vt_ioctl.c revision bde0d2c98bcfc9acc83ac79c33a6ac1335b95a92
1/* 2 * linux/drivers/char/vt_ioctl.c 3 * 4 * Copyright (C) 1992 obz under the linux copyright 5 * 6 * Dynamic diacritical handling - aeb@cwi.nl - Dec 1993 7 * Dynamic keymap and string allocation - aeb@cwi.nl - May 1994 8 * Restrict VT switching via ioctl() - grif@cs.ucr.edu - Dec 1995 9 * Some code moved for less code duplication - Andi Kleen - Mar 1997 10 * Check put/get_user, cleanups - acme@conectiva.com.br - Jun 2001 11 */ 12 13#include <linux/types.h> 14#include <linux/errno.h> 15#include <linux/sched.h> 16#include <linux/tty.h> 17#include <linux/timer.h> 18#include <linux/kernel.h> 19#include <linux/kd.h> 20#include <linux/vt.h> 21#include <linux/string.h> 22#include <linux/slab.h> 23#include <linux/major.h> 24#include <linux/fs.h> 25#include <linux/console.h> 26#include <linux/signal.h> 27#include <linux/timex.h> 28 29#include <asm/io.h> 30#include <asm/uaccess.h> 31 32#include <linux/kbd_kern.h> 33#include <linux/vt_kern.h> 34#include <linux/kbd_diacr.h> 35#include <linux/selection.h> 36 37static char vt_dont_switch; 38extern struct tty_driver *console_driver; 39 40#define VT_IS_IN_USE(i) (console_driver->ttys[i] && console_driver->ttys[i]->count) 41#define VT_BUSY(i) (VT_IS_IN_USE(i) || i == fg_console || vc_cons[i].d == sel_cons) 42 43/* 44 * Console (vt and kd) routines, as defined by USL SVR4 manual, and by 45 * experimentation and study of X386 SYSV handling. 46 * 47 * One point of difference: SYSV vt's are /dev/vtX, which X >= 0, and 48 * /dev/console is a separate ttyp. Under Linux, /dev/tty0 is /dev/console, 49 * and the vc start at /dev/ttyX, X >= 1. We maintain that here, so we will 50 * always treat our set of vt as numbered 1..MAX_NR_CONSOLES (corresponding to 51 * ttys 0..MAX_NR_CONSOLES-1). Explicitly naming VT 0 is illegal, but using 52 * /dev/tty0 (fg_console) as a target is legal, since an implicit aliasing 53 * to the current console is done by the main ioctl code. 54 */ 55 56#ifdef CONFIG_X86 57#include <linux/syscalls.h> 58#endif 59 60static void complete_change_console(struct vc_data *vc); 61 62/* 63 * these are the valid i/o ports we're allowed to change. they map all the 64 * video ports 65 */ 66#define GPFIRST 0x3b4 67#define GPLAST 0x3df 68#define GPNUM (GPLAST - GPFIRST + 1) 69 70#define i (tmp.kb_index) 71#define s (tmp.kb_table) 72#define v (tmp.kb_value) 73static inline int 74do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm, struct kbd_struct *kbd) 75{ 76 struct kbentry tmp; 77 ushort *key_map, val, ov; 78 79 if (copy_from_user(&tmp, user_kbe, sizeof(struct kbentry))) 80 return -EFAULT; 81 82 if (!capable(CAP_SYS_TTY_CONFIG)) 83 perm = 0; 84 85 switch (cmd) { 86 case KDGKBENT: 87 key_map = key_maps[s]; 88 if (key_map) { 89 val = U(key_map[i]); 90 if (kbd->kbdmode != VC_UNICODE && KTYP(val) >= NR_TYPES) 91 val = K_HOLE; 92 } else 93 val = (i ? K_HOLE : K_NOSUCHMAP); 94 return put_user(val, &user_kbe->kb_value); 95 case KDSKBENT: 96 if (!perm) 97 return -EPERM; 98 if (!i && v == K_NOSUCHMAP) { 99 /* deallocate map */ 100 key_map = key_maps[s]; 101 if (s && key_map) { 102 key_maps[s] = NULL; 103 if (key_map[0] == U(K_ALLOCATED)) { 104 kfree(key_map); 105 keymap_count--; 106 } 107 } 108 break; 109 } 110 111 if (KTYP(v) < NR_TYPES) { 112 if (KVAL(v) > max_vals[KTYP(v)]) 113 return -EINVAL; 114 } else 115 if (kbd->kbdmode != VC_UNICODE) 116 return -EINVAL; 117 118 /* ++Geert: non-PC keyboards may generate keycode zero */ 119#if !defined(__mc68000__) && !defined(__powerpc__) 120 /* assignment to entry 0 only tests validity of args */ 121 if (!i) 122 break; 123#endif 124 125 if (!