1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * tty -> DLCI fifo -> scheduler -> GSM MUX data queue ---o-> ldisc
10 * control message -> GSM MUX control queue --ยด
13 * ldisc -> gsm_queue() -o--> tty
14 * `-> gsm_control_response()
17 * Mostly done: ioctls for setting modes/timing
18 * Partly done: hooks so you can pull off frames to non tty devs
19 * Restart DLCI 0 when it closes ?
20 * Improve the tx engine
21 * Resolve tx side locking by adding a queue_head and routing
22 * all control traffic via it
23 * General tidy/document
24 * Review the locking/move to refcounts more (mux now moved to an
25 * alloc/free model ready)
26 * Use newest tty open/close port helpers and install hooks
27 * What to do about power functions ?
28 * Termios setting and negotiation
29 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
33 #include <linux/types.h>
34 #include <linux/major.h>
35 #include <linux/errno.h>
36 #include <linux/signal.h>
37 #include <linux/fcntl.h>
38 #include <linux/sched/signal.h>
39 #include <linux/interrupt.h>
40 #include <linux/tty.h>
41 #include <linux/bitfield.h>
42 #include <linux/ctype.h>
44 #include <linux/math.h>
45 #include <linux/string.h>
46 #include <linux/slab.h>
47 #include <linux/poll.h>
48 #include <linux/bitops.h>
49 #include <linux/file.h>
50 #include <linux/uaccess.h>
51 #include <linux/module.h>
52 #include <linux/timer.h>
53 #include <linux/tty_flip.h>
54 #include <linux/tty_driver.h>
55 #include <linux/serial.h>
56 #include <linux/kfifo.h>
57 #include <linux/skbuff.h>
60 #include <linux/netdevice.h>
61 #include <linux/etherdevice.h>
62 #include <linux/gsmmux.h>
66 module_param(debug, int, 0600);
68 /* Module debug bits */
69 #define DBG_DUMP BIT(0) /* Data transmission dump. */
70 #define DBG_CD_ON BIT(1) /* Always assume CD line on. */
71 #define DBG_DATA BIT(2) /* Data transmission details. */
72 #define DBG_ERRORS BIT(3) /* Details for fail conditions. */
73 #define DBG_TTY BIT(4) /* Transmission statistics for DLCI TTYs. */
74 #define DBG_PAYLOAD BIT(5) /* Limits DBG_DUMP to payload frames. */
76 /* Defaults: these are from the specification */
78 #define T1 10 /* 100mS */
79 #define T2 34 /* 333mS */
80 #define T3 10 /* 10s */
81 #define N2 3 /* Retry 3 times */
82 #define K 2 /* outstanding I frames */
84 #define MAX_T3 255 /* In seconds. */
85 #define MAX_WINDOW_SIZE 7 /* Limit of K in error recovery mode. */
87 /* Use long timers for testing at low speed with debug on */
94 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
95 * limits so this is plenty
99 #define MIN_MTU (PROT_OVERHEAD + 1)
100 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
101 #define PROT_OVERHEAD 7
102 #define GSM_NET_TX_TIMEOUT (HZ*10)
105 * struct gsm_mux_net - network interface
107 * Created when net interface is initialized.
111 struct gsm_dlci *dlci;
115 * Each block of data we have queued to go out is in the form of
116 * a gsm_msg which holds everything we need in a link layer independent
121 struct list_head list;
122 u8 addr; /* DLCI address + flags */
123 u8 ctrl; /* Control byte + flags */
124 unsigned int len; /* Length of data block (can be zero) */
125 unsigned char *data; /* Points into buffer but not at the start */
126 unsigned char buffer[];
129 enum gsm_dlci_state {
131 DLCI_CONFIGURE, /* Sending PN (for adaption > 1) */
132 DLCI_OPENING, /* Sending SABM not seen UA */
133 DLCI_OPEN, /* SABM/UA complete */
134 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
138 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
139 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
143 * Each active data link has a gsm_dlci structure associated which ties
144 * the link layer to an optional tty (if the tty side is open). To avoid
145 * complexity right now these are only ever freed up when the mux is
148 * At the moment we don't free DLCI objects until the mux is torn down
149 * this avoid object life time issues but might be worth review later.
155 enum gsm_dlci_state state;
159 enum gsm_dlci_mode mode;
160 spinlock_t lock; /* Protects the internal state */
161 struct timer_list t1; /* Retransmit timer for SABM and UA */
163 /* Uplink tty if active */
164 struct tty_port port; /* The tty bound to this DLCI if there is one */
165 #define TX_SIZE 4096 /* Must be power of 2. */
166 struct kfifo fifo; /* Queue fifo for the DLCI */
167 int adaption; /* Adaption layer in use */
169 u32 modem_rx; /* Our incoming virtual modem lines */
170 u32 modem_tx; /* Our outgoing modem lines */
172 bool dead; /* Refuse re-open */
174 u8 prio; /* Priority */
175 u8 ftype; /* Frame type */
176 u8 k; /* Window size */
178 bool throttled; /* Private copy of throttle state */
179 bool constipated; /* Throttle status for outgoing */
181 struct sk_buff *skb; /* Frame being sent */
182 struct sk_buff_head skb_list; /* Queued frames */
183 /* Data handling callback */
184 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
185 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
186 struct net_device *net; /* network interface, if created */
190 * Parameter bits used for parameter negotiation according to 3GPP 27.010
194 struct gsm_dlci_param_bits {
204 static_assert(sizeof(struct gsm_dlci_param_bits) == 8);
206 #define PN_D_FIELD_DLCI GENMASK(5, 0)
207 #define PN_I_CL_FIELD_FTYPE GENMASK(3, 0)
208 #define PN_I_CL_FIELD_ADAPTION GENMASK(7, 4)
209 #define PN_P_FIELD_PRIO GENMASK(5, 0)
210 #define PN_T_FIELD_T1 GENMASK(7, 0)
211 #define PN_N_FIELD_N1 GENMASK(15, 0)
212 #define PN_NA_FIELD_N2 GENMASK(7, 0)
213 #define PN_K_FIELD_K GENMASK(2, 0)
215 /* Total number of supported devices */
216 #define GSM_TTY_MINORS 256
218 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
223 * DLCI 0 is used to pass control blocks out of band of the data
224 * flow (and with a higher link priority). One command can be outstanding
225 * at a time and we use this structure to manage them. They are created
226 * and destroyed by the user context, and updated by the receive paths
231 u8 cmd; /* Command we are issuing */
232 u8 *data; /* Data for the command in case we retransmit */
233 int len; /* Length of block for retransmission */
234 int done; /* Done flag */
235 int error; /* Error if any */
258 * Each GSM mux we have is represented by this structure. If we are
259 * operating as an ldisc then we use this structure as our ldisc
260 * state. We need to sort out lifetimes and locking with respect
261 * to the gsm mux array. For now we don't free DLCI objects that
262 * have been instantiated until the mux itself is terminated.
264 * To consider further: tty open versus mux shutdown.
268 struct tty_struct *tty; /* The tty our ldisc is bound to */
274 /* Events on the GSM channel */
275 wait_queue_head_t event;
277 /* ldisc send work */
278 struct work_struct tx_work;
280 /* Bits for GSM mode decoding */
284 enum gsm_mux_state state;
286 unsigned int address;
289 enum gsm_encoding encoding;
292 u8 *txframe; /* TX framing buffer */
294 /* Method for the receiver side */
295 void (*receive)(struct gsm_mux *gsm, u8 ch);
300 int initiator; /* Did we initiate connection */
301 bool dead; /* Has the mux been shut down */
302 struct gsm_dlci *dlci[NUM_DLCI];
303 int old_c_iflag; /* termios c_iflag value before attach */
304 bool constipated; /* Asked by remote to shut up */
305 bool has_devices; /* Devices were registered */
308 unsigned int tx_bytes; /* TX data outstanding */
309 #define TX_THRESH_HI 8192
310 #define TX_THRESH_LO 2048
311 struct list_head tx_ctrl_list; /* Pending control packets */
312 struct list_head tx_data_list; /* Pending data packets */
314 /* Control messages */
315 struct timer_list kick_timer; /* Kick TX queuing on timeout */
316 struct timer_list t2_timer; /* Retransmit timer for commands */
317 int cretries; /* Command retry counter */
318 struct gsm_control *pending_cmd;/* Our current pending command */
319 spinlock_t control_lock; /* Protects the pending command */
322 int adaption; /* 1 or 2 supported */
323 u8 ftype; /* UI or UIH */
324 int t1, t2; /* Timers in 1/100th of a sec */
325 unsigned int t3; /* Power wake-up timer in seconds. */
326 int n2; /* Retry count */
327 u8 k; /* Window size */
329 /* Statistics (not currently exposed) */
330 unsigned long bad_fcs;
331 unsigned long malformed;
332 unsigned long io_error;
333 unsigned long bad_size;
334 unsigned long unsupported;
339 * Mux objects - needed so that we can translate a tty index into the
340 * relevant mux and DLCI.
343 #define MAX_MUX 4 /* 256 minors */
344 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
345 static DEFINE_SPINLOCK(gsm_mux_lock);
347 static struct tty_driver *gsm_tty_driver;
350 * This section of the driver logic implements the GSM encodings
351 * both the basic and the 'advanced'. Reliable transport is not
359 /* I is special: the rest are ..*/
370 /* Channel commands */
372 #define CMD_TEST 0x11
375 #define CMD_FCOFF 0x31
378 #define CMD_FCON 0x51
383 /* Virtual modem bits */
390 #define GSM0_SOF 0xF9
391 #define GSM1_SOF 0x7E
392 #define GSM1_ESCAPE 0x7D
393 #define GSM1_ESCAPE_BITS 0x20
396 #define ISO_IEC_646_MASK 0x7F
398 static const struct tty_port_operations gsm_port_ops;
401 * CRC table for GSM 0710
404 static const u8 gsm_fcs8[256] = {
405 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
406 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
407 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
408 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
409 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
410 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
411 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
412 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
413 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
414 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
415 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
416 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
417 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
418 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
419 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
420 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
421 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
422 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
423 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
424 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
425 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
426 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
427 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
428 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
429 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
430 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
431 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
432 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
433 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
434 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
435 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
436 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
439 #define INIT_FCS 0xFF
440 #define GOOD_FCS 0xCF
442 static void gsm_dlci_close(struct gsm_dlci *dlci);
443 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
444 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk);
445 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
447 static int gsm_send_packet(struct gsm_mux *gsm, struct gsm_msg *msg);
448 static void gsmld_write_trigger(struct gsm_mux *gsm);
449 static void gsmld_write_task(struct work_struct *work);
452 * gsm_fcs_add - update FCS
456 * Update the FCS to include c. Uses the algorithm in the specification
460 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
462 return gsm_fcs8[fcs ^ c];
466 * gsm_fcs_add_block - update FCS for a block
469 * @len: length of buffer
471 * Update the FCS to include c. Uses the algorithm in the specification
475 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
478 fcs = gsm_fcs8[fcs ^ *c++];
483 * gsm_read_ea - read a byte into an EA
484 * @val: variable holding value
485 * @c: byte going into the EA
487 * Processes one byte of an EA. Updates the passed variable
488 * and returns 1 if the EA is now completely read
491 static int gsm_read_ea(unsigned int *val, u8 c)
493 /* Add the next 7 bits into the value */
496 /* Was this the last byte of the EA 1 = yes*/
501 * gsm_read_ea_val - read a value until EA
502 * @val: variable holding value
503 * @data: buffer of data
504 * @dlen: length of data
506 * Processes an EA value. Updates the passed variable and
507 * returns the processed data length.
