| blob | d27a08b374d050da20be594e332ffe026191b506 |
1 /*
2 * linux/drivers/char/tty_io.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
7 /*
8 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
9 * or rs-channels. It also implements echoing, cooked mode etc.
10 *
11 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
12 *
13 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
14 * tty_struct and tty_queue structures. Previously there was an array
15 * of 256 tty_struct's which was statically allocated, and the
16 * tty_queue structures were allocated at boot time. Both are now
17 * dynamically allocated only when the tty is open.
18 *
19 * Also restructured routines so that there is more of a separation
20 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
21 * the low-level tty routines (serial.c, pty.c, console.c). This
22 * makes for cleaner and more compact code. -TYT, 9/17/92
23 *
24 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
25 * which can be dynamically activated and de-activated by the line
26 * discipline handling modules (like SLIP).
27 *
28 * NOTE: pay no attention to the line discipline code (yet); its
29 * interface is still subject to change in this version...
30 * -- TYT, 1/31/92
31 *
32 * Added functionality to the OPOST tty handling. No delays, but all
33 * other bits should be there.
34 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
35 *
36 * Rewrote canonical mode and added more termios flags.
37 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
38 *
39 * Reorganized FASYNC support so mouse code can share it.
40 * -- ctm@ardi.com, 9Sep95
41 *
42 * New TIOCLINUX variants added.
43 * -- mj@k332.feld.cvut.cz, 19-Nov-95
44 *
45 * Restrict vt switching via ioctl()
46 * -- grif@cs.ucr.edu, 5-Dec-95
47 *
48 * Move console and virtual terminal code to more appropriate files,
49 * implement CONFIG_VT and generalize console device interface.
50 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
51 *
52 * Rewrote init_dev and release_dev to eliminate races.
53 * -- Bill Hawes <whawes@star.net>, June 97
54 *
55 * Added devfs support.
56 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
57 *
58 * Added support for a Unix98-style ptmx device.
59 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
60 *
61 * Reduced memory usage for older ARM systems
62 * -- Russell King <rmk@arm.linux.org.uk>
63 *
64 * Move do_SAK() into process context. Less stack use in devfs functions.
65 * alloc_tty_struct() always uses kmalloc()
66 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
67 */
69 #include <linux/types.h>
70 #include <linux/major.h>
71 #include <linux/errno.h>
72 #include <linux/signal.h>
73 #include <linux/fcntl.h>
74 #include <linux/sched.h>
75 #include <linux/interrupt.h>
76 #include <linux/tty.h>
77 #include <linux/tty_driver.h>
78 #include <linux/tty_flip.h>
79 #include <linux/devpts_fs.h>
80 #include <linux/file.h>
81 #include <linux/fdtable.h>
82 #include <linux/console.h>
83 #include <linux/timer.h>
84 #include <linux/ctype.h>
85 #include <linux/kd.h>
86 #include <linux/mm.h>
87 #include <linux/string.h>
88 #include <linux/slab.h>
89 #include <linux/poll.h>
90 #include <linux/proc_fs.h>
91 #include <linux/init.h>
92 #include <linux/module.h>
93 #include <linux/smp_lock.h>
94 #include <linux/device.h>
95 #include <linux/wait.h>
96 #include <linux/bitops.h>
97 #include <linux/delay.h>
98 #include <linux/seq_file.h>
100 #include <linux/uaccess.h>
101 #include <asm/system.h>
103 #include <linux/kbd_kern.h>
104 #include <linux/vt_kern.h>
105 #include <linux/selection.h>
107 #include <linux/kmod.h>
108 #include <linux/nsproxy.h>
110 #undef TTY_DEBUG_HANGUP
112 #define TTY_PARANOIA_CHECK 1
113 #define CHECK_TTY_COUNT 1
124 };
128 /* This list gets poked at by procfs and various bits of boot up code. This
129 could do with some rationalisation such as pulling the tty proc function
130 into this file */
134 /* Mutex to protect creating and releasing a tty. This is shared with
135 vt.c for deeply disgusting hack reasons */
139 #ifdef CONFIG_UNIX98_PTYS
142 #endif
154 #ifdef CONFIG_COMPAT
157 #else
158 #define tty_compat_ioctl NULL
159 #endif
165 /**
166 * alloc_tty_struct - allocate a tty object
167 *
168 * Return a new empty tty structure. The data fields have not
169 * been initialized in any way but has been zeroed
170 *
171 * Locking: none
172 */
175 {
177 }
181 /**
182 * free_tty_struct - free a disused tty
183 * @tty: tty struct to free
184 *
185 * Free the write buffers, tty queue and tty memory itself.
186 *
187 * Locking: none. Must be called after tty is definitely unused
188 */
191 {
195 }
197 #define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
199 /**
200 * tty_name - return tty naming
201 * @tty: tty structure
202 * @buf: buffer for output
203 *
204 * Convert a tty structure into a name. The name reflects the kernel
205 * naming policy and if udev is in use may not reflect user space
206 *
207 * Locking: none
208 */
211 {
214 else
217 }
223 {
224 #ifdef TTY_PARANOIA_CHECK
230 }
236 }
237 #endif
239 }
242 {
243 #ifdef CHECK_TTY_COUNT
249 count++;
250 }
255 count++;
261 }
262 #endif
264 }
266 /*
267 * Tty buffer allocation management
268 */
270 /**
271 * tty_buffer_free_all - free buffers used by a tty
272 * @tty: tty to free from
273 *
274 * Remove all the buffers pending on a tty whether queued with data
275 * or in the free ring. Must be called when the tty is no longer in use
276 *
277 * Locking: none
278 */
281 {
286 }
290 }
293 }
295 /**
296 * tty_buffer_init - prepare a tty buffer structure
297 * @tty: tty to initialise
298 *
299 * Set up the initial state of the buffer management for a tty device.
