projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
n_tty: Fix unsafe update of available buffer space
[deliverable/linux.git] / drivers / tty / n_tty.c
CommitLineData
1da177e4
LT		 1/*
2 * n_tty.c --- implements the N_TTY line discipline.
4edf1827 3 *
1da177e4
LT		 4 * This code used to be in tty_io.c, but things are getting hairy
5 * enough that it made sense to split things off. (The N_TTY
6 * processing has changed so much that it's hardly recognizable,
7 * anyway...)
8 *
9 * Note that the open routine for N_TTY is guaranteed never to return
10 * an error. This is because Linux will fall back to setting a line
4edf1827 11 * to N_TTY if it can not switch to any other line discipline.
1da177e4
LT		 12 *
13 * Written by Theodore Ts'o, Copyright 1994.
4edf1827 14 *
1da177e4
LT		 15 * This file also contains code originally written by Linus Torvalds,
16 * Copyright 1991, 1992, 1993, and by Julian Cowley, Copyright 1994.
4edf1827 17 *
1da177e4
LT		 18 * This file may be redistributed under the terms of the GNU General Public
19 * License.
20 *
21 * Reduced memory usage for older ARM systems - Russell King.
22 *
4edf1827 23 * 2000/01/20 Fixed SMP locking on put_tty_queue using bits of
1da177e4
LT		 24 * the patch by Andrew J. Kroll <ag784@freenet.buffalo.edu>
25 * who actually finally proved there really was a race.
26 *
27 * 2002/03/18 Implemented n_tty_wakeup to send SIGIO POLL_OUTs to
28 * waiting writing processes-Sapan Bhatia <sapan@corewars.org>.
11a96d18 29 * Also fixed a bug in BLOCKING mode where n_tty_write returns
1da177e4
LT		 30 * EAGAIN
31 */
32
33#include <linux/types.h>
34#include <linux/major.h>
35#include <linux/errno.h>
36#include <linux/signal.h>
37#include <linux/fcntl.h>
38#include <linux/sched.h>
39#include <linux/interrupt.h>
40#include <linux/tty.h>
41#include <linux/timer.h>
42#include <linux/ctype.h>
43#include <linux/mm.h>
44#include <linux/string.h>
45#include <linux/slab.h>
46#include <linux/poll.h>
47#include <linux/bitops.h>
522ed776
MT		 48#include <linux/audit.h>
49#include <linux/file.h>
300a6204 50#include <linux/uaccess.h>
572b9adb 51#include <linux/module.h>
593fb1ae 52#include <linux/ratelimit.h>
1da177e4 53
1da177e4
LT		 54
55/* number of characters left in xmit buffer before select has we have room */
56#define WAKEUP_CHARS 256
57
58/*
59 * This defines the low- and high-watermarks for throttling and
60 * unthrottling the TTY driver. These watermarks are used for
61 * controlling the space in the read buffer.
62 */
63#define TTY_THRESHOLD_THROTTLE 128 /* now based on remaining room */
bbd20759 64#define TTY_THRESHOLD_UNTHROTTLE 128
1da177e4 65
a88a69c9
JP		 66/*
67 * Special byte codes used in the echo buffer to represent operations
68 * or special handling of characters. Bytes in the echo buffer that
69 * are not part of such special blocks are treated as normal character
70 * codes.
71 */
72#define ECHO_OP_START 0xff
73#define ECHO_OP_MOVE_BACK_COL 0x80
74#define ECHO_OP_SET_CANON_COL 0x81
75#define ECHO_OP_ERASE_TAB 0x82
76
70ece7a7 77struct n_tty_data {
53c5ee2c
JS		 78 unsigned int column;
79 unsigned long overrun_time;
80 int num_overrun;
81
82 unsigned char lnext:1, erasing:1, raw:1, real_raw:1, icanon:1;
83 unsigned char echo_overrun:1;
3fe780b3
JS		 84
85 DECLARE_BITMAP(process_char_map, 256);
86 DECLARE_BITMAP(read_flags, N_TTY_BUF_SIZE);
ba2e68ac
JS		 87
88 char *read_buf;
89 int read_head;
90 int read_tail;
91 int read_cnt;
f6c8dbe6 92 int minimum_to_wake;
ba2e68ac
JS		 93
94 unsigned char *echo_buf;
95 unsigned int echo_pos;
96 unsigned int echo_cnt;
97
98 int canon_data;
99 unsigned long canon_head;
100 unsigned int canon_column;
bddc7152
JS		 101
102 struct mutex atomic_read_lock;
103 struct mutex output_lock;
104 struct mutex echo_lock;
98001214 105 raw_spinlock_t read_lock;
70ece7a7
JS		 106};
107
522ed776
MT		 108static inline int tty_put_user(struct tty_struct *tty, unsigned char x,
109 unsigned char __user *ptr)
110{
53c5ee2c
JS		 111 struct n_tty_data *ldata = tty->disc_data;
112
113 tty_audit_add_data(tty, &x, 1, ldata->icanon);
522ed776
MT		 114 return put_user(x, ptr);
115}
116
55db4c64 117/**
b8483052 118 * n_tty_set_room - receive space
55db4c64
LT		 119 * @tty: terminal
120 *
b8483052
PH		 121 * Sets tty->receive_room to reflect the currently available space
122 * in the input buffer, and re-schedules the flip buffer work if space
123 * just became available.
124 *
125 * Locks: Concurrent update is protected with read_lock
55db4c64
LT		 126 */
127
128static void n_tty_set_room(struct tty_struct *tty)
129{
53c5ee2c 130 struct n_tty_data *ldata = tty->disc_data;
090abf7b 131 int left;
55db4c64 132 int old_left;
b8483052
PH		 133 unsigned long flags;
134
135 raw_spin_lock_irqsave(&ldata->read_lock, flags);
55db4c64 136
090abf7b
JA		 137 if (I_PARMRK(tty)) {
138 /* Multiply read_cnt by 3, since each byte might take up to
139 * three times as many spaces when PARMRK is set (depending on
140 * its flags, e.g. parity error). */
ba2e68ac 141 left = N_TTY_BUF_SIZE - ldata->read_cnt * 3 - 1;
090abf7b 142 } else
ba2e68ac 143 left = N_TTY_BUF_SIZE - ldata->read_cnt - 1;
090abf7b 144
55db4c64
LT		 145 /*
146 * If we are doing input canonicalization, and there are no
147 * pending newlines, let characters through without limit, so
148 * that erase characters will be handled. Other excess
149 * characters will be beeped.
150 */
151 if (left <= 0)
ba2e68ac 152 left = ldata->icanon && !ldata->canon_data;
55db4c64
LT		 153 old_left = tty->receive_room;
154 tty->receive_room = left;
155
b8483052
PH		 156 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
157
55db4c64 158 /* Did this open up the receive buffer? We may need to flip */
ecbbfd44
JS		 159 if (left && !old_left) {
160 WARN_RATELIMIT(tty->port->itty == NULL,
cadf7486 161 "scheduling with invalid itty\n");
21622939
PH		 162 /* see if ldisc has been killed - if so, this means that
163 * even though the ldisc has been halted and ->buf.work
164 * cancelled, ->buf.work is about to be rescheduled
165 */
166 WARN_RATELIMIT(test_bit(TTY_LDISC_HALTED, &tty->flags),
167 "scheduling buffer work for halted ldisc\n");
ecbbfd44
JS		 168 schedule_work(&tty->port->buf.work);
169 }
55db4c64
LT		 170}
171
57c94121 172static void put_tty_queue_nolock(unsigned char c, struct n_tty_data *ldata)
1da177e4 173{
ba2e68ac
JS		 174 if (ldata->read_cnt < N_TTY_BUF_SIZE) {
175 ldata->read_buf[ldata->read_head] = c;
176 ldata->read_head = (ldata->read_head + 1) & (N_TTY_BUF_SIZE-1);
177 ldata->read_cnt++;
1da177e4
LT		 178 }
179}
180
17b82060
AC		 181/**
182 * put_tty_queue - add character to tty
183 * @c: character
57c94121 184 * @ldata: n_tty data
17b82060
AC		 185 *
186 * Add a character to the tty read_buf queue. This is done under the
187 * read_lock to serialize character addition and also to protect us
188 * against parallel reads or flushes
189 */
190
57c94121 191static void put_tty_queue(unsigned char c, struct n_tty_data *ldata)
1da177e4
LT		 192{
193 unsigned long flags;
194 /*
195 * The problem of stomping on the buffers ends here.
196 * Why didn't anyone see this one coming? --AJK
197 */
98001214 198 raw_spin_lock_irqsave(&ldata->read_lock, flags);
57c94121 199 put_tty_queue_nolock(c, ldata);
98001214 200 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 201}
202
1da177e4
LT		 203/**
204 * reset_buffer_flags - reset buffer state
205 * @tty: terminal to reset
206 *
25518c68
PH		 207 * Reset the read buffer counters and clear the flags.
208 * Called from n_tty_open() and n_tty_flush_buffer().
17b82060
AC		 209 *
210 * Locking: tty_read_lock for read fields.
1da177e4 211 */
a88a69c9 212
b66f4fa5 213static void reset_buffer_flags(struct n_tty_data *ldata)
1da177e4
LT		 214{
215 unsigned long flags;
216
98001214 217 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 218 ldata->read_head = ldata->read_tail = ldata->read_cnt = 0;
98001214 219 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
a88a69c9 220
bddc7152 221 mutex_lock(&ldata->echo_lock);
ba2e68ac 222 ldata->echo_pos = ldata->echo_cnt = ldata->echo_overrun = 0;
bddc7152 223 mutex_unlock(&ldata->echo_lock);
a88a69c9 224
ba2e68ac 225 ldata->canon_head = ldata->canon_data = ldata->erasing = 0;
3fe780b3 226 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE);
1da177e4
LT		 227}
228
a30737ab
PH		 229static void n_tty_packet_mode_flush(struct tty_struct *tty)
230{
231 unsigned long flags;
232
233 spin_lock_irqsave(&tty->ctrl_lock, flags);
234 if (tty->link->packet) {
235 tty->ctrl_status |= TIOCPKT_FLUSHREAD;
236 wake_up_interruptible(&tty->link->read_wait);
237 }
238 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
239}
240
1da177e4
LT		 241/**
242 * n_tty_flush_buffer - clean input queue
243 * @tty: terminal device
244 *
25518c68
PH		 245 * Flush the input buffer. Called when the tty layer wants the
246 * buffer flushed (eg at hangup) or when the N_TTY line discipline
247 * internally has to clean the pending queue (for example some signals).
1da177e4 248 *
17b82060 249 * Locking: ctrl_lock, read_lock.
1da177e4 250 */
4edf1827
AC		 251
252static void n_tty_flush_buffer(struct tty_struct *tty)
1da177e4 253{
b66f4fa5
PH		 254 reset_buffer_flags(tty->disc_data);
255 n_tty_set_room(tty);
4edf1827 256
a30737ab
PH		 257 if (tty->link)
258 n_tty_packet_mode_flush(tty);
1da177e4
LT		 259}
260
261/**
262 * n_tty_chars_in_buffer - report available bytes
263 * @tty: tty device
264 *
265 * Report the number of characters buffered to be delivered to user
4edf1827 266 * at this instant in time.
17b82060
AC		 267 *
268 * Locking: read_lock
1da177e4 269 */
4edf1827 270
1da177e4
LT		 271static ssize_t n_tty_chars_in_buffer(struct tty_struct *tty)
272{
53c5ee2c 273 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 274 unsigned long flags;
275 ssize_t n = 0;
276
98001214 277 raw_spin_lock_irqsave(&ldata->read_lock, flags);
53c5ee2c 278 if (!ldata->icanon) {
ba2e68ac
JS		 279 n = ldata->read_cnt;
280 } else if (ldata->canon_data) {
281 n = (ldata->canon_head > ldata->read_tail) ?