509 static unsigned int gsm_read_ea_val(unsigned int *val, const u8 *data, int dlen)
511 unsigned int len = 0;
513 for (; dlen > 0; dlen--) {
515 if (gsm_read_ea(val, *data++))
522 * gsm_encode_modem - encode modem data bits
523 * @dlci: DLCI to encode from
525 * Returns the correct GSM encoded modem status bits (6 bit field) for
526 * the current status of the DLCI and attached tty object
529 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
532 /* FC is true flow control not modem bits */
535 if (dlci->modem_tx & TIOCM_DTR)
536 modembits |= MDM_RTC;
537 if (dlci->modem_tx & TIOCM_RTS)
538 modembits |= MDM_RTR;
539 if (dlci->modem_tx & TIOCM_RI)
541 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
546 static void gsm_hex_dump_bytes(const char *fname, const u8 *data,
552 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, data, len,
557 prefix = kasprintf(GFP_ATOMIC, "%s: ", fname);
560 print_hex_dump(KERN_INFO, prefix, DUMP_PREFIX_OFFSET, 16, 1, data, len,
566 * gsm_encode_params - encode DLCI parameters
567 * @dlci: DLCI to encode from
568 * @params: buffer to fill with the encoded parameters
570 * Encodes the parameters according to GSM 07.10 section 5.4.6.3.1
573 static int gsm_encode_params(const struct gsm_dlci *dlci,
574 struct gsm_dlci_param_bits *params)
576 const struct gsm_mux *gsm = dlci->gsm;
579 switch (dlci->ftype) {
587 pr_debug("unsupported frame type %d\n", dlci->ftype);
591 switch (dlci->adaption) {
592 case 1: /* Unstructured */
593 cl = 0; /* convergence layer type 1 */
595 case 2: /* Unstructured with modem bits. */
596 cl = 1; /* convergence layer type 2 */
599 pr_debug("unsupported adaption %d\n", dlci->adaption);
603 params->d_bits = FIELD_PREP(PN_D_FIELD_DLCI, dlci->addr);
604 /* UIH, convergence layer type 1 */
605 params->i_cl_bits = FIELD_PREP(PN_I_CL_FIELD_FTYPE, i) |
606 FIELD_PREP(PN_I_CL_FIELD_ADAPTION, cl);
607 params->p_bits = FIELD_PREP(PN_P_FIELD_PRIO, dlci->prio);
608 params->t_bits = FIELD_PREP(PN_T_FIELD_T1, gsm->t1);
609 params->n_bits = cpu_to_le16(FIELD_PREP(PN_N_FIELD_N1, dlci->mtu));
610 params->na_bits = FIELD_PREP(PN_NA_FIELD_N2, gsm->n2);
611 params->k_bits = FIELD_PREP(PN_K_FIELD_K, dlci->k);
617 * gsm_register_devices - register all tty devices for a given mux index
619 * @driver: the tty driver that describes the tty devices
620 * @index: the mux number is used to calculate the minor numbers of the
621 * ttys for this mux and may differ from the position in the
624 static int gsm_register_devices(struct tty_driver *driver, unsigned int index)
630 if (!driver || index >= MAX_MUX)
633 base = index * NUM_DLCI; /* first minor for this index */
634 for (i = 1; i < NUM_DLCI; i++) {
635 /* Don't register device 0 - this is the control channel
636 * and not a usable tty interface
638 dev = tty_register_device(gsm_tty_driver, base + i, NULL);
640 if (debug & DBG_ERRORS)
641 pr_info("%s failed to register device minor %u",
643 for (i--; i >= 1; i--)
644 tty_unregister_device(gsm_tty_driver, base + i);
653 * gsm_unregister_devices - unregister all tty devices for a given mux index
655 * @driver: the tty driver that describes the tty devices
656 * @index: the mux number is used to calculate the minor numbers of the
657 * ttys for this mux and may differ from the position in the
660 static void gsm_unregister_devices(struct tty_driver *driver,
666 if (!driver || index >= MAX_MUX)
669 base = index * NUM_DLCI; /* first minor for this index */
670 for (i = 1; i < NUM_DLCI; i++) {
671 /* Don't unregister device 0 - this is the control
672 * channel and not a usable tty interface
674 tty_unregister_device(gsm_tty_driver, base + i);
679 * gsm_print_packet - display a frame for debug
680 * @hdr: header to print before decode
681 * @addr: address EA from the frame
682 * @cr: C/R bit seen as initiator
683 * @control: control including PF bit
684 * @data: following data bytes
685 * @dlen: length of data
687 * Displays a packet in human readable format for debugging purposes. The
688 * style is based on amateur radio LAP-B dump display.
691 static void gsm_print_packet(const char *hdr, int addr, int cr,
692 u8 control, const u8 *data, int dlen)
694 if (!(debug & DBG_DUMP))
696 /* Only show user payload frames if debug & DBG_PAYLOAD */
697 if (!(debug & DBG_PAYLOAD) && addr != 0)
698 if ((control & ~PF) == UI || (control & ~PF) == UIH)
701 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
703 switch (control & ~PF) {
723 if (!(control & 0x01)) {
724 pr_cont("I N(S)%d N(R)%d",
725 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
726 } else switch (control & 0x0F) {
728 pr_cont("RR(%d)", (control & 0xE0) >> 5);
731 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
734 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
737 pr_cont("[%02X]", control);
746 gsm_hex_dump_bytes(NULL, data, dlen);
751 * Link level transmission side
755 * gsm_stuff_frame - bytestuff a packet
756 * @input: input buffer
757 * @output: output buffer
758 * @len: length of input
760 * Expand a buffer by bytestuffing it. The worst case size change
761 * is doubling and the caller is responsible for handing out
762 * suitable sized buffers.
765 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
769 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
770 || (*input & ISO_IEC_646_MASK) == XON
771 || (*input & ISO_IEC_646_MASK) == XOFF) {
772 *output++ = GSM1_ESCAPE;
773 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
776 *output++ = *input++;
783 * gsm_send - send a control frame
785 * @addr: address for control frame
786 * @cr: command/response bit seen as initiator
787 * @control: control byte including PF bit
789 * Format up and transmit a control frame. These should be transmitted
790 * ahead of data when they are needed.
792 static int gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
799 msg = gsm_data_alloc(gsm, addr, 0, control);
803 /* toggle C/R coding if not initiator */
804 ocr = cr ^ (gsm->initiator ? 0 : 1);
808 *dp++ = (addr << 2) | (ocr << 1) | EA;
811 if (gsm->encoding == GSM_BASIC_OPT)
812 *dp++ = EA; /* Length of data = 0 */
814 *dp = 0xFF - gsm_fcs_add_block(INIT_FCS, msg->data, dp - msg->data);
815 msg->len = (dp - msg->data) + 1;
817 gsm_print_packet("Q->", addr, cr, control, NULL, 0);
819 spin_lock_irqsave(&gsm->tx_lock, flags);
820 list_add_tail(&msg->list, &gsm->tx_ctrl_list);
821 gsm->tx_bytes += msg->len;
822 spin_unlock_irqrestore(&gsm->tx_lock, flags);
823 gsmld_write_trigger(gsm);
829 * gsm_dlci_clear_queues - remove outstanding data for a DLCI
831 * @dlci: clear for this DLCI
833 * Clears the data queues for a given DLCI.
835 static void gsm_dlci_clear_queues(struct gsm_mux *gsm, struct gsm_dlci *dlci)
837 struct gsm_msg *msg, *nmsg;
838 int addr = dlci->addr;
841 /* Clear DLCI write fifo first */
842 spin_lock_irqsave(&dlci->lock, flags);
843 kfifo_reset(&dlci->fifo);
844 spin_unlock_irqrestore(&dlci->lock, flags);
846 /* Clear data packets in MUX write queue */
847 spin_lock_irqsave(&gsm->tx_lock, flags);
848 list_for_each_entry_safe(msg, nmsg, &gsm->tx_data_list, list) {
849 if (msg->addr != addr)
851 gsm->tx_bytes -= msg->len;
852 list_del(&msg->list);
855 spin_unlock_irqrestore(&gsm->tx_lock, flags);
859 * gsm_response - send a control response
861 * @addr: address for control frame
862 * @control: control byte including PF bit
864 * Format up and transmit a link level response frame.
867 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
869 gsm_send(gsm, addr, 0, control);
873 * gsm_command - send a control command
875 * @addr: address for control frame
876 * @control: control byte including PF bit
878 * Format up and transmit a link level command frame.
881 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
883 gsm_send(gsm, addr, 1, control);
886 /* Data transmission */
888 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
891 * gsm_data_alloc - allocate data frame
893 * @addr: DLCI address
894 * @len: length excluding header and FCS
895 * @ctrl: control byte
897 * Allocate a new data buffer for sending frames with data. Space is left
898 * at the front for header bytes but that is treated as an implementation
899 * detail and not for the high level code to use
902 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
905 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
909 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
913 INIT_LIST_HEAD(&m->list);
918 * gsm_send_packet - sends a single packet
920 * @msg: packet to send
922 * The given packet is encoded and sent out. No memory is freed.
923 * The caller must hold the gsm tx lock.
925 static int gsm_send_packet(struct gsm_mux *gsm, struct gsm_msg *msg)
930 if (gsm->encoding == GSM_BASIC_OPT) {
931 gsm->txframe[0] = GSM0_SOF;
932 memcpy(gsm->txframe + 1, msg->data, msg->len);
933 gsm->txframe[msg->len + 1] = GSM0_SOF;
936 gsm->txframe[0] = GSM1_SOF;
937 len = gsm_stuff_frame(msg->data, gsm->txframe + 1, msg->len);
938 gsm->txframe[len + 1] = GSM1_SOF;
942 if (debug & DBG_DATA)
943 gsm_hex_dump_bytes(__func__, gsm->txframe, len);
944 gsm_print_packet("-->", msg->addr, gsm->initiator, msg->ctrl, msg->data,
947 ret = gsmld_output(gsm, gsm->txframe, len);
950 /* FIXME: Can eliminate one SOF in many more cases */
951 gsm->tx_bytes -= msg->len;
957 * gsm_is_flow_ctrl_msg - checks if flow control message
958 * @msg: message to check
960 * Returns true if the given message is a flow control command of the
961 * control channel. False is returned in any other case.
963 static bool gsm_is_flow_ctrl_msg(struct gsm_msg *msg)
970 switch (msg->ctrl & ~PF) {
974 if (gsm_read_ea_val(&cmd, msg->data + 2, msg->len - 2) < 1)
988 * gsm_data_kick - poke the queue
991 * The tty device has called us to indicate that room has appeared in
992 * the transmit queue. Ram more data into the pipe if we have any.
993 * If we have been flow-stopped by a CMD_FCOFF, then we can only
994 * send messages on DLCI0 until CMD_FCON. The caller must hold
997 static int gsm_data_kick(struct gsm_mux *gsm)
999 struct gsm_msg *msg, *nmsg;
1000 struct gsm_dlci *dlci;
1003 clear_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
1005 /* Serialize control messages and control channel messages first */
1006 list_for_each_entry_safe(msg, nmsg, &gsm->tx_ctrl_list, list) {
1007 if (gsm->constipated && !gsm_is_flow_ctrl_msg(msg))
1009 ret = gsm_send_packet(gsm, msg);
1014 /* ldisc not open */
1015 gsm->tx_bytes -= msg->len;
1016 list_del(&msg->list);
1021 list_del(&msg->list);
1028 if (gsm->constipated)
1031 /* Serialize other channels */
1032 if (list_empty(&gsm->tx_data_list))
1034 list_for_each_entry_safe(msg, nmsg, &gsm->tx_data_list, list) {
1035 dlci = gsm->dlci[msg->addr];
1036 /* Send only messages for DLCIs with valid state */
1037 if (dlci->state != DLCI_OPEN) {
1038 gsm->tx_bytes -= msg->len;
1039 list_del(&msg->list);
1043 ret = gsm_send_packet(gsm, msg);
1048 /* ldisc not open */
1049 gsm->tx_bytes -= msg->len;
1050 list_del(&msg->list);
1055 list_del(&msg->list);
1066 * __gsm_data_queue - queue a UI or UIH frame
1067 * @dlci: DLCI sending the data
1068 * @msg: message queued
1070 * Add data to the transmit queue and try and get stuff moving
1071 * out of the mux tty if not already doing so. The Caller must hold
1075 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
1077 struct gsm_mux *gsm = dlci->gsm;
1079 u8 *fcs = dp + msg->len;
1081 /* Fill in the header */
1082 if (gsm->encoding == GSM_BASIC_OPT) {
1084 *--dp = (msg->len << 1) | EA;
1086 *--dp = (msg->len >> 7); /* bits 7 - 15 */
1087 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
1093 *--dp = (msg->addr << 2) | CR | EA;
1095 *--dp = (msg->addr << 2) | EA;
1096 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
1097 /* Ugly protocol layering violation */
1098 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
1099 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
1102 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
1103 msg->data, msg->len);
1105 /* Move the header back and adjust the length, also allow for the FCS
1106 now tacked on the end */
1107 msg->len += (msg->data - dp) + 1;
1110 /* Add to the actual output queue */
1111 switch (msg->ctrl & ~PF) {
1114 if (msg->addr > 0) {
1115 list_add_tail(&msg->list, &gsm->tx_data_list);
1120 list_add_tail(&msg->list, &gsm->tx_ctrl_list);
1123 gsm->tx_bytes += msg->len;
1125 gsmld_write_trigger(gsm);
1126 mod_timer(&gsm->kick_timer, jiffies + 10 * gsm->t1 * HZ / 100);
1130 * gsm_data_queue - queue a UI or UIH frame
1131 * @dlci: DLCI sending the data
1132 * @msg: message queued
1134 * Add data to the transmit queue and try and get stuff moving
1135 * out of the mux tty if not already doing so. Take the
1136 * the gsm tx lock and dlci lock.
