1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * Copyright (C) 1991, 1992 Linus Torvalds |
4 | * |
5 | * Added support for a Unix98-style ptmx device. |
6 | * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 |
7 | * |
8 | */ |
9 | |
10 | #include <linux/module.h> |
11 | #include <linux/errno.h> |
12 | #include <linux/interrupt.h> |
13 | #include <linux/tty.h> |
14 | #include <linux/tty_flip.h> |
15 | #include <linux/fcntl.h> |
16 | #include <linux/sched/signal.h> |
17 | #include <linux/string.h> |
18 | #include <linux/major.h> |
19 | #include <linux/mm.h> |
20 | #include <linux/init.h> |
21 | #include <linux/device.h> |
22 | #include <linux/uaccess.h> |
23 | #include <linux/bitops.h> |
24 | #include <linux/devpts_fs.h> |
25 | #include <linux/slab.h> |
26 | #include <linux/mutex.h> |
27 | #include <linux/poll.h> |
28 | #include <linux/mount.h> |
29 | #include <linux/file.h> |
30 | #include <linux/ioctl.h> |
31 | #include <linux/compat.h> |
32 | #include "tty.h" |
33 | |
34 | #undef TTY_DEBUG_HANGUP |
35 | #ifdef TTY_DEBUG_HANGUP |
36 | # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) |
37 | #else |
38 | # define tty_debug_hangup(tty, f, args...) do {} while (0) |
39 | #endif |
40 | |
41 | #ifdef CONFIG_UNIX98_PTYS |
42 | static struct tty_driver *ptm_driver; |
43 | static struct tty_driver *pts_driver; |
44 | static DEFINE_MUTEX(devpts_mutex); |
45 | #endif |
46 | |
47 | static void pty_close(struct tty_struct *tty, struct file *filp) |
48 | { |
49 | if (tty->driver->subtype == PTY_TYPE_MASTER) |
50 | WARN_ON(tty->count > 1); |
51 | else { |
52 | if (tty_io_error(tty)) |
53 | return; |
54 | if (tty->count > 2) |
55 | return; |
56 | } |
57 | set_bit(TTY_IO_ERROR, addr: &tty->flags); |
58 | wake_up_interruptible(&tty->read_wait); |
59 | wake_up_interruptible(&tty->write_wait); |
60 | spin_lock_irq(lock: &tty->ctrl.lock); |
61 | tty->ctrl.packet = false; |
62 | spin_unlock_irq(lock: &tty->ctrl.lock); |
63 | /* Review - krefs on tty_link ?? */ |
64 | if (!tty->link) |
65 | return; |
66 | set_bit(TTY_OTHER_CLOSED, addr: &tty->link->flags); |
67 | wake_up_interruptible(&tty->link->read_wait); |
68 | wake_up_interruptible(&tty->link->write_wait); |
69 | if (tty->driver->subtype == PTY_TYPE_MASTER) { |
70 | set_bit(TTY_OTHER_CLOSED, addr: &tty->flags); |
71 | #ifdef CONFIG_UNIX98_PTYS |
72 | if (tty->driver == ptm_driver) { |
73 | mutex_lock(&devpts_mutex); |
74 | if (tty->link->driver_data) |
75 | devpts_pty_kill(tty->link->driver_data); |
76 | mutex_unlock(lock: &devpts_mutex); |
77 | } |
78 | #endif |
79 | tty_vhangup(tty: tty->link); |
80 | } |
81 | } |
82 | |
83 | /* |
84 | * The unthrottle routine is called by the line discipline to signal |
85 | * that it can receive more characters. For PTY's, the TTY_THROTTLED |
86 | * flag is always set, to force the line discipline to always call the |
87 | * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE |
88 | * characters in the queue. This is necessary since each time this |
89 | * happens, we need to wake up any sleeping processes that could be |
90 | * (1) trying to send data to the pty, or (2) waiting in wait_until_sent() |
91 | * for the pty buffer to be drained. |
92 | */ |
93 | static void pty_unthrottle(struct tty_struct *tty) |
94 | { |
95 | tty_wakeup(tty: tty->link); |
96 | set_bit(TTY_THROTTLED, addr: &tty->flags); |
97 | } |
98 | |
99 | /** |
100 | * pty_write - write to a pty |
101 | * @tty: the tty we write from |
102 | * @buf: kernel buffer of data |
103 | * @c: bytes to write |
104 | * |
105 | * Our "hardware" write method. Data is coming from the ldisc which |
106 | * may be in a non sleeping state. We simply throw this at the other |
107 | * end of the link as if we were an IRQ handler receiving stuff for |
108 | * the other side of the pty/tty pair. |
109 | */ |
110 | |
111 | static ssize_t pty_write(struct tty_struct *tty, const u8 *buf, size_t c) |
112 | { |
113 | struct tty_struct *to = tty->link; |
