2 * n_gsm.c GSM 0710 tty multiplexor
3 * Copyright (c) 2009/10 Intel Corporation
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
21 * Mostly done: ioctls for setting modes/timing
22 * Partly done: hooks so you can pull off frames to non tty devs
23 * Restart DLCI 0 when it closes ?
24 * Improve the tx engine
25 * Resolve tx side locking by adding a queue_head and routing
26 * all control traffic via it
27 * General tidy/document
28 * Review the locking/move to refcounts more (mux now moved to an
29 * alloc/free model ready)
30 * Use newest tty open/close port helpers and install hooks
31 * What to do about power functions ?
32 * Termios setting and negotiation
33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
37 #include <linux/types.h>
38 #include <linux/major.h>
39 #include <linux/errno.h>
40 #include <linux/signal.h>
41 #include <linux/fcntl.h>
42 #include <linux/sched/signal.h>
43 #include <linux/interrupt.h>
44 #include <linux/tty.h>
45 #include <linux/ctype.h>
47 #include <linux/string.h>
48 #include <linux/slab.h>
49 #include <linux/poll.h>
50 #include <linux/bitops.h>
51 #include <linux/file.h>
52 #include <linux/uaccess.h>
53 #include <linux/module.h>
54 #include <linux/timer.h>
55 #include <linux/tty_flip.h>
56 #include <linux/tty_driver.h>
57 #include <linux/serial.h>
58 #include <linux/kfifo.h>
59 #include <linux/skbuff.h>
62 #include <linux/netdevice.h>
63 #include <linux/etherdevice.h>
64 #include <linux/gsmmux.h>
67 module_param(debug, int, 0600);
69 /* Defaults: these are from the specification */
71 #define T1 10 /* 100mS */
72 #define T2 34 /* 333mS */
73 #define N2 3 /* Retry 3 times */
75 /* Use long timers for testing at low speed with debug on */
82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
83 * limits so this is plenty
87 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
88 #define PROT_OVERHEAD 7
89 #define GSM_NET_TX_TIMEOUT (HZ*10)
92 * struct gsm_mux_net - network interface
93 * @struct gsm_dlci* dlci
95 * Created when net interface is initialized.
99 struct gsm_dlci *dlci;
103 * Each block of data we have queued to go out is in the form of
104 * a gsm_msg which holds everything we need in a link layer independent
109 struct list_head list;
110 u8 addr; /* DLCI address + flags */
111 u8 ctrl; /* Control byte + flags */
112 unsigned int len; /* Length of data block (can be zero) */
113 unsigned char *data; /* Points into buffer but not at the start */
114 unsigned char buffer[0];
118 * Each active data link has a gsm_dlci structure associated which ties
119 * the link layer to an optional tty (if the tty side is open). To avoid
120 * complexity right now these are only ever freed up when the mux is
123 * At the moment we don't free DLCI objects until the mux is torn down
124 * this avoid object life time issues but might be worth review later.
131 #define DLCI_CLOSED 0
132 #define DLCI_OPENING 1 /* Sending SABM not seen UA */
133 #define DLCI_OPEN 2 /* SABM/UA complete */
134 #define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
139 #define DLCI_MODE_ABM 0 /* Normal Asynchronous Balanced Mode */
140 #define DLCI_MODE_ADM 1 /* Asynchronous Disconnected Mode */
141 spinlock_t lock; /* Protects the internal state */
142 struct timer_list t1; /* Retransmit timer for SABM and UA */
144 /* Uplink tty if active */
145 struct tty_port port; /* The tty bound to this DLCI if there is one */
146 struct kfifo *fifo; /* Queue fifo for the DLCI */
147 struct kfifo _fifo; /* For new fifo API porting only */
148 int adaption; /* Adaption layer in use */
150 u32 modem_rx; /* Our incoming virtual modem lines */
151 u32 modem_tx; /* Our outgoing modem lines */
152 int dead; /* Refuse re-open */
154 int throttled; /* Private copy of throttle state */
155 int constipated; /* Throttle status for outgoing */
157 struct sk_buff *skb; /* Frame being sent */
158 struct sk_buff_head skb_list; /* Queued frames */
159 /* Data handling callback */
160 void (*data)(struct gsm_dlci *dlci, u8 *data, int len);
161 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len);
162 struct net_device *net; /* network interface, if created */
165 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
170 * DLCI 0 is used to pass control blocks out of band of the data
171 * flow (and with a higher link priority). One command can be outstanding
172 * at a time and we use this structure to manage them. They are created
173 * and destroyed by the user context, and updated by the receive paths
178 u8 cmd; /* Command we are issuing */
179 u8 *data; /* Data for the command in case we retransmit */
180 int len; /* Length of block for retransmission */
181 int done; /* Done flag */
182 int error; /* Error if any */
186 * Each GSM mux we have is represented by this structure. If we are
187 * operating as an ldisc then we use this structure as our ldisc
188 * state. We need to sort out lifetimes and locking with respect
189 * to the gsm mux array. For now we don't free DLCI objects that
190 * have been instantiated until the mux itself is terminated.
192 * To consider further: tty open versus mux shutdown.
196 struct tty_struct *tty; /* The tty our ldisc is bound to */
202 /* Events on the GSM channel */
203 wait_queue_head_t event;
205 /* Bits for GSM mode decoding */
212 #define GSM_ADDRESS 2
213 #define GSM_CONTROL 3
217 #define GSM_OVERRUN 7
222 unsigned int address;
229 u8 *txframe; /* TX framing buffer */
231 /* Methods for the receiver side */
232 void (*receive)(struct gsm_mux *gsm, u8 ch);
233 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
234 /* And transmit side */
235 int (*output)(struct gsm_mux *mux, u8 *data, int len);
240 int initiator; /* Did we initiate connection */
241 int dead; /* Has the mux been shut down */
242 struct gsm_dlci *dlci[NUM_DLCI];
243 int constipated; /* Asked by remote to shut up */
246 unsigned int tx_bytes; /* TX data outstanding */
247 #define TX_THRESH_HI 8192
248 #define TX_THRESH_LO 2048
249 struct list_head tx_list; /* Pending data packets */
251 /* Control messages */
252 struct timer_list t2_timer; /* Retransmit timer for commands */
253 int cretries; /* Command retry counter */
254 struct gsm_control *pending_cmd;/* Our current pending command */
255 spinlock_t control_lock; /* Protects the pending command */
258 int adaption; /* 1 or 2 supported */
259 u8 ftype; /* UI or UIH */
260 int t1, t2; /* Timers in 1/100th of a sec */
261 int n2; /* Retry count */
263 /* Statistics (not currently exposed) */
264 unsigned long bad_fcs;
265 unsigned long malformed;
266 unsigned long io_error;
267 unsigned long bad_size;
268 unsigned long unsupported;
273 * Mux objects - needed so that we can translate a tty index into the
274 * relevant mux and DLCI.
277 #define MAX_MUX 4 /* 256 minors */
278 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
279 static spinlock_t gsm_mux_lock;
281 static struct tty_driver *gsm_tty_driver;
284 * This section of the driver logic implements the GSM encodings
285 * both the basic and the 'advanced'. Reliable transport is not
293 /* I is special: the rest are ..*/
304 /* Channel commands */
306 #define CMD_TEST 0x11
309 #define CMD_FCOFF 0x31
312 #define CMD_FCON 0x51
317 /* Virtual modem bits */
324 #define GSM0_SOF 0xF9
325 #define GSM1_SOF 0x7E
326 #define GSM1_ESCAPE 0x7D
327 #define GSM1_ESCAPE_BITS 0x20
330 #define ISO_IEC_646_MASK 0x7F
332 static const struct tty_port_operations gsm_port_ops;
335 * CRC table for GSM 0710
338 static const u8 gsm_fcs8[256] = {
339 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
340 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
341 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
342 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
343 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
344 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
345 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
346 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
347 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
348 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
349 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
350 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
351 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
352 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
353 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
354 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
355 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
356 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
357 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
358 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
359 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
360 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
361 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
362 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
363 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
364 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
365 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
366 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
367 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
368 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
369 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
370 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
373 #define INIT_FCS 0xFF
374 #define GOOD_FCS 0xCF
377 * gsm_fcs_add - update FCS
381 * Update the FCS to include c. Uses the algorithm in the specification
385 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
387 return gsm_fcs8[fcs ^ c];
391 * gsm_fcs_add_block - update FCS for a block
394 * @len: length of buffer
396 * Update the FCS to include c. Uses the algorithm in the specification
400 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
403 fcs = gsm_fcs8[fcs ^ *c++];
408 * gsm_read_ea - read a byte into an EA
409 * @val: variable holding value
410 * c: byte going into the EA
412 * Processes one byte of an EA. Updates the passed variable
413 * and returns 1 if the EA is now completely read
416 static int gsm_read_ea(unsigned int *val, u8 c)
418 /* Add the next 7 bits into the value */
421 /* Was this the last byte of the EA 1 = yes*/
426 * gsm_read_ea_val - read a value until EA
427 * @val: variable holding value
428 * @data: buffer of data
429 * @dlen: length of data
431 * Processes an EA value. Updates the passed variable and
432 * returns the processed data length.