(key_map = key_maps[s])) { 126 int j; 127 128 if (keymap_count >= MAX_NR_OF_USER_KEYMAPS && 129 !capable(CAP_SYS_RESOURCE)) 130 return -EPERM; 131 132 key_map = (ushort *) kmalloc(sizeof(plain_map), 133 GFP_KERNEL); 134 if (!key_map) 135 return -ENOMEM; 136 key_maps[s] = key_map; 137 key_map[0] = U(K_ALLOCATED); 138 for (j = 1; j < NR_KEYS; j++) 139 key_map[j] = U(K_HOLE); 140 keymap_count++; 141 } 142 ov = U(key_map[i]); 143 if (v == ov) 144 break; /* nothing to do */ 145 /* 146 * Attention Key. 147 */ 148 if (((ov == K_SAK) || (v == K_SAK)) && !capable(CAP_SYS_ADMIN)) 149 return -EPERM; 150 key_map[i] = U(v); 151 if (!s && (KTYP(ov) == KT_SHIFT || KTYP(v) == KT_SHIFT)) 152 compute_shiftstate(); 153 break; 154 } 155 return 0; 156} 157#undef i 158#undef s 159#undef v 160 161static inline int 162do_kbkeycode_ioctl(int cmd, struct kbkeycode __user *user_kbkc, int perm) 163{ 164 struct kbkeycode tmp; 165 int kc = 0; 166 167 if (copy_from_user(&tmp, user_kbkc, sizeof(struct kbkeycode))) 168 return -EFAULT; 169 switch (cmd) { 170 case KDGETKEYCODE: 171 kc = getkeycode(tmp.scancode); 172 if (kc >= 0) 173 kc = put_user(kc, &user_kbkc->keycode); 174 break; 175 case KDSETKEYCODE: 176 if (!perm) 177 return -EPERM; 178 kc = setkeycode(tmp.scancode, tmp.keycode); 179 break; 180 } 181 return kc; 182} 183 184static inline int 185do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm) 186{ 187 struct kbsentry *kbs; 188 char *p; 189 u_char *q; 190 u_char __user *up; 191 int sz; 192 int delta; 193 char *first_free, *fj, *fnw; 194 int i, j, k; 195 int ret; 196 197 if (!capable(CAP_SYS_TTY_CONFIG)) 198 perm = 0; 199 200 kbs = kmalloc(sizeof(*kbs), GFP_KERNEL); 201 if (!kbs) { 202 ret = -ENOMEM; 203 goto reterr; 204 } 205 206 /* we mostly copy too much here (512bytes), but who cares ;) */ 207 if (copy_from_user(kbs, user_kdgkb, sizeof(struct kbsentry))) { 208 ret = -EFAULT; 209 goto reterr; 210 } 211 kbs->kb_string[sizeof(kbs->kb_string)-1] = '\0'; 212 i = kbs->kb_func; 213 214 switch (cmd) { 215 case KDGKBSENT: 216 sz = sizeof(kbs->kb_string) - 1; /* sz should have been 217 a struct member */ 218 up = user_kdgkb->kb_string; 219 p = func_table[i]; 220 if(p) 221 for ( ; *p && sz; p++, sz--) 222 if (put_user(*p, up++)) { 223 ret = -EFAULT; 224 goto reterr; 225 } 226 if (put_user('\0', up)) { 227 ret = -EFAULT; 228 goto reterr; 229 } 230 kfree(kbs); 231 return ((p && *p) ? -EOVERFLOW : 0); 232 case KDSKBSENT: 233 if (!perm) { 234 ret = -EPERM; 235 goto reterr; 236 } 237 238 q = func_table[i]; 239 first_free = funcbufptr + (funcbufsize - funcbufleft); 240 for (j = i+1; j < MAX_NR_FUNC && !func_table[j]; j++) 241 ; 242 if (j < MAX_NR_FUNC) 243 fj = func_table[j]; 244 else 245 fj = first_free; 246 247 delta = (q ? -strlen(q) : 1) + strlen(kbs->kb_string); 248 if (delta <= funcbufleft) { /* it fits in current buf */ 249 if (j < MAX_NR_FUNC) { 250 memmove(fj + delta, fj, first_free - fj); 251 for (k = j; k < MAX_NR_FUNC; k++) 252 if (func_table[k]) 253 func_table[k] += delta; 254 } 255 if (!q) 256 func_table[i] = fj; 257 funcbufleft -= delta; 258 } else { /* allocate a larger buffer */ 259 sz = 256; 260 while (sz < funcbufsize - funcbufleft + delta) 261 sz <<= 1; 262 fnw = (char *) kmalloc(sz, GFP_KERNEL); 263 if(!fnw) { 264 ret = -ENOMEM; 265 goto reterr; 266 } 267 268 if (!q) 269 func_table[i] = fj; 270 if (fj > funcbufptr) 271 memmove(fnw, funcbufptr, fj - funcbufptr); 272 for (k = 0; k < j; k++) 273 if (func_table[k]) 274 func_table[k] = fnw + (func_table[k] - funcbufptr); 275 276 if (first_free > fj) { 277 memmove(fnw + (fj - funcbufptr) + delta, fj, first_free - fj); 278 for (k = j; k < MAX_NR_FUNC; k++) 279 if (func_table[k]) 280 func_table[k] = fnw + (func_table[k] - funcbufptr) + delta; 281 } 282 if (funcbufptr != func_buf) 283 kfree(funcbufptr); 284 funcbufptr = fnw; 285 funcbufleft = funcbufleft - delta + sz - funcbufsize; 286 funcbufsize = sz; 287 } 288 strcpy(func_table[i], kbs->kb_string); 289 break; 290 } 291 ret = 0; 292reterr: 293 kfree(kbs); 294 return ret; 295} 296 297static inline int 298do_fontx_ioctl(int cmd, struct consolefontdesc __user *user_cfd, int perm, struct console_font_op *op) 299{ 300 struct consolefontdesc