1139 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
1141 unsigned long flags;
1142 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1143 __gsm_data_queue(dlci, msg);
1144 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1148 * gsm_dlci_data_output - try and push data out of a DLCI
1150 * @dlci: the DLCI to pull data from
1152 * Pull data from a DLCI and send it into the transmit queue if there
1153 * is data. Keep to the MRU of the mux. This path handles the usual tty
1154 * interface which is a byte stream with optional modem data.
1156 * Caller must hold the tx_lock of the mux.
1159 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
1161 struct gsm_msg *msg;
1165 /* for modem bits without break data */
1166 h = ((dlci->adaption == 1) ? 0 : 1);
1168 len = kfifo_len(&dlci->fifo);
1172 /* MTU/MRU count only the data bits but watch adaption mode */
1173 if ((len + h) > dlci->mtu)
1174 len = dlci->mtu - h;
1178 msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
1182 switch (dlci->adaption) {
1183 case 1: /* Unstructured */
1185 case 2: /* Unstructured with modem bits.
1186 * Always one byte as we never send inline break data
1188 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
1191 pr_err("%s: unsupported adaption %d\n", __func__,
1196 WARN_ON(len != kfifo_out_locked(&dlci->fifo, dp, len,
1199 /* Notify upper layer about available send space. */
1200 tty_port_tty_wakeup(&dlci->port);
1202 __gsm_data_queue(dlci, msg);
1203 /* Bytes of data we used up */
1208 * gsm_dlci_data_output_framed - try and push data out of a DLCI
1210 * @dlci: the DLCI to pull data from
1212 * Pull data from a DLCI and send it into the transmit queue if there
1213 * is data. Keep to the MRU of the mux. This path handles framed data
1214 * queued as skbuffs to the DLCI.
1216 * Caller must hold the tx_lock of the mux.
1219 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
1220 struct gsm_dlci *dlci)
1222 struct gsm_msg *msg;
1225 int last = 0, first = 0;
1228 /* One byte per frame is used for B/F flags */
1229 if (dlci->adaption == 4)
1232 /* dlci->skb is locked by tx_lock */
1233 if (dlci->skb == NULL) {
1234 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
1235 if (dlci->skb == NULL)
1239 len = dlci->skb->len + overhead;
1241 /* MTU/MRU count only the data bits */
1242 if (len > dlci->mtu) {
1243 if (dlci->adaption == 3) {
1244 /* Over long frame, bin it */
1245 dev_kfree_skb_any(dlci->skb);
1253 size = len + overhead;
1254 msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
1256 skb_queue_tail(&dlci->skb_list, dlci->skb);
1262 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
1263 /* Flag byte to carry the start/end info */
1264 *dp++ = last << 7 | first << 6 | 1; /* EA */
1267 memcpy(dp, dlci->skb->data, len);
1268 skb_pull(dlci->skb, len);
1269 __gsm_data_queue(dlci, msg);
1271 dev_kfree_skb_any(dlci->skb);
1278 * gsm_dlci_modem_output - try and push modem status out of a DLCI
1280 * @dlci: the DLCI to pull modem status from
1281 * @brk: break signal
1283 * Push an empty frame in to the transmit queue to update the modem status
1284 * bits and to transmit an optional break.
1286 * Caller must hold the tx_lock of the mux.
1289 static int gsm_dlci_modem_output(struct gsm_mux *gsm, struct gsm_dlci *dlci,
1293 struct gsm_msg *msg;
1296 /* for modem bits without break data */
1297 switch (dlci->adaption) {
1298 case 1: /* Unstructured */
1300 case 2: /* Unstructured with modem bits. */
1306 pr_err("%s: unsupported adaption %d\n", __func__,
1311 msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
1313 pr_err("%s: gsm_data_alloc error", __func__);
1317 switch (dlci->adaption) {
1318 case 1: /* Unstructured */
1320 case 2: /* Unstructured with modem bits. */
1322 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
1324 *dp++ = gsm_encode_modem(dlci) << 1;
1325 *dp++ = (brk << 4) | 2 | EA; /* Length, Break, EA */
1333 __gsm_data_queue(dlci, msg);
1338 * gsm_dlci_data_sweep - look for data to send
1341 * Sweep the GSM mux channels in priority order looking for ones with
1342 * data to send. We could do with optimising this scan a bit. We aim
1343 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
1344 * TX_THRESH_LO we get called again
1346 * FIXME: We should round robin between groups and in theory you can
1347 * renegotiate DLCI priorities with optional stuff. Needs optimising.
1350 static int gsm_dlci_data_sweep(struct gsm_mux *gsm)
1352 /* Priority ordering: We should do priority with RR of the groups */
1353 int i, len, ret = 0;
1355 struct gsm_dlci *dlci;
1357 while (gsm->tx_bytes < TX_THRESH_HI) {
1358 for (sent = false, i = 1; i < NUM_DLCI; i++) {
1359 dlci = gsm->dlci[i];
1360 /* skip unused or blocked channel */
1361 if (!dlci || dlci->constipated)
1363 /* skip channels with invalid state */
1364 if (dlci->state != DLCI_OPEN)
1366 /* count the sent data per adaption */
1367 if (dlci->adaption < 3 && !dlci->net)
1368 len = gsm_dlci_data_output(gsm, dlci);
1370 len = gsm_dlci_data_output_framed(gsm, dlci);
1377 /* The lower DLCs can starve the higher DLCs! */
1390 * gsm_dlci_data_kick - transmit if possible
1391 * @dlci: DLCI to kick
1393 * Transmit data from this DLCI if the queue is empty. We can't rely on
1394 * a tty wakeup except when we filled the pipe so we need to fire off
1395 * new data ourselves in other cases.
1398 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
1400 unsigned long flags;
1403 if (dlci->constipated)
1406 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1407 /* If we have nothing running then we need to fire up */
1408 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
1409 if (dlci->gsm->tx_bytes == 0) {
1411 gsm_dlci_data_output_framed(dlci->gsm, dlci);
1413 gsm_dlci_data_output(dlci->gsm, dlci);
1416 gsm_dlci_data_sweep(dlci->gsm);
1417 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1421 * Control message processing
1426 * gsm_control_command - send a command frame to a control
1428 * @cmd: the command to use
1429 * @data: data to follow encoded info
1430 * @dlen: length of data
1432 * Encode up and queue a UI/UIH frame containing our command.
1434 static int gsm_control_command(struct gsm_mux *gsm, int cmd, const u8 *data,
1437 struct gsm_msg *msg;
1439 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->dlci[0]->ftype);
1443 msg->data[0] = (cmd << 1) | CR | EA; /* Set C/R */
1444 msg->data[1] = (dlen << 1) | EA;
1445 memcpy(msg->data + 2, data, dlen);
1446 gsm_data_queue(gsm->dlci[0], msg);
1452 * gsm_control_reply - send a response frame to a control
1454 * @cmd: the command to use
1455 * @data: data to follow encoded info
1456 * @dlen: length of data
1458 * Encode up and queue a UI/UIH frame containing our response.
1461 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1464 struct gsm_msg *msg;
1466 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->dlci[0]->ftype);
1469 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1470 msg->data[1] = (dlen << 1) | EA;
1471 memcpy(msg->data + 2, data, dlen);
1472 gsm_data_queue(gsm->dlci[0], msg);
1476 * gsm_process_modem - process received modem status
1477 * @tty: virtual tty bound to the DLCI
1478 * @dlci: DLCI to affect
1479 * @modem: modem bits (full EA)
1480 * @slen: number of signal octets
1482 * Used when a modem control message or line state inline in adaption
1483 * layer 2 is processed. Sort out the local modem state and throttles
1486 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1487 u32 modem, int slen)
1493 /* The modem status command can either contain one octet (V.24 signals)
1494 * or two octets (V.24 signals + break signals). This is specified in
1495 * section 5.4.6.3.7 of the 07.10 mux spec.
1499 modem = modem & 0x7f;
1502 modem = (modem >> 7) & 0x7f;
1505 /* Flow control/ready to communicate */
1506 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1507 if (fc && !dlci->constipated) {
1508 /* Need to throttle our output on this device */
1509 dlci->constipated = true;
1510 } else if (!fc && dlci->constipated) {
1511 dlci->constipated = false;
1512 gsm_dlci_data_kick(dlci);
1515 /* Map modem bits */
1516 if (modem & MDM_RTC)
1517 mlines |= TIOCM_DSR | TIOCM_DTR;
1518 if (modem & MDM_RTR)
1519 mlines |= TIOCM_RTS | TIOCM_CTS;
1525 /* Carrier drop -> hangup */
1527 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1532 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1533 dlci->modem_rx = mlines;
1537 * gsm_process_negotiation - process received parameters
1539 * @addr: DLCI address
1540 * @cr: command/response
1541 * @params: encoded parameters from the parameter negotiation message
1543 * Used when the response for our parameter negotiation command was
1546 static int gsm_process_negotiation(struct gsm_mux *gsm, unsigned int addr,
1548 const struct gsm_dlci_param_bits *params)
1550 struct gsm_dlci *dlci = gsm->dlci[addr];
1551 unsigned int ftype, i, adaption, prio, n1, k;
1553 i = FIELD_GET(PN_I_CL_FIELD_FTYPE, params->i_cl_bits);
1554 adaption = FIELD_GET(PN_I_CL_FIELD_ADAPTION, params->i_cl_bits) + 1;
1555 prio = FIELD_GET(PN_P_FIELD_PRIO, params->p_bits);
1556 n1 = FIELD_GET(PN_N_FIELD_N1, get_unaligned_le16(¶ms->n_bits));
1557 k = FIELD_GET(PN_K_FIELD_K, params->k_bits);
1560 if (debug & DBG_ERRORS)
1561 pr_info("%s N1 out of range in PN\n", __func__);
1572 case 0x02: /* I frames are not supported */
1573 if (debug & DBG_ERRORS)
1574 pr_info("%s unsupported I frame request in PN\n",
1578 if (debug & DBG_ERRORS)
1579 pr_info("%s i out of range in PN\n", __func__);
1583 if (!cr && gsm->initiator) {
1584 if (adaption != dlci->adaption) {
1585 if (debug & DBG_ERRORS)
1586 pr_info("%s invalid adaption %d in PN\n",
1587 __func__, adaption);
1590 if (prio != dlci->prio) {
1591 if (debug & DBG_ERRORS)
1592 pr_info("%s invalid priority %d in PN",
1596 if (n1 > gsm->mru || n1 > dlci->mtu) {
1597 /* We requested a frame size but the other party wants
1598 * to send larger frames. The standard allows only a
1599 * smaller response value than requested (5.4.6.3.1).
1601 if (debug & DBG_ERRORS)
1602 pr_info("%s invalid N1 %d in PN\n", __func__,
1607 if (ftype != dlci->ftype) {
1608 if (debug & DBG_ERRORS)
1609 pr_info("%s invalid i %d in PN\n", __func__, i);
1612 if (ftype != UI && ftype != UIH && k > dlci->k) {
1613 if (debug & DBG_ERRORS)
1614 pr_info("%s invalid k %d in PN\n", __func__, k);
1618 } else if (cr && !gsm->initiator) {
1619 /* Only convergence layer type 1 and 2 are supported. */
1620 if (adaption != 1 && adaption != 2) {
1621 if (debug & DBG_ERRORS)
1622 pr_info("%s invalid adaption %d in PN\n",
1623 __func__, adaption);
1626 dlci->adaption = adaption;
1627 if (n1 > gsm->mru) {
1628 /* Propose a smaller value */
1629 dlci->mtu = gsm->mru;
1630 } else if (n1 > MAX_MTU) {
1631 /* Propose a smaller value */
1632 dlci->mtu = MAX_MTU;
1637 dlci->ftype = ftype;
1647 * gsm_control_modem - modem status received
1649 * @data: data following command
1650 * @clen: command length
1652 * We have received a modem status control message. This is used by
1653 * the GSM mux protocol to pass virtual modem line status and optionally
1654 * to indicate break signals. Unpack it, convert to Linux representation
1655 * and if need be stuff a break message down the tty.
