root/drivers/tty/tty_jobctrl.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. is_ignored
  2. __tty_check_change
  3. tty_check_change
  4. proc_clear_tty
  5. __proc_set_tty
  6. proc_set_tty
  7. tty_open_proc_set_tty
  8. get_current_tty
  9. session_clear_tty
  10. tty_signal_session_leader
  11. disassociate_ctty
  12. no_tty
  13. tiocsctty
  14. tty_get_pgrp
  15. session_of_pgrp
  16. tiocgpgrp
  17. tiocspgrp
  18. tiocgsid
  19. tty_jobctrl_ioctl

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  Copyright (C) 1991, 1992  Linus Torvalds
   4  */
   5 
   6 #include <linux/types.h>
   7 #include <linux/errno.h>
   8 #include <linux/signal.h>
   9 #include <linux/sched/signal.h>
  10 #include <linux/sched/task.h>
  11 #include <linux/tty.h>
  12 #include <linux/fcntl.h>
  13 #include <linux/uaccess.h>
  14 
  15 static int is_ignored(int sig)
  16 {
  17         return (sigismember(&current->blocked, sig) ||
  18                 current->sighand->action[sig-1].sa.sa_handler == SIG_IGN);
  19 }
  20 
  21 /**
  22  *      tty_check_change        -       check for POSIX terminal changes
  23  *      @tty: tty to check
  24  *
  25  *      If we try to write to, or set the state of, a terminal and we're
  26  *      not in the foreground, send a SIGTTOU.  If the signal is blocked or
  27  *      ignored, go ahead and perform the operation.  (POSIX 7.2)
  28  *
  29  *      Locking: ctrl_lock
  30  */
  31 int __tty_check_change(struct tty_struct *tty, int sig)
  32 {
  33         unsigned long flags;
  34         struct pid *pgrp, *tty_pgrp;
  35         int ret = 0;
  36 
  37         if (current->signal->tty != tty)
  38                 return 0;
  39 
  40         rcu_read_lock();
  41         pgrp = task_pgrp(current);
  42 
  43         spin_lock_irqsave(&tty->ctrl_lock, flags);
  44         tty_pgrp = tty->pgrp;
  45         spin_unlock_irqrestore(&tty->ctrl_lock, flags);
  46 
  47         if (tty_pgrp && pgrp != tty_pgrp) {
  48                 if (is_ignored(sig)) {
  49                         if (sig == SIGTTIN)
  50                                 ret = -EIO;
  51                 } else if (is_current_pgrp_orphaned())
  52                         ret = -EIO;
  53                 else {
  54                         kill_pgrp(pgrp, sig, 1);
  55                         set_thread_flag(TIF_SIGPENDING);
  56                         ret = -ERESTARTSYS;
  57                 }
  58         }
  59         rcu_read_unlock();
  60 
  61         if (!tty_pgrp)
  62                 tty_warn(tty, "sig=%d, tty->pgrp == NULL!\n", sig);
  63 
  64         return ret;
  65 }
  66 
  67 int tty_check_change(struct tty_struct *tty)
  68 {
  69         return __tty_check_change(tty, SIGTTOU);
  70 }
  71 EXPORT_SYMBOL(tty_check_change);
  72 
  73 void proc_clear_tty(struct task_struct *p)
  74 {
  75         unsigned long flags;
  76         struct tty_struct *tty;
  77         spin_lock_irqsave(&p->sighand->siglock, flags);
  78         tty = p->signal->tty;
  79         p->signal->tty = NULL;
  80         spin_unlock_irqrestore(&p->sighand->siglock, flags);
  81         tty_kref_put(tty);
  82 }
  83 
  84 /**
  85  * proc_set_tty -  set the controlling terminal
  86  *
  87  * Only callable by the session leader and only if it does not already have
  88  * a controlling terminal.