cfdarg; 301 int i; 302 303 if (copy_from_user(&cfdarg, user_cfd, sizeof(struct consolefontdesc))) 304 return -EFAULT; 305 306 switch (cmd) { 307 case PIO_FONTX: 308 if (!perm) 309 return -EPERM; 310 op->op = KD_FONT_OP_SET; 311 op->flags = KD_FONT_FLAG_OLD; 312 op->width = 8; 313 op->height = cfdarg.charheight; 314 op->charcount = cfdarg.charcount; 315 op->data = cfdarg.chardata; 316 return con_font_op(vc_cons[fg_console].d, op); 317 case GIO_FONTX: { 318 op->op = KD_FONT_OP_GET; 319 op->flags = KD_FONT_FLAG_OLD; 320 op->width = 8; 321 op->height = cfdarg.charheight; 322 op->charcount = cfdarg.charcount; 323 op->data = cfdarg.chardata; 324 i = con_font_op(vc_cons[fg_console].d, op); 325 if (i) 326 return i; 327 cfdarg.charheight = op->height; 328 cfdarg.charcount = op->charcount; 329 if (copy_to_user(user_cfd, &cfdarg, sizeof(struct consolefontdesc))) 330 return -EFAULT; 331 return 0; 332 } 333 } 334 return -EINVAL; 335} 336 337static inline int 338do_unimap_ioctl(int cmd, struct unimapdesc __user *user_ud, int perm, struct vc_data *vc) 339{ 340 struct unimapdesc tmp; 341 342 if (copy_from_user(&tmp, user_ud, sizeof tmp)) 343 return -EFAULT; 344 if (tmp.entries) 345 if (!access_ok(VERIFY_WRITE, tmp.entries, 346 tmp.entry_ct*sizeof(struct unipair))) 347 return -EFAULT; 348 switch (cmd) { 349 case PIO_UNIMAP: 350 if (!perm) 351 return -EPERM; 352 return con_set_unimap(vc, tmp.entry_ct, tmp.entries); 353 case GIO_UNIMAP: 354 if (!perm && fg_console != vc->vc_num) 355 return -EPERM; 356 return con_get_unimap(vc, tmp.entry_ct, &(user_ud->entry_ct), tmp.entries); 357 } 358 return 0; 359} 360 361/* 362 * We handle the console-specific ioctl's here. We allow the 363 * capability to modify any console, not just the fg_console. 364 */ 365int vt_ioctl(struct tty_struct *tty, struct file * file, 366 unsigned int cmd, unsigned long arg) 367{ 368 struct vc_data *vc = (struct vc_data *)tty->driver_data; 369 struct console_font_op op; /* used in multiple places here */ 370 struct kbd_struct * kbd; 371 unsigned int console; 372 unsigned char ucval; 373 void __user *up = (void __user *)arg; 374 int i, perm; 375 376 console = vc->vc_num; 377 378 if (!vc_cons_allocated(console)) /* impossible? */ 379 return -ENOIOCTLCMD; 380 381 /* 382 * To have permissions to do most of the vt ioctls, we either have 383 * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG. 384 */ 385 perm = 0; 386 if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG)) 387 perm = 1; 388 389 kbd = kbd_table + console; 390 switch (cmd) { 391 case KIOCSOUND: 392 if (!perm) 393 return -EPERM; 394 if (arg) 395 arg = CLOCK_TICK_RATE / arg; 396 kd_mksound(arg, 0); 397 return 0; 398 399 case KDMKTONE: 400 if (!perm) 401 return -EPERM; 402 { 403 unsigned int ticks, count; 404 405 /* 406 * Generate the tone for the appropriate number of ticks. 407 * If the time is zero, turn off sound ourselves. 408 */ 409 ticks = HZ * ((arg >> 16) & 0xffff) / 1000; 410 count = ticks ? (arg & 0xffff) : 0; 411 if (count) 412 count = CLOCK_TICK_RATE / count; 413 kd_mksound(count, ticks); 414 return 0; 415 } 416 417 case KDGKBTYPE: 418 /* 419 * this is naive. 420 */ 421 ucval = KB_101; 422 goto setchar; 423 424 /* 425 * These cannot be implemented on any machine that implements 426 * ioperm() in user level (such as Alpha PCs) or not at all. 427 * 428 * XXX: you should never use these, just call ioperm directly.. 