TCSETSF2: 2944 case TCSETSW2: 2945 case TCSETS2: 2946#endif 2947 case TCGETA: 2948 case TCSETAF: 2949 case TCSETAW: 2950 case TCSETA: 2951 case TIOCGLCKTRMIOS: 2952 case TIOCSLCKTRMIOS: 2953#ifdef TCGETX 2954 case TCGETX: 2955 case TCSETX: 2956 case TCSETXW: 2957 case TCSETXF: 2958#endif 2959 case TIOCGSOFTCAR: 2960 case TIOCSSOFTCAR: 2961 2962 case PPPIOCGCHAN: 2963 case PPPIOCGUNIT: 2964 return tty_ioctl(file, cmd, (unsigned long)compat_ptr(arg)); 2965 case TIOCCONS: 2966 case TIOCEXCL: 2967 case TIOCNXCL: 2968 case TIOCVHANGUP: 2969 case TIOCSBRK: 2970 case TIOCCBRK: 2971 case TCSBRK: 2972 case TCSBRKP: 2973 case TCFLSH: 2974 case TIOCGPTPEER: 2975 case TIOCNOTTY: 2976 case TIOCSCTTY: 2977 case TCXONC: 2978 case TIOCMIWAIT: 2979 case TIOCSERCONFIG: 2980 return tty_ioctl(file, cmd, arg); 2981 } 2982 2983 if (tty_paranoia_check(tty, file_inode(file), "tty_ioctl")) 2984 return -EINVAL; 2985 2986 switch (cmd) { 2987 case TIOCSSERIAL: 2988 return compat_tty_tiocsserial(tty, compat_ptr(arg)); 2989 case TIOCGSERIAL: 2990 return compat_tty_tiocgserial(tty, compat_ptr(arg)); 2991 } 2992 if (tty->ops->compat_ioctl) { 2993 retval = tty->ops->compat_ioctl(tty, cmd, arg); 2994 if (retval != -ENOIOCTLCMD) 2995 return retval; 2996 } 2997 2998 ld = tty_ldisc_ref_wait(tty); 2999 if (!ld) 3000 return hung_up_tty_compat_ioctl(file, cmd, arg); 3001 if (ld->ops->compat_ioctl) 3002 retval = ld->ops->compat_ioctl(tty, file, cmd, arg); 3003 if (retval == -ENOIOCTLCMD && ld->ops->ioctl) 3004 retval = ld->ops->ioctl(tty, file, 3005 (unsigned long)compat_ptr(cmd), arg); 3006 tty_ldisc_deref(ld); 3007 3008 return retval; 3009} 3010#endif 3011 3012static int this_tty(const void *t, struct file *file, unsigned fd) 3013{ 3014 if (likely(file->f_op->read_iter != tty_read)) 3015 return 0; 3016 return file_tty(file) != t ? 0 : fd + 1; 3017} 3018 3019/* 3020 * This implements the "Secure Attention Key" --- the idea is to 3021 * prevent trojan horses by killing all processes associated with this 3022 * tty when the user hits the "Secure Attention Key". Required for 3023 * super-paranoid applications --- see the Orange Book for more details. 3024 * 3025 * This code could be nicer; ideally it should send a HUP, wait a few 3026 * seconds, then send a INT, and then a KILL signal. But you then 3027 * have to coordinate with the init process, since all processes associated 3028 * with the current tty must be dead before the new getty is allowed 3029 * to spawn. 3030 * 3031 * Now, if it would be correct ;-/ The current code has a nasty hole - 3032 * it doesn't catch files in flight. We may send the descriptor to ourselves 3033 * via AF_UNIX socket, close it and later fetch from socket. FIXME. 3034 * 3035 * Nasty bug: do_SAK is being called in interrupt context. This can 3036 * deadlock. We punt it up to process context. AKPM - 16Mar2001 3037 */ 3038void __do_SAK(struct tty_struct *tty) 3039{ 3040#ifdef TTY_SOFT_SAK 3041 tty_hangup(tty); 3042#else 3043 struct task_struct *g, *p; 3044 struct pid *session; 3045 int i; 3046 unsigned long flags; 3047 3048 if (!tty) 3049 return; 3050 3051 spin_lock_irqsave(&tty->ctrl_lock, flags); 3052 session = get_pid(tty->session); 3053 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 3054 3055 tty_ldisc_flush(tty); 3056 3057 tty_driver_flush_buffer(tty); 3058 3059 read_lock(&tasklist_lock); 3060 /* Kill the entire session */ 3061 do_each_pid_task(session, PIDTYPE_SID, p) { 