282 ldata->canon_head - ldata->read_tail :
283 ldata->canon_head + (N_TTY_BUF_SIZE - ldata->read_tail);
1da177e4 284 }
98001214 285 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 286 return n;
287}
288
289/**
290 * is_utf8_continuation - utf8 multibyte check
291 * @c: byte to check
292 *
293 * Returns true if the utf8 character 'c' is a multibyte continuation
294 * character. We use this to correctly compute the on screen size
295 * of the character when printing
296 */
4edf1827 297
1da177e4
LT		 298static inline int is_utf8_continuation(unsigned char c)
299{
300 return (c & 0xc0) == 0x80;
301}
302
303/**
304 * is_continuation - multibyte check
305 * @c: byte to check
306 *
307 * Returns true if the utf8 character 'c' is a multibyte continuation
308 * character and the terminal is in unicode mode.
309 */
4edf1827 310
1da177e4
LT		 311static inline int is_continuation(unsigned char c, struct tty_struct *tty)
312{
313 return I_IUTF8(tty) && is_utf8_continuation(c);
314}
315
316/**
a88a69c9 317 * do_output_char - output one character
1da177e4
LT		 318 * @c: character (or partial unicode symbol)
319 * @tty: terminal device
a88a69c9 320 * @space: space available in tty driver write buffer
1da177e4 321 *
a88a69c9
JP		 322 * This is a helper function that handles one output character
323 * (including special characters like TAB, CR, LF, etc.),
ee5aa7b8
JP		 324 * doing OPOST processing and putting the results in the
325 * tty driver's write buffer.
a88a69c9
JP		 326 *
327 * Note that Linux currently ignores TABDLY, CRDLY, VTDLY, FFDLY
328 * and NLDLY. They simply aren't relevant in the world today.
329 * If you ever need them, add them here.
1da177e4 330 *
a88a69c9
JP		 331 * Returns the number of bytes of buffer space used or -1 if
332 * no space left.
333 *
334 * Locking: should be called under the output_lock to protect
335 * the column state and space left in the buffer
1da177e4 336 */
4edf1827 337
a88a69c9 338static int do_output_char(unsigned char c, struct tty_struct *tty, int space)
1da177e4 339{
53c5ee2c 340 struct n_tty_data *ldata = tty->disc_data;
a88a69c9 341 int spaces;
1da177e4 342
1da177e4
LT		 343 if (!space)
344 return -1;
300a6204 345
a88a69c9
JP		 346 switch (c) {
347 case '\n':
348 if (O_ONLRET(tty))
53c5ee2c 349 ldata->column = 0;
a88a69c9
JP		 350 if (O_ONLCR(tty)) {
351 if (space < 2)
352 return -1;
ba2e68ac 353 ldata->canon_column = ldata->column = 0;
37f81fa1 354 tty->ops->write(tty, "\r\n", 2);
a88a69c9
JP		 355 return 2;
356 }
ba2e68ac 357 ldata->canon_column = ldata->column;
a88a69c9
JP		 358 break;
359 case '\r':
53c5ee2c 360 if (O_ONOCR(tty) && ldata->column == 0)
a88a69c9
JP		 361 return 0;
362 if (O_OCRNL(tty)) {
363 c = '\n';
364 if (O_ONLRET(tty))
ba2e68ac 365 ldata->canon_column = ldata->column = 0;
1da177e4 366 break;
a88a69c9 367 }
ba2e68ac 368 ldata->canon_column = ldata->column = 0;
a88a69c9
JP		 369 break;
370 case '\t':
53c5ee2c 371 spaces = 8 - (ldata->column & 7);
a88a69c9
JP		 372 if (O_TABDLY(tty) == XTABS) {
373 if (space < spaces)
374 return -1;
53c5ee2c 375 ldata->column += spaces;
a88a69c9
JP		 376 tty->ops->write(tty, " ", spaces);
377 return spaces;
1da177e4 378 }
53c5ee2c 379 ldata->column += spaces;
a88a69c9
JP		 380 break;
381 case '\b':
53c5ee2c
JS		 382 if (ldata->column > 0)
383 ldata->column--;
a88a69c9
JP		 384 break;
385 default:
a59c0d6f
JP		 386 if (!iscntrl(c)) {
387 if (O_OLCUC(tty))
388 c = toupper(c);
389 if (!is_continuation(c, tty))
53c5ee2c 390 ldata->column++;
a59c0d6f 391 }
a88a69c9 392 break;
1da177e4 393 }
a88a69c9 394
f34d7a5b 395 tty_put_char(tty, c);
a88a69c9
JP		 396 return 1;
397}
398
399/**
400 * process_output - output post processor
401 * @c: character (or partial unicode symbol)
402 * @tty: terminal device
403 *
ee5aa7b8
JP		 404 * Output one character with OPOST processing.
405 * Returns -1 when the output device is full and the character
406 * must be retried.
a88a69c9
JP		 407 *
408 * Locking: output_lock to protect column state and space left
409 * (also, this is called from n_tty_write under the
410 * tty layer write lock)
411 */
412
413static int process_output(unsigned char c, struct tty_struct *tty)
414{
bddc7152 415 struct n_tty_data *ldata = tty->disc_data;
a88a69c9
JP		 416 int space, retval;
417
bddc7152 418 mutex_lock(&ldata->output_lock);
a88a69c9
JP		 419
420 space = tty_write_room(tty);
421 retval = do_output_char(c, tty, space);
422
bddc7152 423 mutex_unlock(&ldata->output_lock);
a88a69c9
JP		 424 if (retval < 0)
425 return -1;
426 else
427 return 0;
1da177e4
LT		 428}
429
430/**
a88a69c9 431 * process_output_block - block post processor
1da177e4 432 * @tty: terminal device
ee5aa7b8
JP		 433 * @buf: character buffer
434 * @nr: number of bytes to output
435 *
436 * Output a block of characters with OPOST processing.
437 * Returns the number of characters output.
1da177e4
LT		 438 *
439 * This path is used to speed up block console writes, among other
440 * things when processing blocks of output data. It handles only
441 * the simple cases normally found and helps to generate blocks of
442 * symbols for the console driver and thus improve performance.
443 *
a88a69c9
JP		 444 * Locking: output_lock to protect column state and space left
445 * (also, this is called from n_tty_write under the
446 * tty layer write lock)
1da177e4 447 */
4edf1827 448
a88a69c9
JP		 449static ssize_t process_output_block(struct tty_struct *tty,
450 const unsigned char *buf, unsigned int nr)
1da177e4 451{
53c5ee2c 452 struct n_tty_data *ldata = tty->disc_data;
1da177e4 453 int space;
bbd20759 454 int i;
1da177e4
LT		 455 const unsigned char *cp;
456
bddc7152 457 mutex_lock(&ldata->output_lock);
a88a69c9 458
f34d7a5b 459 space = tty_write_room(tty);
300a6204 460 if (!space) {
bddc7152 461 mutex_unlock(&ldata->output_lock);
1da177e4 462 return 0;
a88a69c9 463 }
1da177e4
LT		 464 if (nr > space)
465 nr = space;
466
467 for (i = 0, cp = buf; i < nr; i++, cp++) {
a59c0d6f
JP		 468 unsigned char c = *cp;
469
470 switch (c) {
1da177e4
LT		 471 case '\n':
472 if (O_ONLRET(tty))
53c5ee2c 473 ldata->column = 0;
1da177e4
LT		 474 if (O_ONLCR(tty))
475 goto break_out;
ba2e68ac 476 ldata->canon_column = ldata->column;
1da177e4
LT		 477 break;
478 case '\r':
53c5ee2c 479 if (O_ONOCR(tty) && ldata->column == 0)
1da177e4
LT		 480 goto break_out;
481 if (O_OCRNL(tty))
482 goto break_out;
ba2e68ac 483 ldata->canon_column = ldata->column = 0;
1da177e4
LT		 484 break;
485 case '\t':
486 goto break_out;
487 case '\b':
53c5ee2c
JS		 488 if (ldata->column > 0)
489 ldata->column--;
1da177e4
LT		 490 break;
491 default:
a59c0d6f
JP		 492 if (!iscntrl(c)) {
493 if (O_OLCUC(tty))
494 goto break_out;
495 if (!is_continuation(c, tty))
53c5ee2c 496 ldata->column++;
a59c0d6f 497 }
1da177e4
LT		 498 break;
499 }
500 }
501break_out:
f34d7a5b 502 i = tty->ops->write(tty, buf, i);
a88a69c9 503
bddc7152 504 mutex_unlock(&ldata->output_lock);
1da177e4
LT		 505 return i;
506}
507
a88a69c9
JP		 508/**
509 * process_echoes - write pending echo characters
510 * @tty: terminal device
511 *
512 * Write previously buffered echo (and other ldisc-generated)
513 * characters to the tty.
514 *
515 * Characters generated by the ldisc (including echoes) need to
516 * be buffered because the driver's write buffer can fill during
517 * heavy program output. Echoing straight to the driver will
518 * often fail under these conditions, causing lost characters and
519 * resulting mismatches of ldisc state information.
520 *
521 * Since the ldisc state must represent the characters actually sent
522 * to the driver at the time of the write, operations like certain
523 * changes in column state are also saved in the buffer and executed
524 * here.
525 *
526 * A circular fifo buffer is used so that the most recent characters
527 * are prioritized. Also, when control characters are echoed with a
528 * prefixed "^", the pair is treated atomically and thus not separated.
529 *
530 * Locking: output_lock to protect column state and space left,
531 * echo_lock to protect the echo buffer
532 */
533
534static void process_echoes(struct tty_struct *tty)
535{
53c5ee2c 536 struct n_tty_data *ldata = tty->disc_data;
a88a69c9
JP		 537 int space, nr;
538 unsigned char c;
539 unsigned char *cp, *buf_end;
540
ba2e68ac 541 if (!ldata->echo_cnt)
a88a69c9
JP		 542 return;
543
bddc7152
JS		 544 mutex_lock(&ldata->output_lock);
545 mutex_lock(&ldata->echo_lock);
a88a69c9
JP		 546
547 space = tty_write_room(tty);
548
ba2e68ac
JS		 549 buf_end = ldata->echo_buf + N_TTY_BUF_SIZE;
550 cp = ldata->echo_buf + ldata->echo_pos;
551 nr = ldata->echo_cnt;
a88a69c9
JP		 552 while (nr > 0) {
553 c = *cp;
554 if (c == ECHO_OP_START) {
555 unsigned char op;
556 unsigned char *opp;
557 int no_space_left = 0;
558
559 /*
560 * If the buffer byte is the start of a multi-byte
561 * operation, get the next byte, which is either the
562 * op code or a control character value.
563 */
564 opp = cp + 1;
565 if (opp == buf_end)
566 opp -= N_TTY_BUF_SIZE;
567 op = *opp;
300a6204 568
a88a69c9
JP		 569 switch (op) {
570 unsigned int num_chars, num_bs;
571
572 case ECHO_OP_ERASE_TAB:
573 if (++opp == buf_end)
574 opp -= N_TTY_BUF_SIZE;
575 num_chars = *opp;
576
577 /*
578 * Determine how many columns to go back
579 * in order to erase the tab.
580 * This depends on the number of columns
581 * used by other characters within the tab
582 * area. If this (modulo 8) count is from
583 * the start of input rather than from a
584 * previous tab, we offset by canon column.
585 * Otherwise, tab spacing is normal.