429 */ 430#ifdef CONFIG_X86 431 case KDADDIO: 432 case KDDELIO: 433 /* 434 * KDADDIO and KDDELIO may be able to add ports beyond what 435 * we reject here, but to be safe... 436 */ 437 if (arg < GPFIRST || arg > GPLAST) 438 return -EINVAL; 439 return sys_ioperm(arg, 1, (cmd == KDADDIO)) ? -ENXIO : 0; 440 441 case KDENABIO: 442 case KDDISABIO: 443 return sys_ioperm(GPFIRST, GPNUM, 444 (cmd == KDENABIO)) ? -ENXIO : 0; 445#endif 446 447 /* Linux m68k/i386 interface for setting the keyboard delay/repeat rate */ 448 449 case KDKBDREP: 450 { 451 struct kbd_repeat kbrep; 452 int err; 453 454 if (!capable(CAP_SYS_TTY_CONFIG)) 455 return -EPERM; 456 457 if (copy_from_user(&kbrep, up, sizeof(struct kbd_repeat))) 458 return -EFAULT; 459 err = kbd_rate(&kbrep); 460 if (err) 461 return err; 462 if (copy_to_user(up, &kbrep, sizeof(struct kbd_repeat))) 463 return -EFAULT; 464 return 0; 465 } 466 467 case KDSETMODE: 468 /* 469 * currently, setting the mode from KD_TEXT to KD_GRAPHICS 470 * doesn't do a whole lot. i'm not sure if it should do any 471 * restoration of modes or what... 472 * 473 * XXX It should at least call into the driver, fbdev's definitely 474 * need to restore their engine state. --BenH 475 */ 476 if (!perm) 477 return -EPERM; 478 switch (arg) { 479 case KD_GRAPHICS: 480 break; 481 case KD_TEXT0: 482 case KD_TEXT1: 483 arg = KD_TEXT; 484 case KD_TEXT: 485 break; 486 default: 487 return -EINVAL; 488 } 489 if (vc->vc_mode == (unsigned char) arg) 490 return 0; 491 vc->vc_mode = (unsigned char) arg; 492 if (console != fg_console) 493 return 0; 494 /* 495 * explicitly blank/unblank the screen if switching modes 496 */ 497 acquire_console_sem(); 498 if (arg == KD_TEXT) 499 do_unblank_screen(1); 500 else 501 do_blank_screen(1); 502 release_console_sem(); 503 return 0; 504 505 case KDGETMODE: 506 ucval = vc->vc_mode; 507 goto setint; 508 509 case KDMAPDISP: 510 case KDUNMAPDISP: 511 /* 512 * these work like a combination of mmap and KDENABIO. 513 * this could be easily finished. 514 */ 515 return -EINVAL; 516 517 case KDSKBMODE: 518 if (!perm) 519 return -EPERM; 520 switch(arg) { 521 case K_RAW: 522 kbd->kbdmode = VC_RAW; 523 break; 524 case K_MEDIUMRAW: 525 kbd->kbdmode = VC_MEDIUMRAW; 526 break; 527 case K_XLATE: 528 kbd->kbdmode = VC_XLATE; 529 compute_shiftstate(); 530 break; 531 case K_UNICODE: 532 kbd->kbdmode = VC_UNICODE; 533 compute_shiftstate(); 534 break; 535 default: 536 return -EINVAL; 537 } 538 tty_ldisc_flush(tty); 539 return 0; 540 541 case KDGKBMODE: 542 ucval = ((kbd->kbdmode == VC_RAW) ? K_RAW : 543 (kbd->kbdmode == VC_MEDIUMRAW) ? K_MEDIUMRAW : 544 (kbd->kbdmode == VC_UNICODE) ? K_UNICODE : 545 K_XLATE); 546 goto setint; 547 548 /* this could be folded into KDSKBMODE, but for compatibility 549 reasons it is not so easy to fold KDGKBMETA into KDGKBMODE */ 550 case KDSKBMETA: 551 switch(arg) { 552 case K_METABIT: 553 clr_vc_kbd_mode(kbd, VC_META); 554 break; 555 case K_ESCPREFIX: 556 set_vc_kbd_mode(kbd, VC_META); 557 break; 558 default: 559 return -EINVAL; 560 } 561 return 0; 562 563 case KDGKBMETA: 564 ucval = (vc_kbd_mode(kbd, VC_META) ? K_ESCPREFIX : K_METABIT); 565 setint: 566 return put_user(ucval, (int __user *)arg); 567 568 case KDGETKEYCODE: 569 case KDSETKEYCODE: 570 if(!capable(CAP_SYS_TTY_CONFIG)) 571 perm=0; 572 return do_kbkeycode_ioctl(cmd, up, perm); 573 574 case KDGKBENT: 575 case KDSKBENT: 576 return do_kdsk_ioctl(cmd, up, perm, kbd); 577 578 case KDGKBSENT: 579 case KDSKBSENT: 580 return do_kdgkb_ioctl(cmd, up, perm); 581 582 case KDGKBDIACR: 583 { 584 struct kbdiacrs __user *a = up; 585 586 if (put_user(accent_table_size, &a->kb_cnt)) 587 return -EFAULT; 588 if (copy_to_user(a->kbdiacr, accent_table, accent_table_size*sizeof(struct kbdiacr))) 589 return -EFAULT; 590 return 0; 591 } 592 593 case KDSKBDIACR: 594 { 595 struct kbdiacrs __user *a = up; 596 unsigned int ct; 597 598 if (!perm) 599 return -EPERM; 600 if (get_user(ct,&a->kb_cnt)) 601 return -EFAULT; 602 if (ct >= MAX_DIACR) 603 return -EINVAL; 604 accent_table_size = ct; 605 if (copy_from_user(accent_table, a->kbdiacr, ct*sizeof(struct kbdiacr))) 606 return -EFAULT; 607 return 0; 608 } 609 610 /* the ioctls below read/set the flags usually shown in the leds */ 611 /* don't use them - they will go away without warning */ 612 case KDGKBLED: 613 ucval = kbd->ledflagstate | (kbd->default_ledflagstate << 4); 614 goto setchar; 615 616 case KDSKBLED: 617 if (!perm) 618 