1658 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1660 unsigned int addr = 0;
1661 unsigned int modem = 0;
1662 struct gsm_dlci *dlci;
1665 const u8 *dp = data;
1666 struct tty_struct *tty;
1668 len = gsm_read_ea_val(&addr, data, cl);
1673 /* Closed port, or invalid ? */
1674 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1676 dlci = gsm->dlci[addr];
1678 /* Must be at least one byte following the EA */
1685 /* get the modem status */
1686 len = gsm_read_ea_val(&modem, dp, cl);
1690 tty = tty_port_tty_get(&dlci->port);
1691 gsm_process_modem(tty, dlci, modem, cl);
1696 gsm_control_reply(gsm, CMD_MSC, data, clen);
1700 * gsm_control_negotiation - parameter negotiation received
1702 * @cr: command/response flag
1703 * @data: data following command
1704 * @dlen: data length
1706 * We have received a parameter negotiation message. This is used by
1707 * the GSM mux protocol to configure protocol parameters for a new DLCI.
1709 static void gsm_control_negotiation(struct gsm_mux *gsm, unsigned int cr,
1710 const u8 *data, unsigned int dlen)
1713 struct gsm_dlci_param_bits pn_reply;
1714 struct gsm_dlci *dlci;
1715 struct gsm_dlci_param_bits *params;
1717 if (dlen < sizeof(struct gsm_dlci_param_bits))
1721 params = (struct gsm_dlci_param_bits *)data;
1722 addr = FIELD_GET(PN_D_FIELD_DLCI, params->d_bits);
1723 if (addr == 0 || addr >= NUM_DLCI || !gsm->dlci[addr])
1725 dlci = gsm->dlci[addr];
1727 /* Too late for parameter negotiation? */
1728 if ((!cr && dlci->state == DLCI_OPENING) || dlci->state == DLCI_OPEN)
1731 /* Process the received parameters */
1732 if (gsm_process_negotiation(gsm, addr, cr, params) != 0) {
1733 /* Negotiation failed. Close the link. */
1734 if (debug & DBG_ERRORS)
1735 pr_info("%s PN failed\n", __func__);
1736 gsm_dlci_close(dlci);
1741 /* Reply command with accepted parameters. */
1742 if (gsm_encode_params(dlci, &pn_reply) == 0)
1743 gsm_control_reply(gsm, CMD_PN, (const u8 *)&pn_reply,
1745 else if (debug & DBG_ERRORS)
1746 pr_info("%s PN invalid\n", __func__);
1747 } else if (dlci->state == DLCI_CONFIGURE) {
1748 /* Proceed with link setup by sending SABM before UA */
1749 dlci->state = DLCI_OPENING;
1750 gsm_command(gsm, dlci->addr, SABM|PF);
1751 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1753 if (debug & DBG_ERRORS)
1754 pr_info("%s PN in invalid state\n", __func__);
1759 * gsm_control_rls - remote line status
1762 * @clen: data length
1764 * The modem sends us a two byte message on the control channel whenever
1765 * it wishes to send us an error state from the virtual link. Stuff
1766 * this into the uplink tty if present
1769 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1771 struct tty_port *port;
1772 unsigned int addr = 0;
1775 const u8 *dp = data;
1777 while (gsm_read_ea(&addr, *dp++) == 0) {
1782 /* Must be at least one byte following ea */
1787 /* Closed port, or invalid ? */
1788 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1792 if ((bits & 1) == 0)
1795 port = &gsm->dlci[addr]->port;
1798 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1800 tty_insert_flip_char(port, 0, TTY_PARITY);
1802 tty_insert_flip_char(port, 0, TTY_FRAME);
1804 tty_flip_buffer_push(port);
1806 gsm_control_reply(gsm, CMD_RLS, data, clen);
1809 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1812 * gsm_control_message - DLCI 0 control processing
1814 * @command: the command EA
1815 * @data: data beyond the command/length EAs
1818 * Input processor for control messages from the other end of the link.
1819 * Processes the incoming request and queues a response frame or an
1820 * NSC response if not supported
1823 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1824 const u8 *data, int clen)
1830 struct gsm_dlci *dlci = gsm->dlci[0];
1831 /* Modem wishes to close down */
1835 gsm_dlci_begin_close(dlci);
1840 /* Modem wishes to test, reply with the data */
1841 gsm_control_reply(gsm, CMD_TEST, data, clen);
1844 /* Modem can accept data again */
1845 gsm->constipated = false;
1846 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1847 /* Kick the link in case it is idling */
1848 gsmld_write_trigger(gsm);
1851 /* Modem wants us to STFU */
1852 gsm->constipated = true;
1853 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1856 /* Out of band modem line change indicator for a DLCI */
1857 gsm_control_modem(gsm, data, clen);
1860 /* Out of band error reception for a DLCI */
1861 gsm_control_rls(gsm, data, clen);
1864 /* Modem wishes to enter power saving state */
1865 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1867 /* Optional commands */
1869 /* Modem sends a parameter negotiation command */
1870 gsm_control_negotiation(gsm, 1, data, clen);
1872 /* Optional unsupported commands */
1873 case CMD_RPN: /* Remote port negotiation */
1874 case CMD_SNC: /* Service negotiation command */
1876 /* Reply to bad commands with an NSC */
1878 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1884 * gsm_control_response - process a response to our control
1886 * @command: the command (response) EA
1887 * @data: data beyond the command/length EA
1890 * Process a response to an outstanding command. We only allow a single
1891 * control message in flight so this is fairly easy. All the clean up
1892 * is done by the caller, we just update the fields, flag it as done
1896 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1897 const u8 *data, int clen)
1899 struct gsm_control *ctrl;
1900 unsigned long flags;
1902 spin_lock_irqsave(&gsm->control_lock, flags);
1904 ctrl = gsm->pending_cmd;
1906 /* Does the reply match our command */
1907 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1908 /* Our command was replied to, kill the retry timer */
1909 del_timer(&gsm->t2_timer);
1910 gsm->pending_cmd = NULL;
1911 /* Rejected by the other end */
1912 if (command == CMD_NSC)
1913 ctrl->error = -EOPNOTSUPP;
1915 wake_up(&gsm->event);
1916 /* Or did we receive the PN response to our PN command */
1917 } else if (command == CMD_PN) {
1918 gsm_control_negotiation(gsm, 0, data, clen);
1920 spin_unlock_irqrestore(&gsm->control_lock, flags);
1924 * gsm_control_transmit - send control packet
1926 * @ctrl: frame to send
1928 * Send out a pending control command (called under control lock)
1931 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1933 gsm_control_command(gsm, ctrl->cmd, ctrl->data, ctrl->len);
1937 * gsm_control_retransmit - retransmit a control frame
1938 * @t: timer contained in our gsm object
1940 * Called off the T2 timer expiry in order to retransmit control frames
1941 * that have been lost in the system somewhere. The control_lock protects
1942 * us from colliding with another sender or a receive completion event.
1943 * In that situation the timer may still occur in a small window but
1944 * gsm->pending_cmd will be NULL and we just let the timer expire.
1947 static void gsm_control_retransmit(struct timer_list *t)
1949 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1950 struct gsm_control *ctrl;
1951 unsigned long flags;
1952 spin_lock_irqsave(&gsm->control_lock, flags);
1953 ctrl = gsm->pending_cmd;
1955 if (gsm->cretries == 0 || !gsm->dlci[0] || gsm->dlci[0]->dead) {
1956 gsm->pending_cmd = NULL;
1957 ctrl->error = -ETIMEDOUT;
1959 spin_unlock_irqrestore(&gsm->control_lock, flags);
1960 wake_up(&gsm->event);
1964 gsm_control_transmit(gsm, ctrl);
1965 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1967 spin_unlock_irqrestore(&gsm->control_lock, flags);
1971 * gsm_control_send - send a control frame on DLCI 0
1972 * @gsm: the GSM channel
1973 * @command: command to send including CR bit
1974 * @data: bytes of data (must be kmalloced)
1975 * @clen: length of the block to send
1977 * Queue and dispatch a control command. Only one command can be
1978 * active at a time. In theory more can be outstanding but the matching
1979 * gets really complicated so for now stick to one outstanding.
1982 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1983 unsigned int command, u8 *data, int clen)
1985 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1987 unsigned long flags;
1991 wait_event(gsm->event, gsm->pending_cmd == NULL);
1992 spin_lock_irqsave(&gsm->control_lock, flags);
1993 if (gsm->pending_cmd != NULL) {
1994 spin_unlock_irqrestore(&gsm->control_lock, flags);
1997 ctrl->cmd = command;
2000 gsm->pending_cmd = ctrl;
2002 /* If DLCI0 is in ADM mode skip retries, it won't respond */
2003 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
2006 gsm->cretries = gsm->n2;
2008 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
2009 gsm_control_transmit(gsm, ctrl);
2010 spin_unlock_irqrestore(&gsm->control_lock, flags);
2015 * gsm_control_wait - wait for a control to finish
2017 * @control: control we are waiting on
2019 * Waits for the control to complete or time out. Frees any used
2020 * resources and returns 0 for success, or an error if the remote
2021 * rejected or ignored the request.
2024 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
2027 wait_event(gsm->event, control->done == 1);
2028 err = control->error;
2035 * DLCI level handling: Needs krefs
2039 * State transitions and timers
2043 * gsm_dlci_close - a DLCI has closed
2044 * @dlci: DLCI that closed
2046 * Perform processing when moving a DLCI into closed state. If there
2047 * is an attached tty this is hung up
2050 static void gsm_dlci_close(struct gsm_dlci *dlci)
2052 del_timer(&dlci->t1);
2053 if (debug & DBG_ERRORS)
2054 pr_debug("DLCI %d goes closed.\n", dlci->addr);
2055 dlci->state = DLCI_CLOSED;
2056 /* Prevent us from sending data before the link is up again */
2057 dlci->constipated = true;
2058 if (dlci->addr != 0) {
2059 tty_port_tty_hangup(&dlci->port, false);
2060 gsm_dlci_clear_queues(dlci->gsm, dlci);
2061 /* Ensure that gsmtty_open() can return. */
2062 tty_port_set_initialized(&dlci->port, 0);
2063 wake_up_interruptible(&dlci->port.open_wait);
2065 dlci->gsm->dead = true;
2066 /* A DLCI 0 close is a MUX termination so we need to kick that
2067 back to userspace somehow */
2068 gsm_dlci_data_kick(dlci);
2069 wake_up(&dlci->gsm->event);
2073 * gsm_dlci_open - a DLCI has opened
2074 * @dlci: DLCI that opened
2076 * Perform processing when moving a DLCI into open state.
2079 static void gsm_dlci_open(struct gsm_dlci *dlci)
2081 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
2083 del_timer(&dlci->t1);
2084 /* This will let a tty open continue */
2085 dlci->state = DLCI_OPEN;
2086 dlci->constipated = false;
2087 if (debug & DBG_ERRORS)
2088 pr_debug("DLCI %d goes open.\n", dlci->addr);
2089 /* Send current modem state */
2091 gsm_modem_update(dlci, 0);
2092 gsm_dlci_data_kick(dlci);
2093 wake_up(&dlci->gsm->event);
2097 * gsm_dlci_negotiate - start parameter negotiation
2098 * @dlci: DLCI to open
2100 * Starts the parameter negotiation for the new DLCI. This needs to be done
2101 * before the DLCI initialized the channel via SABM.
2103 static int gsm_dlci_negotiate(struct gsm_dlci *dlci)
2105 struct gsm_mux *gsm = dlci->gsm;
2106 struct gsm_dlci_param_bits params;
2109 ret = gsm_encode_params(dlci, ¶ms);
2113 /* We cannot asynchronous wait for the command response with
2114 * gsm_command() and gsm_control_wait() at this point.
