1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
56 module_param(debug, int, 0600);
58 /* Defaults: these are from the specification */
60 #define T1 10 /* 100mS */
61 #define T2 34 /* 333mS */
62 #define N2 3 /* Retry 3 times */
64 /* Use long timers for testing at low speed with debug on */
71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
72 * limits so this is plenty
76 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
77 #define PROT_OVERHEAD 7
78 #define GSM_NET_TX_TIMEOUT (HZ*10)
81 * struct gsm_mux_net - network interface
83 * Created when net interface is initialized.
87 struct gsm_dlci *dlci;
91 * Each block of data we have queued to go out is in the form of
92 * a gsm_msg which holds everything we need in a link layer independent
97 struct list_head list;
98 u8 addr; /* DLCI address + flags */
99 u8 ctrl; /* Control byte + flags */
100 unsigned int len; /* Length of data block (can be zero) */
101 unsigned char *data; /* Points into buffer but not at the start */
102 unsigned char buffer[];
105 enum gsm_dlci_state {
107 DLCI_OPENING, /* Sending SABM not seen UA */
108 DLCI_OPEN, /* SABM/UA complete */
109 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
113 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
114 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
118 * Each active data link has a gsm_dlci structure associated which ties
119 * the link layer to an optional tty (if the tty side is open). To avoid
120 * complexity right now these are only ever freed up when the mux is
123 * At the moment we don't free DLCI objects until the mux is torn down
124 * this avoid object life time issues but might be worth review later.
130 enum gsm_dlci_state state;
134 enum gsm_dlci_mode mode;
135 spinlock_t lock; /* Protects the internal state */
136 struct timer_list t1; /* Retransmit timer for SABM and UA */
138 /* Uplink tty if active */
139 struct tty_port port; /* The tty bound to this DLCI if there is one */
140 struct kfifo fifo; /* Queue fifo for the DLCI */
141 int adaption; /* Adaption layer in use */
143 u32 modem_rx; /* Our incoming virtual modem lines */
144 u32 modem_tx; /* Our outgoing modem lines */
145 bool dead; /* Refuse re-open */
147 bool throttled; /* Private copy of throttle state */
148 bool constipated; /* Throttle status for outgoing */
150 struct sk_buff *skb; /* Frame being sent */
151 struct sk_buff_head skb_list; /* Queued frames */
152 /* Data handling callback */
153 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
154 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
155 struct net_device *net; /* network interface, if created */
158 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
163 * DLCI 0 is used to pass control blocks out of band of the data
164 * flow (and with a higher link priority). One command can be outstanding
165 * at a time and we use this structure to manage them. They are created
166 * and destroyed by the user context, and updated by the receive paths
171 u8 cmd; /* Command we are issuing */
172 u8 *data; /* Data for the command in case we retransmit */
173 int len; /* Length of block for retransmission */
174 int done; /* Done flag */
175 int error; /* Error if any */
193 * Each GSM mux we have is represented by this structure. If we are
194 * operating as an ldisc then we use this structure as our ldisc
195 * state. We need to sort out lifetimes and locking with respect
196 * to the gsm mux array. For now we don't free DLCI objects that
197 * have been instantiated until the mux itself is terminated.
199 * To consider further: tty open versus mux shutdown.
203 struct tty_struct *tty; /* The tty our ldisc is bound to */
209 /* Events on the GSM channel */
210 wait_queue_head_t event;
212 /* Bits for GSM mode decoding */
216 enum gsm_mux_state state;
218 unsigned int address;
225 u8 *txframe; /* TX framing buffer */
227 /* Method for the receiver side */
228 void (*receive)(struct gsm_mux *gsm, u8 ch);
233 int initiator; /* Did we initiate connection */
234 bool dead; /* Has the mux been shut down */
235 struct gsm_dlci *dlci[NUM_DLCI];
236 int old_c_iflag; /* termios c_iflag value before attach */
237 bool constipated; /* Asked by remote to shut up */
238 bool has_devices; /* Devices were registered */
241 unsigned int tx_bytes; /* TX data outstanding */
242 #define TX_THRESH_HI 8192
243 #define TX_THRESH_LO 2048
244 struct list_head tx_list; /* Pending data packets */
246 /* Control messages */
247 struct timer_list t2_timer; /* Retransmit timer for commands */
248 int cretries; /* Command retry counter */
249 struct gsm_control *pending_cmd;/* Our current pending command */
250 spinlock_t control_lock; /* Protects the pending command */
253 int adaption; /* 1 or 2 supported */
254 u8 ftype; /* UI or UIH */
255 int t1, t2; /* Timers in 1/100th of a sec */
256 int n2; /* Retry count */
258 /* Statistics (not currently exposed) */
259 unsigned long bad_fcs;
260 unsigned long malformed;
261 unsigned long io_error;
262 unsigned long bad_size;
263 unsigned long unsupported;
268 * Mux objects - needed so that we can translate a tty index into the
269 * relevant mux and DLCI.
272 #define MAX_MUX 4 /* 256 minors */
273 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
274 static spinlock_t gsm_mux_lock;
276 static struct tty_driver *gsm_tty_driver;
279 * This section of the driver logic implements the GSM encodings
280 * both the basic and the 'advanced'. Reliable transport is not
288 /* I is special: the rest are ..*/
299 /* Channel commands */
301 #define CMD_TEST 0x11
304 #define CMD_FCOFF 0x31
307 #define CMD_FCON 0x51
312 /* Virtual modem bits */
319 #define GSM0_SOF 0xF9
320 #define GSM1_SOF 0x7E
321 #define GSM1_ESCAPE 0x7D
322 #define GSM1_ESCAPE_BITS 0x20
325 #define ISO_IEC_646_MASK 0x7F
327 static const struct tty_port_operations gsm_port_ops;
330 * CRC table for GSM 0710
333 static const u8 gsm_fcs8[256] = {
334 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
335 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
336 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
337 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
338 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
339 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
340 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
341 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
342 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
343 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
344 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
345 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
346 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
347 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
348 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
349 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
350 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
351 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
352 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
353 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
354 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
355 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
356 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
357 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
358 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
359 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
360 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
361 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
362 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
363 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
364 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
365 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
368 #define INIT_FCS 0xFF
369 #define GOOD_FCS 0xCF
371 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
374 * gsm_fcs_add - update FCS
378 * Update the FCS to include c. Uses the algorithm in the specification
382 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
384 return gsm_fcs8[fcs ^ c];
388 * gsm_fcs_add_block - update FCS for a block
391 * @len: length of buffer
393 * Update the FCS to include c. Uses the algorithm in the specification
397 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
400 fcs = gsm_fcs8[fcs ^ *c++];
405 * gsm_read_ea - read a byte into an EA
406 * @val: variable holding value
407 * @c: byte going into the EA
409 * Processes one byte of an EA. Updates the passed variable
410 * and returns 1 if the EA is now completely read
413 static int gsm_read_ea(unsigned int *val, u8 c)
415 /* Add the next 7 bits into the value */
418 /* Was this the last byte of the EA 1 = yes*/
423 * gsm_read_ea_val - read a value until EA
424 * @val: variable holding value
425 * @data: buffer of data
426 * @dlen: length of data
428 * Processes an EA value. Updates the passed variable and
429 * returns the processed data length.
431 static unsigned int gsm_read_ea_val(unsigned int *val, const u8 *data, int dlen)
433 unsigned int len = 0;
435 for (; dlen > 0; dlen--) {
437 if (gsm_read_ea(val, *data++))
444 * gsm_encode_modem - encode modem data bits
445 * @dlci: DLCI to encode from
447 * Returns the correct GSM encoded modem status bits (6 bit field) for
448 * the current status of the DLCI and attached tty object
451 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
454 /* FC is true flow control not modem bits */
457 if (dlci->modem_tx & TIOCM_DTR)
458 modembits |= MDM_RTC;
459 if (dlci->modem_tx & TIOCM_RTS)
460 modembits |= MDM_RTR;
461 if (dlci->modem_tx & TIOCM_RI)
463 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
469 * gsm_register_devices - register all tty devices for a given mux index
471 * @driver: the tty driver that describes the tty devices
472 * @index: the mux number is used to calculate the minor numbers of the
473 * ttys for this mux and may differ from the position in the
476 static int gsm_register_devices(struct tty_driver *driver, unsigned int index)
482 if (!driver || index >= MAX_MUX)
485 base = index * NUM_DLCI; /* first minor for this index */
486 for (i = 1; i < NUM_DLCI; i++) {
487 /* Don't register device 0 - this is the control channel
488 * and not a usable tty interface
490 dev = tty_register_device(gsm_tty_driver, base + i, NULL);
493 pr_info("%s failed to register device minor %u",
495 for (i--; i >= 1; i--)
496 tty_unregister_device(gsm_tty_driver, base + i);
505 * gsm_unregister_devices - unregister all tty devices for a given mux index
507 * @driver: the tty driver that describes the tty devices
508 * @index: the mux number is used to calculate the minor numbers of the
509 * ttys for this mux and may differ from the position in the
512 static void gsm_unregister_devices(struct tty_driver *driver,
518 if (!driver || index >= MAX_MUX)
521 base = index * NUM_DLCI; /* first minor for this index */
522 for (i = 1; i < NUM_DLCI; i++) {
523 /* Don't unregister device 0 - this is the control
524 * channel and not a usable tty interface
526 tty_unregister_device(gsm_tty_driver, base + i);
531 * gsm_print_packet - display a frame for debug
532 * @hdr: header to print before decode
533 * @addr: address EA from the frame
534 * @cr: C/R bit from the frame
535 * @control: control including PF bit
536 * @data: following data bytes
537 * @dlen: length of data
539 * Displays a packet in human readable format for debugging purposes. The
540 * style is based on amateur radio LAP-B dump display.
