pty.c 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * Copyright (C) 1991, 1992 Linus Torvalds
  4. *
  5. * Added support for a Unix98-style ptmx device.
  6. * -- C. Scott Ananian <cananian@alumni.princeton.edu>, 14-Jan-1998
  7. *
  8. */
  9. #include <linux/module.h>
  10. #include <linux/errno.h>
  11. #include <linux/interrupt.h>
  12. #include <linux/tty.h>
  13. #include <linux/tty_flip.h>
  14. #include <linux/fcntl.h>
  15. #include <linux/sched/signal.h>
  16. #include <linux/string.h>
  17. #include <linux/major.h>
  18. #include <linux/mm.h>
  19. #include <linux/init.h>
  20. #include <linux/device.h>
  21. #include <linux/uaccess.h>
  22. #include <linux/bitops.h>
  23. #include <linux/devpts_fs.h>
  24. #include <linux/slab.h>
  25. #include <linux/mutex.h>
  26. #include <linux/poll.h>
  27. #include <linux/mount.h>
  28. #include <linux/file.h>
  29. #include <linux/ioctl.h>
  30. #include <linux/compat.h>
  31. #include "tty.h"
  32. #undef TTY_DEBUG_HANGUP
  33. #ifdef TTY_DEBUG_HANGUP
  34. # define tty_debug_hangup(tty, f, args...) tty_debug(tty, f, ##args)
  35. #else
  36. # define tty_debug_hangup(tty, f, args...) do {} while (0)
  37. #endif
  38. #ifdef CONFIG_UNIX98_PTYS
  39. static struct tty_driver *ptm_driver;
  40. static struct tty_driver *pts_driver;
  41. static DEFINE_MUTEX(devpts_mutex);
  42. #endif
  43. static void pty_close(struct tty_struct *tty, struct file *filp)
  44. {
  45. if (tty->driver->subtype == PTY_TYPE_MASTER)
  46. WARN_ON(tty->count > 1);
  47. else {
  48. if (tty_io_error(tty))
  49. return;
  50. if (tty->count > 2)
  51. return;
  52. }
  53. set_bit(TTY_IO_ERROR, &tty->flags);
  54. wake_up_interruptible(&tty->read_wait);
  55. wake_up_interruptible(&tty->write_wait);
  56. scoped_guard(spinlock_irq, &tty->ctrl.lock)
  57. tty->ctrl.packet = false;
  58. /* Review - krefs on tty_link ?? */
  59. if (!tty->link)
  60. return;
  61. set_bit(TTY_OTHER_CLOSED, &tty->link->flags);
  62. wake_up_interruptible(&tty->link->read_wait);
  63. wake_up_interruptible(&tty->link->write_wait);
  64. if (tty->driver->subtype == PTY_TYPE_MASTER) {
  65. set_bit(TTY_OTHER_CLOSED, &tty->flags);
  66. #ifdef CONFIG_UNIX98_PTYS
  67. if (tty->driver == ptm_driver) {
  68. guard(mutex)(&devpts_mutex);
  69. if (tty->link->driver_data)
  70. devpts_pty_kill(tty->link->driver_data);
  71. }
  72. #endif
  73. tty_vhangup(tty->link);
  74. }
  75. }
  76. /*
  77. * The unthrottle routine is called by the line discipline to signal
  78. * that it can receive more characters. For PTY's, the TTY_THROTTLED
  79. * flag is always set, to force the line discipline to always call the
  80. * unthrottle routine when there are fewer than TTY_THRESHOLD_UNTHROTTLE
  81. * characters in the queue. This is necessary since each time this
  82. * happens, we need to wake up any sleeping processes that could be
  83. * (1) trying to send data to the pty, or (2) waiting in wait_until_sent()
  84. * for the pty buffer to be drained.
  85. */
  86. static void pty_unthrottle(struct tty_struct *tty)
  87. {
  88. tty_wakeup(tty->link);
  89. set_bit(TTY_THROTTLED, &tty->flags);
  90. }
  91. /**
  92. * pty_write - write to a pty
  93. * @tty: the tty we write from
  94. * @buf: kernel buffer of data
  95. * @c: bytes to write
  96. *
  97. * Our "hardware" write method. Data is coming from the ldisc which
  98. * may be in a non sleeping state. We simply throw this at the other
  99. * end of the link as if we were an IRQ handler receiving stuff for
  100. * the other side of the pty/tty pair.