586 */
587 if (!(num_chars & 0x80))
ba2e68ac 588 num_chars += ldata->canon_column;
a88a69c9
JP		 589 num_bs = 8 - (num_chars & 7);
590
591 if (num_bs > space) {
592 no_space_left = 1;
593 break;
594 }
595 space -= num_bs;
596 while (num_bs--) {
597 tty_put_char(tty, '\b');
53c5ee2c
JS		 598 if (ldata->column > 0)
599 ldata->column--;
a88a69c9
JP		 600 }
601 cp += 3;
602 nr -= 3;
603 break;
604
605 case ECHO_OP_SET_CANON_COL:
ba2e68ac 606 ldata->canon_column = ldata->column;
a88a69c9
JP		 607 cp += 2;
608 nr -= 2;
609 break;
610
611 case ECHO_OP_MOVE_BACK_COL:
53c5ee2c
JS		 612 if (ldata->column > 0)
613 ldata->column--;
a88a69c9
JP		 614 cp += 2;
615 nr -= 2;
616 break;
617
618 case ECHO_OP_START:
619 /* This is an escaped echo op start code */
620 if (!space) {
621 no_space_left = 1;
622 break;
623 }
624 tty_put_char(tty, ECHO_OP_START);
53c5ee2c 625 ldata->column++;
a88a69c9
JP		 626 space--;
627 cp += 2;
628 nr -= 2;
629 break;
630
631 default:
a88a69c9 632 /*
62b26358
JP		 633 * If the op is not a special byte code,
634 * it is a ctrl char tagged to be echoed
635 * as "^X" (where X is the letter
636 * representing the control char).
637 * Note that we must ensure there is
638 * enough space for the whole ctrl pair.
639 *
a88a69c9 640 */
62b26358
JP		 641 if (space < 2) {
642 no_space_left = 1;
643 break;
644 }
645 tty_put_char(tty, '^');
646 tty_put_char(tty, op ^ 0100);
53c5ee2c 647 ldata->column += 2;
62b26358 648 space -= 2;
a88a69c9
JP		 649 cp += 2;
650 nr -= 2;
651 }
652
653 if (no_space_left)
654 break;
655 } else {
582f5590 656 if (O_OPOST(tty)) {
ee5aa7b8
JP		 657 int retval = do_output_char(c, tty, space);
658 if (retval < 0)
659 break;
660 space -= retval;
661 } else {
662 if (!space)
663 break;
664 tty_put_char(tty, c);
665 space -= 1;
666 }
a88a69c9
JP		 667 cp += 1;
668 nr -= 1;
669 }
670
671 /* When end of circular buffer reached, wrap around */
672 if (cp >= buf_end)
673 cp -= N_TTY_BUF_SIZE;
674 }
675
676 if (nr == 0) {
ba2e68ac
JS		 677 ldata->echo_pos = 0;
678 ldata->echo_cnt = 0;
53c5ee2c 679 ldata->echo_overrun = 0;
a88a69c9 680 } else {
ba2e68ac
JS		 681 int num_processed = ldata->echo_cnt - nr;
682 ldata->echo_pos += num_processed;
683 ldata->echo_pos &= N_TTY_BUF_SIZE - 1;
684 ldata->echo_cnt = nr;
a88a69c9 685 if (num_processed > 0)
53c5ee2c 686 ldata->echo_overrun = 0;
a88a69c9
JP		 687 }
688
bddc7152
JS		 689 mutex_unlock(&ldata->echo_lock);
690 mutex_unlock(&ldata->output_lock);
a88a69c9
JP		 691
692 if (tty->ops->flush_chars)
693 tty->ops->flush_chars(tty);
694}
695
696/**
697 * add_echo_byte - add a byte to the echo buffer
698 * @c: unicode byte to echo
57c94121 699 * @ldata: n_tty data
a88a69c9
JP		 700 *
701 * Add a character or operation byte to the echo buffer.
702 *
703 * Should be called under the echo lock to protect the echo buffer.
704 */
705
57c94121 706static void add_echo_byte(unsigned char c, struct n_tty_data *ldata)
a88a69c9
JP		 707{
708 int new_byte_pos;
709
ba2e68ac 710 if (ldata->echo_cnt == N_TTY_BUF_SIZE) {
a88a69c9 711 /* Circular buffer is already at capacity */
ba2e68ac 712 new_byte_pos = ldata->echo_pos;
a88a69c9
JP		 713
714 /*
715 * Since the buffer start position needs to be advanced,
716 * be sure to step by a whole operation byte group.
717 */
ba2e68ac
JS		 718 if (ldata->echo_buf[ldata->echo_pos] == ECHO_OP_START) {
719 if (ldata->echo_buf[(ldata->echo_pos + 1) &
a88a69c9
JP		 720 (N_TTY_BUF_SIZE - 1)] ==
721 ECHO_OP_ERASE_TAB) {
ba2e68ac
JS		 722 ldata->echo_pos += 3;
723 ldata->echo_cnt -= 2;
a88a69c9 724 } else {
ba2e68ac
JS		 725 ldata->echo_pos += 2;
726 ldata->echo_cnt -= 1;
a88a69c9
JP		 727 }
728 } else {
ba2e68ac 729 ldata->echo_pos++;
a88a69c9 730 }
ba2e68ac 731 ldata->echo_pos &= N_TTY_BUF_SIZE - 1;
a88a69c9 732
53c5ee2c 733 ldata->echo_overrun = 1;
a88a69c9 734 } else {
ba2e68ac 735 new_byte_pos = ldata->echo_pos + ldata->echo_cnt;
a88a69c9 736 new_byte_pos &= N_TTY_BUF_SIZE - 1;
ba2e68ac 737 ldata->echo_cnt++;
a88a69c9
JP		 738 }
739
ba2e68ac 740 ldata->echo_buf[new_byte_pos] = c;
a88a69c9
JP		 741}
742
743/**
744 * echo_move_back_col - add operation to move back a column
57c94121 745 * @ldata: n_tty data
a88a69c9
JP		 746 *
747 * Add an operation to the echo buffer to move back one column.
748 *
749 * Locking: echo_lock to protect the echo buffer
750 */
751
57c94121 752static void echo_move_back_col(struct n_tty_data *ldata)
a88a69c9 753{
bddc7152 754 mutex_lock(&ldata->echo_lock);
57c94121
JS		 755 add_echo_byte(ECHO_OP_START, ldata);
756 add_echo_byte(ECHO_OP_MOVE_BACK_COL, ldata);
bddc7152 757 mutex_unlock(&ldata->echo_lock);
a88a69c9
JP		 758}
759
760/**
761 * echo_set_canon_col - add operation to set the canon column
57c94121 762 * @ldata: n_tty data
a88a69c9
JP		 763 *
764 * Add an operation to the echo buffer to set the canon column
765 * to the current column.
766 *
767 * Locking: echo_lock to protect the echo buffer
768 */
769
57c94121 770static void echo_set_canon_col(struct n_tty_data *ldata)
a88a69c9 771{
bddc7152 772 mutex_lock(&ldata->echo_lock);
57c94121
JS		 773 add_echo_byte(ECHO_OP_START, ldata);
774 add_echo_byte(ECHO_OP_SET_CANON_COL, ldata);
bddc7152 775 mutex_unlock(&ldata->echo_lock);
a88a69c9
JP		 776}
777
778/**
779 * echo_erase_tab - add operation to erase a tab
780 * @num_chars: number of character columns already used
781 * @after_tab: true if num_chars starts after a previous tab
57c94121 782 * @ldata: n_tty data
a88a69c9
JP		 783 *
784 * Add an operation to the echo buffer to erase a tab.
785 *
786 * Called by the eraser function, which knows how many character
787 * columns have been used since either a previous tab or the start
788 * of input. This information will be used later, along with
789 * canon column (if applicable), to go back the correct number
790 * of columns.
791 *
792 * Locking: echo_lock to protect the echo buffer
793 */
794
795static void echo_erase_tab(unsigned int num_chars, int after_tab,
57c94121 796 struct n_tty_data *ldata)
a88a69c9 797{
bddc7152 798 mutex_lock(&ldata->echo_lock);
a88a69c9 799
57c94121
JS		 800 add_echo_byte(ECHO_OP_START, ldata);
801 add_echo_byte(ECHO_OP_ERASE_TAB, ldata);
a88a69c9
JP		 802
803 /* We only need to know this modulo 8 (tab spacing) */
804 num_chars &= 7;
805
806 /* Set the high bit as a flag if num_chars is after a previous tab */
807 if (after_tab)
808 num_chars |= 0x80;
300a6204 809
57c94121 810 add_echo_byte(num_chars, ldata);
a88a69c9 811
bddc7152 812 mutex_unlock(&ldata->echo_lock);
a88a69c9
JP		 813}
814
815/**
816 * echo_char_raw - echo a character raw
817 * @c: unicode byte to echo
818 * @tty: terminal device
819 *
820 * Echo user input back onto the screen. This must be called only when
821 * L_ECHO(tty) is true. Called from the driver receive_buf path.
822 *
823 * This variant does not treat control characters specially.
824 *
825 * Locking: echo_lock to protect the echo buffer
826 */
827
57c94121 828static void echo_char_raw(unsigned char c, struct n_tty_data *ldata)
a88a69c9 829{
bddc7152 830 mutex_lock(&ldata->echo_lock);
a88a69c9 831 if (c == ECHO_OP_START) {
57c94121
JS		 832 add_echo_byte(ECHO_OP_START, ldata);
833 add_echo_byte(ECHO_OP_START, ldata);
a88a69c9 834 } else {
57c94121 835 add_echo_byte(c, ldata);
a88a69c9 836 }
bddc7152 837 mutex_unlock(&ldata->echo_lock);
a88a69c9 838}
1da177e4 839
1da177e4 840/**
a88a69c9 841 * echo_char - echo a character
1da177e4
LT		 842 * @c: unicode byte to echo
843 * @tty: terminal device
844 *
4edf1827 845 * Echo user input back onto the screen. This must be called only when
1da177e4 846 * L_ECHO(tty) is true. Called from the driver receive_buf path.
17b82060 847 *
62b26358
JP		 848 * This variant tags control characters to be echoed as "^X"
849 * (where X is the letter representing the control char).
a88a69c9
JP		 850 *
851 * Locking: echo_lock to protect the echo buffer
1da177e4
LT		 852 */
853
854static void echo_char(unsigned char c, struct tty_struct *tty)
855{
bddc7152
JS		 856 struct n_tty_data *ldata = tty->disc_data;
857
858 mutex_lock(&ldata->echo_lock);
a88a69c9
JP		 859
860 if (c == ECHO_OP_START) {
57c94121
JS		 861 add_echo_byte(ECHO_OP_START, ldata);
862 add_echo_byte(ECHO_OP_START, ldata);
a88a69c9 863 } else {
62b26358 864 if (L_ECHOCTL(tty) && iscntrl(c) && c != '\t')
57c94121
JS		 865 add_echo_byte(ECHO_OP_START, ldata);
866 add_echo_byte(c, ldata);
a88a69c9
JP		 867 }
868
bddc7152 869 mutex_unlock(&ldata->echo_lock);
1da177e4
LT		 870}
871
17b82060 872/**
a88a69c9 873 * finish_erasing - complete erase
57c94121 874 * @ldata: n_tty data
17b82060 875 */
a88a69c9 876
57c94121 877static inline void finish_erasing(struct n_tty_data *ldata)
1da177e4 878{
53c5ee2c 879 if (ldata->erasing) {
57c94121 880 echo_char_raw('/', ldata);
53c5ee2c 881 ldata->erasing = 0;
1da177e4
LT		 882 }
883}
884
885/**
886 * eraser - handle erase function
887 * @c: character input
888 * @tty: terminal device
889 *
3a4fa0a2 890 * Perform erase and necessary output when an erase character is
1da177e4
LT		 891 * present in the stream from the driver layer. Handles the complexities
892 * of UTF-8 multibyte symbols.
