aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/char
diff options
context:
space:
mode:
authorGreg Kroah-Hartman <gregkh@suse.de>2010-11-04 14:10:29 -0400
committerGreg Kroah-Hartman <gregkh@suse.de>2010-11-05 11:10:33 -0400
commit96fd7ce58ffb5c7bf376796b5525ba3ea1c9d69f (patch)
treeaca24a6c1c0e506d5fa7b0266c4c1866786607ae /drivers/char
parentc8ddb2713c624f432fa5fe3c7ecffcdda46ea0d4 (diff)
TTY: create drivers/tty and move the tty core files there
The tty code should be in its own subdirectory and not in the char driver with all of the cruft that is currently there. Based on work done by Arnd Bergmann <arnd@arndb.de> Acked-by: Arnd Bergmann <arnd@arndb.de> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/char')
-rw-r--r--drivers/char/Makefile11
-rw-r--r--drivers/char/n_gsm.c2763
-rw-r--r--drivers/char/n_hdlc.c1007
-rw-r--r--drivers/char/n_r3964.c1264
-rw-r--r--drivers/char/n_tty.c2121
-rw-r--r--drivers/char/pty.c777
-rw-r--r--drivers/char/sysrq.c811
-rw-r--r--drivers/char/tty_audit.c358
-rw-r--r--drivers/char/tty_buffer.c524
-rw-r--r--drivers/char/tty_io.c3263
-rw-r--r--drivers/char/tty_ioctl.c1179
-rw-r--r--drivers/char/tty_ldisc.c915
-rw-r--r--drivers/char/tty_mutex.c47
-rw-r--r--drivers/char/tty_port.c446
14 files changed, 1 insertions, 15485 deletions
diff --git a/drivers/char/Makefile b/drivers/char/Makefile
index 3a9c0141683..f308494bfc9 100644
--- a/drivers/char/Makefile
+++ b/drivers/char/Makefile
@@ -7,19 +7,13 @@
7# 7#
8FONTMAPFILE = cp437.uni 8FONTMAPFILE = cp437.uni
9 9
10obj-y += mem.o random.o tty_io.o n_tty.o tty_ioctl.o tty_ldisc.o tty_buffer.o tty_port.o 10obj-y += mem.o random.o
11
12obj-y += tty_mutex.o
13obj-$(CONFIG_LEGACY_PTYS) += pty.o
14obj-$(CONFIG_UNIX98_PTYS) += pty.o
15obj-$(CONFIG_TTY_PRINTK) += ttyprintk.o 11obj-$(CONFIG_TTY_PRINTK) += ttyprintk.o
16obj-y += misc.o 12obj-y += misc.o
17obj-$(CONFIG_VT) += vt_ioctl.o vc_screen.o selection.o keyboard.o 13obj-$(CONFIG_VT) += vt_ioctl.o vc_screen.o selection.o keyboard.o
18obj-$(CONFIG_BFIN_JTAG_COMM) += bfin_jtag_comm.o 14obj-$(CONFIG_BFIN_JTAG_COMM) += bfin_jtag_comm.o
19obj-$(CONFIG_CONSOLE_TRANSLATIONS) += consolemap.o consolemap_deftbl.o 15obj-$(CONFIG_CONSOLE_TRANSLATIONS) += consolemap.o consolemap_deftbl.o
20obj-$(CONFIG_HW_CONSOLE) += vt.o defkeymap.o 16obj-$(CONFIG_HW_CONSOLE) += vt.o defkeymap.o
21obj-$(CONFIG_AUDIT) += tty_audit.o
22obj-$(CONFIG_MAGIC_SYSRQ) += sysrq.o
23obj-$(CONFIG_MVME147_SCC) += generic_serial.o vme_scc.o 17obj-$(CONFIG_MVME147_SCC) += generic_serial.o vme_scc.o
24obj-$(CONFIG_MVME162_SCC) += generic_serial.o vme_scc.o 18obj-$(CONFIG_MVME162_SCC) += generic_serial.o vme_scc.o
25obj-$(CONFIG_BVME6000_SCC) += generic_serial.o vme_scc.o 19obj-$(CONFIG_BVME6000_SCC) += generic_serial.o vme_scc.o
@@ -41,8 +35,6 @@ obj-$(CONFIG_ISI) += isicom.o
41obj-$(CONFIG_SYNCLINK) += synclink.o 35obj-$(CONFIG_SYNCLINK) += synclink.o
42obj-$(CONFIG_SYNCLINKMP) += synclinkmp.o 36obj-$(CONFIG_SYNCLINKMP) += synclinkmp.o
43obj-$(CONFIG_SYNCLINK_GT) += synclink_gt.o 37obj-$(CONFIG_SYNCLINK_GT) += synclink_gt.o
44obj-$(CONFIG_N_HDLC) += n_hdlc.o
45obj-$(CONFIG_N_GSM) += n_gsm.o
46obj-$(CONFIG_AMIGA_BUILTIN_SERIAL) += amiserial.o 38obj-$(CONFIG_AMIGA_BUILTIN_SERIAL) += amiserial.o
47obj-$(CONFIG_SX) += sx.o generic_serial.o 39obj-$(CONFIG_SX) += sx.o generic_serial.o
48obj-$(CONFIG_RIO) += rio/ generic_serial.o 40obj-$(CONFIG_RIO) += rio/ generic_serial.o
@@ -74,7 +66,6 @@ obj-$(CONFIG_PRINTER) += lp.o
74obj-$(CONFIG_APM_EMULATION) += apm-emulation.o 66obj-$(CONFIG_APM_EMULATION) += apm-emulation.o
75 67
76obj-$(CONFIG_DTLK) += dtlk.o 68obj-$(CONFIG_DTLK) += dtlk.o
77obj-$(CONFIG_R3964) += n_r3964.o
78obj-$(CONFIG_APPLICOM) += applicom.o 69obj-$(CONFIG_APPLICOM) += applicom.o
79obj-$(CONFIG_SONYPI) += sonypi.o 70obj-$(CONFIG_SONYPI) += sonypi.o
80obj-$(CONFIG_RTC) += rtc.o 71obj-$(CONFIG_RTC) += rtc.o
diff --git a/drivers/char/n_gsm.c b/drivers/char/n_gsm.c
deleted file mode 100644
index 04ef3ef0a42..00000000000
--- a/drivers/char/n_gsm.c
+++ /dev/null
@@ -1,2763 +0,0 @@
1/*
2 * n_gsm.c GSM 0710 tty multiplexor
3 * Copyright (c) 2009/10 Intel Corporation
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17 *
18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
19 *
20 * TO DO:
21 * Mostly done: ioctls for setting modes/timing
22 * Partly done: hooks so you can pull off frames to non tty devs
23 * Restart DLCI 0 when it closes ?
24 * Test basic encoding
25 * Improve the tx engine
26 * Resolve tx side locking by adding a queue_head and routing
27 * all control traffic via it
28 * General tidy/document
29 * Review the locking/move to refcounts more (mux now moved to an
30 * alloc/free model ready)
31 * Use newest tty open/close port helpers and install hooks
32 * What to do about power functions ?
33 * Termios setting and negotiation
34 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
35 *
36 */
37
38#include <linux/types.h>
39#include <linux/major.h>
40#include <linux/errno.h>
41#include <linux/signal.h>
42#include <linux/fcntl.h>
43#include <linux/sched.h>
44#include <linux/interrupt.h>
45#include <linux/tty.h>
46#include <linux/ctype.h>
47#include <linux/mm.h>
48#include <linux/string.h>
49#include <linux/slab.h>
50#include <linux/poll.h>
51#include <linux/bitops.h>
52#include <linux/file.h>
53#include <linux/uaccess.h>
54#include <linux/module.h>
55#include <linux/timer.h>
56#include <linux/tty_flip.h>
57#include <linux/tty_driver.h>
58#include <linux/serial.h>
59#include <linux/kfifo.h>
60#include <linux/skbuff.h>
61#include <linux/gsmmux.h>
62
63static int debug;
64module_param(debug, int, 0600);
65
66#define T1 (HZ/10)
67#define T2 (HZ/3)
68#define N2 3
69
70/* Use long timers for testing at low speed with debug on */
71#ifdef DEBUG_TIMING
72#define T1 HZ
73#define T2 (2 * HZ)
74#endif
75
76/* Semi-arbitary buffer size limits. 0710 is normally run with 32-64 byte
77 limits so this is plenty */
78#define MAX_MRU 512
79#define MAX_MTU 512
80
81/*
82 * Each block of data we have queued to go out is in the form of
83 * a gsm_msg which holds everything we need in a link layer independant
84 * format
85 */
86
87struct gsm_msg {
88 struct gsm_msg *next;
89 u8 addr; /* DLCI address + flags */
90 u8 ctrl; /* Control byte + flags */
91 unsigned int len; /* Length of data block (can be zero) */
92 unsigned char *data; /* Points into buffer but not at the start */
93 unsigned char buffer[0];
94};
95
96/*
97 * Each active data link has a gsm_dlci structure associated which ties
98 * the link layer to an optional tty (if the tty side is open). To avoid
99 * complexity right now these are only ever freed up when the mux is
100 * shut down.
101 *
102 * At the moment we don't free DLCI objects until the mux is torn down
103 * this avoid object life time issues but might be worth review later.
104 */
105
106struct gsm_dlci {
107 struct gsm_mux *gsm;
108 int addr;
109 int state;
110#define DLCI_CLOSED 0
111#define DLCI_OPENING 1 /* Sending SABM not seen UA */
112#define DLCI_OPEN 2 /* SABM/UA complete */
113#define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
114
115 /* Link layer */
116 spinlock_t lock; /* Protects the internal state */
117 struct timer_list t1; /* Retransmit timer for SABM and UA */
118 int retries;
119 /* Uplink tty if active */
120 struct tty_port port; /* The tty bound to this DLCI if there is one */
121 struct kfifo *fifo; /* Queue fifo for the DLCI */
122 struct kfifo _fifo; /* For new fifo API porting only */
123 int adaption; /* Adaption layer in use */
124 u32 modem_rx; /* Our incoming virtual modem lines */
125 u32 modem_tx; /* Our outgoing modem lines */
126 int dead; /* Refuse re-open */
127 /* Flow control */
128 int throttled; /* Private copy of throttle state */
129 int constipated; /* Throttle status for outgoing */
130 /* Packetised I/O */
131 struct sk_buff *skb; /* Frame being sent */
132 struct sk_buff_head skb_list; /* Queued frames */
133 /* Data handling callback */
134 void (*data)(struct gsm_dlci *dlci, u8 *data, int len);
135};
136
137/* DLCI 0, 62/63 are special or reseved see gsmtty_open */
138
139#define NUM_DLCI 64
140
141/*
142 * DLCI 0 is used to pass control blocks out of band of the data
143 * flow (and with a higher link priority). One command can be outstanding
144 * at a time and we use this structure to manage them. They are created
145 * and destroyed by the user context, and updated by the receive paths
146 * and timers
147 */
148
149struct gsm_control {
150 u8 cmd; /* Command we are issuing */
151 u8 *data; /* Data for the command in case we retransmit */
152 int len; /* Length of block for retransmission */
153 int done; /* Done flag */
154 int error; /* Error if any */
155};
156
157/*
158 * Each GSM mux we have is represented by this structure. If we are
159 * operating as an ldisc then we use this structure as our ldisc
160 * state. We need to sort out lifetimes and locking with respect
161 * to the gsm mux array. For now we don't free DLCI objects that
162 * have been instantiated until the mux itself is terminated.
163 *
164 * To consider further: tty open versus mux shutdown.
165 */
166
167struct gsm_mux {
168 struct tty_struct *tty; /* The tty our ldisc is bound to */
169 spinlock_t lock;
170
171 /* Events on the GSM channel */
172 wait_queue_head_t event;
173
174 /* Bits for GSM mode decoding */
175
176 /* Framing Layer */
177 unsigned char *buf;
178 int state;
179#define GSM_SEARCH 0
180#define GSM_START 1
181#define GSM_ADDRESS 2
182#define GSM_CONTROL 3
183#define GSM_LEN 4
184#define GSM_DATA 5
185#define GSM_FCS 6
186#define GSM_OVERRUN 7
187 unsigned int len;
188 unsigned int address;
189 unsigned int count;
190 int escape;
191 int encoding;
192 u8 control;
193 u8 fcs;
194 u8 *txframe; /* TX framing buffer */
195
196 /* Methods for the receiver side */
197 void (*receive)(struct gsm_mux *gsm, u8 ch);
198 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
199 /* And transmit side */
200 int (*output)(struct gsm_mux *mux, u8 *data, int len);
201
202 /* Link Layer */
203 unsigned int mru;
204 unsigned int mtu;
205 int initiator; /* Did we initiate connection */
206 int dead; /* Has the mux been shut down */
207 struct gsm_dlci *dlci[NUM_DLCI];
208 int constipated; /* Asked by remote to shut up */
209
210 spinlock_t tx_lock;
211 unsigned int tx_bytes; /* TX data outstanding */
212#define TX_THRESH_HI 8192
213#define TX_THRESH_LO 2048
214 struct gsm_msg *tx_head; /* Pending data packets */
215 struct gsm_msg *tx_tail;
216
217 /* Control messages */
218 struct timer_list t2_timer; /* Retransmit timer for commands */
219 int cretries; /* Command retry counter */
220 struct gsm_control *pending_cmd;/* Our current pending command */
221 spinlock_t control_lock; /* Protects the pending command */
222
223 /* Configuration */
224 int adaption; /* 1 or 2 supported */
225 u8 ftype; /* UI or UIH */
226 int t1, t2; /* Timers in 1/100th of a sec */
227 int n2; /* Retry count */
228
229 /* Statistics (not currently exposed) */
230 unsigned long bad_fcs;
231 unsigned long malformed;
232 unsigned long io_error;
233 unsigned long bad_size;
234 unsigned long unsupported;
235};
236
237
238/*
239 * Mux objects - needed so that we can translate a tty index into the
240 * relevant mux and DLCI.
241 */
242
243#define MAX_MUX 4 /* 256 minors */
244static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
245static spinlock_t gsm_mux_lock;
246
247/*
248 * This section of the driver logic implements the GSM encodings
249 * both the basic and the 'advanced'. Reliable transport is not
250 * supported.
251 */
252
253#define CR 0x02
254#define EA 0x01
255#define PF 0x10
256
257/* I is special: the rest are ..*/
258#define RR 0x01
259#define UI 0x03
260#define RNR 0x05
261#define REJ 0x09
262#define DM 0x0F
263#define SABM 0x2F
264#define DISC 0x43
265#define UA 0x63
266#define UIH 0xEF
267
268/* Channel commands */
269#define CMD_NSC 0x09
270#define CMD_TEST 0x11
271#define CMD_PSC 0x21
272#define CMD_RLS 0x29
273#define CMD_FCOFF 0x31
274#define CMD_PN 0x41
275#define CMD_RPN 0x49
276#define CMD_FCON 0x51
277#define CMD_CLD 0x61
278#define CMD_SNC 0x69
279#define CMD_MSC 0x71
280
281/* Virtual modem bits */
282#define MDM_FC 0x01
283#define MDM_RTC 0x02
284#define MDM_RTR 0x04
285#define MDM_IC 0x20
286#define MDM_DV 0x40
287
288#define GSM0_SOF 0xF9
289#define GSM1_SOF 0x7E
290#define GSM1_ESCAPE 0x7D
291#define GSM1_ESCAPE_BITS 0x20
292#define XON 0x11
293#define XOFF 0x13
294
295static const struct tty_port_operations gsm_port_ops;
296
297/*
298 * CRC table for GSM 0710
299 */
300
301static const u8 gsm_fcs8[256] = {
302 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
303 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
304 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
305 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
306 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
307 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
308 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
309 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
310 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
311 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
312 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
313 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
314 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
315 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
316 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
317 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
318 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
319 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
320 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
321 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
322 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
323 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
324 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
325 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
326 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
327 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
328 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
329 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
330 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
331 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
332 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
333 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
334};
335
336#define INIT_FCS 0xFF
337#define GOOD_FCS 0xCF
338
339/**
340 * gsm_fcs_add - update FCS
341 * @fcs: Current FCS
342 * @c: Next data
343 *
344 * Update the FCS to include c. Uses the algorithm in the specification
345 * notes.
346 */
347
348static inline u8 gsm_fcs_add(u8 fcs, u8 c)
349{
350 return gsm_fcs8[fcs ^ c];
351}
352
353/**
354 * gsm_fcs_add_block - update FCS for a block
355 * @fcs: Current FCS
356 * @c: buffer of data
357 * @len: length of buffer
358 *
359 * Update the FCS to include c. Uses the algorithm in the specification
360 * notes.
361 */
362
363static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
364{
365 while (len--)
366 fcs = gsm_fcs8[fcs ^ *c++];
367 return fcs;
368}
369
370/**
371 * gsm_read_ea - read a byte into an EA
372 * @val: variable holding value
373 * c: byte going into the EA
374 *
375 * Processes one byte of an EA. Updates the passed variable
376 * and returns 1 if the EA is now completely read
377 */
378
379static int gsm_read_ea(unsigned int *val, u8 c)
380{
381 /* Add the next 7 bits into the value */
382 *val <<= 7;
383 *val |= c >> 1;
384 /* Was this the last byte of the EA 1 = yes*/
385 return c & EA;
386}
387
388/**
389 * gsm_encode_modem - encode modem data bits
390 * @dlci: DLCI to encode from
391 *
392 * Returns the correct GSM encoded modem status bits (6 bit field) for
393 * the current status of the DLCI and attached tty object
394 */
395
396static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
397{
398 u8 modembits = 0;
399 /* FC is true flow control not modem bits */
400 if (dlci->throttled)
401 modembits |= MDM_FC;
402 if (dlci->modem_tx & TIOCM_DTR)
403 modembits |= MDM_RTC;
404 if (dlci->modem_tx & TIOCM_RTS)
405 modembits |= MDM_RTR;
406 if (dlci->modem_tx & TIOCM_RI)
407 modembits |= MDM_IC;
408 if (dlci->modem_tx & TIOCM_CD)
409 modembits |= MDM_DV;
410 return modembits;
411}
412
413/**
414 * gsm_print_packet - display a frame for debug
415 * @hdr: header to print before decode
416 * @addr: address EA from the frame
417 * @cr: C/R bit from the frame
418 * @control: control including PF bit
419 * @data: following data bytes
420 * @dlen: length of data
421 *
422 * Displays a packet in human readable format for debugging purposes. The
423 * style is based on amateur radio LAP-B dump display.
424 */
425
426static void gsm_print_packet(const char *hdr, int addr, int cr,
427 u8 control, const u8 *data, int dlen)
428{
429 if (!(debug & 1))
430 return;
431
432 printk(KERN_INFO "%s %d) %c: ", hdr, addr, "RC"[cr]);
433
434 switch (control & ~PF) {
435 case SABM:
436 printk(KERN_CONT "SABM");
437 break;
438 case UA:
439 printk(KERN_CONT "UA");
440 break;
441 case DISC:
442 printk(KERN_CONT "DISC");
443 break;
444 case DM:
445 printk(KERN_CONT "DM");
446 break;
447 case UI:
448 printk(KERN_CONT "UI");
449 break;
450 case UIH:
451 printk(KERN_CONT "UIH");
452 break;
453 default:
454 if (!(control & 0x01)) {
455 printk(KERN_CONT "I N(S)%d N(R)%d",
456 (control & 0x0E) >> 1, (control & 0xE)>> 5);
457 } else switch (control & 0x0F) {
458 case RR:
459 printk("RR(%d)", (control & 0xE0) >> 5);
460 break;
461 case RNR:
462 printk("RNR(%d)", (control & 0xE0) >> 5);
463 break;
464 case REJ:
465 printk("REJ(%d)", (control & 0xE0) >> 5);
466 break;
467 default:
468 printk(KERN_CONT "[%02X]", control);
469 }
470 }
471
472 if (control & PF)
473 printk(KERN_CONT "(P)");
474 else
475 printk(KERN_CONT "(F)");
476
477 if (dlen) {
478 int ct = 0;
479 while (dlen--) {
480 if (ct % 8 == 0)
481 printk(KERN_CONT "\n ");
482 printk(KERN_CONT "%02X ", *data++);
483 ct++;
484 }
485 }
486 printk(KERN_CONT "\n");
487}
488
489
490/*
491 * Link level transmission side
492 */
493
494/**
495 * gsm_stuff_packet - bytestuff a packet
496 * @ibuf: input
497 * @obuf: output
498 * @len: length of input
499 *
500 * Expand a buffer by bytestuffing it. The worst case size change
501 * is doubling and the caller is responsible for handing out
502 * suitable sized buffers.
503 */
504
505static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
506{
507 int olen = 0;
508 while (len--) {
509 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
510 || *input == XON || *input == XOFF) {
511 *output++ = GSM1_ESCAPE;
512 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
513 olen++;
514 } else
515 *output++ = *input++;
516 olen++;
517 }
518 return olen;
519}
520
521static void hex_packet(const unsigned char *p, int len)
522{
523 int i;
524 for (i = 0; i < len; i++) {
525 if (i && (i % 16) == 0)
526 printk("\n");
527 printk("%02X ", *p++);
528 }
529 printk("\n");
530}
531
532/**
533 * gsm_send - send a control frame
534 * @gsm: our GSM mux
535 * @addr: address for control frame
536 * @cr: command/response bit
537 * @control: control byte including PF bit
538 *
539 * Format up and transmit a control frame. These do not go via the
540 * queueing logic as they should be transmitted ahead of data when
541 * they are needed.
542 *
543 * FIXME: Lock versus data TX path
544 */
545
546static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
547{
548 int len;
549 u8 cbuf[10];
550 u8 ibuf[3];
551
552 switch (gsm->encoding) {
553 case 0:
554 cbuf[0] = GSM0_SOF;
555 cbuf[1] = (addr << 2) | (cr << 1) | EA;
556 cbuf[2] = control;
557 cbuf[3] = EA; /* Length of data = 0 */
558 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
559 cbuf[5] = GSM0_SOF;
560 len = 6;
561 break;
562 case 1:
563 case 2:
564 /* Control frame + packing (but not frame stuffing) in mode 1 */
565 ibuf[0] = (addr << 2) | (cr << 1) | EA;
566 ibuf[1] = control;
567 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
568 /* Stuffing may double the size worst case */
569 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
570 /* Now add the SOF markers */
571 cbuf[0] = GSM1_SOF;
572 cbuf[len + 1] = GSM1_SOF;
573 /* FIXME: we can omit the lead one in many cases */
574 len += 2;
575 break;
576 default:
577 WARN_ON(1);
578 return;
579 }
580 gsm->output(gsm, cbuf, len);
581 gsm_print_packet("-->", addr, cr, control, NULL, 0);
582}
583
584/**
585 * gsm_response - send a control response
586 * @gsm: our GSM mux
587 * @addr: address for control frame
588 * @control: control byte including PF bit
589 *
590 * Format up and transmit a link level response frame.
591 */
592
593static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
594{
595 gsm_send(gsm, addr, 0, control);
596}
597
598/**
599 * gsm_command - send a control command
600 * @gsm: our GSM mux
601 * @addr: address for control frame
602 * @control: control byte including PF bit
603 *
604 * Format up and transmit a link level command frame.
605 */
606
607static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
608{
609 gsm_send(gsm, addr, 1, control);
610}
611
612/* Data transmission */
613
614#define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
615
616/**
617 * gsm_data_alloc - allocate data frame
618 * @gsm: GSM mux
619 * @addr: DLCI address
620 * @len: length excluding header and FCS
621 * @ctrl: control byte
622 *
623 * Allocate a new data buffer for sending frames with data. Space is left
624 * at the front for header bytes but that is treated as an implementation
625 * detail and not for the high level code to use
626 */
627
628static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
629 u8 ctrl)
630{
631 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
632 GFP_ATOMIC);
633 if (m == NULL)
634 return NULL;
635 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
636 m->len = len;
637 m->addr = addr;
638 m->ctrl = ctrl;
639 m->next = NULL;
640 return m;
641}
642
643/**
644 * gsm_data_kick - poke the queue
645 * @gsm: GSM Mux
646 *
647 * The tty device has called us to indicate that room has appeared in
648 * the transmit queue. Ram more data into the pipe if we have any
649 *
650 * FIXME: lock against link layer control transmissions
651 */
652
653static void gsm_data_kick(struct gsm_mux *gsm)
654{
655 struct gsm_msg *msg = gsm->tx_head;
656 int len;
657 int skip_sof = 0;
658
659 /* FIXME: We need to apply this solely to data messages */
660 if (gsm->constipated)
661 return;
662
663 while (gsm->tx_head != NULL) {
664 msg = gsm->tx_head;
665 if (gsm->encoding != 0) {
666 gsm->txframe[0] = GSM1_SOF;
667 len = gsm_stuff_frame(msg->data,
668 gsm->txframe + 1, msg->len);
669 gsm->txframe[len + 1] = GSM1_SOF;
670 len += 2;
671 } else {
672 gsm->txframe[0] = GSM0_SOF;
673 memcpy(gsm->txframe + 1 , msg->data, msg->len);
674 gsm->txframe[msg->len + 1] = GSM0_SOF;
675 len = msg->len + 2;
676 }
677
678 if (debug & 4) {
679 printk("gsm_data_kick: \n");
680 hex_packet(gsm->txframe, len);
681 }
682
683 if (gsm->output(gsm, gsm->txframe + skip_sof,
684 len - skip_sof) < 0)
685 break;
686 /* FIXME: Can eliminate one SOF in many more cases */
687 gsm->tx_head = msg->next;
688 if (gsm->tx_head == NULL)
689 gsm->tx_tail = NULL;
690 gsm->tx_bytes -= msg->len;
691 kfree(msg);
692 /* For a burst of frames skip the extra SOF within the
693 burst */
694 skip_sof = 1;
695 }
696}
697
698/**
699 * __gsm_data_queue - queue a UI or UIH frame
700 * @dlci: DLCI sending the data
701 * @msg: message queued
702 *
703 * Add data to the transmit queue and try and get stuff moving
704 * out of the mux tty if not already doing so. The Caller must hold
705 * the gsm tx lock.
706 */
707
708static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
709{
710 struct gsm_mux *gsm = dlci->gsm;
711 u8 *dp = msg->data;
712 u8 *fcs = dp + msg->len;
713
714 /* Fill in the header */
715 if (gsm->encoding == 0) {
716 if (msg->len < 128)
717 *--dp = (msg->len << 1) | EA;
718 else {
719 *--dp = (msg->len >> 6) | EA;
720 *--dp = (msg->len & 127) << 1;
721 }
722 }
723
724 *--dp = msg->ctrl;
725 if (gsm->initiator)
726 *--dp = (msg->addr << 2) | 2 | EA;
727 else
728 *--dp = (msg->addr << 2) | EA;
729 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
730 /* Ugly protocol layering violation */
731 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
732 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
733 *fcs = 0xFF - *fcs;
734
735 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
736 msg->data, msg->len);
737
738 /* Move the header back and adjust the length, also allow for the FCS
739 now tacked on the end */
740 msg->len += (msg->data - dp) + 1;
741 msg->data = dp;
742
743 /* Add to the actual output queue */
744 if (gsm->tx_tail)
745 gsm->tx_tail->next = msg;
746 else
747 gsm->tx_head = msg;
748 gsm->tx_tail = msg;
749 gsm->tx_bytes += msg->len;
750 gsm_data_kick(gsm);
751}
752
753/**
754 * gsm_data_queue - queue a UI or UIH frame
755 * @dlci: DLCI sending the data
756 * @msg: message queued
757 *
758 * Add data to the transmit queue and try and get stuff moving
759 * out of the mux tty if not already doing so. Take the
760 * the gsm tx lock and dlci lock.
761 */
762
763static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
764{
765 unsigned long flags;
766 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
767 __gsm_data_queue(dlci, msg);
768 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
769}
770
771/**
772 * gsm_dlci_data_output - try and push data out of a DLCI
773 * @gsm: mux
774 * @dlci: the DLCI to pull data from
775 *
776 * Pull data from a DLCI and send it into the transmit queue if there
777 * is data. Keep to the MRU of the mux. This path handles the usual tty
778 * interface which is a byte stream with optional modem data.
779 *
780 * Caller must hold the tx_lock of the mux.
781 */
782
783static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
784{
785 struct gsm_msg *msg;
786 u8 *dp;
787 int len, size;
788 int h = dlci->adaption - 1;
789
790 len = kfifo_len(dlci->fifo);
791 if (len == 0)
792 return 0;
793
794 /* MTU/MRU count only the data bits */
795 if (len > gsm->mtu)
796 len = gsm->mtu;
797
798 size = len + h;
799
800 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
801 /* FIXME: need a timer or something to kick this so it can't
802 get stuck with no work outstanding and no buffer free */
803 if (msg == NULL)
804 return -ENOMEM;
805 dp = msg->data;
806 switch (dlci->adaption) {
807 case 1: /* Unstructured */
808 break;
809 case 2: /* Unstructed with modem bits. Always one byte as we never
810 send inline break data */
811 *dp += gsm_encode_modem(dlci);
812 len--;
813 break;
814 }
815 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
816 __gsm_data_queue(dlci, msg);
817 /* Bytes of data we used up */
818 return size;
819}
820
821/**
822 * gsm_dlci_data_output_framed - try and push data out of a DLCI
823 * @gsm: mux
824 * @dlci: the DLCI to pull data from
825 *
826 * Pull data from a DLCI and send it into the transmit queue if there
827 * is data. Keep to the MRU of the mux. This path handles framed data
828 * queued as skbuffs to the DLCI.
829 *
830 * Caller must hold the tx_lock of the mux.
831 */
832
833static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
834 struct gsm_dlci *dlci)
835{
836 struct gsm_msg *msg;
837 u8 *dp;
838 int len, size;
839 int last = 0, first = 0;
840 int overhead = 0;
841
842 /* One byte per frame is used for B/F flags */
843 if (dlci->adaption == 4)
844 overhead = 1;
845
846 /* dlci->skb is locked by tx_lock */
847 if (dlci->skb == NULL) {
848 dlci->skb = skb_dequeue(&dlci->skb_list);
849 if (dlci->skb == NULL)
850 return 0;
851 first = 1;
852 }
853 len = dlci->skb->len + overhead;
854
855 /* MTU/MRU count only the data bits */
856 if (len > gsm->mtu) {
857 if (dlci->adaption == 3) {
858 /* Over long frame, bin it */
859 kfree_skb(dlci->skb);
860 dlci->skb = NULL;
861 return 0;
862 }
863 len = gsm->mtu;
864 } else
865 last = 1;
866
867 size = len + overhead;
868 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
869
870 /* FIXME: need a timer or something to kick this so it can't
871 get stuck with no work outstanding and no buffer free */
872 if (msg == NULL)
873 return -ENOMEM;
874 dp = msg->data;
875
876 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
877 /* Flag byte to carry the start/end info */
878 *dp++ = last << 7 | first << 6 | 1; /* EA */
879 len--;
880 }
881 memcpy(dp, skb_pull(dlci->skb, len), len);
882 __gsm_data_queue(dlci, msg);
883 if (last)
884 dlci->skb = NULL;
885 return size;
886}
887
888/**
889 * gsm_dlci_data_sweep - look for data to send
890 * @gsm: the GSM mux
891 *
892 * Sweep the GSM mux channels in priority order looking for ones with
893 * data to send. We could do with optimising this scan a bit. We aim
894 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
895 * TX_THRESH_LO we get called again
896 *
897 * FIXME: We should round robin between groups and in theory you can
898 * renegotiate DLCI priorities with optional stuff. Needs optimising.
899 */
900
901static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
902{
903 int len;
904 /* Priority ordering: We should do priority with RR of the groups */
905 int i = 1;
906
907 while (i < NUM_DLCI) {
908 struct gsm_dlci *dlci;
909
910 if (gsm->tx_bytes > TX_THRESH_HI)
911 break;
912 dlci = gsm->dlci[i];
913 if (dlci == NULL || dlci->constipated) {
914 i++;
915 continue;
916 }
917 if (dlci->adaption < 3)
918 len = gsm_dlci_data_output(gsm, dlci);
919 else
920 len = gsm_dlci_data_output_framed(gsm, dlci);
921 if (len < 0)
922 break;
923 /* DLCI empty - try the next */
924 if (len == 0)
925 i++;
926 }
927}
928
929/**
930 * gsm_dlci_data_kick - transmit if possible
931 * @dlci: DLCI to kick
932 *
933 * Transmit data from this DLCI if the queue is empty. We can't rely on
934 * a tty wakeup except when we filled the pipe so we need to fire off
935 * new data ourselves in other cases.
936 */
937
938static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
939{
940 unsigned long flags;
941
942 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
943 /* If we have nothing running then we need to fire up */
944 if (dlci->gsm->tx_bytes == 0)
945 gsm_dlci_data_output(dlci->gsm, dlci);
946 else if (dlci->gsm->tx_bytes < TX_THRESH_LO)
947 gsm_dlci_data_sweep(dlci->gsm);
948 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
949}
950
951/*
952 * Control message processing
953 */
954
955
956/**
957 * gsm_control_reply - send a response frame to a control
958 * @gsm: gsm channel
959 * @cmd: the command to use
960 * @data: data to follow encoded info
961 * @dlen: length of data
962 *
963 * Encode up and queue a UI/UIH frame containing our response.
964 */
965
966static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data,
967 int dlen)
968{
969 struct gsm_msg *msg;
970 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
971 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
972 msg->data[1] = (dlen << 1) | EA;
973 memcpy(msg->data + 2, data, dlen);
974 gsm_data_queue(gsm->dlci[0], msg);
975}
976
977/**
978 * gsm_process_modem - process received modem status
979 * @tty: virtual tty bound to the DLCI
980 * @dlci: DLCI to affect
981 * @modem: modem bits (full EA)
982 *
983 * Used when a modem control message or line state inline in adaption
984 * layer 2 is processed. Sort out the local modem state and throttles
985 */
986
987static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
988 u32 modem)
989{
990 int mlines = 0;
991 u8 brk = modem >> 6;
992
993 /* Flow control/ready to communicate */
994 if (modem & MDM_FC) {
995 /* Need to throttle our output on this device */
996 dlci->constipated = 1;
997 }
998 if (modem & MDM_RTC) {
999 mlines |= TIOCM_DSR | TIOCM_DTR;
1000 dlci->constipated = 0;
1001 gsm_dlci_data_kick(dlci);
1002 }
1003 /* Map modem bits */
1004 if (modem & MDM_RTR)
1005 mlines |= TIOCM_RTS | TIOCM_CTS;
1006 if (modem & MDM_IC)
1007 mlines |= TIOCM_RI;
1008 if (modem & MDM_DV)
1009 mlines |= TIOCM_CD;
1010
1011 /* Carrier drop -> hangup */
1012 if (tty) {
1013 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1014 if (!(tty->termios->c_cflag & CLOCAL))
1015 tty_hangup(tty);
1016 if (brk & 0x01)
1017 tty_insert_flip_char(tty, 0, TTY_BREAK);
1018 }
1019 dlci->modem_rx = mlines;
1020}
1021
1022/**
1023 * gsm_control_modem - modem status received
1024 * @gsm: GSM channel
1025 * @data: data following command
1026 * @clen: command length
1027 *
1028 * We have received a modem status control message. This is used by
1029 * the GSM mux protocol to pass virtual modem line status and optionally
1030 * to indicate break signals. Unpack it, convert to Linux representation
1031 * and if need be stuff a break message down the tty.
1032 */
1033
1034static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen)
1035{
1036 unsigned int addr = 0;
1037 unsigned int modem = 0;
1038 struct gsm_dlci *dlci;
1039 int len = clen;
1040 u8 *dp = data;
1041 struct tty_struct *tty;
1042
1043 while (gsm_read_ea(&addr, *dp++) == 0) {
1044 len--;
1045 if (len == 0)
1046 return;
1047 }
1048 /* Must be at least one byte following the EA */
1049 len--;
1050 if (len <= 0)
1051 return;
1052
1053 addr >>= 1;
1054 /* Closed port, or invalid ? */
1055 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1056 return;
1057 dlci = gsm->dlci[addr];
1058
1059 while (gsm_read_ea(&modem, *dp++) == 0) {
1060 len--;
1061 if (len == 0)
1062 return;
1063 }
1064 tty = tty_port_tty_get(&dlci->port);
1065 gsm_process_modem(tty, dlci, modem);
1066 if (tty) {
1067 tty_wakeup(tty);
1068 tty_kref_put(tty);
1069 }
1070 gsm_control_reply(gsm, CMD_MSC, data, clen);
1071}
1072
1073/**
1074 * gsm_control_rls - remote line status
1075 * @gsm: GSM channel
1076 * @data: data bytes
1077 * @clen: data length
1078 *
1079 * The modem sends us a two byte message on the control channel whenever
1080 * it wishes to send us an error state from the virtual link. Stuff
1081 * this into the uplink tty if present
1082 */
1083
1084static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen)
1085{
1086 struct tty_struct *tty;
1087 unsigned int addr = 0 ;
1088 u8 bits;
1089 int len = clen;
1090 u8 *dp = data;
1091
1092 while (gsm_read_ea(&addr, *dp++) == 0) {
1093 len--;
1094 if (len == 0)
1095 return;
1096 }
1097 /* Must be at least one byte following ea */
1098 len--;
1099 if (len <= 0)
1100 return;
1101 addr >>= 1;
1102 /* Closed port, or invalid ? */
1103 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1104 return;
1105 /* No error ? */
1106 bits = *dp;
1107 if ((bits & 1) == 0)
1108 return;
1109 /* See if we have an uplink tty */
1110 tty = tty_port_tty_get(&gsm->dlci[addr]->port);
1111
1112 if (tty) {
1113 if (bits & 2)
1114 tty_insert_flip_char(tty, 0, TTY_OVERRUN);
1115 if (bits & 4)
1116 tty_insert_flip_char(tty, 0, TTY_PARITY);
1117 if (bits & 8)
1118 tty_insert_flip_char(tty, 0, TTY_FRAME);
1119 tty_flip_buffer_push(tty);
1120 tty_kref_put(tty);
1121 }
1122 gsm_control_reply(gsm, CMD_RLS, data, clen);
1123}
1124
1125static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1126
1127/**
1128 * gsm_control_message - DLCI 0 control processing
1129 * @gsm: our GSM mux
1130 * @command: the command EA
1131 * @data: data beyond the command/length EAs
1132 * @clen: length
1133 *
1134 * Input processor for control messages from the other end of the link.
1135 * Processes the incoming request and queues a response frame or an
1136 * NSC response if not supported
1137 */
1138
1139static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1140 u8 *data, int clen)
1141{
1142 u8 buf[1];
1143 switch (command) {
1144 case CMD_CLD: {
1145 struct gsm_dlci *dlci = gsm->dlci[0];
1146 /* Modem wishes to close down */
1147 if (dlci) {
1148 dlci->dead = 1;
1149 gsm->dead = 1;
1150 gsm_dlci_begin_close(dlci);
1151 }
1152 }
1153 break;
1154 case CMD_TEST:
1155 /* Modem wishes to test, reply with the data */
1156 gsm_control_reply(gsm, CMD_TEST, data, clen);
1157 break;
1158 case CMD_FCON:
1159 /* Modem wants us to STFU */
1160 gsm->constipated = 1;
1161 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1162 break;
1163 case CMD_FCOFF:
1164 /* Modem can accept data again */
1165 gsm->constipated = 0;
1166 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1167 /* Kick the link in case it is idling */
1168 gsm_data_kick(gsm);
1169 break;
1170 case CMD_MSC:
1171 /* Out of band modem line change indicator for a DLCI */
1172 gsm_control_modem(gsm, data, clen);
1173 break;
1174 case CMD_RLS:
1175 /* Out of band error reception for a DLCI */
1176 gsm_control_rls(gsm, data, clen);
1177 break;
1178 case CMD_PSC:
1179 /* Modem wishes to enter power saving state */
1180 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1181 break;
1182 /* Optional unsupported commands */
1183 case CMD_PN: /* Parameter negotiation */
1184 case CMD_RPN: /* Remote port negotation */
1185 case CMD_SNC: /* Service negotation command */
1186 default:
1187 /* Reply to bad commands with an NSC */
1188 buf[0] = command;
1189 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1190 break;
1191 }
1192}
1193
1194/**
1195 * gsm_control_response - process a response to our control
1196 * @gsm: our GSM mux
1197 * @command: the command (response) EA
1198 * @data: data beyond the command/length EA
1199 * @clen: length
1200 *
1201 * Process a response to an outstanding command. We only allow a single
1202 * control message in flight so this is fairly easy. All the clean up
1203 * is done by the caller, we just update the fields, flag it as done
1204 * and return
1205 */
1206
1207static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1208 u8 *data, int clen)
1209{
1210 struct gsm_control *ctrl;
1211 unsigned long flags;
1212
1213 spin_lock_irqsave(&gsm->control_lock, flags);
1214
1215 ctrl = gsm->pending_cmd;
1216 /* Does the reply match our command */
1217 command |= 1;
1218 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1219 /* Our command was replied to, kill the retry timer */
1220 del_timer(&gsm->t2_timer);
1221 gsm->pending_cmd = NULL;
1222 /* Rejected by the other end */
1223 if (command == CMD_NSC)
1224 ctrl->error = -EOPNOTSUPP;
1225 ctrl->done = 1;
1226 wake_up(&gsm->event);
1227 }
1228 spin_unlock_irqrestore(&gsm->control_lock, flags);
1229}
1230
1231/**
1232 * gsm_control_transmit - send control packet
1233 * @gsm: gsm mux
1234 * @ctrl: frame to send
1235 *
1236 * Send out a pending control command (called under control lock)
1237 */
1238
1239static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1240{
1241 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1,
1242 gsm->ftype|PF);
1243 if (msg == NULL)
1244 return;
1245 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1246 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1247 gsm_data_queue(gsm->dlci[0], msg);
1248}
1249
1250/**
1251 * gsm_control_retransmit - retransmit a control frame
1252 * @data: pointer to our gsm object
1253 *
1254 * Called off the T2 timer expiry in order to retransmit control frames
1255 * that have been lost in the system somewhere. The control_lock protects
1256 * us from colliding with another sender or a receive completion event.
1257 * In that situation the timer may still occur in a small window but
1258 * gsm->pending_cmd will be NULL and we just let the timer expire.
1259 */
1260
1261static void gsm_control_retransmit(unsigned long data)
1262{
1263 struct gsm_mux *gsm = (struct gsm_mux *)data;
1264 struct gsm_control *ctrl;
1265 unsigned long flags;
1266 spin_lock_irqsave(&gsm->control_lock, flags);
1267 ctrl = gsm->pending_cmd;
1268 if (ctrl) {
1269 gsm->cretries--;
1270 if (gsm->cretries == 0) {
1271 gsm->pending_cmd = NULL;
1272 ctrl->error = -ETIMEDOUT;
1273 ctrl->done = 1;
1274 spin_unlock_irqrestore(&gsm->control_lock, flags);
1275 wake_up(&gsm->event);
1276 return;
1277 }
1278 gsm_control_transmit(gsm, ctrl);
1279 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1280 }
1281 spin_unlock_irqrestore(&gsm->control_lock, flags);
1282}
1283
1284/**
1285 * gsm_control_send - send a control frame on DLCI 0
1286 * @gsm: the GSM channel
1287 * @command: command to send including CR bit
1288 * @data: bytes of data (must be kmalloced)
1289 * @len: length of the block to send
1290 *
1291 * Queue and dispatch a control command. Only one command can be
1292 * active at a time. In theory more can be outstanding but the matching
1293 * gets really complicated so for now stick to one outstanding.
1294 */
1295
1296static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1297 unsigned int command, u8 *data, int clen)
1298{
1299 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1300 GFP_KERNEL);
1301 unsigned long flags;
1302 if (ctrl == NULL)
1303 return NULL;
1304retry:
1305 wait_event(gsm->event, gsm->pending_cmd == NULL);
1306 spin_lock_irqsave(&gsm->control_lock, flags);
1307 if (gsm->pending_cmd != NULL) {
1308 spin_unlock_irqrestore(&gsm->control_lock, flags);
1309 goto retry;
1310 }
1311 ctrl->cmd = command;
1312 ctrl->data = data;
1313 ctrl->len = clen;
1314 gsm->pending_cmd = ctrl;
1315 gsm->cretries = gsm->n2;
1316 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1317 gsm_control_transmit(gsm, ctrl);
1318 spin_unlock_irqrestore(&gsm->control_lock, flags);
1319 return ctrl;
1320}
1321
1322/**
1323 * gsm_control_wait - wait for a control to finish
1324 * @gsm: GSM mux
1325 * @control: control we are waiting on
1326 *
1327 * Waits for the control to complete or time out. Frees any used
1328 * resources and returns 0 for success, or an error if the remote
1329 * rejected or ignored the request.
1330 */
1331
1332static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1333{
1334 int err;
1335 wait_event(gsm->event, control->done == 1);
1336 err = control->error;
1337 kfree(control);
1338 return err;
1339}
1340
1341
1342/*
1343 * DLCI level handling: Needs krefs
1344 */
1345
1346/*
1347 * State transitions and timers
1348 */
1349
1350/**
1351 * gsm_dlci_close - a DLCI has closed
1352 * @dlci: DLCI that closed
1353 *
1354 * Perform processing when moving a DLCI into closed state. If there
1355 * is an attached tty this is hung up
1356 */
1357
1358static void gsm_dlci_close(struct gsm_dlci *dlci)
1359{
1360 del_timer(&dlci->t1);
1361 if (debug & 8)
1362 printk("DLCI %d goes closed.\n", dlci->addr);
1363 dlci->state = DLCI_CLOSED;
1364 if (dlci->addr != 0) {
1365 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1366 if (tty) {
1367 tty_hangup(tty);
1368 tty_kref_put(tty);
1369 }
1370 kfifo_reset(dlci->fifo);
1371 } else
1372 dlci->gsm->dead = 1;
1373 wake_up(&dlci->gsm->event);
1374 /* A DLCI 0 close is a MUX termination so we need to kick that
1375 back to userspace somehow */
1376}
1377
1378/**
1379 * gsm_dlci_open - a DLCI has opened
1380 * @dlci: DLCI that opened
1381 *
1382 * Perform processing when moving a DLCI into open state.
1383 */
1384
1385static void gsm_dlci_open(struct gsm_dlci *dlci)
1386{
1387 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1388 open -> open */
1389 del_timer(&dlci->t1);
1390 /* This will let a tty open continue */
1391 dlci->state = DLCI_OPEN;
1392 if (debug & 8)
1393 printk("DLCI %d goes open.\n", dlci->addr);
1394 wake_up(&dlci->gsm->event);
1395}
1396
1397/**
1398 * gsm_dlci_t1 - T1 timer expiry
1399 * @dlci: DLCI that opened
1400 *
1401 * The T1 timer handles retransmits of control frames (essentially of
1402 * SABM and DISC). We resend the command until the retry count runs out
1403 * in which case an opening port goes back to closed and a closing port
1404 * is simply put into closed state (any further frames from the other
1405 * end will get a DM response)
1406 */
1407
1408static void gsm_dlci_t1(unsigned long data)
1409{
1410 struct gsm_dlci *dlci = (struct gsm_dlci *)data;
1411 struct gsm_mux *gsm = dlci->gsm;
1412
1413 switch (dlci->state) {
1414 case DLCI_OPENING:
1415 dlci->retries--;
1416 if (dlci->retries) {
1417 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1418 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1419 } else
1420 gsm_dlci_close(dlci);
1421 break;
1422 case DLCI_CLOSING:
1423 dlci->retries--;
1424 if (dlci->retries) {
1425 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1426 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1427 } else
1428 gsm_dlci_close(dlci);
1429 break;
1430 }
1431}
1432
1433/**
1434 * gsm_dlci_begin_open - start channel open procedure
1435 * @dlci: DLCI to open
1436 *
1437 * Commence opening a DLCI from the Linux side. We issue SABM messages
1438 * to the modem which should then reply with a UA, at which point we
1439 * will move into open state. Opening is done asynchronously with retry
1440 * running off timers and the responses.
1441 */
1442
1443static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1444{
1445 struct gsm_mux *gsm = dlci->gsm;
1446 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1447 return;
1448 dlci->retries = gsm->n2;
1449 dlci->state = DLCI_OPENING;
1450 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1451 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1452}
1453
1454/**
1455 * gsm_dlci_begin_close - start channel open procedure
1456 * @dlci: DLCI to open
1457 *
1458 * Commence closing a DLCI from the Linux side. We issue DISC messages
1459 * to the modem which should then reply with a UA, at which point we
1460 * will move into closed state. Closing is done asynchronously with retry
1461 * off timers. We may also receive a DM reply from the other end which
1462 * indicates the channel was already closed.
1463 */
1464
1465static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1466{
1467 struct gsm_mux *gsm = dlci->gsm;
1468 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1469 return;
1470 dlci->retries = gsm->n2;
1471 dlci->state = DLCI_CLOSING;
1472 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1473 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1474}
1475
1476/**
1477 * gsm_dlci_data - data arrived
1478 * @dlci: channel
1479 * @data: block of bytes received
1480 * @len: length of received block
1481 *
1482 * A UI or UIH frame has arrived which contains data for a channel
1483 * other than the control channel. If the relevant virtual tty is
1484 * open we shovel the bits down it, if not we drop them.
1485 */
1486
1487static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int len)
1488{
1489 /* krefs .. */
1490 struct tty_port *port = &dlci->port;
1491 struct tty_struct *tty = tty_port_tty_get(port);
1492 unsigned int modem = 0;
1493
1494 if (debug & 16)
1495 printk("%d bytes for tty %p\n", len, tty);
1496 if (tty) {
1497 switch (dlci->adaption) {
1498 /* Unsupported types */
1499 /* Packetised interruptible data */
1500 case 4:
1501 break;
1502 /* Packetised uininterruptible voice/data */
1503 case 3:
1504 break;
1505 /* Asynchronous serial with line state in each frame */
1506 case 2:
1507 while (gsm_read_ea(&modem, *data++) == 0) {
1508 len--;
1509 if (len == 0)
1510 return;
1511 }
1512 gsm_process_modem(tty, dlci, modem);
1513 /* Line state will go via DLCI 0 controls only */
1514 case 1:
1515 default:
1516 tty_insert_flip_string(tty, data, len);
1517 tty_flip_buffer_push(tty);
1518 }
1519 tty_kref_put(tty);
1520 }
1521}
1522
1523/**
1524 * gsm_dlci_control - data arrived on control channel
1525 * @dlci: channel
1526 * @data: block of bytes received
1527 * @len: length of received block
1528 *
1529 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1530 * control channel. This should contain a command EA followed by
1531 * control data bytes. The command EA contains a command/response bit
1532 * and we divide up the work accordingly.
1533 */
1534
1535static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len)
1536{
1537 /* See what command is involved */
1538 unsigned int command = 0;
1539 while (len-- > 0) {
1540 if (gsm_read_ea(&command, *data++) == 1) {
1541 int clen = *data++;
1542 len--;
1543 /* FIXME: this is properly an EA */
1544 clen >>= 1;
1545 /* Malformed command ? */
1546 if (clen > len)
1547 return;
1548 if (command & 1)
1549 gsm_control_message(dlci->gsm, command,
1550 data, clen);
1551 else
1552 gsm_control_response(dlci->gsm, command,
1553 data, clen);
1554 return;
1555 }
1556 }
1557}
1558
1559/*
1560 * Allocate/Free DLCI channels
1561 */
1562
1563/**
1564 * gsm_dlci_alloc - allocate a DLCI
1565 * @gsm: GSM mux
1566 * @addr: address of the DLCI
1567 *
1568 * Allocate and install a new DLCI object into the GSM mux.
1569 *
1570 * FIXME: review locking races
1571 */
1572
1573static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1574{
1575 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1576 if (dlci == NULL)
1577 return NULL;
1578 spin_lock_init(&dlci->lock);
1579 dlci->fifo = &dlci->_fifo;
1580 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1581 kfree(dlci);
1582 return NULL;
1583 }
1584
1585 skb_queue_head_init(&dlci->skb_list);
1586 init_timer(&dlci->t1);
1587 dlci->t1.function = gsm_dlci_t1;
1588 dlci->t1.data = (unsigned long)dlci;
1589 tty_port_init(&dlci->port);
1590 dlci->port.ops = &gsm_port_ops;
1591 dlci->gsm = gsm;
1592 dlci->addr = addr;
1593 dlci->adaption = gsm->adaption;
1594 dlci->state = DLCI_CLOSED;
1595 if (addr)
1596 dlci->data = gsm_dlci_data;
1597 else
1598 dlci->data = gsm_dlci_command;
1599 gsm->dlci[addr] = dlci;
1600 return dlci;
1601}
1602
1603/**
1604 * gsm_dlci_free - release DLCI
1605 * @dlci: DLCI to destroy
1606 *
1607 * Free up a DLCI. Currently to keep the lifetime rules sane we only
1608 * clean up DLCI objects when the MUX closes rather than as the port
1609 * is closed down on both the tty and mux levels.
1610 *
1611 * Can sleep.
1612 */
1613static void gsm_dlci_free(struct gsm_dlci *dlci)
1614{
1615 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1616 if (tty) {
1617 tty_vhangup(tty);
1618 tty_kref_put(tty);
1619 }
1620 del_timer_sync(&dlci->t1);
1621 dlci->gsm->dlci[dlci->addr] = NULL;
1622 kfifo_free(dlci->fifo);
1623 kfree(dlci);
1624}
1625
1626
1627/*
1628 * LAPBish link layer logic
1629 */
1630
1631/**
1632 * gsm_queue - a GSM frame is ready to process
1633 * @gsm: pointer to our gsm mux
1634 *
1635 * At this point in time a frame has arrived and been demangled from
1636 * the line encoding. All the differences between the encodings have
1637 * been handled below us and the frame is unpacked into the structures.
1638 * The fcs holds the header FCS but any data FCS must be added here.
1639 */
1640
1641static void gsm_queue(struct gsm_mux *gsm)
1642{
1643 struct gsm_dlci *dlci;
1644 u8 cr;
1645 int address;
1646 /* We have to sneak a look at the packet body to do the FCS.
1647 A somewhat layering violation in the spec */
1648
1649 if ((gsm->control & ~PF) == UI)
1650 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1651 if (gsm->fcs != GOOD_FCS) {
1652 gsm->bad_fcs++;
1653 if (debug & 4)
1654 printk("BAD FCS %02x\n", gsm->fcs);
1655 return;
1656 }
1657 address = gsm->address >> 1;
1658 if (address >= NUM_DLCI)
1659 goto invalid;
1660
1661 cr = gsm->address & 1; /* C/R bit */
1662
1663 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1664
1665 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1666 dlci = gsm->dlci[address];
1667
1668 switch (gsm->control) {
1669 case SABM|PF:
1670 if (cr == 0)
1671 goto invalid;
1672 if (dlci == NULL)
1673 dlci = gsm_dlci_alloc(gsm, address);
1674 if (dlci == NULL)
1675 return;
1676 if (dlci->dead)
1677 gsm_response(gsm, address, DM);
1678 else {
1679 gsm_response(gsm, address, UA);
1680 gsm_dlci_open(dlci);
1681 }
1682 break;
1683 case DISC|PF:
1684 if (cr == 0)
1685 goto invalid;
1686 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1687 gsm_response(gsm, address, DM);
1688 return;
1689 }
1690 /* Real close complete */
1691 gsm_response(gsm, address, UA);
1692 gsm_dlci_close(dlci);
1693 break;
1694 case UA:
1695 case UA|PF:
1696 if (cr == 0 || dlci == NULL)
1697 break;
1698 switch (dlci->state) {
1699 case DLCI_CLOSING:
1700 gsm_dlci_close(dlci);
1701 break;
1702 case DLCI_OPENING:
1703 gsm_dlci_open(dlci);
1704 break;
1705 }
1706 break;
1707 case DM: /* DM can be valid unsolicited */
1708 case DM|PF:
1709 if (cr)
1710 goto invalid;
1711 if (dlci == NULL)
1712 return;
1713 gsm_dlci_close(dlci);
1714 break;
1715 case UI:
1716 case UI|PF:
1717 case UIH:
1718 case UIH|PF:
1719#if 0
1720 if (cr)
1721 goto invalid;
1722#endif
1723 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1724 gsm_command(gsm, address, DM|PF);
1725 return;
1726 }
1727 dlci->data(dlci, gsm->buf, gsm->len);
1728 break;
1729 default:
1730 goto invalid;
1731 }
1732 return;
1733invalid:
1734 gsm->malformed++;
1735 return;
1736}
1737
1738
1739/**
1740 * gsm0_receive - perform processing for non-transparency
1741 * @gsm: gsm data for this ldisc instance
1742 * @c: character
1743 *
1744 * Receive bytes in gsm mode 0
1745 */
1746
1747static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1748{
1749 switch (gsm->state) {
1750 case GSM_SEARCH: /* SOF marker */
1751 if (c == GSM0_SOF) {
1752 gsm->state = GSM_ADDRESS;
1753 gsm->address = 0;
1754 gsm->len = 0;
1755 gsm->fcs = INIT_FCS;
1756 }
1757 break; /* Address EA */
1758 case GSM_ADDRESS:
1759 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1760 if (gsm_read_ea(&gsm->address, c))
1761 gsm->state = GSM_CONTROL;
1762 break;
1763 case GSM_CONTROL: /* Control Byte */
1764 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1765 gsm->control = c;
1766 gsm->state = GSM_LEN;
1767 break;
1768 case GSM_LEN: /* Length EA */
1769 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1770 if (gsm_read_ea(&gsm->len, c)) {
1771 if (gsm->len > gsm->mru) {
1772 gsm->bad_size++;
1773 gsm->state = GSM_SEARCH;
1774 break;
1775 }
1776 gsm->count = 0;
1777 gsm->state = GSM_DATA;
1778 }
1779 break;
1780 case GSM_DATA: /* Data */
1781 gsm->buf[gsm->count++] = c;
1782 if (gsm->count == gsm->len)
1783 gsm->state = GSM_FCS;
1784 break;
1785 case GSM_FCS: /* FCS follows the packet */
1786 gsm->fcs = c;
1787 gsm_queue(gsm);
1788 /* And then back for the next frame */
1789 gsm->state = GSM_SEARCH;
1790 break;
1791 }
1792}
1793
1794/**
1795 * gsm0_receive - perform processing for non-transparency
1796 * @gsm: gsm data for this ldisc instance
1797 * @c: character
1798 *
1799 * Receive bytes in mode 1 (Advanced option)
1800 */
1801
1802static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1803{
1804 if (c == GSM1_SOF) {
1805 /* EOF is only valid in frame if we have got to the data state
1806 and received at least one byte (the FCS) */
1807 if (gsm->state == GSM_DATA && gsm->count) {
1808 /* Extract the FCS */
1809 gsm->count--;
1810 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1811 gsm->len = gsm->count;
1812 gsm_queue(gsm);
1813 gsm->state = GSM_START;
1814 return;
1815 }
1816 /* Any partial frame was a runt so go back to start */
1817 if (gsm->state != GSM_START) {
1818 gsm->malformed++;
1819 gsm->state = GSM_START;
1820 }
1821 /* A SOF in GSM_START means we are still reading idling or
1822 framing bytes */
1823 return;
1824 }
1825
1826 if (c == GSM1_ESCAPE) {
1827 gsm->escape = 1;
1828 return;
1829 }
1830
1831 /* Only an unescaped SOF gets us out of GSM search */
1832 if (gsm->state == GSM_SEARCH)
1833 return;
1834
1835 if (gsm->escape) {
1836 c ^= GSM1_ESCAPE_BITS;
1837 gsm->escape = 0;
1838 }
1839 switch (gsm->state) {
1840 case GSM_START: /* First byte after SOF */
1841 gsm->address = 0;
1842 gsm->state = GSM_ADDRESS;
1843 gsm->fcs = INIT_FCS;
1844 /* Drop through */
1845 case GSM_ADDRESS: /* Address continuation */
1846 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1847 if (gsm_read_ea(&gsm->address, c))
1848 gsm->state = GSM_CONTROL;
1849 break;
1850 case GSM_CONTROL: /* Control Byte */
1851 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1852 gsm->control = c;
1853 gsm->count = 0;
1854 gsm->state = GSM_DATA;
1855 break;
1856 case GSM_DATA: /* Data */
1857 if (gsm->count > gsm->mru ) { /* Allow one for the FCS */
1858 gsm->state = GSM_OVERRUN;
1859 gsm->bad_size++;
1860 } else
1861 gsm->buf[gsm->count++] = c;
1862 break;
1863 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
1864 break;
1865 }
1866}
1867
1868/**
1869 * gsm_error - handle tty error
1870 * @gsm: ldisc data
1871 * @data: byte received (may be invalid)
1872 * @flag: error received
1873 *
1874 * Handle an error in the receipt of data for a frame. Currently we just
1875 * go back to hunting for a SOF.
1876 *
1877 * FIXME: better diagnostics ?
1878 */
1879
1880static void gsm_error(struct gsm_mux *gsm,
1881 unsigned char data, unsigned char flag)
1882{
1883 gsm->state = GSM_SEARCH;
1884 gsm->io_error++;
1885}
1886
1887/**
1888 * gsm_cleanup_mux - generic GSM protocol cleanup
1889 * @gsm: our mux
1890 *
1891 * Clean up the bits of the mux which are the same for all framing
1892 * protocols. Remove the mux from the mux table, stop all the timers
1893 * and then shut down each device hanging up the channels as we go.
1894 */
1895
1896void gsm_cleanup_mux(struct gsm_mux *gsm)
1897{
1898 int i;
1899 struct gsm_dlci *dlci = gsm->dlci[0];
1900 struct gsm_msg *txq;
1901
1902 gsm->dead = 1;
1903
1904 spin_lock(&gsm_mux_lock);
1905 for (i = 0; i < MAX_MUX; i++) {
1906 if (gsm_mux[i] == gsm) {
1907 gsm_mux[i] = NULL;
1908 break;
1909 }
1910 }
1911 spin_unlock(&gsm_mux_lock);
1912 WARN_ON(i == MAX_MUX);
1913
1914 del_timer_sync(&gsm->t2_timer);
1915 /* Now we are sure T2 has stopped */
1916 if (dlci) {
1917 dlci->dead = 1;
1918 gsm_dlci_begin_close(dlci);
1919 wait_event_interruptible(gsm->event,
1920 dlci->state == DLCI_CLOSED);
1921 }
1922 /* Free up any link layer users */
1923 for (i = 0; i < NUM_DLCI; i++)
1924 if (gsm->dlci[i])
1925 gsm_dlci_free(gsm->dlci[i]);
1926 /* Now wipe the queues */
1927 for (txq = gsm->tx_head; txq != NULL; txq = gsm->tx_head) {
1928 gsm->tx_head = txq->next;
1929 kfree(txq);
1930 }
1931 gsm->tx_tail = NULL;
1932}
1933EXPORT_SYMBOL_GPL(gsm_cleanup_mux);
1934
1935/**
1936 * gsm_activate_mux - generic GSM setup
1937 * @gsm: our mux
1938 *
1939 * Set up the bits of the mux which are the same for all framing
1940 * protocols. Add the mux to the mux table so it can be opened and
1941 * finally kick off connecting to DLCI 0 on the modem.
1942 */
1943
1944int gsm_activate_mux(struct gsm_mux *gsm)
1945{
1946 struct gsm_dlci *dlci;
1947 int i = 0;
1948
1949 init_timer(&gsm->t2_timer);
1950 gsm->t2_timer.function = gsm_control_retransmit;
1951 gsm->t2_timer.data = (unsigned long)gsm;
1952 init_waitqueue_head(&gsm->event);
1953 spin_lock_init(&gsm->control_lock);
1954 spin_lock_init(&gsm->tx_lock);
1955
1956 if (gsm->encoding == 0)
1957 gsm->receive = gsm0_receive;
1958 else
1959 gsm->receive = gsm1_receive;
1960 gsm->error = gsm_error;
1961
1962 spin_lock(&gsm_mux_lock);
1963 for (i = 0; i < MAX_MUX; i++) {
1964 if (gsm_mux[i] == NULL) {
1965 gsm_mux[i] = gsm;
1966 break;
1967 }
1968 }
1969 spin_unlock(&gsm_mux_lock);
1970 if (i == MAX_MUX)
1971 return -EBUSY;
1972
1973 dlci = gsm_dlci_alloc(gsm, 0);
1974 if (dlci == NULL)
1975 return -ENOMEM;
1976 gsm->dead = 0; /* Tty opens are now permissible */
1977 return 0;
1978}
1979EXPORT_SYMBOL_GPL(gsm_activate_mux);
1980
1981/**
1982 * gsm_free_mux - free up a mux
1983 * @mux: mux to free
1984 *
1985 * Dispose of allocated resources for a dead mux. No refcounting
1986 * at present so the mux must be truely dead.