  101. */
  102. static ssize_t pty_write(struct tty_struct *tty, const u8 *buf, size_t c)
  103. {
  104. struct tty_struct *to = tty->link;
  105. if (tty->flow.stopped || !c)
  106. return 0;
  107. return tty_insert_flip_string_and_push_buffer(to->port, buf, c);
  108. }
  109. /**
  110. * pty_write_room - write space
  111. * @tty: tty we are writing from
  112. *
  113. * Report how many bytes the ldisc can send into the queue for
  114. * the other device.
  115. */
  116. static unsigned int pty_write_room(struct tty_struct *tty)
  117. {
  118. if (tty->flow.stopped)
  119. return 0;
  120. return tty_buffer_space_avail(tty->link->port);
  121. }
  122. /* Set the lock flag on a pty */
  123. static int pty_set_lock(struct tty_struct *tty, int __user *arg)
  124. {
  125. int val;
  126. if (get_user(val, arg))
  127. return -EFAULT;
  128. if (val)
  129. set_bit(TTY_PTY_LOCK, &tty->flags);
  130. else
  131. clear_bit(TTY_PTY_LOCK, &tty->flags);
  132. return 0;
  133. }
  134. static int pty_get_lock(struct tty_struct *tty, int __user *arg)
  135. {
  136. int locked = test_bit(TTY_PTY_LOCK, &tty->flags);
  137. return put_user(locked, arg);
  138. }
  139. /* Set the packet mode on a pty */
  140. static int pty_set_pktmode(struct tty_struct *tty, int __user *arg)
  141. {
  142. int want_pktmode;
  143. if (get_user(want_pktmode, arg))
  144. return -EFAULT;
  145. guard(spinlock_irq)(&tty->ctrl.lock);
  146. if (!want_pktmode) {
  147. tty->ctrl.packet = false;
  148. return 0;
  149. }
  150. if (tty->ctrl.packet)
  151. return 0;
  152. tty->link->ctrl.pktstatus = 0;
  153. smp_mb();
  154. tty->ctrl.packet = true;
  155. return 0;
  156. }
  157. /* Get the packet mode of a pty */
  158. static int pty_get_pktmode(struct tty_struct *tty, int __user *arg)
  159. {
  160. int pktmode = tty->ctrl.packet;
  161. return put_user(pktmode, arg);
  162. }
  163. /* Send a signal to the slave */
  164. static int pty_signal(struct tty_struct *tty, int sig)
  165. {
  166. struct pid *pgrp;
  167. if (sig != SIGINT && sig != SIGQUIT && sig != SIGTSTP)
  168. return -EINVAL;
  169. if (tty->link) {
  170. pgrp = tty_get_pgrp(tty->link);
  171. if (pgrp)
  172. kill_pgrp(pgrp, sig, 1);
  173. put_pid(pgrp);
  174. }
  175. return 0;
  176. }
  177. static void pty_flush_buffer(struct tty_struct *tty)
  178. {
  179. struct tty_struct *to = tty->link;
  180. if (!to)
  181. return;
  182. tty_buffer_flush(to, NULL);
  183. if (to->ctrl.packet) {
  184. guard(spinlock_irq)(&tty->ctrl.lock);
  185. tty->ctrl.pktstatus |= TIOCPKT_FLUSHWRITE;
  186. wake_up_interruptible(&to->read_wait);
  187. }
  188. }
  189. static int pty_open(struct tty_struct *tty, struct file *filp)
  190. {
  191. if (!tty || !tty->link)
  192. return -ENODEV;
  193. if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
  194. goto out;
  195. if (test_bit(TTY_PTY_LOCK, &tty->link->flags))
  196. goto out;
  197. if (tty->driver->subtype == PTY_TYPE_SLAVE && tty->link->count != 1)
  198. goto out;
  199. clear_bit(TTY_IO_ERROR, &tty->flags);
  200. clear_bit(TTY_OTHER_CLOSED, &tty->link->flags);
  201. set_bit(TTY_THROTTLED, &tty->flags);
  202. return 0;
  203. out:
  204. set_bit(TTY_IO_ERROR, &tty->flags);
  205. return -EIO;
  206. }
  207. static void pty_set_termios(struct tty_struct *tty,
  208. const struct ktermios *old_termios)