17b82060 893 *
a88a69c9 894 * Locking: read_lock for tty buffers
1da177e4 895 */
4edf1827 896
1da177e4
LT		 897static void eraser(unsigned char c, struct tty_struct *tty)
898{
53c5ee2c 899 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 900 enum { ERASE, WERASE, KILL } kill_type;
901 int head, seen_alnums, cnt;
902 unsigned long flags;
903
17b82060 904 /* FIXME: locking needed ? */
ba2e68ac 905 if (ldata->read_head == ldata->canon_head) {
7e94b1d9 906 /* process_output('\a', tty); */ /* what do you think? */
1da177e4
LT		 907 return;
908 }
909 if (c == ERASE_CHAR(tty))
910 kill_type = ERASE;
911 else if (c == WERASE_CHAR(tty))
912 kill_type = WERASE;
913 else {
914 if (!L_ECHO(tty)) {
98001214 915 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 916 ldata->read_cnt -= ((ldata->read_head - ldata->canon_head) &
1da177e4 917 (N_TTY_BUF_SIZE - 1));
ba2e68ac 918 ldata->read_head = ldata->canon_head;
98001214 919 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 920 return;
921 }
922 if (!L_ECHOK(tty) || !L_ECHOKE(tty) || !L_ECHOE(tty)) {
98001214 923 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 924 ldata->read_cnt -= ((ldata->read_head - ldata->canon_head) &
1da177e4 925 (N_TTY_BUF_SIZE - 1));
ba2e68ac 926 ldata->read_head = ldata->canon_head;
98001214 927 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
57c94121 928 finish_erasing(ldata);
1da177e4
LT		 929 echo_char(KILL_CHAR(tty), tty);
930 /* Add a newline if ECHOK is on and ECHOKE is off. */
931 if (L_ECHOK(tty))
57c94121 932 echo_char_raw('\n', ldata);
1da177e4
LT		 933 return;
934 }
935 kill_type = KILL;
936 }
937
938 seen_alnums = 0;
17b82060 939 /* FIXME: Locking ?? */
ba2e68ac
JS		 940 while (ldata->read_head != ldata->canon_head) {
941 head = ldata->read_head;
1da177e4
LT		 942
943 /* erase a single possibly multibyte character */
944 do {
945 head = (head - 1) & (N_TTY_BUF_SIZE-1);
ba2e68ac
JS		 946 c = ldata->read_buf[head];
947 } while (is_continuation(c, tty) && head != ldata->canon_head);
1da177e4
LT		 948
949 /* do not partially erase */
950 if (is_continuation(c, tty))
951 break;
952
953 if (kill_type == WERASE) {
954 /* Equivalent to BSD's ALTWERASE. */
955 if (isalnum(c) || c == '_')
956 seen_alnums++;
957 else if (seen_alnums)
958 break;
959 }
ba2e68ac 960 cnt = (ldata->read_head - head) & (N_TTY_BUF_SIZE-1);
98001214 961 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac
JS		 962 ldata->read_head = head;
963 ldata->read_cnt -= cnt;
98001214 964 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 965 if (L_ECHO(tty)) {
966 if (L_ECHOPRT(tty)) {
53c5ee2c 967 if (!ldata->erasing) {
57c94121 968 echo_char_raw('\\', ldata);
53c5ee2c 969 ldata->erasing = 1;
1da177e4
LT		 970 }
971 /* if cnt > 1, output a multi-byte character */
972 echo_char(c, tty);
973 while (--cnt > 0) {
974 head = (head+1) & (N_TTY_BUF_SIZE-1);
57c94121
JS		 975 echo_char_raw(ldata->read_buf[head],
976 ldata);
977 echo_move_back_col(ldata);
1da177e4
LT		 978 }
979 } else if (kill_type == ERASE && !L_ECHOE(tty)) {
980 echo_char(ERASE_CHAR(tty), tty);
981 } else if (c == '\t') {
a88a69c9
JP		 982 unsigned int num_chars = 0;
983 int after_tab = 0;
ba2e68ac 984 unsigned long tail = ldata->read_head;
a88a69c9
JP		 985
986 /*
987 * Count the columns used for characters
988 * since the start of input or after a
989 * previous tab.
990 * This info is used to go back the correct
991 * number of columns.
992 */
ba2e68ac 993 while (tail != ldata->canon_head) {
a88a69c9 994 tail = (tail-1) & (N_TTY_BUF_SIZE-1);
ba2e68ac 995 c = ldata->read_buf[tail];
a88a69c9
JP		 996 if (c == '\t') {
997 after_tab = 1;
998 break;
300a6204 999 } else if (iscntrl(c)) {
1da177e4 1000 if (L_ECHOCTL(tty))
a88a69c9
JP		 1001 num_chars += 2;
1002 } else if (!is_continuation(c, tty)) {
1003 num_chars++;
1004 }
1da177e4 1005 }
57c94121 1006 echo_erase_tab(num_chars, after_tab, ldata);
1da177e4
LT		 1007 } else {
1008 if (iscntrl(c) && L_ECHOCTL(tty)) {
57c94121
JS		 1009 echo_char_raw('\b', ldata);
1010 echo_char_raw(' ', ldata);
1011 echo_char_raw('\b', ldata);
1da177e4
LT		 1012 }
1013 if (!iscntrl(c) || L_ECHOCTL(tty)) {
57c94121
JS		 1014 echo_char_raw('\b', ldata);
1015 echo_char_raw(' ', ldata);
1016 echo_char_raw('\b', ldata);
1da177e4
LT		 1017 }
1018 }
1019 }
1020 if (kill_type == ERASE)
1021 break;
1022 }
ba2e68ac 1023 if (ldata->read_head == ldata->canon_head && L_ECHO(tty))
57c94121 1024 finish_erasing(ldata);
1da177e4
LT		 1025}
1026
1027/**
1028 * isig - handle the ISIG optio
1029 * @sig: signal
1030 * @tty: terminal
1da177e4 1031 *
8c985d18
PH		 1032 * Called when a signal is being sent due to terminal input.
1033 * Called from the driver receive_buf path so serialized.
17b82060 1034 *
8c985d18 1035 * Locking: ctrl_lock
1da177e4 1036 */
4edf1827 1037
8c985d18 1038static inline void isig(int sig, struct tty_struct *tty)
1da177e4 1039{
8c985d18
PH		 1040 struct pid *tty_pgrp = tty_get_pgrp(tty);
1041 if (tty_pgrp) {
1042 kill_pgrp(tty_pgrp, sig, 1);
1043 put_pid(tty_pgrp);
1da177e4
LT		 1044 }
1045}
1046
1047/**
1048 * n_tty_receive_break - handle break
1049 * @tty: terminal
1050 *
1051 * An RS232 break event has been hit in the incoming bitstream. This
1052 * can cause a variety of events depending upon the termios settings.
1053 *
1054 * Called from the receive_buf path so single threaded.
1055 */
4edf1827 1056
1da177e4
LT		 1057static inline void n_tty_receive_break(struct tty_struct *tty)
1058{
57c94121
JS		 1059 struct n_tty_data *ldata = tty->disc_data;
1060
1da177e4
LT		 1061 if (I_IGNBRK(tty))
1062 return;
1063 if (I_BRKINT(tty)) {
8c985d18
PH		 1064 isig(SIGINT, tty);
1065 if (!L_NOFLSH(tty)) {
1066 n_tty_flush_buffer(tty);
1067 tty_driver_flush_buffer(tty);
1068 }
1da177e4
LT		 1069 return;
1070 }
1071 if (I_PARMRK(tty)) {
57c94121
JS		 1072 put_tty_queue('\377', ldata);
1073 put_tty_queue('\0', ldata);
1da177e4 1074 }
57c94121 1075 put_tty_queue('\0', ldata);
1da177e4
LT		 1076 wake_up_interruptible(&tty->read_wait);
1077}
1078
1079/**
1080 * n_tty_receive_overrun - handle overrun reporting
1081 * @tty: terminal
1082 *
1083 * Data arrived faster than we could process it. While the tty
1084 * driver has flagged this the bits that were missed are gone
1085 * forever.
1086 *
1087 * Called from the receive_buf path so single threaded. Does not
1088 * need locking as num_overrun and overrun_time are function
1089 * private.
1090 */
4edf1827 1091
1da177e4
LT		 1092static inline void n_tty_receive_overrun(struct tty_struct *tty)
1093{
53c5ee2c 1094 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 1095 char buf[64];
1096
53c5ee2c
JS		 1097 ldata->num_overrun++;
1098 if (time_after(jiffies, ldata->overrun_time + HZ) ||
1099 time_after(ldata->overrun_time, jiffies)) {
1da177e4
LT		 1100 printk(KERN_WARNING "%s: %d input overrun(s)\n",
1101 tty_name(tty, buf),
53c5ee2c
JS		 1102 ldata->num_overrun);
1103 ldata->overrun_time = jiffies;
1104 ldata->num_overrun = 0;
1da177e4
LT		 1105 }
1106}
1107
1108/**
1109 * n_tty_receive_parity_error - error notifier
1110 * @tty: terminal device
1111 * @c: character
1112 *
1113 * Process a parity error and queue the right data to indicate
3a4fa0a2 1114 * the error case if necessary. Locking as per n_tty_receive_buf.
1da177e4
LT		 1115 */
1116static inline void n_tty_receive_parity_error(struct tty_struct *tty,
1117 unsigned char c)
1118{
57c94121
JS		 1119 struct n_tty_data *ldata = tty->disc_data;
1120
4edf1827 1121 if (I_IGNPAR(tty))
1da177e4 1122 return;
1da177e4 1123 if (I_PARMRK(tty)) {
57c94121
JS		 1124 put_tty_queue('\377', ldata);
1125 put_tty_queue('\0', ldata);
1126 put_tty_queue(c, ldata);
1da177e4 1127 } else if (I_INPCK(tty))
57c94121 1128 put_tty_queue('\0', ldata);
1da177e4 1129 else
57c94121 1130 put_tty_queue(c, ldata);
1da177e4
LT		 1131 wake_up_interruptible(&tty->read_wait);
1132}
1133
1134/**
1135 * n_tty_receive_char - perform processing
1136 * @tty: terminal device
1137 * @c: character
1138 *
1139 * Process an individual character of input received from the driver.
4edf1827 1140 * This is serialized with respect to itself by the rules for the
1da177e4
LT		 1141 * driver above.
1142 */
1143
1144static inline void n_tty_receive_char(struct tty_struct *tty, unsigned char c)
1145{
53c5ee2c 1146 struct n_tty_data *ldata = tty->disc_data;
1da177e4 1147 unsigned long flags;
acc71bba 1148 int parmrk;
1da177e4 1149
53c5ee2c 1150 if (ldata->raw) {
57c94121 1151 put_tty_queue(c, ldata);
1da177e4
LT		 1152 return;
1153 }
4edf1827 1154
1da177e4
LT		 1155 if (I_ISTRIP(tty))
1156 c &= 0x7f;
1157 if (I_IUCLC(tty) && L_IEXTEN(tty))
300a6204 1158 c = tolower(c);
1da177e4 1159
26df6d13 1160 if (L_EXTPROC(tty)) {
57c94121 1161 put_tty_queue(c, ldata);
26df6d13 1162 return;
1163 }
1164
54d2a37e 1165 if (tty->stopped && !tty->flow_stopped && I_IXON(tty) &&
a88a69c9
JP		 1166 I_IXANY(tty) && c != START_CHAR(tty) && c != STOP_CHAR(tty) &&
1167 c != INTR_CHAR(tty) && c != QUIT_CHAR(tty) && c != SUSP_CHAR(tty)) {
54d2a37e 1168 start_tty(tty);
a88a69c9
JP		 1169 process_echoes(tty);
1170 }
54d2a37e 1171
1da177e4
LT		 1172 if (tty->closing) {
1173 if (I_IXON(tty)) {
a88a69c9 1174 if (c == START_CHAR(tty)) {
1da177e4 1175 start_tty(tty);
a88a69c9 1176 process_echoes(tty);
300a6204 1177 } else if (c == STOP_CHAR(tty))
1da177e4
LT		 1178 stop_tty(tty);
1179 }
1180 return;
1181 }
1182
1183 /*
1184 * If the previous character was LNEXT, or we know that this
1185 * character is not one of the characters that we'll have to
1186 * handle specially, do shortcut processing to speed things
1187 * up.
