tty: Re-open /dev/tty without tty_mutex
Opening /dev/tty (ie., the controlling tty for the current task) is always a re-open of the underlying tty. Because holding the tty_lock is sufficient for safely re-opening a tty, and because having a tty kref is sufficient for safely acquiring the tty_lock [1], tty_open_current_tty() does not require holding tty_mutex. Repurpose tty_open_current_tty() to perform the re-open itself and refactor tty_open(). [1] Analysis of safely re-opening the current tty w/o tty_mutex get_current_tty() gets a tty kref from the already kref'ed tty value of current->signal->tty while holding the sighand lock for the current task. This guarantees that the tty pointer returned from get_current_tty() points to a tty which remains referenceable while holding the kref. Although release_tty() may run concurrently, and thus the driver reference may be removed, release_one_tty() cannot have run, and won't while holding the tty kref. This, in turn, guarantees the tty_lock() can safely be acquired (since tty->magic and tty->legacy_mutex are still a valid dereferences). The tty_lock() also gets a tty kref to prevent the tty_unlock() from dereferencing a released tty. Thus, the kref returned from get_current_tty() can be released. Lastly, the first operation of tty_reopen() is to check the tty count. If non-zero, this ensures release_tty() is not running concurrently, and the driver references have not been removed. Reviewed-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Peter Hurley <peter@hurleysoftware.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Peter Hurley
Greg Kroah-Hartman
parent
55199ea3bd
commit
52494eeb99
|
|
@ -1935,20 +1935,20 @@ int tty_release(struct inode *inode, struct file *filp)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* tty_open_current_tty - get tty of current task for open
|
* tty_open_current_tty - get locked tty of current task
|
||||||
* @device: device number
|
* @device: device number
|
||||||
* @filp: file pointer to tty
|
* @filp: file pointer to tty
|
||||||
* @return: tty of the current task iff @device is /dev/tty
|
* @return: locked tty of the current task iff @device is /dev/tty
|
||||||
|
*
|
||||||
|
* Performs a re-open of the current task's controlling tty.
|
||||||
*
|
*
|
||||||
* We cannot return driver and index like for the other nodes because
|
* We cannot return driver and index like for the other nodes because
|
||||||
* devpts will not work then. It expects inodes to be from devpts FS.
|
* devpts will not work then. It expects inodes to be from devpts FS.
|
||||||
*
|
|
||||||
* We need to move to returning a refcounted object from all the lookup
|
|
||||||
* paths including this one.
|
|
||||||
*/
|
*/
|
||||||
static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
|
static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
|
||||||
{
|
{
|
||||||
struct tty_struct *tty;
|
struct tty_struct *tty;
|
||||||
|
int retval;
|
||||||
|
|
||||||
if (device != MKDEV(TTYAUX_MAJOR, 0))
|
if (device != MKDEV(TTYAUX_MAJOR, 0))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
@ -1959,9 +1959,14 @@ static struct tty_struct *tty_open_current_tty(dev_t device, struct file *filp)
|
||||||
|
|
||||||
filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
|
filp->f_flags |= O_NONBLOCK; /* Don't let /dev/tty block */
|
||||||
/* noctty = 1; */
|
/* noctty = 1; */
|
||||||
tty_kref_put(tty);
|
tty_lock(tty);
|
||||||
/* FIXME: we put a reference and return a TTY! */
|
tty_kref_put(tty); /* safe to drop the kref now */
|
||||||
/* This is only safe because the caller holds tty_mutex */
|
|
||||||
|
retval = tty_reopen(tty);
|
||||||
|
if (retval < 0) {
|
||||||
|
tty_unlock(tty);
|
||||||
|
tty = ERR_PTR(retval);
|
||||||
|
}
|
||||||
return tty;
|
return tty;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -2059,13 +2064,9 @@ retry_open:
|
||||||
index = -1;
|
index = -1;
|
||||||
retval = 0;
|
retval = 0;
|
||||||
|
|
||||||
mutex_lock(&tty_mutex);
|
|
||||||
/* This is protected by the tty_mutex */
|
|
||||||
tty = tty_open_current_tty(device, filp);
|
tty = tty_open_current_tty(device, filp);
|
||||||
if (IS_ERR(tty)) {
|
if (!tty) {
|
||||||
retval = PTR_ERR(tty);
|
mutex_lock(&tty_mutex);
|
||||||
goto err_unlock;
|
|
||||||
} else if (!tty) {
|
|
||||||
driver = tty_lookup_driver(device, filp, &noctty, &index);
|
driver = tty_lookup_driver(device, filp, &noctty, &index);
|
||||||
if (IS_ERR(driver)) {
|
if (IS_ERR(driver)) {
|
||||||
retval = PTR_ERR(driver);
|
retval = PTR_ERR(driver);
|
||||||
|
|
@ -2078,21 +2079,21 @@ retry_open:
|
||||||
retval = PTR_ERR(tty);
|
retval = PTR_ERR(tty);
|
||||||
goto err_unlock;
|
goto err_unlock;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (tty) {
|
||||||
|
tty_lock(tty);
|
||||||
|
retval = tty_reopen(tty);
|
||||||
|
if (retval < 0) {
|
||||||
|
tty_unlock(tty);
|
||||||
|
tty = ERR_PTR(retval);
|
||||||
|
}
|
||||||
|
} else /* Returns with the tty_lock held for now */
|
||||||
|
tty = tty_init_dev(driver, index);
|
||||||
|
|
||||||
|
mutex_unlock(&tty_mutex);
|
||||||
|
tty_driver_kref_put(driver);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (tty) {
|
|
||||||
tty_lock(tty);
|
|
||||||
retval = tty_reopen(tty);
|
|
||||||
if (retval < 0) {
|
|
||||||
tty_unlock(tty);
|
|
||||||
tty = ERR_PTR(retval);
|
|
||||||
}
|
|
||||||
} else /* Returns with the tty_lock held for now */
|
|
||||||
tty = tty_init_dev(driver, index);
|
|
||||||
|
|
||||||
mutex_unlock(&tty_mutex);
|
|
||||||
if (driver)
|
|
||||||
tty_driver_kref_put(driver);
|
|
||||||
if (IS_ERR(tty)) {
|
if (IS_ERR(tty)) {
|
||||||
retval = PTR_ERR(tty);
|
retval = PTR_ERR(tty);
|
||||||
goto err_file;
|
goto err_file;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue