1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
56 module_param(debug, int, 0600);
58 /* Defaults: these are from the specification */
60 #define T1 10 /* 100mS */
61 #define T2 34 /* 333mS */
62 #define N2 3 /* Retry 3 times */
64 /* Use long timers for testing at low speed with debug on */
71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
72 * limits so this is plenty
76 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
77 #define PROT_OVERHEAD 7
78 #define GSM_NET_TX_TIMEOUT (HZ*10)
81 * struct gsm_mux_net - network interface
83 * Created when net interface is initialized.
87 struct gsm_dlci *dlci;
91 * Each block of data we have queued to go out is in the form of
92 * a gsm_msg which holds everything we need in a link layer independent
97 struct list_head list;
98 u8 addr; /* DLCI address + flags */
99 u8 ctrl; /* Control byte + flags */
100 unsigned int len; /* Length of data block (can be zero) */
101 unsigned char *data; /* Points into buffer but not at the start */
102 unsigned char buffer[];
105 enum gsm_dlci_state {
107 DLCI_OPENING, /* Sending SABM not seen UA */
108 DLCI_OPEN, /* SABM/UA complete */
109 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
113 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
114 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
118 * Each active data link has a gsm_dlci structure associated which ties
119 * the link layer to an optional tty (if the tty side is open). To avoid
120 * complexity right now these are only ever freed up when the mux is
123 * At the moment we don't free DLCI objects until the mux is torn down
124 * this avoid object life time issues but might be worth review later.
130 enum gsm_dlci_state state;
134 enum gsm_dlci_mode mode;
135 spinlock_t lock; /* Protects the internal state */
136 struct timer_list t1; /* Retransmit timer for SABM and UA */
138 /* Uplink tty if active */
139 struct tty_port port; /* The tty bound to this DLCI if there is one */
140 struct kfifo fifo; /* Queue fifo for the DLCI */
141 int adaption; /* Adaption layer in use */
143 u32 modem_rx; /* Our incoming virtual modem lines */
144 u32 modem_tx; /* Our outgoing modem lines */
145 bool dead; /* Refuse re-open */
147 bool throttled; /* Private copy of throttle state */
148 bool constipated; /* Throttle status for outgoing */
150 struct sk_buff *skb; /* Frame being sent */
151 struct sk_buff_head skb_list; /* Queued frames */
152 /* Data handling callback */
153 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
154 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
155 struct net_device *net; /* network interface, if created */
158 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
163 * DLCI 0 is used to pass control blocks out of band of the data
164 * flow (and with a higher link priority). One command can be outstanding
165 * at a time and we use this structure to manage them. They are created
166 * and destroyed by the user context, and updated by the receive paths
171 u8 cmd; /* Command we are issuing */
172 u8 *data; /* Data for the command in case we retransmit */
173 int len; /* Length of block for retransmission */
174 int done; /* Done flag */
175 int error; /* Error if any */
193 * Each GSM mux we have is represented by this structure. If we are
194 * operating as an ldisc then we use this structure as our ldisc
195 * state. We need to sort out lifetimes and locking with respect
196 * to the gsm mux array. For now we don't free DLCI objects that
197 * have been instantiated until the mux itself is terminated.
199 * To consider further: tty open versus mux shutdown.
203 struct tty_struct *tty; /* The tty our ldisc is bound to */
209 /* Events on the GSM channel */
210 wait_queue_head_t event;
212 /* Bits for GSM mode decoding */
216 enum gsm_mux_state state;
218 unsigned int address;
224 u8 *txframe; /* TX framing buffer */
226 /* Method for the receiver side */
227 void (*receive)(struct gsm_mux *gsm, u8 ch);
232 int initiator; /* Did we initiate connection */
233 bool dead; /* Has the mux been shut down */
234 struct gsm_dlci *dlci[NUM_DLCI];
235 int old_c_iflag; /* termios c_iflag value before attach */
236 bool constipated; /* Asked by remote to shut up */
239 unsigned int tx_bytes; /* TX data outstanding */
240 #define TX_THRESH_HI 8192
241 #define TX_THRESH_LO 2048
242 struct list_head tx_list; /* Pending data packets */
244 /* Control messages */
245 struct timer_list t2_timer; /* Retransmit timer for commands */
246 int cretries; /* Command retry counter */
247 struct gsm_control *pending_cmd;/* Our current pending command */
248 spinlock_t control_lock; /* Protects the pending command */
251 int adaption; /* 1 or 2 supported */
252 u8 ftype; /* UI or UIH */
253 int t1, t2; /* Timers in 1/100th of a sec */
254 int n2; /* Retry count */
256 /* Statistics (not currently exposed) */
257 unsigned long bad_fcs;
258 unsigned long malformed;
259 unsigned long io_error;
260 unsigned long bad_size;
261 unsigned long unsupported;
266 * Mux objects - needed so that we can translate a tty index into the
267 * relevant mux and DLCI.
270 #define MAX_MUX 4 /* 256 minors */
271 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
272 static DEFINE_SPINLOCK(gsm_mux_lock);
274 static struct tty_driver *gsm_tty_driver;
277 * This section of the driver logic implements the GSM encodings
278 * both the basic and the 'advanced'. Reliable transport is not
286 /* I is special: the rest are ..*/
297 /* Channel commands */
299 #define CMD_TEST 0x11
302 #define CMD_FCOFF 0x31
305 #define CMD_FCON 0x51
310 /* Virtual modem bits */
317 #define GSM0_SOF 0xF9
318 #define GSM1_SOF 0x7E
319 #define GSM1_ESCAPE 0x7D
320 #define GSM1_ESCAPE_BITS 0x20
323 #define ISO_IEC_646_MASK 0x7F
325 static const struct tty_port_operations gsm_port_ops;
328 * CRC table for GSM 0710
331 static const u8 gsm_fcs8[256] = {
332 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
333 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
334 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
335 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
336 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
337 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
338 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
339 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
340 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
341 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
342 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
343 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
344 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
345 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
346 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
347 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
348 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
349 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
350 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
351 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
352 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
353 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
354 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
355 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
356 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
357 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
358 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
359 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
360 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
361 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
362 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
363 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
366 #define INIT_FCS 0xFF
367 #define GOOD_FCS 0xCF
369 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
370 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk);
373 * gsm_fcs_add - update FCS
377 * Update the FCS to include c. Uses the algorithm in the specification
381 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
383 return gsm_fcs8[fcs ^ c];
387 * gsm_fcs_add_block - update FCS for a block
390 * @len: length of buffer
392 * Update the FCS to include c. Uses the algorithm in the specification
396 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
399 fcs = gsm_fcs8[fcs ^ *c++];
404 * gsm_read_ea - read a byte into an EA
405 * @val: variable holding value
406 * @c: byte going into the EA
408 * Processes one byte of an EA. Updates the passed variable
409 * and returns 1 if the EA is now completely read
412 static int gsm_read_ea(unsigned int *val, u8 c)
414 /* Add the next 7 bits into the value */
417 /* Was this the last byte of the EA 1 = yes*/
422 * gsm_encode_modem - encode modem data bits
423 * @dlci: DLCI to encode from
425 * Returns the correct GSM encoded modem status bits (6 bit field) for
426 * the current status of the DLCI and attached tty object
429 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
432 /* FC is true flow control not modem bits */
435 if (dlci->modem_tx & TIOCM_DTR)
436 modembits |= MDM_RTC;
437 if (dlci->modem_tx & TIOCM_RTS)
438 modembits |= MDM_RTR;
439 if (dlci->modem_tx & TIOCM_RI)
441 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
447 * gsm_print_packet - display a frame for debug
448 * @hdr: header to print before decode
449 * @addr: address EA from the frame
450 * @cr: C/R bit seen as initiator
451 * @control: control including PF bit
452 * @data: following data bytes
453 * @dlen: length of data
455 * Displays a packet in human readable format for debugging purposes. The
456 * style is based on amateur radio LAP-B dump display.
