1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
55 module_param(debug, int, 0600);
57 /* Defaults: these are from the specification */
59 #define T1 10 /* 100mS */
60 #define T2 34 /* 333mS */
61 #define N2 3 /* Retry 3 times */
63 /* Use long timers for testing at low speed with debug on */
70 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
71 * limits so this is plenty
75 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
76 #define PROT_OVERHEAD 7
77 #define GSM_NET_TX_TIMEOUT (HZ*10)
80 * struct gsm_mux_net - network interface
81 * @struct gsm_dlci* dlci
83 * Created when net interface is initialized.
87 struct gsm_dlci *dlci;
91 * Each block of data we have queued to go out is in the form of
92 * a gsm_msg which holds everything we need in a link layer independent
97 struct list_head list;
98 u8 addr; /* DLCI address + flags */
99 u8 ctrl; /* Control byte + flags */
100 unsigned int len; /* Length of data block (can be zero) */
101 unsigned char *data; /* Points into buffer but not at the start */
102 unsigned char buffer[0];
106 * Each active data link has a gsm_dlci structure associated which ties
107 * the link layer to an optional tty (if the tty side is open). To avoid
108 * complexity right now these are only ever freed up when the mux is
111 * At the moment we don't free DLCI objects until the mux is torn down
112 * this avoid object life time issues but might be worth review later.
119 #define DLCI_CLOSED 0
120 #define DLCI_OPENING 1 /* Sending SABM not seen UA */
121 #define DLCI_OPEN 2 /* SABM/UA complete */
122 #define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
127 #define DLCI_MODE_ABM 0 /* Normal Asynchronous Balanced Mode */
128 #define DLCI_MODE_ADM 1 /* Asynchronous Disconnected Mode */
129 spinlock_t lock; /* Protects the internal state */
130 struct timer_list t1; /* Retransmit timer for SABM and UA */
132 /* Uplink tty if active */
133 struct tty_port port; /* The tty bound to this DLCI if there is one */
134 struct kfifo *fifo; /* Queue fifo for the DLCI */
135 struct kfifo _fifo; /* For new fifo API porting only */
136 int adaption; /* Adaption layer in use */
138 u32 modem_rx; /* Our incoming virtual modem lines */
139 u32 modem_tx; /* Our outgoing modem lines */
140 int dead; /* Refuse re-open */
142 int throttled; /* Private copy of throttle state */
143 int constipated; /* Throttle status for outgoing */
145 struct sk_buff *skb; /* Frame being sent */
146 struct sk_buff_head skb_list; /* Queued frames */
147 /* Data handling callback */
148 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
149 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
150 struct net_device *net; /* network interface, if created */
153 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
158 * DLCI 0 is used to pass control blocks out of band of the data
159 * flow (and with a higher link priority). One command can be outstanding
160 * at a time and we use this structure to manage them. They are created
161 * and destroyed by the user context, and updated by the receive paths
166 u8 cmd; /* Command we are issuing */
167 u8 *data; /* Data for the command in case we retransmit */
168 int len; /* Length of block for retransmission */
169 int done; /* Done flag */
170 int error; /* Error if any */
174 * Each GSM mux we have is represented by this structure. If we are
175 * operating as an ldisc then we use this structure as our ldisc
176 * state. We need to sort out lifetimes and locking with respect
177 * to the gsm mux array. For now we don't free DLCI objects that
178 * have been instantiated until the mux itself is terminated.
180 * To consider further: tty open versus mux shutdown.
184 struct tty_struct *tty; /* The tty our ldisc is bound to */
190 /* Events on the GSM channel */
191 wait_queue_head_t event;
193 /* Bits for GSM mode decoding */
200 #define GSM_ADDRESS 2
201 #define GSM_CONTROL 3
205 #define GSM_OVERRUN 7
210 unsigned int address;
217 u8 *txframe; /* TX framing buffer */
219 /* Methods for the receiver side */
220 void (*receive)(struct gsm_mux *gsm, u8 ch);
221 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
222 /* And transmit side */
223 int (*output)(struct gsm_mux *mux, u8 *data, int len);
228 int initiator; /* Did we initiate connection */
229 int dead; /* Has the mux been shut down */
230 struct gsm_dlci *dlci[NUM_DLCI];
231 int constipated; /* Asked by remote to shut up */
234 unsigned int tx_bytes; /* TX data outstanding */
235 #define TX_THRESH_HI 8192
236 #define TX_THRESH_LO 2048
237 struct list_head tx_list; /* Pending data packets */
239 /* Control messages */
240 struct timer_list t2_timer; /* Retransmit timer for commands */
241 int cretries; /* Command retry counter */
242 struct gsm_control *pending_cmd;/* Our current pending command */
243 spinlock_t control_lock; /* Protects the pending command */
246 int adaption; /* 1 or 2 supported */
247 u8 ftype; /* UI or UIH */
248 int t1, t2; /* Timers in 1/100th of a sec */
249 int n2; /* Retry count */
251 /* Statistics (not currently exposed) */
252 unsigned long bad_fcs;
253 unsigned long malformed;
254 unsigned long io_error;
255 unsigned long bad_size;
256 unsigned long unsupported;
261 * Mux objects - needed so that we can translate a tty index into the
262 * relevant mux and DLCI.
265 #define MAX_MUX 4 /* 256 minors */
266 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
267 static spinlock_t gsm_mux_lock;
269 static struct tty_driver *gsm_tty_driver;
272 * This section of the driver logic implements the GSM encodings
273 * both the basic and the 'advanced'. Reliable transport is not
281 /* I is special: the rest are ..*/
292 /* Channel commands */
294 #define CMD_TEST 0x11
297 #define CMD_FCOFF 0x31
300 #define CMD_FCON 0x51
305 /* Virtual modem bits */
312 #define GSM0_SOF 0xF9
313 #define GSM1_SOF 0x7E
314 #define GSM1_ESCAPE 0x7D
315 #define GSM1_ESCAPE_BITS 0x20
318 #define ISO_IEC_646_MASK 0x7F
320 static const struct tty_port_operations gsm_port_ops;
323 * CRC table for GSM 0710
326 static const u8 gsm_fcs8[256] = {
327 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
328 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
329 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
330 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
331 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
332 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
333 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
334 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
335 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
336 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
337 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
338 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
339 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
340 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
341 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
342 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
343 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
344 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
345 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
346 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
347 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
348 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
349 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
350 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
351 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
352 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
353 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
354 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
355 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
356 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
357 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
358 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
361 #define INIT_FCS 0xFF
362 #define GOOD_FCS 0xCF
365 * gsm_fcs_add - update FCS
369 * Update the FCS to include c. Uses the algorithm in the specification
373 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
375 return gsm_fcs8[fcs ^ c];
379 * gsm_fcs_add_block - update FCS for a block
382 * @len: length of buffer
384 * Update the FCS to include c. Uses the algorithm in the specification
388 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
391 fcs = gsm_fcs8[fcs ^ *c++];
396 * gsm_read_ea - read a byte into an EA
397 * @val: variable holding value
398 * c: byte going into the EA
400 * Processes one byte of an EA. Updates the passed variable
401 * and returns 1 if the EA is now completely read
404 static int gsm_read_ea(unsigned int *val, u8 c)
406 /* Add the next 7 bits into the value */
409 /* Was this the last byte of the EA 1 = yes*/
414 * gsm_read_ea_val - read a value until EA
415 * @val: variable holding value
416 * @data: buffer of data
417 * @dlen: length of data
419 * Processes an EA value. Updates the passed variable and
420 * returns the processed data length.
422 static unsigned int gsm_read_ea_val(unsigned int *val, const u8 *data, int dlen)
424 unsigned int len = 0;
426 for (; dlen > 0; dlen--) {
428 if (gsm_read_ea(val, *data++))
435 * gsm_encode_modem - encode modem data bits
436 * @dlci: DLCI to encode from
438 * Returns the correct GSM encoded modem status bits (6 bit field) for
439 * the current status of the DLCI and attached tty object
442 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
445 /* FC is true flow control not modem bits */
448 if (dlci->modem_tx & TIOCM_DTR)
449 modembits |= MDM_RTC;
450 if (dlci->modem_tx & TIOCM_RTS)
451 modembits |= MDM_RTR;
452 if (dlci->modem_tx & TIOCM_RI)
454 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
460 * gsm_print_packet - display a frame for debug
461 * @hdr: header to print before decode
462 * @addr: address EA from the frame
463 * @cr: C/R bit from the frame
464 * @control: control including PF bit
465 * @data: following data bytes
466 * @dlen: length of data
468 * Displays a packet in human readable format for debugging purposes. The
469 * style is based on amateur radio LAP-B dump display.