return -EPERM; 619 if (arg & ~0x77) 620 return -EINVAL; 621 kbd->ledflagstate = (arg & 7); 622 kbd->default_ledflagstate = ((arg >> 4) & 7); 623 set_leds(); 624 return 0; 625 626 /* the ioctls below only set the lights, not the functions */ 627 /* for those, see KDGKBLED and KDSKBLED above */ 628 case KDGETLED: 629 ucval = getledstate(); 630 setchar: 631 return put_user(ucval, (char __user *)arg); 632 633 case KDSETLED: 634 if (!perm) 635 return -EPERM; 636 setledstate(kbd, arg); 637 return 0; 638 639 /* 640 * A process can indicate its willingness to accept signals 641 * generated by pressing an appropriate key combination. 642 * Thus, one can have a daemon that e.g. spawns a new console 643 * upon a keypress and then changes to it. 644 * See also the kbrequest field of inittab(5). 645 */ 646 case KDSIGACCEPT: 647 { 648 if (!perm || !capable(CAP_KILL)) 649 return -EPERM; 650 if (!valid_signal(arg) || arg < 1 || arg == SIGKILL) 651 return -EINVAL; 652 653 spin_lock_irq(&vt_spawn_con.lock); 654 put_pid(vt_spawn_con.pid); 655 vt_spawn_con.pid = get_pid(task_pid(current)); 656 vt_spawn_con.sig = arg; 657 spin_unlock_irq(&vt_spawn_con.lock); 658 return 0; 659 } 660 661 case VT_SETMODE: 662 { 663 struct vt_mode tmp; 664 665 if (!perm) 666 return -EPERM; 667 if (copy_from_user(&tmp, up, sizeof(struct vt_mode))) 668 return -EFAULT; 669 if (tmp.mode != VT_AUTO && tmp.mode != VT_PROCESS) 670 return -EINVAL; 671 acquire_console_sem(); 672 vc->vt_mode = tmp; 673 /* the frsig is ignored, so we set it to 0 */ 674 vc->vt_mode.frsig = 0; 675 put_pid(xchg(&vc->vt_pid, get_pid(task_pid(current)))); 676 /* no switch is required -- saw@shade.msu.ru */ 677 vc->vt_newvt = -1; 678 release_console_sem(); 679 return 0; 680 } 681 682 case VT_GETMODE: 683 { 684 struct vt_mode tmp; 685 int rc; 686 687 acquire_console_sem(); 688 memcpy(&tmp, &vc->vt_mode, sizeof(struct vt_mode)); 689 release_console_sem(); 690 691 rc = copy_to_user(up, &tmp, sizeof(struct vt_mode)); 692 return rc ? -EFAULT : 0; 693 } 694 695 /* 696 * Returns global vt state. Note that VT 0 is always open, since 697 * it's an alias for the current VT, and people can't use it here. 698 * We cannot return state for more than 16 VTs, since v_state is short. 699 */ 700 case VT_GETSTATE: 701 { 702 struct vt_stat __user *vtstat = up; 703 unsigned short state, mask; 704 705 if (put_user(fg_console + 1, &vtstat->v_active)) 706 return -EFAULT; 707 state = 1; /* /dev/tty0 is always open */ 708 for (i = 0, mask = 2; i < MAX_NR_CONSOLES && mask; ++i, mask <<= 1) 709 if (VT_IS_IN_USE(i)) 710 state |= mask; 711 return put_user(state, &vtstat->v_state); 712 } 713 714 /* 715 * Returns the first available (non-opened) console. 716 */ 717 case VT_OPENQRY: 718 for (i = 0; i < MAX_NR_CONSOLES; ++i) 719 if (! VT_IS_IN_USE(i)) 720 break; 721 ucval = i < MAX_NR_CONSOLES ? (i+1) : -1; 722 goto setint; 723 724 /* 725 * ioctl(fd, VT_ACTIVATE, num) will cause us to switch to vt # num, 726 * with num >= 1 (switches to vt 0, our console, are not allowed, just 727 * to preserve sanity). 728 */ 729 case VT_ACTIVATE: 730 if (!perm) 731 return -EPERM; 732 if (arg == 0 || arg > MAX_NR_CONSOLES) 733 return -ENXIO; 734 arg--; 735 acquire_console_sem(); 736 i = vc_allocate(arg); 737 release_console_sem(); 738 if (i) 739 return i; 740 set_console(arg); 741 return 0; 742 743 /* 744 * wait until the specified VT has been activated 745 */ 746 case VT_WAITACTIVE: 747 if (!perm) 748 return -EPERM; 749 if (arg == 0 || arg > MAX_NR_CONSOLES) 750 return -ENXIO; 751 return vt_waitactive(arg-1); 752 753 /* 754 * If a vt is under process control, the kernel will not switch to it 755 * immediately, but postpone the operation until the process calls this 756 * ioctl, allowing the switch to complete. 