114 | |
115 | if (tty->flow.stopped || !c) |
116 | return 0; |
117 | |
118 | return tty_insert_flip_string_and_push_buffer(port: to->port, chars: buf, cnt: c); |
119 | } |
120 | |
121 | /** |
122 | * pty_write_room - write space |
123 | * @tty: tty we are writing from |
124 | * |
125 | * Report how many bytes the ldisc can send into the queue for |
126 | * the other device. |
127 | */ |
128 | |
129 | static unsigned int pty_write_room(struct tty_struct *tty) |
130 | { |
131 | if (tty->flow.stopped) |
132 | return 0; |
133 | return tty_buffer_space_avail(port: tty->link->port); |
134 | } |
135 | |
136 | /* Set the lock flag on a pty */ |
137 | static int pty_set_lock(struct tty_struct *tty, int __user *arg) |
138 | { |
139 | int val; |
140 | |
141 | if (get_user(val, arg)) |
142 | return -EFAULT; |
143 | if (val) |
144 | set_bit(TTY_PTY_LOCK, addr: &tty->flags); |
145 | else |
146 | clear_bit(TTY_PTY_LOCK, addr: &tty->flags); |
147 | return 0; |
148 | } |
149 | |
150 | static int pty_get_lock(struct tty_struct *tty, int __user *arg) |
151 | { |
152 | int locked = test_bit(TTY_PTY_LOCK, &tty->flags); |
153 | |
154 | return put_user(locked, arg); |
155 | } |
156 | |
157 | /* Set the packet mode on a pty */ |
158 | static int pty_set_pktmode(struct tty_struct *tty, int __user *arg) |
159 | { |
160 | int pktmode; |
161 | |
162 | if (get_user(pktmode, arg)) |
163 | return -EFAULT; |
164 | |
165 | spin_lock_irq(lock: &tty->ctrl.lock); |
166 | if (pktmode) { |
167 | if (!tty->ctrl.packet) { |
168 | tty->link->ctrl.pktstatus = 0; |
169 | smp_mb(); |
170 | tty->ctrl.packet = true; |
171 | } |
172 | } else |
173 | tty->ctrl.packet = false; |
174 | spin_unlock_irq(lock: &tty->ctrl.lock); |
175 | |
176 | return 0; |
177 | } |
178 | |
179 | /* Get the packet mode of a pty */ |
180 | static int pty_get_pktmode(struct tty_struct *tty, int __user *arg) |
181 | { |
182 | int pktmode = tty->ctrl.packet; |
183 | |
184 | return put_user(pktmode, arg); |
185 | } |
186 | |
187 | /* Send a signal to the slave */ |
188 | static int pty_signal(struct tty_struct *tty, int sig) |
189 | { |
190 | struct pid *pgrp; |
191 | |
192 | if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP) |
193 | return -EINVAL; |
194 | |
195 | if (tty->link) { |
196 | pgrp = tty_get_pgrp(tty: tty->link); |
197 | if (pgrp) |
198 | kill_pgrp(pid: pgrp, sig, priv: 1); |
199 | put_pid(pid: pgrp); |
200 | } |
201 | return 0; |
202 | } |
203 | |
204 | static void pty_flush_buffer(struct tty_struct *tty) |
205 | { |
206 | struct tty_struct *to = tty->link; |
207 | |
208 | if (!to) |
209 | return; |
210 | |
211 | tty_buffer_flush(tty: to, NULL); |
212 | if (to->ctrl.packet) { |
213 | spin_lock_irq(lock: &tty->ctrl.lock); |
214 | tty->ctrl.pktstatus |= TIOCPKT_FLUSHWRITE; |
215 | wake_up_interruptible(&to->read_wait); |
216 | spin_unlock_irq(lock: &tty->ctrl.lock); |
217 | } |
218 | } |
219 | |
220 | static int pty_open(struct tty_struct *tty, struct file *filp) |
221 | { |
222 | if (!tty || !tty->link) |
223 | return -ENODEV; |
224 | |
225 | if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) |
226 | goto out; |
227 | if (test_bit(TTY_PTY_LOCK, &tty->link->flags)) |
228 | goto out; |
229 | if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1) |
230 | goto out; |
231 | |
232 | clear_bit(TTY_IO_ERROR, addr: &tty->flags); |
233 | clear_bit(TTY_OTHER_CLOSED, addr: &tty->link->flags); |
234 | set_bit(TTY_THROTTLED, addr: &tty->flags); |
235 | return 0; |
236 | |
237 | out: |
238 | set_bit(TTY_IO_ERROR, addr: &tty->flags); |
239 | return -EIO; |
240 | } |
241 | |
242 | static void pty_set_termios(struct tty_struct *tty, |
243 | const struct ktermios *old_termios) |
244 | { |
245 | /* See if packet mode change of state. */ |
246 | if (tty->link && tty->link->ctrl.packet) { |
247 | int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty); |
248 | int old_flow = ((old_termios->c_iflag & IXON) && |
249 | (old_termios->c_cc[VSTOP] == '\023') && |
