1
2
3
4
5
6
7
8
9
10
11
12
13#include <linux/types.h>
14#include <linux/errno.h>
15#include <linux/sched.h>
16#include <linux/tty.h>
17#include <linux/timer.h>
18#include <linux/kernel.h>
19#include <linux/compat.h>
20#include <linux/module.h>
21#include <linux/kd.h>
22#include <linux/vt.h>
23#include <linux/string.h>
24#include <linux/slab.h>
25#include <linux/major.h>
26#include <linux/fs.h>
27#include <linux/console.h>
28#include <linux/consolemap.h>
29#include <linux/signal.h>
30#include <linux/smp_lock.h>
31#include <linux/timex.h>
32
33#include <asm/io.h>
34#include <asm/uaccess.h>
35
36#include <linux/kbd_kern.h>
37#include <linux/vt_kern.h>
38#include <linux/kbd_diacr.h>
39#include <linux/selection.h>
40
41char vt_dont_switch;
42extern struct tty_driver *console_driver;
43
44#define VT_IS_IN_USE(i) (console_driver->ttys[i] && console_driver->ttys[i]->count)
45#define VT_BUSY(i) (VT_IS_IN_USE(i) || i == fg_console || vc_cons[i].d == sel_cons)
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60#ifdef CONFIG_X86
61#include <linux/syscalls.h>
62#endif
63
64static void complete_change_console(struct vc_data *vc);
65
66
67
68
69
70struct vt_event_wait {
71 struct list_head list;
72 struct vt_event event;
73 int done;
74};
75
76static LIST_HEAD(vt_events);
77static DEFINE_SPINLOCK(vt_event_lock);
78static DECLARE_WAIT_QUEUE_HEAD(vt_event_waitqueue);
79
80
81
82
83
84
85
86
87
88
89void vt_event_post(unsigned int event, unsigned int old, unsigned int new)
90{
91 struct list_head *pos, *head;
92 unsigned long flags;
93 int wake = 0;
94
95 spin_lock_irqsave(&vt_event_lock, flags);
96 head = &vt_events;
97
98 list_for_each(pos, head) {
99 struct vt_event_wait *ve = list_entry(pos,
100 struct vt_event_wait, list);
101 if (!(ve->event.event & event))
102 continue;
103 ve->event.event = event;
104
105
106 ve->event.oldev = old + 1;
107 ve->event.newev = new + 1;
108 wake = 1;
109 ve->done = 1;
110 }
111 spin_unlock_irqrestore(&vt_event_lock, flags);
112 if (wake)
113 wake_up_interruptible(&vt_event_waitqueue);
114}
115
116
117
118
119
120
121
122
123
124
125static void vt_event_wait(struct vt_event_wait *vw)
126{
127 unsigned long flags;
128
129 INIT_LIST_HEAD(&vw->list);
130 vw->done = 0;
131
132 spin_lock_irqsave(&vt_event_lock, flags);
133 list_add(&vw->list, &vt_events);
134 spin_unlock_irqrestore(&vt_event_lock, flags);
135
136 wait_event_interruptible(vt_event_waitqueue, vw->done);
137
138 spin_lock_irqsave(&vt_event_lock, flags);
139 list_del(&vw->list);
140 spin_unlock_irqrestore(&vt_event_lock, flags);
141}
142
143
144
145
146
147
148
149
150static int vt_event_wait_ioctl(struct vt_event __user *event)
151{
152 struct vt_event_wait vw;
153
154 if (copy_from_user(&vw.event, event, sizeof(struct vt_event)))
155 return -EFAULT;
156
157 if (vw.event.event & ~VT_MAX_EVENT)
158 return -EINVAL;
159
160 vt_event_wait(&vw);
161
162 if (vw.done) {
163 if (copy_to_user(event, &vw.event, sizeof(struct vt_event)))
164 return -EFAULT;
165 return 0;
166 }
167 return -EINTR;
168}
169
170
171
172
173
174
175
176
177
178
179int vt_waitactive(int n)
180{
181 struct vt_event_wait vw;
182 do {
183 if (n == fg_console + 1)
184 break;
185 vw.event.event = VT_EVENT_SWITCH;
186 vt_event_wait(&vw);
187 if (vw.done == 0)
188 return -EINTR;
189 } while (vw.event.newev != n);
190 return 0;
191}
192
193
194
195
196
197#define GPFIRST 0x3b4
198#define GPLAST 0x3df
199#define GPNUM (GPLAST - GPFIRST + 1)
200
201#define i (tmp.kb_index)
202#define s (tmp.kb_table)
203#define v (tmp.kb_value)
204static inline int
205do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm, struct kbd_struct *kbd)
206{
207 struct kbentry tmp;
208 ushort *key_map, val, ov;
209
210 if (copy_from_user(&tmp, user_kbe, sizeof(struct kbentry)))
211 return -EFAULT;
212
213 if (!capable(CAP_SYS_TTY_CONFIG))
214 perm = 0;
215
216 switch (cmd) {
217 case KDGKBENT:
218 key_map = key_maps[s];
219 if (key_map) {
220 val = U(key_map[i]);
221 if (kbd->kbdmode != VC_UNICODE && KTYP(val) >= NR_TYPES)
222 val = K_HOLE;
223 } else
224 val = (i ? K_HOLE : K_NOSUCHMAP);
225 return put_user(val, &user_kbe->kb_value);
226 case KDSKBENT:
227 if (!perm)
228 return -EPERM;
229 if (!i && v == K_NOSUCHMAP) {
230
231 key_map = key_maps[s];
232 if (s && key_map) {
