1// SPDX-License-Identifier: GPL-1.0+ 2/* 3 * n_tty.c --- implements the N_TTY line discipline. 4 * 5 * This code used to be in tty_io.c, but things are getting hairy 6 * enough that it made sense to split things off. (The N_TTY 7 * processing has changed so much that it's hardly recognizable, 8 * anyway...) 9 * 10 * Note that the open routine for N_TTY is guaranteed never to return 11 * an error. This is because Linux will fall back to setting a line 12 * to N_TTY if it can not switch to any other line discipline. 13 * 14 * Written by Theodore Ts'o, Copyright 1994. 15 * 16 * This file also contains code originally written by Linus Torvalds, 17 * Copyright 1991, 1992, 1993, and by Julian Cowley, Copyright 1994. 18 * 19 * Reduced memory usage for older ARM systems - Russell King. 20 * 21 * 2000/01/20 Fixed SMP locking on put_tty_queue using bits of 22 * the patch by Andrew J. Kroll <ag784@freenet.buffalo.edu> 23 * who actually finally proved there really was a race. 24 * 25 * 2002/03/18 Implemented n_tty_wakeup to send SIGIO POLL_OUTs to 26 * waiting writing processes-Sapan Bhatia <sapan@corewars.org>. 27 * Also fixed a bug in BLOCKING mode where n_tty_write returns 28 * EAGAIN 29 */ 30 31#include <linux/types.h> 32#include <linux/major.h> 33#include <linux/errno.h> 34#include <linux/signal.h> 35#include <linux/fcntl.h> 36#include <linux/sched.h> 37#include <linux/interrupt.h> 38#include <linux/tty.h> 39#include <linux/timer.h> 40#include <linux/ctype.h> 41#include <linux/mm.h> 42#include <linux/string.h> 43#include <linux/slab.h> 44#include <linux/poll.h> 45#include <linux/bitops.h> 46#include <linux/audit.h> 47#include <linux/file.h> 48#include <linux/uaccess.h> 49#include <linux/module.h> 50#include <linux/ratelimit.h> 51#include <linux/vmalloc.h> 52#include "tty.h" 53 54/* 55 * Until this number of characters is queued in the xmit buffer, select will 56 * return "we have room for writes". 57 */ 58#define WAKEUP_CHARS 256 59 60/* 61 * This defines the low- and high-watermarks for throttling and 62 * unthrottling the TTY driver. These watermarks are used for 63 * controlling the space in the read buffer. 64 */ 65#define TTY_THRESHOLD_THROTTLE 128 /* now based on remaining room */ 66#define TTY_THRESHOLD_UNTHROTTLE 128 67 68/* 69 * Special byte codes used in the echo buffer to represent operations 70 * or special handling of characters. Bytes in the echo buffer that 71 * are not part of such special blocks are treated as normal character 72 * codes. 73 */ 74#define ECHO_OP_START 0xff 75#define ECHO_OP_MOVE_BACK_COL 0x80 76#define ECHO_OP_SET_CANON_COL 0x81 77#define ECHO_OP_ERASE_TAB 0x82 78 79#define ECHO_COMMIT_WATERMARK 256 80#define ECHO_BLOCK 256 81#define ECHO_DISCARD_WATERMARK N_TTY_BUF_SIZE - (ECHO_BLOCK + 32) 82 83 84#undef N_TTY_TRACE 85#ifdef N_TTY_TRACE 86# define n_tty_trace(f, args...) trace_printk(f, ##args) 87#else 88# define n_tty_trace(f, args...) no_printk(f, ##args) 89#endif 90 91struct n_tty_data { 92 /* producer-published */ 93 size_t read_head; 94 size_t commit_head; 95 size_t canon_head; 96 size_t echo_head; 97 size_t echo_commit; 98 size_t echo_mark; 99 DECLARE_BITMAP(char_map, 256); 100 101 /* private to n_tty_receive_overrun (single-threaded) */ 102 unsigned long overrun_time; 103 int num_overrun; 104 105 /* non-atomic */ 106 bool no_room; 107 108 /* must hold exclusive termios_rwsem to reset these */ 109 unsigned char lnext:1, erasing:1, raw:1, real_raw:1, icanon:1; 110 unsigned char push:1; 111 112 /* shared by producer and consumer */ 113 char read_buf[N_TTY_BUF_SIZE]; 114 DECLARE_BITMAP(read_flags, N_TTY_BUF_SIZE); 115 unsigned char echo_buf[N_TTY_BUF_SIZE]; 116 117 /* consumer-published */ 118 size_t read_tail; 119 size_t line_start; 120 121 /* protected by output lock */ 122 unsigned int column; 123 unsigned int canon_column; 124 size_t echo_tail; 125 126 struct mutex atomic_read_lock; 127 struct mutex output_lock; 128}; 129 130#define MASK(x) ((x) & (N_TTY_BUF_SIZE - 1)) 131 132static inline size_t read_cnt(struct n_tty_data *ldata) 133{ 134 return ldata->read_head - ldata->read_tail; 135} 136 137static inline unsigned char read_buf(struct n_tty_data *ldata, size_t i) 138{ 139 return ldata->read_buf[i & (N_TTY_BUF_SIZE - 1)]; 140} 141 142static inline unsigned char *read_buf_addr(struct n_tty_data *ldata, size_t i) 143{ 144 return &ldata->read_buf[i & (N_TTY_BUF_SIZE - 1)]; 145} 146 147static inline unsigned char echo_buf(struct n_tty_data *ldata, size_t i) 148{ 149 smp_rmb(); /* Matches smp_wmb() in add_echo_byte(). */ 150 return ldata->echo_buf[i & (N_TTY_BUF_SIZE - 1)]; 151} 152 153static inline unsigned char *echo_buf_addr(struct n_tty_data *ldata, size_t i) 154{ 155 return &ldata->echo_buf[i & (N_TTY_BUF_SIZE - 1)]; 156} 157 158/* If we are not echoing the data, perhaps this is a secret so erase it */ 159static void zero_buffer(struct tty_struct *tty, u8 *buffer, int size) 160{ 161 bool icanon = !!L_ICANON(tty); 162 bool no_echo = !L_ECHO(tty); 163 164 if (icanon && no_echo) 165 memset(buffer, 0x00, size); 166} 167 168static void tty_copy(struct tty_struct *tty, void *to, size_t tail, size_t n) 169{ 170 struct n_tty_data *ldata = tty->disc_data; 171 size_t size = N_TTY_BUF_SIZE - tail; 172 void *from = read_buf_addr(ldata, tail); 173 174 if (n > size) { 175 tty_audit_add_data(tty, from, size); 176 memcpy(to, from, size); 177 zero_buffer(tty, from, size); 178 to += size; 179 n -= size; 180 from = ldata->read_buf; 181 } 182 183 tty_audit_add_data(tty, from, n); 184 memcpy(to, from, n); 185 zero_buffer(tty, from, n); 186} 187 188/** 189 * n_tty_kick_worker - start input worker (if required) 190 * @tty: terminal 191 * 192 * Re-schedules the flip buffer work if it may have stopped 193 * 194 * Caller holds exclusive termios_rwsem 195 * or 196 * n_tty_read()/consumer path: 197 * holds non-exclusive termios_rwsem 198 */ 199 200static void n_tty_kick_worker(struct tty_struct *tty) 201{ 202 struct n_tty_data *ldata = tty->disc_data; 203 204 /* Did the input worker stop? Restart it */ 205 if (unlikely(ldata->no_room)) { 206 ldata->no_room = 0; 207 208 WARN_RATELIMIT(tty->port->itty == NULL, 209 "scheduling with invalid itty\n"); 210 /* see if ldisc has been killed - if so, this means that 211 * even though the ldisc has been halted and ->buf.work 212 * cancelled, ->buf.work is about to be rescheduled 213 */ 214 WARN_RATELIMIT(test_bit(TTY_LDISC_HALTED, &tty->flags), 215 "scheduling buffer work for halted ldisc\n"); 216 tty_buffer_restart_work(tty->port); 217 } 218} 219 220static ssize_t chars_in_buffer(struct tty_struct *tty) 221{ 222 struct n_tty_data *ldata = tty->disc_data; 223 ssize_t n = 0; 224 225 if (!ldata->icanon) 226 n = ldata->commit_head - ldata->read_tail; 227 else 228 n = ldata->canon_head - ldata->read_tail; 229 return n; 230} 231 232/** 233 * n_tty_write_wakeup - asynchronous I/O notifier 234 * @tty: tty device 235 * 236 * Required for the ptys, serial driver etc. since processes 237 * that attach themselves to the master and rely on ASYNC 238 * IO must be woken up 239 */ 240 241static void n_tty_write_wakeup(struct tty_struct *tty) 242{ 243 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 244 kill_fasync(&tty->fasync, SIGIO, POLL_OUT); 245} 246 247static void n_tty_check_throttle(struct tty_struct *tty) 248{ 249 struct n_tty_data *ldata = tty->disc_data; 250 251 /* 252 * Check the remaining room for the input canonicalization 253 * mode. We don't want to throttle the driver if we're in 254 * canonical mode and don't have a newline yet! 255 */ 256 if (ldata->icanon && ldata->canon_head == ldata->read_tail) 257 return; 258 259 while (1) { 260 int throttled; 261 tty_set_flow_change(tty, TTY_THROTTLE_SAFE); 262 if (N_TTY_BUF_SIZE - read_cnt(ldata) >= TTY_THRESHOLD_THROTTLE) 263 break; 264 throttled = tty_throttle_safe(tty); 265 if (!throttled) 266 break; 267 } 268 __tty_set_flow_change(tty, 0); 269} 270 271static void n_tty_check_unthrottle(struct tty_struct *tty) 272{ 273 if (tty->driver->type == TTY_DRIVER_TYPE_PTY) { 274 if (chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE) 275 return; 276 n_tty_kick_worker(tty); 277 tty_wakeup(tty->link); 278 return; 279 } 280 281 /* If there is enough space in the read buffer now, let the 282 * low-level driver know. We use chars_in_buffer() to 283 * check the buffer, as it now knows about canonical mode. 284 * Otherwise, if the driver is throttled and the line is 285 * longer than TTY_THRESHOLD_UNTHROTTLE in canonical mode, 286 * we won't get any more characters. 287 */ 288 289 while (1) { 290 int unthrottled; 291 tty_set_flow_change(tty, TTY_UNTHROTTLE_SAFE); 292 if (chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE) 293 break; 294 n_tty_kick_worker(tty); 295 unthrottled = tty_unthrottle_safe(tty); 296 if (!unthrottled) 297 break; 298 } 299 __tty_set_flow_change(tty, 0); 300} 301 302/** 303 * put_tty_queue - add character to tty 304 * @c: character 305 * @ldata: n_tty data 306 * 307 * Add a character to the tty read_buf queue. 