472 static void gsm_print_packet(const char *hdr, int addr, int cr,
473 u8 control, const u8 *data, int dlen)
478 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
480 switch (control & ~PF) {
500 if (!(control & 0x01)) {
501 pr_cont("I N(S)%d N(R)%d",
502 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
503 } else switch (control & 0x0F) {
505 pr_cont("RR(%d)", (control & 0xE0) >> 5);
508 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
511 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
514 pr_cont("[%02X]", control);
530 pr_cont("%02X ", *data++);
539 * Link level transmission side
543 * gsm_stuff_packet - bytestuff a packet
546 * @len: length of input
548 * Expand a buffer by bytestuffing it. The worst case size change
549 * is doubling and the caller is responsible for handing out
550 * suitable sized buffers.
553 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
557 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
558 || (*input & ISO_IEC_646_MASK) == XON
559 || (*input & ISO_IEC_646_MASK) == XOFF) {
560 *output++ = GSM1_ESCAPE;
561 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
564 *output++ = *input++;
571 * gsm_send - send a control frame
573 * @addr: address for control frame
574 * @cr: command/response bit
575 * @control: control byte including PF bit
577 * Format up and transmit a control frame. These do not go via the
578 * queueing logic as they should be transmitted ahead of data when
581 * FIXME: Lock versus data TX path
584 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
590 switch (gsm->encoding) {
593 cbuf[1] = (addr << 2) | (cr << 1) | EA;
595 cbuf[3] = EA; /* Length of data = 0 */
596 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
602 /* Control frame + packing (but not frame stuffing) in mode 1 */
603 ibuf[0] = (addr << 2) | (cr << 1) | EA;
605 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
606 /* Stuffing may double the size worst case */
607 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
608 /* Now add the SOF markers */
610 cbuf[len + 1] = GSM1_SOF;
611 /* FIXME: we can omit the lead one in many cases */
618 gsm->output(gsm, cbuf, len);
619 gsm_print_packet("-->", addr, cr, control, NULL, 0);
623 * gsm_response - send a control response
625 * @addr: address for control frame
626 * @control: control byte including PF bit
628 * Format up and transmit a link level response frame.
631 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
633 gsm_send(gsm, addr, 0, control);
637 * gsm_command - send a control command
639 * @addr: address for control frame
640 * @control: control byte including PF bit
642 * Format up and transmit a link level command frame.
645 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
647 gsm_send(gsm, addr, 1, control);
650 /* Data transmission */
652 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
655 * gsm_data_alloc - allocate data frame
657 * @addr: DLCI address
658 * @len: length excluding header and FCS
659 * @ctrl: control byte
661 * Allocate a new data buffer for sending frames with data. Space is left
662 * at the front for header bytes but that is treated as an implementation
663 * detail and not for the high level code to use
666 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
669 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
673 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
677 INIT_LIST_HEAD(&m->list);
682 * gsm_is_flow_ctrl_msg - checks if flow control message
683 * @msg: message to check
685 * Returns true if the given message is a flow control command of the
686 * control channel. False is returned in any other case.
688 static bool gsm_is_flow_ctrl_msg(struct gsm_msg *msg)
695 switch (msg->ctrl & ~PF) {
699 if (gsm_read_ea_val(&cmd, msg->data + 2, msg->len - 2) < 1)
713 * gsm_data_kick - poke the queue
716 * The tty device has called us to indicate that room has appeared in
717 * the transmit queue. Ram more data into the pipe if we have any
718 * If we have been flow-stopped by a CMD_FCOFF, then we can only
719 * send messages on DLCI0 until CMD_FCON
721 * FIXME: lock against link layer control transmissions
724 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
726 struct gsm_msg *msg, *nmsg;
729 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
730 if (gsm->constipated && !gsm_is_flow_ctrl_msg(msg))
732 if (gsm->encoding != 0) {
733 gsm->txframe[0] = GSM1_SOF;
734 len = gsm_stuff_frame(msg->data,
735 gsm->txframe + 1, msg->len);
736 gsm->txframe[len + 1] = GSM1_SOF;
739 gsm->txframe[0] = GSM0_SOF;
740 memcpy(gsm->txframe + 1 , msg->data, msg->len);
741 gsm->txframe[msg->len + 1] = GSM0_SOF;
746 print_hex_dump_bytes("gsm_data_kick: ",
749 if (gsm->output(gsm, gsm->txframe, len) < 0)
751 /* FIXME: Can eliminate one SOF in many more cases */
752 gsm->tx_bytes -= msg->len;
754 list_del(&msg->list);
758 tty_port_tty_wakeup(&dlci->port);
762 for (i = 0; i < NUM_DLCI; i++)
764 tty_port_tty_wakeup(&gsm->dlci[i]->port);
770 * __gsm_data_queue - queue a UI or UIH frame
771 * @dlci: DLCI sending the data
772 * @msg: message queued
774 * Add data to the transmit queue and try and get stuff moving
775 * out of the mux tty if not already doing so. The Caller must hold
779 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
781 struct gsm_mux *gsm = dlci->gsm;
783 u8 *fcs = dp + msg->len;
785 /* Fill in the header */
786 if (gsm->encoding == 0) {
788 *--dp = (msg->len << 1) | EA;
790 *--dp = (msg->len >> 7); /* bits 7 - 15 */
791 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
797 *--dp = (msg->addr << 2) | 2 | EA;
799 *--dp = (msg->addr << 2) | EA;
800 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
801 /* Ugly protocol layering violation */
802 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
803 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
806 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
807 msg->data, msg->len);
809 /* Move the header back and adjust the length, also allow for the FCS
810 now tacked on the end */
811 msg->len += (msg->data - dp) + 1;
814 /* Add to the actual output queue */
815 list_add_tail(&msg->list, &gsm->tx_list);
816 gsm->tx_bytes += msg->len;
817 gsm_data_kick(gsm, dlci);
821 * gsm_data_queue - queue a UI or UIH frame
822 * @dlci: DLCI sending the data
823 * @msg: message queued
825 * Add data to the transmit queue and try and get stuff moving
826 * out of the mux tty if not already doing so. Take the
827 * the gsm tx lock and dlci lock.
830 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
833 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
834 __gsm_data_queue(dlci, msg);
835 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
839 * gsm_dlci_data_output - try and push data out of a DLCI
841 * @dlci: the DLCI to pull data from
843 * Pull data from a DLCI and send it into the transmit queue if there
844 * is data. Keep to the MRU of the mux. This path handles the usual tty
845 * interface which is a byte stream with optional modem data.
847 * Caller must hold the tx_lock of the mux.
850 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
854 int len, total_size, size;
855 int h = dlci->adaption - 1;
859 len = kfifo_len(dlci->fifo);
863 /* MTU/MRU count only the data bits */
869 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
870 /* FIXME: need a timer or something to kick this so it can't
871 get stuck with no work outstanding and no buffer free */
875 switch (dlci->adaption) {
876 case 1: /* Unstructured */
878 case 2: /* Unstructed with modem bits.
879 Always one byte as we never send inline break data */
880 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
883 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
884 __gsm_data_queue(dlci, msg);
887 /* Bytes of data we used up */
892 * gsm_dlci_data_output_framed - try and push data out of a DLCI
894 * @dlci: the DLCI to pull data from
896 * Pull data from a DLCI and send it into the transmit queue if there
897 * is data. Keep to the MRU of the mux. This path handles framed data
898 * queued as skbuffs to the DLCI.
900 * Caller must hold the tx_lock of the mux.
903 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
904 struct gsm_dlci *dlci)
909 int last = 0, first = 0;
912 /* One byte per frame is used for B/F flags */
913 if (dlci->adaption == 4)
916 /* dlci->skb is locked by tx_lock */
917 if (dlci->skb == NULL) {
918 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
919 if (dlci->skb == NULL)
923 len = dlci->skb->len + overhead;
925 /* MTU/MRU count only the data bits */
926 if (len > gsm->mtu) {
927 if (dlci->adaption == 3) {
928 /* Over long frame, bin it */
929 dev_kfree_skb_any(dlci->skb);
937 size = len + overhead;
938 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
940 /* FIXME: need a timer or something to kick this so it can't
941 get stuck with no work outstanding and no buffer free */
943 skb_queue_tail(&dlci->skb_list, dlci->skb);
949 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
950 /* Flag byte to carry the start/end info */
951 *dp++ = last << 7 | first << 6 | 1; /* EA */
954 memcpy(dp, dlci->skb->data, len);
955 skb_pull(dlci->skb, len);
956 __gsm_data_queue(dlci, msg);
958 dev_kfree_skb_any(dlci->skb);
965 * gsm_dlci_data_sweep - look for data to send
968 * Sweep the GSM mux channels in priority order looking for ones with
969 * data to send. We could do with optimising this scan a bit. We aim
970 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
971 * TX_THRESH_LO we get called again
973 * FIXME: We should round robin between groups and in theory you can
974 * renegotiate DLCI priorities with optional stuff. Needs optimising.
977 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
980 /* Priority ordering: We should do priority with RR of the groups */
983 while (i < NUM_DLCI) {
984 struct gsm_dlci *dlci;
986 if (gsm->tx_bytes > TX_THRESH_HI)
989 if (dlci == NULL || dlci->constipated) {
993 if (dlci->adaption < 3 && !dlci->net)
994 len = gsm_dlci_data_output(gsm, dlci);
996 len = gsm_dlci_data_output_framed(gsm, dlci);
999 /* DLCI empty - try the next */
1006 * gsm_dlci_data_kick - transmit if possible
1007 * @dlci: DLCI to kick
1009 * Transmit data from this DLCI if the queue is empty. We can't rely on
1010 * a tty wakeup except when we filled the pipe so we need to fire off
1011 * new data ourselves in other cases.
1014 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
1016 unsigned long flags;
1019 if (dlci->constipated)
1022 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1023 /* If we have nothing running then we need to fire up */
1024 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
1025 if (dlci->gsm->tx_bytes == 0) {
1027 gsm_dlci_data_output_framed(dlci->gsm, dlci);
1029 gsm_dlci_data_output(dlci->gsm, dlci);
1032 gsm_dlci_data_sweep(dlci->gsm);
1033 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1037 * Control message processing
1042 * gsm_control_reply - send a response frame to a control
1044 * @cmd: the command to use
1045 * @data: data to follow encoded info
1046 * @dlen: length of data
1048 * Encode up and queue a UI/UIH frame containing our response.
1051 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1054 struct gsm_msg *msg;
1055 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1058 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1059 msg->data[1] = (dlen << 1) | EA;
1060 memcpy(msg->data + 2, data, dlen);
1061 gsm_data_queue(gsm->dlci[0], msg);
1065 * gsm_process_modem - process received modem status
1066 * @tty: virtual tty bound to the DLCI
1067 * @dlci: DLCI to affect
1068 * @modem: modem bits (full EA)
1070 * Used when a modem control message or line state inline in adaption
1071 * layer 2 is processed. Sort out the local modem state and throttles
1074 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1075 u32 modem, int clen)
1081 /* The modem status command can either contain one octet (v.24 signals)
1082 or two octets (v.24 signals + break signals). The length field will
1083 either be 2 or 3 respectively. This is specified in section
1084 5.4.6.3.7 of the 27.010 mux spec. */
1087 modem = modem & 0x7f;
1090 modem = (modem >> 7) & 0x7f;
1093 /* Flow control/ready to communicate */
1094 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1095 if (fc && !dlci->constipated) {
1096 /* Need to throttle our output on this device */
1097 dlci->constipated = 1;
1098 } else if (!fc && dlci->constipated) {
1099 dlci->constipated = 0;
1100 gsm_dlci_data_kick(dlci);
1103 /* Map modem bits */
1104 if (modem & MDM_RTC)
1105 mlines |= TIOCM_DSR | TIOCM_DTR;
1106 if (modem & MDM_RTR)
1107 mlines |= TIOCM_RTS | TIOCM_CTS;
1113 /* Carrier drop -> hangup */
1115 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1120 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1121 dlci->modem_rx = mlines;
1125 * gsm_control_modem - modem status received
1127 * @data: data following command
1128 * @clen: command length
1130 * We have received a modem status control message. This is used by
1131 * the GSM mux protocol to pass virtual modem line status and optionally
1132 * to indicate break signals. Unpack it, convert to Linux representation
1133 * and if need be stuff a break message down the tty.
1136 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1138 unsigned int addr = 0;
1139 unsigned int modem = 0;
1140 unsigned int brk = 0;
1141 struct gsm_dlci *dlci;
1143 const u8 *dp = data;
1144 struct tty_struct *tty;
1146 while (gsm_read_ea(&addr, *dp++) == 0) {
1151 /* Must be at least one byte following the EA */
1157 /* Closed port, or invalid ? */
1158 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1160 dlci = gsm->dlci[addr];
1162 while (gsm_read_ea(&modem, *dp++) == 0) {
1169 while (gsm_read_ea(&brk, *dp++) == 0) {
1175 modem |= (brk & 0x7f);
1177 tty = tty_port_tty_get(&dlci->port);
1178 gsm_process_modem(tty, dlci, modem, clen);
1183 gsm_control_reply(gsm, CMD_MSC, data, clen);
1187 * gsm_control_rls - remote line status
1190 * @clen: data length
1192 * The modem sends us a two byte message on the control channel whenever
1193 * it wishes to send us an error state from the virtual link. Stuff
1194 * this into the uplink tty if present
1197 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1199 struct tty_port *port;
1200 unsigned int addr = 0;
1203 const u8 *dp = data;
1205 while (gsm_read_ea(&addr, *dp++) == 0) {
1210 /* Must be at least one byte following ea */
1215 /* Closed port, or invalid ? */
1216 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1220 if ((bits & 1) == 0)
1223 port = &gsm->dlci[addr]->port;
1226 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1228 tty_insert_flip_char(port, 0, TTY_PARITY);
1230 tty_insert_flip_char(port, 0, TTY_FRAME);
1232 tty_flip_buffer_push(port);
1234 gsm_control_reply(gsm, CMD_RLS, data, clen);
1237 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1240 * gsm_control_message - DLCI 0 control processing
1242 * @command: the command EA
1243 * @data: data beyond the command/length EAs
1246 * Input processor for control messages from the other end of the link.
1247 * Processes the incoming request and queues a response frame or an
1248 * NSC response if not supported
1251 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1252 const u8 *data, int clen)
1255 unsigned long flags;
1259 struct gsm_dlci *dlci = gsm->dlci[0];
1260 /* Modem wishes to close down */
1264 gsm_dlci_begin_close(dlci);
1269 /* Modem wishes to test, reply with the data */
1270 gsm_control_reply(gsm, CMD_TEST, data, clen);
1273 /* Modem can accept data again */
1274 gsm->constipated = 0;
1275 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1276 /* Kick the link in case it is idling */
1277 spin_lock_irqsave(&gsm->tx_lock, flags);
1278 gsm_data_kick(gsm, NULL);
1279 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1282 /* Modem wants us to STFU */
1283 gsm->constipated = 1;
1284 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1287 /* Out of band modem line change indicator for a DLCI */
1288 gsm_control_modem(gsm, data, clen);
1291 /* Out of band error reception for a DLCI */
1292 gsm_control_rls(gsm, data, clen);
1295 /* Modem wishes to enter power saving state */
1296 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1298 /* Optional unsupported commands */
1299 case CMD_PN: /* Parameter negotiation */
1300 case CMD_RPN: /* Remote port negotiation */
1301 case CMD_SNC: /* Service negotiation command */
1303 /* Reply to bad commands with an NSC */
1305 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1311 * gsm_control_response - process a response to our control
1313 * @command: the command (response) EA
1314 * @data: data beyond the command/length EA
1317 * Process a response to an outstanding command. We only allow a single
1318 * control message in flight so this is fairly easy. All the clean up
1319 * is done by the caller, we just update the fields, flag it as done
1323 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1324 const u8 *data, int clen)
1326 struct gsm_control *ctrl;
1327 unsigned long flags;
1329 spin_lock_irqsave(&gsm->control_lock, flags);
1331 ctrl = gsm->pending_cmd;
1332 /* Does the reply match our command */
1334 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1335 /* Our command was replied to, kill the retry timer */
1336 del_timer(&gsm->t2_timer);
1337 gsm->pending_cmd = NULL;
1338 /* Rejected by the other end */
1339 if (command == CMD_NSC)
1340 ctrl->error = -EOPNOTSUPP;
1342 wake_up(&gsm->event);
1344 spin_unlock_irqrestore(&gsm->control_lock, flags);
1348 * gsm_control_transmit - send control packet
1350 * @ctrl: frame to send
1352 * Send out a pending control command (called under control lock)
1355 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1357 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype);
1360 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */
1361 msg->data[1] = (ctrl->len << 1) | EA;
1362 memcpy(msg->data + 2, ctrl->data, ctrl->len);
1363 gsm_data_queue(gsm->dlci[0], msg);
1367 * gsm_control_retransmit - retransmit a control frame
1368 * @data: pointer to our gsm object
1370 * Called off the T2 timer expiry in order to retransmit control frames
1371 * that have been lost in the system somewhere. The control_lock protects
1372 * us from colliding with another sender or a receive completion event.
1373 * In that situation the timer may still occur in a small window but
1374 * gsm->pending_cmd will be NULL and we just let the timer expire.