1188 */
3fe780b3 1189 if (!test_bit(c, ldata->process_char_map) || ldata->lnext) {
53c5ee2c 1190 ldata->lnext = 0;
acc71bba 1191 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty)) ? 1 : 0;
ba2e68ac 1192 if (ldata->read_cnt >= (N_TTY_BUF_SIZE - parmrk - 1)) {
acc71bba 1193 /* beep if no space */
7e94b1d9
JP		 1194 if (L_ECHO(tty))
1195 process_output('\a', tty);
acc71bba
JP		 1196 return;
1197 }
1198 if (L_ECHO(tty)) {
57c94121 1199 finish_erasing(ldata);
1da177e4 1200 /* Record the column of first canon char. */
ba2e68ac 1201 if (ldata->canon_head == ldata->read_head)
57c94121 1202 echo_set_canon_col(ldata);
1da177e4 1203 echo_char(c, tty);
a88a69c9 1204 process_echoes(tty);
1da177e4 1205 }
acc71bba 1206 if (parmrk)
57c94121
JS		 1207 put_tty_queue(c, ldata);
1208 put_tty_queue(c, ldata);
1da177e4
LT		 1209 return;
1210 }
4edf1827 1211
1da177e4
LT		 1212 if (I_IXON(tty)) {
1213 if (c == START_CHAR(tty)) {
1214 start_tty(tty);
a88a69c9 1215 process_echoes(tty);
1da177e4
LT		 1216 return;
1217 }
1218 if (c == STOP_CHAR(tty)) {
1219 stop_tty(tty);
1220 return;
1221 }
1222 }
575537b3 1223
1da177e4
LT		 1224 if (L_ISIG(tty)) {
1225 int signal;
1226 signal = SIGINT;
1227 if (c == INTR_CHAR(tty))
1228 goto send_signal;
1229 signal = SIGQUIT;
1230 if (c == QUIT_CHAR(tty))
1231 goto send_signal;
1232 signal = SIGTSTP;
1233 if (c == SUSP_CHAR(tty)) {
1234send_signal:
ec5b1157
JP		 1235 if (!L_NOFLSH(tty)) {
1236 n_tty_flush_buffer(tty);
f34d7a5b 1237 tty_driver_flush_buffer(tty);
ec5b1157 1238 }
a88a69c9
JP		 1239 if (I_IXON(tty))
1240 start_tty(tty);
1241 if (L_ECHO(tty)) {
ec5b1157 1242 echo_char(c, tty);
a88a69c9
JP		 1243 process_echoes(tty);
1244 }
8c985d18 1245 isig(signal, tty);
1da177e4
LT		 1246 return;
1247 }
1248 }
575537b3
JP		 1249
1250 if (c == '\r') {
1251 if (I_IGNCR(tty))
1252 return;
1253 if (I_ICRNL(tty))
1254 c = '\n';
1255 } else if (c == '\n' && I_INLCR(tty))
1256 c = '\r';
1257
53c5ee2c 1258 if (ldata->icanon) {
1da177e4
LT		 1259 if (c == ERASE_CHAR(tty) || c == KILL_CHAR(tty) ||
1260 (c == WERASE_CHAR(tty) && L_IEXTEN(tty))) {
1261 eraser(c, tty);
a88a69c9 1262 process_echoes(tty);
1da177e4
LT		 1263 return;
1264 }
1265 if (c == LNEXT_CHAR(tty) && L_IEXTEN(tty)) {
53c5ee2c 1266 ldata->lnext = 1;
1da177e4 1267 if (L_ECHO(tty)) {
57c94121 1268 finish_erasing(ldata);
1da177e4 1269 if (L_ECHOCTL(tty)) {
57c94121
JS		 1270 echo_char_raw('^', ldata);
1271 echo_char_raw('\b', ldata);
a88a69c9 1272 process_echoes(tty);
1da177e4
LT		 1273 }
1274 }
1275 return;
1276 }
1277 if (c == REPRINT_CHAR(tty) && L_ECHO(tty) &&
1278 L_IEXTEN(tty)) {
ba2e68ac 1279 unsigned long tail = ldata->canon_head;
1da177e4 1280
57c94121 1281 finish_erasing(ldata);
1da177e4 1282 echo_char(c, tty);
57c94121 1283 echo_char_raw('\n', ldata);
ba2e68ac
JS		 1284 while (tail != ldata->read_head) {
1285 echo_char(ldata->read_buf[tail], tty);
1da177e4
LT		 1286 tail = (tail+1) & (N_TTY_BUF_SIZE-1);
1287 }
a88a69c9 1288 process_echoes(tty);
1da177e4
LT		 1289 return;
1290 }
1291 if (c == '\n') {
ba2e68ac 1292 if (ldata->read_cnt >= N_TTY_BUF_SIZE) {
7e94b1d9
JP		 1293 if (L_ECHO(tty))
1294 process_output('\a', tty);
acc71bba
JP		 1295 return;
1296 }
1297 if (L_ECHO(tty) || L_ECHONL(tty)) {
57c94121 1298 echo_char_raw('\n', ldata);
a88a69c9 1299 process_echoes(tty);
1da177e4
LT		 1300 }
1301 goto handle_newline;
1302 }
1303 if (c == EOF_CHAR(tty)) {
ba2e68ac 1304 if (ldata->read_cnt >= N_TTY_BUF_SIZE)
acc71bba 1305 return;
ba2e68ac 1306 if (ldata->canon_head != ldata->read_head)
4edf1827 1307 set_bit(TTY_PUSH, &tty->flags);
1da177e4
LT		 1308 c = __DISABLED_CHAR;
1309 goto handle_newline;
1310 }
1311 if ((c == EOL_CHAR(tty)) ||
1312 (c == EOL2_CHAR(tty) && L_IEXTEN(tty))) {
acc71bba
JP		 1313 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty))
1314 ? 1 : 0;
ba2e68ac 1315 if (ldata->read_cnt >= (N_TTY_BUF_SIZE - parmrk)) {
7e94b1d9
JP		 1316 if (L_ECHO(tty))
1317 process_output('\a', tty);
acc71bba
JP		 1318 return;
1319 }
1da177e4
LT		 1320 /*
1321 * XXX are EOL_CHAR and EOL2_CHAR echoed?!?
1322 */
1323 if (L_ECHO(tty)) {
1da177e4 1324 /* Record the column of first canon char. */
ba2e68ac 1325 if (ldata->canon_head == ldata->read_head)
57c94121 1326 echo_set_canon_col(ldata);
1da177e4 1327 echo_char(c, tty);
a88a69c9 1328 process_echoes(tty);
1da177e4
LT		 1329 }
1330 /*
1331 * XXX does PARMRK doubling happen for
1332 * EOL_CHAR and EOL2_CHAR?
1333 */
acc71bba 1334 if (parmrk)
57c94121 1335 put_tty_queue(c, ldata);
1da177e4 1336
4edf1827 1337handle_newline:
98001214 1338 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 1339 set_bit(ldata->read_head, ldata->read_flags);
57c94121 1340 put_tty_queue_nolock(c, ldata);
ba2e68ac
JS		 1341 ldata->canon_head = ldata->read_head;
1342 ldata->canon_data++;
98001214 1343 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 1344 kill_fasync(&tty->fasync, SIGIO, POLL_IN);
1345 if (waitqueue_active(&tty->read_wait))
1346 wake_up_interruptible(&tty->read_wait);
1347 return;
1348 }
1349 }
4edf1827 1350
acc71bba 1351 parmrk = (c == (unsigned char) '\377' && I_PARMRK(tty)) ? 1 : 0;
ba2e68ac 1352 if (ldata->read_cnt >= (N_TTY_BUF_SIZE - parmrk - 1)) {
acc71bba 1353 /* beep if no space */
7e94b1d9
JP		 1354 if (L_ECHO(tty))
1355 process_output('\a', tty);
acc71bba
JP		 1356 return;
1357 }
1358 if (L_ECHO(tty)) {
57c94121 1359 finish_erasing(ldata);
1da177e4 1360 if (c == '\n')
57c94121 1361 echo_char_raw('\n', ldata);
1da177e4
LT		 1362 else {
1363 /* Record the column of first canon char. */
ba2e68ac 1364 if (ldata->canon_head == ldata->read_head)
57c94121 1365 echo_set_canon_col(ldata);
1da177e4
LT		 1366 echo_char(c, tty);
1367 }
a88a69c9 1368 process_echoes(tty);
1da177e4
LT		 1369 }
1370
acc71bba 1371 if (parmrk)
57c94121 1372 put_tty_queue(c, ldata);
1da177e4 1373
57c94121 1374 put_tty_queue(c, ldata);
4edf1827 1375}
1da177e4 1376
1da177e4
LT		 1377
1378/**
1379 * n_tty_write_wakeup - asynchronous I/O notifier
1380 * @tty: tty device
1381 *
1382 * Required for the ptys, serial driver etc. since processes
1383 * that attach themselves to the master and rely on ASYNC
1384 * IO must be woken up
1385 */
1386
1387static void n_tty_write_wakeup(struct tty_struct *tty)
1388{
ff8cb0fd 1389 if (tty->fasync && test_and_clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags))
1da177e4 1390 kill_fasync(&tty->fasync, SIGIO, POLL_OUT);
1da177e4
LT		 1391}
1392
1393/**
1394 * n_tty_receive_buf - data receive
1395 * @tty: terminal device
1396 * @cp: buffer
1397 * @fp: flag buffer
1398 * @count: characters
1399 *
1400 * Called by the terminal driver when a block of characters has
1401 * been received. This function must be called from soft contexts
1402 * not from interrupt context. The driver is responsible for making
1403 * calls one at a time and in order (or using flush_to_ldisc)
1404 */
4edf1827 1405
55db4c64
LT		 1406static void n_tty_receive_buf(struct tty_struct *tty, const unsigned char *cp,
1407 char *fp, int count)
1da177e4 1408{
53c5ee2c 1409 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 1410 const unsigned char *p;
1411 char *f, flags = TTY_NORMAL;
1412 int i;
1413 char buf[64];
1414 unsigned long cpuflags;
1415
53c5ee2c 1416 if (ldata->real_raw) {
98001214 1417 raw_spin_lock_irqsave(&ldata->read_lock, cpuflags);
ba2e68ac
JS		 1418 i = min(N_TTY_BUF_SIZE - ldata->read_cnt,
1419 N_TTY_BUF_SIZE - ldata->read_head);
1da177e4 1420 i = min(count, i);
ba2e68ac
JS		 1421 memcpy(ldata->read_buf + ldata->read_head, cp, i);
1422 ldata->read_head = (ldata->read_head + i) & (N_TTY_BUF_SIZE-1);
1423 ldata->read_cnt += i;
1da177e4
LT		 1424 cp += i;
1425 count -= i;
1426
ba2e68ac
JS		 1427 i = min(N_TTY_BUF_SIZE - ldata->read_cnt,
1428 N_TTY_BUF_SIZE - ldata->read_head);
1da177e4 1429 i = min(count, i);
ba2e68ac
JS		 1430 memcpy(ldata->read_buf + ldata->read_head, cp, i);
1431 ldata->read_head = (ldata->read_head + i) & (N_TTY_BUF_SIZE-1);
1432 ldata->read_cnt += i;
98001214 1433 raw_spin_unlock_irqrestore(&ldata->read_lock, cpuflags);
1da177e4 1434 } else {
4edf1827 1435 for (i = count, p = cp, f = fp; i; i--, p++) {
1da177e4
LT		 1436 if (f)
1437 flags = *f++;
1438 switch (flags) {
1439 case TTY_NORMAL:
1440 n_tty_receive_char(tty, *p);
1441 break;
1442 case TTY_BREAK:
1443 n_tty_receive_break(tty);
1444 break;
1445 case TTY_PARITY:
1446 case TTY_FRAME:
1447 n_tty_receive_parity_error(tty, *p);
1448 break;
1449 case TTY_OVERRUN:
1450 n_tty_receive_overrun(tty);
1451 break;
1452 default:
4edf1827 1453 printk(KERN_ERR "%s: unknown flag %d\n",
1da177e4
LT		 1454 tty_name(tty, buf), flags);
1455 break;
1456 }
1457 }
f34d7a5b
AC		 1458 if (tty->ops->flush_chars)
1459 tty->ops->flush_chars(tty);
1da177e4
LT		 1460 }
1461
55db4c64
LT		 1462 n_tty_set_room(tty);
1463
f6c8dbe6 1464 if ((!ldata->icanon && (ldata->read_cnt >= ldata->minimum_to_wake)) ||
26df6d13 1465 L_EXTPROC(tty)) {
1da177e4
LT		 1466 kill_fasync(&tty->fasync, SIGIO, POLL_IN);
1467 if (waitqueue_active(&tty->read_wait))
1468 wake_up_interruptible(&tty->read_wait);
1469 }
1470
1471 /*
1472 * Check the remaining room for the input canonicalization
1473 * mode. We don't want to throttle the driver if we're in
1474 * canonical mode and don't have a newline yet!