300 * Must be called before the other tty buffer functions are used.
301 *
302 * Locking: none
303 */
306 {
312 }
314 /**
315 * tty_buffer_alloc - allocate a tty buffer
316 * @tty: tty device
317 * @size: desired size (characters)
318 *
319 * Allocate a new tty buffer to hold the desired number of characters.
320 * Return NULL if out of memory or the allocation would exceed the
321 * per device queue
322 *
323 * Locking: Caller must hold tty->buf.lock
324 */
327 {
344 }
346 /**
347 * tty_buffer_free - free a tty buffer
348 * @tty: tty owning the buffer
349 * @b: the buffer to free
350 *
351 * Free a tty buffer, or add it to the free list according to our
352 * internal strategy
353 *
354 * Locking: Caller must hold tty->buf.lock
355 */
358 {
359 /* Dumb strategy for now - should keep some stats */
368 }
369 }
371 /**
372 * __tty_buffer_flush - flush full tty buffers
373 * @tty: tty to flush
374 *
375 * flush all the buffers containing receive data. Caller must
376 * hold the buffer lock and must have ensured no parallel flush to
377 * ldisc is running.
378 *
379 * Locking: Caller must hold tty->buf.lock
380 */
383 {
389 }
391 }
393 /**
394 * tty_buffer_flush - flush full tty buffers
395 * @tty: tty to flush
396 *
397 * flush all the buffers containing receive data. If the buffer is
398 * being processed by flush_to_ldisc then we defer the processing
399 * to that function
400 *
401 * Locking: none
402 */
405 {
409 /* If the data is being pushed to the tty layer then we can't
410 process it here. Instead set a flag and the flush_to_ldisc
411 path will process the flush request before it exits */
421 }
423 /**
424 * tty_buffer_find - find a free tty buffer
425 * @tty: tty owning the buffer
426 * @size: characters wanted
427 *
428 * Locate an existing suitable tty buffer or if we are lacking one then
429 * allocate a new one. We round our buffers off in 256 character chunks
430 * to get better allocation behaviour.
431 *
432 * Locking: Caller must hold tty->buf.lock
433 */
436 {
448 }
450 }
451 /* Round the buffer size out */
454 /* Should possibly check if this fails for the largest buffer we
455 have queued and recycle that ? */
456 }
458 /**
459 * tty_buffer_request_room - grow tty buffer if needed
460 * @tty: tty structure
461 * @size: size desired
462 *
463 * Make at least size bytes of linear space available for the tty
464 * buffer. If we fail return the size we managed to find.
465 *
466 * Locking: Takes tty->buf.lock
467 */
469 {
476 /* OPTIMISATION: We could keep a per tty "zero" sized buffer to
477 remove this conditional if its worth it. This would be invisible
478 to the callers */
481 else
485 /* This is the slow path - looking for new buffers to use */
495 }
499 }
502 /**
503 * tty_insert_flip_string - Add characters to the tty buffer
504 * @tty: tty structure
505 * @chars: characters
506 * @size: size
507 *
508 * Queue a series of bytes to the tty buffering. All the characters
509 * passed are marked as without error. Returns the number added.
510 *
511 * Locking: Called functions may take tty->buf.lock
512 */
516 {
521 /* If there is no space then tb may be NULL */
529 /* There is a small chance that we need to split the data over
530 several buffers. If this is the case we must loop */
533 }
536 /**
537 * tty_insert_flip_string_flags - Add characters to the tty buffer
538 * @tty: tty structure
539 * @chars: characters
540 * @flags: flag bytes
541 * @size: size
542 *
543 * Queue a series of bytes to the tty buffering. For each character
544 * the flags array indicates the status of the character. Returns the
545 * number added.
546 *
547 * Locking: Called functions may take tty->buf.lock
548 */
552 {
557 /* If there is no space then tb may be NULL */
566 /* There is a small chance that we need to split the data over
567 several buffers. If this is the case we must loop */
570 }
573 /**
574 * tty_schedule_flip - push characters to ldisc
575 * @tty: tty to push from
576 *
577 * Takes any pending buffers and transfers their ownership to the
578 * ldisc side of the queue. It then schedules those characters for
579 * processing by the line discipline.
580 *
581 * Locking: Takes tty->buf.lock
582 */
585 {
592 }
595 /**
596 * tty_prepare_flip_string - make room for characters
597 * @tty: tty
598 * @chars: return pointer for character write area
599 * @size: desired size
600 *
601 * Prepare a block of space in the buffer for data. Returns the length
602 * available and buffer pointer to the space which is now allocated and
603 * accounted for as ready for normal characters. This is used for drivers
604 * that need their own block copy routines into the buffer. There is no
605 * guarantee the buffer is a DMA target!
606 *
607 * Locking: May call functions taking tty->buf.lock
608 */
612 {
619 }
621 }
625 /**
626 * tty_prepare_flip_string_flags - make room for characters
627 * @tty: tty
628 * @chars: return pointer for character write area
629 * @flags: return pointer for status flag write area
630 * @size: desired size
631 *
632 * Prepare a block of space in the buffer for data. Returns the length
633 * available and buffer pointer to the space which is now allocated and
634 * accounted for as ready for characters. This is used for drivers
635 * that need their own block copy routines into the buffer. There is no
636 * guarantee the buffer is a DMA target!
637 *
638 * Locking: May call functions taking tty->buf.lock
639 */
643 {
650 }
652 }
658 /**
659 * get_tty_driver - find device of a tty
660 * @dev_t: device identifier
661 * @index: returns the index of the tty
662 *
663 * This routine returns a tty driver structure, given a device number
664 * and also passes back the index number.
665 *
666 * Locking: caller must hold tty_mutex
667 */
670 {
679 }
681 }
683 #ifdef CONFIG_CONSOLE_POLL
685 /**
686 * tty_find_polling_driver - find device of a polled tty
687 * @name: name string to match
688 * @line: pointer to resulting tty line nr
689 *
690 * This routine returns a tty driver structure, given a name
691 * and the condition that the tty driver is capable of polled
692 * operation.
