1 /*
2 * Tty buffer allocation management
3 */
4
5 #include <linux/types.h>
6 #include <linux/errno.h>
7 #include <linux/tty.h>
8 #include <linux/tty_driver.h>
9 #include <linux/tty_flip.h>
10 #include <linux/timer.h>
11 #include <linux/string.h>
12 #include <linux/slab.h>
13 #include <linux/sched.h>
14 #include <linux/init.h>
15 #include <linux/wait.h>
16 #include <linux/bitops.h>
17 #include <linux/delay.h>
18 #include <linux/module.h>
19
20 /**
21 * tty_buffer_free_all - free buffers used by a tty
22 * @tty: tty to free from
23 *
24 * Remove all the buffers pending on a tty whether queued with data
25 * or in the free ring. Must be called when the tty is no longer in use
26 *
27 * Locking: none
28 */
29
tty_buffer_free_all(struct tty_struct * tty)30 void tty_buffer_free_all(struct tty_struct *tty)
31 {
32 struct tty_buffer *thead;
33 while ((thead = tty->buf.head) != NULL) {
34 tty->buf.head = thead->next;
35 kfree(thead);
36 }
37 while ((thead = tty->buf.free) != NULL) {
38 tty->buf.free = thead->next;
39 kfree(thead);
40 }
41 tty->buf.tail = NULL;
42 tty->buf.memory_used = 0;
43 }
44
45 /**
46 * tty_buffer_alloc - allocate a tty buffer
47 * @tty: tty device
48 * @size: desired size (characters)
49 *
50 * Allocate a new tty buffer to hold the desired number of characters.
51 * Return NULL if out of memory or the allocation would exceed the
52 * per device queue
53 *
54 * Locking: Caller must hold tty->buf.lock
55 */
56
tty_buffer_alloc(struct tty_struct * tty,size_t size)57 static struct tty_buffer *tty_buffer_alloc(struct tty_struct *tty, size_t size)
58 {
59 struct tty_buffer *p;
60
61 if (tty->buf.memory_used + size > 65536)
62 return NULL;
63 p = kmalloc(sizeof(struct tty_buffer) + 2 * size, GFP_ATOMIC);
64 if (p == NULL)
65 return NULL;
66 p->used = 0;
67 p->size = size;
68 p->next = NULL;
69 p->commit = 0;
70 p->read = 0;
71 p->char_buf_ptr = (char *)(p->data);
72 p->flag_buf_ptr = (unsigned char *)p->char_buf_ptr + size;
73 tty->buf.memory_used += size;
74 return p;
75 }
76
77 /**
78 * tty_buffer_free - free a tty buffer
79 * @tty: tty owning the buffer
80 * @b: the buffer to free
81 *
82 * Free a tty buffer, or add it to the free list according to our
83 * internal strategy
84 *
85 * Locking: Caller must hold tty->buf.lock
86 */
87
tty_buffer_free(struct tty_struct * tty,struct tty_buffer * b)88 static void tty_buffer_free(struct tty_struct *tty, struct tty_buffer *b)
89 {
90 /* Dumb strategy for now - should keep some stats */
91 tty->buf.memory_used -= b->size;
92 WARN_ON(tty->buf.memory_used < 0);
93
94 if (b->size >= 512)
95 kfree(b);
96 else {
97 b->next = tty->buf.free;
98 tty->buf.free = b;
99 }
100 }
101
102 /**
103 * __tty_buffer_flush - flush full tty buffers
104 * @tty: tty to flush
105 *
106 * flush all the buffers containing receive data. Caller must
107 * hold the buffer lock and must have ensured no parallel flush to
108 * ldisc is running.
109 *
110 * Locking: Caller must hold tty->buf.lock
111 */
112
__tty_buffer_flush(struct tty_struct * tty)113 static void __tty_buffer_flush(struct tty_struct *tty)
114 {
115 struct tty_buffer *thead;
116
117 if (tty->buf.head == NULL)
118 return;
119 while ((thead = tty->buf.head->next) != NULL) {
120 tty_buffer_free(tty, tty->buf.head);
121 tty->buf.head = thead;
122 }
123 WARN_ON(tty->buf.head != tty->buf.tail);
124 tty->buf.head->read = tty->buf.head->commit;
125 }
126
127 /**
128 * tty_buffer_flush - flush full tty buffers
129 * @tty: tty to flush
130 *
131 * flush all the buffers containing receive data. If the buffer is
132 * being processed by flush_to_ldisc then we defer the processing
133 * to that function
134 *
135 * Locking: none
136 */
137
tty_buffer_flush(struct tty_struct * tty)138 void tty_buffer_flush(struct tty_struct *tty)
139 {
140 unsigned long flags;
141 spin_lock_irqsave(&tty->buf.lock, flags);
142
143 /* If the data is being pushed to the tty layer then we can't
144 process it here. Instead set a flag and the flush_to_ldisc
145 path will process the flush request before it exits */
146 if (test_bit(TTY_FLUSHING, &tty->flags)) {
147 set_bit(TTY_FLUSHPENDING, &tty->flags);
148 spin_unlock_irqrestore(&tty->buf.lock, flags);
149 wait_event(tty->read_wait,
150 test_bit(TTY_FLUSHPENDING, &tty->flags) == 0);
151 return;
152 } else
153 __tty_buffer_flush(tty);
154 spin_unlock_irqrestore(&tty->buf.lock, flags);
155 }
156
157 /**
158 * tty_buffer_find - find a free tty buffer
159 * @tty: tty owning the buffer
160 * @size: characters wanted
161 *
162 * Locate an existing suitable tty buffer or if we are lacking one then
163 * allocate a new one. We round our buffers off in 256 character chunks
164 * to get better allocation behaviour.
