1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (C) 1991, 1992 Linus Torvalds 4 * 5 * Added support for a Unix98-style ptmx device. 6 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998 7 * 8 */ 9 10#include <linux/module.h> 11#include <linux/errno.h> 12#include <linux/interrupt.h> 13#include <linux/tty.h> 14#include <linux/tty_flip.h> 15#include <linux/fcntl.h> 16#include <linux/sched/signal.h> 17#include <linux/string.h> 18#include <linux/major.h> 19#include <linux/mm.h> 20#include <linux/init.h> 21#include <linux/device.h> 22#include <linux/uaccess.h> 23#include <linux/bitops.h> 24#include <linux/devpts_fs.h> 25#include <linux/slab.h> 26#include <linux/mutex.h> 27#include <linux/poll.h> 28#include <linux/mount.h> 29#include <linux/file.h> 30#include <linux/ioctl.h> 31#include <linux/compat.h> 32#include "tty.h" 33 34#undef TTY_DEBUG_HANGUP 35#ifdef TTY_DEBUG_HANGUP 36# define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args) 37#else 38# define tty_debug_hangup(tty, f, args...) do {} while (0) 39#endif 40 41#ifdef CONFIG_UNIX98_PTYS 42static struct tty_driver *ptm_driver; 43static struct tty_driver *pts_driver; 44static DEFINE_MUTEX(devpts_mutex); 45#endif 46 47static void pty_close(struct tty_struct *tty, struct file *filp) 48{ 49 BUG_ON(!tty); 50 if (tty->driver->subtype == PTY_TYPE_MASTER) 51 WARN_ON(tty->count > 1); 52 else { 53 if (tty_io_error(tty)) 54 return; 55 if (tty->count > 2) 56 return; 57 } 58 set_bit(TTY_IO_ERROR, &tty->flags); 59 wake_up_interruptible(&tty->read_wait); 60 wake_up_interruptible(&tty->write_wait); 61 spin_lock_irq(&tty->ctrl_lock); 62 tty->packet = 0; 63 spin_unlock_irq(&tty->ctrl_lock); 64 /* Review - krefs on tty_link ?? */ 65 if (!tty->link) 66 return; 67 set_bit(TTY_OTHER_CLOSED, &tty->link->flags); 68 wake_up_interruptible(&tty->link->read_wait); 69 wake_up_interruptible(&tty->link->write_wait); 70 if (tty->driver->subtype == PTY_TYPE_MASTER) { 71 set_bit(TTY_OTHER_CLOSED, &tty->flags); 72#ifdef CONFIG_UNIX98_PTYS 73 if (tty->driver == ptm_driver) { 74 mutex_lock(&devpts_mutex); 75 if (tty->link->driver_data) 76 devpts_pty_kill(tty->link->driver_data); 77 mutex_unlock(&devpts_mutex); 78 } 79#endif 80 tty_vhangup(tty->link); 81 } 82} 83 84/* 85 * The unthrottle routine is called by the line discipline to signal 86 * that it can receive more characters. For PTY's, the TTY_THROTTLED 87 * flag is always set, to force the line discipline to always call the 88 * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE 89 * characters in the queue. This is necessary since each time this 90 * happens, we need to wake up any sleeping processes that could be 91 * (1) trying to send data to the pty, or (2) waiting in wait_until_sent() 92 * for the pty buffer to be drained. 93 */ 94static void pty_unthrottle(struct tty_struct *tty) 95{ 96 tty_wakeup(tty->link); 97 set_bit(TTY_THROTTLED, &tty->flags); 98} 99 100/** 101 * pty_write - write to a pty 102 * @tty: the tty we write from 103 * @buf: kernel buffer of data 104 * @c: bytes to write 105 * 106 * Our "hardware" write method. Data is coming from the ldisc which 107 * may be in a non sleeping state. We simply throw this at the other 108 * end of the link as if we were an IRQ handler receiving stuff for 109 * the other side of the pty/tty pair. 110 */ 111 112static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) 113{ 114 struct tty_struct *to = tty->link; 115 116 if (tty->stopped || !c) 117 return 0; 118 119 return tty_insert_flip_string_and_push_buffer(to->port, buf, c); 120} 121 122/** 123 * pty_write_room - write space 124 * @tty: tty we are writing from 125 * 126 * Report how many bytes the ldisc can send into the queue for 127 * the other device. 