1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  Copyright (C) 1991, 1992, 1993, 1994  Linus Torvalds
4  *
5  * Modified by Fred N. van Kempen, 01/29/93, to add line disciplines
6  * which can be dynamically activated and de-activated by the line
7  * discipline handling modules (like SLIP).
8  */
9 
10 #include <linux/bits.h>
11 #include <linux/types.h>
12 #include <linux/termios.h>
13 #include <linux/errno.h>
14 #include <linux/sched/signal.h>
15 #include <linux/kernel.h>
16 #include <linux/major.h>
17 #include <linux/tty.h>
18 #include <linux/fcntl.h>
19 #include <linux/string.h>
20 #include <linux/mm.h>
21 #include <linux/module.h>
22 #include <linux/bitops.h>
23 #include <linux/mutex.h>
24 #include <linux/compat.h>
25 #include <linux/termios_internal.h>
26 #include "tty.h"
27 
28 #include <asm/io.h>
29 #include <linux/uaccess.h>
30 
31 #undef	DEBUG
32 
33 /*
34  * Internal flag options for termios setting behavior
35  */
36 #define TERMIOS_FLUSH	BIT(0)
37 #define TERMIOS_WAIT	BIT(1)
38 #define TERMIOS_TERMIO	BIT(2)
39 #define TERMIOS_OLD	BIT(3)
40 
41 
42 /**
43  *	tty_chars_in_buffer	-	characters pending
44  *	@tty: terminal
45  *
46  *	Return the number of bytes of data in the device private
47  *	output queue. If no private method is supplied there is assumed
48  *	to be no queue on the device.
49  */
50 
tty_chars_in_buffer(struct tty_struct * tty)51 unsigned int tty_chars_in_buffer(struct tty_struct *tty)
52 {
53 	if (tty->ops->chars_in_buffer)
54 		return tty->ops->chars_in_buffer(tty);
55 	return 0;
56 }
57 EXPORT_SYMBOL(tty_chars_in_buffer);
58 
59 /**
60  *	tty_write_room		-	write queue space
61  *	@tty: terminal
62  *
63  *	Return the number of bytes that can be queued to this device
64  *	at the present time. The result should be treated as a guarantee
65  *	and the driver cannot offer a value it later shrinks by more than
66  *	the number of bytes written. If no method is provided 2K is always
67  *	returned and data may be lost as there will be no flow control.
68  */
69 
tty_write_room(struct tty_struct * tty)70 unsigned int tty_write_room(struct tty_struct *tty)
71 {
72 	if (tty->ops->write_room)
73 		return tty->ops->write_room(tty);
74 	return 2048;
75 }
76 EXPORT_SYMBOL(tty_write_room);
77 
78 /**
79  *	tty_driver_flush_buffer	-	discard internal buffer
80  *	@tty: terminal
81  *
82  *	Discard the internal output buffer for this device. If no method
83  *	is provided then either the buffer cannot be hardware flushed or
84  *	there is no buffer driver side.
85  */
tty_driver_flush_buffer(struct tty_struct * tty)86 void tty_driver_flush_buffer(struct tty_struct *tty)
87 {
88 	if (tty->ops->flush_buffer)
89 		tty->ops->flush_buffer(tty);
90 }
91 EXPORT_SYMBOL(tty_driver_flush_buffer);
92 
93 /**
94  *	tty_unthrottle		-	flow control
95  *	@tty: terminal
96  *
97  *	Indicate that a tty may continue transmitting data down the stack.
98  *	Takes the termios rwsem to protect against parallel throttle/unthrottle
99  *	and also to ensure the driver can consistently reference its own
100  *	termios data at this point when implementing software flow control.
101  *
102  *	Drivers should however remember that the stack can issue a throttle,
103  *	then change flow control method, then unthrottle.
104  */
105 
tty_unthrottle(struct tty_struct * tty)106 void tty_unthrottle(struct tty_struct *tty)
107 {
108 	down_write(&tty->termios_rwsem);
109 	if (test_and_clear_bit(TTY_THROTTLED, &tty->flags) &&
110 	    tty->ops->unthrottle)
111 		tty->ops->unthrottle(tty);
112 	tty->flow_change = 0;
113 	up_write(&tty->termios_rwsem);
114 }
115 EXPORT_SYMBOL(tty_unthrottle);
116 
117 /**
118  *	tty_throttle_safe	-	flow control
119  *	@tty: terminal
120  *
121  *	Indicate that a tty should stop transmitting data down the stack.
122  *	tty_throttle_safe will only attempt throttle if tty->flow_change is
123  *	TTY_THROTTLE_SAFE. Prevents an accidental throttle due to race
124  *	conditions when throttling is conditional on factors evaluated prior to
125  *	throttling.