1377 static void gsm_control_retransmit(struct timer_list *t)
1379 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1380 struct gsm_control *ctrl;
1381 unsigned long flags;
1382 spin_lock_irqsave(&gsm->control_lock, flags);
1383 ctrl = gsm->pending_cmd;
1385 if (gsm->cretries == 0 || !gsm->dlci[0] || gsm->dlci[0]->dead) {
1386 gsm->pending_cmd = NULL;
1387 ctrl->error = -ETIMEDOUT;
1389 spin_unlock_irqrestore(&gsm->control_lock, flags);
1390 wake_up(&gsm->event);
1394 gsm_control_transmit(gsm, ctrl);
1395 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1397 spin_unlock_irqrestore(&gsm->control_lock, flags);
1401 * gsm_control_send - send a control frame on DLCI 0
1402 * @gsm: the GSM channel
1403 * @command: command to send including CR bit
1404 * @data: bytes of data (must be kmalloced)
1405 * @len: length of the block to send
1407 * Queue and dispatch a control command. Only one command can be
1408 * active at a time. In theory more can be outstanding but the matching
1409 * gets really complicated so for now stick to one outstanding.
1412 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1413 unsigned int command, u8 *data, int clen)
1415 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1417 unsigned long flags;
1421 wait_event(gsm->event, gsm->pending_cmd == NULL);
1422 spin_lock_irqsave(&gsm->control_lock, flags);
1423 if (gsm->pending_cmd != NULL) {
1424 spin_unlock_irqrestore(&gsm->control_lock, flags);
1427 ctrl->cmd = command;
1430 gsm->pending_cmd = ctrl;
1432 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1433 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1436 gsm->cretries = gsm->n2;
1438 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1439 gsm_control_transmit(gsm, ctrl);
1440 spin_unlock_irqrestore(&gsm->control_lock, flags);
1445 * gsm_control_wait - wait for a control to finish
1447 * @control: control we are waiting on
1449 * Waits for the control to complete or time out. Frees any used
1450 * resources and returns 0 for success, or an error if the remote
1451 * rejected or ignored the request.
1454 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1457 wait_event(gsm->event, control->done == 1);
1458 err = control->error;
1465 * DLCI level handling: Needs krefs
1469 * State transitions and timers
1473 * gsm_dlci_close - a DLCI has closed
1474 * @dlci: DLCI that closed
1476 * Perform processing when moving a DLCI into closed state. If there
1477 * is an attached tty this is hung up
1480 static void gsm_dlci_close(struct gsm_dlci *dlci)
1482 del_timer(&dlci->t1);
1484 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1485 dlci->state = DLCI_CLOSED;
1486 if (dlci->addr != 0) {
1487 tty_port_tty_hangup(&dlci->port, false);
1488 kfifo_reset(dlci->fifo);
1490 dlci->gsm->dead = 1;
1491 wake_up(&dlci->gsm->event);
1492 /* A DLCI 0 close is a MUX termination so we need to kick that
1493 back to userspace somehow */
1497 * gsm_dlci_open - a DLCI has opened
1498 * @dlci: DLCI that opened
1500 * Perform processing when moving a DLCI into open state.
1503 static void gsm_dlci_open(struct gsm_dlci *dlci)
1505 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1507 del_timer(&dlci->t1);
1508 /* This will let a tty open continue */
1509 dlci->state = DLCI_OPEN;
1511 pr_debug("DLCI %d goes open.\n", dlci->addr);
1512 wake_up(&dlci->gsm->event);
1516 * gsm_dlci_t1 - T1 timer expiry
1517 * @dlci: DLCI that opened
1519 * The T1 timer handles retransmits of control frames (essentially of
1520 * SABM and DISC). We resend the command until the retry count runs out
1521 * in which case an opening port goes back to closed and a closing port
1522 * is simply put into closed state (any further frames from the other
1523 * end will get a DM response)
1525 * Some control dlci can stay in ADM mode with other dlci working just
1526 * fine. In that case we can just keep the control dlci open after the
1527 * DLCI_OPENING retries time out.
1530 static void gsm_dlci_t1(struct timer_list *t)
1532 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1533 struct gsm_mux *gsm = dlci->gsm;
1535 switch (dlci->state) {
1537 if (dlci->retries) {
1539 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1540 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1541 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1543 pr_info("DLCI %d opening in ADM mode.\n",
1545 dlci->mode = DLCI_MODE_ADM;
1546 gsm_dlci_open(dlci);
1548 gsm_dlci_begin_close(dlci); /* prevent half open link */
1553 if (dlci->retries) {
1555 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1556 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1558 gsm_dlci_close(dlci);
1564 * gsm_dlci_begin_open - start channel open procedure
1565 * @dlci: DLCI to open
1567 * Commence opening a DLCI from the Linux side. We issue SABM messages
1568 * to the modem which should then reply with a UA or ADM, at which point
1569 * we will move into open state. Opening is done asynchronously with retry
1570 * running off timers and the responses.
1573 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1575 struct gsm_mux *gsm = dlci->gsm;
1576 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1578 dlci->retries = gsm->n2;
1579 dlci->state = DLCI_OPENING;
1580 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1581 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1585 * gsm_dlci_begin_close - start channel open procedure
1586 * @dlci: DLCI to open
1588 * Commence closing a DLCI from the Linux side. We issue DISC messages
1589 * to the modem which should then reply with a UA, at which point we
1590 * will move into closed state. Closing is done asynchronously with retry
1591 * off timers. We may also receive a DM reply from the other end which
1592 * indicates the channel was already closed.
1595 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1597 struct gsm_mux *gsm = dlci->gsm;
1598 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1600 dlci->retries = gsm->n2;
1601 dlci->state = DLCI_CLOSING;
1602 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1603 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1607 * gsm_dlci_data - data arrived
1609 * @data: block of bytes received
1610 * @len: length of received block
1612 * A UI or UIH frame has arrived which contains data for a channel
1613 * other than the control channel. If the relevant virtual tty is
1614 * open we shovel the bits down it, if not we drop them.
1617 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1620 struct tty_port *port = &dlci->port;
1621 struct tty_struct *tty;
1622 unsigned int modem = 0;
1626 pr_debug("%d bytes for tty\n", len);
1627 switch (dlci->adaption) {
1628 /* Unsupported types */
1629 case 4: /* Packetised interruptible data */
1631 case 3: /* Packetised uininterruptible voice/data */
1633 case 2: /* Asynchronous serial with line state in each frame */
1634 while (gsm_read_ea(&modem, *data++) == 0) {
1639 tty = tty_port_tty_get(port);
1641 gsm_process_modem(tty, dlci, modem, clen);
1645 case 1: /* Line state will go via DLCI 0 controls only */
1647 tty_insert_flip_string(port, data, len);
1648 tty_flip_buffer_push(port);
1653 * gsm_dlci_control - data arrived on control channel
1655 * @data: block of bytes received
1656 * @len: length of received block
1658 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1659 * control channel. This should contain a command EA followed by
1660 * control data bytes. The command EA contains a command/response bit
1661 * and we divide up the work accordingly.
1664 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1666 /* See what command is involved */
1667 unsigned int command = 0;
1669 if (gsm_read_ea(&command, *data++) == 1) {
1672 /* FIXME: this is properly an EA */
1674 /* Malformed command ? */
1678 gsm_control_message(dlci->gsm, command,
1681 gsm_control_response(dlci->gsm, command,
1689 * Allocate/Free DLCI channels
1693 * gsm_dlci_alloc - allocate a DLCI
1695 * @addr: address of the DLCI
1697 * Allocate and install a new DLCI object into the GSM mux.
1699 * FIXME: review locking races
1702 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1704 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1707 spin_lock_init(&dlci->lock);
1708 mutex_init(&dlci->mutex);
1709 dlci->fifo = &dlci->_fifo;
1710 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1715 skb_queue_head_init(&dlci->skb_list);
1716 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1717 tty_port_init(&dlci->port);
1718 dlci->port.ops = &gsm_port_ops;
1721 dlci->adaption = gsm->adaption;
1722 dlci->state = DLCI_CLOSED;
1724 dlci->data = gsm_dlci_data;
1726 dlci->data = gsm_dlci_command;
1727 gsm->dlci[addr] = dlci;
1732 * gsm_dlci_free - free DLCI
1733 * @dlci: DLCI to free
1739 static void gsm_dlci_free(struct tty_port *port)
1741 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1743 del_timer_sync(&dlci->t1);
1744 dlci->gsm->dlci[dlci->addr] = NULL;
1745 kfifo_free(dlci->fifo);
1746 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1747 dev_kfree_skb(dlci->skb);
1751 static inline void dlci_get(struct gsm_dlci *dlci)
1753 tty_port_get(&dlci->port);
1756 static inline void dlci_put(struct gsm_dlci *dlci)
1758 tty_port_put(&dlci->port);
1761 static void gsm_destroy_network(struct gsm_dlci *dlci);
1764 * gsm_dlci_release - release DLCI
1765 * @dlci: DLCI to destroy
1767 * Release a DLCI. Actual free is deferred until either
1768 * mux is closed or tty is closed - whichever is last.