233 key_maps[s] = NULL;
234 if (key_map[0] == U(K_ALLOCATED)) {
235 kfree(key_map);
236 keymap_count--;
237 }
238 }
239 break;
240 }
241
242 if (KTYP(v) < NR_TYPES) {
243 if (KVAL(v) > max_vals[KTYP(v)])
244 return -EINVAL;
245 } else
246 if (kbd->kbdmode != VC_UNICODE)
247 return -EINVAL;
248
249
250#if !defined(__mc68000__) && !defined(__powerpc__)
251
252 if (!i)
253 break;
254#endif
255
256 if (!(key_map = key_maps[s])) {
257 int j;
258
259 if (keymap_count >= MAX_NR_OF_USER_KEYMAPS &&
260 !capable(CAP_SYS_RESOURCE))
261 return -EPERM;
262
263 key_map = kmalloc(sizeof(plain_map),
264 GFP_KERNEL);
265 if (!key_map)
266 return -ENOMEM;
267 key_maps[s] = key_map;
268 key_map[0] = U(K_ALLOCATED);
269 for (j = 1; j < NR_KEYS; j++)
270 key_map[j] = U(K_HOLE);
271 keymap_count++;
272 }
273 ov = U(key_map[i]);
274 if (v == ov)
275 break;
276
277
278
279 if (((ov == K_SAK) || (v == K_SAK)) && !capable(CAP_SYS_ADMIN))
280 return -EPERM;
281 key_map[i] = U(v);
282 if (!s && (KTYP(ov) == KT_SHIFT || KTYP(v) == KT_SHIFT))
283 compute_shiftstate();
284 break;
285 }
286 return 0;
287}
288#undef i
289#undef s
290#undef v
291
292static inline int
293do_kbkeycode_ioctl(int cmd, struct kbkeycode __user *user_kbkc, int perm)
294{
295 struct kbkeycode tmp;
296 int kc = 0;
297
298 if (copy_from_user(&tmp, user_kbkc, sizeof(struct kbkeycode)))
299 return -EFAULT;
300 switch (cmd) {
301 case KDGETKEYCODE:
302 kc = getkeycode(tmp.scancode);
303 if (kc >= 0)
304 kc = put_user(kc, &user_kbkc->keycode);
305 break;
306 case KDSETKEYCODE:
307 if (!perm)
308 return -EPERM;
309 kc = setkeycode(tmp.scancode, tmp.keycode);
310 break;
311 }
312 return kc;
313}
314
315static inline int
316do_kdgkb_ioctl(int cmd, struct kbsentry __user *user_kdgkb, int perm)
317{
318 struct kbsentry *kbs;
319 char *p;
320 u_char *q;
321 u_char __user *up;
322 int sz;
323 int delta;
324 char *first_free, *fj, *fnw;
325 int i, j, k;
326 int ret;
327
328 if (!capable(CAP_SYS_TTY_CONFIG))
329 perm = 0;
330
331 kbs = kmalloc(sizeof(*kbs), GFP_KERNEL);
332 if (!kbs) {
333 ret = -ENOMEM;
334 goto reterr;
335 }
336
337
338 if (copy_from_user(kbs, user_kdgkb, sizeof(struct kbsentry))) {
339 ret = -EFAULT;
340 goto reterr;
341 }
342 kbs->kb_string[sizeof(kbs->kb_string)-1] = '\0';
343 i = kbs->kb_func;
344
345 switch (cmd) {
346 case KDGKBSENT:
347 sz = sizeof(kbs->kb_string) - 1;
348
349 up = user_kdgkb->kb_string;
350 p = func_table[i];
351 if(p)
352 for ( ; *p && sz; p++, sz--)
353 if (put_user(*p, up++)) {
354 ret = -EFAULT;
355 goto reterr;
356 }
357 if (put_user('\0', up)) {
358 ret = -EFAULT;
359 goto reterr;
360 }
361 kfree(kbs);
362 return ((p && *p) ? -EOVERFLOW : 0);
363 case KDSKBSENT:
364 if (!perm) {
365 ret = -EPERM;
366 goto reterr;
367 }
368
369 q = func_table[i];
370 first_free = funcbufptr + (funcbufsize - funcbufleft);
371 for (j = i+1; j < MAX_NR_FUNC && !func_table[j]; j++)
372 ;
373 if (j < MAX_NR_FUNC)
374 fj = func_table[j];
375 else
376 fj = first_free;
377
378 delta = (q ? -strlen(q) : 1) + strlen(kbs->kb_string);
379 if (delta <= funcbufleft) {
380 if (j < MAX_NR_FUNC) {
381 memmove(fj + delta, fj, first_free - fj);
382 for (k = j; k < MAX_NR_FUNC; k++)
383 if (func_table[k])
384 func_table[k] += delta;
385 }
386 if (!q)
387 func_table[i] = fj;
388 funcbufleft -= delta;
389 } else {
390 sz = 256;
391 while (sz < funcbufsize - funcbufleft + delta)
392 sz <<= 1;
393 fnw = kmalloc(sz, GFP_KERNEL);
394 if(!fnw) {
395 ret = -ENOMEM;
396 goto reterr;
397 }
398
399 if (!q)
400 func_table[i] = fj;
401 if (fj > funcbufptr)
402 memmove(fnw, funcbufptr, fj - funcbufptr);
403 for (k = 0; k < j; k++)
404 if (func_table[k])
405 func_table[k] = fnw + (func_table[k] - funcbufptr);
406
407 if (first_free > fj) {
408 memmove(fnw + (fj - funcbufptr) + delta, fj, first_free - fj);
409 for (k = j; k < MAX_NR_FUNC; k++)
410 if (func_table[k])
411 func_table[k] = fnw + (func_table[k] - funcbufptr) + delta;
412 }
413 if (funcbufptr != func_buf)
414 kfree(funcbufptr);
415 funcbufptr = fnw;
416 funcbufleft = funcbufleft - delta + sz - funcbufsize;
417 funcbufsize = sz;
418 }
419 strcpy(func_table[i], kbs->kb_string);
420 break;
421 }
422 ret = 0;
423reterr:
424 kfree(kbs);
425 return ret;
426}
427
428static inline int