308 * 309 * n_tty_receive_buf()/producer path: 310 * caller holds non-exclusive termios_rwsem 311 */ 312 313static inline void put_tty_queue(unsigned char c, struct n_tty_data *ldata) 314{ 315 *read_buf_addr(ldata, ldata->read_head) = c; 316 ldata->read_head++; 317} 318 319/** 320 * reset_buffer_flags - reset buffer state 321 * @ldata: line disc data to reset 322 * 323 * Reset the read buffer counters and clear the flags. 324 * Called from n_tty_open() and n_tty_flush_buffer(). 325 * 326 * Locking: caller holds exclusive termios_rwsem 327 * (or locking is not required) 328 */ 329 330static void reset_buffer_flags(struct n_tty_data *ldata) 331{ 332 ldata->read_head = ldata->canon_head = ldata->read_tail = 0; 333 ldata->commit_head = 0; 334 ldata->line_start = 0; 335 336 ldata->erasing = 0; 337 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE); 338 ldata->push = 0; 339} 340 341static void n_tty_packet_mode_flush(struct tty_struct *tty) 342{ 343 unsigned long flags; 344 345 if (tty->link->packet) { 346 spin_lock_irqsave(&tty->ctrl_lock, flags); 347 tty->ctrl_status |= TIOCPKT_FLUSHREAD; 348 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 349 wake_up_interruptible(&tty->link->read_wait); 350 } 351} 352 353/** 354 * n_tty_flush_buffer - clean input queue 355 * @tty: terminal device 356 * 357 * Flush the input buffer. Called when the tty layer wants the 358 * buffer flushed (eg at hangup) or when the N_TTY line discipline 359 * internally has to clean the pending queue (for example some signals). 360 * 361 * Holds termios_rwsem to exclude producer/consumer while 362 * buffer indices are reset. 363 * 364 * Locking: ctrl_lock, exclusive termios_rwsem 365 */ 366 367static void n_tty_flush_buffer(struct tty_struct *tty) 368{ 369 down_write(&tty->termios_rwsem); 370 reset_buffer_flags(tty->disc_data); 371 n_tty_kick_worker(tty); 372 373 if (tty->link) 374 n_tty_packet_mode_flush(tty); 375 up_write(&tty->termios_rwsem); 376} 377 378/** 379 * is_utf8_continuation - utf8 multibyte check 380 * @c: byte to check 381 * 382 * Returns true if the utf8 character 'c' is a multibyte continuation 383 * character. We use this to correctly compute the on screen size 384 * of the character when printing 385 */ 386 387static inline int is_utf8_continuation(unsigned char c) 388{ 389 return (c & 0xc0) == 0x80; 390} 391 392/** 393 * is_continuation - multibyte check 394 * @c: byte to check 395 * 396 * Returns true if the utf8 character 'c' is a multibyte continuation 397 * character and the terminal is in unicode mode. 398 */ 399 400static inline int is_continuation(unsigned char c, struct tty_struct *tty) 401{ 402 return I_IUTF8(tty) && is_utf8_continuation(c); 403} 404 405/** 406 * do_output_char - output one character 407 * @c: character (or partial unicode symbol) 408 * @tty: terminal device 409 * @space: space available in tty driver write buffer 410 * 411 * This is a helper function that handles one output character 412 * (including special characters like TAB, CR, LF, etc.), 413 * doing OPOST processing and putting the results in the 414 * tty driver's write buffer. 415 * 416 * Note that Linux currently ignores TABDLY, CRDLY, VTDLY, FFDLY 417 * and NLDLY. They simply aren't relevant in the world today. 418 * If you ever need them, add them here. 419 * 420 * Returns the number of bytes of buffer space used or -1 if 421 * no space left. 422 * 423 * Locking: should be called under the output_lock to protect 424 * the column state and space left in the buffer 425 */ 426 427static int do_output_char(unsigned char c, struct tty_struct *tty, int space) 428{ 429 struct n_tty_data *ldata = tty->disc_data; 430 int spaces; 431 432 if (!space) 433 return -1; 434 435 switch (c) { 436 case '\n': 437 if (O_ONLRET(tty)) 438 ldata->column = 0; 439 if (O_ONLCR(tty)) { 440 if (space < 2) 441 return -1; 442 ldata->canon_column = ldata->column = 0; 443 tty->ops->write(tty, "\r\n", 2); 444 return 2; 445 } 446 ldata->canon_column = ldata->column; 447 break; 448 case '\r': 449 if (O_ONOCR(tty) && ldata->column == 0) 450 return 0; 451 if (O_OCRNL(tty)) { 452 c = '\n'; 453 if (O_ONLRET(tty)) 454 ldata->canon_column = ldata->column = 0; 455 break; 456 } 457 ldata->canon_column = ldata->column = 0; 458 break; 459 case '\t': 460 spaces = 8 - (ldata->column & 7); 461 if (O_TABDLY(tty) == XTABS) { 462 if (space < spaces) 463 return -1; 464 ldata->column += spaces; 465 tty->ops->write(tty, " ", spaces); 466 return spaces; 467 } 468 ldata->column += spaces; 469 break; 470 case '\b': 471 if (ldata->column > 0) 472 ldata->column--; 473 break; 474 default: 475 if (!iscntrl(c)) { 476 if (O_OLCUC(tty)) 477 c = toupper(c); 478 if (!is_continuation(c, tty)) 479 ldata->column++; 480 } 481 break; 482 } 483 484 tty_put_char(tty, c); 485 return 1; 486} 487 488/** 489 * process_output - output post processor 490 * @c: character (or partial unicode symbol) 491 * @tty: terminal device 492 * 493 * Output one character with OPOST processing. 494 * Returns -1 when the output device is full and the character 495 * must be retried. 496 * 497 * Locking: output_lock to protect column state and space left 498 * (also, this is called from n_tty_write under the 499 * tty layer write lock) 500 */ 501 502static int process_output(unsigned char c, struct tty_struct *tty) 503{ 504 struct n_tty_data *ldata = tty->disc_data; 505 int space, retval; 506 507 mutex_lock(&ldata->output_lock); 508 509 space = tty_write_room(tty); 510 retval = do_output_char(c, tty, space); 511 512 mutex_unlock(&ldata->output_lock); 513 if (retval < 0) 514 return -1; 515 else 516 return 0; 517} 518 519/** 520 * process_output_block - block post processor 521 * @tty: terminal device 522 * @buf: character buffer 523 * @nr: number of bytes to output 524 * 525 * Output a block of characters with OPOST processing. 526 * Returns the number of characters output. 527 * 528 * This path is used to speed up block console writes, among other 529 * things when processing blocks of output data. It handles only 530 * the simple cases normally found and helps to generate blocks of 531 * symbols for the console driver and thus improve performance. 532 * 533 * Locking: output_lock to protect column state and space left 534 * (also, this is called from n_tty_write under the 535 * tty layer write lock) 536 */ 537 538static ssize_t process_output_block(struct tty_struct *tty, 539 const unsigned char *buf, unsigned int nr) 540{ 541 struct n_tty_data *ldata = tty->disc_data; 542 int space; 543 int i; 544 const unsigned char *cp; 545 546 mutex_lock(&ldata->output_lock); 547 548 space = tty_write_room(tty); 549 if (space <= 0) { 550 mutex_unlock(&ldata->output_lock); 551 return space; 552 } 553 if (nr > space) 554 nr = space; 555 556 for (i = 0, cp = buf; i < nr; i++, cp++) { 557 unsigned char c = *cp; 558 559 switch (c) { 560 case '\n': 561 if (O_ONLRET(tty)) 562 ldata->column = 0; 563 if (O_ONLCR(tty)) 564 goto break_out; 565 ldata->canon_column = ldata->column; 566 break; 567 case '\r': 568 if (O_ONOCR(tty) && ldata->column == 0) 569 goto break_out; 570 if (O_OCRNL(tty)) 571 goto break_out; 572 ldata->canon_column = ldata->column = 0; 573 break; 574 case '\t': 575 goto break_out; 576 case '\b': 577 if (ldata->column > 0) 578 ldata->column--; 579 break; 580 default: 581 if (!iscntrl(c)) { 582 if (O_OLCUC(tty)) 583 goto break_out; 584 if (!is_continuation(c, tty)) 585 ldata->column++; 586 } 587 break; 588 } 589 } 590break_out: 591 i = tty->ops->write(tty, buf, i); 592 593 mutex_unlock(&ldata->output_lock); 594 return i; 595} 596 597/** 598 * process_echoes - write pending echo characters 599 * @tty: terminal device 600 * 601 * Write previously buffered echo (and other ldisc-generated) 602 * characters to the tty. 603 * 604 * Characters generated by the ldisc (including echoes) need to 605 * be buffered because the driver's write buffer can fill during 606 * heavy program output. Echoing straight to the driver will 607 * often fail under these conditions, causing lost characters and 608 * resulting mismatches of ldisc state information. 609 * 610 * Since the ldisc state must represent the characters actually sent 611 * to the driver at the time of the write, operations like certain 612 * changes in column state are also saved in the buffer and executed 613 * here. 614 * 615 * A circular fifo buffer is used so that the most recent characters 616 * are prioritized. Also, when control characters are echoed with a 617 * prefixed "^", the pair is treated atomically and thus not separated. 618 * 619 * Locking: callers must hold output_lock 620 */ 621 622static size_t __process_echoes(struct tty_struct *tty) 623{ 624 struct n_tty_data *ldata = tty->disc_data; 625 int space, old_space; 626 size_t tail; 627 unsigned char c; 628 629 old_space = space = tty_write_room(tty); 630 631 tail = ldata->echo_tail; 632 while (MASK(ldata->echo_commit) != MASK(tail)) { 633 c = echo_buf(ldata, tail); 634 if (c == ECHO_OP_START) { 635 unsigned char op; 636 int no_space_left = 0; 637 638 /* 639 * Since add_echo_byte() is called without holding 640 * output_lock, we might see only portion of multi-byte 641 * operation. 