434 static unsigned int gsm_read_ea_val(unsigned int *val, const u8 *data, int dlen)
436 unsigned int len = 0;
438 for (; dlen > 0; dlen--) {
440 if (gsm_read_ea(val, *data++))
447 * gsm_encode_modem - encode modem data bits
448 * @dlci: DLCI to encode from
450 * Returns the correct GSM encoded modem status bits (6 bit field) for
451 * the current status of the DLCI and attached tty object
454 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
457 /* FC is true flow control not modem bits */
460 if (dlci->modem_tx & TIOCM_DTR)
461 modembits |= MDM_RTC;
462 if (dlci->modem_tx & TIOCM_RTS)
463 modembits |= MDM_RTR;
464 if (dlci->modem_tx & TIOCM_RI)
466 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
472 * gsm_print_packet - display a frame for debug
473 * @hdr: header to print before decode
474 * @addr: address EA from the frame
475 * @cr: C/R bit from the frame
476 * @control: control including PF bit
477 * @data: following data bytes
478 * @dlen: length of data
480 * Displays a packet in human readable format for debugging purposes. The
481 * style is based on amateur radio LAP-B dump display.
484 static void gsm_print_packet(const char *hdr, int addr, int cr,
485 u8 control, const u8 *data, int dlen)
490 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
492 switch (control & ~PF) {
512 if (!(control & 0x01)) {
513 pr_cont("I N(S)%d N(R)%d",
514 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
515 } else switch (control & 0x0F) {
517 pr_cont("RR(%d)", (control & 0xE0) >> 5);
520 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
523 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
526 pr_cont("[%02X]", control);
542 pr_cont("%02X ", *data++);
551 * Link level transmission side
555 * gsm_stuff_packet - bytestuff a packet
558 * @len: length of input
560 * Expand a buffer by bytestuffing it. The worst case size change
561 * is doubling and the caller is responsible for handing out
562 * suitable sized buffers.
565 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
569 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
570 || (*input & ISO_IEC_646_MASK) == XON
571 || (*input & ISO_IEC_646_MASK) == XOFF) {
572 *output++ = GSM1_ESCAPE;
573 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
576 *output++ = *input++;
583 * gsm_send - send a control frame
585 * @addr: address for control frame
586 * @cr: command/response bit
587 * @control: control byte including PF bit
589 * Format up and transmit a control frame. These do not go via the
590 * queueing logic as they should be transmitted ahead of data when
593 * FIXME: Lock versus data TX path
596 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
602 switch (gsm->encoding) {
605 cbuf[1] = (addr << 2) | (cr << 1) | EA;
607 cbuf[3] = EA; /* Length of data = 0 */
608 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
614 /* Control frame + packing (but not frame stuffing) in mode 1 */
615 ibuf[0] = (addr << 2) | (cr << 1) | EA;
617 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
618 /* Stuffing may double the size worst case */
619 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
620 /* Now add the SOF markers */
622 cbuf[len + 1] = GSM1_SOF;
623 /* FIXME: we can omit the lead one in many cases */
630 gsm->output(gsm, cbuf, len);
631 gsm_print_packet("-->", addr, cr, control, NULL, 0);
635 * gsm_response - send a control response
637 * @addr: address for control frame
638 * @control: control byte including PF bit
640 * Format up and transmit a link level response frame.
643 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
645 gsm_send(gsm, addr, 0, control);
649 * gsm_command - send a control command
651 * @addr: address for control frame
652 * @control: control byte including PF bit
654 * Format up and transmit a link level command frame.
657 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
659 gsm_send(gsm, addr, 1, control);
662 /* Data transmission */
664 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
667 * gsm_data_alloc - allocate data frame
669 * @addr: DLCI address
670 * @len: length excluding header and FCS
671 * @ctrl: control byte
673 * Allocate a new data buffer for sending frames with data. Space is left
674 * at the front for header bytes but that is treated as an implementation
675 * detail and not for the high level code to use
678 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
681 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
685 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
689 INIT_LIST_HEAD(&m->list);
694 * gsm_is_flow_ctrl_msg - checks if flow control message
695 * @msg: message to check
697 * Returns true if the given message is a flow control command of the
698 * control channel. False is returned in any other case.
700 static bool gsm_is_flow_ctrl_msg(struct gsm_msg *msg)
707 switch (msg->ctrl & ~PF) {
711 if (gsm_read_ea_val(&cmd, msg->data + 2, msg->len - 2) < 1)
725 * gsm_data_kick - poke the queue
728 * The tty device has called us to indicate that room has appeared in
729 * the transmit queue. Ram more data into the pipe if we have any
730 * If we have been flow-stopped by a CMD_FCOFF, then we can only
731 * send messages on DLCI0 until CMD_FCON
733 * FIXME: lock against link layer control transmissions
736 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
738 struct gsm_msg *msg, *nmsg;
741 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
742 if (gsm->constipated && !gsm_is_flow_ctrl_msg(msg))
744 if (gsm->encoding != 0) {
745 gsm->txframe[0] = GSM1_SOF;
746 len = gsm_stuff_frame(msg->data,
747 gsm->txframe + 1, msg->len);
748 gsm->txframe[len + 1] = GSM1_SOF;
751 gsm->txframe[0] = GSM0_SOF;
752 memcpy(gsm->txframe + 1 , msg->data, msg->len);
753 gsm->txframe[msg->len + 1] = GSM0_SOF;
758 print_hex_dump_bytes("gsm_data_kick: ",
761 if (gsm->output(gsm, gsm->txframe, len) < 0)
763 /* FIXME: Can eliminate one SOF in many more cases */
764 gsm->tx_bytes -= msg->len;
766 list_del(&msg->list);
770 tty_port_tty_wakeup(&dlci->port);
774 for (i = 0; i < NUM_DLCI; i++)
776 tty_port_tty_wakeup(&gsm->dlci[i]->port);
782 * __gsm_data_queue - queue a UI or UIH frame
783 * @dlci: DLCI sending the data
784 * @msg: message queued
786 * Add data to the transmit queue and try and get stuff moving
787 * out of the mux tty if not already doing so. The Caller must hold
791 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
793 struct gsm_mux *gsm = dlci->gsm;
795 u8 *fcs = dp + msg->len;
797 /* Fill in the header */
798 if (gsm->encoding == 0) {
800 *--dp = (msg->len << 1) | EA;
802 *--dp = (msg->len >> 7); /* bits 7 - 15 */
803 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
809 *--dp = (msg->addr << 2) | 2 | EA;
811 *--dp = (msg->addr << 2) | EA;
812 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
813 /* Ugly protocol layering violation */
814 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
815 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
818 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
819 msg->data, msg->len);
821 /* Move the header back and adjust the length, also allow for the FCS
822 now tacked on the end */
823 msg->len += (msg->data - dp) + 1;
826 /* Add to the actual output queue */
827 list_add_tail(&msg->list, &gsm->tx_list);
828 gsm->tx_bytes += msg->len;
829 gsm_data_kick(gsm, dlci);
833 * gsm_data_queue - queue a UI or UIH frame
834 * @dlci: DLCI sending the data
835 * @msg: message queued
837 * Add data to the transmit queue and try and get stuff moving
838 * out of the mux tty if not already doing so. Take the
839 * the gsm tx lock and dlci lock.
842 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
845 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
846 __gsm_data_queue(dlci, msg);
847 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
851 * gsm_dlci_data_output - try and push data out of a DLCI
853 * @dlci: the DLCI to pull data from
855 * Pull data from a DLCI and send it into the transmit queue if there
856 * is data. Keep to the MRU of the mux. This path handles the usual tty
857 * interface which is a byte stream with optional modem data.
859 * Caller must hold the tx_lock of the mux.
862 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
866 int len, total_size, size;
867 int h = dlci->adaption - 1;
871 len = kfifo_len(dlci->fifo);
875 /* MTU/MRU count only the data bits */
881 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
882 /* FIXME: need a timer or something to kick this so it can't
883 get stuck with no work outstanding and no buffer free */
887 switch (dlci->adaption) {
888 case 1: /* Unstructured */
890 case 2: /* Unstructed with modem bits.
891 Always one byte as we never send inline break data */
892 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
895 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
896 __gsm_data_queue(dlci, msg);
899 /* Bytes of data we used up */
904 * gsm_dlci_data_output_framed - try and push data out of a DLCI
906 * @dlci: the DLCI to pull data from
908 * Pull data from a DLCI and send it into the transmit queue if there
909 * is data. Keep to the MRU of the mux. This path handles framed data
910 * queued as skbuffs to the DLCI.
912 * Caller must hold the tx_lock of the mux.