693 */
695 {
701 /* Search through the tty devices to look for a match */
706 str++;
715 }
716 }
720 }
722 #endif
724 /**
725 * tty_check_change - check for POSIX terminal changes
726 * @tty: tty to check
727 *
728 * If we try to write to, or set the state of, a terminal and we're
729 * not in the foreground, send a SIGTTOU. If the signal is blocked or
730 * ignored, go ahead and perform the operation. (POSIX 7.2)
731 *
732 * Locking: ctrl_lock
733 */
736 {
748 }
757 }
761 out:
763 out_unlock:
766 }
772 {
774 }
778 {
780 }
782 /* No kernel lock held - none needed ;) */
784 {
786 }
790 {
792 }
796 {
798 }
810 };
812 #ifdef CONFIG_UNIX98_PTYS
823 };
824 #endif
836 };
846 };
851 /**
852 * tty_wakeup - request more data
853 * @tty: terminal
854 *
855 * Internal and external helper for wakeups of tty. This function
856 * informs the line discipline if present that the driver is ready
857 * to receive more output data.
858 */
861 {
870 }
871 }
873 }
877 /**
878 * tty_ldisc_flush - flush line discipline queue
879 * @tty: tty
880 *
881 * Flush the line discipline queue (if any) for this tty. If there
882 * is no line discipline active this is a no-op.
883 */
886 {
892 }
894 }
898 /**
899 * tty_reset_termios - reset terminal state
900 * @tty: tty to reset
901 *
902 * Restore a terminal to the driver default state
903 */
906 {
912 }
914 /**
915 * do_tty_hangup - actual handler for hangup events
916 * @work: tty device
917 *
918 k * This can be called by the "eventd" kernel thread. That is process
919 * synchronous but doesn't hold any locks, so we need to make sure we
920 * have the appropriate locks for what we're doing.
921 *
922 * The hangup event clears any pending redirections onto the hung up
923 * device. It ensures future writes will error and it does the needed
924 * line discipline hangup and signal delivery. The tty object itself
925 * remains intact.
926 *
927 * Locking:
928 * BKL
929 * redirect lock for undoing redirection
930 * file list lock for manipulating list of ttys
931 * tty_ldisc_lock from called functions
932 * termios_mutex resetting termios data
933 * tasklist_lock to walk task list for hangup event
934 * ->siglock to protect ->signal/->sighand
935 */
937 {
950 /* inuse_filps is protected by the single kernel lock */
957 }
962 /* This breaks for file handles being sent over AF_UNIX sockets ? */
968 closecount++;
971 }
973 /*
974 * FIXME! What are the locking issues here? This may me overdoing
975 * things... This question is especially important now that we've
976 * removed the irqlock.
977 */
980 /* We may have no line discipline at this point */
989 }
990 /*
991 * FIXME: Once we trust the LDISC code better we can wait here for
992 * ldisc completion and fix the driver call race
993 */
996 /*
997 * Shutdown the current line discipline, and reset it to
998 * N_TTY.
999 */
1002 /* Defer ldisc switch */
1003 /* tty_deferred_ldisc_switch(N_TTY);
1005 This should get done automatically when the port closes and
1006 tty_release is called */
1017 }
1027 }
1039 /*
1040 * If one of the devices matches a console pointer, we
1041 * cannot just call hangup() because that will cause
1042 * tty->count and state->count to go out of sync.
1043 * So we just call close() the right number of times.
1044 */
1051 /*
1052 * We don't want to have driver/ldisc interactions beyond
1053 * the ones we did here. The driver layer expects no
1054 * calls after ->hangup() from the ldisc side. However we
1055 * can't yet guarantee all that.
1056 */
1061 }
1065 }
1067 /**
1068 * tty_hangup - trigger a hangup event
1069 * @tty: tty to hangup
1070 *
1071 * A carrier loss (virtual or otherwise) has occurred on this like
1072 * schedule a hangup sequence to run after this event.
1073 */
1076 {
1077 #ifdef TTY_DEBUG_HANGUP
1080 #endif
1082 }
1086 /**
1087 * tty_vhangup - process vhangup
1088 * @tty: tty to hangup
1089 *
1090 * The user has asked via system call for the terminal to be hung up.
1091 * We do this synchronously so that when the syscall returns the process
1092 * is complete. That guarantee is necessary for security reasons.
1093 */
1096 {
1097 #ifdef TTY_DEBUG_HANGUP
1101 #endif
1103 }
1107 /**
1108 * tty_hung_up_p - was tty hung up
1109 * @filp: file pointer of tty
1110 *
1111 * Return true if the tty has been subject to a vhangup or a carrier
1112 * loss
1113 */
1116 {
1118 }
1122 /**
1123 * is_tty - checker whether file is a TTY
1124 * @filp: file handle that may be a tty
1125 *
1126 * Check if the file handle is a tty handle.
1127 */
1130 {
1133 }
1136 {
1141 }
1143 /**
1144 * disassociate_ctty - disconnect controlling tty
1145 * @on_exit: true if exiting so need to "hang up" the session
1146 *
1147 * This function is typically called only by the session leader, when
1148 * it wants to disassociate itself from its controlling tty.
1149 *
1150 * It performs the following functions:
1151 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
1152 * (2) Clears the tty from being controlling the session
1153 * (3) Clears the controlling tty for all processes in the
1154 * session group.