3062 tty_notice(tty, "SAK: killed process %d (%s): by session\n", 3063 task_pid_nr(p), p->comm); 3064 group_send_sig_info(SIGKILL, SEND_SIG_PRIV, p, PIDTYPE_SID); 3065 } while_each_pid_task(session, PIDTYPE_SID, p); 3066 3067 /* Now kill any processes that happen to have the tty open */ 3068 do_each_thread(g, p) { 3069 if (p->signal->tty == tty) { 3070 tty_notice(tty, "SAK: killed process %d (%s): by controlling tty\n", 3071 task_pid_nr(p), p->comm); 3072 group_send_sig_info(SIGKILL, SEND_SIG_PRIV, p, PIDTYPE_SID); 3073 continue; 3074 } 3075 task_lock(p); 3076 i = iterate_fd(p->files, 0, this_tty, tty); 3077 if (i != 0) { 3078 tty_notice(tty, "SAK: killed process %d (%s): by fd#%d\n", 3079 task_pid_nr(p), p->comm, i - 1); 3080 group_send_sig_info(SIGKILL, SEND_SIG_PRIV, p, PIDTYPE_SID); 3081 } 3082 task_unlock(p); 3083 } while_each_thread(g, p); 3084 read_unlock(&tasklist_lock); 3085 put_pid(session); 3086#endif 3087} 3088 3089static void do_SAK_work(struct work_struct *work) 3090{ 3091 struct tty_struct *tty = 3092 container_of(work, struct tty_struct, SAK_work); 3093 __do_SAK(tty); 3094} 3095 3096/* 3097 * The tq handling here is a little racy - tty->SAK_work may already be queued. 3098 * Fortunately we don't need to worry, because if ->SAK_work is already queued, 3099 * the values which we write to it will be identical to the values which it 3100 * already has. --akpm 3101 */ 3102void do_SAK(struct tty_struct *tty) 3103{ 3104 if (!tty) 3105 return; 3106 schedule_work(&tty->SAK_work); 3107} 3108 3109EXPORT_SYMBOL(do_SAK); 3110 3111/* Must put_device() after it's unused! */ 3112static struct device *tty_get_device(struct tty_struct *tty) 3113{ 3114 dev_t devt = tty_devnum(tty); 3115 return class_find_device_by_devt(tty_class, devt); 3116} 3117 3118 3119/* 3120 * alloc_tty_struct 3121 * 3122 * This subroutine allocates and initializes a tty structure. 3123 * 3124 * Locking: none - tty in question is not exposed at this point 3125 */ 3126 3127struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) 3128{ 3129 struct tty_struct *tty; 3130 3131 tty = kzalloc(sizeof(*tty), GFP_KERNEL); 3132 if (!tty) 3133 return NULL; 3134 3135 kref_init(&tty->kref); 3136 tty->magic = TTY_MAGIC; 3137 if (tty_ldisc_init(tty)) { 3138 kfree(tty); 3139 return NULL; 3140 } 3141 tty->session = NULL; 3142 tty->pgrp = NULL; 3143 mutex_init(&tty->legacy_mutex); 3144 mutex_init(&tty->throttle_mutex); 3145 init_rwsem(&tty->termios_rwsem); 3146 mutex_init(&tty->winsize_mutex); 3147 init_ldsem(&tty->ldisc_sem); 3148 init_waitqueue_head(&tty->write_wait); 3149 init_waitqueue_head(&tty->read_wait); 3150 INIT_WORK(&tty->hangup_work, do_tty_hangup); 3151 mutex_init(&tty->atomic_write_lock); 3152 spin_lock_init(&tty->ctrl_lock); 3153 spin_lock_init(&tty->flow_lock); 3154 spin_lock_init(&tty->files_lock); 3155 INIT_LIST_HEAD(&tty->tty_files); 3156 INIT_WORK(&tty->SAK_work, do_SAK_work); 3157 3158 tty->driver = driver; 3159 tty->ops = driver->ops; 3160 tty->index = idx; 3161 tty_line_name(driver, idx, tty->name); 3162 tty->dev = tty_get_device(tty); 3163 3164 return tty; 3165} 3166 3167/** 3168 * tty_put_char - write one character to a tty 3169 * @tty: tty 3170 * @ch: character 3171 * 3172 * Write one byte to the tty using the provided put_char method 3173 * if present. Returns the number of characters successfully output. 