  89  *
  90  * Caller must hold:  tty_lock()
  91  *                    a readlock on tasklist_lock
  92  *                    sighand lock
  93  */
  94 static void __proc_set_tty(struct tty_struct *tty)
  95 {
  96         unsigned long flags;
  97 
  98         spin_lock_irqsave(&tty->ctrl_lock, flags);
  99         /*
 100          * The session and fg pgrp references will be non-NULL if
 101          * tiocsctty() is stealing the controlling tty
 102          */
 103         put_pid(tty->session);
 104         put_pid(tty->pgrp);
 105         tty->pgrp = get_pid(task_pgrp(current));
 106         spin_unlock_irqrestore(&tty->ctrl_lock, flags);
 107         tty->session = get_pid(task_session(current));
 108         if (current->signal->tty) {
 109                 tty_debug(tty, "current tty %s not NULL!!\n",
 110                           current->signal->tty->name);
 111                 tty_kref_put(current->signal->tty);
 112         }
 113         put_pid(current->signal->tty_old_pgrp);
 114         current->signal->tty = tty_kref_get(tty);
 115         current->signal->tty_old_pgrp = NULL;
 116 }
 117 
 118 static void proc_set_tty(struct tty_struct *tty)
 119 {
 120         spin_lock_irq(&current->sighand->siglock);
 121         __proc_set_tty(tty);
 122         spin_unlock_irq(&current->sighand->siglock);
 123 }
 124 
 125 /*
 126  * Called by tty_open() to set the controlling tty if applicable.
 127  */
 128 void tty_open_proc_set_tty(struct file *filp, struct tty_struct *tty)
 129 {
 130         read_lock(&tasklist_lock);
 131         spin_lock_irq(&current->sighand->siglock);
 132         if (current->signal->leader &&
 133             !current->signal->tty &&
 134             tty->session == NULL) {
 135                 /*
 136                  * Don't let a process that only has write access to the tty
 137                  * obtain the privileges associated with having a tty as
 138                  * controlling terminal (being able to reopen it with full
 139                  * access through /dev/tty, being able to perform pushback).
 140                  * Many distributions set the group of all ttys to "tty" and
 141                  * grant write-only access to all terminals for setgid tty
 142                  * binaries, which should not imply full privileges on all ttys.
 143                  *
 144                  * This could theoretically break old code that performs open()
 145                  * on a write-only file descriptor. In that case, it might be
 146                  * necessary to also permit this if
 147                  * inode_permission(inode, MAY_READ) == 0.
 148                  */
 149                 if (filp->f_mode & FMODE_READ)
 150                         __proc_set_tty(tty);
 151         }
 152         spin_unlock_irq(&current->sighand->siglock);
 153         read_unlock(&tasklist_lock);
 154 }
 155 
 156 struct tty_struct *get_current_tty(void)
 157 {
 158         struct tty_struct *tty;
 159         unsigned long flags;
 160 
 161         spin_lock_irqsave(&current->sighand->siglock, flags);
 162         tty = tty_kref_get(current->signal->tty);
 163         spin_unlock_irqrestore(&current->sighand->siglock, flags);
 164         return tty;
 165 }
 166 EXPORT_SYMBOL_GPL(get_current_tty);
 167 
 168 /*
 169  * Called from tty_release().
 170  */
 171 void session_clear_tty(struct pid *session)
 172 {
 173         struct task_struct *p;
 174         do_each_pid_task(session, PIDTYPE_SID, p) {
 175                 proc_clear_tty(p);
 176         } while_each_pid_task(session, PIDTYPE_SID, p);
 177 }
 178 
 179 /**
 180  *      tty_signal_session_leader       - sends SIGHUP to session leader
 181  *      @tty            controlling tty
 182  *      @exit_session   if non-zero, signal all foreground group processes
 183  *
 184  *      Send SIGHUP and SIGCONT to the session leader and its process group.
 185  *      Optionally, signal all processes in the foreground process group.
 186  *
 187  *      Returns the number of processes in the session with this tty
 188  *      as their controlling terminal. This value is used to drop
 189  *      tty references for those processes.