250 | (old_termios->c_cc[VSTART] == '\021')); |
251 | int new_flow = (I_IXON(tty) && |
252 | STOP_CHAR(tty) == '\023' && |
253 | START_CHAR(tty) == '\021'); |
254 | if ((old_flow != new_flow) || extproc) { |
255 | spin_lock_irq(lock: &tty->ctrl.lock); |
256 | if (old_flow != new_flow) { |
257 | tty->ctrl.pktstatus &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP); |
258 | if (new_flow) |
259 | tty->ctrl.pktstatus |= TIOCPKT_DOSTOP; |
260 | else |
261 | tty->ctrl.pktstatus |= TIOCPKT_NOSTOP; |
262 | } |
263 | if (extproc) |
264 | tty->ctrl.pktstatus |= TIOCPKT_IOCTL; |
265 | spin_unlock_irq(lock: &tty->ctrl.lock); |
266 | wake_up_interruptible(&tty->link->read_wait); |
267 | } |
268 | } |
269 | |
270 | tty->termios.c_cflag &= ~(CSIZE | PARENB); |
271 | tty->termios.c_cflag |= (CS8 | CREAD); |
272 | } |
273 | |
274 | /** |
275 | * pty_resize - resize event |
276 | * @tty: tty being resized |
277 | * @ws: window size being set. |
278 | * |
279 | * Update the termios variables and send the necessary signals to |
280 | * peform a terminal resize correctly |
281 | */ |
282 | |
283 | static int pty_resize(struct tty_struct *tty, struct winsize *ws) |
284 | { |
285 | struct pid *pgrp, *rpgrp; |
286 | struct tty_struct *pty = tty->link; |
287 | |
288 | /* For a PTY we need to lock the tty side */ |
289 | mutex_lock(&tty->winsize_mutex); |
290 | if (!memcmp(p: ws, q: &tty->winsize, size: sizeof(*ws))) |
291 | goto done; |
292 | |
293 | /* Signal the foreground process group of both ptys */ |
294 | pgrp = tty_get_pgrp(tty); |
295 | rpgrp = tty_get_pgrp(tty: pty); |
296 | |
297 | if (pgrp) |
298 | kill_pgrp(pid: pgrp, SIGWINCH, priv: 1); |
299 | if (rpgrp != pgrp && rpgrp) |
300 | kill_pgrp(pid: rpgrp, SIGWINCH, priv: 1); |
301 | |
302 | put_pid(pid: pgrp); |
303 | put_pid(pid: rpgrp); |
304 | |
305 | tty->winsize = *ws; |
306 | pty->winsize = *ws; /* Never used so will go away soon */ |
307 | done: |
308 | mutex_unlock(lock: &tty->winsize_mutex); |
309 | return 0; |
310 | } |
311 | |
312 | /** |
313 | * pty_start - start() handler |
314 | * pty_stop - stop() handler |
315 | * @tty: tty being flow-controlled |
316 | * |
317 | * Propagates the TIOCPKT status to the master pty. |
318 | * |
319 | * NB: only the master pty can be in packet mode so only the slave |
320 | * needs start()/stop() handlers |
321 | */ |
322 | static void pty_start(struct tty_struct *tty) |
323 | { |
324 | unsigned long flags; |
325 | |
326 | if (tty->link && tty->link->ctrl.packet) { |
327 | spin_lock_irqsave(&tty->ctrl.lock, flags); |
328 | tty->ctrl.pktstatus &= ~TIOCPKT_STOP; |
329 | tty->ctrl.pktstatus |= TIOCPKT_START; |
330 | spin_unlock_irqrestore(lock: &tty->ctrl.lock, flags); |
331 | wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); |
332 | } |
333 | } |
334 | |
335 | static void pty_stop(struct tty_struct *tty) |
336 | { |
337 | unsigned long flags; |
338 | |
339 | if (tty->link && tty->link->ctrl.packet) { |
340 | spin_lock_irqsave(&tty->ctrl.lock, flags); |
341 | tty->ctrl.pktstatus &= ~TIOCPKT_START; |
342 | tty->ctrl.pktstatus |= TIOCPKT_STOP; |
343 | spin_unlock_irqrestore(lock: &tty->ctrl.lock, flags); |
344 | wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); |
345 | } |
346 | } |
347 | |
348 | /** |
349 | * pty_common_install - set up the pty pair |
350 | * @driver: the pty driver |
351 | * @tty: the tty being instantiated |
352 | * @legacy: true if this is BSD style |
353 | * |
354 | * Perform the initial set up for the tty/pty pair. Called from the |
355 | * tty layer when the port is first opened. |
356 | * |
357 | * Locking: the caller must hold the tty_mutex |
358 | */ |
359 | static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty, |
360 | bool legacy) |
361 | { |
362 | struct tty_struct *o_tty; |
363 | struct tty_port *ports[2]; |
364 | int idx = tty->index; |
365 | int retval = -ENOMEM; |
366 | |
367 | /* Opening the slave first has always returned -EIO */ |