459 static void gsm_print_packet(const char *hdr, int addr, int cr,
460 u8 control, const u8 *data, int dlen)
465 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
467 switch (control & ~PF) {
487 if (!(control & 0x01)) {
488 pr_cont("I N(S)%d N(R)%d",
489 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
490 } else switch (control & 0x0F) {
492 pr_cont("RR(%d)", (control & 0xE0) >> 5);
495 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
498 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
501 pr_cont("[%02X]", control);
510 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen);
515 * Link level transmission side
519 * gsm_stuff_frame - bytestuff a packet
520 * @input: input buffer
521 * @output: output buffer
522 * @len: length of input
524 * Expand a buffer by bytestuffing it. The worst case size change
525 * is doubling and the caller is responsible for handing out
526 * suitable sized buffers.
529 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
533 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
534 || (*input & ISO_IEC_646_MASK) == XON
535 || (*input & ISO_IEC_646_MASK) == XOFF) {
536 *output++ = GSM1_ESCAPE;
537 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
540 *output++ = *input++;
547 * gsm_send - send a control frame
549 * @addr: address for control frame
550 * @cr: command/response bit seen as initiator
551 * @control: control byte including PF bit
553 * Format up and transmit a control frame. These do not go via the
554 * queueing logic as they should be transmitted ahead of data when
557 * FIXME: Lock versus data TX path
560 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
567 /* toggle C/R coding if not initiator */
568 ocr = cr ^ (gsm->initiator ? 0 : 1);
570 switch (gsm->encoding) {
573 cbuf[1] = (addr << 2) | (ocr << 1) | EA;
575 cbuf[3] = EA; /* Length of data = 0 */
576 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
582 /* Control frame + packing (but not frame stuffing) in mode 1 */
583 ibuf[0] = (addr << 2) | (ocr << 1) | EA;
585 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
586 /* Stuffing may double the size worst case */
587 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
588 /* Now add the SOF markers */
590 cbuf[len + 1] = GSM1_SOF;
591 /* FIXME: we can omit the lead one in many cases */
598 gsmld_output(gsm, cbuf, len);
599 if (!gsm->initiator) {
600 cr = cr & gsm->initiator;
601 control = control & ~PF;
603 gsm_print_packet("-->", addr, cr, control, NULL, 0);
607 * gsm_response - send a control response
609 * @addr: address for control frame
610 * @control: control byte including PF bit
612 * Format up and transmit a link level response frame.
615 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
617 gsm_send(gsm, addr, 0, control);
621 * gsm_command - send a control command
623 * @addr: address for control frame
624 * @control: control byte including PF bit
626 * Format up and transmit a link level command frame.
629 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
631 gsm_send(gsm, addr, 1, control);
634 /* Data transmission */
636 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
639 * gsm_data_alloc - allocate data frame
641 * @addr: DLCI address
642 * @len: length excluding header and FCS
643 * @ctrl: control byte
645 * Allocate a new data buffer for sending frames with data. Space is left
646 * at the front for header bytes but that is treated as an implementation
647 * detail and not for the high level code to use
650 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
653 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
657 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
661 INIT_LIST_HEAD(&m->list);
666 * gsm_data_kick - poke the queue
668 * @dlci: DLCI sending the data
670 * The tty device has called us to indicate that room has appeared in
671 * the transmit queue. Ram more data into the pipe if we have any
672 * If we have been flow-stopped by a CMD_FCOFF, then we can only
673 * send messages on DLCI0 until CMD_FCON
675 * FIXME: lock against link layer control transmissions
678 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
680 struct gsm_msg *msg, *nmsg;
683 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
684 if (gsm->constipated && msg->addr)
686 if (gsm->encoding != 0) {
687 gsm->txframe[0] = GSM1_SOF;
688 len = gsm_stuff_frame(msg->data,
689 gsm->txframe + 1, msg->len);
690 gsm->txframe[len + 1] = GSM1_SOF;
693 gsm->txframe[0] = GSM0_SOF;
694 memcpy(gsm->txframe + 1 , msg->data, msg->len);
695 gsm->txframe[msg->len + 1] = GSM0_SOF;
700 print_hex_dump_bytes("gsm_data_kick: ",
703 if (gsmld_output(gsm, gsm->txframe, len) <= 0)
705 /* FIXME: Can eliminate one SOF in many more cases */
706 gsm->tx_bytes -= msg->len;
708 list_del(&msg->list);
712 tty_port_tty_wakeup(&dlci->port);
716 for (i = 0; i < NUM_DLCI; i++)
718 tty_port_tty_wakeup(&gsm->dlci[i]->port);
724 * __gsm_data_queue - queue a UI or UIH frame
725 * @dlci: DLCI sending the data
726 * @msg: message queued
728 * Add data to the transmit queue and try and get stuff moving
729 * out of the mux tty if not already doing so. The Caller must hold
733 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
735 struct gsm_mux *gsm = dlci->gsm;
737 u8 *fcs = dp + msg->len;
739 /* Fill in the header */
740 if (gsm->encoding == 0) {
742 *--dp = (msg->len << 1) | EA;
744 *--dp = (msg->len >> 7); /* bits 7 - 15 */
745 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
751 *--dp = (msg->addr << 2) | CR | EA;
753 *--dp = (msg->addr << 2) | EA;
754 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
755 /* Ugly protocol layering violation */
756 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
757 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
760 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
761 msg->data, msg->len);
763 /* Move the header back and adjust the length, also allow for the FCS
764 now tacked on the end */
765 msg->len += (msg->data - dp) + 1;
768 /* Add to the actual output queue */
769 list_add_tail(&msg->list, &gsm->tx_list);
770 gsm->tx_bytes += msg->len;
771 gsm_data_kick(gsm, dlci);
775 * gsm_data_queue - queue a UI or UIH frame
776 * @dlci: DLCI sending the data
777 * @msg: message queued
779 * Add data to the transmit queue and try and get stuff moving
780 * out of the mux tty if not already doing so. Take the
781 * the gsm tx lock and dlci lock.
784 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
787 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
788 __gsm_data_queue(dlci, msg);
789 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
793 * gsm_dlci_data_output - try and push data out of a DLCI
795 * @dlci: the DLCI to pull data from
797 * Pull data from a DLCI and send it into the transmit queue if there
798 * is data. Keep to the MRU of the mux. This path handles the usual tty
799 * interface which is a byte stream with optional modem data.
801 * Caller must hold the tx_lock of the mux.
804 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
808 int len, total_size, size;
809 int h = dlci->adaption - 1;
813 len = kfifo_len(&dlci->fifo);
817 /* MTU/MRU count only the data bits */
823 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
824 /* FIXME: need a timer or something to kick this so it can't
825 get stuck with no work outstanding and no buffer free */
829 switch (dlci->adaption) {
830 case 1: /* Unstructured */
832 case 2: /* Unstructed with modem bits.
833 Always one byte as we never send inline break data */
834 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
837 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len);
838 __gsm_data_queue(dlci, msg);
841 /* Bytes of data we used up */
846 * gsm_dlci_data_output_framed - try and push data out of a DLCI
848 * @dlci: the DLCI to pull data from
850 * Pull data from a DLCI and send it into the transmit queue if there
851 * is data. Keep to the MRU of the mux. This path handles framed data
852 * queued as skbuffs to the DLCI.
854 * Caller must hold the tx_lock of the mux.
857 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
858 struct gsm_dlci *dlci)
863 int last = 0, first = 0;
866 /* One byte per frame is used for B/F flags */
867 if (dlci->adaption == 4)
870 /* dlci->skb is locked by tx_lock */
871 if (dlci->skb == NULL) {
872 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
873 if (dlci->skb == NULL)
877 len = dlci->skb->len + overhead;
879 /* MTU/MRU count only the data bits */
880 if (len > gsm->mtu) {
881 if (dlci->adaption == 3) {
882 /* Over long frame, bin it */
883 dev_kfree_skb_any(dlci->skb);
891 size = len + overhead;
892 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
894 /* FIXME: need a timer or something to kick this so it can't
895 get stuck with no work outstanding and no buffer free */
897 skb_queue_tail(&dlci->skb_list, dlci->skb);
903 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
904 /* Flag byte to carry the start/end info */
905 *dp++ = last << 7 | first << 6 | 1; /* EA */
908 memcpy(dp, dlci->skb->data, len);
909 skb_pull(dlci->skb, len);
910 __gsm_data_queue(dlci, msg);
912 dev_kfree_skb_any(dlci->skb);
919 * gsm_dlci_modem_output - try and push modem status out of a DLCI
921 * @dlci: the DLCI to pull modem status from
924 * Push an empty frame in to the transmit queue to update the modem status
925 * bits and to transmit an optional break.
927 * Caller must hold the tx_lock of the mux.
930 static int gsm_dlci_modem_output(struct gsm_mux *gsm, struct gsm_dlci *dlci,
937 /* for modem bits without break data */
938 switch (dlci->adaption) {
939 case 1: /* Unstructured */
941 case 2: /* Unstructured with modem bits. */
947 pr_err("%s: unsupported adaption %d\n", __func__,
952 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
954 pr_err("%s: gsm_data_alloc error", __func__);
958 switch (dlci->adaption) {
959 case 1: /* Unstructured */
961 case 2: /* Unstructured with modem bits. */
963 *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
965 *dp++ = gsm_encode_modem(dlci) << 1;
966 *dp++ = (brk << 4) | 2 | EA; /* Length, Break, EA */
974 __gsm_data_queue(dlci, msg);
979 * gsm_dlci_data_sweep - look for data to send
982 * Sweep the GSM mux channels in priority order looking for ones with
983 * data to send. We could do with optimising this scan a bit. We aim
984 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
985 * TX_THRESH_LO we get called again
987 * FIXME: We should round robin between groups and in theory you can
988 * renegotiate DLCI priorities with optional stuff. Needs optimising.
991 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
994 /* Priority ordering: We should do priority with RR of the groups */
997 while (i < NUM_DLCI) {
998 struct gsm_dlci *dlci;
1000 if (gsm->tx_bytes > TX_THRESH_HI)
1002 dlci = gsm->dlci[i];
1003 if (dlci == NULL || dlci->constipated) {
1007 if (dlci->adaption < 3 && !dlci->net)
1008 len = gsm_dlci_data_output(gsm, dlci);
1010 len = gsm_dlci_data_output_framed(gsm, dlci);
1013 /* DLCI empty - try the next */
1020 * gsm_dlci_data_kick - transmit if possible
1021 * @dlci: DLCI to kick
1023 * Transmit data from this DLCI if the queue is empty. We can't rely on
1024 * a tty wakeup except when we filled the pipe so we need to fire off
1025 * new data ourselves in other cases.
1028 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
1030 unsigned long flags;
1033 if (dlci->constipated)
1036 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
1037 /* If we have nothing running then we need to fire up */
1038 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
1039 if (dlci->gsm->tx_bytes == 0) {
1041 gsm_dlci_data_output_framed(dlci->gsm, dlci);
1043 gsm_dlci_data_output(dlci->gsm, dlci);
1046 gsm_dlci_data_sweep(dlci->gsm);
1047 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
1051 * Control message processing
1056 * gsm_control_reply - send a response frame to a control
1058 * @cmd: the command to use
1059 * @data: data to follow encoded info
1060 * @dlen: length of data
1062 * Encode up and queue a UI/UIH frame containing our response.
1065 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1068 struct gsm_msg *msg;
1069 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1072 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1073 msg->data[1] = (dlen << 1) | EA;
1074 memcpy(msg->data + 2, data, dlen);
1075 gsm_data_queue(gsm->dlci[0], msg);
1079 * gsm_process_modem - process received modem status
1080 * @tty: virtual tty bound to the DLCI
1081 * @dlci: DLCI to affect
1082 * @modem: modem bits (full EA)
1083 * @slen: number of signal octets
1085 * Used when a modem control message or line state inline in adaption
1086 * layer 2 is processed. Sort out the local modem state and throttles
1089 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1090 u32 modem, int slen)
1096 /* The modem status command can either contain one octet (V.24 signals)
1097 * or two octets (V.24 signals + break signals). This is specified in
1098 * section 5.4.6.3.7 of the 07.10 mux spec.
1102 modem = modem & 0x7f;
1105 modem = (modem >> 7) & 0x7f;
1108 /* Flow control/ready to communicate */
1109 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1110 if (fc && !dlci->constipated) {
1111 /* Need to throttle our output on this device */
1112 dlci->constipated = true;
1113 } else if (!fc && dlci->constipated) {
1114 dlci->constipated = false;
1115 gsm_dlci_data_kick(dlci);
1118 /* Map modem bits */
1119 if (modem & MDM_RTC)
1120 mlines |= TIOCM_DSR | TIOCM_DTR;
1121 if (modem & MDM_RTR)
1122 mlines |= TIOCM_RTS | TIOCM_CTS;
1128 /* Carrier drop -> hangup */
1130 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1135 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1136 dlci->modem_rx = mlines;
1140 * gsm_control_modem - modem status received
1142 * @data: data following command
1143 * @clen: command length
1145 * We have received a modem status control message. This is used by
1146 * the GSM mux protocol to pass virtual modem line status and optionally
1147 * to indicate break signals. Unpack it, convert to Linux representation
1148 * and if need be stuff a break message down the tty.
1151 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1153 unsigned int addr = 0;
1154 unsigned int modem = 0;
1155 struct gsm_dlci *dlci;
1158 const u8 *dp = data;
1159 struct tty_struct *tty;
1161 while (gsm_read_ea(&addr, *dp++) == 0) {
1166 /* Must be at least one byte following the EA */
1172 /* Closed port, or invalid ? */
1173 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1175 dlci = gsm->dlci[addr];
1178 while (gsm_read_ea(&modem, *dp++) == 0) {
1184 tty = tty_port_tty_get(&dlci->port);
1185 gsm_process_modem(tty, dlci, modem, slen - len);
1190 gsm_control_reply(gsm, CMD_MSC, data, clen);
1194 * gsm_control_rls - remote line status
1197 * @clen: data length
1199 * The modem sends us a two byte message on the control channel whenever
1200 * it wishes to send us an error state from the virtual link. Stuff
1201 * this into the uplink tty if present
1204 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1206 struct tty_port *port;
1207 unsigned int addr = 0;
1210 const u8 *dp = data;
1212 while (gsm_read_ea(&addr, *dp++) == 0) {
1217 /* Must be at least one byte following ea */
1222 /* Closed port, or invalid ? */
1223 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1227 if ((bits & 1) == 0)
1230 port = &gsm->dlci[addr]->port;
1233 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1235 tty_insert_flip_char(port, 0, TTY_PARITY);
1237 tty_insert_flip_char(port, 0, TTY_FRAME);
1239 tty_flip_buffer_push(port);
1241 gsm_control_reply(gsm, CMD_RLS, data, clen);
1244 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1247 * gsm_control_message - DLCI 0 control processing
1249 * @command: the command EA
1250 * @data: data beyond the command/length EAs
1253 * Input processor for control messages from the other end of the link.