  209. {
  210. /* See if packet mode change of state. */
  211. if (tty->link && tty->link->ctrl.packet) {
  212. int extproc = (old_termios->c_lflag & EXTPROC) | L_EXTPROC(tty);
  213. int old_flow = ((old_termios->c_iflag & IXON) &&
  214. (old_termios->c_cc[VSTOP] == '\023') &&
  215. (old_termios->c_cc[VSTART] == '\021'));
  216. int new_flow = (I_IXON(tty) &&
  217. STOP_CHAR(tty) == '\023' &&
  218. START_CHAR(tty) == '\021');
  219. if ((old_flow != new_flow) || extproc) {
  220. scoped_guard(spinlock_irq, &tty->ctrl.lock) {
  221. if (old_flow != new_flow) {
  222. tty->ctrl.pktstatus &= ~(TIOCPKT_DOSTOP | TIOCPKT_NOSTOP);
  223. if (new_flow)
  224. tty->ctrl.pktstatus |= TIOCPKT_DOSTOP;
  225. else
  226. tty->ctrl.pktstatus |= TIOCPKT_NOSTOP;
  227. }
  228. if (extproc)
  229. tty->ctrl.pktstatus |= TIOCPKT_IOCTL;
  230. }
  231. wake_up_interruptible(&tty->link->read_wait);
  232. }
  233. }
  234. tty->termios.c_cflag &= ~(CSIZE | PARENB);
  235. tty->termios.c_cflag |= (CS8 | CREAD);
  236. }
  237. /**
  238. * pty_resize - resize event
  239. * @tty: tty being resized
  240. * @ws: window size being set.
  241. *
  242. * Update the termios variables and send the necessary signals to
  243. * peform a terminal resize correctly
  244. */
  245. static int pty_resize(struct tty_struct *tty, struct winsize *ws)
  246. {
  247. struct pid *pgrp, *rpgrp;
  248. struct tty_struct *pty = tty->link;
  249. /* For a PTY we need to lock the tty side */
  250. guard(mutex)(&tty->winsize_mutex);
  251. if (!memcmp(ws, &tty->winsize, sizeof(*ws)))
  252. return 0;
  253. /* Signal the foreground process group of both ptys */
  254. pgrp = tty_get_pgrp(tty);
  255. rpgrp = tty_get_pgrp(pty);
  256. if (pgrp)
  257. kill_pgrp(pgrp, SIGWINCH, 1);
  258. if (rpgrp != pgrp && rpgrp)
  259. kill_pgrp(rpgrp, SIGWINCH, 1);
  260. put_pid(pgrp);
  261. put_pid(rpgrp);
  262. tty->winsize = *ws;
  263. pty->winsize = *ws; /* Never used so will go away soon */
  264. return 0;
  265. }
  266. /**
  267. * pty_start - start() handler
  268. * pty_stop - stop() handler
  269. * @tty: tty being flow-controlled
  270. *
  271. * Propagates the TIOCPKT status to the master pty.
  272. *
  273. * NB: only the master pty can be in packet mode so only the slave
  274. * needs start()/stop() handlers
  275. */
  276. static void pty_start(struct tty_struct *tty)
  277. {
  278. if (!tty->link || !tty->link->ctrl.packet)
  279. return;
  280. scoped_guard(spinlock_irqsave, &tty->ctrl.lock) {
  281. tty->ctrl.pktstatus &= ~TIOCPKT_STOP;
  282. tty->ctrl.pktstatus |= TIOCPKT_START;
  283. }
  284. wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN);
  285. }
  286. static void pty_stop(struct tty_struct *tty)
  287. {
  288. if (!tty->link || !tty->link->ctrl.packet)
  289. return;
  290. scoped_guard(spinlock_irqsave, &tty->ctrl.lock) {
  291. tty->ctrl.pktstatus &= ~TIOCPKT_START;
  292. tty->ctrl.pktstatus |= TIOCPKT_STOP;
  293. }
  294. wake_up_interruptible_poll(&tty->link->read_wait, EPOLLIN);
  295. }
  296. /**
  297. * pty_common_install - set up the pty pair
  298. * @driver: the pty driver
  299. * @tty: the tty being instantiated
  300. * @legacy: true if this is BSD style
  301. *
  302. * Perform the initial set up for the tty/pty pair. Called from the
  303. * tty layer when the port is first opened.