543 static void gsm_print_packet(const char *hdr, int addr, int cr,
544 u8 control, const u8 *data, int dlen)
549 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
551 switch (control & ~PF) {
571 if (!(control & 0x01)) {
572 pr_cont("I N(S)%d N(R)%d",
573 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
574 } else switch (control & 0x0F) {
576 pr_cont("RR(%d)", (control & 0xE0) >> 5);
579 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
582 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
585 pr_cont("[%02X]", control);
594 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen);
599 * Link level transmission side
603 * gsm_stuff_packet - bytestuff a packet
604 * @input: input buffer
605 * @output: output buffer
606 * @len: length of input
608 * Expand a buffer by bytestuffing it. The worst case size change
609 * is doubling and the caller is responsible for handing out
610 * suitable sized buffers.
613 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
617 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
618 || (*input & ISO_IEC_646_MASK) == XON
619 || (*input & ISO_IEC_646_MASK) == XOFF) {
620 *output++ = GSM1_ESCAPE;
621 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
624 *output++ = *input++;
631 * gsm_send - send a control frame
633 * @addr: address for control frame
634 * @cr: command/response bit
635 * @control: control byte including PF bit
637 * Format up and transmit a control frame. These do not go via the
638 * queueing logic as they should be transmitted ahead of data when
641 * FIXME: Lock versus data TX path
644 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
650 switch (gsm->encoding) {
653 cbuf[1] = (addr << 2) | (cr << 1) | EA;
655 cbuf[3] = EA; /* Length of data = 0 */
656 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
662 /* Control frame + packing (but not frame stuffing) in mode 1 */
663 ibuf[0] = (addr << 2) | (cr << 1) | EA;
665 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
666 /* Stuffing may double the size worst case */
667 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
668 /* Now add the SOF markers */
670 cbuf[len + 1] = GSM1_SOF;
671 /* FIXME: we can omit the lead one in many cases */
678 gsmld_output(gsm, cbuf, len);
679 gsm_print_packet("-->", addr, cr, control, NULL, 0);
683 * gsm_response - send a control response
685 * @addr: address for control frame
686 * @control: control byte including PF bit
688 * Format up and transmit a link level response frame.
691 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
693 gsm_send(gsm, addr, 0, control);
697 * gsm_command - send a control command
699 * @addr: address for control frame
700 * @control: control byte including PF bit
702 * Format up and transmit a link level command frame.
705 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
707 gsm_send(gsm, addr, 1, control);
710 /* Data transmission */
712 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
715 * gsm_data_alloc - allocate data frame
717 * @addr: DLCI address
718 * @len: length excluding header and FCS
719 * @ctrl: control byte
721 * Allocate a new data buffer for sending frames with data. Space is left
722 * at the front for header bytes but that is treated as an implementation
723 * detail and not for the high level code to use
726 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
729 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
733 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
737 INIT_LIST_HEAD(&m->list);
742 * gsm_is_flow_ctrl_msg - checks if flow control message
743 * @msg: message to check
745 * Returns true if the given message is a flow control command of the
746 * control channel. False is returned in any other case.
748 static bool gsm_is_flow_ctrl_msg(struct gsm_msg *msg)
755 switch (msg->ctrl & ~PF) {
759 if (gsm_read_ea_val(&cmd, msg->data + 2, msg->len - 2) < 1)
773 * gsm_data_kick - poke the queue
776 * The tty device has called us to indicate that room has appeared in
777 * the transmit queue. Ram more data into the pipe if we have any
778 * If we have been flow-stopped by a CMD_FCOFF, then we can only
779 * send messages on DLCI0 until CMD_FCON
781 * FIXME: lock against link layer control transmissions
784 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
786 struct gsm_msg *msg, *nmsg;
789 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
790 if (gsm->constipated && !gsm_is_flow_ctrl_msg(msg))
792 if (gsm->encoding != 0) {
793 gsm->txframe[0] = GSM1_SOF;
794 len = gsm_stuff_frame(msg->data,
795 gsm->txframe + 1, msg->len);
796 gsm->txframe[len + 1] = GSM1_SOF;
799 gsm->txframe[0] = GSM0_SOF;
800 memcpy(gsm->txframe + 1 , msg->data, msg->len);
801 gsm->txframe[msg->len + 1] = GSM0_SOF;
806 print_hex_dump_bytes("gsm_data_kick: ",
809 if (gsmld_output(gsm, gsm->txframe, len) < 0)
811 /* FIXME: Can eliminate one SOF in many more cases */
812 gsm->tx_bytes -= msg->len;
814 list_del(&msg->list);
818 tty_port_tty_wakeup(&dlci->port);
822 for (i = 0; i < NUM_DLCI; i++)
824 tty_port_tty_wakeup(&gsm->dlci[i]->port);
830 * __gsm_data_queue - queue a UI or UIH frame
831 * @dlci: DLCI sending the data
832 * @msg: message queued
834 * Add data to the transmit queue and try and get stuff moving
835 * out of the mux tty if not already doing so. The Caller must hold
839 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
841 struct gsm_mux *gsm = dlci->gsm;
843 u8 *fcs = dp + msg->len;
845 /* Fill in the header */
846 if (gsm->encoding == 0) {
848 *--dp = (msg->len << 1) | EA;
850 *--dp = (msg->len >> 7); /* bits 7 - 15 */
851 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
857 *--dp = (msg->addr << 2) | 2 | EA;
859 *--dp = (msg->addr << 2) | EA;
860 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
861 /* Ugly protocol layering violation */
862 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
863 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
866 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
867 msg->data, msg->len);
869 /* Move the header back and adjust the length, also allow for the FCS
870 now tacked on the end */
871 msg->len += (msg->data - dp) + 1;
874 /* Add to the actual output queue */
875 list_add_tail(&msg->list, &gsm->tx_list);
876 gsm->tx_bytes += msg->len;
877 gsm_data_kick(gsm, dlci);
881 * gsm_data_queue - queue a UI or UIH frame
882 * @dlci: DLCI sending the data
883 * @msg: message queued
885 * Add data to the transmit queue and try and get stuff moving
886 * out of the mux tty if not already doing so. Take the
887 * the gsm tx lock and dlci lock.
890 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
893 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
894 __gsm_data_queue(dlci, msg);
895 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
899 * gsm_dlci_data_output - try and push data out of a DLCI
901 * @dlci: the DLCI to pull data from
903 * Pull data from a DLCI and send it into the transmit queue if there
904 * is data. Keep to the MRU of the mux. This path handles the usual tty
905 * interface which is a byte stream with optional modem data.
907 * Caller must hold the tx_lock of the mux.
910 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
916 /* for modem bits without break data */
917 h = ((dlci->adaption == 1) ? 0 : 1);
919 len = kfifo_len(&dlci->fifo);
923 /* MTU/MRU count only the data bits but watch adaption mode */
924 if ((len + h) > gsm->mtu)
929 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
930 /* FIXME: need a timer or something to kick this so it can't
931 * get stuck with no work outstanding and no buffer free
936 switch (dlci->adaption) {
937 case 1: /* Unstructured */
939 case 2: /* Unstructured with modem bits.
940 * Always one byte as we never send inline break data
942 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
945 pr_err("%s: unsupported adaption %d\n", __func__,
950 WARN_ON(len != kfifo_out_locked(&dlci->fifo, dp, len,
953 /* Notify upper layer about available send space. */
954 tty_port_tty_wakeup(&dlci->port);
956 __gsm_data_queue(dlci, msg);
957 /* Bytes of data we used up */
962 * gsm_dlci_data_output_framed - try and push data out of a DLCI
964 * @dlci: the DLCI to pull data from
966 * Pull data from a DLCI and send it into the transmit queue if there
967 * is data. Keep to the MRU of the mux. This path handles framed data
968 * queued as skbuffs to the DLCI.
970 * Caller must hold the tx_lock of the mux.
973 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
974 struct gsm_dlci *dlci)
979 int last = 0, first = 0;
982 /* One byte per frame is used for B/F flags */
983 if (dlci->adaption == 4)
986 /* dlci->skb is locked by tx_lock */
987 if (dlci->skb == NULL) {
988 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
989 if (dlci->skb == NULL)
993 len = dlci->skb->len + overhead;
995 /* MTU/MRU count only the data bits */
996 if (len > gsm->mtu) {
997 if (dlci->adaption == 3) {
998 /* Over long frame, bin it */
999 dev_kfree_skb_any(dlci->skb);
1007 size = len + overhead;
1008 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
1010 /* FIXME: need a timer or something to kick this so it can't
1011 get stuck with no work outstanding and no buffer free */
1013 skb_queue_tail(&dlci->skb_list, dlci->skb);
1019 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
1020 /* Flag byte to carry the start/end info */
1021 *dp++ = last << 7 | first << 6 | 1; /* EA */
1024 memcpy(dp, dlci->skb->data, len);
1025 skb_pull(dlci->skb, len);
1026 __gsm_data_queue(dlci, msg);
1028 dev_kfree_skb_any(dlci->skb);
1035 * gsm_dlci_data_sweep - look for data to send
1038 * Sweep the GSM mux channels in priority order looking for ones with
1039 * data to send. We could do with optimising this scan a bit. We aim
1040 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
1041 * TX_THRESH_LO we get called again
1043 * FIXME: We should round robin between groups and in theory you can
1044 * renegotiate DLCI priorities with optional stuff. Needs optimising.
1047 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
1050 /* Priority ordering: We should do priority with RR of the groups */
1053 while (i < NUM_DLCI) {
1054 struct gsm_dlci *dlci;
1056 if (gsm->tx_bytes > TX_THRESH_HI)
1058 dlci = gsm->dlci[i];
1059 if (dlci == NULL || dlci->constipated) {
1063 if (dlci->adaption < 3 && !dlci->net)
1064 len = gsm_dlci_data_output(gsm, dlci);
1066 len = gsm_dlci_data_output_framed(gsm, dlci);
1069 /* DLCI empty - try the next */
1076 * gsm_dlci_data_kick - transmit if possible
1077 * @dlci: DLCI to kick
1079 * Transmit data from this DLCI if the queue is empty. We can't rely on
1080 * a tty wakeup except when we filled the pipe so we need to fire off
1081 * new data ourselves in other cases.
1084 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
1086 unsigned long flags;
1089 if (dlci->constipated)
1092 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1093 /* If we have nothing running then we need to fire up */
1094 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
1095 if (dlci->gsm->tx_bytes == 0) {
1097 gsm_dlci_data_output_framed(dlci->gsm, dlci);
1099 gsm_dlci_data_output(dlci->gsm, dlci);
1102 gsm_dlci_data_sweep(dlci->gsm);
1103 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1107 * Control message processing
1112 * gsm_control_reply - send a response frame to a control
1114 * @cmd: the command to use
1115 * @data: data to follow encoded info
1116 * @dlen: length of data
1118 * Encode up and queue a UI/UIH frame containing our response.
1121 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1124 struct gsm_msg *msg;
1125 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1128 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1129 msg->data[1] = (dlen << 1) | EA;
1130 memcpy(msg->data + 2, data, dlen);
1131 gsm_data_queue(gsm->dlci[0], msg);
1135 * gsm_process_modem - process received modem status
1136 * @tty: virtual tty bound to the DLCI
1137 * @dlci: DLCI to affect
1138 * @modem: modem bits (full EA)
1140 * Used when a modem control message or line state inline in adaption
1141 * layer 2 is processed. Sort out the local modem state and throttles
1144 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1145 u32 modem, int clen)
1151 /* The modem status command can either contain one octet (v.24 signals)
1152 or two octets (v.24 signals + break signals). The length field will
1153 either be 2 or 3 respectively. This is specified in section
1154 5.4.6.3.7 of the 27.010 mux spec. */
1157 modem = modem & 0x7f;
1160 modem = (modem >> 7) & 0x7f;
1163 /* Flow control/ready to communicate */
1164 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1165 if (fc && !dlci->constipated) {
1166 /* Need to throttle our output on this device */
1167 dlci->constipated = true;
1168 } else if (!fc && dlci->constipated) {
1169 dlci->constipated = false;
1170 gsm_dlci_data_kick(dlci);
1173 /* Map modem bits */
1174 if (modem & MDM_RTC)
1175 mlines |= TIOCM_DSR | TIOCM_DTR;
1176 if (modem & MDM_RTR)
1177 mlines |= TIOCM_RTS | TIOCM_CTS;
1183 /* Carrier drop -> hangup */
1185 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1190 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1191 dlci->modem_rx = mlines;
1195 * gsm_control_modem - modem status received
1197 * @data: data following command
1198 * @clen: command length
1200 * We have received a modem status control message. This is used by
1201 * the GSM mux protocol to pass virtual modem line status and optionally
1202 * to indicate break signals. Unpack it, convert to Linux representation
1203 * and if need be stuff a break message down the tty.
1206 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1208 unsigned int addr = 0;
1209 unsigned int modem = 0;
1210 unsigned int brk = 0;
1211 struct gsm_dlci *dlci;
1213 const u8 *dp = data;
1214 struct tty_struct *tty;
1216 while (gsm_read_ea(&addr, *dp++) == 0) {
1221 /* Must be at least one byte following the EA */
1227 /* Closed port, or invalid ? */
1228 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1230 dlci = gsm->dlci[addr];
1232 while (gsm_read_ea(&modem, *dp++) == 0) {
1239 while (gsm_read_ea(&brk, *dp++) == 0) {
1245 modem |= (brk & 0x7f);
1247 tty = tty_port_tty_get(&dlci->port);
1248 gsm_process_modem(tty, dlci, modem, clen);
1253 gsm_control_reply(gsm, CMD_MSC, data, clen);
1257 * gsm_control_rls - remote line status
1260 * @clen: data length
1262 * The modem sends us a two byte message on the control channel whenever
1263 * it wishes to send us an error state from the virtual link. Stuff
1264 * this into the uplink tty if present
1267 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1269 struct tty_port *port;
1270 unsigned int addr = 0;
1273 const u8 *dp = data;
1275 while (gsm_read_ea(&addr, *dp++) == 0) {
1280 /* Must be at least one byte following ea */
1285 /* Closed port, or invalid ? */
1286 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1290 if ((bits & 1) == 0)
1293 port = &gsm->dlci[addr]->port;
1296 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1298 tty_insert_flip_char(port, 0, TTY_PARITY);
1300 tty_insert_flip_char(port, 0, TTY_FRAME);
1302 tty_flip_buffer_push(port);
1304 gsm_control_reply(gsm, CMD_RLS, data, clen);
1307 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1310 * gsm_control_message - DLCI 0 control processing
1312 * @command: the command EA
1313 * @data: data beyond the command/length EAs
1316 * Input processor for control messages from the other end of the link.
1317 * Processes the incoming request and queues a response frame or an
1318 * NSC response if not supported
1321 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1322 const u8 *data, int clen)
1325 unsigned long flags;
1329 struct gsm_dlci *dlci = gsm->dlci[0];
1330 /* Modem wishes to close down */
1334 gsm_dlci_begin_close(dlci);
1339 /* Modem wishes to test, reply with the data */
1340 gsm_control_reply(gsm, CMD_TEST, data, clen);
1343 /* Modem can accept data again */
1344 gsm->constipated = false;
1345 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1346 /* Kick the link in case it is idling */
1347 spin_lock_irqsave(&gsm->tx_lock, flags);
1348 gsm_data_kick(gsm, NULL);
1349 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1352 /* Modem wants us to STFU */
1353 gsm->constipated = true;
1354 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1357 /* Out of band modem line change indicator for a DLCI */
1358 gsm_control_modem(gsm, data, clen);
1361 /* Out of band error reception for a DLCI */
1362 gsm_control_rls(gsm, data, clen);
1365 /* Modem wishes to enter power saving state */
1366 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1368 /* Optional unsupported commands */
1369 case CMD_PN: /* Parameter negotiation */
1370 case CMD_RPN: /* Remote port negotiation */
1371 case CMD_SNC: /* Service negotiation command */
1373 /* Reply to bad commands with an NSC */
1375 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1381 * gsm_control_response - process a response to our control
1383 * @command: the command (response) EA
1384 * @data: data beyond the command/length EA
1387 * Process a response to an outstanding command. We only allow a single
1388 * control message in flight so this is fairly easy. All the clean up
1389 * is done by the caller, we just update the fields, flag it as done
1393 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1394 const u8 *data, int clen)
1396 struct gsm_control *ctrl;
1397 unsigned long flags;
1399 spin_lock_irqsave(&gsm->control_lock, flags);
1401 ctrl = gsm->pending_cmd;
1402 /* Does the reply match our command */
1404 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1405 /* Our command was replied to, kill the retry timer */
1406 del_timer(&gsm->t2_timer);
1407 gsm->pending_cmd = NULL;
1408 /* Rejected by the other end */
1409 if (command == CMD_NSC)
1410 ctrl->error = -EOPNOTSUPP;
1412 wake_up(&gsm->event);
1414 spin_unlock_irqrestore(&gsm->control_lock, flags);
1418 * gsm_control_transmit - send control packet
1420 * @ctrl: frame to send
1422 * Send out a pending control command (called under control lock)
1425 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1427 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype);
1430 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */
1431 msg->data[1] = (ctrl->len << 1) | EA;
1432 memcpy(msg->data + 2, ctrl->data, ctrl->len);
1433 gsm_data_queue(gsm->dlci[0], msg);
1437 * gsm_control_retransmit - retransmit a control frame
1438 * @t: timer contained in our gsm object
1440 * Called off the T2 timer expiry in order to retransmit control frames
1441 * that have been lost in the system somewhere. The control_lock protects
1442 * us from colliding with another sender or a receive completion event.
1443 * In that situation the timer may still occur in a small window but
1444 * gsm->pending_cmd will be NULL and we just let the timer expire.