1772 static void gsm_dlci_release(struct gsm_dlci *dlci)
1774 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1776 mutex_lock(&dlci->mutex);
1777 gsm_destroy_network(dlci);
1778 mutex_unlock(&dlci->mutex);
1780 /* We cannot use tty_hangup() because in tty_kref_put() the tty
1781 * driver assumes that the hangup queue is free and reuses it to
1782 * queue release_one_tty() -> NULL pointer panic in
1783 * process_one_work().
1787 tty_port_tty_set(&dlci->port, NULL);
1790 dlci->state = DLCI_CLOSED;
1795 * LAPBish link layer logic
1799 * gsm_queue - a GSM frame is ready to process
1800 * @gsm: pointer to our gsm mux
1802 * At this point in time a frame has arrived and been demangled from
1803 * the line encoding. All the differences between the encodings have
1804 * been handled below us and the frame is unpacked into the structures.
1805 * The fcs holds the header FCS but any data FCS must be added here.
1808 static void gsm_queue(struct gsm_mux *gsm)
1810 struct gsm_dlci *dlci;
1813 /* We have to sneak a look at the packet body to do the FCS.
1814 A somewhat layering violation in the spec */
1816 if ((gsm->control & ~PF) == UI)
1817 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1818 if (gsm->encoding == 0) {
1819 /* WARNING: gsm->received_fcs is used for
1820 gsm->encoding = 0 only.
1821 In this case it contain the last piece of data
1822 required to generate final CRC */
1823 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1825 if (gsm->fcs != GOOD_FCS) {
1828 pr_debug("BAD FCS %02x\n", gsm->fcs);
1831 address = gsm->address >> 1;
1832 if (address >= NUM_DLCI)
1835 cr = gsm->address & 1; /* C/R bit */
1837 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1839 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1840 dlci = gsm->dlci[address];
1842 switch (gsm->control) {
1847 dlci = gsm_dlci_alloc(gsm, address);
1851 gsm_response(gsm, address, DM);
1853 gsm_response(gsm, address, UA);
1854 gsm_dlci_open(dlci);
1860 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1861 gsm_response(gsm, address, DM);
1864 /* Real close complete */
1865 gsm_response(gsm, address, UA);
1866 gsm_dlci_close(dlci);
1869 if (cr == 0 || dlci == NULL)
1871 switch (dlci->state) {
1873 gsm_dlci_close(dlci);
1876 gsm_dlci_open(dlci);
1880 case DM: /* DM can be valid unsolicited */
1886 gsm_dlci_close(dlci);
1896 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1897 gsm_response(gsm, address, DM|PF);
1900 dlci->data(dlci, gsm->buf, gsm->len);
1913 * gsm0_receive - perform processing for non-transparency
1914 * @gsm: gsm data for this ldisc instance
1917 * Receive bytes in gsm mode 0
1920 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1924 switch (gsm->state) {
1925 case GSM_SEARCH: /* SOF marker */
1926 if (c == GSM0_SOF) {
1927 gsm->state = GSM_ADDRESS;
1930 gsm->fcs = INIT_FCS;
1933 case GSM_ADDRESS: /* Address EA */
1934 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1935 if (gsm_read_ea(&gsm->address, c))
1936 gsm->state = GSM_CONTROL;
1938 case GSM_CONTROL: /* Control Byte */
1939 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1941 gsm->state = GSM_LEN0;
1943 case GSM_LEN0: /* Length EA */
1944 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1945 if (gsm_read_ea(&gsm->len, c)) {
1946 if (gsm->len > gsm->mru) {
1948 gsm->state = GSM_SEARCH;
1953 gsm->state = GSM_FCS;
1955 gsm->state = GSM_DATA;
1958 gsm->state = GSM_LEN1;
1961 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1963 gsm->len |= len << 7;
1964 if (gsm->len > gsm->mru) {
1966 gsm->state = GSM_SEARCH;
1971 gsm->state = GSM_FCS;
1973 gsm->state = GSM_DATA;
1975 case GSM_DATA: /* Data */
1976 gsm->buf[gsm->count++] = c;
1977 if (gsm->count == gsm->len)
1978 gsm->state = GSM_FCS;
1980 case GSM_FCS: /* FCS follows the packet */
1981 gsm->received_fcs = c;
1983 gsm->state = GSM_SSOF;
1986 if (c == GSM0_SOF) {
1987 gsm->state = GSM_SEARCH;
1995 * gsm1_receive - perform processing for non-transparency
1996 * @gsm: gsm data for this ldisc instance
1999 * Receive bytes in mode 1 (Advanced option)
2002 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2004 if (c == GSM1_SOF) {
2005 /* EOF is only valid in frame if we have got to the data state
2006 and received at least one byte (the FCS) */
2007 if (gsm->state == GSM_DATA && gsm->count) {
2008 /* Extract the FCS */
2010 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2011 gsm->len = gsm->count;
2013 gsm->state = GSM_START;
2016 /* Any partial frame was a runt so go back to start */
2017 if (gsm->state != GSM_START) {
2018 if (gsm->state != GSM_SEARCH)
2020 gsm->state = GSM_START;
2022 /* A SOF in GSM_START means we are still reading idling or
2027 if (c == GSM1_ESCAPE) {
2032 /* Only an unescaped SOF gets us out of GSM search */
2033 if (gsm->state == GSM_SEARCH)
2037 c ^= GSM1_ESCAPE_BITS;
2040 switch (gsm->state) {
2041 case GSM_START: /* First byte after SOF */
2043 gsm->state = GSM_ADDRESS;
2044 gsm->fcs = INIT_FCS;
2046 case GSM_ADDRESS: /* Address continuation */
2047 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2048 if (gsm_read_ea(&gsm->address, c))
2049 gsm->state = GSM_CONTROL;
2051 case GSM_CONTROL: /* Control Byte */
2052 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2055 gsm->state = GSM_DATA;
2057 case GSM_DATA: /* Data */
2058 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2059 gsm->state = GSM_OVERRUN;
2062 gsm->buf[gsm->count++] = c;
2064 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2070 * gsm_error - handle tty error
2072 * @data: byte received (may be invalid)
2073 * @flag: error received
2075 * Handle an error in the receipt of data for a frame. Currently we just
2076 * go back to hunting for a SOF.
2078 * FIXME: better diagnostics ?
2081 static void gsm_error(struct gsm_mux *gsm,
2082 unsigned char data, unsigned char flag)
2084 gsm->state = GSM_SEARCH;
2088 static int gsm_disconnect(struct gsm_mux *gsm)
2090 struct gsm_dlci *dlci = gsm->dlci[0];
2091 struct gsm_control *gc;
2096 /* In theory disconnecting DLCI 0 is sufficient but for some
2097 modems this is apparently not the case. */
2098 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2100 gsm_control_wait(gsm, gc);
2102 del_timer_sync(&gsm->t2_timer);
2103 /* Now we are sure T2 has stopped */
2105 gsm_dlci_begin_close(dlci);
2106 wait_event_interruptible(gsm->event,
2107 dlci->state == DLCI_CLOSED);
2109 if (signal_pending(current))
2116 * gsm_cleanup_mux - generic GSM protocol cleanup
2119 * Clean up the bits of the mux which are the same for all framing
2120 * protocols. Remove the mux from the mux table, stop all the timers
2121 * and then shut down each device hanging up the channels as we go.
2124 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2127 struct gsm_dlci *dlci = gsm->dlci[0];
2128 struct gsm_msg *txq, *ntxq;
2132 spin_lock(&gsm_mux_lock);
2133 for (i = 0; i < MAX_MUX; i++) {
2134 if (gsm_mux[i] == gsm) {
2139 spin_unlock(&gsm_mux_lock);
2140 /* open failed before registering => nothing to do */
2144 del_timer_sync(&gsm->t2_timer);
2145 /* Now we are sure T2 has stopped */
2149 /* Free up any link layer users */
2150 mutex_lock(&gsm->mutex);
2151 for (i = 0; i < NUM_DLCI; i++)
2153 gsm_dlci_release(gsm->dlci[i]);
2154 mutex_unlock(&gsm->mutex);
2155 /* Now wipe the queues */
2156 tty_ldisc_flush(gsm->tty);
2157 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2159 INIT_LIST_HEAD(&gsm->tx_list);
2163 * gsm_activate_mux - generic GSM setup
2166 * Set up the bits of the mux which are the same for all framing
2167 * protocols. Add the mux to the mux table so it can be opened and
2168 * finally kick off connecting to DLCI 0 on the modem.