126  *
127  *	Returns 0 if tty is throttled (or was already throttled)
128  */
129 
tty_throttle_safe(struct tty_struct * tty)130 int tty_throttle_safe(struct tty_struct *tty)
131 {
132 	int ret = 0;
133 
134 	mutex_lock(&tty->throttle_mutex);
135 	if (!tty_throttled(tty)) {
136 		if (tty->flow_change != TTY_THROTTLE_SAFE)
137 			ret = 1;
138 		else {
139 			set_bit(TTY_THROTTLED, &tty->flags);
140 			if (tty->ops->throttle)
141 				tty->ops->throttle(tty);
142 		}
143 	}
144 	mutex_unlock(&tty->throttle_mutex);
145 
146 	return ret;
147 }
148 
149 /**
150  *	tty_unthrottle_safe	-	flow control
151  *	@tty: terminal
152  *
153  *	Similar to tty_unthrottle() but will only attempt unthrottle
154  *	if tty->flow_change is TTY_UNTHROTTLE_SAFE. Prevents an accidental
155  *	unthrottle due to race conditions when unthrottling is conditional
156  *	on factors evaluated prior to unthrottling.
157  *
158  *	Returns 0 if tty is unthrottled (or was already unthrottled)
159  */
160 
tty_unthrottle_safe(struct tty_struct * tty)161 int tty_unthrottle_safe(struct tty_struct *tty)
162 {
163 	int ret = 0;
164 
165 	mutex_lock(&tty->throttle_mutex);
166 	if (tty_throttled(tty)) {
167 		if (tty->flow_change != TTY_UNTHROTTLE_SAFE)
168 			ret = 1;
169 		else {
170 			clear_bit(TTY_THROTTLED, &tty->flags);
171 			if (tty->ops->unthrottle)
172 				tty->ops->unthrottle(tty);
173 		}
174 	}
175 	mutex_unlock(&tty->throttle_mutex);
176 
177 	return ret;
178 }
179 
180 /**
181  *	tty_wait_until_sent	-	wait for I/O to finish
182  *	@tty: tty we are waiting for
183  *	@timeout: how long we will wait
184  *
185  *	Wait for characters pending in a tty driver to hit the wire, or
186  *	for a timeout to occur (eg due to flow control)
187  *
188  *	Locking: none
189  */
190 
tty_wait_until_sent(struct tty_struct * tty,long timeout)191 void tty_wait_until_sent(struct tty_struct *tty, long timeout)
192 {
193 	if (!timeout)
194 		timeout = MAX_SCHEDULE_TIMEOUT;
195 
196 	timeout = wait_event_interruptible_timeout(tty->write_wait,
197 			!tty_chars_in_buffer(tty), timeout);
198 	if (timeout <= 0)
199 		return;
200 
201 	if (timeout == MAX_SCHEDULE_TIMEOUT)
202 		timeout = 0;
203 
204 	if (tty->ops->wait_until_sent)
205 		tty->ops->wait_until_sent(tty, timeout);
206 }
207 EXPORT_SYMBOL(tty_wait_until_sent);
208 
209 
210 /*
211  *		Termios Helper Methods
212  */
213 
unset_locked_termios(struct tty_struct * tty,const struct ktermios * old)214 static void unset_locked_termios(struct tty_struct *tty, const struct ktermios *old)
215 {
216 	struct ktermios *termios = &tty->termios;
217 	struct ktermios *locked  = &tty->termios_locked;
218 	int	i;
219 
220 #define NOSET_MASK(x, y, z) (x = ((x) & ~(z)) | ((y) & (z)))
221 
222 	NOSET_MASK(termios->c_iflag, old->c_iflag, locked->c_iflag);
223 	NOSET_MASK(termios->c_oflag, old->c_oflag, locked->c_oflag);
224 	NOSET_MASK(termios->c_cflag, old->c_cflag, locked->c_cflag);
225 	NOSET_MASK(termios->c_lflag, old->c_lflag, locked->c_lflag);
226 	termios->c_line = locked->c_line ? old->c_line : termios->c_line;
227 	for (i = 0; i < NCCS; i++)
228 		termios->c_cc[i] = locked->c_cc[i] ?
229 			old->c_cc[i] : termios->c_cc[i];
230 	/* FIXME: What should we do for i/ospeed */
231 }
232 
233 /**
234  *	tty_termios_copy_hw	-	copy hardware settings
235  *	@new: New termios
236  *	@old: Old termios
237  *
238  *	Propagate the hardware specific terminal setting bits from
239  *	the old termios structure to the new one. This is used in cases
240  *	where the hardware does not support reconfiguration or as a helper
241  *	in some cases where only minimal reconfiguration is supported
242  */
243 
tty_termios_copy_hw(struct ktermios * new,const struct ktermios * old)244 void tty_termios_copy_hw(struct ktermios *new, const struct ktermios *old)
245 {
246 	/* The bits a dumb device handles in software. Smart devices need
247 	   to always provide a set_termios method */
248 	new->c_cflag &= HUPCL | CREAD | CLOCAL;
249 	new->c_cflag |= old->c_cflag & ~(HUPCL | CREAD | CLOCAL);
250 	new->c_ispeed = old->c_ispeed;
251 	new->c_ospeed = old->c_ospeed;
252 }
253 EXPORT_SYMBOL(tty_termios_copy_hw);
254 
255 /**
256  *	tty_termios_hw_change	-	check for setting change
257  *	@a: termios
258  *	@b: termios to compare
259  *
260  *	Check if any of the bits that affect a dumb device have changed
261  *	between the two termios structures, or a speed change is needed.