165 *
166 * Locking: Caller must hold tty->buf.lock
167 */
168
tty_buffer_find(struct tty_struct * tty,size_t size)169 static struct tty_buffer *tty_buffer_find(struct tty_struct *tty, size_t size)
170 {
171 struct tty_buffer **tbh = &tty->buf.free;
172 while ((*tbh) != NULL) {
173 struct tty_buffer *t = *tbh;
174 if (t->size >= size) {
175 *tbh = t->next;
176 t->next = NULL;
177 t->used = 0;
178 t->commit = 0;
179 t->read = 0;
180 tty->buf.memory_used += t->size;
181 return t;
182 }
183 tbh = &((*tbh)->next);
184 }
185 /* Round the buffer size out */
186 size = (size + 0xFF) & ~0xFF;
187 return tty_buffer_alloc(tty, size);
188 /* Should possibly check if this fails for the largest buffer we
189 have queued and recycle that ? */
190 }
191
192 /**
193 * tty_buffer_request_room - grow tty buffer if needed
194 * @tty: tty structure
195 * @size: size desired
196 *
197 * Make at least size bytes of linear space available for the tty
198 * buffer. If we fail return the size we managed to find.
199 *
200 * Locking: Takes tty->buf.lock
201 */
tty_buffer_request_room(struct tty_struct * tty,size_t size)202 int tty_buffer_request_room(struct tty_struct *tty, size_t size)
203 {
204 struct tty_buffer *b, *n;
205 int left;
206 unsigned long flags;
207
208 spin_lock_irqsave(&tty->buf.lock, flags);
209
210 /* OPTIMISATION: We could keep a per tty "zero" sized buffer to
211 remove this conditional if its worth it. This would be invisible
212 to the callers */
213 if ((b = tty->buf.tail) != NULL)
214 left = b->size - b->used;
215 else
216 left = 0;
217
218 if (left < size) {
219 /* This is the slow path - looking for new buffers to use */
220 if ((n = tty_buffer_find(tty, size)) != NULL) {
221 if (b != NULL) {
222 b->next = n;
223 b->commit = b->used;
224 } else
225 tty->buf.head = n;
226 tty->buf.tail = n;
227 } else
228 size = left;
229 }
230
231 spin_unlock_irqrestore(&tty->buf.lock, flags);
232 return size;
233 }
234 EXPORT_SYMBOL_GPL(tty_buffer_request_room);
235
236 /**
237 * tty_insert_flip_string_fixed_flag - Add characters to the tty buffer
238 * @tty: tty structure
239 * @chars: characters
240 * @flag: flag value for each character
241 * @size: size
242 *
243 * Queue a series of bytes to the tty buffering. All the characters
244 * passed are marked with the supplied flag. Returns the number added.
245 *
246 * Locking: Called functions may take tty->buf.lock
247 */
248
tty_insert_flip_string_fixed_flag(struct tty_struct * tty,const unsigned char * chars,char flag,size_t size)249 int tty_insert_flip_string_fixed_flag(struct tty_struct *tty,
250 const unsigned char *chars, char flag, size_t size)
251 {
252 int copied = 0;
253 do {
254 int goal = min_t(size_t, size - copied, TTY_BUFFER_PAGE);
255 int space = tty_buffer_request_room(tty, goal);
256 struct tty_buffer *tb = tty->buf.tail;
257 /* If there is no space then tb may be NULL */
258 if (unlikely(space == 0))
259 break;
260 memcpy(tb->char_buf_ptr + tb->used, chars, space);
261 memset(tb->flag_buf_ptr + tb->used, flag, space);
262 tb->used += space;
263 copied += space;
264 chars += space;
265 /* There is a small chance that we need to split the data over
266 several buffers. If this is the case we must loop */
267 } while (unlikely(size > copied));
268 return copied;
269 }
270 EXPORT_SYMBOL(tty_insert_flip_string_fixed_flag);
271
272 /**
273 * tty_insert_flip_string_flags - Add characters to the tty buffer
274 * @tty: tty structure
275 * @chars: characters
276 * @flags: flag bytes
277 * @size: size
278 *
279 * Queue a series of bytes to the tty buffering. For each character
280 * the flags array indicates the status of the character. Returns the
281 * number added.