 190  */
 191 int tty_signal_session_leader(struct tty_struct *tty, int exit_session)
 192 {
 193         struct task_struct *p;
 194         int refs = 0;
 195         struct pid *tty_pgrp = NULL;
 196 
 197         read_lock(&tasklist_lock);
 198         if (tty->session) {
 199                 do_each_pid_task(tty->session, PIDTYPE_SID, p) {
 200                         spin_lock_irq(&p->sighand->siglock);
 201                         if (p->signal->tty == tty) {
 202                                 p->signal->tty = NULL;
 203                                 /* We defer the dereferences outside fo
 204                                    the tasklist lock */
 205                                 refs++;
 206                         }
 207                         if (!p->signal->leader) {
 208                                 spin_unlock_irq(&p->sighand->siglock);
 209                                 continue;
 210                         }
 211                         __group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
 212                         __group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
 213                         put_pid(p->signal->tty_old_pgrp);  /* A noop */
 214                         spin_lock(&tty->ctrl_lock);
 215                         tty_pgrp = get_pid(tty->pgrp);
 216                         if (tty->pgrp)
 217                                 p->signal->tty_old_pgrp = get_pid(tty->pgrp);
 218                         spin_unlock(&tty->ctrl_lock);
 219                         spin_unlock_irq(&p->sighand->siglock);
 220                 } while_each_pid_task(tty->session, PIDTYPE_SID, p);
 221         }
 222         read_unlock(&tasklist_lock);
 223 
 224         if (tty_pgrp) {
 225                 if (exit_session)
 226                         kill_pgrp(tty_pgrp, SIGHUP, exit_session);
 227                 put_pid(tty_pgrp);
 228         }
 229 
 230         return refs;
 231 }
 232 
 233 /**
 234  *      disassociate_ctty       -       disconnect controlling tty
 235  *      @on_exit: true if exiting so need to "hang up" the session
 236  *
 237  *      This function is typically called only by the session leader, when
 238  *      it wants to disassociate itself from its controlling tty.
 239  *
 240  *      It performs the following functions:
 241  *      (1)  Sends a SIGHUP and SIGCONT to the foreground process group
 242  *      (2)  Clears the tty from being controlling the session
 243  *      (3)  Clears the controlling tty for all processes in the
 244  *              session group.
 245  *
 246  *      The argument on_exit is set to 1 if called when a process is
 247  *      exiting; it is 0 if called by the ioctl TIOCNOTTY.
 248  *
 249  *      Locking:
 250  *              BTM is taken for hysterical raisons, and held when
 251  *                called from no_tty().
 252  *                tty_mutex is taken to protect tty
 253  *                ->siglock is taken to protect ->signal/->sighand
 254  *                tasklist_lock is taken to walk process list for sessions
 255  *                  ->siglock is taken to protect ->signal/->sighand
 256  */
 257 void disassociate_ctty(int on_exit)
 258 {
 259         struct tty_struct *tty;
 260 
 261         if (!current->signal->leader)
 262                 return;
 263 
 264         tty = get_current_tty();
 265         if (tty) {
 266                 if (on_exit && tty->driver->type != TTY_DRIVER_TYPE_PTY) {
 267                         tty_vhangup_session(tty);
 268                 } else {
 269                         struct pid *tty_pgrp = tty_get_pgrp(tty);
 270                         if (tty_pgrp) {
 271                                 kill_pgrp(tty_pgrp, SIGHUP, on_exit);
 272                                 if (!on_exit)
 273                                         kill_pgrp(tty_pgrp, SIGCONT, on_exit);
 274                                 put_pid(tty_pgrp);
 275                         }
 276                 }
 277                 tty_kref_put(tty);
 278 
 279         } else if (on_exit) {
 280                 struct pid *old_pgrp;
 281                 spin_lock_irq(&current->sighand->siglock);
 282                 old_pgrp = current->signal->tty_old_pgrp;
 283                 current->signal->tty_old_pgrp = NULL;
 284                 spin_unlock_irq(&current->sighand->siglock);
 285                 if (old_pgrp) {
 286                         kill_pgrp(old_pgrp, SIGHUP, on_exit);
 287                         kill_pgrp(old_pgrp, SIGCONT, on_exit);
 288                         put_pid(old_pgrp);
 289                 }
 290                 return;
 291         }
 292 
 293         spin_lock_irq(&current->sighand->siglock);
 294         put_pid(current->signal->tty_old_pgrp);
 295         current->signal->tty_old_pgrp = NULL;
 296 
 297         tty = tty_kref_get(current->signal->tty);
 298         if (tty) {
 299                 unsigned long flags;
 300                 spin_lock_irqsave(&tty->ctrl_lock, flags);
 301                 put_pid(tty->session);
 302                 put_pid(tty->pgrp);
 303                 tty->session = NULL;
 304                 tty->pgrp = NULL;
 305                 spin_unlock_irqrestore(&tty->ctrl_lock, flags);
 306                 tty_kref_put(tty);
 307         }
 308 
 309         spin_unlock_irq(&current->sighand->siglock);
 310         /* Now clear signal->tty under the lock */
 311         read_lock(&tasklist_lock);
 312         session_clear_tty(task_session(current));
 313         read_unlock(&tasklist_lock);
 314 }
 315 
 316 /*
 317  *
 318  *      no_tty  - Ensure the current process does not have a controlling tty
 319  */
 320 void no_tty(void)
 321 {
 322         /* FIXME: Review locking here. The tty_lock never covered any race
 323            between a new association and proc_clear_tty but possible we need
 324            to protect against this anyway */
 325         struct task_struct *tsk = current;
 326         disassociate_ctty(0);
 327         proc_clear_tty(tsk);
 328 }
 329 
 330 /**
 331  *      tiocsctty       -       set controlling tty
 332  *      @tty: tty structure
 333  *      @arg: user argument
 334  *
 335  *      This ioctl is used to manage job control. It permits a session
 336  *      leader to set this tty as the controlling tty for the session.