429do_fontx_ioctl(int cmd, struct consolefontdesc __user *user_cfd, int perm, struct console_font_op *op)
430{
431 struct consolefontdesc cfdarg;
432 int i;
433
434 if (copy_from_user(&cfdarg, user_cfd, sizeof(struct consolefontdesc)))
435 return -EFAULT;
436
437 switch (cmd) {
438 case PIO_FONTX:
439 if (!perm)
440 return -EPERM;
441 op->op = KD_FONT_OP_SET;
442 op->flags = KD_FONT_FLAG_OLD;
443 op->width = 8;
444 op->height = cfdarg.charheight;
445 op->charcount = cfdarg.charcount;
446 op->data = cfdarg.chardata;
447 return con_font_op(vc_cons[fg_console].d, op);
448 case GIO_FONTX: {
449 op->op = KD_FONT_OP_GET;
450 op->flags = KD_FONT_FLAG_OLD;
451 op->width = 8;
452 op->height = cfdarg.charheight;
453 op->charcount = cfdarg.charcount;
454 op->data = cfdarg.chardata;
455 i = con_font_op(vc_cons[fg_console].d, op);
456 if (i)
457 return i;
458 cfdarg.charheight = op->height;
459 cfdarg.charcount = op->charcount;
460 if (copy_to_user(user_cfd, &cfdarg, sizeof(struct consolefontdesc)))
461 return -EFAULT;
462 return 0;
463 }
464 }
465 return -EINVAL;
466}
467
468static inline int
469do_unimap_ioctl(int cmd, struct unimapdesc __user *user_ud, int perm, struct vc_data *vc)
470{
471 struct unimapdesc tmp;
472
473 if (copy_from_user(&tmp, user_ud, sizeof tmp))
474 return -EFAULT;
475 if (tmp.entries)
476 if (!access_ok(VERIFY_WRITE, tmp.entries,
477 tmp.entry_ct*sizeof(struct unipair)))
478 return -EFAULT;
479 switch (cmd) {
480 case PIO_UNIMAP:
481 if (!perm)
482 return -EPERM;
483 return con_set_unimap(vc, tmp.entry_ct, tmp.entries);
484 case GIO_UNIMAP:
485 if (!perm && fg_console != vc->vc_num)
486 return -EPERM;
487 return con_get_unimap(vc, tmp.entry_ct, &(user_ud->entry_ct), tmp.entries);
488 }
489 return 0;
490}
491
492
493
494
495
496
497
498int vt_ioctl(struct tty_struct *tty, struct file * file,
499 unsigned int cmd, unsigned long arg)
500{
501 struct vc_data *vc = tty->driver_data;
502 struct console_font_op op;
503 struct kbd_struct * kbd;
504 unsigned int console;
505 unsigned char ucval;
506 void __user *up = (void __user *)arg;
507 int i, perm;
508 int ret = 0;
509
510 console = vc->vc_num;
511
512 lock_kernel();
513
514 if (!vc_cons_allocated(console)) {
515 ret = -ENOIOCTLCMD;
516 goto out;
517 }
518
519
520
521
522
523
524 perm = 0;
525 if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG))
526 perm = 1;
527
528 kbd = kbd_table + console;
529 switch (cmd) {
530 case TIOCLINUX:
531 ret = tioclinux(tty, arg);
532 break;
533 case KIOCSOUND:
534 if (!perm)
535 goto eperm;
536
537
538
539 if (arg)
540 arg = CLOCK_TICK_RATE / arg;
541 kd_mksound(arg, 0);
542 break;
543
544 case KDMKTONE:
545 if (!perm)
546 goto eperm;
547 {
548 unsigned int ticks, count;
549
550
551
552
553
554 ticks = HZ * ((arg >> 16) & 0xffff) / 1000;
555 count = ticks ? (arg & 0xffff) : 0;
556
557
558
559 if (count)
560 count = CLOCK_TICK_RATE / count;
561 kd_mksound(count, ticks);
562 break;
563 }
564
565 case KDGKBTYPE:
566
567
568
569 ucval = KB_101;
570 goto setchar;
571
572
573
574
575
576
577
578#ifdef CONFIG_X86
579 case KDADDIO:
580 case KDDELIO:
581
582
583
584
585 if (arg < GPFIRST || arg > GPLAST) {
586 ret = -EINVAL;
587 break;
588 }
589 ret = sys_ioperm(arg, 1, (cmd == KDADDIO)) ? -ENXIO : 0;
590 break;
591
592 case KDENABIO:
593 case KDDISABIO:
594 ret = sys_ioperm(GPFIRST, GPNUM,
595 (cmd == KDENABIO)) ? -ENXIO : 0;
596 break;
597#endif
598
599
600
601 case KDKBDREP:
602 {
603 struct kbd_repeat kbrep;
604
605 if (!capable(CAP_SYS_TTY_CONFIG))
606 goto eperm;
607
608 if (copy_from_user(&kbrep, up, sizeof(struct kbd_repeat))) {
609 ret = -EFAULT;
610 break;
611 }
612 ret = kbd_rate(&kbrep);
613 if (ret)
614 break;
615 if (copy_to_user(up, &kbrep, sizeof(struct kbd_repeat)))
616 ret = -EFAULT;
617 break;
618 }
619
620 case KDSETMODE:
621
622
623
624
625
626
627
628
629 if (!perm)
630 goto eperm;
631 switch (arg) {
632 case KD_GRAPHICS:
633 break;
634 case KD_TEXT0:
635 case KD_TEXT1:
636 arg = KD_TEXT;
637 case KD_TEXT:
638 break;
639 default:
640 ret = -EINVAL;
641 goto out;
642 }
643 if (vc->vc_mode == (unsigned char) arg)
644 break;
645 vc->vc_mode = (unsigned char) arg;
646 if (console != fg_console)
647 break;
648
649
650
651 acquire_console_sem();
652 if (arg == KD_TEXT)
653 do_unblank_screen(1);