642 */ 643 if (MASK(ldata->echo_commit) == MASK(tail + 1)) 644 goto not_yet_stored; 645 /* 646 * If the buffer byte is the start of a multi-byte 647 * operation, get the next byte, which is either the 648 * op code or a control character value. 649 */ 650 op = echo_buf(ldata, tail + 1); 651 652 switch (op) { 653 case ECHO_OP_ERASE_TAB: { 654 unsigned int num_chars, num_bs; 655 656 if (MASK(ldata->echo_commit) == MASK(tail + 2)) 657 goto not_yet_stored; 658 num_chars = echo_buf(ldata, tail + 2); 659 660 /* 661 * Determine how many columns to go back 662 * in order to erase the tab. 663 * This depends on the number of columns 664 * used by other characters within the tab 665 * area. If this (modulo 8) count is from 666 * the start of input rather than from a 667 * previous tab, we offset by canon column. 668 * Otherwise, tab spacing is normal. 669 */ 670 if (!(num_chars & 0x80)) 671 num_chars += ldata->canon_column; 672 num_bs = 8 - (num_chars & 7); 673 674 if (num_bs > space) { 675 no_space_left = 1; 676 break; 677 } 678 space -= num_bs; 679 while (num_bs--) { 680 tty_put_char(tty, '\b'); 681 if (ldata->column > 0) 682 ldata->column--; 683 } 684 tail += 3; 685 break; 686 } 687 case ECHO_OP_SET_CANON_COL: 688 ldata->canon_column = ldata->column; 689 tail += 2; 690 break; 691 692 case ECHO_OP_MOVE_BACK_COL: 693 if (ldata->column > 0) 694 ldata->column--; 695 tail += 2; 696 break; 697 698 case ECHO_OP_START: 699 /* This is an escaped echo op start code */ 700 if (!space) { 701 no_space_left = 1; 702 break; 703 } 704 tty_put_char(tty, ECHO_OP_START); 705 ldata->column++; 706 space--; 707 tail += 2; 708 break; 709 710 default: 711 /* 712 * If the op is not a special byte code, 713 * it is a ctrl char tagged to be echoed 714 * as "^X" (where X is the letter 715 * representing the control char). 716 * Note that we must ensure there is 717 * enough space for the whole ctrl pair. 718 * 719 */ 720 if (space < 2) { 721 no_space_left = 1; 722 break; 723 } 724 tty_put_char(tty, '^'); 725 tty_put_char(tty, op ^ 0100); 726 ldata->column += 2; 727 space -= 2; 728 tail += 2; 729 } 730 731 if (no_space_left) 732 break; 733 } else { 734 if (O_OPOST(tty)) { 735 int retval = do_output_char(c, tty, space); 736 if (retval < 0) 737 break; 738 space -= retval; 739 } else { 740 if (!space) 741 break; 742 tty_put_char(tty, c); 743 space -= 1; 744 } 745 tail += 1; 746 } 747 } 748 749 /* If the echo buffer is nearly full (so that the possibility exists 750 * of echo overrun before the next commit), then discard enough 751 * data at the tail to prevent a subsequent overrun */ 752 while (ldata->echo_commit > tail && 753 ldata->echo_commit - tail >= ECHO_DISCARD_WATERMARK) { 754 if (echo_buf(ldata, tail) == ECHO_OP_START) { 755 if (echo_buf(ldata, tail + 1) == ECHO_OP_ERASE_TAB) 756 tail += 3; 757 else 758 tail += 2; 759 } else 760 tail++; 761 } 762 763 not_yet_stored: 764 ldata->echo_tail = tail; 765 return old_space - space; 766} 767 768static void commit_echoes(struct tty_struct *tty) 769{ 770 struct n_tty_data *ldata = tty->disc_data; 771 size_t nr, old, echoed; 772 size_t head; 773 774 mutex_lock(&ldata->output_lock); 775 head = ldata->echo_head; 776 ldata->echo_mark = head; 777 old = ldata->echo_commit - ldata->echo_tail; 778 779 /* Process committed echoes if the accumulated # of bytes 780 * is over the threshold (and try again each time another 781 * block is accumulated) */ 782 nr = head - ldata->echo_tail; 783 if (nr < ECHO_COMMIT_WATERMARK || 784 (nr % ECHO_BLOCK > old % ECHO_BLOCK)) { 785 mutex_unlock(&ldata->output_lock); 786 return; 787 } 788 789 ldata->echo_commit = head; 790 echoed = __process_echoes(tty); 791 mutex_unlock(&ldata->output_lock); 792 793 if (echoed && tty->ops->flush_chars) 794 tty->ops->flush_chars(tty); 795} 796 797static void process_echoes(struct tty_struct *tty) 798{ 799 struct n_tty_data *ldata = tty->disc_data; 800 size_t echoed; 801 802 if (ldata->echo_mark == ldata->echo_tail) 803 return; 804 805 mutex_lock(&ldata->output_lock); 806 ldata->echo_commit = ldata->echo_mark; 807 echoed = __process_echoes(tty); 808 mutex_unlock(&ldata->output_lock); 809 810 if (echoed && tty->ops->flush_chars) 811 tty->ops->flush_chars(tty); 812} 813 814/* NB: echo_mark and echo_head should be equivalent here */ 815static void flush_echoes(struct tty_struct *tty) 816{ 817 struct n_tty_data *ldata = tty->disc_data; 818 819 if ((!L_ECHO(tty) && !L_ECHONL(tty)) || 820 ldata->echo_commit == ldata->echo_head) 821 return; 822 823 mutex_lock(&ldata->output_lock); 824 ldata->echo_commit = ldata->echo_head; 825 __process_echoes(tty); 826 mutex_unlock(&ldata->output_lock); 827} 828 829/** 830 * add_echo_byte - add a byte to the echo buffer 831 * @c: unicode byte to echo 832 * @ldata: n_tty data 833 * 834 * Add a character or operation byte to the echo buffer. 835 */ 836 837static inline void add_echo_byte(unsigned char c, struct n_tty_data *ldata) 838{ 839 *echo_buf_addr(ldata, ldata->echo_head) = c; 840 smp_wmb(); /* Matches smp_rmb() in echo_buf(). */ 841 ldata->echo_head++; 842} 843 844/** 845 * echo_move_back_col - add operation to move back a column 846 * @ldata: n_tty data 847 * 848 * Add an operation to the echo buffer to move back one column. 849 */ 850 851static void echo_move_back_col(struct n_tty_data *ldata) 852{ 853 add_echo_byte(ECHO_OP_START, ldata); 854 add_echo_byte(ECHO_OP_MOVE_BACK_COL, ldata); 855} 856 857/** 858 * echo_set_canon_col - add operation to set the canon column 859 * @ldata: n_tty data 860 * 861 * Add an operation to the echo buffer to set the canon column 862 * to the current column. 863 */ 864 865static void echo_set_canon_col(struct n_tty_data *ldata) 866{ 867 add_echo_byte(ECHO_OP_START, ldata); 868 add_echo_byte(ECHO_OP_SET_CANON_COL, ldata); 869} 870 871/** 872 * echo_erase_tab - add operation to erase a tab 873 * @num_chars: number of character columns already used 874 * @after_tab: true if num_chars starts after a previous tab 875 * @ldata: n_tty data 876 * 877 * Add an operation to the echo buffer to erase a tab. 878 * 879 * Called by the eraser function, which knows how many character 880 * columns have been used since either a previous tab or the start 881 * of input. This information will be used later, along with 882 * canon column (if applicable), to go back the correct number 883 * of columns. 884 */ 885 886static void echo_erase_tab(unsigned int num_chars, int after_tab, 887 struct n_tty_data *ldata) 888{ 889 add_echo_byte(ECHO_OP_START, ldata); 890 add_echo_byte(ECHO_OP_ERASE_TAB, ldata); 891 892 /* We only need to know this modulo 8 (tab spacing) */ 893 num_chars &= 7; 894 895 /* Set the high bit as a flag if num_chars is after a previous tab */ 896 if (after_tab) 897 num_chars |= 0x80; 898 899 add_echo_byte(num_chars, ldata); 900} 901 902/** 903 * echo_char_raw - echo a character raw 904 * @c: unicode byte to echo 905 * @ldata: line disc data 906 * 907 * Echo user input back onto the screen. This must be called only when 908 * L_ECHO(tty) is true. Called from the driver receive_buf path. 909 * 910 * This variant does not treat control characters specially. 911 */ 912 913static void echo_char_raw(unsigned char c, struct n_tty_data *ldata) 914{ 915 if (c == ECHO_OP_START) { 916 add_echo_byte(ECHO_OP_START, ldata); 917 add_echo_byte(ECHO_OP_START, ldata); 918 } else { 919 add_echo_byte(c, ldata); 920 } 921} 922 923/** 924 * echo_char - echo a character 925 * @c: unicode byte to echo 926 * @tty: terminal device 927 * 928 * Echo user input back onto the screen. This must be called only when 929 * L_ECHO(tty) is true. Called from the driver receive_buf path. 930 * 931 * This variant tags control characters to be echoed as "^X" 932 * (where X is the letter representing the control char). 933 */ 934 935static void echo_char(unsigned char c, struct tty_struct *tty) 936{ 937 struct n_tty_data *ldata = tty->disc_data; 938 939 if (c == ECHO_OP_START) { 940 add_echo_byte(ECHO_OP_START, ldata); 941 add_echo_byte(ECHO_OP_START, ldata); 942 } else { 943 if (L_ECHOCTL(tty) && iscntrl(c) && c != '\t') 944 add_echo_byte(ECHO_OP_START, ldata); 945 add_echo_byte(c, ldata); 946 } 947} 948 949/** 950 * finish_erasing - complete erase 951 * @ldata: n_tty data 952 */ 953 954static inline void finish_erasing(struct n_tty_data *ldata) 955{ 956 if (ldata->erasing) { 957 echo_char_raw('/', ldata); 958 ldata->erasing = 0; 959 } 960} 961 962/** 963 * eraser - handle erase function 964 * @c: character input 965 * @tty: terminal device 966 * 967 * Perform erase and necessary output when an erase character is 968 * present in the stream from the driver layer. Handles the complexities 969 * of UTF-8 multibyte symbols. 