2116 ret = gsm_control_command(gsm, CMD_PN, (const u8 *)¶ms,
2123 * gsm_dlci_t1 - T1 timer expiry
2124 * @t: timer contained in the DLCI that opened
2126 * The T1 timer handles retransmits of control frames (essentially of
2127 * SABM and DISC). We resend the command until the retry count runs out
2128 * in which case an opening port goes back to closed and a closing port
2129 * is simply put into closed state (any further frames from the other
2130 * end will get a DM response)
2132 * Some control dlci can stay in ADM mode with other dlci working just
2133 * fine. In that case we can just keep the control dlci open after the
2134 * DLCI_OPENING retries time out.
2137 static void gsm_dlci_t1(struct timer_list *t)
2139 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
2140 struct gsm_mux *gsm = dlci->gsm;
2142 switch (dlci->state) {
2143 case DLCI_CONFIGURE:
2144 if (dlci->retries && gsm_dlci_negotiate(dlci) == 0) {
2146 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
2148 gsm_dlci_begin_close(dlci); /* prevent half open link */
2152 if (dlci->retries) {
2154 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
2155 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
2156 } else if (!dlci->addr && gsm->control == (DM | PF)) {
2157 if (debug & DBG_ERRORS)
2158 pr_info("DLCI %d opening in ADM mode.\n",
2160 dlci->mode = DLCI_MODE_ADM;
2161 gsm_dlci_open(dlci);
2163 gsm_dlci_begin_close(dlci); /* prevent half open link */
2168 if (dlci->retries) {
2170 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
2171 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
2173 gsm_dlci_close(dlci);
2176 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
2182 * gsm_dlci_begin_open - start channel open procedure
2183 * @dlci: DLCI to open
2185 * Commence opening a DLCI from the Linux side. We issue SABM messages
2186 * to the modem which should then reply with a UA or ADM, at which point
2187 * we will move into open state. Opening is done asynchronously with retry
2188 * running off timers and the responses.
2189 * Parameter negotiation is performed before SABM if required.
2192 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
2194 struct gsm_mux *gsm = dlci ? dlci->gsm : NULL;
2195 bool need_pn = false;
2200 if (dlci->addr != 0) {
2201 if (gsm->adaption != 1 || gsm->adaption != dlci->adaption)
2203 if (dlci->prio != (roundup(dlci->addr + 1, 8) - 1))
2205 if (gsm->ftype != dlci->ftype)
2209 switch (dlci->state) {
2212 dlci->retries = gsm->n2;
2214 dlci->state = DLCI_OPENING;
2215 gsm_command(gsm, dlci->addr, SABM|PF);
2217 /* Configure DLCI before setup */
2218 dlci->state = DLCI_CONFIGURE;
2219 if (gsm_dlci_negotiate(dlci) != 0) {
2220 gsm_dlci_close(dlci);
2224 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
2232 * gsm_dlci_set_opening - change state to opening
2233 * @dlci: DLCI to open
2235 * Change internal state to wait for DLCI open from initiator side.
2236 * We set off timers and responses upon reception of an SABM.
2238 static void gsm_dlci_set_opening(struct gsm_dlci *dlci)
2240 switch (dlci->state) {
2243 dlci->state = DLCI_OPENING;
2251 * gsm_dlci_begin_close - start channel open procedure
2252 * @dlci: DLCI to open
2254 * Commence closing a DLCI from the Linux side. We issue DISC messages
2255 * to the modem which should then reply with a UA, at which point we
2256 * will move into closed state. Closing is done asynchronously with retry
2257 * off timers. We may also receive a DM reply from the other end which
2258 * indicates the channel was already closed.
2261 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
2263 struct gsm_mux *gsm = dlci->gsm;
2264 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
2266 dlci->retries = gsm->n2;
2267 dlci->state = DLCI_CLOSING;
2268 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
2269 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
2273 * gsm_dlci_data - data arrived
2275 * @data: block of bytes received
2276 * @clen: length of received block
2278 * A UI or UIH frame has arrived which contains data for a channel
2279 * other than the control channel. If the relevant virtual tty is
2280 * open we shovel the bits down it, if not we drop them.
2283 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
2286 struct tty_port *port = &dlci->port;
2287 struct tty_struct *tty;
2288 unsigned int modem = 0;
2291 if (debug & DBG_TTY)
2292 pr_debug("%d bytes for tty\n", clen);
2293 switch (dlci->adaption) {
2294 /* Unsupported types */
2295 case 4: /* Packetised interruptible data */
2297 case 3: /* Packetised uininterruptible voice/data */
2299 case 2: /* Asynchronous serial with line state in each frame */
2300 len = gsm_read_ea_val(&modem, data, clen);
2303 tty = tty_port_tty_get(port);
2305 gsm_process_modem(tty, dlci, modem, len);
2309 /* Skip processed modem data */
2313 case 1: /* Line state will go via DLCI 0 controls only */
2315 tty_insert_flip_string(port, data, clen);
2316 tty_flip_buffer_push(port);
2321 * gsm_dlci_command - data arrived on control channel
2323 * @data: block of bytes received
2324 * @len: length of received block
2326 * A UI or UIH frame has arrived which contains data for DLCI 0 the
2327 * control channel. This should contain a command EA followed by
2328 * control data bytes. The command EA contains a command/response bit
2329 * and we divide up the work accordingly.
2332 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
2334 /* See what command is involved */
2335 unsigned int command = 0;
2336 unsigned int clen = 0;
2339 /* read the command */
2340 dlen = gsm_read_ea_val(&command, data, len);
2344 /* read any control data */
2345 dlen = gsm_read_ea_val(&clen, data, len);
2349 /* Malformed command? */
2354 gsm_control_message(dlci->gsm, command, data, clen);
2356 gsm_control_response(dlci->gsm, command, data, clen);
2360 * gsm_kick_timer - transmit if possible
2361 * @t: timer contained in our gsm object
2363 * Transmit data from DLCIs if the queue is empty. We can't rely on
2364 * a tty wakeup except when we filled the pipe so we need to fire off
2365 * new data ourselves in other cases.
2367 static void gsm_kick_timer(struct timer_list *t)
2369 struct gsm_mux *gsm = from_timer(gsm, t, kick_timer);
2370 unsigned long flags;
2373 spin_lock_irqsave(&gsm->tx_lock, flags);
2374 /* If we have nothing running then we need to fire up */
2375 if (gsm->tx_bytes < TX_THRESH_LO)
2376 sent = gsm_dlci_data_sweep(gsm);
2377 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2379 if (sent && debug & DBG_DATA)
2380 pr_info("%s TX queue stalled\n", __func__);
2384 * Allocate/Free DLCI channels
2388 * gsm_dlci_alloc - allocate a DLCI
2390 * @addr: address of the DLCI
2392 * Allocate and install a new DLCI object into the GSM mux.
2394 * FIXME: review locking races
2397 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
2399 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
2402 spin_lock_init(&dlci->lock);
2403 mutex_init(&dlci->mutex);
2404 if (kfifo_alloc(&dlci->fifo, TX_SIZE, GFP_KERNEL) < 0) {
2409 skb_queue_head_init(&dlci->skb_list);
2410 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
2411 tty_port_init(&dlci->port);
2412 dlci->port.ops = &gsm_port_ops;
2415 dlci->adaption = gsm->adaption;
2416 dlci->mtu = gsm->mtu;
2420 dlci->prio = roundup(addr + 1, 8) - 1;
2421 dlci->ftype = gsm->ftype;
2423 dlci->state = DLCI_CLOSED;
2425 dlci->data = gsm_dlci_data;
2426 /* Prevent us from sending data before the link is up */
2427 dlci->constipated = true;
2429 dlci->data = gsm_dlci_command;
2431 gsm->dlci[addr] = dlci;
2436 * gsm_dlci_free - free DLCI
2437 * @port: tty port for DLCI to free
2443 static void gsm_dlci_free(struct tty_port *port)
2445 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2447 timer_shutdown_sync(&dlci->t1);
2448 dlci->gsm->dlci[dlci->addr] = NULL;
2449 kfifo_free(&dlci->fifo);
2450 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
2451 dev_kfree_skb(dlci->skb);
2455 static inline void dlci_get(struct gsm_dlci *dlci)
2457 tty_port_get(&dlci->port);
2460 static inline void dlci_put(struct gsm_dlci *dlci)
2462 tty_port_put(&dlci->port);
2465 static void gsm_destroy_network(struct gsm_dlci *dlci);
2468 * gsm_dlci_release - release DLCI
2469 * @dlci: DLCI to destroy
2471 * Release a DLCI. Actual free is deferred until either
2472 * mux is closed or tty is closed - whichever is last.
2476 static void gsm_dlci_release(struct gsm_dlci *dlci)
2478 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
2480 mutex_lock(&dlci->mutex);
2481 gsm_destroy_network(dlci);
2482 mutex_unlock(&dlci->mutex);
2484 /* We cannot use tty_hangup() because in tty_kref_put() the tty
2485 * driver assumes that the hangup queue is free and reuses it to
2486 * queue release_one_tty() -> NULL pointer panic in
2487 * process_one_work().
2491 tty_port_tty_set(&dlci->port, NULL);
2494 dlci->state = DLCI_CLOSED;
2499 * LAPBish link layer logic
2503 * gsm_queue - a GSM frame is ready to process
2504 * @gsm: pointer to our gsm mux
2506 * At this point in time a frame has arrived and been demangled from
2507 * the line encoding. All the differences between the encodings have
2508 * been handled below us and the frame is unpacked into the structures.
2509 * The fcs holds the header FCS but any data FCS must be added here.