368 | if (driver->subtype != PTY_TYPE_MASTER) |
369 | return -EIO; |
370 | |
371 | ports[0] = kmalloc(size: sizeof **ports, GFP_KERNEL); |
372 | ports[1] = kmalloc(size: sizeof **ports, GFP_KERNEL); |
373 | if (!ports[0] || !ports[1]) |
374 | goto err; |
375 | if (!try_module_get(module: driver->other->owner)) { |
376 | /* This cannot in fact currently happen */ |
377 | goto err; |
378 | } |
379 | o_tty = alloc_tty_struct(driver: driver->other, idx); |
380 | if (!o_tty) |
381 | goto err_put_module; |
382 | |
383 | tty_set_lock_subclass(tty: o_tty); |
384 | lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE); |
385 | |
386 | if (legacy) { |
387 | /* We always use new tty termios data so we can do this |
388 | the easy way .. */ |
389 | tty_init_termios(tty); |
390 | tty_init_termios(tty: o_tty); |
391 | |
392 | driver->other->ttys[idx] = o_tty; |
393 | driver->ttys[idx] = tty; |
394 | } else { |
395 | memset(&tty->termios_locked, 0, sizeof(tty->termios_locked)); |
396 | tty->termios = driver->init_termios; |
397 | memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked)); |
398 | o_tty->termios = driver->other->init_termios; |
399 | } |
400 | |
401 | /* |
402 | * Everything allocated ... set up the o_tty structure. |
403 | */ |
404 | tty_driver_kref_get(d: driver->other); |
405 | /* Establish the links in both directions */ |
406 | tty->link = o_tty; |
407 | o_tty->link = tty; |
408 | tty_port_init(port: ports[0]); |
409 | tty_port_init(port: ports[1]); |
410 | tty_buffer_set_limit(port: ports[0], limit: 8192); |
411 | tty_buffer_set_limit(port: ports[1], limit: 8192); |
412 | o_tty->port = ports[0]; |
413 | tty->port = ports[1]; |
414 | o_tty->port->itty = o_tty; |
415 | |
416 | tty_buffer_set_lock_subclass(port: o_tty->port); |
417 | |
418 | tty_driver_kref_get(d: driver); |
419 | tty->count++; |
420 | o_tty->count++; |
421 | return 0; |
422 | |
423 | err_put_module: |
424 | module_put(module: driver->other->owner); |
425 | err: |
426 | kfree(objp: ports[0]); |
427 | kfree(objp: ports[1]); |
428 | return retval; |
429 | } |
430 | |
431 | static void pty_cleanup(struct tty_struct *tty) |
432 | { |
433 | tty_port_put(port: tty->port); |
434 | } |
435 | |
436 | /* Traditional BSD devices */ |
437 | #ifdef CONFIG_LEGACY_PTYS |
438 | |
439 | static int pty_install(struct tty_driver *driver, struct tty_struct *tty) |
440 | { |
441 | return pty_common_install(driver, tty, legacy: true); |
442 | } |
443 | |
444 | static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) |
445 | { |
446 | struct tty_struct *pair = tty->link; |
447 | |
448 | driver->ttys[tty->index] = NULL; |
449 | if (pair) |
450 | pair->driver->ttys[pair->index] = NULL; |
451 | } |
452 | |
453 | static int pty_bsd_ioctl(struct tty_struct *tty, |
454 | unsigned int cmd, unsigned long arg) |
455 | { |
456 | switch (cmd) { |
457 | case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ |
458 | return pty_set_lock(tty, arg: (int __user *) arg); |
459 | case TIOCGPTLCK: /* Get PT Lock status */ |
460 | return pty_get_lock(tty, arg: (int __user *)arg); |
461 | case TIOCPKT: /* Set PT packet mode */ |
462 | return pty_set_pktmode(tty, arg: (int __user *)arg); |
463 | case TIOCGPKT: /* Get PT packet mode */ |
464 | return pty_get_pktmode(tty, arg: (int __user *)arg); |
465 | case TIOCSIG: /* Send signal to other side of pty */ |
466 | return pty_signal(tty, sig: (int) arg); |
467 | case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ |
468 | return -EINVAL; |
469 | } |
470 | return -ENOIOCTLCMD; |
471 | } |
472 | |
473 | #ifdef CONFIG_COMPAT |
474 | static long pty_bsd_compat_ioctl(struct tty_struct *tty, |
475 | unsigned int cmd, unsigned long arg) |
476 | { |
477 | /* |
478 | * PTY ioctls don't require any special translation between 32-bit and |
479 | * 64-bit userspace, they are already compatible. |
480 | */ |
481 | return pty_bsd_ioctl(tty, cmd, arg: (unsigned long)compat_ptr(uptr: arg)); |
482 | } |
483 | #else |
484 | #define pty_bsd_compat_ioctl NULL |
485 | #endif |
486 | |
487 | static int legacy_count = CONFIG_LEGACY_PTY_COUNT; |
488 | /* |
489 | * not really modular, but the easiest way to keep compat with existing |
490 | * bootargs behaviour is to continue using module_param here. |
491 | */ |
492 | module_param(legacy_count, int, 0); |
493 | |
494 | /* |
495 | * The master side of a pty can do TIOCSPTLCK and thus |
496 | * has pty_bsd_ioctl. |
497 | */ |
498 | static const struct tty_operations master_pty_ops_bsd = { |
499 | .install = pty_install, |
500 | .open = pty_open, |
501 | .close = pty_close, |
502 | .write = pty_write, |
503 | .write_room = pty_write_room, |
504 | .flush_buffer = pty_flush_buffer, |
505 | .unthrottle = pty_unthrottle, |
506 | .ioctl = pty_bsd_ioctl, |
507 | .compat_ioctl = pty_bsd_compat_ioctl, |
508 | .cleanup = pty_cleanup, |
509 | .resize = pty_resize, |
510 | .remove = pty_remove |
511 | }; |
512 | |
513 | static const struct tty_operations slave_pty_ops_bsd = { |
514 | .install = pty_install, |
515 | .open = pty_open, |
516 | .close = pty_close, |
517 | .write = pty_write, |
518 | .write_room = pty_write_room, |
519 | .flush_buffer = pty_flush_buffer, |
520 | .unthrottle = pty_unthrottle, |
521 | .set_termios = pty_set_termios, |
522 | .cleanup = pty_cleanup, |
523 | .resize = pty_resize, |
524 | .start = pty_start, |
525 | .stop = pty_stop, |
526 | .remove = pty_remove |
527 | }; |
528 | |
529 | static void __init legacy_pty_init(void) |
530 | { |
531 | struct tty_driver *pty_driver, *pty_slave_driver; |
532 | |
533 | if (legacy_count <= 0) |
534 | return; |
535 | |
536 | pty_driver = tty_alloc_driver(legacy_count, |
537 | TTY_DRIVER_RESET_TERMIOS | |
538 | TTY_DRIVER_REAL_RAW | |
539 | TTY_DRIVER_DYNAMIC_ALLOC); |
540 | if (IS_ERR(ptr: pty_driver)) |
541 | panic(fmt: "Couldn't allocate pty driver" ); |
542 | |
543 | pty_slave_driver = tty_alloc_driver(legacy_count, |
544 | TTY_DRIVER_RESET_TERMIOS | |
545 | TTY_DRIVER_REAL_RAW | |
546 | TTY_DRIVER_DYNAMIC_ALLOC); |
547 | if (IS_ERR(ptr: pty_slave_driver)) |
548 | panic(fmt: "Couldn't allocate pty slave driver" ); |
549 | |
550 | pty_driver->driver_name = "pty_master" ; |
551 | pty_driver->name = "pty" ; |
552 | pty_driver->major = PTY_MASTER_MAJOR; |
553 | pty_driver->minor_start = 0; |
554 | pty_driver->type = TTY_DRIVER_TYPE_PTY; |
555 | pty_driver->subtype = PTY_TYPE_MASTER; |
556 | pty_driver->init_termios = tty_std_termios; |
557 | pty_driver->init_termios.c_iflag = 0; |
558 | pty_driver->init_termios.c_oflag = 0; |
559 | pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; |
560 | pty_driver->init_termios.c_lflag = 0; |
561 | pty_driver->init_termios.c_ispeed = 38400; |
562 | pty_driver->init_termios.c_ospeed = 38400; |
563 | pty_driver->other = pty_slave_driver; |
564 | tty_set_operations(driver: pty_driver, op: &master_pty_ops_bsd); |
565 | |
566 | pty_slave_driver->driver_name = "pty_slave" ; |
567 | pty_slave_driver->name = "ttyp" ; |
568 | pty_slave_driver->major = PTY_SLAVE_MAJOR; |
569 | pty_slave_driver->minor_start = 0; |
570 | pty_slave_driver->type = TTY_DRIVER_TYPE_PTY; |
571 | pty_slave_driver->subtype = PTY_TYPE_SLAVE; |
572 | pty_slave_driver->init_termios = tty_std_termios; |
573 | pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; |
574 | pty_slave_driver->init_termios.c_ispeed = 38400; |
575 | pty_slave_driver->init_termios.c_ospeed = 38400; |
576 | pty_slave_driver->other = pty_driver; |
577 | tty_set_operations(driver: pty_slave_driver, op: &slave_pty_ops_bsd); |
578 | |
579 | if (tty_register_driver(driver: pty_driver)) |
580 | panic(fmt: "Couldn't register pty driver" ); |
581 | if (tty_register_driver(driver: pty_slave_driver)) |
582 | panic(fmt: "Couldn't register pty slave driver" ); |
583 | } |
584 | #else |
585 | static inline void legacy_pty_init(void) { } |
586 | #endif |
587 | |
588 | /* Unix98 devices */ |
589 | #ifdef CONFIG_UNIX98_PTYS |