1475 */
e91e52e4
PH		 1476 while (1) {
1477 tty_set_flow_change(tty, TTY_THROTTLE_SAFE);
1478 if (tty->receive_room >= TTY_THRESHOLD_THROTTLE)
1479 break;
1480 if (!tty_throttle_safe(tty))
1481 break;
1482 }
1483 __tty_set_flow_change(tty, 0);
1da177e4
LT		 1484}
1485
1486int is_ignored(int sig)
1487{
1488 return (sigismember(&current->blocked, sig) ||
4edf1827 1489 current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
1da177e4
LT		 1490}
1491
1492/**
1493 * n_tty_set_termios - termios data changed
1494 * @tty: terminal
1495 * @old: previous data
1496 *
1497 * Called by the tty layer when the user changes termios flags so
1498 * that the line discipline can plan ahead. This function cannot sleep
4edf1827 1499 * and is protected from re-entry by the tty layer. The user is
1da177e4
LT		 1500 * guaranteed that this function will not be re-entered or in progress
1501 * when the ldisc is closed.
17b82060
AC		 1502 *
1503 * Locking: Caller holds tty->termios_mutex
1da177e4 1504 */
4edf1827
AC		 1505
1506static void n_tty_set_termios(struct tty_struct *tty, struct ktermios *old)
1da177e4 1507{
53c5ee2c 1508 struct n_tty_data *ldata = tty->disc_data;
47afa7a5 1509 int canon_change = 1;
47afa7a5
AC		 1510
1511 if (old)
adc8d746 1512 canon_change = (old->c_lflag ^ tty->termios.c_lflag) & ICANON;
47afa7a5 1513 if (canon_change) {
3fe780b3 1514 bitmap_zero(ldata->read_flags, N_TTY_BUF_SIZE);
ba2e68ac
JS		 1515 ldata->canon_head = ldata->read_tail;
1516 ldata->canon_data = 0;
53c5ee2c 1517 ldata->erasing = 0;
47afa7a5
AC		 1518 }
1519
ba2e68ac 1520 if (canon_change && !L_ICANON(tty) && ldata->read_cnt)
47afa7a5 1521 wake_up_interruptible(&tty->read_wait);
4edf1827 1522
53c5ee2c 1523 ldata->icanon = (L_ICANON(tty) != 0);
582f5590 1524
1da177e4
LT		 1525 if (I_ISTRIP(tty) || I_IUCLC(tty) || I_IGNCR(tty) ||
1526 I_ICRNL(tty) || I_INLCR(tty) || L_ICANON(tty) ||
1527 I_IXON(tty) || L_ISIG(tty) || L_ECHO(tty) ||
1528 I_PARMRK(tty)) {
3fe780b3 1529 bitmap_zero(ldata->process_char_map, 256);
1da177e4
LT		 1530
1531 if (I_IGNCR(tty) || I_ICRNL(tty))
3fe780b3 1532 set_bit('\r', ldata->process_char_map);
1da177e4 1533 if (I_INLCR(tty))
3fe780b3 1534 set_bit('\n', ldata->process_char_map);
1da177e4
LT		 1535
1536 if (L_ICANON(tty)) {
3fe780b3
JS		 1537 set_bit(ERASE_CHAR(tty), ldata->process_char_map);
1538 set_bit(KILL_CHAR(tty), ldata->process_char_map);
1539 set_bit(EOF_CHAR(tty), ldata->process_char_map);
1540 set_bit('\n', ldata->process_char_map);
1541 set_bit(EOL_CHAR(tty), ldata->process_char_map);
1da177e4
LT		 1542 if (L_IEXTEN(tty)) {
1543 set_bit(WERASE_CHAR(tty),
3fe780b3 1544 ldata->process_char_map);
1da177e4 1545 set_bit(LNEXT_CHAR(tty),
3fe780b3 1546 ldata->process_char_map);
1da177e4 1547 set_bit(EOL2_CHAR(tty),
3fe780b3 1548 ldata->process_char_map);
1da177e4
LT		 1549 if (L_ECHO(tty))
1550 set_bit(REPRINT_CHAR(tty),
3fe780b3 1551 ldata->process_char_map);
1da177e4
LT		 1552 }
1553 }
1554 if (I_IXON(tty)) {
3fe780b3
JS		 1555 set_bit(START_CHAR(tty), ldata->process_char_map);
1556 set_bit(STOP_CHAR(tty), ldata->process_char_map);
1da177e4
LT		 1557 }
1558 if (L_ISIG(tty)) {
3fe780b3
JS		 1559 set_bit(INTR_CHAR(tty), ldata->process_char_map);
1560 set_bit(QUIT_CHAR(tty), ldata->process_char_map);
1561 set_bit(SUSP_CHAR(tty), ldata->process_char_map);
1da177e4 1562 }
3fe780b3 1563 clear_bit(__DISABLED_CHAR, ldata->process_char_map);
53c5ee2c
JS		 1564 ldata->raw = 0;
1565 ldata->real_raw = 0;
1da177e4 1566 } else {
53c5ee2c 1567 ldata->raw = 1;
1da177e4
LT		 1568 if ((I_IGNBRK(tty) || (!I_BRKINT(tty) && !I_PARMRK(tty))) &&
1569 (I_IGNPAR(tty) || !I_INPCK(tty)) &&
1570 (tty->driver->flags & TTY_DRIVER_REAL_RAW))
53c5ee2c 1571 ldata->real_raw = 1;
1da177e4 1572 else
53c5ee2c 1573 ldata->real_raw = 0;
1da177e4 1574 }
55db4c64 1575 n_tty_set_room(tty);
dab73b4e
WY		 1576 /*
1577 * Fix tty hang when I_IXON(tty) is cleared, but the tty
1578 * been stopped by STOP_CHAR(tty) before it.
1579 */
1580 if (!I_IXON(tty) && old && (old->c_iflag & IXON) && !tty->flow_stopped) {
1581 start_tty(tty);
1582 }
1583
f34d7a5b
AC		 1584 /* The termios change make the tty ready for I/O */
1585 wake_up_interruptible(&tty->write_wait);
1586 wake_up_interruptible(&tty->read_wait);
1da177e4
LT		 1587}
1588
1589/**
1590 * n_tty_close - close the ldisc for this tty
1591 * @tty: device
1592 *
4edf1827
AC		 1593 * Called from the terminal layer when this line discipline is
1594 * being shut down, either because of a close or becsuse of a
1da177e4
LT		 1595 * discipline change. The function will not be called while other
1596 * ldisc methods are in progress.
1597 */
4edf1827 1598
1da177e4
LT		 1599static void n_tty_close(struct tty_struct *tty)
1600{
70ece7a7
JS		 1601 struct n_tty_data *ldata = tty->disc_data;
1602
79901317
PH		 1603 if (tty->link)
1604 n_tty_packet_mode_flush(tty);
1605
ba2e68ac
JS		 1606 kfree(ldata->read_buf);
1607 kfree(ldata->echo_buf);
70ece7a7 1608 kfree(ldata);
70ece7a7 1609 tty->disc_data = NULL;
1da177e4
LT		 1610}
1611
1612/**
1613 * n_tty_open - open an ldisc
1614 * @tty: terminal to open
1615 *
4edf1827 1616 * Called when this line discipline is being attached to the
1da177e4
LT		 1617 * terminal device. Can sleep. Called serialized so that no
1618 * other events will occur in parallel. No further open will occur
1619 * until a close.
1620 */
1621
1622static int n_tty_open(struct tty_struct *tty)
1623{
70ece7a7
JS		 1624 struct n_tty_data *ldata;
1625
1626 ldata = kzalloc(sizeof(*ldata), GFP_KERNEL);
1627 if (!ldata)
1628 goto err;
1629
53c5ee2c 1630 ldata->overrun_time = jiffies;
bddc7152
JS		 1631 mutex_init(&ldata->atomic_read_lock);
1632 mutex_init(&ldata->output_lock);
1633 mutex_init(&ldata->echo_lock);
98001214 1634 raw_spin_lock_init(&ldata->read_lock);
53c5ee2c 1635
a88a69c9 1636 /* These are ugly. Currently a malloc failure here can panic */
ba2e68ac
JS		 1637 ldata->read_buf = kzalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
1638 ldata->echo_buf = kzalloc(N_TTY_BUF_SIZE, GFP_KERNEL);
1639 if (!ldata->read_buf || !ldata->echo_buf)
b91939f5 1640 goto err_free_bufs;
0b4068a1 1641
70ece7a7 1642 tty->disc_data = ldata;
b66f4fa5 1643 reset_buffer_flags(tty->disc_data);
53c5ee2c 1644 ldata->column = 0;
f6c8dbe6 1645 ldata->minimum_to_wake = 1;
1da177e4 1646 tty->closing = 0;
b66f4fa5
PH		 1647 /* indicate buffer work may resume */
1648 clear_bit(TTY_LDISC_HALTED, &tty->flags);
1649 n_tty_set_termios(tty, NULL);
1650 tty_unthrottle(tty);
70ece7a7 1651
1da177e4 1652 return 0;
b91939f5 1653err_free_bufs:
ba2e68ac
JS		 1654 kfree(ldata->read_buf);
1655 kfree(ldata->echo_buf);
70ece7a7
JS		 1656 kfree(ldata);
1657err:
b91939f5 1658 return -ENOMEM;
1da177e4
LT		 1659}
1660
1661static inline int input_available_p(struct tty_struct *tty, int amt)
1662{
53c5ee2c
JS		 1663 struct n_tty_data *ldata = tty->disc_data;
1664
e043e42b 1665 tty_flush_to_ldisc(tty);
53c5ee2c 1666 if (ldata->icanon && !L_EXTPROC(tty)) {
ba2e68ac 1667 if (ldata->canon_data)
1da177e4 1668 return 1;
ba2e68ac 1669 } else if (ldata->read_cnt >= (amt ? amt : 1))
1da177e4
LT		 1670 return 1;
1671
1672 return 0;
1673}
1674
1675/**
bbd20759 1676 * copy_from_read_buf - copy read data directly
1da177e4
LT		 1677 * @tty: terminal device
1678 * @b: user data
1679 * @nr: size of data
1680 *
11a96d18 1681 * Helper function to speed up n_tty_read. It is only called when
1da177e4
LT		 1682 * ICANON is off; it copies characters straight from the tty queue to
1683 * user space directly. It can be profitably called twice; once to
1684 * drain the space from the tail pointer to the (physical) end of the
1685 * buffer, and once to drain the space from the (physical) beginning of
1686 * the buffer to head pointer.