1447 static void gsm_control_retransmit(struct timer_list *t)
1449 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1450 struct gsm_control *ctrl;
1451 unsigned long flags;
1452 spin_lock_irqsave(&gsm->control_lock, flags);
1453 ctrl = gsm->pending_cmd;
1455 if (gsm->cretries == 0 || !gsm->dlci[0] || gsm->dlci[0]->dead) {
1456 gsm->pending_cmd = NULL;
1457 ctrl->error = -ETIMEDOUT;
1459 spin_unlock_irqrestore(&gsm->control_lock, flags);
1460 wake_up(&gsm->event);
1464 gsm_control_transmit(gsm, ctrl);
1465 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1467 spin_unlock_irqrestore(&gsm->control_lock, flags);
1471 * gsm_control_send - send a control frame on DLCI 0
1472 * @gsm: the GSM channel
1473 * @command: command to send including CR bit
1474 * @data: bytes of data (must be kmalloced)
1475 * @clen: length of the block to send
1477 * Queue and dispatch a control command. Only one command can be
1478 * active at a time. In theory more can be outstanding but the matching
1479 * gets really complicated so for now stick to one outstanding.
1482 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1483 unsigned int command, u8 *data, int clen)
1485 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1487 unsigned long flags;
1491 wait_event(gsm->event, gsm->pending_cmd == NULL);
1492 spin_lock_irqsave(&gsm->control_lock, flags);
1493 if (gsm->pending_cmd != NULL) {
1494 spin_unlock_irqrestore(&gsm->control_lock, flags);
1497 ctrl->cmd = command;
1500 gsm->pending_cmd = ctrl;
1502 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1503 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1506 gsm->cretries = gsm->n2;
1508 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1509 gsm_control_transmit(gsm, ctrl);
1510 spin_unlock_irqrestore(&gsm->control_lock, flags);
1515 * gsm_control_wait - wait for a control to finish
1517 * @control: control we are waiting on
1519 * Waits for the control to complete or time out. Frees any used
1520 * resources and returns 0 for success, or an error if the remote
1521 * rejected or ignored the request.
1524 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1527 wait_event(gsm->event, control->done == 1);
1528 err = control->error;
1535 * DLCI level handling: Needs krefs
1539 * State transitions and timers
1543 * gsm_dlci_close - a DLCI has closed
1544 * @dlci: DLCI that closed
1546 * Perform processing when moving a DLCI into closed state. If there
1547 * is an attached tty this is hung up
1550 static void gsm_dlci_close(struct gsm_dlci *dlci)
1552 unsigned long flags;
1554 del_timer(&dlci->t1);
1556 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1557 dlci->state = DLCI_CLOSED;
1558 /* Prevent us from sending data before the link is up again */
1559 dlci->constipated = true;
1560 if (dlci->addr != 0) {
1561 tty_port_tty_hangup(&dlci->port, false);
1562 spin_lock_irqsave(&dlci->lock, flags);
1563 kfifo_reset(&dlci->fifo);
1564 spin_unlock_irqrestore(&dlci->lock, flags);
1565 /* Ensure that gsmtty_open() can return. */
1566 tty_port_set_initialized(&dlci->port, 0);
1567 wake_up_interruptible(&dlci->port.open_wait);
1569 dlci->gsm->dead = true;
1570 wake_up(&dlci->gsm->event);
1571 /* A DLCI 0 close is a MUX termination so we need to kick that
1572 back to userspace somehow */
1576 * gsm_dlci_open - a DLCI has opened
1577 * @dlci: DLCI that opened
1579 * Perform processing when moving a DLCI into open state.
1582 static void gsm_dlci_open(struct gsm_dlci *dlci)
1584 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1586 del_timer(&dlci->t1);
1587 /* This will let a tty open continue */
1588 dlci->state = DLCI_OPEN;
1589 dlci->constipated = false;
1591 pr_debug("DLCI %d goes open.\n", dlci->addr);
1592 wake_up(&dlci->gsm->event);
1596 * gsm_dlci_t1 - T1 timer expiry
1597 * @t: timer contained in the DLCI that opened
1599 * The T1 timer handles retransmits of control frames (essentially of
1600 * SABM and DISC). We resend the command until the retry count runs out
1601 * in which case an opening port goes back to closed and a closing port
1602 * is simply put into closed state (any further frames from the other
1603 * end will get a DM response)
1605 * Some control dlci can stay in ADM mode with other dlci working just
1606 * fine. In that case we can just keep the control dlci open after the
1607 * DLCI_OPENING retries time out.
1610 static void gsm_dlci_t1(struct timer_list *t)
1612 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1613 struct gsm_mux *gsm = dlci->gsm;
1615 switch (dlci->state) {
1617 if (dlci->retries) {
1619 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1620 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1621 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1623 pr_info("DLCI %d opening in ADM mode.\n",
1625 dlci->mode = DLCI_MODE_ADM;
1626 gsm_dlci_open(dlci);
1628 gsm_dlci_begin_close(dlci); /* prevent half open link */
1633 if (dlci->retries) {
1635 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1636 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1638 gsm_dlci_close(dlci);
1641 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1647 * gsm_dlci_begin_open - start channel open procedure
1648 * @dlci: DLCI to open
1650 * Commence opening a DLCI from the Linux side. We issue SABM messages
1651 * to the modem which should then reply with a UA or ADM, at which point
1652 * we will move into open state. Opening is done asynchronously with retry
1653 * running off timers and the responses.
1656 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1658 struct gsm_mux *gsm = dlci->gsm;
1659 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1661 dlci->retries = gsm->n2;
1662 dlci->state = DLCI_OPENING;
1663 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1664 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1668 * gsm_dlci_set_opening - change state to opening
1669 * @dlci: DLCI to open
1671 * Change internal state to wait for DLCI open from initiator side.
1672 * We set off timers and responses upon reception of an SABM.
1674 static void gsm_dlci_set_opening(struct gsm_dlci *dlci)
1676 switch (dlci->state) {
1679 dlci->state = DLCI_OPENING;
1687 * gsm_dlci_begin_close - start channel open procedure
1688 * @dlci: DLCI to open
1690 * Commence closing a DLCI from the Linux side. We issue DISC messages
1691 * to the modem which should then reply with a UA, at which point we
1692 * will move into closed state. Closing is done asynchronously with retry
1693 * off timers. We may also receive a DM reply from the other end which
1694 * indicates the channel was already closed.
1697 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1699 struct gsm_mux *gsm = dlci->gsm;
1700 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1702 dlci->retries = gsm->n2;
1703 dlci->state = DLCI_CLOSING;
1704 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1705 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1709 * gsm_dlci_data - data arrived
1711 * @data: block of bytes received
1712 * @clen: length of received block
1714 * A UI or UIH frame has arrived which contains data for a channel
1715 * other than the control channel. If the relevant virtual tty is
1716 * open we shovel the bits down it, if not we drop them.
1719 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1722 struct tty_port *port = &dlci->port;
1723 struct tty_struct *tty;
1724 unsigned int modem = 0;
1728 pr_debug("%d bytes for tty\n", len);
1729 switch (dlci->adaption) {
1730 /* Unsupported types */
1731 case 4: /* Packetised interruptible data */
1733 case 3: /* Packetised uininterruptible voice/data */
1735 case 2: /* Asynchronous serial with line state in each frame */
1736 while (gsm_read_ea(&modem, *data++) == 0) {
1741 tty = tty_port_tty_get(port);
1743 gsm_process_modem(tty, dlci, modem, clen);
1747 case 1: /* Line state will go via DLCI 0 controls only */
1749 tty_insert_flip_string(port, data, len);
1750 tty_flip_buffer_push(port);
1755 * gsm_dlci_control - data arrived on control channel
1757 * @data: block of bytes received
1758 * @len: length of received block
1760 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1761 * control channel. This should contain a command EA followed by
1762 * control data bytes. The command EA contains a command/response bit
1763 * and we divide up the work accordingly.
1766 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1768 /* See what command is involved */
1769 unsigned int command = 0;
1771 if (gsm_read_ea(&command, *data++) == 1) {
1774 /* FIXME: this is properly an EA */
1776 /* Malformed command ? */
1780 gsm_control_message(dlci->gsm, command,
1783 gsm_control_response(dlci->gsm, command,
1791 * Allocate/Free DLCI channels
1795 * gsm_dlci_alloc - allocate a DLCI
1797 * @addr: address of the DLCI
1799 * Allocate and install a new DLCI object into the GSM mux.
1801 * FIXME: review locking races
1804 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1806 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1809 spin_lock_init(&dlci->lock);
1810 mutex_init(&dlci->mutex);
1811 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1816 skb_queue_head_init(&dlci->skb_list);
1817 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1818 tty_port_init(&dlci->port);
1819 dlci->port.ops = &gsm_port_ops;
1822 dlci->adaption = gsm->adaption;
1823 dlci->state = DLCI_CLOSED;
1825 dlci->data = gsm_dlci_data;
1826 /* Prevent us from sending data before the link is up */
1827 dlci->constipated = true;
1829 dlci->data = gsm_dlci_command;
1831 gsm->dlci[addr] = dlci;
1836 * gsm_dlci_free - free DLCI
1837 * @port: tty port for DLCI to free
1843 static void gsm_dlci_free(struct tty_port *port)
1845 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1847 del_timer_sync(&dlci->t1);
1848 dlci->gsm->dlci[dlci->addr] = NULL;
1849 kfifo_free(&dlci->fifo);
1850 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1851 dev_kfree_skb(dlci->skb);
1855 static inline void dlci_get(struct gsm_dlci *dlci)
1857 tty_port_get(&dlci->port);
1860 static inline void dlci_put(struct gsm_dlci *dlci)
1862 tty_port_put(&dlci->port);
1865 static void gsm_destroy_network(struct gsm_dlci *dlci);
1868 * gsm_dlci_release - release DLCI
1869 * @dlci: DLCI to destroy
1871 * Release a DLCI. Actual free is deferred until either
1872 * mux is closed or tty is closed - whichever is last.