1254 * Processes the incoming request and queues a response frame or an
1255 * NSC response if not supported
1258 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1259 const u8 *data, int clen)
1262 unsigned long flags;
1266 struct gsm_dlci *dlci = gsm->dlci[0];
1267 /* Modem wishes to close down */
1271 gsm_dlci_begin_close(dlci);
1276 /* Modem wishes to test, reply with the data */
1277 gsm_control_reply(gsm, CMD_TEST, data, clen);
1280 /* Modem can accept data again */
1281 gsm->constipated = false;
1282 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1283 /* Kick the link in case it is idling */
1284 spin_lock_irqsave(&gsm->tx_lock, flags);
1285 gsm_data_kick(gsm, NULL);
1286 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1289 /* Modem wants us to STFU */
1290 gsm->constipated = true;
1291 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1294 /* Out of band modem line change indicator for a DLCI */
1295 gsm_control_modem(gsm, data, clen);
1298 /* Out of band error reception for a DLCI */
1299 gsm_control_rls(gsm, data, clen);
1302 /* Modem wishes to enter power saving state */
1303 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1305 /* Optional unsupported commands */
1306 case CMD_PN: /* Parameter negotiation */
1307 case CMD_RPN: /* Remote port negotiation */
1308 case CMD_SNC: /* Service negotiation command */
1310 /* Reply to bad commands with an NSC */
1312 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1318 * gsm_control_response - process a response to our control
1320 * @command: the command (response) EA
1321 * @data: data beyond the command/length EA
1324 * Process a response to an outstanding command. We only allow a single
1325 * control message in flight so this is fairly easy. All the clean up
1326 * is done by the caller, we just update the fields, flag it as done
1330 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1331 const u8 *data, int clen)
1333 struct gsm_control *ctrl;
1334 unsigned long flags;
1336 spin_lock_irqsave(&gsm->control_lock, flags);
1338 ctrl = gsm->pending_cmd;
1339 /* Does the reply match our command */
1341 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1342 /* Our command was replied to, kill the retry timer */
1343 del_timer(&gsm->t2_timer);
1344 gsm->pending_cmd = NULL;
1345 /* Rejected by the other end */
1346 if (command == CMD_NSC)
1347 ctrl->error = -EOPNOTSUPP;
1349 wake_up(&gsm->event);
1351 spin_unlock_irqrestore(&gsm->control_lock, flags);
1355 * gsm_control_transmit - send control packet
1357 * @ctrl: frame to send
1359 * Send out a pending control command (called under control lock)
1362 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1364 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype);
1367 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */
1368 msg->data[1] = (ctrl->len << 1) | EA;
1369 memcpy(msg->data + 2, ctrl->data, ctrl->len);
1370 gsm_data_queue(gsm->dlci[0], msg);
1374 * gsm_control_retransmit - retransmit a control frame
1375 * @t: timer contained in our gsm object
1377 * Called off the T2 timer expiry in order to retransmit control frames
1378 * that have been lost in the system somewhere. The control_lock protects
1379 * us from colliding with another sender or a receive completion event.
1380 * In that situation the timer may still occur in a small window but
1381 * gsm->pending_cmd will be NULL and we just let the timer expire.
1384 static void gsm_control_retransmit(struct timer_list *t)
1386 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1387 struct gsm_control *ctrl;
1388 unsigned long flags;
1389 spin_lock_irqsave(&gsm->control_lock, flags);
1390 ctrl = gsm->pending_cmd;
1392 if (gsm->cretries == 0) {
1393 gsm->pending_cmd = NULL;
1394 ctrl->error = -ETIMEDOUT;
1396 spin_unlock_irqrestore(&gsm->control_lock, flags);
1397 wake_up(&gsm->event);
1401 gsm_control_transmit(gsm, ctrl);
1402 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1404 spin_unlock_irqrestore(&gsm->control_lock, flags);
1408 * gsm_control_send - send a control frame on DLCI 0
1409 * @gsm: the GSM channel
1410 * @command: command to send including CR bit
1411 * @data: bytes of data (must be kmalloced)
1412 * @clen: length of the block to send
1414 * Queue and dispatch a control command. Only one command can be
1415 * active at a time. In theory more can be outstanding but the matching
1416 * gets really complicated so for now stick to one outstanding.
1419 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1420 unsigned int command, u8 *data, int clen)
1422 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1424 unsigned long flags;
1428 wait_event(gsm->event, gsm->pending_cmd == NULL);
1429 spin_lock_irqsave(&gsm->control_lock, flags);
1430 if (gsm->pending_cmd != NULL) {
1431 spin_unlock_irqrestore(&gsm->control_lock, flags);
1434 ctrl->cmd = command;
1437 gsm->pending_cmd = ctrl;
1439 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1440 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1443 gsm->cretries = gsm->n2;
1445 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1446 gsm_control_transmit(gsm, ctrl);
1447 spin_unlock_irqrestore(&gsm->control_lock, flags);
1452 * gsm_control_wait - wait for a control to finish
1454 * @control: control we are waiting on
1456 * Waits for the control to complete or time out. Frees any used
1457 * resources and returns 0 for success, or an error if the remote
1458 * rejected or ignored the request.
1461 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1464 wait_event(gsm->event, control->done == 1);
1465 err = control->error;
1472 * DLCI level handling: Needs krefs
1476 * State transitions and timers
1480 * gsm_dlci_close - a DLCI has closed
1481 * @dlci: DLCI that closed
1483 * Perform processing when moving a DLCI into closed state. If there
1484 * is an attached tty this is hung up
1487 static void gsm_dlci_close(struct gsm_dlci *dlci)
1489 unsigned long flags;
1491 del_timer(&dlci->t1);
1493 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1494 dlci->state = DLCI_CLOSED;
1495 if (dlci->addr != 0) {
1496 tty_port_tty_hangup(&dlci->port, false);
1497 spin_lock_irqsave(&dlci->lock, flags);
1498 kfifo_reset(&dlci->fifo);
1499 spin_unlock_irqrestore(&dlci->lock, flags);
1500 /* Ensure that gsmtty_open() can return. */
1501 tty_port_set_initialized(&dlci->port, 0);
1502 wake_up_interruptible(&dlci->port.open_wait);
1504 dlci->gsm->dead = true;
1505 wake_up(&dlci->gsm->event);
1506 /* A DLCI 0 close is a MUX termination so we need to kick that
1507 back to userspace somehow */
1511 * gsm_dlci_open - a DLCI has opened
1512 * @dlci: DLCI that opened
1514 * Perform processing when moving a DLCI into open state.