3174 * 3175 * Note: the specific put_char operation in the driver layer may go 3176 * away soon. Don't call it directly, use this method 3177 */ 3178 3179int tty_put_char(struct tty_struct *tty, unsigned char ch) 3180{ 3181 if (tty->ops->put_char) 3182 return tty->ops->put_char(tty, ch); 3183 return tty->ops->write(tty, &ch, 1); 3184} 3185EXPORT_SYMBOL_GPL(tty_put_char); 3186 3187struct class *tty_class; 3188 3189static int tty_cdev_add(struct tty_driver *driver, dev_t dev, 3190 unsigned int index, unsigned int count) 3191{ 3192 int err; 3193 3194 /* init here, since reused cdevs cause crashes */ 3195 driver->cdevs[index] = cdev_alloc(); 3196 if (!driver->cdevs[index]) 3197 return -ENOMEM; 3198 driver->cdevs[index]->ops = &tty_fops; 3199 driver->cdevs[index]->owner = driver->owner; 3200 err = cdev_add(driver->cdevs[index], dev, count); 3201 if (err) 3202 kobject_put(&driver->cdevs[index]->kobj); 3203 return err; 3204} 3205 3206/** 3207 * tty_register_device - register a tty device 3208 * @driver: the tty driver that describes the tty device 3209 * @index: the index in the tty driver for this tty device 3210 * @device: a struct device that is associated with this tty device. 3211 * This field is optional, if there is no known struct device 3212 * for this tty device it can be set to NULL safely. 3213 * 3214 * Returns a pointer to the struct device for this tty device 3215 * (or ERR_PTR(-EFOO) on error). 3216 * 3217 * This call is required to be made to register an individual tty device 3218 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3219 * that bit is not set, this function should not be called by a tty 3220 * driver. 3221 * 3222 * Locking: ?? 3223 */ 3224 3225struct device *tty_register_device(struct tty_driver *driver, unsigned index, 3226 struct device *device) 3227{ 3228 return tty_register_device_attr(driver, index, device, NULL, NULL); 3229} 3230EXPORT_SYMBOL(tty_register_device); 3231 3232static void tty_device_create_release(struct device *dev) 3233{ 3234 dev_dbg(dev, "releasing...\n"); 3235 kfree(dev); 3236} 3237 3238/** 3239 * tty_register_device_attr - register a tty device 3240 * @driver: the tty driver that describes the tty device 3241 * @index: the index in the tty driver for this tty device 3242 * @device: a struct device that is associated with this tty device. 3243 * This field is optional, if there is no known struct device 3244 * for this tty device it can be set to NULL safely. 3245 * @drvdata: Driver data to be set to device. 3246 * @attr_grp: Attribute group to be set on device. 3247 * 3248 * Returns a pointer to the struct device for this tty device 3249 * (or ERR_PTR(-EFOO) on error). 3250 * 3251 * This call is required to be made to register an individual tty device 3252 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If 3253 * that bit is not set, this function should not be called by a tty 3254 * driver. 3255 * 3256 * Locking: ?? 3257 */ 3258struct device *tty_register_device_attr(struct tty_driver *driver, 3259 unsigned index, struct device *device, 3260 void *drvdata, 3261 const struct attribute_group **attr_grp) 3262{ 3263 char name[64]; 3264 dev_t devt = MKDEV(driver->major, driver->minor_start) + index; 3265 struct ktermios *tp; 3266 struct device *dev; 3267 int retval; 3268 3269 if (index >= driver->num) { 3270 pr_err("%s: Attempt to register invalid tty line number (%d)\n", 3271 driver->name, index); 3272 return ERR_PTR(-EINVAL); 3273 } 3274 3275 if (driver->type == TTY_DRIVER_TYPE_PTY) 3276 