1987 */
1988void gsm_free_mux(struct gsm_mux *gsm)
1989{
1990 kfree(gsm->txframe);
1991 kfree(gsm->buf);
1992 kfree(gsm);
1993}
1994EXPORT_SYMBOL_GPL(gsm_free_mux);
1995
1996/**
1997 * gsm_alloc_mux - allocate a mux
1998 *
1999 * Creates a new mux ready for activation.
2000 */
2001
2002struct gsm_mux *gsm_alloc_mux(void)
2003{
2004 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2005 if (gsm == NULL)
2006 return NULL;
2007 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2008 if (gsm->buf == NULL) {
2009 kfree(gsm);
2010 return NULL;
2011 }
2012 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2013 if (gsm->txframe == NULL) {
2014 kfree(gsm->buf);
2015 kfree(gsm);
2016 return NULL;
2017 }
2018 spin_lock_init(&gsm->lock);
2019
2020 gsm->t1 = T1;
2021 gsm->t2 = T2;
2022 gsm->n2 = N2;
2023 gsm->ftype = UIH;
2024 gsm->initiator = 0;
2025 gsm->adaption = 1;
2026 gsm->encoding = 1;
2027 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2028 gsm->mtu = 64;
2029 gsm->dead = 1; /* Avoid early tty opens */
2030
2031 return gsm;
2032}
2033EXPORT_SYMBOL_GPL(gsm_alloc_mux);
2034
2035
2036
2037
2038/**
2039 * gsmld_output - write to link
2040 * @gsm: our mux
2041 * @data: bytes to output
2042 * @len: size
2043 *
2044 * Write a block of data from the GSM mux to the data channel. This
2045 * will eventually be serialized from above but at the moment isn't.
2046 */
2047
2048static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2049{
2050 if (tty_write_room(gsm->tty) < len) {
2051 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2052 return -ENOSPC;
2053 }
2054 if (debug & 4) {
2055 printk("-->%d bytes out\n", len);
2056 hex_packet(data, len);
2057 }
2058 gsm->tty->ops->write(gsm->tty, data, len);
2059 return len;
2060}
2061
2062/**
2063 * gsmld_attach_gsm - mode set up
2064 * @tty: our tty structure
2065 * @gsm: our mux
2066 *
2067 * Set up the MUX for basic mode and commence connecting to the
2068 * modem. Currently called from the line discipline set up but
2069 * will need moving to an ioctl path.
2070 */
2071
2072static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2073{
2074 int ret;
2075
2076 gsm->tty = tty_kref_get(tty);
2077 gsm->output = gsmld_output;
2078 ret = gsm_activate_mux(gsm);
2079 if (ret != 0)
2080 tty_kref_put(gsm->tty);
2081 return ret;
2082}
2083
2084
2085/**
2086 * gsmld_detach_gsm - stop doing 0710 mux
2087 * @tty: tty atttached to the mux
2088 * @gsm: mux
2089 *
2090 * Shutdown and then clean up the resources used by the line discipline
2091 */
2092
2093static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2094{
2095 WARN_ON(tty != gsm->tty);
2096 gsm_cleanup_mux(gsm);
2097 tty_kref_put(gsm->tty);
2098 gsm->tty = NULL;
2099}
2100
2101static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2102 char *fp, int count)
2103{
2104 struct gsm_mux *gsm = tty->disc_data;
2105 const unsigned char *dp;
2106 char *f;
2107 int i;
2108 char buf[64];
2109 char flags;
2110
2111 if (debug & 4) {
2112 printk("Inbytes %dd\n", count);
2113 hex_packet(cp, count);
2114 }
2115
2116 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2117 flags = *f++;
2118 switch (flags) {
2119 case TTY_NORMAL:
2120 gsm->receive(gsm, *dp);
2121 break;
2122 case TTY_OVERRUN:
2123 case TTY_BREAK:
2124 case TTY_PARITY:
2125 case TTY_FRAME:
2126 gsm->error(gsm, *dp, flags);
2127 break;
2128 default:
2129 printk(KERN_ERR "%s: unknown flag %d\n",
2130 tty_name(tty, buf), flags);
2131 break;
2132 }
2133 }
2134 /* FASYNC if needed ? */
2135 /* If clogged call tty_throttle(tty); */
2136}
2137
2138/**
2139 * gsmld_chars_in_buffer - report available bytes
2140 * @tty: tty device
2141 *
2142 * Report the number of characters buffered to be delivered to user
2143 * at this instant in time.
2144 *
2145 * Locking: gsm lock
2146 */
2147
2148static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty)
2149{
2150 return 0;
2151}
2152
2153/**
2154 * gsmld_flush_buffer - clean input queue
2155 * @tty: terminal device
2156 *
2157 * Flush the input buffer. Called when the line discipline is
2158 * being closed, when the tty layer wants the buffer flushed (eg
2159 * at hangup).
2160 */
2161
2162static void gsmld_flush_buffer(struct tty_struct *tty)
2163{
2164}
2165
2166/**
2167 * gsmld_close - close the ldisc for this tty
2168 * @tty: device
2169 *
2170 * Called from the terminal layer when this line discipline is
2171 * being shut down, either because of a close or becsuse of a
2172 * discipline change. The function will not be called while other
2173 * ldisc methods are in progress.
2174 */
2175
2176static void gsmld_close(struct tty_struct *tty)
2177{
2178 struct gsm_mux *gsm = tty->disc_data;
2179
2180 gsmld_detach_gsm(tty, gsm);
2181
2182 gsmld_flush_buffer(tty);
2183 /* Do other clean up here */
2184 gsm_free_mux(gsm);
2185}
2186
2187/**
2188 * gsmld_open - open an ldisc
2189 * @tty: terminal to open
2190 *
2191 * Called when this line discipline is being attached to the
2192 * terminal device. Can sleep. Called serialized so that no
2193 * other events will occur in parallel. No further open will occur
2194 * until a close.
2195 */
2196
2197static int gsmld_open(struct tty_struct *tty)
2198{
2199 struct gsm_mux *gsm;
2200
2201 if (tty->ops->write == NULL)
2202 return -EINVAL;
2203
2204 /* Attach our ldisc data */
2205 gsm = gsm_alloc_mux();
2206 if (gsm == NULL)
2207 return -ENOMEM;
2208
2209 tty->disc_data = gsm;
2210 tty->receive_room = 65536;
2211
2212 /* Attach the initial passive connection */
2213 gsm->encoding = 1;
2214 return gsmld_attach_gsm(tty, gsm);
2215}
2216
2217/**
2218 * gsmld_write_wakeup - asynchronous I/O notifier
2219 * @tty: tty device
2220 *
2221 * Required for the ptys, serial driver etc. since processes
2222 * that attach themselves to the master and rely on ASYNC
2223 * IO must be woken up
2224 */
2225
2226static void gsmld_write_wakeup(struct tty_struct *tty)
2227{
2228 struct gsm_mux *gsm = tty->disc_data;
2229 unsigned long flags;
2230
2231 /* Queue poll */
2232 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2233 gsm_data_kick(gsm);
2234 if (gsm->tx_bytes < TX_THRESH_LO) {
2235 spin_lock_irqsave(&gsm->tx_lock, flags);
2236 gsm_dlci_data_sweep(gsm);
2237 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2238 }
2239}
2240
2241/**
2242 * gsmld_read - read function for tty
2243 * @tty: tty device
2244 * @file: file object
2245 * @buf: userspace buffer pointer
2246 * @nr: size of I/O
2247 *
2248 * Perform reads for the line discipline. We are guaranteed that the
2249 * line discipline will not be closed under us but we may get multiple
2250 * parallel readers and must handle this ourselves. We may also get
2251 * a hangup. Always called in user context, may sleep.
2252 *
2253 * This code must be sure never to sleep through a hangup.
2254 */
2255
2256static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2257 unsigned char __user *buf, size_t nr)
2258{
2259 return -EOPNOTSUPP;
2260}
2261
2262/**
2263 * gsmld_write - write function for tty
2264 * @tty: tty device
2265 * @file: file object
2266 * @buf: userspace buffer pointer
2267 * @nr: size of I/O
2268 *
2269 * Called when the owner of the device wants to send a frame
2270 * itself (or some other control data). The data is transferred
2271 * as-is and must be properly framed and checksummed as appropriate
2272 * by userspace. Frames are either sent whole or not at all as this
2273 * avoids pain user side.
2274 */
2275
2276static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2277 const unsigned char *buf, size_t nr)
2278{
2279 int space = tty_write_room(tty);
2280 if (space >= nr)
2281 return tty->ops->write(tty, buf, nr);
2282 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2283 return -ENOBUFS;
2284}
2285
2286/**
2287 * gsmld_poll - poll method for N_GSM0710
2288 * @tty: terminal device
2289 * @file: file accessing it
2290 * @wait: poll table
2291 *
2292 * Called when the line discipline is asked to poll() for data or
2293 * for special events. This code is not serialized with respect to
2294 * other events save open/close.
2295 *
2296 * This code must be sure never to sleep through a hangup.
2297 * Called without the kernel lock held - fine
2298 */
2299
2300static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file,
2301 poll_table *wait)
2302{
2303 unsigned int mask = 0;
2304 struct gsm_mux *gsm = tty->disc_data;
2305
2306 poll_wait(file, &tty->read_wait, wait);
2307 poll_wait(file, &tty->write_wait, wait);
2308 if (tty_hung_up_p(file))
2309 mask |= POLLHUP;
2310 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2311 mask |= POLLOUT | POLLWRNORM;
2312 if (gsm->dead)
2313 mask |= POLLHUP;
2314 return mask;
2315}
2316
2317static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm,
2318 struct gsm_config *c)
2319{
2320 int need_close = 0;
2321 int need_restart = 0;
2322
2323 /* Stuff we don't support yet - UI or I frame transport, windowing */
2324 if ((c->adaption !=1 && c->adaption != 2) || c->k)
2325 return -EOPNOTSUPP;
2326 /* Check the MRU/MTU range looks sane */
2327 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2328 return -EINVAL;
2329 if (c->n2 < 3)
2330 return -EINVAL;
2331 if (c->encapsulation > 1) /* Basic, advanced, no I */
2332 return -EINVAL;
2333 if (c->initiator > 1)
2334 return -EINVAL;
2335 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2336 return -EINVAL;
2337 /*
2338 * See what is needed for reconfiguration
2339 */
2340
2341 /* Timing fields */
2342 if (c->t1 != 0 && c->t1 != gsm->t1)
2343 need_restart = 1;
2344 if (c->t2 != 0 && c->t2 != gsm->t2)
2345 need_restart = 1;
2346 if (c->encapsulation != gsm->encoding)
2347 need_restart = 1;
2348 if (c->adaption != gsm->adaption)
2349 need_restart = 1;
2350 /* Requires care */
2351 if (c->initiator != gsm->initiator)
2352 need_close = 1;
2353 if (c->mru != gsm->mru)
2354 need_restart = 1;
2355 if (c->mtu != gsm->mtu)
2356 need_restart = 1;
2357
2358 /*
2359 * Close down what is needed, restart and initiate the new
2360 * configuration
2361 */
2362
2363 if (need_close || need_restart) {
2364 gsm_dlci_begin_close(gsm->dlci[0]);
2365 /* This will timeout if the link is down due to N2 expiring */
2366 wait_event_interruptible(gsm->event,
2367 gsm->dlci[0]->state == DLCI_CLOSED);
2368 if (signal_pending(current))
2369 return -EINTR;
2370 }
2371 if (need_restart)
2372 gsm_cleanup_mux(gsm);
2373
2374 gsm->initiator = c->initiator;
2375 gsm->mru = c->mru;
2376 gsm->encoding = c->encapsulation;
2377 gsm->adaption = c->adaption;
2378
2379 if (c->i == 1)
2380 gsm->ftype = UIH;
2381 else if (c->i == 2)
2382 gsm->ftype = UI;
2383
2384 if (c->t1)
2385 gsm->t1 = c->t1;
2386 if (c->t2)
2387 gsm->t2 = c->t2;
2388
2389 /* FIXME: We need to separate activation/deactivation from adding
2390 and removing from the mux array */
2391 if (need_restart)
2392 gsm_activate_mux(gsm);
2393 if (gsm->initiator && need_close)
2394 gsm_dlci_begin_open(gsm->dlci[0]);
2395 return 0;
2396}
2397
2398static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2399 unsigned int cmd, unsigned long arg)
2400{
2401 struct gsm_config c;
2402 struct gsm_mux *gsm = tty->disc_data;
2403
2404 switch (cmd) {
2405 case GSMIOC_GETCONF:
2406 memset(&c, 0, sizeof(c));
2407 c.adaption = gsm->adaption;
2408 c.encapsulation = gsm->encoding;
2409 c.initiator = gsm->initiator;
2410 c.t1 = gsm->t1;
2411 c.t2 = gsm->t2;
2412 c.t3 = 0; /* Not supported */
2413 c.n2 = gsm->n2;
2414 if (gsm->ftype == UIH)
2415 c.i = 1;
2416 else
2417 c.i = 2;
2418 printk("Ftype %d i %d\n", gsm->ftype, c.i);
2419 c.mru = gsm->mru;
2420 c.mtu = gsm->mtu;
2421 c.k = 0;
2422 if (copy_to_user((void *)arg, &c, sizeof(c)))
2423 return -EFAULT;
2424 return 0;
2425 case GSMIOC_SETCONF:
2426 if (copy_from_user(&c, (void *)arg, sizeof(c)))
2427 return -EFAULT;
2428 return gsmld_config(tty, gsm, &c);
2429 default:
2430 return n_tty_ioctl_helper(tty, file, cmd, arg);
2431 }
2432}
2433
2434
2435/* Line discipline for real tty */
2436struct tty_ldisc_ops tty_ldisc_packet = {
2437 .owner = THIS_MODULE,
2438 .magic = TTY_LDISC_MAGIC,
2439 .name = "n_gsm",
2440 .open = gsmld_open,
2441 .close = gsmld_close,
2442 .flush_buffer = gsmld_flush_buffer,
2443 .chars_in_buffer = gsmld_chars_in_buffer,
2444 .read = gsmld_read,
2445 .write = gsmld_write,
2446 .ioctl = gsmld_ioctl,
2447 .poll = gsmld_poll,
2448 .receive_buf = gsmld_receive_buf,
2449 .write_wakeup = gsmld_write_wakeup
2450};
2451
2452/*
2453 * Virtual tty side
2454 */
2455
2456#define TX_SIZE 512
2457
2458static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2459{
2460 u8 modembits[5];
2461 struct gsm_control *ctrl;
2462 int len = 2;
2463
2464 if (brk)
2465 len++;
2466
2467 modembits[0] = len << 1 | EA; /* Data bytes */
2468 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2469 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2470 if (brk)
2471 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2472 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2473 if (ctrl == NULL)
2474 return -ENOMEM;
2475 return gsm_control_wait(dlci->gsm, ctrl);
2476}
2477
2478static int gsm_carrier_raised(struct tty_port *port)
2479{
2480 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2481 /* Not yet open so no carrier info */
2482 if (dlci->state != DLCI_OPEN)
2483 return 0;
2484 if (debug & 2)
2485 return 1;
2486 return dlci->modem_rx & TIOCM_CD;
2487}
2488
2489static void gsm_dtr_rts(struct tty_port *port, int onoff)
2490{
2491 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2492 unsigned int modem_tx = dlci->modem_tx;
2493 if (onoff)
2494 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2495 else
2496 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2497 if (modem_tx != dlci->modem_tx) {
2498 dlci->modem_tx = modem_tx;
2499 gsmtty_modem_update(dlci, 0);
2500 }
2501}
2502
2503static const struct tty_port_operations gsm_port_ops = {
2504 .carrier_raised = gsm_carrier_raised,
2505 .dtr_rts = gsm_dtr_rts,
2506};
2507
2508
2509static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2510{
2511 struct gsm_mux *gsm;
2512 struct gsm_dlci *dlci;
2513 struct tty_port *port;
2514 unsigned int line = tty->index;
2515 unsigned int mux = line >> 6;
2516
2517 line = line & 0x3F;
2518
2519 if (mux >= MAX_MUX)
2520 return -ENXIO;
2521 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2522 if (gsm_mux[mux] == NULL)
2523 return -EUNATCH;
2524 if (line == 0 || line > 61) /* 62/63 reserved */
2525 return -ECHRNG;
2526 gsm = gsm_mux[mux];
2527 if (gsm->dead)
2528 return -EL2HLT;
2529 dlci = gsm->dlci[line];
2530 if (dlci == NULL)
2531 dlci = gsm_dlci_alloc(gsm, line);
2532 if (dlci == NULL)
2533 return -ENOMEM;
2534 port = &dlci->port;
2535 port->count++;
2536 tty->driver_data = dlci;
2537 tty_port_tty_set(port, tty);
2538
2539 dlci->modem_rx = 0;
2540 /* We could in theory open and close before we wait - eg if we get
2541 a DM straight back. This is ok as that will have caused a hangup */
2542 set_bit(ASYNCB_INITIALIZED, &port->flags);
2543 /* Start sending off SABM messages */
2544 gsm_dlci_begin_open(dlci);
2545 /* And wait for virtual carrier */
2546 return tty_port_block_til_ready(port, tty, filp);
2547}
2548
2549static void gsmtty_close(struct tty_struct *tty, struct file *filp)
2550{
2551 struct gsm_dlci *dlci = tty->driver_data;
2552 if (dlci == NULL)
2553 return;
2554 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
2555 return;
2556 gsm_dlci_begin_close(dlci);
2557 tty_port_close_end(&dlci->port, tty);
2558 tty_port_tty_set(&dlci->port, NULL);
2559}
2560
2561static void gsmtty_hangup(struct tty_struct *tty)
2562{
2563 struct gsm_dlci *dlci = tty->driver_data;
2564 tty_port_hangup(&dlci->port);
2565 gsm_dlci_begin_close(dlci);
2566}
2567
2568static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
2569 int len)
2570{
2571 struct gsm_dlci *dlci = tty->driver_data;
2572 /* Stuff the bytes into the fifo queue */
2573 int sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
2574 /* Need to kick the channel */
2575 gsm_dlci_data_kick(dlci);
2576 return sent;
2577}
2578
2579static int gsmtty_write_room(struct tty_struct *tty)
2580{
2581 struct gsm_dlci *dlci = tty->driver_data;
2582 return TX_SIZE - kfifo_len(dlci->fifo);
2583}
2584
2585static int gsmtty_chars_in_buffer(struct tty_struct *tty)
2586{
2587 struct gsm_dlci *dlci = tty->driver_data;
2588 return kfifo_len(dlci->fifo);
2589}
2590
2591static void gsmtty_flush_buffer(struct tty_struct *tty)
2592{
2593 struct gsm_dlci *dlci = tty->driver_data;
2594 /* Caution needed: If we implement reliable transport classes
2595 then the data being transmitted can't simply be junked once
2596 it has first hit the stack. Until then we can just blow it
2597 away */
2598 kfifo_reset(dlci->fifo);
2599 /* Need to unhook this DLCI from the transmit queue logic */
2600}
2601
2602static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
2603{
2604 /* The FIFO handles the queue so the kernel will do the right
2605 thing waiting on chars_in_buffer before calling us. No work
2606 to do here */
2607}
2608
2609static int gsmtty_tiocmget(struct tty_struct *tty, struct file *filp)
2610{
2611 struct gsm_dlci *dlci = tty->driver_data;
2612 return dlci->modem_rx;
2613}
2614
2615static int gsmtty_tiocmset(struct tty_struct *tty, struct file *filp,
2616 unsigned int set, unsigned int clear)
2617{
2618 struct gsm_dlci *dlci = tty->driver_data;
2619 unsigned int modem_tx = dlci->modem_tx;
2620
2621 modem_tx &= clear;
2622 modem_tx |= set;
2623
2624 if (modem_tx != dlci->modem_tx) {
2625 dlci->modem_tx = modem_tx;
2626 return gsmtty_modem_update(dlci, 0);
2627 }
2628 return 0;
2629}
2630
2631
2632static int gsmtty_ioctl(struct tty_struct *tty, struct file *filp,
2633 unsigned int cmd, unsigned long arg)
2634{
2635 return -ENOIOCTLCMD;
2636}
2637
2638static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
2639{
2640 /* For the moment its fixed. In actual fact the speed information
2641 for the virtual channel can be propogated in both directions by
2642 the RPN control message. This however rapidly gets nasty as we
2643 then have to remap modem signals each way according to whether
2644 our virtual cable is null modem etc .. */
2645 tty_termios_copy_hw(tty->termios, old);
2646}
2647
2648static void gsmtty_throttle(struct tty_struct *tty)
2649{
2650 struct gsm_dlci *dlci = tty->driver_data;
2651 if (tty->termios->c_cflag & CRTSCTS)
2652 dlci->modem_tx &= ~TIOCM_DTR;
2653 dlci->throttled = 1;
2654 /* Send an MSC with DTR cleared */
2655 gsmtty_modem_update(dlci, 0);
2656}
2657
2658static void gsmtty_unthrottle(struct tty_struct *tty)
2659{
2660 struct gsm_dlci *dlci = tty->driver_data;
2661 if (tty->termios->c_cflag & CRTSCTS)
2662 dlci->modem_tx |= TIOCM_DTR;
2663 dlci->throttled = 0;
2664 /* Send an MSC with DTR set */
2665 gsmtty_modem_update(dlci, 0);
2666}
2667
2668static int gsmtty_break_ctl(struct tty_struct *tty, int state)
2669{
2670 struct gsm_dlci *dlci = tty->driver_data;
2671 int encode = 0; /* Off */
2672
2673 if (state == -1) /* "On indefinitely" - we can't encode this
2674 properly */
2675 encode = 0x0F;
2676 else if (state > 0) {
2677 encode = state / 200; /* mS to encoding */
2678 if (encode > 0x0F)
2679 encode = 0x0F; /* Best effort */
2680 }
2681 return gsmtty_modem_update(dlci, encode);
2682}
2683
2684static struct tty_driver *gsm_tty_driver;
2685
2686/* Virtual ttys for the demux */
2687static const struct tty_operations gsmtty_ops = {
2688 .open = gsmtty_open,
2689 .close = gsmtty_close,
2690 .write = gsmtty_write,
2691 .write_room = gsmtty_write_room,
2692 .chars_in_buffer = gsmtty_chars_in_buffer,
2693 .flush_buffer = gsmtty_flush_buffer,
2694 .ioctl = gsmtty_ioctl,
2695 .throttle = gsmtty_throttle,
2696 .unthrottle = gsmtty_unthrottle,
2697 .set_termios = gsmtty_set_termios,
2698 .hangup = gsmtty_hangup,
2699 .wait_until_sent = gsmtty_wait_until_sent,
2700 .tiocmget = gsmtty_tiocmget,
2701 .tiocmset = gsmtty_tiocmset,
2702 .break_ctl = gsmtty_break_ctl,
2703};
2704
2705
2706
2707static int __init gsm_init(void)
2708{
2709 /* Fill in our line protocol discipline, and register it */
2710 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
2711 if (status != 0) {
2712 printk(KERN_ERR "n_gsm: can't register line discipline (err = %d)\n", status);
2713 return status;
2714 }
2715
2716 gsm_tty_driver = alloc_tty_driver(256);
2717 if (!gsm_tty_driver) {
2718 tty_unregister_ldisc(N_GSM0710);
2719 printk(KERN_ERR "gsm_init: tty allocation failed.\n");
2720 return -EINVAL;
2721 }
2722 gsm_tty_driver->owner = THIS_MODULE;
2723 gsm_tty_driver->driver_name = "gsmtty";
2724 gsm_tty_driver->name = "gsmtty";
2725 gsm_tty_driver->major = 0; /* Dynamic */
2726 gsm_tty_driver->minor_start = 0;
2727 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
2728 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
2729 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
2730 | TTY_DRIVER_HARDWARE_BREAK;
2731 gsm_tty_driver->init_termios = tty_std_termios;
2732 /* Fixme */
2733 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
2734 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
2735
2736 spin_lock_init(&gsm_mux_lock);
2737
2738 if (tty_register_driver(gsm_tty_driver)) {
2739 put_tty_driver(gsm_tty_driver);
2740 tty_unregister_ldisc(N_GSM0710);
2741 printk(KERN_ERR "gsm_init: tty registration failed.\n");
2742 return -EBUSY;
2743 }
2744 printk(KERN_INFO "gsm_init: loaded as %d,%d.\n", gsm_tty_driver->major, gsm_tty_driver->minor_start);
2745 return 0;
2746}
2747
2748static void __exit gsm_exit(void)
2749{
2750 int status = tty_unregister_ldisc(N_GSM0710);
2751 if (status != 0)
2752 printk(KERN_ERR "n_gsm: can't unregister line discipline (err = %d)\n", status);
2753 tty_unregister_driver(gsm_tty_driver);
2754 put_tty_driver(gsm_tty_driver);
2755 printk(KERN_INFO "gsm_init: unloaded.\n");
2756}
2757
2758module_init(gsm_init);
2759module_exit(gsm_exit);
2760
2761
2762MODULE_LICENSE("GPL");
2763MODULE_ALIAS_LDISC(N_GSM0710);
diff --git a/drivers/char/n_hdlc.c b/drivers/char/n_hdlc.c
deleted file mode 100644
index 47d32281032..00000000000
--- a/drivers/char/n_hdlc.c
+++ /dev/null
@@ -1,1007 +0,0 @@
1/* generic HDLC line discipline for Linux
2 *
3 * Written by Paul Fulghum paulkf@microgate.com
4 * for Microgate Corporation
5 *
6 * Microgate and SyncLink are registered trademarks of Microgate Corporation
7 *
8 * Adapted from ppp.c, written by Michael Callahan <callahan@maths.ox.ac.uk>,
9 * Al Longyear <longyear@netcom.com>,
10 * Paul Mackerras <Paul.Mackerras@cs.anu.edu.au>
11 *
12 * Original release 01/11/99
13 *
14 * This code is released under the GNU General Public License (GPL)
15 *
16 * This module implements the tty line discipline N_HDLC for use with
17 * tty device drivers that support bit-synchronous HDLC communications.
18 *
19 * All HDLC data is frame oriented which means:
20 *
21 * 1. tty write calls represent one complete transmit frame of data
22 * The device driver should accept the complete frame or none of
23 * the frame (busy) in the write method. Each write call should have
24 * a byte count in the range of 2-65535 bytes (2 is min HDLC frame
25 * with 1 addr byte and 1 ctrl byte). The max byte count of 65535
26 * should include any crc bytes required. For example, when using
27 * CCITT CRC32, 4 crc bytes are required, so the maximum size frame
28 * the application may transmit is limited to 65531 bytes. For CCITT
29 * CRC16, the maximum application frame size would be 65533.
30 *
31 *
32 * 2. receive callbacks from the device driver represents
33 * one received frame. The device driver should bypass
34 * the tty flip buffer and call the line discipline receive
35 * callback directly to avoid fragmenting or concatenating
36 * multiple frames into a single receive callback.
37 *
38 * The HDLC line discipline queues the receive frames in separate
39 * buffers so complete receive frames can be returned by the
40 * tty read calls.
41 *
42 * 3. tty read calls returns an entire frame of data or nothing.
43 *
44 * 4. all send and receive data is considered raw. No processing
45 * or translation is performed by the line discipline, regardless
46 * of the tty flags
47 *
48 * 5. When line discipline is queried for the amount of receive
49 * data available (FIOC), 0 is returned if no data available,
50 * otherwise the count of the next available frame is returned.
51 * (instead of the sum of all received frame counts).
52 *
53 * These conventions allow the standard tty programming interface
54 * to be used for synchronous HDLC applications when used with
55 * this line discipline (or another line discipline that is frame
56 * oriented such as N_PPP).
57 *
58 * The SyncLink driver (synclink.c) implements both asynchronous
59 * (using standard line discipline N_TTY) and synchronous HDLC
60 * (using N_HDLC) communications, with the latter using the above
61 * conventions.
62 *
63 * This implementation is very basic and does not maintain
64 * any statistics. The main point is to enforce the raw data
65 * and frame orientation of HDLC communications.
66 *
67 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
68 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
69 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
70 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
71 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
72 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
73 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
74 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
75 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
76 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
77 * OF THE POSSIBILITY OF SUCH DAMAGE.
78 */
79
80#define HDLC_MAGIC 0x239e
81
82#include <linux/module.h>
83#include <linux/init.h>
84#include <linux/kernel.h>
85#include <linux/sched.h>
86#include <linux/types.h>
87#include <linux/fcntl.h>
88#include <linux/interrupt.h>
89#include <linux/ptrace.h>
90
91#undef VERSION
92#define VERSION(major,minor,patch) (((((major)<<8)+(minor))<<8)+(patch))
93
94#include <linux/poll.h>
95#include <linux/in.h>
96#include <linux/ioctl.h>
97#include <linux/slab.h>
98#include <linux/tty.h>
99#include <linux/errno.h>
100#include <linux/smp_lock.h>
101#include <linux/string.h> /* used in new tty drivers */
102#include <linux/signal.h> /* used in new tty drivers */
103#include <linux/if.h>
104#include <linux/bitops.h>
105
106#include <asm/system.h>
107#include <asm/termios.h>
108#include <asm/uaccess.h>
109
110/*
111 * Buffers for individual HDLC frames
112 */
113#define MAX_HDLC_FRAME_SIZE 65535
114#define DEFAULT_RX_BUF_COUNT 10
115#define MAX_RX_BUF_COUNT 60
116#define DEFAULT_TX_BUF_COUNT 3
117
118struct n_hdlc_buf {
119 struct n_hdlc_buf *link;
120 int count;
121 char buf[1];
122};
123
124#define N_HDLC_BUF_SIZE (sizeof(struct n_hdlc_buf) + maxframe)
125
126struct n_hdlc_buf_list {
127 struct n_hdlc_buf *head;
128 struct n_hdlc_buf *tail;
129 int count;
130 spinlock_t spinlock;
131};
132
133/**
134 * struct n_hdlc - per device instance data structure
135 * @magic - magic value for structure
136 * @flags - miscellaneous control flags
137 * @tty - ptr to TTY structure
138 * @backup_tty - TTY to use if tty gets closed
139 * @tbusy - reentrancy flag for tx wakeup code
140 * @woke_up - FIXME: describe this field
141 * @tbuf - currently transmitting tx buffer
142 * @tx_buf_list - list of pending transmit frame buffers
143 * @rx_buf_list - list of received frame buffers
144 * @tx_free_buf_list - list unused transmit frame buffers
145 * @rx_free_buf_list - list unused received frame buffers
146 */
147struct n_hdlc {
148 int magic;
149 __u32 flags;
150 struct tty_struct *tty;
151 struct tty_struct *backup_tty;
152 int tbusy;
153 int woke_up;
154 struct n_hdlc_buf *tbuf;
155 struct n_hdlc_buf_list tx_buf_list;
156 struct n_hdlc_buf_list rx_buf_list;
157 struct n_hdlc_buf_list tx_free_buf_list;
158 struct n_hdlc_buf_list rx_free_buf_list;
159};
160
161/*
162 * HDLC buffer list manipulation functions
163 */
164static void n_hdlc_buf_list_init(struct n_hdlc_buf_list *list);
165static void n_hdlc_buf_put(struct n_hdlc_buf_list *list,
166 struct n_hdlc_buf *buf);
167static struct n_hdlc_buf *n_hdlc_buf_get(struct n_hdlc_buf_list *list);
168
169/* Local functions */
170
171static struct n_hdlc *n_hdlc_alloc (void);
172
173/* debug level can be set by insmod for debugging purposes */
174#define DEBUG_LEVEL_INFO 1
175static int debuglevel;
176
177/* max frame size for memory allocations */
178static int maxframe = 4096;
179
180/* TTY callbacks */
181
182static ssize_t n_hdlc_tty_read(struct tty_struct *tty, struct file *file,
183 __u8 __user *buf, size_t nr);
184static ssize_t n_hdlc_tty_write(struct tty_struct *tty, struct file *file,
185 const unsigned char *buf, size_t nr);
186static int n_hdlc_tty_ioctl(struct tty_struct *tty, struct file *file,
187 unsigned int cmd, unsigned long arg);
188static unsigned int n_hdlc_tty_poll(struct tty_struct *tty, struct file *filp,
189 poll_table *wait);
190static int n_hdlc_tty_open(struct tty_struct *tty);
191static void n_hdlc_tty_close(struct tty_struct *tty);
192static void n_hdlc_tty_receive(struct tty_struct *tty, const __u8 *cp,
193 char *fp, int count);
194static void n_hdlc_tty_wakeup(struct tty_struct *tty);
195
196#define bset(p,b) ((p)[(b) >> 5] |= (1 << ((b) & 0x1f)))
197
198#define tty2n_hdlc(tty) ((struct n_hdlc *) ((tty)->disc_data))
199#define n_hdlc2tty(n_hdlc) ((n_hdlc)->tty)
200
201static void flush_rx_queue(struct tty_struct *tty)
202{
203 struct n_hdlc *n_hdlc = tty2n_hdlc(tty);
204 struct n_hdlc_buf *buf;
205
206 while ((buf = n_hdlc_buf_get(&n_hdlc->rx_buf_list)))
207 n_hdlc_buf_put(&n_hdlc->rx_free_buf_list, buf);
208}
209
210static void flush_tx_queue(struct tty_struct *tty)
211{
212 struct n_hdlc *n_hdlc = tty2n_hdlc(tty);
213 struct n_hdlc_buf *buf;
214 unsigned long flags;
215
216 while ((buf = n_hdlc_buf_get(&n_hdlc->tx_buf_list)))
217 n_hdlc_buf_put(&n_hdlc->tx_free_buf_list, buf);
218 spin_lock_irqsave(&n_hdlc->tx_buf_list.spinlock, flags);
219 if (n_hdlc->tbuf) {
220 n_hdlc_buf_put(&n_hdlc->tx_free_buf_list, n_hdlc->tbuf);
221 n_hdlc->tbuf = NULL;
222 }
223 spin_unlock_irqrestore(&n_hdlc->tx_buf_list.spinlock, flags);
224}
225
226static struct tty_ldisc_ops n_hdlc_ldisc = {
227 .owner = THIS_MODULE,
228 .magic = TTY_LDISC_MAGIC,
229 .name = "hdlc",
230 .open = n_hdlc_tty_open,
231 .close = n_hdlc_tty_close,
232 .read = n_hdlc_tty_read,
233 .write = n_hdlc_tty_write,
234 .ioctl = n_hdlc_tty_ioctl,
235 .poll = n_hdlc_tty_poll,
236 .receive_buf = n_hdlc_tty_receive,
237 .write_wakeup = n_hdlc_tty_wakeup,
238 .flush_buffer = flush_rx_queue,
239};
240
241/**
242 * n_hdlc_release - release an n_hdlc per device line discipline info structure
243 * @n_hdlc - per device line discipline info structure
244 */
245static void n_hdlc_release(struct n_hdlc *n_hdlc)
246{
247 struct tty_struct *tty = n_hdlc2tty (n_hdlc);
248 struct n_hdlc_buf *buf;
249
250 if (debuglevel >= DEBUG_LEVEL_INFO)
251 printk("%s(%d)n_hdlc_release() called\n",__FILE__,__LINE__);
252
253 /* Ensure that the n_hdlcd process is not hanging on select()/poll() */
254 wake_up_interruptible (&tty->read_wait);
255 wake_up_interruptible (&tty->write_wait);
256
257 if (tty->disc_data == n_hdlc)
258 tty->disc_data = NULL; /* Break the tty->n_hdlc link */
259
260 /* Release transmit and receive buffers */
261 for(;;) {
262 buf = n_hdlc_buf_get(&n_hdlc->rx_free_buf_list);
263 if (buf) {
264 kfree(buf);
265 } else
266 break;
267 }
268 for(;;) {
269 buf = n_hdlc_buf_get(&n_hdlc->tx_free_buf_list);
270 if (buf) {
271 kfree(buf);
272 } else
273 break;
274 }
275 for(;;) {
276 buf = n_hdlc_buf_get(&n_hdlc->rx_buf_list);
277 if (buf) {
278 kfree(buf);
279 } else
280 break;
281 }
282 for(;;) {
283 buf = n_hdlc_buf_get(&n_hdlc->tx_buf_list);
284 if (buf) {
285 kfree(buf);
286 } else
287 break;
288 }
289 kfree(n_hdlc->tbuf);
290 kfree(n_hdlc);
291
292} /* end of n_hdlc_release() */
293
294/**
295 * n_hdlc_tty_close - line discipline close
296 * @tty - pointer to tty info structure
297 *
298 * Called when the line discipline is changed to something
299 * else, the tty is closed, or the tty detects a hangup.
300 */
301static void n_hdlc_tty_close(struct tty_struct *tty)
302{
303 struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
304
305 if (debuglevel >= DEBUG_LEVEL_INFO)
306 printk("%s(%d)n_hdlc_tty_close() called\n",__FILE__,__LINE__);
307
308 if (n_hdlc != NULL) {
309 if (n_hdlc->magic != HDLC_MAGIC) {
310 printk (KERN_WARNING"n_hdlc: trying to close unopened tty!\n");
311 return;
312 }
313#if defined(TTY_NO_WRITE_SPLIT)
314 clear_bit(TTY_NO_WRITE_SPLIT,&tty->flags);
315#endif
316 tty->disc_data = NULL;
317 if (tty == n_hdlc->backup_tty)
318 n_hdlc->backup_tty = NULL;
319 if (tty != n_hdlc->tty)
320 return;
321 if (n_hdlc->backup_tty) {
322 n_hdlc->tty = n_hdlc->backup_tty;
323 } else {
324 n_hdlc_release (n_hdlc);
325 }
326 }
327
328 if (debuglevel >= DEBUG_LEVEL_INFO)
329 printk("%s(%d)n_hdlc_tty_close() success\n",__FILE__,__LINE__);
330
331} /* end of n_hdlc_tty_close() */
332
333/**
334 * n_hdlc_tty_open - called when line discipline changed to n_hdlc
335 * @tty - pointer to tty info structure
336 *
337 * Returns 0 if success, otherwise error code
338 */
339static int n_hdlc_tty_open (struct tty_struct *tty)
340{
341 struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
342
343 if (debuglevel >= DEBUG_LEVEL_INFO)
344 printk("%s(%d)n_hdlc_tty_open() called (device=%s)\n",
345 __FILE__,__LINE__,
346 tty->name);
347
348 /* There should not be an existing table for this slot. */
349 if (n_hdlc) {
350 printk (KERN_ERR"n_hdlc_tty_open:tty already associated!\n" );
351 return -EEXIST;
352 }
353
354 n_hdlc = n_hdlc_alloc();
355 if (!n_hdlc) {
356 printk (KERN_ERR "n_hdlc_alloc failed\n");
357 return -ENFILE;
358 }
359
360 tty->disc_data = n_hdlc;
361 n_hdlc->tty = tty;
362 tty->receive_room = 65536;
363
364#if defined(TTY_NO_WRITE_SPLIT)
365 /* change tty_io write() to not split large writes into 8K chunks */
366 set_bit(TTY_NO_WRITE_SPLIT,&tty->flags);
367#endif
368
369 /* flush receive data from driver */
370 tty_driver_flush_buffer(tty);
371
372 if (debuglevel >= DEBUG_LEVEL_INFO)
373 printk("%s(%d)n_hdlc_tty_open() success\n",__FILE__,__LINE__);
374
375 return 0;
376
377} /* end of n_tty_hdlc_open() */
378
379/**
380 * n_hdlc_send_frames - send frames on pending send buffer list
381 * @n_hdlc - pointer to ldisc instance data
382 * @tty - pointer to tty instance data
383 *
384 * Send frames on pending send buffer list until the driver does not accept a
385 * frame (busy) this function is called after adding a frame to the send buffer
386 * list and by the tty wakeup callback.
387 */
388static void n_hdlc_send_frames(struct n_hdlc *n_hdlc, struct tty_struct *tty)
389{
390 register int actual;
391 unsigned long flags;
392 struct n_hdlc_buf *tbuf;
393
394 if (debuglevel >= DEBUG_LEVEL_INFO)
395 printk("%s(%d)n_hdlc_send_frames() called\n",__FILE__,__LINE__);
396 check_again:
397
398 spin_lock_irqsave(&n_hdlc->tx_buf_list.spinlock, flags);
399 if (n_hdlc->tbusy) {
400 n_hdlc->woke_up = 1;
401 spin_unlock_irqrestore(&n_hdlc->tx_buf_list.spinlock, flags);
402 return;
403 }
404 n_hdlc->tbusy = 1;
405 n_hdlc->woke_up = 0;
406 spin_unlock_irqrestore(&n_hdlc->tx_buf_list.spinlock, flags);
407
408 /* get current transmit buffer or get new transmit */
409 /* buffer from list of pending transmit buffers */
410
411 tbuf = n_hdlc->tbuf;
412 if (!tbuf)
413 tbuf = n_hdlc_buf_get(&n_hdlc->tx_buf_list);
414
415 while (tbuf) {
416 if (debuglevel >= DEBUG_LEVEL_INFO)
417 printk("%s(%d)sending frame %p, count=%d\n",
418 __FILE__,__LINE__,tbuf,tbuf->count);
419
420 /* Send the next block of data to device */
421 tty->flags |= (1 << TTY_DO_WRITE_WAKEUP);
422 actual = tty->ops->write(tty, tbuf->buf, tbuf->count);
423
424 /* rollback was possible and has been done */
425 if (actual == -ERESTARTSYS) {
426 n_hdlc->tbuf = tbuf;
427 break;
428 }
429 /* if transmit error, throw frame away by */
430 /* pretending it was accepted by driver */
431 if (actual < 0)
432 actual = tbuf->count;
433
434 if (actual == tbuf->count) {
435 if (debuglevel >= DEBUG_LEVEL_INFO)
436 printk("%s(%d)frame %p completed\n",
437 __FILE__,__LINE__,tbuf);
438
439 /* free current transmit buffer */
440 n_hdlc_buf_put(&n_hdlc->tx_free_buf_list, tbuf);
441
442 /* this tx buffer is done */
443 n_hdlc->tbuf = NULL;
444
445 /* wait up sleeping writers */
446 wake_up_interruptible(&tty->write_wait);
447
448 /* get next pending transmit buffer */
449 tbuf = n_hdlc_buf_get(&n_hdlc->tx_buf_list);
450 } else {
451 if (debuglevel >= DEBUG_LEVEL_INFO)
452 printk("%s(%d)frame %p pending\n",
453 __FILE__,__LINE__,tbuf);
454
455 /* buffer not accepted by driver */
456 /* set this buffer as pending buffer */
457 n_hdlc->tbuf = tbuf;
458 break;
459 }
460 }
461
462 if (!tbuf)
463 tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
464
465 /* Clear the re-entry flag */
466 spin_lock_irqsave(&n_hdlc->tx_buf_list.spinlock, flags);
467 n_hdlc->tbusy = 0;
468 spin_unlock_irqrestore(&n_hdlc->tx_buf_list.spinlock, flags);
469
470 if (n_hdlc->woke_up)
471 goto check_again;
472
473 if (debuglevel >= DEBUG_LEVEL_INFO)
474 printk("%s(%d)n_hdlc_send_frames() exit\n",__FILE__,__LINE__);
475
476} /* end of n_hdlc_send_frames() */
477
478/**
479 * n_hdlc_tty_wakeup - Callback for transmit wakeup
480 * @tty - pointer to associated tty instance data
481 *
482 * Called when low level device driver can accept more send data.
483 */
484static void n_hdlc_tty_wakeup(struct tty_struct *tty)
485{
486 struct n_hdlc *n_hdlc = tty2n_hdlc(tty);
487
488 if (debuglevel >= DEBUG_LEVEL_INFO)
489 printk("%s(%d)n_hdlc_tty_wakeup() called\n",__FILE__,__LINE__);
490
491 if (!n_hdlc)
492 return;
493
494 if (tty != n_hdlc->tty) {
495 tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
496 return;
497 }
498
499 n_hdlc_send_frames (n_hdlc, tty);
500
501} /* end of n_hdlc_tty_wakeup() */
502
503/**
504 * n_hdlc_tty_receive - Called by tty driver when receive data is available
505 * @tty - pointer to tty instance data
506 * @data - pointer to received data
507 * @flags - pointer to flags for data
508 * @count - count of received data in bytes
509 *
510 * Called by tty low level driver when receive data is available. Data is
511 * interpreted as one HDLC frame.
512 */
513static void n_hdlc_tty_receive(struct tty_struct *tty, const __u8 *data,
514 char *flags, int count)
515{
516 register struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
517 register struct n_hdlc_buf *buf;
518
519 if (debuglevel >= DEBUG_LEVEL_INFO)
520 printk("%s(%d)n_hdlc_tty_receive() called count=%d\n",
521 __FILE__,__LINE__, count);
522
523 /* This can happen if stuff comes in on the backup tty */
524 if (!n_hdlc || tty != n_hdlc->tty)
525 return;
526
527 /* verify line is using HDLC discipline */
528 if (n_hdlc->magic != HDLC_MAGIC) {
529 printk("%s(%d) line not using HDLC discipline\n",
530 __FILE__,__LINE__);
531 return;
532 }
533
534 if ( count>maxframe ) {
535 if (debuglevel >= DEBUG_LEVEL_INFO)
536 printk("%s(%d) rx count>maxframesize, data discarded\n",
537 __FILE__,__LINE__);
538 return;
539 }
540
541 /* get a free HDLC buffer */
542 buf = n_hdlc_buf_get(&n_hdlc->rx_free_buf_list);
543 if (!buf) {
544 /* no buffers in free list, attempt to allocate another rx buffer */
545 /* unless the maximum count has been reached */
546 if (n_hdlc->rx_buf_list.count < MAX_RX_BUF_COUNT)
547 buf = kmalloc(N_HDLC_BUF_SIZE, GFP_ATOMIC);
548 }
549
550 if (!buf) {
551 if (debuglevel >= DEBUG_LEVEL_INFO)
552 printk("%s(%d) no more rx buffers, data discarded\n",
553 __FILE__,__LINE__);
554 return;
555 }
556
557 /* copy received data to HDLC buffer */
558 memcpy(buf->buf,data,count);
559 buf->count=count;
560
561 /* add HDLC buffer to list of received frames */
562 n_hdlc_buf_put(&n_hdlc->rx_buf_list, buf);
563
564 /* wake up any blocked reads and perform async signalling */
565 wake_up_interruptible (&tty->read_wait);
566 if (n_hdlc->tty->fasync != NULL)
567 kill_fasync (&n_hdlc->tty->fasync, SIGIO, POLL_IN);
568
569} /* end of n_hdlc_tty_receive() */
570
571/**
572 * n_hdlc_tty_read - Called to retrieve one frame of data (if available)
573 * @tty - pointer to tty instance data
574 * @file - pointer to open file object
575 * @buf - pointer to returned data buffer
576 * @nr - size of returned data buffer
577 *
578 * Returns the number of bytes returned or error code.
579 */
580static ssize_t n_hdlc_tty_read(struct tty_struct *tty, struct file *file,
581 __u8 __user *buf, size_t nr)
582{
583 struct n_hdlc *n_hdlc = tty2n_hdlc(tty);
584 int ret;
585 struct n_hdlc_buf *rbuf;
586
587 if (debuglevel >= DEBUG_LEVEL_INFO)
588 printk("%s(%d)n_hdlc_tty_read() called\n",__FILE__,__LINE__);
589
590 /* Validate the pointers */
591 if (!n_hdlc)
592 return -EIO;
593
594 /* verify user access to buffer */
595 if (!access_ok(VERIFY_WRITE, buf, nr)) {
596 printk(KERN_WARNING "%s(%d) n_hdlc_tty_read() can't verify user "
597 "buffer\n", __FILE__, __LINE__);
598 return -EFAULT;
599 }
600
601 tty_lock();
602
603 for (;;) {
604 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) {
605 tty_unlock();
606 return -EIO;
607 }
608
609 n_hdlc = tty2n_hdlc (tty);
610 if (!n_hdlc || n_hdlc->magic != HDLC_MAGIC ||
611 tty != n_hdlc->tty) {
612 tty_unlock();
613 return 0;
614 }
615
616 rbuf = n_hdlc_buf_get(&n_hdlc->rx_buf_list);
617 if (rbuf)
618 break;
619
620 /* no data */
621 if (file->f_flags & O_NONBLOCK) {
622 tty_unlock();
623 return -EAGAIN;
624 }
625
626 interruptible_sleep_on (&tty->read_wait);
627 if (signal_pending(current)) {
628 tty_unlock();
629 return -EINTR;
630 }
631 }
632
633 if (rbuf->count > nr)
634 /* frame too large for caller's buffer (discard frame) */
635 ret = -EOVERFLOW;
636 else {
637 /* Copy the data to the caller's buffer */
638 if (copy_to_user(buf, rbuf->buf, rbuf->count))
639 ret = -EFAULT;
640 else
641 ret = rbuf->count;
642 }
643
644 /* return HDLC buffer to free list unless the free list */
645 /* count has exceeded the default value, in which case the */
646 /* buffer is freed back to the OS to conserve memory */
647 if (n_hdlc->rx_free_buf_list.count > DEFAULT_RX_BUF_COUNT)
648 kfree(rbuf);
649 else
650 n_hdlc_buf_put(&n_hdlc->rx_free_buf_list,rbuf);
651 tty_unlock();
652 return ret;
653
654} /* end of n_hdlc_tty_read() */
655
656/**
657 * n_hdlc_tty_write - write a single frame of data to device
658 * @tty - pointer to associated tty device instance data
659 * @file - pointer to file object data
660 * @data - pointer to transmit data (one frame)
661 * @count - size of transmit frame in bytes
662 *
663 * Returns the number of bytes written (or error code).
664 */
665static ssize_t n_hdlc_tty_write(struct tty_struct *tty, struct file *file,
666 const unsigned char *data, size_t count)
667{
668 struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
669 int error = 0;
670 DECLARE_WAITQUEUE(wait, current);
671 struct n_hdlc_buf *tbuf;
672
673 if (debuglevel >= DEBUG_LEVEL_INFO)
674 printk("%s(%d)n_hdlc_tty_write() called count=%Zd\n",
675 __FILE__,__LINE__,count);
676
677 /* Verify pointers */
678 if (!n_hdlc)
679 return -EIO;
680
681 if (n_hdlc->magic != HDLC_MAGIC)
682 return -EIO;
683
684 /* verify frame size */
685 if (count > maxframe ) {
686 if (debuglevel & DEBUG_LEVEL_INFO)
687 printk (KERN_WARNING
688 "n_hdlc_tty_write: truncating user packet "
689 "from %lu to %d\n", (unsigned long) count,
690 maxframe );
691 count = maxframe;
692 }
693
694 tty_lock();
695
696 add_wait_queue(&tty->write_wait, &wait);
697 set_current_state(TASK_INTERRUPTIBLE);
698
699 /* Allocate transmit buffer */
700 /* sleep until transmit buffer available */
701 while (!(tbuf = n_hdlc_buf_get(&n_hdlc->tx_free_buf_list))) {
702 if (file->f_flags & O_NONBLOCK) {
703 error = -EAGAIN;
704 break;
705 }
706 schedule();
707
708 n_hdlc = tty2n_hdlc (tty);
709 if (!n_hdlc || n_hdlc->magic != HDLC_MAGIC ||
710 tty != n_hdlc->tty) {
711 printk("n_hdlc_tty_write: %p invalid after wait!\n", n_hdlc);
712 error = -EIO;
713 break;
714 }
715
716 if (signal_pending(current)) {
717 error = -EINTR;
718 break;
719 }
720 }
721
722 set_current_state(TASK_RUNNING);
723 remove_wait_queue(&tty->write_wait, &wait);
724
725 if (!error) {
726 /* Retrieve the user's buffer */
727 memcpy(tbuf->buf, data, count);
728
729 /* Send the data */
730 tbuf->count = error = count;
731 n_hdlc_buf_put(&n_hdlc->tx_buf_list,tbuf);
732 n_hdlc_send_frames(n_hdlc,tty);
733 }
734 tty_unlock();
735 return error;
736
737} /* end of n_hdlc_tty_write() */
738
739/**
740 * n_hdlc_tty_ioctl - process IOCTL system call for the tty device.
741 * @tty - pointer to tty instance data
742 * @file - pointer to open file object for device
743 * @cmd - IOCTL command code
744 * @arg - argument for IOCTL call (cmd dependent)
745 *
746 * Returns command dependent result.
747 */
748static int n_hdlc_tty_ioctl(struct tty_struct *tty, struct file *file,
749 unsigned int cmd, unsigned long arg)
750{
751 struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
752 int error = 0;
753 int count;
754 unsigned long flags;
755
756 if (debuglevel >= DEBUG_LEVEL_INFO)
757 printk("%s(%d)n_hdlc_tty_ioctl() called %d\n",
758 __FILE__,__LINE__,cmd);
759
760 /* Verify the status of the device */
761 if (!n_hdlc || n_hdlc->magic != HDLC_MAGIC)
762 return -EBADF;
763
764 switch (cmd) {
765 case FIONREAD:
766 /* report count of read data available */
767 /* in next available frame (if any) */
768 spin_lock_irqsave(&n_hdlc->rx_buf_list.spinlock,flags);
769 if (n_hdlc->rx_buf_list.head)
770 count = n_hdlc->rx_buf_list.head->count;
771 else
772 count = 0;
773 spin_unlock_irqrestore(&n_hdlc->rx_buf_list.spinlock,flags);
774 error = put_user(count, (int __user *)arg);
775 break;
776
777 case TIOCOUTQ:
778 /* get the pending tx byte count in the driver */
779 count = tty_chars_in_buffer(tty);
780 /* add size of next output frame in queue */
781 spin_lock_irqsave(&n_hdlc->tx_buf_list.spinlock,flags);
782 if (n_hdlc->tx_buf_list.head)
783 count += n_hdlc->tx_buf_list.head->count;
784 spin_unlock_irqrestore(&n_hdlc->tx_buf_list.spinlock,flags);
785 error = put_user(count, (int __user *)arg);
786 break;
787
788 case TCFLSH:
789 switch (arg) {
790 case TCIOFLUSH:
791 case TCOFLUSH:
792 flush_tx_queue(tty);
793 }
794 /* fall through to default */
795
796 default:
797 error = n_tty_ioctl_helper(tty, file, cmd, arg);
798 break;
799 }
800 return error;
801
802} /* end of n_hdlc_tty_ioctl() */
803
804/**
805 * n_hdlc_tty_poll - TTY callback for poll system call
806 * @tty - pointer to tty instance data
807 * @filp - pointer to open file object for device
808 * @poll_table - wait queue for operations
809 *
810 * Determine which operations (read/write) will not block and return info
811 * to caller.
812 * Returns a bit mask containing info on which ops will not block.
813 */
814static unsigned int n_hdlc_tty_poll(struct tty_struct *tty, struct file *filp,
815 poll_table *wait)
816{
817 struct n_hdlc *n_hdlc = tty2n_hdlc (tty);
818 unsigned int mask = 0;
819
820 if (debuglevel >= DEBUG_LEVEL_INFO)
821 printk("%s(%d)n_hdlc_tty_poll() called\n",__FILE__,__LINE__);
822
823 if (n_hdlc && n_hdlc->magic == HDLC_MAGIC && tty == n_hdlc->tty) {
824 /* queue current process into any wait queue that */
825 /* may awaken in the future (read and write) */
826
827 poll_wait(filp, &tty->read_wait, wait);
828 poll_wait(filp, &tty->write_wait, wait);
829
830 /* set bits for operations that won't block */
831 if (n_hdlc->rx_buf_list.head)
832 mask |= POLLIN | POLLRDNORM; /* readable */
833 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
834 mask |= POLLHUP;
835 if (tty_hung_up_p(filp))
836 mask |= POLLHUP;
837 if (!tty_is_writelocked(tty) &&
838 n_hdlc->tx_free_buf_list.head)
839 mask |= POLLOUT | POLLWRNORM; /* writable */
840 }
841 return mask;
842} /* end of n_hdlc_tty_poll() */
843
844/**
845 * n_hdlc_alloc - allocate an n_hdlc instance data structure
846 *
847 * Returns a pointer to newly created structure if success, otherwise %NULL
848 */
849static struct n_hdlc *n_hdlc_alloc(void)
850{
851 struct n_hdlc_buf *buf;
852 int i;
853 struct n_hdlc *n_hdlc = kmalloc(sizeof(*n_hdlc), GFP_KERNEL);
854
855 if (!n_hdlc)
856 return NULL;
857
858 memset(n_hdlc, 0, sizeof(*n_hdlc));
859
860 n_hdlc_buf_list_init(&n_hdlc->rx_free_buf_list);
861 n_hdlc_buf_list_init(&n_hdlc->tx_free_buf_list);
862 n_hdlc_buf_list_init(&n_hdlc->rx_buf_list);
863 n_hdlc_buf_list_init(&n_hdlc->tx_buf_list);
864
865 /* allocate free rx buffer list */
866 for(i=0;i<DEFAULT_RX_BUF_COUNT;i++) {
867 buf = kmalloc(N_HDLC_BUF_SIZE, GFP_KERNEL);
868 if (buf)
869 n_hdlc_buf_put(&n_hdlc->rx_free_buf_list,buf);
870 else if (debuglevel >= DEBUG_LEVEL_INFO)
871 printk("%s(%d)n_hdlc_alloc(), kalloc() failed for rx buffer %d\n",__FILE__,__LINE__, i);
872 }
873
874 /* allocate free tx buffer list */
875 for(i=0;i<DEFAULT_TX_BUF_COUNT;i++) {
876 buf = kmalloc(N_HDLC_BUF_SIZE, GFP_KERNEL);
877 if (buf)
878 n_hdlc_buf_put(&n_hdlc->tx_free_buf_list,buf);
879 else if (debuglevel >= DEBUG_LEVEL_INFO)
880 printk("%s(%d)n_hdlc_alloc(), kalloc() failed for tx buffer %d\n",__FILE__,__LINE__, i);
881 }
882
883 /* Initialize the control block */
884 n_hdlc->magic = HDLC_MAGIC;
885 n_hdlc->flags = 0;
886
887 return n_hdlc;
888
889} /* end of n_hdlc_alloc() */
890
891/**
892 * n_hdlc_buf_list_init - initialize specified HDLC buffer list
893 * @list - pointer to buffer list
894 */
895static void n_hdlc_buf_list_init(struct n_hdlc_buf_list *list)
896{
897 memset(list, 0, sizeof(*list));
898 spin_lock_init(&list->spinlock);
899} /* end of n_hdlc_buf_list_init() */
900
901/**
902 * n_hdlc_buf_put - add specified HDLC buffer to tail of specified list
903 * @list - pointer to buffer list
904 * @buf - pointer to buffer
905 */
906static void n_hdlc_buf_put(struct n_hdlc_buf_list *list,
907 struct n_hdlc_buf *buf)
908{
909 unsigned long flags;
910 spin_lock_irqsave(&list->spinlock,flags);
911
912 buf->link=NULL;
913 if (list->tail)
914 list->tail->link = buf;
915 else
916 list->head = buf;
917 list->tail = buf;
918 (list->count)++;
919
920 spin_unlock_irqrestore(&list->spinlock,flags);
921
922} /* end of n_hdlc_buf_put() */
923
924/**
925 * n_hdlc_buf_get - remove and return an HDLC buffer from list
926 * @list - pointer to HDLC buffer list
927 *
928 * Remove and return an HDLC buffer from the head of the specified HDLC buffer
929 * list.
930 * Returns a pointer to HDLC buffer if available, otherwise %NULL.
931 */
932static struct n_hdlc_buf* n_hdlc_buf_get(struct n_hdlc_buf_list *list)
933{
934 unsigned long flags;
935 struct n_hdlc_buf *buf;
936 spin_lock_irqsave(&list->spinlock,flags);
937
938 buf = list->head;
939 if (buf) {
940 list->head = buf->link;
941 (list->count)--;
942 }
943 if (!list->head)
944 list->tail = NULL;
945
946 spin_unlock_irqrestore(&list->spinlock,flags);
947 return buf;
948
949} /* end of n_hdlc_buf_get() */
950
951static char hdlc_banner[] __initdata =
952 KERN_INFO "HDLC line discipline maxframe=%u\n";
953static char hdlc_register_ok[] __initdata =
954 KERN_INFO "N_HDLC line discipline registered.\n";
955static char hdlc_register_fail[] __initdata =
956 KERN_ERR "error registering line discipline: %d\n";
957static char hdlc_init_fail[] __initdata =
958 KERN_INFO "N_HDLC: init failure %d\n";
959
960static int __init n_hdlc_init(void)
961{
962 int status;
963
964 /* range check maxframe arg */
965 if (maxframe < 4096)
966 maxframe = 4096;
967 else if (maxframe > 65535)
968 maxframe = 65535;
969
970 printk(hdlc_banner, maxframe);
971
972 status = tty_register_ldisc(N_HDLC, &n_hdlc_ldisc);
973 if (!status)
974 printk(hdlc_register_ok);
975 else
976 printk(hdlc_register_fail, status);
977
978 if (status)
979 printk(hdlc_init_fail, status);
980 return status;
981
982} /* end of init_module() */
983
984static char hdlc_unregister_ok[] __exitdata =
985 KERN_INFO "N_HDLC: line discipline unregistered\n";
986static char hdlc_unregister_fail[] __exitdata =
987 KERN_ERR "N_HDLC: can't unregister line discipline (err = %d)\n";
988
989static void __exit n_hdlc_exit(void)
990{
991 /* Release tty registration of line discipline */
992 int status = tty_unregister_ldisc(N_HDLC);
993
994 if (status)
995 printk(hdlc_unregister_fail, status);
996 else
997 printk(hdlc_unregister_ok);
998}
999
1000module_init(n_hdlc_init);
1001module_exit(n_hdlc_exit);
1002
1003MODULE_LICENSE("GPL");
1004MODULE_AUTHOR("Paul Fulghum paulkf@microgate.com");
1005module_param(debuglevel, int, 0);
1006module_param(maxframe, int, 0);
1007MODULE_ALIAS_LDISC(N_HDLC);
diff --git a/drivers/char/n_r3964.c b/drivers/char/n_r3964.c
deleted file mode 100644
index 88dda0c45ee..00000000000
--- a/drivers/char/n_r3964.c
+++ /dev/null
@@ -1,1264 +0,0 @@
1/* r3964 linediscipline for linux
2 *
3 * -----------------------------------------------------------
4 * Copyright by
5 * Philips Automation Projects
6 * Kassel (Germany)
7 * -----------------------------------------------------------
8 * This software may be used and distributed according to the terms of
9 * the GNU General Public License, incorporated herein by reference.
10 *
11 * Author:
12 * L. Haag
13 *
14 * $Log: n_r3964.c,v $
15 * Revision 1.10 2001/03/18 13:02:24 dwmw2
16 * Fix timer usage, use spinlocks properly.
17 *
18 * Revision 1.9 2001/03/18 12:52:14 dwmw2
19 * Merge changes in 2.4.2
20 *
21 * Revision 1.8 2000/03/23 14:14:54 dwmw2
22 * Fix race in sleeping in r3964_read()
23 *
24 * Revision 1.7 1999/28/08 11:41:50 dwmw2
25 * Port to 2.3 kernel
26 *
27 * Revision 1.6 1998/09/30 00:40:40 dwmw2
28 * Fixed compilation on 2.0.x kernels
29 * Updated to newly registered tty-ldisc number 9
30 *
31 * Revision 1.5 1998/09/04 21:57:36 dwmw2
32 * Signal handling bug fixes, port to 2.1.x.
33 *
34 * Revision 1.4 1998/04/02 20:26:59 lhaag
35 * select, blocking, ...