2171 static int gsm_activate_mux(struct gsm_mux *gsm)
2173 struct gsm_dlci *dlci;
2176 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2177 init_waitqueue_head(&gsm->event);
2178 spin_lock_init(&gsm->control_lock);
2179 spin_lock_init(&gsm->tx_lock);
2181 if (gsm->encoding == 0)
2182 gsm->receive = gsm0_receive;
2184 gsm->receive = gsm1_receive;
2185 gsm->error = gsm_error;
2187 spin_lock(&gsm_mux_lock);
2188 for (i = 0; i < MAX_MUX; i++) {
2189 if (gsm_mux[i] == NULL) {
2195 spin_unlock(&gsm_mux_lock);
2199 dlci = gsm_dlci_alloc(gsm, 0);
2202 gsm->dead = 0; /* Tty opens are now permissible */
2207 * gsm_free_mux - free up a mux
2210 * Dispose of allocated resources for a dead mux
2212 static void gsm_free_mux(struct gsm_mux *gsm)
2214 kfree(gsm->txframe);
2220 * gsm_free_muxr - free up a mux
2223 * Dispose of allocated resources for a dead mux
2225 static void gsm_free_muxr(struct kref *ref)
2227 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2231 static inline void mux_get(struct gsm_mux *gsm)
2233 kref_get(&gsm->ref);
2236 static inline void mux_put(struct gsm_mux *gsm)
2238 kref_put(&gsm->ref, gsm_free_muxr);
2241 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2243 return gsm->num * NUM_DLCI;
2246 static inline unsigned int mux_line_to_num(unsigned int line)
2248 return line / NUM_DLCI;
2252 * gsm_alloc_mux - allocate a mux
2254 * Creates a new mux ready for activation.
2257 static struct gsm_mux *gsm_alloc_mux(void)
2259 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2262 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2263 if (gsm->buf == NULL) {
2267 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
2268 if (gsm->txframe == NULL) {
2273 spin_lock_init(&gsm->lock);
2274 mutex_init(&gsm->mutex);
2275 kref_init(&gsm->ref);
2276 INIT_LIST_HEAD(&gsm->tx_list);
2284 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2286 gsm->dead = 1; /* Avoid early tty opens */
2291 static void gsm_copy_config_values(struct gsm_mux *gsm,
2292 struct gsm_config *c)
2294 memset(c, 0, sizeof(*c));
2295 c->adaption = gsm->adaption;
2296 c->encapsulation = gsm->encoding;
2297 c->initiator = gsm->initiator;
2300 c->t3 = 0; /* Not supported */
2302 if (gsm->ftype == UIH)
2306 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2312 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2316 int need_restart = 0;
2318 /* Stuff we don't support yet - UI or I frame transport, windowing */
2319 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2321 /* Check the MRU/MTU range looks sane */
2322 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2326 if (c->encapsulation > 1) /* Basic, advanced, no I */
2328 if (c->initiator > 1)
2330 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2333 * See what is needed for reconfiguration
2337 if (c->t1 != 0 && c->t1 != gsm->t1)
2339 if (c->t2 != 0 && c->t2 != gsm->t2)
2341 if (c->encapsulation != gsm->encoding)
2343 if (c->adaption != gsm->adaption)
2346 if (c->initiator != gsm->initiator)
2348 if (c->mru != gsm->mru)
2350 if (c->mtu != gsm->mtu)
2354 * Close down what is needed, restart and initiate the new
2358 if (need_close || need_restart) {
2361 ret = gsm_disconnect(gsm);
2367 gsm_cleanup_mux(gsm);
2369 gsm->initiator = c->initiator;
2372 gsm->encoding = c->encapsulation;
2373 gsm->adaption = c->adaption;
2387 * FIXME: We need to separate activation/deactivation from adding
2388 * and removing from the mux array
2391 ret = gsm_activate_mux(gsm);
2395 gsm_dlci_begin_open(gsm->dlci[0]);
2401 * gsmld_output - write to link
2403 * @data: bytes to output
2406 * Write a block of data from the GSM mux to the data channel. This
2407 * will eventually be serialized from above but at the moment isn't.
2410 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2412 if (tty_write_room(gsm->tty) < len) {
2413 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2417 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2419 gsm->tty->ops->write(gsm->tty, data, len);
2424 * gsmld_attach_gsm - mode set up
2425 * @tty: our tty structure
2428 * Set up the MUX for basic mode and commence connecting to the
2429 * modem. Currently called from the line discipline set up but
2430 * will need moving to an ioctl path.
2433 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2438 gsm->tty = tty_kref_get(tty);
2439 gsm->output = gsmld_output;
2440 ret = gsm_activate_mux(gsm);
2442 tty_kref_put(gsm->tty);
2444 /* Don't register device 0 - this is the control channel and not
2445 a usable tty interface */
2446 base = mux_num_to_base(gsm); /* Base for this MUX */
2447 for (i = 1; i < NUM_DLCI; i++) {
2450 dev = tty_register_device(gsm_tty_driver,
2453 for (i--; i >= 1; i--)
2454 tty_unregister_device(gsm_tty_driver,
2456 return PTR_ERR(dev);
2465 * gsmld_detach_gsm - stop doing 0710 mux
2466 * @tty: tty attached to the mux
2469 * Shutdown and then clean up the resources used by the line discipline
2472 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2474 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2477 WARN_ON(tty != gsm->tty);
2478 for (i = 1; i < NUM_DLCI; i++)
2479 tty_unregister_device(gsm_tty_driver, base + i);
2480 gsm_cleanup_mux(gsm);
2481 tty_kref_put(gsm->tty);
2485 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2486 char *fp, int count)
2488 struct gsm_mux *gsm = tty->disc_data;
2489 const unsigned char *dp;
2492 char flags = TTY_NORMAL;
2495 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2498 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2503 gsm->receive(gsm, *dp);
2509 gsm->error(gsm, *dp, flags);
2512 WARN_ONCE(1, "%s: unknown flag %d\n",
2513 tty_name(tty), flags);
2517 /* FASYNC if needed ? */
2518 /* If clogged call tty_throttle(tty); */
2522 * gsmld_flush_buffer - clean input queue
2523 * @tty: terminal device
2525 * Flush the input buffer. Called when the line discipline is
2526 * being closed, when the tty layer wants the buffer flushed (eg
2530 static void gsmld_flush_buffer(struct tty_struct *tty)
2535 * gsmld_close - close the ldisc for this tty
2538 * Called from the terminal layer when this line discipline is
2539 * being shut down, either because of a close or becsuse of a
2540 * discipline change. The function will not be called while other
2541 * ldisc methods are in progress.
2544 static void gsmld_close(struct tty_struct *tty)
2546 struct gsm_mux *gsm = tty->disc_data;
2548 gsmld_detach_gsm(tty, gsm);
2550 gsmld_flush_buffer(tty);
2551 /* Do other clean up here */
2556 * gsmld_open - open an ldisc
2557 * @tty: terminal to open
2559 * Called when this line discipline is being attached to the
2560 * terminal device. Can sleep. Called serialized so that no
2561 * other events will occur in parallel. No further open will occur
2565 static int gsmld_open(struct tty_struct *tty)
2567 struct gsm_mux *gsm;
2570 if (tty->ops->write == NULL)
2573 /* Attach our ldisc data */
2574 gsm = gsm_alloc_mux();
2578 tty->disc_data = gsm;
2579 tty->receive_room = 65536;
2581 /* Attach the initial passive connection */
2584 ret = gsmld_attach_gsm(tty, gsm);
2586 gsm_cleanup_mux(gsm);
2593 * gsmld_write_wakeup - asynchronous I/O notifier
2596 * Required for the ptys, serial driver etc. since processes
2597 * that attach themselves to the master and rely on ASYNC
2598 * IO must be woken up
2601 static void gsmld_write_wakeup(struct tty_struct *tty)
2603 struct gsm_mux *gsm = tty->disc_data;
2604 unsigned long flags;
2607 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2608 spin_lock_irqsave(&gsm->tx_lock, flags);
2609 gsm_data_kick(gsm, NULL);
2610 if (gsm->tx_bytes < TX_THRESH_LO) {
2611 gsm_dlci_data_sweep(gsm);
2613 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2617 * gsmld_read - read function for tty
2619 * @file: file object
2620 * @buf: userspace buffer pointer
2623 * Perform reads for the line discipline. We are guaranteed that the
2624 * line discipline will not be closed under us but we may get multiple
2625 * parallel readers and must handle this ourselves. We may also get
2626 * a hangup. Always called in user context, may sleep.
2628 * This code must be sure never to sleep through a hangup.
2631 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2632 unsigned char __user *buf, size_t nr)
2638 * gsmld_write - write function for tty
2640 * @file: file object
2641 * @buf: userspace buffer pointer
2644 * Called when the owner of the device wants to send a frame
2645 * itself (or some other control data). The data is transferred
2646 * as-is and must be properly framed and checksummed as appropriate
2647 * by userspace. Frames are either sent whole or not at all as this
2648 * avoids pain user side.
2651 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2652 const unsigned char *buf, size_t nr)
2654 struct gsm_mux *gsm = tty->disc_data;
2655 unsigned long flags;
2663 spin_lock_irqsave(&gsm->tx_lock, flags);
2664 space = tty_write_room(tty);
2666 ret = tty->ops->write(tty, buf, nr);
2668 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2669 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2675 * gsmld_poll - poll method for N_GSM0710
2676 * @tty: terminal device
2677 * @file: file accessing it
2680 * Called when the line discipline is asked to poll() for data or
2681 * for special events. This code is not serialized with respect to
2682 * other events save open/close.