262  */
263 
tty_termios_hw_change(const struct ktermios * a,const struct ktermios * b)264 bool tty_termios_hw_change(const struct ktermios *a, const struct ktermios *b)
265 {
266 	if (a->c_ispeed != b->c_ispeed || a->c_ospeed != b->c_ospeed)
267 		return true;
268 	if ((a->c_cflag ^ b->c_cflag) & ~(HUPCL | CREAD | CLOCAL))
269 		return true;
270 	return false;
271 }
272 EXPORT_SYMBOL(tty_termios_hw_change);
273 
274 /**
275  *	tty_get_char_size	-	get size of a character
276  *	@cflag: termios cflag value
277  *
278  *	Get the size (in bits) of a character depending on @cflag's %CSIZE
279  *	setting.
280  */
tty_get_char_size(unsigned int cflag)281 unsigned char tty_get_char_size(unsigned int cflag)
282 {
283 	switch (cflag & CSIZE) {
284 	case CS5:
285 		return 5;
286 	case CS6:
287 		return 6;
288 	case CS7:
289 		return 7;
290 	case CS8:
291 	default:
292 		return 8;
293 	}
294 }
295 EXPORT_SYMBOL_GPL(tty_get_char_size);
296 
297 /**
298  *	tty_get_frame_size	-	get size of a frame
299  *	@cflag: termios cflag value
300  *
301  *	Get the size (in bits) of a frame depending on @cflag's %CSIZE, %CSTOPB,
302  *	and %PARENB setting. The result is a sum of character size, start and
303  *	stop bits -- one bit each -- second stop bit (if set), and parity bit
304  *	(if set).
305  */
tty_get_frame_size(unsigned int cflag)306 unsigned char tty_get_frame_size(unsigned int cflag)
307 {
308 	unsigned char bits = 2 + tty_get_char_size(cflag);
309 
310 	if (cflag & CSTOPB)
311 		bits++;
312 	if (cflag & PARENB)
313 		bits++;
314 	if (cflag & ADDRB)
315 		bits++;
316 
317 	return bits;
318 }
319 EXPORT_SYMBOL_GPL(tty_get_frame_size);
320 
321 /**
322  *	tty_set_termios		-	update termios values
323  *	@tty: tty to update
324  *	@new_termios: desired new value
325  *
326  *	Perform updates to the termios values set on this terminal.
327  *	A master pty's termios should never be set.
328  *
329  *	Locking: termios_rwsem
330  */
331 
tty_set_termios(struct tty_struct * tty,struct ktermios * new_termios)332 int tty_set_termios(struct tty_struct *tty, struct ktermios *new_termios)
333 {
334 	struct ktermios old_termios;
335 	struct tty_ldisc *ld;
336 
337 	WARN_ON(tty->driver->type == TTY_DRIVER_TYPE_PTY &&
338 		tty->driver->subtype == PTY_TYPE_MASTER);
339 	/*
340 	 *	Perform the actual termios internal changes under lock.
341 	 */
342 
343 
344 	/* FIXME: we need to decide on some locking/ordering semantics
345 	   for the set_termios notification eventually */
346 	down_write(&tty->termios_rwsem);
347 	old_termios = tty->termios;
348 	tty->termios = *new_termios;
349 	unset_locked_termios(tty, &old_termios);
350 	/* Reset any ADDRB changes, ADDRB is changed through ->rs485_config() */
351 	tty->termios.c_cflag ^= (tty->termios.c_cflag ^ old_termios.c_cflag) & ADDRB;
352 
353 	if (tty->ops->set_termios)
354 		tty->ops->set_termios(tty, &old_termios);
355 	else
356 		tty_termios_copy_hw(&tty->termios, &old_termios);
357 
358 	ld = tty_ldisc_ref(tty);
359 	if (ld != NULL) {
360 		if (ld->ops->set_termios)
361 			ld->ops->set_termios(tty, &old_termios);
362 		tty_ldisc_deref(ld);
363 	}
364 	up_write(&tty->termios_rwsem);
365 	return 0;
366 }
367 EXPORT_SYMBOL_GPL(tty_set_termios);
368 
369 
370 /*
371  * Translate a "termio" structure into a "termios". Ugh.
372  */
user_termio_to_kernel_termios(struct ktermios * termios,struct termio __user * termio)373 __weak int user_termio_to_kernel_termios(struct ktermios *termios,
374 						struct termio __user *termio)
375 {
376 	struct termio v;
377 
378 	if (copy_from_user(&v, termio, sizeof(struct termio)))
379 		return -EFAULT;
380 
381 	termios->c_iflag = (0xffff0000 & termios->c_iflag) | v.c_iflag;
382 	termios->c_oflag = (0xffff0000 & termios->c_oflag) | v.c_oflag;
383 	termios->c_cflag = (0xffff0000 & termios->c_cflag) | v.c_cflag;
384 	termios->c_lflag = (0xffff0000 & termios->c_lflag) | v.c_lflag;
385 	termios->c_line = (0xffff0000 & termios->c_lflag) | v.c_line;
386 	memcpy(termios->c_cc, v.c_cc, NCC);
387 	return 0;
388 }
389 
390 /*
391  * Translate a "termios" structure into a "termio". Ugh.