128 */ 129 130static int pty_write_room(struct tty_struct *tty) 131{ 132 if (tty->stopped) 133 return 0; 134 return tty_buffer_space_avail(tty->link->port); 135} 136 137/** 138 * pty_chars_in_buffer - characters currently in our tx queue 139 * @tty: our tty 140 * 141 * Report how much we have in the transmit queue. As everything is 142 * instantly at the other end this is easy to implement. 143 */ 144 145static int pty_chars_in_buffer(struct tty_struct *tty) 146{ 147 return 0; 148} 149 150/* Set the lock flag on a pty */ 151static int pty_set_lock(struct tty_struct *tty, int __user *arg) 152{ 153 int val; 154 if (get_user(val, arg)) 155 return -EFAULT; 156 if (val) 157 set_bit(TTY_PTY_LOCK, &tty->flags); 158 else 159 clear_bit(TTY_PTY_LOCK, &tty->flags); 160 return 0; 161} 162 163static int pty_get_lock(struct tty_struct *tty, int __user *arg) 164{ 165 int locked = test_bit(TTY_PTY_LOCK, &tty->flags); 166 return put_user(locked, arg); 167} 168 169/* Set the packet mode on a pty */ 170static int pty_set_pktmode(struct tty_struct *tty, int __user *arg) 171{ 172 int pktmode; 173 174 if (get_user(pktmode, arg)) 175 return -EFAULT; 176 177 spin_lock_irq(&tty->ctrl_lock); 178 if (pktmode) { 179 if (!tty->packet) { 180 tty->link->ctrl_status = 0; 181 smp_mb(); 182 tty->packet = 1; 183 } 184 } else 185 tty->packet = 0; 186 spin_unlock_irq(&tty->ctrl_lock); 187 188 return 0; 189} 190 191/* Get the packet mode of a pty */ 192static int pty_get_pktmode(struct tty_struct *tty, int __user *arg) 193{ 194 int pktmode = tty->packet; 195 return put_user(pktmode, arg); 196} 197 198/* Send a signal to the slave */ 199static int pty_signal(struct tty_struct *tty, int sig) 200{ 201 struct pid *pgrp; 202 203 if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP) 204 return -EINVAL; 205 206 if (tty->link) { 207 pgrp = tty_get_pgrp(tty->link); 208 if (pgrp) 209 kill_pgrp(pgrp, sig, 1); 210 put_pid(pgrp); 211 } 212 return 0; 213} 214 215static void pty_flush_buffer(struct tty_struct *tty) 216{ 217 struct tty_struct *to = tty->link; 218 219 if (!to) 220 return; 221 222 tty_buffer_flush(to, NULL); 223 if (to->packet) { 224 spin_lock_irq(&tty->ctrl_lock); 225 tty->ctrl_status |= TIOCPKT_FLUSHWRITE; 226 wake_up_interruptible(&to->read_wait); 227 spin_unlock_irq(&tty->ctrl_lock); 228 } 229} 230 231static int pty_open(struct tty_struct *tty, struct file *filp) 232{ 233 if (!tty || !tty->link) 234 return -ENODEV; 235 236 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) 237 goto out; 238 if (test_bit(TTY_PTY_LOCK, &tty->link->flags)) 239 goto out; 240 if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1) 241 goto out; 242 243 clear_bit(TTY_IO_ERROR, &tty->flags); 244 clear_bit(TTY_OTHER_CLOSED, &tty->link->flags); 245 set_bit(TTY_THROTTLED, &tty->flags); 246 return 0; 247 248out: 249 set_bit(TTY_IO_ERROR, &tty->flags); 250 return -EIO; 251} 252 253static void pty_set_termios(struct tty_struct *tty, 254 struct ktermios *old_termios) 255{ 256 /* See if packet mode change of state. */ 257 if (tty->link && tty->link->packet) { 258 