757 * 758 * According to the X sources this is the behavior: 759 * 0: pending switch-from not OK 760 * 1: pending switch-from OK 761 * 2: completed switch-to OK 762 */ 763 case VT_RELDISP: 764 if (!perm) 765 return -EPERM; 766 if (vc->vt_mode.mode != VT_PROCESS) 767 return -EINVAL; 768 769 /* 770 * Switching-from response 771 */ 772 if (vc->vt_newvt >= 0) { 773 if (arg == 0) 774 /* 775 * Switch disallowed, so forget we were trying 776 * to do it. 777 */ 778 vc->vt_newvt = -1; 779 780 else { 781 /* 782 * The current vt has been released, so 783 * complete the switch. 784 */ 785 int newvt; 786 acquire_console_sem(); 787 newvt = vc->vt_newvt; 788 vc->vt_newvt = -1; 789 i = vc_allocate(newvt); 790 if (i) { 791 release_console_sem(); 792 return i; 793 } 794 /* 795 * When we actually do the console switch, 796 * make sure we are atomic with respect to 797 * other console switches.. 798 */ 799 complete_change_console(vc_cons[newvt].d); 800 release_console_sem(); 801 } 802 } 803 804 /* 805 * Switched-to response 806 */ 807 else 808 { 809 /* 810 * If it's just an ACK, ignore it 811 */ 812 if (arg != VT_ACKACQ) 813 return -EINVAL; 814 } 815 816 return 0; 817 818 /* 819 * Disallocate memory associated to VT (but leave VT1) 820 */ 821 case VT_DISALLOCATE: 822 if (arg > MAX_NR_CONSOLES) 823 return -ENXIO; 824 if (arg == 0) { 825 /* deallocate all unused consoles, but leave 0 */ 826 acquire_console_sem(); 827 for (i=1; i<MAX_NR_CONSOLES; i++) 828 if (! VT_BUSY(i)) 829 vc_deallocate(i); 830 release_console_sem(); 831 } else { 832 /* deallocate a single console, if possible */ 833 arg--; 834 if (VT_BUSY(arg)) 835 return -EBUSY; 836 if (arg) { /* leave 0 */ 837 acquire_console_sem(); 838 vc_deallocate(arg); 839 release_console_sem(); 840 } 841 } 842 return 0; 843 844 case VT_RESIZE: 845 { 846 struct vt_sizes __user *vtsizes = up; 847 ushort ll,cc; 848 if (!perm) 849 return -EPERM; 850 if (get_user(ll, &vtsizes->v_rows) || 851 get_user(cc, &vtsizes->v_cols)) 852 return -EFAULT; 853 for (i = 0; i < MAX_NR_CONSOLES; i++) 854 vc_lock_resize(vc_cons[i].d, cc, ll); 855 return 0; 856 } 857 858 case VT_RESIZEX: 859 { 860 struct vt_consize __user *vtconsize = up; 861 ushort ll,cc,vlin,clin,vcol,ccol; 862 if (!perm) 863 return -EPERM; 864 if (!access_ok(VERIFY_READ, vtconsize, 865 sizeof(struct vt_consize))) 866 return -EFAULT; 867 __get_user(ll, &vtconsize->v_rows); 868 __get_user(cc, &vtconsize->v_cols); 869 __get_user(vlin, &vtconsize->v_vlin); 870 __get_user(clin, &vtconsize->v_clin); 871 __get_user(vcol, &vtconsize->v_vcol); 872 __get_user(ccol, &vtconsize->v_ccol); 873 vlin = vlin ? vlin : vc->vc_scan_lines; 874 if (clin) { 875 if (ll) { 876 if (ll != vlin/clin) 877 return -EINVAL; /* Parameters don't add up */ 878 } else 879 ll = vlin/clin; 880 } 881 if (vcol && ccol) { 882 if (cc) { 883 if (cc != vcol/ccol) 884 return -EINVAL; 885 } else 886 cc = vcol/ccol; 887 } 888 889 if (clin > 32) 890 return -EINVAL; 891 892 for (i = 0; i < MAX_NR_CONSOLES; i++) { 893 if (!vc_cons[i].d) 894 continue; 895 acquire_console_sem(); 896 if (vlin) 897 vc_cons[i].d->vc_scan_lines = vlin; 898 if (clin) 899 vc_cons[i].d->vc_font.height = clin; 900 vc_resize(vc_cons[i].d, cc, ll); 901 release_console_sem(); 902 } 903 return 0; 904 } 905 906 case PIO_FONT: { 907 if (!perm) 908 return -EPERM; 909 op.op = KD_FONT_OP_SET; 910 op.flags = KD_FONT_FLAG_OLD | KD_FONT_FLAG_DONT_RECALC; /* Compatibility */ 911 op.width = 8; 912 op.height = 0; 913 op.charcount = 256; 914 op.data = up; 915 return con_font_op(vc_cons[fg_console].d, &op); 916 } 917 918 case GIO_FONT: { 919 op.op = KD_FONT_OP_GET; 920 op.flags = KD_FONT_FLAG_OLD; 921 op.width = 8; 922 op.height = 32; 923 op.charcount = 256; 924 op.data = up; 925 return con_font_op(vc_cons[fg_console].d, &op); 926 } 927 928 case PIO_CMAP: 929 if (!perm) 930 return -EPERM; 931 return con_set_cmap(up); 932 933 case GIO_CMAP: 934 return con_get_cmap(up); 935 936 case PIO_FONTX: 937 case GIO_FONTX: 938 return do_fontx_ioctl(cmd, up, perm, &op); 939 940 case PIO_FONTRESET: 941 { 942 if (!perm) 943 return -EPERM; 944 