970 * 971 * n_tty_receive_buf()/producer path: 972 * caller holds non-exclusive termios_rwsem 973 */ 974 975static void eraser(unsigned char c, struct tty_struct *tty) 976{ 977 struct n_tty_data *ldata = tty->disc_data; 978 enum { ERASE, WERASE, KILL } kill_type; 979 size_t head; 980 size_t cnt; 981 int seen_alnums; 982 983 if (ldata->read_head == ldata->canon_head) { 984 /* process_output('\a', tty); */ /* what do you think? */ 985 return; 986 } 987 if (c == ERASE_CHAR(tty)) 988 kill_type = ERASE; 989 else if (c == WERASE_CHAR(tty)) 990 kill_type = WERASE; 991 else { 992 if (!L_ECHO(tty)) { 993 ldata->read_head = ldata->canon_head; 994 return; 995 } 996 if (!L_ECHOK(tty) || !L_ECHOKE(tty) || !L_ECHOE(tty)) { 997 ldata->read_head = ldata->canon_head; 998 finish_erasing(ldata); 999 echo_char(KILL_CHAR(tty), tty); 1000 /* Add a newline if ECHOK is on and ECHOKE is off. */ 1001 if (L_ECHOK(tty)) 1002 echo_char_raw('\n', ldata); 1003 return; 1004 } 1005 kill_type = KILL; 1006 } 1007 1008 seen_alnums = 0; 1009 while (MASK(ldata->read_head) != MASK(ldata->canon_head)) { 1010 head = ldata->read_head; 1011 1012 /* erase a single possibly multibyte character */ 1013 do { 1014 head--; 1015 c = read_buf(ldata, head); 1016 } while (is_continuation(c, tty) && 1017 MASK(head) != MASK(ldata->canon_head)); 1018 1019 /* do not partially erase */ 1020 if (is_continuation(c, tty)) 1021 break; 1022 1023 if (kill_type == WERASE) { 1024 /* Equivalent to BSD's ALTWERASE. */ 1025 if (isalnum(c) || c == '_') 1026 seen_alnums++; 1027 else if (seen_alnums) 1028 break; 1029 } 1030 cnt = ldata->read_head - head; 1031 ldata->read_head = head; 1032 if (L_ECHO(tty)) { 1033 if (L_ECHOPRT(tty)) { 1034 if (!ldata->erasing) { 1035 echo_char_raw('\\', ldata); 1036 ldata->erasing = 1; 1037 } 1038 /* if cnt > 1, output a multi-byte character */ 1039 echo_char(c, tty); 1040 while (--cnt > 0) { 1041 head++; 1042 echo_char_raw(read_buf(ldata, head), ldata); 1043 echo_move_back_col(ldata); 1044 } 1045 } else if (kill_type == ERASE && !L_ECHOE(tty)) { 1046 echo_char(ERASE_CHAR(tty), tty); 1047 } else if (c == '\t') { 1048 unsigned int num_chars = 0; 1049 int after_tab = 0; 1050 size_t tail = ldata->read_head; 1051 1052 /* 1053 * Count the columns used for characters 1054 * since the start of input or after a 1055 * previous tab. 1056 * This info is used to go back the correct 1057 * number of columns. 1058 */ 1059 while (MASK(tail) != MASK(ldata->canon_head)) { 1060 tail--; 1061 c = read_buf(ldata, tail); 1062 if (c == '\t') { 1063 after_tab = 1; 1064 break; 1065 } else if (iscntrl(c)) { 1066 if (L_ECHOCTL(tty)) 1067 num_chars += 2; 1068 } else if (!is_continuation(c, tty)) { 1069 num_chars++; 1070 } 1071 } 1072 echo_erase_tab(num_chars, after_tab, ldata); 1073 } else { 1074 if (iscntrl(c) && L_ECHOCTL(tty)) { 1075 echo_char_raw('\b', ldata); 1076 echo_char_raw(' ', ldata); 1077 echo_char_raw('\b', ldata); 1078 } 1079 if (!iscntrl(c) || L_ECHOCTL(tty)) { 1080 echo_char_raw('\b', ldata); 1081 echo_char_raw(' ', ldata); 1082 echo_char_raw('\b', ldata); 1083 } 1084 } 1085 } 1086 if (kill_type == ERASE) 1087 break; 1088 } 1089 if (ldata->read_head == ldata->canon_head && L_ECHO(tty)) 1090 finish_erasing(ldata); 1091} 1092 1093/** 1094 * isig - handle the ISIG optio 1095 * @sig: signal 1096 * @tty: terminal 1097 * 1098 * Called when a signal is being sent due to terminal input. 1099 * Called from the driver receive_buf path so serialized. 1100 * 1101 * Performs input and output flush if !NOFLSH. In this context, the echo 1102 * buffer is 'output'. The signal is processed first to alert any current 1103 * readers or writers to discontinue and exit their i/o loops. 1104 * 1105 * Locking: ctrl_lock 1106 */ 1107 1108static void __isig(int sig, struct tty_struct *tty) 1109{ 1110 struct pid *tty_pgrp = tty_get_pgrp(tty); 1111 if (tty_pgrp) { 1112 kill_pgrp(tty_pgrp, sig, 1); 1113 put_pid(tty_pgrp); 1114 } 1115} 1116 1117static void isig(int sig, struct tty_struct *tty) 1118{ 1119 struct n_tty_data *ldata = tty->disc_data; 1120 1121 if (L_NOFLSH(tty)) { 1122 /* signal only */ 1123 __isig(sig, tty); 1124 1125 } else { /* signal and flush */ 1126 up_read(&tty->termios_rwsem); 1127 down_write(&tty->termios_rwsem); 1128 1129 __isig(sig, tty); 1130 1131 /* clear echo buffer */ 1132 mutex_lock(&ldata->output_lock); 1133 ldata->echo_head = ldata->echo_tail = 0; 1134 ldata->echo_mark = ldata->echo_commit = 0; 1135 mutex_unlock(&ldata->output_lock); 1136 1137 /* clear output buffer */ 1138 tty_driver_flush_buffer(tty); 1139 1140 /* clear input buffer */ 1141 reset_buffer_flags(tty->disc_data); 1142 1143 /* notify pty master of flush */ 1144 if (tty->link) 1145 n_tty_packet_mode_flush(tty); 1146 1147 up_write(&tty->termios_rwsem); 1148 down_read(&tty->termios_rwsem); 1149 } 1150} 1151 1152/** 1153 * n_tty_receive_break - handle break 1154 * @tty: terminal 1155 * 1156 * An RS232 break event has been hit in the incoming bitstream. This 1157 * can cause a variety of events depending upon the termios settings. 1158 * 1159 * n_tty_receive_buf()/producer path: 1160 * caller holds non-exclusive termios_rwsem 1161 * 1162 * Note: may get exclusive termios_rwsem if flushing input buffer 1163 */ 1164 1165static void n_tty_receive_break(struct tty_struct *tty) 1166{ 1167 struct n_tty_data *ldata = tty->disc_data; 1168 1169 if (I_IGNBRK(tty)) 1170 return; 1171 if (I_BRKINT(tty)) { 1172 isig(SIGINT, tty); 1173 return; 1174 } 1175 if (I_PARMRK(tty)) { 1176 put_tty_queue('\377', ldata); 1177 put_tty_queue('\0', ldata); 1178 } 1179 put_tty_queue('\0', ldata); 1180} 1181 1182/** 1183 * n_tty_receive_overrun - handle overrun reporting 1184 * @tty: terminal 1185 * 1186 * Data arrived faster than we could process it. While the tty 1187 * driver has flagged this the bits that were missed are gone 1188 * forever. 1189 * 1190 * Called from the receive_buf path so single threaded. Does not 1191 * need locking as num_overrun and overrun_time are function 1192 * private. 1193 */ 1194 1195static void n_tty_receive_overrun(struct tty_struct *tty) 1196{ 1197 struct n_tty_data *ldata = tty->disc_data; 1198 1199 ldata->num_overrun++; 1200 if (time_after(jiffies, ldata->overrun_time + HZ) || 1201 time_after(ldata->overrun_time, jiffies)) { 1202 tty_warn(tty, "%d input overrun(s)\n", ldata->num_overrun); 1203 ldata->overrun_time = jiffies; 1204 ldata->num_overrun = 0; 1205 } 1206} 1207 1208/** 1209 * n_tty_receive_parity_error - error notifier 1210 * @tty: terminal device 1211 * @c: character 1212 * 1213 * Process a parity error and queue the right data to indicate 1214 * the error case if necessary. 1215 * 1216 * n_tty_receive_buf()/producer path: 1217 * caller holds non-exclusive termios_rwsem 1218 */ 1219static void n_tty_receive_parity_error(struct tty_struct *tty, unsigned char c) 1220{ 1221 struct n_tty_data *ldata = tty->disc_data; 1222 1223 if (I_INPCK(tty)) { 1224 if (I_IGNPAR(tty)) 1225 return; 1226 if (I_PARMRK(tty)) { 1227 put_tty_queue('\377', ldata); 1228 put_tty_queue('\0', ldata); 1229 put_tty_queue(c, ldata); 1230 } else 1231 put_tty_queue('\0', ldata); 1232 } else 1233 put_tty_queue(c, ldata); 1234} 1235 1236static void 1237n_tty_receive_signal_char(struct tty_struct *tty, int signal, unsigned char c) 1238{ 1239 isig(signal, tty); 1240 if (I_IXON(tty)) 1241 start_tty(tty); 1242 if (L_ECHO(tty)) { 1243 echo_char(c, tty); 1244 commit_echoes(tty); 1245 } else 1246 process_echoes(tty); 1247 return; 1248} 1249 1250/** 1251 * n_tty_receive_char - perform processing 1252 * @tty: terminal device 1253 * @c: character 1254 * 1255 * Process an individual character of input received from the driver. 1256 * This is serialized with respect to itself by the rules for the 1257 * driver above. 1258 * 1259 * n_tty_receive_buf()/producer path: 1260 * caller holds non-exclusive termios_rwsem 1261 * publishes canon_head if canonical mode is active 1262 * 1263 * Returns 1 if LNEXT was received, else returns 0 1264 */ 1265 1266static int 1267n_tty_receive_char_special(struct tty_struct *tty, unsigned char c) 1268{ 1269 struct n_tty_data *ldata = tty->disc_data; 1270 1271 if (I_IXON(tty)) { 1272 if (c == START_CHAR(tty)) { 1273 start_tty(tty); 1274 process_echoes(tty); 1275 return 0; 1276 } 1277 if (c == STOP_CHAR(tty)) { 1278 stop_tty(tty); 1279 return 0; 1280 } 1281 } 1282 1283 if (L_ISIG(tty)) { 1284 if (c == INTR_CHAR(tty)) { 1285 n_tty_receive_signal_char(tty, SIGINT, c); 1286 return 0; 1287 } else if (c == QUIT_CHAR(tty)) { 1288 n_tty_receive_signal_char(tty, SIGQUIT, c); 1289 return 0; 1290 } else if (c == SUSP_CHAR(tty)) { 1291 n_tty_receive_signal_char(tty, SIGTSTP, c); 1292 return 0; 1293 } 1294 } 1295 1296 if (tty->stopped && !tty->flow_stopped && I_IXON(tty) && I_IXANY(tty)) { 1297 start_tty(tty); 1298 process_echoes(tty); 1299 } 1300 1301 if (c == '\r') { 1302 if (I_IGNCR(tty)) 1303 return 0; 1304 if (I_ICRNL(tty)) 1305 c = '\n'; 1306 } else if (c == '\n' && I_INLCR(tty)) 1307 c = '\r'; 1308 1309 if (ldata->icanon) { 1310 if (c == ERASE_CHAR(tty) || c == KILL_CHAR(tty) || 1311 (c == WERASE_CHAR(tty) && L_IEXTEN(tty))) { 1312 eraser(c, tty); 1313 commit_echoes(tty); 1314 return 0; 1315 } 1316 if (c == LNEXT_CHAR(tty) && L_IEXTEN(tty)) { 1317 ldata->lnext = 1; 1318 if (L_ECHO(tty)) { 1319 finish_erasing(ldata); 1320 if (L_ECHOCTL(tty)) { 1321 echo_char_raw('^', ldata); 1322 echo_char_raw('\b', ldata); 1323 commit_echoes(tty); 1324 } 1325 } 1326 return 1; 1327 } 1328 if (c == REPRINT_CHAR(tty) && L_ECHO(tty) && L_IEXTEN(tty)) { 1329 size_t tail = ldata->canon_head; 1330 1331 finish_erasing(ldata); 1332 echo_char(c, tty); 1333 echo_char_raw('\n', ldata); 1334 while (MASK(tail) != MASK(ldata->read_head)) { 1335 echo_char(read_buf(ldata, tail), tty); 1336 tail++; 1337 } 1338 commit_echoes(tty); 1339 return 0; 1340 } 1341 if (c == '\n') { 1342 if (L_ECHO(tty) || L_ECHONL(tty)) { 1343 echo_char_raw('\n', ldata); 1344 commit_echoes(tty); 1345 } 1346 goto handle_newline; 1347 } 1348 if (c == EOF_CHAR(tty)) { 1349 c = __DISABLED_CHAR; 1350 goto handle_newline; 1351 } 1352 if ((c == EOL_CHAR(tty)) || 1353 (c == EOL2_CHAR(tty) && L_IEXTEN(tty))) { 1354 /* 1355 * XXX are EOL_CHAR and EOL2_CHAR echoed?!? 