590 | static struct cdev ptmx_cdev; |
591 | |
592 | /** |
593 | * ptm_open_peer - open the peer of a pty |
594 | * @master: the open struct file of the ptmx device node |
595 | * @tty: the master of the pty being opened |
596 | * @flags: the flags for open |
597 | * |
598 | * Provide a race free way for userspace to open the slave end of a pty |
599 | * (where they have the master fd and cannot access or trust the mount |
600 | * namespace /dev/pts was mounted inside). |
601 | */ |
602 | int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) |
603 | { |
604 | int fd; |
605 | struct file *filp; |
606 | int retval = -EINVAL; |
607 | struct path path; |
608 | |
609 | if (tty->driver != ptm_driver) |
610 | return -EIO; |
611 | |
612 | fd = get_unused_fd_flags(flags); |
613 | if (fd < 0) { |
614 | retval = fd; |
615 | goto err; |
616 | } |
617 | |
618 | /* Compute the slave's path */ |
619 | path.mnt = devpts_mntget(master, tty->driver_data); |
620 | if (IS_ERR(ptr: path.mnt)) { |
621 | retval = PTR_ERR(ptr: path.mnt); |
622 | goto err_put; |
623 | } |
624 | path.dentry = tty->link->driver_data; |
625 | |
626 | filp = dentry_open(path: &path, flags, current_cred()); |
627 | mntput(mnt: path.mnt); |
628 | if (IS_ERR(ptr: filp)) { |
629 | retval = PTR_ERR(ptr: filp); |
630 | goto err_put; |
631 | } |
632 | |
633 | fd_install(fd, file: filp); |
634 | return fd; |
635 | |
636 | err_put: |
637 | put_unused_fd(fd); |
638 | err: |
639 | return retval; |
640 | } |
641 | |
642 | static int pty_unix98_ioctl(struct tty_struct *tty, |
643 | unsigned int cmd, unsigned long arg) |
644 | { |
645 | switch (cmd) { |
646 | case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ |
647 | return pty_set_lock(tty, arg: (int __user *)arg); |
648 | case TIOCGPTLCK: /* Get PT Lock status */ |
649 | return pty_get_lock(tty, arg: (int __user *)arg); |
650 | case TIOCPKT: /* Set PT packet mode */ |
651 | return pty_set_pktmode(tty, arg: (int __user *)arg); |
652 | case TIOCGPKT: /* Get PT packet mode */ |
653 | return pty_get_pktmode(tty, arg: (int __user *)arg); |
654 | case TIOCGPTN: /* Get PT Number */ |
655 | return put_user(tty->index, (unsigned int __user *)arg); |
656 | case TIOCSIG: /* Send signal to other side of pty */ |
657 | return pty_signal(tty, sig: (int) arg); |
658 | } |
659 | |
660 | return -ENOIOCTLCMD; |
661 | } |
662 | |
663 | #ifdef CONFIG_COMPAT |
664 | static long pty_unix98_compat_ioctl(struct tty_struct *tty, |
665 | unsigned int cmd, unsigned long arg) |
666 | { |
667 | /* |
668 | * PTY ioctls don't require any special translation between 32-bit and |
669 | * 64-bit userspace, they are already compatible. |
670 | */ |
671 | return pty_unix98_ioctl(tty, cmd, |
672 | arg: cmd == TIOCSIG ? arg : (unsigned long)compat_ptr(uptr: arg)); |
673 | } |
674 | #else |
675 | #define pty_unix98_compat_ioctl NULL |
676 | #endif |
677 | |
678 | /** |
679 | * ptm_unix98_lookup - find a pty master |
680 | * @driver: ptm driver |
681 | * @file: unused |
682 | * @idx: tty index |
683 | * |
684 | * Look up a pty master device. Called under the tty_mutex for now. |
685 | * This provides our locking. |
686 | */ |
687 | |
688 | static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver, |
689 | struct file *file, int idx) |
690 | { |
691 | /* Master must be open via /dev/ptmx */ |
692 | return ERR_PTR(error: -EIO); |
693 | } |
694 | |
695 | /** |
696 | * pts_unix98_lookup - find a pty slave |
697 | * @driver: pts driver |
698 | * @file: file pointer to tty |
699 | * @idx: tty index |
700 | * |
701 | * Look up a pty master device. Called under the tty_mutex for now. |
702 | * This provides our locking for the tty pointer. |
703 | */ |
704 | |
705 | static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver, |
706 | struct file *file, int idx) |
707 | { |
708 | struct tty_struct *tty; |
709 | |
710 | mutex_lock(&devpts_mutex); |
711 | tty = devpts_get_priv(file->f_path.dentry); |