2512 static void gsm_queue(struct gsm_mux *gsm)
2514 struct gsm_dlci *dlci;
2518 if (gsm->fcs != GOOD_FCS) {
2520 if (debug & DBG_DATA)
2521 pr_debug("BAD FCS %02x\n", gsm->fcs);
2524 address = gsm->address >> 1;
2525 if (address >= NUM_DLCI)
2528 cr = gsm->address & 1; /* C/R bit */
2529 cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */
2531 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
2533 dlci = gsm->dlci[address];
2535 switch (gsm->control) {
2540 dlci = gsm_dlci_alloc(gsm, address);
2544 gsm_response(gsm, address, DM|PF);
2546 gsm_response(gsm, address, UA|PF);
2547 gsm_dlci_open(dlci);
2553 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
2554 gsm_response(gsm, address, DM|PF);
2557 /* Real close complete */
2558 gsm_response(gsm, address, UA|PF);
2559 gsm_dlci_close(dlci);
2562 if (cr == 0 || dlci == NULL)
2564 switch (dlci->state) {
2566 gsm_dlci_close(dlci);
2569 gsm_dlci_open(dlci);
2572 pr_debug("%s: unhandled state: %d\n", __func__,
2577 case DM: /* DM can be valid unsolicited */
2583 gsm_dlci_close(dlci);
2589 if (dlci == NULL || dlci->state != DLCI_OPEN) {
2590 gsm_response(gsm, address, DM|PF);
2593 dlci->data(dlci, gsm->buf, gsm->len);
2606 * gsm0_receive - perform processing for non-transparency
2607 * @gsm: gsm data for this ldisc instance
2610 * Receive bytes in gsm mode 0
2613 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
2617 switch (gsm->state) {
2618 case GSM_SEARCH: /* SOF marker */
2619 if (c == GSM0_SOF) {
2620 gsm->state = GSM_ADDRESS;
2623 gsm->fcs = INIT_FCS;
2626 case GSM_ADDRESS: /* Address EA */
2627 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2628 if (gsm_read_ea(&gsm->address, c))
2629 gsm->state = GSM_CONTROL;
2631 case GSM_CONTROL: /* Control Byte */
2632 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2634 gsm->state = GSM_LEN0;
2636 case GSM_LEN0: /* Length EA */
2637 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2638 if (gsm_read_ea(&gsm->len, c)) {
2639 if (gsm->len > gsm->mru) {
2641 gsm->state = GSM_SEARCH;
2646 gsm->state = GSM_FCS;
2648 gsm->state = GSM_DATA;
2651 gsm->state = GSM_LEN1;
2654 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2656 gsm->len |= len << 7;
2657 if (gsm->len > gsm->mru) {
2659 gsm->state = GSM_SEARCH;
2664 gsm->state = GSM_FCS;
2666 gsm->state = GSM_DATA;
2668 case GSM_DATA: /* Data */
2669 gsm->buf[gsm->count++] = c;
2670 if (gsm->count == gsm->len) {
2671 /* Calculate final FCS for UI frames over all data */
2672 if ((gsm->control & ~PF) != UIH) {
2673 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
2676 gsm->state = GSM_FCS;
2679 case GSM_FCS: /* FCS follows the packet */
2680 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2681 gsm->state = GSM_SSOF;
2684 gsm->state = GSM_SEARCH;
2691 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2697 * gsm1_receive - perform processing for non-transparency
2698 * @gsm: gsm data for this ldisc instance
2701 * Receive bytes in mode 1 (Advanced option)
2704 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2706 /* handle XON/XOFF */
2707 if ((c & ISO_IEC_646_MASK) == XON) {
2708 gsm->constipated = true;
2710 } else if ((c & ISO_IEC_646_MASK) == XOFF) {
2711 gsm->constipated = false;
2712 /* Kick the link in case it is idling */
2713 gsmld_write_trigger(gsm);
2716 if (c == GSM1_SOF) {
2717 /* EOF is only valid in frame if we have got to the data state */
2718 if (gsm->state == GSM_DATA) {
2719 if (gsm->count < 1) {
2722 gsm->state = GSM_START;
2725 /* Remove the FCS from data */
2727 if ((gsm->control & ~PF) != UIH) {
2728 /* Calculate final FCS for UI frames over all
2731 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
2734 /* Add the FCS itself to test against GOOD_FCS */
2735 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2736 gsm->len = gsm->count;
2738 gsm->state = GSM_START;
2741 /* Any partial frame was a runt so go back to start */
2742 if (gsm->state != GSM_START) {
2743 if (gsm->state != GSM_SEARCH)
2745 gsm->state = GSM_START;
2747 /* A SOF in GSM_START means we are still reading idling or
2752 if (c == GSM1_ESCAPE) {
2757 /* Only an unescaped SOF gets us out of GSM search */
2758 if (gsm->state == GSM_SEARCH)
2762 c ^= GSM1_ESCAPE_BITS;
2763 gsm->escape = false;
2765 switch (gsm->state) {
2766 case GSM_START: /* First byte after SOF */
2768 gsm->state = GSM_ADDRESS;
2769 gsm->fcs = INIT_FCS;
2771 case GSM_ADDRESS: /* Address continuation */
2772 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2773 if (gsm_read_ea(&gsm->address, c))
2774 gsm->state = GSM_CONTROL;
2776 case GSM_CONTROL: /* Control Byte */
2777 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2780 gsm->state = GSM_DATA;
2782 case GSM_DATA: /* Data */
2783 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2784 gsm->state = GSM_OVERRUN;
2787 gsm->buf[gsm->count++] = c;
2789 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2792 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2798 * gsm_error - handle tty error
2801 * Handle an error in the receipt of data for a frame. Currently we just
2802 * go back to hunting for a SOF.
2804 * FIXME: better diagnostics ?
2807 static void gsm_error(struct gsm_mux *gsm)
2809 gsm->state = GSM_SEARCH;
2814 * gsm_cleanup_mux - generic GSM protocol cleanup
2816 * @disc: disconnect link?
2818 * Clean up the bits of the mux which are the same for all framing
2819 * protocols. Remove the mux from the mux table, stop all the timers
2820 * and then shut down each device hanging up the channels as we go.
2823 static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc)
2826 struct gsm_dlci *dlci = gsm->dlci[0];
2827 struct gsm_msg *txq, *ntxq;
2830 mutex_lock(&gsm->mutex);
2833 if (disc && dlci->state != DLCI_CLOSED) {
2834 gsm_dlci_begin_close(dlci);
2835 wait_event(gsm->event, dlci->state == DLCI_CLOSED);
2840 /* Finish outstanding timers, making sure they are done */
2841 del_timer_sync(&gsm->kick_timer);
2842 del_timer_sync(&gsm->t2_timer);
2844 /* Finish writing to ldisc */
2845 flush_work(&gsm->tx_work);
2847 /* Free up any link layer users and finally the control channel */
2848 if (gsm->has_devices) {
2849 gsm_unregister_devices(gsm_tty_driver, gsm->num);
2850 gsm->has_devices = false;
2852 for (i = NUM_DLCI - 1; i >= 0; i--)
2854 gsm_dlci_release(gsm->dlci[i]);
2855 mutex_unlock(&gsm->mutex);
2856 /* Now wipe the queues */
2857 tty_ldisc_flush(gsm->tty);
2858 list_for_each_entry_safe(txq, ntxq, &gsm->tx_ctrl_list, list)
2860 INIT_LIST_HEAD(&gsm->tx_ctrl_list);
2861 list_for_each_entry_safe(txq, ntxq, &gsm->tx_data_list, list)
2863 INIT_LIST_HEAD(&gsm->tx_data_list);
2867 * gsm_activate_mux - generic GSM setup
2870 * Set up the bits of the mux which are the same for all framing
2871 * protocols. Add the mux to the mux table so it can be opened and
2872 * finally kick off connecting to DLCI 0 on the modem.
2875 static int gsm_activate_mux(struct gsm_mux *gsm)
2877 struct gsm_dlci *dlci;
2880 dlci = gsm_dlci_alloc(gsm, 0);
2884 if (gsm->encoding == GSM_BASIC_OPT)
2885 gsm->receive = gsm0_receive;
2887 gsm->receive = gsm1_receive;
2889 ret = gsm_register_devices(gsm_tty_driver, gsm->num);
2893 gsm->has_devices = true;
2894 gsm->dead = false; /* Tty opens are now permissible */
2899 * gsm_free_mux - free up a mux
2902 * Dispose of allocated resources for a dead mux
2904 static void gsm_free_mux(struct gsm_mux *gsm)
2908 for (i = 0; i < MAX_MUX; i++) {
2909 if (gsm == gsm_mux[i]) {
2914 mutex_destroy(&gsm->mutex);
2915 kfree(gsm->txframe);
2921 * gsm_free_muxr - free up a mux
2922 * @ref: kreference to the mux to free
2924 * Dispose of allocated resources for a dead mux
2926 static void gsm_free_muxr(struct kref *ref)
2928 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2932 static inline void mux_get(struct gsm_mux *gsm)
2934 unsigned long flags;
2936 spin_lock_irqsave(&gsm_mux_lock, flags);
2937 kref_get(&gsm->ref);
2938 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2941 static inline void mux_put(struct gsm_mux *gsm)
2943 unsigned long flags;
2945 spin_lock_irqsave(&gsm_mux_lock, flags);
2946 kref_put(&gsm->ref, gsm_free_muxr);
2947 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2950 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2952 return gsm->num * NUM_DLCI;
2955 static inline unsigned int mux_line_to_num(unsigned int line)
2957 return line / NUM_DLCI;
2961 * gsm_alloc_mux - allocate a mux
2963 * Creates a new mux ready for activation.
2966 static struct gsm_mux *gsm_alloc_mux(void)
2969 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2972 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2973 if (gsm->buf == NULL) {
2977 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
2978 if (gsm->txframe == NULL) {
2983 spin_lock_init(&gsm->lock);
2984 mutex_init(&gsm->mutex);
2985 kref_init(&gsm->ref);
2986 INIT_LIST_HEAD(&gsm->tx_ctrl_list);
2987 INIT_LIST_HEAD(&gsm->tx_data_list);
2988 timer_setup(&gsm->kick_timer, gsm_kick_timer, 0);
2989 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2990 INIT_WORK(&gsm->tx_work, gsmld_write_task);
2991 init_waitqueue_head(&gsm->event);
2992 spin_lock_init(&gsm->control_lock);
2993 spin_lock_init(&gsm->tx_lock);
3002 gsm->encoding = GSM_ADV_OPT;
3003 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
3005 gsm->dead = true; /* Avoid early tty opens */
3007 /* Store the instance to the mux array or abort if no space is
3010 spin_lock(&gsm_mux_lock);
3011 for (i = 0; i < MAX_MUX; i++) {
3018 spin_unlock(&gsm_mux_lock);
3020 mutex_destroy(&gsm->mutex);
3021 kfree(gsm->txframe);
3030 static void gsm_copy_config_values(struct gsm_mux *gsm,
3031 struct gsm_config *c)
3033 memset(c, 0, sizeof(*c));
3034 c->adaption = gsm->adaption;
3035 c->encapsulation = gsm->encoding;
3036 c->initiator = gsm->initiator;
3041 if (gsm->ftype == UIH)
3045 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
3051 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
3055 int need_restart = 0;
3057 /* Stuff we don't support yet - UI or I frame transport, windowing */
3058 if ((c->adaption != 1 && c->adaption != 2) || c->k)
3060 /* Check the MRU/MTU range looks sane */
3061 if (c->mru < MIN_MTU || c->mtu < MIN_MTU)
3063 if (c->mru > MAX_MRU || c->mtu > MAX_MTU)
3069 if (c->encapsulation > 1) /* Basic, advanced, no I */
3071 if (c->initiator > 1)
3073 if (c->k > MAX_WINDOW_SIZE)
3075 if (c->i == 0 || c->i > 2) /* UIH and UI only */
3078 * See what is needed for reconfiguration
3082 if (c->t1 != 0 && c->t1 != gsm->t1)
3084 if (c->t2 != 0 && c->t2 != gsm->t2)
3086 if (c->encapsulation != gsm->encoding)
3088 if (c->adaption != gsm->adaption)
3091 if (c->initiator != gsm->initiator)
3093 if (c->mru != gsm->mru)
3095 if (c->mtu != gsm->mtu)
3099 * Close down what is needed, restart and initiate the new
3100 * configuration. On the first time there is no DLCI[0]
3101 * and closing or cleaning up is not necessary.
3103 if (need_close || need_restart)
3104 gsm_cleanup_mux(gsm, true);
3106 gsm->initiator = c->initiator;
3109 gsm->encoding = c->encapsulation ? GSM_ADV_OPT : GSM_BASIC_OPT;
3110 gsm->adaption = c->adaption;
3128 * FIXME: We need to separate activation/deactivation from adding
3129 * and removing from the mux array
3132 ret = gsm_activate_mux(gsm);
3136 gsm_dlci_begin_open(gsm->dlci[0]);
3142 * gsmld_output - write to link
3144 * @data: bytes to output
3147 * Write a block of data from the GSM mux to the data channel. This
3148 * will eventually be serialized from above but at the moment isn't.
3151 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
3153 if (tty_write_room(gsm->tty) < len) {
3154 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
3157 if (debug & DBG_DATA)
3158 gsm_hex_dump_bytes(__func__, data, len);
3159 return gsm->tty->ops->write(gsm->tty, data, len);
3164 * gsmld_write_trigger - schedule ldisc write task
3167 static void gsmld_write_trigger(struct gsm_mux *gsm)
3169 if (!gsm || !gsm->dlci[0] || gsm->dlci[0]->dead)
3171 schedule_work(&gsm->tx_work);
3176 * gsmld_write_task - ldisc write task
3177 * @work: our tx write work
3179 * Writes out data to the ldisc if possible. We are doing this here to
3180 * avoid dead-locking. This returns if no space or data is left for output.
3182 static void gsmld_write_task(struct work_struct *work)
3184 struct gsm_mux *gsm = container_of(work, struct gsm_mux, tx_work);
3185 unsigned long flags;
3188 /* All outstanding control channel and control messages and one data
3192 spin_lock_irqsave(&gsm->tx_lock, flags);
3194 ret = gsm_data_kick(gsm);
3195 spin_unlock_irqrestore(&gsm->tx_lock, flags);
3198 for (i = 0; i < NUM_DLCI; i++)
3200 tty_port_tty_wakeup(&gsm->dlci[i]->port);
3204 * gsmld_attach_gsm - mode set up
3205 * @tty: our tty structure
3208 * Set up the MUX for basic mode and commence connecting to the
3209 * modem. Currently called from the line discipline set up but
3210 * will need moving to an ioctl path.