1356 */ 1357 if (L_ECHO(tty)) { 1358 /* Record the column of first canon char. */ 1359 if (ldata->canon_head == ldata->read_head) 1360 echo_set_canon_col(ldata); 1361 echo_char(c, tty); 1362 commit_echoes(tty); 1363 } 1364 /* 1365 * XXX does PARMRK doubling happen for 1366 * EOL_CHAR and EOL2_CHAR? 1367 */ 1368 if (c == (unsigned char) '\377' && I_PARMRK(tty)) 1369 put_tty_queue(c, ldata); 1370 1371handle_newline: 1372 set_bit(ldata->read_head & (N_TTY_BUF_SIZE - 1), ldata->read_flags); 1373 put_tty_queue(c, ldata); 1374 smp_store_release(&ldata->canon_head, ldata->read_head); 1375 kill_fasync(&tty->fasync, SIGIO, POLL_IN); 1376 wake_up_interruptible_poll(&tty->read_wait, EPOLLIN); 1377 return 0; 1378 } 1379 } 1380 1381 if (L_ECHO(tty)) { 1382 finish_erasing(ldata); 1383 if (c == '\n') 1384 echo_char_raw('\n', ldata); 1385 else { 1386 /* Record the column of first canon char. */ 1387 if (ldata->canon_head == ldata->read_head) 1388 echo_set_canon_col(ldata); 1389 echo_char(c, tty); 1390 } 1391 commit_echoes(tty); 1392 } 1393 1394 /* PARMRK doubling check */ 1395 if (c == (unsigned char) '\377' && I_PARMRK(tty)) 1396 put_tty_queue(c, ldata); 1397 1398 put_tty_queue(c, ldata); 1399 return 0; 1400} 1401 1402static inline void 1403n_tty_receive_char_inline(struct tty_struct *tty, unsigned char c) 1404{ 1405 struct n_tty_data *ldata = tty->disc_data; 1406 1407 if (tty->stopped && !tty->flow_stopped && I_IXON(tty) && I_IXANY(tty)) { 1408 start_tty(tty); 1409 process_echoes(tty); 1410 } 1411 if (L_ECHO(tty)) { 1412 finish_erasing(ldata); 1413 /* Record the column of first canon char. */ 1414 if (ldata->canon_head == ldata->read_head) 1415 echo_set_canon_col(ldata); 1416 echo_char(c, tty); 1417 commit_echoes(tty); 1418 } 1419 /* PARMRK doubling check */ 1420 if (c == (unsigned char) '\377' && I_PARMRK(tty)) 1421 put_tty_queue(c, ldata); 1422 put_tty_queue(c, ldata); 1423} 1424 1425static void n_tty_receive_char(struct tty_struct *tty, unsigned char c) 1426{ 1427 n_tty_receive_char_inline(tty, c); 1428} 1429 1430static inline void 1431n_tty_receive_char_fast(struct tty_struct *tty, unsigned char c) 1432{ 1433 struct n_tty_data *ldata = tty->disc_data; 1434 1435 if (tty->stopped && !tty->flow_stopped && I_IXON(tty) && I_IXANY(tty)) { 1436 start_tty(tty); 1437 process_echoes(tty); 1438 } 1439 if (L_ECHO(tty)) { 1440 finish_erasing(ldata); 1441 /* Record the column of first canon char. */ 1442 if (ldata->canon_head == ldata->read_head) 1443 echo_set_canon_col(ldata); 1444 echo_char(c, tty); 1445 commit_echoes(tty); 1446 } 1447 put_tty_queue(c, ldata); 1448} 1449 1450static void n_tty_receive_char_closing(struct tty_struct *tty, unsigned char c) 1451{ 1452 if (I_ISTRIP(tty)) 1453 c &= 0x7f; 1454 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1455 c = tolower(c); 1456 1457 if (I_IXON(tty)) { 1458 if (c == STOP_CHAR(tty)) 1459 stop_tty(tty); 1460 else if (c == START_CHAR(tty) || 1461 (tty->stopped && !tty->flow_stopped && I_IXANY(tty) && 1462 c != INTR_CHAR(tty) && c != QUIT_CHAR(tty) && 1463 c != SUSP_CHAR(tty))) { 1464 start_tty(tty); 1465 process_echoes(tty); 1466 } 1467 } 1468} 1469 1470static void 1471n_tty_receive_char_flagged(struct tty_struct *tty, unsigned char c, char flag) 1472{ 1473 switch (flag) { 1474 case TTY_BREAK: 1475 n_tty_receive_break(tty); 1476 break; 1477 case TTY_PARITY: 1478 case TTY_FRAME: 1479 n_tty_receive_parity_error(tty, c); 1480 break; 1481 case TTY_OVERRUN: 1482 n_tty_receive_overrun(tty); 1483 break; 1484 default: 1485 tty_err(tty, "unknown flag %d\n", flag); 1486 break; 1487 } 1488} 1489 1490static void 1491n_tty_receive_char_lnext(struct tty_struct *tty, unsigned char c, char flag) 1492{ 1493 struct n_tty_data *ldata = tty->disc_data; 1494 1495 ldata->lnext = 0; 1496 if (likely(flag == TTY_NORMAL)) { 1497 if (I_ISTRIP(tty)) 1498 c &= 0x7f; 1499 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1500 c = tolower(c); 1501 n_tty_receive_char(tty, c); 1502 } else 1503 n_tty_receive_char_flagged(tty, c, flag); 1504} 1505 1506static void 1507n_tty_receive_buf_real_raw(struct tty_struct *tty, const unsigned char *cp, 1508 char *fp, int count) 1509{ 1510 struct n_tty_data *ldata = tty->disc_data; 1511 size_t n, head; 1512 1513 head = ldata->read_head & (N_TTY_BUF_SIZE - 1); 1514 n = min_t(size_t, count, N_TTY_BUF_SIZE - head); 1515 memcpy(read_buf_addr(ldata, head), cp, n); 1516 ldata->read_head += n; 1517 cp += n; 1518 count -= n; 1519 1520 head = ldata->read_head & (N_TTY_BUF_SIZE - 1); 1521 n = min_t(size_t, count, N_TTY_BUF_SIZE - head); 1522 memcpy(read_buf_addr(ldata, head), cp, n); 1523 ldata->read_head += n; 1524} 1525 1526static void 1527n_tty_receive_buf_raw(struct tty_struct *tty, const unsigned char *cp, 1528 char *fp, int count) 1529{ 1530 struct n_tty_data *ldata = tty->disc_data; 1531 char flag = TTY_NORMAL; 1532 1533 while (count--) { 1534 if (fp) 1535 flag = *fp++; 1536 if (likely(flag == TTY_NORMAL)) 1537 put_tty_queue(*cp++, ldata); 1538 else 1539 n_tty_receive_char_flagged(tty, *cp++, flag); 1540 } 1541} 1542 1543static void 1544n_tty_receive_buf_closing(struct tty_struct *tty, const unsigned char *cp, 1545 char *fp, int count) 1546{ 1547 char flag = TTY_NORMAL; 1548 1549 while (count--) { 1550 if (fp) 1551 flag = *fp++; 1552 if (likely(flag == TTY_NORMAL)) 1553 n_tty_receive_char_closing(tty, *cp++); 1554 } 1555} 1556 1557static void 1558n_tty_receive_buf_standard(struct tty_struct *tty, const unsigned char *cp, 1559 char *fp, int count) 1560{ 1561 struct n_tty_data *ldata = tty->disc_data; 1562 char flag = TTY_NORMAL; 1563 1564 while (count--) { 1565 if (fp) 1566 flag = *fp++; 1567 if (likely(flag == TTY_NORMAL)) { 1568 unsigned char c = *cp++; 1569 1570 if (I_ISTRIP(tty)) 1571 c &= 0x7f; 1572 if (I_IUCLC(tty) && L_IEXTEN(tty)) 1573 c = tolower(c); 1574 if (L_EXTPROC(tty)) { 1575 put_tty_queue(c, ldata); 1576 continue; 1577 } 1578 if (!test_bit(c, ldata->char_map)) 1579 n_tty_receive_char_inline(tty, c); 1580 else if (n_tty_receive_char_special(tty, c) && count) { 1581 if (fp) 1582 flag = *fp++; 1583 n_tty_receive_char_lnext(tty, *cp++, flag); 1584 count--; 1585 } 1586 } else 1587 n_tty_receive_char_flagged(tty, *cp++, flag); 1588 } 1589} 1590 1591static void 1592n_tty_receive_buf_fast(struct tty_struct *tty, const unsigned char *cp, 1593 char *fp, int count) 1594{ 1595 struct n_tty_data *ldata = tty->disc_data; 1596 char flag = TTY_NORMAL; 1597 1598 while (count--) { 1599 if (fp) 1600 flag = *fp++; 1601 if (likely(flag == TTY_NORMAL)) { 1602 unsigned char c = *cp++; 1603 1604 if (!test_bit(c, ldata->char_map)) 1605 n_tty_receive_char_fast(tty, c); 1606 else if (n_tty_receive_char_special(tty, c) && count) { 1607 if (fp) 1608 flag = *fp++; 1609 n_tty_receive_char_lnext(tty, *cp++, flag); 1610 count--; 1611 } 1612 } else 1613 n_tty_receive_char_flagged(tty, *cp++, flag); 1614 } 1615} 1616 1617static void __receive_buf(struct tty_struct *tty, const unsigned char *cp, 1618 char *fp, int count) 1619{ 1620 struct n_tty_data *ldata = tty->disc_data; 1621 bool preops = I_ISTRIP(tty) || (I_IUCLC(tty) && L_IEXTEN(tty)); 1622 1623 if (ldata->real_raw) 1624 n_tty_receive_buf_real_raw(tty, cp, fp, count); 1625 else if (ldata->raw || (L_EXTPROC(tty) && !preops)) 1626 n_tty_receive_buf_raw(tty, cp, fp, count); 1627 else if (tty->closing && !L_EXTPROC(tty)) 1628 n_tty_receive_buf_closing(tty, cp, fp, count); 1629 else { 1630 if (ldata->lnext) { 1631 char flag = TTY_NORMAL; 1632 1633 if (fp) 1634 flag = *fp++; 1635 n_tty_receive_char_lnext(tty, *cp++, flag); 1636 count--; 1637 } 1638 1639 if (!preops && !I_PARMRK(tty)) 1640 n_tty_receive_buf_fast(tty, cp, fp, count); 1641 else 1642 n_tty_receive_buf_standard(tty, cp, fp, count); 1643 1644 flush_echoes(tty); 1645 if (tty->ops->flush_chars) 1646 tty->ops->flush_chars(tty); 1647 } 1648 1649 if (ldata->icanon && !L_EXTPROC(tty)) 1650 return; 1651 1652 /* publish read_head to consumer */ 1653 smp_store_release(&ldata->commit_head, ldata->read_head); 1654 1655 if (read_cnt(ldata)) { 1656 kill_fasync(&tty->fasync, SIGIO, POLL_IN); 1657 wake_up_interruptible_poll(&tty->read_wait, EPOLLIN); 1658 } 1659} 1660 1661/** 1662 * n_tty_receive_buf_common - process input 1663 * @tty: device to receive input 1664 * @cp: input chars 1665 * @fp: flags for each char (if NULL, all chars are TTY_NORMAL) 1666 * @count: number of input chars in @cp 1667 * 1668 * Called by the terminal driver when a block of characters has 1669 * been received. This function must be called from soft contexts 1670 * not from interrupt context. The driver is responsible for making 1671 * calls one at a time and in order (or using flush_to_ldisc) 1672 * 1673 * Returns the # of input chars from @cp which were processed. 