pty_line_name(driver, index, name); 3277 else 3278 tty_line_name(driver, index, name); 3279 3280 dev = kzalloc(sizeof(*dev), GFP_KERNEL); 3281 if (!dev) 3282 return ERR_PTR(-ENOMEM); 3283 3284 dev->devt = devt; 3285 dev->class = tty_class; 3286 dev->parent = device; 3287 dev->release = tty_device_create_release; 3288 dev_set_name(dev, "%s", name); 3289 dev->groups = attr_grp; 3290 dev_set_drvdata(dev, drvdata); 3291 3292 dev_set_uevent_suppress(dev, 1); 3293 3294 retval = device_register(dev); 3295 if (retval) 3296 goto err_put; 3297 3298 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3299 /* 3300 * Free any saved termios data so that the termios state is 3301 * reset when reusing a minor number. 3302 */ 3303 tp = driver->termios[index]; 3304 if (tp) { 3305 driver->termios[index] = NULL; 3306 kfree(tp); 3307 } 3308 3309 retval = tty_cdev_add(driver, devt, index, 1); 3310 if (retval) 3311 goto err_del; 3312 } 3313 3314 dev_set_uevent_suppress(dev, 0); 3315 kobject_uevent(&dev->kobj, KOBJ_ADD); 3316 3317 return dev; 3318 3319err_del: 3320 device_del(dev); 3321err_put: 3322 put_device(dev); 3323 3324 return ERR_PTR(retval); 3325} 3326EXPORT_SYMBOL_GPL(tty_register_device_attr); 3327 3328/** 3329 * tty_unregister_device - unregister a tty device 3330 * @driver: the tty driver that describes the tty device 3331 * @index: the index in the tty driver for this tty device 3332 * 3333 * If a tty device is registered with a call to tty_register_device() then 3334 * this function must be called when the tty device is gone. 3335 * 3336 * Locking: ?? 3337 */ 3338 3339void tty_unregister_device(struct tty_driver *driver, unsigned index) 3340{ 3341 device_destroy(tty_class, 3342 MKDEV(driver->major, driver->minor_start) + index); 3343 if (!(driver->flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3344 cdev_del(driver->cdevs[index]); 3345 driver->cdevs[index] = NULL; 3346 } 3347} 3348EXPORT_SYMBOL(tty_unregister_device); 3349 3350/** 3351 * __tty_alloc_driver -- allocate tty driver 3352 * @lines: count of lines this driver can handle at most 3353 * @owner: module which is responsible for this driver 3354 * @flags: some of TTY_DRIVER_* flags, will be set in driver->flags 3355 * 3356 * This should not be called directly, some of the provided macros should be 3357 * used instead. Use IS_ERR and friends on @retval. 3358 */ 3359struct tty_driver *__tty_alloc_driver(unsigned int lines, struct module *owner, 3360 unsigned long flags) 3361{ 3362 struct tty_driver *driver; 3363 unsigned int cdevs = 1; 3364 int err; 3365 3366 if (!lines || (flags & TTY_DRIVER_UNNUMBERED_NODE && lines > 1)) 3367 return ERR_PTR(-EINVAL); 3368 3369 driver = kzalloc(sizeof(*driver), GFP_KERNEL); 3370 if (!driver) 3371 return ERR_PTR(-ENOMEM); 3372 3373 kref_init(&driver->kref); 3374 driver->magic = TTY_DRIVER_MAGIC; 3375 driver->num = lines; 3376 driver->owner = owner; 3377 driver->flags = flags; 3378 3379 if (!(flags & TTY_DRIVER_DEVPTS_MEM)) { 3380 driver->ttys = kcalloc(lines, sizeof(*driver->ttys), 3381 GFP_KERNEL); 3382 driver->termios = kcalloc(lines, sizeof(*driver->termios), 3383 GFP_KERNEL); 3384 if (!driver->ttys || !driver->termios) { 3385 err = -ENOMEM; 3386 goto err_free_all; 3387 } 3388 } 3389 3390 if (!