int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty); 259 int old_flow = ((old_termios->c_iflag & IXON) && 260 (old_termios->c_cc[VSTOP] == '\023') && 261 (old_termios->c_cc[VSTART] == '\021')); 262 int new_flow = (I_IXON(tty) && 263 STOP_CHAR(tty) == '\023' && 264 START_CHAR(tty) == '\021'); 265 if ((old_flow != new_flow) || extproc) { 266 spin_lock_irq(&tty->ctrl_lock); 267 if (old_flow != new_flow) { 268 tty->ctrl_status &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP); 269 if (new_flow) 270 tty->ctrl_status |= TIOCPKT_DOSTOP; 271 else 272 tty->ctrl_status |= TIOCPKT_NOSTOP; 273 } 274 if (extproc) 275 tty->ctrl_status |= TIOCPKT_IOCTL; 276 spin_unlock_irq(&tty->ctrl_lock); 277 wake_up_interruptible(&tty->link->read_wait); 278 } 279 } 280 281 tty->termios.c_cflag &= ~(CSIZE | PARENB); 282 tty->termios.c_cflag |= (CS8 | CREAD); 283} 284 285/** 286 * pty_do_resize - resize event 287 * @tty: tty being resized 288 * @ws: window size being set. 289 * 290 * Update the termios variables and send the necessary signals to 291 * peform a terminal resize correctly 292 */ 293 294static int pty_resize(struct tty_struct *tty, struct winsize *ws) 295{ 296 struct pid *pgrp, *rpgrp; 297 struct tty_struct *pty = tty->link; 298 299 /* For a PTY we need to lock the tty side */ 300 mutex_lock(&tty->winsize_mutex); 301 if (!memcmp(ws, &tty->winsize, sizeof(*ws))) 302 goto done; 303 304 /* Signal the foreground process group of both ptys */ 305 pgrp = tty_get_pgrp(tty); 306 rpgrp = tty_get_pgrp(pty); 307 308 if (pgrp) 309 kill_pgrp(pgrp, SIGWINCH, 1); 310 if (rpgrp != pgrp && rpgrp) 311 kill_pgrp(rpgrp, SIGWINCH, 1); 312 313 put_pid(pgrp); 314 put_pid(rpgrp); 315 316 tty->winsize = *ws; 317 pty->winsize = *ws; /* Never used so will go away soon */ 318done: 319 mutex_unlock(&tty->winsize_mutex); 320 return 0; 321} 322 323/** 324 * pty_start - start() handler 325 * pty_stop - stop() handler 326 * @tty: tty being flow-controlled 327 * 328 * Propagates the TIOCPKT status to the master pty. 329 * 330 * NB: only the master pty can be in packet mode so only the slave 331 * needs start()/stop() handlers 332 */ 333static void pty_start(struct tty_struct *tty) 334{ 335 unsigned long flags; 336 337 if (tty->link && tty->link->packet) { 338 spin_lock_irqsave(&tty->ctrl_lock, flags); 339 tty->ctrl_status &= ~TIOCPKT_STOP; 340 tty->ctrl_status |= TIOCPKT_START; 341 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 342 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 343 } 344} 345 346static void pty_stop(struct tty_struct *tty) 347{ 348 unsigned long flags; 349 350 if (tty->link && tty->link->packet) { 351 spin_lock_irqsave(&tty->ctrl_lock, flags); 352 tty->ctrl_status &= ~TIOCPKT_START; 353 tty->ctrl_status |= TIOCPKT_STOP; 354 spin_unlock_irqrestore(&tty->ctrl_lock, flags); 355 wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN); 356 } 357} 358 359/** 360 * pty_common_install - set up the pty pair 361 * @driver: the pty driver 362 * @tty: the tty being instantiated 363 * @legacy: true if this is BSD style 364 * 365 * Perform the initial set up for the tty/pty pair. Called from the 366 * tty layer when the port is first opened. 