915 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
916 struct gsm_dlci *dlci)
921 int last = 0, first = 0;
924 /* One byte per frame is used for B/F flags */
925 if (dlci->adaption == 4)
928 /* dlci->skb is locked by tx_lock */
929 if (dlci->skb == NULL) {
930 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
931 if (dlci->skb == NULL)
935 len = dlci->skb->len + overhead;
937 /* MTU/MRU count only the data bits */
938 if (len > gsm->mtu) {
939 if (dlci->adaption == 3) {
940 /* Over long frame, bin it */
941 dev_kfree_skb_any(dlci->skb);
949 size = len + overhead;
950 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
952 /* FIXME: need a timer or something to kick this so it can't
953 get stuck with no work outstanding and no buffer free */
955 skb_queue_tail(&dlci->skb_list, dlci->skb);
961 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
962 /* Flag byte to carry the start/end info */
963 *dp++ = last << 7 | first << 6 | 1; /* EA */
966 memcpy(dp, dlci->skb->data, len);
967 skb_pull(dlci->skb, len);
968 __gsm_data_queue(dlci, msg);
970 dev_kfree_skb_any(dlci->skb);
977 * gsm_dlci_data_sweep - look for data to send
980 * Sweep the GSM mux channels in priority order looking for ones with
981 * data to send. We could do with optimising this scan a bit. We aim
982 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
983 * TX_THRESH_LO we get called again
985 * FIXME: We should round robin between groups and in theory you can
986 * renegotiate DLCI priorities with optional stuff. Needs optimising.
989 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
992 /* Priority ordering: We should do priority with RR of the groups */
995 while (i < NUM_DLCI) {
996 struct gsm_dlci *dlci;
998 if (gsm->tx_bytes > TX_THRESH_HI)
1000 dlci = gsm->dlci[i];
1001 if (dlci == NULL || dlci->constipated) {
1005 if (dlci->adaption < 3 && !dlci->net)
1006 len = gsm_dlci_data_output(gsm, dlci);
1008 len = gsm_dlci_data_output_framed(gsm, dlci);
1011 /* DLCI empty - try the next */
1018 * gsm_dlci_data_kick - transmit if possible
1019 * @dlci: DLCI to kick
1021 * Transmit data from this DLCI if the queue is empty. We can't rely on
1022 * a tty wakeup except when we filled the pipe so we need to fire off
1023 * new data ourselves in other cases.
1026 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
1028 unsigned long flags;
1031 if (dlci->constipated)
1034 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1035 /* If we have nothing running then we need to fire up */
1036 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
1037 if (dlci->gsm->tx_bytes == 0) {
1039 gsm_dlci_data_output_framed(dlci->gsm, dlci);
1041 gsm_dlci_data_output(dlci->gsm, dlci);
1044 gsm_dlci_data_sweep(dlci->gsm);
1045 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1049 * Control message processing
1054 * gsm_control_reply - send a response frame to a control
1056 * @cmd: the command to use
1057 * @data: data to follow encoded info
1058 * @dlen: length of data
1060 * Encode up and queue a UI/UIH frame containing our response.
1063 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data,
1066 struct gsm_msg *msg;
1067 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1070 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1071 msg->data[1] = (dlen << 1) | EA;
1072 memcpy(msg->data + 2, data, dlen);
1073 gsm_data_queue(gsm->dlci[0], msg);
1077 * gsm_process_modem - process received modem status
1078 * @tty: virtual tty bound to the DLCI
1079 * @dlci: DLCI to affect
1080 * @modem: modem bits (full EA)
1082 * Used when a modem control message or line state inline in adaption
1083 * layer 2 is processed. Sort out the local modem state and throttles
1086 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1087 u32 modem, int clen)
1093 /* The modem status command can either contain one octet (v.24 signals)
1094 or two octets (v.24 signals + break signals). The length field will
1095 either be 2 or 3 respectively. This is specified in section
1096 5.4.6.3.7 of the 27.010 mux spec. */
1099 modem = modem & 0x7f;
1102 modem = (modem >> 7) & 0x7f;
1105 /* Flow control/ready to communicate */
1106 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1107 if (fc && !dlci->constipated) {
1108 /* Need to throttle our output on this device */
1109 dlci->constipated = 1;
1110 } else if (!fc && dlci->constipated) {
1111 dlci->constipated = 0;
1112 gsm_dlci_data_kick(dlci);
1115 /* Map modem bits */
1116 if (modem & MDM_RTC)
1117 mlines |= TIOCM_DSR | TIOCM_DTR;
1118 if (modem & MDM_RTR)
1119 mlines |= TIOCM_RTS | TIOCM_CTS;
1125 /* Carrier drop -> hangup */
1127 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1132 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1133 dlci->modem_rx = mlines;
1137 * gsm_control_modem - modem status received
1139 * @data: data following command
1140 * @clen: command length
1142 * We have received a modem status control message. This is used by
1143 * the GSM mux protocol to pass virtual modem line status and optionally
1144 * to indicate break signals. Unpack it, convert to Linux representation
1145 * and if need be stuff a break message down the tty.
1148 static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen)
1150 unsigned int addr = 0;
1151 unsigned int modem = 0;
1152 unsigned int brk = 0;
1153 struct gsm_dlci *dlci;
1156 struct tty_struct *tty;
1158 while (gsm_read_ea(&addr, *dp++) == 0) {
1163 /* Must be at least one byte following the EA */
1169 /* Closed port, or invalid ? */
1170 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1172 dlci = gsm->dlci[addr];
1174 while (gsm_read_ea(&modem, *dp++) == 0) {
1181 while (gsm_read_ea(&brk, *dp++) == 0) {
1187 modem |= (brk & 0x7f);
1189 tty = tty_port_tty_get(&dlci->port);
1190 gsm_process_modem(tty, dlci, modem, clen);
1195 gsm_control_reply(gsm, CMD_MSC, data, clen);
1199 * gsm_control_rls - remote line status
1202 * @clen: data length
1204 * The modem sends us a two byte message on the control channel whenever
1205 * it wishes to send us an error state from the virtual link. Stuff
1206 * this into the uplink tty if present
1209 static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen)
1211 struct tty_port *port;
1212 unsigned int addr = 0;
1217 while (gsm_read_ea(&addr, *dp++) == 0) {
1222 /* Must be at least one byte following ea */
1227 /* Closed port, or invalid ? */
1228 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1232 if ((bits & 1) == 0)
1235 port = &gsm->dlci[addr]->port;
1238 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1240 tty_insert_flip_char(port, 0, TTY_PARITY);
1242 tty_insert_flip_char(port, 0, TTY_FRAME);
1244 tty_flip_buffer_push(port);
1246 gsm_control_reply(gsm, CMD_RLS, data, clen);
1249 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1252 * gsm_control_message - DLCI 0 control processing
1254 * @command: the command EA
1255 * @data: data beyond the command/length EAs
1258 * Input processor for control messages from the other end of the link.
1259 * Processes the incoming request and queues a response frame or an
1260 * NSC response if not supported
1263 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1267 unsigned long flags;
1271 struct gsm_dlci *dlci = gsm->dlci[0];
1272 /* Modem wishes to close down */
1276 gsm_dlci_begin_close(dlci);
1281 /* Modem wishes to test, reply with the data */
1282 gsm_control_reply(gsm, CMD_TEST, data, clen);
1285 /* Modem can accept data again */
1286 gsm->constipated = 0;
1287 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1288 /* Kick the link in case it is idling */
1289 spin_lock_irqsave(&gsm->tx_lock, flags);
1290 gsm_data_kick(gsm, NULL);
1291 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1294 /* Modem wants us to STFU */
1295 gsm->constipated = 1;
1296 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1299 /* Out of band modem line change indicator for a DLCI */
1300 gsm_control_modem(gsm, data, clen);
1303 /* Out of band error reception for a DLCI */
1304 gsm_control_rls(gsm, data, clen);
1307 /* Modem wishes to enter power saving state */
1308 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1310 /* Optional unsupported commands */
1311 case CMD_PN: /* Parameter negotiation */
1312 case CMD_RPN: /* Remote port negotiation */
1313 case CMD_SNC: /* Service negotiation command */
1315 /* Reply to bad commands with an NSC */
1317 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1323 * gsm_control_response - process a response to our control
1325 * @command: the command (response) EA
1326 * @data: data beyond the command/length EA
1329 * Process a response to an outstanding command. We only allow a single
1330 * control message in flight so this is fairly easy. All the clean up
1331 * is done by the caller, we just update the fields, flag it as done
1335 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1338 struct gsm_control *ctrl;
1339 unsigned long flags;
1341 spin_lock_irqsave(&gsm->control_lock, flags);
1343 ctrl = gsm->pending_cmd;
1344 /* Does the reply match our command */
1346 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1347 /* Our command was replied to, kill the retry timer */
1348 del_timer(&gsm->t2_timer);
1349 gsm->pending_cmd = NULL;
1350 /* Rejected by the other end */
1351 if (command == CMD_NSC)
1352 ctrl->error = -EOPNOTSUPP;
1354 wake_up(&gsm->event);
1356 spin_unlock_irqrestore(&gsm->control_lock, flags);
1360 * gsm_control_transmit - send control packet
1362 * @ctrl: frame to send
1364 * Send out a pending control command (called under control lock)
1367 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1369 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype);
1372 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */
1373 msg->data[1] = (ctrl->len << 1) | EA;
1374 memcpy(msg->data + 2, ctrl->data, ctrl->len);
1375 gsm_data_queue(gsm->dlci[0], msg);
1379 * gsm_control_retransmit - retransmit a control frame
1380 * @data: pointer to our gsm object
1382 * Called off the T2 timer expiry in order to retransmit control frames
1383 * that have been lost in the system somewhere. The control_lock protects
1384 * us from colliding with another sender or a receive completion event.