 337  *
 338  *      Locking:
 339  *              Takes tty_lock() to serialize proc_set_tty() for this tty
 340  *              Takes tasklist_lock internally to walk sessions
 341  *              Takes ->siglock() when updating signal->tty
 342  */
 343 static int tiocsctty(struct tty_struct *tty, struct file *file, int arg)
 344 {
 345         int ret = 0;
 346 
 347         tty_lock(tty);
 348         read_lock(&tasklist_lock);
 349 
 350         if (current->signal->leader && (task_session(current) == tty->session))
 351                 goto unlock;
 352 
 353         /*
 354          * The process must be a session leader and
 355          * not have a controlling tty already.
 356          */
 357         if (!current->signal->leader || current->signal->tty) {
 358                 ret = -EPERM;
 359                 goto unlock;
 360         }
 361 
 362         if (tty->session) {
 363                 /*
 364                  * This tty is already the controlling
 365                  * tty for another session group!
 366                  */
 367                 if (arg == 1 && capable(CAP_SYS_ADMIN)) {
 368                         /*
 369                          * Steal it away
 370                          */
 371                         session_clear_tty(tty->session);
 372                 } else {
 373                         ret = -EPERM;
 374                         goto unlock;
 375                 }
 376         }
 377 
 378         /* See the comment in tty_open_proc_set_tty(). */
 379         if ((file->f_mode & FMODE_READ) == 0 && !capable(CAP_SYS_ADMIN)) {
 380                 ret = -EPERM;
 381                 goto unlock;
 382         }
 383 
 384         proc_set_tty(tty);
 385 unlock:
 386         read_unlock(&tasklist_lock);
 387         tty_unlock(tty);
 388         return ret;
 389 }
 390 
 391 /**
 392  *      tty_get_pgrp    -       return a ref counted pgrp pid
 393  *      @tty: tty to read
 394  *
 395  *      Returns a refcounted instance of the pid struct for the process
 396  *      group controlling the tty.
 397  */
 398 struct pid *tty_get_pgrp(struct tty_struct *tty)
 399 {
 400         unsigned long flags;
 401         struct pid *pgrp;
 402 
 403         spin_lock_irqsave(&tty->ctrl_lock, flags);
 404         pgrp = get_pid(tty->pgrp);
 405         spin_unlock_irqrestore(&tty->ctrl_lock, flags);
 406 
 407         return pgrp;
 408 }
 409 EXPORT_SYMBOL_GPL(tty_get_pgrp);
 410 
 411 /*
 412  * This checks not only the pgrp, but falls back on the pid if no
 413  * satisfactory pgrp is found. I dunno - gdb doesn't work correctly
 414  * without this...
 415  *
 416  * The caller must hold rcu lock or the tasklist lock.
 417  */
 418 static struct pid *session_of_pgrp(struct pid *pgrp)
 419 {
 420         struct task_struct *p;
 421         struct pid *sid = NULL;
 422 
 423         p = pid_task(pgrp, PIDTYPE_PGID);
 424         if (p == NULL)
 425                 p = pid_task(pgrp, PIDTYPE_PID);
 426         if (p != NULL)
 427                 sid = task_session(p);
 428 
 429         return sid;
 430 }
 431 
 432 /**
 433  *      tiocgpgrp               -       get process group
 434  *      @tty: tty passed by user
 435  *      @real_tty: tty side of the tty passed by the user if a pty else the tty
 436  *      @p: returned pid
 437  *
 438  *      Obtain the process group of the tty. If there is no process group
 439  *      return an error.