36 *
37 * Revision 1.3 1998/02/12 18:58:43 root
38 * fixed some memory leaks
39 * calculation of checksum characters
40 *
41 * Revision 1.2 1998/02/07 13:03:34 root
42 * ioctl read_telegram
43 *
44 * Revision 1.1 1998/02/06 19:21:03 root
45 * Initial revision
46 *
47 *
48 */
49
50#include <linux/module.h>
51#include <linux/kernel.h>
52#include <linux/sched.h>
53#include <linux/types.h>
54#include <linux/fcntl.h>
55#include <linux/interrupt.h>
56#include <linux/ptrace.h>
57#include <linux/ioport.h>
58#include <linux/in.h>
59#include <linux/slab.h>
60#include <linux/smp_lock.h>
61#include <linux/tty.h>
62#include <linux/errno.h>
63#include <linux/string.h> /* used in new tty drivers */
64#include <linux/signal.h> /* used in new tty drivers */
65#include <linux/ioctl.h>
66#include <linux/n_r3964.h>
67#include <linux/poll.h>
68#include <linux/init.h>
69#include <asm/uaccess.h>
70
71/*#define DEBUG_QUEUE*/
72
73/* Log successful handshake and protocol operations */
74/*#define DEBUG_PROTO_S*/
75
76/* Log handshake and protocol errors: */
77/*#define DEBUG_PROTO_E*/
78
79/* Log Linediscipline operations (open, close, read, write...): */
80/*#define DEBUG_LDISC*/
81
82/* Log module and memory operations (init, cleanup; kmalloc, kfree): */
83/*#define DEBUG_MODUL*/
84
85/* Macro helpers for debug output: */
86#define TRACE(format, args...) printk("r3964: " format "\n" , ## args)
87
88#ifdef DEBUG_MODUL
89#define TRACE_M(format, args...) printk("r3964: " format "\n" , ## args)
90#else
91#define TRACE_M(fmt, arg...) do {} while (0)
92#endif
93#ifdef DEBUG_PROTO_S
94#define TRACE_PS(format, args...) printk("r3964: " format "\n" , ## args)
95#else
96#define TRACE_PS(fmt, arg...) do {} while (0)
97#endif
98#ifdef DEBUG_PROTO_E
99#define TRACE_PE(format, args...) printk("r3964: " format "\n" , ## args)
100#else
101#define TRACE_PE(fmt, arg...) do {} while (0)
102#endif
103#ifdef DEBUG_LDISC
104#define TRACE_L(format, args...) printk("r3964: " format "\n" , ## args)
105#else
106#define TRACE_L(fmt, arg...) do {} while (0)
107#endif
108#ifdef DEBUG_QUEUE
109#define TRACE_Q(format, args...) printk("r3964: " format "\n" , ## args)
110#else
111#define TRACE_Q(fmt, arg...) do {} while (0)
112#endif
113static void add_tx_queue(struct r3964_info *, struct r3964_block_header *);
114static void remove_from_tx_queue(struct r3964_info *pInfo, int error_code);
115static void put_char(struct r3964_info *pInfo, unsigned char ch);
116static void trigger_transmit(struct r3964_info *pInfo);
117static void retry_transmit(struct r3964_info *pInfo);
118static void transmit_block(struct r3964_info *pInfo);
119static void receive_char(struct r3964_info *pInfo, const unsigned char c);
120static void receive_error(struct r3964_info *pInfo, const char flag);
121static void on_timeout(unsigned long priv);
122static int enable_signals(struct r3964_info *pInfo, struct pid *pid, int arg);
123static int read_telegram(struct r3964_info *pInfo, struct pid *pid,
124 unsigned char __user * buf);
125static void add_msg(struct r3964_client_info *pClient, int msg_id, int arg,
126 int error_code, struct r3964_block_header *pBlock);
127static struct r3964_message *remove_msg(struct r3964_info *pInfo,
128 struct r3964_client_info *pClient);
129static void remove_client_block(struct r3964_info *pInfo,
130 struct r3964_client_info *pClient);
131
132static int r3964_open(struct tty_struct *tty);
133static void r3964_close(struct tty_struct *tty);
134static ssize_t r3964_read(struct tty_struct *tty, struct file *file,
135 unsigned char __user * buf, size_t nr);
136static ssize_t r3964_write(struct tty_struct *tty, struct file *file,
137 const unsigned char *buf, size_t nr);
138static int r3964_ioctl(struct tty_struct *tty, struct file *file,
139 unsigned int cmd, unsigned long arg);
140static void r3964_set_termios(struct tty_struct *tty, struct ktermios *old);
141static unsigned int r3964_poll(struct tty_struct *tty, struct file *file,
142 struct poll_table_struct *wait);
143static void r3964_receive_buf(struct tty_struct *tty, const unsigned char *cp,
144 char *fp, int count);
145
146static struct tty_ldisc_ops tty_ldisc_N_R3964 = {
147 .owner = THIS_MODULE,
148 .magic = TTY_LDISC_MAGIC,
149 .name = "R3964",
150 .open = r3964_open,
151 .close = r3964_close,
152 .read = r3964_read,
153 .write = r3964_write,
154 .ioctl = r3964_ioctl,
155 .set_termios = r3964_set_termios,
156 .poll = r3964_poll,
157 .receive_buf = r3964_receive_buf,
158};
159
160static void dump_block(const unsigned char *block, unsigned int length)
161{
162 unsigned int i, j;
163 char linebuf[16 * 3 + 1];
164
165 for (i = 0; i < length; i += 16) {
166 for (j = 0; (j < 16) && (j + i < length); j++) {
167 sprintf(linebuf + 3 * j, "%02x ", block[i + j]);
168 }
169 linebuf[3 * j] = '\0';
170 TRACE_PS("%s", linebuf);
171 }
172}
173
174/*************************************************************
175 * Driver initialisation
176 *************************************************************/
177
178/*************************************************************
179 * Module support routines
180 *************************************************************/
181
182static void __exit r3964_exit(void)
183{
184 int status;
185
186 TRACE_M("cleanup_module()");
187
188 status = tty_unregister_ldisc(N_R3964);
189
190 if (status != 0) {
191 printk(KERN_ERR "r3964: error unregistering linediscipline: "
192 "%d\n", status);
193 } else {
194 TRACE_L("linediscipline successfully unregistered");
195 }
196}
197
198static int __init r3964_init(void)
199{
200 int status;
201
202 printk("r3964: Philips r3964 Driver $Revision: 1.10 $\n");
203
204 /*
205 * Register the tty line discipline
206 */
207
208 status = tty_register_ldisc(N_R3964, &tty_ldisc_N_R3964);
209 if (status == 0) {
210 TRACE_L("line discipline %d registered", N_R3964);
211 TRACE_L("flags=%x num=%x", tty_ldisc_N_R3964.flags,
212 tty_ldisc_N_R3964.num);
213 TRACE_L("open=%p", tty_ldisc_N_R3964.open);
214 TRACE_L("tty_ldisc_N_R3964 = %p", &tty_ldisc_N_R3964);
215 } else {
216 printk(KERN_ERR "r3964: error registering line discipline: "
217 "%d\n", status);
218 }
219 return status;
220}
221
222module_init(r3964_init);
223module_exit(r3964_exit);
224
225/*************************************************************
226 * Protocol implementation routines
227 *************************************************************/
228
229static void add_tx_queue(struct r3964_info *pInfo,
230 struct r3964_block_header *pHeader)
231{
232 unsigned long flags;
233
234 spin_lock_irqsave(&pInfo->lock, flags);
235
236 pHeader->next = NULL;
237
238 if (pInfo->tx_last == NULL) {
239 pInfo->tx_first = pInfo->tx_last = pHeader;
240 } else {
241 pInfo->tx_last->next = pHeader;
242 pInfo->tx_last = pHeader;
243 }
244
245 spin_unlock_irqrestore(&pInfo->lock, flags);
246
247 TRACE_Q("add_tx_queue %p, length %d, tx_first = %p",
248 pHeader, pHeader->length, pInfo->tx_first);
249}
250
251static void remove_from_tx_queue(struct r3964_info *pInfo, int error_code)
252{
253 struct r3964_block_header *pHeader;
254 unsigned long flags;
255#ifdef DEBUG_QUEUE
256 struct r3964_block_header *pDump;
257#endif
258
259 pHeader = pInfo->tx_first;
260
261 if (pHeader == NULL)
262 return;
263
264#ifdef DEBUG_QUEUE
265 printk("r3964: remove_from_tx_queue: %p, length %u - ",
266 pHeader, pHeader->length);
267 for (pDump = pHeader; pDump; pDump = pDump->next)
268 printk("%p ", pDump);
269 printk("\n");
270#endif
271
272 if (pHeader->owner) {
273 if (error_code) {
274 add_msg(pHeader->owner, R3964_MSG_ACK, 0,
275 error_code, NULL);
276 } else {
277 add_msg(pHeader->owner, R3964_MSG_ACK, pHeader->length,
278 error_code, NULL);
279 }
280 wake_up_interruptible(&pInfo->read_wait);
281 }
282
283 spin_lock_irqsave(&pInfo->lock, flags);
284
285 pInfo->tx_first = pHeader->next;
286 if (pInfo->tx_first == NULL) {
287 pInfo->tx_last = NULL;
288 }
289
290 spin_unlock_irqrestore(&pInfo->lock, flags);
291
292 kfree(pHeader);
293 TRACE_M("remove_from_tx_queue - kfree %p", pHeader);
294
295 TRACE_Q("remove_from_tx_queue: tx_first = %p, tx_last = %p",
296 pInfo->tx_first, pInfo->tx_last);
297}
298
299static void add_rx_queue(struct r3964_info *pInfo,
300 struct r3964_block_header *pHeader)
301{
302 unsigned long flags;
303
304 spin_lock_irqsave(&pInfo->lock, flags);
305
306 pHeader->next = NULL;
307
308 if (pInfo->rx_last == NULL) {
309 pInfo->rx_first = pInfo->rx_last = pHeader;
310 } else {
311 pInfo->rx_last->next = pHeader;
312 pInfo->rx_last = pHeader;
313 }
314 pInfo->blocks_in_rx_queue++;
315
316 spin_unlock_irqrestore(&pInfo->lock, flags);
317
318 TRACE_Q("add_rx_queue: %p, length = %d, rx_first = %p, count = %d",
319 pHeader, pHeader->length,
320 pInfo->rx_first, pInfo->blocks_in_rx_queue);
321}
322
323static void remove_from_rx_queue(struct r3964_info *pInfo,
324 struct r3964_block_header *pHeader)
325{
326 unsigned long flags;
327 struct r3964_block_header *pFind;
328
329 if (pHeader == NULL)
330 return;
331
332 TRACE_Q("remove_from_rx_queue: rx_first = %p, rx_last = %p, count = %d",
333 pInfo->rx_first, pInfo->rx_last, pInfo->blocks_in_rx_queue);
334 TRACE_Q("remove_from_rx_queue: %p, length %u",
335 pHeader, pHeader->length);
336
337 spin_lock_irqsave(&pInfo->lock, flags);
338
339 if (pInfo->rx_first == pHeader) {
340 /* Remove the first block in the linked list: */
341 pInfo->rx_first = pHeader->next;
342
343 if (pInfo->rx_first == NULL) {
344 pInfo->rx_last = NULL;
345 }
346 pInfo->blocks_in_rx_queue--;
347 } else {
348 /* Find block to remove: */
349 for (pFind = pInfo->rx_first; pFind; pFind = pFind->next) {
350 if (pFind->next == pHeader) {
351 /* Got it. */
352 pFind->next = pHeader->next;
353 pInfo->blocks_in_rx_queue--;
354 if (pFind->next == NULL) {
355 /* Oh, removed the last one! */
356 pInfo->rx_last = pFind;
357 }
358 break;
359 }
360 }
361 }
362
363 spin_unlock_irqrestore(&pInfo->lock, flags);
364
365 kfree(pHeader);
366 TRACE_M("remove_from_rx_queue - kfree %p", pHeader);
367
368 TRACE_Q("remove_from_rx_queue: rx_first = %p, rx_last = %p, count = %d",
369 pInfo->rx_first, pInfo->rx_last, pInfo->blocks_in_rx_queue);
370}
371
372static void put_char(struct r3964_info *pInfo, unsigned char ch)
373{
374 struct tty_struct *tty = pInfo->tty;
375 /* FIXME: put_char should not be called from an IRQ */
376 tty_put_char(tty, ch);
377 pInfo->bcc ^= ch;
378}
379
380static void flush(struct r3964_info *pInfo)
381{
382 struct tty_struct *tty = pInfo->tty;
383
384 if (tty == NULL || tty->ops->flush_chars == NULL)
385 return;
386 tty->ops->flush_chars(tty);
387}
388
389static void trigger_transmit(struct r3964_info *pInfo)
390{
391 unsigned long flags;
392
393 spin_lock_irqsave(&pInfo->lock, flags);
394
395 if ((pInfo->state == R3964_IDLE) && (pInfo->tx_first != NULL)) {
396 pInfo->state = R3964_TX_REQUEST;
397 pInfo->nRetry = 0;
398 pInfo->flags &= ~R3964_ERROR;
399 mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
400
401 spin_unlock_irqrestore(&pInfo->lock, flags);
402
403 TRACE_PS("trigger_transmit - sent STX");
404
405 put_char(pInfo, STX);
406 flush(pInfo);
407
408 pInfo->bcc = 0;
409 } else {
410 spin_unlock_irqrestore(&pInfo->lock, flags);
411 }
412}
413
414static void retry_transmit(struct r3964_info *pInfo)
415{
416 if (pInfo->nRetry < R3964_MAX_RETRIES) {
417 TRACE_PE("transmission failed. Retry #%d", pInfo->nRetry);
418 pInfo->bcc = 0;
419 put_char(pInfo, STX);
420 flush(pInfo);
421 pInfo->state = R3964_TX_REQUEST;
422 pInfo->nRetry++;
423 mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
424 } else {
425 TRACE_PE("transmission failed after %d retries",
426 R3964_MAX_RETRIES);
427
428 remove_from_tx_queue(pInfo, R3964_TX_FAIL);
429
430 put_char(pInfo, NAK);
431 flush(pInfo);
432 pInfo->state = R3964_IDLE;
433
434 trigger_transmit(pInfo);
435 }
436}
437
438static void transmit_block(struct r3964_info *pInfo)
439{
440 struct tty_struct *tty = pInfo->tty;
441 struct r3964_block_header *pBlock = pInfo->tx_first;
442 int room = 0;
443
444 if (tty == NULL || pBlock == NULL) {
445 return;
446 }
447
448 room = tty_write_room(tty);
449
450 TRACE_PS("transmit_block %p, room %d, length %d",
451 pBlock, room, pBlock->length);
452
453 while (pInfo->tx_position < pBlock->length) {
454 if (room < 2)
455 break;
456
457 if (pBlock->data[pInfo->tx_position] == DLE) {
458 /* send additional DLE char: */
459 put_char(pInfo, DLE);
460 }
461 put_char(pInfo, pBlock->data[pInfo->tx_position++]);
462
463 room--;
464 }
465
466 if ((pInfo->tx_position == pBlock->length) && (room >= 3)) {
467 put_char(pInfo, DLE);
468 put_char(pInfo, ETX);
469 if (pInfo->flags & R3964_BCC) {
470 put_char(pInfo, pInfo->bcc);
471 }
472 pInfo->state = R3964_WAIT_FOR_TX_ACK;
473 mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
474 }
475 flush(pInfo);
476}
477
478static void on_receive_block(struct r3964_info *pInfo)
479{
480 unsigned int length;
481 struct r3964_client_info *pClient;
482 struct r3964_block_header *pBlock;
483
484 length = pInfo->rx_position;
485
486 /* compare byte checksum characters: */
487 if (pInfo->flags & R3964_BCC) {
488 if (pInfo->bcc != pInfo->last_rx) {
489 TRACE_PE("checksum error - got %x but expected %x",
490 pInfo->last_rx, pInfo->bcc);
491 pInfo->flags |= R3964_CHECKSUM;
492 }
493 }
494
495 /* check for errors (parity, overrun,...): */
496 if (pInfo->flags & R3964_ERROR) {
497 TRACE_PE("on_receive_block - transmission failed error %x",
498 pInfo->flags & R3964_ERROR);
499
500 put_char(pInfo, NAK);
501 flush(pInfo);
502 if (pInfo->nRetry < R3964_MAX_RETRIES) {
503 pInfo->state = R3964_WAIT_FOR_RX_REPEAT;
504 pInfo->nRetry++;
505 mod_timer(&pInfo->tmr, jiffies + R3964_TO_RX_PANIC);
506 } else {
507 TRACE_PE("on_receive_block - failed after max retries");
508 pInfo->state = R3964_IDLE;
509 }
510 return;
511 }
512
513 /* received block; submit DLE: */
514 put_char(pInfo, DLE);
515 flush(pInfo);
516 del_timer_sync(&pInfo->tmr);
517 TRACE_PS(" rx success: got %d chars", length);
518
519 /* prepare struct r3964_block_header: */
520 pBlock = kmalloc(length + sizeof(struct r3964_block_header),
521 GFP_KERNEL);
522 TRACE_M("on_receive_block - kmalloc %p", pBlock);
523
524 if (pBlock == NULL)
525 return;
526
527 pBlock->length = length;
528 pBlock->data = ((unsigned char *)pBlock) +
529 sizeof(struct r3964_block_header);
530 pBlock->locks = 0;
531 pBlock->next = NULL;
532 pBlock->owner = NULL;
533
534 memcpy(pBlock->data, pInfo->rx_buf, length);
535
536 /* queue block into rx_queue: */
537 add_rx_queue(pInfo, pBlock);
538
539 /* notify attached client processes: */
540 for (pClient = pInfo->firstClient; pClient; pClient = pClient->next) {
541 if (pClient->sig_flags & R3964_SIG_DATA) {
542 add_msg(pClient, R3964_MSG_DATA, length, R3964_OK,
543 pBlock);
544 }
545 }
546 wake_up_interruptible(&pInfo->read_wait);
547
548 pInfo->state = R3964_IDLE;
549
550 trigger_transmit(pInfo);
551}
552
553static void receive_char(struct r3964_info *pInfo, const unsigned char c)
554{
555 switch (pInfo->state) {
556 case R3964_TX_REQUEST:
557 if (c == DLE) {
558 TRACE_PS("TX_REQUEST - got DLE");
559
560 pInfo->state = R3964_TRANSMITTING;
561 pInfo->tx_position = 0;
562
563 transmit_block(pInfo);
564 } else if (c == STX) {
565 if (pInfo->nRetry == 0) {
566 TRACE_PE("TX_REQUEST - init conflict");
567 if (pInfo->priority == R3964_SLAVE) {
568 goto start_receiving;
569 }
570 } else {
571 TRACE_PE("TX_REQUEST - secondary init "
572 "conflict!? Switching to SLAVE mode "
573 "for next rx.");
574 goto start_receiving;
575 }
576 } else {
577 TRACE_PE("TX_REQUEST - char != DLE: %x", c);
578 retry_transmit(pInfo);
579 }
580 break;
581 case R3964_TRANSMITTING:
582 if (c == NAK) {
583 TRACE_PE("TRANSMITTING - got NAK");
584 retry_transmit(pInfo);
585 } else {
586 TRACE_PE("TRANSMITTING - got invalid char");
587
588 pInfo->state = R3964_WAIT_ZVZ_BEFORE_TX_RETRY;
589 mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
590 }
591 break;
592 case R3964_WAIT_FOR_TX_ACK:
593 if (c == DLE) {
594 TRACE_PS("WAIT_FOR_TX_ACK - got DLE");
595 remove_from_tx_queue(pInfo, R3964_OK);
596
597 pInfo->state = R3964_IDLE;
598 trigger_transmit(pInfo);
599 } else {
600 retry_transmit(pInfo);
601 }
602 break;
603 case R3964_WAIT_FOR_RX_REPEAT:
604 /* FALLTHROUGH */
605 case R3964_IDLE:
606 if (c == STX) {
607 /* Prevent rx_queue from overflow: */
608 if (pInfo->blocks_in_rx_queue >=
609 R3964_MAX_BLOCKS_IN_RX_QUEUE) {
610 TRACE_PE("IDLE - got STX but no space in "
611 "rx_queue!");
612 pInfo->state = R3964_WAIT_FOR_RX_BUF;
613 mod_timer(&pInfo->tmr,
614 jiffies + R3964_TO_NO_BUF);
615 break;
616 }
617start_receiving:
618 /* Ok, start receiving: */
619 TRACE_PS("IDLE - got STX");
620 pInfo->rx_position = 0;
621 pInfo->last_rx = 0;
622 pInfo->flags &= ~R3964_ERROR;
623 pInfo->state = R3964_RECEIVING;
624 mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
625 pInfo->nRetry = 0;
626 put_char(pInfo, DLE);
627 flush(pInfo);
628 pInfo->bcc = 0;
629 }
630 break;
631 case R3964_RECEIVING:
632 if (pInfo->rx_position < RX_BUF_SIZE) {
633 pInfo->bcc ^= c;
634
635 if (c == DLE) {
636 if (pInfo->last_rx == DLE) {
637 pInfo->last_rx = 0;
638 goto char_to_buf;
639 }
640 pInfo->last_rx = DLE;
641 break;
642 } else if ((c == ETX) && (pInfo->last_rx == DLE)) {
643 if (pInfo->flags & R3964_BCC) {
644 pInfo->state = R3964_WAIT_FOR_BCC;
645 mod_timer(&pInfo->tmr,
646 jiffies + R3964_TO_ZVZ);
647 } else {
648 on_receive_block(pInfo);
649 }
650 } else {
651 pInfo->last_rx = c;
652char_to_buf:
653 pInfo->rx_buf[pInfo->rx_position++] = c;
654 mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
655 }
656 }
657 /* else: overflow-msg? BUF_SIZE>MTU; should not happen? */
658 break;
659 case R3964_WAIT_FOR_BCC:
660 pInfo->last_rx = c;
661 on_receive_block(pInfo);
662 break;
663 }
664}
665
666static void receive_error(struct r3964_info *pInfo, const char flag)
667{
668 switch (flag) {
669 case TTY_NORMAL:
670 break;
671 case TTY_BREAK:
672 TRACE_PE("received break");
673 pInfo->flags |= R3964_BREAK;
674 break;
675 case TTY_PARITY:
676 TRACE_PE("parity error");
677 pInfo->flags |= R3964_PARITY;
678 break;
679 case TTY_FRAME:
680 TRACE_PE("frame error");
681 pInfo->flags |= R3964_FRAME;
682 break;
683 case TTY_OVERRUN:
684 TRACE_PE("frame overrun");
685 pInfo->flags |= R3964_OVERRUN;
686 break;
687 default:
688 TRACE_PE("receive_error - unknown flag %d", flag);
689 pInfo->flags |= R3964_UNKNOWN;
690 break;
691 }
692}
693
694static void on_timeout(unsigned long priv)
695{
696 struct r3964_info *pInfo = (void *)priv;
697
698 switch (pInfo->state) {
699 case R3964_TX_REQUEST:
700 TRACE_PE("TX_REQUEST - timeout");
701 retry_transmit(pInfo);
702 break;
703 case R3964_WAIT_ZVZ_BEFORE_TX_RETRY:
704 put_char(pInfo, NAK);
705 flush(pInfo);
706 retry_transmit(pInfo);
707 break;
708 case R3964_WAIT_FOR_TX_ACK:
709 TRACE_PE("WAIT_FOR_TX_ACK - timeout");
710 retry_transmit(pInfo);
711 break;
712 case R3964_WAIT_FOR_RX_BUF:
713 TRACE_PE("WAIT_FOR_RX_BUF - timeout");
714 put_char(pInfo, NAK);
715 flush(pInfo);
716 pInfo->state = R3964_IDLE;
717 break;
718 case R3964_RECEIVING:
719 TRACE_PE("RECEIVING - timeout after %d chars",
720 pInfo->rx_position);
721 put_char(pInfo, NAK);
722 flush(pInfo);
723 pInfo->state = R3964_IDLE;
724 break;
725 case R3964_WAIT_FOR_RX_REPEAT:
726 TRACE_PE("WAIT_FOR_RX_REPEAT - timeout");
727 pInfo->state = R3964_IDLE;
728 break;
729 case R3964_WAIT_FOR_BCC:
730 TRACE_PE("WAIT_FOR_BCC - timeout");
731 put_char(pInfo, NAK);
732 flush(pInfo);
733 pInfo->state = R3964_IDLE;
734 break;
735 }
736}
737
738static struct r3964_client_info *findClient(struct r3964_info *pInfo,
739 struct pid *pid)
740{
741 struct r3964_client_info *pClient;
742
743 for (pClient = pInfo->firstClient; pClient; pClient = pClient->next) {
744 if (pClient->pid == pid) {
745 return pClient;
746 }
747 }
748 return NULL;
749}
750
751static int enable_signals(struct r3964_info *pInfo, struct pid *pid, int arg)
752{
753 struct r3964_client_info *pClient;
754 struct r3964_client_info **ppClient;
755 struct r3964_message *pMsg;
756
757 if ((arg & R3964_SIG_ALL) == 0) {
758 /* Remove client from client list */
759 for (ppClient = &pInfo->firstClient; *ppClient;
760 ppClient = &(*ppClient)->next) {
761 pClient = *ppClient;
762
763 if (pClient->pid == pid) {
764 TRACE_PS("removing client %d from client list",
765 pid_nr(pid));
766 *ppClient = pClient->next;
767 while (pClient->msg_count) {
768 pMsg = remove_msg(pInfo, pClient);
769 if (pMsg) {
770 kfree(pMsg);
771 TRACE_M("enable_signals - msg "
772 "kfree %p", pMsg);
773 }
774 }
775 put_pid(pClient->pid);
776 kfree(pClient);
777 TRACE_M("enable_signals - kfree %p", pClient);
778 return 0;
779 }
780 }
781 return -EINVAL;
782 } else {
783 pClient = findClient(pInfo, pid);
784 if (pClient) {
785 /* update signal options */
786 pClient->sig_flags = arg;
787 } else {
788 /* add client to client list */
789 pClient = kmalloc(sizeof(struct r3964_client_info),
790 GFP_KERNEL);
791 TRACE_M("enable_signals - kmalloc %p", pClient);
792 if (pClient == NULL)
793 return -ENOMEM;
794
795 TRACE_PS("add client %d to client list", pid_nr(pid));
796 spin_lock_init(&pClient->lock);
797 pClient->sig_flags = arg;
798 pClient->pid = get_pid(pid);
799 pClient->next = pInfo->firstClient;
800 pClient->first_msg = NULL;
801 pClient->last_msg = NULL;
802 pClient->next_block_to_read = NULL;
803 pClient->msg_count = 0;
804 pInfo->firstClient = pClient;
805 }
806 }
807
808 return 0;
809}
810
811static int read_telegram(struct r3964_info *pInfo, struct pid *pid,
812 unsigned char __user * buf)
813{
814 struct r3964_client_info *pClient;
815 struct r3964_block_header *block;
816
817 if (!buf) {
818 return -EINVAL;
819 }
820
821 pClient = findClient(pInfo, pid);
822 if (pClient == NULL) {
823 return -EINVAL;
824 }
825
826 block = pClient->next_block_to_read;
827 if (!block) {
828 return 0;
829 } else {
830 if (copy_to_user(buf, block->data, block->length))
831 return -EFAULT;
832
833 remove_client_block(pInfo, pClient);
834 return block->length;
835 }
836
837 return -EINVAL;
838}
839
840static void add_msg(struct r3964_client_info *pClient, int msg_id, int arg,
841 int error_code, struct r3964_block_header *pBlock)
842{
843 struct r3964_message *pMsg;
844 unsigned long flags;
845
846 if (pClient->msg_count < R3964_MAX_MSG_COUNT - 1) {
847queue_the_message:
848
849 pMsg = kmalloc(sizeof(struct r3964_message),
850 error_code ? GFP_ATOMIC : GFP_KERNEL);
851 TRACE_M("add_msg - kmalloc %p", pMsg);
852 if (pMsg == NULL) {
853 return;
854 }
855
856 spin_lock_irqsave(&pClient->lock, flags);
857
858 pMsg->msg_id = msg_id;
859 pMsg->arg = arg;
860 pMsg->error_code = error_code;
861 pMsg->block = pBlock;
862 pMsg->next = NULL;
863
864 if (pClient->last_msg == NULL) {
865 pClient->first_msg = pClient->last_msg = pMsg;
866 } else {
867 pClient->last_msg->next = pMsg;
868 pClient->last_msg = pMsg;
869 }
870
871 pClient->msg_count++;
872
873 if (pBlock != NULL) {
874 pBlock->locks++;
875 }
876 spin_unlock_irqrestore(&pClient->lock, flags);
877 } else {
878 if ((pClient->last_msg->msg_id == R3964_MSG_ACK)
879 && (pClient->last_msg->error_code == R3964_OVERFLOW)) {
880 pClient->last_msg->arg++;
881 TRACE_PE("add_msg - inc prev OVERFLOW-msg");
882 } else {
883 msg_id = R3964_MSG_ACK;
884 arg = 0;
885 error_code = R3964_OVERFLOW;
886 pBlock = NULL;
887 TRACE_PE("add_msg - queue OVERFLOW-msg");
888 goto queue_the_message;
889 }
890 }
891 /* Send SIGIO signal to client process: */
892 if (pClient->sig_flags & R3964_USE_SIGIO) {
893 kill_pid(pClient->pid, SIGIO, 1);
894 }
895}
896
897static struct r3964_message *remove_msg(struct r3964_info *pInfo,
898 struct r3964_client_info *pClient)
899{
900 struct r3964_message *pMsg = NULL;
901 unsigned long flags;
902
903 if (pClient->first_msg) {
904 spin_lock_irqsave(&pClient->lock, flags);
905
906 pMsg = pClient->first_msg;
907 pClient->first_msg = pMsg->next;
908 if (pClient->first_msg == NULL) {
909 pClient->last_msg = NULL;
910 }
911
912 pClient->msg_count--;
913 if (pMsg->block) {
914 remove_client_block(pInfo, pClient);
915 pClient->next_block_to_read = pMsg->block;
916 }
917 spin_unlock_irqrestore(&pClient->lock, flags);
918 }
919 return pMsg;
920}
921
922static void remove_client_block(struct r3964_info *pInfo,
923 struct r3964_client_info *pClient)
924{
925 struct r3964_block_header *block;
926
927 TRACE_PS("remove_client_block PID %d", pid_nr(pClient->pid));
928
929 block = pClient->next_block_to_read;
930 if (block) {
931 block->locks--;
932 if (block->locks == 0) {
933 remove_from_rx_queue(pInfo, block);
934 }
935 }
936 pClient->next_block_to_read = NULL;
937}
938
939/*************************************************************
940 * Line discipline routines
941 *************************************************************/
942
943static int r3964_open(struct tty_struct *tty)
944{
945 struct r3964_info *pInfo;
946
947 TRACE_L("open");
948 TRACE_L("tty=%p, PID=%d, disc_data=%p",
949 tty, current->pid, tty->disc_data);
950
951 pInfo = kmalloc(sizeof(struct r3964_info), GFP_KERNEL);
952 TRACE_M("r3964_open - info kmalloc %p", pInfo);
953
954 if (!pInfo) {
955 printk(KERN_ERR "r3964: failed to alloc info structure\n");
956 return -ENOMEM;
957 }
958
959 pInfo->rx_buf = kmalloc(RX_BUF_SIZE, GFP_KERNEL);
960 TRACE_M("r3964_open - rx_buf kmalloc %p", pInfo->rx_buf);
961
962 if (!pInfo->rx_buf) {
963 printk(KERN_ERR "r3964: failed to alloc receive buffer\n");
964 kfree(pInfo);
965 TRACE_M("r3964_open - info kfree %p", pInfo);
966 return -ENOMEM;
967 }
968
969 pInfo->tx_buf = kmalloc(TX_BUF_SIZE, GFP_KERNEL);
970 TRACE_M("r3964_open - tx_buf kmalloc %p", pInfo->tx_buf);
971
972 if (!pInfo->tx_buf) {
973 printk(KERN_ERR "r3964: failed to alloc transmit buffer\n");
974 kfree(pInfo->rx_buf);
975 TRACE_M("r3964_open - rx_buf kfree %p", pInfo->rx_buf);
976 kfree(pInfo);
977 TRACE_M("r3964_open - info kfree %p", pInfo);
978 return -ENOMEM;
979 }
980
981 spin_lock_init(&pInfo->lock);
982 pInfo->tty = tty;
983 init_waitqueue_head(&pInfo->read_wait);
984 pInfo->priority = R3964_MASTER;
985 pInfo->rx_first = pInfo->rx_last = NULL;
986 pInfo->tx_first = pInfo->tx_last = NULL;
987 pInfo->rx_position = 0;
988 pInfo->tx_position = 0;
989 pInfo->last_rx = 0;
990 pInfo->blocks_in_rx_queue = 0;
991 pInfo->firstClient = NULL;
992 pInfo->state = R3964_IDLE;
993 pInfo->flags = R3964_DEBUG;
994 pInfo->nRetry = 0;
995
996 tty->disc_data = pInfo;
997 tty->receive_room = 65536;
998
999 setup_timer(&pInfo->tmr, on_timeout, (unsigned long)pInfo);
1000
1001 return 0;
1002}
1003
1004static void r3964_close(struct tty_struct *tty)
1005{
1006 struct r3964_info *pInfo = tty->disc_data;
1007 struct r3964_client_info *pClient, *pNext;
1008 struct r3964_message *pMsg;
1009 struct r3964_block_header *pHeader, *pNextHeader;
1010 unsigned long flags;
1011
1012 TRACE_L("close");
1013
1014 /*
1015 * Make sure that our task queue isn't activated. If it
1016 * is, take it out of the linked list.
1017 */
1018 del_timer_sync(&pInfo->tmr);
1019
1020 /* Remove client-structs and message queues: */
1021 pClient = pInfo->firstClient;
1022 while (pClient) {
1023 pNext = pClient->next;
1024 while (pClient->msg_count) {
1025 pMsg = remove_msg(pInfo, pClient);
1026 if (pMsg) {
1027 kfree(pMsg);
1028 TRACE_M("r3964_close - msg kfree %p", pMsg);
1029 }
1030 }
1031 put_pid(pClient->pid);
1032 kfree(pClient);
1033 TRACE_M("r3964_close - client kfree %p", pClient);
1034 pClient = pNext;
1035 }
1036 /* Remove jobs from tx_queue: */
1037 spin_lock_irqsave(&pInfo->lock, flags);
1038 pHeader = pInfo->tx_first;
1039 pInfo->tx_first = pInfo->tx_last = NULL;
1040 spin_unlock_irqrestore(&pInfo->lock, flags);
1041
1042 while (pHeader) {
1043 pNextHeader = pHeader->next;
1044 kfree(pHeader);
1045 pHeader = pNextHeader;
1046 }
1047
1048 /* Free buffers: */
1049 wake_up_interruptible(&pInfo->read_wait);
1050 kfree(pInfo->rx_buf);
1051 TRACE_M("r3964_close - rx_buf kfree %p", pInfo->rx_buf);
1052 kfree(pInfo->tx_buf);
1053 TRACE_M("r3964_close - tx_buf kfree %p", pInfo->tx_buf);
1054 kfree(pInfo);
1055 TRACE_M("r3964_close - info kfree %p", pInfo);
1056}
1057
1058static ssize_t r3964_read(struct tty_struct *tty, struct file *file,
1059 unsigned char __user * buf, size_t nr)
1060{
1061 struct r3964_info *pInfo = tty->disc_data;
1062 struct r3964_client_info *pClient;
1063 struct r3964_message *pMsg;
1064 struct r3964_client_message theMsg;
1065 int ret;
1066
1067 TRACE_L("read()");
1068
1069 tty_lock();
1070
1071 pClient = findClient(pInfo, task_pid(current));
1072 if (pClient) {
1073 pMsg = remove_msg(pInfo, pClient);
1074 if (pMsg == NULL) {
1075 /* no messages available. */
1076 if (file->f_flags & O_NONBLOCK) {
1077 ret = -EAGAIN;
1078 goto unlock;
1079 }
1080 /* block until there is a message: */
1081 wait_event_interruptible_tty(pInfo->read_wait,
1082 (pMsg = remove_msg(pInfo, pClient)));
1083 }
1084
1085 /* If we still haven't got a message, we must have been signalled */
1086
1087 if (!pMsg) {
1088 ret = -EINTR;
1089 goto unlock;
1090 }
1091
1092 /* deliver msg to client process: */
1093 theMsg.msg_id = pMsg->msg_id;
1094 theMsg.arg = pMsg->arg;
1095 theMsg.error_code = pMsg->error_code;
1096 ret = sizeof(struct r3964_client_message);
1097
1098 kfree(pMsg);
1099 TRACE_M("r3964_read - msg kfree %p", pMsg);
1100
1101 if (copy_to_user(buf, &theMsg, ret)) {
1102 ret = -EFAULT;
1103 goto unlock;
1104 }
1105
1106 TRACE_PS("read - return %d", ret);
1107 goto unlock;
1108 }
1109 ret = -EPERM;
1110unlock:
1111 tty_unlock();
1112 return ret;
1113}
1114
1115static ssize_t r3964_write(struct tty_struct *tty, struct file *file,
1116 const unsigned char *data, size_t count)
1117{
1118 struct r3964_info *pInfo = tty->disc_data;
1119 struct r3964_block_header *pHeader;
1120 struct r3964_client_info *pClient;
1121 unsigned char *new_data;
1122
1123 TRACE_L("write request, %d characters", count);
1124/*
1125 * Verify the pointers
1126 */
1127
1128 if (!pInfo)
1129 return -EIO;
1130
1131/*
1132 * Ensure that the caller does not wish to send too much.
1133 */
1134 if (count > R3964_MTU) {
1135 if (pInfo->flags & R3964_DEBUG) {
1136 TRACE_L(KERN_WARNING "r3964_write: truncating user "
1137 "packet from %u to mtu %d", count, R3964_MTU);
1138 }
1139 count = R3964_MTU;
1140 }
1141/*
1142 * Allocate a buffer for the data and copy it from the buffer with header prepended
1143 */
1144 new_data = kmalloc(count + sizeof(struct r3964_block_header),
1145 GFP_KERNEL);
1146 TRACE_M("r3964_write - kmalloc %p", new_data);
1147 if (new_data == NULL) {
1148 if (pInfo->flags & R3964_DEBUG) {
1149 printk(KERN_ERR "r3964_write: no memory\n");
1150 }
1151 return -ENOSPC;
1152 }
1153
1154 pHeader = (struct r3964_block_header *)new_data;
1155 pHeader->data = new_data + sizeof(struct r3964_block_header);
1156 pHeader->length = count;
1157 pHeader->locks = 0;
1158 pHeader->owner = NULL;
1159
1160 tty_lock();
1161
1162 pClient = findClient(pInfo, task_pid(current));
1163 if (pClient) {
1164 pHeader->owner = pClient;
1165 }
1166
1167 memcpy(pHeader->data, data, count); /* We already verified this */
1168
1169 if (pInfo->flags & R3964_DEBUG) {
1170 dump_block(pHeader->data, count);
1171 }
1172
1173/*
1174 * Add buffer to transmit-queue:
1175 */
1176 add_tx_queue(pInfo, pHeader);
1177 trigger_transmit(pInfo);
1178
1179 tty_unlock();
1180
1181 return 0;
1182}
1183
1184static int r3964_ioctl(struct tty_struct *tty, struct file *file,
1185 unsigned int cmd, unsigned long arg)
1186{
1187 struct r3964_info *pInfo = tty->disc_data;
1188 if (pInfo == NULL)
1189 return -EINVAL;
1190 switch (cmd) {
1191 case R3964_ENABLE_SIGNALS:
1192 return enable_signals(pInfo, task_pid(current), arg);
1193 case R3964_SETPRIORITY:
1194 if (arg < R3964_MASTER || arg > R3964_SLAVE)
1195 return -EINVAL;
1196 pInfo->priority = arg & 0xff;
1197 return 0;
1198 case R3964_USE_BCC:
1199 if (arg)
1200 pInfo->flags |= R3964_BCC;
1201 else
1202 pInfo->flags &= ~R3964_BCC;
1203 return 0;
1204 case R3964_READ_TELEGRAM:
1205 return read_telegram(pInfo, task_pid(current),
1206 (unsigned char __user *)arg);
1207 default:
1208 return -ENOIOCTLCMD;
1209 }
1210}
1211
1212static void r3964_set_termios(struct tty_struct *tty, struct ktermios *old)
1213{
1214 TRACE_L("set_termios");
1215}
1216
1217/* Called without the kernel lock held - fine */
1218static unsigned int r3964_poll(struct tty_struct *tty, struct file *file,
1219 struct poll_table_struct *wait)
1220{
1221 struct r3964_info *pInfo = tty->disc_data;
1222 struct r3964_client_info *pClient;
1223 struct r3964_message *pMsg = NULL;
1224 unsigned long flags;
1225 int result = POLLOUT;
1226
1227 TRACE_L("POLL");
1228
1229 pClient = findClient(pInfo, task_pid(current));
1230 if (pClient) {
1231 poll_wait(file, &pInfo->read_wait, wait);
1232 spin_lock_irqsave(&pInfo->lock, flags);
1233 pMsg = pClient->first_msg;
1234 spin_unlock_irqrestore(&pInfo->lock, flags);
1235 if (pMsg)
1236 result |= POLLIN | POLLRDNORM;
1237 } else {
1238 result = -EINVAL;
1239 }
1240 return result;
1241}
1242
1243static void r3964_receive_buf(struct tty_struct *tty, const unsigned char *cp,
1244 char *fp, int count)
1245{
1246 struct r3964_info *pInfo = tty->disc_data;
1247 const unsigned char *p;
1248 char *f, flags = 0;
1249 int i;
1250
1251 for (i = count, p = cp, f = fp; i; i--, p++) {
1252 if (f)
1253 flags = *f++;
1254 if (flags == TTY_NORMAL) {
1255 receive_char(pInfo, *p);
1256 } else {
1257 receive_error(pInfo, flags);
1258 }
1259
1260 }
1261}
1262
1263MODULE_LICENSE("GPL");
1264MODULE_ALIAS_LDISC(N_R3964);
diff --git a/drivers/char/n_tty.c b/drivers/char/n_tty.c
deleted file mode 100644
index 428f4fe0b5f..00000000000
--- a/drivers/char/n_tty.c
+++ /dev/null
@@ -1,2121 +0,0 @@
1/*
2 * n_tty.c --- implements the N_TTY line discipline.
3 *
4 * This code used to be in tty_io.c, but things are getting hairy
5 * enough that it made sense to split things off. (The N_TTY
6 * processing has changed so much that it's hardly recognizable,
7 * anyway...)
8 *
9 * Note that the open routine for N_TTY is guaranteed never to return
10 * an error. This is because Linux will fall back to setting a line
11 * to N_TTY if it can not switch to any other line discipline.
12 *
13 * Written by Theodore Ts'o, Copyright 1994.
14 *
15 * This file also contains code originally written by Linus Torvalds,
16 * Copyright 1991, 1992, 1993, and by Julian Cowley, Copyright 1994.
17 *
18 * This file may be redistributed under the terms of the GNU General Public
19 * License.
20 *
21 * Reduced memory usage for older ARM systems - Russell King.
22 *
23 * 2000/01/20 Fixed SMP locking on put_tty_queue using bits of
24 * the patch by Andrew J. Kroll <ag784@freenet.buffalo.edu>
25 * who actually finally proved there really was a race.
26 *
27 * 2002/03/18 Implemented n_tty_wakeup to send SIGIO POLL_OUTs to
28 * waiting writing processes-Sapan Bhatia <sapan@corewars.org>.
29 * Also fixed a bug in BLOCKING mode where n_tty_write returns
30 * EAGAIN
31 */
32
33#include <linux/types.h>
34#include <linux/major.h>
35#include <linux/errno.h>
36#include <linux/signal.h>
37#include <linux/fcntl.h>
38#include <linux/sched.h>
39#include <linux/interrupt.h>
40#include <linux/tty.h>
41#include <linux/timer.h>
42#include <linux/ctype.h>
43#include <linux/mm.h>
44#include <linux/string.h>
45#include <linux/slab.h>
46#include <linux/poll.h>
47#include <linux/bitops.h>
48#include <linux/audit.h>
49#include <linux/file.h>
50#include <linux/uaccess.h>
51#include <linux/module.h>
52
53#include <asm/system.h>
54
55/* number of characters left in xmit buffer before select has we have room */
56#define WAKEUP_CHARS 256
57
58/*
59 * This defines the low- and high-watermarks for throttling and
60 * unthrottling the TTY driver. These watermarks are used for
61 * controlling the space in the read buffer.
62 */
63#define TTY_THRESHOLD_THROTTLE 128 /* now based on remaining room */
64#define TTY_THRESHOLD_UNTHROTTLE 128
65
66/*
67 * Special byte codes used in the echo buffer to represent operations
68 * or special handling of characters. Bytes in the echo buffer that
69 * are not part of such special blocks are treated as normal character
70 * codes.
71 */
72#define ECHO_OP_START 0xff
73#define ECHO_OP_MOVE_BACK_COL 0x80
74#define ECHO_OP_SET_CANON_COL 0x81
75#define ECHO_OP_ERASE_TAB 0x82
76
77static inline int tty_put_user(struct tty_struct *tty, unsigned char x,
78 unsigned char __user *ptr)
79{
80 tty_audit_add_data(tty, &x, 1);
81 return put_user(x, ptr);
82}
83
84/**
85 * n_tty_set__room - receive space
86 * @tty: terminal
87 *
88 * Called by the driver to find out how much data it is
89 * permitted to feed to the line discipline without any being lost
90 * and thus to manage flow control. Not serialized. Answers for the
91 * "instant".
92 */
93
94static void n_tty_set_room(struct tty_struct *tty)
95{
96 /* tty->read_cnt is not read locked ? */
97 int left = N_TTY_BUF_SIZE - tty->read_cnt - 1;
98
99 /*
100 * If we are doing input canonicalization, and there are no
101 * pending newlines, let characters through without limit, so
102 * that erase characters will be handled. Other excess
103 * characters will be beeped.
104 */
105 if (left <= 0)
106 left = tty->icanon && !tty->canon_data;
107 tty->receive_room = left;
108}
109
110static void put_tty_queue_nolock(unsigned char c, struct tty_struct *tty)
111{
112 if (tty->read_cnt < N_TTY_BUF_SIZE) {
113 tty->read_buf[tty->read_head] = c;
114 tty->read_head = (tty->read_head + 1) & (N_TTY_BUF_SIZE-1);
115 tty->read_cnt++;
116 }
117}
118
119/**
120 * put_tty_queue - add character to tty
121 * @c: character
122 * @tty: tty device
123 *
124 * Add a character to the tty read_buf queue. This is done under the
125 * read_lock to serialize character addition and also to protect us
126 * against parallel reads or flushes
127 */
128
129static void put_tty_queue(unsigned char c, struct tty_struct *tty)
130{
131 unsigned long flags;
132 /*
133 * The problem of stomping on the buffers ends here.
134 * Why didn't anyone see this one coming? --AJK
135 */
136 spin_lock_irqsave(&tty->read_lock, flags);
137 put_tty_queue_nolock(c, tty);
138 spin_unlock_irqrestore(&tty->read_lock, flags);
139}
140
141/**
142 * check_unthrottle - allow new receive data
143 * @tty; tty device
144 *
145 * Check whether to call the driver unthrottle functions
146 *
147 * Can sleep, may be called under the atomic_read_lock mutex but
148 * this is not guaranteed.
149 */
150static void check_unthrottle(struct tty_struct *tty)
151{
152 if (tty->count)
153 tty_unthrottle(tty);
154}
155
156/**
157 * reset_buffer_flags - reset buffer state
158 * @tty: terminal to reset
159 *
160 * Reset the read buffer counters, clear the flags,
161 * and make sure the driver is unthrottled. Called
162 * from n_tty_open() and n_tty_flush_buffer().
163 *
164 * Locking: tty_read_lock for read fields.
165 */
166
167static void reset_buffer_flags(struct tty_struct *tty)
168{
169 unsigned long flags;
170
171 spin_lock_irqsave(&tty->read_lock, flags);
172 tty->read_head = tty->read_tail = tty->read_cnt = 0;
173 spin_unlock_irqrestore(&tty->read_lock, flags);
174
175 mutex_lock(&tty->echo_lock);
176 tty->echo_pos = tty->echo_cnt = tty->echo_overrun = 0;
177 mutex_unlock(&tty->echo_lock);
178
179 tty->canon_head = tty->canon_data = tty->erasing = 0;
180 memset(&tty->read_flags, 0, sizeof tty->read_flags);
181 n_tty_set_room(tty);
182 check_unthrottle(tty);
183}
184
185/**
186 * n_tty_flush_buffer - clean input queue
187 * @tty: terminal device
188 *
189 * Flush the input buffer. Called when the line discipline is
190 * being closed, when the tty layer wants the buffer flushed (eg
191 * at hangup) or when the N_TTY line discipline internally has to
192 * clean the pending queue (for example some signals).
193 *
194 * Locking: ctrl_lock, read_lock.
195 */
196
197static void n_tty_flush_buffer(struct tty_struct *tty)
198{
199 unsigned long flags;
200 /* clear everything and unthrottle the driver */
201 reset_buffer_flags(tty);
202
203 if (!tty->link)
204 return;
205
206 spin_lock_irqsave(&tty->ctrl_lock, flags);
207 if (tty->link->packet) {
208 tty->ctrl_status |= TIOCPKT_FLUSHREAD;
209 wake_up_interruptible(&tty->link->read_wait);
210 }
211 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
212}
213
214/**
215 * n_tty_chars_in_buffer - report available bytes
216 * @tty: tty device
217 *
218 * Report the number of characters buffered to be delivered to user
219 * at this instant in time.
220 *
221 * Locking: read_lock
222 */
223
224static ssize_t n_tty_chars_in_buffer(struct tty_struct *tty)
225{
226 unsigned long flags;
227 ssize_t n = 0;
228
229 spin_lock_irqsave(&tty->read_lock, flags);
230 if (!tty->icanon) {
231 n = tty->read_cnt;
232 } else if (tty->canon_data) {
233 n = (tty->canon_head > tty->read_tail) ?
234 tty->canon_head - tty->read_tail :
235 tty->canon_head + (N_TTY_BUF_SIZE - tty->read_tail);
236 }
237 spin_unlock_irqrestore(&tty->read_lock, flags);
238 return n;
239}
240
241/**
242 * is_utf8_continuation - utf8 multibyte check
243 * @c: byte to check
244 *
245 * Returns true if the utf8 character 'c' is a multibyte continuation
246 * character. We use this to correctly compute the on screen size
247 * of the character when printing
248 */
249
250static inline int is_utf8_continuation(unsigned char c)
251{
252 return (c & 0xc0) == 0x80;
253}
254
255/**
256 * is_continuation - multibyte check
257 * @c: byte to check
258 *
259 * Returns true if the utf8 character 'c' is a multibyte continuation
260 * character and the terminal is in unicode mode.
261 */
262
263static inline int is_continuation(unsigned char c, struct tty_struct *tty)
264{
265 return I_IUTF8(tty) && is_utf8_continuation(c);
266}
267
268/**
269 * do_output_char - output one character
270 * @c: character (or partial unicode symbol)
271 * @tty: terminal device
272 * @space: space available in tty driver write buffer
273 *
274 * This is a helper function that handles one output character
275 * (including special characters like TAB, CR, LF, etc.),
276 * doing OPOST processing and putting the results in the
277 * tty driver's write buffer.
278 *
279 * Note that Linux currently ignores TABDLY, CRDLY, VTDLY, FFDLY
280 * and NLDLY. They simply aren't relevant in the world today.
281 * If you ever need them, add them here.
282 *
283 * Returns the number of bytes of buffer space used or -1 if
284 * no space left.
285 *
286 * Locking: should be called under the output_lock to protect
287 * the column state and space left in the buffer
288 */
289
290static int do_output_char(unsigned char c, struct tty_struct *tty, int space)
291{
292 int spaces;
293
294 if (!space)
295 return -1;
296
297 switch (c) {
298 case '\n':
299 if (O_ONLRET(tty))
300 tty->column = 0;
301 if (O_ONLCR(tty)) {
302 if (space < 2)
303 return -1;
304 tty->canon_column = tty->column = 0;
305 tty->ops->write(tty, "\r\n", 2);
306 return 2;
307 }
308 tty->canon_column = tty->column;
309 break;
310 case '\r':
311 if (O_ONOCR(tty) && tty->column == 0)
312 return 0;
313 if (O_OCRNL(tty)) {
314 c = '\n';
315 if (O_ONLRET(tty))
316 tty->canon_column = tty->column = 0;
317 break;
318 }
319 tty->canon_column = tty->column = 0;
320 break;
321 case '\t':
322 spaces = 8 - (tty->column & 7);
323 if (O_TABDLY(tty) == XTABS) {
324 if (space < spaces)
325 return -1;
326 tty->column += spaces;
327 tty->ops->write(tty, " ", spaces);
328 return spaces;
329 }
330 tty->column += spaces;
331 break;
332 case '\b':
333 if (tty->column > 0)
334 tty->column--;
335 break;
336 default:
337 if (!iscntrl(c)) {
338 if (O_OLCUC(tty))
339 c = toupper(c);
340 if (!is_continuation(c, tty))
341 tty->column++;
342 }
343 break;
344 }
345
346 tty_put_char(tty, c);
347 return 1;
348}
349
350/**
351 * process_output - output post processor
352 * @c: character (or partial unicode symbol)
353 * @tty: terminal device
354 *
355 * Output one character with OPOST processing.
356 * Returns -1 when the output device is full and the character
357 * must be retried.
358 *
359 * Locking: output_lock to protect column state and space left
360 * (also, this is called from n_tty_write under the
361 * tty layer write lock)
362 */
363
364static int process_output(unsigned char c, struct tty_struct *tty)
365{
366 int space, retval;
367
368 mutex_lock(&tty->output_lock);
369
370 space = tty_write_room(tty);
371 retval = do_output_char(c, tty, space);
372
373 mutex_unlock(&tty->output_lock);
374 if (retval < 0)
375 return -1;
376 else
377 return 0;
378}
379
380/**
381 * process_output_block - block post processor
382 * @tty: terminal device
383 * @buf: character buffer
384 * @nr: number of bytes to output
385 *
386 * Output a block of characters with OPOST processing.
387 * Returns the number of characters output.
388 *
389 * This path is used to speed up block console writes, among other
390 * things when processing blocks of output data. It handles only
391 * the simple cases normally found and helps to generate blocks of
392 * symbols for the console driver and thus improve performance.
393 *
394 * Locking: output_lock to protect column state and space left
395 * (also, this is called from n_tty_write under the
396 * tty layer write lock)
397 */
398
399static ssize_t process_output_block(struct tty_struct *tty,
400 const unsigned char *buf, unsigned int nr)
401{
402 int space;
403 int i;
404 const unsigned char *cp;
405
406 mutex_lock(&tty->output_lock);
407
408 space = tty_write_room(tty);
409 if (!space) {
410 mutex_unlock(&tty->output_lock);
411 return 0;
412 }
413 if (nr > space)
414 nr = space;
415
416 for (i = 0, cp = buf; i < nr; i++, cp++) {
417 unsigned char c = *cp;
418
419 switch (c) {
420 case '\n':
421 if (O_ONLRET(tty))
422 tty->column = 0;
423 if (O_ONLCR(tty))
424 goto break_out;
425 tty->canon_column = tty->column;
426 break;
427 case '\r':
428 if (O_ONOCR(tty) && tty->column == 0)
429 goto break_out;
430 if (O_OCRNL(tty))
431 goto break_out;
432 tty->canon_column = tty->column = 0;
433 break;
434 case '\t':
435 goto break_out;
436 case '\b':
437 if (tty->column > 0)
438 tty->column--;
439 break;
440 default:
441 if (!iscntrl(c)) {
442 if (O_OLCUC(tty))
443 goto break_out;
444 if (!is_continuation(c, tty))
445 tty->column++;
446 }
447 break;
448 }
449 }
450break_out:
451 i = tty->ops->write(tty, buf, i);
452
453 mutex_unlock(&tty->output_lock);
454 return i;
455}
456
457/**
458 * process_echoes - write pending echo characters
459 * @tty: terminal device
460 *
461 * Write previously buffered echo (and other ldisc-generated)
462 * characters to the tty.
463 *
464 * Characters generated by the ldisc (including echoes) need to
465 * be buffered because the driver's write buffer can fill during
466 * heavy program output. Echoing straight to the driver will
467 * often fail under these conditions, causing lost characters and
468 * resulting mismatches of ldisc state information.
469 *
470 * Since the ldisc state must represent the characters actually sent
471 * to the driver at the time of the write, operations like certain
472 * changes in column state are also saved in the buffer and executed
473 * here.
474 *
475 * A circular fifo buffer is used so that the most recent characters
476 * are prioritized. Also, when control characters are echoed with a
477 * prefixed "^", the pair is treated atomically and thus not separated.
478 *
479 * Locking: output_lock to protect column state and space left,
480 * echo_lock to protect the echo buffer
481 */
482
483static void process_echoes(struct tty_struct *tty)
484{
485 int space, nr;
486 unsigned char c;
487 unsigned char *cp, *buf_end;
488
489 if (!tty->echo_cnt)
490 return;
491
492 mutex_lock(&tty->output_lock);
493 mutex_lock(&tty->echo_lock);
494
495 space = tty_write_room(tty);
496
497 buf_end = tty->echo_buf + N_TTY_BUF_SIZE;
498 cp = tty->echo_buf + tty->echo_pos;
499 nr = tty->echo_cnt;
500 while (nr > 0) {
501 c = *cp;
502 if (c == ECHO_OP_START) {
503 unsigned char op;
504 unsigned char *opp;
505 int no_space_left = 0;
506
507 /*
508 * If the buffer byte is the start of a multi-byte
509 * operation, get the next byte, which is either the
510 * op code or a control character value.
511 */
512 opp = cp + 1;
513 if (opp == buf_end)
514 opp -= N_TTY_BUF_SIZE;
515 op = *opp;
516
517 switch (op) {
518 unsigned int num_chars, num_bs;
519
520 case ECHO_OP_ERASE_TAB:
521 if (++opp == buf_end)
522 opp -= N_TTY_BUF_SIZE;
523 num_chars = *opp;
524
525 /*
526 * Determine how many columns to go back
527 * in order to erase the tab.
528 * This depends on the number of columns
529 * used by other characters within the tab
530 * area. If this (modulo 8) count is from
531 * the start of input rather than from a
532 * previous tab, we offset by canon column.
533 * Otherwise, tab spacing is normal.
534 */
535 if (!(num_chars & 0x80))
536 num_chars += tty->canon_column;
537 num_bs = 8 - (num_chars & 7);
538
539 if (num_bs > space) {
540 no_space_left = 1;
541 break;
542 }
543 space -= num_bs;
544 while (num_bs--) {
545 tty_put_char(tty, '\b');
546 if (tty->column > 0)
547 tty->column--;
548 }
549 cp += 3;
550 nr -= 3;
551 break;
552
553 case ECHO_OP_SET_CANON_COL:
554 tty->canon_column = tty->column;
555 cp += 2;
556 nr -= 2;
557 break;
558
559 case ECHO_OP_MOVE_BACK_COL:
560 if (tty->column > 0)
561 tty->column--;
562 cp += 2;
563 nr -= 2;
564 break;
565
566 case ECHO_OP_START:
567 /* This is an escaped echo op start code */
568 if (!space) {
569 no_space_left = 1;
570 break;
571 }
572 tty_put_char(tty, ECHO_OP_START);
573 tty->column++;
574 space--;
575 cp += 2;
576 nr -= 2;
577 break;
578
579 default:
580 /*
581 * If the op is not a special byte code,
582 * it is a ctrl char tagged to be echoed
583 * as "^X" (where X is the letter
584 * representing the control char).
585 * Note that we must ensure there is
586 * enough space for the whole ctrl pair.
587 *
588 */
589 if (space < 2) {
590 no_space_left = 1;
591 break;
592 }
593 tty_put_char(tty, '^');
594 tty_put_char(tty, op ^ 0100);
595 tty->column += 2;
596 space -= 2;
597 cp += 2;
598 nr -= 2;
599 }
600
601 if (no_space_left)
602 break;
603 } else {
604 if (O_OPOST(tty) &&
605 !(test_bit(TTY_HW_COOK_OUT, &tty->flags))) {
606 int retval = do_output_char(c, tty, space);
607 if (retval < 0)
608 break;
609 space -= retval;
610 } else {
611 if (!space)
612 break;
613 tty_put_char(tty, c);
614 space -= 1;
615 }
616 cp += 1;
617 nr -= 1;
618 }
619
620 /* When end of circular buffer reached, wrap around */
621 if (cp >= buf_end)
622 cp -= N_TTY_BUF_SIZE;
623 }
624
625 if (nr == 0) {
626 tty->echo_pos = 0;
627 tty->echo_cnt = 0;
628 tty->echo_overrun = 0;
629 } else {
630 int num_processed = tty->echo_cnt - nr;
631 tty->echo_pos += num_processed;
632 tty->echo_pos &= N_TTY_BUF_SIZE - 1;
633 tty->echo_cnt = nr;
634 if (num_processed > 0)
635 tty->echo_overrun = 0;
636 }
637
638 mutex_unlock(&tty->echo_lock);
639 mutex_unlock(&tty->output_lock);
640
641 if (tty->ops->flush_chars)
642 tty->ops->flush_chars(tty);
643}
644
645/**
646 * add_echo_byte - add a byte to the echo buffer
647 * @c: unicode byte to echo
648 * @tty: terminal device
649 *
650 * Add a character or operation byte to the echo buffer.
651 *
652 * Should be called under the echo lock to protect the echo buffer.
653 */
654
655static void add_echo_byte(unsigned char c, struct tty_struct *tty)
656{
657 int new_byte_pos;
658
659 if (tty->echo_cnt == N_TTY_BUF_SIZE) {
660 /* Circular buffer is already at capacity */
661 new_byte_pos = tty->echo_pos;
662
663 /*
664 * Since the buffer start position needs to be advanced,
665 * be sure to step by a whole operation byte group.
666 */
667 if (tty->echo_buf[tty->echo_pos] == ECHO_OP_START) {
668 if (tty->echo_buf[(tty->echo_pos + 1) &
669 (N_TTY_BUF_SIZE - 1)] ==
670 ECHO_OP_ERASE_TAB) {
671 tty->echo_pos += 3;
672 tty->echo_cnt -= 2;
673 } else {
674 tty->echo_pos += 2;
675 tty->echo_cnt -= 1;
676 }
677 } else {
678 tty->echo_pos++;
679 }
680 tty->echo_pos &= N_TTY_BUF_SIZE - 1;
681
682 tty->echo_overrun = 1;
683 } else {
684 new_byte_pos = tty->echo_pos + tty->echo_cnt;
685 new_byte_pos &= N_TTY_BUF_SIZE - 1;
686 tty->echo_cnt++;
687 }
688
689 tty->echo_buf[new_byte_pos] = c;
690}
691
692/**
693 * echo_move_back_col - add operation to move back a column
694 * @tty: terminal device
695 *
696 * Add an operation to the echo buffer to move back one column.
697 *
698 * Locking: echo_lock to protect the echo buffer
699 */
700
701static void echo_move_back_col(struct tty_struct *tty)
702{
703 mutex_lock(&tty->echo_lock);
704
705 add_echo_byte(ECHO_OP_START, tty);
706 add_echo_byte(ECHO_OP_MOVE_BACK_COL, tty);
707
708 mutex_unlock(&tty->echo_lock);
709}
710
711/**
712 * echo_set_canon_col - add operation to set the canon column
713 * @tty: terminal device
714 *
715 * Add an operation to the echo buffer to set the canon column
716 * to the current column.
717 *
718 * Locking: echo_lock to protect the echo buffer
719 */
720
721static void echo_set_canon_col(struct tty_struct *tty)
722{
723 mutex_lock(&tty->echo_lock);
724
725 add_echo_byte(ECHO_OP_START, tty);
726 add_echo_byte(ECHO_OP_SET_CANON_COL, tty);
727
728 mutex_unlock(&tty->echo_lock);
729}
730
731/**
732 * echo_erase_tab - add operation to erase a tab
733 * @num_chars: number of character columns already used
734 * @after_tab: true if num_chars starts after a previous tab
735 * @tty: terminal device
736 *
737 * Add an operation to the echo buffer to erase a tab.
738 *
739 * Called by the eraser function, which knows how many character
740 * columns have been used since either a previous tab or the start
741 * of input. This information will be used later, along with
742 * canon column (if applicable), to go back the correct number
743 * of columns.