654 else
655 do_blank_screen(1);
656 release_console_sem();
657 break;
658
659 case KDGETMODE:
660 ucval = vc->vc_mode;
661 goto setint;
662
663 case KDMAPDISP:
664 case KDUNMAPDISP:
665
666
667
668
669 ret = -EINVAL;
670 break;
671
672 case KDSKBMODE:
673 if (!perm)
674 goto eperm;
675 switch(arg) {
676 case K_RAW:
677 kbd->kbdmode = VC_RAW;
678 break;
679 case K_MEDIUMRAW:
680 kbd->kbdmode = VC_MEDIUMRAW;
681 break;
682 case K_XLATE:
683 kbd->kbdmode = VC_XLATE;
684 compute_shiftstate();
685 break;
686 case K_UNICODE:
687 kbd->kbdmode = VC_UNICODE;
688 compute_shiftstate();
689 break;
690 default:
691 ret = -EINVAL;
692 goto out;
693 }
694 tty_ldisc_flush(tty);
695 break;
696
697 case KDGKBMODE:
698 ucval = ((kbd->kbdmode == VC_RAW) ? K_RAW :
699 (kbd->kbdmode == VC_MEDIUMRAW) ? K_MEDIUMRAW :
700 (kbd->kbdmode == VC_UNICODE) ? K_UNICODE :
701 K_XLATE);
702 goto setint;
703
704
705
706 case KDSKBMETA:
707 switch(arg) {
708 case K_METABIT:
709 clr_vc_kbd_mode(kbd, VC_META);
710 break;
711 case K_ESCPREFIX:
712 set_vc_kbd_mode(kbd, VC_META);
713 break;
714 default:
715 ret = -EINVAL;
716 }
717 break;
718
719 case KDGKBMETA:
720 ucval = (vc_kbd_mode(kbd, VC_META) ? K_ESCPREFIX : K_METABIT);
721 setint:
722 ret = put_user(ucval, (int __user *)arg);
723 break;
724
725 case KDGETKEYCODE:
726 case KDSETKEYCODE:
727 if(!capable(CAP_SYS_TTY_CONFIG))
728 perm = 0;
729 ret = do_kbkeycode_ioctl(cmd, up, perm);
730 break;
731
732 case KDGKBENT:
733 case KDSKBENT:
734 ret = do_kdsk_ioctl(cmd, up, perm, kbd);
735 break;
736
737 case KDGKBSENT:
738 case KDSKBSENT:
739 ret = do_kdgkb_ioctl(cmd, up, perm);
740 break;
741
742 case KDGKBDIACR:
743 {
744 struct kbdiacrs __user *a = up;
745 struct kbdiacr diacr;
746 int i;
747
748 if (put_user(accent_table_size, &a->kb_cnt)) {
749 ret = -EFAULT;
750 break;
751 }
752 for (i = 0; i < accent_table_size; i++) {
753 diacr.diacr = conv_uni_to_8bit(accent_table[i].diacr);
754 diacr.base = conv_uni_to_8bit(accent_table[i].base);
755 diacr.result = conv_uni_to_8bit(accent_table[i].result);
756 if (copy_to_user(a->kbdiacr + i, &diacr, sizeof(struct kbdiacr))) {
757 ret = -EFAULT;
758 break;
759 }
760 }
761 break;
762 }
763 case KDGKBDIACRUC:
764 {
765 struct kbdiacrsuc __user *a = up;
766
767 if (put_user(accent_table_size, &a->kb_cnt))
768 ret = -EFAULT;
769 else if (copy_to_user(a->kbdiacruc, accent_table,
770 accent_table_size*sizeof(struct kbdiacruc)))
771 ret = -EFAULT;
772 break;
773 }
774
775 case KDSKBDIACR:
776 {
777 struct kbdiacrs __user *a = up;
778 struct kbdiacr diacr;
779 unsigned int ct;
780 int i;
781
782 if (!perm)
783 goto eperm;
784 if (get_user(ct,&a->kb_cnt)) {
785 ret = -EFAULT;
786 break;
787 }
788 if (ct >= MAX_DIACR) {
789 ret = -EINVAL;
790 break;
791 }
792 accent_table_size = ct;
793 for (i = 0; i < ct; i++) {
794 if (copy_from_user(&diacr, a->kbdiacr + i, sizeof(struct kbdiacr))) {
795 ret = -EFAULT;
796 break;
797 }
798 accent_table[i].diacr = conv_8bit_to_uni(diacr.diacr);
799 accent_table[i].base = conv_8bit_to_uni(diacr.base);
800 accent_table[i].result = conv_8bit_to_uni(diacr.result);
801 }
802 break;
803 }
804
805 case KDSKBDIACRUC:
806 {
807 struct kbdiacrsuc __user *a = up;
808 unsigned int ct;
809
810 if (!perm)
811 goto eperm;
812 if (get_user(ct,&a->kb_cnt)) {
813 ret = -EFAULT;
814 break;
815 }
816 if (ct >= MAX_DIACR) {
817 ret = -EINVAL;
818 break;
819 }
820 accent_table_size = ct;
821 if (copy_from_user(accent_table, a->kbdiacruc, ct*sizeof(struct kbdiacruc)))
822 ret = -EFAULT;
823 break;
824 }
825
826
827
828 case KDGKBLED:
829 ucval = kbd->ledflagstate | (kbd->default_ledflagstate << 4);
830 goto setchar;
831
832 case KDSKBLED:
833 if (!perm)
834 goto eperm;
835 if (arg & ~0x77) {
836 ret = -EINVAL;
837 break;
838 }
839 kbd->ledflagstate = (arg & 7);
840 kbd->default_ledflagstate = ((arg >> 4) & 7);
841 set_leds();
842 break;
843
844
845
846 case KDGETLED:
847 ucval = getledstate();
848 setchar:
849 ret = put_user(ucval, (char __user *)arg);
850 break;
851
852 case KDSETLED:
853 if (!perm)
854 goto eperm;
855 setledstate(kbd, arg);
856 break;
857
858
859
860
861
862
863
864
865 case KDSIGACCEPT:
866 {
867 if (!perm || !capable(CAP_KILL))
868 goto eperm;
869 if (!valid_signal(arg) || arg < 1 || arg == SIGKILL)