945#ifdef BROKEN_GRAPHICS_PROGRAMS 946 /* With BROKEN_GRAPHICS_PROGRAMS defined, the default 947 font is not saved. */ 948 return -ENOSYS; 949#else 950 { 951 op.op = KD_FONT_OP_SET_DEFAULT; 952 op.data = NULL; 953 i = con_font_op(vc_cons[fg_console].d, &op); 954 if (i) 955 return i; 956 con_set_default_unimap(vc_cons[fg_console].d); 957 return 0; 958 } 959#endif 960 } 961 962 case KDFONTOP: { 963 if (copy_from_user(&op, up, sizeof(op))) 964 return -EFAULT; 965 if (!perm && op.op != KD_FONT_OP_GET) 966 return -EPERM; 967 i = con_font_op(vc, &op); 968 if (i) return i; 969 if (copy_to_user(up, &op, sizeof(op))) 970 return -EFAULT; 971 return 0; 972 } 973 974 case PIO_SCRNMAP: 975 if (!perm) 976 return -EPERM; 977 return con_set_trans_old(up); 978 979 case GIO_SCRNMAP: 980 return con_get_trans_old(up); 981 982 case PIO_UNISCRNMAP: 983 if (!perm) 984 return -EPERM; 985 return con_set_trans_new(up); 986 987 case GIO_UNISCRNMAP: 988 return con_get_trans_new(up); 989 990 case PIO_UNIMAPCLR: 991 { struct unimapinit ui; 992 if (!perm) 993 return -EPERM; 994 i = copy_from_user(&ui, up, sizeof(struct unimapinit)); 995 if (i) return -EFAULT; 996 con_clear_unimap(vc, &ui); 997 return 0; 998 } 999 1000 case PIO_UNIMAP: 1001 case GIO_UNIMAP: 1002 return do_unimap_ioctl(cmd, up, perm, vc); 1003 1004 case VT_LOCKSWITCH: 1005 if (!capable(CAP_SYS_TTY_CONFIG)) 1006 return -EPERM; 1007 vt_dont_switch = 1; 1008 return 0; 1009 case VT_UNLOCKSWITCH: 1010 if (!capable(CAP_SYS_TTY_CONFIG)) 1011 return -EPERM; 1012 vt_dont_switch = 0; 1013 return 0; 1014 case VT_GETHIFONTMASK: 1015 return put_user(vc->vc_hi_font_mask, (unsigned short __user *)arg); 1016 default: 1017 return -ENOIOCTLCMD; 1018 } 1019} 1020 1021/* 1022 * Sometimes we want to wait until a particular VT has been activated. We 1023 * do it in a very simple manner. Everybody waits on a single queue and 1024 * get woken up at once. Those that are satisfied go on with their business, 1025 * while those not ready go back to sleep. Seems overkill to add a wait 1026 * to each vt just for this - usually this does nothing! 1027 */ 1028static DECLARE_WAIT_QUEUE_HEAD(vt_activate_queue); 1029 1030/* 1031 * Sleeps until a vt is activated, or the task is interrupted. Returns 1032 * 0 if activation, -EINTR if interrupted. 1033 */ 1034int vt_waitactive(int vt) 1035{ 1036 int retval; 1037 DECLARE_WAITQUEUE(wait, current); 1038 1039 add_wait_queue(&vt_activate_queue, &wait); 1040 for (;;) { 1041 set_current_state(TASK_INTERRUPTIBLE); 1042 retval = 0; 1043 if (vt == fg_console) 1044 break; 1045 retval = -EINTR; 1046 if (signal_pending(current)) 1047 break; 1048 schedule(); 1049 } 1050 remove_wait_queue(&vt_activate_queue, &wait); 1051 current->state = TASK_RUNNING; 1052 return retval; 1053} 1054 1055#define vt_wake_waitactive() wake_up(&vt_activate_queue) 1056 1057void reset_vc(struct vc_data *vc) 1058{ 1059 vc->vc_mode = KD_TEXT; 1060 kbd_table[vc->vc_num].kbdmode = VC_XLATE; 1061 vc->vt_mode.mode = VT_AUTO; 1062 vc->vt_mode.waitv = 0; 1063 vc->vt_mode.relsig = 0; 1064 vc->vt_mode.acqsig = 0; 1065 vc->vt_mode.frsig = 0; 1066 put_pid(xchg(&vc->vt_pid, NULL)); 1067 vc->vt_newvt = -1; 1068 if (!in_interrupt()) /* Via keyboard.c:SAK() - akpm */ 1069 reset_palette(vc); 1070} 1071 1072/* 1073 * Performs the back end of a vt switch 1074 */ 1075static void complete_change_console(struct vc_data *vc) 1076{ 1077 unsigned char old_vc_mode; 1078 1079 last_console = fg_console; 1080 1081 /* 1082 * If we're switching, we could be going from KD_GRAPHICS to 1083 * KD_TEXT mode or vice versa, which means we need to blank or 1084 * unblank the screen later. 1085 */ 1086 old_vc_mode = vc_cons[fg_console].d->vc_mode; 1087 switch_screen(vc); 1088 1089 /* 1090 * This can't appear below a successful kill_proc(). If it did, 1091 * then the *blank_screen operation could occur while X, having 1092 * received acqsig, is waking up on another processor. This 1093 * condition can lead to overlapping accesses to the VGA range 1094 * and the framebuffer (causing system lockups). 