744 *
745 * Locking: echo_lock to protect the echo buffer
746 */
747
748static void echo_erase_tab(unsigned int num_chars, int after_tab,
749 struct tty_struct *tty)
750{
751 mutex_lock(&tty->echo_lock);
752
753 add_echo_byte(ECHO_OP_START, tty);
754 add_echo_byte(ECHO_OP_ERASE_TAB, tty);
755
756 /* We only need to know this modulo 8 (tab spacing) */
757 num_chars &= 7;
758
759 /* Set the high bit as a flag if num_chars is after a previous tab */
760 if (after_tab)
761 num_chars |= 0x80;
762
763 add_echo_byte(num_chars, tty);
764
765 mutex_unlock(&tty->echo_lock);
766}
767
768/**
769 * echo_char_raw - echo a character raw
770 * @c: unicode byte to echo
771 * @tty: terminal device
772 *
773 * Echo user input back onto the screen. This must be called only when
774 * L_ECHO(tty) is true. Called from the driver receive_buf path.
775 *
776 * This variant does not treat control characters specially.
777 *
778 * Locking: echo_lock to protect the echo buffer
779 */
780
781static void echo_char_raw(unsigned char c, struct tty_struct *tty)
782{
783 mutex_lock(&tty->echo_lock);
784
785 if (c == ECHO_OP_START) {
786 add_echo_byte(ECHO_OP_START, tty);
787 add_echo_byte(ECHO_OP_START, tty);
788 } else {
789 add_echo_byte(c, tty);
790 }
791
792 mutex_unlock(&tty->echo_lock);
793}
794
795/**
796 * echo_char - echo a character
797 * @c: unicode byte to echo
798 * @tty: terminal device
799 *
800 * Echo user input back onto the screen. This must be called only when
801 * L_ECHO(tty) is true. Called from the driver receive_buf path.
802 *
803 * This variant tags control characters to be echoed as "^X"
804 * (where X is the letter representing the control char).
805 *
806 * Locking: echo_lock to protect the echo buffer
807 */
808
809static void echo_char(unsigned char c, struct tty_struct *tty)
810{
811 mutex_lock(&tty->echo_lock);
812
813 if (c == ECHO_OP_START) {
814 add_echo_byte(ECHO_OP_START, tty);
815 add_echo_byte(ECHO_OP_START, tty);
816 } else {
817 if (L_ECHOCTL(tty) && iscntrl(c) && c != '\t')
818 add_echo_byte(ECHO_OP_START, tty);
819 add_echo_byte(c, tty);
820 }
821
822 mutex_unlock(&tty->echo_lock);
823}
824
825/**
826 * finish_erasing - complete erase
827 * @tty: tty doing the erase
828 */
829
830static inline void finish_erasing(struct tty_struct *tty)
831{
832 if (tty->erasing) {
833 echo_char_raw('/', tty);
834 tty->erasing = 0;
835 }
836}
837
838/**
839 * eraser - handle erase function
840 * @c: character input
841 * @tty: terminal device
842 *
843 * Perform erase and necessary output when an erase character is
844 * present in the stream from the driver layer. Handles the complexities
845 * of UTF-8 multibyte symbols.
846 *
847 * Locking: read_lock for tty buffers
848 */
849
850static void eraser(unsigned char c, struct tty_struct *tty)
851{
852 enum { ERASE, WERASE, KILL } kill_type;
853 int head, seen_alnums, cnt;
854 unsigned long flags;
855
856 /* FIXME: locking needed ? */
857 if (tty->read_head == tty->canon_head) {
858 /* process_output('\a', tty); */ /* what do you think? */
859 return;
860 }
861 if (c == ERASE_CHAR(tty))
862 kill_type = ERASE;
863 else if (c == WERASE_CHAR(tty))
864 kill_type = WERASE;
865 else {
866 if (!L_ECHO(tty)) {
867 spin_lock_irqsave(&tty->read_lock, flags);
868 tty->read_cnt -= ((tty->read_head - tty->canon_head) &
869 (N_TTY_BUF_SIZE - 1));
870 tty->read_head = tty->canon_head;
871 spin_unlock_irqrestore(&tty->read_lock, flags);
872 return;
873 }
874 if (!L_ECHOK(tty) || !L_ECHOKE(tty) || !L_ECHOE(tty)) {
875 spin_lock_irqsave(&tty->read_lock, flags);
876 tty->read_cnt -= ((tty->read_head - tty->canon_head) &
877 (N_TTY_BUF_SIZE - 1));
878 tty->read_head = tty->canon_head;
879 spin_unlock_irqrestore(&tty->read_lock, flags);
880 finish_erasing(tty);
881 echo_char(KILL_CHAR(tty), tty);
882 /* Add a newline if ECHOK is on and ECHOKE is off. */
883 if (L_ECHOK(tty))
884 echo_char_raw('\n', tty);
885 return;
886 }
887 kill_type = KILL;
888 }
889
890 seen_alnums = 0;
891 /* FIXME: Locking ?? */
892 while (tty->read_head != tty->canon_head) {
893 head = tty->read_head;
894
895 /* erase a single possibly multibyte character */
896 do {
897 head = (head - 1) & (N_TTY_BUF_SIZE-1);
898 c = tty->read_buf[head];
899 } while (is_continuation(c, tty) && head != tty->canon_head);
900
901 /* do not partially erase */
902 if (is_continuation(c, tty))
903 break;
904
905 if (kill_type == WERASE) {
906 /* Equivalent to BSD's ALTWERASE. */
907 if (isalnum(c) || c == '_')
908 seen_alnums++;
909 else if (seen_alnums)
910 break;
911 }
912 cnt = (tty->read_head - head) & (N_TTY_BUF_SIZE-1);
913 spin_lock_irqsave(&tty->read_lock, flags);
914 tty->read_head = head;
915 tty->read_cnt -= cnt;
916 spin_unlock_irqrestore(&tty->read_lock, flags);
917 if (L_ECHO(tty)) {
918 if (L_ECHOPRT(tty)) {
919 if (!tty->erasing) {
920 echo_char_raw('\\', tty);
921 tty->erasing = 1;
922 }
923 /* if cnt > 1, output a multi-byte character */
924 echo_char(c, tty);
925 while (--cnt > 0) {
926 head = (head+1) & (N_TTY_BUF_SIZE-1);
927 echo_char_raw(tty->read_buf[head], tty);
928 echo_move_back_col(tty);
929 }
930 } else if (kill_type == ERASE && !L_ECHOE(tty)) {
931 echo_char(ERASE_CHAR(tty), tty);
932 } else if (c == '\t') {
933 unsigned int num_chars = 0;
934 int after_tab = 0;
935 unsigned long tail = tty->read_head;
936
937 /*
938 * Count the columns used for characters
939 * since the start of input or after a
940 * previous tab.
941 * This info is used to go back the correct
942 * number of columns.
943 */
944 while (tail != tty->canon_head) {
945 tail = (tail-1) & (N_TTY_BUF_SIZE-1);
946 c = tty->read_buf[tail];
947 if (c == '\t') {
948 after_tab = 1;
949 break;
950 } else if (iscntrl(c)) {
951 if (L_ECHOCTL(tty))
952 num_chars += 2;
953 } else if (!is_continuation(c, tty)) {
954 num_chars++;
955 }
956 }
957 echo_erase_tab(num_chars, after_tab, tty);
958 } else {
959 if (iscntrl(c) && L_ECHOCTL(tty)) {
960 echo_char_raw('\b', tty);
961 echo_char_raw(' ', tty);
962 echo_char_raw('\b', tty);
963 }
964 if (!iscntrl(c) || L_ECHOCTL(tty)) {
965 echo_char_raw('\b', tty);
966 echo_char_raw(' ', tty);
967 echo_char_raw('\b', tty);
968 }
969 }
970 }
971 if (kill_type == ERASE)
972 break;
973 }
974 if (tty->read_head == tty->canon_head && L_ECHO(tty))
975 finish_erasing(tty);
976}
977
978/**
979 * isig - handle the ISIG optio
980 * @sig: signal
981 * @tty: terminal
982 * @flush: force flush
983 *
984 * Called when a signal is being sent due to terminal input. This
985 * may caus terminal flushing to take place according to the termios
986 * settings and character used. Called from the driver receive_buf
987 * path so serialized.
988 *
989 * Locking: ctrl_lock, read_lock (both via flush buffer)
990 */
991
992static inline void isig(int sig, struct tty_struct *tty, int flush)
993{
994 if (tty->pgrp)
995 kill_pgrp(tty->pgrp, sig, 1);
996 if (flush || !L_NOFLSH(tty)) {
997 n_tty_flush_buffer(tty);
998 tty_driver_flush_buffer(tty);
999 }
1000}
1001
1002/**
1003 * n_tty_receive_break - handle break
1004 * @tty: terminal
1005 *
1006 * An RS232 break event has been hit in the incoming bitstream. This
1007 * can cause a variety of events depending upon the termios settings.
1008 *
1009 * Called from the receive_buf path so single threaded.
1010 */
1011
1012static inline void n_tty_receive_break(struct tty_struct *tty)
1013{
1014 if (I_IGNBRK(tty))
1015 return;
1016 if (I_BRKINT(tty)) {
1017 isig(SIGINT, tty, 1);
1018 return;
1019 }
1020 if (I_PARMRK(tty)) {
1021 put_tty_queue('\377', tty);
1022 put_tty_queue('\0', tty);
1023 }
1024 put_tty_queue('\0', tty);
1025 wake_up_interruptible(&tty->read_wait);
1026}
1027
1028/**
1029 * n_tty_receive_overrun - handle overrun reporting
1030 * @tty: terminal
1031 *
1032 * Data arrived faster than we could process it. While the tty
1033 * driver has flagged this the bits that were missed are gone
1034 * forever.
1035 *
1036 * Called from the receive_buf path so single threaded. Does not
1037 * need locking as num_overrun and overrun_time are function
1038 * private.
1039 */
1040
1041static inline void n_tty_receive_overrun(struct tty_struct *tty)
1042{
1043 char buf[64];
1044
1045 tty->num_overrun++;
1046 if (time_before(tty->overrun_time, jiffies - HZ) ||
1047 time_after(tty->overrun_time, jiffies)) {
1048 printk(KERN_WARNING "%s: %d input overrun(s)\n",
1049 tty_name(tty, buf),
1050 tty->num_overrun);
1051 tty->overrun_time = jiffies;
1052 tty->num_overrun = 0;
1053 }
1054}
1055
1056/**
1057 * n_tty_receive_parity_error - error notifier
1058 * @tty: terminal device
1059 * @c: character
1060 *
1061 * Process a parity error and queue the right data to indicate
1062 * the error case if necessary. Locking as per n_tty_receive_buf.
1063 */
1064static inline void n_tty_receive_parity_error(struct tty_struct *tty,
1065 unsigned char c)
1066{
1067 if (I_IGNPAR(tty))
1068 return;
1069 if (I_PARMRK(tty)) {
1070 put_tty_queue('\377', tty);
1071 put_tty_queue('\0', tty);
1072 put_tty_queue(c, tty);
1073 } else if (I_INPCK(tty))
1074 put_tty_queue('\0', tty);
1075 else
1076 put_tty_queue(c, tty);
1077 wake_up_interruptible(&tty->read_wait);
1078}
1079
1080/**
1081 * n_tty_receive_char - perform processing
1082 * @tty: terminal device
1083 * @c: character
1084 *
1085 * Process an individual character of input received from the driver.
1086 * This is serialized with respect to itself by the rules for the
1087 * driver above.
1088 */
1089
1090static inline void n_tty_receive_char(struct tty_struct *tty, unsigned char c)
1091{
1092 unsigned long flags;
1093 int parmrk;
1094
1095 if (tty->raw) {
1096 put_tty_queue(c, tty);
1097 return;
1098 }
1099
1100 if (I_ISTRIP(tty))
1101 c &= 0x7f;
1102 if (I_IUCLC(tty) && L_IEXTEN(tty))
1103 c = tolower(c);
1104
1105 if (L_EXTPROC(tty)) {
1106 put_tty_queue(c, tty);
1107 return;
1108 }
1109
1110 if (tty->stopped && !tty->flow_stopped && I_IXON(tty) &&
1111 I_IXANY(tty) && c != START_CHAR(tty) && c != STOP_CHAR(tty) &&
1112 c != INTR_CHAR(tty) && c != QUIT_CHAR(tty) && c != SUSP_CHAR(tty)) {
1113 start_tty(tty);
1114 process_echoes(tty);
1115 }
1116
1117 if (tty->closing) {
1118 if (I_IXON(tty)) {
1119 if (c == START_CHAR(tty)) {
1120 start_tty(tty);
1121 process_echoes(tty);
1122 } else if (c == STOP_CHAR(tty))
1123 stop_tty(tty);
1124 }
1125 return;
1126 }
1127
1128 /*
1129 * If the previous character was LNEXT, or we know that this
1130 * character is not one of the characters that we'll have to
1131 * handle specially, do shortcut processing to speed things
1132 * up.
1133 */
1134 if (!test_bit(c, tty->process_char_map) || tty->lnext) {
1135 tty->lnext = 0;
1136 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty)) ? 1 : 0;
1137 if (tty->read_cnt >= (N_TTY_BUF_SIZE - parmrk - 1)) {
1138 /* beep if no space */
1139 if (L_ECHO(tty))
1140 process_output('\a', tty);
1141 return;
1142 }
1143 if (L_ECHO(tty)) {
1144 finish_erasing(tty);
1145 /* Record the column of first canon char. */
1146 if (tty->canon_head == tty->read_head)
1147 echo_set_canon_col(tty);
1148 echo_char(c, tty);
1149 process_echoes(tty);
1150 }
1151 if (parmrk)
1152 put_tty_queue(c, tty);
1153 put_tty_queue(c, tty);
1154 return;
1155 }
1156
1157 if (I_IXON(tty)) {
1158 if (c == START_CHAR(tty)) {
1159 start_tty(tty);
1160 process_echoes(tty);
1161 return;
1162 }
1163 if (c == STOP_CHAR(tty)) {
1164 stop_tty(tty);
1165 return;
1166 }
1167 }
1168
1169 if (L_ISIG(tty)) {
1170 int signal;
1171 signal = SIGINT;
1172 if (c == INTR_CHAR(tty))
1173 goto send_signal;
1174 signal = SIGQUIT;
1175 if (c == QUIT_CHAR(tty))
1176 goto send_signal;
1177 signal = SIGTSTP;
1178 if (c == SUSP_CHAR(tty)) {
1179send_signal:
1180 /*
1181 * Note that we do not use isig() here because we want
1182 * the order to be:
1183 * 1) flush, 2) echo, 3) signal
1184 */
1185 if (!L_NOFLSH(tty)) {
1186 n_tty_flush_buffer(tty);
1187 tty_driver_flush_buffer(tty);
1188 }
1189 if (I_IXON(tty))
1190 start_tty(tty);
1191 if (L_ECHO(tty)) {
1192 echo_char(c, tty);
1193 process_echoes(tty);
1194 }
1195 if (tty->pgrp)
1196 kill_pgrp(tty->pgrp, signal, 1);
1197 return;
1198 }
1199 }
1200
1201 if (c == '\r') {
1202 if (I_IGNCR(tty))
1203 return;
1204 if (I_ICRNL(tty))
1205 c = '\n';
1206 } else if (c == '\n' && I_INLCR(tty))
1207 c = '\r';
1208
1209 if (tty->icanon) {
1210 if (c == ERASE_CHAR(tty) || c == KILL_CHAR(tty) ||
1211 (c == WERASE_CHAR(tty) && L_IEXTEN(tty))) {
1212 eraser(c, tty);
1213 process_echoes(tty);
1214 return;
1215 }
1216 if (c == LNEXT_CHAR(tty) && L_IEXTEN(tty)) {
1217 tty->lnext = 1;
1218 if (L_ECHO(tty)) {
1219 finish_erasing(tty);
1220 if (L_ECHOCTL(tty)) {
1221 echo_char_raw('^', tty);
1222 echo_char_raw('\b', tty);
1223 process_echoes(tty);
1224 }
1225 }
1226 return;
1227 }
1228 if (c == REPRINT_CHAR(tty) && L_ECHO(tty) &&
1229 L_IEXTEN(tty)) {
1230 unsigned long tail = tty->canon_head;
1231
1232 finish_erasing(tty);
1233 echo_char(c, tty);
1234 echo_char_raw('\n', tty);
1235 while (tail != tty->read_head) {
1236 echo_char(tty->read_buf[tail], tty);
1237 tail = (tail+1) & (N_TTY_BUF_SIZE-1);
1238 }
1239 process_echoes(tty);
1240 return;
1241 }
1242 if (c == '\n') {
1243 if (tty->read_cnt >= N_TTY_BUF_SIZE) {
1244 if (L_ECHO(tty))
1245 process_output('\a', tty);
1246 return;
1247 }
1248 if (L_ECHO(tty) || L_ECHONL(tty)) {
1249 echo_char_raw('\n', tty);
1250 process_echoes(tty);
1251 }
1252 goto handle_newline;
1253 }
1254 if (c == EOF_CHAR(tty)) {
1255 if (tty->read_cnt >= N_TTY_BUF_SIZE)
1256 return;
1257 if (tty->canon_head != tty->read_head)
1258 set_bit(TTY_PUSH, &tty->flags);
1259 c = __DISABLED_CHAR;
1260 goto handle_newline;
1261 }
1262 if ((c == EOL_CHAR(tty)) ||
1263 (c == EOL2_CHAR(tty) && L_IEXTEN(tty))) {
1264 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty))
1265 ? 1 : 0;
1266 if (tty->read_cnt >= (N_TTY_BUF_SIZE - parmrk)) {
1267 if (L_ECHO(tty))
1268 process_output('\a', tty);
1269 return;
1270 }
1271 /*
1272 * XXX are EOL_CHAR and EOL2_CHAR echoed?!?
1273 */
1274 if (L_ECHO(tty)) {
1275 /* Record the column of first canon char. */
1276 if (tty->canon_head == tty->read_head)
1277 echo_set_canon_col(tty);
1278 echo_char(c, tty);
1279 process_echoes(tty);
1280 }
1281 /*
1282 * XXX does PARMRK doubling happen for
1283 * EOL_CHAR and EOL2_CHAR?
1284 */
1285 if (parmrk)
1286 put_tty_queue(c, tty);
1287
1288handle_newline:
1289 spin_lock_irqsave(&tty->read_lock, flags);
1290 set_bit(tty->read_head, tty->read_flags);
1291 put_tty_queue_nolock(c, tty);
1292 tty->canon_head = tty->read_head;
1293 tty->canon_data++;
1294 spin_unlock_irqrestore(&tty->read_lock, flags);
1295 kill_fasync(&tty->fasync, SIGIO, POLL_IN);
1296 if (waitqueue_active(&tty->read_wait))
1297 wake_up_interruptible(&tty->read_wait);
1298 return;
1299 }
1300 }
1301
1302 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty)) ? 1 : 0;
1303 if (tty->read_cnt >= (N_TTY_BUF_SIZE - parmrk - 1)) {
1304 /* beep if no space */
1305 if (L_ECHO(tty))
1306 process_output('\a', tty);
1307 return;
1308 }
1309 if (L_ECHO(tty)) {
1310 finish_erasing(tty);
1311 if (c == '\n')
1312 echo_char_raw('\n', tty);
1313 else {
1314 /* Record the column of first canon char. */
1315 if (tty->canon_head == tty->read_head)
1316 echo_set_canon_col(tty);
1317 echo_char(c, tty);
1318 }
1319 process_echoes(tty);
1320 }
1321
1322 if (parmrk)
1323 put_tty_queue(c, tty);
1324
1325 put_tty_queue(c, tty);
1326}
1327
1328
1329/**
1330 * n_tty_write_wakeup - asynchronous I/O notifier
1331 * @tty: tty device
1332 *
1333 * Required for the ptys, serial driver etc. since processes
1334 * that attach themselves to the master and rely on ASYNC
1335 * IO must be woken up
1336 */
1337
1338static void n_tty_write_wakeup(struct tty_struct *tty)
1339{
1340 if (tty->fasync && test_and_clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags))
1341 kill_fasync(&tty->fasync, SIGIO, POLL_OUT);
1342}
1343
1344/**
1345 * n_tty_receive_buf - data receive
1346 * @tty: terminal device
1347 * @cp: buffer
1348 * @fp: flag buffer
1349 * @count: characters
1350 *
1351 * Called by the terminal driver when a block of characters has
1352 * been received. This function must be called from soft contexts
1353 * not from interrupt context. The driver is responsible for making
1354 * calls one at a time and in order (or using flush_to_ldisc)
1355 */
1356
1357static void n_tty_receive_buf(struct tty_struct *tty, const unsigned char *cp,
1358 char *fp, int count)
1359{
1360 const unsigned char *p;
1361 char *f, flags = TTY_NORMAL;
1362 int i;
1363 char buf[64];
1364 unsigned long cpuflags;
1365
1366 if (!tty->read_buf)
1367 return;
1368
1369 if (tty->real_raw) {
1370 spin_lock_irqsave(&tty->read_lock, cpuflags);
1371 i = min(N_TTY_BUF_SIZE - tty->read_cnt,
1372 N_TTY_BUF_SIZE - tty->read_head);
1373 i = min(count, i);
1374 memcpy(tty->read_buf + tty->read_head, cp, i);
1375 tty->read_head = (tty->read_head + i) & (N_TTY_BUF_SIZE-1);
1376 tty->read_cnt += i;
1377 cp += i;
1378 count -= i;
1379
1380 i = min(N_TTY_BUF_SIZE - tty->read_cnt,
1381 N_TTY_BUF_SIZE - tty->read_head);
1382 i = min(count, i);
1383 memcpy(tty->read_buf + tty->read_head, cp, i);
1384 tty->read_head = (tty->read_head + i) & (N_TTY_BUF_SIZE-1);
1385 tty->read_cnt += i;
1386 spin_unlock_irqrestore(&tty->read_lock, cpuflags);
1387 } else {
1388 for (i = count, p = cp, f = fp; i; i--, p++) {
1389 if (f)
1390 flags = *f++;
1391 switch (flags) {
1392 case TTY_NORMAL:
1393 n_tty_receive_char(tty, *p);
1394 break;
1395 case TTY_BREAK:
1396 n_tty_receive_break(tty);
1397 break;
1398 case TTY_PARITY:
1399 case TTY_FRAME:
1400 n_tty_receive_parity_error(tty, *p);
1401 break;
1402 case TTY_OVERRUN:
1403 n_tty_receive_overrun(tty);
1404 break;
1405 default:
1406 printk(KERN_ERR "%s: unknown flag %d\n",
1407 tty_name(tty, buf), flags);
1408 break;
1409 }
1410 }
1411 if (tty->ops->flush_chars)
1412 tty->ops->flush_chars(tty);
1413 }
1414
1415 n_tty_set_room(tty);
1416
1417 if ((!tty->icanon && (tty->read_cnt >= tty->minimum_to_wake)) ||
1418 L_EXTPROC(tty)) {
1419 kill_fasync(&tty->fasync, SIGIO, POLL_IN);
1420 if (waitqueue_active(&tty->read_wait))
1421 wake_up_interruptible(&tty->read_wait);
1422 }
1423
1424 /*
1425 * Check the remaining room for the input canonicalization
1426 * mode. We don't want to throttle the driver if we're in
1427 * canonical mode and don't have a newline yet!
1428 */
1429 if (tty->receive_room < TTY_THRESHOLD_THROTTLE)
1430 tty_throttle(tty);
1431}
1432
1433int is_ignored(int sig)
1434{
1435 return (sigismember(&current->blocked, sig) ||
1436 current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
1437}
1438
1439/**
1440 * n_tty_set_termios - termios data changed
1441 * @tty: terminal
1442 * @old: previous data
1443 *
1444 * Called by the tty layer when the user changes termios flags so
1445 * that the line discipline can plan ahead. This function cannot sleep
1446 * and is protected from re-entry by the tty layer. The user is
1447 * guaranteed that this function will not be re-entered or in progress
1448 * when the ldisc is closed.
1449 *
1450 * Locking: Caller holds tty->termios_mutex
1451 */
1452
1453static void n_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
1454{
1455 int canon_change = 1;
1456 BUG_ON(!tty);
1457
1458 if (old)
1459 canon_change = (old->c_lflag ^ tty->termios->c_lflag) & ICANON;
1460 if (canon_change) {
1461 memset(&tty->read_flags, 0, sizeof tty->read_flags);
1462 tty->canon_head = tty->read_tail;
1463 tty->canon_data = 0;
1464 tty->erasing = 0;
1465 }
1466
1467 if (canon_change && !L_ICANON(tty) && tty->read_cnt)
1468 wake_up_interruptible(&tty->read_wait);
1469
1470 tty->icanon = (L_ICANON(tty) != 0);
1471 if (test_bit(TTY_HW_COOK_IN, &tty->flags)) {
1472 tty->raw = 1;
1473 tty->real_raw = 1;
1474 n_tty_set_room(tty);
1475 return;
1476 }
1477 if (I_ISTRIP(tty) || I_IUCLC(tty) || I_IGNCR(tty) ||
1478 I_ICRNL(tty) || I_INLCR(tty) || L_ICANON(tty) ||
1479 I_IXON(tty) || L_ISIG(tty) || L_ECHO(tty) ||
1480 I_PARMRK(tty)) {
1481 memset(tty->process_char_map, 0, 256/8);
1482
1483 if (I_IGNCR(tty) || I_ICRNL(tty))
1484 set_bit('\r', tty->process_char_map);
1485 if (I_INLCR(tty))
1486 set_bit('\n', tty->process_char_map);
1487
1488 if (L_ICANON(tty)) {
1489 set_bit(ERASE_CHAR(tty), tty->process_char_map);
1490 set_bit(KILL_CHAR(tty), tty->process_char_map);
1491 set_bit(EOF_CHAR(tty), tty->process_char_map);
1492 set_bit('\n', tty->process_char_map);
1493 set_bit(EOL_CHAR(tty), tty->process_char_map);
1494 if (L_IEXTEN(tty)) {
1495 set_bit(WERASE_CHAR(tty),
1496 tty->process_char_map);
1497 set_bit(LNEXT_CHAR(tty),
1498 tty->process_char_map);
1499 set_bit(EOL2_CHAR(tty),
1500 tty->process_char_map);
1501 if (L_ECHO(tty))
1502 set_bit(REPRINT_CHAR(tty),
1503 tty->process_char_map);
1504 }
1505 }
1506 if (I_IXON(tty)) {
1507 set_bit(START_CHAR(tty), tty->process_char_map);
1508 set_bit(STOP_CHAR(tty), tty->process_char_map);
1509 }
1510 if (L_ISIG(tty)) {
1511 set_bit(INTR_CHAR(tty), tty->process_char_map);
1512 set_bit(QUIT_CHAR(tty), tty->process_char_map);
1513 set_bit(SUSP_CHAR(tty), tty->process_char_map);
1514 }
1515 clear_bit(__DISABLED_CHAR, tty->process_char_map);
1516 tty->raw = 0;
1517 tty->real_raw = 0;
1518 } else {
1519 tty->raw = 1;
1520 if ((I_IGNBRK(tty) || (!I_BRKINT(tty) && !I_PARMRK(tty))) &&
1521 (I_IGNPAR(tty) || !I_INPCK(tty)) &&
1522 (tty->driver->flags & TTY_DRIVER_REAL_RAW))
1523 tty->real_raw = 1;
1524 else
1525 tty->real_raw = 0;
1526 }
1527 n_tty_set_room(tty);
1528 /* The termios change make the tty ready for I/O */
1529 wake_up_interruptible(&tty->write_wait);
1530 wake_up_interruptible(&tty->read_wait);
1531}
1532
1533/**
1534 * n_tty_close - close the ldisc for this tty
1535 * @tty: device
1536 *
1537 * Called from the terminal layer when this line discipline is
1538 * being shut down, either because of a close or becsuse of a
1539 * discipline change. The function will not be called while other
1540 * ldisc methods are in progress.
1541 */
1542
1543static void n_tty_close(struct tty_struct *tty)
1544{
1545 n_tty_flush_buffer(tty);
1546 if (tty->read_buf) {
1547 kfree(tty->read_buf);
1548 tty->read_buf = NULL;
1549 }
1550 if (tty->echo_buf) {
1551 kfree(tty->echo_buf);
1552 tty->echo_buf = NULL;
1553 }
1554}
1555
1556/**
1557 * n_tty_open - open an ldisc
1558 * @tty: terminal to open
1559 *
1560 * Called when this line discipline is being attached to the
1561 * terminal device. Can sleep. Called serialized so that no
1562 * other events will occur in parallel. No further open will occur
1563 * until a close.
1564 */
1565
1566static int n_tty_open(struct tty_struct *tty)
1567{
1568 if (!tty)
1569 return -EINVAL;
1570
1571 /* These are ugly. Currently a malloc failure here can panic */
1572 if (!tty->read_buf) {
1573 tty->read_buf = kzalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
1574 if (!tty->read_buf)
1575 return -ENOMEM;
1576 }
1577 if (!tty->echo_buf) {
1578 tty->echo_buf = kzalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
1579
1580 if (!tty->echo_buf)
1581 return -ENOMEM;
1582 }
1583 reset_buffer_flags(tty);
1584 tty->column = 0;
1585 n_tty_set_termios(tty, NULL);
1586 tty->minimum_to_wake = 1;
1587 tty->closing = 0;
1588 return 0;
1589}
1590
1591static inline int input_available_p(struct tty_struct *tty, int amt)
1592{
1593 tty_flush_to_ldisc(tty);
1594 if (tty->icanon && !L_EXTPROC(tty)) {
1595 if (tty->canon_data)
1596 return 1;
1597 } else if (tty->read_cnt >= (amt ? amt : 1))
1598 return 1;
1599
1600 return 0;
1601}
1602
1603/**
1604 * copy_from_read_buf - copy read data directly
1605 * @tty: terminal device
1606 * @b: user data
1607 * @nr: size of data
1608 *
1609 * Helper function to speed up n_tty_read. It is only called when
1610 * ICANON is off; it copies characters straight from the tty queue to
1611 * user space directly. It can be profitably called twice; once to
1612 * drain the space from the tail pointer to the (physical) end of the
1613 * buffer, and once to drain the space from the (physical) beginning of
1614 * the buffer to head pointer.
1615 *
1616 * Called under the tty->atomic_read_lock sem
1617 *
1618 */
1619
1620static int copy_from_read_buf(struct tty_struct *tty,
1621 unsigned char __user **b,
1622 size_t *nr)
1623
1624{
1625 int retval;
1626 size_t n;
1627 unsigned long flags;
1628
1629 retval = 0;
1630 spin_lock_irqsave(&tty->read_lock, flags);
1631 n = min(tty->read_cnt, N_TTY_BUF_SIZE - tty->read_tail);
1632 n = min(*nr, n);
1633 spin_unlock_irqrestore(&tty->read_lock, flags);
1634 if (n) {
1635 retval = copy_to_user(*b, &tty->read_buf[tty->read_tail], n);
1636 n -= retval;
1637 tty_audit_add_data(tty, &tty->read_buf[tty->read_tail], n);
1638 spin_lock_irqsave(&tty->read_lock, flags);
1639 tty->read_tail = (tty->read_tail + n) & (N_TTY_BUF_SIZE-1);
1640 tty->read_cnt -= n;
1641 /* Turn single EOF into zero-length read */
1642 if (L_EXTPROC(tty) && tty->icanon && n == 1) {
1643 if (!tty->read_cnt && (*b)[n-1] == EOF_CHAR(tty))
1644 n--;
1645 }
1646 spin_unlock_irqrestore(&tty->read_lock, flags);
1647 *b += n;
1648 *nr -= n;
1649 }
1650 return retval;
1651}
1652
1653extern ssize_t redirected_tty_write(struct file *, const char __user *,
1654 size_t, loff_t *);
1655
1656/**
1657 * job_control - check job control
1658 * @tty: tty
1659 * @file: file handle
1660 *
1661 * Perform job control management checks on this file/tty descriptor
1662 * and if appropriate send any needed signals and return a negative
1663 * error code if action should be taken.
1664 *
1665 * FIXME:
1666 * Locking: None - redirected write test is safe, testing
1667 * current->signal should possibly lock current->sighand
1668 * pgrp locking ?
1669 */
1670
1671static int job_control(struct tty_struct *tty, struct file *file)
1672{
1673 /* Job control check -- must be done at start and after
1674 every sleep (POSIX.1 7.1.1.4). */
1675 /* NOTE: not yet done after every sleep pending a thorough
1676 check of the logic of this change. -- jlc */
1677 /* don't stop on /dev/console */
1678 if (file->f_op->write != redirected_tty_write &&
1679 current->signal->tty == tty) {
1680 if (!tty->pgrp)
1681 printk(KERN_ERR "n_tty_read: no tty->pgrp!\n");
1682 else if (task_pgrp(current) != tty->pgrp) {
1683 if (is_ignored(SIGTTIN) ||
1684 is_current_pgrp_orphaned())
1685 return -EIO;
1686 kill_pgrp(task_pgrp(current), SIGTTIN, 1);
1687 set_thread_flag(TIF_SIGPENDING);
1688 return -ERESTARTSYS;
1689 }
1690 }
1691 return 0;
1692}
1693
1694
1695/**
1696 * n_tty_read - read function for tty
1697 * @tty: tty device
1698 * @file: file object
1699 * @buf: userspace buffer pointer
1700 * @nr: size of I/O
1701 *
1702 * Perform reads for the line discipline. We are guaranteed that the
1703 * line discipline will not be closed under us but we may get multiple
1704 * parallel readers and must handle this ourselves. We may also get
1705 * a hangup. Always called in user context, may sleep.
1706 *
1707 * This code must be sure never to sleep through a hangup.
1708 */
1709
1710static ssize_t n_tty_read(struct tty_struct *tty, struct file *file,
1711 unsigned char __user *buf, size_t nr)
1712{
1713 unsigned char __user *b = buf;
1714 DECLARE_WAITQUEUE(wait, current);
1715 int c;
1716 int minimum, time;
1717 ssize_t retval = 0;
1718 ssize_t size;
1719 long timeout;
1720 unsigned long flags;
1721 int packet;
1722
1723do_it_again:
1724
1725 BUG_ON(!tty->read_buf);
1726
1727 c = job_control(tty, file);
1728 if (c < 0)
1729 return c;
1730
1731 minimum = time = 0;
1732 timeout = MAX_SCHEDULE_TIMEOUT;
1733 if (!tty->icanon) {
1734 time = (HZ / 10) * TIME_CHAR(tty);
1735 minimum = MIN_CHAR(tty);
1736 if (minimum) {
1737 if (time)
1738 tty->minimum_to_wake = 1;
1739 else if (!waitqueue_active(&tty->read_wait) ||
1740 (tty->minimum_to_wake > minimum))
1741 tty->minimum_to_wake = minimum;
1742 } else {
1743 timeout = 0;
1744 if (time) {
1745 timeout = time;
1746 time = 0;
1747 }
1748 tty->minimum_to_wake = minimum = 1;
1749 }
1750 }
1751
1752 /*
1753 * Internal serialization of reads.
1754 */
1755 if (file->f_flags & O_NONBLOCK) {
1756 if (!mutex_trylock(&tty->atomic_read_lock))
1757 return -EAGAIN;
1758 } else {
1759 if (mutex_lock_interruptible(&tty->atomic_read_lock))
1760 return -ERESTARTSYS;
1761 }
1762 packet = tty->packet;
1763
1764 add_wait_queue(&tty->read_wait, &wait);
1765 while (nr) {
1766 /* First test for status change. */
1767 if (packet && tty->link->ctrl_status) {
1768 unsigned char cs;
1769 if (b != buf)
1770 break;
1771 spin_lock_irqsave(&tty->link->ctrl_lock, flags);
1772 cs = tty->link->ctrl_status;
1773 tty->link->ctrl_status = 0;
1774 spin_unlock_irqrestore(&tty->link->ctrl_lock, flags);
1775 if (tty_put_user(tty, cs, b++)) {
1776 retval = -EFAULT;
1777 b--;
1778 break;
1779 }
1780 nr--;
1781 break;
1782 }
1783 /* This statement must be first before checking for input
1784 so that any interrupt will set the state back to
1785 TASK_RUNNING. */
1786 set_current_state(TASK_INTERRUPTIBLE);
1787
1788 if (((minimum - (b - buf)) < tty->minimum_to_wake) &&
1789 ((minimum - (b - buf)) >= 1))
1790 tty->minimum_to_wake = (minimum - (b - buf));
1791
1792 if (!input_available_p(tty, 0)) {
1793 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) {
1794 retval = -EIO;
1795 break;
1796 }
1797 if (tty_hung_up_p(file))
1798 break;
1799 if (!timeout)
1800 break;
1801 if (file->f_flags & O_NONBLOCK) {
1802 retval = -EAGAIN;
1803 break;
1804 }
1805 if (signal_pending(current)) {
1806 retval = -ERESTARTSYS;
1807 break;
1808 }
1809 /* FIXME: does n_tty_set_room need locking ? */
1810 n_tty_set_room(tty);
1811 timeout = schedule_timeout(timeout);
1812 continue;
1813 }
1814 __set_current_state(TASK_RUNNING);
1815
1816 /* Deal with packet mode. */
1817 if (packet && b == buf) {
1818 if (tty_put_user(tty, TIOCPKT_DATA, b++)) {
1819 retval = -EFAULT;
1820 b--;
1821 break;
1822 }
1823 nr--;
1824 }
1825
1826 if (tty->icanon && !L_EXTPROC(tty)) {
1827 /* N.B. avoid overrun if nr == 0 */
1828 while (nr && tty->read_cnt) {
1829 int eol;
1830
1831 eol = test_and_clear_bit(tty->read_tail,
1832 tty->read_flags);
1833 c = tty->read_buf[tty->read_tail];
1834 spin_lock_irqsave(&tty->read_lock, flags);
1835 tty->read_tail = ((tty->read_tail+1) &
1836 (N_TTY_BUF_SIZE-1));
1837 tty->read_cnt--;
1838 if (eol) {
1839 /* this test should be redundant:
1840 * we shouldn't be reading data if
1841 * canon_data is 0
1842 */
1843 if (--tty->canon_data < 0)
1844 tty->canon_data = 0;
1845 }
1846 spin_unlock_irqrestore(&tty->read_lock, flags);
1847
1848 if (!eol || (c != __DISABLED_CHAR)) {
1849 if (tty_put_user(tty, c, b++)) {
1850 retval = -EFAULT;
1851 b--;
1852 break;
1853 }
1854 nr--;
1855 }
1856 if (eol) {
1857 tty_audit_push(tty);
1858 break;
1859 }
1860 }
1861 if (retval)
1862 break;
1863 } else {
1864 int uncopied;
1865 /* The copy function takes the read lock and handles
1866 locking internally for this case */
1867 uncopied = copy_from_read_buf(tty, &b, &nr);
1868 uncopied += copy_from_read_buf(tty, &b, &nr);
1869 if (uncopied) {
1870 retval = -EFAULT;
1871 break;
1872 }
1873 }
1874
1875 /* If there is enough space in the read buffer now, let the
1876 * low-level driver know. We use n_tty_chars_in_buffer() to
1877 * check the buffer, as it now knows about canonical mode.
1878 * Otherwise, if the driver is throttled and the line is
1879 * longer than TTY_THRESHOLD_UNTHROTTLE in canonical mode,
1880 * we won't get any more characters.
1881 */
1882 if (n_tty_chars_in_buffer(tty) <= TTY_THRESHOLD_UNTHROTTLE) {
1883 n_tty_set_room(tty);
1884 check_unthrottle(tty);
1885 }
1886
1887 if (b - buf >= minimum)
1888 break;
1889 if (time)
1890 timeout = time;
1891 }
1892 mutex_unlock(&tty->atomic_read_lock);
1893 remove_wait_queue(&tty->read_wait, &wait);
1894
1895 if (!waitqueue_active(&tty->read_wait))
1896 tty->minimum_to_wake = minimum;
1897
1898 __set_current_state(TASK_RUNNING);
1899 size = b - buf;
1900 if (size) {
1901 retval = size;
1902 if (nr)
1903 clear_bit(TTY_PUSH, &tty->flags);
1904 } else if (test_and_clear_bit(TTY_PUSH, &tty->flags))
1905 goto do_it_again;
1906
1907 n_tty_set_room(tty);
1908 return retval;
1909}
1910
1911/**
1912 * n_tty_write - write function for tty
1913 * @tty: tty device
1914 * @file: file object
1915 * @buf: userspace buffer pointer
1916 * @nr: size of I/O
1917 *
1918 * Write function of the terminal device. This is serialized with
1919 * respect to other write callers but not to termios changes, reads
1920 * and other such events. Since the receive code will echo characters,
1921 * thus calling driver write methods, the output_lock is used in
1922 * the output processing functions called here as well as in the
1923 * echo processing function to protect the column state and space
1924 * left in the buffer.
1925 *
1926 * This code must be sure never to sleep through a hangup.
1927 *
1928 * Locking: output_lock to protect column state and space left
1929 * (note that the process_output*() functions take this
1930 * lock themselves)
1931 */
1932
1933static ssize_t n_tty_write(struct tty_struct *tty, struct file *file,
1934 const unsigned char *buf, size_t nr)
1935{
1936 const unsigned char *b = buf;
1937 DECLARE_WAITQUEUE(wait, current);
1938 int c;
1939 ssize_t retval = 0;
1940
1941 /* Job control check -- must be done at start (POSIX.1 7.1.1.4). */
1942 if (L_TOSTOP(tty) && file->f_op->write != redirected_tty_write) {
1943 retval = tty_check_change(tty);
1944 if (retval)
1945 return retval;
1946 }
1947
1948 /* Write out any echoed characters that are still pending */
1949 process_echoes(tty);
1950
1951 add_wait_queue(&tty->write_wait, &wait);
1952 while (1) {
1953 set_current_state(TASK_INTERRUPTIBLE);
1954 if (signal_pending(current)) {
1955 retval = -ERESTARTSYS;
1956 break;
1957 }
1958 if (tty_hung_up_p(file) || (tty->link && !tty->link->count)) {
1959 retval = -EIO;
1960 break;
1961 }
1962 if (O_OPOST(tty) && !(test_bit(TTY_HW_COOK_OUT, &tty->flags))) {
1963 while (nr > 0) {
1964 ssize_t num = process_output_block(tty, b, nr);
1965 if (num < 0) {
1966 if (num == -EAGAIN)
1967 break;
1968 retval = num;
1969 goto break_out;
1970 }
1971 b += num;
1972 nr -= num;
1973 if (nr == 0)
1974 break;
1975 c = *b;
1976 if (process_output(c, tty) < 0)
1977 break;
1978 b++; nr--;
1979 }
1980 if (tty->ops->flush_chars)
1981 tty->ops->flush_chars(tty);
1982 } else {
1983 while (nr > 0) {
1984 c = tty->ops->write(tty, b, nr);
1985 if (c < 0) {
1986 retval = c;
1987 goto break_out;
1988 }
1989 if (!c)
1990 break;
1991 b += c;
1992 nr -= c;
1993 }
1994 }
1995 if (!nr)
1996 break;
1997 if (file->f_flags & O_NONBLOCK) {
1998 retval = -EAGAIN;
1999 break;
2000 }
2001 schedule();
2002 }
2003break_out:
2004 __set_current_state(TASK_RUNNING);
2005 remove_wait_queue(&tty->write_wait, &wait);
2006 if (b - buf != nr && tty->fasync)
2007 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2008 return (b - buf) ? b - buf : retval;
2009}
2010
2011/**
2012 * n_tty_poll - poll method for N_TTY
2013 * @tty: terminal device
2014 * @file: file accessing it
2015 * @wait: poll table
2016 *
2017 * Called when the line discipline is asked to poll() for data or
2018 * for special events. This code is not serialized with respect to
2019 * other events save open/close.
2020 *
2021 * This code must be sure never to sleep through a hangup.
2022 * Called without the kernel lock held - fine
2023 */
2024
2025static unsigned int n_tty_poll(struct tty_struct *tty, struct file *file,
2026 poll_table *wait)
2027{
2028 unsigned int mask = 0;
2029
2030 poll_wait(file, &tty->read_wait, wait);
2031 poll_wait(file, &tty->write_wait, wait);
2032 if (input_available_p(tty, TIME_CHAR(tty) ? 0 : MIN_CHAR(tty)))
2033 mask |= POLLIN | POLLRDNORM;
2034 if (tty->packet && tty->link->ctrl_status)
2035 mask |= POLLPRI | POLLIN | POLLRDNORM;
2036 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
2037 mask |= POLLHUP;
2038 if (tty_hung_up_p(file))
2039 mask |= POLLHUP;
2040 if (!(mask & (POLLHUP | POLLIN | POLLRDNORM))) {
2041 if (MIN_CHAR(tty) && !TIME_CHAR(tty))
2042 tty->minimum_to_wake = MIN_CHAR(tty);
2043 else
2044 tty->minimum_to_wake = 1;
2045 }
2046 if (tty->ops->write && !tty_is_writelocked(tty) &&
2047 tty_chars_in_buffer(tty) < WAKEUP_CHARS &&
2048 tty_write_room(tty) > 0)
2049 mask |= POLLOUT | POLLWRNORM;
2050 return mask;
2051}
2052
2053static unsigned long inq_canon(struct tty_struct *tty)
2054{
2055 int nr, head, tail;
2056
2057 if (!tty->canon_data)
2058 return 0;
2059 head = tty->canon_head;
2060 tail = tty->read_tail;
2061 nr = (head - tail) & (N_TTY_BUF_SIZE-1);
2062 /* Skip EOF-chars.. */
2063 while (head != tail) {
2064 if (test_bit(tail, tty->read_flags) &&
2065 tty->read_buf[tail] == __DISABLED_CHAR)
2066 nr--;
2067 tail = (tail+1) & (N_TTY_BUF_SIZE-1);
2068 }
2069 return nr;
2070}
2071
2072static int n_tty_ioctl(struct tty_struct *tty, struct file *file,
2073 unsigned int cmd, unsigned long arg)
2074{
2075 int retval;
2076
2077 switch (cmd) {
2078 case TIOCOUTQ:
2079 return put_user(tty_chars_in_buffer(tty), (int __user *) arg);
2080 case TIOCINQ:
2081 /* FIXME: Locking */
2082 retval = tty->read_cnt;
2083 if (L_ICANON(tty))
2084 retval = inq_canon(tty);
2085 return put_user(retval, (unsigned int __user *) arg);
2086 default:
2087 return n_tty_ioctl_helper(tty, file, cmd, arg);
2088 }
2089}
2090
2091struct tty_ldisc_ops tty_ldisc_N_TTY = {
2092 .magic = TTY_LDISC_MAGIC,
2093 .name = "n_tty",
2094 .open = n_tty_open,
2095 .close = n_tty_close,
2096 .flush_buffer = n_tty_flush_buffer,
2097 .chars_in_buffer = n_tty_chars_in_buffer,
2098 .read = n_tty_read,
2099 .write = n_tty_write,
2100 .ioctl = n_tty_ioctl,
2101 .set_termios = n_tty_set_termios,
2102 .poll = n_tty_poll,
2103 .receive_buf = n_tty_receive_buf,
2104 .write_wakeup = n_tty_write_wakeup
2105};
2106
2107/**
2108 * n_tty_inherit_ops - inherit N_TTY methods
2109 * @ops: struct tty_ldisc_ops where to save N_TTY methods
2110 *
2111 * Used by a generic struct tty_ldisc_ops to easily inherit N_TTY
2112 * methods.
2113 */
2114
2115void n_tty_inherit_ops(struct tty_ldisc_ops *ops)
2116{
2117 *ops = tty_ldisc_N_TTY;
2118 ops->owner = NULL;
2119 ops->refcount = ops->flags = 0;
2120}
2121EXPORT_SYMBOL_GPL(n_tty_inherit_ops);
diff --git a/drivers/char/pty.c b/drivers/char/pty.c
deleted file mode 100644
index 923a4858550..00000000000
--- a/drivers/char/pty.c
+++ /dev/null
@@ -1,777 +0,0 @@
1/*
2 * linux/drivers/char/pty.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 *
6 * Added support for a Unix98-style ptmx device.
7 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
8 *
9 * When reading this code see also fs/devpts. In particular note that the
10 * driver_data field is used by the devpts side as a binding to the devpts
11 * inode.
12 */
13
14#include <linux/module.h>
15
16#include <linux/errno.h>
17#include <linux/interrupt.h>
18#include <linux/tty.h>
19#include <linux/tty_flip.h>
20#include <linux/fcntl.h>
21#include <linux/sched.h>
22#include <linux/string.h>
23#include <linux/major.h>
24#include <linux/mm.h>
25#include <linux/init.h>
26#include <linux/smp_lock.h>
27#include <linux/sysctl.h>
28#include <linux/device.h>
29#include <linux/uaccess.h>
30#include <linux/bitops.h>
31#include <linux/devpts_fs.h>
32#include <linux/slab.h>
33
34#include <asm/system.h>
35
36#ifdef CONFIG_UNIX98_PTYS
37static struct tty_driver *ptm_driver;
38static struct tty_driver *pts_driver;
39#endif
40
41static void pty_close(struct tty_struct *tty, struct file *filp)
42{
43 BUG_ON(!tty);
44 if (tty->driver->subtype == PTY_TYPE_MASTER)
45 WARN_ON(tty->count > 1);
46 else {
47 if (tty->count > 2)
48 return;
49 }
50 wake_up_interruptible(&tty->read_wait);
51 wake_up_interruptible(&tty->write_wait);
52 tty->packet = 0;
53 if (!tty->link)
54 return;
55 tty->link->packet = 0;
56 set_bit(TTY_OTHER_CLOSED, &tty->link->flags);
57 wake_up_interruptible(&tty->link->read_wait);
58 wake_up_interruptible(&tty->link->write_wait);
59 if (tty->driver->subtype == PTY_TYPE_MASTER) {
60 set_bit(TTY_OTHER_CLOSED, &tty->flags);
61#ifdef CONFIG_UNIX98_PTYS
62 if (tty->driver == ptm_driver)
63 devpts_pty_kill(tty->link);
64#endif
65 tty_unlock();
66 tty_vhangup(tty->link);
67 tty_lock();
68 }
69}
70
71/*
72 * The unthrottle routine is called by the line discipline to signal
73 * that it can receive more characters. For PTY's, the TTY_THROTTLED
74 * flag is always set, to force the line discipline to always call the
75 * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE
76 * characters in the queue. This is necessary since each time this
77 * happens, we need to wake up any sleeping processes that could be
78 * (1) trying to send data to the pty, or (2) waiting in wait_until_sent()
79 * for the pty buffer to be drained.
80 */
81static void pty_unthrottle(struct tty_struct *tty)
82{
83 tty_wakeup(tty->link);
84 set_bit(TTY_THROTTLED, &tty->flags);
85}
86
87/**
88 * pty_space - report space left for writing
89 * @to: tty we are writing into
90 *
91 * The tty buffers allow 64K but we sneak a peak and clip at 8K this
92 * allows a lot of overspill room for echo and other fun messes to
93 * be handled properly
94 */
95
96static int pty_space(struct tty_struct *to)
97{
98 int n = 8192 - to->buf.memory_used;
99 if (n < 0)
100 return 0;
101 return n;
102}
103
104/**
105 * pty_write - write to a pty
106 * @tty: the tty we write from
107 * @buf: kernel buffer of data
108 * @count: bytes to write
109 *
110 * Our "hardware" write method. Data is coming from the ldisc which
111 * may be in a non sleeping state. We simply throw this at the other
112 * end of the link as if we were an IRQ handler receiving stuff for
113 * the other side of the pty/tty pair.
114 */
115
116static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c)
117{
118 struct tty_struct *to = tty->link;
119
120 if (tty->stopped)
121 return 0;
122
123 if (c > 0) {
124 /* Stuff the data into the input queue of the other end */
125 c = tty_insert_flip_string(to, buf, c);
126 /* And shovel */
127 if (c) {
128 tty_flip_buffer_push(to);
129 tty_wakeup(tty);
130 }
131 }
132 return c;
133}
134
135/**
136 * pty_write_room - write space
137 * @tty: tty we are writing from
138 *
139 * Report how many bytes the ldisc can send into the queue for
140 * the other device.
141 */
142
143static int pty_write_room(struct tty_struct *tty)
144{
145 if (tty->stopped)
146 return 0;
147 return pty_space(tty->link);
148}
149
150/**
151 * pty_chars_in_buffer - characters currently in our tx queue
152 * @tty: our tty
153 *
154 * Report how much we have in the transmit queue. As everything is
155 * instantly at the other end this is easy to implement.
156 */
157
158static int pty_chars_in_buffer(struct tty_struct *tty)
159{
160 return 0;
161}
162
163/* Set the lock flag on a pty */
164static int pty_set_lock(struct tty_struct *tty, int __user *arg)
165{
166 int val;
167 if (get_user(val, arg))
168 return -EFAULT;
169 if (val)
170 set_bit(TTY_PTY_LOCK, &tty->flags);
171 else
172 clear_bit(TTY_PTY_LOCK, &tty->flags);
173 return 0;
174}
175
176/* Send a signal to the slave */
177static int pty_signal(struct tty_struct *tty, int sig)
178{
179 unsigned long flags;
180 struct pid *pgrp;
181
182 if (tty->link) {
183 spin_lock_irqsave(&tty->link->ctrl_lock, flags);
184 pgrp = get_pid(tty->link->pgrp);
185 spin_unlock_irqrestore(&tty->link->ctrl_lock, flags);
186
187 kill_pgrp(pgrp, sig, 1);
188 put_pid(pgrp);
189 }
190 return 0;
191}
192
193static void pty_flush_buffer(struct tty_struct *tty)
194{
195 struct tty_struct *to = tty->link;
196 unsigned long flags;
197
198 if (!to)
199 return;
200 /* tty_buffer_flush(to); FIXME */
201 if (to->packet) {
202 spin_lock_irqsave(&tty->ctrl_lock, flags);
203 tty->ctrl_status |= TIOCPKT_FLUSHWRITE;
204 wake_up_interruptible(&to->read_wait);
205 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
206 }
207}
208
209static int pty_open(struct tty_struct *tty, struct file *filp)
210{
211 int retval = -ENODEV;
212
213 if (!tty || !tty->link)
214 goto out;
215
216 retval = -EIO;
217 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
218 goto out;
219 if (test_bit(TTY_PTY_LOCK, &tty->link->flags))
220 goto out;
221 if (tty->link->count != 1)
222 goto out;
223
224 clear_bit(TTY_OTHER_CLOSED, &tty->link->flags);
225 set_bit(TTY_THROTTLED, &tty->flags);
226 retval = 0;
227out:
228 return retval;
229}
230
231static void pty_set_termios(struct tty_struct *tty,
232 struct ktermios *old_termios)
233{
234 tty->termios->c_cflag &= ~(CSIZE | PARENB);
235 tty->termios->c_cflag |= (CS8 | CREAD);
236}
237
238/**
239 * pty_do_resize - resize event
240 * @tty: tty being resized
241 * @ws: window size being set.
242 *
243 * Update the termios variables and send the necessary signals to
244 * peform a terminal resize correctly
245 */
246
247int pty_resize(struct tty_struct *tty, struct winsize *ws)
248{
249 struct pid *pgrp, *rpgrp;
250 unsigned long flags;
251 struct tty_struct *pty = tty->link;
252
253 /* For a PTY we need to lock the tty side */
254 mutex_lock(&tty->termios_mutex);
255 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
256 goto done;
257
258 /* Get the PID values and reference them so we can
259 avoid holding the tty ctrl lock while sending signals.
260 We need to lock these individually however. */
261
262 spin_lock_irqsave(&tty->ctrl_lock, flags);
263 pgrp = get_pid(tty->pgrp);
264 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
265
266 spin_lock_irqsave(&pty->ctrl_lock, flags);
267 rpgrp = get_pid(pty->pgrp);
268 spin_unlock_irqrestore(&pty->ctrl_lock, flags);
269
270 if (pgrp)
271 kill_pgrp(pgrp, SIGWINCH, 1);
272 if (rpgrp != pgrp && rpgrp)
273 kill_pgrp(rpgrp, SIGWINCH, 1);
274
275 put_pid(pgrp);
276 put_pid(rpgrp);
277
278 tty->winsize = *ws;
279 pty->winsize = *ws; /* Never used so will go away soon */
280done:
281 mutex_unlock(&tty->termios_mutex);
282 return 0;
283}
284
285/* Traditional BSD devices */
286#ifdef CONFIG_LEGACY_PTYS
287
288static int pty_install(struct tty_driver *driver, struct tty_struct *tty)
289{
290 struct tty_struct *o_tty;
291 int idx = tty->index;
292 int retval;
293
294 o_tty = alloc_tty_struct();
295 if (!o_tty)
296 return -ENOMEM;
297 if (!try_module_get(driver->other->owner)) {
298 /* This cannot in fact currently happen */
299 free_tty_struct(o_tty);
300 return -ENOMEM;
301 }
302 initialize_tty_struct(o_tty, driver->other, idx);
303
304 /* We always use new tty termios data so we can do this
305 the easy way .. */
306 retval = tty_init_termios(tty);
307 if (retval)
308 goto free_mem_out;
309
310 retval = tty_init_termios(o_tty);
311 if (retval) {
312 tty_free_termios(tty);
313 goto free_mem_out;
314 }
315
316 /*
317 * Everything allocated ... set up the o_tty structure.
318 */
319 driver->other->ttys[idx] = o_tty;
320 tty_driver_kref_get(driver->other);
321 if (driver->subtype == PTY_TYPE_MASTER)
322 o_tty->count++;
323 /* Establish the links in both directions */
324 tty->link = o_tty;
325 o_tty->link = tty;
326
327 tty_driver_kref_get(driver);
328 tty->count++;
329 driver->ttys[idx] = tty;
330 return 0;
331free_mem_out:
332 module_put(o_tty->driver->owner);
333 free_tty_struct(o_tty);
334 return -ENOMEM;
335}
336
337static int pty_bsd_ioctl(struct tty_struct *tty, struct file *file,
338 unsigned int cmd, unsigned long arg)
339{
340 switch (cmd) {
341 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */
342 return pty_set_lock(tty, (int __user *) arg);
343 case TIOCSIG: /* Send signal to other side of pty */
344 return pty_signal(tty, (int) arg);
345 }
346 return -ENOIOCTLCMD;
347}
348
349static int legacy_count = CONFIG_LEGACY_PTY_COUNT;
350module_param(legacy_count, int, 0);
351
352/*
353 * The master side of a pty can do TIOCSPTLCK and thus
354 * has pty_bsd_ioctl.
355 */
356static const struct tty_operations master_pty_ops_bsd = {
357 .install = pty_install,
358 .open = pty_open,
359 .close = pty_close,
360 .write = pty_write,
361 .write_room = pty_write_room,
362 .flush_buffer = pty_flush_buffer,
363 .chars_in_buffer = pty_chars_in_buffer,
364 .unthrottle = pty_unthrottle,
365 .set_termios = pty_set_termios,
366 .ioctl = pty_bsd_ioctl,
367 .resize = pty_resize
368};
369
370static const struct tty_operations slave_pty_ops_bsd = {
371 .install = pty_install,
372 .open = pty_open,
373 .close = pty_close,
374 .write = pty_write,
375 .write_room = pty_write_room,
376 .flush_buffer = pty_flush_buffer,
377 .chars_in_buffer = pty_chars_in_buffer,
378 .unthrottle = pty_unthrottle,
379 .set_termios = pty_set_termios,
380 .resize = pty_resize
381};
382
383static void __init legacy_pty_init(void)
384{
385 struct tty_driver *pty_driver, *pty_slave_driver;
386
387 if (legacy_count <= 0)
388 return;
389
390 pty_driver = alloc_tty_driver(legacy_count);
391 if (!pty_driver)
392 panic("Couldn't allocate pty driver");
393
394 pty_slave_driver = alloc_tty_driver(legacy_count);
395 if (!pty_slave_driver)
396 panic("Couldn't allocate pty slave driver");
397
398 pty_driver->owner = THIS_MODULE;
399 pty_driver->driver_name = "pty_master";
400 pty_driver->name = "pty";
401 pty_driver->major = PTY_MASTER_MAJOR;
402 pty_driver->minor_start = 0;
403 pty_driver->type = TTY_DRIVER_TYPE_PTY;
404 pty_driver->subtype = PTY_TYPE_MASTER;
405 pty_driver->init_termios = tty_std_termios;
406 pty_driver->init_termios.c_iflag = 0;
407 pty_driver->init_termios.c_oflag = 0;
408 pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
409 pty_driver->init_termios.c_lflag = 0;
410 pty_driver->init_termios.c_ispeed = 38400;
411 pty_driver->init_termios.c_ospeed = 38400;
412 pty_driver->flags = TTY_DRIVER_RESET_TERMIOS | TTY_DRIVER_REAL_RAW;
413 pty_driver->other = pty_slave_driver;
414 tty_set_operations(pty_driver, &master_pty_ops_bsd);
415
416 pty_slave_driver->owner = THIS_MODULE;
417 pty_slave_driver->driver_name = "pty_slave";
418 pty_slave_driver->name = "ttyp";
419 pty_slave_driver->major = PTY_SLAVE_MAJOR;
420 pty_slave_driver->minor_start = 0;
421 pty_slave_driver->type = TTY_DRIVER_TYPE_PTY;
422 pty_slave_driver->subtype = PTY_TYPE_SLAVE;
423 pty_slave_driver->init_termios = tty_std_termios;
424 pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
425 pty_slave_driver->init_termios.c_ispeed = 38400;
426 pty_slave_driver->init_termios.c_ospeed = 38400;
427 pty_slave_driver->flags = TTY_DRIVER_RESET_TERMIOS |
428 TTY_DRIVER_REAL_RAW;
429 pty_slave_driver->other = pty_driver;
430 tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd);
431
432 if (tty_register_driver(pty_driver))
433 panic("Couldn't register pty driver");
434 if (tty_register_driver(pty_slave_driver))
435 panic("Couldn't register pty slave driver");
436}
437#else
438static inline void legacy_pty_init(void) { }
439#endif
440
441/* Unix98 devices */
442#ifdef CONFIG_UNIX98_PTYS
443/*
444 * sysctl support for setting limits on the number of Unix98 ptys allocated.
445 * Otherwise one can eat up all kernel memory by opening /dev/ptmx repeatedly.
446 */
447int pty_limit = NR_UNIX98_PTY_DEFAULT;
448static int pty_limit_min;
449static int pty_limit_max = NR_UNIX98_PTY_MAX;
450static int pty_count;
451
452static struct cdev ptmx_cdev;
453
454static struct ctl_table pty_table[] = {
455 {
456 .procname = "max",
457 .maxlen = sizeof(int),
458 .mode = 0644,
459 .data = &pty_limit,
460 .proc_handler = proc_dointvec_minmax,
461 .extra1 = &pty_limit_min,
462 .extra2 = &pty_limit_max,
463 }, {
464 .procname = "nr",
465 .maxlen = sizeof(int),
466 .mode = 0444,
467 .data = &pty_count,
468 .proc_handler = proc_dointvec,
469 },
470 {}
471};
472
473static struct ctl_table pty_kern_table[] = {
474 {
475 .procname = "pty",
476 .mode = 0555,
477 .child = pty_table,
478 },
479 {}
480};
481
482static struct ctl_table pty_root_table[] = {
483 {
484 .procname = "kernel",
485 .mode = 0555,
486 .child = pty_kern_table,
487 },
488 {}
489};
490
491
492static int pty_unix98_ioctl(struct tty_struct *tty, struct file *file,
493 unsigned int cmd, unsigned long arg)
494{
495 switch (cmd) {
496 case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */
497 return pty_set_lock(tty, (int __user *)arg);
498 case TIOCGPTN: /* Get PT Number */
499 return put_user(tty->index, (unsigned int __user *)arg);
500 case TIOCSIG: /* Send signal to other side of pty */
501 return pty_signal(tty, (int) arg);
502 }
503
504 return -ENOIOCTLCMD;
505}
506
507/**
508 * ptm_unix98_lookup - find a pty master
509 * @driver: ptm driver
510 * @idx: tty index
511 *
512 * Look up a pty master device. Called under the tty_mutex for now.
513 * This provides our locking.
514 */
515
516static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver,
517 struct inode *ptm_inode, int idx)
518{
519 struct tty_struct *tty = devpts_get_tty(ptm_inode, idx);
520 if (tty)
521 tty = tty->link;
522 return tty;
523}
524
525/**
526 * pts_unix98_lookup - find a pty slave
527 * @driver: pts driver
528 * @idx: tty index
529 *
530 * Look up a pty master device. Called under the tty_mutex for now.
531 * This provides our locking.