367 * 368 * Locking: the caller must hold the tty_mutex 369 */ 370static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty, 371 bool legacy) 372{ 373 struct tty_struct *o_tty; 374 struct tty_port *ports[2]; 375 int idx = tty->index; 376 int retval = -ENOMEM; 377 378 /* Opening the slave first has always returned -EIO */ 379 if (driver->subtype != PTY_TYPE_MASTER) 380 return -EIO; 381 382 ports[0] = kmalloc(sizeof **ports, GFP_KERNEL); 383 ports[1] = kmalloc(sizeof **ports, GFP_KERNEL); 384 if (!ports[0] || !ports[1]) 385 goto err; 386 if (!try_module_get(driver->other->owner)) { 387 /* This cannot in fact currently happen */ 388 goto err; 389 } 390 o_tty = alloc_tty_struct(driver->other, idx); 391 if (!o_tty) 392 goto err_put_module; 393 394 tty_set_lock_subclass(o_tty); 395 lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE); 396 397 if (legacy) { 398 /* We always use new tty termios data so we can do this 399 the easy way .. */ 400 tty_init_termios(tty); 401 tty_init_termios(o_tty); 402 403 driver->other->ttys[idx] = o_tty; 404 driver->ttys[idx] = tty; 405 } else { 406 memset(&tty->termios_locked, 0, sizeof(tty->termios_locked)); 407 tty->termios = driver->init_termios; 408 memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked)); 409 o_tty->termios = driver->other->init_termios; 410 } 411 412 /* 413 * Everything allocated ... set up the o_tty structure. 414 */ 415 tty_driver_kref_get(driver->other); 416 /* Establish the links in both directions */ 417 tty->link = o_tty; 418 o_tty->link = tty; 419 tty_port_init(ports[0]); 420 tty_port_init(ports[1]); 421 tty_buffer_set_limit(ports[0], 8192); 422 tty_buffer_set_limit(ports[1], 8192); 423 o_tty->port = ports[0]; 424 tty->port = ports[1]; 425 o_tty->port->itty = o_tty; 426 427 tty_buffer_set_lock_subclass(o_tty->port); 428 429 tty_driver_kref_get(driver); 430 tty->count++; 431 o_tty->count++; 432 return 0; 433 434err_put_module: 435 module_put(driver->other->owner); 436err: 437 kfree(ports[0]); 438 kfree(ports[1]); 439 return retval; 440} 441 442static void pty_cleanup(struct tty_struct *tty) 443{ 444 tty_port_put(tty->port); 445} 446 447/* Traditional BSD devices */ 448#ifdef CONFIG_LEGACY_PTYS 449 450static int pty_install(struct tty_driver *driver, struct tty_struct *tty) 451{ 452 return pty_common_install(driver, tty, true); 453} 454 455static void pty_remove(struct tty_driver *driver, struct tty_struct *tty) 456{ 457 struct tty_struct *pair = tty->link; 458 driver->ttys[tty->index] = NULL; 459 if (pair) 460 pair->driver->ttys[pair->index] = NULL; 461} 462 463static int pty_bsd_ioctl(struct tty_struct *tty, 464 unsigned int cmd, unsigned long arg) 465{ 466 switch (cmd) { 467 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 468 return pty_set_lock(tty, (int __user *) arg); 469 case TIOCGPTLCK: /* Get PT Lock status */ 470 return pty_get_lock(tty, (int __user *)arg); 471 case TIOCPKT: /* Set PT packet mode */ 472 return pty_set_pktmode(tty, (int __user *)arg); 473 case TIOCGPKT: /* Get PT packet mode */ 474 return pty_get_pktmode(tty, (int __user *)arg); 475 case TIOCSIG: /* Send signal to other side of pty */ 476 return pty_signal(tty, (int) arg); 477 case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */ 478 return -EINVAL; 479 } 480 return -ENOIOCTLCMD; 481} 482 483#ifdef CONFIG_COMPAT 484static long pty_bsd_compat_ioctl(struct tty_struct *tty, 485 unsigned int cmd, unsigned long arg) 486{ 487 /* 488 * PTY ioctls don't require any special translation between 32-bit and 489 * 64-bit userspace, they are already compatible. 