1155 *
1156 * The argument on_exit is set to 1 if called when a process is
1157 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
1158 *
1159 * Locking:
1160 * BKL is taken for hysterical raisins
1161 * tty_mutex is taken to protect tty
1162 * ->siglock is taken to protect ->signal/->sighand
1163 * tasklist_lock is taken to walk process list for sessions
1164 * ->siglock is taken to protect ->signal/->sighand
1165 */
1168 {
1179 /* XXX: here we race, there is nothing protecting tty */
1193 }
1196 }
1202 }
1210 /* It is possible that do_tty_hangup has free'd this tty */
1221 #ifdef TTY_DEBUG_HANGUP
1224 #endif
1225 }
1228 /* Now clear signal->tty under the lock */
1232 }
1234 /**
1235 *
1236 * no_tty - Ensure the current process does not have a controlling tty
1237 */
1239 {
1246 }
1249 /**
1250 * stop_tty - propagate flow control
1251 * @tty: tty to stop
1252 *
1253 * Perform flow control to the driver. For PTY/TTY pairs we
1254 * must also propagate the TIOCKPKT status. May be called
1255 * on an already stopped device and will not re-call the driver
1256 * method.
1257 *
1258 * This functionality is used by both the line disciplines for
1259 * halting incoming flow and by the driver. It may therefore be
1260 * called from any context, may be under the tty atomic_write_lock
1261 * but not always.
1262 *
1263 * Locking:
1264 * Uses the tty control lock internally
1265 */
1268 {
1274 }
1280 }
1284 }
1288 /**
1289 * start_tty - propagate flow control
1290 * @tty: tty to start
1291 *
1292 * Start a tty that has been stopped if at all possible. Perform
1293 * any necessary wakeups and propagate the TIOCPKT status. If this
1294 * is the tty was previous stopped and is being started then the
1295 * driver start method is invoked and the line discipline woken.
1296 *
1297 * Locking:
1298 * ctrl_lock
1299 */
1302 {
1308 }
1314 }
1318 /* If we have a running line discipline it may need kicking */
1320 }
1324 /**
1325 * tty_read - read method for tty device files
1326 * @file: pointer to tty file
1327 * @buf: user buffer
1328 * @count: size of user buffer
1329 * @ppos: unused
1330 *
1331 * Perform the read system call function on this terminal device. Checks
1332 * for hung up devices before calling the line discipline method.
1333 *
1334 * Locking:
1335 * Locks the line discipline internally while needed. Multiple
1336 * read calls may be outstanding in parallel.
1337 */
1341 {
1354 /* We want to wait for the line discipline to sort out in this
1355 situation */
1359 else
1365 }
1368 {
1371 }
1374 {
1380 }
1382 }
1384 /*
1385 * Split writes up in sane blocksizes to avoid
1386 * denial-of-service type attacks
1387 */
1394 {
1402 /*
1403 * We chunk up writes into a temporary buffer. This
1404 * simplifies low-level drivers immensely, since they
1405 * don't have locking issues and user mode accesses.
1406 *
1407 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1408 * big chunk-size..
1409 *
1410 * The default chunk-size is 2kB, because the NTTY
1411 * layer has problems with bigger chunks. It will
1412 * claim to be able to handle more characters than
1413 * it actually does.
1414 *
1415 * FIXME: This can probably go away now except that 64K chunks
1416 * are too likely to fail unless switched to vmalloc...
1417 */
1424 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1435 }
1439 }
1441 /* Do the write .. */
1461 }
1466 }
1467 out:
1470 }
1473 /**
1474 * tty_write - write method for tty device file
1475 * @file: tty file pointer
1476 * @buf: user data to write
1477 * @count: bytes to write
1478 * @ppos: unused
1479 *
1480 * Write data to a tty device via the line discipline.
1481 *
1482 * Locking:
1483 * Locks the line discipline as required
1484 * Writes to the tty driver are serialized by the atomic_write_lock
1485 * and are then processed in chunks to the device. The line discipline
1486 * write method will not be involked in parallel for each device
1487 * The line discipline write method is called under the big
1488 * kernel lock for historical reasons. New code should not rely on this.
1489 */
1493 {
1496 ssize_t ret;
1505 /* Short term debug to catch buggy drivers */
1512 else
1516 }
1520 {
1527 }
1531 ssize_t res;
1535 }
1537 }
1540 {
1547 }
1551 {
1552 /* We may sleep in get_zeroed_page() */
1560 }
1564 {
1569 }
1571 }
1577 /**
1578 * pty_line_name - generate name for a pty
1579 * @driver: the tty driver in use
1580 * @index: the minor number
1581 * @p: output buffer of at least 6 bytes
1582 *
1583 * Generate a name from a driver reference and write it to the output
1584 * buffer.
1585 *
1586 * Locking: None
1587 */
1589 {
1591 /* ->name is initialized to "ttyp", but "tty" is expected */
1595 }
1597 /**
1598 * pty_line_name - generate name for a tty
1599 * @driver: the tty driver in use
1600 * @index: the minor number
1601 * @p: output buffer of at least 7 bytes
1602 *
1603 * Generate a name from a driver reference and write it to the output
1604 * buffer.
1605 *
1606 * Locking: None
1607 */
1609 {
1611 }
1613 /**
1614 * init_dev - initialise a tty device
1615 * @driver: tty driver we are opening a device on
1616 * @idx: device index
1617 * @tty: returned tty structure
1618 *
1619 * Prepare a tty device. This may not be a "new" clean device but
1620 * could also be an active device. The pty drivers require special
1621 * handling because of this.
1622 *
1623 * Locking:
1624 * The function is called under the tty_mutex, which
1625 * protects us from the tty struct or driver itself going away.
1626 *
1627 * On exit the tty device has the line discipline attached and
1628 * a reference count of 1. If a pair was created for pty/tty use
1629 * and the other was a pty master then it too has a reference count of 1.
1630 *
1631 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1632 * failed open. The new code protects the open with a mutex, so it's
1633 * really quite straightforward. The mutex locking can probably be
1634 * relaxed for the (most common) case of reopening a tty.
