1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
56 module_param(debug, int, 0600);
58 /* Defaults: these are from the specification */
60 #define T1 10 /* 100mS */
61 #define T2 34 /* 333mS */
62 #define N2 3 /* Retry 3 times */
64 /* Use long timers for testing at low speed with debug on */
71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
72 * limits so this is plenty
76 #define GSM_NET_TX_TIMEOUT (HZ*10)
79 * struct gsm_mux_net - network interface
81 * Created when net interface is initialized.
85 struct gsm_dlci *dlci;
89 * Each block of data we have queued to go out is in the form of
90 * a gsm_msg which holds everything we need in a link layer independent
95 struct list_head list;
96 u8 addr; /* DLCI address + flags */
97 u8 ctrl; /* Control byte + flags */
98 unsigned int len; /* Length of data block (can be zero) */
99 unsigned char *data; /* Points into buffer but not at the start */
100 unsigned char buffer[];
103 enum gsm_dlci_state {
105 DLCI_OPENING, /* Sending SABM not seen UA */
106 DLCI_OPEN, /* SABM/UA complete */
107 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
111 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
112 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
116 * Each active data link has a gsm_dlci structure associated which ties
117 * the link layer to an optional tty (if the tty side is open). To avoid
118 * complexity right now these are only ever freed up when the mux is
121 * At the moment we don't free DLCI objects until the mux is torn down
122 * this avoid object life time issues but might be worth review later.
128 enum gsm_dlci_state state;
132 enum gsm_dlci_mode mode;
133 spinlock_t lock; /* Protects the internal state */
134 struct timer_list t1; /* Retransmit timer for SABM and UA */
136 /* Uplink tty if active */
137 struct tty_port port; /* The tty bound to this DLCI if there is one */
138 struct kfifo fifo; /* Queue fifo for the DLCI */
139 int adaption; /* Adaption layer in use */
141 u32 modem_rx; /* Our incoming virtual modem lines */
142 u32 modem_tx; /* Our outgoing modem lines */
143 bool dead; /* Refuse re-open */
145 bool throttled; /* Private copy of throttle state */
146 bool constipated; /* Throttle status for outgoing */
148 struct sk_buff *skb; /* Frame being sent */
149 struct sk_buff_head skb_list; /* Queued frames */
150 /* Data handling callback */
151 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
152 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
153 struct net_device *net; /* network interface, if created */
156 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
161 * DLCI 0 is used to pass control blocks out of band of the data
162 * flow (and with a higher link priority). One command can be outstanding
163 * at a time and we use this structure to manage them. They are created
164 * and destroyed by the user context, and updated by the receive paths
169 u8 cmd; /* Command we are issuing */
170 u8 *data; /* Data for the command in case we retransmit */
171 int len; /* Length of block for retransmission */
172 int done; /* Done flag */
173 int error; /* Error if any */
191 * Each GSM mux we have is represented by this structure. If we are
192 * operating as an ldisc then we use this structure as our ldisc
193 * state. We need to sort out lifetimes and locking with respect
194 * to the gsm mux array. For now we don't free DLCI objects that
195 * have been instantiated until the mux itself is terminated.
197 * To consider further: tty open versus mux shutdown.
201 struct tty_struct *tty; /* The tty our ldisc is bound to */
207 /* Events on the GSM channel */
208 wait_queue_head_t event;
210 /* Bits for GSM mode decoding */
214 enum gsm_mux_state state;
216 unsigned int address;
223 u8 *txframe; /* TX framing buffer */
225 /* Method for the receiver side */
226 void (*receive)(struct gsm_mux *gsm, u8 ch);
231 int initiator; /* Did we initiate connection */
232 bool dead; /* Has the mux been shut down */
233 struct gsm_dlci *dlci[NUM_DLCI];
234 bool constipated; /* Asked by remote to shut up */
237 unsigned int tx_bytes; /* TX data outstanding */
238 #define TX_THRESH_HI 8192
239 #define TX_THRESH_LO 2048
240 struct list_head tx_list; /* Pending data packets */
242 /* Control messages */
243 struct timer_list t2_timer; /* Retransmit timer for commands */
244 int cretries; /* Command retry counter */
245 struct gsm_control *pending_cmd;/* Our current pending command */
246 spinlock_t control_lock; /* Protects the pending command */
249 int adaption; /* 1 or 2 supported */
250 u8 ftype; /* UI or UIH */
251 int t1, t2; /* Timers in 1/100th of a sec */
252 int n2; /* Retry count */
254 /* Statistics (not currently exposed) */
255 unsigned long bad_fcs;
256 unsigned long malformed;
257 unsigned long io_error;
258 unsigned long bad_size;
259 unsigned long unsupported;
264 * Mux objects - needed so that we can translate a tty index into the
265 * relevant mux and DLCI.
268 #define MAX_MUX 4 /* 256 minors */
269 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
270 static DEFINE_SPINLOCK(gsm_mux_lock);
272 static struct tty_driver *gsm_tty_driver;
274 /* Save dlci open address */
275 static int addr_open[256] = { 0 };
276 /* Save dlci open count */
279 * This section of the driver logic implements the GSM encodings
280 * both the basic and the 'advanced'. Reliable transport is not
288 /* I is special: the rest are ..*/
299 /* Channel commands */
301 #define CMD_TEST 0x11
304 #define CMD_FCOFF 0x31
307 #define CMD_FCON 0x51
312 /* Virtual modem bits */
319 #define GSM0_SOF 0xF9
320 #define GSM1_SOF 0x7E
321 #define GSM1_ESCAPE 0x7D
322 #define GSM1_ESCAPE_BITS 0x20
325 #define ISO_IEC_646_MASK 0x7F
327 static const struct tty_port_operations gsm_port_ops;
330 * CRC table for GSM 0710
333 static const u8 gsm_fcs8[256] = {
334 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
335 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
336 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
337 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
338 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
339 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
340 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
341 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
342 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
343 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
344 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
345 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
346 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
347 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
348 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
349 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
350 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
351 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
352 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
353 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
354 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
355 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
356 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
357 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
358 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
359 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
360 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
361 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
362 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
363 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
364 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
365 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
368 #define INIT_FCS 0xFF
369 #define GOOD_FCS 0xCF
371 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
374 * gsm_fcs_add - update FCS
378 * Update the FCS to include c. Uses the algorithm in the specification
382 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
384 return gsm_fcs8[fcs ^ c];
388 * gsm_fcs_add_block - update FCS for a block
391 * @len: length of buffer
393 * Update the FCS to include c. Uses the algorithm in the specification
397 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
400 fcs = gsm_fcs8[fcs ^ *c++];
405 * gsm_read_ea - read a byte into an EA
406 * @val: variable holding value
407 * @c: byte going into the EA
409 * Processes one byte of an EA. Updates the passed variable
410 * and returns 1 if the EA is now completely read
413 static int gsm_read_ea(unsigned int *val, u8 c)
415 /* Add the next 7 bits into the value */
418 /* Was this the last byte of the EA 1 = yes*/
423 * gsm_encode_modem - encode modem data bits
424 * @dlci: DLCI to encode from
426 * Returns the correct GSM encoded modem status bits (6 bit field) for
427 * the current status of the DLCI and attached tty object
430 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
433 /* FC is true flow control not modem bits */
436 if (dlci->modem_tx & TIOCM_DTR)
437 modembits |= MDM_RTC;
438 if (dlci->modem_tx & TIOCM_RTS)
439 modembits |= MDM_RTR;
440 if (dlci->modem_tx & TIOCM_RI)
442 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
448 * gsm_print_packet - display a frame for debug
449 * @hdr: header to print before decode
450 * @addr: address EA from the frame
451 * @cr: C/R bit seen as initiator
452 * @control: control including PF bit
453 * @data: following data bytes
454 * @dlen: length of data
456 * Displays a packet in human readable format for debugging purposes. The
457 * style is based on amateur radio LAP-B dump display.
460 static void gsm_print_packet(const char *hdr, int addr, int cr,
461 u8 control, const u8 *data, int dlen)
466 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
468 switch (control & ~PF) {
488 if (!(control & 0x01)) {
489 pr_cont("I N(S)%d N(R)%d",
490 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
491 } else switch (control & 0x0F) {
493 pr_cont("RR(%d)", (control & 0xE0) >> 5);
496 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
499 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
502 pr_cont("[%02X]", control);
511 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen);
516 * Link level transmission side
520 * gsm_stuff_frame - bytestuff a packet
521 * @input: input buffer
522 * @output: output buffer
523 * @len: length of input
525 * Expand a buffer by bytestuffing it. The worst case size change
526 * is doubling and the caller is responsible for handing out
527 * suitable sized buffers.