532 */
533
534static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver,
535 struct inode *pts_inode, int idx)
536{
537 struct tty_struct *tty = devpts_get_tty(pts_inode, idx);
538 /* Master must be open before slave */
539 if (!tty)
540 return ERR_PTR(-EIO);
541 return tty;
542}
543
544static void pty_unix98_shutdown(struct tty_struct *tty)
545{
546 /* We have our own method as we don't use the tty index */
547 kfree(tty->termios);
548}
549
550/* We have no need to install and remove our tty objects as devpts does all
551 the work for us */
552
553static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty)
554{
555 struct tty_struct *o_tty;
556 int idx = tty->index;
557
558 o_tty = alloc_tty_struct();
559 if (!o_tty)
560 return -ENOMEM;
561 if (!try_module_get(driver->other->owner)) {
562 /* This cannot in fact currently happen */
563 free_tty_struct(o_tty);
564 return -ENOMEM;
565 }
566 initialize_tty_struct(o_tty, driver->other, idx);
567
568 tty->termios = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
569 if (tty->termios == NULL)
570 goto free_mem_out;
571 *tty->termios = driver->init_termios;
572 tty->termios_locked = tty->termios + 1;
573
574 o_tty->termios = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
575 if (o_tty->termios == NULL)
576 goto free_mem_out;
577 *o_tty->termios = driver->other->init_termios;
578 o_tty->termios_locked = o_tty->termios + 1;
579
580 tty_driver_kref_get(driver->other);
581 if (driver->subtype == PTY_TYPE_MASTER)
582 o_tty->count++;
583 /* Establish the links in both directions */
584 tty->link = o_tty;
585 o_tty->link = tty;
586 /*
587 * All structures have been allocated, so now we install them.
588 * Failures after this point use release_tty to clean up, so
589 * there's no need to null out the local pointers.
590 */
591 tty_driver_kref_get(driver);
592 tty->count++;
593 pty_count++;
594 return 0;
595free_mem_out:
596 kfree(o_tty->termios);
597 module_put(o_tty->driver->owner);
598 free_tty_struct(o_tty);
599 kfree(tty->termios);
600 return -ENOMEM;
601}
602
603static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty)
604{
605 pty_count--;
606}
607
608static const struct tty_operations ptm_unix98_ops = {
609 .lookup = ptm_unix98_lookup,
610 .install = pty_unix98_install,
611 .remove = pty_unix98_remove,
612 .open = pty_open,
613 .close = pty_close,
614 .write = pty_write,
615 .write_room = pty_write_room,
616 .flush_buffer = pty_flush_buffer,
617 .chars_in_buffer = pty_chars_in_buffer,
618 .unthrottle = pty_unthrottle,
619 .set_termios = pty_set_termios,
620 .ioctl = pty_unix98_ioctl,
621 .shutdown = pty_unix98_shutdown,
622 .resize = pty_resize
623};
624
625static const struct tty_operations pty_unix98_ops = {
626 .lookup = pts_unix98_lookup,
627 .install = pty_unix98_install,
628 .remove = pty_unix98_remove,
629 .open = pty_open,
630 .close = pty_close,
631 .write = pty_write,
632 .write_room = pty_write_room,
633 .flush_buffer = pty_flush_buffer,
634 .chars_in_buffer = pty_chars_in_buffer,
635 .unthrottle = pty_unthrottle,
636 .set_termios = pty_set_termios,
637 .shutdown = pty_unix98_shutdown
638};
639
640/**
641 * ptmx_open - open a unix 98 pty master
642 * @inode: inode of device file
643 * @filp: file pointer to tty
644 *
645 * Allocate a unix98 pty master device from the ptmx driver.
646 *
647 * Locking: tty_mutex protects the init_dev work. tty->count should
648 * protect the rest.
649 * allocated_ptys_lock handles the list of free pty numbers
650 */
651
652static int ptmx_open(struct inode *inode, struct file *filp)
653{
654 struct tty_struct *tty;
655 int retval;
656 int index;
657
658 nonseekable_open(inode, filp);
659
660 /* find a device that is not in use. */
661 tty_lock();
662 index = devpts_new_index(inode);
663 tty_unlock();
664 if (index < 0)
665 return index;
666
667 mutex_lock(&tty_mutex);
668 tty_lock();
669 tty = tty_init_dev(ptm_driver, index, 1);
670 mutex_unlock(&tty_mutex);
671
672 if (IS_ERR(tty)) {
673 retval = PTR_ERR(tty);
674 goto out;
675 }
676
677 set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */
678
679 retval = tty_add_file(tty, filp);
680 if (retval)
681 goto out;
682
683 retval = devpts_pty_new(inode, tty->link);
684 if (retval)
685 goto out1;
686
687 retval = ptm_driver->ops->open(tty, filp);
688 if (retval)
689 goto out2;
690out1:
691 tty_unlock();
692 return retval;
693out2:
694 tty_unlock();
695 tty_release(inode, filp);
696 return retval;
697out:
698 devpts_kill_index(inode, index);
699 tty_unlock();
700 return retval;
701}
702
703static struct file_operations ptmx_fops;
704
705static void __init unix98_pty_init(void)
706{
707 ptm_driver = alloc_tty_driver(NR_UNIX98_PTY_MAX);
708 if (!ptm_driver)
709 panic("Couldn't allocate Unix98 ptm driver");
710 pts_driver = alloc_tty_driver(NR_UNIX98_PTY_MAX);
711 if (!pts_driver)
712 panic("Couldn't allocate Unix98 pts driver");
713
714 ptm_driver->owner = THIS_MODULE;
715 ptm_driver->driver_name = "pty_master";
716 ptm_driver->name = "ptm";
717 ptm_driver->major = UNIX98_PTY_MASTER_MAJOR;
718 ptm_driver->minor_start = 0;
719 ptm_driver->type = TTY_DRIVER_TYPE_PTY;
720 ptm_driver->subtype = PTY_TYPE_MASTER;
721 ptm_driver->init_termios = tty_std_termios;
722 ptm_driver->init_termios.c_iflag = 0;
723 ptm_driver->init_termios.c_oflag = 0;
724 ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
725 ptm_driver->init_termios.c_lflag = 0;
726 ptm_driver->init_termios.c_ispeed = 38400;
727 ptm_driver->init_termios.c_ospeed = 38400;
728 ptm_driver->flags = TTY_DRIVER_RESET_TERMIOS | TTY_DRIVER_REAL_RAW |
729 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_DEVPTS_MEM;
730 ptm_driver->other = pts_driver;
731 tty_set_operations(ptm_driver, &ptm_unix98_ops);
732
733 pts_driver->owner = THIS_MODULE;
734 pts_driver->driver_name = "pty_slave";
735 pts_driver->name = "pts";
736 pts_driver->major = UNIX98_PTY_SLAVE_MAJOR;
737 pts_driver->minor_start = 0;
738 pts_driver->type = TTY_DRIVER_TYPE_PTY;
739 pts_driver->subtype = PTY_TYPE_SLAVE;
740 pts_driver->init_termios = tty_std_termios;
741 pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
742 pts_driver->init_termios.c_ispeed = 38400;
743 pts_driver->init_termios.c_ospeed = 38400;
744 pts_driver->flags = TTY_DRIVER_RESET_TERMIOS | TTY_DRIVER_REAL_RAW |
745 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_DEVPTS_MEM;
746 pts_driver->other = ptm_driver;
747 tty_set_operations(pts_driver, &pty_unix98_ops);
748
749 if (tty_register_driver(ptm_driver))
750 panic("Couldn't register Unix98 ptm driver");
751 if (tty_register_driver(pts_driver))
752 panic("Couldn't register Unix98 pts driver");
753
754 register_sysctl_table(pty_root_table);
755
756 /* Now create the /dev/ptmx special device */
757 tty_default_fops(&ptmx_fops);
758 ptmx_fops.open = ptmx_open;
759
760 cdev_init(&ptmx_cdev, &ptmx_fops);
761 if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) ||
762 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0)
763 panic("Couldn't register /dev/ptmx driver\n");
764 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx");
765}
766
767#else
768static inline void unix98_pty_init(void) { }
769#endif
770
771static int __init pty_init(void)
772{
773 legacy_pty_init();
774 unix98_pty_init();
775 return 0;
776}
777module_init(pty_init);
diff --git a/drivers/char/sysrq.c b/drivers/char/sysrq.c
deleted file mode 100644
index eaa5d3efa79..00000000000
--- a/drivers/char/sysrq.c
+++ /dev/null
@@ -1,811 +0,0 @@
1/*
2 * Linux Magic System Request Key Hacks
3 *
4 * (c) 1997 Martin Mares <mj@atrey.karlin.mff.cuni.cz>
5 * based on ideas by Pavel Machek <pavel@atrey.karlin.mff.cuni.cz>
6 *
7 * (c) 2000 Crutcher Dunnavant <crutcher+kernel@datastacks.com>
8 * overhauled to use key registration
9 * based upon discusions in irc://irc.openprojects.net/#kernelnewbies
10 *
11 * Copyright (c) 2010 Dmitry Torokhov
12 * Input handler conversion
13 */
14
15#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
16
17#include <linux/sched.h>
18#include <linux/interrupt.h>
19#include <linux/mm.h>
20#include <linux/fs.h>
21#include <linux/mount.h>
22#include <linux/kdev_t.h>
23#include <linux/major.h>
24#include <linux/reboot.h>
25#include <linux/sysrq.h>
26#include <linux/kbd_kern.h>
27#include <linux/proc_fs.h>
28#include <linux/nmi.h>
29#include <linux/quotaops.h>
30#include <linux/perf_event.h>
31#include <linux/kernel.h>
32#include <linux/module.h>
33#include <linux/suspend.h>
34#include <linux/writeback.h>
35#include <linux/buffer_head.h> /* for fsync_bdev() */
36#include <linux/swap.h>
37#include <linux/spinlock.h>
38#include <linux/vt_kern.h>
39#include <linux/workqueue.h>
40#include <linux/hrtimer.h>
41#include <linux/oom.h>
42#include <linux/slab.h>
43#include <linux/input.h>
44
45#include <asm/ptrace.h>
46#include <asm/irq_regs.h>
47
48/* Whether we react on sysrq keys or just ignore them */
49static int __read_mostly sysrq_enabled = 1;
50static bool __read_mostly sysrq_always_enabled;
51
52static bool sysrq_on(void)
53{
54 return sysrq_enabled || sysrq_always_enabled;
55}
56
57/*
58 * A value of 1 means 'all', other nonzero values are an op mask:
59 */
60static bool sysrq_on_mask(int mask)
61{
62 return sysrq_always_enabled ||
63 sysrq_enabled == 1 ||
64 (sysrq_enabled & mask);
65}
66
67static int __init sysrq_always_enabled_setup(char *str)
68{
69 sysrq_always_enabled = true;
70 pr_info("sysrq always enabled.\n");
71
72 return 1;
73}
74
75__setup("sysrq_always_enabled", sysrq_always_enabled_setup);
76
77
78static void sysrq_handle_loglevel(int key)
79{
80 int i;
81
82 i = key - '0';
83 console_loglevel = 7;
84 printk("Loglevel set to %d\n", i);
85 console_loglevel = i;
86}
87static struct sysrq_key_op sysrq_loglevel_op = {
88 .handler = sysrq_handle_loglevel,
89 .help_msg = "loglevel(0-9)",
90 .action_msg = "Changing Loglevel",
91 .enable_mask = SYSRQ_ENABLE_LOG,
92};
93
94#ifdef CONFIG_VT
95static void sysrq_handle_SAK(int key)
96{
97 struct work_struct *SAK_work = &vc_cons[fg_console].SAK_work;
98 schedule_work(SAK_work);
99}
100static struct sysrq_key_op sysrq_SAK_op = {
101 .handler = sysrq_handle_SAK,
102 .help_msg = "saK",
103 .action_msg = "SAK",
104 .enable_mask = SYSRQ_ENABLE_KEYBOARD,
105};
106#else
107#define sysrq_SAK_op (*(struct sysrq_key_op *)NULL)
108#endif
109
110#ifdef CONFIG_VT
111static void sysrq_handle_unraw(int key)
112{
113 struct kbd_struct *kbd = &kbd_table[fg_console];
114
115 if (kbd)
116 kbd->kbdmode = default_utf8 ? VC_UNICODE : VC_XLATE;
117}
118static struct sysrq_key_op sysrq_unraw_op = {
119 .handler = sysrq_handle_unraw,
120 .help_msg = "unRaw",
121 .action_msg = "Keyboard mode set to system default",
122 .enable_mask = SYSRQ_ENABLE_KEYBOARD,
123};
124#else
125#define sysrq_unraw_op (*(struct sysrq_key_op *)NULL)
126#endif /* CONFIG_VT */
127
128static void sysrq_handle_crash(int key)
129{
130 char *killer = NULL;
131
132 panic_on_oops = 1; /* force panic */
133 wmb();
134 *killer = 1;
135}
136static struct sysrq_key_op sysrq_crash_op = {
137 .handler = sysrq_handle_crash,
138 .help_msg = "Crash",
139 .action_msg = "Trigger a crash",
140 .enable_mask = SYSRQ_ENABLE_DUMP,
141};
142
143static void sysrq_handle_reboot(int key)
144{
145 lockdep_off();
146 local_irq_enable();
147 emergency_restart();
148}
149static struct sysrq_key_op sysrq_reboot_op = {
150 .handler = sysrq_handle_reboot,
151 .help_msg = "reBoot",
152 .action_msg = "Resetting",
153 .enable_mask = SYSRQ_ENABLE_BOOT,
154};
155
156static void sysrq_handle_sync(int key)
157{
158 emergency_sync();
159}
160static struct sysrq_key_op sysrq_sync_op = {
161 .handler = sysrq_handle_sync,
162 .help_msg = "Sync",
163 .action_msg = "Emergency Sync",
164 .enable_mask = SYSRQ_ENABLE_SYNC,
165};
166
167static void sysrq_handle_show_timers(int key)
168{
169 sysrq_timer_list_show();
170}
171
172static struct sysrq_key_op sysrq_show_timers_op = {
173 .handler = sysrq_handle_show_timers,
174 .help_msg = "show-all-timers(Q)",
175 .action_msg = "Show clockevent devices & pending hrtimers (no others)",
176};
177
178static void sysrq_handle_mountro(int key)
179{
180 emergency_remount();
181}
182static struct sysrq_key_op sysrq_mountro_op = {
183 .handler = sysrq_handle_mountro,
184 .help_msg = "Unmount",
185 .action_msg = "Emergency Remount R/O",
186 .enable_mask = SYSRQ_ENABLE_REMOUNT,
187};
188
189#ifdef CONFIG_LOCKDEP
190static void sysrq_handle_showlocks(int key)
191{
192 debug_show_all_locks();
193}
194
195static struct sysrq_key_op sysrq_showlocks_op = {
196 .handler = sysrq_handle_showlocks,
197 .help_msg = "show-all-locks(D)",
198 .action_msg = "Show Locks Held",
199};
200#else
201#define sysrq_showlocks_op (*(struct sysrq_key_op *)NULL)
202#endif
203
204#ifdef CONFIG_SMP
205static DEFINE_SPINLOCK(show_lock);
206
207static void showacpu(void *dummy)
208{
209 unsigned long flags;
210
211 /* Idle CPUs have no interesting backtrace. */
212 if (idle_cpu(smp_processor_id()))
213 return;
214
215 spin_lock_irqsave(&show_lock, flags);
216 printk(KERN_INFO "CPU%d:\n", smp_processor_id());
217 show_stack(NULL, NULL);
218 spin_unlock_irqrestore(&show_lock, flags);
219}
220
221static void sysrq_showregs_othercpus(struct work_struct *dummy)
222{
223 smp_call_function(showacpu, NULL, 0);
224}
225
226static DECLARE_WORK(sysrq_showallcpus, sysrq_showregs_othercpus);
227
228static void sysrq_handle_showallcpus(int key)
229{
230 /*
231 * Fall back to the workqueue based printing if the
232 * backtrace printing did not succeed or the
233 * architecture has no support for it:
234 */
235 if (!trigger_all_cpu_backtrace()) {
236 struct pt_regs *regs = get_irq_regs();
237
238 if (regs) {
239 printk(KERN_INFO "CPU%d:\n", smp_processor_id());
240 show_regs(regs);
241 }
242 schedule_work(&sysrq_showallcpus);
243 }
244}
245
246static struct sysrq_key_op sysrq_showallcpus_op = {
247 .handler = sysrq_handle_showallcpus,
248 .help_msg = "show-backtrace-all-active-cpus(L)",
249 .action_msg = "Show backtrace of all active CPUs",
250 .enable_mask = SYSRQ_ENABLE_DUMP,
251};
252#endif
253
254static void sysrq_handle_showregs(int key)
255{
256 struct pt_regs *regs = get_irq_regs();
257 if (regs)
258 show_regs(regs);
259 perf_event_print_debug();
260}
261static struct sysrq_key_op sysrq_showregs_op = {
262 .handler = sysrq_handle_showregs,
263 .help_msg = "show-registers(P)",
264 .action_msg = "Show Regs",
265 .enable_mask = SYSRQ_ENABLE_DUMP,
266};
267
268static void sysrq_handle_showstate(int key)
269{
270 show_state();
271}
272static struct sysrq_key_op sysrq_showstate_op = {
273 .handler = sysrq_handle_showstate,
274 .help_msg = "show-task-states(T)",
275 .action_msg = "Show State",
276 .enable_mask = SYSRQ_ENABLE_DUMP,
277};
278
279static void sysrq_handle_showstate_blocked(int key)
280{
281 show_state_filter(TASK_UNINTERRUPTIBLE);
282}
283static struct sysrq_key_op sysrq_showstate_blocked_op = {
284 .handler = sysrq_handle_showstate_blocked,
285 .help_msg = "show-blocked-tasks(W)",
286 .action_msg = "Show Blocked State",
287 .enable_mask = SYSRQ_ENABLE_DUMP,
288};
289
290#ifdef CONFIG_TRACING
291#include <linux/ftrace.h>
292
293static void sysrq_ftrace_dump(int key)
294{
295 ftrace_dump(DUMP_ALL);
296}
297static struct sysrq_key_op sysrq_ftrace_dump_op = {
298 .handler = sysrq_ftrace_dump,
299 .help_msg = "dump-ftrace-buffer(Z)",
300 .action_msg = "Dump ftrace buffer",
301 .enable_mask = SYSRQ_ENABLE_DUMP,
302};
303#else
304#define sysrq_ftrace_dump_op (*(struct sysrq_key_op *)NULL)
305#endif
306
307static void sysrq_handle_showmem(int key)
308{
309 show_mem();
310}
311static struct sysrq_key_op sysrq_showmem_op = {
312 .handler = sysrq_handle_showmem,
313 .help_msg = "show-memory-usage(M)",
314 .action_msg = "Show Memory",
315 .enable_mask = SYSRQ_ENABLE_DUMP,
316};
317
318/*
319 * Signal sysrq helper function. Sends a signal to all user processes.
320 */
321static void send_sig_all(int sig)
322{
323 struct task_struct *p;
324
325 for_each_process(p) {
326 if (p->mm && !is_global_init(p))
327 /* Not swapper, init nor kernel thread */
328 force_sig(sig, p);
329 }
330}
331
332static void sysrq_handle_term(int key)
333{
334 send_sig_all(SIGTERM);
335 console_loglevel = 8;
336}
337static struct sysrq_key_op sysrq_term_op = {
338 .handler = sysrq_handle_term,
339 .help_msg = "terminate-all-tasks(E)",
340 .action_msg = "Terminate All Tasks",
341 .enable_mask = SYSRQ_ENABLE_SIGNAL,
342};
343
344static void moom_callback(struct work_struct *ignored)
345{
346 out_of_memory(node_zonelist(0, GFP_KERNEL), GFP_KERNEL, 0, NULL);
347}
348
349static DECLARE_WORK(moom_work, moom_callback);
350
351static void sysrq_handle_moom(int key)
352{
353 schedule_work(&moom_work);
354}
355static struct sysrq_key_op sysrq_moom_op = {
356 .handler = sysrq_handle_moom,
357 .help_msg = "memory-full-oom-kill(F)",
358 .action_msg = "Manual OOM execution",
359 .enable_mask = SYSRQ_ENABLE_SIGNAL,
360};
361
362#ifdef CONFIG_BLOCK
363static void sysrq_handle_thaw(int key)
364{
365 emergency_thaw_all();
366}
367static struct sysrq_key_op sysrq_thaw_op = {
368 .handler = sysrq_handle_thaw,
369 .help_msg = "thaw-filesystems(J)",
370 .action_msg = "Emergency Thaw of all frozen filesystems",
371 .enable_mask = SYSRQ_ENABLE_SIGNAL,
372};
373#endif
374
375static void sysrq_handle_kill(int key)
376{
377 send_sig_all(SIGKILL);
378 console_loglevel = 8;
379}
380static struct sysrq_key_op sysrq_kill_op = {
381 .handler = sysrq_handle_kill,
382 .help_msg = "kill-all-tasks(I)",
383 .action_msg = "Kill All Tasks",
384 .enable_mask = SYSRQ_ENABLE_SIGNAL,
385};
386
387static void sysrq_handle_unrt(int key)
388{
389 normalize_rt_tasks();
390}
391static struct sysrq_key_op sysrq_unrt_op = {
392 .handler = sysrq_handle_unrt,
393 .help_msg = "nice-all-RT-tasks(N)",
394 .action_msg = "Nice All RT Tasks",
395 .enable_mask = SYSRQ_ENABLE_RTNICE,
396};
397
398/* Key Operations table and lock */
399static DEFINE_SPINLOCK(sysrq_key_table_lock);
400
401static struct sysrq_key_op *sysrq_key_table[36] = {
402 &sysrq_loglevel_op, /* 0 */
403 &sysrq_loglevel_op, /* 1 */
404 &sysrq_loglevel_op, /* 2 */
405 &sysrq_loglevel_op, /* 3 */
406 &sysrq_loglevel_op, /* 4 */
407 &sysrq_loglevel_op, /* 5 */
408 &sysrq_loglevel_op, /* 6 */
409 &sysrq_loglevel_op, /* 7 */
410 &sysrq_loglevel_op, /* 8 */
411 &sysrq_loglevel_op, /* 9 */
412
413 /*
414 * a: Don't use for system provided sysrqs, it is handled specially on
415 * sparc and will never arrive.
416 */
417 NULL, /* a */
418 &sysrq_reboot_op, /* b */
419 &sysrq_crash_op, /* c & ibm_emac driver debug */
420 &sysrq_showlocks_op, /* d */
421 &sysrq_term_op, /* e */
422 &sysrq_moom_op, /* f */
423 /* g: May be registered for the kernel debugger */
424 NULL, /* g */
425 NULL, /* h - reserved for help */
426 &sysrq_kill_op, /* i */
427#ifdef CONFIG_BLOCK
428 &sysrq_thaw_op, /* j */
429#else
430 NULL, /* j */
431#endif
432 &sysrq_SAK_op, /* k */
433#ifdef CONFIG_SMP
434 &sysrq_showallcpus_op, /* l */
435#else
436 NULL, /* l */
437#endif
438 &sysrq_showmem_op, /* m */
439 &sysrq_unrt_op, /* n */
440 /* o: This will often be registered as 'Off' at init time */
441 NULL, /* o */
442 &sysrq_showregs_op, /* p */
443 &sysrq_show_timers_op, /* q */
444 &sysrq_unraw_op, /* r */
445 &sysrq_sync_op, /* s */
446 &sysrq_showstate_op, /* t */
447 &sysrq_mountro_op, /* u */
448 /* v: May be registered for frame buffer console restore */
449 NULL, /* v */
450 &sysrq_showstate_blocked_op, /* w */
451 /* x: May be registered on ppc/powerpc for xmon */
452 NULL, /* x */
453 /* y: May be registered on sparc64 for global register dump */
454 NULL, /* y */
455 &sysrq_ftrace_dump_op, /* z */
456};
457
458/* key2index calculation, -1 on invalid index */
459static int sysrq_key_table_key2index(int key)
460{
461 int retval;
462
463 if ((key >= '0') && (key <= '9'))
464 retval = key - '0';
465 else if ((key >= 'a') && (key <= 'z'))
466 retval = key + 10 - 'a';
467 else
468 retval = -1;
469 return retval;
470}
471
472/*
473 * get and put functions for the table, exposed to modules.
474 */
475struct sysrq_key_op *__sysrq_get_key_op(int key)
476{
477 struct sysrq_key_op *op_p = NULL;
478 int i;
479
480 i = sysrq_key_table_key2index(key);
481 if (i != -1)
482 op_p = sysrq_key_table[i];
483
484 return op_p;
485}
486
487static void __sysrq_put_key_op(int key, struct sysrq_key_op *op_p)
488{
489 int i = sysrq_key_table_key2index(key);
490
491 if (i != -1)
492 sysrq_key_table[i] = op_p;
493}
494
495void __handle_sysrq(int key, bool check_mask)
496{
497 struct sysrq_key_op *op_p;
498 int orig_log_level;
499 int i;
500 unsigned long flags;
501
502 spin_lock_irqsave(&sysrq_key_table_lock, flags);
503 /*
504 * Raise the apparent loglevel to maximum so that the sysrq header
505 * is shown to provide the user with positive feedback. We do not
506 * simply emit this at KERN_EMERG as that would change message
507 * routing in the consumers of /proc/kmsg.
508 */
509 orig_log_level = console_loglevel;
510 console_loglevel = 7;
511 printk(KERN_INFO "SysRq : ");
512
513 op_p = __sysrq_get_key_op(key);
514 if (op_p) {
515 /*
516 * Should we check for enabled operations (/proc/sysrq-trigger
517 * should not) and is the invoked operation enabled?
518 */
519 if (!check_mask || sysrq_on_mask(op_p->enable_mask)) {
520 printk("%s\n", op_p->action_msg);
521 console_loglevel = orig_log_level;
522 op_p->handler(key);
523 } else {
524 printk("This sysrq operation is disabled.\n");
525 }
526 } else {
527 printk("HELP : ");
528 /* Only print the help msg once per handler */
529 for (i = 0; i < ARRAY_SIZE(sysrq_key_table); i++) {
530 if (sysrq_key_table[i]) {
531 int j;
532
533 for (j = 0; sysrq_key_table[i] !=
534 sysrq_key_table[j]; j++)
535 ;
536 if (j != i)
537 continue;
538 printk("%s ", sysrq_key_table[i]->help_msg);
539 }
540 }
541 printk("\n");
542 console_loglevel = orig_log_level;
543 }
544 spin_unlock_irqrestore(&sysrq_key_table_lock, flags);
545}
546
547void handle_sysrq(int key)
548{
549 if (sysrq_on())
550 __handle_sysrq(key, true);
551}
552EXPORT_SYMBOL(handle_sysrq);
553
554#ifdef CONFIG_INPUT
555
556/* Simple translation table for the SysRq keys */
557static const unsigned char sysrq_xlate[KEY_MAX + 1] =
558 "\000\0331234567890-=\177\t" /* 0x00 - 0x0f */
559 "qwertyuiop[]\r\000as" /* 0x10 - 0x1f */
560 "dfghjkl;'`\000\\zxcv" /* 0x20 - 0x2f */
561 "bnm,./\000*\000 \000\201\202\203\204\205" /* 0x30 - 0x3f */
562 "\206\207\210\211\212\000\000789-456+1" /* 0x40 - 0x4f */
563 "230\177\000\000\213\214\000\000\000\000\000\000\000\000\000\000" /* 0x50 - 0x5f */
564 "\r\000/"; /* 0x60 - 0x6f */
565
566static bool sysrq_down;
567static int sysrq_alt_use;
568static int sysrq_alt;
569static DEFINE_SPINLOCK(sysrq_event_lock);
570
571static bool sysrq_filter(struct input_handle *handle, unsigned int type,
572 unsigned int code, int value)
573{
574 bool suppress;
575
576 /* We are called with interrupts disabled, just take the lock */
577 spin_lock(&sysrq_event_lock);
578
579 if (type != EV_KEY)
580 goto out;
581
582 switch (code) {
583
584 case KEY_LEFTALT:
585 case KEY_RIGHTALT:
586 if (value)
587 sysrq_alt = code;
588 else {
589 if (sysrq_down && code == sysrq_alt_use)
590 sysrq_down = false;
591
592 sysrq_alt = 0;
593 }
594 break;
595
596 case KEY_SYSRQ:
597 if (value == 1 && sysrq_alt) {
598 sysrq_down = true;
599 sysrq_alt_use = sysrq_alt;
600 }
601 break;
602
603 default:
604 if (sysrq_down && value && value != 2)
605 __handle_sysrq(sysrq_xlate[code], true);
606 break;
607 }
608
609out:
610 suppress = sysrq_down;
611 spin_unlock(&sysrq_event_lock);
612
613 return suppress;
614}
615
616static int sysrq_connect(struct input_handler *handler,
617 struct input_dev *dev,
618 const struct input_device_id *id)
619{
620 struct input_handle *handle;
621 int error;
622
623 sysrq_down = false;
624 sysrq_alt = 0;
625
626 handle = kzalloc(sizeof(struct input_handle), GFP_KERNEL);
627 if (!handle)
628 return -ENOMEM;
629
630 handle->dev = dev;
631 handle->handler = handler;
632 handle->name = "sysrq";
633
634 error = input_register_handle(handle);
635 if (error) {
636 pr_err("Failed to register input sysrq handler, error %d\n",
637 error);
638 goto err_free;
639 }
640
641 error = input_open_device(handle);
642 if (error) {
643 pr_err("Failed to open input device, error %d\n", error);
644 goto err_unregister;
645 }
646
647 return 0;
648
649 err_unregister:
650 input_unregister_handle(handle);
651 err_free:
652 kfree(handle);
653 return error;
654}
655
656static void sysrq_disconnect(struct input_handle *handle)
657{
658 input_close_device(handle);
659 input_unregister_handle(handle);
660 kfree(handle);
661}
662
663/*
664 * We are matching on KEY_LEFTALT instead of KEY_SYSRQ because not all
665 * keyboards have SysRq key predefined and so user may add it to keymap
666 * later, but we expect all such keyboards to have left alt.
667 */
668static const struct input_device_id sysrq_ids[] = {
669 {
670 .flags = INPUT_DEVICE_ID_MATCH_EVBIT |
671 INPUT_DEVICE_ID_MATCH_KEYBIT,
672 .evbit = { BIT_MASK(EV_KEY) },
673 .keybit = { BIT_MASK(KEY_LEFTALT) },
674 },
675 { },
676};
677
678static struct input_handler sysrq_handler = {
679 .filter = sysrq_filter,
680 .connect = sysrq_connect,
681 .disconnect = sysrq_disconnect,
682 .name = "sysrq",
683 .id_table = sysrq_ids,
684};
685
686static bool sysrq_handler_registered;
687
688static inline void sysrq_register_handler(void)
689{
690 int error;
691
692 error = input_register_handler(&sysrq_handler);
693 if (error)
694 pr_err("Failed to register input handler, error %d", error);
695 else
696 sysrq_handler_registered = true;
697}
698
699static inline void sysrq_unregister_handler(void)
700{
701 if (sysrq_handler_registered) {
702 input_unregister_handler(&sysrq_handler);
703 sysrq_handler_registered = false;
704 }
705}
706
707#else
708
709static inline void sysrq_register_handler(void)
710{
711}
712
713static inline void sysrq_unregister_handler(void)
714{
715}
716
717#endif /* CONFIG_INPUT */
718
719int sysrq_toggle_support(int enable_mask)
720{
721 bool was_enabled = sysrq_on();
722
723 sysrq_enabled = enable_mask;
724
725 if (was_enabled != sysrq_on()) {
726 if (sysrq_on())
727 sysrq_register_handler();
728 else
729 sysrq_unregister_handler();
730 }
731
732 return 0;
733}
734
735static int __sysrq_swap_key_ops(int key, struct sysrq_key_op *insert_op_p,
736 struct sysrq_key_op *remove_op_p)
737{
738 int retval;
739 unsigned long flags;
740
741 spin_lock_irqsave(&sysrq_key_table_lock, flags);
742 if (__sysrq_get_key_op(key) == remove_op_p) {
743 __sysrq_put_key_op(key, insert_op_p);
744 retval = 0;
745 } else {
746 retval = -1;
747 }
748 spin_unlock_irqrestore(&sysrq_key_table_lock, flags);
749 return retval;
750}
751
752int register_sysrq_key(int key, struct sysrq_key_op *op_p)
753{
754 return __sysrq_swap_key_ops(key, op_p, NULL);
755}
756EXPORT_SYMBOL(register_sysrq_key);
757
758int unregister_sysrq_key(int key, struct sysrq_key_op *op_p)
759{
760 return __sysrq_swap_key_ops(key, NULL, op_p);
761}
762EXPORT_SYMBOL(unregister_sysrq_key);
763
764#ifdef CONFIG_PROC_FS
765/*
766 * writing 'C' to /proc/sysrq-trigger is like sysrq-C
767 */
768static ssize_t write_sysrq_trigger(struct file *file, const char __user *buf,
769 size_t count, loff_t *ppos)
770{
771 if (count) {
772 char c;
773
774 if (get_user(c, buf))
775 return -EFAULT;
776 __handle_sysrq(c, false);
777 }
778
779 return count;
780}
781
782static const struct file_operations proc_sysrq_trigger_operations = {
783 .write = write_sysrq_trigger,
784 .llseek = noop_llseek,
785};
786
787static void sysrq_init_procfs(void)
788{
789 if (!proc_create("sysrq-trigger", S_IWUSR, NULL,
790 &proc_sysrq_trigger_operations))
791 pr_err("Failed to register proc interface\n");
792}
793
794#else
795
796static inline void sysrq_init_procfs(void)
797{
798}
799
800#endif /* CONFIG_PROC_FS */
801
802static int __init sysrq_init(void)
803{
804 sysrq_init_procfs();
805
806 if (sysrq_on())
807 sysrq_register_handler();
808
809 return 0;
810}
811module_init(sysrq_init);
diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c
deleted file mode 100644
index f64582b0f62..00000000000
--- a/drivers/char/tty_audit.c
+++ /dev/null
@@ -1,358 +0,0 @@
1/*
2 * Creating audit events from TTY input.
3 *
4 * Copyright (C) 2007 Red Hat, Inc. All rights reserved. This copyrighted
5 * material is made available to anyone wishing to use, modify, copy, or
6 * redistribute it subject to the terms and conditions of the GNU General
7 * Public License v.2.
8 *
9 * Authors: Miloslav Trmac <mitr@redhat.com>
10 */
11
12#include <linux/audit.h>
13#include <linux/slab.h>
14#include <linux/tty.h>
15
16struct tty_audit_buf {
17 atomic_t count;
18 struct mutex mutex; /* Protects all data below */
19 int major, minor; /* The TTY which the data is from */
20 unsigned icanon:1;
21 size_t valid;
22 unsigned char *data; /* Allocated size N_TTY_BUF_SIZE */
23};
24
25static struct tty_audit_buf *tty_audit_buf_alloc(int major, int minor,
26 int icanon)
27{
28 struct tty_audit_buf *buf;
29
30 buf = kmalloc(sizeof(*buf), GFP_KERNEL);
31 if (!buf)
32 goto err;
33 buf->data = kmalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
34 if (!buf->data)
35 goto err_buf;
36 atomic_set(&buf->count, 1);
37 mutex_init(&buf->mutex);
38 buf->major = major;
39 buf->minor = minor;
40 buf->icanon = icanon;
41 buf->valid = 0;
42 return buf;
43
44err_buf:
45 kfree(buf);
46err:
47 return NULL;
48}
49
50static void tty_audit_buf_free(struct tty_audit_buf *buf)
51{
52 WARN_ON(buf->valid != 0);
53 kfree(buf->data);
54 kfree(buf);
55}
56
57static void tty_audit_buf_put(struct tty_audit_buf *buf)
58{
59 if (atomic_dec_and_test(&buf->count))
60 tty_audit_buf_free(buf);
61}
62
63static void tty_audit_log(const char *description, struct task_struct *tsk,
64 uid_t loginuid, unsigned sessionid, int major,
65 int minor, unsigned char *data, size_t size)
66{
67 struct audit_buffer *ab;
68
69 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_TTY);
70 if (ab) {
71 char name[sizeof(tsk->comm)];
72 uid_t uid = task_uid(tsk);
73
74 audit_log_format(ab, "%s pid=%u uid=%u auid=%u ses=%u "
75 "major=%d minor=%d comm=", description,
76 tsk->pid, uid, loginuid, sessionid,
77 major, minor);
78 get_task_comm(name, tsk);
79 audit_log_untrustedstring(ab, name);
80 audit_log_format(ab, " data=");
81 audit_log_n_hex(ab, data, size);
82 audit_log_end(ab);
83 }
84}
85
86/**
87 * tty_audit_buf_push - Push buffered data out
88 *
89 * Generate an audit message from the contents of @buf, which is owned by
90 * @tsk with @loginuid. @buf->mutex must be locked.
91 */
92static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
93 unsigned int sessionid,
94 struct tty_audit_buf *buf)
95{
96 if (buf->valid == 0)
97 return;
98 if (audit_enabled == 0)
99 return;
100 tty_audit_log("tty", tsk, loginuid, sessionid, buf->major, buf->minor,
101 buf->data, buf->valid);
102 buf->valid = 0;
103}
104
105/**
106 * tty_audit_buf_push_current - Push buffered data out
107 *
108 * Generate an audit message from the contents of @buf, which is owned by
109 * the current task. @buf->mutex must be locked.
110 */
111static void tty_audit_buf_push_current(struct tty_audit_buf *buf)
112{
113 uid_t auid = audit_get_loginuid(current);
114 unsigned int sessionid = audit_get_sessionid(current);
115 tty_audit_buf_push(current, auid, sessionid, buf);
116}
117
118/**
119 * tty_audit_exit - Handle a task exit
120 *
121 * Make sure all buffered data is written out and deallocate the buffer.
122 * Only needs to be called if current->signal->tty_audit_buf != %NULL.
123 */
124void tty_audit_exit(void)
125{
126 struct tty_audit_buf *buf;
127
128 spin_lock_irq(&current->sighand->siglock);
129 buf = current->signal->tty_audit_buf;
130 current->signal->tty_audit_buf = NULL;
131 spin_unlock_irq(&current->sighand->siglock);
132 if (!buf)
133 return;
134
135 mutex_lock(&buf->mutex);
136 tty_audit_buf_push_current(buf);
137 mutex_unlock(&buf->mutex);
138
139 tty_audit_buf_put(buf);
140}
141
142/**
143 * tty_audit_fork - Copy TTY audit state for a new task
144 *
145 * Set up TTY audit state in @sig from current. @sig needs no locking.
146 */
147void tty_audit_fork(struct signal_struct *sig)
148{
149 spin_lock_irq(&current->sighand->siglock);
150 sig->audit_tty = current->signal->audit_tty;
151 spin_unlock_irq(&current->sighand->siglock);
152}
153
154/**
155 * tty_audit_tiocsti - Log TIOCSTI
156 */
157void tty_audit_tiocsti(struct tty_struct *tty, char ch)
158{
159 struct tty_audit_buf *buf;
160 int major, minor, should_audit;
161
162 spin_lock_irq(&current->sighand->siglock);
163 should_audit = current->signal->audit_tty;
164 buf = current->signal->tty_audit_buf;
165 if (buf)
166 atomic_inc(&buf->count);
167 spin_unlock_irq(&current->sighand->siglock);
168
169 major = tty->driver->major;
170 minor = tty->driver->minor_start + tty->index;
171 if (buf) {
172 mutex_lock(&buf->mutex);
173 if (buf->major == major && buf->minor == minor)
174 tty_audit_buf_push_current(buf);
175 mutex_unlock(&buf->mutex);
176 tty_audit_buf_put(buf);
177 }
178
179 if (should_audit && audit_enabled) {
180 uid_t auid;
181 unsigned int sessionid;
182
183 auid = audit_get_loginuid(current);
184 sessionid = audit_get_sessionid(current);
185 tty_audit_log("ioctl=TIOCSTI", current, auid, sessionid, major,
186 minor, &ch, 1);
187 }
188}
189
190/**
191 * tty_audit_push_task - Flush task's pending audit data
192 * @tsk: task pointer
193 * @loginuid: sender login uid
194 * @sessionid: sender session id
195 *
196 * Called with a ref on @tsk held. Try to lock sighand and get a
197 * reference to the tty audit buffer if available.
198 * Flush the buffer or return an appropriate error code.
199 */
200int tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
201{
202 struct tty_audit_buf *buf = ERR_PTR(-EPERM);
203 unsigned long flags;
204
205 if (!lock_task_sighand(tsk, &flags))
206 return -ESRCH;
207
208 if (tsk->signal->audit_tty) {
209 buf = tsk->signal->tty_audit_buf;
210 if (buf)
211 atomic_inc(&buf->count);
212 }
213 unlock_task_sighand(tsk, &flags);
214
215 /*
216 * Return 0 when signal->audit_tty set
217 * but tsk->signal->tty_audit_buf == NULL.
218 */
219 if (!buf || IS_ERR(buf))
220 return PTR_ERR(buf);
221
222 mutex_lock(&buf->mutex);
223 tty_audit_buf_push(tsk, loginuid, sessionid, buf);
224 mutex_unlock(&buf->mutex);
225
226 tty_audit_buf_put(buf);
227 return 0;
228}
229
230/**
231 * tty_audit_buf_get - Get an audit buffer.
232 *
233 * Get an audit buffer for @tty, allocate it if necessary. Return %NULL
234 * if TTY auditing is disabled or out of memory. Otherwise, return a new
235 * reference to the buffer.
236 */
237static struct tty_audit_buf *tty_audit_buf_get(struct tty_struct *tty)
238{
239 struct tty_audit_buf *buf, *buf2;
240
241 buf = NULL;
242 buf2 = NULL;
243 spin_lock_irq(&current->sighand->siglock);
244 if (likely(!current->signal->audit_tty))
245 goto out;
246 buf = current->signal->tty_audit_buf;
247 if (buf) {
248 atomic_inc(&buf->count);
249 goto out;
250 }
251 spin_unlock_irq(&current->sighand->siglock);
252
253 buf2 = tty_audit_buf_alloc(tty->driver->major,
254 tty->driver->minor_start + tty->index,
255 tty->icanon);
256 if (buf2 == NULL) {
257 audit_log_lost("out of memory in TTY auditing");
258 return NULL;
259 }
260
261 spin_lock_irq(&current->sighand->siglock);
262 if (!current->signal->audit_tty)
263 goto out;
264 buf = current->signal->tty_audit_buf;
265 if (!buf) {
266 current->signal->tty_audit_buf = buf2;
267 buf = buf2;
268 buf2 = NULL;
269 }
270 atomic_inc(&buf->count);
271 /* Fall through */
272 out:
273 spin_unlock_irq(&current->sighand->siglock);
274 if (buf2)
275 tty_audit_buf_free(buf2);
276 return buf;
277}
278
279/**
280 * tty_audit_add_data - Add data for TTY auditing.
281 *
282 * Audit @data of @size from @tty, if necessary.
283 */
284void tty_audit_add_data(struct tty_struct *tty, unsigned char *data,
285 size_t size)
286{
287 struct tty_audit_buf *buf;
288 int major, minor;
289
290 if (unlikely(size == 0))
291 return;
292
293 if (tty->driver->type == TTY_DRIVER_TYPE_PTY
294 && tty->driver->subtype == PTY_TYPE_MASTER)
295 return;
296
297 buf = tty_audit_buf_get(tty);
298 if (!buf)
299 return;
300
301 mutex_lock(&buf->mutex);
302 major = tty->driver->major;
303 minor = tty->driver->minor_start + tty->index;
304 if (buf->major != major || buf->minor != minor
305 || buf->icanon != tty->icanon) {
306 tty_audit_buf_push_current(buf);
307 buf->major = major;
308 buf->minor = minor;
309 buf->icanon = tty->icanon;
310 }
311 do {
312 size_t run;
313
314 run = N_TTY_BUF_SIZE - buf->valid;
315 if (run > size)
316 run = size;
317 memcpy(buf->data + buf->valid, data, run);
318 buf->valid += run;
319 data += run;
320 size -= run;
321 if (buf->valid == N_TTY_BUF_SIZE)
322 tty_audit_buf_push_current(buf);
323 } while (size != 0);
324 mutex_unlock(&buf->mutex);
325 tty_audit_buf_put(buf);
326}
327
328/**
329 * tty_audit_push - Push buffered data out
330 *
331 * Make sure no audit data is pending for @tty on the current process.
332 */
333void tty_audit_push(struct tty_struct *tty)
334{
335 struct tty_audit_buf *buf;
336
337 spin_lock_irq(&current->sighand->siglock);
338 if (likely(!current->signal->audit_tty)) {
339 spin_unlock_irq(&current->sighand->siglock);
340 return;
341 }
342 buf = current->signal->tty_audit_buf;
343 if (buf)
344 atomic_inc(&buf->count);
345 spin_unlock_irq(&current->sighand->siglock);
346
347 if (buf) {
348 int major, minor;
349
350 major = tty->driver->major;
351 minor = tty->driver->minor_start + tty->index;
352 mutex_lock(&buf->mutex);
353 if (buf->major == major && buf->minor == minor)
354 tty_audit_buf_push_current(buf);
355 mutex_unlock(&buf->mutex);
356 tty_audit_buf_put(buf);
357 }
358}
diff --git a/drivers/char/tty_buffer.c b/drivers/char/tty_buffer.c
deleted file mode 100644
index cc1e9850d65..00000000000
--- a/drivers/char/tty_buffer.c
+++ /dev/null
@@ -1,524 +0,0 @@
1/*
2 * Tty buffer allocation management
3 */
4
5#include <linux/types.h>
6#include <linux/errno.h>
7#include <linux/tty.h>
8#include <linux/tty_driver.h>
9#include <linux/tty_flip.h>
10#include <linux/timer.h>
11#include <linux/string.h>
12#include <linux/slab.h>
13#include <linux/sched.h>
14#include <linux/init.h>
15#include <linux/wait.h>
16#include <linux/bitops.h>
17#include <linux/delay.h>
18#include <linux/module.h>
19
20/**
21 * tty_buffer_free_all - free buffers used by a tty
22 * @tty: tty to free from
23 *
24 * Remove all the buffers pending on a tty whether queued with data
25 * or in the free ring. Must be called when the tty is no longer in use
26 *
27 * Locking: none
28 */
29
30void tty_buffer_free_all(struct tty_struct *tty)
31{
32 struct tty_buffer *thead;
33 while ((thead = tty->buf.head) != NULL) {
34 tty->buf.head = thead->next;
35 kfree(thead);
36 }
37 while ((thead = tty->buf.free) != NULL) {
38 tty->buf.free = thead->next;
39 kfree(thead);
40 }
41 tty->buf.tail = NULL;
42 tty->buf.memory_used = 0;
43}
44
45/**
46 * tty_buffer_alloc - allocate a tty buffer
47 * @tty: tty device
48 * @size: desired size (characters)
49 *
50 * Allocate a new tty buffer to hold the desired number of characters.
51 * Return NULL if out of memory or the allocation would exceed the
52 * per device queue
53 *
54 * Locking: Caller must hold tty->buf.lock
55 */
56
57static struct tty_buffer *tty_buffer_alloc(struct tty_struct *tty, size_t size)
58{
59 struct tty_buffer *p;
60
61 if (tty->buf.memory_used + size > 65536)
62 return NULL;
63 p = kmalloc(sizeof(struct tty_buffer) + 2 * size, GFP_ATOMIC);
64 if (p == NULL)
65 return NULL;
66 p->used = 0;
67 p->size = size;
68 p->next = NULL;
69 p->commit = 0;
70 p->read = 0;
71 p->char_buf_ptr = (char *)(p->data);
72 p->flag_buf_ptr = (unsigned char *)p->char_buf_ptr + size;
73 tty->buf.memory_used += size;
74 return p;
75}
76
77/**
78 * tty_buffer_free - free a tty buffer
79 * @tty: tty owning the buffer
80 * @b: the buffer to free
81 *
82 * Free a tty buffer, or add it to the free list according to our
83 * internal strategy
84 *
85 * Locking: Caller must hold tty->buf.lock
86 */
87
88static void tty_buffer_free(struct tty_struct *tty, struct tty_buffer *b)
89{
90 /* Dumb strategy for now - should keep some stats */
91 tty->buf.memory_used -= b->size;
92 WARN_ON(tty->buf.memory_used < 0);
93
94 if (b->size >= 512)
95 kfree(b);
96 else {
97 b->next = tty->buf.free;
98 tty->buf.free = b;
99 }
100}
101
102/**
103 * __tty_buffer_flush - flush full tty buffers
104 * @tty: tty to flush
105 *
106 * flush all the buffers containing receive data. Caller must
107 * hold the buffer lock and must have ensured no parallel flush to
108 * ldisc is running.
109 *
110 * Locking: Caller must hold tty->buf.lock
111 */
112
113static void __tty_buffer_flush(struct tty_struct *tty)
114{
115 struct tty_buffer *thead;
116
117 while ((thead = tty->buf.head) != NULL) {
118 tty->buf.head = thead->next;
119 tty_buffer_free(tty, thead);
120 }
121 tty->buf.tail = NULL;
122}
123
124/**
125 * tty_buffer_flush - flush full tty buffers
126 * @tty: tty to flush
127 *
128 * flush all the buffers containing receive data. If the buffer is
129 * being processed by flush_to_ldisc then we defer the processing
130 * to that function
131 *
132 * Locking: none
133 */
134
135void tty_buffer_flush(struct tty_struct *tty)
136{
137 unsigned long flags;
138 spin_lock_irqsave(&tty->buf.lock, flags);
139
140 /* If the data is being pushed to the tty layer then we can't
141 process it here. Instead set a flag and the flush_to_ldisc
142 path will process the flush request before it exits */
143 if (test_bit(TTY_FLUSHING, &tty->flags)) {
144 set_bit(TTY_FLUSHPENDING, &tty->flags);
145 spin_unlock_irqrestore(&tty->buf.lock, flags);
146 wait_event(tty->read_wait,
147 test_bit(TTY_FLUSHPENDING, &tty->flags) == 0);
148 return;
149 } else
150 __tty_buffer_flush(tty);
151 spin_unlock_irqrestore(&tty->buf.lock, flags);
152}
153
154/**
155 * tty_buffer_find - find a free tty buffer
156 * @tty: tty owning the buffer
157 * @size: characters wanted
158 *
159 * Locate an existing suitable tty buffer or if we are lacking one then
160 * allocate a new one. We round our buffers off in 256 character chunks
161 * to get better allocation behaviour.
162 *
163 * Locking: Caller must hold tty->buf.lock
164 */
165
166static struct tty_buffer *tty_buffer_find(struct tty_struct *tty, size_t size)
167{
168 struct tty_buffer **tbh = &tty->buf.free;
169 while ((*tbh) != NULL) {
170 struct tty_buffer *t = *tbh;
171 if (t->size >= size) {
172 *tbh = t->next;
173 t->next = NULL;
174 t->used = 0;
175 t->commit = 0;
176 t->read = 0;
177 tty->buf.memory_used += t->size;
178 return t;
179 }
180 tbh = &((*tbh)->next);
181 }
182 /* Round the buffer size out */
183 size = (size + 0xFF) & ~0xFF;
184 return tty_buffer_alloc(tty, size);
185 /* Should possibly check if this fails for the largest buffer we
186 have queued and recycle that ? */
187}
188
189/**
190 * tty_buffer_request_room - grow tty buffer if needed
191 * @tty: tty structure
192 * @size: size desired
193 *
194 * Make at least size bytes of linear space available for the tty
195 * buffer. If we fail return the size we managed to find.
196 *
197 * Locking: Takes tty->buf.lock
198 */
199int tty_buffer_request_room(struct tty_struct *tty, size_t size)
200{
201 struct tty_buffer *b, *n;
202 int left;
203 unsigned long flags;
204
205 spin_lock_irqsave(&tty->buf.lock, flags);
206
207 /* OPTIMISATION: We could keep a per tty "zero" sized buffer to
208 remove this conditional if its worth it. This would be invisible
209 to the callers */
210 if ((b = tty->buf.tail) != NULL)
211 left = b->size - b->used;
212 else
213 left = 0;
214
215 if (left < size) {
216 /* This is the slow path - looking for new buffers to use */
217 if ((n = tty_buffer_find(tty, size)) != NULL) {
218 if (b != NULL) {
219 b->next = n;
220 b->commit = b->used;
221 } else
222 tty->buf.head = n;
223 tty->buf.tail = n;
224 } else
225 size = left;
226 }
227
228 spin_unlock_irqrestore(&tty->buf.lock, flags);
229 return size;
230}
231EXPORT_SYMBOL_GPL(tty_buffer_request_room);
232
233/**
234 * tty_insert_flip_string_fixed_flag - Add characters to the tty buffer
235 * @tty: tty structure
236 * @chars: characters
237 * @flag: flag value for each character
238 * @size: size
239 *
240 * Queue a series of bytes to the tty buffering. All the characters
241 * passed are marked with the supplied flag. Returns the number added.
242 *
243 * Locking: Called functions may take tty->buf.lock
244 */
245
246int tty_insert_flip_string_fixed_flag(struct tty_struct *tty,
247 const unsigned char *chars, char flag, size_t size)
248{
249 int copied = 0;
250 do {
251 int goal = min_t(size_t, size - copied, TTY_BUFFER_PAGE);
252 int space = tty_buffer_request_room(tty, goal);
253 struct tty_buffer *tb = tty->buf.tail;
254 /* If there is no space then tb may be NULL */
255 if (unlikely(space == 0))
256 break;
257 memcpy(tb->char_buf_ptr + tb->used, chars, space);
258 memset(tb->flag_buf_ptr + tb->used, flag, space);
259 tb->used += space;
260 copied += space;
261 chars += space;
262 /* There is a small chance that we need to split the data over
263 several buffers. If this is the case we must loop */
264 } while (unlikely(size > copied));
265 return copied;
266}
267EXPORT_SYMBOL(tty_insert_flip_string_fixed_flag);
268
269/**
270 * tty_insert_flip_string_flags - Add characters to the tty buffer
271 * @tty: tty structure
272 * @chars: characters
273 * @flags: flag bytes
274 * @size: size
275 *
276 * Queue a series of bytes to the tty buffering. For each character
277 * the flags array indicates the status of the character. Returns the
278 * number added.
279 *
280 * Locking: Called functions may take tty->buf.lock
281 */
282
283int tty_insert_flip_string_flags(struct tty_struct *tty,
284 const unsigned char *chars, const char *flags, size_t size)
285{
286 int copied = 0;
287 do {
288 int goal = min_t(size_t, size - copied, TTY_BUFFER_PAGE);
289 int space = tty_buffer_request_room(tty, goal);
290 struct tty_buffer *tb = tty->buf.tail;
291 /* If there is no space then tb may be NULL */
292 if (unlikely(space == 0))
293 break;
294 memcpy(tb->char_buf_ptr + tb->used, chars, space);
295 memcpy(tb->flag_buf_ptr + tb->used, flags, space);
296 tb->used += space;
297 copied += space;
298 chars += space;
299 flags += space;
300 /* There is a small chance that we need to split the data over
301 several buffers. If this is the case we must loop */
302 } while (unlikely(size > copied));
303 return copied;
304}
305EXPORT_SYMBOL(tty_insert_flip_string_flags);
306
307/**
308 * tty_schedule_flip - push characters to ldisc
309 * @tty: tty to push from
310 *
311 * Takes any pending buffers and transfers their ownership to the
312 * ldisc side of the queue. It then schedules those characters for
313 * processing by the line discipline.
314 *
315 * Locking: Takes tty->buf.lock
316 */
317
318void tty_schedule_flip(struct tty_struct *tty)
319{
320 unsigned long flags;
321 spin_lock_irqsave(&tty->buf.lock, flags);
322 if (tty->buf.tail != NULL)
323 tty->buf.tail->commit = tty->buf.tail->used;
324 spin_unlock_irqrestore(&tty->buf.lock, flags);
325 schedule_delayed_work(&tty->buf.work, 1);
326}
327EXPORT_SYMBOL(tty_schedule_flip);
328
329/**
330 * tty_prepare_flip_string - make room for characters
331 * @tty: tty
332 * @chars: return pointer for character write area
333 * @size: desired size
334 *
335 * Prepare a block of space in the buffer for data. Returns the length
336 * available and buffer pointer to the space which is now allocated and
337 * accounted for as ready for normal characters. This is used for drivers
338 * that need their own block copy routines into the buffer. There is no
339 * guarantee the buffer is a DMA target!
340 *
341 * Locking: May call functions taking tty->buf.lock
342 */
343
344int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars,
345 size_t size)
346{
347 int space = tty_buffer_request_room(tty, size);
348 if (likely(space)) {
349 struct tty_buffer *tb = tty->buf.tail;
350 *chars = tb->char_buf_ptr + tb->used;
351 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space);
352 tb->used += space;
353 }
354 return space;
355}
356EXPORT_SYMBOL_GPL(tty_prepare_flip_string);
357
358/**
359 * tty_prepare_flip_string_flags - make room for characters
360 * @tty: tty
361 * @chars: return pointer for character write area
362 * @flags: return pointer for status flag write area
363 * @size: desired size
364 *
365 * Prepare a block of space in the buffer for data. Returns the length
366 * available and buffer pointer to the space which is now allocated and
367 * accounted for as ready for characters. This is used for drivers
368 * that need their own block copy routines into the buffer. There is no
369 * guarantee the buffer is a DMA target!
370 *
371 * Locking: May call functions taking tty->buf.lock
372 */
373
374int tty_prepare_flip_string_flags(struct tty_struct *tty,
375 unsigned char **chars, char **flags, size_t size)
376{
377 int space = tty_buffer_request_room(tty, size);
378 if (likely(space)) {
379 struct tty_buffer *tb = tty->buf.tail;
380 *chars = tb->char_buf_ptr + tb->used;
381 *flags = tb->flag_buf_ptr + tb->used;
382 tb->used += space;
383 }
384 return space;
385}
386EXPORT_SYMBOL_GPL(tty_prepare_flip_string_flags);
387
388
389
390/**
391 * flush_to_ldisc
392 * @work: tty structure passed from work queue.
393 *
394 * This routine is called out of the software interrupt to flush data
395 * from the buffer chain to the line discipline.
396 *
397 * Locking: holds tty->buf.lock to guard buffer list. Drops the lock
398 * while invoking the line discipline receive_buf method. The
399 * receive_buf method is single threaded for each tty instance.
400 */
401
402static void flush_to_ldisc(struct work_struct *work)
403{
404 struct tty_struct *tty =
405 container_of(work, struct tty_struct, buf.work.work);
406 unsigned long flags;
407 struct tty_ldisc *disc;
408
409 disc = tty_ldisc_ref(tty);
410 if (disc == NULL) /* !TTY_LDISC */
411 return;
412
413 spin_lock_irqsave(&tty->buf.lock, flags);
414
415 if (!test_and_set_bit(TTY_FLUSHING, &tty->flags)) {
416 struct tty_buffer *head;
417 while ((head = tty->buf.head) != NULL) {
418 int count;
419 char *char_buf;
420 unsigned char *flag_buf;
421
422 count = head->commit - head->read;
423 if (!count) {
424 if (head->next == NULL)
425 break;
426 tty->buf.head = head->next;
427 tty_buffer_free(tty, head);
428 continue;
429 }
430 /* Ldisc or user is trying to flush the buffers
431 we are feeding to the ldisc, stop feeding the
432 line discipline as we want to empty the queue */
433 if (test_bit(TTY_FLUSHPENDING, &tty->flags))
434 break;
435 if (!tty->receive_room) {
436 schedule_delayed_work(&tty->buf.work, 1);
437 break;
438 }
439 if (count > tty->receive_room)
440 count = tty->receive_room;
441 char_buf = head->char_buf_ptr + head->read;
442 flag_buf = head->flag_buf_ptr + head->read;
443 head->read += count;
444 spin_unlock_irqrestore(&tty->buf.lock, flags);
445 disc->ops->receive_buf(tty, char_buf,
446 flag_buf, count);
447 spin_lock_irqsave(&tty->buf.lock, flags);
448 }
449 clear_bit(TTY_FLUSHING, &tty->flags);
450 }
451
452 /* We may have a deferred request to flush the input buffer,
453 if so pull the chain under the lock and empty the queue */
454 if (test_bit(TTY_FLUSHPENDING, &tty->flags)) {
455 __tty_buffer_flush(tty);
456 clear_bit(TTY_FLUSHPENDING, &tty->flags);
457 wake_up(&tty->read_wait);
458 }
459 spin_unlock_irqrestore(&tty->buf.lock, flags);
460
461 tty_ldisc_deref(disc);
462}
463
464/**
465 * tty_flush_to_ldisc
466 * @tty: tty to push
467 *
468 * Push the terminal flip buffers to the line discipline.
469 *
470 * Must not be called from IRQ context.
471 */
472void tty_flush_to_ldisc(struct tty_struct *tty)
473{
474 flush_delayed_work(&tty->buf.work);
475}
476
477/**
478 * tty_flip_buffer_push - terminal
479 * @tty: tty to push
480 *
481 * Queue a push of the terminal flip buffers to the line discipline. This
482 * function must not be called from IRQ context if tty->low_latency is set.
483 *
484 * In the event of the queue being busy for flipping the work will be
485 * held off and retried later.
486 *
487 * Locking: tty buffer lock. Driver locks in low latency mode.
488 */
489
490void tty_flip_buffer_push(struct tty_struct *tty)
491{
492 unsigned long flags;
493 spin_lock_irqsave(&tty->buf.lock, flags);
494 if (tty->buf.tail != NULL)
495 tty->buf.tail->commit = tty->buf.tail->used;
496 spin_unlock_irqrestore(&tty->buf.lock, flags);
497
498 if (tty->low_latency)
499 flush_to_ldisc(&tty->buf.work.work);
500 else
501 schedule_delayed_work(&tty->buf.work, 1);
502}
503EXPORT_SYMBOL(tty_flip_buffer_push);
504
505/**
506 * tty_buffer_init - prepare a tty buffer structure
507 * @tty: tty to initialise
508 *
509 * Set up the initial state of the buffer management for a tty device.
510 * Must be called before the other tty buffer functions are used.
511 *
512 * Locking: none
513 */
514
515void tty_buffer_init(struct tty_struct *tty)
516{
517 spin_lock_init(&tty->buf.lock);
518 tty->buf.head = NULL;
519 tty->buf.tail = NULL;
520 tty->buf.free = NULL;
521 tty->buf.memory_used = 0;
522 INIT_DELAYED_WORK(&tty->buf.work, flush_to_ldisc);
523}
524
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
deleted file mode 100644
index c05c5af5aa0..00000000000
--- a/drivers/char/tty_io.c
+++ /dev/null
@@ -1,3263 +0,0 @@
1/*
2 * linux/drivers/char/tty_io.c
3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */
6
7/*
8 * 'tty_io.c' gives an orthogonal feeling to tty's, be they consoles
9 * or rs-channels. It also implements echoing, cooked mode etc.
10 *
11 * Kill-line thanks to John T Kohl, who also corrected VMIN = VTIME = 0.
12 *
13 * Modified by Theodore Ts'o, 9/14/92, to dynamically allocate the
14 * tty_struct and tty_queue structures. Previously there was an array
15 * of 256 tty_struct's which was statically allocated, and the
16 * tty_queue structures were allocated at boot time. Both are now
17 * dynamically allocated only when the tty is open.
18 *
19 * Also restructured routines so that there is more of a separation
20 * between the high-level tty routines (tty_io.c and tty_ioctl.c) and
21 * the low-level tty routines (serial.c, pty.c, console.c). This
22 * makes for cleaner and more compact code. -TYT, 9/17/92
23 *
24 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
25 * which can be dynamically activated and de-activated by the line
26 * discipline handling modules (like SLIP).
27 *
28 * NOTE: pay no attention to the line discipline code (yet); its
29 * interface is still subject to change in this version...
30 * -- TYT, 1/31/92
31 *
32 * Added functionality to the OPOST tty handling. No delays, but all
33 * other bits should be there.
34 * -- Nick Holloway <alfie@dcs.warwick.ac.uk>, 27th May 1993.
35 *
36 * Rewrote canonical mode and added more termios flags.
37 * -- julian@uhunix.uhcc.hawaii.edu (J. Cowley), 13Jan94
38 *
39 * Reorganized FASYNC support so mouse code can share it.
40 * -- ctm@ardi.com, 9Sep95
41 *
42 * New TIOCLINUX variants added.