1635 */
1639 {
1645 /* check whether we're reopening an existing tty */
1648 /*
1649 * If we don't have a tty here on a slave open, it's because
1650 * the master already started the close process and there's
1651 * no relation between devpts file and tty anymore.
1652 */
1656 }
1657 /*
1658 * It's safe from now on because init_dev() is called with
1659 * tty_mutex held and release_dev() won't change tty->count
1660 * or tty->flags without having to grab tty_mutex
1661 */
1666 }
1669 /*
1670 * First time open is complex, especially for PTY devices.
1671 * This code guarantees that either everything succeeds and the
1672 * TTY is ready for operation, or else the table slots are vacated
1673 * and the allocated memory released. (Except that the termios
1674 * and locked termios may be retained.)
1675 */
1680 }
1701 }
1708 }
1714 }
1732 }
1739 }
1745 }
1747 /*
1748 * Everything allocated ... set up the o_tty structure.
1749 */
1762 /* Establish the links in both directions */
1765 }
1767 /*
1768 * All structures have been allocated, so now we install them.
1769 * Failures after this point use release_tty to clean up, so
1770 * there's no need to null out the local pointers.
1771 */
1781 /* Compatibility until drivers always set this */
1787 /*
1788 * Structures all installed ... call the ldisc open routines.
1789 * If we fail here just call release_tty to clean up. No need
1790 * to decrement the use counts, as release_tty doesn't care.
1791 */
1799 /*
1800 * This fast open can be used if the tty is already open.
1801 * No memory is allocated, and the only failures are from
1802 * attempting to open a closing tty or attempting multiple
1803 * opens on a pty master.
1804 */
1805 fast_track:
1809 }
1812 /*
1813 * special case for PTY masters: only one open permitted,
1814 * and the slave side open count is incremented as well.
1815 */
1819 }
1821 }
1825 /* FIXME */
1828 success:
1831 /* All paths come through here to release the mutex */
1832 end_init:
1835 /* Release locally allocated memory ... nothing placed in slots */
1836 free_mem_out:
1844 fail_no_mem:
1849 /* call the tty release_tty routine to clean out this slot */
1850 release_mem_out:
1856 }
1858 /**
1859 * release_one_tty - release tty structure memory
1860 *
1861 * Releases memory associated with a tty structure, and clears out the
1862 * driver table slots. This function is called when a device is no longer
1863 * in use. It also gets called when setup of a device fails.
1864 *
1865 * Locking:
1866 * tty_mutex - sometimes only
1867 * takes the file list lock internally when working on the list
1868 * of ttys that the driver keeps.
1869 * FIXME: should we require tty_mutex is held here ??
1870 */
1872 {
1889 }
1900 }
1902 /**
1903 * release_tty - release tty structure memory
1904 *
1905 * Release both @tty and a possible linked partner (think pty pair),
1906 * and decrement the refcount of the backing module.
1907 *
1908 * Locking:
1909 * tty_mutex - sometimes only
1910 * takes the file list lock internally when working on the list
1911 * of ttys that the driver keeps.
1912 * FIXME: should we require tty_mutex is held here ??
1913 */
1915 {
1922 }
1924 /*
1925 * Even releasing the tty structures is a tricky business.. We have
1926 * to be very careful that the structures are all released at the
1927 * same time, as interrupts might otherwise get the wrong pointers.
1928 *
1929 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1930 * lead to double frees or releasing memory still in use.
1931 */
1933 {
1955 #ifdef TTY_PARANOIA_CHECK
1960 }
1966 }
1972 }
1978 }
1979 }
1980 #endif
1982 #ifdef TTY_DEBUG_HANGUP
1985 #endif
1987 #ifdef TTY_PARANOIA_CHECK
1995 }
2001 }
2008 }
2012 }
2013 }
2014 #endif
2018 /*
2019 * Sanity check: if tty->count is going to zero, there shouldn't be
2020 * any waiters on tty->read_wait or tty->write_wait. We test the
2021 * wait queues and kick everyone out _before_ actually starting to
2022 * close. This ensures that we won't block while releasing the tty
2023 * structure.
2024 *
2025 * The test for the o_tty closing is necessary, since the master and
2026 * slave sides may close in any order. If the slave side closes out
2027 * first, its count will be one, since the master side holds an open.
2028 * Thus this test wouldn't be triggered at the time the slave closes,
2029 * so we do it now.
2030 *
2031 * Note that it's possible for the tty to be opened again while we're
2032 * flushing out waiters. By recalculating the closing flags before
2033 * each iteration we avoid any problems.
2034 */
2036 /* Guard against races with tty->count changes elsewhere and
2037 opens on /dev/tty */
2048 do_sleep++;
2049 }
2052 do_sleep++;
2053 }
2054 }
2058 do_sleep++;
2059 }
2062 do_sleep++;
2063 }
2064 }
2072 }
2074 /*
2075 * The closing flags are now consistent with the open counts on
2076 * both sides, and we've completed the last operation that could
2077 * block, so it's safe to proceed with closing.
2078 */
2085 }
2086 }
2091 }
2093 /*
2094 * We've decremented tty->count, so we need to remove this file
2095 * descriptor off the tty->tty_files list; this serves two
2096 * purposes:
2097 * - check_tty_count sees the correct number of file descriptors
2098 * associated with this tty.
2099 * - do_tty_hangup no longer sees this file descriptor as
2100 * something that needs to be handled for hangups.
2101 */
2105 /*
2106 * Perform some housekeeping before deciding whether to return.
2107 *
2108 * Set the TTY_CLOSING flag if this was the last open. In the
2109 * case of a pty we may have to wait around for the other side
2110 * to close, and TTY_CLOSING makes sure we can't be reopened.
2111 */
2117 /*
2118 * If _either_ side is closing, make sure there aren't any
2119 * processes that still think tty or o_tty is their controlling
2120 * tty.