530 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
534 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
535 || (*input & ISO_IEC_646_MASK) == XON
536 || (*input & ISO_IEC_646_MASK) == XOFF) {
537 *output++ = GSM1_ESCAPE;
538 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
541 *output++ = *input++;
548 * gsm_send - send a control frame
550 * @addr: address for control frame
551 * @cr: command/response bit seen as initiator
552 * @control: control byte including PF bit
554 * Format up and transmit a control frame. These do not go via the
555 * queueing logic as they should be transmitted ahead of data when
558 * FIXME: Lock versus data TX path
561 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
568 /* toggle C/R coding if not initiator */
569 ocr = cr ^ (gsm->initiator ? 0 : 1);
571 switch (gsm->encoding) {
574 cbuf[1] = (addr << 2) | (ocr << 1) | EA;
576 cbuf[3] = EA; /* Length of data = 0 */
577 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
583 /* Control frame + packing (but not frame stuffing) in mode 1 */
584 ibuf[0] = (addr << 2) | (ocr << 1) | EA;
586 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
587 /* Stuffing may double the size worst case */
588 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
589 /* Now add the SOF markers */
591 cbuf[len + 1] = GSM1_SOF;
592 /* FIXME: we can omit the lead one in many cases */
599 gsmld_output(gsm, cbuf, len);
600 if (!gsm->initiator) {
601 cr = cr & gsm->initiator;
602 control = control & ~PF;
604 gsm_print_packet("-->", addr, cr, control, NULL, 0);
608 * gsm_response - send a control response
610 * @addr: address for control frame
611 * @control: control byte including PF bit
613 * Format up and transmit a link level response frame.
616 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
618 gsm_send(gsm, addr, 0, control);
622 * gsm_command - send a control command
624 * @addr: address for control frame
625 * @control: control byte including PF bit
627 * Format up and transmit a link level command frame.
630 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
632 gsm_send(gsm, addr, 1, control);
635 /* Data transmission */
637 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
640 * gsm_data_alloc - allocate data frame
642 * @addr: DLCI address
643 * @len: length excluding header and FCS
644 * @ctrl: control byte
646 * Allocate a new data buffer for sending frames with data. Space is left
647 * at the front for header bytes but that is treated as an implementation
648 * detail and not for the high level code to use
651 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
654 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
658 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
662 INIT_LIST_HEAD(&m->list);
667 * gsm_data_kick - poke the queue
669 * @dlci: DLCI sending the data
671 * The tty device has called us to indicate that room has appeared in
672 * the transmit queue. Ram more data into the pipe if we have any
673 * If we have been flow-stopped by a CMD_FCOFF, then we can only
674 * send messages on DLCI0 until CMD_FCON
676 * FIXME: lock against link layer control transmissions
679 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
681 struct gsm_msg *msg, *nmsg;
684 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
685 if (gsm->constipated && msg->addr)
687 if (gsm->encoding != 0) {
688 gsm->txframe[0] = GSM1_SOF;
689 len = gsm_stuff_frame(msg->data,
690 gsm->txframe + 1, msg->len);
691 gsm->txframe[len + 1] = GSM1_SOF;
694 gsm->txframe[0] = GSM0_SOF;
695 memcpy(gsm->txframe + 1 , msg->data, msg->len);
696 gsm->txframe[msg->len + 1] = GSM0_SOF;
701 print_hex_dump_bytes("gsm_data_kick: ",
704 if (gsmld_output(gsm, gsm->txframe, len) <= 0)
706 /* FIXME: Can eliminate one SOF in many more cases */
707 gsm->tx_bytes -= msg->len;
709 list_del(&msg->list);
713 tty_port_tty_wakeup(&dlci->port);
717 for (i = 0; i < NUM_DLCI; i++)
719 tty_port_tty_wakeup(&gsm->dlci[i]->port);
725 * __gsm_data_queue - queue a UI or UIH frame
726 * @dlci: DLCI sending the data
727 * @msg: message queued
729 * Add data to the transmit queue and try and get stuff moving
730 * out of the mux tty if not already doing so. The Caller must hold
734 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
736 struct gsm_mux *gsm = dlci->gsm;
738 u8 *fcs = dp + msg->len;
740 /* Fill in the header */
741 if (gsm->encoding == 0) {
743 *--dp = (msg->len << 1) | EA;
745 *--dp = (msg->len >> 7); /* bits 7 - 15 */
746 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
752 *--dp = (msg->addr << 2) | 2 | EA;
754 *--dp = (msg->addr << 2) | EA;
755 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
756 /* Ugly protocol layering violation */
757 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
758 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
761 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
762 msg->data, msg->len);
764 /* Move the header back and adjust the length, also allow for the FCS
765 now tacked on the end */
766 msg->len += (msg->data - dp) + 1;
769 /* Add to the actual output queue */
770 list_add_tail(&msg->list, &gsm->tx_list);
771 gsm->tx_bytes += msg->len;
772 gsm_data_kick(gsm, dlci);
776 * gsm_data_queue - queue a UI or UIH frame
777 * @dlci: DLCI sending the data
778 * @msg: message queued
780 * Add data to the transmit queue and try and get stuff moving
781 * out of the mux tty if not already doing so. Take the
782 * the gsm tx lock and dlci lock.
785 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
788 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
789 __gsm_data_queue(dlci, msg);
790 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
794 * gsm_dlci_data_output - try and push data out of a DLCI
796 * @dlci: the DLCI to pull data from
798 * Pull data from a DLCI and send it into the transmit queue if there
799 * is data. Keep to the MRU of the mux. This path handles the usual tty
800 * interface which is a byte stream with optional modem data.
802 * Caller must hold the tx_lock of the mux.
805 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
809 int len, total_size, size;
810 int h = dlci->adaption - 1;
814 len = kfifo_len(&dlci->fifo);
818 /* MTU/MRU count only the data bits */
824 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
825 /* FIXME: need a timer or something to kick this so it can't
826 get stuck with no work outstanding and no buffer free */
830 switch (dlci->adaption) {
831 case 1: /* Unstructured */
833 case 2: /* Unstructed with modem bits.
834 Always one byte as we never send inline break data */
835 *dp++ = gsm_encode_modem(dlci);
838 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len);
839 __gsm_data_queue(dlci, msg);
842 /* Bytes of data we used up */
847 * gsm_dlci_data_output_framed - try and push data out of a DLCI
849 * @dlci: the DLCI to pull data from
851 * Pull data from a DLCI and send it into the transmit queue if there
852 * is data. Keep to the MRU of the mux. This path handles framed data
853 * queued as skbuffs to the DLCI.
855 * Caller must hold the tx_lock of the mux.
858 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
859 struct gsm_dlci *dlci)
864 int last = 0, first = 0;
867 /* One byte per frame is used for B/F flags */
868 if (dlci->adaption == 4)
871 /* dlci->skb is locked by tx_lock */
872 if (dlci->skb == NULL) {
873 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
874 if (dlci->skb == NULL)
878 len = dlci->skb->len + overhead;
880 /* MTU/MRU count only the data bits */
881 if (len > gsm->mtu) {
882 if (dlci->adaption == 3) {
883 /* Over long frame, bin it */
884 dev_kfree_skb_any(dlci->skb);
892 size = len + overhead;
893 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
895 /* FIXME: need a timer or something to kick this so it can't
896 get stuck with no work outstanding and no buffer free */
898 skb_queue_tail(&dlci->skb_list, dlci->skb);
904 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
905 /* Flag byte to carry the start/end info */
906 *dp++ = last << 7 | first << 6 | 1; /* EA */
909 memcpy(dp, dlci->skb->data, len);
910 skb_pull(dlci->skb, len);
911 __gsm_data_queue(dlci, msg);
913 dev_kfree_skb_any(dlci->skb);
920 * gsm_dlci_data_sweep - look for data to send
923 * Sweep the GSM mux channels in priority order looking for ones with
924 * data to send. We could do with optimising this scan a bit. We aim
925 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
926 * TX_THRESH_LO we get called again
928 * FIXME: We should round robin between groups and in theory you can
929 * renegotiate DLCI priorities with optional stuff. Needs optimising.
932 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
935 /* Priority ordering: We should do priority with RR of the groups */
938 while (i < NUM_DLCI) {
939 struct gsm_dlci *dlci;
941 if (gsm->tx_bytes > TX_THRESH_HI)
944 if (dlci == NULL || dlci->constipated) {
948 if (dlci->adaption < 3 && !dlci->net)
949 len = gsm_dlci_data_output(gsm, dlci);
951 len = gsm_dlci_data_output_framed(gsm, dlci);
954 /* DLCI empty - try the next */
961 * gsm_dlci_data_kick - transmit if possible
962 * @dlci: DLCI to kick
964 * Transmit data from this DLCI if the queue is empty. We can't rely on
965 * a tty wakeup except when we filled the pipe so we need to fire off
966 * new data ourselves in other cases.