1517 static void gsm_dlci_open(struct gsm_dlci *dlci)
1519 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1521 del_timer(&dlci->t1);
1522 /* This will let a tty open continue */
1523 dlci->state = DLCI_OPEN;
1525 pr_debug("DLCI %d goes open.\n", dlci->addr);
1526 /* Send current modem state */
1528 gsm_modem_update(dlci, 0);
1529 wake_up(&dlci->gsm->event);
1533 * gsm_dlci_t1 - T1 timer expiry
1534 * @t: timer contained in the DLCI that opened
1536 * The T1 timer handles retransmits of control frames (essentially of
1537 * SABM and DISC). We resend the command until the retry count runs out
1538 * in which case an opening port goes back to closed and a closing port
1539 * is simply put into closed state (any further frames from the other
1540 * end will get a DM response)
1542 * Some control dlci can stay in ADM mode with other dlci working just
1543 * fine. In that case we can just keep the control dlci open after the
1544 * DLCI_OPENING retries time out.
1547 static void gsm_dlci_t1(struct timer_list *t)
1549 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1550 struct gsm_mux *gsm = dlci->gsm;
1552 switch (dlci->state) {
1555 if (dlci->retries) {
1556 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1557 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1558 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1560 pr_info("DLCI %d opening in ADM mode.\n",
1562 dlci->mode = DLCI_MODE_ADM;
1563 gsm_dlci_open(dlci);
1565 gsm_dlci_begin_close(dlci); /* prevent half open link */
1571 if (dlci->retries) {
1572 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1573 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1575 gsm_dlci_close(dlci);
1578 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1584 * gsm_dlci_begin_open - start channel open procedure
1585 * @dlci: DLCI to open
1587 * Commence opening a DLCI from the Linux side. We issue SABM messages
1588 * to the modem which should then reply with a UA or ADM, at which point
1589 * we will move into open state. Opening is done asynchronously with retry
1590 * running off timers and the responses.
1593 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1595 struct gsm_mux *gsm = dlci->gsm;
1596 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1598 dlci->retries = gsm->n2;
1599 dlci->state = DLCI_OPENING;
1600 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1601 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1605 * gsm_dlci_begin_close - start channel open procedure
1606 * @dlci: DLCI to open
1608 * Commence closing a DLCI from the Linux side. We issue DISC messages
1609 * to the modem which should then reply with a UA, at which point we
1610 * will move into closed state. Closing is done asynchronously with retry
1611 * off timers. We may also receive a DM reply from the other end which
1612 * indicates the channel was already closed.
1615 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1617 struct gsm_mux *gsm = dlci->gsm;
1618 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1620 dlci->retries = gsm->n2;
1621 dlci->state = DLCI_CLOSING;
1622 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1623 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1627 * gsm_dlci_data - data arrived
1629 * @data: block of bytes received
1630 * @clen: length of received block
1632 * A UI or UIH frame has arrived which contains data for a channel
1633 * other than the control channel. If the relevant virtual tty is
1634 * open we shovel the bits down it, if not we drop them.
1637 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1640 struct tty_port *port = &dlci->port;
1641 struct tty_struct *tty;
1642 unsigned int modem = 0;
1647 pr_debug("%d bytes for tty\n", len);
1648 switch (dlci->adaption) {
1649 /* Unsupported types */
1650 case 4: /* Packetised interruptible data */
1652 case 3: /* Packetised uininterruptible voice/data */
1654 case 2: /* Asynchronous serial with line state in each frame */
1655 while (gsm_read_ea(&modem, *data++) == 0) {
1662 tty = tty_port_tty_get(port);
1664 gsm_process_modem(tty, dlci, modem, slen);
1669 case 1: /* Line state will go via DLCI 0 controls only */
1671 tty_insert_flip_string(port, data, len);
1672 tty_flip_buffer_push(port);
1677 * gsm_dlci_command - data arrived on control channel
1679 * @data: block of bytes received
1680 * @len: length of received block
1682 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1683 * control channel. This should contain a command EA followed by
1684 * control data bytes. The command EA contains a command/response bit
1685 * and we divide up the work accordingly.
1688 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1690 /* See what command is involved */
1691 unsigned int command = 0;
1693 if (gsm_read_ea(&command, *data++) == 1) {
1696 /* FIXME: this is properly an EA */
1698 /* Malformed command ? */
1702 gsm_control_message(dlci->gsm, command,
1705 gsm_control_response(dlci->gsm, command,
1713 * Allocate/Free DLCI channels
1717 * gsm_dlci_alloc - allocate a DLCI
1719 * @addr: address of the DLCI
1721 * Allocate and install a new DLCI object into the GSM mux.
1723 * FIXME: review locking races
1726 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1728 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1731 spin_lock_init(&dlci->lock);
1732 mutex_init(&dlci->mutex);
1733 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1738 skb_queue_head_init(&dlci->skb_list);
1739 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1740 tty_port_init(&dlci->port);
1741 dlci->port.ops = &gsm_port_ops;
1744 dlci->adaption = gsm->adaption;
1745 dlci->state = DLCI_CLOSED;
1747 dlci->data = gsm_dlci_data;
1749 dlci->data = gsm_dlci_command;
1750 gsm->dlci[addr] = dlci;
1755 * gsm_dlci_free - free DLCI
1756 * @port: tty port for DLCI to free
1762 static void gsm_dlci_free(struct tty_port *port)
1764 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1766 del_timer_sync(&dlci->t1);
1767 dlci->gsm->dlci[dlci->addr] = NULL;
1768 kfifo_free(&dlci->fifo);
1769 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1770 dev_kfree_skb(dlci->skb);
1774 static inline void dlci_get(struct gsm_dlci *dlci)
1776 tty_port_get(&dlci->port);
1779 static inline void dlci_put(struct gsm_dlci *dlci)
1781 tty_port_put(&dlci->port);
1784 static void gsm_destroy_network(struct gsm_dlci *dlci);
1787 * gsm_dlci_release - release DLCI
1788 * @dlci: DLCI to destroy
1790 * Release a DLCI. Actual free is deferred until either
1791 * mux is closed or tty is closed - whichever is last.
1795 static void gsm_dlci_release(struct gsm_dlci *dlci)
1797 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1799 mutex_lock(&dlci->mutex);
1800 gsm_destroy_network(dlci);
1801 mutex_unlock(&dlci->mutex);
1803 /* We cannot use tty_hangup() because in tty_kref_put() the tty
1804 * driver assumes that the hangup queue is free and reuses it to
1805 * queue release_one_tty() -> NULL pointer panic in
1806 * process_one_work().
1810 tty_port_tty_set(&dlci->port, NULL);
1813 dlci->state = DLCI_CLOSED;
1818 * LAPBish link layer logic
1822 * gsm_queue - a GSM frame is ready to process
1823 * @gsm: pointer to our gsm mux
1825 * At this point in time a frame has arrived and been demangled from
1826 * the line encoding. All the differences between the encodings have
1827 * been handled below us and the frame is unpacked into the structures.
1828 * The fcs holds the header FCS but any data FCS must be added here.