(flags & TTY_DRIVER_DYNAMIC_ALLOC)) { 3391 driver->ports = kcalloc(lines, sizeof(*driver->ports), 3392 GFP_KERNEL); 3393 if (!driver->ports) { 3394 err = -ENOMEM; 3395 goto err_free_all; 3396 } 3397 cdevs = lines; 3398 } 3399 3400 driver->cdevs = kcalloc(cdevs, sizeof(*driver->cdevs), GFP_KERNEL); 3401 if (!driver->cdevs) { 3402 err = -ENOMEM; 3403 goto err_free_all; 3404 } 3405 3406 return driver; 3407err_free_all: 3408 kfree(driver->ports); 3409 kfree(driver->ttys); 3410 kfree(driver->termios); 3411 kfree(driver->cdevs); 3412 kfree(driver); 3413 return ERR_PTR(err); 3414} 3415EXPORT_SYMBOL(__tty_alloc_driver); 3416 3417static void destruct_tty_driver(struct kref *kref) 3418{ 3419 struct tty_driver *driver = container_of(kref, struct tty_driver, kref); 3420 int i; 3421 struct ktermios *tp; 3422 3423 if (driver->flags & TTY_DRIVER_INSTALLED) { 3424 for (i = 0; i < driver->num; i++) { 3425 tp = driver->termios[i]; 3426 if (tp) { 3427 driver->termios[i] = NULL; 3428 kfree(tp); 3429 } 3430 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) 3431 tty_unregister_device(driver, i); 3432 } 3433 proc_tty_unregister_driver(driver); 3434 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) 3435 cdev_del(driver->cdevs[0]); 3436 } 3437 kfree(driver->cdevs); 3438 kfree(driver->ports); 3439 kfree(driver->termios); 3440 kfree(driver->ttys); 3441 kfree(driver); 3442} 3443 3444void tty_driver_kref_put(struct tty_driver *driver) 3445{ 3446 kref_put(&driver->kref, destruct_tty_driver); 3447} 3448EXPORT_SYMBOL(tty_driver_kref_put); 3449 3450void tty_set_operations(struct tty_driver *driver, 3451 const struct tty_operations *op) 3452{ 3453 driver->ops = op; 3454}; 3455EXPORT_SYMBOL(tty_set_operations); 3456 3457void put_tty_driver(struct tty_driver *d) 3458{ 3459 tty_driver_kref_put(d); 3460} 3461EXPORT_SYMBOL(put_tty_driver); 3462 3463/* 3464 * Called by a tty driver to register itself. 3465 */ 3466int tty_register_driver(struct tty_driver *driver) 3467{ 3468 int error; 3469 int i; 3470 dev_t dev; 3471 struct device *d; 3472 3473 if (!driver->major) { 3474 error = alloc_chrdev_region(&dev, driver->minor_start, 3475 driver->num, driver->name); 3476 if (!error) { 3477 driver->major = MAJOR(dev); 3478 driver->minor_start = MINOR(dev); 3479 } 3480 } else { 3481 dev = MKDEV(driver->major, driver->minor_start); 3482 error = register_chrdev_region(dev, driver->num, driver->name); 3483 } 3484 if (error < 0) 3485 goto err; 3486 3487 if (driver->flags & TTY_DRIVER_DYNAMIC_ALLOC) { 3488 error = tty_cdev_add(driver, dev, 0, driver->num); 3489 if (error) 3490 goto err_unreg_char; 3491 } 3492 3493 mutex_lock(&tty_mutex); 3494 list_add(&driver->tty_drivers, &tty_drivers); 3495 mutex_unlock(&tty_mutex); 3496 3497 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) { 3498 for (i = 0; i < driver->num; i++) { 3499 d = tty_register_device(driver, i, NULL); 3500 if (IS_ERR(d)) { 3501 error = PTR_ERR(d); 3502 goto err_unreg_devs; 3503 } 3504 } 3505 } 3506 proc_tty_register_driver(driver); 3507 driver->flags |= TTY_DRIVER_INSTALLED; 3508 return 0; 3509 3510err_unreg_devs: 3511 for (i--; i >= 0; i--) 3512 tty_unregister_device(driver, i); 3513 3514 mutex_lock(&tty_mutex); 3515 list_del(&driver->tty_drivers); 3516 mutex_unlock(&tty_mutex); 3517 3518err_unreg_char: 3519 unregister_chrdev_region(dev, driver->num); 3520err: 3521 return error; 3522} 3523EXPORT_SYMBOL(tty_register_driver); 3524 3525/* 3526 * Called by a tty driver to unregister itself. 