43 * -- mj@k332.feld.cvut.cz, 19-Nov-95
44 *
45 * Restrict vt switching via ioctl()
46 * -- grif@cs.ucr.edu, 5-Dec-95
47 *
48 * Move console and virtual terminal code to more appropriate files,
49 * implement CONFIG_VT and generalize console device interface.
50 * -- Marko Kohtala <Marko.Kohtala@hut.fi>, March 97
51 *
52 * Rewrote tty_init_dev and tty_release_dev to eliminate races.
53 * -- Bill Hawes <whawes@star.net>, June 97
54 *
55 * Added devfs support.
56 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 13-Jan-1998
57 *
58 * Added support for a Unix98-style ptmx device.
59 * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
60 *
61 * Reduced memory usage for older ARM systems
62 * -- Russell King <rmk@arm.linux.org.uk>
63 *
64 * Move do_SAK() into process context. Less stack use in devfs functions.
65 * alloc_tty_struct() always uses kmalloc()
66 * -- Andrew Morton <andrewm@uow.edu.eu> 17Mar01
67 */
68
69#include <linux/types.h>
70#include <linux/major.h>
71#include <linux/errno.h>
72#include <linux/signal.h>
73#include <linux/fcntl.h>
74#include <linux/sched.h>
75#include <linux/interrupt.h>
76#include <linux/tty.h>
77#include <linux/tty_driver.h>
78#include <linux/tty_flip.h>
79#include <linux/devpts_fs.h>
80#include <linux/file.h>
81#include <linux/fdtable.h>
82#include <linux/console.h>
83#include <linux/timer.h>
84#include <linux/ctype.h>
85#include <linux/kd.h>
86#include <linux/mm.h>
87#include <linux/string.h>
88#include <linux/slab.h>
89#include <linux/poll.h>
90#include <linux/proc_fs.h>
91#include <linux/init.h>
92#include <linux/module.h>
93#include <linux/smp_lock.h>
94#include <linux/device.h>
95#include <linux/wait.h>
96#include <linux/bitops.h>
97#include <linux/delay.h>
98#include <linux/seq_file.h>
99#include <linux/serial.h>
100
101#include <linux/uaccess.h>
102#include <asm/system.h>
103
104#include <linux/kbd_kern.h>
105#include <linux/vt_kern.h>
106#include <linux/selection.h>
107
108#include <linux/kmod.h>
109#include <linux/nsproxy.h>
110
111#undef TTY_DEBUG_HANGUP
112
113#define TTY_PARANOIA_CHECK 1
114#define CHECK_TTY_COUNT 1
115
116struct ktermios tty_std_termios = { /* for the benefit of tty drivers */
117 .c_iflag = ICRNL | IXON,
118 .c_oflag = OPOST | ONLCR,
119 .c_cflag = B38400 | CS8 | CREAD | HUPCL,
120 .c_lflag = ISIG | ICANON | ECHO | ECHOE | ECHOK |
121 ECHOCTL | ECHOKE | IEXTEN,
122 .c_cc = INIT_C_CC,
123 .c_ispeed = 38400,
124 .c_ospeed = 38400
125};
126
127EXPORT_SYMBOL(tty_std_termios);
128
129/* This list gets poked at by procfs and various bits of boot up code. This
130 could do with some rationalisation such as pulling the tty proc function
131 into this file */
132
133LIST_HEAD(tty_drivers); /* linked list of tty drivers */
134
135/* Mutex to protect creating and releasing a tty. This is shared with
136 vt.c for deeply disgusting hack reasons */
137DEFINE_MUTEX(tty_mutex);
138EXPORT_SYMBOL(tty_mutex);
139
140/* Spinlock to protect the tty->tty_files list */
141DEFINE_SPINLOCK(tty_files_lock);
142
143static ssize_t tty_read(struct file *, char __user *, size_t, loff_t *);
144static ssize_t tty_write(struct file *, const char __user *, size_t, loff_t *);
145ssize_t redirected_tty_write(struct file *, const char __user *,
146 size_t, loff_t *);
147static unsigned int tty_poll(struct file *, poll_table *);
148static int tty_open(struct inode *, struct file *);
149long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
150#ifdef CONFIG_COMPAT
151static long tty_compat_ioctl(struct file *file, unsigned int cmd,
152 unsigned long arg);
153#else
154#define tty_compat_ioctl NULL
155#endif
156static int __tty_fasync(int fd, struct file *filp, int on);
157static int tty_fasync(int fd, struct file *filp, int on);
158static void release_tty(struct tty_struct *tty, int idx);
159static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
160static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty);
161
162/**
163 * alloc_tty_struct - allocate a tty object
164 *
165 * Return a new empty tty structure. The data fields have not
166 * been initialized in any way but has been zeroed
167 *
168 * Locking: none
169 */
170
171struct tty_struct *alloc_tty_struct(void)
172{
173 return kzalloc(sizeof(struct tty_struct), GFP_KERNEL);
174}
175
176/**
177 * free_tty_struct - free a disused tty
178 * @tty: tty struct to free
179 *
180 * Free the write buffers, tty queue and tty memory itself.
181 *
182 * Locking: none. Must be called after tty is definitely unused
183 */
184
185void free_tty_struct(struct tty_struct *tty)
186{
187 if (tty->dev)
188 put_device(tty->dev);
189 kfree(tty->write_buf);
190 tty_buffer_free_all(tty);
191 kfree(tty);
192}
193
194static inline struct tty_struct *file_tty(struct file *file)
195{
196 return ((struct tty_file_private *)file->private_data)->tty;
197}
198
199/* Associate a new file with the tty structure */
200int tty_add_file(struct tty_struct *tty, struct file *file)
201{
202 struct tty_file_private *priv;
203
204 priv = kmalloc(sizeof(*priv), GFP_KERNEL);
205 if (!priv)
206 return -ENOMEM;
207
208 priv->tty = tty;
209 priv->file = file;
210 file->private_data = priv;
211
212 spin_lock(&tty_files_lock);
213 list_add(&priv->list, &tty->tty_files);
214 spin_unlock(&tty_files_lock);
215
216 return 0;
217}
218
219/* Delete file from its tty */
220void tty_del_file(struct file *file)
221{
222 struct tty_file_private *priv = file->private_data;
223
224 spin_lock(&tty_files_lock);
225 list_del(&priv->list);
226 spin_unlock(&tty_files_lock);
227 file->private_data = NULL;
228 kfree(priv);
229}
230
231
232#define TTY_NUMBER(tty) ((tty)->index + (tty)->driver->name_base)
233
234/**
235 * tty_name - return tty naming
236 * @tty: tty structure
237 * @buf: buffer for output
238 *
239 * Convert a tty structure into a name. The name reflects the kernel
240 * naming policy and if udev is in use may not reflect user space
241 *
242 * Locking: none
243 */
244
245char *tty_name(struct tty_struct *tty, char *buf)
246{
247 if (!tty) /* Hmm. NULL pointer. That's fun. */
248 strcpy(buf, "NULL tty");
249 else
250 strcpy(buf, tty->name);
251 return buf;
252}
253
254EXPORT_SYMBOL(tty_name);
255
256int tty_paranoia_check(struct tty_struct *tty, struct inode *inode,
257 const char *routine)
258{
259#ifdef TTY_PARANOIA_CHECK
260 if (!tty) {
261 printk(KERN_WARNING
262 "null TTY for (%d:%d) in %s\n",
263 imajor(inode), iminor(inode), routine);
264 return 1;
265 }
266 if (tty->magic != TTY_MAGIC) {
267 printk(KERN_WARNING
268 "bad magic number for tty struct (%d:%d) in %s\n",
269 imajor(inode), iminor(inode), routine);
270 return 1;
271 }
272#endif
273 return 0;
274}
275
276static int check_tty_count(struct tty_struct *tty, const char *routine)
277{
278#ifdef CHECK_TTY_COUNT
279 struct list_head *p;
280 int count = 0;
281
282 spin_lock(&tty_files_lock);
283 list_for_each(p, &tty->tty_files) {
284 count++;
285 }
286 spin_unlock(&tty_files_lock);
287 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
288 tty->driver->subtype == PTY_TYPE_SLAVE &&
289 tty->link && tty->link->count)
290 count++;
291 if (tty->count != count) {
292 printk(KERN_WARNING "Warning: dev (%s) tty->count(%d) "
293 "!= #fd's(%d) in %s\n",
294 tty->name, tty->count, count, routine);
295 return count;
296 }
297#endif
298 return 0;
299}
300
301/**
302 * get_tty_driver - find device of a tty
303 * @dev_t: device identifier
304 * @index: returns the index of the tty
305 *
306 * This routine returns a tty driver structure, given a device number
307 * and also passes back the index number.
308 *
309 * Locking: caller must hold tty_mutex
310 */
311
312static struct tty_driver *get_tty_driver(dev_t device, int *index)
313{
314 struct tty_driver *p;
315
316 list_for_each_entry(p, &tty_drivers, tty_drivers) {
317 dev_t base = MKDEV(p->major, p->minor_start);
318 if (device < base || device >= base + p->num)
319 continue;
320 *index = device - base;
321 return tty_driver_kref_get(p);
322 }
323 return NULL;
324}
325
326#ifdef CONFIG_CONSOLE_POLL
327
328/**
329 * tty_find_polling_driver - find device of a polled tty
330 * @name: name string to match
331 * @line: pointer to resulting tty line nr
332 *
333 * This routine returns a tty driver structure, given a name
334 * and the condition that the tty driver is capable of polled
335 * operation.
336 */
337struct tty_driver *tty_find_polling_driver(char *name, int *line)
338{
339 struct tty_driver *p, *res = NULL;
340 int tty_line = 0;
341 int len;
342 char *str, *stp;
343
344 for (str = name; *str; str++)
345 if ((*str >= '0' && *str <= '9') || *str == ',')
346 break;
347 if (!*str)
348 return NULL;
349
350 len = str - name;
351 tty_line = simple_strtoul(str, &str, 10);
352
353 mutex_lock(&tty_mutex);
354 /* Search through the tty devices to look for a match */
355 list_for_each_entry(p, &tty_drivers, tty_drivers) {
356 if (strncmp(name, p->name, len) != 0)
357 continue;
358 stp = str;
359 if (*stp == ',')
360 stp++;
361 if (*stp == '\0')
362 stp = NULL;
363
364 if (tty_line >= 0 && tty_line < p->num && p->ops &&
365 p->ops->poll_init && !p->ops->poll_init(p, tty_line, stp)) {
366 res = tty_driver_kref_get(p);
367 *line = tty_line;
368 break;
369 }
370 }
371 mutex_unlock(&tty_mutex);
372
373 return res;
374}
375EXPORT_SYMBOL_GPL(tty_find_polling_driver);
376#endif
377
378/**
379 * tty_check_change - check for POSIX terminal changes
380 * @tty: tty to check
381 *
382 * If we try to write to, or set the state of, a terminal and we're
383 * not in the foreground, send a SIGTTOU. If the signal is blocked or
384 * ignored, go ahead and perform the operation. (POSIX 7.2)
385 *
386 * Locking: ctrl_lock
387 */
388
389int tty_check_change(struct tty_struct *tty)
390{
391 unsigned long flags;
392 int ret = 0;
393
394 if (current->signal->tty != tty)
395 return 0;
396
397 spin_lock_irqsave(&tty->ctrl_lock, flags);
398
399 if (!tty->pgrp) {
400 printk(KERN_WARNING "tty_check_change: tty->pgrp == NULL!\n");
401 goto out_unlock;
402 }
403 if (task_pgrp(current) == tty->pgrp)
404 goto out_unlock;
405 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
406 if (is_ignored(SIGTTOU))
407 goto out;
408 if (is_current_pgrp_orphaned()) {
409 ret = -EIO;
410 goto out;
411 }
412 kill_pgrp(task_pgrp(current), SIGTTOU, 1);
413 set_thread_flag(TIF_SIGPENDING);
414 ret = -ERESTARTSYS;
415out:
416 return ret;
417out_unlock:
418 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
419 return ret;
420}
421
422EXPORT_SYMBOL(tty_check_change);
423
424static ssize_t hung_up_tty_read(struct file *file, char __user *buf,
425 size_t count, loff_t *ppos)
426{
427 return 0;
428}
429
430static ssize_t hung_up_tty_write(struct file *file, const char __user *buf,
431 size_t count, loff_t *ppos)
432{
433 return -EIO;
434}
435
436/* No kernel lock held - none needed ;) */
437static unsigned int hung_up_tty_poll(struct file *filp, poll_table *wait)
438{
439 return POLLIN | POLLOUT | POLLERR | POLLHUP | POLLRDNORM | POLLWRNORM;
440}
441
442static long hung_up_tty_ioctl(struct file *file, unsigned int cmd,
443 unsigned long arg)
444{
445 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
446}
447
448static long hung_up_tty_compat_ioctl(struct file *file,
449 unsigned int cmd, unsigned long arg)
450{
451 return cmd == TIOCSPGRP ? -ENOTTY : -EIO;
452}
453
454static const struct file_operations tty_fops = {
455 .llseek = no_llseek,
456 .read = tty_read,
457 .write = tty_write,
458 .poll = tty_poll,
459 .unlocked_ioctl = tty_ioctl,
460 .compat_ioctl = tty_compat_ioctl,
461 .open = tty_open,
462 .release = tty_release,
463 .fasync = tty_fasync,
464};
465
466static const struct file_operations console_fops = {
467 .llseek = no_llseek,
468 .read = tty_read,
469 .write = redirected_tty_write,
470 .poll = tty_poll,
471 .unlocked_ioctl = tty_ioctl,
472 .compat_ioctl = tty_compat_ioctl,
473 .open = tty_open,
474 .release = tty_release,
475 .fasync = tty_fasync,
476};
477
478static const struct file_operations hung_up_tty_fops = {
479 .llseek = no_llseek,
480 .read = hung_up_tty_read,
481 .write = hung_up_tty_write,
482 .poll = hung_up_tty_poll,
483 .unlocked_ioctl = hung_up_tty_ioctl,
484 .compat_ioctl = hung_up_tty_compat_ioctl,
485 .release = tty_release,
486};
487
488static DEFINE_SPINLOCK(redirect_lock);
489static struct file *redirect;
490
491/**
492 * tty_wakeup - request more data
493 * @tty: terminal
494 *
495 * Internal and external helper for wakeups of tty. This function
496 * informs the line discipline if present that the driver is ready
497 * to receive more output data.
498 */
499
500void tty_wakeup(struct tty_struct *tty)
501{
502 struct tty_ldisc *ld;
503
504 if (test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) {
505 ld = tty_ldisc_ref(tty);
506 if (ld) {
507 if (ld->ops->write_wakeup)
508 ld->ops->write_wakeup(tty);
509 tty_ldisc_deref(ld);
510 }
511 }
512 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
513}
514
515EXPORT_SYMBOL_GPL(tty_wakeup);
516
517/**
518 * __tty_hangup - actual handler for hangup events
519 * @work: tty device
520 *
521 * This can be called by the "eventd" kernel thread. That is process
522 * synchronous but doesn't hold any locks, so we need to make sure we
523 * have the appropriate locks for what we're doing.
524 *
525 * The hangup event clears any pending redirections onto the hung up
526 * device. It ensures future writes will error and it does the needed
527 * line discipline hangup and signal delivery. The tty object itself
528 * remains intact.
529 *
530 * Locking:
531 * BTM
532 * redirect lock for undoing redirection
533 * file list lock for manipulating list of ttys
534 * tty_ldisc_lock from called functions
535 * termios_mutex resetting termios data
536 * tasklist_lock to walk task list for hangup event
537 * ->siglock to protect ->signal/->sighand
538 */
539void __tty_hangup(struct tty_struct *tty)
540{
541 struct file *cons_filp = NULL;
542 struct file *filp, *f = NULL;
543 struct task_struct *p;
544 struct tty_file_private *priv;
545 int closecount = 0, n;
546 unsigned long flags;
547 int refs = 0;
548
549 if (!tty)
550 return;
551
552
553 spin_lock(&redirect_lock);
554 if (redirect && file_tty(redirect) == tty) {
555 f = redirect;
556 redirect = NULL;
557 }
558 spin_unlock(&redirect_lock);
559
560 tty_lock();
561
562 /* inuse_filps is protected by the single tty lock,
563 this really needs to change if we want to flush the
564 workqueue with the lock held */
565 check_tty_count(tty, "tty_hangup");
566
567 spin_lock(&tty_files_lock);
568 /* This breaks for file handles being sent over AF_UNIX sockets ? */
569 list_for_each_entry(priv, &tty->tty_files, list) {
570 filp = priv->file;
571 if (filp->f_op->write == redirected_tty_write)
572 cons_filp = filp;
573 if (filp->f_op->write != tty_write)
574 continue;
575 closecount++;
576 __tty_fasync(-1, filp, 0); /* can't block */
577 filp->f_op = &hung_up_tty_fops;
578 }
579 spin_unlock(&tty_files_lock);
580
581 tty_ldisc_hangup(tty);
582
583 read_lock(&tasklist_lock);
584 if (tty->session) {
585 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
586 spin_lock_irq(&p->sighand->siglock);
587 if (p->signal->tty == tty) {
588 p->signal->tty = NULL;
589 /* We defer the dereferences outside fo
590 the tasklist lock */
591 refs++;
592 }
593 if (!p->signal->leader) {
594 spin_unlock_irq(&p->sighand->siglock);
595 continue;
596 }
597 __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
598 __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
599 put_pid(p->signal->tty_old_pgrp); /* A noop */
600 spin_lock_irqsave(&tty->ctrl_lock, flags);
601 if (tty->pgrp)
602 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
603 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
604 spin_unlock_irq(&p->sighand->siglock);
605 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
606 }
607 read_unlock(&tasklist_lock);
608
609 spin_lock_irqsave(&tty->ctrl_lock, flags);
610 clear_bit(TTY_THROTTLED, &tty->flags);
611 clear_bit(TTY_PUSH, &tty->flags);
612 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
613 put_pid(tty->session);
614 put_pid(tty->pgrp);
615 tty->session = NULL;
616 tty->pgrp = NULL;
617 tty->ctrl_status = 0;
618 set_bit(TTY_HUPPED, &tty->flags);
619 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
620
621 /* Account for the p->signal references we killed */
622 while (refs--)
623 tty_kref_put(tty);
624
625 /*
626 * If one of the devices matches a console pointer, we
627 * cannot just call hangup() because that will cause
628 * tty->count and state->count to go out of sync.
629 * So we just call close() the right number of times.
630 */
631 if (cons_filp) {
632 if (tty->ops->close)
633 for (n = 0; n < closecount; n++)
634 tty->ops->close(tty, cons_filp);
635 } else if (tty->ops->hangup)
636 (tty->ops->hangup)(tty);
637 /*
638 * We don't want to have driver/ldisc interactions beyond
639 * the ones we did here. The driver layer expects no
640 * calls after ->hangup() from the ldisc side. However we
641 * can't yet guarantee all that.
642 */
643 set_bit(TTY_HUPPED, &tty->flags);
644 tty_ldisc_enable(tty);
645
646 tty_unlock();
647
648 if (f)
649 fput(f);
650}
651
652static void do_tty_hangup(struct work_struct *work)
653{
654 struct tty_struct *tty =
655 container_of(work, struct tty_struct, hangup_work);
656
657 __tty_hangup(tty);
658}
659
660/**
661 * tty_hangup - trigger a hangup event
662 * @tty: tty to hangup
663 *
664 * A carrier loss (virtual or otherwise) has occurred on this like
665 * schedule a hangup sequence to run after this event.
666 */
667
668void tty_hangup(struct tty_struct *tty)
669{
670#ifdef TTY_DEBUG_HANGUP
671 char buf[64];
672 printk(KERN_DEBUG "%s hangup...\n", tty_name(tty, buf));
673#endif
674 schedule_work(&tty->hangup_work);
675}
676
677EXPORT_SYMBOL(tty_hangup);
678
679/**
680 * tty_vhangup - process vhangup
681 * @tty: tty to hangup
682 *
683 * The user has asked via system call for the terminal to be hung up.
684 * We do this synchronously so that when the syscall returns the process
685 * is complete. That guarantee is necessary for security reasons.
686 */
687
688void tty_vhangup(struct tty_struct *tty)
689{
690#ifdef TTY_DEBUG_HANGUP
691 char buf[64];
692
693 printk(KERN_DEBUG "%s vhangup...\n", tty_name(tty, buf));
694#endif
695 __tty_hangup(tty);
696}
697
698EXPORT_SYMBOL(tty_vhangup);
699
700
701/**
702 * tty_vhangup_self - process vhangup for own ctty
703 *
704 * Perform a vhangup on the current controlling tty
705 */
706
707void tty_vhangup_self(void)
708{
709 struct tty_struct *tty;
710
711 tty = get_current_tty();
712 if (tty) {
713 tty_vhangup(tty);
714 tty_kref_put(tty);
715 }
716}
717
718/**
719 * tty_hung_up_p - was tty hung up
720 * @filp: file pointer of tty
721 *
722 * Return true if the tty has been subject to a vhangup or a carrier
723 * loss
724 */
725
726int tty_hung_up_p(struct file *filp)
727{
728 return (filp->f_op == &hung_up_tty_fops);
729}
730
731EXPORT_SYMBOL(tty_hung_up_p);
732
733static void session_clear_tty(struct pid *session)
734{
735 struct task_struct *p;
736 do_each_pid_task(session, PIDTYPE_SID, p) {
737 proc_clear_tty(p);
738 } while_each_pid_task(session, PIDTYPE_SID, p);
739}
740
741/**
742 * disassociate_ctty - disconnect controlling tty
743 * @on_exit: true if exiting so need to "hang up" the session
744 *
745 * This function is typically called only by the session leader, when
746 * it wants to disassociate itself from its controlling tty.
747 *
748 * It performs the following functions:
749 * (1) Sends a SIGHUP and SIGCONT to the foreground process group
750 * (2) Clears the tty from being controlling the session
751 * (3) Clears the controlling tty for all processes in the
752 * session group.
753 *
754 * The argument on_exit is set to 1 if called when a process is
755 * exiting; it is 0 if called by the ioctl TIOCNOTTY.
756 *
757 * Locking:
758 * BTM is taken for hysterical raisins, and held when
759 * called from no_tty().
760 * tty_mutex is taken to protect tty
761 * ->siglock is taken to protect ->signal/->sighand
762 * tasklist_lock is taken to walk process list for sessions
763 * ->siglock is taken to protect ->signal/->sighand
764 */
765
766void disassociate_ctty(int on_exit)
767{
768 struct tty_struct *tty;
769 struct pid *tty_pgrp = NULL;
770
771 if (!current->signal->leader)
772 return;
773
774 tty = get_current_tty();
775 if (tty) {
776 tty_pgrp = get_pid(tty->pgrp);
777 if (on_exit) {
778 if (tty->driver->type != TTY_DRIVER_TYPE_PTY)
779 tty_vhangup(tty);
780 }
781 tty_kref_put(tty);
782 } else if (on_exit) {
783 struct pid *old_pgrp;
784 spin_lock_irq(&current->sighand->siglock);
785 old_pgrp = current->signal->tty_old_pgrp;
786 current->signal->tty_old_pgrp = NULL;
787 spin_unlock_irq(&current->sighand->siglock);
788 if (old_pgrp) {
789 kill_pgrp(old_pgrp, SIGHUP, on_exit);
790 kill_pgrp(old_pgrp, SIGCONT, on_exit);
791 put_pid(old_pgrp);
792 }
793 return;
794 }
795 if (tty_pgrp) {
796 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
797 if (!on_exit)
798 kill_pgrp(tty_pgrp, SIGCONT, on_exit);
799 put_pid(tty_pgrp);
800 }
801
802 spin_lock_irq(&current->sighand->siglock);
803 put_pid(current->signal->tty_old_pgrp);
804 current->signal->tty_old_pgrp = NULL;
805 spin_unlock_irq(&current->sighand->siglock);
806
807 tty = get_current_tty();
808 if (tty) {
809 unsigned long flags;
810 spin_lock_irqsave(&tty->ctrl_lock, flags);
811 put_pid(tty->session);
812 put_pid(tty->pgrp);
813 tty->session = NULL;
814 tty->pgrp = NULL;
815 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
816 tty_kref_put(tty);
817 } else {
818#ifdef TTY_DEBUG_HANGUP
819 printk(KERN_DEBUG "error attempted to write to tty [0x%p]"
820 " = NULL", tty);
821#endif
822 }
823
824 /* Now clear signal->tty under the lock */
825 read_lock(&tasklist_lock);
826 session_clear_tty(task_session(current));
827 read_unlock(&tasklist_lock);
828}
829
830/**
831 *
832 * no_tty - Ensure the current process does not have a controlling tty
833 */
834void no_tty(void)
835{
836 struct task_struct *tsk = current;
837 tty_lock();
838 disassociate_ctty(0);
839 tty_unlock();
840 proc_clear_tty(tsk);
841}
842
843
844/**
845 * stop_tty - propagate flow control
846 * @tty: tty to stop
847 *
848 * Perform flow control to the driver. For PTY/TTY pairs we
849 * must also propagate the TIOCKPKT status. May be called
850 * on an already stopped device and will not re-call the driver
851 * method.
852 *
853 * This functionality is used by both the line disciplines for
854 * halting incoming flow and by the driver. It may therefore be
855 * called from any context, may be under the tty atomic_write_lock
856 * but not always.
857 *
858 * Locking:
859 * Uses the tty control lock internally
860 */
861
862void stop_tty(struct tty_struct *tty)
863{
864 unsigned long flags;
865 spin_lock_irqsave(&tty->ctrl_lock, flags);
866 if (tty->stopped) {
867 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
868 return;
869 }
870 tty->stopped = 1;
871 if (tty->link && tty->link->packet) {
872 tty->ctrl_status &= ~TIOCPKT_START;
873 tty->ctrl_status |= TIOCPKT_STOP;
874 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
875 }
876 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
877 if (tty->ops->stop)
878 (tty->ops->stop)(tty);
879}
880
881EXPORT_SYMBOL(stop_tty);
882
883/**
884 * start_tty - propagate flow control
885 * @tty: tty to start
886 *
887 * Start a tty that has been stopped if at all possible. Perform
888 * any necessary wakeups and propagate the TIOCPKT status. If this
889 * is the tty was previous stopped and is being started then the
890 * driver start method is invoked and the line discipline woken.
891 *
892 * Locking:
893 * ctrl_lock
894 */
895
896void start_tty(struct tty_struct *tty)
897{
898 unsigned long flags;
899 spin_lock_irqsave(&tty->ctrl_lock, flags);
900 if (!tty->stopped || tty->flow_stopped) {
901 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
902 return;
903 }
904 tty->stopped = 0;
905 if (tty->link && tty->link->packet) {
906 tty->ctrl_status &= ~TIOCPKT_STOP;
907 tty->ctrl_status |= TIOCPKT_START;
908 wake_up_interruptible_poll(&tty->link->read_wait, POLLIN);
909 }
910 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
911 if (tty->ops->start)
912 (tty->ops->start)(tty);
913 /* If we have a running line discipline it may need kicking */
914 tty_wakeup(tty);
915}
916
917EXPORT_SYMBOL(start_tty);
918
919/**
920 * tty_read - read method for tty device files
921 * @file: pointer to tty file
922 * @buf: user buffer
923 * @count: size of user buffer
924 * @ppos: unused
925 *
926 * Perform the read system call function on this terminal device. Checks
927 * for hung up devices before calling the line discipline method.
928 *
929 * Locking:
930 * Locks the line discipline internally while needed. Multiple
931 * read calls may be outstanding in parallel.
932 */
933
934static ssize_t tty_read(struct file *file, char __user *buf, size_t count,
935 loff_t *ppos)
936{
937 int i;
938 struct inode *inode = file->f_path.dentry->d_inode;
939 struct tty_struct *tty = file_tty(file);
940 struct tty_ldisc *ld;
941
942 if (tty_paranoia_check(tty, inode, "tty_read"))
943 return -EIO;
944 if (!tty || (test_bit(TTY_IO_ERROR, &tty->flags)))
945 return -EIO;
946
947 /* We want to wait for the line discipline to sort out in this
948 situation */
949 ld = tty_ldisc_ref_wait(tty);
950 if (ld->ops->read)
951 i = (ld->ops->read)(tty, file, buf, count);
952 else
953 i = -EIO;
954 tty_ldisc_deref(ld);
955 if (i > 0)
956 inode->i_atime = current_fs_time(inode->i_sb);
957 return i;
958}
959
960void tty_write_unlock(struct tty_struct *tty)
961{
962 mutex_unlock(&tty->atomic_write_lock);
963 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
964}
965
966int tty_write_lock(struct tty_struct *tty, int ndelay)
967{
968 if (!mutex_trylock(&tty->atomic_write_lock)) {
969 if (ndelay)
970 return -EAGAIN;
971 if (mutex_lock_interruptible(&tty->atomic_write_lock))
972 return -ERESTARTSYS;
973 }
974 return 0;
975}
976
977/*
978 * Split writes up in sane blocksizes to avoid
979 * denial-of-service type attacks
980 */
981static inline ssize_t do_tty_write(
982 ssize_t (*write)(struct tty_struct *, struct file *, const unsigned char *, size_t),
983 struct tty_struct *tty,
984 struct file *file,
985 const char __user *buf,
986 size_t count)
987{
988 ssize_t ret, written = 0;
989 unsigned int chunk;
990
991 ret = tty_write_lock(tty, file->f_flags & O_NDELAY);
992 if (ret < 0)
993 return ret;
994
995 /*
996 * We chunk up writes into a temporary buffer. This
997 * simplifies low-level drivers immensely, since they
998 * don't have locking issues and user mode accesses.
999 *
1000 * But if TTY_NO_WRITE_SPLIT is set, we should use a
1001 * big chunk-size..
1002 *
1003 * The default chunk-size is 2kB, because the NTTY
1004 * layer has problems with bigger chunks. It will
1005 * claim to be able to handle more characters than
1006 * it actually does.
1007 *
1008 * FIXME: This can probably go away now except that 64K chunks
1009 * are too likely to fail unless switched to vmalloc...
1010 */
1011 chunk = 2048;
1012 if (test_bit(TTY_NO_WRITE_SPLIT, &tty->flags))
1013 chunk = 65536;
1014 if (count < chunk)
1015 chunk = count;
1016
1017 /* write_buf/write_cnt is protected by the atomic_write_lock mutex */
1018 if (tty->write_cnt < chunk) {
1019 unsigned char *buf_chunk;
1020
1021 if (chunk < 1024)
1022 chunk = 1024;
1023
1024 buf_chunk = kmalloc(chunk, GFP_KERNEL);
1025 if (!buf_chunk) {
1026 ret = -ENOMEM;
1027 goto out;
1028 }
1029 kfree(tty->write_buf);
1030 tty->write_cnt = chunk;
1031 tty->write_buf = buf_chunk;
1032 }
1033
1034 /* Do the write .. */
1035 for (;;) {
1036 size_t size = count;
1037 if (size > chunk)
1038 size = chunk;
1039 ret = -EFAULT;
1040 if (copy_from_user(tty->write_buf, buf, size))
1041 break;
1042 ret = write(tty, file, tty->write_buf, size);
1043 if (ret <= 0)
1044 break;
1045 written += ret;
1046 buf += ret;
1047 count -= ret;
1048 if (!count)
1049 break;
1050 ret = -ERESTARTSYS;
1051 if (signal_pending(current))
1052 break;
1053 cond_resched();
1054 }
1055 if (written) {
1056 struct inode *inode = file->f_path.dentry->d_inode;
1057 inode->i_mtime = current_fs_time(inode->i_sb);
1058 ret = written;
1059 }
1060out:
1061 tty_write_unlock(tty);
1062 return ret;
1063}
1064
1065/**
1066 * tty_write_message - write a message to a certain tty, not just the console.
1067 * @tty: the destination tty_struct
1068 * @msg: the message to write
1069 *
1070 * This is used for messages that need to be redirected to a specific tty.
1071 * We don't put it into the syslog queue right now maybe in the future if
1072 * really needed.
1073 *
1074 * We must still hold the BTM and test the CLOSING flag for the moment.
1075 */
1076
1077void tty_write_message(struct tty_struct *tty, char *msg)
1078{
1079 if (tty) {
1080 mutex_lock(&tty->atomic_write_lock);
1081 tty_lock();
1082 if (tty->ops->write && !test_bit(TTY_CLOSING, &tty->flags)) {
1083 tty_unlock();
1084 tty->ops->write(tty, msg, strlen(msg));
1085 } else
1086 tty_unlock();
1087 tty_write_unlock(tty);
1088 }
1089 return;
1090}
1091
1092
1093/**
1094 * tty_write - write method for tty device file
1095 * @file: tty file pointer
1096 * @buf: user data to write
1097 * @count: bytes to write
1098 * @ppos: unused
1099 *
1100 * Write data to a tty device via the line discipline.
1101 *
1102 * Locking:
1103 * Locks the line discipline as required
1104 * Writes to the tty driver are serialized by the atomic_write_lock
1105 * and are then processed in chunks to the device. The line discipline
1106 * write method will not be invoked in parallel for each device.
1107 */
1108
1109static ssize_t tty_write(struct file *file, const char __user *buf,
1110 size_t count, loff_t *ppos)
1111{
1112 struct inode *inode = file->f_path.dentry->d_inode;
1113 struct tty_struct *tty = file_tty(file);
1114 struct tty_ldisc *ld;
1115 ssize_t ret;
1116
1117 if (tty_paranoia_check(tty, inode, "tty_write"))
1118 return -EIO;
1119 if (!tty || !tty->ops->write ||
1120 (test_bit(TTY_IO_ERROR, &tty->flags)))
1121 return -EIO;
1122 /* Short term debug to catch buggy drivers */
1123 if (tty->ops->write_room == NULL)
1124 printk(KERN_ERR "tty driver %s lacks a write_room method.\n",
1125 tty->driver->name);
1126 ld = tty_ldisc_ref_wait(tty);
1127 if (!ld->ops->write)
1128 ret = -EIO;
1129 else
1130 ret = do_tty_write(ld->ops->write, tty, file, buf, count);
1131 tty_ldisc_deref(ld);
1132 return ret;
1133}
1134
1135ssize_t redirected_tty_write(struct file *file, const char __user *buf,
1136 size_t count, loff_t *ppos)
1137{
1138 struct file *p = NULL;
1139
1140 spin_lock(&redirect_lock);
1141 if (redirect) {
1142 get_file(redirect);
1143 p = redirect;
1144 }
1145 spin_unlock(&redirect_lock);
1146
1147 if (p) {
1148 ssize_t res;
1149 res = vfs_write(p, buf, count, &p->f_pos);
1150 fput(p);
1151 return res;
1152 }
1153 return tty_write(file, buf, count, ppos);
1154}
1155
1156static char ptychar[] = "pqrstuvwxyzabcde";
1157
1158/**
1159 * pty_line_name - generate name for a pty
1160 * @driver: the tty driver in use
1161 * @index: the minor number
1162 * @p: output buffer of at least 6 bytes
1163 *
1164 * Generate a name from a driver reference and write it to the output
1165 * buffer.
1166 *
1167 * Locking: None
1168 */
1169static void pty_line_name(struct tty_driver *driver, int index, char *p)
1170{
1171 int i = index + driver->name_base;
1172 /* ->name is initialized to "ttyp", but "tty" is expected */
1173 sprintf(p, "%s%c%x",
1174 driver->subtype == PTY_TYPE_SLAVE ? "tty" : driver->name,
1175 ptychar[i >> 4 & 0xf], i & 0xf);
1176}
1177
1178/**
1179 * tty_line_name - generate name for a tty
1180 * @driver: the tty driver in use
1181 * @index: the minor number
1182 * @p: output buffer of at least 7 bytes
1183 *
1184 * Generate a name from a driver reference and write it to the output
1185 * buffer.
1186 *
1187 * Locking: None
1188 */
1189static void tty_line_name(struct tty_driver *driver, int index, char *p)
1190{
1191 sprintf(p, "%s%d", driver->name, index + driver->name_base);
1192}
1193
1194/**
1195 * tty_driver_lookup_tty() - find an existing tty, if any
1196 * @driver: the driver for the tty
1197 * @idx: the minor number
1198 *
1199 * Return the tty, if found or ERR_PTR() otherwise.
1200 *
1201 * Locking: tty_mutex must be held. If tty is found, the mutex must
1202 * be held until the 'fast-open' is also done. Will change once we
1203 * have refcounting in the driver and per driver locking
1204 */
1205static struct tty_struct *tty_driver_lookup_tty(struct tty_driver *driver,
1206 struct inode *inode, int idx)
1207{
1208 struct tty_struct *tty;
1209
1210 if (driver->ops->lookup)
1211 return driver->ops->lookup(driver, inode, idx);
1212
1213 tty = driver->ttys[idx];
1214 return tty;
1215}
1216
1217/**
1218 * tty_init_termios - helper for termios setup
1219 * @tty: the tty to set up
1220 *
1221 * Initialise the termios structures for this tty. Thus runs under
1222 * the tty_mutex currently so we can be relaxed about ordering.
1223 */
1224
1225int tty_init_termios(struct tty_struct *tty)
1226{
1227 struct ktermios *tp;
1228 int idx = tty->index;
1229
1230 tp = tty->driver->termios[idx];
1231 if (tp == NULL) {
1232 tp = kzalloc(sizeof(struct ktermios[2]), GFP_KERNEL);
1233 if (tp == NULL)
1234 return -ENOMEM;
1235 memcpy(tp, &tty->driver->init_termios,
1236 sizeof(struct ktermios));
1237 tty->driver->termios[idx] = tp;
1238 }
1239 tty->termios = tp;
1240 tty->termios_locked = tp + 1;
1241
1242 /* Compatibility until drivers always set this */
1243 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
1244 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
1245 return 0;
1246}
1247EXPORT_SYMBOL_GPL(tty_init_termios);
1248
1249/**
1250 * tty_driver_install_tty() - install a tty entry in the driver
1251 * @driver: the driver for the tty
1252 * @tty: the tty
1253 *
1254 * Install a tty object into the driver tables. The tty->index field
1255 * will be set by the time this is called. This method is responsible
1256 * for ensuring any need additional structures are allocated and
1257 * configured.
1258 *
1259 * Locking: tty_mutex for now
1260 */
1261static int tty_driver_install_tty(struct tty_driver *driver,
1262 struct tty_struct *tty)
1263{
1264 int idx = tty->index;
1265 int ret;
1266
1267 if (driver->ops->install) {
1268 ret = driver->ops->install(driver, tty);
1269 return ret;
1270 }
1271
1272 if (tty_init_termios(tty) == 0) {
1273 tty_driver_kref_get(driver);
1274 tty->count++;
1275 driver->ttys[idx] = tty;
1276 return 0;
1277 }
1278 return -ENOMEM;
1279}
1280
1281/**
1282 * tty_driver_remove_tty() - remove a tty from the driver tables
1283 * @driver: the driver for the tty
1284 * @idx: the minor number
1285 *
1286 * Remvoe a tty object from the driver tables. The tty->index field
1287 * will be set by the time this is called.
1288 *
1289 * Locking: tty_mutex for now
1290 */
1291static void tty_driver_remove_tty(struct tty_driver *driver,
1292 struct tty_struct *tty)
1293{
1294 if (driver->ops->remove)
1295 driver->ops->remove(driver, tty);
1296 else
1297 driver->ttys[tty->index] = NULL;
1298}
1299
1300/*
1301 * tty_reopen() - fast re-open of an open tty
1302 * @tty - the tty to open
1303 *
1304 * Return 0 on success, -errno on error.
1305 *
1306 * Locking: tty_mutex must be held from the time the tty was found
1307 * till this open completes.
1308 */
1309static int tty_reopen(struct tty_struct *tty)
1310{
1311 struct tty_driver *driver = tty->driver;
1312
1313 if (test_bit(TTY_CLOSING, &tty->flags))
1314 return -EIO;
1315
1316 if (driver->type == TTY_DRIVER_TYPE_PTY &&
1317 driver->subtype == PTY_TYPE_MASTER) {
1318 /*
1319 * special case for PTY masters: only one open permitted,
1320 * and the slave side open count is incremented as well.
1321 */
1322 if (tty->count)
1323 return -EIO;
1324
1325 tty->link->count++;
1326 }
1327 tty->count++;
1328 tty->driver = driver; /* N.B. why do this every time?? */
1329
1330 mutex_lock(&tty->ldisc_mutex);
1331 WARN_ON(!test_bit(TTY_LDISC, &tty->flags));
1332 mutex_unlock(&tty->ldisc_mutex);
1333
1334 return 0;
1335}
1336
1337/**
1338 * tty_init_dev - initialise a tty device
1339 * @driver: tty driver we are opening a device on
1340 * @idx: device index
1341 * @ret_tty: returned tty structure
1342 * @first_ok: ok to open a new device (used by ptmx)
1343 *
1344 * Prepare a tty device. This may not be a "new" clean device but
1345 * could also be an active device. The pty drivers require special
1346 * handling because of this.
1347 *
1348 * Locking:
1349 * The function is called under the tty_mutex, which
1350 * protects us from the tty struct or driver itself going away.
1351 *
1352 * On exit the tty device has the line discipline attached and
1353 * a reference count of 1. If a pair was created for pty/tty use
1354 * and the other was a pty master then it too has a reference count of 1.
1355 *
1356 * WSH 06/09/97: Rewritten to remove races and properly clean up after a
1357 * failed open. The new code protects the open with a mutex, so it's
1358 * really quite straightforward. The mutex locking can probably be
1359 * relaxed for the (most common) case of reopening a tty.
1360 */
1361
1362struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx,
1363 int first_ok)
1364{
1365 struct tty_struct *tty;
1366 int retval;
1367
1368 /* Check if pty master is being opened multiple times */
1369 if (driver->subtype == PTY_TYPE_MASTER &&
1370 (driver->flags & TTY_DRIVER_DEVPTS_MEM) && !first_ok) {
1371 return ERR_PTR(-EIO);
1372 }
1373
1374 /*
1375 * First time open is complex, especially for PTY devices.
1376 * This code guarantees that either everything succeeds and the
1377 * TTY is ready for operation, or else the table slots are vacated
1378 * and the allocated memory released. (Except that the termios
1379 * and locked termios may be retained.)
1380 */
1381
1382 if (!try_module_get(driver->owner))
1383 return ERR_PTR(-ENODEV);
1384
1385 tty = alloc_tty_struct();
1386 if (!tty)
1387 goto fail_no_mem;
1388 initialize_tty_struct(tty, driver, idx);
1389
1390 retval = tty_driver_install_tty(driver, tty);
1391 if (retval < 0) {
1392 free_tty_struct(tty);
1393 module_put(driver->owner);
1394 return ERR_PTR(retval);
1395 }
1396
1397 /*
1398 * Structures all installed ... call the ldisc open routines.
1399 * If we fail here just call release_tty to clean up. No need
1400 * to decrement the use counts, as release_tty doesn't care.
1401 */
1402 retval = tty_ldisc_setup(tty, tty->link);
1403 if (retval)
1404 goto release_mem_out;
1405 return tty;
1406
1407fail_no_mem:
1408 module_put(driver->owner);
1409 return ERR_PTR(-ENOMEM);
1410
1411 /* call the tty release_tty routine to clean out this slot */
1412release_mem_out:
1413 if (printk_ratelimit())
1414 printk(KERN_INFO "tty_init_dev: ldisc open failed, "
1415 "clearing slot %d\n", idx);
1416 release_tty(tty, idx);
1417 return ERR_PTR(retval);
1418}
1419
1420void tty_free_termios(struct tty_struct *tty)
1421{
1422 struct ktermios *tp;
1423 int idx = tty->index;
1424 /* Kill this flag and push into drivers for locking etc */
1425 if (tty->driver->flags & TTY_DRIVER_RESET_TERMIOS) {
1426 /* FIXME: Locking on ->termios array */
1427 tp = tty->termios;
1428 tty->driver->termios[idx] = NULL;
1429 kfree(tp);
1430 }
1431}
1432EXPORT_SYMBOL(tty_free_termios);
1433
1434void tty_shutdown(struct tty_struct *tty)
1435{
1436 tty_driver_remove_tty(tty->driver, tty);
1437 tty_free_termios(tty);
1438}
1439EXPORT_SYMBOL(tty_shutdown);
1440
1441/**
1442 * release_one_tty - release tty structure memory
1443 * @kref: kref of tty we are obliterating
1444 *
1445 * Releases memory associated with a tty structure, and clears out the
1446 * driver table slots. This function is called when a device is no longer
1447 * in use. It also gets called when setup of a device fails.
1448 *
1449 * Locking:
1450 * tty_mutex - sometimes only
1451 * takes the file list lock internally when working on the list
1452 * of ttys that the driver keeps.
1453 *
1454 * This method gets called from a work queue so that the driver private
1455 * cleanup ops can sleep (needed for USB at least)
1456 */
1457static void release_one_tty(struct work_struct *work)
1458{
1459 struct tty_struct *tty =
1460 container_of(work, struct tty_struct, hangup_work);
1461 struct tty_driver *driver = tty->driver;
1462
1463 if (tty->ops->cleanup)
1464 tty->ops->cleanup(tty);
1465
1466 tty->magic = 0;
1467 tty_driver_kref_put(driver);
1468 module_put(driver->owner);
1469
1470 spin_lock(&tty_files_lock);
1471 list_del_init(&tty->tty_files);
1472 spin_unlock(&tty_files_lock);
1473
1474 put_pid(tty->pgrp);
1475 put_pid(tty->session);
1476 free_tty_struct(tty);
1477}
1478
1479static void queue_release_one_tty(struct kref *kref)
1480{
1481 struct tty_struct *tty = container_of(kref, struct tty_struct, kref);
1482
1483 if (tty->ops->shutdown)
1484 tty->ops->shutdown(tty);
1485 else
1486 tty_shutdown(tty);
1487
1488 /* The hangup queue is now free so we can reuse it rather than
1489 waste a chunk of memory for each port */
1490 INIT_WORK(&tty->hangup_work, release_one_tty);
1491 schedule_work(&tty->hangup_work);
1492}
1493
1494/**
1495 * tty_kref_put - release a tty kref
1496 * @tty: tty device
1497 *
1498 * Release a reference to a tty device and if need be let the kref
1499 * layer destruct the object for us
1500 */
1501
1502void tty_kref_put(struct tty_struct *tty)
1503{
1504 if (tty)
1505 kref_put(&tty->kref, queue_release_one_tty);
1506}
1507EXPORT_SYMBOL(tty_kref_put);
1508
1509/**
1510 * release_tty - release tty structure memory
1511 *
1512 * Release both @tty and a possible linked partner (think pty pair),
1513 * and decrement the refcount of the backing module.
1514 *
1515 * Locking:
1516 * tty_mutex - sometimes only
1517 * takes the file list lock internally when working on the list
1518 * of ttys that the driver keeps.
1519 * FIXME: should we require tty_mutex is held here ??
1520 *
1521 */
1522static void release_tty(struct tty_struct *tty, int idx)
1523{
1524 /* This should always be true but check for the moment */
1525 WARN_ON(tty->index != idx);
1526
1527 if (tty->link)
1528 tty_kref_put(tty->link);
1529 tty_kref_put(tty);
1530}
1531
1532/**
1533 * tty_release - vfs callback for close
1534 * @inode: inode of tty
1535 * @filp: file pointer for handle to tty
1536 *
1537 * Called the last time each file handle is closed that references
1538 * this tty. There may however be several such references.
1539 *
1540 * Locking:
1541 * Takes bkl. See tty_release_dev
1542 *
1543 * Even releasing the tty structures is a tricky business.. We have
1544 * to be very careful that the structures are all released at the
1545 * same time, as interrupts might otherwise get the wrong pointers.
1546 *
1547 * WSH 09/09/97: rewritten to avoid some nasty race conditions that could
1548 * lead to double frees or releasing memory still in use.
1549 */
1550
1551int tty_release(struct inode *inode, struct file *filp)
1552{
1553 struct tty_struct *tty = file_tty(filp);
1554 struct tty_struct *o_tty;
1555 int pty_master, tty_closing, o_tty_closing, do_sleep;
1556 int devpts;
1557 int idx;
1558 char buf[64];
1559
1560 if (tty_paranoia_check(tty, inode, "tty_release_dev"))
1561 return 0;
1562
1563 tty_lock();
1564 check_tty_count(tty, "tty_release_dev");
1565
1566 __tty_fasync(-1, filp, 0);
1567
1568 idx = tty->index;
1569 pty_master = (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1570 tty->driver->subtype == PTY_TYPE_MASTER);
1571 devpts = (tty->driver->flags & TTY_DRIVER_DEVPTS_MEM) != 0;
1572 o_tty = tty->link;
1573
1574#ifdef TTY_PARANOIA_CHECK
1575 if (idx < 0 || idx >= tty->driver->num) {
1576 printk(KERN_DEBUG "tty_release_dev: bad idx when trying to "
1577 "free (%s)\n", tty->name);
1578 tty_unlock();
1579 return 0;
1580 }
1581 if (!devpts) {
1582 if (tty != tty->driver->ttys[idx]) {
1583 tty_unlock();
1584 printk(KERN_DEBUG "tty_release_dev: driver.table[%d] not tty "
1585 "for (%s)\n", idx, tty->name);
1586 return 0;
1587 }
1588 if (tty->termios != tty->driver->termios[idx]) {
1589 tty_unlock();
1590 printk(KERN_DEBUG "tty_release_dev: driver.termios[%d] not termios "
1591 "for (%s)\n",
1592 idx, tty->name);
1593 return 0;
1594 }
1595 }
1596#endif
1597
1598#ifdef TTY_DEBUG_HANGUP
1599 printk(KERN_DEBUG "tty_release_dev of %s (tty count=%d)...",
1600 tty_name(tty, buf), tty->count);
1601#endif
1602
1603#ifdef TTY_PARANOIA_CHECK
1604 if (tty->driver->other &&
1605 !(tty->driver->flags & TTY_DRIVER_DEVPTS_MEM)) {
1606 if (o_tty != tty->driver->other->ttys[idx]) {
1607 tty_unlock();
1608 printk(KERN_DEBUG "tty_release_dev: other->table[%d] "
1609 "not o_tty for (%s)\n",
1610 idx, tty->name);
1611 return 0 ;
1612 }
1613 if (o_tty->termios != tty->driver->other->termios[idx]) {
1614 tty_unlock();
1615 printk(KERN_DEBUG "tty_release_dev: other->termios[%d] "
1616 "not o_termios for (%s)\n",
1617 idx, tty->name);
1618 return 0;
1619 }
1620 if (o_tty->link != tty) {
1621 tty_unlock();
1622 printk(KERN_DEBUG "tty_release_dev: bad pty pointers\n");
1623 return 0;
1624 }
1625 }
1626#endif
1627 if (tty->ops->close)
1628 tty->ops->close(tty, filp);
1629
1630 tty_unlock();
1631 /*
1632 * Sanity check: if tty->count is going to zero, there shouldn't be
1633 * any waiters on tty->read_wait or tty->write_wait. We test the
1634 * wait queues and kick everyone out _before_ actually starting to
1635 * close. This ensures that we won't block while releasing the tty
1636 * structure.
1637 *
1638 * The test for the o_tty closing is necessary, since the master and
1639 * slave sides may close in any order. If the slave side closes out
1640 * first, its count will be one, since the master side holds an open.
1641 * Thus this test wouldn't be triggered at the time the slave closes,
1642 * so we do it now.
1643 *
1644 * Note that it's possible for the tty to be opened again while we're
1645 * flushing out waiters. By recalculating the closing flags before
1646 * each iteration we avoid any problems.
1647 */
1648 while (1) {
1649 /* Guard against races with tty->count changes elsewhere and
1650 opens on /dev/tty */
1651
1652 mutex_lock(&tty_mutex);
1653 tty_lock();
1654 tty_closing = tty->count <= 1;
1655 o_tty_closing = o_tty &&
1656 (o_tty->count <= (pty_master ? 1 : 0));
1657 do_sleep = 0;
1658
1659 if (tty_closing) {
1660 if (waitqueue_active(&tty->read_wait)) {
1661 wake_up_poll(&tty->read_wait, POLLIN);
1662 do_sleep++;
1663 }
1664 if (waitqueue_active(&tty->write_wait)) {
1665 wake_up_poll(&tty->write_wait, POLLOUT);
1666 do_sleep++;
1667 }
1668 }
1669 if (o_tty_closing) {
1670 if (waitqueue_active(&o_tty->read_wait)) {
1671 wake_up_poll(&o_tty->read_wait, POLLIN);
1672 do_sleep++;
1673 }
1674 if (waitqueue_active(&o_tty->write_wait)) {
1675 wake_up_poll(&o_tty->write_wait, POLLOUT);
1676 do_sleep++;
1677 }
1678 }
1679 if (!do_sleep)
1680 break;
1681
1682 printk(KERN_WARNING "tty_release_dev: %s: read/write wait queue "
1683 "active!\n", tty_name(tty, buf));
1684 tty_unlock();
1685 mutex_unlock(&tty_mutex);
1686 schedule();
1687 }
1688
1689 /*
1690 * The closing flags are now consistent with the open counts on
1691 * both sides, and we've completed the last operation that could
1692 * block, so it's safe to proceed with closing.
1693 */
1694 if (pty_master) {
1695 if (--o_tty->count < 0) {
1696 printk(KERN_WARNING "tty_release_dev: bad pty slave count "
1697 "(%d) for %s\n",
1698 o_tty->count, tty_name(o_tty, buf));
1699 o_tty->count = 0;
1700 }
1701 }
1702 if (--tty->count < 0) {
1703 printk(KERN_WARNING "tty_release_dev: bad tty->count (%d) for %s\n",
1704 tty->count, tty_name(tty, buf));
1705 tty->count = 0;
1706 }
1707
1708 /*
1709 * We've decremented tty->count, so we need to remove this file
1710 * descriptor off the tty->tty_files list; this serves two
1711 * purposes:
1712 * - check_tty_count sees the correct number of file descriptors
1713 * associated with this tty.
1714 * - do_tty_hangup no longer sees this file descriptor as
1715 * something that needs to be handled for hangups.
1716 */
1717 tty_del_file(filp);
1718
1719 /*
1720 * Perform some housekeeping before deciding whether to return.
1721 *
1722 * Set the TTY_CLOSING flag if this was the last open. In the
1723 * case of a pty we may have to wait around for the other side
1724 * to close, and TTY_CLOSING makes sure we can't be reopened.
1725 */
1726 if (tty_closing)
1727 set_bit(TTY_CLOSING, &tty->flags);
1728 if (o_tty_closing)
1729 set_bit(TTY_CLOSING, &o_tty->flags);
1730
1731 /*
1732 * If _either_ side is closing, make sure there aren't any
1733 * processes that still think tty or o_tty is their controlling
1734 * tty.
1735 */
1736 if (tty_closing || o_tty_closing) {
1737 read_lock(&tasklist_lock);
1738 session_clear_tty(tty->session);
1739 if (o_tty)
1740 session_clear_tty(o_tty->session);
1741 read_unlock(&tasklist_lock);
1742 }
1743
1744 mutex_unlock(&tty_mutex);
1745
1746 /* check whether both sides are closing ... */
1747 if (!tty_closing || (o_tty && !o_tty_closing)) {
1748 tty_unlock();
1749 return 0;
1750 }
1751
1752#ifdef TTY_DEBUG_HANGUP
1753 printk(KERN_DEBUG "freeing tty structure...");
1754#endif
1755 /*
1756 * Ask the line discipline code to release its structures
1757 */
1758 tty_ldisc_release(tty, o_tty);
1759 /*
1760 * The release_tty function takes care of the details of clearing
1761 * the slots and preserving the termios structure.
1762 */
1763 release_tty(tty, idx);
1764
1765 /* Make this pty number available for reallocation */
1766 if (devpts)
1767 devpts_kill_index(inode, idx);
1768 tty_unlock();
1769 return 0;
1770}
1771
1772/**
1773 * tty_open - open a tty device
1774 * @inode: inode of device file
1775 * @filp: file pointer to tty
1776 *
1777 * tty_open and tty_release keep up the tty count that contains the
1778 * number of opens done on a tty. We cannot use the inode-count, as
1779 * different inodes might point to the same tty.
1780 *
1781 * Open-counting is needed for pty masters, as well as for keeping
1782 * track of serial lines: DTR is dropped when the last close happens.
1783 * (This is not done solely through tty->count, now. - Ted 1/27/92)
1784 *
1785 * The termios state of a pty is reset on first open so that
1786 * settings don't persist across reuse.
1787 *
1788 * Locking: tty_mutex protects tty, get_tty_driver and tty_init_dev work.
1789 * tty->count should protect the rest.
1790 * ->siglock protects ->signal/->sighand
1791 */
1792
1793static int tty_open(struct inode *inode, struct file *filp)
1794{
1795 struct tty_struct *tty = NULL;
1796 int noctty, retval;
1797 struct tty_driver *driver;
1798 int index;
1799 dev_t device = inode->i_rdev;
1800 unsigned saved_flags = filp->f_flags;
1801
1802 nonseekable_open(inode, filp);
1803
1804retry_open:
1805 noctty = filp->f_flags & O_NOCTTY;
1806 index = -1;
1807 retval = 0;
1808
1809 mutex_lock(&tty_mutex);
1810 tty_lock();
1811
1812 if (device == MKDEV(TTYAUX_MAJOR, 0)) {
1813 tty = get_current_tty();
1814 if (!tty) {
1815 tty_unlock();
1816 mutex_unlock(&tty_mutex);
1817 return -ENXIO;
1818 }
1819 driver = tty_driver_kref_get(tty->driver);
1820 index = tty->index;
1821 filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
1822 /* noctty = 1; */
1823 /* FIXME: Should we take a driver reference ? */
1824 tty_kref_put(tty);
1825 goto got_driver;
1826 }
1827#ifdef CONFIG_VT
1828 if (device == MKDEV(TTY_MAJOR, 0)) {
1829 extern struct tty_driver *console_driver;
1830 driver = tty_driver_kref_get(console_driver);
1831 index = fg_console;
1832 noctty = 1;
1833 goto got_driver;
1834 }
1835#endif
1836 if (device == MKDEV(TTYAUX_MAJOR, 1)) {
1837 struct tty_driver *console_driver = console_device(&index);
1838 if (console_driver) {
1839 driver = tty_driver_kref_get(console_driver);
1840 if (driver) {
1841 /* Don't let /dev/console block */
1842 filp->f_flags |= O_NONBLOCK;
1843 noctty = 1;
1844 goto got_driver;
1845 }
1846 }
1847 tty_unlock();
1848 mutex_unlock(&tty_mutex);
1849 return -ENODEV;
1850 }
1851
1852 driver = get_tty_driver(device, &index);
1853 if (!driver) {
1854 tty_unlock();
1855 mutex_unlock(&tty_mutex);
1856 return -ENODEV;
1857 }
1858got_driver:
1859 if (!tty) {
1860 /* check whether we're reopening an existing tty */
1861 tty = tty_driver_lookup_tty(driver, inode, index);
1862
1863 if (IS_ERR(tty)) {
1864 tty_unlock();
1865 mutex_unlock(&tty_mutex);
1866 return PTR_ERR(tty);
1867 }
1868 }
1869
1870 if (tty) {
1871 retval = tty_reopen(tty);
1872 if (retval)
1873 tty = ERR_PTR(retval);
1874 } else
1875 tty = tty_init_dev(driver, index, 0);
1876
1877 mutex_unlock(&tty_mutex);
1878 tty_driver_kref_put(driver);
1879 if (IS_ERR(tty)) {
1880 tty_unlock();
1881 return PTR_ERR(tty);
1882 }
1883
1884 retval = tty_add_file(tty, filp);
1885 if (retval) {
1886 tty_unlock();
1887 return retval;
1888 }
1889
1890 check_tty_count(tty, "tty_open");
1891 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
1892 tty->driver->subtype == PTY_TYPE_MASTER)
1893 noctty = 1;
1894#ifdef TTY_DEBUG_HANGUP
1895 printk(KERN_DEBUG "opening %s...", tty->name);
1896#endif
1897 if (!retval) {
1898 if (tty->ops->open)
1899 retval = tty->ops->open(tty, filp);
1900 else
1901 retval = -ENODEV;
1902 }
1903 filp->f_flags = saved_flags;
1904
1905 if (!retval && test_bit(TTY_EXCLUSIVE, &tty->flags) &&
1906 !capable(CAP_SYS_ADMIN))
1907 retval = -EBUSY;
1908
1909 if (retval) {
1910#ifdef TTY_DEBUG_HANGUP
1911 printk(KERN_DEBUG "error %d in opening %s...", retval,
1912 tty->name);
1913#endif
1914 tty_unlock(); /* need to call tty_release without BTM */
1915 tty_release(inode, filp);
1916 if (retval != -ERESTARTSYS)
1917 return retval;
1918
1919 if (signal_pending(current))
1920 return retval;
1921
1922 schedule();
1923 /*
1924 * Need to reset f_op in case a hangup happened.
1925 */
1926 tty_lock();
1927 if (filp->f_op == &hung_up_tty_fops)
1928 filp->f_op = &tty_fops;
1929 tty_unlock();
1930 goto retry_open;
1931 }
1932 tty_unlock();
1933
1934
1935 mutex_lock(&tty_mutex);
1936 tty_lock();
1937 spin_lock_irq(&current->sighand->siglock);
1938 if (!noctty &&
1939 current->signal->leader &&
1940 !current->signal->tty &&
1941 tty->session == NULL)
1942 __proc_set_tty(current, tty);
1943 spin_unlock_irq(&current->sighand->siglock);
1944 tty_unlock();
1945 mutex_unlock(&tty_mutex);
1946 return 0;
1947}
1948
1949
1950
1951/**
1952 * tty_poll - check tty status
1953 * @filp: file being polled
1954 * @wait: poll wait structures to update
1955 *
1956 * Call the line discipline polling method to obtain the poll
1957 * status of the device.
1958 *
1959 * Locking: locks called line discipline but ldisc poll method
1960 * may be re-entered freely by other callers.
1961 */
1962
1963static unsigned int tty_poll(struct file *filp, poll_table *wait)
1964{
1965 struct tty_struct *tty = file_tty(filp);
1966 struct tty_ldisc *ld;
1967 int ret = 0;
1968
1969 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_poll"))
1970 return 0;
1971
1972 ld = tty_ldisc_ref_wait(tty);
1973 if (ld->ops->poll)
1974 ret = (ld->ops->poll)(tty, filp, wait);
1975 tty_ldisc_deref(ld);
1976 return ret;
1977}
1978
1979static int __tty_fasync(int fd, struct file *filp, int on)
1980{
1981 struct tty_struct *tty = file_tty(filp);
1982 unsigned long flags;
1983 int retval = 0;
1984
1985 if (tty_paranoia_check(tty, filp->f_path.dentry->d_inode, "tty_fasync"))
1986 goto out;
1987
1988 retval = fasync_helper(fd, filp, on, &tty->fasync);
1989 if (retval <= 0)
1990 goto out;
1991
1992 if (on) {
1993 enum pid_type type;
1994 struct pid *pid;
1995 if (!waitqueue_active(&tty->read_wait))
1996 tty->minimum_to_wake = 1;
1997 spin_lock_irqsave(&tty->ctrl_lock, flags);
1998 if (tty->pgrp) {
1999 pid = tty->pgrp;
2000 type = PIDTYPE_PGID;
2001 } else {
2002 pid = task_pid(current);
2003 type = PIDTYPE_PID;
2004 }
2005 get_pid(pid);
2006 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2007 retval = __f_setown(filp, pid, type, 0);
2008 put_pid(pid);
2009 if (retval)
2010 goto out;
2011 } else {
2012 if (!tty->fasync && !waitqueue_active(&tty->read_wait))
2013 tty->minimum_to_wake = N_TTY_BUF_SIZE;
2014 }
2015 retval = 0;
2016out:
2017 return retval;
2018}
2019
2020static int tty_fasync(int fd, struct file *filp, int on)
2021{
2022 int retval;
2023 tty_lock();
2024 retval = __tty_fasync(fd, filp, on);
2025 tty_unlock();
2026 return retval;
2027}
2028
2029/**
2030 * tiocsti - fake input character
2031 * @tty: tty to fake input into
2032 * @p: pointer to character
2033 *
2034 * Fake input to a tty device. Does the necessary locking and
2035 * input management.
2036 *
2037 * FIXME: does not honour flow control ??