  304. *
  305. * Locking: the caller must hold the tty_mutex
  306. */
  307. static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty,
  308. bool legacy)
  309. {
  310. struct tty_struct *o_tty;
  311. struct tty_port *ports[2];
  312. int idx = tty->index;
  313. int retval = -ENOMEM;
  314. /* Opening the slave first has always returned -EIO */
  315. if (driver->subtype != PTY_TYPE_MASTER)
  316. return -EIO;
  317. ports[0] = kmalloc_obj(**ports);
  318. ports[1] = kmalloc_obj(**ports);
  319. if (!ports[0] || !ports[1])
  320. goto err;
  321. if (!try_module_get(driver->other->owner)) {
  322. /* This cannot in fact currently happen */
  323. goto err;
  324. }
  325. o_tty = alloc_tty_struct(driver->other, idx);
  326. if (!o_tty)
  327. goto err_put_module;
  328. tty_set_lock_subclass(o_tty);
  329. lockdep_set_subclass(&o_tty->termios_rwsem, TTY_LOCK_SLAVE);
  330. if (legacy) {
  331. /* We always use new tty termios data so we can do this
  332. the easy way .. */
  333. tty_init_termios(tty);
  334. tty_init_termios(o_tty);
  335. driver->other->ttys[idx] = o_tty;
  336. driver->ttys[idx] = tty;
  337. } else {
  338. memset(&tty->termios_locked, 0, sizeof(tty->termios_locked));
  339. tty->termios = driver->init_termios;
  340. memset(&o_tty->termios_locked, 0, sizeof(tty->termios_locked));
  341. o_tty->termios = driver->other->init_termios;
  342. }
  343. /*
  344. * Everything allocated ... set up the o_tty structure.
  345. */
  346. tty_driver_kref_get(driver->other);
  347. /* Establish the links in both directions */
  348. tty->link = o_tty;
  349. o_tty->link = tty;
  350. tty_port_init(ports[0]);
  351. tty_port_init(ports[1]);
  352. tty_buffer_set_limit(ports[0], 8192);
  353. tty_buffer_set_limit(ports[1], 8192);
  354. o_tty->port = ports[0];
  355. tty->port = ports[1];
  356. o_tty->port->itty = o_tty;
  357. tty_buffer_set_lock_subclass(o_tty->port);
  358. tty_driver_kref_get(driver);
  359. tty->count++;
  360. o_tty->count++;
  361. return 0;
  362. err_put_module:
  363. module_put(driver->other->owner);
  364. err:
  365. kfree(ports[0]);
  366. kfree(ports[1]);
  367. return retval;
  368. }
  369. static void pty_cleanup(struct tty_struct *tty)
  370. {
  371. tty_port_put(tty->port);
  372. }
  373. /* Traditional BSD devices */
  374. #ifdef CONFIG_LEGACY_PTYS
  375. static int pty_install(struct tty_driver *driver, struct tty_struct *tty)
  376. {
  377. return pty_common_install(driver, tty, true);
  378. }
  379. static void pty_remove(struct tty_driver *driver, struct tty_struct *tty)
  380. {
  381. struct tty_struct *pair = tty->link;
  382. driver->ttys[tty->index] = NULL;
  383. if (pair)
  384. pair->driver->ttys[pair->index] = NULL;
  385. }
  386. static int pty_bsd_ioctl(struct tty_struct *tty,
  387. unsigned int cmd, unsigned long arg)
  388. {
  389. switch (cmd) {
  390. case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */
  391. return pty_set_lock(tty, (int __user *) arg);
  392. case TIOCGPTLCK: /* Get PT Lock status */
  393. return pty_get_lock(tty, (int __user *)arg);
  394. case TIOCPKT: /* Set PT packet mode */
  395. return pty_set_pktmode(tty, (int __user *)arg);
  396. case TIOCGPKT: /* Get PT packet mode */
  397. return pty_get_pktmode(tty, (int __user *)arg);
  398. case TIOCSIG: /* Send signal to other side of pty */
  399. return pty_signal(tty, (int) arg);
  400. case TIOCGPTN: /* TTY returns ENOTTY, but glibc expects EINVAL here */
  401. return -EINVAL;
  402. }
  403. return -ENOIOCTLCMD;
  404. }
  405. #ifdef CONFIG_COMPAT
  406. static long pty_bsd_compat_ioctl(struct tty_struct *tty,
  407. unsigned int cmd, unsigned long arg)
  408. {
  409. /*
  410. * PTY ioctls don't require any special translation between 32-bit and
  411. * 64-bit userspace, they are already compatible.