1385 * In that situation the timer may still occur in a small window but
1386 * gsm->pending_cmd will be NULL and we just let the timer expire.
1389 static void gsm_control_retransmit(unsigned long data)
1391 struct gsm_mux *gsm = (struct gsm_mux *)data;
1392 struct gsm_control *ctrl;
1393 unsigned long flags;
1394 spin_lock_irqsave(&gsm->control_lock, flags);
1395 ctrl = gsm->pending_cmd;
1397 if (gsm->cretries == 0 || !gsm->dlci[0] || gsm->dlci[0]->dead) {
1398 gsm->pending_cmd = NULL;
1399 ctrl->error = -ETIMEDOUT;
1401 spin_unlock_irqrestore(&gsm->control_lock, flags);
1402 wake_up(&gsm->event);
1406 gsm_control_transmit(gsm, ctrl);
1407 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1409 spin_unlock_irqrestore(&gsm->control_lock, flags);
1413 * gsm_control_send - send a control frame on DLCI 0
1414 * @gsm: the GSM channel
1415 * @command: command to send including CR bit
1416 * @data: bytes of data (must be kmalloced)
1417 * @len: length of the block to send
1419 * Queue and dispatch a control command. Only one command can be
1420 * active at a time. In theory more can be outstanding but the matching
1421 * gets really complicated so for now stick to one outstanding.
1424 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1425 unsigned int command, u8 *data, int clen)
1427 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1429 unsigned long flags;
1433 wait_event(gsm->event, gsm->pending_cmd == NULL);
1434 spin_lock_irqsave(&gsm->control_lock, flags);
1435 if (gsm->pending_cmd != NULL) {
1436 spin_unlock_irqrestore(&gsm->control_lock, flags);
1439 ctrl->cmd = command;
1442 gsm->pending_cmd = ctrl;
1444 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1445 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1448 gsm->cretries = gsm->n2;
1450 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1451 gsm_control_transmit(gsm, ctrl);
1452 spin_unlock_irqrestore(&gsm->control_lock, flags);
1457 * gsm_control_wait - wait for a control to finish
1459 * @control: control we are waiting on
1461 * Waits for the control to complete or time out. Frees any used
1462 * resources and returns 0 for success, or an error if the remote
1463 * rejected or ignored the request.
1466 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1469 wait_event(gsm->event, control->done == 1);
1470 err = control->error;
1477 * DLCI level handling: Needs krefs
1481 * State transitions and timers
1485 * gsm_dlci_close - a DLCI has closed
1486 * @dlci: DLCI that closed
1488 * Perform processing when moving a DLCI into closed state. If there
1489 * is an attached tty this is hung up
1492 static void gsm_dlci_close(struct gsm_dlci *dlci)
1494 del_timer(&dlci->t1);
1496 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1497 dlci->state = DLCI_CLOSED;
1498 if (dlci->addr != 0) {
1499 tty_port_tty_hangup(&dlci->port, false);
1500 kfifo_reset(dlci->fifo);
1502 dlci->gsm->dead = 1;
1503 wake_up(&dlci->gsm->event);
1504 /* A DLCI 0 close is a MUX termination so we need to kick that
1505 back to userspace somehow */
1509 * gsm_dlci_open - a DLCI has opened
1510 * @dlci: DLCI that opened
1512 * Perform processing when moving a DLCI into open state.
1515 static void gsm_dlci_open(struct gsm_dlci *dlci)
1517 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1519 del_timer(&dlci->t1);
1520 /* This will let a tty open continue */
1521 dlci->state = DLCI_OPEN;
1523 pr_debug("DLCI %d goes open.\n", dlci->addr);
1524 wake_up(&dlci->gsm->event);
1528 * gsm_dlci_t1 - T1 timer expiry
1529 * @dlci: DLCI that opened
1531 * The T1 timer handles retransmits of control frames (essentially of
1532 * SABM and DISC). We resend the command until the retry count runs out
1533 * in which case an opening port goes back to closed and a closing port
1534 * is simply put into closed state (any further frames from the other
1535 * end will get a DM response)
1537 * Some control dlci can stay in ADM mode with other dlci working just
1538 * fine. In that case we can just keep the control dlci open after the
1539 * DLCI_OPENING retries time out.
1542 static void gsm_dlci_t1(unsigned long data)
1544 struct gsm_dlci *dlci = (struct gsm_dlci *)data;
1545 struct gsm_mux *gsm = dlci->gsm;
1547 switch (dlci->state) {
1549 if (dlci->retries) {
1551 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1552 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1553 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1555 pr_info("DLCI %d opening in ADM mode.\n",
1557 dlci->mode = DLCI_MODE_ADM;
1558 gsm_dlci_open(dlci);
1560 gsm_dlci_begin_close(dlci); /* prevent half open link */
1565 if (dlci->retries) {
1567 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1568 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1570 gsm_dlci_close(dlci);
1576 * gsm_dlci_begin_open - start channel open procedure
1577 * @dlci: DLCI to open
1579 * Commence opening a DLCI from the Linux side. We issue SABM messages
1580 * to the modem which should then reply with a UA or ADM, at which point
1581 * we will move into open state. Opening is done asynchronously with retry
1582 * running off timers and the responses.
1585 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1587 struct gsm_mux *gsm = dlci->gsm;
1588 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1590 dlci->retries = gsm->n2;
1591 dlci->state = DLCI_OPENING;
1592 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1593 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1597 * gsm_dlci_begin_close - start channel open procedure
1598 * @dlci: DLCI to open
1600 * Commence closing a DLCI from the Linux side. We issue DISC messages
1601 * to the modem which should then reply with a UA, at which point we
1602 * will move into closed state. Closing is done asynchronously with retry
1603 * off timers. We may also receive a DM reply from the other end which
1604 * indicates the channel was already closed.
1607 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1609 struct gsm_mux *gsm = dlci->gsm;
1610 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1612 dlci->retries = gsm->n2;
1613 dlci->state = DLCI_CLOSING;
1614 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1615 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1619 * gsm_dlci_data - data arrived
1621 * @data: block of bytes received
1622 * @len: length of received block
1624 * A UI or UIH frame has arrived which contains data for a channel
1625 * other than the control channel. If the relevant virtual tty is
1626 * open we shovel the bits down it, if not we drop them.
1629 static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen)
1632 struct tty_port *port = &dlci->port;
1633 struct tty_struct *tty;
1634 unsigned int modem = 0;
1638 pr_debug("%d bytes for tty\n", len);
1639 switch (dlci->adaption) {
1640 /* Unsupported types */
1641 /* Packetised interruptible data */
1644 /* Packetised uininterruptible voice/data */
1647 /* Asynchronous serial with line state in each frame */
1649 while (gsm_read_ea(&modem, *data++) == 0) {
1654 tty = tty_port_tty_get(port);
1656 gsm_process_modem(tty, dlci, modem, clen);
1659 /* Line state will go via DLCI 0 controls only */
1662 tty_insert_flip_string(port, data, len);
1663 tty_flip_buffer_push(port);
1668 * gsm_dlci_control - data arrived on control channel
1670 * @data: block of bytes received
1671 * @len: length of received block
1673 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1674 * control channel. This should contain a command EA followed by
1675 * control data bytes. The command EA contains a command/response bit
1676 * and we divide up the work accordingly.
1679 static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len)
1681 /* See what command is involved */
1682 unsigned int command = 0;
1684 if (gsm_read_ea(&command, *data++) == 1) {
1687 /* FIXME: this is properly an EA */
1689 /* Malformed command ? */
1693 gsm_control_message(dlci->gsm, command,
1696 gsm_control_response(dlci->gsm, command,
1704 * Allocate/Free DLCI channels
1708 * gsm_dlci_alloc - allocate a DLCI
1710 * @addr: address of the DLCI
1712 * Allocate and install a new DLCI object into the GSM mux.
1714 * FIXME: review locking races
1717 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1719 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1722 spin_lock_init(&dlci->lock);
1723 mutex_init(&dlci->mutex);
1724 dlci->fifo = &dlci->_fifo;
1725 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1730 skb_queue_head_init(&dlci->skb_list);
1731 init_timer(&dlci->t1);
1732 dlci->t1.function = gsm_dlci_t1;
1733 dlci->t1.data = (unsigned long)dlci;
1734 tty_port_init(&dlci->port);
1735 dlci->port.ops = &gsm_port_ops;
1738 dlci->adaption = gsm->adaption;
1739 dlci->state = DLCI_CLOSED;
1741 dlci->data = gsm_dlci_data;
1743 dlci->data = gsm_dlci_command;
1744 gsm->dlci[addr] = dlci;
1749 * gsm_dlci_free - free DLCI
1750 * @dlci: DLCI to free
1756 static void gsm_dlci_free(struct tty_port *port)
1758 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1760 del_timer_sync(&dlci->t1);
1761 dlci->gsm->dlci[dlci->addr] = NULL;
1762 kfifo_free(dlci->fifo);
1763 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1764 dev_kfree_skb(dlci->skb);
1768 static inline void dlci_get(struct gsm_dlci *dlci)
1770 tty_port_get(&dlci->port);
1773 static inline void dlci_put(struct gsm_dlci *dlci)
1775 tty_port_put(&dlci->port);
1778 static void gsm_destroy_network(struct gsm_dlci *dlci);
1781 * gsm_dlci_release - release DLCI
1782 * @dlci: DLCI to destroy
1784 * Release a DLCI. Actual free is deferred until either
1785 * mux is closed or tty is closed - whichever is last.