1674 * 1675 * In canonical mode, the maximum line length is 4096 chars (including 1676 * the line termination char); lines longer than 4096 chars are 1677 * truncated. After 4095 chars, input data is still processed but 1678 * not stored. Overflow processing ensures the tty can always 1679 * receive more input until at least one line can be read. 1680 * 1681 * In non-canonical mode, the read buffer will only accept 4095 chars; 1682 * this provides the necessary space for a newline char if the input 1683 * mode is switched to canonical. 1684 * 1685 * Note it is possible for the read buffer to _contain_ 4096 chars 1686 * in non-canonical mode: the read buffer could already contain the 1687 * maximum canon line of 4096 chars when the mode is switched to 1688 * non-canonical. 1689 * 1690 * n_tty_receive_buf()/producer path: 1691 * claims non-exclusive termios_rwsem 1692 * publishes commit_head or canon_head 1693 */ 1694static int 1695n_tty_receive_buf_common(struct tty_struct *tty, const unsigned char *cp, 1696 char *fp, int count, int flow) 1697{ 1698 struct n_tty_data *ldata = tty->disc_data; 1699 int room, n, rcvd = 0, overflow; 1700 1701 down_read(&tty->termios_rwsem); 1702 1703 do { 1704 /* 1705 * When PARMRK is set, each input char may take up to 3 chars 1706 * in the read buf; reduce the buffer space avail by 3x 1707 * 1708 * If we are doing input canonicalization, and there are no 1709 * pending newlines, let characters through without limit, so 1710 * that erase characters will be handled. Other excess 1711 * characters will be beeped. 1712 * 1713 * paired with store in *_copy_from_read_buf() -- guarantees 1714 * the consumer has loaded the data in read_buf up to the new 1715 * read_tail (so this producer will not overwrite unread data) 1716 */ 1717 size_t tail = smp_load_acquire(&ldata->read_tail); 1718 1719 room = N_TTY_BUF_SIZE - (ldata->read_head - tail); 1720 if (I_PARMRK(tty)) 1721 room = (room + 2) / 3; 1722 room--; 1723 if (room <= 0) { 1724 overflow = ldata->icanon && ldata->canon_head == tail; 1725 if (overflow && room < 0) 1726 ldata->read_head--; 1727 room = overflow; 1728 ldata->no_room = flow && !room; 1729 } else 1730 overflow = 0; 1731 1732 n = min(count, room); 1733 if (!n) 1734 break; 1735 1736 /* ignore parity errors if handling overflow */ 1737 if (!overflow || !fp || *fp != TTY_PARITY) 1738 __receive_buf(tty, cp, fp, n); 1739 1740 cp += n; 1741 if (fp) 1742 fp += n; 1743 count -= n; 1744 rcvd += n; 1745 } while (!test_bit(TTY_LDISC_CHANGING, &tty->flags)); 1746 1747 tty->receive_room = room; 1748 1749 /* Unthrottle if handling overflow on pty */ 1750 if (tty->driver->type == TTY_DRIVER_TYPE_PTY) { 1751 if (overflow) { 1752 tty_set_flow_change(tty, TTY_UNTHROTTLE_SAFE); 1753 tty_unthrottle_safe(tty); 1754 __tty_set_flow_change(tty, 0); 1755 } 1756 } else 1757 n_tty_check_throttle(tty); 1758 1759 up_read(&tty->termios_rwsem); 1760 1761 return rcvd; 1762} 1763 1764static void n_tty_receive_buf(struct tty_struct *tty, const unsigned char *cp, 1765 char *fp, int count) 1766{ 1767 n_tty_receive_buf_common(tty, cp, fp, count, 0); 1768} 1769 1770static int n_tty_receive_buf2(struct tty_struct *tty, const unsigned char *cp, 1771 char *fp, int count) 1772{ 1773 return n_tty_receive_buf_common(tty, cp, fp, count, 1); 1774} 1775 1776/** 1777 * n_tty_set_termios - termios data changed 1778 * @tty: terminal 1779 * @old: previous data 1780 * 1781 * Called by the tty layer when the user changes termios flags so 1782 * that the line discipline can plan ahead. This function cannot sleep 1783 * and is protected from re-entry by the tty layer. The user is 1784 * guaranteed that this function will not be re-entered or in progress 1785 * when the ldisc is closed. 1786 * 1787 * Locking: Caller holds tty->termios_rwsem 1788 */ 1789 1790static void n_tty_set_termios(struct tty_struct *tty, struct ktermios *old) 1791{ 1792 struct n_tty_data *ldata = tty->disc_data; 1793 1794 if (!old || (old->c_lflag ^ tty->termios.c_lflag) & (ICANON | EXTPROC)) { 1795 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE); 1796 ldata->line_start = ldata->read_tail; 1797 if (!L_ICANON(tty) || !read_cnt(ldata)) { 1798 ldata->canon_head = ldata->read_tail; 1799 ldata->push = 0; 1800 } else { 1801 set_bit((ldata->read_head - 1) & (N_TTY_BUF_SIZE - 1), 1802 ldata->read_flags); 1803 ldata->canon_head = ldata->read_head; 1804 ldata->push = 1; 1805 } 1806 ldata->commit_head = ldata->read_head; 1807 ldata->erasing = 0; 1808 ldata->lnext = 0; 1809 } 1810 1811 ldata->icanon = (L_ICANON(tty) != 0); 1812 1813 if (I_ISTRIP(tty) || I_IUCLC(tty) || I_IGNCR(tty) || 1814 I_ICRNL(tty) || I_INLCR(tty) || L_ICANON(tty) || 1815 I_IXON(tty) || L_ISIG(tty) || L_ECHO(tty) || 1816 I_PARMRK(tty)) { 1817 bitmap_zero(ldata->char_map, 256); 1818 1819 if (I_IGNCR(tty) || I_ICRNL(tty)) 1820 set_bit('\r', ldata->char_map); 1821 if (I_INLCR(tty)) 1822 set_bit('\n', ldata->char_map); 1823 1824 if (L_ICANON(tty)) { 1825 set_bit(ERASE_CHAR(tty), ldata->char_map); 1826 set_bit(KILL_CHAR(tty), ldata->char_map); 1827 set_bit(EOF_CHAR(tty), ldata->char_map); 1828 set_bit('\n', ldata->char_map); 1829 set_bit(EOL_CHAR(tty), ldata->char_map); 1830 if (L_IEXTEN(tty)) { 1831 set_bit(WERASE_CHAR(tty), ldata->char_map); 1832 set_bit(LNEXT_CHAR(tty), ldata->char_map); 1833 set_bit(EOL2_CHAR(tty), ldata->char_map); 1834 if (L_ECHO(tty)) 1835 set_bit(REPRINT_CHAR(tty), 1836 ldata->char_map); 1837 } 1838 } 1839 if (I_IXON(tty)) { 1840 set_bit(START_CHAR(tty), ldata->char_map); 1841 set_bit(STOP_CHAR(tty), ldata->char_map); 1842 } 1843 if (L_ISIG(tty)) { 1844 set_bit(INTR_CHAR(tty), ldata->char_map); 1845 set_bit(QUIT_CHAR(tty), ldata->char_map); 1846 set_bit(SUSP_CHAR(tty), ldata->char_map); 1847 } 1848 clear_bit(__DISABLED_CHAR, ldata->char_map); 1849 ldata->raw = 0; 1850 ldata->real_raw = 0; 1851 } else { 1852 ldata->raw = 1; 1853 if ((I_IGNBRK(tty) || (!I_BRKINT(tty) && !I_PARMRK(tty))) && 1854 (I_IGNPAR(tty) || !I_INPCK(tty)) && 1855 (tty->driver->flags & TTY_DRIVER_REAL_RAW)) 1856 ldata->real_raw = 1; 1857 else 1858 ldata->real_raw = 0; 1859 } 1860 /* 1861 * Fix tty hang when I_IXON(tty) is cleared, but the tty 1862 * been stopped by STOP_CHAR(tty) before it. 1863 */ 1864 if (!I_IXON(tty) && old && (old->c_iflag & IXON) && !tty->flow_stopped) { 1865 start_tty(tty); 1866 process_echoes(tty); 1867 } 1868 1869 /* The termios change make the tty ready for I/O */ 1870 wake_up_interruptible(&tty->write_wait); 1871 wake_up_interruptible(&tty->read_wait); 1872} 1873 1874/** 1875 * n_tty_close - close the ldisc for this tty 1876 * @tty: device 1877 * 1878 * Called from the terminal layer when this line discipline is 1879 * being shut down, either because of a close or becsuse of a 1880 * discipline change. The function will not be called while other 1881 * ldisc methods are in progress. 1882 */ 1883 1884static void n_tty_close(struct tty_struct *tty) 1885{ 1886 struct n_tty_data *ldata = tty->disc_data; 1887 1888 if (tty->link) 1889 n_tty_packet_mode_flush(tty); 1890 1891 vfree(ldata); 1892 tty->disc_data = NULL; 1893} 1894 1895/** 1896 * n_tty_open - open an ldisc 1897 * @tty: terminal to open 1898 * 1899 * Called when this line discipline is being attached to the 1900 * terminal device. Can sleep. Called serialized so that no 1901 * other events will occur in parallel. No further open will occur 1902 * until a close. 