1831 static void gsm_queue(struct gsm_mux *gsm)
1833 struct gsm_dlci *dlci;
1837 if (gsm->fcs != GOOD_FCS) {
1840 pr_debug("BAD FCS %02x\n", gsm->fcs);
1843 address = gsm->address >> 1;
1844 if (address >= NUM_DLCI)
1847 cr = gsm->address & 1; /* C/R bit */
1848 cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */
1850 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1852 dlci = gsm->dlci[address];
1854 switch (gsm->control) {
1859 dlci = gsm_dlci_alloc(gsm, address);
1863 gsm_response(gsm, address, DM|PF);
1865 gsm_response(gsm, address, UA|PF);
1866 gsm_dlci_open(dlci);
1872 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1873 gsm_response(gsm, address, DM|PF);
1876 /* Real close complete */
1877 gsm_response(gsm, address, UA|PF);
1878 gsm_dlci_close(dlci);
1881 if (cr == 0 || dlci == NULL)
1883 switch (dlci->state) {
1885 gsm_dlci_close(dlci);
1888 gsm_dlci_open(dlci);
1891 pr_debug("%s: unhandled state: %d\n", __func__,
1896 case DM: /* DM can be valid unsolicited */
1902 gsm_dlci_close(dlci);
1908 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1909 gsm_command(gsm, address, DM|PF);
1912 dlci->data(dlci, gsm->buf, gsm->len);
1925 * gsm0_receive - perform processing for non-transparency
1926 * @gsm: gsm data for this ldisc instance
1929 * Receive bytes in gsm mode 0
1932 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1936 switch (gsm->state) {
1937 case GSM_SEARCH: /* SOF marker */
1938 if (c == GSM0_SOF) {
1939 gsm->state = GSM_ADDRESS;
1942 gsm->fcs = INIT_FCS;
1945 case GSM_ADDRESS: /* Address EA */
1946 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1947 if (gsm_read_ea(&gsm->address, c))
1948 gsm->state = GSM_CONTROL;
1950 case GSM_CONTROL: /* Control Byte */
1951 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1953 gsm->state = GSM_LEN0;
1955 case GSM_LEN0: /* Length EA */
1956 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1957 if (gsm_read_ea(&gsm->len, c)) {
1958 if (gsm->len > gsm->mru) {
1960 gsm->state = GSM_SEARCH;
1965 gsm->state = GSM_FCS;
1967 gsm->state = GSM_DATA;
1970 gsm->state = GSM_LEN1;
1973 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1975 gsm->len |= len << 7;
1976 if (gsm->len > gsm->mru) {
1978 gsm->state = GSM_SEARCH;
1983 gsm->state = GSM_FCS;
1985 gsm->state = GSM_DATA;
1987 case GSM_DATA: /* Data */
1988 gsm->buf[gsm->count++] = c;
1989 if (gsm->count == gsm->len) {
1990 /* Calculate final FCS for UI frames over all data */
1991 if ((gsm->control & ~PF) != UIH) {
1992 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
1995 gsm->state = GSM_FCS;
1998 case GSM_FCS: /* FCS follows the packet */
1999 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2000 gsm->state = GSM_SSOF;
2003 gsm->state = GSM_SEARCH;
2010 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2016 * gsm1_receive - perform processing for non-transparency
2017 * @gsm: gsm data for this ldisc instance
2020 * Receive bytes in mode 1 (Advanced option)
2023 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
2025 /* handle XON/XOFF */
2026 if ((c & ISO_IEC_646_MASK) == XON) {
2027 gsm->constipated = true;
2029 } else if ((c & ISO_IEC_646_MASK) == XOFF) {
2030 gsm->constipated = false;
2031 /* Kick the link in case it is idling */
2032 gsm_data_kick(gsm, NULL);
2035 if (c == GSM1_SOF) {
2036 /* EOF is only valid in frame if we have got to the data state */
2037 if (gsm->state == GSM_DATA) {
2038 if (gsm->count < 1) {
2041 gsm->state = GSM_START;
2044 /* Remove the FCS from data */
2046 if ((gsm->control & ~PF) != UIH) {
2047 /* Calculate final FCS for UI frames over all
2050 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
2053 /* Add the FCS itself to test against GOOD_FCS */
2054 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
2055 gsm->len = gsm->count;
2057 gsm->state = GSM_START;
2060 /* Any partial frame was a runt so go back to start */
2061 if (gsm->state != GSM_START) {
2062 if (gsm->state != GSM_SEARCH)
2064 gsm->state = GSM_START;
2066 /* A SOF in GSM_START means we are still reading idling or
2071 if (c == GSM1_ESCAPE) {
2076 /* Only an unescaped SOF gets us out of GSM search */
2077 if (gsm->state == GSM_SEARCH)
2081 c ^= GSM1_ESCAPE_BITS;
2082 gsm->escape = false;
2084 switch (gsm->state) {
2085 case GSM_START: /* First byte after SOF */
2087 gsm->state = GSM_ADDRESS;
2088 gsm->fcs = INIT_FCS;
2090 case GSM_ADDRESS: /* Address continuation */
2091 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2092 if (gsm_read_ea(&gsm->address, c))
2093 gsm->state = GSM_CONTROL;
2095 case GSM_CONTROL: /* Control Byte */
2096 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2099 gsm->state = GSM_DATA;
2101 case GSM_DATA: /* Data */
2102 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2103 gsm->state = GSM_OVERRUN;
2106 gsm->buf[gsm->count++] = c;
2108 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2111 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2117 * gsm_error - handle tty error
2120 * Handle an error in the receipt of data for a frame. Currently we just
2121 * go back to hunting for a SOF.
2123 * FIXME: better diagnostics ?
2126 static void gsm_error(struct gsm_mux *gsm)
2128 gsm->state = GSM_SEARCH;
2133 * gsm_cleanup_mux - generic GSM protocol cleanup
2135 * @disc: disconnect link?
2137 * Clean up the bits of the mux which are the same for all framing
2138 * protocols. Remove the mux from the mux table, stop all the timers
2139 * and then shut down each device hanging up the channels as we go.
2142 static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc)
2145 struct gsm_dlci *dlci = gsm->dlci[0];
2146 struct gsm_msg *txq, *ntxq;
2149 mutex_lock(&gsm->mutex);
2152 if (disc && dlci->state != DLCI_CLOSED) {
2153 gsm_dlci_begin_close(dlci);
2154 wait_event(gsm->event, dlci->state == DLCI_CLOSED);
2159 /* Finish outstanding timers, making sure they are done */
2160 del_timer_sync(&gsm->t2_timer);
2162 /* Free up any link layer users and finally the control channel */
2163 for (i = NUM_DLCI - 1; i >= 0; i--)
2165 gsm_dlci_release(gsm->dlci[i]);
2166 mutex_unlock(&gsm->mutex);
2167 /* Now wipe the queues */
2168 tty_ldisc_flush(gsm->tty);
2169 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2171 INIT_LIST_HEAD(&gsm->tx_list);
2175 * gsm_activate_mux - generic GSM setup
2178 * Set up the bits of the mux which are the same for all framing
2179 * protocols. Add the mux to the mux table so it can be opened and
2180 * finally kick off connecting to DLCI 0 on the modem.