  412. */
  413. return pty_bsd_ioctl(tty, cmd, (unsigned long)compat_ptr(arg));
  414. }
  415. #else
  416. #define pty_bsd_compat_ioctl NULL
  417. #endif
  418. static int legacy_count = CONFIG_LEGACY_PTY_COUNT;
  419. /*
  420. * not really modular, but the easiest way to keep compat with existing
  421. * bootargs behaviour is to continue using module_param here.
  422. */
  423. module_param(legacy_count, int, 0);
  424. /*
  425. * The master side of a pty can do TIOCSPTLCK and thus
  426. * has pty_bsd_ioctl.
  427. */
  428. static const struct tty_operations master_pty_ops_bsd = {
  429. .install = pty_install,
  430. .open = pty_open,
  431. .close = pty_close,
  432. .write = pty_write,
  433. .write_room = pty_write_room,
  434. .flush_buffer = pty_flush_buffer,
  435. .unthrottle = pty_unthrottle,
  436. .ioctl = pty_bsd_ioctl,
  437. .compat_ioctl = pty_bsd_compat_ioctl,
  438. .cleanup = pty_cleanup,
  439. .resize = pty_resize,
  440. .remove = pty_remove
  441. };
  442. static const struct tty_operations slave_pty_ops_bsd = {
  443. .install = pty_install,
  444. .open = pty_open,
  445. .close = pty_close,
  446. .write = pty_write,
  447. .write_room = pty_write_room,
  448. .flush_buffer = pty_flush_buffer,
  449. .unthrottle = pty_unthrottle,
  450. .set_termios = pty_set_termios,
  451. .cleanup = pty_cleanup,
  452. .resize = pty_resize,
  453. .start = pty_start,
  454. .stop = pty_stop,
  455. .remove = pty_remove
  456. };
  457. static void __init legacy_pty_init(void)
  458. {
  459. struct tty_driver *pty_driver, *pty_slave_driver;
  460. if (legacy_count <= 0)
  461. return;
  462. pty_driver = tty_alloc_driver(legacy_count,
  463. TTY_DRIVER_RESET_TERMIOS |
  464. TTY_DRIVER_REAL_RAW |
  465. TTY_DRIVER_DYNAMIC_ALLOC);
  466. if (IS_ERR(pty_driver))
  467. panic("Couldn't allocate pty driver");
  468. pty_slave_driver = tty_alloc_driver(legacy_count,
  469. TTY_DRIVER_RESET_TERMIOS |
  470. TTY_DRIVER_REAL_RAW |
  471. TTY_DRIVER_DYNAMIC_ALLOC);
  472. if (IS_ERR(pty_slave_driver))
  473. panic("Couldn't allocate pty slave driver");
  474. pty_driver->driver_name = "pty_master";
  475. pty_driver->name = "pty";
  476. pty_driver->major = PTY_MASTER_MAJOR;
  477. pty_driver->minor_start = 0;
  478. pty_driver->type = TTY_DRIVER_TYPE_PTY;
  479. pty_driver->subtype = PTY_TYPE_MASTER;
  480. pty_driver->init_termios = tty_std_termios;
  481. pty_driver->init_termios.c_iflag = 0;
  482. pty_driver->init_termios.c_oflag = 0;
  483. pty_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
  484. pty_driver->init_termios.c_lflag = 0;
  485. pty_driver->init_termios.c_ispeed = 38400;
  486. pty_driver->init_termios.c_ospeed = 38400;
  487. pty_driver->other = pty_slave_driver;
  488. tty_set_operations(pty_driver, &master_pty_ops_bsd);
  489. pty_slave_driver->driver_name = "pty_slave";
  490. pty_slave_driver->name = "ttyp";
  491. pty_slave_driver->major = PTY_SLAVE_MAJOR;
  492. pty_slave_driver->minor_start = 0;
  493. pty_slave_driver->type = TTY_DRIVER_TYPE_PTY;
  494. pty_slave_driver->subtype = PTY_TYPE_SLAVE;
  495. pty_slave_driver->init_termios = tty_std_termios;
  496. pty_slave_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
  497. pty_slave_driver->init_termios.c_ispeed = 38400;
  498. pty_slave_driver->init_termios.c_ospeed = 38400;
  499. pty_slave_driver->other = pty_driver;
  500. tty_set_operations(pty_slave_driver, &slave_pty_ops_bsd);
  501. if (tty_register_driver(pty_driver))
  502. panic("Couldn't register pty driver");
  503. if (tty_register_driver(pty_slave_driver))
  504. panic("Couldn't register pty slave driver");
  505. }
  506. #else
  507. static inline void legacy_pty_init(void) { }
  508. #endif
  509. /* Unix98 devices */
  510. #ifdef CONFIG_UNIX98_PTYS
  511. static struct cdev ptmx_cdev;
  512. static struct file *ptm_open_peer_file(struct file *master,
  513. struct tty_struct *tty, int flags)
  514. {
  515. struct path path;
  516. struct file *file;
  517. /* Compute the slave's path */
  518. path.mnt = devpts_mntget(master, tty->driver_data);
  519. if (IS_ERR(path.mnt))
  520. return ERR_CAST(path.mnt);
  521. path.dentry = tty->link->driver_data;
  522. file = dentry_open(&path, flags, current_cred());
  523. mntput(path.mnt);
  524. return file;
  525. }
  526. /**
  527. * ptm_open_peer - open the peer of a pty
  528. * @master: the open struct file of the ptmx device node
  529. * @tty: the master of the pty being opened
  530. * @flags: the flags for open
  531. *
  532. * Provide a race free way for userspace to open the slave end of a pty
  533. * (where they have the master fd and cannot access or trust the mount
  534. * namespace /dev/pts was mounted inside).