969 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
974 if (dlci->constipated)
977 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
978 /* If we have nothing running then we need to fire up */
979 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
980 if (dlci->gsm->tx_bytes == 0) {
982 gsm_dlci_data_output_framed(dlci->gsm, dlci);
984 gsm_dlci_data_output(dlci->gsm, dlci);
987 gsm_dlci_data_sweep(dlci->gsm);
988 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
992 * Control message processing
997 * gsm_control_reply - send a response frame to a control
999 * @cmd: the command to use
1000 * @data: data to follow encoded info
1001 * @dlen: length of data
1003 * Encode up and queue a UI/UIH frame containing our response.
1006 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1009 struct gsm_msg *msg;
1010 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1013 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1014 msg->data[1] = (dlen << 1) | EA;
1015 memcpy(msg->data + 2, data, dlen);
1016 gsm_data_queue(gsm->dlci[0], msg);
1020 * gsm_process_modem - process received modem status
1021 * @tty: virtual tty bound to the DLCI
1022 * @dlci: DLCI to affect
1023 * @modem: modem bits (full EA)
1024 * @slen: number of signal octets
1026 * Used when a modem control message or line state inline in adaption
1027 * layer 2 is processed. Sort out the local modem state and throttles
1030 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1031 u32 modem, int slen)
1037 /* The modem status command can either contain one octet (V.24 signals)
1038 * or two octets (V.24 signals + break signals). This is specified in
1039 * section 5.4.6.3.7 of the 07.10 mux spec.
1043 modem = modem & 0x7f;
1046 modem = (modem >> 7) & 0x7f;
1049 /* Flow control/ready to communicate */
1050 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1051 if (fc && !dlci->constipated) {
1052 /* Need to throttle our output on this device */
1053 dlci->constipated = true;
1054 } else if (!fc && dlci->constipated) {
1055 dlci->constipated = false;
1056 gsm_dlci_data_kick(dlci);
1059 /* Map modem bits */
1060 if (modem & MDM_RTC)
1061 mlines |= TIOCM_DSR | TIOCM_DTR;
1062 if (modem & MDM_RTR)
1063 mlines |= TIOCM_RTS | TIOCM_CTS;
1069 /* Carrier drop -> hangup */
1071 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1076 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1077 dlci->modem_rx = mlines;
1081 * gsm_control_modem - modem status received
1083 * @data: data following command
1084 * @clen: command length
1086 * We have received a modem status control message. This is used by
1087 * the GSM mux protocol to pass virtual modem line status and optionally
1088 * to indicate break signals. Unpack it, convert to Linux representation
1089 * and if need be stuff a break message down the tty.
1092 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1094 unsigned int addr = 0;
1095 unsigned int modem = 0;
1096 unsigned int brk = 0;
1097 struct gsm_dlci *dlci;
1100 const u8 *dp = data;
1101 struct tty_struct *tty;
1103 while (gsm_read_ea(&addr, *dp++) == 0) {
1108 /* Must be at least one byte following the EA */
1114 /* Closed port, or invalid ? */
1115 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1117 dlci = gsm->dlci[addr];
1120 while (gsm_read_ea(&modem, *dp++) == 0) {
1127 while (gsm_read_ea(&brk, *dp++) == 0) {
1133 modem |= (brk & 0x7f);
1135 tty = tty_port_tty_get(&dlci->port);
1136 gsm_process_modem(tty, dlci, modem, slen);
1141 gsm_control_reply(gsm, CMD_MSC, data, clen);
1145 * gsm_control_rls - remote line status
1148 * @clen: data length
1150 * The modem sends us a two byte message on the control channel whenever
1151 * it wishes to send us an error state from the virtual link. Stuff
1152 * this into the uplink tty if present
1155 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1157 struct tty_port *port;
1158 unsigned int addr = 0;
1161 const u8 *dp = data;
1163 while (gsm_read_ea(&addr, *dp++) == 0) {
1168 /* Must be at least one byte following ea */
1173 /* Closed port, or invalid ? */
1174 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1178 if ((bits & 1) == 0)
1181 port = &gsm->dlci[addr]->port;
1184 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1186 tty_insert_flip_char(port, 0, TTY_PARITY);
1188 tty_insert_flip_char(port, 0, TTY_FRAME);
1190 tty_flip_buffer_push(port);
1192 gsm_control_reply(gsm, CMD_RLS, data, clen);
1195 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1196 static void gsm_dlci_close(struct gsm_dlci *dlci);
1199 * gsm_control_message - DLCI 0 control processing
1201 * @command: the command EA
1202 * @data: data beyond the command/length EAs
1205 * Input processor for control messages from the other end of the link.
1206 * Processes the incoming request and queues a response frame or an
1207 * NSC response if not supported
1210 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1211 const u8 *data, int clen)
1214 unsigned long flags;
1215 struct gsm_dlci *dlci;
1222 for (i = 0; i < addr_cnt; i++) {
1223 address = addr_open[i];
1224 dlci = gsm->dlci[address];
1225 gsm_dlci_close(dlci);
1229 /* Modem wishes to close down */
1230 dlci = gsm->dlci[0];
1234 gsm_dlci_close(dlci);
1236 gsm_response(gsm, 0, UA|PF);
1241 /* Modem wishes to test, reply with the data */
1242 gsm_control_reply(gsm, CMD_TEST, data, clen);
1245 /* Modem can accept data again */
1246 gsm->constipated = false;
1247 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1248 /* Kick the link in case it is idling */
1249 spin_lock_irqsave(&gsm->tx_lock, flags);
1250 gsm_data_kick(gsm, NULL);
1251 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1254 /* Modem wants us to STFU */
1255 gsm->constipated = true;
1256 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1259 /* Out of band modem line change indicator for a DLCI */
1260 gsm_control_modem(gsm, data, clen);
1263 /* Out of band error reception for a DLCI */
1264 gsm_control_rls(gsm, data, clen);
1267 /* Modem wishes to enter power saving state */
1268 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1270 /* Optional unsupported commands */
1271 case CMD_PN: /* Parameter negotiation */
1272 case CMD_RPN: /* Remote port negotiation */
1273 case CMD_SNC: /* Service negotiation command */
1275 /* Reply to bad commands with an NSC */
1277 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1283 * gsm_control_response - process a response to our control
1285 * @command: the command (response) EA
1286 * @data: data beyond the command/length EA
1289 * Process a response to an outstanding command. We only allow a single
1290 * control message in flight so this is fairly easy. All the clean up
1291 * is done by the caller, we just update the fields, flag it as done
1295 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1296 const u8 *data, int clen)
1298 struct gsm_control *ctrl;
1299 unsigned long flags;
1301 spin_lock_irqsave(&gsm->control_lock, flags);
1303 ctrl = gsm->pending_cmd;
1304 /* Does the reply match our command */
1306 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1307 /* Our command was replied to, kill the retry timer */
1308 del_timer(&gsm->t2_timer);
1309 gsm->pending_cmd = NULL;
1310 /* Rejected by the other end */
1311 if (command == CMD_NSC)
1312 ctrl->error = -EOPNOTSUPP;
1314 wake_up(&gsm->event);
1316 spin_unlock_irqrestore(&gsm->control_lock, flags);
1320 * gsm_control_transmit - send control packet
1322 * @ctrl: frame to send
1324 * Send out a pending control command (called under control lock)
1327 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1329 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1332 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1333 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1334 gsm_data_queue(gsm->dlci[0], msg);
1338 * gsm_control_retransmit - retransmit a control frame
1339 * @t: timer contained in our gsm object
1341 * Called off the T2 timer expiry in order to retransmit control frames
1342 * that have been lost in the system somewhere. The control_lock protects
1343 * us from colliding with another sender or a receive completion event.
1344 * In that situation the timer may still occur in a small window but
1345 * gsm->pending_cmd will be NULL and we just let the timer expire.
1348 static void gsm_control_retransmit(struct timer_list *t)
1350 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1351 struct gsm_control *ctrl;
1352 unsigned long flags;
1353 spin_lock_irqsave(&gsm->control_lock, flags);
1354 ctrl = gsm->pending_cmd;
1357 if (gsm->cretries == 0) {
1358 gsm->pending_cmd = NULL;
1359 ctrl->error = -ETIMEDOUT;
1361 spin_unlock_irqrestore(&gsm->control_lock, flags);
1362 wake_up(&gsm->event);
1365 gsm_control_transmit(gsm, ctrl);
1366 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1368 spin_unlock_irqrestore(&gsm->control_lock, flags);
1372 * gsm_control_send - send a control frame on DLCI 0
1373 * @gsm: the GSM channel
1374 * @command: command to send including CR bit
1375 * @data: bytes of data (must be kmalloced)
1376 * @clen: length of the block to send
1378 * Queue and dispatch a control command. Only one command can be
1379 * active at a time. In theory more can be outstanding but the matching
1380 * gets really complicated so for now stick to one outstanding.