2183 static int gsm_activate_mux(struct gsm_mux *gsm)
2185 struct gsm_dlci *dlci;
2187 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2188 init_waitqueue_head(&gsm->event);
2189 spin_lock_init(&gsm->control_lock);
2190 spin_lock_init(&gsm->tx_lock);
2192 if (gsm->encoding == 0)
2193 gsm->receive = gsm0_receive;
2195 gsm->receive = gsm1_receive;
2197 dlci = gsm_dlci_alloc(gsm, 0);
2200 gsm->dead = false; /* Tty opens are now permissible */
2205 * gsm_free_mux - free up a mux
2208 * Dispose of allocated resources for a dead mux
2210 static void gsm_free_mux(struct gsm_mux *gsm)
2214 for (i = 0; i < MAX_MUX; i++) {
2215 if (gsm == gsm_mux[i]) {
2220 mutex_destroy(&gsm->mutex);
2221 kfree(gsm->txframe);
2227 * gsm_free_muxr - free up a mux
2228 * @ref: kreference to the mux to free
2230 * Dispose of allocated resources for a dead mux
2232 static void gsm_free_muxr(struct kref *ref)
2234 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2238 static inline void mux_get(struct gsm_mux *gsm)
2240 unsigned long flags;
2242 spin_lock_irqsave(&gsm_mux_lock, flags);
2243 kref_get(&gsm->ref);
2244 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2247 static inline void mux_put(struct gsm_mux *gsm)
2249 unsigned long flags;
2251 spin_lock_irqsave(&gsm_mux_lock, flags);
2252 kref_put(&gsm->ref, gsm_free_muxr);
2253 spin_unlock_irqrestore(&gsm_mux_lock, flags);
2256 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2258 return gsm->num * NUM_DLCI;
2261 static inline unsigned int mux_line_to_num(unsigned int line)
2263 return line / NUM_DLCI;
2267 * gsm_alloc_mux - allocate a mux
2269 * Creates a new mux ready for activation.
2272 static struct gsm_mux *gsm_alloc_mux(void)
2275 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2278 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2279 if (gsm->buf == NULL) {
2283 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
2284 if (gsm->txframe == NULL) {
2289 spin_lock_init(&gsm->lock);
2290 mutex_init(&gsm->mutex);
2291 kref_init(&gsm->ref);
2292 INIT_LIST_HEAD(&gsm->tx_list);
2300 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2302 gsm->dead = true; /* Avoid early tty opens */
2304 /* Store the instance to the mux array or abort if no space is
2307 spin_lock(&gsm_mux_lock);
2308 for (i = 0; i < MAX_MUX; i++) {
2315 spin_unlock(&gsm_mux_lock);
2317 mutex_destroy(&gsm->mutex);
2318 kfree(gsm->txframe);
2327 static void gsm_copy_config_values(struct gsm_mux *gsm,
2328 struct gsm_config *c)
2330 memset(c, 0, sizeof(*c));
2331 c->adaption = gsm->adaption;
2332 c->encapsulation = gsm->encoding;
2333 c->initiator = gsm->initiator;
2336 c->t3 = 0; /* Not supported */
2338 if (gsm->ftype == UIH)
2342 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2348 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2351 int need_restart = 0;
2353 /* Stuff we don't support yet - UI or I frame transport, windowing */
2354 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2356 /* Check the MRU/MTU range looks sane */
2357 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2361 if (c->encapsulation > 1) /* Basic, advanced, no I */
2363 if (c->initiator > 1)
2365 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2368 * See what is needed for reconfiguration
2372 if (c->t1 != 0 && c->t1 != gsm->t1)
2374 if (c->t2 != 0 && c->t2 != gsm->t2)
2376 if (c->encapsulation != gsm->encoding)
2378 if (c->adaption != gsm->adaption)
2381 if (c->initiator != gsm->initiator)
2383 if (c->mru != gsm->mru)
2385 if (c->mtu != gsm->mtu)
2389 * Close down what is needed, restart and initiate the new
2390 * configuration. On the first time there is no DLCI[0]
2391 * and closing or cleaning up is not necessary.
2393 if (need_close || need_restart)
2394 gsm_cleanup_mux(gsm, true);
2396 gsm->initiator = c->initiator;
2399 gsm->encoding = c->encapsulation;
2400 gsm->adaption = c->adaption;
2414 * FIXME: We need to separate activation/deactivation from adding
2415 * and removing from the mux array
2418 gsm_activate_mux(gsm);
2419 if (gsm->initiator && need_close)
2420 gsm_dlci_begin_open(gsm->dlci[0]);
2425 * gsmld_output - write to link
2427 * @data: bytes to output
2430 * Write a block of data from the GSM mux to the data channel. This
2431 * will eventually be serialized from above but at the moment isn't.
2434 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2436 if (tty_write_room(gsm->tty) < len) {
2437 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2441 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2443 return gsm->tty->ops->write(gsm->tty, data, len);
2447 * gsmld_attach_gsm - mode set up
2448 * @tty: our tty structure
2451 * Set up the MUX for basic mode and commence connecting to the
2452 * modem. Currently called from the line discipline set up but
2453 * will need moving to an ioctl path.
2456 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2461 gsm->tty = tty_kref_get(tty);
2462 /* Turn off tty XON/XOFF handling to handle it explicitly. */
2463 gsm->old_c_iflag = tty->termios.c_iflag;
2464 tty->termios.c_iflag &= (IXON | IXOFF);
2465 ret = gsm_activate_mux(gsm);
2467 tty_kref_put(gsm->tty);
2469 /* Don't register device 0 - this is the control channel and not
2470 a usable tty interface */
2471 base = mux_num_to_base(gsm); /* Base for this MUX */
2472 for (i = 1; i < NUM_DLCI; i++) {
2475 dev = tty_register_device(gsm_tty_driver,
2478 for (i--; i >= 1; i--)
2479 tty_unregister_device(gsm_tty_driver,
2481 return PTR_ERR(dev);
2490 * gsmld_detach_gsm - stop doing 0710 mux
2491 * @tty: tty attached to the mux
2494 * Shutdown and then clean up the resources used by the line discipline
2497 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2499 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2502 WARN_ON(tty != gsm->tty);
2503 for (i = 1; i < NUM_DLCI; i++)
2504 tty_unregister_device(gsm_tty_driver, base + i);
2505 /* Restore tty XON/XOFF handling. */
2506 gsm->tty->termios.c_iflag = gsm->old_c_iflag;
2507 tty_kref_put(gsm->tty);
2511 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2512 const char *fp, int count)
2514 struct gsm_mux *gsm = tty->disc_data;
2515 char flags = TTY_NORMAL;
2518 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2521 for (; count; count--, cp++) {
2526 gsm->receive(gsm, *cp);
2535 WARN_ONCE(1, "%s: unknown flag %d\n",
2536 tty_name(tty), flags);
2540 /* FASYNC if needed ? */
2541 /* If clogged call tty_throttle(tty); */
2545 * gsmld_flush_buffer - clean input queue
2546 * @tty: terminal device
2548 * Flush the input buffer. Called when the line discipline is
2549 * being closed, when the tty layer wants the buffer flushed (eg
2553 static void gsmld_flush_buffer(struct tty_struct *tty)
2558 * gsmld_close - close the ldisc for this tty
2561 * Called from the terminal layer when this line discipline is
2562 * being shut down, either because of a close or becsuse of a
2563 * discipline change. The function will not be called while other
2564 * ldisc methods are in progress.