1789 static void gsm_dlci_release(struct gsm_dlci *dlci)
1791 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1793 mutex_lock(&dlci->mutex);
1794 gsm_destroy_network(dlci);
1795 mutex_unlock(&dlci->mutex);
1799 tty_port_tty_set(&dlci->port, NULL);
1802 dlci->state = DLCI_CLOSED;
1807 * LAPBish link layer logic
1811 * gsm_queue - a GSM frame is ready to process
1812 * @gsm: pointer to our gsm mux
1814 * At this point in time a frame has arrived and been demangled from
1815 * the line encoding. All the differences between the encodings have
1816 * been handled below us and the frame is unpacked into the structures.
1817 * The fcs holds the header FCS but any data FCS must be added here.
1820 static void gsm_queue(struct gsm_mux *gsm)
1822 struct gsm_dlci *dlci;
1825 /* We have to sneak a look at the packet body to do the FCS.
1826 A somewhat layering violation in the spec */
1828 if ((gsm->control & ~PF) == UI)
1829 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1830 if (gsm->encoding == 0) {
1831 /* WARNING: gsm->received_fcs is used for
1832 gsm->encoding = 0 only.
1833 In this case it contain the last piece of data
1834 required to generate final CRC */
1835 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1837 if (gsm->fcs != GOOD_FCS) {
1840 pr_debug("BAD FCS %02x\n", gsm->fcs);
1843 address = gsm->address >> 1;
1844 if (address >= NUM_DLCI)
1847 cr = gsm->address & 1; /* C/R bit */
1849 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1851 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1852 dlci = gsm->dlci[address];
1854 switch (gsm->control) {
1859 dlci = gsm_dlci_alloc(gsm, address);
1863 gsm_response(gsm, address, DM);
1865 gsm_response(gsm, address, UA);
1866 gsm_dlci_open(dlci);
1872 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1873 gsm_response(gsm, address, DM);
1876 /* Real close complete */
1877 gsm_response(gsm, address, UA);
1878 gsm_dlci_close(dlci);
1881 if (cr == 0 || dlci == NULL)
1883 switch (dlci->state) {
1885 gsm_dlci_close(dlci);
1888 gsm_dlci_open(dlci);
1892 case DM: /* DM can be valid unsolicited */
1898 gsm_dlci_close(dlci);
1908 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1909 gsm_response(gsm, address, DM|PF);
1912 dlci->data(dlci, gsm->buf, gsm->len);
1925 * gsm0_receive - perform processing for non-transparency
1926 * @gsm: gsm data for this ldisc instance
1929 * Receive bytes in gsm mode 0
1932 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1936 switch (gsm->state) {
1937 case GSM_SEARCH: /* SOF marker */
1938 if (c == GSM0_SOF) {
1939 gsm->state = GSM_ADDRESS;
1942 gsm->fcs = INIT_FCS;
1945 case GSM_ADDRESS: /* Address EA */
1946 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1947 if (gsm_read_ea(&gsm->address, c))
1948 gsm->state = GSM_CONTROL;
1950 case GSM_CONTROL: /* Control Byte */
1951 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1953 gsm->state = GSM_LEN0;
1955 case GSM_LEN0: /* Length EA */
1956 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1957 if (gsm_read_ea(&gsm->len, c)) {
1958 if (gsm->len > gsm->mru) {
1960 gsm->state = GSM_SEARCH;
1965 gsm->state = GSM_FCS;
1967 gsm->state = GSM_DATA;
1970 gsm->state = GSM_LEN1;
1973 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1975 gsm->len |= len << 7;
1976 if (gsm->len > gsm->mru) {
1978 gsm->state = GSM_SEARCH;
1983 gsm->state = GSM_FCS;
1985 gsm->state = GSM_DATA;
1987 case GSM_DATA: /* Data */
1988 gsm->buf[gsm->count++] = c;
1989 if (gsm->count == gsm->len)
1990 gsm->state = GSM_FCS;
1992 case GSM_FCS: /* FCS follows the packet */
1993 gsm->received_fcs = c;
1995 gsm->state = GSM_SSOF;
1998 if (c == GSM0_SOF) {
1999 gsm->state = GSM_SEARCH;
2007 * gsm1_receive - perform processing for non-transparency
2008 * @gsm: gsm data for this ldisc instance
2011 * Receive bytes in mode 1 (Advanced option)
2014 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2016 if (c == GSM1_SOF) {
2017 /* EOF is only valid in frame if we have got to the data state
2018 and received at least one byte (the FCS) */
2019 if (gsm->state == GSM_DATA && gsm->count) {
2020 /* Extract the FCS */
2022 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2023 gsm->len = gsm->count;
2025 gsm->state = GSM_START;
2028 /* Any partial frame was a runt so go back to start */
2029 if (gsm->state != GSM_START) {
2030 if (gsm->state != GSM_SEARCH)
2032 gsm->state = GSM_START;
2034 /* A SOF in GSM_START means we are still reading idling or
2039 if (c == GSM1_ESCAPE) {
2044 /* Only an unescaped SOF gets us out of GSM search */
2045 if (gsm->state == GSM_SEARCH)
2049 c ^= GSM1_ESCAPE_BITS;
2052 switch (gsm->state) {
2053 case GSM_START: /* First byte after SOF */
2055 gsm->state = GSM_ADDRESS;
2056 gsm->fcs = INIT_FCS;
2058 case GSM_ADDRESS: /* Address continuation */
2059 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2060 if (gsm_read_ea(&gsm->address, c))
2061 gsm->state = GSM_CONTROL;
2063 case GSM_CONTROL: /* Control Byte */
2064 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2067 gsm->state = GSM_DATA;
2069 case GSM_DATA: /* Data */
2070 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2071 gsm->state = GSM_OVERRUN;
2074 gsm->buf[gsm->count++] = c;
2076 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2082 * gsm_error - handle tty error
2084 * @data: byte received (may be invalid)
2085 * @flag: error received
2087 * Handle an error in the receipt of data for a frame. Currently we just
2088 * go back to hunting for a SOF.
2090 * FIXME: better diagnostics ?
2093 static void gsm_error(struct gsm_mux *gsm,
2094 unsigned char data, unsigned char flag)
2096 gsm->state = GSM_SEARCH;
2100 static int gsm_disconnect(struct gsm_mux *gsm)
2102 struct gsm_dlci *dlci = gsm->dlci[0];
2103 struct gsm_control *gc;
2108 /* In theory disconnecting DLCI 0 is sufficient but for some
2109 modems this is apparently not the case. */
2110 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2112 gsm_control_wait(gsm, gc);
2114 del_timer_sync(&gsm->t2_timer);
2115 /* Now we are sure T2 has stopped */
2117 gsm_dlci_begin_close(dlci);
2118 wait_event_interruptible(gsm->event,
2119 dlci->state == DLCI_CLOSED);
2121 if (signal_pending(current))
2128 * gsm_cleanup_mux - generic GSM protocol cleanup
2131 * Clean up the bits of the mux which are the same for all framing
2132 * protocols. Remove the mux from the mux table, stop all the timers
2133 * and then shut down each device hanging up the channels as we go.
2136 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2139 struct gsm_dlci *dlci = gsm->dlci[0];
2140 struct gsm_msg *txq, *ntxq;
2144 spin_lock(&gsm_mux_lock);
2145 for (i = 0; i < MAX_MUX; i++) {
2146 if (gsm_mux[i] == gsm) {
2151 spin_unlock(&gsm_mux_lock);
2152 /* open failed before registering => nothing to do */
2156 del_timer_sync(&gsm->t2_timer);
2157 /* Now we are sure T2 has stopped */
2161 /* Free up any link layer users */
2162 mutex_lock(&gsm->mutex);
2163 for (i = 0; i < NUM_DLCI; i++)
2165 gsm_dlci_release(gsm->dlci[i]);
2166 mutex_unlock(&gsm->mutex);
2167 /* Now wipe the queues */
2168 tty_ldisc_flush(gsm->tty);
2169 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2171 INIT_LIST_HEAD(&gsm->tx_list);
2175 * gsm_activate_mux - generic GSM setup
2178 * Set up the bits of the mux which are the same for all framing
2179 * protocols. Add the mux to the mux table so it can be opened and
2180 * finally kick off connecting to DLCI 0 on the modem.
