Wed Feb 19 11:40:31 2014 UTC ()
Fix kernel crash when a user tries to switch to nonexistent terminal.

Reported by Gabor Sebestyen in PR port-atari/48599.

Should be pulled up to all netbsd-6 branches.


(tsutsui)
diff -r1.71 -r1.72 src/sys/arch/atari/dev/ite.c
cvs diff -r1.71 -r1.72 src/sys/arch/atari/dev/ite.c (expand / switch to unified diff)

--- src/sys/arch/atari/dev/ite.c 2011/06/05 16:25:12 1.71
+++ src/sys/arch/atari/dev/ite.c 2014/02/19 11:40:31 1.72
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: ite.c,v 1.71 2011/06/05 16:25:12 tsutsui Exp $ */ 1/* $NetBSD: ite.c,v 1.72 2014/02/19 11:40:31 tsutsui Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1988 University of Utah. 4 * Copyright (c) 1988 University of Utah.
5 * Copyright (c) 1990 The Regents of the University of California. 5 * Copyright (c) 1990 The Regents of the University of California.
6 * All rights reserved. 6 * All rights reserved.
7 * 7 *
8 * This code is derived from software contributed to Berkeley by 8 * This code is derived from software contributed to Berkeley by
9 * the Systems Programming Group of the University of Utah Computer 9 * the Systems Programming Group of the University of Utah Computer
10 * Science Department. 10 * Science Department.
11 * 11 *
12 * Redistribution and use in source and binary forms, with or without 12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions 13 * modification, are permitted provided that the following conditions
14 * are met: 14 * are met:
@@ -34,27 +34,27 @@ @@ -34,27 +34,27 @@
34 * SUCH DAMAGE. 34 * SUCH DAMAGE.
35 * 35 *
36 * from: Utah Hdr: ite.c 1.1 90/07/09 36 * from: Utah Hdr: ite.c 1.1 90/07/09
37 * from: @(#)ite.c 7.6 (Berkeley) 5/16/91 37 * from: @(#)ite.c 7.6 (Berkeley) 5/16/91
38 */ 38 */
39 39
40/* 40/*
41 * ite - bitmapped terminal. 41 * ite - bitmapped terminal.
42 * Supports VT200, a few terminal features will be unavailable until 42 * Supports VT200, a few terminal features will be unavailable until
43 * the system actually probes the device (i.e. not after consinit()) 43 * the system actually probes the device (i.e. not after consinit())
44 */ 44 */
45 45
46#include <sys/cdefs.h> 46#include <sys/cdefs.h>
47__KERNEL_RCSID(0, "$NetBSD: ite.c,v 1.71 2011/06/05 16:25:12 tsutsui Exp $"); 47__KERNEL_RCSID(0, "$NetBSD: ite.c,v 1.72 2014/02/19 11:40:31 tsutsui Exp $");
48 48
49#include "opt_ddb.h" 49#include "opt_ddb.h"
50 50
51#include <sys/param.h> 51#include <sys/param.h>
52#include <sys/kernel.h> 52#include <sys/kernel.h>
53#include <sys/conf.h> 53#include <sys/conf.h>
54#include <sys/device.h> 54#include <sys/device.h>
55#include <sys/malloc.h> 55#include <sys/malloc.h>
56#include <sys/fcntl.h> 56#include <sys/fcntl.h>
57#include <sys/ioctl.h> 57#include <sys/ioctl.h>
58#include <sys/tty.h> 58#include <sys/tty.h>
59#include <sys/termios.h> 59#include <sys/termios.h>
60#include <sys/systm.h> 60#include <sys/systm.h>
@@ -655,28 +655,28 @@ ite_off(dev_t dev, int flag) @@ -655,28 +655,28 @@ ite_off(dev_t dev, int flag)
655 if ((flag & 1) || 655 if ((flag & 1) ||
656 (sc->flags & (ITE_INGRF | ITE_ISCONS | ITE_INITED)) == ITE_INITED) 656 (sc->flags & (ITE_INGRF | ITE_ISCONS | ITE_INITED)) == ITE_INITED)
657 SUBR_DEINIT(sc); 657 SUBR_DEINIT(sc);
658 if ((flag & 2) == 0) /* XXX hmm grfon() I think wants this to go inactive. */ 658 if ((flag & 2) == 0) /* XXX hmm grfon() I think wants this to go inactive. */
659 sc->flags &= ~ITE_ACTIVE; 659 sc->flags &= ~ITE_ACTIVE;
660} 660}
661 661
662static void 662static void
663ite_switch(int unit) 663ite_switch(int unit)
664{ 664{
665 struct ite_softc *sc; 665 struct ite_softc *sc;
666 extern const struct cdevsw view_cdevsw; 666 extern const struct cdevsw view_cdevsw;
667 667
668 sc = getitesp(unit); 668 sc = device_lookup_private(&ite_cd, unit);
669 if ((sc->flags & (ITE_ATTACHED | ITE_INITED)) == 0) 669 if (sc == NULL || (sc->flags & (ITE_ATTACHED | ITE_INITED)) == 0)
670 return; 670 return;
671 671
672 /* 672 /*
673 * If switching to an active ite, also switch the keyboard. 673 * If switching to an active ite, also switch the keyboard.
674 */ 674 */
675 if (sc->flags & ITE_ACTIVE) 675 if (sc->flags & ITE_ACTIVE)
676 kbd_ite = sc; 676 kbd_ite = sc;
677 677
678 /* 678 /*
679 * Now make it visible 679 * Now make it visible
680 */ 680 */
681 (*view_cdevsw.d_ioctl)(sc->grf->g_viewdev, VIOCDISPLAY, NULL, 681 (*view_cdevsw.d_ioctl)(sc->grf->g_viewdev, VIOCDISPLAY, NULL,
682 0, NOLWP); 682 0, NOLWP);