  535. */
  536. int ptm_open_peer(struct file *master, struct tty_struct *tty, int flags)
  537. {
  538. if (tty->driver != ptm_driver)
  539. return -EIO;
  540. return FD_ADD(flags, ptm_open_peer_file(master, tty, flags));
  541. }
  542. static int pty_unix98_ioctl(struct tty_struct *tty,
  543. unsigned int cmd, unsigned long arg)
  544. {
  545. switch (cmd) {
  546. case TIOCSPTLCK: /* Set PT Lock (disallow slave open) */
  547. return pty_set_lock(tty, (int __user *)arg);
  548. case TIOCGPTLCK: /* Get PT Lock status */
  549. return pty_get_lock(tty, (int __user *)arg);
  550. case TIOCPKT: /* Set PT packet mode */
  551. return pty_set_pktmode(tty, (int __user *)arg);
  552. case TIOCGPKT: /* Get PT packet mode */
  553. return pty_get_pktmode(tty, (int __user *)arg);
  554. case TIOCGPTN: /* Get PT Number */
  555. return put_user(tty->index, (unsigned int __user *)arg);
  556. case TIOCSIG: /* Send signal to other side of pty */
  557. return pty_signal(tty, (int) arg);
  558. }
  559. return -ENOIOCTLCMD;
  560. }
  561. #ifdef CONFIG_COMPAT
  562. static long pty_unix98_compat_ioctl(struct tty_struct *tty,
  563. unsigned int cmd, unsigned long arg)
  564. {
  565. /*
  566. * PTY ioctls don't require any special translation between 32-bit and
  567. * 64-bit userspace, they are already compatible.
  568. */
  569. return pty_unix98_ioctl(tty, cmd,
  570. cmd == TIOCSIG ? arg : (unsigned long)compat_ptr(arg));
  571. }
  572. #else
  573. #define pty_unix98_compat_ioctl NULL
  574. #endif
  575. /**
  576. * ptm_unix98_lookup - find a pty master
  577. * @driver: ptm driver
  578. * @file: unused
  579. * @idx: tty index
  580. *
  581. * Look up a pty master device. Called under the tty_mutex for now.
  582. * This provides our locking.
  583. */
  584. static struct tty_struct *ptm_unix98_lookup(struct tty_driver *driver,
  585. struct file *file, int idx)
  586. {
  587. /* Master must be open via /dev/ptmx */
  588. return ERR_PTR(-EIO);
  589. }
  590. /**
  591. * pts_unix98_lookup - find a pty slave
  592. * @driver: pts driver
  593. * @file: file pointer to tty
  594. * @idx: tty index
  595. *
  596. * Look up a pty master device. Called under the tty_mutex for now.
  597. * This provides our locking for the tty pointer.