1903 */ 1904 1905static int n_tty_open(struct tty_struct *tty) 1906{ 1907 struct n_tty_data *ldata; 1908 1909 /* Currently a malloc failure here can panic */ 1910 ldata = vzalloc(sizeof(*ldata)); 1911 if (!ldata) 1912 return -ENOMEM; 1913 1914 ldata->overrun_time = jiffies; 1915 mutex_init(&ldata->atomic_read_lock); 1916 mutex_init(&ldata->output_lock); 1917 1918 tty->disc_data = ldata; 1919 tty->closing = 0; 1920 /* indicate buffer work may resume */ 1921 clear_bit(TTY_LDISC_HALTED, &tty->flags); 1922 n_tty_set_termios(tty, NULL); 1923 tty_unthrottle(tty); 1924 return 0; 1925} 1926 1927static inline int input_available_p(struct tty_struct *tty, int poll) 1928{ 1929 struct n_tty_data *ldata = tty->disc_data; 1930 int amt = poll && !TIME_CHAR(tty) && MIN_CHAR(tty) ? MIN_CHAR(tty) : 1; 1931 1932 if (ldata->icanon && !L_EXTPROC(tty)) 1933 return ldata->canon_head != ldata->read_tail; 1934 else 1935 return ldata->commit_head - ldata->read_tail >= amt; 1936} 1937 1938/** 1939 * copy_from_read_buf - copy read data directly 1940 * @tty: terminal device 1941 * @kbp: data 1942 * @nr: size of data 1943 * 1944 * Helper function to speed up n_tty_read. It is only called when 1945 * ICANON is off; it copies characters straight from the tty queue. 1946 * 1947 * Called under the ldata->atomic_read_lock sem 1948 * 1949 * Returns true if it successfully copied data, but there is still 1950 * more data to be had. 1951 * 1952 * n_tty_read()/consumer path: 1953 * caller holds non-exclusive termios_rwsem 1954 * read_tail published 1955 */ 1956 1957static bool copy_from_read_buf(struct tty_struct *tty, 1958 unsigned char **kbp, 1959 size_t *nr) 1960 1961{ 1962 struct n_tty_data *ldata = tty->disc_data; 1963 size_t n; 1964 bool is_eof; 1965 size_t head = smp_load_acquire(&ldata->commit_head); 1966 size_t tail = ldata->read_tail & (N_TTY_BUF_SIZE - 1); 1967 1968 n = min(head - ldata->read_tail, N_TTY_BUF_SIZE - tail); 1969 n = min(*nr, n); 1970 if (n) { 1971 unsigned char *from = read_buf_addr(ldata, tail); 1972 memcpy(*kbp, from, n); 1973 is_eof = n == 1 && *from == EOF_CHAR(tty); 1974 tty_audit_add_data(tty, from, n); 1975 zero_buffer(tty, from, n); 1976 smp_store_release(&ldata->read_tail, ldata->read_tail + n); 1977 /* Turn single EOF into zero-length read */ 1978 if (L_EXTPROC(tty) && ldata->icanon && is_eof && 1979 (head == ldata->read_tail)) 1980 return false; 1981 *kbp += n; 1982 *nr -= n; 1983 1984 /* If we have more to copy, let the caller know */ 1985 return head != ldata->read_tail; 1986 } 1987 return false; 1988} 1989 1990/** 1991 * canon_copy_from_read_buf - copy read data in canonical mode 1992 * @tty: terminal device 1993 * @kbp: data 1994 * @nr: size of data 1995 * 1996 * Helper function for n_tty_read. It is only called when ICANON is on; 1997 * it copies one line of input up to and including the line-delimiting 1998 * character into the result buffer. 1999 * 2000 * NB: When termios is changed from non-canonical to canonical mode and 2001 * the read buffer contains data, n_tty_set_termios() simulates an EOF 2002 * push (as if C-d were input) _without_ the DISABLED_CHAR in the buffer. 2003 * This causes data already processed as input to be immediately available 2004 * as input although a newline has not been received. 2005 * 2006 * Called under the atomic_read_lock mutex 2007 * 2008 * n_tty_read()/consumer path: 2009 * caller holds non-exclusive termios_rwsem 2010 * read_tail published 2011 */ 2012 2013static bool canon_copy_from_read_buf(struct tty_struct *tty, 2014 unsigned char **kbp, 2015 size_t *nr) 2016{ 2017 struct n_tty_data *ldata = tty->disc_data; 2018 size_t n, size, more, c; 2019 size_t eol; 2020 size_t tail, canon_head; 2021 int found = 0; 2022 2023 /* N.B. avoid overrun if nr == 0 */ 2024 if (!*nr) 2025 return false; 2026 2027 canon_head = smp_load_acquire(&ldata->canon_head); 2028 n = min(*nr, canon_head - ldata->read_tail); 2029 2030 tail = ldata->read_tail & (N_TTY_BUF_SIZE - 1); 2031 size = min_t(size_t, tail + n, N_TTY_BUF_SIZE); 2032 2033 n_tty_trace("%s: nr:%zu tail:%zu n:%zu size:%zu\n", 2034 __func__, *nr, tail, n, size); 2035 2036 eol = find_next_bit(ldata->read_flags, size, tail); 2037 more = n - (size - tail); 2038 if (eol == N_TTY_BUF_SIZE && more) { 2039 /* scan wrapped without finding set bit */ 2040 eol = find_next_bit(ldata->read_flags, more, 0); 2041 found = eol != more; 2042 } else 2043 found = eol != size; 2044 2045 n = eol - tail; 2046 if (n > N_TTY_BUF_SIZE) 2047 n += N_TTY_BUF_SIZE; 2048 c = n + found; 2049 2050 if (!found || read_buf(ldata, eol) != __DISABLED_CHAR) 2051 n = c; 2052 2053 n_tty_trace("%s: eol:%zu found:%d n:%zu c:%zu tail:%zu more:%zu\n", 2054 __func__, eol, found, n, c, tail, more); 2055 2056 tty_copy(tty, *kbp, tail, n); 2057 *kbp += n; 2058 *nr -= n; 2059 2060 if (found) 2061 clear_bit(eol, ldata->read_flags); 2062 smp_store_release(&ldata->read_tail, ldata->read_tail + c); 2063 2064 if (found) { 2065 if (!ldata->push) 2066 ldata->line_start = ldata->read_tail; 2067 else 2068 ldata->push = 0; 2069 tty_audit_push(); 2070 return false; 2071 } 2072 2073 /* No EOL found - do a continuation retry if there is more data */ 2074 return ldata->read_tail != canon_head; 2075} 2076 2077/* 2078 * If we finished a read at the exact location of an 2079 * EOF (special EOL character that's a __DISABLED_CHAR) 2080 * in the stream, silently eat the EOF. 2081 */ 2082static void canon_skip_eof(struct tty_struct *tty) 2083{ 2084 struct n_tty_data *ldata = tty->disc_data; 2085 size_t tail, canon_head; 2086 2087 canon_head = smp_load_acquire(&ldata->canon_head); 2088 tail = ldata->read_tail; 2089 2090 // No data? 2091 if (tail == canon_head) 2092 return; 2093 2094 // See if the tail position is EOF in the circular buffer 2095 tail &= (N_TTY_BUF_SIZE - 1); 2096 if (!test_bit(tail, ldata->read_flags)) 2097 return; 2098 if (read_buf(ldata, tail) != __DISABLED_CHAR) 2099 return; 2100 2101 // Clear the EOL bit, skip the EOF char. 2102 clear_bit(tail, ldata->read_flags); 2103 smp_store_release(&ldata->read_tail, ldata->read_tail + 1); 2104} 2105 2106/** 2107 * job_control - check job control 2108 * @tty: tty 2109 * @file: file handle 2110 * 2111 * Perform job control management checks on this file/tty descriptor 2112 * and if appropriate send any needed signals and return a negative 2113 * error code if action should be taken. 2114 * 2115 * Locking: redirected write test is safe 2116 * current->signal->tty check is safe 2117 * ctrl_lock to safely reference tty->pgrp 2118 */ 2119 2120static int job_control(struct tty_struct *tty, struct file *file) 2121{ 2122 /* Job control check -- must be done at start and after 2123 every sleep (POSIX.1 7.1.1.4). */ 2124 /* NOTE: not yet done after every sleep pending a thorough 2125 check of the logic of this change. -- jlc */ 2126 /* don't stop on /dev/console */ 2127 if (file->f_op->write_iter == redirected_tty_write) 2128 return 0; 2129 2130 return __tty_check_change(tty, SIGTTIN); 2131} 2132 2133 2134/** 2135 * n_tty_read - read function for tty 2136 * @tty: tty device 2137 * @file: file object 2138 * @buf: userspace buffer pointer 2139 * @nr: size of I/O 2140 * 2141 * Perform reads for the line discipline. We are guaranteed that the 2142 * line discipline will not be closed under us but we may get multiple 2143 * parallel readers and must handle this ourselves. We may also get 2144 * a hangup. Always called in user context, may sleep. 2145 * 2146 * This code must be sure never to sleep through a hangup. 2147 * 2148 * n_tty_read()/consumer path: 2149 * claims non-exclusive termios_rwsem 2150 * publishes read_tail 2151 */ 2152 2153static ssize_t n_tty_read(struct tty_struct *tty, struct file *file, 2154 unsigned char *kbuf, size_t nr, 2155 void **cookie, unsigned long offset) 2156{ 2157 struct n_tty_data *ldata = tty->disc_data; 2158 unsigned char *kb = kbuf; 2159 DEFINE_WAIT_FUNC(wait, woken_wake_function); 2160 int c; 2161 int minimum, time; 2162 ssize_t retval = 0; 2163 long timeout; 2164 int packet; 2165 size_t tail; 2166 2167 /* 2168 * Is this a continuation of a read started earler? 2169 * 2170 * If so, we still hold the atomic_read_lock and the 2171 * termios_rwsem, and can just continue to copy data. 2172 */ 2173 if (*cookie) { 2174 if (ldata->icanon && !L_EXTPROC(tty)) { 2175 /* 2176 * If we have filled the user buffer, see 2177 * if we should skip an EOF character before 2178 * releasing the lock and returning done. 2179 */ 2180 if (!nr) 2181 canon_skip_eof(tty); 2182 else if (canon_copy_from_read_buf(tty, &kb, &nr)) 2183 return kb - kbuf; 2184 } else { 2185 if (copy_from_read_buf(tty, &kb, &nr)) 2186 return kb - kbuf; 2187 } 2188 2189 /* No more data - release locks and stop retries */ 2190 n_tty_kick_worker(tty); 2191 n_tty_check_unthrottle(tty); 2192 up_read(&tty->termios_rwsem); 2193 mutex_unlock(&ldata->atomic_read_lock); 2194 *cookie = NULL; 2195 return kb - kbuf; 2196 } 2197 2198 c = job_control(tty, file); 2199 if (c < 0) 2200 return c; 2201 2202 /* 2203 * Internal serialization of reads. 