1876 static void gsm_dlci_release(struct gsm_dlci *dlci)
1878 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1880 mutex_lock(&dlci->mutex);
1881 gsm_destroy_network(dlci);
1882 mutex_unlock(&dlci->mutex);
1884 /* We cannot use tty_hangup() because in tty_kref_put() the tty
1885 * driver assumes that the hangup queue is free and reuses it to
1886 * queue release_one_tty() -> NULL pointer panic in
1887 * process_one_work().
1891 tty_port_tty_set(&dlci->port, NULL);
1894 dlci->state = DLCI_CLOSED;
1899 * LAPBish link layer logic
1903 * gsm_queue - a GSM frame is ready to process
1904 * @gsm: pointer to our gsm mux
1906 * At this point in time a frame has arrived and been demangled from
1907 * the line encoding. All the differences between the encodings have
1908 * been handled below us and the frame is unpacked into the structures.
1909 * The fcs holds the header FCS but any data FCS must be added here.
1912 static void gsm_queue(struct gsm_mux *gsm)
1914 struct gsm_dlci *dlci;
1917 /* We have to sneak a look at the packet body to do the FCS.
1918 A somewhat layering violation in the spec */
1920 if ((gsm->control & ~PF) == UI)
1921 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1922 if (gsm->encoding == 0) {
1923 /* WARNING: gsm->received_fcs is used for
1924 gsm->encoding = 0 only.
1925 In this case it contain the last piece of data
1926 required to generate final CRC */
1927 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1929 if (gsm->fcs != GOOD_FCS) {
1932 pr_debug("BAD FCS %02x\n", gsm->fcs);
1935 address = gsm->address >> 1;
1936 if (address >= NUM_DLCI)
1939 cr = gsm->address & 1; /* C/R bit */
1941 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1943 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1944 dlci = gsm->dlci[address];
1946 switch (gsm->control) {
1951 dlci = gsm_dlci_alloc(gsm, address);
1955 gsm_response(gsm, address, DM);
1957 gsm_response(gsm, address, UA);
1958 gsm_dlci_open(dlci);
1964 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1965 gsm_response(gsm, address, DM);
1968 /* Real close complete */
1969 gsm_response(gsm, address, UA);
1970 gsm_dlci_close(dlci);
1973 if (cr == 0 || dlci == NULL)
1975 switch (dlci->state) {
1977 gsm_dlci_close(dlci);
1980 gsm_dlci_open(dlci);
1983 pr_debug("%s: unhandled state: %d\n", __func__,
1988 case DM: /* DM can be valid unsolicited */
1994 gsm_dlci_close(dlci);
2004 if (dlci == NULL || dlci->state != DLCI_OPEN) {
2005 gsm_response(gsm, address, DM|PF);
2008 dlci->data(dlci, gsm->buf, gsm->len);
2021 * gsm0_receive - perform processing for non-transparency
2022 * @gsm: gsm data for this ldisc instance
2025 * Receive bytes in gsm mode 0
2028 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
2032 switch (gsm->state) {
2033 case GSM_SEARCH: /* SOF marker */
2034 if (c == GSM0_SOF) {
2035 gsm->state = GSM_ADDRESS;
2038 gsm->fcs = INIT_FCS;
2041 case GSM_ADDRESS: /* Address EA */
2042 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2043 if (gsm_read_ea(&gsm->address, c))
2044 gsm->state = GSM_CONTROL;
2046 case GSM_CONTROL: /* Control Byte */
2047 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2049 gsm->state = GSM_LEN0;
2051 case GSM_LEN0: /* Length EA */
2052 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2053 if (gsm_read_ea(&gsm->len, c)) {
2054 if (gsm->len > gsm->mru) {
2056 gsm->state = GSM_SEARCH;
2061 gsm->state = GSM_FCS;
2063 gsm->state = GSM_DATA;
2066 gsm->state = GSM_LEN1;
2069 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2071 gsm->len |= len << 7;
2072 if (gsm->len > gsm->mru) {
2074 gsm->state = GSM_SEARCH;
2079 gsm->state = GSM_FCS;
2081 gsm->state = GSM_DATA;
2083 case GSM_DATA: /* Data */
2084 gsm->buf[gsm->count++] = c;
2085 if (gsm->count == gsm->len)
2086 gsm->state = GSM_FCS;
2088 case GSM_FCS: /* FCS follows the packet */
2089 gsm->received_fcs = c;
2091 gsm->state = GSM_SSOF;
2094 if (c == GSM0_SOF) {
2095 gsm->state = GSM_SEARCH;
2100 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2106 * gsm1_receive - perform processing for non-transparency
2107 * @gsm: gsm data for this ldisc instance
2110 * Receive bytes in mode 1 (Advanced option)
2113 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2115 /* handle XON/XOFF */
2116 if ((c & ISO_IEC_646_MASK) == XON) {
2117 gsm->constipated = true;
2119 } else if ((c & ISO_IEC_646_MASK) == XOFF) {
2120 gsm->constipated = false;
2121 /* Kick the link in case it is idling */
2122 gsm_data_kick(gsm, NULL);
2125 if (c == GSM1_SOF) {
2126 /* EOF is only valid in frame if we have got to the data state
2127 and received at least one byte (the FCS) */
2128 if (gsm->state == GSM_DATA && gsm->count) {
2129 /* Extract the FCS */
2131 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2132 gsm->len = gsm->count;
2134 gsm->state = GSM_START;
2137 /* Any partial frame was a runt so go back to start */
2138 if (gsm->state != GSM_START) {
2139 if (gsm->state != GSM_SEARCH)
2141 gsm->state = GSM_START;
2143 /* A SOF in GSM_START means we are still reading idling or
2148 if (c == GSM1_ESCAPE) {
2153 /* Only an unescaped SOF gets us out of GSM search */
2154 if (gsm->state == GSM_SEARCH)
2158 c ^= GSM1_ESCAPE_BITS;
2159 gsm->escape = false;
2161 switch (gsm->state) {
2162 case GSM_START: /* First byte after SOF */
2164 gsm->state = GSM_ADDRESS;
2165 gsm->fcs = INIT_FCS;
2167 case GSM_ADDRESS: /* Address continuation */
2168 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2169 if (gsm_read_ea(&gsm->address, c))
2170 gsm->state = GSM_CONTROL;
2172 case GSM_CONTROL: /* Control Byte */
2173 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2176 gsm->state = GSM_DATA;
2178 case GSM_DATA: /* Data */
2179 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2180 gsm->state = GSM_OVERRUN;
2183 gsm->buf[gsm->count++] = c;
2185 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2188 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2194 * gsm_error - handle tty error
2196 * @data: byte received (may be invalid)
2197 * @flag: error received
2199 * Handle an error in the receipt of data for a frame. Currently we just
2200 * go back to hunting for a SOF.
2202 * FIXME: better diagnostics ?
2205 static void gsm_error(struct gsm_mux *gsm,
2206 unsigned char data, unsigned char flag)
2208 gsm->state = GSM_SEARCH;
2213 * gsm_cleanup_mux - generic GSM protocol cleanup
2215 * @disc: disconnect link?
2217 * Clean up the bits of the mux which are the same for all framing
2218 * protocols. Remove the mux from the mux table, stop all the timers
2219 * and then shut down each device hanging up the channels as we go.
2222 static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc)
2225 struct gsm_dlci *dlci;
2226 struct gsm_msg *txq, *ntxq;
2229 mutex_lock(&gsm->mutex);
2231 dlci = gsm->dlci[0];
2233 if (disc && dlci->state != DLCI_CLOSED) {
2234 gsm_dlci_begin_close(dlci);
2235 wait_event(gsm->event, dlci->state == DLCI_CLOSED);
2240 /* Finish outstanding timers, making sure they are done */
2241 del_timer_sync(&gsm->t2_timer);
2243 /* Free up any link layer users and finally the control channel */
2244 if (gsm->has_devices) {
2245 gsm_unregister_devices(gsm_tty_driver, gsm->num);
2246 gsm->has_devices = false;
2248 for (i = NUM_DLCI - 1; i >= 0; i--)
2250 gsm_dlci_release(gsm->dlci[i]);
2251 mutex_unlock(&gsm->mutex);
2252 /* Now wipe the queues */
2253 tty_ldisc_flush(gsm->tty);
2254 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2256 INIT_LIST_HEAD(&gsm->tx_list);
2260 * gsm_activate_mux - generic GSM setup
2263 * Set up the bits of the mux which are the same for all framing
2264 * protocols. Add the mux to the mux table so it can be opened and
2265 * finally kick off connecting to DLCI 0 on the modem.