1383 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1384 unsigned int command, u8 *data, int clen)
1386 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1388 unsigned long flags;
1392 wait_event(gsm->event, gsm->pending_cmd == NULL);
1393 spin_lock_irqsave(&gsm->control_lock, flags);
1394 if (gsm->pending_cmd != NULL) {
1395 spin_unlock_irqrestore(&gsm->control_lock, flags);
1398 ctrl->cmd = command;
1401 gsm->pending_cmd = ctrl;
1403 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1404 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1407 gsm->cretries = gsm->n2;
1409 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1410 gsm_control_transmit(gsm, ctrl);
1411 spin_unlock_irqrestore(&gsm->control_lock, flags);
1416 * gsm_control_wait - wait for a control to finish
1418 * @control: control we are waiting on
1420 * Waits for the control to complete or time out. Frees any used
1421 * resources and returns 0 for success, or an error if the remote
1422 * rejected or ignored the request.
1425 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1428 wait_event(gsm->event, control->done == 1);
1429 err = control->error;
1436 * DLCI level handling: Needs krefs
1440 * State transitions and timers
1444 * gsm_dlci_close - a DLCI has closed
1445 * @dlci: DLCI that closed
1447 * Perform processing when moving a DLCI into closed state. If there
1448 * is an attached tty this is hung up
1451 static void gsm_dlci_close(struct gsm_dlci *dlci)
1453 del_timer(&dlci->t1);
1455 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1456 dlci->state = DLCI_CLOSED;
1457 if (dlci->addr != 0) {
1458 tty_port_tty_hangup(&dlci->port, false);
1459 kfifo_reset(&dlci->fifo);
1460 /* Ensure that gsmtty_open() can return. */
1461 tty_port_set_initialized(&dlci->port, 0);
1462 wake_up_interruptible(&dlci->port.open_wait);
1464 dlci->gsm->dead = true;
1465 /* Unregister gsmtty driver,report gsmtty dev remove uevent for user */
1466 tty_unregister_device(gsm_tty_driver, dlci->addr);
1467 wake_up(&dlci->gsm->event);
1468 /* A DLCI 0 close is a MUX termination so we need to kick that
1469 back to userspace somehow */
1473 * gsm_dlci_open - a DLCI has opened
1474 * @dlci: DLCI that opened
1476 * Perform processing when moving a DLCI into open state.
1479 static void gsm_dlci_open(struct gsm_dlci *dlci)
1481 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1483 del_timer(&dlci->t1);
1484 /* This will let a tty open continue */
1485 dlci->state = DLCI_OPEN;
1487 pr_debug("DLCI %d goes open.\n", dlci->addr);
1488 /* Register gsmtty driver,report gsmtty dev add uevent for user */
1489 tty_register_device(gsm_tty_driver, dlci->addr, NULL);
1490 wake_up(&dlci->gsm->event);
1494 * gsm_dlci_t1 - T1 timer expiry
1495 * @t: timer contained in the DLCI that opened
1497 * The T1 timer handles retransmits of control frames (essentially of
1498 * SABM and DISC). We resend the command until the retry count runs out
1499 * in which case an opening port goes back to closed and a closing port
1500 * is simply put into closed state (any further frames from the other
1501 * end will get a DM response)
1503 * Some control dlci can stay in ADM mode with other dlci working just
1504 * fine. In that case we can just keep the control dlci open after the
1505 * DLCI_OPENING retries time out.
1508 static void gsm_dlci_t1(struct timer_list *t)
1510 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1511 struct gsm_mux *gsm = dlci->gsm;
1513 switch (dlci->state) {
1516 if (dlci->retries) {
1517 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1518 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1519 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1521 pr_info("DLCI %d opening in ADM mode.\n",
1523 dlci->mode = DLCI_MODE_ADM;
1524 gsm_dlci_open(dlci);
1526 gsm_dlci_begin_close(dlci); /* prevent half open link */
1532 if (dlci->retries) {
1533 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1534 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1536 gsm_dlci_close(dlci);
1539 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1545 * gsm_dlci_begin_open - start channel open procedure
1546 * @dlci: DLCI to open
1548 * Commence opening a DLCI from the Linux side. We issue SABM messages
1549 * to the modem which should then reply with a UA or ADM, at which point
1550 * we will move into open state. Opening is done asynchronously with retry
1551 * running off timers and the responses.
1554 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1556 struct gsm_mux *gsm = dlci->gsm;
1557 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1559 dlci->retries = gsm->n2;
1560 dlci->state = DLCI_OPENING;
1561 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1562 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1566 * gsm_dlci_begin_close - start channel open procedure
1567 * @dlci: DLCI to open
1569 * Commence closing a DLCI from the Linux side. We issue DISC messages
1570 * to the modem which should then reply with a UA, at which point we
1571 * will move into closed state. Closing is done asynchronously with retry
1572 * off timers. We may also receive a DM reply from the other end which
1573 * indicates the channel was already closed.
1576 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1578 struct gsm_mux *gsm = dlci->gsm;
1579 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1581 dlci->retries = gsm->n2;
1582 dlci->state = DLCI_CLOSING;
1583 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1584 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1588 * gsm_dlci_data - data arrived
1590 * @data: block of bytes received
1591 * @clen: length of received block
1593 * A UI or UIH frame has arrived which contains data for a channel
1594 * other than the control channel. If the relevant virtual tty is
1595 * open we shovel the bits down it, if not we drop them.
1598 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1601 struct tty_port *port = &dlci->port;
1602 struct tty_struct *tty;
1603 unsigned int modem = 0;
1608 pr_debug("%d bytes for tty\n", len);
1609 switch (dlci->adaption) {
1610 /* Unsupported types */
1611 case 4: /* Packetised interruptible data */
1613 case 3: /* Packetised uininterruptible voice/data */
1615 case 2: /* Asynchronous serial with line state in each frame */
1616 while (gsm_read_ea(&modem, *data++) == 0) {
1623 tty = tty_port_tty_get(port);
1625 gsm_process_modem(tty, dlci, modem, slen);
1629 case 1: /* Line state will go via DLCI 0 controls only */
1631 tty_insert_flip_string(port, data, len);
1632 tty_flip_buffer_push(port);
1637 * gsm_dlci_command - data arrived on control channel
1639 * @data: block of bytes received
1640 * @len: length of received block
1642 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1643 * control channel. This should contain a command EA followed by
1644 * control data bytes. The command EA contains a command/response bit
1645 * and we divide up the work accordingly.
1648 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1650 /* See what command is involved */
1651 unsigned int command = 0;
1653 if (gsm_read_ea(&command, *data++) == 1) {
1656 /* FIXME: this is properly an EA */
1658 /* Malformed command ? */
1662 gsm_control_message(dlci->gsm, command,
1665 gsm_control_response(dlci->gsm, command,
1673 * Allocate/Free DLCI channels
1677 * gsm_dlci_alloc - allocate a DLCI
1679 * @addr: address of the DLCI
1681 * Allocate and install a new DLCI object into the GSM mux.
1683 * FIXME: review locking races
1686 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1688 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1691 spin_lock_init(&dlci->lock);
1692 mutex_init(&dlci->mutex);
1693 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1698 skb_queue_head_init(&dlci->skb_list);
1699 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1700 tty_port_init(&dlci->port);
1701 dlci->port.ops = &gsm_port_ops;
1704 dlci->adaption = gsm->adaption;
1705 dlci->state = DLCI_CLOSED;
1707 dlci->data = gsm_dlci_data;
1709 dlci->data = gsm_dlci_command;
1710 gsm->dlci[addr] = dlci;
1715 * gsm_dlci_free - free DLCI
1716 * @port: tty port for DLCI to free
1722 static void gsm_dlci_free(struct tty_port *port)
1724 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1726 del_timer_sync(&dlci->t1);
1727 dlci->gsm->dlci[dlci->addr] = NULL;
1728 kfifo_free(&dlci->fifo);
1729 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1730 dev_kfree_skb(dlci->skb);
1734 static inline void dlci_get(struct gsm_dlci *dlci)
1736 tty_port_get(&dlci->port);
1739 static inline void dlci_put(struct gsm_dlci *dlci)
1741 tty_port_put(&dlci->port);
1744 static void gsm_destroy_network(struct gsm_dlci *dlci);
1747 * gsm_dlci_release - release DLCI
1748 * @dlci: DLCI to destroy
1750 * Release a DLCI. Actual free is deferred until either
1751 * mux is closed or tty is closed - whichever is last.
1755 static void gsm_dlci_release(struct gsm_dlci *dlci)
1757 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1759 mutex_lock(&dlci->mutex);
1760 gsm_destroy_network(dlci);
1761 mutex_unlock(&dlci->mutex);
1763 /* We cannot use tty_hangup() because in tty_kref_put() the tty
1764 * driver assumes that the hangup queue is free and reuses it to
1765 * queue release_one_tty() -> NULL pointer panic in
1766 * process_one_work().
1770 tty_port_tty_set(&dlci->port, NULL);
1773 dlci->state = DLCI_CLOSED;
1778 * LAPBish link layer logic
1782 * gsm_queue - a GSM frame is ready to process
1783 * @gsm: pointer to our gsm mux
1785 * At this point in time a frame has arrived and been demangled from
1786 * the line encoding. All the differences between the encodings have
1787 * been handled below us and the frame is unpacked into the structures.