490 */ 491 return pty_bsd_ioctl(tty, cmd, (unsigned long)compat_ptr(arg)); 492} 493#else 494#define pty_bsd_compat_ioctl NULL 495#endif 496 497static int legacy_count = CONFIG_LEGACY_PTY_COUNT; 498/* 499 * not really modular, but the easiest way to keep compat with existing 500 * bootargs behaviour is to continue using module_param here. 501 */ 502module_param(legacy_count, int, 0); 503 504/* 505 * The master side of a pty can do TIOCSPTLCK and thus 506 * has pty_bsd_ioctl. 507 */ 508static const struct tty_operations master_pty_ops_bsd = { 509 .install = pty_install, 510 .open = pty_open, 511 .close = pty_close, 512 .write = pty_write, 513 .write_room = pty_write_room, 514 .flush_buffer = pty_flush_buffer, 515 .chars_in_buffer = pty_chars_in_buffer, 516 .unthrottle = pty_unthrottle, 517 .ioctl = pty_bsd_ioctl, 518 .compat_ioctl = pty_bsd_compat_ioctl, 519 .cleanup = pty_cleanup, 520 .resize = pty_resize, 521 .remove = pty_remove 522}; 523 524static const struct tty_operations slave_pty_ops_bsd = { 525 .install = pty_install, 526 .open = pty_open, 527 .close = pty_close, 528 .write = pty_write, 529 .write_room = pty_write_room, 530 .flush_buffer = pty_flush_buffer, 531 .chars_in_buffer = pty_chars_in_buffer, 532 .unthrottle = pty_unthrottle, 533 .set_termios = pty_set_termios, 534 .cleanup = pty_cleanup, 535 .resize = pty_resize, 536 .start = pty_start, 537 .stop = pty_stop, 538 .remove = pty_remove 539}; 540 541static void __init legacy_pty_init(void) 542{ 543 struct tty_driver *pty_driver, *pty_slave_driver; 544 545 if (legacy_count <= 0) 546 return; 547 548 pty_driver = tty_alloc_driver(legacy_count, 549 TTY_DRIVER_RESET_TERMIOS | 550 TTY_DRIVER_REAL_RAW | 551 TTY_DRIVER_DYNAMIC_ALLOC); 552 if (IS_ERR(pty_driver)) 553 panic("Couldn't allocate pty driver"); 554 555 pty_slave_driver = tty_alloc_driver(legacy_count, 556 TTY_DRIVER_RESET_TERMIOS | 557 TTY_DRIVER_REAL_RAW | 558 TTY_DRIVER_DYNAMIC_ALLOC); 559 if (IS_ERR(pty_slave_driver)) 560 panic("Couldn't allocate pty slave driver"); 561 562 pty_driver->driver_name = "pty_master"; 563 pty_driver->name = "pty"; 564 pty_driver->major = PTY_MASTER_MAJOR; 565 pty_driver->minor_start = 0; 566 pty_driver->type = TTY_DRIVER_TYPE_PTY; 567 pty_driver->subtype = PTY_TYPE_MASTER; 568 pty_driver->init_termios = tty_std_termios; 569 pty_driver->init_termios.c_iflag = 0; 570 pty_driver->init_termios.c_oflag = 0; 571 pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 572 pty_driver->init_termios.c_lflag = 0; 573 pty_driver->init_termios.c_ispeed = 38400; 574 pty_driver->init_termios.c_ospeed = 38400; 575 pty_driver->other = pty_slave_driver; 576 tty_set_operations(pty_driver, &master_pty_ops_bsd); 577 578 pty_slave_driver->driver_name = "pty_slave"; 579 pty_slave_driver->name = "ttyp"; 580 pty_slave_driver->major = PTY_SLAVE_MAJOR; 581 pty_slave_driver->minor_start = 0; 582 pty_slave_driver->type = TTY_DRIVER_TYPE_PTY; 583 pty_slave_driver->subtype = PTY_TYPE_SLAVE; 584 pty_slave_driver->init_termios = tty_std_termios; 585 pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 586 pty_slave_driver->init_termios.c_ispeed = 38400; 587 pty_slave_driver->init_termios.c_ospeed = 38400; 588 pty_slave_driver->other = pty_driver; 589 tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd); 590 591 if (tty_register_driver(pty_driver)) 592 panic("Couldn't register pty driver"); 593 if (tty_register_driver(pty_slave_driver)) 594 panic("Couldn't register pty slave driver"); 