2038 *
2039 * Locking:
2040 * Called functions take tty_ldisc_lock
2041 * current->signal->tty check is safe without locks
2042 *
2043 * FIXME: may race normal receive processing
2044 */
2045
2046static int tiocsti(struct tty_struct *tty, char __user *p)
2047{
2048 char ch, mbz = 0;
2049 struct tty_ldisc *ld;
2050
2051 if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
2052 return -EPERM;
2053 if (get_user(ch, p))
2054 return -EFAULT;
2055 tty_audit_tiocsti(tty, ch);
2056 ld = tty_ldisc_ref_wait(tty);
2057 ld->ops->receive_buf(tty, &ch, &mbz, 1);
2058 tty_ldisc_deref(ld);
2059 return 0;
2060}
2061
2062/**
2063 * tiocgwinsz - implement window query ioctl
2064 * @tty; tty
2065 * @arg: user buffer for result
2066 *
2067 * Copies the kernel idea of the window size into the user buffer.
2068 *
2069 * Locking: tty->termios_mutex is taken to ensure the winsize data
2070 * is consistent.
2071 */
2072
2073static int tiocgwinsz(struct tty_struct *tty, struct winsize __user *arg)
2074{
2075 int err;
2076
2077 mutex_lock(&tty->termios_mutex);
2078 err = copy_to_user(arg, &tty->winsize, sizeof(*arg));
2079 mutex_unlock(&tty->termios_mutex);
2080
2081 return err ? -EFAULT: 0;
2082}
2083
2084/**
2085 * tty_do_resize - resize event
2086 * @tty: tty being resized
2087 * @rows: rows (character)
2088 * @cols: cols (character)
2089 *
2090 * Update the termios variables and send the necessary signals to
2091 * peform a terminal resize correctly
2092 */
2093
2094int tty_do_resize(struct tty_struct *tty, struct winsize *ws)
2095{
2096 struct pid *pgrp;
2097 unsigned long flags;
2098
2099 /* Lock the tty */
2100 mutex_lock(&tty->termios_mutex);
2101 if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
2102 goto done;
2103 /* Get the PID values and reference them so we can
2104 avoid holding the tty ctrl lock while sending signals */
2105 spin_lock_irqsave(&tty->ctrl_lock, flags);
2106 pgrp = get_pid(tty->pgrp);
2107 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2108
2109 if (pgrp)
2110 kill_pgrp(pgrp, SIGWINCH, 1);
2111 put_pid(pgrp);
2112
2113 tty->winsize = *ws;
2114done:
2115 mutex_unlock(&tty->termios_mutex);
2116 return 0;
2117}
2118
2119/**
2120 * tiocswinsz - implement window size set ioctl
2121 * @tty; tty side of tty
2122 * @arg: user buffer for result
2123 *
2124 * Copies the user idea of the window size to the kernel. Traditionally
2125 * this is just advisory information but for the Linux console it
2126 * actually has driver level meaning and triggers a VC resize.
2127 *
2128 * Locking:
2129 * Driver dependant. The default do_resize method takes the
2130 * tty termios mutex and ctrl_lock. The console takes its own lock
2131 * then calls into the default method.
2132 */
2133
2134static int tiocswinsz(struct tty_struct *tty, struct winsize __user *arg)
2135{
2136 struct winsize tmp_ws;
2137 if (copy_from_user(&tmp_ws, arg, sizeof(*arg)))
2138 return -EFAULT;
2139
2140 if (tty->ops->resize)
2141 return tty->ops->resize(tty, &tmp_ws);
2142 else
2143 return tty_do_resize(tty, &tmp_ws);
2144}
2145
2146/**
2147 * tioccons - allow admin to move logical console
2148 * @file: the file to become console
2149 *
2150 * Allow the adminstrator to move the redirected console device
2151 *
2152 * Locking: uses redirect_lock to guard the redirect information
2153 */
2154
2155static int tioccons(struct file *file)
2156{
2157 if (!capable(CAP_SYS_ADMIN))
2158 return -EPERM;
2159 if (file->f_op->write == redirected_tty_write) {
2160 struct file *f;
2161 spin_lock(&redirect_lock);
2162 f = redirect;
2163 redirect = NULL;
2164 spin_unlock(&redirect_lock);
2165 if (f)
2166 fput(f);
2167 return 0;
2168 }
2169 spin_lock(&redirect_lock);
2170 if (redirect) {
2171 spin_unlock(&redirect_lock);
2172 return -EBUSY;
2173 }
2174 get_file(file);
2175 redirect = file;
2176 spin_unlock(&redirect_lock);
2177 return 0;
2178}
2179
2180/**
2181 * fionbio - non blocking ioctl
2182 * @file: file to set blocking value
2183 * @p: user parameter
2184 *
2185 * Historical tty interfaces had a blocking control ioctl before
2186 * the generic functionality existed. This piece of history is preserved
2187 * in the expected tty API of posix OS's.
2188 *
2189 * Locking: none, the open file handle ensures it won't go away.
2190 */
2191
2192static int fionbio(struct file *file, int __user *p)
2193{
2194 int nonblock;
2195
2196 if (get_user(nonblock, p))
2197 return -EFAULT;
2198
2199 spin_lock(&file->f_lock);
2200 if (nonblock)
2201 file->f_flags |= O_NONBLOCK;
2202 else
2203 file->f_flags &= ~O_NONBLOCK;
2204 spin_unlock(&file->f_lock);
2205 return 0;
2206}
2207
2208/**
2209 * tiocsctty - set controlling tty
2210 * @tty: tty structure
2211 * @arg: user argument
2212 *
2213 * This ioctl is used to manage job control. It permits a session
2214 * leader to set this tty as the controlling tty for the session.
2215 *
2216 * Locking:
2217 * Takes tty_mutex() to protect tty instance
2218 * Takes tasklist_lock internally to walk sessions
2219 * Takes ->siglock() when updating signal->tty
2220 */
2221
2222static int tiocsctty(struct tty_struct *tty, int arg)
2223{
2224 int ret = 0;
2225 if (current->signal->leader && (task_session(current) == tty->session))
2226 return ret;
2227
2228 mutex_lock(&tty_mutex);
2229 /*
2230 * The process must be a session leader and
2231 * not have a controlling tty already.
2232 */
2233 if (!current->signal->leader || current->signal->tty) {
2234 ret = -EPERM;
2235 goto unlock;
2236 }
2237
2238 if (tty->session) {
2239 /*
2240 * This tty is already the controlling
2241 * tty for another session group!
2242 */
2243 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
2244 /*
2245 * Steal it away
2246 */
2247 read_lock(&tasklist_lock);
2248 session_clear_tty(tty->session);
2249 read_unlock(&tasklist_lock);
2250 } else {
2251 ret = -EPERM;
2252 goto unlock;
2253 }
2254 }
2255 proc_set_tty(current, tty);
2256unlock:
2257 mutex_unlock(&tty_mutex);
2258 return ret;
2259}
2260
2261/**
2262 * tty_get_pgrp - return a ref counted pgrp pid
2263 * @tty: tty to read
2264 *
2265 * Returns a refcounted instance of the pid struct for the process
2266 * group controlling the tty.
2267 */
2268
2269struct pid *tty_get_pgrp(struct tty_struct *tty)
2270{
2271 unsigned long flags;
2272 struct pid *pgrp;
2273
2274 spin_lock_irqsave(&tty->ctrl_lock, flags);
2275 pgrp = get_pid(tty->pgrp);
2276 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2277
2278 return pgrp;
2279}
2280EXPORT_SYMBOL_GPL(tty_get_pgrp);
2281
2282/**
2283 * tiocgpgrp - get process group
2284 * @tty: tty passed by user
2285 * @real_tty: tty side of the tty pased by the user if a pty else the tty
2286 * @p: returned pid
2287 *
2288 * Obtain the process group of the tty. If there is no process group
2289 * return an error.
2290 *
2291 * Locking: none. Reference to current->signal->tty is safe.
2292 */
2293
2294static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2295{
2296 struct pid *pid;
2297 int ret;
2298 /*
2299 * (tty == real_tty) is a cheap way of
2300 * testing if the tty is NOT a master pty.
2301 */
2302 if (tty == real_tty && current->signal->tty != real_tty)
2303 return -ENOTTY;
2304 pid = tty_get_pgrp(real_tty);
2305 ret = put_user(pid_vnr(pid), p);
2306 put_pid(pid);
2307 return ret;
2308}
2309
2310/**
2311 * tiocspgrp - attempt to set process group
2312 * @tty: tty passed by user
2313 * @real_tty: tty side device matching tty passed by user
2314 * @p: pid pointer
2315 *
2316 * Set the process group of the tty to the session passed. Only
2317 * permitted where the tty session is our session.
2318 *
2319 * Locking: RCU, ctrl lock
2320 */
2321
2322static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2323{
2324 struct pid *pgrp;
2325 pid_t pgrp_nr;
2326 int retval = tty_check_change(real_tty);
2327 unsigned long flags;
2328
2329 if (retval == -EIO)
2330 return -ENOTTY;
2331 if (retval)
2332 return retval;
2333 if (!current->signal->tty ||
2334 (current->signal->tty != real_tty) ||
2335 (real_tty->session != task_session(current)))
2336 return -ENOTTY;
2337 if (get_user(pgrp_nr, p))
2338 return -EFAULT;
2339 if (pgrp_nr < 0)
2340 return -EINVAL;
2341 rcu_read_lock();
2342 pgrp = find_vpid(pgrp_nr);
2343 retval = -ESRCH;
2344 if (!pgrp)
2345 goto out_unlock;
2346 retval = -EPERM;
2347 if (session_of_pgrp(pgrp) != task_session(current))
2348 goto out_unlock;
2349 retval = 0;
2350 spin_lock_irqsave(&tty->ctrl_lock, flags);
2351 put_pid(real_tty->pgrp);
2352 real_tty->pgrp = get_pid(pgrp);
2353 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
2354out_unlock:
2355 rcu_read_unlock();
2356 return retval;
2357}
2358
2359/**
2360 * tiocgsid - get session id
2361 * @tty: tty passed by user
2362 * @real_tty: tty side of the tty pased by the user if a pty else the tty
2363 * @p: pointer to returned session id
2364 *
2365 * Obtain the session id of the tty. If there is no session
2366 * return an error.
2367 *
2368 * Locking: none. Reference to current->signal->tty is safe.
2369 */
2370
2371static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
2372{
2373 /*
2374 * (tty == real_tty) is a cheap way of
2375 * testing if the tty is NOT a master pty.
2376 */
2377 if (tty == real_tty && current->signal->tty != real_tty)
2378 return -ENOTTY;
2379 if (!real_tty->session)
2380 return -ENOTTY;
2381 return put_user(pid_vnr(real_tty->session), p);
2382}
2383
2384/**
2385 * tiocsetd - set line discipline
2386 * @tty: tty device
2387 * @p: pointer to user data
2388 *
2389 * Set the line discipline according to user request.
2390 *
2391 * Locking: see tty_set_ldisc, this function is just a helper
2392 */
2393
2394static int tiocsetd(struct tty_struct *tty, int __user *p)
2395{
2396 int ldisc;
2397 int ret;
2398
2399 if (get_user(ldisc, p))
2400 return -EFAULT;
2401
2402 ret = tty_set_ldisc(tty, ldisc);
2403
2404 return ret;
2405}
2406
2407/**
2408 * send_break - performed time break
2409 * @tty: device to break on
2410 * @duration: timeout in mS
2411 *
2412 * Perform a timed break on hardware that lacks its own driver level
2413 * timed break functionality.
2414 *
2415 * Locking:
2416 * atomic_write_lock serializes
2417 *
2418 */
2419
2420static int send_break(struct tty_struct *tty, unsigned int duration)
2421{
2422 int retval;
2423
2424 if (tty->ops->break_ctl == NULL)
2425 return 0;
2426
2427 if (tty->driver->flags & TTY_DRIVER_HARDWARE_BREAK)
2428 retval = tty->ops->break_ctl(tty, duration);
2429 else {
2430 /* Do the work ourselves */
2431 if (tty_write_lock(tty, 0) < 0)
2432 return -EINTR;
2433 retval = tty->ops->break_ctl(tty, -1);
2434 if (retval)
2435 goto out;
2436 if (!signal_pending(current))
2437 msleep_interruptible(duration);
2438 retval = tty->ops->break_ctl(tty, 0);
2439out:
2440 tty_write_unlock(tty);
2441 if (signal_pending(current))
2442 retval = -EINTR;
2443 }
2444 return retval;
2445}
2446
2447/**
2448 * tty_tiocmget - get modem status
2449 * @tty: tty device
2450 * @file: user file pointer
2451 * @p: pointer to result
2452 *
2453 * Obtain the modem status bits from the tty driver if the feature
2454 * is supported. Return -EINVAL if it is not available.
2455 *
2456 * Locking: none (up to the driver)
2457 */
2458
2459static int tty_tiocmget(struct tty_struct *tty, struct file *file, int __user *p)
2460{
2461 int retval = -EINVAL;
2462
2463 if (tty->ops->tiocmget) {
2464 retval = tty->ops->tiocmget(tty, file);
2465
2466 if (retval >= 0)
2467 retval = put_user(retval, p);
2468 }
2469 return retval;
2470}
2471
2472/**
2473 * tty_tiocmset - set modem status
2474 * @tty: tty device
2475 * @file: user file pointer
2476 * @cmd: command - clear bits, set bits or set all
2477 * @p: pointer to desired bits
2478 *
2479 * Set the modem status bits from the tty driver if the feature
2480 * is supported. Return -EINVAL if it is not available.
2481 *
2482 * Locking: none (up to the driver)
2483 */
2484
2485static int tty_tiocmset(struct tty_struct *tty, struct file *file, unsigned int cmd,
2486 unsigned __user *p)
2487{
2488 int retval;
2489 unsigned int set, clear, val;
2490
2491 if (tty->ops->tiocmset == NULL)
2492 return -EINVAL;
2493
2494 retval = get_user(val, p);
2495 if (retval)
2496 return retval;
2497 set = clear = 0;
2498 switch (cmd) {
2499 case TIOCMBIS:
2500 set = val;
2501 break;
2502 case TIOCMBIC:
2503 clear = val;
2504 break;
2505 case TIOCMSET:
2506 set = val;
2507 clear = ~val;
2508 break;
2509 }
2510 set &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2511 clear &= TIOCM_DTR|TIOCM_RTS|TIOCM_OUT1|TIOCM_OUT2|TIOCM_LOOP;
2512 return tty->ops->tiocmset(tty, file, set, clear);
2513}
2514
2515static int tty_tiocgicount(struct tty_struct *tty, void __user *arg)
2516{
2517 int retval = -EINVAL;
2518 struct serial_icounter_struct icount;
2519 memset(&icount, 0, sizeof(icount));
2520 if (tty->ops->get_icount)
2521 retval = tty->ops->get_icount(tty, &icount);
2522 if (retval != 0)
2523 return retval;
2524 if (copy_to_user(arg, &icount, sizeof(icount)))
2525 return -EFAULT;
2526 return 0;
2527}
2528
2529struct tty_struct *tty_pair_get_tty(struct tty_struct *tty)
2530{
2531 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2532 tty->driver->subtype == PTY_TYPE_MASTER)
2533 tty = tty->link;
2534 return tty;
2535}
2536EXPORT_SYMBOL(tty_pair_get_tty);
2537
2538struct tty_struct *tty_pair_get_pty(struct tty_struct *tty)
2539{
2540 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
2541 tty->driver->subtype == PTY_TYPE_MASTER)
2542 return tty;
2543 return tty->link;
2544}
2545EXPORT_SYMBOL(tty_pair_get_pty);
2546
2547/*
2548 * Split this up, as gcc can choke on it otherwise..
2549 */
2550long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2551{
2552 struct tty_struct *tty = file_tty(file);
2553 struct tty_struct *real_tty;
2554 void __user *p = (void __user *)arg;
2555 int retval;
2556 struct tty_ldisc *ld;
2557 struct inode *inode = file->f_dentry->d_inode;
2558
2559 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2560 return -EINVAL;
2561
2562 real_tty = tty_pair_get_tty(tty);
2563
2564 /*
2565 * Factor out some common prep work
2566 */
2567 switch (cmd) {
2568 case TIOCSETD:
2569 case TIOCSBRK:
2570 case TIOCCBRK:
2571 case TCSBRK:
2572 case TCSBRKP:
2573 retval = tty_check_change(tty);
2574 if (retval)
2575 return retval;
2576 if (cmd != TIOCCBRK) {
2577 tty_wait_until_sent(tty, 0);
2578 if (signal_pending(current))
2579 return -EINTR;
2580 }
2581 break;
2582 }
2583
2584 /*
2585 * Now do the stuff.
2586 */
2587 switch (cmd) {
2588 case TIOCSTI:
2589 return tiocsti(tty, p);
2590 case TIOCGWINSZ:
2591 return tiocgwinsz(real_tty, p);
2592 case TIOCSWINSZ:
2593 return tiocswinsz(real_tty, p);
2594 case TIOCCONS:
2595 return real_tty != tty ? -EINVAL : tioccons(file);
2596 case FIONBIO:
2597 return fionbio(file, p);
2598 case TIOCEXCL:
2599 set_bit(TTY_EXCLUSIVE, &tty->flags);
2600 return 0;
2601 case TIOCNXCL:
2602 clear_bit(TTY_EXCLUSIVE, &tty->flags);
2603 return 0;
2604 case TIOCNOTTY:
2605 if (current->signal->tty != tty)
2606 return -ENOTTY;
2607 no_tty();
2608 return 0;
2609 case TIOCSCTTY:
2610 return tiocsctty(tty, arg);
2611 case TIOCGPGRP:
2612 return tiocgpgrp(tty, real_tty, p);
2613 case TIOCSPGRP:
2614 return tiocspgrp(tty, real_tty, p);
2615 case TIOCGSID:
2616 return tiocgsid(tty, real_tty, p);
2617 case TIOCGETD:
2618 return put_user(tty->ldisc->ops->num, (int __user *)p);
2619 case TIOCSETD:
2620 return tiocsetd(tty, p);
2621 /*
2622 * Break handling
2623 */
2624 case TIOCSBRK: /* Turn break on, unconditionally */
2625 if (tty->ops->break_ctl)
2626 return tty->ops->break_ctl(tty, -1);
2627 return 0;
2628 case TIOCCBRK: /* Turn break off, unconditionally */
2629 if (tty->ops->break_ctl)
2630 return tty->ops->break_ctl(tty, 0);
2631 return 0;
2632 case TCSBRK: /* SVID version: non-zero arg --> no break */
2633 /* non-zero arg means wait for all output data
2634 * to be sent (performed above) but don't send break.
2635 * This is used by the tcdrain() termios function.
2636 */
2637 if (!arg)
2638 return send_break(tty, 250);
2639 return 0;
2640 case TCSBRKP: /* support for POSIX tcsendbreak() */
2641 return send_break(tty, arg ? arg*100 : 250);
2642
2643 case TIOCMGET:
2644 return tty_tiocmget(tty, file, p);
2645 case TIOCMSET:
2646 case TIOCMBIC:
2647 case TIOCMBIS:
2648 return tty_tiocmset(tty, file, cmd, p);
2649 case TIOCGICOUNT:
2650 retval = tty_tiocgicount(tty, p);
2651 /* For the moment allow fall through to the old method */
2652 if (retval != -EINVAL)
2653 return retval;
2654 break;
2655 case TCFLSH:
2656 switch (arg) {
2657 case TCIFLUSH:
2658 case TCIOFLUSH:
2659 /* flush tty buffer and allow ldisc to process ioctl */
2660 tty_buffer_flush(tty);
2661 break;
2662 }
2663 break;
2664 }
2665 if (tty->ops->ioctl) {
2666 retval = (tty->ops->ioctl)(tty, file, cmd, arg);
2667 if (retval != -ENOIOCTLCMD)
2668 return retval;
2669 }
2670 ld = tty_ldisc_ref_wait(tty);
2671 retval = -EINVAL;
2672 if (ld->ops->ioctl) {
2673 retval = ld->ops->ioctl(tty, file, cmd, arg);
2674 if (retval == -ENOIOCTLCMD)
2675 retval = -EINVAL;
2676 }
2677 tty_ldisc_deref(ld);
2678 return retval;
2679}
2680
2681#ifdef CONFIG_COMPAT
2682static long tty_compat_ioctl(struct file *file, unsigned int cmd,
2683 unsigned long arg)
2684{
2685 struct inode *inode = file->f_dentry->d_inode;
2686 struct tty_struct *tty = file_tty(file);
2687 struct tty_ldisc *ld;
2688 int retval = -ENOIOCTLCMD;
2689
2690 if (tty_paranoia_check(tty, inode, "tty_ioctl"))
2691 return -EINVAL;
2692
2693 if (tty->ops->compat_ioctl) {
2694 retval = (tty->ops->compat_ioctl)(tty, file, cmd, arg);
2695 if (retval != -ENOIOCTLCMD)
2696 return retval;
2697 }
2698
2699 ld = tty_ldisc_ref_wait(tty);
2700 if (ld->ops->compat_ioctl)
2701 retval = ld->ops->compat_ioctl(tty, file, cmd, arg);
2702 tty_ldisc_deref(ld);
2703
2704 return retval;
2705}
2706#endif
2707
2708/*
2709 * This implements the "Secure Attention Key" --- the idea is to
2710 * prevent trojan horses by killing all processes associated with this
2711 * tty when the user hits the "Secure Attention Key". Required for
2712 * super-paranoid applications --- see the Orange Book for more details.
2713 *
2714 * This code could be nicer; ideally it should send a HUP, wait a few
2715 * seconds, then send a INT, and then a KILL signal. But you then
2716 * have to coordinate with the init process, since all processes associated
2717 * with the current tty must be dead before the new getty is allowed
2718 * to spawn.
2719 *
2720 * Now, if it would be correct ;-/ The current code has a nasty hole -
2721 * it doesn't catch files in flight. We may send the descriptor to ourselves
2722 * via AF_UNIX socket, close it and later fetch from socket. FIXME.
2723 *
2724 * Nasty bug: do_SAK is being called in interrupt context. This can
2725 * deadlock. We punt it up to process context. AKPM - 16Mar2001
2726 */
2727void __do_SAK(struct tty_struct *tty)
2728{
2729#ifdef TTY_SOFT_SAK
2730 tty_hangup(tty);
2731#else
2732 struct task_struct *g, *p;
2733 struct pid *session;
2734 int i;
2735 struct file *filp;
2736 struct fdtable *fdt;
2737
2738 if (!tty)
2739 return;
2740 session = tty->session;
2741
2742 tty_ldisc_flush(tty);
2743
2744 tty_driver_flush_buffer(tty);
2745
2746 read_lock(&tasklist_lock);
2747 /* Kill the entire session */
2748 do_each_pid_task(session, PIDTYPE_SID, p) {
2749 printk(KERN_NOTICE "SAK: killed process %d"
2750 " (%s): task_session(p)==tty->session\n",
2751 task_pid_nr(p), p->comm);
2752 send_sig(SIGKILL, p, 1);
2753 } while_each_pid_task(session, PIDTYPE_SID, p);
2754 /* Now kill any processes that happen to have the
2755 * tty open.
2756 */
2757 do_each_thread(g, p) {
2758 if (p->signal->tty == tty) {
2759 printk(KERN_NOTICE "SAK: killed process %d"
2760 " (%s): task_session(p)==tty->session\n",
2761 task_pid_nr(p), p->comm);
2762 send_sig(SIGKILL, p, 1);
2763 continue;
2764 }
2765 task_lock(p);
2766 if (p->files) {
2767 /*
2768 * We don't take a ref to the file, so we must
2769 * hold ->file_lock instead.
2770 */
2771 spin_lock(&p->files->file_lock);
2772 fdt = files_fdtable(p->files);
2773 for (i = 0; i < fdt->max_fds; i++) {
2774 filp = fcheck_files(p->files, i);
2775 if (!filp)
2776 continue;
2777 if (filp->f_op->read == tty_read &&
2778 file_tty(filp) == tty) {
2779 printk(KERN_NOTICE "SAK: killed process %d"
2780 " (%s): fd#%d opened to the tty\n",
2781 task_pid_nr(p), p->comm, i);
2782 force_sig(SIGKILL, p);
2783 break;
2784 }
2785 }
2786 spin_unlock(&p->files->file_lock);
2787 }
2788 task_unlock(p);
2789 } while_each_thread(g, p);
2790 read_unlock(&tasklist_lock);
2791#endif
2792}
2793
2794static void do_SAK_work(struct work_struct *work)
2795{
2796 struct tty_struct *tty =
2797 container_of(work, struct tty_struct, SAK_work);
2798 __do_SAK(tty);
2799}
2800
2801/*
2802 * The tq handling here is a little racy - tty->SAK_work may already be queued.
2803 * Fortunately we don't need to worry, because if ->SAK_work is already queued,
2804 * the values which we write to it will be identical to the values which it
2805 * already has. --akpm
2806 */
2807void do_SAK(struct tty_struct *tty)
2808{
2809 if (!tty)
2810 return;
2811 schedule_work(&tty->SAK_work);
2812}
2813
2814EXPORT_SYMBOL(do_SAK);
2815
2816static int dev_match_devt(struct device *dev, void *data)
2817{
2818 dev_t *devt = data;
2819 return dev->devt == *devt;
2820}
2821
2822/* Must put_device() after it's unused! */
2823static struct device *tty_get_device(struct tty_struct *tty)
2824{
2825 dev_t devt = tty_devnum(tty);
2826 return class_find_device(tty_class, NULL, &devt, dev_match_devt);
2827}
2828
2829
2830/**
2831 * initialize_tty_struct
2832 * @tty: tty to initialize
2833 *
2834 * This subroutine initializes a tty structure that has been newly
2835 * allocated.
2836 *
2837 * Locking: none - tty in question must not be exposed at this point
2838 */
2839
2840void initialize_tty_struct(struct tty_struct *tty,
2841 struct tty_driver *driver, int idx)
2842{
2843 memset(tty, 0, sizeof(struct tty_struct));
2844 kref_init(&tty->kref);
2845 tty->magic = TTY_MAGIC;
2846 tty_ldisc_init(tty);
2847 tty->session = NULL;
2848 tty->pgrp = NULL;
2849 tty->overrun_time = jiffies;
2850 tty->buf.head = tty->buf.tail = NULL;
2851 tty_buffer_init(tty);
2852 mutex_init(&tty->termios_mutex);
2853 mutex_init(&tty->ldisc_mutex);
2854 init_waitqueue_head(&tty->write_wait);
2855 init_waitqueue_head(&tty->read_wait);
2856 INIT_WORK(&tty->hangup_work, do_tty_hangup);
2857 mutex_init(&tty->atomic_read_lock);
2858 mutex_init(&tty->atomic_write_lock);
2859 mutex_init(&tty->output_lock);
2860 mutex_init(&tty->echo_lock);
2861 spin_lock_init(&tty->read_lock);
2862 spin_lock_init(&tty->ctrl_lock);
2863 INIT_LIST_HEAD(&tty->tty_files);
2864 INIT_WORK(&tty->SAK_work, do_SAK_work);
2865
2866 tty->driver = driver;
2867 tty->ops = driver->ops;
2868 tty->index = idx;
2869 tty_line_name(driver, idx, tty->name);
2870 tty->dev = tty_get_device(tty);
2871}
2872
2873/**
2874 * tty_put_char - write one character to a tty
2875 * @tty: tty
2876 * @ch: character
2877 *
2878 * Write one byte to the tty using the provided put_char method
2879 * if present. Returns the number of characters successfully output.
2880 *
2881 * Note: the specific put_char operation in the driver layer may go
2882 * away soon. Don't call it directly, use this method
2883 */
2884
2885int tty_put_char(struct tty_struct *tty, unsigned char ch)
2886{
2887 if (tty->ops->put_char)
2888 return tty->ops->put_char(tty, ch);
2889 return tty->ops->write(tty, &ch, 1);
2890}
2891EXPORT_SYMBOL_GPL(tty_put_char);
2892
2893struct class *tty_class;
2894
2895/**
2896 * tty_register_device - register a tty device
2897 * @driver: the tty driver that describes the tty device
2898 * @index: the index in the tty driver for this tty device
2899 * @device: a struct device that is associated with this tty device.
2900 * This field is optional, if there is no known struct device
2901 * for this tty device it can be set to NULL safely.
2902 *
2903 * Returns a pointer to the struct device for this tty device
2904 * (or ERR_PTR(-EFOO) on error).
2905 *
2906 * This call is required to be made to register an individual tty device
2907 * if the tty driver's flags have the TTY_DRIVER_DYNAMIC_DEV bit set. If
2908 * that bit is not set, this function should not be called by a tty
2909 * driver.
2910 *
2911 * Locking: ??
2912 */
2913
2914struct device *tty_register_device(struct tty_driver *driver, unsigned index,
2915 struct device *device)
2916{
2917 char name[64];
2918 dev_t dev = MKDEV(driver->major, driver->minor_start) + index;
2919
2920 if (index >= driver->num) {
2921 printk(KERN_ERR "Attempt to register invalid tty line number "
2922 " (%d).\n", index);
2923 return ERR_PTR(-EINVAL);
2924 }
2925
2926 if (driver->type == TTY_DRIVER_TYPE_PTY)
2927 pty_line_name(driver, index, name);
2928 else
2929 tty_line_name(driver, index, name);
2930
2931 return device_create(tty_class, device, dev, NULL, name);
2932}
2933EXPORT_SYMBOL(tty_register_device);
2934
2935/**
2936 * tty_unregister_device - unregister a tty device
2937 * @driver: the tty driver that describes the tty device
2938 * @index: the index in the tty driver for this tty device
2939 *
2940 * If a tty device is registered with a call to tty_register_device() then
2941 * this function must be called when the tty device is gone.
2942 *
2943 * Locking: ??
2944 */
2945
2946void tty_unregister_device(struct tty_driver *driver, unsigned index)
2947{
2948 device_destroy(tty_class,
2949 MKDEV(driver->major, driver->minor_start) + index);
2950}
2951EXPORT_SYMBOL(tty_unregister_device);
2952
2953struct tty_driver *alloc_tty_driver(int lines)
2954{
2955 struct tty_driver *driver;
2956
2957 driver = kzalloc(sizeof(struct tty_driver), GFP_KERNEL);
2958 if (driver) {
2959 kref_init(&driver->kref);
2960 driver->magic = TTY_DRIVER_MAGIC;
2961 driver->num = lines;
2962 /* later we'll move allocation of tables here */
2963 }
2964 return driver;
2965}
2966EXPORT_SYMBOL(alloc_tty_driver);
2967
2968static void destruct_tty_driver(struct kref *kref)
2969{
2970 struct tty_driver *driver = container_of(kref, struct tty_driver, kref);
2971 int i;
2972 struct ktermios *tp;
2973 void *p;
2974
2975 if (driver->flags & TTY_DRIVER_INSTALLED) {
2976 /*
2977 * Free the termios and termios_locked structures because
2978 * we don't want to get memory leaks when modular tty
2979 * drivers are removed from the kernel.
2980 */
2981 for (i = 0; i < driver->num; i++) {
2982 tp = driver->termios[i];
2983 if (tp) {
2984 driver->termios[i] = NULL;
2985 kfree(tp);
2986 }
2987 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV))
2988 tty_unregister_device(driver, i);
2989 }
2990 p = driver->ttys;
2991 proc_tty_unregister_driver(driver);
2992 driver->ttys = NULL;
2993 driver->termios = NULL;
2994 kfree(p);
2995 cdev_del(&driver->cdev);
2996 }
2997 kfree(driver);
2998}
2999
3000void tty_driver_kref_put(struct tty_driver *driver)
3001{
3002 kref_put(&driver->kref, destruct_tty_driver);
3003}
3004EXPORT_SYMBOL(tty_driver_kref_put);
3005
3006void tty_set_operations(struct tty_driver *driver,
3007 const struct tty_operations *op)
3008{
3009 driver->ops = op;
3010};
3011EXPORT_SYMBOL(tty_set_operations);
3012
3013void put_tty_driver(struct tty_driver *d)
3014{
3015 tty_driver_kref_put(d);
3016}
3017EXPORT_SYMBOL(put_tty_driver);
3018
3019/*
3020 * Called by a tty driver to register itself.
3021 */
3022int tty_register_driver(struct tty_driver *driver)
3023{
3024 int error;
3025 int i;
3026 dev_t dev;
3027 void **p = NULL;
3028 struct device *d;
3029
3030 if (!(driver->flags & TTY_DRIVER_DEVPTS_MEM) && driver->num) {
3031 p = kzalloc(driver->num * 2 * sizeof(void *), GFP_KERNEL);
3032 if (!p)
3033 return -ENOMEM;
3034 }
3035
3036 if (!driver->major) {
3037 error = alloc_chrdev_region(&dev, driver->minor_start,
3038 driver->num, driver->name);
3039 if (!error) {
3040 driver->major = MAJOR(dev);
3041 driver->minor_start = MINOR(dev);
3042 }
3043 } else {
3044 dev = MKDEV(driver->major, driver->minor_start);
3045 error = register_chrdev_region(dev, driver->num, driver->name);
3046 }
3047 if (error < 0) {
3048 kfree(p);
3049 return error;
3050 }
3051
3052 if (p) {
3053 driver->ttys = (struct tty_struct **)p;
3054 driver->termios = (struct ktermios **)(p + driver->num);
3055 } else {
3056 driver->ttys = NULL;
3057 driver->termios = NULL;
3058 }
3059
3060 cdev_init(&driver->cdev, &tty_fops);
3061 driver->cdev.owner = driver->owner;
3062 error = cdev_add(&driver->cdev, dev, driver->num);
3063 if (error) {
3064 unregister_chrdev_region(dev, driver->num);
3065 driver->ttys = NULL;
3066 driver->termios = NULL;
3067 kfree(p);
3068 return error;
3069 }
3070
3071 mutex_lock(&tty_mutex);
3072 list_add(&driver->tty_drivers, &tty_drivers);
3073 mutex_unlock(&tty_mutex);
3074
3075 if (!(driver->flags & TTY_DRIVER_DYNAMIC_DEV)) {
3076 for (i = 0; i < driver->num; i++) {
3077 d = tty_register_device(driver, i, NULL);
3078 if (IS_ERR(d)) {
3079 error = PTR_ERR(d);
3080 goto err;
3081 }
3082 }
3083 }
3084 proc_tty_register_driver(driver);
3085 driver->flags |= TTY_DRIVER_INSTALLED;
3086 return 0;
3087
3088err:
3089 for (i--; i >= 0; i--)
3090 tty_unregister_device(driver, i);
3091
3092 mutex_lock(&tty_mutex);
3093 list_del(&driver->tty_drivers);
3094 mutex_unlock(&tty_mutex);
3095
3096 unregister_chrdev_region(dev, driver->num);
3097 driver->ttys = NULL;
3098 driver->termios = NULL;
3099 kfree(p);
3100 return error;
3101}
3102
3103EXPORT_SYMBOL(tty_register_driver);
3104
3105/*
3106 * Called by a tty driver to unregister itself.
3107 */
3108int tty_unregister_driver(struct tty_driver *driver)
3109{
3110#if 0
3111 /* FIXME */
3112 if (driver->refcount)
3113 return -EBUSY;
3114#endif
3115 unregister_chrdev_region(MKDEV(driver->major, driver->minor_start),
3116 driver->num);
3117 mutex_lock(&tty_mutex);
3118 list_del(&driver->tty_drivers);
3119 mutex_unlock(&tty_mutex);
3120 return 0;
3121}
3122
3123EXPORT_SYMBOL(tty_unregister_driver);
3124
3125dev_t tty_devnum(struct tty_struct *tty)
3126{
3127 return MKDEV(tty->driver->major, tty->driver->minor_start) + tty->index;
3128}
3129EXPORT_SYMBOL(tty_devnum);
3130
3131void proc_clear_tty(struct task_struct *p)
3132{
3133 unsigned long flags;
3134 struct tty_struct *tty;
3135 spin_lock_irqsave(&p->sighand->siglock, flags);
3136 tty = p->signal->tty;
3137 p->signal->tty = NULL;
3138 spin_unlock_irqrestore(&p->sighand->siglock, flags);
3139 tty_kref_put(tty);
3140}
3141
3142/* Called under the sighand lock */
3143
3144static void __proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3145{
3146 if (tty) {
3147 unsigned long flags;
3148 /* We should not have a session or pgrp to put here but.... */
3149 spin_lock_irqsave(&tty->ctrl_lock, flags);
3150 put_pid(tty->session);
3151 put_pid(tty->pgrp);
3152 tty->pgrp = get_pid(task_pgrp(tsk));
3153 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
3154 tty->session = get_pid(task_session(tsk));
3155 if (tsk->signal->tty) {
3156 printk(KERN_DEBUG "tty not NULL!!\n");
3157 tty_kref_put(tsk->signal->tty);
3158 }
3159 }
3160 put_pid(tsk->signal->tty_old_pgrp);
3161 tsk->signal->tty = tty_kref_get(tty);
3162 tsk->signal->tty_old_pgrp = NULL;
3163}
3164
3165static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty)
3166{
3167 spin_lock_irq(&tsk->sighand->siglock);
3168 __proc_set_tty(tsk, tty);
3169 spin_unlock_irq(&tsk->sighand->siglock);
3170}
3171
3172struct tty_struct *get_current_tty(void)
3173{
3174 struct tty_struct *tty;
3175 unsigned long flags;
3176
3177 spin_lock_irqsave(&current->sighand->siglock, flags);
3178 tty = tty_kref_get(current->signal->tty);
3179 spin_unlock_irqrestore(&current->sighand->siglock, flags);
3180 return tty;
3181}
3182EXPORT_SYMBOL_GPL(get_current_tty);
3183
3184void tty_default_fops(struct file_operations *fops)
3185{
3186 *fops = tty_fops;
3187}
3188
3189/*
3190 * Initialize the console device. This is called *early*, so
3191 * we can't necessarily depend on lots of kernel help here.
3192 * Just do some early initializations, and do the complex setup
3193 * later.
3194 */
3195void __init console_init(void)
3196{
3197 initcall_t *call;
3198
3199 /* Setup the default TTY line discipline. */
3200 tty_ldisc_begin();
3201
3202 /*
3203 * set up the console device so that later boot sequences can
3204 * inform about problems etc..
3205 */
3206 call = __con_initcall_start;
3207 while (call < __con_initcall_end) {
3208 (*call)();
3209 call++;
3210 }
3211}
3212
3213static char *tty_devnode(struct device *dev, mode_t *mode)
3214{
3215 if (!mode)
3216 return NULL;
3217 if (dev->devt == MKDEV(TTYAUX_MAJOR, 0) ||
3218 dev->devt == MKDEV(TTYAUX_MAJOR, 2))
3219 *mode = 0666;
3220 return NULL;
3221}
3222
3223static int __init tty_class_init(void)
3224{
3225 tty_class = class_create(THIS_MODULE, "tty");
3226 if (IS_ERR(tty_class))
3227 return PTR_ERR(tty_class);
3228 tty_class->devnode = tty_devnode;
3229 return 0;
3230}
3231
3232postcore_initcall(tty_class_init);
3233
3234/* 3/2004 jmc: why do these devices exist? */
3235
3236static struct cdev tty_cdev, console_cdev;
3237
3238/*
3239 * Ok, now we can initialize the rest of the tty devices and can count
3240 * on memory allocations, interrupts etc..
3241 */
3242int __init tty_init(void)
3243{
3244 cdev_init(&tty_cdev, &tty_fops);
3245 if (cdev_add(&tty_cdev, MKDEV(TTYAUX_MAJOR, 0), 1) ||
3246 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 0), 1, "/dev/tty") < 0)
3247 panic("Couldn't register /dev/tty driver\n");
3248 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 0), NULL,
3249 "tty");
3250
3251 cdev_init(&console_cdev, &console_fops);
3252 if (cdev_add(&console_cdev, MKDEV(TTYAUX_MAJOR, 1), 1) ||
3253 register_chrdev_region(MKDEV(TTYAUX_MAJOR, 1), 1, "/dev/console") < 0)
3254 panic("Couldn't register /dev/console driver\n");
3255 device_create(tty_class, NULL, MKDEV(TTYAUX_MAJOR, 1), NULL,
3256 "console");
3257
3258#ifdef CONFIG_VT
3259 vty_init(&console_fops);
3260#endif
3261 return 0;
3262}
3263
diff --git a/drivers/char/tty_ioctl.c b/drivers/char/tty_ioctl.c
deleted file mode 100644
index 0c188997145..00000000000
--- a/drivers/char/tty_ioctl.c
+++ /dev/null
@@ -1,1179 +0,0 @@
1/*
2 * linux/drivers/char/tty_ioctl.c
3 *
4 * Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds
5 *
6 * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
7 * which can be dynamically activated and de-activated by the line
8 * discipline handling modules (like SLIP).
9 */
10
11#include <linux/types.h>
12#include <linux/termios.h>
13#include <linux/errno.h>
14#include <linux/sched.h>
15#include <linux/kernel.h>
16#include <linux/major.h>
17#include <linux/tty.h>
18#include <linux/fcntl.h>
19#include <linux/string.h>
20#include <linux/mm.h>
21#include <linux/module.h>
22#include <linux/bitops.h>
23#include <linux/mutex.h>
24
25#include <asm/io.h>
26#include <asm/uaccess.h>
27#include <asm/system.h>
28
29#undef TTY_DEBUG_WAIT_UNTIL_SENT
30
31#undef DEBUG
32
33/*
34 * Internal flag options for termios setting behavior
35 */
36#define TERMIOS_FLUSH 1
37#define TERMIOS_WAIT 2
38#define TERMIOS_TERMIO 4
39#define TERMIOS_OLD 8
40
41
42/**
43 * tty_chars_in_buffer - characters pending
44 * @tty: terminal
45 *
46 * Return the number of bytes of data in the device private
47 * output queue. If no private method is supplied there is assumed
48 * to be no queue on the device.
49 */
50
51int tty_chars_in_buffer(struct tty_struct *tty)
52{
53 if (tty->ops->chars_in_buffer)
54 return tty->ops->chars_in_buffer(tty);
55 else
56 return 0;
57}
58EXPORT_SYMBOL(tty_chars_in_buffer);
59
60/**
61 * tty_write_room - write queue space
62 * @tty: terminal
63 *
64 * Return the number of bytes that can be queued to this device
65 * at the present time. The result should be treated as a guarantee
66 * and the driver cannot offer a value it later shrinks by more than
67 * the number of bytes written. If no method is provided 2K is always
68 * returned and data may be lost as there will be no flow control.
69 */
70
71int tty_write_room(struct tty_struct *tty)
72{
73 if (tty->ops->write_room)
74 return tty->ops->write_room(tty);
75 return 2048;
76}
77EXPORT_SYMBOL(tty_write_room);
78
79/**
80 * tty_driver_flush_buffer - discard internal buffer
81 * @tty: terminal
82 *
83 * Discard the internal output buffer for this device. If no method
84 * is provided then either the buffer cannot be hardware flushed or
85 * there is no buffer driver side.
86 */
87void tty_driver_flush_buffer(struct tty_struct *tty)
88{
89 if (tty->ops->flush_buffer)
90 tty->ops->flush_buffer(tty);
91}
92EXPORT_SYMBOL(tty_driver_flush_buffer);
93
94/**
95 * tty_throttle - flow control
96 * @tty: terminal
97 *
98 * Indicate that a tty should stop transmitting data down the stack.
99 * Takes the termios mutex to protect against parallel throttle/unthrottle
100 * and also to ensure the driver can consistently reference its own
101 * termios data at this point when implementing software flow control.
102 */
103
104void tty_throttle(struct tty_struct *tty)
105{
106 mutex_lock(&tty->termios_mutex);
107 /* check TTY_THROTTLED first so it indicates our state */
108 if (!test_and_set_bit(TTY_THROTTLED, &tty->flags) &&
109 tty->ops->throttle)
110 tty->ops->throttle(tty);
111 mutex_unlock(&tty->termios_mutex);
112}
113EXPORT_SYMBOL(tty_throttle);
114
115/**
116 * tty_unthrottle - flow control
117 * @tty: terminal
118 *
119 * Indicate that a tty may continue transmitting data down the stack.
120 * Takes the termios mutex to protect against parallel throttle/unthrottle
121 * and also to ensure the driver can consistently reference its own
122 * termios data at this point when implementing software flow control.
123 *
124 * Drivers should however remember that the stack can issue a throttle,
125 * then change flow control method, then unthrottle.
126 */
127
128void tty_unthrottle(struct tty_struct *tty)
129{
130 mutex_lock(&tty->termios_mutex);
131 if (test_and_clear_bit(TTY_THROTTLED, &tty->flags) &&
132 tty->ops->unthrottle)
133 tty->ops->unthrottle(tty);
134 mutex_unlock(&tty->termios_mutex);
135}
136EXPORT_SYMBOL(tty_unthrottle);
137
138/**
139 * tty_wait_until_sent - wait for I/O to finish
140 * @tty: tty we are waiting for
141 * @timeout: how long we will wait
142 *
143 * Wait for characters pending in a tty driver to hit the wire, or
144 * for a timeout to occur (eg due to flow control)
145 *
146 * Locking: none
147 */
148
149void tty_wait_until_sent(struct tty_struct *tty, long timeout)
150{
151#ifdef TTY_DEBUG_WAIT_UNTIL_SENT
152 char buf[64];
153
154 printk(KERN_DEBUG "%s wait until sent...\n", tty_name(tty, buf));
155#endif
156 if (!timeout)
157 timeout = MAX_SCHEDULE_TIMEOUT;
158 if (wait_event_interruptible_timeout(tty->write_wait,
159 !tty_chars_in_buffer(tty), timeout) >= 0) {
160 if (tty->ops->wait_until_sent)
161 tty->ops->wait_until_sent(tty, timeout);
162 }
163}
164EXPORT_SYMBOL(tty_wait_until_sent);
165
166
167/*
168 * Termios Helper Methods
169 */
170
171static void unset_locked_termios(struct ktermios *termios,
172 struct ktermios *old,
173 struct ktermios *locked)
174{
175 int i;
176
177#define NOSET_MASK(x, y, z) (x = ((x) & ~(z)) | ((y) & (z)))
178
179 if (!locked) {
180 printk(KERN_WARNING "Warning?!? termios_locked is NULL.\n");
181 return;
182 }
183
184 NOSET_MASK(termios->c_iflag, old->c_iflag, locked->c_iflag);
185 NOSET_MASK(termios->c_oflag, old->c_oflag, locked->c_oflag);
186 NOSET_MASK(termios->c_cflag, old->c_cflag, locked->c_cflag);
187 NOSET_MASK(termios->c_lflag, old->c_lflag, locked->c_lflag);
188 termios->c_line = locked->c_line ? old->c_line : termios->c_line;
189 for (i = 0; i < NCCS; i++)
190 termios->c_cc[i] = locked->c_cc[i] ?
191 old->c_cc[i] : termios->c_cc[i];
192 /* FIXME: What should we do for i/ospeed */
193}
194
195/*
196 * Routine which returns the baud rate of the tty
197 *
198 * Note that the baud_table needs to be kept in sync with the
199 * include/asm/termbits.h file.
200 */
201static const speed_t baud_table[] = {
202 0, 50, 75, 110, 134, 150, 200, 300, 600, 1200, 1800, 2400, 4800,
203 9600, 19200, 38400, 57600, 115200, 230400, 460800,
204#ifdef __sparc__
205 76800, 153600, 307200, 614400, 921600
206#else
207 500000, 576000, 921600, 1000000, 1152000, 1500000, 2000000,
208 2500000, 3000000, 3500000, 4000000
209#endif
210};
211
212#ifndef __sparc__
213static const tcflag_t baud_bits[] = {
214 B0, B50, B75, B110, B134, B150, B200, B300, B600,
215 B1200, B1800, B2400, B4800, B9600, B19200, B38400,
216 B57600, B115200, B230400, B460800, B500000, B576000,
217 B921600, B1000000, B1152000, B1500000, B2000000, B2500000,
218 B3000000, B3500000, B4000000
219};
220#else
221static const tcflag_t baud_bits[] = {
222 B0, B50, B75, B110, B134, B150, B200, B300, B600,
223 B1200, B1800, B2400, B4800, B9600, B19200, B38400,
224 B57600, B115200, B230400, B460800, B76800, B153600,
225 B307200, B614400, B921600
226};
227#endif
228
229static int n_baud_table = ARRAY_SIZE(baud_table);
230
231/**
232 * tty_termios_baud_rate
233 * @termios: termios structure
234 *
235 * Convert termios baud rate data into a speed. This should be called
236 * with the termios lock held if this termios is a terminal termios
237 * structure. May change the termios data. Device drivers can call this
238 * function but should use ->c_[io]speed directly as they are updated.
239 *
240 * Locking: none
241 */
242
243speed_t tty_termios_baud_rate(struct ktermios *termios)
244{
245 unsigned int cbaud;
246
247 cbaud = termios->c_cflag & CBAUD;
248
249#ifdef BOTHER
250 /* Magic token for arbitary speed via c_ispeed/c_ospeed */
251 if (cbaud == BOTHER)
252 return termios->c_ospeed;
253#endif
254 if (cbaud & CBAUDEX) {
255 cbaud &= ~CBAUDEX;
256
257 if (cbaud < 1 || cbaud + 15 > n_baud_table)
258 termios->c_cflag &= ~CBAUDEX;
259 else
260 cbaud += 15;
261 }
262 return baud_table[cbaud];
263}
264EXPORT_SYMBOL(tty_termios_baud_rate);
265
266/**
267 * tty_termios_input_baud_rate
268 * @termios: termios structure
269 *
270 * Convert termios baud rate data into a speed. This should be called
271 * with the termios lock held if this termios is a terminal termios
272 * structure. May change the termios data. Device drivers can call this
273 * function but should use ->c_[io]speed directly as they are updated.
274 *
275 * Locking: none
276 */
277
278speed_t tty_termios_input_baud_rate(struct ktermios *termios)
279{
280#ifdef IBSHIFT
281 unsigned int cbaud = (termios->c_cflag >> IBSHIFT) & CBAUD;
282
283 if (cbaud == B0)
284 return tty_termios_baud_rate(termios);
285
286 /* Magic token for arbitary speed via c_ispeed*/
287 if (cbaud == BOTHER)
288 return termios->c_ispeed;
289
290 if (cbaud & CBAUDEX) {
291 cbaud &= ~CBAUDEX;
292
293 if (cbaud < 1 || cbaud + 15 > n_baud_table)
294 termios->c_cflag &= ~(CBAUDEX << IBSHIFT);
295 else
296 cbaud += 15;
297 }
298 return baud_table[cbaud];
299#else
300 return tty_termios_baud_rate(termios);
301#endif
302}
303EXPORT_SYMBOL(tty_termios_input_baud_rate);
304
305/**
306 * tty_termios_encode_baud_rate
307 * @termios: ktermios structure holding user requested state
308 * @ispeed: input speed
309 * @ospeed: output speed
310 *
311 * Encode the speeds set into the passed termios structure. This is
312 * used as a library helper for drivers os that they can report back
313 * the actual speed selected when it differs from the speed requested
314 *
315 * For maximal back compatibility with legacy SYS5/POSIX *nix behaviour
316 * we need to carefully set the bits when the user does not get the
317 * desired speed. We allow small margins and preserve as much of possible
318 * of the input intent to keep compatibility.
319 *
320 * Locking: Caller should hold termios lock. This is already held
321 * when calling this function from the driver termios handler.
322 *
323 * The ifdefs deal with platforms whose owners have yet to update them
324 * and will all go away once this is done.
325 */
326
327void tty_termios_encode_baud_rate(struct ktermios *termios,
328 speed_t ibaud, speed_t obaud)
329{
330 int i = 0;
331 int ifound = -1, ofound = -1;
332 int iclose = ibaud/50, oclose = obaud/50;
333 int ibinput = 0;
334
335 if (obaud == 0) /* CD dropped */
336 ibaud = 0; /* Clear ibaud to be sure */
337
338 termios->c_ispeed = ibaud;
339 termios->c_ospeed = obaud;
340
341#ifdef BOTHER
342 /* If the user asked for a precise weird speed give a precise weird
343 answer. If they asked for a Bfoo speed they many have problems
344 digesting non-exact replies so fuzz a bit */
345
346 if ((termios->c_cflag & CBAUD) == BOTHER)
347 oclose = 0;
348 if (((termios->c_cflag >> IBSHIFT) & CBAUD) == BOTHER)
349 iclose = 0;
350 if ((termios->c_cflag >> IBSHIFT) & CBAUD)
351 ibinput = 1; /* An input speed was specified */
352#endif
353 termios->c_cflag &= ~CBAUD;
354
355 /*
356 * Our goal is to find a close match to the standard baud rate
357 * returned. Walk the baud rate table and if we get a very close
358 * match then report back the speed as a POSIX Bxxxx value by
359 * preference
360 */
361
362 do {
363 if (obaud - oclose <= baud_table[i] &&
364 obaud + oclose >= baud_table[i]) {
365 termios->c_cflag |= baud_bits[i];
366 ofound = i;
367 }
368 if (ibaud - iclose <= baud_table[i] &&
369 ibaud + iclose >= baud_table[i]) {
370 /* For the case input == output don't set IBAUD bits
371 if the user didn't do so */
372 if (ofound == i && !ibinput)
373 ifound = i;
374#ifdef IBSHIFT
375 else {
376 ifound = i;
377 termios->c_cflag |= (baud_bits[i] << IBSHIFT);
378 }
379#endif
380 }
381 } while (++i < n_baud_table);
382
383 /*
384 * If we found no match then use BOTHER if provided or warn
385 * the user their platform maintainer needs to wake up if not.
386 */
387#ifdef BOTHER
388 if (ofound == -1)
389 termios->c_cflag |= BOTHER;
390 /* Set exact input bits only if the input and output differ or the
391 user already did */
392 if (ifound == -1 && (ibaud != obaud || ibinput))
393 termios->c_cflag |= (BOTHER << IBSHIFT);
394#else
395 if (ifound == -1 || ofound == -1) {
396 printk_once(KERN_WARNING "tty: Unable to return correct "
397 "speed data as your architecture needs updating.\n");
398 }
399#endif
400}
401EXPORT_SYMBOL_GPL(tty_termios_encode_baud_rate);
402
403/**
404 * tty_encode_baud_rate - set baud rate of the tty
405 * @ibaud: input baud rate
406 * @obad: output baud rate
407 *
408 * Update the current termios data for the tty with the new speed
409 * settings. The caller must hold the termios_mutex for the tty in
410 * question.
411 */
412
413void tty_encode_baud_rate(struct tty_struct *tty, speed_t ibaud, speed_t obaud)
414{
415 tty_termios_encode_baud_rate(tty->termios, ibaud, obaud);
416}
417EXPORT_SYMBOL_GPL(tty_encode_baud_rate);
418
419/**
420 * tty_get_baud_rate - get tty bit rates
421 * @tty: tty to query
422 *
423 * Returns the baud rate as an integer for this terminal. The
424 * termios lock must be held by the caller and the terminal bit
425 * flags may be updated.
426 *
427 * Locking: none
428 */
429
430speed_t tty_get_baud_rate(struct tty_struct *tty)
431{
432 speed_t baud = tty_termios_baud_rate(tty->termios);
433
434 if (baud == 38400 && tty->alt_speed) {
435 if (!tty->warned) {
436 printk(KERN_WARNING "Use of setserial/setrocket to "
437 "set SPD_* flags is deprecated\n");
438 tty->warned = 1;
439 }
440 baud = tty->alt_speed;
441 }
442
443 return baud;
444}
445EXPORT_SYMBOL(tty_get_baud_rate);
446
447/**
448 * tty_termios_copy_hw - copy hardware settings
449 * @new: New termios
450 * @old: Old termios
451 *
452 * Propogate the hardware specific terminal setting bits from
453 * the old termios structure to the new one. This is used in cases
454 * where the hardware does not support reconfiguration or as a helper
455 * in some cases where only minimal reconfiguration is supported
456 */
457
458void tty_termios_copy_hw(struct ktermios *new, struct ktermios *old)
459{
460 /* The bits a dumb device handles in software. Smart devices need
461 to always provide a set_termios method */
462 new->c_cflag &= HUPCL | CREAD | CLOCAL;
463 new->c_cflag |= old->c_cflag & ~(HUPCL | CREAD | CLOCAL);
464 new->c_ispeed = old->c_ispeed;
465 new->c_ospeed = old->c_ospeed;
466}
467EXPORT_SYMBOL(tty_termios_copy_hw);
468
469/**
470 * tty_termios_hw_change - check for setting change
471 * @a: termios
472 * @b: termios to compare
473 *
474 * Check if any of the bits that affect a dumb device have changed
475 * between the two termios structures, or a speed change is needed.
476 */
477
478int tty_termios_hw_change(struct ktermios *a, struct ktermios *b)
479{
480 if (a->c_ispeed != b->c_ispeed || a->c_ospeed != b->c_ospeed)
481 return 1;
482 if ((a->c_cflag ^ b->c_cflag) & ~(HUPCL | CREAD | CLOCAL))
483 return 1;
484 return 0;
485}
486EXPORT_SYMBOL(tty_termios_hw_change);
487
488/**
489 * change_termios - update termios values
490 * @tty: tty to update
491 * @new_termios: desired new value
492 *
493 * Perform updates to the termios values set on this terminal. There
494 * is a bit of layering violation here with n_tty in terms of the
495 * internal knowledge of this function.
496 *
497 * Locking: termios_mutex
498 */
499
500static void change_termios(struct tty_struct *tty, struct ktermios *new_termios)
501{
502 struct ktermios old_termios;
503 struct tty_ldisc *ld;
504 unsigned long flags;
505
506 /*
507 * Perform the actual termios internal changes under lock.
508 */
509
510
511 /* FIXME: we need to decide on some locking/ordering semantics
512 for the set_termios notification eventually */
513 mutex_lock(&tty->termios_mutex);
514 old_termios = *tty->termios;
515 *tty->termios = *new_termios;
516 unset_locked_termios(tty->termios, &old_termios, tty->termios_locked);
517
518 /* See if packet mode change of state. */
519 if (tty->link && tty->link->packet) {
520 int extproc = (old_termios.c_lflag & EXTPROC) |
521 (tty->termios->c_lflag & EXTPROC);
522 int old_flow = ((old_termios.c_iflag & IXON) &&
523 (old_termios.c_cc[VSTOP] == '\023') &&
524 (old_termios.c_cc[VSTART] == '\021'));
525 int new_flow = (I_IXON(tty) &&
526 STOP_CHAR(tty) == '\023' &&
527 START_CHAR(tty) == '\021');
528 if ((old_flow != new_flow) || extproc) {
529 spin_lock_irqsave(&tty->ctrl_lock, flags);
530 if (old_flow != new_flow) {
531 tty->ctrl_status &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP);
532 if (new_flow)
533 tty->ctrl_status |= TIOCPKT_DOSTOP;
534 else
535 tty->ctrl_status |= TIOCPKT_NOSTOP;
536 }
537 if (extproc)
538 tty->ctrl_status |= TIOCPKT_IOCTL;
539 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
540 wake_up_interruptible(&tty->link->read_wait);
541 }
542 }
543
544 if (tty->ops->set_termios)
545 (*tty->ops->set_termios)(tty, &old_termios);
546 else
547 tty_termios_copy_hw(tty->termios, &old_termios);
548
549 ld = tty_ldisc_ref(tty);
550 if (ld != NULL) {
551 if (ld->ops->set_termios)
552 (ld->ops->set_termios)(tty, &old_termios);
553 tty_ldisc_deref(ld);
554 }
555 mutex_unlock(&tty->termios_mutex);
556}
557
558/**
559 * set_termios - set termios values for a tty
560 * @tty: terminal device
561 * @arg: user data
562 * @opt: option information
563 *
564 * Helper function to prepare termios data and run necessary other
565 * functions before using change_termios to do the actual changes.
566 *
567 * Locking:
568 * Called functions take ldisc and termios_mutex locks
569 */
570
571static int set_termios(struct tty_struct *tty, void __user *arg, int opt)
572{
573 struct ktermios tmp_termios;
574 struct tty_ldisc *ld;
575 int retval = tty_check_change(tty);
576
577 if (retval)
578 return retval;
579
580 mutex_lock(&tty->termios_mutex);
581 memcpy(&tmp_termios, tty->termios, sizeof(struct ktermios));
582 mutex_unlock(&tty->termios_mutex);
583
584 if (opt & TERMIOS_TERMIO) {
585 if (user_termio_to_kernel_termios(&tmp_termios,
586 (struct termio __user *)arg))
587 return -EFAULT;
588#ifdef TCGETS2
589 } else if (opt & TERMIOS_OLD) {
590 if (user_termios_to_kernel_termios_1(&tmp_termios,
591 (struct termios __user *)arg))
592 return -EFAULT;
593 } else {
594 if (user_termios_to_kernel_termios(&tmp_termios,
595 (struct termios2 __user *)arg))
596 return -EFAULT;
597 }
598#else
599 } else if (user_termios_to_kernel_termios(&tmp_termios,
600 (struct termios __user *)arg))
601 return -EFAULT;
602#endif
603
604 /* If old style Bfoo values are used then load c_ispeed/c_ospeed
605 * with the real speed so its unconditionally usable */
606 tmp_termios.c_ispeed = tty_termios_input_baud_rate(&tmp_termios);
607 tmp_termios.c_ospeed = tty_termios_baud_rate(&tmp_termios);
608
609 ld = tty_ldisc_ref(tty);
610
611 if (ld != NULL) {
612 if ((opt & TERMIOS_FLUSH) && ld->ops->flush_buffer)
613 ld->ops->flush_buffer(tty);
614 tty_ldisc_deref(ld);
615 }
616
617 if (opt & TERMIOS_WAIT) {
618 tty_wait_until_sent(tty, 0);
619 if (signal_pending(current))
620 return -EINTR;
621 }
622
623 change_termios(tty, &tmp_termios);
624
625 /* FIXME: Arguably if tmp_termios == tty->termios AND the
626 actual requested termios was not tmp_termios then we may
627 want to return an error as no user requested change has
628 succeeded */
629 return 0;
630}
631
632static void copy_termios(struct tty_struct *tty, struct ktermios *kterm)
633{
634 mutex_lock(&tty->termios_mutex);
635 memcpy(kterm, tty->termios, sizeof(struct ktermios));
636 mutex_unlock(&tty->termios_mutex);
637}
638
639static void copy_termios_locked(struct tty_struct *tty, struct ktermios *kterm)
640{
641 mutex_lock(&tty->termios_mutex);
642 memcpy(kterm, tty->termios_locked, sizeof(struct ktermios));
643 mutex_unlock(&tty->termios_mutex);
644}
645
646static int get_termio(struct tty_struct *tty, struct termio __user *termio)
647{
648 struct ktermios kterm;
649 copy_termios(tty, &kterm);
650 if (kernel_termios_to_user_termio(termio, &kterm))
651 return -EFAULT;
652 return 0;
653}
654
655
656#ifdef TCGETX
657
658/**
659 * set_termiox - set termiox fields if possible
660 * @tty: terminal
661 * @arg: termiox structure from user
662 * @opt: option flags for ioctl type
663 *
664 * Implement the device calling points for the SYS5 termiox ioctl
665 * interface in Linux
666 */
667
668static int set_termiox(struct tty_struct *tty, void __user *arg, int opt)
669{
670 struct termiox tnew;
671 struct tty_ldisc *ld;
672
673 if (tty->termiox == NULL)
674 return -EINVAL;
675 if (copy_from_user(&tnew, arg, sizeof(struct termiox)))
676 return -EFAULT;
677
678 ld = tty_ldisc_ref(tty);
679 if (ld != NULL) {
680 if ((opt & TERMIOS_FLUSH) && ld->ops->flush_buffer)
681 ld->ops->flush_buffer(tty);
682 tty_ldisc_deref(ld);
683 }
684 if (opt & TERMIOS_WAIT) {
685 tty_wait_until_sent(tty, 0);
686 if (signal_pending(current))
687 return -EINTR;
688 }
689
690 mutex_lock(&tty->termios_mutex);
691 if (tty->ops->set_termiox)
692 tty->ops->set_termiox(tty, &tnew);
693 mutex_unlock(&tty->termios_mutex);
694 return 0;
695}
696
697#endif
698
699
700#ifdef TIOCGETP
701/*
702 * These are deprecated, but there is limited support..
703 *
704 * The "sg_flags" translation is a joke..