3527 */ 3528int tty_unregister_driver(struct tty_driver *driver) 3529{ 3530#if 0 3531 /* FIXME */ 3532 if (driver->refcount) 3533 return -EBUSY; 3534#endif 3535 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start), 3536 driver->num); 3537 mutex_lock(&tty_mutex); 3538 list_del(&driver->tty_drivers); 3539 mutex_unlock(&tty_mutex); 3540 return 0; 3541} 3542 3543EXPORT_SYMBOL(tty_unregister_driver); 3544 3545dev_t tty_devnum(struct tty_struct *tty) 3546{ 3547 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index; 3548} 3549EXPORT_SYMBOL(tty_devnum); 3550 3551void tty_default_fops(struct file_operations *fops) 3552{ 3553 *fops = tty_fops; 3554} 3555 3556static char *tty_devnode(struct device *dev, umode_t *mode) 3557{ 3558 if (!mode) 3559 return NULL; 3560 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) || 3561 dev->devt == MKDEV(TTYAUX_MAJOR, 2)) 3562 *mode = 0666; 3563 return NULL; 3564} 3565 3566static int __init tty_class_init(void) 3567{ 3568 tty_class = class_create(THIS_MODULE, "tty"); 3569 if (IS_ERR(tty_class)) 3570 return PTR_ERR(tty_class); 3571 tty_class->devnode = tty_devnode; 3572 return 0; 3573} 3574 3575postcore_initcall(tty_class_init); 3576 3577/* 3/2004 jmc: why do these devices exist? */ 3578static struct cdev tty_cdev, console_cdev; 3579 3580static ssize_t show_cons_active(struct device *dev, 3581 struct device_attribute *attr, char *buf) 3582{ 3583 struct console *cs[16]; 3584 int i = 0; 3585 struct console *c; 3586 ssize_t count = 0; 3587 3588 console_lock(); 3589 for_each_console(c) { 3590 if (!c->device) 3591 continue; 3592 if (!c->write) 3593 continue; 3594 if ((c->flags & CON_ENABLED) == 0) 3595 continue; 3596 cs[i++] = c; 3597 if (i >= ARRAY_SIZE(cs)) 3598 break; 3599 } 3600 while (i--) { 3601 int index = cs[i]->index; 3602 struct tty_driver *drv = cs[i]->device(cs[i], &index); 3603 3604 /* don't resolve tty0 as some programs depend on it */ 3605 if (drv && (cs[i]->index > 0 || drv->major != TTY_MAJOR)) 3606 count += tty_line_name(drv, index, buf + count); 3607 else 3608 count += sprintf(buf + count, "%s%d", 3609 cs[i]->name, cs[i]->index); 3610 3611 count += sprintf(buf + count, "%c", i ? ' ':'\n'); 3612 } 3613 console_unlock(); 3614 3615 return count; 3616} 3617static DEVICE_ATTR(active, S_IRUGO, show_cons_active, NULL); 3618 3619static struct attribute *cons_dev_attrs[] = { 3620 &dev_attr_active.attr, 3621 NULL 3622}; 3623 3624ATTRIBUTE_GROUPS(cons_dev); 3625 3626static struct device *consdev; 3627 3628void console_sysfs_notify(void) 3629{ 3630 if (consdev) 3631 sysfs_notify(&consdev->kobj, NULL, "active"); 3632} 3633 3634/* 3635 * Ok, now we can initialize the rest of the tty devices and can count 3636 * on memory allocations, interrupts etc.. 3637 */ 3638int __init tty_init(void) 3639{ 3640 tty_sysctl_init(); 3641 cdev_init(&tty_cdev, &tty_fops); 3642 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) || 3643 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0) 3644 panic("Couldn't register /dev/tty driver\n"); 3645 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL, "tty"); 3646 3647 cdev_init(&console_cdev, &console_fops); 3648 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) || 3649 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0) 3650 panic("Couldn't register /dev/console driver\n"); 3651 consdev = device_create_with_groups(tty_class, NULL, 3652 MKDEV(TTYAUX_MAJOR, 1), NULL, 3653 cons_dev_groups, "console"); 3654 if (IS_ERR(consdev)) 3655 consdev = NULL; 3656 3657#ifdef CONFIG_VT 3658 vty_init(&console_fops); 3659#endif 3660 return 0; 3661} 3662