712 | mutex_unlock(lock: &devpts_mutex); |
713 | /* Master must be open before slave */ |
714 | if (!tty) |
715 | return ERR_PTR(error: -EIO); |
716 | return tty; |
717 | } |
718 | |
719 | static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty) |
720 | { |
721 | return pty_common_install(driver, tty, legacy: false); |
722 | } |
723 | |
724 | /* this is called once with whichever end is closed last */ |
725 | static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty) |
726 | { |
727 | struct pts_fs_info *fsi; |
728 | |
729 | if (tty->driver->subtype == PTY_TYPE_MASTER) |
730 | fsi = tty->driver_data; |
731 | else |
732 | fsi = tty->link->driver_data; |
733 | |
734 | if (fsi) { |
735 | devpts_kill_index(fsi, tty->index); |
736 | devpts_release(fsi); |
737 | } |
738 | } |
739 | |
740 | static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m) |
741 | { |
742 | seq_printf(m, fmt: "tty-index:\t%d\n" , tty->index); |
743 | } |
744 | |
745 | static const struct tty_operations ptm_unix98_ops = { |
746 | .lookup = ptm_unix98_lookup, |
747 | .install = pty_unix98_install, |
748 | .remove = pty_unix98_remove, |
749 | .open = pty_open, |
750 | .close = pty_close, |
751 | .write = pty_write, |
752 | .write_room = pty_write_room, |
753 | .flush_buffer = pty_flush_buffer, |
754 | .unthrottle = pty_unthrottle, |
755 | .ioctl = pty_unix98_ioctl, |
756 | .compat_ioctl = pty_unix98_compat_ioctl, |
757 | .resize = pty_resize, |
758 | .cleanup = pty_cleanup, |
759 | .show_fdinfo = pty_show_fdinfo, |
760 | }; |
761 | |
762 | static const struct tty_operations pty_unix98_ops = { |
763 | .lookup = pts_unix98_lookup, |
764 | .install = pty_unix98_install, |
765 | .remove = pty_unix98_remove, |
766 | .open = pty_open, |
767 | .close = pty_close, |
768 | .write = pty_write, |
769 | .write_room = pty_write_room, |
770 | .flush_buffer = pty_flush_buffer, |
771 | .unthrottle = pty_unthrottle, |
772 | .set_termios = pty_set_termios, |
773 | .start = pty_start, |
774 | .stop = pty_stop, |
775 | .cleanup = pty_cleanup, |
776 | }; |
777 | |
778 | /** |
779 | * ptmx_open - open a unix 98 pty master |
780 | * @inode: inode of device file |
781 | * @filp: file pointer to tty |
782 | * |
783 | * Allocate a unix98 pty master device from the ptmx driver. |
784 | * |
785 | * Locking: tty_mutex protects the init_dev work. tty->count should |
786 | * protect the rest. |
787 | * allocated_ptys_lock handles the list of free pty numbers |
788 | */ |
789 | |
790 | static int ptmx_open(struct inode *inode, struct file *filp) |
791 | { |
792 | struct pts_fs_info *fsi; |
793 | struct tty_struct *tty; |
794 | struct dentry *dentry; |
795 | int retval; |
796 | int index; |
797 | |
798 | nonseekable_open(inode, filp); |
799 | |
800 | /* We refuse fsnotify events on ptmx, since it's a shared resource */ |
801 | filp->f_mode |= FMODE_NONOTIFY; |
802 | |
803 | retval = tty_alloc_file(file: filp); |
804 | if (retval) |
805 | return retval; |
806 | |
807 | fsi = devpts_acquire(filp); |
808 | if (IS_ERR(ptr: fsi)) { |
809 | retval = PTR_ERR(ptr: fsi); |
810 | goto out_free_file; |
811 | } |
812 | |
813 | /* find a device that is not in use. */ |
814 | mutex_lock(&devpts_mutex); |
815 | index = devpts_new_index(fsi); |
816 | mutex_unlock(lock: &devpts_mutex); |
817 | |
818 | retval = index; |
819 | if (index < 0) |
820 | goto out_put_fsi; |
821 | |
822 | |
823 | mutex_lock(&tty_mutex); |
824 | tty = tty_init_dev(driver: ptm_driver, idx: index); |
825 | /* The tty returned here is locked so we can safely |
826 | drop the mutex */ |
827 | mutex_unlock(lock: &tty_mutex); |
828 | |
829 | retval = PTR_ERR(ptr: tty); |
830 | if (IS_ERR(ptr: tty)) |
831 | goto out; |
832 | |
833 | /* |
834 | * From here on out, the tty is "live", and the index and |
835 | * fsi will be killed/put by the tty_release() |
836 | */ |
837 | set_bit(TTY_PTY_LOCK, addr: &tty->flags); /* LOCK THE SLAVE */ |
838 | tty->driver_data = fsi; |
839 | |