2183 static int gsm_activate_mux(struct gsm_mux *gsm)
2185 struct gsm_dlci *dlci;
2188 setup_timer(&gsm->t2_timer, gsm_control_retransmit, (unsigned long)gsm);
2189 init_waitqueue_head(&gsm->event);
2190 spin_lock_init(&gsm->control_lock);
2191 spin_lock_init(&gsm->tx_lock);
2193 if (gsm->encoding == 0)
2194 gsm->receive = gsm0_receive;
2196 gsm->receive = gsm1_receive;
2197 gsm->error = gsm_error;
2199 spin_lock(&gsm_mux_lock);
2200 for (i = 0; i < MAX_MUX; i++) {
2201 if (gsm_mux[i] == NULL) {
2207 spin_unlock(&gsm_mux_lock);
2211 dlci = gsm_dlci_alloc(gsm, 0);
2214 gsm->dead = 0; /* Tty opens are now permissible */
2219 * gsm_free_mux - free up a mux
2222 * Dispose of allocated resources for a dead mux
2224 static void gsm_free_mux(struct gsm_mux *gsm)
2226 kfree(gsm->txframe);
2232 * gsm_free_muxr - free up a mux
2235 * Dispose of allocated resources for a dead mux
2237 static void gsm_free_muxr(struct kref *ref)
2239 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2243 static inline void mux_get(struct gsm_mux *gsm)
2245 kref_get(&gsm->ref);
2248 static inline void mux_put(struct gsm_mux *gsm)
2250 kref_put(&gsm->ref, gsm_free_muxr);
2254 * gsm_alloc_mux - allocate a mux
2256 * Creates a new mux ready for activation.
2259 static struct gsm_mux *gsm_alloc_mux(void)
2261 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2264 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2265 if (gsm->buf == NULL) {
2269 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
2270 if (gsm->txframe == NULL) {
2275 spin_lock_init(&gsm->lock);
2276 mutex_init(&gsm->mutex);
2277 kref_init(&gsm->ref);
2278 INIT_LIST_HEAD(&gsm->tx_list);
2286 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2288 gsm->dead = 1; /* Avoid early tty opens */
2294 * gsmld_output - write to link
2296 * @data: bytes to output
2299 * Write a block of data from the GSM mux to the data channel. This
2300 * will eventually be serialized from above but at the moment isn't.
2303 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2305 if (tty_write_room(gsm->tty) < len) {
2306 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2310 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2312 gsm->tty->ops->write(gsm->tty, data, len);
2317 * gsmld_attach_gsm - mode set up
2318 * @tty: our tty structure
2321 * Set up the MUX for basic mode and commence connecting to the
2322 * modem. Currently called from the line discipline set up but
2323 * will need moving to an ioctl path.
2326 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2330 gsm->tty = tty_kref_get(tty);
2331 gsm->output = gsmld_output;
2332 ret = gsm_activate_mux(gsm);
2334 tty_kref_put(gsm->tty);
2336 /* Don't register device 0 - this is the control channel and not
2337 a usable tty interface */
2338 base = gsm->num << 6; /* Base for this MUX */
2339 for (i = 1; i < NUM_DLCI; i++)
2340 tty_register_device(gsm_tty_driver, base + i, NULL);
2347 * gsmld_detach_gsm - stop doing 0710 mux
2348 * @tty: tty attached to the mux
2351 * Shutdown and then clean up the resources used by the line discipline
2354 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2357 int base = gsm->num << 6; /* Base for this MUX */
2359 WARN_ON(tty != gsm->tty);
2360 for (i = 1; i < NUM_DLCI; i++)
2361 tty_unregister_device(gsm_tty_driver, base + i);
2362 gsm_cleanup_mux(gsm);
2363 tty_kref_put(gsm->tty);
2367 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2368 char *fp, int count)
2370 struct gsm_mux *gsm = tty->disc_data;
2371 const unsigned char *dp;
2374 char flags = TTY_NORMAL;
2377 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2380 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2385 gsm->receive(gsm, *dp);
2391 gsm->error(gsm, *dp, flags);
2394 WARN_ONCE(1, "%s: unknown flag %d\n",
2395 tty_name(tty), flags);
2399 /* FASYNC if needed ? */
2400 /* If clogged call tty_throttle(tty); */
2404 * gsmld_flush_buffer - clean input queue
2405 * @tty: terminal device
2407 * Flush the input buffer. Called when the line discipline is
2408 * being closed, when the tty layer wants the buffer flushed (eg
2412 static void gsmld_flush_buffer(struct tty_struct *tty)
2417 * gsmld_close - close the ldisc for this tty
2420 * Called from the terminal layer when this line discipline is
2421 * being shut down, either because of a close or becsuse of a
2422 * discipline change. The function will not be called while other
2423 * ldisc methods are in progress.
2426 static void gsmld_close(struct tty_struct *tty)
2428 struct gsm_mux *gsm = tty->disc_data;
2430 gsmld_detach_gsm(tty, gsm);
2432 gsmld_flush_buffer(tty);
2433 /* Do other clean up here */
2438 * gsmld_open - open an ldisc
2439 * @tty: terminal to open
2441 * Called when this line discipline is being attached to the
2442 * terminal device. Can sleep. Called serialized so that no
2443 * other events will occur in parallel. No further open will occur
2447 static int gsmld_open(struct tty_struct *tty)
2449 struct gsm_mux *gsm;
2452 if (tty->ops->write == NULL)
2455 /* Attach our ldisc data */
2456 gsm = gsm_alloc_mux();
2460 tty->disc_data = gsm;
2461 tty->receive_room = 65536;
2463 /* Attach the initial passive connection */
2466 ret = gsmld_attach_gsm(tty, gsm);
2468 gsm_cleanup_mux(gsm);
2475 * gsmld_write_wakeup - asynchronous I/O notifier
2478 * Required for the ptys, serial driver etc. since processes
2479 * that attach themselves to the master and rely on ASYNC
2480 * IO must be woken up
2483 static void gsmld_write_wakeup(struct tty_struct *tty)
2485 struct gsm_mux *gsm = tty->disc_data;
2486 unsigned long flags;
2489 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2490 spin_lock_irqsave(&gsm->tx_lock, flags);
2491 gsm_data_kick(gsm, NULL);
2492 if (gsm->tx_bytes < TX_THRESH_LO) {
2493 gsm_dlci_data_sweep(gsm);
2495 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2499 * gsmld_read - read function for tty
2501 * @file: file object
2502 * @buf: userspace buffer pointer
2505 * Perform reads for the line discipline. We are guaranteed that the
2506 * line discipline will not be closed under us but we may get multiple
2507 * parallel readers and must handle this ourselves. We may also get
2508 * a hangup. Always called in user context, may sleep.
2510 * This code must be sure never to sleep through a hangup.
2513 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2514 unsigned char __user *buf, size_t nr)
2520 * gsmld_write - write function for tty
2522 * @file: file object
2523 * @buf: userspace buffer pointer
2526 * Called when the owner of the device wants to send a frame
2527 * itself (or some other control data). The data is transferred
2528 * as-is and must be properly framed and checksummed as appropriate
2529 * by userspace. Frames are either sent whole or not at all as this
2530 * avoids pain user side.
2533 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2534 const unsigned char *buf, size_t nr)
2536 struct gsm_mux *gsm = tty->disc_data;
2537 unsigned long flags;
2545 spin_lock_irqsave(&gsm->tx_lock, flags);
2546 space = tty_write_room(tty);
2548 ret = tty->ops->write(tty, buf, nr);
2550 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2551 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2557 * gsmld_poll - poll method for N_GSM0710
2558 * @tty: terminal device
2559 * @file: file accessing it
2562 * Called when the line discipline is asked to poll() for data or
2563 * for special events. This code is not serialized with respect to
2564 * other events save open/close.
2566 * This code must be sure never to sleep through a hangup.