870 ret = -EINVAL;
871 else {
872 spin_lock_irq(&vt_spawn_con.lock);
873 put_pid(vt_spawn_con.pid);
874 vt_spawn_con.pid = get_pid(task_pid(current));
875 vt_spawn_con.sig = arg;
876 spin_unlock_irq(&vt_spawn_con.lock);
877 }
878 break;
879 }
880
881 case VT_SETMODE:
882 {
883 struct vt_mode tmp;
884
885 if (!perm)
886 goto eperm;
887 if (copy_from_user(&tmp, up, sizeof(struct vt_mode))) {
888 ret = -EFAULT;
889 goto out;
890 }
891 if (tmp.mode != VT_AUTO && tmp.mode != VT_PROCESS) {
892 ret = -EINVAL;
893 goto out;
894 }
895 acquire_console_sem();
896 vc->vt_mode = tmp;
897
898 vc->vt_mode.frsig = 0;
899 put_pid(vc->vt_pid);
900 vc->vt_pid = get_pid(task_pid(current));
901
902 vc->vt_newvt = -1;
903 release_console_sem();
904 break;
905 }
906
907 case VT_GETMODE:
908 {
909 struct vt_mode tmp;
910 int rc;
911
912 acquire_console_sem();
913 memcpy(&tmp, &vc->vt_mode, sizeof(struct vt_mode));
914 release_console_sem();
915
916 rc = copy_to_user(up, &tmp, sizeof(struct vt_mode));
917 if (rc)
918 ret = -EFAULT;
919 break;
920 }
921
922
923
924
925
926
927 case VT_GETSTATE:
928 {
929 struct vt_stat __user *vtstat = up;
930 unsigned short state, mask;
931
932 if (put_user(fg_console + 1, &vtstat->v_active))
933 ret = -EFAULT;
934 else {
935 state = 1;
936 for (i = 0, mask = 2; i < MAX_NR_CONSOLES && mask;
937 ++i, mask <<= 1)
938 if (VT_IS_IN_USE(i))
939 state |= mask;
940 ret = put_user(state, &vtstat->v_state);
941 }
942 break;
943 }
944
945
946
947
948 case VT_OPENQRY:
949 for (i = 0; i < MAX_NR_CONSOLES; ++i)
950 if (! VT_IS_IN_USE(i))
951 break;
952 ucval = i < MAX_NR_CONSOLES ? (i+1) : -1;
953 goto setint;
954
955
956
957
958
959
960 case VT_ACTIVATE:
961 if (!perm)
962 goto eperm;
963 if (arg == 0 || arg > MAX_NR_CONSOLES)
964 ret = -ENXIO;
965 else {
966 arg--;
967 acquire_console_sem();
968 ret = vc_allocate(arg);
969 release_console_sem();
970 if (ret)
971 break;
972 set_console(arg);
973 }
974 break;
975
976 case VT_SETACTIVATE:
977 {
978 struct vt_setactivate vsa;
979
980 if (!perm)
981 goto eperm;
982
983 if (copy_from_user(&vsa, (struct vt_setactivate __user *)arg,
984 sizeof(struct vt_setactivate))) {
985 ret = -EFAULT;
986 goto out;
987 }
988 if (vsa.console == 0 || vsa.console > MAX_NR_CONSOLES)
989 ret = -ENXIO;
990 else {
991 vsa.console--;
992 acquire_console_sem();
993 ret = vc_allocate(vsa.console);
994 if (ret == 0) {
995 struct vc_data *nvc;
996
997
998
999 nvc = vc_cons[vsa.console].d;
1000 nvc->vt_mode = vsa.mode;
1001 nvc->vt_mode.frsig = 0;
1002 put_pid(nvc->vt_pid);
1003 nvc->vt_pid = get_pid(task_pid(current));
1004 }
1005 release_console_sem();
1006 if (ret)
1007 break;
1008
1009 set_console(arg);
1010 }
1011 }
1012
1013
1014
1015
1016 case VT_WAITACTIVE:
1017 if (!perm)
1018 goto eperm;
1019 if (arg == 0 || arg > MAX_NR_CONSOLES)
1020 ret = -ENXIO;
1021 else
1022 ret = vt_waitactive(arg);
1023 break;
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035 case VT_RELDISP:
1036 if (!perm)
1037 goto eperm;
1038
1039 if (vc->vt_mode.mode != VT_PROCESS) {
1040 ret = -EINVAL;
1041 break;
1042 }
1043
1044
1045
1046 acquire_console_sem();
1047 if (vc->vt_newvt >= 0) {
1048 if (arg == 0)
1049
1050
1051
1052
1053 vc->vt_newvt = -1;
1054
1055 else {
1056
1057
1058
1059
1060 int newvt;
1061 newvt = vc->vt_newvt;
1062 vc->vt_newvt = -1;
1063 ret = vc_allocate(newvt);
1064 if (ret) {
1065 release_console_sem();
1066 break;
1067 }
1068
1069
1070
1071
1072
1073 complete_change_console(vc_cons[newvt].d);
1074 }
1075 } else {
1076
1077
1078
1079
1080
1081
1082 if (arg != VT_ACKACQ)
1083 ret = -EINVAL;
1084 }
1085 release_console_sem();
1086 break;
1087
1088
1089
1090
1091 case VT_DISALLOCATE:
1092 if (arg > MAX_NR_CONSOLES) {
1093 ret = -ENXIO;
1094 break;
1095 }
1096 if (arg == 0) {
1097
1098 acquire_console_sem();
1099 for (i=1; i<MAX_NR_CONSOLES; i++)
1100 if (! VT_BUSY(i))
1101 vc_deallocate(i);
1102 release_console_sem();
1103 } else {
1104
1105 arg--;
1106 if (VT_BUSY(arg))
1107 ret = -EBUSY;
1108 else if (arg) {
1109 acquire_console_sem();
1110 vc_deallocate(arg);
1111 release_console_sem();
1112 }
1113 }
1114 break;
1115
1116 case VT_RESIZE:
1117 {
1118 struct vt_sizes __user *vtsizes = up;
1119 struct vc_data *vc;
1120
1121 ushort ll,cc;
1122 if (!perm)
1123 goto eperm;