1095 * 1096 * To account for this we duplicate this code below only if the 1097 * controlling process is gone and we've called reset_vc. 1098 */ 1099 if (old_vc_mode != vc->vc_mode) { 1100 if (vc->vc_mode == KD_TEXT) 1101 do_unblank_screen(1); 1102 else 1103 do_blank_screen(1); 1104 } 1105 1106 /* 1107 * If this new console is under process control, send it a signal 1108 * telling it that it has acquired. Also check if it has died and 1109 * clean up (similar to logic employed in change_console()) 1110 */ 1111 if (vc->vt_mode.mode == VT_PROCESS) { 1112 /* 1113 * Send the signal as privileged - kill_proc() will 1114 * tell us if the process has gone or something else 1115 * is awry 1116 */ 1117 if (kill_pid(vc->vt_pid, vc->vt_mode.acqsig, 1) != 0) { 1118 /* 1119 * The controlling process has died, so we revert back to 1120 * normal operation. In this case, we'll also change back 1121 * to KD_TEXT mode. I'm not sure if this is strictly correct 1122 * but it saves the agony when the X server dies and the screen 1123 * remains blanked due to KD_GRAPHICS! It would be nice to do 1124 * this outside of VT_PROCESS but there is no single process 1125 * to account for and tracking tty count may be undesirable. 1126 */ 1127 reset_vc(vc); 1128 1129 if (old_vc_mode != vc->vc_mode) { 1130 if (vc->vc_mode == KD_TEXT) 1131 do_unblank_screen(1); 1132 else 1133 do_blank_screen(1); 1134 } 1135 } 1136 } 1137 1138 /* 1139 * Wake anyone waiting for their VT to activate 1140 */ 1141 vt_wake_waitactive(); 1142 return; 1143} 1144 1145/* 1146 * Performs the front-end of a vt switch 1147 */ 1148void change_console(struct vc_data *new_vc) 1149{ 1150 struct vc_data *vc; 1151 1152 if (!new_vc || new_vc->vc_num == fg_console || vt_dont_switch) 1153 return; 1154 1155 /* 1156 * If this vt is in process mode, then we need to handshake with 1157 * that process before switching. Essentially, we store where that 1158 * vt wants to switch to and wait for it to tell us when it's done 1159 * (via VT_RELDISP ioctl). 1160 * 1161 * We also check to see if the controlling process still exists. 1162 * If it doesn't, we reset this vt to auto mode and continue. 1163 * This is a cheap way to track process control. The worst thing 1164 * that can happen is: we send a signal to a process, it dies, and 1165 * the switch gets "lost" waiting for a response; hopefully, the 1166 * user will try again, we'll detect the process is gone (unless 1167 * the user waits just the right amount of time :-) and revert the 1168 * vt to auto control. 1169 */ 1170 vc = vc_cons[fg_console].d; 1171 if (vc->vt_mode.mode == VT_PROCESS) { 1172 /* 1173 * Send the signal as privileged - kill_proc() will 1174 * tell us if the process has gone or something else 1175 * is awry 1176 */ 1177 if (kill_pid(vc->vt_pid, vc->vt_mode.relsig, 1) == 0) { 1178 /* 1179 * It worked. Mark the vt to switch to and 1180 * return. The process needs to send us a 1181 * VT_RELDISP ioctl to complete the switch. 1182 */ 1183 vc->vt_newvt = new_vc->vc_num; 1184 return; 1185 } 1186 1187 /* 1188 * The controlling process has died, so we revert back to 1189 * normal operation. In this case, we'll also change back 1190 * to KD_TEXT mode. I'm not sure if this is strictly correct 1191 * but it saves the agony when the X server dies and the screen 1192 * remains blanked due to KD_GRAPHICS! It would be nice to do 1193 * this outside of VT_PROCESS but there is no single process 1194 * to account for and tracking tty count may be undesirable. 1195 */ 1196 reset_vc(vc); 1197 1198 /* 1199 * Fall through to normal (VT_AUTO) handling of the switch... 1200 */ 1201 } 1202 1203 /* 1204 * Ignore all switches in KD_GRAPHICS+VT_AUTO mode 1205 */ 1206 if (vc->vc_mode == KD_GRAPHICS) 1207 return; 1208 1209 complete_change_console(new_vc); 1210} 1211