392  */
kernel_termios_to_user_termio(struct termio __user * termio,struct ktermios * termios)393 __weak int kernel_termios_to_user_termio(struct termio __user *termio,
394 						struct ktermios *termios)
395 {
396 	struct termio v;
397 	memset(&v, 0, sizeof(struct termio));
398 	v.c_iflag = termios->c_iflag;
399 	v.c_oflag = termios->c_oflag;
400 	v.c_cflag = termios->c_cflag;
401 	v.c_lflag = termios->c_lflag;
402 	v.c_line = termios->c_line;
403 	memcpy(v.c_cc, termios->c_cc, NCC);
404 	return copy_to_user(termio, &v, sizeof(struct termio));
405 }
406 
407 #ifdef TCGETS2
user_termios_to_kernel_termios(struct ktermios * k,struct termios2 __user * u)408 __weak int user_termios_to_kernel_termios(struct ktermios *k,
409 						 struct termios2 __user *u)
410 {
411 	return copy_from_user(k, u, sizeof(struct termios2));
412 }
kernel_termios_to_user_termios(struct termios2 __user * u,struct ktermios * k)413 __weak int kernel_termios_to_user_termios(struct termios2 __user *u,
414 						 struct ktermios *k)
415 {
416 	return copy_to_user(u, k, sizeof(struct termios2));
417 }
user_termios_to_kernel_termios_1(struct ktermios * k,struct termios __user * u)418 __weak int user_termios_to_kernel_termios_1(struct ktermios *k,
419 						   struct termios __user *u)
420 {
421 	return copy_from_user(k, u, sizeof(struct termios));
422 }
kernel_termios_to_user_termios_1(struct termios __user * u,struct ktermios * k)423 __weak int kernel_termios_to_user_termios_1(struct termios __user *u,
424 						   struct ktermios *k)
425 {
426 	return copy_to_user(u, k, sizeof(struct termios));
427 }
428 
429 #else
430 
user_termios_to_kernel_termios(struct ktermios * k,struct termios __user * u)431 __weak int user_termios_to_kernel_termios(struct ktermios *k,
432 						 struct termios __user *u)
433 {
434 	return copy_from_user(k, u, sizeof(struct termios));
435 }
kernel_termios_to_user_termios(struct termios __user * u,struct ktermios * k)436 __weak int kernel_termios_to_user_termios(struct termios __user *u,
437 						 struct ktermios *k)
438 {
439 	return copy_to_user(u, k, sizeof(struct termios));
440 }
441 #endif /* TCGETS2 */
442 
443 /**
444  *	set_termios		-	set termios values for a tty
445  *	@tty: terminal device
446  *	@arg: user data
447  *	@opt: option information
448  *
449  *	Helper function to prepare termios data and run necessary other
450  *	functions before using tty_set_termios to do the actual changes.
451  *
452  *	Locking:
453  *		Called functions take ldisc and termios_rwsem locks
454  */
455 
set_termios(struct tty_struct * tty,void __user * arg,int opt)456 static int set_termios(struct tty_struct *tty, void __user *arg, int opt)
457 {
458 	struct ktermios tmp_termios;
459 	struct tty_ldisc *ld;
460 	int retval = tty_check_change(tty);
461 
462 	if (retval)
463 		return retval;
464 
465 	down_read(&tty->termios_rwsem);
466 	tmp_termios = tty->termios;
467 	up_read(&tty->termios_rwsem);
468 
469 	if (opt & TERMIOS_TERMIO) {
470 		if (user_termio_to_kernel_termios(&tmp_termios,
471 						(struct termio __user *)arg))
472 			return -EFAULT;
473 #ifdef TCGETS2
474 	} else if (opt & TERMIOS_OLD) {
475 		if (user_termios_to_kernel_termios_1(&tmp_termios,
476 						(struct termios __user *)arg))
477 			return -EFAULT;
478 	} else {
479 		if (user_termios_to_kernel_termios(&tmp_termios,
480 						(struct termios2 __user *)arg))
481 			return -EFAULT;
482 	}
483 #else
484 	} else if (user_termios_to_kernel_termios(&tmp_termios,
485 					(struct termios __user *)arg))
486 		return -EFAULT;
487 #endif
488 
489 	/* If old style Bfoo values are used then load c_ispeed/c_ospeed
490 	 * with the real speed so its unconditionally usable */
491 	tmp_termios.c_ispeed = tty_termios_input_baud_rate(&tmp_termios);
492 	tmp_termios.c_ospeed = tty_termios_baud_rate(&tmp_termios);
493 
494 	if (opt & (TERMIOS_FLUSH|TERMIOS_WAIT)) {
495 retry_write_wait:
496 		retval = wait_event_interruptible(tty->write_wait, !tty_chars_in_buffer(tty));
497 		if (retval < 0)
498 			return retval;