1687 *
bddc7152 1688 * Called under the ldata->atomic_read_lock sem
1da177e4
LT		 1689 *
1690 */
4edf1827 1691
33f0f88f 1692static int copy_from_read_buf(struct tty_struct *tty,
1da177e4
LT		 1693 unsigned char __user **b,
1694 size_t *nr)
1695
1696{
53c5ee2c 1697 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 1698 int retval;
1699 size_t n;
1700 unsigned long flags;
3fa10cc8 1701 bool is_eof;
1da177e4
LT		 1702
1703 retval = 0;
98001214 1704 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 1705 n = min(ldata->read_cnt, N_TTY_BUF_SIZE - ldata->read_tail);
1da177e4 1706 n = min(*nr, n);
98001214 1707 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4 1708 if (n) {
ba2e68ac 1709 retval = copy_to_user(*b, &ldata->read_buf[ldata->read_tail], n);
1da177e4 1710 n -= retval;
3fa10cc8 1711 is_eof = n == 1 &&
ba2e68ac
JS		 1712 ldata->read_buf[ldata->read_tail] == EOF_CHAR(tty);
1713 tty_audit_add_data(tty, &ldata->read_buf[ldata->read_tail], n,
53c5ee2c 1714 ldata->icanon);
98001214 1715 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac
JS		 1716 ldata->read_tail = (ldata->read_tail + n) & (N_TTY_BUF_SIZE-1);
1717 ldata->read_cnt -= n;
26df6d13 1718 /* Turn single EOF into zero-length read */
ba2e68ac 1719 if (L_EXTPROC(tty) && ldata->icanon && is_eof && !ldata->read_cnt)
3fa10cc8 1720 n = 0;
98001214 1721 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 1722 *b += n;
1723 *nr -= n;
1724 }
1725 return retval;
1726}
1727
cc4191dc 1728extern ssize_t redirected_tty_write(struct file *, const char __user *,
4edf1827 1729 size_t, loff_t *);
1da177e4
LT		 1730
1731/**
1732 * job_control - check job control
1733 * @tty: tty
1734 * @file: file handle
1735 *
1736 * Perform job control management checks on this file/tty descriptor
4edf1827 1737 * and if appropriate send any needed signals and return a negative
1da177e4 1738 * error code if action should be taken.
04f378b1 1739 *
01a5e440
PH		 1740 * Locking: redirected write test is safe
1741 * current->signal->tty check is safe
1742 * ctrl_lock to safely reference tty->pgrp
1da177e4 1743 */
4edf1827 1744
1da177e4
LT		 1745static int job_control(struct tty_struct *tty, struct file *file)
1746{
1747 /* Job control check -- must be done at start and after
1748 every sleep (POSIX.1 7.1.1.4). */
1749 /* NOTE: not yet done after every sleep pending a thorough
1750 check of the logic of this change. -- jlc */
1751 /* don't stop on /dev/console */
01a5e440
PH		 1752 if (file->f_op->write == redirected_tty_write ||
1753 current->signal->tty != tty)
1754 return 0;
1755
1756 spin_lock_irq(&tty->ctrl_lock);
1757 if (!tty->pgrp)
1758 printk(KERN_ERR "n_tty_read: no tty->pgrp!\n");
1759 else if (task_pgrp(current) != tty->pgrp) {
1760 spin_unlock_irq(&tty->ctrl_lock);
1761 if (is_ignored(SIGTTIN) || is_current_pgrp_orphaned())
1762 return -EIO;
1763 kill_pgrp(task_pgrp(current), SIGTTIN, 1);
1764 set_thread_flag(TIF_SIGPENDING);
1765 return -ERESTARTSYS;
1da177e4 1766 }
01a5e440 1767 spin_unlock_irq(&tty->ctrl_lock);
1da177e4
LT		 1768 return 0;
1769}
4edf1827 1770
1da177e4
LT		 1771
1772/**
11a96d18 1773 * n_tty_read - read function for tty
1da177e4
LT		 1774 * @tty: tty device
1775 * @file: file object
1776 * @buf: userspace buffer pointer
1777 * @nr: size of I/O
1778 *
1779 * Perform reads for the line discipline. We are guaranteed that the
1780 * line discipline will not be closed under us but we may get multiple
1781 * parallel readers and must handle this ourselves. We may also get
1782 * a hangup. Always called in user context, may sleep.
1783 *
1784 * This code must be sure never to sleep through a hangup.
1785 */
4edf1827 1786
11a96d18 1787static ssize_t n_tty_read(struct tty_struct *tty, struct file *file,
1da177e4
LT		 1788 unsigned char __user *buf, size_t nr)
1789{
53c5ee2c 1790 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 1791 unsigned char __user *b = buf;
1792 DECLARE_WAITQUEUE(wait, current);
1793 int c;
1794 int minimum, time;
1795 ssize_t retval = 0;
1796 ssize_t size;
1797 long timeout;
1798 unsigned long flags;
04f378b1 1799 int packet;
1da177e4
LT		 1800
1801do_it_again:
1da177e4 1802 c = job_control(tty, file);
4edf1827 1803 if (c < 0)
1da177e4 1804 return c;
4edf1827 1805
1da177e4
LT		 1806 minimum = time = 0;
1807 timeout = MAX_SCHEDULE_TIMEOUT;
53c5ee2c 1808 if (!ldata->icanon) {
1da177e4
LT		 1809 minimum = MIN_CHAR(tty);
1810 if (minimum) {
a6e54319 1811 time = (HZ / 10) * TIME_CHAR(tty);
1da177e4 1812 if (time)
f6c8dbe6 1813 ldata->minimum_to_wake = 1;
1da177e4 1814 else if (!waitqueue_active(&tty->read_wait) ||
f6c8dbe6
PH		 1815 (ldata->minimum_to_wake > minimum))
1816 ldata->minimum_to_wake = minimum;
1da177e4 1817 } else {
a6e54319 1818 timeout = (HZ / 10) * TIME_CHAR(tty);
f6c8dbe6 1819 ldata->minimum_to_wake = minimum = 1;
1da177e4
LT		 1820 }
1821 }
1822
1823 /*
1824 * Internal serialization of reads.
1825 */
1826 if (file->f_flags & O_NONBLOCK) {
bddc7152 1827 if (!mutex_trylock(&ldata->atomic_read_lock))
1da177e4 1828 return -EAGAIN;
4edf1827 1829 } else {
bddc7152 1830 if (mutex_lock_interruptible(&ldata->atomic_read_lock))
1da177e4
LT		 1831 return -ERESTARTSYS;
1832 }
04f378b1 1833 packet = tty->packet;
1da177e4
LT		 1834
1835 add_wait_queue(&tty->read_wait, &wait);
1da177e4
LT		 1836 while (nr) {
1837 /* First test for status change. */
04f378b1 1838 if (packet && tty->link->ctrl_status) {
1da177e4
LT		 1839 unsigned char cs;
1840 if (b != buf)
1841 break;
04f378b1 1842 spin_lock_irqsave(&tty->link->ctrl_lock, flags);
1da177e4
LT		 1843 cs = tty->link->ctrl_status;
1844 tty->link->ctrl_status = 0;
04f378b1 1845 spin_unlock_irqrestore(&tty->link->ctrl_lock, flags);
522ed776 1846 if (tty_put_user(tty, cs, b++)) {
1da177e4
LT		 1847 retval = -EFAULT;
1848 b--;
1849 break;
1850 }
1851 nr--;
1852 break;
1853 }
1854 /* This statement must be first before checking for input
1855 so that any interrupt will set the state back to
1856 TASK_RUNNING. */
1857 set_current_state(TASK_INTERRUPTIBLE);
4edf1827 1858
f6c8dbe6 1859 if (((minimum - (b - buf)) < ldata->minimum_to_wake) &&
1da177e4 1860 ((minimum - (b - buf)) >= 1))
f6c8dbe6 1861 ldata->minimum_to_wake = (minimum - (b - buf));
4edf1827 1862
1da177e4
LT		 1863 if (!input_available_p(tty, 0)) {
1864 if (test_bit(TTY_OTHER_CLOSED, &tty->flags)) {
1865 retval = -EIO;
1866 break;
1867 }
1868 if (tty_hung_up_p(file))
1869 break;
1870 if (!timeout)
1871 break;
1872 if (file->f_flags & O_NONBLOCK) {
1873 retval = -EAGAIN;
1874 break;
1875 }
1876 if (signal_pending(current)) {
1877 retval = -ERESTARTSYS;
1878 break;
1879 }
55db4c64 1880 n_tty_set_room(tty);
1da177e4 1881 timeout = schedule_timeout(timeout);
1da177e4
LT		 1882 continue;
1883 }
1884 __set_current_state(TASK_RUNNING);
1885
1886 /* Deal with packet mode. */
04f378b1 1887 if (packet && b == buf) {
522ed776 1888 if (tty_put_user(tty, TIOCPKT_DATA, b++)) {
1da177e4
LT		 1889 retval = -EFAULT;
1890 b--;
1891 break;
1892 }
1893 nr--;
1894 }
1895
53c5ee2c 1896 if (ldata->icanon && !L_EXTPROC(tty)) {
1da177e4 1897 /* N.B. avoid overrun if nr == 0 */
98001214 1898 raw_spin_lock_irqsave(&ldata->read_lock, flags);
ba2e68ac 1899 while (nr && ldata->read_cnt) {
4edf1827 1900 int eol;
1da177e4 1901
ba2e68ac 1902 eol = test_and_clear_bit(ldata->read_tail,
3fe780b3 1903 ldata->read_flags);
ba2e68ac
JS		 1904 c = ldata->read_buf[ldata->read_tail];
1905 ldata->read_tail = ((ldata->read_tail+1) &
1da177e4 1906 (N_TTY_BUF_SIZE-1));
ba2e68ac 1907 ldata->read_cnt--;
1da177e4
LT		 1908 if (eol) {
1909 /* this test should be redundant:
1910 * we shouldn't be reading data if
1911 * canon_data is 0
1912 */
ba2e68ac
JS		 1913 if (--ldata->canon_data < 0)
1914 ldata->canon_data = 0;
1da177e4 1915 }
98001214 1916 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 1917
1918 if (!eol || (c != __DISABLED_CHAR)) {
522ed776 1919 if (tty_put_user(tty, c, b++)) {
1da177e4
LT		 1920 retval = -EFAULT;
1921 b--;
98001214 1922 raw_spin_lock_irqsave(&ldata->read_lock, flags);
1da177e4
LT		 1923 break;
1924 }
1925 nr--;
1926 }
522ed776
MT		 1927 if (eol) {
1928 tty_audit_push(tty);
98001214 1929 raw_spin_lock_irqsave(&ldata->read_lock, flags);
1da177e4 1930 break;
522ed776 1931 }
98001214 1932 raw_spin_lock_irqsave(&ldata->read_lock, flags);
1da177e4 1933 }
98001214 1934 raw_spin_unlock_irqrestore(&ldata->read_lock, flags);
1da177e4
LT		 1935 if (retval)
1936 break;
1937 } else {
1938 int uncopied;
04f378b1
AC		 1939 /* The copy function takes the read lock and handles
1940 locking internally for this case */
1da177e4
LT		 1941 uncopied = copy_from_read_buf(tty, &b, &nr);
1942 uncopied += copy_from_read_buf(tty, &b, &nr);
1943 if (uncopied) {
1944 retval = -EFAULT;
1945 break;
1946 }
1947 }
1948
1949 /* If there is enough space in the read buffer now, let the
1950 * low-level driver know. We use n_tty_chars_in_buffer() to
1951 * check the buffer, as it now knows about canonical mode.