2121 */
2128 }
2132 /* check whether both sides are closing ... */
2136 #ifdef TTY_DEBUG_HANGUP
2138 #endif
2139 /*
2140 * Ask the line discipline code to release its structures
2141 */
2143 /*
2144 * The release_tty function takes care of the details of clearing
2145 * the slots and preserving the termios structure.
2146 */
2149 /* Make this pty number available for reallocation */
2152 }
2154 /**
2155 * tty_open - open a tty device
2156 * @inode: inode of device file
2157 * @filp: file pointer to tty
2158 *
2159 * tty_open and tty_release keep up the tty count that contains the
2160 * number of opens done on a tty. We cannot use the inode-count, as
2161 * different inodes might point to the same tty.
2162 *
2163 * Open-counting is needed for pty masters, as well as for keeping
2164 * track of serial lines: DTR is dropped when the last close happens.
2165 * (This is not done solely through tty->count, now. - Ted 1/27/92)
2166 *
2167 * The termios state of a pty is reset on first open so that
2168 * settings don't persist across reuse.
2169 *
2170 * Locking: tty_mutex protects tty, get_tty_driver and init_dev work.
2171 * tty->count should protect the rest.
2172 * ->siglock protects ->signal/->sighand
2173 */
2176 {
2186 retry_open:
2198 }
2202 /* noctty = 1; */
2204 }
2205 #ifdef CONFIG_VT
2212 }
2213 #endif
2217 /* Don't let /dev/console block */
2221 }
2224 }
2230 }
2231 got_driver:
2243 #ifdef TTY_DEBUG_HANGUP
2245 #endif
2249 else
2251 }
2259 #ifdef TTY_DEBUG_HANGUP
2262 #endif
2269 /*
2270 * Need to reset f_op in case a hangup happened.
2271 */
2275 }
2287 }
2289 /* BKL pushdown: scary code avoidance wrapper */
2291 {
2298 }
2302 #ifdef CONFIG_UNIX98_PTYS
2303 /**
2304 * ptmx_open - open a unix 98 pty master
2305 * @inode: inode of device file
2306 * @filp: file pointer to tty
2307 *
2308 * Allocate a unix98 pty master device from the ptmx driver.
2309 *
2310 * Locking: tty_mutex protects theinit_dev work. tty->count should
2311 * protect the rest.
2312 * allocated_ptys_lock handles the list of free pty numbers
2313 */
2316 {
2323 /* find a device that is not in use. */
2347 out1:
2350 out:
2353 }
2356 {
2363 }
2364 #endif
2366 /**
2367 * tty_release - vfs callback for close
2368 * @inode: inode of tty
2369 * @filp: file pointer for handle to tty
2370 *
2371 * Called the last time each file handle is closed that references
2372 * this tty. There may however be several such references.
2373 *
2374 * Locking:
2375 * Takes bkl. See release_dev
2376 */
2379 {
2384 }
2386 /**
2387 * tty_poll - check tty status
2388 * @filp: file being polled
2389 * @wait: poll wait structures to update
2390 *
2391 * Call the line discipline polling method to obtain the poll
2392 * status of the device.
2393 *
2394 * Locking: locks called line discipline but ldisc poll method
2395 * may be re-entered freely by other callers.
2396 */
2399 {
2413 }
2416 {
2442 }
2450 }
2452 out:
2455 }
2457 /**
2458 * tiocsti - fake input character
2459 * @tty: tty to fake input into
2460 * @p: pointer to character
2461 *
2462 * Fake input to a tty device. Does the necessary locking and
2463 * input management.
2464 *
2465 * FIXME: does not honour flow control ??
2466 *
2467 * Locking:
2468 * Called functions take tty_ldisc_lock
2469 * current->signal->tty check is safe without locks
2470 *
2471 * FIXME: may race normal receive processing
2472 */
2475 {
2487 }
2489 /**
2490 * tiocgwinsz - implement window query ioctl
2491 * @tty; tty
2492 * @arg: user buffer for result
2493 *
2494 * Copies the kernel idea of the window size into the user buffer.
2495 *
2496 * Locking: tty->termios_mutex is taken to ensure the winsize data
2497 * is consistent.
2498 */
2501 {
2509 }
2511 /**
2512 * tiocswinsz - implement window size set ioctl
2513 * @tty; tty
2514 * @arg: user buffer for result
2515 *
2516 * Copies the user idea of the window size to the kernel. Traditionally
2517 * this is just advisory information but for the Linux console it
2518 * actually has driver level meaning and triggers a VC resize.
2519 *
2520 * Locking:
2521 * Called function use the console_sem is used to ensure we do
2522 * not try and resize the console twice at once.
2523 * The tty->termios_mutex is used to ensure we don't double
2524 * resize and get confused. Lock order - tty->termios_mutex before
2525 * console sem
2526 */
2530 {
2542 #ifdef CONFIG_VT
2548 }
2549 }
2550 #endif
2551 /* Get the PID values and reference them so we can
2552 avoid holding the tty ctrl lock while sending signals */
2568 done:
2571 }
2573 /**
2574 * tioccons - allow admin to move logical console
2575 * @file: the file to become console
2576 *
2577 * Allow the adminstrator to move the redirected console device
2578 *
2579 * Locking: uses redirect_lock to guard the redirect information
2580 */
2583 {
2595 }
2600 }
2605 }
2607 /**
2608 * fionbio - non blocking ioctl
2609 * @file: file to set blocking value
2610 * @p: user parameter
2611 *
2612 * Historical tty interfaces had a blocking control ioctl before
2613 * the generic functionality existed. This piece of history is preserved
2614 * in the expected tty API of posix OS's.
2615 *
2616 * Locking: none, the open fle handle ensures it won't go away.