2567 * Called without the kernel lock held - fine
2570 static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file,
2573 unsigned int mask = 0;
2574 struct gsm_mux *gsm = tty->disc_data;
2576 poll_wait(file, &tty->read_wait, wait);
2577 poll_wait(file, &tty->write_wait, wait);
2578 if (tty_hung_up_p(file))
2580 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2581 mask |= POLLOUT | POLLWRNORM;
2587 static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm,
2588 struct gsm_config *c)
2591 int need_restart = 0;
2593 /* Stuff we don't support yet - UI or I frame transport, windowing */
2594 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2596 /* Check the MRU/MTU range looks sane */
2597 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2601 if (c->encapsulation > 1) /* Basic, advanced, no I */
2603 if (c->initiator > 1)
2605 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2608 * See what is needed for reconfiguration
2612 if (c->t1 != 0 && c->t1 != gsm->t1)
2614 if (c->t2 != 0 && c->t2 != gsm->t2)
2616 if (c->encapsulation != gsm->encoding)
2618 if (c->adaption != gsm->adaption)
2621 if (c->initiator != gsm->initiator)
2623 if (c->mru != gsm->mru)
2625 if (c->mtu != gsm->mtu)
2629 * Close down what is needed, restart and initiate the new
2633 if (need_close || need_restart) {
2636 ret = gsm_disconnect(gsm);
2642 gsm_cleanup_mux(gsm);
2644 gsm->initiator = c->initiator;
2647 gsm->encoding = c->encapsulation;
2648 gsm->adaption = c->adaption;
2661 /* FIXME: We need to separate activation/deactivation from adding
2662 and removing from the mux array */
2664 gsm_activate_mux(gsm);
2665 if (gsm->initiator && need_close)
2666 gsm_dlci_begin_open(gsm->dlci[0]);
2670 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2671 unsigned int cmd, unsigned long arg)
2673 struct gsm_config c;
2674 struct gsm_mux *gsm = tty->disc_data;
2677 case GSMIOC_GETCONF:
2678 memset(&c, 0, sizeof(c));
2679 c.adaption = gsm->adaption;
2680 c.encapsulation = gsm->encoding;
2681 c.initiator = gsm->initiator;
2684 c.t3 = 0; /* Not supported */
2686 if (gsm->ftype == UIH)
2690 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i);
2694 if (copy_to_user((void *)arg, &c, sizeof(c)))
2697 case GSMIOC_SETCONF:
2698 if (copy_from_user(&c, (void *)arg, sizeof(c)))
2700 return gsmld_config(tty, gsm, &c);
2702 return n_tty_ioctl_helper(tty, file, cmd, arg);
2706 #ifdef CONFIG_COMPAT
2707 static long gsmld_compat_ioctl(struct tty_struct *tty, struct file *file,
2708 unsigned int cmd, unsigned long arg)
2710 return gsmld_ioctl(tty, file, cmd, arg);
2719 static int gsm_mux_net_open(struct net_device *net)
2721 pr_debug("%s called\n", __func__);
2722 netif_start_queue(net);
2726 static int gsm_mux_net_close(struct net_device *net)
2728 netif_stop_queue(net);
2732 static void dlci_net_free(struct gsm_dlci *dlci)
2738 dlci->adaption = dlci->prev_adaption;
2739 dlci->data = dlci->prev_data;
2740 free_netdev(dlci->net);
2743 static void net_free(struct kref *ref)
2745 struct gsm_mux_net *mux_net;
2746 struct gsm_dlci *dlci;
2748 mux_net = container_of(ref, struct gsm_mux_net, ref);
2749 dlci = mux_net->dlci;
2752 unregister_netdev(dlci->net);
2753 dlci_net_free(dlci);
2757 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2759 kref_get(&mux_net->ref);
2762 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2764 kref_put(&mux_net->ref, net_free);
2767 static int gsm_mux_net_start_xmit(struct sk_buff *skb,
2768 struct net_device *net)
2770 struct gsm_mux_net *mux_net = netdev_priv(net);
2771 struct gsm_dlci *dlci = mux_net->dlci;
2772 muxnet_get(mux_net);
2774 skb_queue_head(&dlci->skb_list, skb);
2775 net->stats.tx_packets++;
2776 net->stats.tx_bytes += skb->len;
2777 gsm_dlci_data_kick(dlci);
2778 /* And tell the kernel when the last transmit started. */
2779 netif_trans_update(net);
2780 muxnet_put(mux_net);
2781 return NETDEV_TX_OK;
2784 /* called when a packet did not ack after watchdogtimeout */
2785 static void gsm_mux_net_tx_timeout(struct net_device *net)
2787 /* Tell syslog we are hosed. */
2788 dev_dbg(&net->dev, "Tx timed out.\n");
2790 /* Update statistics */
2791 net->stats.tx_errors++;
2794 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2795 unsigned char *in_buf, int size)
2797 struct net_device *net = dlci->net;
2798 struct sk_buff *skb;
2799 struct gsm_mux_net *mux_net = netdev_priv(net);
2800 muxnet_get(mux_net);
2802 /* Allocate an sk_buff */
2803 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2805 /* We got no receive buffer. */
2806 net->stats.rx_dropped++;
2807 muxnet_put(mux_net);
2810 skb_reserve(skb, NET_IP_ALIGN);
2811 skb_put_data(skb, in_buf, size);
2814 skb->protocol = htons(ETH_P_IP);
2816 /* Ship it off to the kernel */
2819 /* update out statistics */
2820 net->stats.rx_packets++;
2821 net->stats.rx_bytes += size;
2822 muxnet_put(mux_net);
2826 static void gsm_mux_net_init(struct net_device *net)
2828 static const struct net_device_ops gsm_netdev_ops = {
2829 .ndo_open = gsm_mux_net_open,
2830 .ndo_stop = gsm_mux_net_close,
2831 .ndo_start_xmit = gsm_mux_net_start_xmit,
2832 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2835 net->netdev_ops = &gsm_netdev_ops;
2837 /* fill in the other fields */
2838 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2839 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2840 net->type = ARPHRD_NONE;
2841 net->tx_queue_len = 10;
2845 /* caller holds the dlci mutex */
2846 static void gsm_destroy_network(struct gsm_dlci *dlci)
2848 struct gsm_mux_net *mux_net;
2850 pr_debug("destroy network interface");
2853 mux_net = netdev_priv(dlci->net);
2854 muxnet_put(mux_net);
2858 /* caller holds the dlci mutex */
2859 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2863 struct net_device *net;
2864 struct gsm_mux_net *mux_net;
2866 if (!capable(CAP_NET_ADMIN))
2869 /* Already in a non tty mode */
2870 if (dlci->adaption > 2)
2873 if (nc->protocol != htons(ETH_P_IP))
2874 return -EPROTONOSUPPORT;
2876 if (nc->adaption != 3 && nc->adaption != 4)
2877 return -EPROTONOSUPPORT;
2879 pr_debug("create network interface");
2882 if (nc->if_name[0] != '\0')
2883 netname = nc->if_name;
2884 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2885 NET_NAME_UNKNOWN, gsm_mux_net_init);
2887 pr_err("alloc_netdev failed");
2890 net->mtu = dlci->gsm->mtu;
2892 net->max_mtu = dlci->gsm->mtu;
2893 mux_net = netdev_priv(net);
2894 mux_net->dlci = dlci;
2895 kref_init(&mux_net->ref);
2896 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2898 /* reconfigure dlci for network */
2899 dlci->prev_adaption = dlci->adaption;
2900 dlci->prev_data = dlci->data;
2901 dlci->adaption = nc->adaption;
2902 dlci->data = gsm_mux_rx_netchar;
2905 pr_debug("register netdev");
2906 retval = register_netdev(net);
2908 pr_err("network register fail %d\n", retval);
2909 dlci_net_free(dlci);
2912 return net->ifindex; /* return network index */
2915 /* Line discipline for real tty */
2916 static struct tty_ldisc_ops tty_ldisc_packet = {
2917 .owner = THIS_MODULE,
2918 .magic = TTY_LDISC_MAGIC,
2921 .close = gsmld_close,
2922 .flush_buffer = gsmld_flush_buffer,
2924 .write = gsmld_write,
2925 #ifdef CONFIG_COMPAT
2926 .compat_ioctl = gsmld_compat_ioctl,
2928 .ioctl = gsmld_ioctl,
2930 .receive_buf = gsmld_receive_buf,
2931 .write_wakeup = gsmld_write_wakeup
2940 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2943 struct gsm_control *ctrl;
2946 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
2947 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
2949 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
2952 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
2955 return gsm_control_wait(dlci->gsm, ctrl);
2958 static int gsm_carrier_raised(struct tty_port *port)
2960 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2961 struct gsm_mux *gsm = dlci->gsm;
2963 /* Not yet open so no carrier info */
2964 if (dlci->state != DLCI_OPEN)
2970 * Basic mode with control channel in ADM mode may not respond
2971 * to CMD_MSC at all and modem_rx is empty.
2973 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2977 return dlci->modem_rx & TIOCM_CD;
2980 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2982 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2983 unsigned int modem_tx = dlci->modem_tx;
2985 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2987 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2988 if (modem_tx != dlci->modem_tx) {
2989 dlci->modem_tx = modem_tx;
2990 gsmtty_modem_update(dlci, 0);
2994 static const struct tty_port_operations gsm_port_ops = {
2995 .carrier_raised = gsm_carrier_raised,
2996 .dtr_rts = gsm_dtr_rts,
2997 .destruct = gsm_dlci_free,
3000 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3002 struct gsm_mux *gsm;
3003 struct gsm_dlci *dlci;
3004 unsigned int line = tty->index;
3005 unsigned int mux = line >> 6;
3013 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3014 if (gsm_mux[mux] == NULL)
3016 if (line == 0 || line > 61) /* 62/63 reserved */
3021 /* If DLCI 0 is not yet fully open return an error.