1124 if (get_user(ll, &vtsizes->v_rows) ||
1125 get_user(cc, &vtsizes->v_cols))
1126 ret = -EFAULT;
1127 else {
1128 acquire_console_sem();
1129 for (i = 0; i < MAX_NR_CONSOLES; i++) {
1130 vc = vc_cons[i].d;
1131
1132 if (vc) {
1133 vc->vc_resize_user = 1;
1134 vc_resize(vc_cons[i].d, cc, ll);
1135 }
1136 }
1137 release_console_sem();
1138 }
1139 break;
1140 }
1141
1142 case VT_RESIZEX:
1143 {
1144 struct vt_consize __user *vtconsize = up;
1145 ushort ll,cc,vlin,clin,vcol,ccol;
1146 if (!perm)
1147 goto eperm;
1148 if (!access_ok(VERIFY_READ, vtconsize,
1149 sizeof(struct vt_consize))) {
1150 ret = -EFAULT;
1151 break;
1152 }
1153
1154 __get_user(ll, &vtconsize->v_rows);
1155 __get_user(cc, &vtconsize->v_cols);
1156 __get_user(vlin, &vtconsize->v_vlin);
1157 __get_user(clin, &vtconsize->v_clin);
1158 __get_user(vcol, &vtconsize->v_vcol);
1159 __get_user(ccol, &vtconsize->v_ccol);
1160 vlin = vlin ? vlin : vc->vc_scan_lines;
1161 if (clin) {
1162 if (ll) {
1163 if (ll != vlin/clin) {
1164
1165 ret = -EINVAL;
1166 break;
1167 }
1168 } else
1169 ll = vlin/clin;
1170 }
1171 if (vcol && ccol) {
1172 if (cc) {
1173 if (cc != vcol/ccol) {
1174 ret = -EINVAL;
1175 break;
1176 }
1177 } else
1178 cc = vcol/ccol;
1179 }
1180
1181 if (clin > 32) {
1182 ret = -EINVAL;
1183 break;
1184 }
1185
1186 for (i = 0; i < MAX_NR_CONSOLES; i++) {
1187 if (!vc_cons[i].d)
1188 continue;
1189 acquire_console_sem();
1190 if (vlin)
1191 vc_cons[i].d->vc_scan_lines = vlin;
1192 if (clin)
1193 vc_cons[i].d->vc_font.height = clin;
1194 vc_cons[i].d->vc_resize_user = 1;
1195 vc_resize(vc_cons[i].d, cc, ll);
1196 release_console_sem();
1197 }
1198 break;
1199 }
1200
1201 case PIO_FONT: {
1202 if (!perm)
1203 goto eperm;
1204 op.op = KD_FONT_OP_SET;
1205 op.flags = KD_FONT_FLAG_OLD | KD_FONT_FLAG_DONT_RECALC;
1206 op.width = 8;
1207 op.height = 0;
1208 op.charcount = 256;
1209 op.data = up;
1210 ret = con_font_op(vc_cons[fg_console].d, &op);
1211 break;
1212 }
1213
1214 case GIO_FONT: {
1215 op.op = KD_FONT_OP_GET;
1216 op.flags = KD_FONT_FLAG_OLD;
1217 op.width = 8;
1218 op.height = 32;
1219 op.charcount = 256;
1220 op.data = up;
1221 ret = con_font_op(vc_cons[fg_console].d, &op);
1222 break;
1223 }
1224
1225 case PIO_CMAP:
1226 if (!perm)
1227 ret = -EPERM;
1228 else
1229 ret = con_set_cmap(up);
1230 break;
1231
1232 case GIO_CMAP:
1233 ret = con_get_cmap(up);
1234 break;
1235
1236 case PIO_FONTX:
1237 case GIO_FONTX:
1238 ret = do_fontx_ioctl(cmd, up, perm, &op);
1239 break;
1240
1241 case PIO_FONTRESET:
1242 {
1243 if (!perm)
1244 goto eperm;
1245
1246#ifdef BROKEN_GRAPHICS_PROGRAMS
1247
1248
1249 ret = -ENOSYS;
1250 break;
1251#else
1252 {
1253 op.op = KD_FONT_OP_SET_DEFAULT;
1254 op.data = NULL;
1255 ret = con_font_op(vc_cons[fg_console].d, &op);
1256 if (ret)
1257 break;
1258 con_set_default_unimap(vc_cons[fg_console].d);
1259 break;
1260 }
1261#endif
1262 }
1263
1264 case KDFONTOP: {
1265 if (copy_from_user(&op, up, sizeof(op))) {
1266 ret = -EFAULT;
1267 break;
1268 }
1269 if (!perm && op.op != KD_FONT_OP_GET)
1270 goto eperm;
1271 ret = con_font_op(vc, &op);
1272 if (ret)
1273 break;
1274 if (copy_to_user(up, &op, sizeof(op)))
1275 ret = -EFAULT;
1276 break;
1277 }
1278
1279 case PIO_SCRNMAP:
1280 if (!perm)
1281 ret = -EPERM;
1282 else
1283 ret = con_set_trans_old(up);
1284 break;
1285
1286 case GIO_SCRNMAP:
1287 ret = con_get_trans_old(up);
1288 break;
1289
1290 case PIO_UNISCRNMAP:
1291 if (!perm)
1292 ret = -EPERM;
1293 else
1294 ret = con_set_trans_new(up);
1295 break;
1296
1297 case GIO_UNISCRNMAP:
1298 ret = con_get_trans_new(up);
1299 break;
1300
1301 case PIO_UNIMAPCLR:
1302 { struct unimapinit ui;
1303 if (!perm)
1304 goto eperm;
1305 ret = copy_from_user(&ui, up, sizeof(struct unimapinit));
1306 if (!ret)
1307 con_clear_unimap(vc, &ui);
1308 break;
1309 }
1310
1311 case PIO_UNIMAP:
1312 case GIO_UNIMAP:
1313 ret = do_unimap_ioctl(cmd, up, perm, vc);
1314 break;
1315
1316 case VT_LOCKSWITCH:
1317 if (!capable(CAP_SYS_TTY_CONFIG))
1318 goto eperm;
1319 vt_dont_switch = 1;
1320 break;
1321 case VT_UNLOCKSWITCH:
1322 if (!capable(CAP_SYS_TTY_CONFIG))
1323 goto eperm;
1324 vt_dont_switch = 0;
1325 break;
1326 case VT_GETHIFONTMASK:
1327 ret = put_user(vc->vc_hi_font_mask,
1328 (unsigned short __user *)arg);