 440  *
 441  *      Locking: none. Reference to current->signal->tty is safe.
 442  */
 443 static int tiocgpgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
 444 {
 445         struct pid *pid;
 446         int ret;
 447         /*
 448          * (tty == real_tty) is a cheap way of
 449          * testing if the tty is NOT a master pty.
 450          */
 451         if (tty == real_tty && current->signal->tty != real_tty)
 452                 return -ENOTTY;
 453         pid = tty_get_pgrp(real_tty);
 454         ret =  put_user(pid_vnr(pid), p);
 455         put_pid(pid);
 456         return ret;
 457 }
 458 
 459 /**
 460  *      tiocspgrp               -       attempt to set process group
 461  *      @tty: tty passed by user
 462  *      @real_tty: tty side device matching tty passed by user
 463  *      @p: pid pointer
 464  *
 465  *      Set the process group of the tty to the session passed. Only
 466  *      permitted where the tty session is our session.
 467  *
 468  *      Locking: RCU, ctrl lock
 469  */
 470 static int tiocspgrp(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
 471 {
 472         struct pid *pgrp;
 473         pid_t pgrp_nr;
 474         int retval = tty_check_change(real_tty);
 475 
 476         if (retval == -EIO)
 477                 return -ENOTTY;
 478         if (retval)
 479                 return retval;
 480         if (!current->signal->tty ||
 481             (current->signal->tty != real_tty) ||
 482             (real_tty->session != task_session(current)))
 483                 return -ENOTTY;
 484         if (get_user(pgrp_nr, p))
 485                 return -EFAULT;
 486         if (pgrp_nr < 0)
 487                 return -EINVAL;
 488         rcu_read_lock();
 489         pgrp = find_vpid(pgrp_nr);
 490         retval = -ESRCH;
 491         if (!pgrp)
 492                 goto out_unlock;
 493         retval = -EPERM;
 494         if (session_of_pgrp(pgrp) != task_session(current))
 495                 goto out_unlock;
 496         retval = 0;
 497         spin_lock_irq(&tty->ctrl_lock);
 498         put_pid(real_tty->pgrp);
 499         real_tty->pgrp = get_pid(pgrp);
 500         spin_unlock_irq(&tty->ctrl_lock);
 501 out_unlock:
 502         rcu_read_unlock();
 503         return retval;
 504 }
 505 
 506 /**
 507  *      tiocgsid                -       get session id
 508  *      @tty: tty passed by user
 509  *      @real_tty: tty side of the tty passed by the user if a pty else the tty
 510  *      @p: pointer to returned session id
 511  *
 512  *      Obtain the session id of the tty. If there is no session
 513  *      return an error.
 514  *
 515  *      Locking: none. Reference to current->signal->tty is safe.
 516  */
 517 static int tiocgsid(struct tty_struct *tty, struct tty_struct *real_tty, pid_t __user *p)
 518 {
 519         /*
 520          * (tty == real_tty) is a cheap way of
 521          * testing if the tty is NOT a master pty.
 522         */
 523         if (tty == real_tty && current->signal->tty != real_tty)
 524                 return -ENOTTY;
 525         if (!real_tty->session)
 526                 return -ENOTTY;
 527         return put_user(pid_vnr(real_tty->session), p);
 528 }
 529 
 530 /*
 531  * Called from tty_ioctl(). If tty is a pty then real_tty is the slave side,
 532  * if not then tty == real_tty.
 533  */
 534 long tty_jobctrl_ioctl(struct tty_struct *tty, struct tty_struct *real_tty,
 535                        struct file *file, unsigned int cmd, unsigned long arg)
 536 {
 537         void __user *p = (void __user *)arg;
 538 
 539         switch (cmd) {
 540         case TIOCNOTTY:
 541                 if (current->signal->tty != tty)
 542                         return -ENOTTY;
 543                 no_tty();
 544                 return 0;
 545         case TIOCSCTTY:
 546                 return tiocsctty(real_tty, file, arg);
 547         case TIOCGPGRP:
 548                 return tiocgpgrp(tty, real_tty, p);
 549         case TIOCSPGRP:
 550                 return tiocspgrp(tty, real_tty, p);
 551         case TIOCGSID:
 552                 return tiocgsid(tty, real_tty, p);
 553         }
 554         return -ENOIOCTLCMD;
 555 }

/* [<][>][^][v][top][bottom][index][help] */