2204 */ 2205 if (file->f_flags & O_NONBLOCK) { 2206 if (!mutex_trylock(&ldata->atomic_read_lock)) 2207 return -EAGAIN; 2208 } else { 2209 if (mutex_lock_interruptible(&ldata->atomic_read_lock)) 2210 return -ERESTARTSYS; 2211 } 2212 2213 down_read(&tty->termios_rwsem); 2214 2215 minimum = time = 0; 2216 timeout = MAX_SCHEDULE_TIMEOUT; 2217 if (!ldata->icanon) { 2218 minimum = MIN_CHAR(tty); 2219 if (minimum) { 2220 time = (HZ / 10) * TIME_CHAR(tty); 2221 } else { 2222 timeout = (HZ / 10) * TIME_CHAR(tty); 2223 minimum = 1; 2224 } 2225 } 2226 2227 packet = tty->packet; 2228 tail = ldata->read_tail; 2229 2230 add_wait_queue(&tty->read_wait, &wait); 2231 while (nr) { 2232 /* First test for status change. */ 2233 if (packet && tty->link->ctrl_status) { 2234 unsigned char cs; 2235 if (kb != kbuf) 2236 break; 2237 spin_lock_irq(&tty->link->ctrl_lock); 2238 cs = tty->link->ctrl_status; 2239 tty->link->ctrl_status = 0; 2240 spin_unlock_irq(&tty->link->ctrl_lock); 2241 *kb++ = cs; 2242 nr--; 2243 break; 2244 } 2245 2246 if (!input_available_p(tty, 0)) { 2247 up_read(&tty->termios_rwsem); 2248 tty_buffer_flush_work(tty->port); 2249 down_read(&tty->termios_rwsem); 2250 if (!input_available_p(tty, 0)) { 2251 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) { 2252 retval = -EIO; 2253 break; 2254 } 2255 if (tty_hung_up_p(file)) 2256 break; 2257 /* 2258 * Abort readers for ttys which never actually 2259 * get hung up. See __tty_hangup(). 2260 */ 2261 if (test_bit(TTY_HUPPING, &tty->flags)) 2262 break; 2263 if (!timeout) 2264 break; 2265 if (tty_io_nonblock(tty, file)) { 2266 retval = -EAGAIN; 2267 break; 2268 } 2269 if (signal_pending(current)) { 2270 retval = -ERESTARTSYS; 2271 break; 2272 } 2273 up_read(&tty->termios_rwsem); 2274 2275 timeout = wait_woken(&wait, TASK_INTERRUPTIBLE, 2276 timeout); 2277 2278 down_read(&tty->termios_rwsem); 2279 continue; 2280 } 2281 } 2282 2283 if (ldata->icanon && !L_EXTPROC(tty)) { 2284 if (canon_copy_from_read_buf(tty, &kb, &nr)) 2285 goto more_to_be_read; 2286 } else { 2287 /* Deal with packet mode. */ 2288 if (packet && kb == kbuf) { 2289 *kb++ = TIOCPKT_DATA; 2290 nr--; 2291 } 2292 2293 /* 2294 * Copy data, and if there is more to be had 2295 * and we have nothing more to wait for, then 2296 * let's mark us for retries. 2297 * 2298 * NOTE! We return here with both the termios_sem 2299 * and atomic_read_lock still held, the retries 2300 * will release them when done. 2301 */ 2302 if (copy_from_read_buf(tty, &kb, &nr) && kb - kbuf >= minimum) { 2303more_to_be_read: 2304 remove_wait_queue(&tty->read_wait, &wait); 2305 *cookie = cookie; 2306 return kb - kbuf; 2307 } 2308 } 2309 2310 n_tty_check_unthrottle(tty); 2311 2312 if (kb - kbuf >= minimum) 2313 break; 2314 if (time) 2315 timeout = time; 2316 } 2317 if (tail != ldata->read_tail) 2318 n_tty_kick_worker(tty); 2319 up_read(&tty->termios_rwsem); 2320 2321 remove_wait_queue(&tty->read_wait, &wait); 2322 mutex_unlock(&ldata->atomic_read_lock); 2323 2324 if (kb - kbuf) 2325 retval = kb - kbuf; 2326 2327 return retval; 2328} 2329 2330/** 2331 * n_tty_write - write function for tty 2332 * @tty: tty device 2333 * @file: file object 2334 * @buf: userspace buffer pointer 2335 * @nr: size of I/O 2336 * 2337 * Write function of the terminal device. This is serialized with 2338 * respect to other write callers but not to termios changes, reads 2339 * and other such events. Since the receive code will echo characters, 2340 * thus calling driver write methods, the output_lock is used in 2341 * the output processing functions called here as well as in the 2342 * echo processing function to protect the column state and space 2343 * left in the buffer. 2344 * 2345 * This code must be sure never to sleep through a hangup. 2346 * 2347 * Locking: output_lock to protect column state and space left 2348 * (note that the process_output*() functions take this 2349 * lock themselves) 2350 */ 2351 2352static ssize_t n_tty_write(struct tty_struct *tty, struct file *file, 2353 const unsigned char *buf, size_t nr) 2354{ 2355 const unsigned char *b = buf; 2356 DEFINE_WAIT_FUNC(wait, woken_wake_function); 2357 int c; 2358 ssize_t retval = 0; 2359 2360 /* Job control check -- must be done at start (POSIX.1 7.1.1.4). */ 2361 if (L_TOSTOP(tty) && file->f_op->write_iter != redirected_tty_write) { 2362 retval = tty_check_change(tty); 2363 if (retval) 2364 return retval; 2365 } 2366 2367 down_read(&tty->termios_rwsem); 2368 2369 /* Write out any echoed characters that are still pending */ 2370 process_echoes(tty); 2371 2372 add_wait_queue(&tty->write_wait, &wait); 2373 while (1) { 2374 if (signal_pending(current)) { 2375 retval = -ERESTARTSYS; 2376 break; 2377 } 2378 if (tty_hung_up_p(file) || (tty->link && !tty->link->count)) { 2379 retval = -EIO; 2380 break; 2381 } 2382 if (O_OPOST(tty)) { 2383 while (nr > 0) { 2384 ssize_t num = process_output_block(tty, b, nr); 2385 if (num < 0) { 2386 if (num == -EAGAIN) 2387 break; 2388 retval = num; 2389 goto break_out; 2390 } 2391 b += num; 2392 nr -= num; 2393 if (nr == 0) 2394 break; 2395 c = *b; 2396 if (process_output(c, tty) < 0) 2397 break; 2398 b++; nr--; 2399 } 2400 if (tty->ops->flush_chars) 2401 tty->ops->flush_chars(tty); 2402 } else { 2403 struct n_tty_data *ldata = tty->disc_data; 2404 2405 while (nr > 0) { 2406 mutex_lock(&ldata->output_lock); 2407 c = tty->ops->write(tty, b, nr); 2408 mutex_unlock(&ldata->output_lock); 2409 if (c < 0) { 2410 retval = c; 2411 goto break_out; 2412 } 2413 if (!c) 2414 break; 2415 b += c; 2416 nr -= c; 2417 } 2418 } 2419 if (!nr) 2420 break; 2421 if (tty_io_nonblock(tty, file)) { 2422 retval = -EAGAIN; 2423 break; 2424 } 2425 up_read(&tty->termios_rwsem); 2426 2427 wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT); 2428 2429 down_read(&tty->termios_rwsem); 2430 } 2431break_out: 2432 remove_wait_queue(&tty->write_wait, &wait); 2433 if (nr && tty->fasync) 2434 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2435 up_read(&tty->termios_rwsem); 2436 return (b - buf) ? b - buf : retval; 2437} 2438 2439/** 2440 * n_tty_poll - poll method for N_TTY 2441 * @tty: terminal device 2442 * @file: file accessing it 2443 * @wait: poll table 2444 * 2445 * Called when the line discipline is asked to poll() for data or 2446 * for special events. This code is not serialized with respect to 2447 * other events save open/close. 2448 * 2449 * This code must be sure never to sleep through a hangup. 2450 * Called without the kernel lock held - fine 2451 */ 2452 2453static __poll_t n_tty_poll(struct tty_struct *tty, struct file *file, 2454 poll_table *wait) 2455{ 2456 __poll_t mask = 0; 2457 2458 poll_wait(file, &tty->read_wait, wait); 2459 poll_wait(file, &tty->write_wait, wait); 2460 if (input_available_p(tty, 1)) 2461 mask |= EPOLLIN | EPOLLRDNORM; 2462 else { 2463 tty_buffer_flush_work(tty->port); 2464 if (input_available_p(tty, 1)) 2465 mask |= EPOLLIN | EPOLLRDNORM; 2466 } 2467 if (tty->packet && tty->link->ctrl_status) 2468 mask |= EPOLLPRI | EPOLLIN | EPOLLRDNORM; 2469 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 2470 mask |= EPOLLHUP; 2471 if (tty_hung_up_p(file)) 2472 mask |= EPOLLHUP; 2473 if (tty->ops->write && !tty_is_writelocked(tty) && 2474 tty_chars_in_buffer(tty) < WAKEUP_CHARS && 2475 tty_write_room(tty) > 0) 2476 mask |= EPOLLOUT | EPOLLWRNORM; 2477 return mask; 2478} 2479 2480static unsigned long inq_canon(struct n_tty_data *ldata) 2481{ 2482 size_t nr, head, tail; 2483 2484 if (ldata->canon_head == ldata->read_tail) 2485 return 0; 2486 head = ldata->canon_head; 2487 tail = ldata->read_tail; 2488 nr = head - tail; 2489 /* Skip EOF-chars.. */ 2490 while (MASK(head) != MASK(tail)) { 2491 if (test_bit(tail & (N_TTY_BUF_SIZE - 1), ldata->read_flags) && 2492 read_buf(ldata, tail) == __DISABLED_CHAR) 2493 nr--; 2494 tail++; 2495 } 2496 return nr; 2497} 2498 2499static int n_tty_ioctl(struct tty_struct *tty, struct file *file, 2500 unsigned int cmd, unsigned long arg) 2501{ 2502 struct n_tty_data *ldata = tty->disc_data; 2503 int retval; 2504 2505 switch (cmd) { 2506 case TIOCOUTQ: 2507 return put_user(tty_chars_in_buffer(tty), (int __user *) arg); 2508 case TIOCINQ: 2509 down_write(&tty->termios_rwsem); 2510 if (L_ICANON(tty) && !L_EXTPROC(tty)) 2511 retval = inq_canon(ldata); 2512 else 2513 retval = read_cnt(ldata); 2514 up_write(&tty->termios_rwsem); 2515 return put_user(retval, (unsigned int __user *) arg); 2516 default: 2517 return n_tty_ioctl_helper(tty, file, cmd, arg); 2518 } 2519} 2520 2521static struct tty_ldisc_ops n_tty_ops = { 2522 .magic = TTY_LDISC_MAGIC, 2523 .name = "n_tty", 2524 .open = n_tty_open, 2525 .close = n_tty_close, 2526 .flush_buffer = n_tty_flush_buffer, 2527 .read = n_tty_read, 2528 .write = n_tty_write, 2529 .ioctl = n_tty_ioctl, 2530 .set_termios = n_tty_set_termios, 2531 .poll = n_tty_poll, 2532 .receive_buf = n_tty_receive_buf, 2533 .write_wakeup = n_tty_write_wakeup, 2534 .receive_buf2 = n_tty_receive_buf2, 2535}; 2536 2537/** 2538 * n_tty_inherit_ops - inherit N_TTY methods 2539 * @ops: struct tty_ldisc_ops where to save N_TTY methods 2540 * 2541 * Enables a 'subclass' line discipline to 'inherit' N_TTY methods. 2542 */ 2543 2544void n_tty_inherit_ops(struct tty_ldisc_ops *ops) 2545{ 2546 *ops = n_tty_ops; 2547 ops->owner = NULL; 2548 ops->refcount = ops->flags = 0; 2549} 2550EXPORT_SYMBOL_GPL(n_tty_inherit_ops); 2551 2552void __init n_tty_init(void) 2553{ 2554 tty_register_ldisc(N_TTY, &n_tty_ops); 2555} 2556