595} 596#else 597static inline void legacy_pty_init(void) { } 598#endif 599 600/* Unix98 devices */ 601#ifdef CONFIG_UNIX98_PTYS 602static struct cdev ptmx_cdev; 603 604/** 605 * ptm_open_peer - open the peer of a pty 606 * @master: the open struct file of the ptmx device node 607 * @tty: the master of the pty being opened 608 * @flags: the flags for open 609 * 610 * Provide a race free way for userspace to open the slave end of a pty 611 * (where they have the master fd and cannot access or trust the mount 612 * namespace /dev/pts was mounted inside). 613 */ 614int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags) 615{ 616 int fd = -1; 617 struct file *filp; 618 int retval = -EINVAL; 619 struct path path; 620 621 if (tty->driver != ptm_driver) 622 return -EIO; 623 624 fd = get_unused_fd_flags(flags); 625 if (fd < 0) { 626 retval = fd; 627 goto err; 628 } 629 630 /* Compute the slave's path */ 631 path.mnt = devpts_mntget(master, tty->driver_data); 632 if (IS_ERR(path.mnt)) { 633 retval = PTR_ERR(path.mnt); 634 goto err_put; 635 } 636 path.dentry = tty->link->driver_data; 637 638 filp = dentry_open(&path, flags, current_cred()); 639 mntput(path.mnt); 640 if (IS_ERR(filp)) { 641 retval = PTR_ERR(filp); 642 goto err_put; 643 } 644 645 fd_install(fd, filp); 646 return fd; 647 648err_put: 649 put_unused_fd(fd); 650err: 651 return retval; 652} 653 654static int pty_unix98_ioctl(struct tty_struct *tty, 655 unsigned int cmd, unsigned long arg) 656{ 657 switch (cmd) { 658 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */ 659 return pty_set_lock(tty, (int __user *)arg); 660 case TIOCGPTLCK: /* Get PT Lock status */ 661 return pty_get_lock(tty, (int __user *)arg); 662 case TIOCPKT: /* Set PT packet mode */ 663 return pty_set_pktmode(tty, (int __user *)arg); 664 case TIOCGPKT: /* Get PT packet mode */ 665 return pty_get_pktmode(tty, (int __user *)arg); 666 case TIOCGPTN: /* Get PT Number */ 667 return put_user(tty->index, (unsigned int __user *)arg); 668 case TIOCSIG: /* Send signal to other side of pty */ 669 return pty_signal(tty, (int) arg); 670 } 671 672 return -ENOIOCTLCMD; 673} 674 675#ifdef CONFIG_COMPAT 676static long pty_unix98_compat_ioctl(struct tty_struct *tty, 677 unsigned int cmd, unsigned long arg) 678{ 679 /* 680 * PTY ioctls don't require any special translation between 32-bit and 681 * 64-bit userspace, they are already compatible. 682 */ 683 return pty_unix98_ioctl(tty, cmd, 684 cmd == TIOCSIG ? arg : (unsigned long)compat_ptr(arg)); 685} 686#else 687#define pty_unix98_compat_ioctl NULL 688#endif 689 690/** 691 * ptm_unix98_lookup - find a pty master 692 * @driver: ptm driver 693 * @idx: tty index 694 * 695 * Look up a pty master device. Called under the tty_mutex for now. 696 * This provides our locking. 697 */ 698 699static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver, 700 struct file *file, int idx) 701{ 702 /* Master must be open via /dev/ptmx */ 703 return ERR_PTR(-EIO); 704} 705 706/** 707 * pts_unix98_lookup - find a pty slave 708 * @driver: pts driver 709 * @idx: tty index 710 * 711 * Look up a pty master device. Called under the tty_mutex for now. 712 * This provides our locking for the tty pointer. 