  598. */
  599. static struct tty_struct *pts_unix98_lookup(struct tty_driver *driver,
  600. struct file *file, int idx)
  601. {
  602. guard(mutex)(&devpts_mutex);
  603. /* Master must be open before slave */
  604. return devpts_get_priv(file->f_path.dentry) ? : ERR_PTR(-EIO);
  605. }
  606. static int pty_unix98_install(struct tty_driver *driver, struct tty_struct *tty)
  607. {
  608. return pty_common_install(driver, tty, false);
  609. }
  610. /* this is called once with whichever end is closed last */
  611. static void pty_unix98_remove(struct tty_driver *driver, struct tty_struct *tty)
  612. {
  613. struct pts_fs_info *fsi;
  614. if (tty->driver->subtype == PTY_TYPE_MASTER)
  615. fsi = tty->driver_data;
  616. else
  617. fsi = tty->link->driver_data;
  618. if (fsi) {
  619. devpts_kill_index(fsi, tty->index);
  620. devpts_release(fsi);
  621. }
  622. }
  623. static void pty_show_fdinfo(struct tty_struct *tty, struct seq_file *m)
  624. {
  625. seq_printf(m, "tty-index:\t%d\n", tty->index);
  626. }
  627. static const struct tty_operations ptm_unix98_ops = {
  628. .lookup = ptm_unix98_lookup,
  629. .install = pty_unix98_install,
  630. .remove = pty_unix98_remove,
  631. .open = pty_open,
  632. .close = pty_close,
  633. .write = pty_write,
  634. .write_room = pty_write_room,
  635. .flush_buffer = pty_flush_buffer,
  636. .unthrottle = pty_unthrottle,
  637. .ioctl = pty_unix98_ioctl,
  638. .compat_ioctl = pty_unix98_compat_ioctl,
  639. .resize = pty_resize,
  640. .cleanup = pty_cleanup,
  641. .show_fdinfo = pty_show_fdinfo,
  642. };
  643. static const struct tty_operations pty_unix98_ops = {
  644. .lookup = pts_unix98_lookup,
  645. .install = pty_unix98_install,
  646. .remove = pty_unix98_remove,
  647. .open = pty_open,
  648. .close = pty_close,
  649. .write = pty_write,
  650. .write_room = pty_write_room,
  651. .flush_buffer = pty_flush_buffer,
  652. .unthrottle = pty_unthrottle,
  653. .set_termios = pty_set_termios,
  654. .start = pty_start,
  655. .stop = pty_stop,
  656. .cleanup = pty_cleanup,
  657. };
  658. /**
  659. * ptmx_open - open a unix 98 pty master
  660. * @inode: inode of device file
  661. * @filp: file pointer to tty
  662. *
  663. * Allocate a unix98 pty master device from the ptmx driver.
  664. *
  665. * Locking: tty_mutex protects the init_dev work. tty->count should
  666. * protect the rest.
  667. * allocated_ptys_lock handles the list of free pty numbers
  668. */
  669. static int ptmx_open(struct inode *inode, struct file *filp)
  670. {
  671. struct pts_fs_info *fsi;
  672. struct tty_struct *tty;
  673. struct dentry *dentry;
  674. int retval;
  675. int index;
  676. nonseekable_open(inode, filp);
  677. /* We refuse fsnotify events on ptmx, since it's a shared resource */
  678. file_set_fsnotify_mode(filp, FMODE_NONOTIFY);
  679. retval = tty_alloc_file(filp);
  680. if (retval)
  681. return retval;
  682. fsi = devpts_acquire(filp);
  683. if (IS_ERR(fsi)) {
  684. retval = PTR_ERR(fsi);
  685. goto out_free_file;
  686. }
  687. /* find a device that is not in use. */
  688. scoped_guard(mutex, &devpts_mutex)
  689. index = devpts_new_index(fsi);
  690. retval = index;
  691. if (index < 0)
  692. goto out_put_fsi;
  693. /* The tty returned here is locked so we can safely drop the mutex */
  694. scoped_guard(mutex, &tty_mutex)
  695. tty = tty_init_dev(ptm_driver, index);
  696. retval = PTR_ERR(tty);
  697. if (IS_ERR(tty))
  698. goto out;
  699. /*
  700. * From here on out, the tty is "live", and the index and
  701. * fsi will be killed/put by the tty_release()
  702. */
  703. set_bit(TTY_PTY_LOCK, &tty->flags); /* LOCK THE SLAVE */