1329 break;
1330 case VT_WAITEVENT:
1331 ret = vt_event_wait_ioctl((struct vt_event __user *)arg);
1332 break;
1333 default:
1334 ret = -ENOIOCTLCMD;
1335 }
1336out:
1337 unlock_kernel();
1338 return ret;
1339eperm:
1340 ret = -EPERM;
1341 goto out;
1342}
1343
1344void reset_vc(struct vc_data *vc)
1345{
1346 vc->vc_mode = KD_TEXT;
1347 kbd_table[vc->vc_num].kbdmode = default_utf8 ? VC_UNICODE : VC_XLATE;
1348 vc->vt_mode.mode = VT_AUTO;
1349 vc->vt_mode.waitv = 0;
1350 vc->vt_mode.relsig = 0;
1351 vc->vt_mode.acqsig = 0;
1352 vc->vt_mode.frsig = 0;
1353 put_pid(vc->vt_pid);
1354 vc->vt_pid = NULL;
1355 vc->vt_newvt = -1;
1356 if (!in_interrupt())
1357 reset_palette(vc);
1358}
1359
1360void vc_SAK(struct work_struct *work)
1361{
1362 struct vc *vc_con =
1363 container_of(work, struct vc, SAK_work);
1364 struct vc_data *vc;
1365 struct tty_struct *tty;
1366
1367 acquire_console_sem();
1368 vc = vc_con->d;
1369 if (vc) {
1370 tty = vc->vc_tty;
1371
1372
1373
1374
1375 if (tty)
1376 __do_SAK(tty);
1377 reset_vc(vc);
1378 }
1379 release_console_sem();
1380}
1381
1382#ifdef CONFIG_COMPAT
1383
1384struct compat_consolefontdesc {
1385 unsigned short charcount;
1386 unsigned short charheight;
1387 compat_caddr_t chardata;
1388};
1389
1390static inline int
1391compat_fontx_ioctl(int cmd, struct compat_consolefontdesc __user *user_cfd,
1392 int perm, struct console_font_op *op)
1393{
1394 struct compat_consolefontdesc cfdarg;
1395 int i;
1396
1397 if (copy_from_user(&cfdarg, user_cfd, sizeof(struct compat_consolefontdesc)))
1398 return -EFAULT;
1399
1400 switch (cmd) {
1401 case PIO_FONTX:
1402 if (!perm)
1403 return -EPERM;
1404 op->op = KD_FONT_OP_SET;
1405 op->flags = KD_FONT_FLAG_OLD;
1406 op->width = 8;
1407 op->height = cfdarg.charheight;
1408 op->charcount = cfdarg.charcount;
1409 op->data = compat_ptr(cfdarg.chardata);
1410 return con_font_op(vc_cons[fg_console].d, op);
1411 case GIO_FONTX:
1412 op->op = KD_FONT_OP_GET;
1413 op->flags = KD_FONT_FLAG_OLD;
1414 op->width = 8;
1415 op->height = cfdarg.charheight;
1416 op->charcount = cfdarg.charcount;
1417 op->data = compat_ptr(cfdarg.chardata);
1418 i = con_font_op(vc_cons[fg_console].d, op);
1419 if (i)
1420 return i;
1421 cfdarg.charheight = op->height;
1422 cfdarg.charcount = op->charcount;
1423 if (copy_to_user(user_cfd, &cfdarg, sizeof(struct compat_consolefontdesc)))
1424 return -EFAULT;
1425 return 0;
1426 }
1427 return -EINVAL;
1428}
1429
1430struct compat_console_font_op {
1431 compat_uint_t op;
1432 compat_uint_t flags;
1433 compat_uint_t width, height;
1434 compat_uint_t charcount;
1435 compat_caddr_t data;
1436};
1437
1438static inline int
1439compat_kdfontop_ioctl(struct compat_console_font_op __user *fontop,
1440 int perm, struct console_font_op *op, struct vc_data *vc)
1441{
1442 int i;
1443
1444 if (copy_from_user(op, fontop, sizeof(struct compat_console_font_op)))
1445 return -EFAULT;
1446 if (!perm && op->op != KD_FONT_OP_GET)
1447 return -EPERM;
1448 op->data = compat_ptr(((struct compat_console_font_op *)op)->data);
1449 op->flags |= KD_FONT_FLAG_OLD;
1450 i = con_font_op(vc, op);
1451 if (i)
1452 return i;
1453 ((struct compat_console_font_op *)op)->data = (unsigned long)op->data;
1454 if (copy_to_user(fontop, op, sizeof(struct compat_console_font_op)))
1455 return -EFAULT;
1456 return 0;
1457}
1458
1459struct compat_unimapdesc {
1460 unsigned short entry_ct;
1461 compat_caddr_t entries;
1462};
1463
1464static inline int
1465compat_unimap_ioctl(unsigned int cmd, struct compat_unimapdesc __user *user_ud,
1466 int perm, struct vc_data *vc)
1467{
1468 struct compat_unimapdesc tmp;
1469 struct unipair __user *tmp_entries;
1470
1471 if (copy_from_user(&tmp, user_ud, sizeof tmp))
1472 return -EFAULT;
1473 tmp_entries = compat_ptr(tmp.entries);
1474 if (tmp_entries)
1475 if (!access_ok(VERIFY_WRITE, tmp_entries,
1476 tmp.entry_ct*sizeof(struct unipair)))
1477 return -EFAULT;
1478 switch (cmd) {
1479 case PIO_UNIMAP:
1480 if (!perm)
1481 return -EPERM;
1482 return con_set_unimap(vc, tmp.entry_ct, tmp_entries);
1483 case GIO_UNIMAP:
1484 if (!perm && fg_console != vc->vc_num)
1485 return -EPERM;
1486 return con_get_unimap(vc, tmp.entry_ct, &(user_ud->entry_ct), tmp_entries);
1487 }
1488 return 0;
1489}
1490