499 
500 		if (tty_write_lock(tty, false) < 0)
501 			goto retry_write_wait;
502 
503 		/* Racing writer? */
504 		if (tty_chars_in_buffer(tty)) {
505 			tty_write_unlock(tty);
506 			goto retry_write_wait;
507 		}
508 
509 		ld = tty_ldisc_ref(tty);
510 		if (ld != NULL) {
511 			if ((opt & TERMIOS_FLUSH) && ld->ops->flush_buffer)
512 				ld->ops->flush_buffer(tty);
513 			tty_ldisc_deref(ld);
514 		}
515 
516 		if ((opt & TERMIOS_WAIT) && tty->ops->wait_until_sent) {
517 			tty->ops->wait_until_sent(tty, 0);
518 			if (signal_pending(current)) {
519 				tty_write_unlock(tty);
520 				return -ERESTARTSYS;
521 			}
522 		}
523 
524 		tty_set_termios(tty, &tmp_termios);
525 
526 		tty_write_unlock(tty);
527 	} else {
528 		tty_set_termios(tty, &tmp_termios);
529 	}
530 
531 	/* FIXME: Arguably if tmp_termios == tty->termios AND the
532 	   actual requested termios was not tmp_termios then we may
533 	   want to return an error as no user requested change has
534 	   succeeded */
535 	return 0;
536 }
537 
copy_termios(struct tty_struct * tty,struct ktermios * kterm)538 static void copy_termios(struct tty_struct *tty, struct ktermios *kterm)
539 {
540 	down_read(&tty->termios_rwsem);
541 	*kterm = tty->termios;
542 	up_read(&tty->termios_rwsem);
543 }
544 
copy_termios_locked(struct tty_struct * tty,struct ktermios * kterm)545 static void copy_termios_locked(struct tty_struct *tty, struct ktermios *kterm)
546 {
547 	down_read(&tty->termios_rwsem);
548 	*kterm = tty->termios_locked;
549 	up_read(&tty->termios_rwsem);
550 }
551 
get_termio(struct tty_struct * tty,struct termio __user * termio)552 static int get_termio(struct tty_struct *tty, struct termio __user *termio)
553 {
554 	struct ktermios kterm;
555 	copy_termios(tty, &kterm);
556 	if (kernel_termios_to_user_termio(termio, &kterm))
557 		return -EFAULT;
558 	return 0;
559 }
560 
561 #ifdef TIOCGETP
562 /*
563  * These are deprecated, but there is limited support..
564  *
565  * The "sg_flags" translation is a joke..
566  */
get_sgflags(struct tty_struct * tty)567 static int get_sgflags(struct tty_struct *tty)
568 {
569 	int flags = 0;
570 
571 	if (!L_ICANON(tty)) {
572 		if (L_ISIG(tty))
573 			flags |= 0x02;		/* cbreak */
574 		else
575 			flags |= 0x20;		/* raw */
576 	}
577 	if (L_ECHO(tty))
578 		flags |= 0x08;			/* echo */
579 	if (O_OPOST(tty))
580 		if (O_ONLCR(tty))
581 			flags |= 0x10;		/* crmod */
582 	return flags;
583 }
584 
get_sgttyb(struct tty_struct * tty,struct sgttyb __user * sgttyb)585 static int get_sgttyb(struct tty_struct *tty, struct sgttyb __user *sgttyb)
586 {
587 	struct sgttyb tmp;
588 
589 	down_read(&tty->termios_rwsem);
590 	tmp.sg_ispeed = tty->termios.c_ispeed;
591 	tmp.sg_ospeed = tty->termios.c_ospeed;
592 	tmp.sg_erase = tty->termios.c_cc[VERASE];
593 	tmp.sg_kill = tty->termios.c_cc[VKILL];
594 	tmp.sg_flags = get_sgflags(tty);
595 	up_read(&tty->termios_rwsem);
596 
597 	return copy_to_user(sgttyb, &tmp, sizeof(tmp)) ? -EFAULT : 0;
598 }
599 
set_sgflags(struct ktermios * termios,int flags)600 static void set_sgflags(struct ktermios *termios, int flags)
601 {
602 	termios->c_iflag = ICRNL | IXON;
603 	termios->c_oflag = 0;
604 	termios->c_lflag = ISIG | ICANON;
605 	if (flags & 0x02) {	/* cbreak */
606 		termios->c_iflag = 0;
607 		termios->c_lflag &= ~ICANON;
608 	}
609 	if (flags & 0x08) {		/* echo */
610 		termios->c_lflag |= ECHO | ECHOE | ECHOK |
611 				    ECHOCTL | ECHOKE | IEXTEN;
612 	}
613 	if (flags & 0x10) {		/* crmod */
614 		termios->c_oflag |= OPOST | ONLCR;
615 	}
616 	if (flags & 0x20) {	/* raw */
617 		termios->c_iflag = 0;
618 		termios->c_lflag &= ~(ISIG | ICANON);
619 	}
620 	if (!(termios->c_lflag & ICANON)) {
621 		termios->c_cc[VMIN] = 1;
622 		termios->c_cc[VTIME] = 0;
623 	}
624 }
625 
626 /**
627  *	set_sgttyb		-	set legacy terminal values
628  *	@tty: tty structure
629  *	@sgttyb: pointer to old style terminal structure
630  *
631  *	Updates a terminal from the legacy BSD style terminal information
632  *	structure.