2268 static int gsm_activate_mux(struct gsm_mux *gsm)
2270 struct gsm_dlci *dlci;
2273 if (gsm->encoding == 0)
2274 gsm->receive = gsm0_receive;
2276 gsm->receive = gsm1_receive;
2278 ret = gsm_register_devices(gsm_tty_driver, gsm->num);
2282 dlci = gsm_dlci_alloc(gsm, 0);
2285 gsm->has_devices = true;
2286 gsm->dead = false; /* Tty opens are now permissible */
2291 * gsm_free_mux - free up a mux
2294 * Dispose of allocated resources for a dead mux
2296 static void gsm_free_mux(struct gsm_mux *gsm)
2300 for (i = 0; i < MAX_MUX; i++) {
2301 if (gsm == gsm_mux[i]) {
2306 mutex_destroy(&gsm->mutex);
2307 kfree(gsm->txframe);
2313 * gsm_free_muxr - free up a mux
2314 * @ref: kreference to the mux to free
2316 * Dispose of allocated resources for a dead mux
2318 static void gsm_free_muxr(struct kref *ref)
2320 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2324 static inline void mux_get(struct gsm_mux *gsm)
2326 unsigned long flags;
2328 spin_lock_irqsave(&gsm_mux_lock, flags);
2329 kref_get(&gsm->ref);
2330 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2333 static inline void mux_put(struct gsm_mux *gsm)
2335 unsigned long flags;
2337 spin_lock_irqsave(&gsm_mux_lock, flags);
2338 kref_put(&gsm->ref, gsm_free_muxr);
2339 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2342 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2344 return gsm->num * NUM_DLCI;
2347 static inline unsigned int mux_line_to_num(unsigned int line)
2349 return line / NUM_DLCI;
2353 * gsm_alloc_mux - allocate a mux
2355 * Creates a new mux ready for activation.
2358 static struct gsm_mux *gsm_alloc_mux(void)
2361 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2364 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2365 if (gsm->buf == NULL) {
2369 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
2370 if (gsm->txframe == NULL) {
2375 spin_lock_init(&gsm->lock);
2376 mutex_init(&gsm->mutex);
2377 kref_init(&gsm->ref);
2378 INIT_LIST_HEAD(&gsm->tx_list);
2379 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2380 init_waitqueue_head(&gsm->event);
2381 spin_lock_init(&gsm->control_lock);
2382 spin_lock_init(&gsm->tx_lock);
2390 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2392 gsm->dead = true; /* Avoid early tty opens */
2394 /* Store the instance to the mux array or abort if no space is
2397 spin_lock(&gsm_mux_lock);
2398 for (i = 0; i < MAX_MUX; i++) {
2405 spin_unlock(&gsm_mux_lock);
2407 mutex_destroy(&gsm->mutex);
2408 kfree(gsm->txframe);
2417 static void gsm_copy_config_values(struct gsm_mux *gsm,
2418 struct gsm_config *c)
2420 memset(c, 0, sizeof(*c));
2421 c->adaption = gsm->adaption;
2422 c->encapsulation = gsm->encoding;
2423 c->initiator = gsm->initiator;
2426 c->t3 = 0; /* Not supported */
2428 if (gsm->ftype == UIH)
2432 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2438 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2442 int need_restart = 0;
2444 /* Stuff we don't support yet - UI or I frame transport, windowing */
2445 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2447 /* Check the MRU/MTU range looks sane */
2448 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2452 if (c->encapsulation > 1) /* Basic, advanced, no I */
2454 if (c->initiator > 1)
2456 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2459 * See what is needed for reconfiguration
2463 if (c->t1 != 0 && c->t1 != gsm->t1)
2465 if (c->t2 != 0 && c->t2 != gsm->t2)
2467 if (c->encapsulation != gsm->encoding)
2469 if (c->adaption != gsm->adaption)
2472 if (c->initiator != gsm->initiator)
2474 if (c->mru != gsm->mru)
2476 if (c->mtu != gsm->mtu)
2480 * Close down what is needed, restart and initiate the new
2481 * configuration. On the first time there is no DLCI[0]
2482 * and closing or cleaning up is not necessary.
2484 if (need_close || need_restart)
2485 gsm_cleanup_mux(gsm, true);
2487 gsm->initiator = c->initiator;
2490 gsm->encoding = c->encapsulation;
2491 gsm->adaption = c->adaption;
2505 * FIXME: We need to separate activation/deactivation from adding
2506 * and removing from the mux array
2509 ret = gsm_activate_mux(gsm);
2513 gsm_dlci_begin_open(gsm->dlci[0]);
2519 * gsmld_output - write to link
2521 * @data: bytes to output
2524 * Write a block of data from the GSM mux to the data channel. This
2525 * will eventually be serialized from above but at the moment isn't.
2528 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2530 if (tty_write_room(gsm->tty) < len) {
2531 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2535 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2537 gsm->tty->ops->write(gsm->tty, data, len);
2542 * gsmld_attach_gsm - mode set up
2543 * @tty: our tty structure
2546 * Set up the MUX for basic mode and commence connecting to the
2547 * modem. Currently called from the line discipline set up but
2548 * will need moving to an ioctl path.
2551 static void gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2553 gsm->tty = tty_kref_get(tty);
2554 /* Turn off tty XON/XOFF handling to handle it explicitly. */
2555 gsm->old_c_iflag = tty->termios.c_iflag;
2556 tty->termios.c_iflag &= (IXON | IXOFF);
2560 * gsmld_detach_gsm - stop doing 0710 mux
2561 * @tty: tty attached to the mux
2564 * Shutdown and then clean up the resources used by the line discipline
2567 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2569 WARN_ON(tty != gsm->tty);
2570 /* Restore tty XON/XOFF handling. */
2571 gsm->tty->termios.c_iflag = gsm->old_c_iflag;
2572 tty_kref_put(gsm->tty);
2576 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2577 char *fp, int count)
2579 struct gsm_mux *gsm = tty->disc_data;
2580 char flags = TTY_NORMAL;
2583 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2586 for (; count; count--, cp++) {
2592 gsm->receive(gsm, *cp);
2598 gsm_error(gsm, *cp, flags);
2601 WARN_ONCE(1, "%s: unknown flag %d\n",
2602 tty_name(tty), flags);
2606 /* FASYNC if needed ? */
2607 /* If clogged call tty_throttle(tty); */
2611 * gsmld_flush_buffer - clean input queue
2612 * @tty: terminal device
2614 * Flush the input buffer. Called when the line discipline is
2615 * being closed, when the tty layer wants the buffer flushed (eg
2619 static void gsmld_flush_buffer(struct tty_struct *tty)
2624 * gsmld_close - close the ldisc for this tty
2627 * Called from the terminal layer when this line discipline is
2628 * being shut down, either because of a close or becsuse of a
2629 * discipline change. The function will not be called while other
2630 * ldisc methods are in progress.
2633 static void gsmld_close(struct tty_struct *tty)
2635 struct gsm_mux *gsm = tty->disc_data;
2637 /* The ldisc locks and closes the port before calling our close. This
2638 * means we have no way to do a proper disconnect. We will not bother
2641 gsm_cleanup_mux(gsm, false);
2643 gsmld_detach_gsm(tty, gsm);
2645 gsmld_flush_buffer(tty);
2646 /* Do other clean up here */
2651 * gsmld_open - open an ldisc
2652 * @tty: terminal to open
2654 * Called when this line discipline is being attached to the
2655 * terminal device. Can sleep. Called serialized so that no
2656 * other events will occur in parallel. No further open will occur
2660 static int gsmld_open(struct tty_struct *tty)
2662 struct gsm_mux *gsm;
2664 if (!capable(CAP_NET_ADMIN))
2667 if (tty->ops->write == NULL)
2670 /* Attach our ldisc data */
2671 gsm = gsm_alloc_mux();
2675 tty->disc_data = gsm;
2676 tty->receive_room = 65536;
2678 /* Attach the initial passive connection */
2681 gsmld_attach_gsm(tty, gsm);
2683 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2689 * gsmld_write_wakeup - asynchronous I/O notifier
2692 * Required for the ptys, serial driver etc. since processes
2693 * that attach themselves to the master and rely on ASYNC
2694 * IO must be woken up
2697 static void gsmld_write_wakeup(struct tty_struct *tty)
2699 struct gsm_mux *gsm = tty->disc_data;
2700 unsigned long flags;
2703 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2704 spin_lock_irqsave(&gsm->tx_lock, flags);
2705 gsm_data_kick(gsm, NULL);
2706 if (gsm->tx_bytes < TX_THRESH_LO) {
2707 gsm_dlci_data_sweep(gsm);
2709 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2713 * gsmld_read - read function for tty
2715 * @file: file object
2716 * @buf: userspace buffer pointer
2719 * Perform reads for the line discipline. We are guaranteed that the
2720 * line discipline will not be closed under us but we may get multiple
2721 * parallel readers and must handle this ourselves. We may also get
2722 * a hangup. Always called in user context, may sleep.
2724 * This code must be sure never to sleep through a hangup.
2727 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2728 unsigned char *buf, size_t nr,
2729 void **cookie, unsigned long offset)
2735 * gsmld_write - write function for tty
2737 * @file: file object
2738 * @buf: userspace buffer pointer
2741 * Called when the owner of the device wants to send a frame
2742 * itself (or some other control data). The data is transferred
2743 * as-is and must be properly framed and checksummed as appropriate
2744 * by userspace. Frames are either sent whole or not at all as this
2745 * avoids pain user side.