  704. tty->driver_data = fsi;
  705. tty_add_file(tty, filp);
  706. dentry = devpts_pty_new(fsi, index, tty->link);
  707. if (IS_ERR(dentry)) {
  708. retval = PTR_ERR(dentry);
  709. goto err_release;
  710. }
  711. tty->link->driver_data = dentry;
  712. retval = ptm_driver->ops->open(tty, filp);
  713. if (retval)
  714. goto err_release;
  715. tty_debug_hangup(tty, "opening (count=%d)\n", tty->count);
  716. tty_unlock(tty);
  717. return 0;
  718. err_release:
  719. tty_unlock(tty);
  720. // This will also put-ref the fsi
  721. tty_release(inode, filp);
  722. return retval;
  723. out:
  724. devpts_kill_index(fsi, index);
  725. out_put_fsi:
  726. devpts_release(fsi);
  727. out_free_file:
  728. tty_free_file(filp);
  729. return retval;
  730. }
  731. static struct file_operations ptmx_fops __ro_after_init;
  732. static void __init unix98_pty_init(void)
  733. {
  734. ptm_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX,
  735. TTY_DRIVER_RESET_TERMIOS |
  736. TTY_DRIVER_REAL_RAW |
  737. TTY_DRIVER_DYNAMIC_DEV |
  738. TTY_DRIVER_DEVPTS_MEM |
  739. TTY_DRIVER_DYNAMIC_ALLOC);
  740. if (IS_ERR(ptm_driver))
  741. panic("Couldn't allocate Unix98 ptm driver");
  742. pts_driver = tty_alloc_driver(NR_UNIX98_PTY_MAX,
  743. TTY_DRIVER_RESET_TERMIOS |
  744. TTY_DRIVER_REAL_RAW |
  745. TTY_DRIVER_DYNAMIC_DEV |
  746. TTY_DRIVER_DEVPTS_MEM |
  747. TTY_DRIVER_DYNAMIC_ALLOC);
  748. if (IS_ERR(pts_driver))
  749. panic("Couldn't allocate Unix98 pts driver");
  750. ptm_driver->driver_name = "pty_master";
  751. ptm_driver->name = "ptm";
  752. ptm_driver->major = UNIX98_PTY_MASTER_MAJOR;
  753. ptm_driver->minor_start = 0;
  754. ptm_driver->type = TTY_DRIVER_TYPE_PTY;
  755. ptm_driver->subtype = PTY_TYPE_MASTER;
  756. ptm_driver->init_termios = tty_std_termios;
  757. ptm_driver->init_termios.c_iflag = 0;
  758. ptm_driver->init_termios.c_oflag = 0;
  759. ptm_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
  760. ptm_driver->init_termios.c_lflag = 0;
  761. ptm_driver->init_termios.c_ispeed = 38400;
  762. ptm_driver->init_termios.c_ospeed = 38400;
  763. ptm_driver->other = pts_driver;
  764. tty_set_operations(ptm_driver, &ptm_unix98_ops);
  765. pts_driver->driver_name = "pty_slave";
  766. pts_driver->name = "pts";
  767. pts_driver->major = UNIX98_PTY_SLAVE_MAJOR;
  768. pts_driver->minor_start = 0;
  769. pts_driver->type = TTY_DRIVER_TYPE_PTY;
  770. pts_driver->subtype = PTY_TYPE_SLAVE;
  771. pts_driver->init_termios = tty_std_termios;
  772. pts_driver->init_termios.c_cflag = B38400 | CS8 | CREAD;
  773. pts_driver->init_termios.c_ispeed = 38400;
  774. pts_driver->init_termios.c_ospeed = 38400;
  775. pts_driver->other = ptm_driver;
  776. tty_set_operations(pts_driver, &pty_unix98_ops);
  777. if (tty_register_driver(ptm_driver))
  778. panic("Couldn't register Unix98 ptm driver");
  779. if (tty_register_driver(pts_driver))
  780. panic("Couldn't register Unix98 pts driver");
  781. /* Now create the /dev/ptmx special device */
  782. tty_default_fops(&ptmx_fops);
  783. ptmx_fops.open = ptmx_open;
  784. cdev_init(&ptmx_cdev, &ptmx_fops);
  785. if (cdev_add(&ptmx_cdev, MKDEV(TTYAUX_MAJOR, 2), 1) ||
  786. register_chrdev_region(MKDEV(TTYAUX_MAJOR, 2), 1, "/dev/ptmx") < 0)
  787. panic("Couldn't register /dev/ptmx driver");
  788. device_create(&tty_class, NULL, MKDEV(TTYAUX_MAJOR, 2), NULL, "ptmx");
  789. }
  790. #else
  791. static inline void unix98_pty_init(void) { }
  792. #endif
  793. static int __init pty_init(void)
  794. {
  795. legacy_pty_init();
  796. unix98_pty_init();
  797. return 0;
  798. }
  799. device_initcall(pty_init);