633  *
634  *	Locking: termios_rwsem
635  */
636 
set_sgttyb(struct tty_struct * tty,struct sgttyb __user * sgttyb)637 static int set_sgttyb(struct tty_struct *tty, struct sgttyb __user *sgttyb)
638 {
639 	int retval;
640 	struct sgttyb tmp;
641 	struct ktermios termios;
642 
643 	retval = tty_check_change(tty);
644 	if (retval)
645 		return retval;
646 
647 	if (copy_from_user(&tmp, sgttyb, sizeof(tmp)))
648 		return -EFAULT;
649 
650 	down_write(&tty->termios_rwsem);
651 	termios = tty->termios;
652 	termios.c_cc[VERASE] = tmp.sg_erase;
653 	termios.c_cc[VKILL] = tmp.sg_kill;
654 	set_sgflags(&termios, tmp.sg_flags);
655 	/* Try and encode into Bfoo format */
656 	tty_termios_encode_baud_rate(&termios, termios.c_ispeed,
657 						termios.c_ospeed);
658 	up_write(&tty->termios_rwsem);
659 	tty_set_termios(tty, &termios);
660 	return 0;
661 }
662 #endif
663 
664 #ifdef TIOCGETC
get_tchars(struct tty_struct * tty,struct tchars __user * tchars)665 static int get_tchars(struct tty_struct *tty, struct tchars __user *tchars)
666 {
667 	struct tchars tmp;
668 
669 	down_read(&tty->termios_rwsem);
670 	tmp.t_intrc = tty->termios.c_cc[VINTR];
671 	tmp.t_quitc = tty->termios.c_cc[VQUIT];
672 	tmp.t_startc = tty->termios.c_cc[VSTART];
673 	tmp.t_stopc = tty->termios.c_cc[VSTOP];
674 	tmp.t_eofc = tty->termios.c_cc[VEOF];
675 	tmp.t_brkc = tty->termios.c_cc[VEOL2];	/* what is brkc anyway? */
676 	up_read(&tty->termios_rwsem);
677 	return copy_to_user(tchars, &tmp, sizeof(tmp)) ? -EFAULT : 0;
678 }
679 
set_tchars(struct tty_struct * tty,struct tchars __user * tchars)680 static int set_tchars(struct tty_struct *tty, struct tchars __user *tchars)
681 {
682 	struct tchars tmp;
683 
684 	if (copy_from_user(&tmp, tchars, sizeof(tmp)))
685 		return -EFAULT;
686 	down_write(&tty->termios_rwsem);
687 	tty->termios.c_cc[VINTR] = tmp.t_intrc;
688 	tty->termios.c_cc[VQUIT] = tmp.t_quitc;
689 	tty->termios.c_cc[VSTART] = tmp.t_startc;
690 	tty->termios.c_cc[VSTOP] = tmp.t_stopc;
691 	tty->termios.c_cc[VEOF] = tmp.t_eofc;
692 	tty->termios.c_cc[VEOL2] = tmp.t_brkc;	/* what is brkc anyway? */
693 	up_write(&tty->termios_rwsem);
694 	return 0;
695 }
696 #endif
697 
698 #ifdef TIOCGLTC
get_ltchars(struct tty_struct * tty,struct ltchars __user * ltchars)699 static int get_ltchars(struct tty_struct *tty, struct ltchars __user *ltchars)
700 {
701 	struct ltchars tmp;
702 
703 	down_read(&tty->termios_rwsem);
704 	tmp.t_suspc = tty->termios.c_cc[VSUSP];
705 	/* what is dsuspc anyway? */
706 	tmp.t_dsuspc = tty->termios.c_cc[VSUSP];
707 	tmp.t_rprntc = tty->termios.c_cc[VREPRINT];
708 	/* what is flushc anyway? */
709 	tmp.t_flushc = tty->termios.c_cc[VEOL2];
710 	tmp.t_werasc = tty->termios.c_cc[VWERASE];
711 	tmp.t_lnextc = tty->termios.c_cc[VLNEXT];
712 	up_read(&tty->termios_rwsem);
713 	return copy_to_user(ltchars, &tmp, sizeof(tmp)) ? -EFAULT : 0;
714 }
715 
set_ltchars(struct tty_struct * tty,struct ltchars __user * ltchars)716 static int set_ltchars(struct tty_struct *tty, struct ltchars __user *ltchars)
717 {
718 	struct ltchars tmp;
719 
720 	if (copy_from_user(&tmp, ltchars, sizeof(tmp)))
721 		return -EFAULT;
722 
723 	down_write(&tty->termios_rwsem);
724 	tty->termios.c_cc[VSUSP] = tmp.t_suspc;
725 	/* what is dsuspc anyway? */
726 	tty->termios.c_cc[VEOL2] = tmp.t_dsuspc;
727 	tty->termios.c_cc[VREPRINT] = tmp.t_rprntc;
728 	/* what is flushc anyway? */
729 	tty->termios.c_cc[VEOL2] = tmp.t_flushc;
730 	tty->termios.c_cc[VWERASE] = tmp.t_werasc;
731 	tty->termios.c_cc[VLNEXT] = tmp.t_lnextc;
732 	up_write(&tty->termios_rwsem);
733 	return 0;
734 }
735 #endif
736 
737 /**
738  *	tty_change_softcar	-	carrier change ioctl helper
739  *	@tty: tty to update
740  *	@enable: enable/disable CLOCAL
741  *
742  *	Perform a change to the CLOCAL state and call into the driver
743  *	layer to make it visible. All done with the termios rwsem
744  */
745 
tty_change_softcar(struct tty_struct * tty,bool enable)746 static int tty_change_softcar(struct tty_struct *tty, bool enable)
747 {
748 	int ret = 0;
749 	struct ktermios old;
750 	tcflag_t bit = enable ? CLOCAL : 0;
751 
752 	down_write(&tty->termios_rwsem);
753 	old = tty->termios;
754 	tty->termios.c_cflag &= ~CLOCAL;
755 	tty->termios.c_cflag |= bit;
756 	if (tty->ops->set_termios)
757 		tty->ops->set_termios(tty, &old);
758 	if (C_CLOCAL(tty) != bit)
759 		ret = -EINVAL;
760 	up_write(&tty->termios_rwsem);
761 	return ret;
762 }
763 
764 /**
765  *	tty_mode_ioctl		-	mode related ioctls
766  *	@tty: tty for the ioctl
767  *	@cmd: command
768  *	@arg: ioctl argument
769  *
770  *	Perform non line discipline specific mode control ioctls. This
771  *	is designed to be called by line disciplines to ensure they provide
772  *	consistent mode setting.
773  */
774 
tty_mode_ioctl(struct tty_struct * tty,unsigned int cmd,unsigned long arg)775 int tty_mode_ioctl(struct tty_struct *tty, unsigned int cmd, unsigned long arg)
776 {
777 	struct tty_struct *real_tty;
778 	void __user *p = (void __user *)arg;
779 	int ret = 0;
780 	struct ktermios kterm;
781 
782 	if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
783 	    tty->driver->subtype == PTY_TYPE_MASTER)
784 		real_tty = tty->link;
785 	else
786 		real_tty = tty;
787 
788 	switch (cmd) {
789 #ifdef TIOCGETP
790 	case TIOCGETP:
791 		return get_sgttyb(real_tty, (struct sgttyb __user *) arg);
792 	case TIOCSETP:
793 	case TIOCSETN:
794 		return set_sgttyb(real_tty, (struct sgttyb __user *) arg);
795 #endif
796 #ifdef TIOCGETC
797 	case TIOCGETC:
798 		return get_tchars(real_tty, p);
799 	case TIOCSETC:
800 		return set_tchars(real_tty, p);
801 #endif
802 #ifdef TIOCGLTC
803 	case TIOCGLTC:
804 		return get_ltchars(real_tty, p);
805 	case TIOCSLTC:
806 		return set_ltchars(real_tty, p);
807 #endif
808 	case TCSETSF:
809 		return set_termios(real_tty, p,  TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_OLD);
810 	case TCSETSW:
811 		return set_termios(real_tty, p, TERMIOS_WAIT | TERMIOS_OLD);
812 	case TCSETS:
813 		return set_termios(real_tty, p, TERMIOS_OLD);
814 #ifndef TCGETS2
815 	case TCGETS:
816 		copy_termios(real_tty, &kterm);
817 		if (kernel_termios_to_user_termios((struct termios __user *)arg, &kterm))
818 			ret = -EFAULT;
819 		return ret;
820 #else
821 	case TCGETS:
822 		copy_termios(real_tty, &kterm);
823 		if (kernel_termios_to_user_termios_1((struct termios __user *)arg, &kterm))
824 			ret = -EFAULT;
825 		return ret;
826 	case TCGETS2:
827 		copy_termios(real_tty, &kterm);
828 		if (kernel_termios_to_user_termios((struct termios2 __user *)arg, &kterm))
829 			ret = -EFAULT;
830 		return ret;
831 	case TCSETSF2:
832 		return set_termios(real_tty, p,  TERMIOS_FLUSH | TERMIOS_WAIT);
833 	case TCSETSW2:
834 		return set_termios(real_tty, p, TERMIOS_WAIT);
835 	case TCSETS2:
836 		return set_termios(real_tty, p, 0);
837 #endif
838 	case TCGETA:
839 		return get_termio(real_tty, p);
840 	case TCSETAF:
841 		return set_termios(real_tty, p, TERMIOS_FLUSH | TERMIOS_WAIT | TERMIOS_TERMIO);
842 	case TCSETAW:
843 		return set_termios(real_tty, p, TERMIOS_WAIT | TERMIOS_TERMIO);
844 	case TCSETA:
845 		return set_termios(real_tty, p, TERMIOS_TERMIO);
846 #ifndef TCGETS2
847 	case TIOCGLCKTRMIOS:
848 		copy_termios_locked(real_tty, &kterm);
849 		if (kernel_termios_to_user_termios((struct termios __user *)arg, &kterm))
850 			ret = -EFAULT;
851 		return ret;
852 	case TIOCSLCKTRMIOS:
853 		if (!checkpoint_restore_ns_capable(&init_user_ns))
854 			return -EPERM;
855 		copy_termios_locked(real_tty, &kterm);
856 		if (user_termios_to_kernel_termios(&kterm,
857 					       (struct termios __user *) arg))
858 			return -EFAULT;
859 		down_write(&real_tty->termios_rwsem);
860 		real_tty->termios_locked = kterm;
861 		up_write(&real_tty->termios_rwsem);
862 		return 0;
863 #else
864 	case TIOCGLCKTRMIOS:
865 		copy_termios_locked(real_tty, &kterm);
866 		if (kernel_termios_to_user_termios_1((struct termios __user *)arg, &kterm))
867 			ret = -EFAULT;
868 		return ret;
869 	case TIOCSLCKTRMIOS:
870 		if (!checkpoint_restore_ns_capable(&init_user_ns))
871 			return -EPERM;
872 		copy_termios_locked(real_tty, &kterm);