282 *
283 * Locking: Called functions may take tty->buf.lock
284 */
285
tty_insert_flip_string_flags(struct tty_struct * tty,const unsigned char * chars,const char * flags,size_t size)286 int tty_insert_flip_string_flags(struct tty_struct *tty,
287 const unsigned char *chars, const char *flags, size_t size)
288 {
289 int copied = 0;
290 do {
291 int goal = min_t(size_t, size - copied, TTY_BUFFER_PAGE);
292 int space = tty_buffer_request_room(tty, goal);
293 struct tty_buffer *tb = tty->buf.tail;
294 /* If there is no space then tb may be NULL */
295 if (unlikely(space == 0))
296 break;
297 memcpy(tb->char_buf_ptr + tb->used, chars, space);
298 memcpy(tb->flag_buf_ptr + tb->used, flags, space);
299 tb->used += space;
300 copied += space;
301 chars += space;
302 flags += space;
303 /* There is a small chance that we need to split the data over
304 several buffers. If this is the case we must loop */
305 } while (unlikely(size > copied));
306 return copied;
307 }
308 EXPORT_SYMBOL(tty_insert_flip_string_flags);
309
310 /**
311 * tty_schedule_flip - push characters to ldisc
312 * @tty: tty to push from
313 *
314 * Takes any pending buffers and transfers their ownership to the
315 * ldisc side of the queue. It then schedules those characters for
316 * processing by the line discipline.
317 *
318 * Locking: Takes tty->buf.lock
319 */
320
tty_schedule_flip(struct tty_struct * tty)321 void tty_schedule_flip(struct tty_struct *tty)
322 {
323 unsigned long flags;
324 spin_lock_irqsave(&tty->buf.lock, flags);
325 if (tty->buf.tail != NULL)
326 tty->buf.tail->commit = tty->buf.tail->used;
327 spin_unlock_irqrestore(&tty->buf.lock, flags);
328 schedule_work(&tty->buf.work);
329 }
330 EXPORT_SYMBOL(tty_schedule_flip);
331
332 /**
333 * tty_prepare_flip_string - make room for characters
334 * @tty: tty
335 * @chars: return pointer for character write area
336 * @size: desired size
337 *
338 * Prepare a block of space in the buffer for data. Returns the length
339 * available and buffer pointer to the space which is now allocated and
340 * accounted for as ready for normal characters. This is used for drivers
341 * that need their own block copy routines into the buffer. There is no
342 * guarantee the buffer is a DMA target!
343 *
344 * Locking: May call functions taking tty->buf.lock
345 */
346
tty_prepare_flip_string(struct tty_struct * tty,unsigned char ** chars,size_t size)347 int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars,
348 size_t size)
349 {
350 int space = tty_buffer_request_room(tty, size);
351 if (likely(space)) {
352 struct tty_buffer *tb = tty->buf.tail;
353 *chars = tb->char_buf_ptr + tb->used;
354 memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space);
355 tb->used += space;
356 }
357 return space;
358 }
359 EXPORT_SYMBOL_GPL(tty_prepare_flip_string);
360
361 /**
362 * tty_prepare_flip_string_flags - make room for characters
363 * @tty: tty
364 * @chars: return pointer for character write area
365 * @flags: return pointer for status flag write area
366 * @size: desired size
367 *
368 * Prepare a block of space in the buffer for data. Returns the length
369 * available and buffer pointer to the space which is now allocated and
370 * accounted for as ready for characters. This is used for drivers
371 * that need their own block copy routines into the buffer. There is no
372 * guarantee the buffer is a DMA target!
373 *
374 * Locking: May call functions taking tty->buf.lock
375 */
376
tty_prepare_flip_string_flags(struct tty_struct * tty,unsigned char ** chars,char ** flags,size_t size)377 int tty_prepare_flip_string_flags(struct tty_struct *tty,
378 unsigned char **chars, char **flags, size_t size)
379 {
380 int space = tty_buffer_request_room(tty, size);
381 if (likely(space)) {
382 struct tty_buffer *tb = tty->buf.tail;
383 *chars = tb->char_buf_ptr + tb->used;
384 *flags = tb->flag_buf_ptr + tb->used;
385 tb->used += space;
386 }
387 return space;
388 }
389 EXPORT_SYMBOL_GPL(tty_prepare_flip_string_flags);
390
391
392
393 /**
394 * flush_to_ldisc
395 * @work: tty structure passed from work queue.