1788 * The fcs holds the header FCS but any data FCS must be added here.
1791 static void gsm_queue(struct gsm_mux *gsm)
1793 struct gsm_dlci *dlci;
1796 int i, j, k, address_tmp;
1797 /* We have to sneak a look at the packet body to do the FCS.
1798 A somewhat layering violation in the spec */
1800 if ((gsm->control & ~PF) == UI)
1801 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1802 if (gsm->encoding == 0) {
1803 /* WARNING: gsm->received_fcs is used for
1804 gsm->encoding = 0 only.
1805 In this case it contain the last piece of data
1806 required to generate final CRC */
1807 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1809 if (gsm->fcs != GOOD_FCS) {
1812 pr_debug("BAD FCS %02x\n", gsm->fcs);
1815 address = gsm->address >> 1;
1816 if (address >= NUM_DLCI)
1819 cr = gsm->address & 1; /* C/R bit */
1820 cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */
1822 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1824 dlci = gsm->dlci[address];
1826 switch (gsm->control) {
1831 dlci = gsm_dlci_alloc(gsm, address);
1835 gsm_response(gsm, address, DM|PF);
1837 gsm_response(gsm, address, UA|PF);
1838 gsm_dlci_open(dlci);
1839 /* Save dlci open address */
1841 addr_open[addr_cnt] = address;
1849 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1850 gsm_response(gsm, address, DM|PF);
1853 /* Real close complete */
1856 for (i = 0; i < addr_cnt; i++) {
1857 address = addr_open[i];
1858 dlci = gsm->dlci[address];
1859 gsm_dlci_close(dlci);
1863 dlci = gsm->dlci[0];
1864 gsm_dlci_close(dlci);
1866 gsm_response(gsm, 0, UA|PF);
1868 gsm_response(gsm, address, UA|PF);
1869 gsm_dlci_close(dlci);
1870 /* clear dlci address */
1871 for (j = 0; j < addr_cnt; j++) {
1872 address_tmp = addr_open[j];
1873 if (address_tmp == address) {
1874 for (k = j; k < addr_cnt; k++)
1875 addr_open[k] = addr_open[k+1];
1884 if (cr == 0 || dlci == NULL)
1886 switch (dlci->state) {
1888 gsm_dlci_close(dlci);
1891 gsm_dlci_open(dlci);
1894 pr_debug("%s: unhandled state: %d\n", __func__,
1899 case DM: /* DM can be valid unsolicited */
1905 gsm_dlci_close(dlci);
1915 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1916 gsm_command(gsm, address, DM|PF);
1919 dlci->data(dlci, gsm->buf, gsm->len);
1932 * gsm0_receive - perform processing for non-transparency
1933 * @gsm: gsm data for this ldisc instance
1936 * Receive bytes in gsm mode 0
1939 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1943 switch (gsm->state) {
1944 case GSM_SEARCH: /* SOF marker */
1945 if (c == GSM0_SOF) {
1946 gsm->state = GSM_ADDRESS;
1949 gsm->fcs = INIT_FCS;
1952 case GSM_ADDRESS: /* Address EA */
1953 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1954 if (gsm_read_ea(&gsm->address, c))
1955 gsm->state = GSM_CONTROL;
1957 case GSM_CONTROL: /* Control Byte */
1958 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1960 gsm->state = GSM_LEN0;
1962 case GSM_LEN0: /* Length EA */
1963 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1964 if (gsm_read_ea(&gsm->len, c)) {
1965 if (gsm->len > gsm->mru) {
1967 gsm->state = GSM_SEARCH;
1972 gsm->state = GSM_FCS;
1974 gsm->state = GSM_DATA;
1977 gsm->state = GSM_LEN1;
1980 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1982 gsm->len |= len << 7;
1983 if (gsm->len > gsm->mru) {
1985 gsm->state = GSM_SEARCH;
1990 gsm->state = GSM_FCS;
1992 gsm->state = GSM_DATA;
1994 case GSM_DATA: /* Data */
1995 gsm->buf[gsm->count++] = c;
1996 if (gsm->count == gsm->len)
1997 gsm->state = GSM_FCS;
1999 case GSM_FCS: /* FCS follows the packet */
2000 gsm->received_fcs = c;
2002 gsm->state = GSM_SSOF;
2005 if (c == GSM0_SOF) {
2006 gsm->state = GSM_SEARCH;
2011 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2017 * gsm1_receive - perform processing for non-transparency
2018 * @gsm: gsm data for this ldisc instance
2021 * Receive bytes in mode 1 (Advanced option)
2024 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2026 if (c == GSM1_SOF) {
2027 /* EOF is only valid in frame if we have got to the data state
2028 and received at least one byte (the FCS) */
2029 if (gsm->state == GSM_DATA && gsm->count) {
2030 /* Extract the FCS */
2032 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2033 gsm->len = gsm->count;
2035 gsm->state = GSM_START;
2038 /* Any partial frame was a runt so go back to start */
2039 if (gsm->state != GSM_START) {
2041 gsm->state = GSM_START;
2043 /* A SOF in GSM_START means we are still reading idling or
2048 if (c == GSM1_ESCAPE) {
2053 /* Only an unescaped SOF gets us out of GSM search */
2054 if (gsm->state == GSM_SEARCH)
2058 c ^= GSM1_ESCAPE_BITS;
2059 gsm->escape = false;
2061 switch (gsm->state) {
2062 case GSM_START: /* First byte after SOF */
2064 gsm->state = GSM_ADDRESS;
2065 gsm->fcs = INIT_FCS;
2067 case GSM_ADDRESS: /* Address continuation */
2068 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2069 if (gsm_read_ea(&gsm->address, c))
2070 gsm->state = GSM_CONTROL;
2072 case GSM_CONTROL: /* Control Byte */
2073 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2076 gsm->state = GSM_DATA;
2078 case GSM_DATA: /* Data */
2079 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2080 gsm->state = GSM_OVERRUN;
2083 gsm->buf[gsm->count++] = c;
2085 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2088 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2094 * gsm_error - handle tty error
2097 * Handle an error in the receipt of data for a frame. Currently we just
2098 * go back to hunting for a SOF.
2100 * FIXME: better diagnostics ?
2103 static void gsm_error(struct gsm_mux *gsm)
2105 gsm->state = GSM_SEARCH;
2109 static int gsm_disconnect(struct gsm_mux *gsm)
2111 struct gsm_dlci *dlci = gsm->dlci[0];
2112 struct gsm_control *gc;
2117 /* In theory disconnecting DLCI 0 is sufficient but for some
2118 modems this is apparently not the case. */
2119 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2121 gsm_control_wait(gsm, gc);
2123 del_timer_sync(&gsm->t2_timer);
2124 /* Now we are sure T2 has stopped */
2126 gsm_dlci_begin_close(dlci);
2127 wait_event_interruptible(gsm->event,
2128 dlci->state == DLCI_CLOSED);
2130 if (signal_pending(current))
2137 * gsm_cleanup_mux - generic GSM protocol cleanup
2140 * Clean up the bits of the mux which are the same for all framing
2141 * protocols. Remove the mux from the mux table, stop all the timers
2142 * and then shut down each device hanging up the channels as we go.
2145 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2148 struct gsm_dlci *dlci = gsm->dlci[0];
2149 struct gsm_msg *txq, *ntxq;
2153 spin_lock(&gsm_mux_lock);
2154 for (i = 0; i < MAX_MUX; i++) {
2155 if (gsm_mux[i] == gsm) {
2160 spin_unlock(&gsm_mux_lock);
2161 /* open failed before registering => nothing to do */
2165 del_timer_sync(&gsm->t2_timer);
2166 /* Now we are sure T2 has stopped */
2170 /* Free up any link layer users */
2171 mutex_lock(&gsm->mutex);
2172 for (i = 0; i < NUM_DLCI; i++)
2174 gsm_dlci_release(gsm->dlci[i]);
2175 mutex_unlock(&gsm->mutex);
2176 /* Now wipe the queues */
2177 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2179 INIT_LIST_HEAD(&gsm->tx_list);
2183 * gsm_activate_mux - generic GSM setup
2186 * Set up the bits of the mux which are the same for all framing
2187 * protocols. Add the mux to the mux table so it can be opened and
2188 * finally kick off connecting to DLCI 0 on the modem.
2191 static int gsm_activate_mux(struct gsm_mux *gsm)
2193 struct gsm_dlci *dlci;
2196 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2197 init_waitqueue_head(&gsm->event);
2198 spin_lock_init(&gsm->control_lock);
2199 spin_lock_init(&gsm->tx_lock);
2201 if (gsm->encoding == 0)
2202 gsm->receive = gsm0_receive;
2204 gsm->receive = gsm1_receive;
2206 spin_lock(&gsm_mux_lock);
2207 for (i = 0; i < MAX_MUX; i++) {
2208 if (gsm_mux[i] == NULL) {
2214 spin_unlock(&gsm_mux_lock);
2218 dlci = gsm_dlci_alloc(gsm, 0);
2221 gsm->dead = false; /* Tty opens are now permissible */
2226 * gsm_free_mux - free up a mux
2229 * Dispose of allocated resources for a dead mux
2231 static void gsm_free_mux(struct gsm_mux *gsm)
2233 kfree(gsm->txframe);
2239 * gsm_free_muxr - free up a mux
2240 * @ref: kreference to the mux to free
2242 * Dispose of allocated resources for a dead mux
2244 static void gsm_free_muxr(struct kref *ref)
2246 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2250 static inline void mux_get(struct gsm_mux *gsm)
2252 kref_get(&gsm->ref);
2255 static inline void mux_put(struct gsm_mux *gsm)
2257 kref_put(&gsm->ref, gsm_free_muxr);
2260 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2262 return gsm->num * NUM_DLCI;
2265 static inline unsigned int mux_line_to_num(unsigned int line)
2267 return line / NUM_DLCI;
2271 * gsm_alloc_mux - allocate a mux
2273 * Creates a new mux ready for activation.
2276 static struct gsm_mux *gsm_alloc_mux(void)
2278 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2281 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2282 if (gsm->buf == NULL) {
2286 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2287 if (gsm->txframe == NULL) {
2292 spin_lock_init(&gsm->lock);
2293 mutex_init(&gsm->mutex);
2294 kref_init(&gsm->ref);
2295 INIT_LIST_HEAD(&gsm->tx_list);
2303 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2305 gsm->dead = true; /* Avoid early tty opens */
2310 static void gsm_copy_config_values(struct gsm_mux *gsm,
2311 struct gsm_config *c)
2313 memset(c, 0, sizeof(*c));
2314 c->adaption = gsm->adaption;
2315 c->encapsulation = gsm->encoding;
2316 c->initiator = gsm->initiator;
2319 c->t3 = 0; /* Not supported */
2321 if (gsm->ftype == UIH)
2325 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2331 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2334 int need_restart = 0;
2336 /* Stuff we don't support yet - UI or I frame transport, windowing */
2337 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2339 /* Check the MRU/MTU range looks sane */
2340 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2344 if (c->encapsulation > 1) /* Basic, advanced, no I */
2346 if (c->initiator > 1)
2348 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2351 * See what is needed for reconfiguration
2355 if (c->t1 != 0 && c->t1 != gsm->t1)
2357 if (c->t2 != 0 && c->t2 != gsm->t2)
2359 if (c->encapsulation != gsm->encoding)
2361 if (c->adaption != gsm->adaption)
2364 if (c->initiator != gsm->initiator)
2366 if (c->mru != gsm->mru)
2368 if (c->mtu != gsm->mtu)
2372 * Close down what is needed, restart and initiate the new
2376 if (gsm->initiator && (need_close || need_restart)) {
2379 ret = gsm_disconnect(gsm);
2385 gsm_cleanup_mux(gsm);
2387 gsm->initiator = c->initiator;
2390 gsm->encoding = c->encapsulation;
2391 gsm->adaption = c->adaption;
2405 * FIXME: We need to separate activation/deactivation from adding
2406 * and removing from the mux array
2409 gsm_activate_mux(gsm);
2410 if (gsm->initiator && need_close)
2411 gsm_dlci_begin_open(gsm->dlci[0]);
2416 * gsmld_output - write to link
2418 * @data: bytes to output
2421 * Write a block of data from the GSM mux to the data channel. This
2422 * will eventually be serialized from above but at the moment isn't.
2425 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2427 if (tty_write_room(gsm->tty) < len) {
2428 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2432 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2434 return gsm->tty->ops->write(gsm->tty, data, len);
2438 * gsmld_attach_gsm - mode set up
2439 * @tty: our tty structure
2442 * Set up the MUX for basic mode and commence connecting to the
2443 * modem. Currently called from the line discipline set up but
2444 * will need moving to an ioctl path.
2447 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2452 gsm->tty = tty_kref_get(tty);
2453 ret = gsm_activate_mux(gsm);
2455 tty_kref_put(gsm->tty);
2457 /* Don't register device 0 - this is the control channel and not
2458 a usable tty interface */
2459 if (gsm->initiator) {
2460 base = mux_num_to_base(gsm); /* Base for this MUX */
2461 for (i = 1; i < NUM_DLCI; i++) {
2464 dev = tty_register_device(gsm_tty_driver,
2467 for (i--; i >= 1; i--)
2468 tty_unregister_device(gsm_tty_driver,
2470 return PTR_ERR(dev);
2480 * gsmld_detach_gsm - stop doing 0710 mux
2481 * @tty: tty attached to the mux
2484 * Shutdown and then clean up the resources used by the line discipline
2487 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2489 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2492 WARN_ON(tty != gsm->tty);
2493 if (gsm->initiator) {
2494 for (i = 1; i < NUM_DLCI; i++)
2495 tty_unregister_device(gsm_tty_driver, base + i);
2497 gsm_cleanup_mux(gsm);
2498 tty_kref_put(gsm->tty);
2502 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2503 const char *fp, int count)
2505 struct gsm_mux *gsm = tty->disc_data;
2506 char flags = TTY_NORMAL;
2509 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2512 for (; count; count--, cp++) {
2517 gsm->receive(gsm, *cp);
2526 WARN_ONCE(1, "%s: unknown flag %d\n",
2527 tty_name(tty), flags);
2531 /* FASYNC if needed ? */
2532 /* If clogged call tty_throttle(tty); */
2536 * gsmld_flush_buffer - clean input queue
2537 * @tty: terminal device
2539 * Flush the input buffer. Called when the line discipline is
2540 * being closed, when the tty layer wants the buffer flushed (eg
2544 static void gsmld_flush_buffer(struct tty_struct *tty)
2549 * gsmld_close - close the ldisc for this tty
2552 * Called from the terminal layer when this line discipline is
2553 * being shut down, either because of a close or becsuse of a
2554 * discipline change. The function will not be called while other
2555 * ldisc methods are in progress.
2558 static void gsmld_close(struct tty_struct *tty)
2560 struct gsm_mux *gsm = tty->disc_data;
2562 gsmld_detach_gsm(tty, gsm);
2564 gsmld_flush_buffer(tty);
2565 /* Do other clean up here */
2570 * gsmld_open - open an ldisc
2571 * @tty: terminal to open
2573 * Called when this line discipline is being attached to the
2574 * terminal device. Can sleep. Called serialized so that no
2575 * other events will occur in parallel. No further open will occur
2579 static int gsmld_open(struct tty_struct *tty)
2581 struct gsm_mux *gsm;
2584 if (tty->ops->write == NULL)
2587 /* Attach our ldisc data */
2588 gsm = gsm_alloc_mux();
2592 tty->disc_data = gsm;
2593 tty->receive_room = 65536;
2595 /* Attach the initial passive connection */
2598 ret = gsmld_attach_gsm(tty, gsm);
2600 gsm_cleanup_mux(gsm);
2607 * gsmld_write_wakeup - asynchronous I/O notifier
2610 * Required for the ptys, serial driver etc. since processes
2611 * that attach themselves to the master and rely on ASYNC
2612 * IO must be woken up
2615 static void gsmld_write_wakeup(struct tty_struct *tty)
2617 struct gsm_mux *gsm = tty->disc_data;
2618 unsigned long flags;
2621 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2622 spin_lock_irqsave(&gsm->tx_lock, flags);
2623 gsm_data_kick(gsm, NULL);
2624 if (gsm->tx_bytes < TX_THRESH_LO) {
2625 gsm_dlci_data_sweep(gsm);
2627 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2631 * gsmld_read - read function for tty
2633 * @file: file object
2634 * @buf: userspace buffer pointer
2639 * Perform reads for the line discipline. We are guaranteed that the
2640 * line discipline will not be closed under us but we may get multiple
2641 * parallel readers and must handle this ourselves. We may also get
2642 * a hangup. Always called in user context, may sleep.
2644 * This code must be sure never to sleep through a hangup.
2647 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2648 unsigned char *buf, size_t nr,
2649 void **cookie, unsigned long offset)
2655 * gsmld_write - write function for tty
2657 * @file: file object
2658 * @buf: userspace buffer pointer
2661 * Called when the owner of the device wants to send a frame
2662 * itself (or some other control data). The data is transferred
2663 * as-is and must be properly framed and checksummed as appropriate
2664 * by userspace. Frames are either sent whole or not at all as this
2665 * avoids pain user side.
2668 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2669 const unsigned char *buf, size_t nr)
2671 int space = tty_write_room(tty);
2673 return tty->ops->write(tty, buf, nr);
2674 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2679 * gsmld_poll - poll method for N_GSM0710
2680 * @tty: terminal device
2681 * @file: file accessing it
2684 * Called when the line discipline is asked to poll() for data or
2685 * for special events. This code is not serialized with respect to
2686 * other events save open/close.
2688 * This code must be sure never to sleep through a hangup.
2689 * Called without the kernel lock held - fine
2692 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2696 struct gsm_mux *gsm = tty->disc_data;
2698 poll_wait(file, &tty->read_wait, wait);
2699 poll_wait(file, &tty->write_wait, wait);
2700 if (tty_hung_up_p(file))
2702 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2703 mask |= EPOLLOUT | EPOLLWRNORM;
2709 static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd,
2712 struct gsm_config c;
2713 struct gsm_mux *gsm = tty->disc_data;
2717 case GSMIOC_GETCONF:
2718 gsm_copy_config_values(gsm, &c);
2719 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2722 case GSMIOC_SETCONF:
2723 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2725 return gsm_config(gsm, &c);
2726 case GSMIOC_GETFIRST:
2727 base = mux_num_to_base(gsm);
2728 return put_user(base + 1, (__u32 __user *)arg);
2730 return n_tty_ioctl_helper(tty, cmd, arg);
2739 static int gsm_mux_net_open(struct net_device *net)
2741 pr_debug("%s called\n", __func__);
2742 netif_start_queue(net);
2746 static int gsm_mux_net_close(struct net_device *net)
2748 netif_stop_queue(net);
2752 static void dlci_net_free(struct gsm_dlci *dlci)
2758 dlci->adaption = dlci->prev_adaption;
2759 dlci->data = dlci->prev_data;
2760 free_netdev(dlci->net);
2763 static void net_free(struct kref *ref)
2765 struct gsm_mux_net *mux_net;
2766 struct gsm_dlci *dlci;
2768 mux_net = container_of(ref, struct gsm_mux_net, ref);
2769 dlci = mux_net->dlci;
2772 unregister_netdev(dlci->net);
2773 dlci_net_free(dlci);
2777 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2779 kref_get(&mux_net->ref);
2782 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2784 kref_put(&mux_net->ref, net_free);
2787 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2788 struct net_device *net)
2790 struct gsm_mux_net *mux_net = netdev_priv(net);
2791 struct gsm_dlci *dlci = mux_net->dlci;
2792 muxnet_get(mux_net);
2794 skb_queue_head(&dlci->skb_list, skb);
2795 net->stats.tx_packets++;
2796 net->stats.tx_bytes += skb->len;
2797 gsm_dlci_data_kick(dlci);
2798 /* And tell the kernel when the last transmit started. */
2799 netif_trans_update(net);
2800 muxnet_put(mux_net);
2801 return NETDEV_TX_OK;
2804 /* called when a packet did not ack after watchdogtimeout */
2805 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2807 /* Tell syslog we are hosed. */
2808 dev_dbg(&net->dev, "Tx timed out.\n");
2810 /* Update statistics */
2811 net->stats.tx_errors++;
2814 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2815 const unsigned char *in_buf, int size)
2817 struct net_device *net = dlci->net;
2818 struct sk_buff *skb;
2819 struct gsm_mux_net *mux_net = netdev_priv(net);
2820 muxnet_get(mux_net);
2822 /* Allocate an sk_buff */
2823 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2825 /* We got no receive buffer. */
2826 net->stats.rx_dropped++;
2827 muxnet_put(mux_net);
2830 skb_reserve(skb, NET_IP_ALIGN);
2831 skb_put_data(skb, in_buf, size);
2834 skb->protocol = htons(ETH_P_IP);
2836 /* Ship it off to the kernel */
2839 /* update out statistics */
2840 net->stats.rx_packets++;
2841 net->stats.rx_bytes += size;
2842 muxnet_put(mux_net);
2846 static void gsm_mux_net_init(struct net_device *net)
2848 static const struct net_device_ops gsm_netdev_ops = {
2849 .ndo_open = gsm_mux_net_open,
2850 .ndo_stop = gsm_mux_net_close,
2851 .ndo_start_xmit = gsm_mux_net_start_xmit,
2852 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2855 net->netdev_ops = &gsm_netdev_ops;
2857 /* fill in the other fields */
2858 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2859 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2860 net->type = ARPHRD_NONE;
2861 net->tx_queue_len = 10;
2865 /* caller holds the dlci mutex */
2866 static void gsm_destroy_network(struct gsm_dlci *dlci)
2868 struct gsm_mux_net *mux_net;
2870 pr_debug("destroy network interface\n");
2873 mux_net = netdev_priv(dlci->net);
2874 muxnet_put(mux_net);
2878 /* caller holds the dlci mutex */
2879 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2883 struct net_device *net;
2884 struct gsm_mux_net *mux_net;
2886 if (!capable(CAP_NET_ADMIN))
2889 /* Already in a non tty mode */
2890 if (dlci->adaption > 2)
2893 if (nc->protocol != htons(ETH_P_IP))
2894 return -EPROTONOSUPPORT;
2896 if (nc->adaption != 3 && nc->adaption != 4)
2897 return -EPROTONOSUPPORT;
2899 pr_debug("create network interface\n");
2902 if (nc->if_name[0] != '\0')
2903 netname = nc->if_name;
2904 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2905 NET_NAME_UNKNOWN, gsm_mux_net_init);
2907 pr_err("alloc_netdev failed\n");
2910 net->mtu = dlci->gsm->mtu;
2912 net->max_mtu = dlci->gsm->mtu;
2913 mux_net = netdev_priv(net);
2914 mux_net->dlci = dlci;
2915 kref_init(&mux_net->ref);
2916 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2918 /* reconfigure dlci for network */
2919 dlci->prev_adaption = dlci->adaption;
2920 dlci->prev_data = dlci->data;
2921 dlci->adaption = nc->adaption;
2922 dlci->data = gsm_mux_rx_netchar;
2925 pr_debug("register netdev\n");
2926 retval = register_netdev(net);
2928 pr_err("network register fail %d\n", retval);
2929 dlci_net_free(dlci);
2932 return net->ifindex; /* return network index */
2935 /* Line discipline for real tty */
2936 static struct tty_ldisc_ops tty_ldisc_packet = {
2937 .owner = THIS_MODULE,
2941 .close = gsmld_close,
2942 .flush_buffer = gsmld_flush_buffer,
2944 .write = gsmld_write,
2945 .ioctl = gsmld_ioctl,
2947 .receive_buf = gsmld_receive_buf,
2948 .write_wakeup = gsmld_write_wakeup
2957 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2960 struct gsm_control *ctrl;
2966 modembits[0] = len << 1 | EA; /* Data bytes */
2967 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2968 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2970 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2971 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2974 return gsm_control_wait(dlci->gsm, ctrl);
2977 static int gsm_carrier_raised(struct tty_port *port)
2979 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2980 struct gsm_mux *gsm = dlci->gsm;
2982 /* Not yet open so no carrier info */
2983 if (dlci->state != DLCI_OPEN)
2989 * Basic mode with control channel in ADM mode may not respond
2990 * to CMD_MSC at all and modem_rx is empty.
2992 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2996 return dlci->modem_rx & TIOCM_CD;
2999 static void gsm_dtr_rts(struct tty_port *port, int onoff)
3001 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3002 unsigned int modem_tx = dlci->modem_tx;
3004 modem_tx |= TIOCM_DTR | TIOCM_RTS;
3006 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
3007 if (modem_tx != dlci->modem_tx) {
3008 dlci->modem_tx = modem_tx;
3009 gsmtty_modem_update(dlci, 0);
3013 static const struct tty_port_operations gsm_port_ops = {
3014 .carrier_raised = gsm_carrier_raised,
3015 .dtr_rts = gsm_dtr_rts,
3016 .destruct = gsm_dlci_free,
3019 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3021 struct gsm_mux *gsm;
3022 struct gsm_dlci *dlci;
3023 unsigned int line = tty->index;
3024 unsigned int mux = mux_line_to_num(line);
3032 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3033 if (gsm_mux[mux] == NULL)
3035 if (line == 0 || line > 61) /* 62/63 reserved */
3040 /* If DLCI 0 is not yet fully open return an error.
3041 This is ok from a locking
3042 perspective as we don't have to worry about this
3044 mutex_lock(&gsm->mutex);
3045 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3046 mutex_unlock(&gsm->mutex);
3049 dlci = gsm->dlci[line];
3052 dlci = gsm_dlci_alloc(gsm, line);
3055 mutex_unlock(&gsm->mutex);
3058 ret = tty_port_install(&dlci->port, driver, tty);
3062 mutex_unlock(&gsm->mutex);
3067 dlci_get(gsm->dlci[0]);
3069 tty->driver_data = dlci;
3070 mutex_unlock(&gsm->mutex);
3075 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3077 struct gsm_dlci *dlci = tty->driver_data;
3078 struct tty_port *port = &dlci->port;
3079 struct gsm_mux *gsm = dlci->gsm;
3082 tty_port_tty_set(port, tty);
3085 /* We could in theory open and close before we wait - eg if we get
3086 a DM straight back. This is ok as that will have caused a hangup */
3087 tty_port_set_initialized(port, 1);
3088 /* Start sending off SABM messages */
3090 gsm_dlci_begin_open(dlci);
3091 /* And wait for virtual carrier */
3092 return tty_port_block_til_ready(port, tty, filp);
3095 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3097 struct gsm_dlci *dlci = tty->driver_data;
3101 if (dlci->state == DLCI_CLOSED)
3103 mutex_lock(&dlci->mutex);
3104 gsm_destroy_network(dlci);
3105 mutex_unlock(&dlci->mutex);
3106 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3108 gsm_dlci_begin_close(dlci);
3109 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3110 tty_port_lower_dtr_rts(&dlci->port);
3111 tty_port_close_end(&dlci->port, tty);
3112 tty_port_tty_set(&dlci->port, NULL);
3116 static void gsmtty_hangup(struct tty_struct *tty)
3118 struct gsm_dlci *dlci = tty->driver_data;
3119 if (dlci->state == DLCI_CLOSED)
3121 tty_port_hangup(&dlci->port);
3122 gsm_dlci_begin_close(dlci);
3125 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3129 struct gsm_dlci *dlci = tty->driver_data;
3130 if (dlci->state == DLCI_CLOSED)
3132 /* Stuff the bytes into the fifo queue */
3133 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3134 /* Need to kick the channel */
3135 gsm_dlci_data_kick(dlci);
3139 static unsigned int gsmtty_write_room(struct tty_struct *tty)
3141 struct gsm_dlci *dlci = tty->driver_data;
3142 if (dlci->state == DLCI_CLOSED)
3144 return TX_SIZE - kfifo_len(&dlci->fifo);
3147 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty)
3149 struct gsm_dlci *dlci = tty->driver_data;
3150 if (dlci->state == DLCI_CLOSED)
3152 return kfifo_len(&dlci->fifo);
3155 static void gsmtty_flush_buffer(struct tty_struct *tty)
3157 struct gsm_dlci *dlci = tty->driver_data;
3158 if (dlci->state == DLCI_CLOSED)
3160 /* Caution needed: If we implement reliable transport classes
3161 then the data being transmitted can't simply be junked once
3162 it has first hit the stack. Until then we can just blow it
3164 kfifo_reset(&dlci->fifo);
3165 /* Need to unhook this DLCI from the transmit queue logic */
3168 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3170 /* The FIFO handles the queue so the kernel will do the right
3171 thing waiting on chars_in_buffer before calling us. No work
3175 static int gsmtty_tiocmget(struct tty_struct *tty)
3177 struct gsm_dlci *dlci = tty->driver_data;
3178 if (dlci->state == DLCI_CLOSED)
3180 return dlci->modem_rx;
3183 static int gsmtty_tiocmset(struct tty_struct *tty,
3184 unsigned int set, unsigned int clear)
3186 struct gsm_dlci *dlci = tty->driver_data;
3187 unsigned int modem_tx = dlci->modem_tx;
3189 if (dlci->state == DLCI_CLOSED)
3194 if (modem_tx != dlci->modem_tx) {
3195 dlci->modem_tx = modem_tx;
3196 return gsmtty_modem_update(dlci, 0);
3202 static int gsmtty_ioctl(struct tty_struct *tty,
3203 unsigned int cmd, unsigned long arg)
3205 struct gsm_dlci *dlci = tty->driver_data;
3206 struct gsm_netconfig nc;
3209 if (dlci->state == DLCI_CLOSED)
3212 case GSMIOC_ENABLE_NET:
3213 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3215 nc.if_name[IFNAMSIZ-1] = '\0';
3216 /* return net interface index or error code */
3217 mutex_lock(&dlci->mutex);
3218 index = gsm_create_network(dlci, &nc);
3219 mutex_unlock(&dlci->mutex);
3220 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3223 case GSMIOC_DISABLE_NET:
3224 if (!capable(CAP_NET_ADMIN))
3226 mutex_lock(&dlci->mutex);
3227 gsm_destroy_network(dlci);
3228 mutex_unlock(&dlci->mutex);
3231 return -ENOIOCTLCMD;
3235 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3237 struct gsm_dlci *dlci = tty->driver_data;
3238 if (dlci->state == DLCI_CLOSED)
3240 /* For the moment its fixed. In actual fact the speed information
3241 for the virtual channel can be propogated in both directions by
3242 the RPN control message. This however rapidly gets nasty as we
3243 then have to remap modem signals each way according to whether
3244 our virtual cable is null modem etc .. */
3245 tty_termios_copy_hw(&tty->termios, old);
3248 static void gsmtty_throttle(struct tty_struct *tty)
3250 struct gsm_dlci *dlci = tty->driver_data;
3251 if (dlci->state == DLCI_CLOSED)
3254 dlci->modem_tx &= ~TIOCM_RTS;
3255 dlci->throttled = true;
3256 /* Send an MSC with RTS cleared */
3257 gsmtty_modem_update(dlci, 0);
3260 static void gsmtty_unthrottle(struct tty_struct *tty)
3262 struct gsm_dlci *dlci = tty->driver_data;
3263 if (dlci->state == DLCI_CLOSED)
3266 dlci->modem_tx |= TIOCM_RTS;
3267 dlci->throttled = false;
3268 /* Send an MSC with RTS set */
3269 gsmtty_modem_update(dlci, 0);
3272 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3274 struct gsm_dlci *dlci = tty->driver_data;
3275 int encode = 0; /* Off */
3276 if (dlci->state == DLCI_CLOSED)
3279 if (state == -1) /* "On indefinitely" - we can't encode this
3282 else if (state > 0) {
3283 encode = state / 200; /* mS to encoding */
3285 encode = 0x0F; /* Best effort */
3287 return gsmtty_modem_update(dlci, encode);
3290 static void gsmtty_cleanup(struct tty_struct *tty)
3292 struct gsm_dlci *dlci = tty->driver_data;
3293 struct gsm_mux *gsm = dlci->gsm;
3296 dlci_put(gsm->dlci[0]);
3300 /* Virtual ttys for the demux */
3301 static const struct tty_operations gsmtty_ops = {
3302 .install = gsmtty_install,
3303 .open = gsmtty_open,
3304 .close = gsmtty_close,
3305 .write = gsmtty_write,
3306 .write_room = gsmtty_write_room,
3307 .chars_in_buffer = gsmtty_chars_in_buffer,
3308 .flush_buffer = gsmtty_flush_buffer,
3309 .ioctl = gsmtty_ioctl,
3310 .throttle = gsmtty_throttle,
3311 .unthrottle = gsmtty_unthrottle,
3312 .set_termios = gsmtty_set_termios,
3313 .hangup = gsmtty_hangup,
3314 .wait_until_sent = gsmtty_wait_until_sent,
3315 .tiocmget = gsmtty_tiocmget,
3316 .tiocmset = gsmtty_tiocmset,
3317 .break_ctl = gsmtty_break_ctl,
3318 .cleanup = gsmtty_cleanup,
3323 static int __init gsm_init(void)
3325 /* Fill in our line protocol discipline, and register it */
3326 int status = tty_register_ldisc(&tty_ldisc_packet);
3328 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3333 gsm_tty_driver = tty_alloc_driver(256, TTY_DRIVER_REAL_RAW |
3334 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK);
3335 if (IS_ERR(gsm_tty_driver)) {
3336 pr_err("gsm_init: tty allocation failed.\n");
3337 status = PTR_ERR(gsm_tty_driver);
3338 goto err_unreg_ldisc;
3340 gsm_tty_driver->driver_name = "gsmtty";
3341 gsm_tty_driver->name = "gsmtty";
3342 gsm_tty_driver->major = 0; /* Dynamic */
3343 gsm_tty_driver->minor_start = 0;
3344 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3345 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3346 gsm_tty_driver->init_termios = tty_std_termios;
3348 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3349 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3351 if (tty_register_driver(gsm_tty_driver)) {
3352 pr_err("gsm_init: tty registration failed.\n");
3354 goto err_put_driver;
3356 pr_debug("gsm_init: loaded as %d,%d.\n",
3357 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3360 tty_driver_kref_put(gsm_tty_driver);
3362 tty_unregister_ldisc(&tty_ldisc_packet);
3366 static void __exit gsm_exit(void)
3368 tty_unregister_ldisc(&tty_ldisc_packet);
3369 tty_unregister_driver(gsm_tty_driver);
3370 tty_driver_kref_put(gsm_tty_driver);
3373 module_init(gsm_init);
3374 module_exit(gsm_exit);
3377 MODULE_LICENSE("GPL");
3378 MODULE_ALIAS_LDISC(N_GSM0710);
projects / linux-2.6-microblaze.git / blob