2748 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2749 const unsigned char *buf, size_t nr)
2751 struct gsm_mux *gsm = tty->disc_data;
2752 unsigned long flags;
2760 spin_lock_irqsave(&gsm->tx_lock, flags);
2761 space = tty_write_room(tty);
2763 ret = tty->ops->write(tty, buf, nr);
2765 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2766 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2772 * gsmld_poll - poll method for N_GSM0710
2773 * @tty: terminal device
2774 * @file: file accessing it
2777 * Called when the line discipline is asked to poll() for data or
2778 * for special events. This code is not serialized with respect to
2779 * other events save open/close.
2781 * This code must be sure never to sleep through a hangup.
2782 * Called without the kernel lock held - fine
2785 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2789 struct gsm_mux *gsm = tty->disc_data;
2791 poll_wait(file, &tty->read_wait, wait);
2792 poll_wait(file, &tty->write_wait, wait);
2796 if (tty_hung_up_p(file))
2798 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
2800 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2801 mask |= EPOLLOUT | EPOLLWRNORM;
2805 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2806 unsigned int cmd, unsigned long arg)
2808 struct gsm_config c;
2809 struct gsm_mux *gsm = tty->disc_data;
2813 case GSMIOC_GETCONF:
2814 gsm_copy_config_values(gsm, &c);
2815 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2818 case GSMIOC_SETCONF:
2819 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2821 return gsm_config(gsm, &c);
2822 case GSMIOC_GETFIRST:
2823 base = mux_num_to_base(gsm);
2824 return put_user(base + 1, (__u32 __user *)arg);
2826 return n_tty_ioctl_helper(tty, file, cmd, arg);
2835 static int gsm_mux_net_open(struct net_device *net)
2837 pr_debug("%s called\n", __func__);
2838 netif_start_queue(net);
2842 static int gsm_mux_net_close(struct net_device *net)
2844 netif_stop_queue(net);
2848 static void dlci_net_free(struct gsm_dlci *dlci)
2854 dlci->adaption = dlci->prev_adaption;
2855 dlci->data = dlci->prev_data;
2856 free_netdev(dlci->net);
2859 static void net_free(struct kref *ref)
2861 struct gsm_mux_net *mux_net;
2862 struct gsm_dlci *dlci;
2864 mux_net = container_of(ref, struct gsm_mux_net, ref);
2865 dlci = mux_net->dlci;
2868 unregister_netdev(dlci->net);
2869 dlci_net_free(dlci);
2873 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2875 kref_get(&mux_net->ref);
2878 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2880 kref_put(&mux_net->ref, net_free);
2883 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2884 struct net_device *net)
2886 struct gsm_mux_net *mux_net = netdev_priv(net);
2887 struct gsm_dlci *dlci = mux_net->dlci;
2888 muxnet_get(mux_net);
2890 skb_queue_head(&dlci->skb_list, skb);
2891 net->stats.tx_packets++;
2892 net->stats.tx_bytes += skb->len;
2893 gsm_dlci_data_kick(dlci);
2894 /* And tell the kernel when the last transmit started. */
2895 netif_trans_update(net);
2896 muxnet_put(mux_net);
2897 return NETDEV_TX_OK;
2900 /* called when a packet did not ack after watchdogtimeout */
2901 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2903 /* Tell syslog we are hosed. */
2904 dev_dbg(&net->dev, "Tx timed out.\n");
2906 /* Update statistics */
2907 net->stats.tx_errors++;
2910 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2911 const unsigned char *in_buf, int size)
2913 struct net_device *net = dlci->net;
2914 struct sk_buff *skb;
2915 struct gsm_mux_net *mux_net = netdev_priv(net);
2916 muxnet_get(mux_net);
2918 /* Allocate an sk_buff */
2919 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2921 /* We got no receive buffer. */
2922 net->stats.rx_dropped++;
2923 muxnet_put(mux_net);
2926 skb_reserve(skb, NET_IP_ALIGN);
2927 skb_put_data(skb, in_buf, size);
2930 skb->protocol = htons(ETH_P_IP);
2932 /* Ship it off to the kernel */
2935 /* update out statistics */
2936 net->stats.rx_packets++;
2937 net->stats.rx_bytes += size;
2938 muxnet_put(mux_net);
2942 static void gsm_mux_net_init(struct net_device *net)
2944 static const struct net_device_ops gsm_netdev_ops = {
2945 .ndo_open = gsm_mux_net_open,
2946 .ndo_stop = gsm_mux_net_close,
2947 .ndo_start_xmit = gsm_mux_net_start_xmit,
2948 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2951 net->netdev_ops = &gsm_netdev_ops;
2953 /* fill in the other fields */
2954 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2955 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2956 net->type = ARPHRD_NONE;
2957 net->tx_queue_len = 10;
2961 /* caller holds the dlci mutex */
2962 static void gsm_destroy_network(struct gsm_dlci *dlci)
2964 struct gsm_mux_net *mux_net;
2966 pr_debug("destroy network interface\n");
2969 mux_net = netdev_priv(dlci->net);
2970 muxnet_put(mux_net);
2974 /* caller holds the dlci mutex */
2975 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2979 struct net_device *net;
2980 struct gsm_mux_net *mux_net;
2982 if (!capable(CAP_NET_ADMIN))
2985 /* Already in a non tty mode */
2986 if (dlci->adaption > 2)
2989 if (nc->protocol != htons(ETH_P_IP))
2990 return -EPROTONOSUPPORT;
2992 if (nc->adaption != 3 && nc->adaption != 4)
2993 return -EPROTONOSUPPORT;
2995 pr_debug("create network interface\n");
2998 if (nc->if_name[0] != '\0')
2999 netname = nc->if_name;
3000 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
3001 NET_NAME_UNKNOWN, gsm_mux_net_init);
3003 pr_err("alloc_netdev failed\n");
3006 net->mtu = dlci->gsm->mtu;
3008 net->max_mtu = dlci->gsm->mtu;
3009 mux_net = netdev_priv(net);
3010 mux_net->dlci = dlci;
3011 kref_init(&mux_net->ref);
3012 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
3014 /* reconfigure dlci for network */
3015 dlci->prev_adaption = dlci->adaption;
3016 dlci->prev_data = dlci->data;
3017 dlci->adaption = nc->adaption;
3018 dlci->data = gsm_mux_rx_netchar;
3021 pr_debug("register netdev\n");
3022 retval = register_netdev(net);
3024 pr_err("network register fail %d\n", retval);
3025 dlci_net_free(dlci);
3028 return net->ifindex; /* return network index */
3031 /* Line discipline for real tty */
3032 static struct tty_ldisc_ops tty_ldisc_packet = {
3033 .owner = THIS_MODULE,
3034 .magic = TTY_LDISC_MAGIC,
3037 .close = gsmld_close,
3038 .flush_buffer = gsmld_flush_buffer,
3040 .write = gsmld_write,
3041 .ioctl = gsmld_ioctl,
3043 .receive_buf = gsmld_receive_buf,
3044 .write_wakeup = gsmld_write_wakeup
3053 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
3056 struct gsm_control *ctrl;
3059 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
3060 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
3062 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
3065 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
3068 return gsm_control_wait(dlci->gsm, ctrl);
3071 static int gsm_carrier_raised(struct tty_port *port)
3073 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3074 struct gsm_mux *gsm = dlci->gsm;
3076 /* Not yet open so no carrier info */
3077 if (dlci->state != DLCI_OPEN)
3083 * Basic mode with control channel in ADM mode may not respond
3084 * to CMD_MSC at all and modem_rx is empty.
3086 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
3090 return dlci->modem_rx & TIOCM_CD;
3093 static void gsm_dtr_rts(struct tty_port *port, int onoff)
3095 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3096 unsigned int modem_tx = dlci->modem_tx;
3098 modem_tx |= TIOCM_DTR | TIOCM_RTS;
3100 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
3101 if (modem_tx != dlci->modem_tx) {
3102 dlci->modem_tx = modem_tx;
3103 gsmtty_modem_update(dlci, 0);
3107 static const struct tty_port_operations gsm_port_ops = {
3108 .carrier_raised = gsm_carrier_raised,
3109 .dtr_rts = gsm_dtr_rts,
3110 .destruct = gsm_dlci_free,
3113 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3115 struct gsm_mux *gsm;
3116 struct gsm_dlci *dlci;
3117 unsigned int line = tty->index;
3118 unsigned int mux = mux_line_to_num(line);
3126 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3127 if (gsm_mux[mux] == NULL)
3129 if (line == 0 || line > 61) /* 62/63 reserved */
3134 /* If DLCI 0 is not yet fully open return an error.