840 | tty_add_file(tty, file: filp); |
841 | |
842 | dentry = devpts_pty_new(fsi, index, tty->link); |
843 | if (IS_ERR(ptr: dentry)) { |
844 | retval = PTR_ERR(ptr: dentry); |
845 | goto err_release; |
846 | } |
847 | tty->link->driver_data = dentry; |
848 | |
849 | retval = ptm_driver->ops->open(tty, filp); |
850 | if (retval) |
851 | goto err_release; |
852 | |
853 | tty_debug_hangup(tty, "opening (count=%d)\n" , tty->count); |
854 | |
855 | tty_unlock(tty); |
856 | return 0; |
857 | err_release: |
858 | tty_unlock(tty); |
859 | // This will also put-ref the fsi |
860 | tty_release(inode, filp); |
861 | return retval; |
862 | out: |
863 | devpts_kill_index(fsi, index); |
864 | out_put_fsi: |
865 | devpts_release(fsi); |
866 | out_free_file: |
867 | tty_free_file(file: filp); |
868 | return retval; |
869 | } |
870 | |
871 | static struct file_operations ptmx_fops __ro_after_init; |
872 | |
873 | static void __init unix98_pty_init(void) |
874 | { |
875 | ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, |
876 | TTY_DRIVER_RESET_TERMIOS | |
877 | TTY_DRIVER_REAL_RAW | |
878 | TTY_DRIVER_DYNAMIC_DEV | |
879 | TTY_DRIVER_DEVPTS_MEM | |
880 | TTY_DRIVER_DYNAMIC_ALLOC); |
881 | if (IS_ERR(ptr: ptm_driver)) |
882 | panic(fmt: "Couldn't allocate Unix98 ptm driver" ); |
883 | pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, |
884 | TTY_DRIVER_RESET_TERMIOS | |
885 | TTY_DRIVER_REAL_RAW | |
886 | TTY_DRIVER_DYNAMIC_DEV | |
887 | TTY_DRIVER_DEVPTS_MEM | |
888 | TTY_DRIVER_DYNAMIC_ALLOC); |
889 | if (IS_ERR(ptr: pts_driver)) |
890 | panic(fmt: "Couldn't allocate Unix98 pts driver" ); |
891 | |
892 | ptm_driver->driver_name = "pty_master" ; |
893 | ptm_driver->name = "ptm" ; |
894 | ptm_driver->major = UNIX98_PTY_MASTER_MAJOR; |
895 | ptm_driver->minor_start = 0; |
896 | ptm_driver->type = TTY_DRIVER_TYPE_PTY; |
897 | ptm_driver->subtype = PTY_TYPE_MASTER; |
898 | ptm_driver->init_termios = tty_std_termios; |
899 | ptm_driver->init_termios.c_iflag = 0; |
900 | ptm_driver->init_termios.c_oflag = 0; |
901 | ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; |
902 | ptm_driver->init_termios.c_lflag = 0; |
903 | ptm_driver->init_termios.c_ispeed = 38400; |
904 | ptm_driver->init_termios.c_ospeed = 38400; |
905 | ptm_driver->other = pts_driver; |
906 | tty_set_operations(driver: ptm_driver, op: &ptm_unix98_ops); |
907 | |
908 | pts_driver->driver_name = "pty_slave" ; |
909 | pts_driver->name = "pts" ; |
910 | pts_driver->major = UNIX98_PTY_SLAVE_MAJOR; |
911 | pts_driver->minor_start = 0; |
912 | pts_driver->type = TTY_DRIVER_TYPE_PTY; |
913 | pts_driver->subtype = PTY_TYPE_SLAVE; |
914 | pts_driver->init_termios = tty_std_termios; |
915 | pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; |
916 | pts_driver->init_termios.c_ispeed = 38400; |
917 | pts_driver->init_termios.c_ospeed = 38400; |
918 | pts_driver->other = ptm_driver; |
919 | tty_set_operations(driver: pts_driver, op: &pty_unix98_ops); |
920 | |
921 | if (tty_register_driver(driver: ptm_driver)) |
922 | panic(fmt: "Couldn't register Unix98 ptm driver" ); |
923 | if (tty_register_driver(driver: pts_driver)) |
924 | panic(fmt: "Couldn't register Unix98 pts driver" ); |
925 | |
926 | /* Now create the /dev/ptmx special device */ |
927 | tty_default_fops(fops: &ptmx_fops); |
928 | ptmx_fops.open = ptmx_open; |
929 | |
930 | cdev_init(&ptmx_cdev, &ptmx_fops); |
931 | if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || |
932 | register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx" ) < 0) |
933 | panic(fmt: "Couldn't register /dev/ptmx driver" ); |
934 | device_create(cls: &tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, fmt: "ptmx" ); |
935 | } |
936 | |
937 | #else |
938 | static inline void unix98_pty_init(void) { } |
939 | #endif |
940 | |
941 | static int __init pty_init(void) |
942 | { |
943 | legacy_pty_init(); |
944 | unix98_pty_init(); |
945 | return 0; |
946 | } |
947 | device_initcall(pty_init); |
948 | |