705 */
706static int get_sgflags(struct tty_struct *tty)
707{
708 int flags = 0;
709
710 if (!(tty->termios->c_lflag & ICANON)) {
711 if (tty->termios->c_lflag & ISIG)
712 flags |= 0x02; /* cbreak */
713 else
714 flags |= 0x20; /* raw */
715 }
716 if (tty->termios->c_lflag & ECHO)
717 flags |= 0x08; /* echo */
718 if (tty->termios->c_oflag & OPOST)
719 if (tty->termios->c_oflag & ONLCR)
720 flags |= 0x10; /* crmod */
721 return flags;
722}
723
724static int get_sgttyb(struct tty_struct *tty, struct sgttyb __user *sgttyb)
725{
726 struct sgttyb tmp;
727
728 mutex_lock(&tty->termios_mutex);
729 tmp.sg_ispeed = tty->termios->c_ispeed;
730 tmp.sg_ospeed = tty->termios->c_ospeed;
731 tmp.sg_erase = tty->termios->c_cc[VERASE];
732 tmp.sg_kill = tty->termios->c_cc[VKILL];
733 tmp.sg_flags = get_sgflags(tty);
734 mutex_unlock(&tty->termios_mutex);
735
736 return copy_to_user(sgttyb, &tmp, sizeof(tmp)) ? -EFAULT : 0;
737}
738
739static void set_sgflags(struct ktermios *termios, int flags)
740{
741 termios->c_iflag = ICRNL | IXON;
742 termios->c_oflag = 0;
743 termios->c_lflag = ISIG | ICANON;
744 if (flags & 0x02) { /* cbreak */
745 termios->c_iflag = 0;
746 termios->c_lflag &= ~ICANON;
747 }
748 if (flags & 0x08) { /* echo */
749 termios->c_lflag |= ECHO | ECHOE | ECHOK |
750 ECHOCTL | ECHOKE | IEXTEN;
751 }
752 if (flags & 0x10) { /* crmod */
753 termios->c_oflag |= OPOST | ONLCR;
754 }
755 if (flags & 0x20) { /* raw */
756 termios->c_iflag = 0;
757 termios->c_lflag &= ~(ISIG | ICANON);
758 }
759 if (!(termios->c_lflag & ICANON)) {
760 termios->c_cc[VMIN] = 1;
761 termios->c_cc[VTIME] = 0;
762 }
763}
764
765/**
766 * set_sgttyb - set legacy terminal values
767 * @tty: tty structure
768 * @sgttyb: pointer to old style terminal structure
769 *
770 * Updates a terminal from the legacy BSD style terminal information
771 * structure.
772 *
773 * Locking: termios_mutex
774 */
775
776static int set_sgttyb(struct tty_struct *tty, struct sgttyb __user *sgttyb)
777{
778 int retval;
779 struct sgttyb tmp;
780 struct ktermios termios;
781
782 retval = tty_check_change(tty);
783 if (retval)
784 return retval;
785
786 if (copy_from_user(&tmp, sgttyb, sizeof(tmp)))
787 return -EFAULT;
788
789 mutex_lock(&tty->termios_mutex);
790 termios = *tty->termios;
791 termios.c_cc[VERASE] = tmp.sg_erase;
792 termios.c_cc[VKILL] = tmp.sg_kill;
793 set_sgflags(&termios, tmp.sg_flags);
794 /* Try and encode into Bfoo format */
795#ifdef BOTHER
796 tty_termios_encode_baud_rate(&termios, termios.c_ispeed,
797 termios.c_ospeed);
798#endif
799 mutex_unlock(&tty->termios_mutex);
800 change_termios(tty, &termios);
801 return 0;
802}
803#endif
804
805#ifdef TIOCGETC
806static int get_tchars(struct tty_struct *tty, struct tchars __user *tchars)
807{
808 struct tchars tmp;
809
810 mutex_lock(&tty->termios_mutex);
811 tmp.t_intrc = tty->termios->c_cc[VINTR];
812 tmp.t_quitc = tty->termios->c_cc[VQUIT];
813 tmp.t_startc = tty->termios->c_cc[VSTART];
814 tmp.t_stopc = tty->termios->c_cc[VSTOP];
815 tmp.t_eofc = tty->termios->c_cc[VEOF];
816 tmp.t_brkc = tty->termios->c_cc[VEOL2]; /* what is brkc anyway? */
817 mutex_unlock(&tty->termios_mutex);
818 return copy_to_user(tchars, &tmp, sizeof(tmp)) ? -EFAULT : 0;
819}
820
821static int set_tchars(struct tty_struct *tty, struct tchars __user *tchars)
822{
823 struct tchars tmp;
824
825 if (copy_from_user(&tmp, tchars, sizeof(tmp)))
826 return -EFAULT;
827 mutex_lock(&tty->termios_mutex);
828 tty->termios->c_cc[VINTR] = tmp.t_intrc;
829 tty->termios->c_cc[VQUIT] = tmp.t_quitc;
830 tty->termios->c_cc[VSTART] = tmp.t_startc;
831 tty->termios->c_cc[VSTOP] = tmp.t_stopc;
832 tty->termios->c_cc[VEOF] = tmp.t_eofc;
833 tty->termios->c_cc[VEOL2] = tmp.t_brkc; /* what is brkc anyway? */
834 mutex_unlock(&tty->termios_mutex);
835 return 0;
836}
837#endif
838
839#ifdef TIOCGLTC
840static int get_ltchars(struct tty_struct *tty, struct ltchars __user *ltchars)
841{
842 struct ltchars tmp;
843
844 mutex_lock(&tty->termios_mutex);
845 tmp.t_suspc = tty->termios->c_cc[VSUSP];
846 /* what is dsuspc anyway? */
847 tmp.t_dsuspc = tty->termios->c_cc[VSUSP];
848 tmp.t_rprntc = tty->termios->c_cc[VREPRINT];
849 /* what is flushc anyway? */
850 tmp.t_flushc = tty->termios->c_cc[VEOL2];
851 tmp.t_werasc = tty->termios->c_cc[VWERASE];
852 tmp.t_lnextc = tty->termios->c_cc[VLNEXT];
853 mutex_unlock(&tty->termios_mutex);
854 return copy_to_user(ltchars, &tmp, sizeof(tmp)) ? -EFAULT : 0;
855}
856
857static int set_ltchars(struct tty_struct *tty, struct ltchars __user *ltchars)
858{
859 struct ltchars tmp;
860
861 if (copy_from_user(&tmp, ltchars, sizeof(tmp)))
862 return -EFAULT;
863
864 mutex_lock(&tty->termios_mutex);
865 tty->termios->c_cc[VSUSP] = tmp.t_suspc;
866 /* what is dsuspc anyway? */
867 tty->termios->c_cc[VEOL2] = tmp.t_dsuspc;
868 tty->termios->c_cc[VREPRINT] = tmp.t_rprntc;
869 /* what is flushc anyway? */
870 tty->termios->c_cc[VEOL2] = tmp.t_flushc;
871 tty->termios->c_cc[VWERASE] = tmp.t_werasc;
872 tty->termios->c_cc[VLNEXT] = tmp.t_lnextc;
873 mutex_unlock(&tty->termios_mutex);
874 return 0;
875}
876#endif
877
878/**
879 * send_prio_char - send priority character
880 *
881 * Send a high priority character to the tty even if stopped
882 *
883 * Locking: none for xchar method, write ordering for write method.
884 */
885
886static int send_prio_char(struct tty_struct *tty, char ch)
887{
888 int was_stopped = tty->stopped;
889
890 if (tty->ops->send_xchar) {
891 tty->ops->send_xchar(tty, ch);
892 return 0;
893 }
894
895 if (tty_write_lock(tty, 0) < 0)
896 return -ERESTARTSYS;
897
898 if (was_stopped)
899 start_tty(tty);
900 tty->ops->write(tty, &ch, 1);
901 if (was_stopped)
902 stop_tty(tty);
903 tty_write_unlock(tty);
904 return 0;
905}
906
907/**
908 * tty_change_softcar - carrier change ioctl helper
909 * @tty: tty to update
910 * @arg: enable/disable CLOCAL
911 *
912 * Perform a change to the CLOCAL state and call into the driver
913 * layer to make it visible. All done with the termios mutex
914 */
915
916static int tty_change_softcar(struct tty_struct *tty, int arg)
917{
918 int ret = 0;
919 int bit = arg ? CLOCAL : 0;
920 struct ktermios old;
921
922 mutex_lock(&tty->termios_mutex);
923 old = *tty->termios;
924 tty->termios->c_cflag &= ~CLOCAL;
925 tty->termios->c_cflag |= bit;
926 if (tty->ops->set_termios)
927 tty->ops->set_termios(tty, &old);
928 if ((tty->termios->c_cflag & CLOCAL) != bit)
929 ret = -EINVAL;
930 mutex_unlock(&tty->termios_mutex);
931 return ret;
932}
933
934/**
935 * tty_mode_ioctl - mode related ioctls
936 * @tty: tty for the ioctl
937 * @file: file pointer for the tty
938 * @cmd: command
939 * @arg: ioctl argument
940 *
941 * Perform non line discipline specific mode control ioctls. This
942 * is designed to be called by line disciplines to ensure they provide
943 * consistent mode setting.
944 */
945
946int tty_mode_ioctl(struct tty_struct *tty, struct file *file,
947 unsigned int cmd, unsigned long arg)
948{
949 struct tty_struct *real_tty;
950 void __user *p = (void __user *)arg;
951 int ret = 0;
952 struct ktermios kterm;
953
954 if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
955 tty->driver->subtype == PTY_TYPE_MASTER)
956 real_tty = tty->link;
957 else
958 real_tty = tty;
959
960 switch (cmd) {
961#ifdef TIOCGETP
962 case TIOCGETP:
963 return get_sgttyb(real_tty, (struct sgttyb __user *) arg);
964 case TIOCSETP:
965 case TIOCSETN:
966 return set_sgttyb(real_tty, (struct sgttyb __user *) arg);
967#endif
968#ifdef TIOCGETC
969 case TIOCGETC:
970 return get_tchars(real_tty, p);
971 case TIOCSETC:
972 return set_tchars(real_tty, p);
973#endif
974#ifdef TIOCGLTC
975 case TIOCGLTC:
976 return get_ltchars(real_tty, p);
977 case TIOCSLTC:
978 return set_ltchars(real_tty, p);
979#endif
980 case TCSETSF:
981 return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_OLD);
982 case TCSETSW:
983 return set_termios(real_tty, p, TERMIOS_WAIT | TERMIOS_OLD);
984 case TCSETS:
985 return set_termios(real_tty, p, TERMIOS_OLD);
986#ifndef TCGETS2
987 case TCGETS:
988 copy_termios(real_tty, &kterm);
989 if (kernel_termios_to_user_termios((struct termios __user *)arg, &kterm))
990 ret = -EFAULT;
991 return ret;
992#else
993 case TCGETS:
994 copy_termios(real_tty, &kterm);
995 if (kernel_termios_to_user_termios_1((struct termios __user *)arg, &kterm))
996 ret = -EFAULT;
997 return ret;
998 case TCGETS2:
999 copy_termios(real_tty, &kterm);
1000 if (kernel_termios_to_user_termios((struct termios2 __user *)arg, &kterm))
1001 ret = -EFAULT;
1002 return ret;
1003 case TCSETSF2:
1004 return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT);
1005 case TCSETSW2:
1006 return set_termios(real_tty, p, TERMIOS_WAIT);
1007 case TCSETS2:
1008 return set_termios(real_tty, p, 0);
1009#endif
1010 case TCGETA:
1011 return get_termio(real_tty, p);
1012 case TCSETAF:
1013 return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_TERMIO);
1014 case TCSETAW:
1015 return set_termios(real_tty, p, TERMIOS_WAIT | TERMIOS_TERMIO);
1016 case TCSETA:
1017 return set_termios(real_tty, p, TERMIOS_TERMIO);
1018#ifndef TCGETS2
1019 case TIOCGLCKTRMIOS:
1020 copy_termios_locked(real_tty, &kterm);
1021 if (kernel_termios_to_user_termios((struct termios __user *)arg, &kterm))
1022 ret = -EFAULT;
1023 return ret;
1024 case TIOCSLCKTRMIOS:
1025 if (!capable(CAP_SYS_ADMIN))
1026 return -EPERM;
1027 copy_termios_locked(real_tty, &kterm);
1028 if (user_termios_to_kernel_termios(&kterm,
1029 (struct termios __user *) arg))
1030 return -EFAULT;
1031 mutex_lock(&real_tty->termios_mutex);
1032 memcpy(real_tty->termios_locked, &kterm, sizeof(struct ktermios));
1033 mutex_unlock(&real_tty->termios_mutex);
1034 return 0;
1035#else
1036 case TIOCGLCKTRMIOS:
1037 copy_termios_locked(real_tty, &kterm);
1038 if (kernel_termios_to_user_termios_1((struct termios __user *)arg, &kterm))
1039 ret = -EFAULT;
1040 return ret;
1041 case TIOCSLCKTRMIOS:
1042 if (!capable(CAP_SYS_ADMIN))
1043 return -EPERM;
1044 copy_termios_locked(real_tty, &kterm);
1045 if (user_termios_to_kernel_termios_1(&kterm,
1046 (struct termios __user *) arg))
1047 return -EFAULT;
1048 mutex_lock(&real_tty->termios_mutex);
1049 memcpy(real_tty->termios_locked, &kterm, sizeof(struct ktermios));
1050 mutex_unlock(&real_tty->termios_mutex);
1051 return ret;
1052#endif
1053#ifdef TCGETX
1054 case TCGETX: {
1055 struct termiox ktermx;
1056 if (real_tty->termiox == NULL)
1057 return -EINVAL;
1058 mutex_lock(&real_tty->termios_mutex);
1059 memcpy(&ktermx, real_tty->termiox, sizeof(struct termiox));
1060 mutex_unlock(&real_tty->termios_mutex);
1061 if (copy_to_user(p, &ktermx, sizeof(struct termiox)))
1062 ret = -EFAULT;
1063 return ret;
1064 }
1065 case TCSETX:
1066 return set_termiox(real_tty, p, 0);
1067 case TCSETXW:
1068 return set_termiox(real_tty, p, TERMIOS_WAIT);
1069 case TCSETXF:
1070 return set_termiox(real_tty, p, TERMIOS_FLUSH);
1071#endif
1072 case TIOCGSOFTCAR:
1073 copy_termios(real_tty, &kterm);
1074 ret = put_user((kterm.c_cflag & CLOCAL) ? 1 : 0,
1075 (int __user *)arg);
1076 return ret;
1077 case TIOCSSOFTCAR:
1078 if (get_user(arg, (unsigned int __user *) arg))
1079 return -EFAULT;
1080 return tty_change_softcar(real_tty, arg);
1081 default:
1082 return -ENOIOCTLCMD;
1083 }
1084}
1085EXPORT_SYMBOL_GPL(tty_mode_ioctl);
1086
1087int tty_perform_flush(struct tty_struct *tty, unsigned long arg)
1088{
1089 struct tty_ldisc *ld;
1090 int retval = tty_check_change(tty);
1091 if (retval)
1092 return retval;
1093
1094 ld = tty_ldisc_ref_wait(tty);
1095 switch (arg) {
1096 case TCIFLUSH:
1097 if (ld && ld->ops->flush_buffer)
1098 ld->ops->flush_buffer(tty);
1099 break;
1100 case TCIOFLUSH:
1101 if (ld && ld->ops->flush_buffer)
1102 ld->ops->flush_buffer(tty);
1103 /* fall through */
1104 case TCOFLUSH:
1105 tty_driver_flush_buffer(tty);
1106 break;
1107 default:
1108 tty_ldisc_deref(ld);
1109 return -EINVAL;
1110 }
1111 tty_ldisc_deref(ld);
1112 return 0;
1113}
1114EXPORT_SYMBOL_GPL(tty_perform_flush);
1115
1116int n_tty_ioctl_helper(struct tty_struct *tty, struct file *file,
1117 unsigned int cmd, unsigned long arg)
1118{
1119 unsigned long flags;
1120 int retval;
1121
1122 switch (cmd) {
1123 case TCXONC:
1124 retval = tty_check_change(tty);
1125 if (retval)
1126 return retval;
1127 switch (arg) {
1128 case TCOOFF:
1129 if (!tty->flow_stopped) {
1130 tty->flow_stopped = 1;
1131 stop_tty(tty);
1132 }
1133 break;
1134 case TCOON:
1135 if (tty->flow_stopped) {
1136 tty->flow_stopped = 0;
1137 start_tty(tty);
1138 }
1139 break;
1140 case TCIOFF:
1141 if (STOP_CHAR(tty) != __DISABLED_CHAR)
1142 return send_prio_char(tty, STOP_CHAR(tty));
1143 break;
1144 case TCION:
1145 if (START_CHAR(tty) != __DISABLED_CHAR)
1146 return send_prio_char(tty, START_CHAR(tty));
1147 break;
1148 default:
1149 return -EINVAL;
1150 }
1151 return 0;
1152 case TCFLSH:
1153 return tty_perform_flush(tty, arg);
1154 case TIOCPKT:
1155 {
1156 int pktmode;
1157
1158 if (tty->driver->type != TTY_DRIVER_TYPE_PTY ||
1159 tty->driver->subtype != PTY_TYPE_MASTER)
1160 return -ENOTTY;
1161 if (get_user(pktmode, (int __user *) arg))
1162 return -EFAULT;
1163 spin_lock_irqsave(&tty->ctrl_lock, flags);
1164 if (pktmode) {
1165 if (!tty->packet) {
1166 tty->packet = 1;
1167 tty->link->ctrl_status = 0;
1168 }
1169 } else
1170 tty->packet = 0;
1171 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
1172 return 0;
1173 }
1174 default:
1175 /* Try the mode commands */
1176 return tty_mode_ioctl(tty, file, cmd, arg);
1177 }
1178}
1179EXPORT_SYMBOL(n_tty_ioctl_helper);
diff --git a/drivers/char/tty_ldisc.c b/drivers/char/tty_ldisc.c
deleted file mode 100644
index 412f9775d19..00000000000
--- a/drivers/char/tty_ldisc.c
+++ /dev/null
@@ -1,915 +0,0 @@
1#include <linux/types.h>
2#include <linux/major.h>
3#include <linux/errno.h>
4#include <linux/signal.h>
5#include <linux/fcntl.h>
6#include <linux/sched.h>
7#include <linux/interrupt.h>
8#include <linux/tty.h>
9#include <linux/tty_driver.h>
10#include <linux/tty_flip.h>
11#include <linux/devpts_fs.h>
12#include <linux/file.h>
13#include <linux/console.h>
14#include <linux/timer.h>
15#include <linux/ctype.h>
16#include <linux/kd.h>
17#include <linux/mm.h>
18#include <linux/string.h>
19#include <linux/slab.h>
20#include <linux/poll.h>
21#include <linux/proc_fs.h>
22#include <linux/init.h>
23#include <linux/module.h>
24#include <linux/device.h>
25#include <linux/wait.h>
26#include <linux/bitops.h>
27#include <linux/delay.h>
28#include <linux/seq_file.h>
29
30#include <linux/uaccess.h>
31#include <asm/system.h>
32
33#include <linux/kbd_kern.h>
34#include <linux/vt_kern.h>
35#include <linux/selection.h>
36
37#include <linux/smp_lock.h> /* For the moment */
38
39#include <linux/kmod.h>
40#include <linux/nsproxy.h>
41
42/*
43 * This guards the refcounted line discipline lists. The lock
44 * must be taken with irqs off because there are hangup path
45 * callers who will do ldisc lookups and cannot sleep.
46 */
47
48static DEFINE_SPINLOCK(tty_ldisc_lock);
49static DECLARE_WAIT_QUEUE_HEAD(tty_ldisc_wait);
50/* Line disc dispatch table */
51static struct tty_ldisc_ops *tty_ldiscs[NR_LDISCS];
52
53static inline struct tty_ldisc *get_ldisc(struct tty_ldisc *ld)
54{
55 if (ld)
56 atomic_inc(&ld->users);
57 return ld;
58}
59
60static void put_ldisc(struct tty_ldisc *ld)
61{
62 unsigned long flags;
63
64 if (WARN_ON_ONCE(!ld))
65 return;
66
67 /*
68 * If this is the last user, free the ldisc, and
69 * release the ldisc ops.
70 *
71 * We really want an "atomic_dec_and_lock_irqsave()",
72 * but we don't have it, so this does it by hand.
73 */
74 local_irq_save(flags);
75 if (atomic_dec_and_lock(&ld->users, &tty_ldisc_lock)) {
76 struct tty_ldisc_ops *ldo = ld->ops;
77
78 ldo->refcount--;
79 module_put(ldo->owner);
80 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
81
82 kfree(ld);
83 return;
84 }
85 local_irq_restore(flags);
86}
87
88/**
89 * tty_register_ldisc - install a line discipline
90 * @disc: ldisc number
91 * @new_ldisc: pointer to the ldisc object
92 *
93 * Installs a new line discipline into the kernel. The discipline
94 * is set up as unreferenced and then made available to the kernel
95 * from this point onwards.
96 *
97 * Locking:
98 * takes tty_ldisc_lock to guard against ldisc races
99 */
100
101int tty_register_ldisc(int disc, struct tty_ldisc_ops *new_ldisc)
102{
103 unsigned long flags;
104 int ret = 0;
105
106 if (disc < N_TTY || disc >= NR_LDISCS)
107 return -EINVAL;
108
109 spin_lock_irqsave(&tty_ldisc_lock, flags);
110 tty_ldiscs[disc] = new_ldisc;
111 new_ldisc->num = disc;
112 new_ldisc->refcount = 0;
113 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
114
115 return ret;
116}
117EXPORT_SYMBOL(tty_register_ldisc);
118
119/**
120 * tty_unregister_ldisc - unload a line discipline
121 * @disc: ldisc number
122 * @new_ldisc: pointer to the ldisc object
123 *
124 * Remove a line discipline from the kernel providing it is not
125 * currently in use.
126 *
127 * Locking:
128 * takes tty_ldisc_lock to guard against ldisc races
129 */
130
131int tty_unregister_ldisc(int disc)
132{
133 unsigned long flags;
134 int ret = 0;
135
136 if (disc < N_TTY || disc >= NR_LDISCS)
137 return -EINVAL;
138
139 spin_lock_irqsave(&tty_ldisc_lock, flags);
140 if (tty_ldiscs[disc]->refcount)
141 ret = -EBUSY;
142 else
143 tty_ldiscs[disc] = NULL;
144 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
145
146 return ret;
147}
148EXPORT_SYMBOL(tty_unregister_ldisc);
149
150static struct tty_ldisc_ops *get_ldops(int disc)
151{
152 unsigned long flags;
153 struct tty_ldisc_ops *ldops, *ret;
154
155 spin_lock_irqsave(&tty_ldisc_lock, flags);
156 ret = ERR_PTR(-EINVAL);
157 ldops = tty_ldiscs[disc];
158 if (ldops) {
159 ret = ERR_PTR(-EAGAIN);
160 if (try_module_get(ldops->owner)) {
161 ldops->refcount++;
162 ret = ldops;
163 }
164 }
165 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
166 return ret;
167}
168
169static void put_ldops(struct tty_ldisc_ops *ldops)
170{
171 unsigned long flags;
172
173 spin_lock_irqsave(&tty_ldisc_lock, flags);
174 ldops->refcount--;
175 module_put(ldops->owner);
176 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
177}
178
179/**
180 * tty_ldisc_get - take a reference to an ldisc
181 * @disc: ldisc number
182 *
183 * Takes a reference to a line discipline. Deals with refcounts and
184 * module locking counts. Returns NULL if the discipline is not available.
185 * Returns a pointer to the discipline and bumps the ref count if it is
186 * available
187 *
188 * Locking:
189 * takes tty_ldisc_lock to guard against ldisc races
190 */
191
192static struct tty_ldisc *tty_ldisc_get(int disc)
193{
194 struct tty_ldisc *ld;
195 struct tty_ldisc_ops *ldops;
196
197 if (disc < N_TTY || disc >= NR_LDISCS)
198 return ERR_PTR(-EINVAL);
199
200 /*
201 * Get the ldisc ops - we may need to request them to be loaded
202 * dynamically and try again.
203 */
204 ldops = get_ldops(disc);
205 if (IS_ERR(ldops)) {
206 request_module("tty-ldisc-%d", disc);
207 ldops = get_ldops(disc);
208 if (IS_ERR(ldops))
209 return ERR_CAST(ldops);
210 }
211
212 ld = kmalloc(sizeof(struct tty_ldisc), GFP_KERNEL);
213 if (ld == NULL) {
214 put_ldops(ldops);
215 return ERR_PTR(-ENOMEM);
216 }
217
218 ld->ops = ldops;
219 atomic_set(&ld->users, 1);
220 return ld;
221}
222
223static void *tty_ldiscs_seq_start(struct seq_file *m, loff_t *pos)
224{
225 return (*pos < NR_LDISCS) ? pos : NULL;
226}
227
228static void *tty_ldiscs_seq_next(struct seq_file *m, void *v, loff_t *pos)
229{
230 (*pos)++;
231 return (*pos < NR_LDISCS) ? pos : NULL;
232}
233
234static void tty_ldiscs_seq_stop(struct seq_file *m, void *v)
235{
236}
237
238static int tty_ldiscs_seq_show(struct seq_file *m, void *v)
239{
240 int i = *(loff_t *)v;
241 struct tty_ldisc_ops *ldops;
242
243 ldops = get_ldops(i);
244 if (IS_ERR(ldops))
245 return 0;
246 seq_printf(m, "%-10s %2d\n", ldops->name ? ldops->name : "???", i);
247 put_ldops(ldops);
248 return 0;
249}
250
251static const struct seq_operations tty_ldiscs_seq_ops = {
252 .start = tty_ldiscs_seq_start,
253 .next = tty_ldiscs_seq_next,
254 .stop = tty_ldiscs_seq_stop,
255 .show = tty_ldiscs_seq_show,
256};
257
258static int proc_tty_ldiscs_open(struct inode *inode, struct file *file)
259{
260 return seq_open(file, &tty_ldiscs_seq_ops);
261}
262
263const struct file_operations tty_ldiscs_proc_fops = {
264 .owner = THIS_MODULE,
265 .open = proc_tty_ldiscs_open,
266 .read = seq_read,
267 .llseek = seq_lseek,
268 .release = seq_release,
269};
270
271/**
272 * tty_ldisc_assign - set ldisc on a tty
273 * @tty: tty to assign
274 * @ld: line discipline
275 *
276 * Install an instance of a line discipline into a tty structure. The
277 * ldisc must have a reference count above zero to ensure it remains.
278 * The tty instance refcount starts at zero.
279 *
280 * Locking:
281 * Caller must hold references
282 */
283
284static void tty_ldisc_assign(struct tty_struct *tty, struct tty_ldisc *ld)
285{
286 tty->ldisc = ld;
287}
288
289/**
290 * tty_ldisc_try - internal helper
291 * @tty: the tty
292 *
293 * Make a single attempt to grab and bump the refcount on
294 * the tty ldisc. Return 0 on failure or 1 on success. This is
295 * used to implement both the waiting and non waiting versions
296 * of tty_ldisc_ref
297 *
298 * Locking: takes tty_ldisc_lock
299 */
300
301static struct tty_ldisc *tty_ldisc_try(struct tty_struct *tty)
302{
303 unsigned long flags;
304 struct tty_ldisc *ld;
305
306 spin_lock_irqsave(&tty_ldisc_lock, flags);
307 ld = NULL;
308 if (test_bit(TTY_LDISC, &tty->flags))
309 ld = get_ldisc(tty->ldisc);
310 spin_unlock_irqrestore(&tty_ldisc_lock, flags);
311 return ld;
312}
313
314/**
315 * tty_ldisc_ref_wait - wait for the tty ldisc
316 * @tty: tty device
317 *
318 * Dereference the line discipline for the terminal and take a
319 * reference to it. If the line discipline is in flux then
320 * wait patiently until it changes.
321 *
322 * Note: Must not be called from an IRQ/timer context. The caller
323 * must also be careful not to hold other locks that will deadlock
324 * against a discipline change, such as an existing ldisc reference
325 * (which we check for)
326 *
327 * Locking: call functions take tty_ldisc_lock
328 */
329
330struct tty_ldisc *tty_ldisc_ref_wait(struct tty_struct *tty)
331{
332 struct tty_ldisc *ld;
333
334 /* wait_event is a macro */
335 wait_event(tty_ldisc_wait, (ld = tty_ldisc_try(tty)) != NULL);
336 return ld;
337}
338EXPORT_SYMBOL_GPL(tty_ldisc_ref_wait);
339
340/**
341 * tty_ldisc_ref - get the tty ldisc
342 * @tty: tty device
343 *
344 * Dereference the line discipline for the terminal and take a
345 * reference to it. If the line discipline is in flux then
346 * return NULL. Can be called from IRQ and timer functions.
347 *
348 * Locking: called functions take tty_ldisc_lock
349 */
350
351struct tty_ldisc *tty_ldisc_ref(struct tty_struct *tty)
352{
353 return tty_ldisc_try(tty);
354}
355EXPORT_SYMBOL_GPL(tty_ldisc_ref);
356
357/**
358 * tty_ldisc_deref - free a tty ldisc reference
359 * @ld: reference to free up
360 *
361 * Undoes the effect of tty_ldisc_ref or tty_ldisc_ref_wait. May
362 * be called in IRQ context.
363 *
364 * Locking: takes tty_ldisc_lock
365 */
366
367void tty_ldisc_deref(struct tty_ldisc *ld)
368{
369 put_ldisc(ld);
370}
371EXPORT_SYMBOL_GPL(tty_ldisc_deref);
372
373static inline void tty_ldisc_put(struct tty_ldisc *ld)
374{
375 put_ldisc(ld);
376}
377
378/**
379 * tty_ldisc_enable - allow ldisc use
380 * @tty: terminal to activate ldisc on
381 *
382 * Set the TTY_LDISC flag when the line discipline can be called
383 * again. Do necessary wakeups for existing sleepers. Clear the LDISC
384 * changing flag to indicate any ldisc change is now over.
385 *
386 * Note: nobody should set the TTY_LDISC bit except via this function.
387 * Clearing directly is allowed.
388 */
389
390void tty_ldisc_enable(struct tty_struct *tty)
391{
392 set_bit(TTY_LDISC, &tty->flags);
393 clear_bit(TTY_LDISC_CHANGING, &tty->flags);
394 wake_up(&tty_ldisc_wait);
395}
396
397/**
398 * tty_ldisc_flush - flush line discipline queue
399 * @tty: tty
400 *
401 * Flush the line discipline queue (if any) for this tty. If there
402 * is no line discipline active this is a no-op.
403 */
404
405void tty_ldisc_flush(struct tty_struct *tty)
406{
407 struct tty_ldisc *ld = tty_ldisc_ref(tty);
408 if (ld) {
409 if (ld->ops->flush_buffer)
410 ld->ops->flush_buffer(tty);
411 tty_ldisc_deref(ld);
412 }
413 tty_buffer_flush(tty);
414}
415EXPORT_SYMBOL_GPL(tty_ldisc_flush);
416
417/**
418 * tty_set_termios_ldisc - set ldisc field
419 * @tty: tty structure
420 * @num: line discipline number
421 *
422 * This is probably overkill for real world processors but
423 * they are not on hot paths so a little discipline won't do
424 * any harm.
425 *
426 * Locking: takes termios_mutex
427 */
428
429static void tty_set_termios_ldisc(struct tty_struct *tty, int num)
430{
431 mutex_lock(&tty->termios_mutex);
432 tty->termios->c_line = num;
433 mutex_unlock(&tty->termios_mutex);
434}
435
436/**
437 * tty_ldisc_open - open a line discipline
438 * @tty: tty we are opening the ldisc on
439 * @ld: discipline to open
440 *
441 * A helper opening method. Also a convenient debugging and check
442 * point.
443 *
444 * Locking: always called with BTM already held.
445 */
446
447static int tty_ldisc_open(struct tty_struct *tty, struct tty_ldisc *ld)
448{
449 WARN_ON(test_and_set_bit(TTY_LDISC_OPEN, &tty->flags));
450 if (ld->ops->open) {
451 int ret;
452 /* BTM here locks versus a hangup event */
453 WARN_ON(!tty_locked());
454 ret = ld->ops->open(tty);
455 return ret;
456 }
457 return 0;
458}
459
460/**
461 * tty_ldisc_close - close a line discipline
462 * @tty: tty we are opening the ldisc on
463 * @ld: discipline to close
464 *
465 * A helper close method. Also a convenient debugging and check
466 * point.
467 */
468
469static void tty_ldisc_close(struct tty_struct *tty, struct tty_ldisc *ld)
470{
471 WARN_ON(!test_bit(TTY_LDISC_OPEN, &tty->flags));
472 clear_bit(TTY_LDISC_OPEN, &tty->flags);
473 if (ld->ops->close)
474 ld->ops->close(tty);
475}
476
477/**
478 * tty_ldisc_restore - helper for tty ldisc change
479 * @tty: tty to recover
480 * @old: previous ldisc
481 *
482 * Restore the previous line discipline or N_TTY when a line discipline
483 * change fails due to an open error
484 */
485
486static void tty_ldisc_restore(struct tty_struct *tty, struct tty_ldisc *old)
487{
488 char buf[64];
489 struct tty_ldisc *new_ldisc;
490 int r;
491
492 /* There is an outstanding reference here so this is safe */
493 old = tty_ldisc_get(old->ops->num);
494 WARN_ON(IS_ERR(old));
495 tty_ldisc_assign(tty, old);
496 tty_set_termios_ldisc(tty, old->ops->num);
497 if (tty_ldisc_open(tty, old) < 0) {
498 tty_ldisc_put(old);
499 /* This driver is always present */
500 new_ldisc = tty_ldisc_get(N_TTY);
501 if (IS_ERR(new_ldisc))
502 panic("n_tty: get");
503 tty_ldisc_assign(tty, new_ldisc);
504 tty_set_termios_ldisc(tty, N_TTY);
505 r = tty_ldisc_open(tty, new_ldisc);
506 if (r < 0)
507 panic("Couldn't open N_TTY ldisc for "
508 "%s --- error %d.",
509 tty_name(tty, buf), r);
510 }
511}
512
513/**
514 * tty_ldisc_halt - shut down the line discipline
515 * @tty: tty device
516 *
517 * Shut down the line discipline and work queue for this tty device.
518 * The TTY_LDISC flag being cleared ensures no further references can
519 * be obtained while the delayed work queue halt ensures that no more
520 * data is fed to the ldisc.
521 *
522 * You need to do a 'flush_scheduled_work()' (outside the ldisc_mutex)
523 * in order to make sure any currently executing ldisc work is also
524 * flushed.
525 */
526
527static int tty_ldisc_halt(struct tty_struct *tty)
528{
529 clear_bit(TTY_LDISC, &tty->flags);
530 return cancel_delayed_work_sync(&tty->buf.work);
531}
532
533/**
534 * tty_set_ldisc - set line discipline
535 * @tty: the terminal to set
536 * @ldisc: the line discipline
537 *
538 * Set the discipline of a tty line. Must be called from a process
539 * context. The ldisc change logic has to protect itself against any
540 * overlapping ldisc change (including on the other end of pty pairs),
541 * the close of one side of a tty/pty pair, and eventually hangup.
542 *
543 * Locking: takes tty_ldisc_lock, termios_mutex
544 */
545
546int tty_set_ldisc(struct tty_struct *tty, int ldisc)
547{
548 int retval;
549 struct tty_ldisc *o_ldisc, *new_ldisc;
550 int work, o_work = 0;
551 struct tty_struct *o_tty;
552
553 new_ldisc = tty_ldisc_get(ldisc);
554 if (IS_ERR(new_ldisc))
555 return PTR_ERR(new_ldisc);
556
557 tty_lock();
558 /*
559 * We need to look at the tty locking here for pty/tty pairs
560 * when both sides try to change in parallel.
561 */
562
563 o_tty = tty->link; /* o_tty is the pty side or NULL */
564
565
566 /*
567 * Check the no-op case
568 */
569
570 if (tty->ldisc->ops->num == ldisc) {
571 tty_unlock();
572 tty_ldisc_put(new_ldisc);
573 return 0;
574 }
575
576 tty_unlock();
577 /*
578 * Problem: What do we do if this blocks ?
579 * We could deadlock here
580 */
581
582 tty_wait_until_sent(tty, 0);
583
584 tty_lock();
585 mutex_lock(&tty->ldisc_mutex);
586
587 /*
588 * We could be midstream of another ldisc change which has
589 * dropped the lock during processing. If so we need to wait.
590 */
591
592 while (test_bit(TTY_LDISC_CHANGING, &tty->flags)) {
593 mutex_unlock(&tty->ldisc_mutex);
594 tty_unlock();
595 wait_event(tty_ldisc_wait,
596 test_bit(TTY_LDISC_CHANGING, &tty->flags) == 0);
597 tty_lock();
598 mutex_lock(&tty->ldisc_mutex);
599 }
600
601 set_bit(TTY_LDISC_CHANGING, &tty->flags);
602
603 /*
604 * No more input please, we are switching. The new ldisc
605 * will update this value in the ldisc open function
606 */
607
608 tty->receive_room = 0;
609
610 o_ldisc = tty->ldisc;
611
612 tty_unlock();
613 /*
614 * Make sure we don't change while someone holds a
615 * reference to the line discipline. The TTY_LDISC bit
616 * prevents anyone taking a reference once it is clear.
617 * We need the lock to avoid racing reference takers.
618 *
619 * We must clear the TTY_LDISC bit here to avoid a livelock
620 * with a userspace app continually trying to use the tty in
621 * parallel to the change and re-referencing the tty.
622 */
623
624 work = tty_ldisc_halt(tty);
625 if (o_tty)
626 o_work = tty_ldisc_halt(o_tty);
627
628 /*
629 * Wait for ->hangup_work and ->buf.work handlers to terminate.
630 * We must drop the mutex here in case a hangup is also in process.
631 */
632
633 mutex_unlock(&tty->ldisc_mutex);
634
635 flush_scheduled_work();
636
637 tty_lock();
638 mutex_lock(&tty->ldisc_mutex);
639 if (test_bit(TTY_HUPPED, &tty->flags)) {
640 /* We were raced by the hangup method. It will have stomped
641 the ldisc data and closed the ldisc down */
642 clear_bit(TTY_LDISC_CHANGING, &tty->flags);
643 mutex_unlock(&tty->ldisc_mutex);
644 tty_ldisc_put(new_ldisc);
645 tty_unlock();
646 return -EIO;
647 }
648
649 /* Shutdown the current discipline. */
650 tty_ldisc_close(tty, o_ldisc);
651
652 /* Now set up the new line discipline. */
653 tty_ldisc_assign(tty, new_ldisc);
654 tty_set_termios_ldisc(tty, ldisc);
655
656 retval = tty_ldisc_open(tty, new_ldisc);
657 if (retval < 0) {
658 /* Back to the old one or N_TTY if we can't */
659 tty_ldisc_put(new_ldisc);
660 tty_ldisc_restore(tty, o_ldisc);
661 }
662
663 /* At this point we hold a reference to the new ldisc and a
664 a reference to the old ldisc. If we ended up flipping back
665 to the existing ldisc we have two references to it */
666
667 if (tty->ldisc->ops->num != o_ldisc->ops->num && tty->ops->set_ldisc)
668 tty->ops->set_ldisc(tty);
669
670 tty_ldisc_put(o_ldisc);
671
672 /*
673 * Allow ldisc referencing to occur again
674 */
675
676 tty_ldisc_enable(tty);
677 if (o_tty)
678 tty_ldisc_enable(o_tty);
679
680 /* Restart the work queue in case no characters kick it off. Safe if
681 already running */
682 if (work)
683 schedule_delayed_work(&tty->buf.work, 1);
684 if (o_work)
685 schedule_delayed_work(&o_tty->buf.work, 1);
686 mutex_unlock(&tty->ldisc_mutex);
687 tty_unlock();
688 return retval;
689}
690
691/**
692 * tty_reset_termios - reset terminal state
693 * @tty: tty to reset
694 *
695 * Restore a terminal to the driver default state.
696 */
697
698static void tty_reset_termios(struct tty_struct *tty)
699{
700 mutex_lock(&tty->termios_mutex);
701 *tty->termios = tty->driver->init_termios;
702 tty->termios->c_ispeed = tty_termios_input_baud_rate(tty->termios);
703 tty->termios->c_ospeed = tty_termios_baud_rate(tty->termios);
704 mutex_unlock(&tty->termios_mutex);
705}
706
707
708/**
709 * tty_ldisc_reinit - reinitialise the tty ldisc
710 * @tty: tty to reinit
711 * @ldisc: line discipline to reinitialize
712 *
713 * Switch the tty to a line discipline and leave the ldisc
714 * state closed
715 */
716
717static void tty_ldisc_reinit(struct tty_struct *tty, int ldisc)
718{
719 struct tty_ldisc *ld;
720
721 tty_ldisc_close(tty, tty->ldisc);
722 tty_ldisc_put(tty->ldisc);
723 tty->ldisc = NULL;
724 /*
725 * Switch the line discipline back
726 */
727 ld = tty_ldisc_get(ldisc);
728 BUG_ON(IS_ERR(ld));
729 tty_ldisc_assign(tty, ld);
730 tty_set_termios_ldisc(tty, ldisc);
731}
732
733/**
734 * tty_ldisc_hangup - hangup ldisc reset
735 * @tty: tty being hung up
736 *
737 * Some tty devices reset their termios when they receive a hangup
738 * event. In that situation we must also switch back to N_TTY properly
739 * before we reset the termios data.
740 *
741 * Locking: We can take the ldisc mutex as the rest of the code is
742 * careful to allow for this.
743 *
744 * In the pty pair case this occurs in the close() path of the
745 * tty itself so we must be careful about locking rules.
746 */
747
748void tty_ldisc_hangup(struct tty_struct *tty)
749{
750 struct tty_ldisc *ld;
751 int reset = tty->driver->flags & TTY_DRIVER_RESET_TERMIOS;
752 int err = 0;
753
754 /*
755 * FIXME! What are the locking issues here? This may me overdoing
756 * things... This question is especially important now that we've
757 * removed the irqlock.
758 */
759 ld = tty_ldisc_ref(tty);
760 if (ld != NULL) {
761 /* We may have no line discipline at this point */
762 if (ld->ops->flush_buffer)
763 ld->ops->flush_buffer(tty);
764 tty_driver_flush_buffer(tty);
765 if ((test_bit(TTY_DO_WRITE_WAKEUP, &tty->flags)) &&
766 ld->ops->write_wakeup)
767 ld->ops->write_wakeup(tty);
768 if (ld->ops->hangup)
769 ld->ops->hangup(tty);
770 tty_ldisc_deref(ld);
771 }
772 /*
773 * FIXME: Once we trust the LDISC code better we can wait here for
774 * ldisc completion and fix the driver call race
775 */
776 wake_up_interruptible_poll(&tty->write_wait, POLLOUT);
777 wake_up_interruptible_poll(&tty->read_wait, POLLIN);
778 /*
779 * Shutdown the current line discipline, and reset it to
780 * N_TTY if need be.
781 *
782 * Avoid racing set_ldisc or tty_ldisc_release
783 */
784 mutex_lock(&tty->ldisc_mutex);
785
786 /*
787 * this is like tty_ldisc_halt, but we need to give up
788 * the BTM before calling cancel_delayed_work_sync,
789 * which may need to wait for another function taking the BTM
790 */
791 clear_bit(TTY_LDISC, &tty->flags);
792 tty_unlock();
793 cancel_delayed_work_sync(&tty->buf.work);
794 mutex_unlock(&tty->ldisc_mutex);
795
796 tty_lock();
797 mutex_lock(&tty->ldisc_mutex);
798
799 /* At this point we have a closed ldisc and we want to
800 reopen it. We could defer this to the next open but
801 it means auditing a lot of other paths so this is
802 a FIXME */
803 if (tty->ldisc) { /* Not yet closed */
804 if (reset == 0) {
805 tty_ldisc_reinit(tty, tty->termios->c_line);
806 err = tty_ldisc_open(tty, tty->ldisc);
807 }
808 /* If the re-open fails or we reset then go to N_TTY. The
809 N_TTY open cannot fail */
810 if (reset || err) {
811 tty_ldisc_reinit(tty, N_TTY);
812 WARN_ON(tty_ldisc_open(tty, tty->ldisc));
813 }
814 tty_ldisc_enable(tty);
815 }
816 mutex_unlock(&tty->ldisc_mutex);
817 if (reset)
818 tty_reset_termios(tty);
819}
820
821/**
822 * tty_ldisc_setup - open line discipline
823 * @tty: tty being shut down
824 * @o_tty: pair tty for pty/tty pairs
825 *
826 * Called during the initial open of a tty/pty pair in order to set up the
827 * line disciplines and bind them to the tty. This has no locking issues
828 * as the device isn't yet active.
829 */
830
831int tty_ldisc_setup(struct tty_struct *tty, struct tty_struct *o_tty)
832{
833 struct tty_ldisc *ld = tty->ldisc;
834 int retval;
835
836 retval = tty_ldisc_open(tty, ld);
837 if (retval)
838 return retval;
839
840 if (o_tty) {
841 retval = tty_ldisc_open(o_tty, o_tty->ldisc);
842 if (retval) {
843 tty_ldisc_close(tty, ld);
844 return retval;
845 }
846 tty_ldisc_enable(o_tty);
847 }
848 tty_ldisc_enable(tty);
849 return 0;
850}
851/**
852 * tty_ldisc_release - release line discipline
853 * @tty: tty being shut down
854 * @o_tty: pair tty for pty/tty pairs
855 *
856 * Called during the final close of a tty/pty pair in order to shut down
857 * the line discpline layer. On exit the ldisc assigned is N_TTY and the
858 * ldisc has not been opened.
859 */
860
861void tty_ldisc_release(struct tty_struct *tty, struct tty_struct *o_tty)
862{
863 /*
864 * Prevent flush_to_ldisc() from rescheduling the work for later. Then
865 * kill any delayed work. As this is the final close it does not
866 * race with the set_ldisc code path.
867 */
868
869 tty_unlock();
870 tty_ldisc_halt(tty);
871 flush_scheduled_work();
872 tty_lock();
873
874 mutex_lock(&tty->ldisc_mutex);
875 /*
876 * Now kill off the ldisc
877 */
878 tty_ldisc_close(tty, tty->ldisc);
879 tty_ldisc_put(tty->ldisc);
880 /* Force an oops if we mess this up */
881 tty->ldisc = NULL;
882
883 /* Ensure the next open requests the N_TTY ldisc */
884 tty_set_termios_ldisc(tty, N_TTY);
885 mutex_unlock(&tty->ldisc_mutex);
886
887 /* This will need doing differently if we need to lock */
888 if (o_tty)
889 tty_ldisc_release(o_tty, NULL);
890
891 /* And the memory resources remaining (buffers, termios) will be
892 disposed of when the kref hits zero */
893}
894
895/**
896 * tty_ldisc_init - ldisc setup for new tty
897 * @tty: tty being allocated
898 *
899 * Set up the line discipline objects for a newly allocated tty. Note that
900 * the tty structure is not completely set up when this call is made.
901 */
902
903void tty_ldisc_init(struct tty_struct *tty)
904{
905 struct tty_ldisc *ld = tty_ldisc_get(N_TTY);
906 if (IS_ERR(ld))
907 panic("n_tty: init_tty");
908 tty_ldisc_assign(tty, ld);
909}
910
911void tty_ldisc_begin(void)
912{
913 /* Setup the default TTY line discipline. */
914 (void) tty_register_ldisc(N_TTY, &tty_ldisc_N_TTY);
915}
diff --git a/drivers/char/tty_mutex.c b/drivers/char/tty_mutex.c
deleted file mode 100644
index 133697540c7..00000000000
--- a/drivers/char/tty_mutex.c
+++ /dev/null
@@ -1,47 +0,0 @@
1/*
2 * drivers/char/tty_lock.c
3 */
4#include <linux/tty.h>
5#include <linux/module.h>
6#include <linux/kallsyms.h>
7#include <linux/semaphore.h>
8#include <linux/sched.h>
9
10/*
11 * The 'big tty mutex'
12 *
13 * This mutex is taken and released by tty_lock() and tty_unlock(),
14 * replacing the older big kernel lock.
15 * It can no longer be taken recursively, and does not get
16 * released implicitly while sleeping.
17 *
18 * Don't use in new code.
19 */
20static DEFINE_MUTEX(big_tty_mutex);
21struct task_struct *__big_tty_mutex_owner;
22EXPORT_SYMBOL_GPL(__big_tty_mutex_owner);
23
24/*
25 * Getting the big tty mutex.
26 */
27void __lockfunc tty_lock(void)
28{
29 struct task_struct *task = current;
30
31 WARN_ON(__big_tty_mutex_owner == task);
32
33 mutex_lock(&big_tty_mutex);
34 __big_tty_mutex_owner = task;
35}
36EXPORT_SYMBOL(tty_lock);
37
38void __lockfunc tty_unlock(void)
39{
40 struct task_struct *task = current;
41
42 WARN_ON(__big_tty_mutex_owner != task);
43 __big_tty_mutex_owner = NULL;
44
45 mutex_unlock(&big_tty_mutex);
46}
47EXPORT_SYMBOL(tty_unlock);
diff --git a/drivers/char/tty_port.c b/drivers/char/tty_port.c
deleted file mode 100644
index 33d37d230f8..00000000000
--- a/drivers/char/tty_port.c
+++ /dev/null
@@ -1,446 +0,0 @@
1/*
2 * Tty port functions
3 */
4
5#include <linux/types.h>
6#include <linux/errno.h>
7#include <linux/tty.h>
8#include <linux/tty_driver.h>
9#include <linux/tty_flip.h>
10#include <linux/serial.h>
11#include <linux/timer.h>
12#include <linux/string.h>
13#include <linux/slab.h>
14#include <linux/sched.h>
15#include <linux/init.h>
16#include <linux/wait.h>
17#include <linux/bitops.h>
18#include <linux/delay.h>
19#include <linux/module.h>
20
21void tty_port_init(struct tty_port *port)
22{
23 memset(port, 0, sizeof(*port));
24 init_waitqueue_head(&port->open_wait);
25 init_waitqueue_head(&port->close_wait);
26 init_waitqueue_head(&port->delta_msr_wait);
27 mutex_init(&port->mutex);
28 mutex_init(&port->buf_mutex);
29 spin_lock_init(&port->lock);
30 port->close_delay = (50 * HZ) / 100;
31 port->closing_wait = (3000 * HZ) / 100;
32 kref_init(&port->kref);
33}
34EXPORT_SYMBOL(tty_port_init);
35
36int tty_port_alloc_xmit_buf(struct tty_port *port)
37{
38 /* We may sleep in get_zeroed_page() */
39 mutex_lock(&port->buf_mutex);
40 if (port->xmit_buf == NULL)
41 port->xmit_buf = (unsigned char *)get_zeroed_page(GFP_KERNEL);
42 mutex_unlock(&port->buf_mutex);
43 if (port->xmit_buf == NULL)
44 return -ENOMEM;
45 return 0;
46}
47EXPORT_SYMBOL(tty_port_alloc_xmit_buf);
48
49void tty_port_free_xmit_buf(struct tty_port *port)
50{
51 mutex_lock(&port->buf_mutex);
52 if (port->xmit_buf != NULL) {
53 free_page((unsigned long)port->xmit_buf);
54 port->xmit_buf = NULL;
55 }
56 mutex_unlock(&port->buf_mutex);
57}
58EXPORT_SYMBOL(tty_port_free_xmit_buf);
59
60static void tty_port_destructor(struct kref *kref)
61{
62 struct tty_port *port = container_of(kref, struct tty_port, kref);
63 if (port->xmit_buf)
64 free_page((unsigned long)port->xmit_buf);
65 if (port->ops->destruct)
66 port->ops->destruct(port);
67 else
68 kfree(port);
69}
70
71void tty_port_put(struct tty_port *port)
72{
73 if (port)
74 kref_put(&port->kref, tty_port_destructor);
75}
76EXPORT_SYMBOL(tty_port_put);
77
78/**
79 * tty_port_tty_get - get a tty reference
80 * @port: tty port
81 *
82 * Return a refcount protected tty instance or NULL if the port is not
83 * associated with a tty (eg due to close or hangup)
84 */
85
86struct tty_struct *tty_port_tty_get(struct tty_port *port)
87{
88 unsigned long flags;
89 struct tty_struct *tty;
90
91 spin_lock_irqsave(&port->lock, flags);
92 tty = tty_kref_get(port->tty);
93 spin_unlock_irqrestore(&port->lock, flags);
94 return tty;
95}
96EXPORT_SYMBOL(tty_port_tty_get);
97
98/**
99 * tty_port_tty_set - set the tty of a port
100 * @port: tty port
101 * @tty: the tty
102 *
103 * Associate the port and tty pair. Manages any internal refcounts.
104 * Pass NULL to deassociate a port
105 */
106
107void tty_port_tty_set(struct tty_port *port, struct tty_struct *tty)
108{
109 unsigned long flags;
110
111 spin_lock_irqsave(&port->lock, flags);
112 if (port->tty)
113 tty_kref_put(port->tty);
114 port->tty = tty_kref_get(tty);
115 spin_unlock_irqrestore(&port->lock, flags);
116}
117EXPORT_SYMBOL(tty_port_tty_set);
118
119static void tty_port_shutdown(struct tty_port *port)
120{
121 mutex_lock(&port->mutex);
122 if (port->ops->shutdown && !port->console &&
123 test_and_clear_bit(ASYNCB_INITIALIZED, &port->flags))
124 port->ops->shutdown(port);
125 mutex_unlock(&port->mutex);
126}
127
128/**
129 * tty_port_hangup - hangup helper
130 * @port: tty port
131 *
132 * Perform port level tty hangup flag and count changes. Drop the tty
133 * reference.
134 */
135
136void tty_port_hangup(struct tty_port *port)
137{
138 unsigned long flags;
139
140 spin_lock_irqsave(&port->lock, flags);
141 port->count = 0;
142 port->flags &= ~ASYNC_NORMAL_ACTIVE;
143 if (port->tty) {
144 set_bit(TTY_IO_ERROR, &port->tty->flags);
145 tty_kref_put(port->tty);
146 }
147 port->tty = NULL;
148 spin_unlock_irqrestore(&port->lock, flags);
149 wake_up_interruptible(&port->open_wait);
150 wake_up_interruptible(&port->delta_msr_wait);
151 tty_port_shutdown(port);
152}
153EXPORT_SYMBOL(tty_port_hangup);
154
155/**
156 * tty_port_carrier_raised - carrier raised check
157 * @port: tty port
158 *
159 * Wrapper for the carrier detect logic. For the moment this is used
160 * to hide some internal details. This will eventually become entirely
161 * internal to the tty port.
162 */
163
164int tty_port_carrier_raised(struct tty_port *port)
165{
166 if (port->ops->carrier_raised == NULL)
167 return 1;
168 return port->ops->carrier_raised(port);
169}
170EXPORT_SYMBOL(tty_port_carrier_raised);
171
172/**
173 * tty_port_raise_dtr_rts - Raise DTR/RTS
174 * @port: tty port
175 *
176 * Wrapper for the DTR/RTS raise logic. For the moment this is used
177 * to hide some internal details. This will eventually become entirely
178 * internal to the tty port.
179 */
180
181void tty_port_raise_dtr_rts(struct tty_port *port)
182{
183 if (port->ops->dtr_rts)
184 port->ops->dtr_rts(port, 1);
185}
186EXPORT_SYMBOL(tty_port_raise_dtr_rts);
187
188/**
189 * tty_port_lower_dtr_rts - Lower DTR/RTS
190 * @port: tty port
191 *
192 * Wrapper for the DTR/RTS raise logic. For the moment this is used
193 * to hide some internal details. This will eventually become entirely
194 * internal to the tty port.
195 */
196
197void tty_port_lower_dtr_rts(struct tty_port *port)
198{
199 if (port->ops->dtr_rts)
200 port->ops->dtr_rts(port, 0);
201}
202EXPORT_SYMBOL(tty_port_lower_dtr_rts);
203
204/**
205 * tty_port_block_til_ready - Waiting logic for tty open
206 * @port: the tty port being opened
207 * @tty: the tty device being bound
208 * @filp: the file pointer of the opener
209 *
210 * Implement the core POSIX/SuS tty behaviour when opening a tty device.
211 * Handles:
212 * - hangup (both before and during)
213 * - non blocking open
214 * - rts/dtr/dcd
215 * - signals
216 * - port flags and counts
217 *
218 * The passed tty_port must implement the carrier_raised method if it can
219 * do carrier detect and the dtr_rts method if it supports software
220 * management of these lines. Note that the dtr/rts raise is done each
221 * iteration as a hangup may have previously dropped them while we wait.
222 */
223
224int tty_port_block_til_ready(struct tty_port *port,
225 struct tty_struct *tty, struct file *filp)
226{
227 int do_clocal = 0, retval;
228 unsigned long flags;
229 DEFINE_WAIT(wait);
230 int cd;
231
232 /* block if port is in the process of being closed */
233 if (tty_hung_up_p(filp) || port->flags & ASYNC_CLOSING) {
234 wait_event_interruptible_tty(port->close_wait,
235 !(port->flags & ASYNC_CLOSING));
236 if (port->flags & ASYNC_HUP_NOTIFY)
237 return -EAGAIN;
238 else
239 return -ERESTARTSYS;
240 }
241
242 /* if non-blocking mode is set we can pass directly to open unless
243 the port has just hung up or is in another error state */
244 if (tty->flags & (1 << TTY_IO_ERROR)) {
245 port->flags |= ASYNC_NORMAL_ACTIVE;
246 return 0;
247 }
248 if (filp->f_flags & O_NONBLOCK) {
249 /* Indicate we are open */
250 if (tty->termios->c_cflag & CBAUD)
251 tty_port_raise_dtr_rts(port);
252 port->flags |= ASYNC_NORMAL_ACTIVE;
253 return 0;
254 }
255
256 if (C_CLOCAL(tty))
257 do_clocal = 1;
258
259 /* Block waiting until we can proceed. We may need to wait for the
260 carrier, but we must also wait for any close that is in progress
261 before the next open may complete */
262
263 retval = 0;
264
265 /* The port lock protects the port counts */
266 spin_lock_irqsave(&port->lock, flags);
267 if (!tty_hung_up_p(filp))
268 port->count--;
269 port->blocked_open++;
270 spin_unlock_irqrestore(&port->lock, flags);
271
272 while (1) {
273 /* Indicate we are open */
274 if (tty->termios->c_cflag & CBAUD)
275 tty_port_raise_dtr_rts(port);
276
277 prepare_to_wait(&port->open_wait, &wait, TASK_INTERRUPTIBLE);
278 /* Check for a hangup or uninitialised port.
279 Return accordingly */
280 if (tty_hung_up_p(filp) || !(port->flags & ASYNC_INITIALIZED)) {
281 if (port->flags & ASYNC_HUP_NOTIFY)
282 retval = -EAGAIN;
283 else
284 retval = -ERESTARTSYS;
285 break;
286 }
287 /* Probe the carrier. For devices with no carrier detect this
288 will always return true */
289 cd = tty_port_carrier_raised(port);
290 if (!(port->flags & ASYNC_CLOSING) &&
291 (do_clocal || cd))
292 break;
293 if (signal_pending(current)) {
294 retval = -ERESTARTSYS;
295 break;
296 }
297 tty_unlock();
298 schedule();
299 tty_lock();
300 }
301 finish_wait(&port->open_wait, &wait);
302
303 /* Update counts. A parallel hangup will have set count to zero and
304 we must not mess that up further */
305 spin_lock_irqsave(&port->lock, flags);
306 if (!tty_hung_up_p(filp))
307 port->count++;
308 port->blocked_open--;
309 if (retval == 0)
310 port->flags |= ASYNC_NORMAL_ACTIVE;
311 spin_unlock_irqrestore(&port->lock, flags);
312 return retval;
313}
314EXPORT_SYMBOL(tty_port_block_til_ready);
315
316int tty_port_close_start(struct tty_port *port,
317 struct tty_struct *tty, struct file *filp)
318{
319 unsigned long flags;
320
321 spin_lock_irqsave(&port->lock, flags);
322 if (tty_hung_up_p(filp)) {
323 spin_unlock_irqrestore(&port->lock, flags);
324 return 0;
325 }
326
327 if (tty->count == 1 && port->count != 1) {
328 printk(KERN_WARNING
329 "tty_port_close_start: tty->count = 1 port count = %d.\n",
330 port->count);
331 port->count = 1;
332 }
333 if (--port->count < 0) {
334 printk(KERN_WARNING "tty_port_close_start: count = %d\n",
335 port->count);
336 port->count = 0;
337 }
338
339 if (port->count) {
340 spin_unlock_irqrestore(&port->lock, flags);
341 if (port->ops->drop)
342 port->ops->drop(port);
343 return 0;
344 }
345 set_bit(ASYNCB_CLOSING, &port->flags);
346 tty->closing = 1;
347 spin_unlock_irqrestore(&port->lock, flags);
348 /* Don't block on a stalled port, just pull the chain */
349 if (tty->flow_stopped)
350 tty_driver_flush_buffer(tty);
351 if (test_bit(ASYNCB_INITIALIZED, &port->flags) &&
352 port->closing_wait != ASYNC_CLOSING_WAIT_NONE)
353 tty_wait_until_sent(tty, port->closing_wait);
354 if (port->drain_delay) {
355 unsigned int bps = tty_get_baud_rate(tty);
356 long timeout;
357
358 if (bps > 1200)
359 timeout = max_t(long,
360 (HZ * 10 * port->drain_delay) / bps, HZ / 10);
361 else
362 timeout = 2 * HZ;
363 schedule_timeout_interruptible(timeout);
364 }
365 /* Flush the ldisc buffering */
366 tty_ldisc_flush(tty);
367
368 /* Drop DTR/RTS if HUPCL is set. This causes any attached modem to
369 hang up the line */
370 if (tty->termios->c_cflag & HUPCL)
371 tty_port_lower_dtr_rts(port);
372
373 /* Don't call port->drop for the last reference. Callers will want
374 to drop the last active reference in ->shutdown() or the tty
375 shutdown path */
376 return 1;
377}
378EXPORT_SYMBOL(tty_port_close_start);
379
380void tty_port_close_end(struct tty_port *port, struct tty_struct *tty)
381{
382 unsigned long flags;
383
384 spin_lock_irqsave(&port->lock, flags);
385 tty->closing = 0;
386
387 if (port->blocked_open) {
388 spin_unlock_irqrestore(&port->lock, flags);
389 if (port->close_delay) {
390 msleep_interruptible(
391 jiffies_to_msecs(port->close_delay));
392 }
393 spin_lock_irqsave(&port->lock, flags);
394 wake_up_interruptible(&port->open_wait);
395 }
396 port->flags &= ~(ASYNC_NORMAL_ACTIVE | ASYNC_CLOSING);
397 wake_up_interruptible(&port->close_wait);
398 spin_unlock_irqrestore(&port->lock, flags);
399}
400EXPORT_SYMBOL(tty_port_close_end);
401
402void tty_port_close(struct tty_port *port, struct tty_struct *tty,
403 struct file *filp)
404{
405 if (tty_port_close_start(port, tty, filp) == 0)
406 return;
407 tty_port_shutdown(port);
408 set_bit(TTY_IO_ERROR, &tty->flags);
409 tty_port_close_end(port, tty);
410 tty_port_tty_set(port, NULL);
411}
412EXPORT_SYMBOL(tty_port_close);
413
414int tty_port_open(struct tty_port *port, struct tty_struct *tty,
415 struct file *filp)
416{
417 spin_lock_irq(&port->lock);
418 if (!tty_hung_up_p(filp))
419 ++port->count;
420 spin_unlock_irq(&port->lock);
421 tty_port_tty_set(port, tty);
422
423 /*
424 * Do the device-specific open only if the hardware isn't
425 * already initialized. Serialize open and shutdown using the
426 * port mutex.
427 */
428
429 mutex_lock(&port->mutex);
430
431 if (!test_bit(ASYNCB_INITIALIZED, &port->flags)) {
432 clear_bit(TTY_IO_ERROR, &tty->flags);
433 if (port->ops->activate) {
434 int retval = port->ops->activate(port, tty);
435 if (retval) {
436 mutex_unlock(&port->mutex);
437 return retval;
438 }
439 }
440 set_bit(ASYNCB_INITIALIZED, &port->flags);
441 }
442 mutex_unlock(&port->mutex);
443 return tty_port_block_til_ready(port, tty, filp);
444}
445
446EXPORT_SYMBOL(tty_port_open);