396 *
397 * This routine is called out of the software interrupt to flush data
398 * from the buffer chain to the line discipline.
399 *
400 * Locking: holds tty->buf.lock to guard buffer list. Drops the lock
401 * while invoking the line discipline receive_buf method. The
402 * receive_buf method is single threaded for each tty instance.
403 */
404
flush_to_ldisc(struct work_struct * work)405 static void flush_to_ldisc(struct work_struct *work)
406 {
407 struct tty_struct *tty =
408 container_of(work, struct tty_struct, buf.work);
409 unsigned long flags;
410 struct tty_ldisc *disc;
411
412 disc = tty_ldisc_ref(tty);
413 if (disc == NULL) /* !TTY_LDISC */
414 return;
415
416 spin_lock_irqsave(&tty->buf.lock, flags);
417
418 if (!test_and_set_bit(TTY_FLUSHING, &tty->flags)) {
419 struct tty_buffer *head;
420 while ((head = tty->buf.head) != NULL) {
421 int count;
422 char *char_buf;
423 unsigned char *flag_buf;
424
425 count = head->commit - head->read;
426 if (!count) {
427 if (head->next == NULL)
428 break;
429 tty->buf.head = head->next;
430 tty_buffer_free(tty, head);
431 continue;
432 }
433 /* Ldisc or user is trying to flush the buffers
434 we are feeding to the ldisc, stop feeding the
435 line discipline as we want to empty the queue */
436 if (test_bit(TTY_FLUSHPENDING, &tty->flags))
437 break;
438 if (!tty->receive_room)
439 break;
440 if (count > tty->receive_room)
441 count = tty->receive_room;
442 char_buf = head->char_buf_ptr + head->read;
443 flag_buf = head->flag_buf_ptr + head->read;
444 head->read += count;
445 spin_unlock_irqrestore(&tty->buf.lock, flags);
446 disc->ops->receive_buf(tty, char_buf,
447 flag_buf, count);
448 spin_lock_irqsave(&tty->buf.lock, flags);
449 }
450 clear_bit(TTY_FLUSHING, &tty->flags);
451 }
452
453 /* We may have a deferred request to flush the input buffer,
454 if so pull the chain under the lock and empty the queue */
455 if (test_bit(TTY_FLUSHPENDING, &tty->flags)) {
456 __tty_buffer_flush(tty);
457 clear_bit(TTY_FLUSHPENDING, &tty->flags);
458 wake_up(&tty->read_wait);
459 }
460 spin_unlock_irqrestore(&tty->buf.lock, flags);
461
462 tty_ldisc_deref(disc);
463 }
464
465 /**
466 * tty_flush_to_ldisc
467 * @tty: tty to push
468 *
469 * Push the terminal flip buffers to the line discipline.
470 *
471 * Must not be called from IRQ context.
472 */
tty_flush_to_ldisc(struct tty_struct * tty)473 void tty_flush_to_ldisc(struct tty_struct *tty)
474 {
475 flush_work(&tty->buf.work);
476 }
477
478 /**
479 * tty_flip_buffer_push - terminal
480 * @tty: tty to push
481 *
482 * Queue a push of the terminal flip buffers to the line discipline. This
483 * function must not be called from IRQ context if tty->low_latency is set.
484 *
485 * In the event of the queue being busy for flipping the work will be
486 * held off and retried later.
487 *
488 * Locking: tty buffer lock. Driver locks in low latency mode.
489 */
490
tty_flip_buffer_push(struct tty_struct * tty)491 void tty_flip_buffer_push(struct tty_struct *tty)
492 {
493 unsigned long flags;
494 spin_lock_irqsave(&tty->buf.lock, flags);
495 if (tty->buf.tail != NULL)
496 tty->buf.tail->commit = tty->buf.tail->used;
497 spin_unlock_irqrestore(&tty->buf.lock, flags);
498
499 if (tty->low_latency)
500 flush_to_ldisc(&tty->buf.work);
501 else
502 schedule_work(&tty->buf.work);
503 }
504 EXPORT_SYMBOL(tty_flip_buffer_push);
505
506 /**
507 * tty_buffer_init - prepare a tty buffer structure
508 * @tty: tty to initialise
509 *
510 * Set up the initial state of the buffer management for a tty device.
511 * Must be called before the other tty buffer functions are used.
512 *
513 * Locking: none
514 */
515
tty_buffer_init(struct tty_struct * tty)516 void tty_buffer_init(struct tty_struct *tty)
517 {
518 spin_lock_init(&tty->buf.lock);
519 tty->buf.head = NULL;
520 tty->buf.tail = NULL;
521 tty->buf.free = NULL;
522 tty->buf.memory_used = 0;
523 INIT_WORK(&tty->buf.work, flush_to_ldisc);
524 }
525
526