1491long vt_compat_ioctl(struct tty_struct *tty, struct file * file,
1492 unsigned int cmd, unsigned long arg)
1493{
1494 struct vc_data *vc = tty->driver_data;
1495 struct console_font_op op;
1496 struct kbd_struct *kbd;
1497 unsigned int console;
1498 void __user *up = (void __user *)arg;
1499 int perm;
1500 int ret = 0;
1501
1502 console = vc->vc_num;
1503
1504 lock_kernel();
1505
1506 if (!vc_cons_allocated(console)) {
1507 ret = -ENOIOCTLCMD;
1508 goto out;
1509 }
1510
1511
1512
1513
1514
1515 perm = 0;
1516 if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG))
1517 perm = 1;
1518
1519 kbd = kbd_table + console;
1520 switch (cmd) {
1521
1522
1523
1524 case PIO_FONTX:
1525 case GIO_FONTX:
1526 ret = compat_fontx_ioctl(cmd, up, perm, &op);
1527 break;
1528
1529 case KDFONTOP:
1530 ret = compat_kdfontop_ioctl(up, perm, &op, vc);
1531 break;
1532
1533 case PIO_UNIMAP:
1534 case GIO_UNIMAP:
1535 ret = compat_unimap_ioctl(cmd, up, perm, vc);
1536 break;
1537
1538
1539
1540
1541 case KIOCSOUND:
1542 case KDMKTONE:
1543#ifdef CONFIG_X86
1544 case KDADDIO:
1545 case KDDELIO:
1546#endif
1547 case KDSETMODE:
1548 case KDMAPDISP:
1549 case KDUNMAPDISP:
1550 case KDSKBMODE:
1551 case KDSKBMETA:
1552 case KDSKBLED:
1553 case KDSETLED:
1554 case KDSIGACCEPT:
1555 case VT_ACTIVATE:
1556 case VT_WAITACTIVE:
1557 case VT_RELDISP:
1558 case VT_DISALLOCATE:
1559 case VT_RESIZE:
1560 case VT_RESIZEX:
1561 goto fallback;
1562
1563
1564
1565
1566
1567 default:
1568 arg = (unsigned long)compat_ptr(arg);
1569 goto fallback;
1570 }
1571out:
1572 unlock_kernel();
1573 return ret;
1574
1575fallback:
1576 unlock_kernel();
1577 return vt_ioctl(tty, file, cmd, arg);
1578}
1579
1580
1581#endif
1582
1583
1584
1585
1586
1587
1588static void complete_change_console(struct vc_data *vc)
1589{
1590 unsigned char old_vc_mode;
1591 int old = fg_console;
1592
1593 last_console = fg_console;
1594
1595
1596
1597
1598
1599
1600 old_vc_mode = vc_cons[fg_console].d->vc_mode;
1601 switch_screen(vc);
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613 if (old_vc_mode != vc->vc_mode) {
1614 if (vc->vc_mode == KD_TEXT)
1615 do_unblank_screen(1);
1616 else
1617 do_blank_screen(1);
1618 }
1619
1620
1621
1622
1623
1624
1625 if (vc->vt_mode.mode == VT_PROCESS) {
1626
1627
1628
1629
1630
1631 if (kill_pid(vc->vt_pid, vc->vt_mode.acqsig, 1) != 0) {
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641 reset_vc(vc);
1642
1643 if (old_vc_mode != vc->vc_mode) {
1644 if (vc->vc_mode == KD_TEXT)
1645 do_unblank_screen(1);
1646 else
1647 do_blank_screen(1);
1648 }
1649 }
1650 }
1651
1652
1653
1654
1655 vt_event_post(VT_EVENT_SWITCH, old, vc->vc_num);
1656 return;
1657}
1658
1659
1660
1661
1662void change_console(struct vc_data *new_vc)
1663{
1664 struct vc_data *vc;
1665
1666 if (!new_vc || new_vc->vc_num == fg_console || vt_dont_switch)
1667 return;
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684 vc = vc_cons[fg_console].d;
1685 if (vc->vt_mode.mode == VT_PROCESS) {
1686
1687
1688
1689
1690
1691
1692
1693
1694 vc->vt_newvt = new_vc->vc_num;
1695 if (kill_pid(vc->vt_pid, vc->vt_mode.relsig, 1) == 0) {
1696
1697
1698
1699
1700
1701 return;
1702 }
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713 reset_vc(vc);
1714
1715
1716
1717
1718 }
1719
1720
1721
1722
1723 if (vc->vc_mode == KD_GRAPHICS)
1724 return;
1725
1726 complete_change_console(new_vc);
1727}
1728
1729
1730
1731static int disable_vt_switch;
1732
1733int vt_move_to_console(unsigned int vt, int alloc)
1734{
1735 int prev;
1736
1737 acquire_console_sem();
1738
1739 if (disable_vt_switch) {
1740 release_console_sem();
1741 return 0;
1742 }
1743 prev = fg_console;
1744
1745 if (alloc && vc_allocate(vt)) {
1746
1747
1748 release_console_sem();
1749 return -ENOSPC;
1750 }
1751
1752 if (set_console(vt)) {
1753
1754
1755
1756
1757
1758 release_console_sem();
1759 return -EIO;
1760 }
1761 release_console_sem();
1762 if (vt_waitactive(vt + 1)) {
1763 pr_debug("Suspend: Can't switch VCs.");
1764 return -EINTR;
1765 }
1766 return prev;
1767}
1768
1769
1770
1771
1772
1773
1774
1775
1776void pm_set_vt_switch(int do_switch)
1777{
1778 acquire_console_sem();
1779 disable_vt_switch = !do_switch;
1780 release_console_sem();
1781}
1782EXPORT_SYMBOL(pm_set_vt_switch);
1783