2684 * This code must be sure never to sleep through a hangup.
2685 * Called without the kernel lock held - fine
2688 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2692 struct gsm_mux *gsm = tty->disc_data;
2694 poll_wait(file, &tty->read_wait, wait);
2695 poll_wait(file, &tty->write_wait, wait);
2699 if (tty_hung_up_p(file))
2701 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
2703 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2704 mask |= EPOLLOUT | EPOLLWRNORM;
2708 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2709 unsigned int cmd, unsigned long arg)
2711 struct gsm_config c;
2712 struct gsm_mux *gsm = tty->disc_data;
2716 case GSMIOC_GETCONF:
2717 gsm_copy_config_values(gsm, &c);
2718 if (copy_to_user((void *)arg, &c, sizeof(c)))
2721 case GSMIOC_SETCONF:
2722 if (copy_from_user(&c, (void *)arg, sizeof(c)))
2724 return gsm_config(gsm, &c);
2725 case GSMIOC_GETFIRST:
2726 base = mux_num_to_base(gsm);
2727 return put_user(base + 1, (__u32 __user *)arg);
2729 return n_tty_ioctl_helper(tty, file, cmd, arg);
2738 static int gsm_mux_net_open(struct net_device *net)
2740 pr_debug("%s called\n", __func__);
2741 netif_start_queue(net);
2745 static int gsm_mux_net_close(struct net_device *net)
2747 netif_stop_queue(net);
2751 static void dlci_net_free(struct gsm_dlci *dlci)
2757 dlci->adaption = dlci->prev_adaption;
2758 dlci->data = dlci->prev_data;
2759 free_netdev(dlci->net);
2762 static void net_free(struct kref *ref)
2764 struct gsm_mux_net *mux_net;
2765 struct gsm_dlci *dlci;
2767 mux_net = container_of(ref, struct gsm_mux_net, ref);
2768 dlci = mux_net->dlci;
2771 unregister_netdev(dlci->net);
2772 dlci_net_free(dlci);
2776 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2778 kref_get(&mux_net->ref);
2781 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2783 kref_put(&mux_net->ref, net_free);
2786 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2787 struct net_device *net)
2789 struct gsm_mux_net *mux_net = netdev_priv(net);
2790 struct gsm_dlci *dlci = mux_net->dlci;
2791 muxnet_get(mux_net);
2793 skb_queue_head(&dlci->skb_list, skb);
2794 net->stats.tx_packets++;
2795 net->stats.tx_bytes += skb->len;
2796 gsm_dlci_data_kick(dlci);
2797 /* And tell the kernel when the last transmit started. */
2798 netif_trans_update(net);
2799 muxnet_put(mux_net);
2800 return NETDEV_TX_OK;
2803 /* called when a packet did not ack after watchdogtimeout */
2804 static void gsm_mux_net_tx_timeout(struct net_device *net)
2806 /* Tell syslog we are hosed. */
2807 dev_dbg(&net->dev, "Tx timed out.\n");
2809 /* Update statistics */
2810 net->stats.tx_errors++;
2813 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2814 const unsigned char *in_buf, int size)
2816 struct net_device *net = dlci->net;
2817 struct sk_buff *skb;
2818 struct gsm_mux_net *mux_net = netdev_priv(net);
2819 muxnet_get(mux_net);
2821 /* Allocate an sk_buff */
2822 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2824 /* We got no receive buffer. */
2825 net->stats.rx_dropped++;
2826 muxnet_put(mux_net);
2829 skb_reserve(skb, NET_IP_ALIGN);
2830 skb_put_data(skb, in_buf, size);
2833 skb->protocol = htons(ETH_P_IP);
2835 /* Ship it off to the kernel */
2838 /* update out statistics */
2839 net->stats.rx_packets++;
2840 net->stats.rx_bytes += size;
2841 muxnet_put(mux_net);
2845 static void gsm_mux_net_init(struct net_device *net)
2847 static const struct net_device_ops gsm_netdev_ops = {
2848 .ndo_open = gsm_mux_net_open,
2849 .ndo_stop = gsm_mux_net_close,
2850 .ndo_start_xmit = gsm_mux_net_start_xmit,
2851 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2854 net->netdev_ops = &gsm_netdev_ops;
2856 /* fill in the other fields */
2857 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2858 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2859 net->type = ARPHRD_NONE;
2860 net->tx_queue_len = 10;
2864 /* caller holds the dlci mutex */
2865 static void gsm_destroy_network(struct gsm_dlci *dlci)
2867 struct gsm_mux_net *mux_net;
2869 pr_debug("destroy network interface");
2872 mux_net = netdev_priv(dlci->net);
2873 muxnet_put(mux_net);
2877 /* caller holds the dlci mutex */
2878 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2882 struct net_device *net;
2883 struct gsm_mux_net *mux_net;
2885 if (!capable(CAP_NET_ADMIN))
2888 /* Already in a non tty mode */
2889 if (dlci->adaption > 2)
2892 if (nc->protocol != htons(ETH_P_IP))
2893 return -EPROTONOSUPPORT;
2895 if (nc->adaption != 3 && nc->adaption != 4)
2896 return -EPROTONOSUPPORT;
2898 pr_debug("create network interface");
2901 if (nc->if_name[0] != '\0')
2902 netname = nc->if_name;
2903 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2904 NET_NAME_UNKNOWN, gsm_mux_net_init);
2906 pr_err("alloc_netdev failed");
2909 net->mtu = dlci->gsm->mtu;
2911 net->max_mtu = dlci->gsm->mtu;
2912 mux_net = netdev_priv(net);
2913 mux_net->dlci = dlci;
2914 kref_init(&mux_net->ref);
2915 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2917 /* reconfigure dlci for network */
2918 dlci->prev_adaption = dlci->adaption;
2919 dlci->prev_data = dlci->data;
2920 dlci->adaption = nc->adaption;
2921 dlci->data = gsm_mux_rx_netchar;
2924 pr_debug("register netdev");
2925 retval = register_netdev(net);
2927 pr_err("network register fail %d\n", retval);
2928 dlci_net_free(dlci);
2931 return net->ifindex; /* return network index */
2934 /* Line discipline for real tty */
2935 static struct tty_ldisc_ops tty_ldisc_packet = {
2936 .owner = THIS_MODULE,
2937 .magic = TTY_LDISC_MAGIC,
2940 .close = gsmld_close,
2941 .flush_buffer = gsmld_flush_buffer,
2943 .write = gsmld_write,
2944 .ioctl = gsmld_ioctl,
2946 .receive_buf = gsmld_receive_buf,
2947 .write_wakeup = gsmld_write_wakeup
2956 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2959 struct gsm_control *ctrl;
2962 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
2963 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
2965 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
2968 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
2971 return gsm_control_wait(dlci->gsm, ctrl);
2974 static int gsm_carrier_raised(struct tty_port *port)
2976 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2977 struct gsm_mux *gsm = dlci->gsm;
2979 /* Not yet open so no carrier info */
2980 if (dlci->state != DLCI_OPEN)
2986 * Basic mode with control channel in ADM mode may not respond
2987 * to CMD_MSC at all and modem_rx is empty.
2989 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2993 return dlci->modem_rx & TIOCM_CD;
2996 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2998 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2999 unsigned int modem_tx = dlci->modem_tx;
3001 modem_tx |= TIOCM_DTR | TIOCM_RTS;
3003 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
3004 if (modem_tx != dlci->modem_tx) {
3005 dlci->modem_tx = modem_tx;
3006 gsmtty_modem_update(dlci, 0);
3010 static const struct tty_port_operations gsm_port_ops = {
3011 .carrier_raised = gsm_carrier_raised,
3012 .dtr_rts = gsm_dtr_rts,
3013 .destruct = gsm_dlci_free,
3016 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3018 struct gsm_mux *gsm;
3019 struct gsm_dlci *dlci;
3020 unsigned int line = tty->index;
3021 unsigned int mux = mux_line_to_num(line);
3029 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3030 if (gsm_mux[mux] == NULL)
3032 if (line == 0 || line > 61) /* 62/63 reserved */
3037 /* If DLCI 0 is not yet fully open return an error.