3135 This is ok from a locking
3136 perspective as we don't have to worry about this
3138 mutex_lock(&gsm->mutex);
3139 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3140 mutex_unlock(&gsm->mutex);
3143 dlci = gsm->dlci[line];
3146 dlci = gsm_dlci_alloc(gsm, line);
3149 mutex_unlock(&gsm->mutex);
3152 ret = tty_port_install(&dlci->port, driver, tty);
3156 mutex_unlock(&gsm->mutex);
3161 dlci_get(gsm->dlci[0]);
3163 tty->driver_data = dlci;
3164 mutex_unlock(&gsm->mutex);
3169 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3171 struct gsm_dlci *dlci = tty->driver_data;
3172 struct tty_port *port = &dlci->port;
3173 struct gsm_mux *gsm = dlci->gsm;
3176 tty_port_tty_set(port, tty);
3179 /* We could in theory open and close before we wait - eg if we get
3180 a DM straight back. This is ok as that will have caused a hangup */
3181 tty_port_set_initialized(port, 1);
3182 /* Start sending off SABM messages */
3184 gsm_dlci_begin_open(dlci);
3186 gsm_dlci_set_opening(dlci);
3187 /* And wait for virtual carrier */
3188 return tty_port_block_til_ready(port, tty, filp);
3191 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3193 struct gsm_dlci *dlci = tty->driver_data;
3197 if (dlci->state == DLCI_CLOSED)
3199 mutex_lock(&dlci->mutex);
3200 gsm_destroy_network(dlci);
3201 mutex_unlock(&dlci->mutex);
3202 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3204 gsm_dlci_begin_close(dlci);
3205 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3206 tty_port_lower_dtr_rts(&dlci->port);
3207 tty_port_close_end(&dlci->port, tty);
3208 tty_port_tty_set(&dlci->port, NULL);
3212 static void gsmtty_hangup(struct tty_struct *tty)
3214 struct gsm_dlci *dlci = tty->driver_data;
3215 if (dlci->state == DLCI_CLOSED)
3217 tty_port_hangup(&dlci->port);
3218 gsm_dlci_begin_close(dlci);
3221 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3225 struct gsm_dlci *dlci = tty->driver_data;
3226 if (dlci->state == DLCI_CLOSED)
3228 /* Stuff the bytes into the fifo queue */
3229 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3230 /* Need to kick the channel */
3231 gsm_dlci_data_kick(dlci);
3235 static int gsmtty_write_room(struct tty_struct *tty)
3237 struct gsm_dlci *dlci = tty->driver_data;
3238 if (dlci->state == DLCI_CLOSED)
3240 return TX_SIZE - kfifo_len(&dlci->fifo);
3243 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
3245 struct gsm_dlci *dlci = tty->driver_data;
3246 if (dlci->state == DLCI_CLOSED)
3248 return kfifo_len(&dlci->fifo);
3251 static void gsmtty_flush_buffer(struct tty_struct *tty)
3253 struct gsm_dlci *dlci = tty->driver_data;
3254 unsigned long flags;
3256 if (dlci->state == DLCI_CLOSED)
3258 /* Caution needed: If we implement reliable transport classes
3259 then the data being transmitted can't simply be junked once
3260 it has first hit the stack. Until then we can just blow it
3262 spin_lock_irqsave(&dlci->lock, flags);
3263 kfifo_reset(&dlci->fifo);
3264 spin_unlock_irqrestore(&dlci->lock, flags);
3265 /* Need to unhook this DLCI from the transmit queue logic */
3268 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3270 /* The FIFO handles the queue so the kernel will do the right
3271 thing waiting on chars_in_buffer before calling us. No work
3275 static int gsmtty_tiocmget(struct tty_struct *tty)
3277 struct gsm_dlci *dlci = tty->driver_data;
3278 if (dlci->state == DLCI_CLOSED)
3280 return dlci->modem_rx;
3283 static int gsmtty_tiocmset(struct tty_struct *tty,
3284 unsigned int set, unsigned int clear)
3286 struct gsm_dlci *dlci = tty->driver_data;
3287 unsigned int modem_tx = dlci->modem_tx;
3289 if (dlci->state == DLCI_CLOSED)
3294 if (modem_tx != dlci->modem_tx) {
3295 dlci->modem_tx = modem_tx;
3296 return gsmtty_modem_update(dlci, 0);
3302 static int gsmtty_ioctl(struct tty_struct *tty,
3303 unsigned int cmd, unsigned long arg)
3305 struct gsm_dlci *dlci = tty->driver_data;
3306 struct gsm_netconfig nc;
3309 if (dlci->state == DLCI_CLOSED)
3312 case GSMIOC_ENABLE_NET:
3313 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3315 nc.if_name[IFNAMSIZ-1] = '\0';
3316 /* return net interface index or error code */
3317 mutex_lock(&dlci->mutex);
3318 index = gsm_create_network(dlci, &nc);
3319 mutex_unlock(&dlci->mutex);
3320 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3323 case GSMIOC_DISABLE_NET:
3324 if (!capable(CAP_NET_ADMIN))
3326 mutex_lock(&dlci->mutex);
3327 gsm_destroy_network(dlci);
3328 mutex_unlock(&dlci->mutex);
3331 return -ENOIOCTLCMD;
3335 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3337 struct gsm_dlci *dlci = tty->driver_data;
3338 if (dlci->state == DLCI_CLOSED)
3340 /* For the moment its fixed. In actual fact the speed information
3341 for the virtual channel can be propogated in both directions by
3342 the RPN control message. This however rapidly gets nasty as we
3343 then have to remap modem signals each way according to whether
3344 our virtual cable is null modem etc .. */
3345 tty_termios_copy_hw(&tty->termios, old);
3348 static void gsmtty_throttle(struct tty_struct *tty)
3350 struct gsm_dlci *dlci = tty->driver_data;
3351 if (dlci->state == DLCI_CLOSED)
3354 dlci->modem_tx &= ~TIOCM_RTS;
3355 dlci->throttled = true;
3356 /* Send an MSC with RTS cleared */
3357 gsmtty_modem_update(dlci, 0);
3360 static void gsmtty_unthrottle(struct tty_struct *tty)
3362 struct gsm_dlci *dlci = tty->driver_data;
3363 if (dlci->state == DLCI_CLOSED)
3366 dlci->modem_tx |= TIOCM_RTS;
3367 dlci->throttled = false;
3368 /* Send an MSC with RTS set */
3369 gsmtty_modem_update(dlci, 0);
3372 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3374 struct gsm_dlci *dlci = tty->driver_data;
3375 int encode = 0; /* Off */
3376 if (dlci->state == DLCI_CLOSED)
3379 if (state == -1) /* "On indefinitely" - we can't encode this
3382 else if (state > 0) {
3383 encode = state / 200; /* mS to encoding */
3385 encode = 0x0F; /* Best effort */
3387 return gsmtty_modem_update(dlci, encode);
3390 static void gsmtty_cleanup(struct tty_struct *tty)
3392 struct gsm_dlci *dlci = tty->driver_data;
3393 struct gsm_mux *gsm = dlci->gsm;
3396 dlci_put(gsm->dlci[0]);
3400 /* Virtual ttys for the demux */
3401 static const struct tty_operations gsmtty_ops = {
3402 .install = gsmtty_install,
3403 .open = gsmtty_open,
3404 .close = gsmtty_close,
3405 .write = gsmtty_write,
3406 .write_room = gsmtty_write_room,
3407 .chars_in_buffer = gsmtty_chars_in_buffer,
3408 .flush_buffer = gsmtty_flush_buffer,
3409 .ioctl = gsmtty_ioctl,
3410 .throttle = gsmtty_throttle,
3411 .unthrottle = gsmtty_unthrottle,
3412 .set_termios = gsmtty_set_termios,
3413 .hangup = gsmtty_hangup,
3414 .wait_until_sent = gsmtty_wait_until_sent,
3415 .tiocmget = gsmtty_tiocmget,
3416 .tiocmset = gsmtty_tiocmset,
3417 .break_ctl = gsmtty_break_ctl,
3418 .cleanup = gsmtty_cleanup,
3423 static int __init gsm_init(void)
3425 /* Fill in our line protocol discipline, and register it */
3426 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3428 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3433 gsm_tty_driver = alloc_tty_driver(256);
3434 if (!gsm_tty_driver) {
3435 tty_unregister_ldisc(N_GSM0710);
3436 pr_err("gsm_init: tty allocation failed.\n");
3439 gsm_tty_driver->driver_name = "gsmtty";
3440 gsm_tty_driver->name = "gsmtty";
3441 gsm_tty_driver->major = 0; /* Dynamic */
3442 gsm_tty_driver->minor_start = 0;
3443 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3444 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3445 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3446 | TTY_DRIVER_HARDWARE_BREAK;
3447 gsm_tty_driver->init_termios = tty_std_termios;
3449 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3450 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3452 spin_lock_init(&gsm_mux_lock);
3454 if (tty_register_driver(gsm_tty_driver)) {
3455 put_tty_driver(gsm_tty_driver);
3456 tty_unregister_ldisc(N_GSM0710);
3457 pr_err("gsm_init: tty registration failed.\n");
3460 pr_debug("gsm_init: loaded as %d,%d.\n",
3461 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3465 static void __exit gsm_exit(void)
3467 int status = tty_unregister_ldisc(N_GSM0710);
3469 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3471 tty_unregister_driver(gsm_tty_driver);
3472 put_tty_driver(gsm_tty_driver);
3475 module_init(gsm_init);
3476 module_exit(gsm_exit);
3479 MODULE_LICENSE("GPL");
3480 MODULE_ALIAS_LDISC(N_GSM0710);
projects / releases.git / blob