3213 static void gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
3215 gsm->tty = tty_kref_get(tty);
3216 /* Turn off tty XON/XOFF handling to handle it explicitly. */
3217 gsm->old_c_iflag = tty->termios.c_iflag;
3218 tty->termios.c_iflag &= (IXON | IXOFF);
3222 * gsmld_detach_gsm - stop doing 0710 mux
3223 * @tty: tty attached to the mux
3226 * Shutdown and then clean up the resources used by the line discipline
3229 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
3231 WARN_ON(tty != gsm->tty);
3232 /* Restore tty XON/XOFF handling. */
3233 gsm->tty->termios.c_iflag = gsm->old_c_iflag;
3234 tty_kref_put(gsm->tty);
3238 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
3239 const char *fp, int count)
3241 struct gsm_mux *gsm = tty->disc_data;
3242 char flags = TTY_NORMAL;
3244 if (debug & DBG_DATA)
3245 gsm_hex_dump_bytes(__func__, cp, count);
3247 for (; count; count--, cp++) {
3253 gsm->receive(gsm, *cp);
3262 WARN_ONCE(1, "%s: unknown flag %d\n",
3263 tty_name(tty), flags);
3267 /* FASYNC if needed ? */
3268 /* If clogged call tty_throttle(tty); */
3272 * gsmld_flush_buffer - clean input queue
3273 * @tty: terminal device
3275 * Flush the input buffer. Called when the line discipline is
3276 * being closed, when the tty layer wants the buffer flushed (eg
3280 static void gsmld_flush_buffer(struct tty_struct *tty)
3285 * gsmld_close - close the ldisc for this tty
3288 * Called from the terminal layer when this line discipline is
3289 * being shut down, either because of a close or becsuse of a
3290 * discipline change. The function will not be called while other
3291 * ldisc methods are in progress.
3294 static void gsmld_close(struct tty_struct *tty)
3296 struct gsm_mux *gsm = tty->disc_data;
3298 /* The ldisc locks and closes the port before calling our close. This
3299 * means we have no way to do a proper disconnect. We will not bother
3302 gsm_cleanup_mux(gsm, false);
3304 gsmld_detach_gsm(tty, gsm);
3306 gsmld_flush_buffer(tty);
3307 /* Do other clean up here */
3312 * gsmld_open - open an ldisc
3313 * @tty: terminal to open
3315 * Called when this line discipline is being attached to the
3316 * terminal device. Can sleep. Called serialized so that no
3317 * other events will occur in parallel. No further open will occur
3321 static int gsmld_open(struct tty_struct *tty)
3323 struct gsm_mux *gsm;
3325 if (tty->ops->write == NULL)
3328 /* Attach our ldisc data */
3329 gsm = gsm_alloc_mux();
3333 tty->disc_data = gsm;
3334 tty->receive_room = 65536;
3336 /* Attach the initial passive connection */
3337 gsm->encoding = GSM_ADV_OPT;
3338 gsmld_attach_gsm(tty, gsm);
3344 * gsmld_write_wakeup - asynchronous I/O notifier
3347 * Required for the ptys, serial driver etc. since processes
3348 * that attach themselves to the master and rely on ASYNC
3349 * IO must be woken up
3352 static void gsmld_write_wakeup(struct tty_struct *tty)
3354 struct gsm_mux *gsm = tty->disc_data;
3357 gsmld_write_trigger(gsm);
3361 * gsmld_read - read function for tty
3363 * @file: file object
3364 * @buf: userspace buffer pointer
3369 * Perform reads for the line discipline. We are guaranteed that the
3370 * line discipline will not be closed under us but we may get multiple
3371 * parallel readers and must handle this ourselves. We may also get
3372 * a hangup. Always called in user context, may sleep.
3374 * This code must be sure never to sleep through a hangup.
3377 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
3378 unsigned char *buf, size_t nr,
3379 void **cookie, unsigned long offset)
3385 * gsmld_write - write function for tty
3387 * @file: file object
3388 * @buf: userspace buffer pointer
3391 * Called when the owner of the device wants to send a frame
3392 * itself (or some other control data). The data is transferred
3393 * as-is and must be properly framed and checksummed as appropriate
3394 * by userspace. Frames are either sent whole or not at all as this
3395 * avoids pain user side.
3398 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
3399 const unsigned char *buf, size_t nr)
3401 struct gsm_mux *gsm = tty->disc_data;
3402 unsigned long flags;
3410 spin_lock_irqsave(&gsm->tx_lock, flags);
3411 space = tty_write_room(tty);
3413 ret = tty->ops->write(tty, buf, nr);
3415 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
3416 spin_unlock_irqrestore(&gsm->tx_lock, flags);
3422 * gsmld_poll - poll method for N_GSM0710
3423 * @tty: terminal device
3424 * @file: file accessing it
3427 * Called when the line discipline is asked to poll() for data or
3428 * for special events. This code is not serialized with respect to
3429 * other events save open/close.
3431 * This code must be sure never to sleep through a hangup.
3432 * Called without the kernel lock held - fine
3435 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
3439 struct gsm_mux *gsm = tty->disc_data;
3441 poll_wait(file, &tty->read_wait, wait);
3442 poll_wait(file, &tty->write_wait, wait);
3446 if (tty_hung_up_p(file))
3448 if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
3450 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
3451 mask |= EPOLLOUT | EPOLLWRNORM;
3455 static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd,
3458 struct gsm_config c;
3459 struct gsm_mux *gsm = tty->disc_data;
3463 case GSMIOC_GETCONF:
3464 gsm_copy_config_values(gsm, &c);
3465 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
3468 case GSMIOC_SETCONF:
3469 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
3471 return gsm_config(gsm, &c);
3472 case GSMIOC_GETFIRST:
3473 base = mux_num_to_base(gsm);
3474 return put_user(base + 1, (__u32 __user *)arg);
3476 return n_tty_ioctl_helper(tty, cmd, arg);
3485 static int gsm_mux_net_open(struct net_device *net)
3487 pr_debug("%s called\n", __func__);
3488 netif_start_queue(net);
3492 static int gsm_mux_net_close(struct net_device *net)
3494 netif_stop_queue(net);
3498 static void dlci_net_free(struct gsm_dlci *dlci)
3504 dlci->adaption = dlci->prev_adaption;
3505 dlci->data = dlci->prev_data;
3506 free_netdev(dlci->net);
3509 static void net_free(struct kref *ref)
3511 struct gsm_mux_net *mux_net;
3512 struct gsm_dlci *dlci;
3514 mux_net = container_of(ref, struct gsm_mux_net, ref);
3515 dlci = mux_net->dlci;
3518 unregister_netdev(dlci->net);
3519 dlci_net_free(dlci);
3523 static inline void muxnet_get(struct gsm_mux_net *mux_net)
3525 kref_get(&mux_net->ref);
3528 static inline void muxnet_put(struct gsm_mux_net *mux_net)
3530 kref_put(&mux_net->ref, net_free);
3533 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
3534 struct net_device *net)
3536 struct gsm_mux_net *mux_net = netdev_priv(net);
3537 struct gsm_dlci *dlci = mux_net->dlci;
3538 muxnet_get(mux_net);
3540 skb_queue_head(&dlci->skb_list, skb);
3541 net->stats.tx_packets++;
3542 net->stats.tx_bytes += skb->len;
3543 gsm_dlci_data_kick(dlci);
3544 /* And tell the kernel when the last transmit started. */
3545 netif_trans_update(net);
3546 muxnet_put(mux_net);
3547 return NETDEV_TX_OK;
3550 /* called when a packet did not ack after watchdogtimeout */
3551 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
3553 /* Tell syslog we are hosed. */
3554 dev_dbg(&net->dev, "Tx timed out.\n");
3556 /* Update statistics */
3557 net->stats.tx_errors++;
3560 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
3561 const unsigned char *in_buf, int size)
3563 struct net_device *net = dlci->net;
3564 struct sk_buff *skb;
3565 struct gsm_mux_net *mux_net = netdev_priv(net);
3566 muxnet_get(mux_net);
3568 /* Allocate an sk_buff */
3569 skb = dev_alloc_skb(size + NET_IP_ALIGN);
3571 /* We got no receive buffer. */
3572 net->stats.rx_dropped++;
3573 muxnet_put(mux_net);
3576 skb_reserve(skb, NET_IP_ALIGN);
3577 skb_put_data(skb, in_buf, size);
3580 skb->protocol = htons(ETH_P_IP);
3582 /* Ship it off to the kernel */
3585 /* update out statistics */
3586 net->stats.rx_packets++;
3587 net->stats.rx_bytes += size;
3588 muxnet_put(mux_net);
3592 static void gsm_mux_net_init(struct net_device *net)
3594 static const struct net_device_ops gsm_netdev_ops = {
3595 .ndo_open = gsm_mux_net_open,
3596 .ndo_stop = gsm_mux_net_close,
3597 .ndo_start_xmit = gsm_mux_net_start_xmit,
3598 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
3601 net->netdev_ops = &gsm_netdev_ops;
3603 /* fill in the other fields */
3604 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
3605 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
3606 net->type = ARPHRD_NONE;
3607 net->tx_queue_len = 10;
3611 /* caller holds the dlci mutex */
3612 static void gsm_destroy_network(struct gsm_dlci *dlci)
3614 struct gsm_mux_net *mux_net;
3616 pr_debug("destroy network interface\n");
3619 mux_net = netdev_priv(dlci->net);
3620 muxnet_put(mux_net);
3624 /* caller holds the dlci mutex */
3625 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
3629 struct net_device *net;
3630 struct gsm_mux_net *mux_net;
3632 if (!capable(CAP_NET_ADMIN))
3635 /* Already in a non tty mode */
3636 if (dlci->adaption > 2)
3639 if (nc->protocol != htons(ETH_P_IP))
3640 return -EPROTONOSUPPORT;
3642 if (nc->adaption != 3 && nc->adaption != 4)
3643 return -EPROTONOSUPPORT;
3645 pr_debug("create network interface\n");
3648 if (nc->if_name[0] != '\0')
3649 netname = nc->if_name;
3650 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
3651 NET_NAME_UNKNOWN, gsm_mux_net_init);
3653 pr_err("alloc_netdev failed\n");
3656 net->mtu = dlci->mtu;
3657 net->min_mtu = MIN_MTU;
3658 net->max_mtu = dlci->mtu;
3659 mux_net = netdev_priv(net);
3660 mux_net->dlci = dlci;
3661 kref_init(&mux_net->ref);
3662 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
3664 /* reconfigure dlci for network */
3665 dlci->prev_adaption = dlci->adaption;
3666 dlci->prev_data = dlci->data;
3667 dlci->adaption = nc->adaption;
3668 dlci->data = gsm_mux_rx_netchar;
3671 pr_debug("register netdev\n");
3672 retval = register_netdev(net);
3674 pr_err("network register fail %d\n", retval);
3675 dlci_net_free(dlci);
3678 return net->ifindex; /* return network index */
3681 /* Line discipline for real tty */
3682 static struct tty_ldisc_ops tty_ldisc_packet = {
3683 .owner = THIS_MODULE,
3687 .close = gsmld_close,
3688 .flush_buffer = gsmld_flush_buffer,
3690 .write = gsmld_write,
3691 .ioctl = gsmld_ioctl,
3693 .receive_buf = gsmld_receive_buf,
3694 .write_wakeup = gsmld_write_wakeup
3702 * gsm_modem_upd_via_data - send modem bits via convergence layer
3704 * @brk: break signal
3706 * Send an empty frame to signal mobile state changes and to transmit the
3707 * break signal for adaption 2.