2617 */
2620 {
2626 /* file->f_flags is still BKL protected in the fs layer - vomit */
2630 else
2634 }
2636 /**
2637 * tiocsctty - set controlling tty
2638 * @tty: tty structure
2639 * @arg: user argument
2640 *
2641 * This ioctl is used to manage job control. It permits a session
2642 * leader to set this tty as the controlling tty for the session.
2643 *
2644 * Locking:
2645 * Takes tty_mutex() to protect tty instance
2646 * Takes tasklist_lock internally to walk sessions
2647 * Takes ->siglock() when updating signal->tty
2648 */
2651 {
2657 /*
2658 * The process must be a session leader and
2659 * not have a controlling tty already.
2660 */
2664 }
2667 /*
2668 * This tty is already the controlling
2669 * tty for another session group!
2670 */
2672 /*
2673 * Steal it away
2674 */
2681 }
2682 }
2684 unlock:
2687 }
2689 /**
2690 * tty_get_pgrp - return a ref counted pgrp pid
2691 * @tty: tty to read
2692 *
2693 * Returns a refcounted instance of the pid struct for the process
2694 * group controlling the tty.
2695 */
2698 {
2707 }
2710 /**
2711 * tiocgpgrp - get process group
2712 * @tty: tty passed by user
2713 * @real_tty: tty side of the tty pased by the user if a pty else the tty
2714 * @p: returned pid
2715 *
2716 * Obtain the process group of the tty. If there is no process group
2717 * return an error.
2718 *
2719 * Locking: none. Reference to current->signal->tty is safe.
2720 */
2723 {
2726 /*
2727 * (tty == real_tty) is a cheap way of
2728 * testing if the tty is NOT a master pty.
2729 */
2736 }
2738 /**
2739 * tiocspgrp - attempt to set process group
2740 * @tty: tty passed by user
2741 * @real_tty: tty side device matching tty passed by user
2742 * @p: pid pointer
2743 *
2744 * Set the process group of the tty to the session passed. Only
2745 * permitted where the tty session is our session.
2746 *
2747 * Locking: RCU, ctrl lock
2748 */
2751 {
2753 pid_t pgrp_nr;
2782 out_unlock:
2785 }
2787 /**
2788 * tiocgsid - get session id
2789 * @tty: tty passed by user
2790 * @real_tty: tty side of the tty pased by the user if a pty else the tty
2791 * @p: pointer to returned session id
2792 *
2793 * Obtain the session id of the tty. If there is no session
2794 * return an error.
2795 *
2796 * Locking: none. Reference to current->signal->tty is safe.
2797 */
2800 {
2801 /*
2802 * (tty == real_tty) is a cheap way of
2803 * testing if the tty is NOT a master pty.
2804 */
2810 }
2812 /**
2813 * tiocsetd - set line discipline
2814 * @tty: tty device
2815 * @p: pointer to user data
2816 *
2817 * Set the line discipline according to user request.
2818 *
2819 * Locking: see tty_set_ldisc, this function is just a helper
2820 */
2823 {
2835 }
2837 /**
2838 * send_break - performed time break
2839 * @tty: device to break on
2840 * @duration: timeout in mS
2841 *
2842 * Perform a timed break on hardware that lacks its own driver level
2843 * timed break functionality.
2844 *
2845 * Locking:
2846 * atomic_write_lock serializes
2847 *
2848 */
2851 {
2862 }
2864 /**
2865 * tty_tiocmget - get modem status
2866 * @tty: tty device
2867 * @file: user file pointer
2868 * @p: pointer to result
2869 *
2870 * Obtain the modem status bits from the tty driver if the feature
2871 * is supported. Return -EINVAL if it is not available.
2872 *
2873 * Locking: none (up to the driver)
2874 */
2877 {
2885 }
2887 }
2889 /**
2890 * tty_tiocmset - set modem status
2891 * @tty: tty device
2892 * @file: user file pointer
2893 * @cmd: command - clear bits, set bits or set all
2894 * @p: pointer to desired bits
2895 *
2896 * Set the modem status bits from the tty driver if the feature
2897 * is supported. Return -EINVAL if it is not available.
2898 *
2899 * Locking: none (up to the driver)
2900 */
2904 {
2926 }
2930 }
2932 /*
2933 * Split this up, as gcc can choke on it otherwise..
2934 */
2936 {
2952 /*
2953 * Break handling by driver
2954 */
2968 /* These two ioctl's always return success; even if */
2969 /* the driver doesn't support them. */
2980 }
2981 }
2983 /*
2984 * Factor out some common prep work
2985 */
2999 }
3001 }
3037 #ifdef CONFIG_VT
3040 #endif
3041 /*
3042 * Break handling
3043 */
3054 /* non-zero arg means wait for all output data
3055 * to be sent (performed above) but don't send break.
3056 * This is used by the tcdrain() termios function.
3057 */
3074 /* flush tty buffer and allow ldisc to process ioctl */
3077 }
3079 }
3084 }
3091 }
3094 }
3096 #ifdef CONFIG_COMPAT
3099 {
3112 }
3120 }
3121 #endif
3123 /*
3124 * This implements the "Secure Attention Key" --- the idea is to
3125 * prevent trojan horses by killing all processes associated with this
3126 * tty when the user hits the "Secure Attention Key". Required for
3127 * super-paranoid applications --- see the Orange Book for more details.
3128 *
3129 * This code could be nicer; ideally it should send a HUP, wait a few
3130 * seconds, then send a INT, and then a KILL signal. But you then
3131 * have to coordinate with the init process, since all processes associated
3132 * with the current tty must be dead before the new getty is allowed
3133 * to spawn.
3134 *
3135 * Now, if it would be correct ;-/ The current code has a nasty hole -
3136 * it doesn't catch files in flight. We may send the descriptor to ourselves
3137 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
3138 *
3139 * Nasty bug: do_SAK is being called in interrupt context. This can
3140 * deadlock. We punt it up to process context. AKPM - 16Mar2001
3141 */
3143 {
3144 #ifdef TTY_SOFT_SAK
3146 #else
3162 /* Kill the entire session */
3169 /* Now kill any processes that happen to have the
3170 * tty open.