1952 * Otherwise, if the driver is throttled and the line is
1953 * longer than TTY_THRESHOLD_UNTHROTTLE in canonical mode,
1954 * we won't get any more characters.
1955 */
e91e52e4
PH		 1956 while (1) {
1957 tty_set_flow_change(tty, TTY_UNTHROTTLE_SAFE);
1958 if (n_tty_chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE)
1959 break;
1960 if (!tty->count)
1961 break;
55db4c64 1962 n_tty_set_room(tty);
e91e52e4
PH		 1963 if (!tty_unthrottle_safe(tty))
1964 break;
55db4c64 1965 }
e91e52e4 1966 __tty_set_flow_change(tty, 0);
1da177e4
LT		 1967
1968 if (b - buf >= minimum)
1969 break;
1970 if (time)
1971 timeout = time;
1972 }
bddc7152 1973 mutex_unlock(&ldata->atomic_read_lock);
1da177e4
LT		 1974 remove_wait_queue(&tty->read_wait, &wait);
1975
1976 if (!waitqueue_active(&tty->read_wait))
f6c8dbe6 1977 ldata->minimum_to_wake = minimum;
1da177e4
LT		 1978
1979 __set_current_state(TASK_RUNNING);
1980 size = b - buf;
1981 if (size) {
1982 retval = size;
1983 if (nr)
4edf1827 1984 clear_bit(TTY_PUSH, &tty->flags);
1da177e4 1985 } else if (test_and_clear_bit(TTY_PUSH, &tty->flags))
bbd20759 1986 goto do_it_again;
1da177e4 1987
55db4c64 1988 n_tty_set_room(tty);
1da177e4
LT		 1989 return retval;
1990}
1991
1992/**
11a96d18 1993 * n_tty_write - write function for tty
1da177e4
LT		 1994 * @tty: tty device
1995 * @file: file object
1996 * @buf: userspace buffer pointer
1997 * @nr: size of I/O
1998 *
a88a69c9 1999 * Write function of the terminal device. This is serialized with
1da177e4 2000 * respect to other write callers but not to termios changes, reads
a88a69c9
JP		 2001 * and other such events. Since the receive code will echo characters,
2002 * thus calling driver write methods, the output_lock is used in
2003 * the output processing functions called here as well as in the
2004 * echo processing function to protect the column state and space
2005 * left in the buffer.
1da177e4
LT		 2006 *
2007 * This code must be sure never to sleep through a hangup.
a88a69c9
JP		 2008 *
2009 * Locking: output_lock to protect column state and space left
2010 * (note that the process_output*() functions take this
2011 * lock themselves)
1da177e4 2012 */
4edf1827 2013
11a96d18 2014static ssize_t n_tty_write(struct tty_struct *tty, struct file *file,
a88a69c9 2015 const unsigned char *buf, size_t nr)
1da177e4
LT		 2016{
2017 const unsigned char *b = buf;
2018 DECLARE_WAITQUEUE(wait, current);
2019 int c;
2020 ssize_t retval = 0;
2021
2022 /* Job control check -- must be done at start (POSIX.1 7.1.1.4). */
2023 if (L_TOSTOP(tty) && file->f_op->write != redirected_tty_write) {
2024 retval = tty_check_change(tty);
2025 if (retval)
2026 return retval;
2027 }
2028
a88a69c9
JP		 2029 /* Write out any echoed characters that are still pending */
2030 process_echoes(tty);
300a6204 2031
1da177e4
LT		 2032 add_wait_queue(&tty->write_wait, &wait);
2033 while (1) {
2034 set_current_state(TASK_INTERRUPTIBLE);
2035 if (signal_pending(current)) {
2036 retval = -ERESTARTSYS;
2037 break;
2038 }
2039 if (tty_hung_up_p(file) || (tty->link && !tty->link->count)) {
2040 retval = -EIO;
2041 break;
2042 }
582f5590 2043 if (O_OPOST(tty)) {
1da177e4 2044 while (nr > 0) {
a88a69c9 2045 ssize_t num = process_output_block(tty, b, nr);
1da177e4
LT		 2046 if (num < 0) {
2047 if (num == -EAGAIN)
2048 break;
2049 retval = num;
2050 goto break_out;
2051 }
2052 b += num;
2053 nr -= num;
2054 if (nr == 0)
2055 break;
2056 c = *b;
a88a69c9 2057 if (process_output(c, tty) < 0)
1da177e4
LT		 2058 break;
2059 b++; nr--;
2060 }
f34d7a5b
AC		 2061 if (tty->ops->flush_chars)
2062 tty->ops->flush_chars(tty);
1da177e4 2063 } else {
d6afe27b 2064 while (nr > 0) {
f34d7a5b 2065 c = tty->ops->write(tty, b, nr);
d6afe27b
RZ		 2066 if (c < 0) {
2067 retval = c;
2068 goto break_out;
2069 }
2070 if (!c)
2071 break;
2072 b += c;
2073 nr -= c;
1da177e4 2074 }
1da177e4
LT		 2075 }
2076 if (!nr)
2077 break;
2078 if (file->f_flags & O_NONBLOCK) {
2079 retval = -EAGAIN;
2080 break;
2081 }
2082 schedule();
2083 }
2084break_out:
2085 __set_current_state(TASK_RUNNING);
2086 remove_wait_queue(&tty->write_wait, &wait);
ff8cb0fd
TP		 2087 if (b - buf != nr && tty->fasync)
2088 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
1da177e4
LT		 2089 return (b - buf) ? b - buf : retval;
2090}
2091
2092/**
11a96d18 2093 * n_tty_poll - poll method for N_TTY
1da177e4
LT		 2094 * @tty: terminal device
2095 * @file: file accessing it
2096 * @wait: poll table
2097 *
2098 * Called when the line discipline is asked to poll() for data or
2099 * for special events. This code is not serialized with respect to
2100 * other events save open/close.
2101 *
2102 * This code must be sure never to sleep through a hangup.
2103 * Called without the kernel lock held - fine
1da177e4 2104 */
4edf1827 2105
11a96d18 2106static unsigned int n_tty_poll(struct tty_struct *tty, struct file *file,
4edf1827 2107 poll_table *wait)
1da177e4 2108{
f6c8dbe6 2109 struct n_tty_data *ldata = tty->disc_data;
1da177e4
LT		 2110 unsigned int mask = 0;
2111
2112 poll_wait(file, &tty->read_wait, wait);
2113 poll_wait(file, &tty->write_wait, wait);
2114 if (input_available_p(tty, TIME_CHAR(tty) ? 0 : MIN_CHAR(tty)))
2115 mask |= POLLIN | POLLRDNORM;
2116 if (tty->packet && tty->link->ctrl_status)
2117 mask |= POLLPRI | POLLIN | POLLRDNORM;
2118 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
2119 mask |= POLLHUP;
2120 if (tty_hung_up_p(file))
2121 mask |= POLLHUP;
2122 if (!(mask & (POLLHUP | POLLIN | POLLRDNORM))) {
2123 if (MIN_CHAR(tty) && !TIME_CHAR(tty))
f6c8dbe6 2124 ldata->minimum_to_wake = MIN_CHAR(tty);
1da177e4 2125 else
f6c8dbe6 2126 ldata->minimum_to_wake = 1;
1da177e4 2127 }
f34d7a5b
AC		 2128 if (tty->ops->write && !tty_is_writelocked(tty) &&
2129 tty_chars_in_buffer(tty) < WAKEUP_CHARS &&
2130 tty_write_room(tty) > 0)
1da177e4
LT		 2131 mask |= POLLOUT | POLLWRNORM;
2132 return mask;
2133}
2134
57c94121 2135static unsigned long inq_canon(struct n_tty_data *ldata)
47afa7a5
AC		 2136{
2137 int nr, head, tail;
2138
ba2e68ac 2139 if (!ldata->canon_data)
47afa7a5 2140 return 0;
ba2e68ac
JS		 2141 head = ldata->canon_head;
2142 tail = ldata->read_tail;
47afa7a5
AC		 2143 nr = (head - tail) & (N_TTY_BUF_SIZE-1);
2144 /* Skip EOF-chars.. */
2145 while (head != tail) {
3fe780b3 2146 if (test_bit(tail, ldata->read_flags) &&
ba2e68ac 2147 ldata->read_buf[tail] == __DISABLED_CHAR)
47afa7a5
AC		 2148 nr--;
2149 tail = (tail+1) & (N_TTY_BUF_SIZE-1);
2150 }
2151 return nr;
2152}
2153
2154static int n_tty_ioctl(struct tty_struct *tty, struct file *file,
2155 unsigned int cmd, unsigned long arg)
2156{
ba2e68ac 2157 struct n_tty_data *ldata = tty->disc_data;
47afa7a5
AC		 2158 int retval;
2159
2160 switch (cmd) {
2161 case TIOCOUTQ:
2162 return put_user(tty_chars_in_buffer(tty), (int __user *) arg);
2163 case TIOCINQ:
17b82060 2164 /* FIXME: Locking */
ba2e68ac 2165 retval = ldata->read_cnt;
47afa7a5 2166 if (L_ICANON(tty))
57c94121 2167 retval = inq_canon(ldata);
47afa7a5
AC		 2168 return put_user(retval, (unsigned int __user *) arg);
2169 default:
2170 return n_tty_ioctl_helper(tty, file, cmd, arg);
2171 }
2172}
2173
f6c8dbe6
PH		 2174static void n_tty_fasync(struct tty_struct *tty, int on)
2175{
2176 struct n_tty_data *ldata = tty->disc_data;
2177
2178 if (!waitqueue_active(&tty->read_wait)) {
2179 if (on)
2180 ldata->minimum_to_wake = 1;
2181 else if (!tty->fasync)
2182 ldata->minimum_to_wake = N_TTY_BUF_SIZE;
2183 }
2184}
2185
a352def2 2186struct tty_ldisc_ops tty_ldisc_N_TTY = {
e10cc1df
PF		 2187 .magic = TTY_LDISC_MAGIC,
2188 .name = "n_tty",
2189 .open = n_tty_open,
2190 .close = n_tty_close,
2191 .flush_buffer = n_tty_flush_buffer,
2192 .chars_in_buffer = n_tty_chars_in_buffer,
11a96d18
AC		 2193 .read = n_tty_read,
2194 .write = n_tty_write,
e10cc1df
PF		 2195 .ioctl = n_tty_ioctl,
2196 .set_termios = n_tty_set_termios,
11a96d18 2197 .poll = n_tty_poll,
e10cc1df 2198 .receive_buf = n_tty_receive_buf,
f6c8dbe6
PH		 2199 .write_wakeup = n_tty_write_wakeup,
2200 .fasync = n_tty_fasync,
1da177e4 2201};
572b9adb
RG		 2202
2203/**
2204 * n_tty_inherit_ops - inherit N_TTY methods
2205 * @ops: struct tty_ldisc_ops where to save N_TTY methods
2206 *
593fb1ae 2207 * Enables a 'subclass' line discipline to 'inherit' N_TTY
572b9adb
RG		 2208 * methods.
2209 */
2210
2211void n_tty_inherit_ops(struct tty_ldisc_ops *ops)
2212{
2213 *ops = tty_ldisc_N_TTY;
2214 ops->owner = NULL;
2215 ops->refcount = ops->flags = 0;
2216}
2217EXPORT_SYMBOL_GPL(n_tty_inherit_ops);
Linux kernel - Deliverables
This page took 1.371771 seconds and 5 git commands to generate.