3022 This is ok from a locking
3023 perspective as we don't have to worry about this
3025 mutex_lock(&gsm->mutex);
3026 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3027 mutex_unlock(&gsm->mutex);
3030 dlci = gsm->dlci[line];
3033 dlci = gsm_dlci_alloc(gsm, line);
3036 mutex_unlock(&gsm->mutex);
3039 ret = tty_port_install(&dlci->port, driver, tty);
3043 mutex_unlock(&gsm->mutex);
3048 dlci_get(gsm->dlci[0]);
3050 tty->driver_data = dlci;
3051 mutex_unlock(&gsm->mutex);
3056 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3058 struct gsm_dlci *dlci = tty->driver_data;
3059 struct tty_port *port = &dlci->port;
3062 tty_port_tty_set(port, tty);
3065 /* We could in theory open and close before we wait - eg if we get
3066 a DM straight back. This is ok as that will have caused a hangup */
3067 tty_port_set_initialized(port, 1);
3068 /* Start sending off SABM messages */
3069 gsm_dlci_begin_open(dlci);
3070 /* And wait for virtual carrier */
3071 return tty_port_block_til_ready(port, tty, filp);
3074 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3076 struct gsm_dlci *dlci = tty->driver_data;
3077 struct gsm_mux *gsm;
3081 if (dlci->state == DLCI_CLOSED)
3083 mutex_lock(&dlci->mutex);
3084 gsm_destroy_network(dlci);
3085 mutex_unlock(&dlci->mutex);
3087 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3089 gsm_dlci_begin_close(dlci);
3090 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3091 tty_port_lower_dtr_rts(&dlci->port);
3092 tty_port_close_end(&dlci->port, tty);
3093 tty_port_tty_set(&dlci->port, NULL);
3097 static void gsmtty_hangup(struct tty_struct *tty)
3099 struct gsm_dlci *dlci = tty->driver_data;
3100 if (dlci->state == DLCI_CLOSED)
3102 tty_port_hangup(&dlci->port);
3103 gsm_dlci_begin_close(dlci);
3106 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3110 struct gsm_dlci *dlci = tty->driver_data;
3111 if (dlci->state == DLCI_CLOSED)
3113 /* Stuff the bytes into the fifo queue */
3114 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
3115 /* Need to kick the channel */
3116 gsm_dlci_data_kick(dlci);
3120 static int gsmtty_write_room(struct tty_struct *tty)
3122 struct gsm_dlci *dlci = tty->driver_data;
3123 if (dlci->state == DLCI_CLOSED)
3125 return TX_SIZE - kfifo_len(dlci->fifo);
3128 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
3130 struct gsm_dlci *dlci = tty->driver_data;
3131 if (dlci->state == DLCI_CLOSED)
3133 return kfifo_len(dlci->fifo);
3136 static void gsmtty_flush_buffer(struct tty_struct *tty)
3138 struct gsm_dlci *dlci = tty->driver_data;
3139 if (dlci->state == DLCI_CLOSED)
3141 /* Caution needed: If we implement reliable transport classes
3142 then the data being transmitted can't simply be junked once
3143 it has first hit the stack. Until then we can just blow it
3145 kfifo_reset(dlci->fifo);
3146 /* Need to unhook this DLCI from the transmit queue logic */
3149 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3151 /* The FIFO handles the queue so the kernel will do the right
3152 thing waiting on chars_in_buffer before calling us. No work
3156 static int gsmtty_tiocmget(struct tty_struct *tty)
3158 struct gsm_dlci *dlci = tty->driver_data;
3159 if (dlci->state == DLCI_CLOSED)
3161 return dlci->modem_rx;
3164 static int gsmtty_tiocmset(struct tty_struct *tty,
3165 unsigned int set, unsigned int clear)
3167 struct gsm_dlci *dlci = tty->driver_data;
3168 unsigned int modem_tx = dlci->modem_tx;
3170 if (dlci->state == DLCI_CLOSED)
3175 if (modem_tx != dlci->modem_tx) {
3176 dlci->modem_tx = modem_tx;
3177 return gsmtty_modem_update(dlci, 0);
3183 static int gsmtty_ioctl(struct tty_struct *tty,
3184 unsigned int cmd, unsigned long arg)
3186 struct gsm_dlci *dlci = tty->driver_data;
3187 struct gsm_netconfig nc;
3190 if (dlci->state == DLCI_CLOSED)
3193 case GSMIOC_ENABLE_NET:
3194 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3196 nc.if_name[IFNAMSIZ-1] = '\0';
3197 /* return net interface index or error code */
3198 mutex_lock(&dlci->mutex);
3199 index = gsm_create_network(dlci, &nc);
3200 mutex_unlock(&dlci->mutex);
3201 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3204 case GSMIOC_DISABLE_NET:
3205 if (!capable(CAP_NET_ADMIN))
3207 mutex_lock(&dlci->mutex);
3208 gsm_destroy_network(dlci);
3209 mutex_unlock(&dlci->mutex);
3212 return -ENOIOCTLCMD;
3216 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3218 struct gsm_dlci *dlci = tty->driver_data;
3219 if (dlci->state == DLCI_CLOSED)
3221 /* For the moment its fixed. In actual fact the speed information
3222 for the virtual channel can be propogated in both directions by
3223 the RPN control message. This however rapidly gets nasty as we
3224 then have to remap modem signals each way according to whether
3225 our virtual cable is null modem etc .. */
3226 tty_termios_copy_hw(&tty->termios, old);
3229 static void gsmtty_throttle(struct tty_struct *tty)
3231 struct gsm_dlci *dlci = tty->driver_data;
3232 if (dlci->state == DLCI_CLOSED)
3235 dlci->modem_tx &= ~TIOCM_DTR;
3236 dlci->throttled = 1;
3237 /* Send an MSC with DTR cleared */
3238 gsmtty_modem_update(dlci, 0);
3241 static void gsmtty_unthrottle(struct tty_struct *tty)
3243 struct gsm_dlci *dlci = tty->driver_data;
3244 if (dlci->state == DLCI_CLOSED)
3247 dlci->modem_tx |= TIOCM_DTR;
3248 dlci->throttled = 0;
3249 /* Send an MSC with DTR set */
3250 gsmtty_modem_update(dlci, 0);
3253 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3255 struct gsm_dlci *dlci = tty->driver_data;
3256 int encode = 0; /* Off */
3257 if (dlci->state == DLCI_CLOSED)
3260 if (state == -1) /* "On indefinitely" - we can't encode this
3263 else if (state > 0) {
3264 encode = state / 200; /* mS to encoding */
3266 encode = 0x0F; /* Best effort */
3268 return gsmtty_modem_update(dlci, encode);
3271 static void gsmtty_cleanup(struct tty_struct *tty)
3273 struct gsm_dlci *dlci = tty->driver_data;
3274 struct gsm_mux *gsm = dlci->gsm;
3277 dlci_put(gsm->dlci[0]);
3281 /* Virtual ttys for the demux */
3282 static const struct tty_operations gsmtty_ops = {
3283 .install = gsmtty_install,
3284 .open = gsmtty_open,
3285 .close = gsmtty_close,
3286 .write = gsmtty_write,
3287 .write_room = gsmtty_write_room,
3288 .chars_in_buffer = gsmtty_chars_in_buffer,
3289 .flush_buffer = gsmtty_flush_buffer,
3290 .ioctl = gsmtty_ioctl,
3291 .throttle = gsmtty_throttle,
3292 .unthrottle = gsmtty_unthrottle,
3293 .set_termios = gsmtty_set_termios,
3294 .hangup = gsmtty_hangup,
3295 .wait_until_sent = gsmtty_wait_until_sent,
3296 .tiocmget = gsmtty_tiocmget,
3297 .tiocmset = gsmtty_tiocmset,
3298 .break_ctl = gsmtty_break_ctl,
3299 .cleanup = gsmtty_cleanup,
3304 static int __init gsm_init(void)
3306 /* Fill in our line protocol discipline, and register it */
3307 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3309 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3314 gsm_tty_driver = alloc_tty_driver(256);
3315 if (!gsm_tty_driver) {
3316 tty_unregister_ldisc(N_GSM0710);
3317 pr_err("gsm_init: tty allocation failed.\n");
3320 gsm_tty_driver->driver_name = "gsmtty";
3321 gsm_tty_driver->name = "gsmtty";
3322 gsm_tty_driver->major = 0; /* Dynamic */
3323 gsm_tty_driver->minor_start = 0;
3324 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3325 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3326 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3327 | TTY_DRIVER_HARDWARE_BREAK;
3328 gsm_tty_driver->init_termios = tty_std_termios;
3330 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3331 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3333 spin_lock_init(&gsm_mux_lock);
3335 if (tty_register_driver(gsm_tty_driver)) {
3336 put_tty_driver(gsm_tty_driver);
3337 tty_unregister_ldisc(N_GSM0710);
3338 pr_err("gsm_init: tty registration failed.\n");
3341 pr_debug("gsm_init: loaded as %d,%d.\n",
3342 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3346 static void __exit gsm_exit(void)
3348 int status = tty_unregister_ldisc(N_GSM0710);
3350 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3352 tty_unregister_driver(gsm_tty_driver);
3353 put_tty_driver(gsm_tty_driver);
3356 module_init(gsm_init);
3357 module_exit(gsm_exit);
3360 MODULE_LICENSE("GPL");
3361 MODULE_ALIAS_LDISC(N_GSM0710);