3171 */
3179 }
3182 /*
3183 * We don't take a ref to the file, so we must
3184 * hold ->file_lock instead.
3185 */
3199 }
3200 }
3202 }
3206 #endif
3207 }
3210 {
3214 }
3216 /*
3217 * The tq handling here is a little racy - tty->SAK_work may already be queued.
3218 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
3219 * the values which we write to it will be identical to the values which it
3220 * already has. --akpm
3221 */
3223 {
3227 }
3231 /**
3232 * flush_to_ldisc
3233 * @work: tty structure passed from work queue.
3234 *
3235 * This routine is called out of the software interrupt to flush data
3236 * from the buffer chain to the line discipline.
3237 *
3238 * Locking: holds tty->buf.lock to guard buffer list. Drops the lock
3239 * while invoking the line discipline receive_buf method. The
3240 * receive_buf method is single threaded for each tty instance.
3241 */
3244 {
3258 /* So we know a flush is running */
3272 }
3273 /* Ldisc or user is trying to flush the buffers
3274 we are feeding to the ldisc, stop feeding the
3275 line discipline as we want to empty the queue */
3281 }
3291 }
3292 /* Restore the queue head */
3294 }
3295 /* We may have a deferred request to flush the input buffer,
3296 if so pull the chain under the lock and empty the queue */
3301 }
3306 }
3308 /**
3309 * tty_flip_buffer_push - terminal
3310 * @tty: tty to push
3311 *
3312 * Queue a push of the terminal flip buffers to the line discipline. This
3313 * function must not be called from IRQ context if tty->low_latency is set.
3314 *
3315 * In the event of the queue being busy for flipping the work will be
3316 * held off and retried later.
3317 *
3318 * Locking: tty buffer lock. Driver locks in low latency mode.
3319 */
3322 {
3331 else
3333 }
3338 /**
3339 * initialize_tty_struct
3340 * @tty: tty to initialize
3341 *
3342 * This subroutine initializes a tty structure that has been newly
3343 * allocated.
3344 *
3345 * Locking: none - tty in question must not be exposed at this point
3346 */
3349 {
3369 }
3371 /**
3372 * tty_put_char - write one character to a tty
3373 * @tty: tty
3374 * @ch: character
3375 *
3376 * Write one byte to the tty using the provided put_char method
3377 * if present. Returns the number of characters successfully output.
3378 *
3379 * Note: the specific put_char operation in the driver layer may go
3380 * away soon. Don't call it directly, use this method
3381 */
3384 {
3388 }
3394 /**
3395 * tty_register_device - register a tty device
3396 * @driver: the tty driver that describes the tty device
3397 * @index: the index in the tty driver for this tty device
3398 * @device: a struct device that is associated with this tty device.
3399 * This field is optional, if there is no known struct device
3400 * for this tty device it can be set to NULL safely.
3401 *
3402 * Returns a pointer to the struct device for this tty device
3403 * (or ERR_PTR(-EFOO) on error).
3404 *
3405 * This call is required to be made to register an individual tty device
3406 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
3407 * that bit is not set, this function should not be called by a tty
3408 * driver.
3409 *
3410 * Locking: ??
3411 */
3415 {
3423 }
3427 else
3431 }
3433 /**
3434 * tty_unregister_device - unregister a tty device
3435 * @driver: the tty driver that describes the tty device
3436 * @index: the index in the tty driver for this tty device
3437 *
3438 * If a tty device is registered with a call to tty_register_device() then
3439 * this function must be called when the tty device is gone.
3440 *
3441 * Locking: ??
3442 */
3445 {
3448 }
3454 {
3461 /* later we'll move allocation of tables here */
3462 }
3464 }
3467 {
3469 }
3473 {
3475 };
3481 /*
3482 * Called by a tty driver to register itself.
3483 */
3485 {
3488 dev_t dev;
3498 }
3506 }
3510 }
3514 }
3525 }
3536 }
3545 }
3548 }
3552 /*
3553 * Called by a tty driver to unregister itself.
3554 */
3556 {
3570 /*
3571 * Free the termios and termios_locked structures because
3572 * we don't want to get memory leaks when modular tty
3573 * drivers are removed from the kernel.
3574 */
3580 }
3585 }
3588 }
3596 }
3600 {
3602 }
3606 {
3610 }
3613 /* Called under the sighand lock */
3616 {
3619 /* We should not have a session or pgrp to put here but.... */
3626 }
3630 }
3633 {
3637 }
3640 {
3644 /*
3645 * session->tty can be changed/cleared from under us, make sure we
3646 * issue the load. The obtained pointer, when not NULL, is valid as
3647 * long as we hold tty_mutex.
3648 */
3651 }
3654 /*
3655 * Initialize the console device. This is called *early*, so
3656 * we can't necessarily depend on lots of kernel help here.
3657 * Just do some early initializations, and do the complex setup
3658 * later.
3659 */
3661 {
3664 /* Setup the default TTY line discipline. */
3667 /*
3668 * set up the console device so that later boot sequences can
3669 * inform about problems etc..
3670 */
3674 call++;
3675 }
3676 }
3679 {
3684 }
3688 /* 3/2004 jmc: why do these devices exist? */
3691 #ifdef CONFIG_UNIX98_PTYS
3693 #endif
3694 #ifdef CONFIG_VT
3696 #endif
3698 /*
3699 * Ok, now we can initialize the rest of the tty devices and can count
3700 * on memory allocations, interrupts etc..
3701 */
3703 {
3716 #ifdef CONFIG_UNIX98_PTYS
3722 #endif
3724 #ifdef CONFIG_VT
3732 #endif
3734 }