3710 static void gsm_modem_upd_via_data(struct gsm_dlci *dlci, u8 brk)
3712 struct gsm_mux *gsm = dlci->gsm;
3713 unsigned long flags;
3715 if (dlci->state != DLCI_OPEN || dlci->adaption != 2)
3718 spin_lock_irqsave(&gsm->tx_lock, flags);
3719 gsm_dlci_modem_output(gsm, dlci, brk);
3720 spin_unlock_irqrestore(&gsm->tx_lock, flags);
3724 * gsm_modem_upd_via_msc - send modem bits via control frame
3726 * @brk: break signal
3729 static int gsm_modem_upd_via_msc(struct gsm_dlci *dlci, u8 brk)
3732 struct gsm_control *ctrl;
3735 if (dlci->gsm->encoding != GSM_BASIC_OPT)
3738 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
3740 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
3742 modembits[1] = gsm_encode_modem(dlci) << 1;
3743 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
3746 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
3749 return gsm_control_wait(dlci->gsm, ctrl);
3753 * gsm_modem_update - send modem status line state
3755 * @brk: break signal
3758 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk)
3760 if (dlci->adaption == 2) {
3761 /* Send convergence layer type 2 empty data frame. */
3762 gsm_modem_upd_via_data(dlci, brk);
3764 } else if (dlci->gsm->encoding == GSM_BASIC_OPT) {
3765 /* Send as MSC control message. */
3766 return gsm_modem_upd_via_msc(dlci, brk);
3769 /* Modem status lines are not supported. */
3770 return -EPROTONOSUPPORT;
3773 static int gsm_carrier_raised(struct tty_port *port)
3775 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3776 struct gsm_mux *gsm = dlci->gsm;
3778 /* Not yet open so no carrier info */
3779 if (dlci->state != DLCI_OPEN)
3781 if (debug & DBG_CD_ON)
3785 * Basic mode with control channel in ADM mode may not respond
3786 * to CMD_MSC at all and modem_rx is empty.
3788 if (gsm->encoding == GSM_BASIC_OPT &&
3789 gsm->dlci[0]->mode == DLCI_MODE_ADM && !dlci->modem_rx)
3792 return dlci->modem_rx & TIOCM_CD;
3795 static void gsm_dtr_rts(struct tty_port *port, int onoff)
3797 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3798 unsigned int modem_tx = dlci->modem_tx;
3800 modem_tx |= TIOCM_DTR | TIOCM_RTS;
3802 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
3803 if (modem_tx != dlci->modem_tx) {
3804 dlci->modem_tx = modem_tx;
3805 gsm_modem_update(dlci, 0);
3809 static const struct tty_port_operations gsm_port_ops = {
3810 .carrier_raised = gsm_carrier_raised,
3811 .dtr_rts = gsm_dtr_rts,
3812 .destruct = gsm_dlci_free,
3815 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3817 struct gsm_mux *gsm;
3818 struct gsm_dlci *dlci;
3819 unsigned int line = tty->index;
3820 unsigned int mux = mux_line_to_num(line);
3828 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3829 if (gsm_mux[mux] == NULL)
3831 if (line == 0 || line > 61) /* 62/63 reserved */
3836 /* If DLCI 0 is not yet fully open return an error.
3837 This is ok from a locking
3838 perspective as we don't have to worry about this
3840 mutex_lock(&gsm->mutex);
3841 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3842 mutex_unlock(&gsm->mutex);
3845 dlci = gsm->dlci[line];
3848 dlci = gsm_dlci_alloc(gsm, line);
3851 mutex_unlock(&gsm->mutex);
3854 ret = tty_port_install(&dlci->port, driver, tty);
3858 mutex_unlock(&gsm->mutex);
3863 dlci_get(gsm->dlci[0]);
3865 tty->driver_data = dlci;
3866 mutex_unlock(&gsm->mutex);
3871 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3873 struct gsm_dlci *dlci = tty->driver_data;
3874 struct tty_port *port = &dlci->port;
3875 struct gsm_mux *gsm = dlci->gsm;
3878 tty_port_tty_set(port, tty);
3881 /* We could in theory open and close before we wait - eg if we get
3882 a DM straight back. This is ok as that will have caused a hangup */
3883 tty_port_set_initialized(port, 1);
3884 /* Start sending off SABM messages */
3886 gsm_dlci_begin_open(dlci);
3888 gsm_dlci_set_opening(dlci);
3889 /* And wait for virtual carrier */
3890 return tty_port_block_til_ready(port, tty, filp);
3893 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3895 struct gsm_dlci *dlci = tty->driver_data;
3899 if (dlci->state == DLCI_CLOSED)
3901 mutex_lock(&dlci->mutex);
3902 gsm_destroy_network(dlci);
3903 mutex_unlock(&dlci->mutex);
3904 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3906 gsm_dlci_begin_close(dlci);
3907 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3908 tty_port_lower_dtr_rts(&dlci->port);
3909 tty_port_close_end(&dlci->port, tty);
3910 tty_port_tty_set(&dlci->port, NULL);
3914 static void gsmtty_hangup(struct tty_struct *tty)
3916 struct gsm_dlci *dlci = tty->driver_data;
3917 if (dlci->state == DLCI_CLOSED)
3919 tty_port_hangup(&dlci->port);
3920 gsm_dlci_begin_close(dlci);
3923 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3927 struct gsm_dlci *dlci = tty->driver_data;
3928 if (dlci->state == DLCI_CLOSED)
3930 /* Stuff the bytes into the fifo queue */
3931 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3932 /* Need to kick the channel */
3933 gsm_dlci_data_kick(dlci);
3937 static unsigned int gsmtty_write_room(struct tty_struct *tty)
3939 struct gsm_dlci *dlci = tty->driver_data;
3940 if (dlci->state == DLCI_CLOSED)
3942 return kfifo_avail(&dlci->fifo);
3945 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty)
3947 struct gsm_dlci *dlci = tty->driver_data;
3948 if (dlci->state == DLCI_CLOSED)
3950 return kfifo_len(&dlci->fifo);
3953 static void gsmtty_flush_buffer(struct tty_struct *tty)
3955 struct gsm_dlci *dlci = tty->driver_data;
3956 unsigned long flags;
3958 if (dlci->state == DLCI_CLOSED)
3960 /* Caution needed: If we implement reliable transport classes
3961 then the data being transmitted can't simply be junked once
3962 it has first hit the stack. Until then we can just blow it
3964 spin_lock_irqsave(&dlci->lock, flags);
3965 kfifo_reset(&dlci->fifo);
3966 spin_unlock_irqrestore(&dlci->lock, flags);
3967 /* Need to unhook this DLCI from the transmit queue logic */
3970 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3972 /* The FIFO handles the queue so the kernel will do the right
3973 thing waiting on chars_in_buffer before calling us. No work
3977 static int gsmtty_tiocmget(struct tty_struct *tty)
3979 struct gsm_dlci *dlci = tty->driver_data;
3980 if (dlci->state == DLCI_CLOSED)
3982 return dlci->modem_rx;
3985 static int gsmtty_tiocmset(struct tty_struct *tty,
3986 unsigned int set, unsigned int clear)
3988 struct gsm_dlci *dlci = tty->driver_data;
3989 unsigned int modem_tx = dlci->modem_tx;
3991 if (dlci->state == DLCI_CLOSED)
3996 if (modem_tx != dlci->modem_tx) {
3997 dlci->modem_tx = modem_tx;
3998 return gsm_modem_update(dlci, 0);
4004 static int gsmtty_ioctl(struct tty_struct *tty,
4005 unsigned int cmd, unsigned long arg)
4007 struct gsm_dlci *dlci = tty->driver_data;
4008 struct gsm_netconfig nc;
4011 if (dlci->state == DLCI_CLOSED)
4014 case GSMIOC_ENABLE_NET:
4015 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
4017 nc.if_name[IFNAMSIZ-1] = '\0';
4018 /* return net interface index or error code */
4019 mutex_lock(&dlci->mutex);
4020 index = gsm_create_network(dlci, &nc);
4021 mutex_unlock(&dlci->mutex);
4022 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
4025 case GSMIOC_DISABLE_NET:
4026 if (!capable(CAP_NET_ADMIN))
4028 mutex_lock(&dlci->mutex);
4029 gsm_destroy_network(dlci);
4030 mutex_unlock(&dlci->mutex);
4033 return -ENOIOCTLCMD;
4037 static void gsmtty_set_termios(struct tty_struct *tty,
4038 const struct ktermios *old)
4040 struct gsm_dlci *dlci = tty->driver_data;
4041 if (dlci->state == DLCI_CLOSED)
4043 /* For the moment its fixed. In actual fact the speed information
4044 for the virtual channel can be propogated in both directions by
4045 the RPN control message. This however rapidly gets nasty as we
4046 then have to remap modem signals each way according to whether
4047 our virtual cable is null modem etc .. */
4048 tty_termios_copy_hw(&tty->termios, old);
4051 static void gsmtty_throttle(struct tty_struct *tty)
4053 struct gsm_dlci *dlci = tty->driver_data;
4054 if (dlci->state == DLCI_CLOSED)
4057 dlci->modem_tx &= ~TIOCM_RTS;
4058 dlci->throttled = true;
4059 /* Send an MSC with RTS cleared */
4060 gsm_modem_update(dlci, 0);
4063 static void gsmtty_unthrottle(struct tty_struct *tty)
4065 struct gsm_dlci *dlci = tty->driver_data;
4066 if (dlci->state == DLCI_CLOSED)
4069 dlci->modem_tx |= TIOCM_RTS;
4070 dlci->throttled = false;
4071 /* Send an MSC with RTS set */
4072 gsm_modem_update(dlci, 0);
4075 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
4077 struct gsm_dlci *dlci = tty->driver_data;
4078 int encode = 0; /* Off */
4079 if (dlci->state == DLCI_CLOSED)
4082 if (state == -1) /* "On indefinitely" - we can't encode this
4085 else if (state > 0) {
4086 encode = state / 200; /* mS to encoding */
4088 encode = 0x0F; /* Best effort */
4090 return gsm_modem_update(dlci, encode);
4093 static void gsmtty_cleanup(struct tty_struct *tty)
4095 struct gsm_dlci *dlci = tty->driver_data;
4096 struct gsm_mux *gsm = dlci->gsm;
4099 dlci_put(gsm->dlci[0]);
4103 /* Virtual ttys for the demux */
4104 static const struct tty_operations gsmtty_ops = {
4105 .install = gsmtty_install,
4106 .open = gsmtty_open,
4107 .close = gsmtty_close,
4108 .write = gsmtty_write,
4109 .write_room = gsmtty_write_room,
4110 .chars_in_buffer = gsmtty_chars_in_buffer,
4111 .flush_buffer = gsmtty_flush_buffer,
4112 .ioctl = gsmtty_ioctl,
4113 .throttle = gsmtty_throttle,
4114 .unthrottle = gsmtty_unthrottle,
4115 .set_termios = gsmtty_set_termios,
4116 .hangup = gsmtty_hangup,
4117 .wait_until_sent = gsmtty_wait_until_sent,
4118 .tiocmget = gsmtty_tiocmget,
4119 .tiocmset = gsmtty_tiocmset,
4120 .break_ctl = gsmtty_break_ctl,
4121 .cleanup = gsmtty_cleanup,
4126 static int __init gsm_init(void)
4128 /* Fill in our line protocol discipline, and register it */
4129 int status = tty_register_ldisc(&tty_ldisc_packet);
4131 pr_err("n_gsm: can't register line discipline (err = %d)\n",
4136 gsm_tty_driver = tty_alloc_driver(GSM_TTY_MINORS, TTY_DRIVER_REAL_RAW |
4137 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK);
4138 if (IS_ERR(gsm_tty_driver)) {
4139 pr_err("gsm_init: tty allocation failed.\n");
4140 status = PTR_ERR(gsm_tty_driver);
4141 goto err_unreg_ldisc;
4143 gsm_tty_driver->driver_name = "gsmtty";
4144 gsm_tty_driver->name = "gsmtty";
4145 gsm_tty_driver->major = 0; /* Dynamic */
4146 gsm_tty_driver->minor_start = 0;
4147 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
4148 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
4149 gsm_tty_driver->init_termios = tty_std_termios;
4151 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
4152 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
4154 if (tty_register_driver(gsm_tty_driver)) {
4155 pr_err("gsm_init: tty registration failed.\n");
4157 goto err_put_driver;
4159 pr_debug("gsm_init: loaded as %d,%d.\n",
4160 gsm_tty_driver->major, gsm_tty_driver->minor_start);
4163 tty_driver_kref_put(gsm_tty_driver);
4165 tty_unregister_ldisc(&tty_ldisc_packet);
4169 static void __exit gsm_exit(void)
4171 tty_unregister_ldisc(&tty_ldisc_packet);
4172 tty_unregister_driver(gsm_tty_driver);
4173 tty_driver_kref_put(gsm_tty_driver);
4176 module_init(gsm_init);
4177 module_exit(gsm_exit);
4180 MODULE_LICENSE("GPL");
4181 MODULE_ALIAS_LDISC(N_GSM0710);
projects / linux-2.6-microblaze.git / blob