713 */ 714 715static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver, 716 struct file *file, int idx) 717{ 718 struct tty_struct *tty; 719 720 mutex_lock(&devpts_mutex); 721 tty = devpts_get_priv(file->f_path.dentry); 722 mutex_unlock(&devpts_mutex); 723 /* Master must be open before slave */ 724 if (!tty) 725 return ERR_PTR(-EIO); 726 return tty; 727} 728 729static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty) 730{ 731 return pty_common_install(driver, tty, false); 732} 733 734/* this is called once with whichever end is closed last */ 735static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty) 736{ 737 struct pts_fs_info *fsi; 738 739 if (tty->driver->subtype == PTY_TYPE_MASTER) 740 fsi = tty->driver_data; 741 else 742 fsi = tty->link->driver_data; 743 744 if (fsi) { 745 devpts_kill_index(fsi, tty->index); 746 devpts_release(fsi); 747 } 748} 749 750static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m) 751{ 752 seq_printf(m, "tty-index:\t%d\n", tty->index); 753} 754 755static const struct tty_operations ptm_unix98_ops = { 756 .lookup = ptm_unix98_lookup, 757 .install = pty_unix98_install, 758 .remove = pty_unix98_remove, 759 .open = pty_open, 760 .close = pty_close, 761 .write = pty_write, 762 .write_room = pty_write_room, 763 .flush_buffer = pty_flush_buffer, 764 .chars_in_buffer = pty_chars_in_buffer, 765 .unthrottle = pty_unthrottle, 766 .ioctl = pty_unix98_ioctl, 767 .compat_ioctl = pty_unix98_compat_ioctl, 768 .resize = pty_resize, 769 .cleanup = pty_cleanup, 770 .show_fdinfo = pty_show_fdinfo, 771}; 772 773static const struct tty_operations pty_unix98_ops = { 774 .lookup = pts_unix98_lookup, 775 .install = pty_unix98_install, 776 .remove = pty_unix98_remove, 777 .open = pty_open, 778 .close = pty_close, 779 .write = pty_write, 780 .write_room = pty_write_room, 781 .flush_buffer = pty_flush_buffer, 782 .chars_in_buffer = pty_chars_in_buffer, 783 .unthrottle = pty_unthrottle, 784 .set_termios = pty_set_termios, 785 .start = pty_start, 786 .stop = pty_stop, 787 .cleanup = pty_cleanup, 788}; 789 790/** 791 * ptmx_open - open a unix 98 pty master 792 * @inode: inode of device file 793 * @filp: file pointer to tty 794 * 795 * Allocate a unix98 pty master device from the ptmx driver. 796 * 797 * Locking: tty_mutex protects the init_dev work. tty->count should 798 * protect the rest. 799 * allocated_ptys_lock handles the list of free pty numbers 800 */ 801 802static int ptmx_open(struct inode *inode, struct file *filp) 803{ 804 struct pts_fs_info *fsi; 805 struct tty_struct *tty; 806 struct dentry *dentry; 807 int retval; 808 int index; 809 810 nonseekable_open(inode, filp); 811 812 /* We refuse fsnotify events on ptmx, since it's a shared resource */ 813 filp->f_mode |= FMODE_NONOTIFY; 814 815 retval = tty_alloc_file(filp); 816 if (retval) 817 return retval; 818 819 fsi = devpts_acquire(filp); 820 if (IS_ERR(fsi)) { 821 retval = PTR_ERR(fsi); 822 goto out_free_file; 823 } 824 825 /* find a device that is not in use. */ 826 mutex_lock(&devpts_mutex); 827 index = devpts_new_index(fsi); 828 mutex_unlock(&devpts_mutex); 829 830 retval = index; 831 if (index < 0) 832 goto out_put_fsi; 833 834 835 mutex_lock(&tty_mutex); 836 tty = tty_init_dev(ptm_driver, index); 837 /* The tty returned here is locked so we can safely 838 drop the mutex */ 839 mutex_unlock(&tty_mutex); 840 841 retval = PTR_ERR(tty); 842 if (IS_ERR(tty)) 843 goto out; 844 845 /* 846 * From here on out, the tty is "live", and the index and 847 * fsi will be killed/put by the tty_release() 848 */ 849 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */ 850 tty->driver_data = fsi; 851 852 tty_add_file(tty, filp); 853 854 dentry = devpts_pty_new(fsi, index, tty->link); 855 if (IS_ERR(dentry)) { 856 retval = PTR_ERR(dentry); 857 goto err_release; 858 } 859 tty->link->driver_data = dentry; 860 861 retval = ptm_driver->ops->open(tty, filp); 862 if (retval) 863 goto err_release; 864 865 tty_debug_hangup(tty, "opening (count=%d)\n", tty->count); 866 867 tty_unlock(tty); 868 return 0; 869err_release: 870 tty_unlock(tty); 871 // This will also put-ref the fsi 872 tty_release(inode, filp); 873 return retval; 874out: 875 devpts_kill_index(fsi, index); 876out_put_fsi: 877 devpts_release(fsi); 878out_free_file: 879 tty_free_file(filp); 880 return retval; 881} 882 883static struct file_operations ptmx_fops __ro_after_init; 884 885static void __init unix98_pty_init(void) 886{ 887 ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 888 TTY_DRIVER_RESET_TERMIOS | 889 TTY_DRIVER_REAL_RAW | 890 TTY_DRIVER_DYNAMIC_DEV | 891 TTY_DRIVER_DEVPTS_MEM | 892 TTY_DRIVER_DYNAMIC_ALLOC); 893 if (IS_ERR(ptm_driver)) 894 panic("Couldn't allocate Unix98 ptm driver"); 895 pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX, 896 TTY_DRIVER_RESET_TERMIOS | 897 TTY_DRIVER_REAL_RAW | 898 TTY_DRIVER_DYNAMIC_DEV | 899 TTY_DRIVER_DEVPTS_MEM | 900 TTY_DRIVER_DYNAMIC_ALLOC); 901 if (IS_ERR(pts_driver)) 902 panic("Couldn't allocate Unix98 pts driver"); 903 904 ptm_driver->driver_name = "pty_master"; 905 ptm_driver->name = "ptm"; 906 ptm_driver->major = UNIX98_PTY_MASTER_MAJOR; 907 ptm_driver->minor_start = 0; 908 ptm_driver->type = TTY_DRIVER_TYPE_PTY; 909 ptm_driver->subtype = PTY_TYPE_MASTER; 910 ptm_driver->init_termios = tty_std_termios; 911 ptm_driver->init_termios.c_iflag = 0; 912 ptm_driver->init_termios.c_oflag = 0; 913 ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 914 ptm_driver->init_termios.c_lflag = 0; 915 ptm_driver->init_termios.c_ispeed = 38400; 916 ptm_driver->init_termios.c_ospeed = 38400; 917 ptm_driver->other = pts_driver; 918 tty_set_operations(ptm_driver, &ptm_unix98_ops); 919 920 pts_driver->driver_name = "pty_slave"; 921 pts_driver->name = "pts"; 922 pts_driver->major = UNIX98_PTY_SLAVE_MAJOR; 923 pts_driver->minor_start = 0; 924 pts_driver->type = TTY_DRIVER_TYPE_PTY; 925 pts_driver->subtype = PTY_TYPE_SLAVE; 926 pts_driver->init_termios = tty_std_termios; 927 pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD; 928 pts_driver->init_termios.c_ispeed = 38400; 929 pts_driver->init_termios.c_ospeed = 38400; 930 pts_driver->other = ptm_driver; 931 tty_set_operations(pts_driver, &pty_unix98_ops); 932 933 if (tty_register_driver(ptm_driver)) 934 panic("Couldn't register Unix98 ptm driver"); 935 if (tty_register_driver(pts_driver)) 936 panic("Couldn't register Unix98 pts driver"); 937 938 /* Now create the /dev/ptmx special device */ 939 tty_default_fops(&ptmx_fops); 940 ptmx_fops.open = ptmx_open; 941 942 cdev_init(&ptmx_cdev, &ptmx_fops); 943 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) || 944 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0) 945 panic("Couldn't register /dev/ptmx driver"); 946 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx"); 947} 948 949#else 950static inline void unix98_pty_init(void) { } 951#endif 952 953static int __init pty_init(void) 954{ 955 legacy_pty_init(); 956 unix98_pty_init(); 957 return 0; 958} 959device_initcall(pty_init); 960