873 		if (user_termios_to_kernel_termios_1(&kterm,
874 					       (struct termios __user *) arg))
875 			return -EFAULT;
876 		down_write(&real_tty->termios_rwsem);
877 		real_tty->termios_locked = kterm;
878 		up_write(&real_tty->termios_rwsem);
879 		return ret;
880 #endif
881 #ifdef TCGETX
882 	case TCGETX:
883 	case TCSETX:
884 	case TCSETXW:
885 	case TCSETXF:
886 		return -ENOTTY;
887 #endif
888 	case TIOCGSOFTCAR:
889 		copy_termios(real_tty, &kterm);
890 		ret = put_user((kterm.c_cflag & CLOCAL) ? 1 : 0,
891 						(int __user *)arg);
892 		return ret;
893 	case TIOCSSOFTCAR:
894 		if (get_user(arg, (unsigned int __user *) arg))
895 			return -EFAULT;
896 		return tty_change_softcar(real_tty, arg);
897 	default:
898 		return -ENOIOCTLCMD;
899 	}
900 }
901 EXPORT_SYMBOL_GPL(tty_mode_ioctl);
902 
903 
904 /* Caller guarantees ldisc reference is held */
__tty_perform_flush(struct tty_struct * tty,unsigned long arg)905 static int __tty_perform_flush(struct tty_struct *tty, unsigned long arg)
906 {
907 	struct tty_ldisc *ld = tty->ldisc;
908 
909 	switch (arg) {
910 	case TCIFLUSH:
911 		if (ld && ld->ops->flush_buffer) {
912 			ld->ops->flush_buffer(tty);
913 			tty_unthrottle(tty);
914 		}
915 		break;
916 	case TCIOFLUSH:
917 		if (ld && ld->ops->flush_buffer) {
918 			ld->ops->flush_buffer(tty);
919 			tty_unthrottle(tty);
920 		}
921 		fallthrough;
922 	case TCOFLUSH:
923 		tty_driver_flush_buffer(tty);
924 		break;
925 	default:
926 		return -EINVAL;
927 	}
928 	return 0;
929 }
930 
tty_perform_flush(struct tty_struct * tty,unsigned long arg)931 int tty_perform_flush(struct tty_struct *tty, unsigned long arg)
932 {
933 	struct tty_ldisc *ld;
934 	int retval = tty_check_change(tty);
935 	if (retval)
936 		return retval;
937 
938 	ld = tty_ldisc_ref_wait(tty);
939 	retval = __tty_perform_flush(tty, arg);
940 	if (ld)
941 		tty_ldisc_deref(ld);
942 	return retval;
943 }
944 EXPORT_SYMBOL_GPL(tty_perform_flush);
945 
n_tty_ioctl_helper(struct tty_struct * tty,unsigned int cmd,unsigned long arg)946 int n_tty_ioctl_helper(struct tty_struct *tty, unsigned int cmd,
947 		unsigned long arg)
948 {
949 	int retval;
950 
951 	switch (cmd) {
952 	case TCXONC:
953 		retval = tty_check_change(tty);
954 		if (retval)
955 			return retval;
956 		switch (arg) {
957 		case TCOOFF:
958 			spin_lock_irq(&tty->flow.lock);
959 			if (!tty->flow.tco_stopped) {
960 				tty->flow.tco_stopped = true;
961 				__stop_tty(tty);
962 			}
963 			spin_unlock_irq(&tty->flow.lock);
964 			break;
965 		case TCOON:
966 			spin_lock_irq(&tty->flow.lock);
967 			if (tty->flow.tco_stopped) {
968 				tty->flow.tco_stopped = false;
969 				__start_tty(tty);
970 			}
971 			spin_unlock_irq(&tty->flow.lock);
972 			break;
973 		case TCIOFF:
974 			if (STOP_CHAR(tty) != __DISABLED_CHAR)
975 				retval = tty_send_xchar(tty, STOP_CHAR(tty));
976 			break;
977 		case TCION:
978 			if (START_CHAR(tty) != __DISABLED_CHAR)
979 				retval = tty_send_xchar(tty, START_CHAR(tty));
980 			break;
981 		default:
982 			return -EINVAL;
983 		}
984 		return retval;
985 	case TCFLSH:
986 		retval = tty_check_change(tty);
987 		if (retval)
988 			return retval;
989 		return __tty_perform_flush(tty, arg);
990 	default:
991 		/* Try the mode commands */
992 		return tty_mode_ioctl(tty, cmd, arg);
993 	}
994 }
995 EXPORT_SYMBOL(n_tty_ioctl_helper);
996