3038 This is ok from a locking
3039 perspective as we don't have to worry about this
3041 mutex_lock(&gsm->mutex);
3042 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3043 mutex_unlock(&gsm->mutex);
3046 dlci = gsm->dlci[line];
3049 dlci = gsm_dlci_alloc(gsm, line);
3052 mutex_unlock(&gsm->mutex);
3055 ret = tty_port_install(&dlci->port, driver, tty);
3059 mutex_unlock(&gsm->mutex);
3064 dlci_get(gsm->dlci[0]);
3066 tty->driver_data = dlci;
3067 mutex_unlock(&gsm->mutex);
3072 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3074 struct gsm_dlci *dlci = tty->driver_data;
3075 struct tty_port *port = &dlci->port;
3078 tty_port_tty_set(port, tty);
3081 /* We could in theory open and close before we wait - eg if we get
3082 a DM straight back. This is ok as that will have caused a hangup */
3083 tty_port_set_initialized(port, 1);
3084 /* Start sending off SABM messages */
3085 gsm_dlci_begin_open(dlci);
3086 /* And wait for virtual carrier */
3087 return tty_port_block_til_ready(port, tty, filp);
3090 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3092 struct gsm_dlci *dlci = tty->driver_data;
3096 if (dlci->state == DLCI_CLOSED)
3098 mutex_lock(&dlci->mutex);
3099 gsm_destroy_network(dlci);
3100 mutex_unlock(&dlci->mutex);
3101 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3103 gsm_dlci_begin_close(dlci);
3104 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3105 tty_port_lower_dtr_rts(&dlci->port);
3106 tty_port_close_end(&dlci->port, tty);
3107 tty_port_tty_set(&dlci->port, NULL);
3111 static void gsmtty_hangup(struct tty_struct *tty)
3113 struct gsm_dlci *dlci = tty->driver_data;
3114 if (dlci->state == DLCI_CLOSED)
3116 tty_port_hangup(&dlci->port);
3117 gsm_dlci_begin_close(dlci);
3120 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3124 struct gsm_dlci *dlci = tty->driver_data;
3125 if (dlci->state == DLCI_CLOSED)
3127 /* Stuff the bytes into the fifo queue */
3128 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
3129 /* Need to kick the channel */
3130 gsm_dlci_data_kick(dlci);
3134 static int gsmtty_write_room(struct tty_struct *tty)
3136 struct gsm_dlci *dlci = tty->driver_data;
3137 if (dlci->state == DLCI_CLOSED)
3139 return TX_SIZE - kfifo_len(dlci->fifo);
3142 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
3144 struct gsm_dlci *dlci = tty->driver_data;
3145 if (dlci->state == DLCI_CLOSED)
3147 return kfifo_len(dlci->fifo);
3150 static void gsmtty_flush_buffer(struct tty_struct *tty)
3152 struct gsm_dlci *dlci = tty->driver_data;
3153 if (dlci->state == DLCI_CLOSED)
3155 /* Caution needed: If we implement reliable transport classes
3156 then the data being transmitted can't simply be junked once
3157 it has first hit the stack. Until then we can just blow it
3159 kfifo_reset(dlci->fifo);
3160 /* Need to unhook this DLCI from the transmit queue logic */
3163 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3165 /* The FIFO handles the queue so the kernel will do the right
3166 thing waiting on chars_in_buffer before calling us. No work
3170 static int gsmtty_tiocmget(struct tty_struct *tty)
3172 struct gsm_dlci *dlci = tty->driver_data;
3173 if (dlci->state == DLCI_CLOSED)
3175 return dlci->modem_rx;
3178 static int gsmtty_tiocmset(struct tty_struct *tty,
3179 unsigned int set, unsigned int clear)
3181 struct gsm_dlci *dlci = tty->driver_data;
3182 unsigned int modem_tx = dlci->modem_tx;
3184 if (dlci->state == DLCI_CLOSED)
3189 if (modem_tx != dlci->modem_tx) {
3190 dlci->modem_tx = modem_tx;
3191 return gsmtty_modem_update(dlci, 0);
3197 static int gsmtty_ioctl(struct tty_struct *tty,
3198 unsigned int cmd, unsigned long arg)
3200 struct gsm_dlci *dlci = tty->driver_data;
3201 struct gsm_netconfig nc;
3204 if (dlci->state == DLCI_CLOSED)
3207 case GSMIOC_ENABLE_NET:
3208 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3210 nc.if_name[IFNAMSIZ-1] = '\0';
3211 /* return net interface index or error code */
3212 mutex_lock(&dlci->mutex);
3213 index = gsm_create_network(dlci, &nc);
3214 mutex_unlock(&dlci->mutex);
3215 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3218 case GSMIOC_DISABLE_NET:
3219 if (!capable(CAP_NET_ADMIN))
3221 mutex_lock(&dlci->mutex);
3222 gsm_destroy_network(dlci);
3223 mutex_unlock(&dlci->mutex);
3226 return -ENOIOCTLCMD;
3230 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3232 struct gsm_dlci *dlci = tty->driver_data;
3233 if (dlci->state == DLCI_CLOSED)
3235 /* For the moment its fixed. In actual fact the speed information
3236 for the virtual channel can be propogated in both directions by
3237 the RPN control message. This however rapidly gets nasty as we
3238 then have to remap modem signals each way according to whether
3239 our virtual cable is null modem etc .. */
3240 tty_termios_copy_hw(&tty->termios, old);
3243 static void gsmtty_throttle(struct tty_struct *tty)
3245 struct gsm_dlci *dlci = tty->driver_data;
3246 if (dlci->state == DLCI_CLOSED)
3249 dlci->modem_tx &= ~TIOCM_DTR;
3250 dlci->throttled = 1;
3251 /* Send an MSC with DTR cleared */
3252 gsmtty_modem_update(dlci, 0);
3255 static void gsmtty_unthrottle(struct tty_struct *tty)
3257 struct gsm_dlci *dlci = tty->driver_data;
3258 if (dlci->state == DLCI_CLOSED)
3261 dlci->modem_tx |= TIOCM_DTR;
3262 dlci->throttled = 0;
3263 /* Send an MSC with DTR set */
3264 gsmtty_modem_update(dlci, 0);
3267 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3269 struct gsm_dlci *dlci = tty->driver_data;
3270 int encode = 0; /* Off */
3271 if (dlci->state == DLCI_CLOSED)
3274 if (state == -1) /* "On indefinitely" - we can't encode this
3277 else if (state > 0) {
3278 encode = state / 200; /* mS to encoding */
3280 encode = 0x0F; /* Best effort */
3282 return gsmtty_modem_update(dlci, encode);
3285 static void gsmtty_cleanup(struct tty_struct *tty)
3287 struct gsm_dlci *dlci = tty->driver_data;
3288 struct gsm_mux *gsm = dlci->gsm;
3291 dlci_put(gsm->dlci[0]);
3295 /* Virtual ttys for the demux */
3296 static const struct tty_operations gsmtty_ops = {
3297 .install = gsmtty_install,
3298 .open = gsmtty_open,
3299 .close = gsmtty_close,
3300 .write = gsmtty_write,
3301 .write_room = gsmtty_write_room,
3302 .chars_in_buffer = gsmtty_chars_in_buffer,
3303 .flush_buffer = gsmtty_flush_buffer,
3304 .ioctl = gsmtty_ioctl,
3305 .throttle = gsmtty_throttle,
3306 .unthrottle = gsmtty_unthrottle,
3307 .set_termios = gsmtty_set_termios,
3308 .hangup = gsmtty_hangup,
3309 .wait_until_sent = gsmtty_wait_until_sent,
3310 .tiocmget = gsmtty_tiocmget,
3311 .tiocmset = gsmtty_tiocmset,
3312 .break_ctl = gsmtty_break_ctl,
3313 .cleanup = gsmtty_cleanup,
3318 static int __init gsm_init(void)
3320 /* Fill in our line protocol discipline, and register it */
3321 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3323 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3328 gsm_tty_driver = alloc_tty_driver(256);
3329 if (!gsm_tty_driver) {
3330 tty_unregister_ldisc(N_GSM0710);
3331 pr_err("gsm_init: tty allocation failed.\n");
3334 gsm_tty_driver->driver_name = "gsmtty";
3335 gsm_tty_driver->name = "gsmtty";
3336 gsm_tty_driver->major = 0; /* Dynamic */
3337 gsm_tty_driver->minor_start = 0;
3338 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3339 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3340 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3341 | TTY_DRIVER_HARDWARE_BREAK;
3342 gsm_tty_driver->init_termios = tty_std_termios;
3344 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3345 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3347 spin_lock_init(&gsm_mux_lock);
3349 if (tty_register_driver(gsm_tty_driver)) {
3350 put_tty_driver(gsm_tty_driver);
3351 tty_unregister_ldisc(N_GSM0710);
3352 pr_err("gsm_init: tty registration failed.\n");
3355 pr_debug("gsm_init: loaded as %d,%d.\n",
3356 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3360 static void __exit gsm_exit(void)
3362 int status = tty_unregister_ldisc(N_GSM0710);
3364 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3366 tty_unregister_driver(gsm_tty_driver);
3367 put_tty_driver(gsm_tty_driver);
3370 module_init(gsm_init);
3371 module_exit(gsm_exit);
3374 MODULE_LICENSE("GPL");
3375 MODULE_ALIAS_LDISC(N_GSM0710);
projects / releases.git / blob