2567 static void gsmld_close(struct tty_struct *tty)
2569 struct gsm_mux *gsm = tty->disc_data;
2571 /* The ldisc locks and closes the port before calling our close. This
2572 * means we have no way to do a proper disconnect. We will not bother
2575 gsm_cleanup_mux(gsm, false);
2577 gsmld_detach_gsm(tty, gsm);
2579 gsmld_flush_buffer(tty);
2580 /* Do other clean up here */
2585 * gsmld_open - open an ldisc
2586 * @tty: terminal to open
2588 * Called when this line discipline is being attached to the
2589 * terminal device. Can sleep. Called serialized so that no
2590 * other events will occur in parallel. No further open will occur
2594 static int gsmld_open(struct tty_struct *tty)
2596 struct gsm_mux *gsm;
2599 if (tty->ops->write == NULL)
2602 /* Attach our ldisc data */
2603 gsm = gsm_alloc_mux();
2607 tty->disc_data = gsm;
2608 tty->receive_room = 65536;
2610 /* Attach the initial passive connection */
2613 ret = gsmld_attach_gsm(tty, gsm);
2615 gsm_cleanup_mux(gsm, false);
2622 * gsmld_write_wakeup - asynchronous I/O notifier
2625 * Required for the ptys, serial driver etc. since processes
2626 * that attach themselves to the master and rely on ASYNC
2627 * IO must be woken up
2630 static void gsmld_write_wakeup(struct tty_struct *tty)
2632 struct gsm_mux *gsm = tty->disc_data;
2633 unsigned long flags;
2636 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2637 spin_lock_irqsave(&gsm->tx_lock, flags);
2638 gsm_data_kick(gsm, NULL);
2639 if (gsm->tx_bytes < TX_THRESH_LO) {
2640 gsm_dlci_data_sweep(gsm);
2642 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2646 * gsmld_read - read function for tty
2648 * @file: file object
2649 * @buf: userspace buffer pointer
2654 * Perform reads for the line discipline. We are guaranteed that the
2655 * line discipline will not be closed under us but we may get multiple
2656 * parallel readers and must handle this ourselves. We may also get
2657 * a hangup. Always called in user context, may sleep.
2659 * This code must be sure never to sleep through a hangup.
2662 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2663 unsigned char *buf, size_t nr,
2664 void **cookie, unsigned long offset)
2670 * gsmld_write - write function for tty
2672 * @file: file object
2673 * @buf: userspace buffer pointer
2676 * Called when the owner of the device wants to send a frame
2677 * itself (or some other control data). The data is transferred
2678 * as-is and must be properly framed and checksummed as appropriate
2679 * by userspace. Frames are either sent whole or not at all as this
2680 * avoids pain user side.
2683 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2684 const unsigned char *buf, size_t nr)
2686 int space = tty_write_room(tty);
2688 return tty->ops->write(tty, buf, nr);
2689 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2694 * gsmld_poll - poll method for N_GSM0710
2695 * @tty: terminal device
2696 * @file: file accessing it
2699 * Called when the line discipline is asked to poll() for data or
2700 * for special events. This code is not serialized with respect to
2701 * other events save open/close.
2703 * This code must be sure never to sleep through a hangup.
2704 * Called without the kernel lock held - fine
2707 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2711 struct gsm_mux *gsm = tty->disc_data;
2713 poll_wait(file, &tty->read_wait, wait);
2714 poll_wait(file, &tty->write_wait, wait);
2715 if (tty_hung_up_p(file))
2717 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2718 mask |= EPOLLOUT | EPOLLWRNORM;
2724 static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd,
2727 struct gsm_config c;
2728 struct gsm_mux *gsm = tty->disc_data;
2732 case GSMIOC_GETCONF:
2733 gsm_copy_config_values(gsm, &c);
2734 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2737 case GSMIOC_SETCONF:
2738 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2740 return gsm_config(gsm, &c);
2741 case GSMIOC_GETFIRST:
2742 base = mux_num_to_base(gsm);
2743 return put_user(base + 1, (__u32 __user *)arg);
2745 return n_tty_ioctl_helper(tty, cmd, arg);
2754 static int gsm_mux_net_open(struct net_device *net)
2756 pr_debug("%s called\n", __func__);
2757 netif_start_queue(net);
2761 static int gsm_mux_net_close(struct net_device *net)
2763 netif_stop_queue(net);
2767 static void dlci_net_free(struct gsm_dlci *dlci)
2773 dlci->adaption = dlci->prev_adaption;
2774 dlci->data = dlci->prev_data;
2775 free_netdev(dlci->net);
2778 static void net_free(struct kref *ref)
2780 struct gsm_mux_net *mux_net;
2781 struct gsm_dlci *dlci;
2783 mux_net = container_of(ref, struct gsm_mux_net, ref);
2784 dlci = mux_net->dlci;
2787 unregister_netdev(dlci->net);
2788 dlci_net_free(dlci);
2792 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2794 kref_get(&mux_net->ref);
2797 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2799 kref_put(&mux_net->ref, net_free);
2802 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2803 struct net_device *net)
2805 struct gsm_mux_net *mux_net = netdev_priv(net);
2806 struct gsm_dlci *dlci = mux_net->dlci;
2807 muxnet_get(mux_net);
2809 skb_queue_head(&dlci->skb_list, skb);
2810 net->stats.tx_packets++;
2811 net->stats.tx_bytes += skb->len;
2812 gsm_dlci_data_kick(dlci);
2813 /* And tell the kernel when the last transmit started. */
2814 netif_trans_update(net);
2815 muxnet_put(mux_net);
2816 return NETDEV_TX_OK;
2819 /* called when a packet did not ack after watchdogtimeout */
2820 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2822 /* Tell syslog we are hosed. */
2823 dev_dbg(&net->dev, "Tx timed out.\n");
2825 /* Update statistics */
2826 net->stats.tx_errors++;
2829 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2830 const unsigned char *in_buf, int size)
2832 struct net_device *net = dlci->net;
2833 struct sk_buff *skb;
2834 struct gsm_mux_net *mux_net = netdev_priv(net);
2835 muxnet_get(mux_net);
2837 /* Allocate an sk_buff */
2838 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2840 /* We got no receive buffer. */
2841 net->stats.rx_dropped++;
2842 muxnet_put(mux_net);
2845 skb_reserve(skb, NET_IP_ALIGN);
2846 skb_put_data(skb, in_buf, size);
2849 skb->protocol = htons(ETH_P_IP);
2851 /* Ship it off to the kernel */
2854 /* update out statistics */
2855 net->stats.rx_packets++;
2856 net->stats.rx_bytes += size;
2857 muxnet_put(mux_net);
2861 static void gsm_mux_net_init(struct net_device *net)
2863 static const struct net_device_ops gsm_netdev_ops = {
2864 .ndo_open = gsm_mux_net_open,
2865 .ndo_stop = gsm_mux_net_close,
2866 .ndo_start_xmit = gsm_mux_net_start_xmit,
2867 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2870 net->netdev_ops = &gsm_netdev_ops;
2872 /* fill in the other fields */
2873 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2874 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2875 net->type = ARPHRD_NONE;
2876 net->tx_queue_len = 10;
2880 /* caller holds the dlci mutex */
2881 static void gsm_destroy_network(struct gsm_dlci *dlci)
2883 struct gsm_mux_net *mux_net;
2885 pr_debug("destroy network interface\n");
2888 mux_net = netdev_priv(dlci->net);
2889 muxnet_put(mux_net);
2893 /* caller holds the dlci mutex */
2894 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2898 struct net_device *net;
2899 struct gsm_mux_net *mux_net;
2901 if (!capable(CAP_NET_ADMIN))
2904 /* Already in a non tty mode */
2905 if (dlci->adaption > 2)
2908 if (nc->protocol != htons(ETH_P_IP))
2909 return -EPROTONOSUPPORT;
2911 if (nc->adaption != 3 && nc->adaption != 4)
2912 return -EPROTONOSUPPORT;
2914 pr_debug("create network interface\n");
2917 if (nc->if_name[0] != '\0')
2918 netname = nc->if_name;
2919 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2920 NET_NAME_UNKNOWN, gsm_mux_net_init);
2922 pr_err("alloc_netdev failed\n");
2925 net->mtu = dlci->gsm->mtu;
2927 net->max_mtu = dlci->gsm->mtu;
2928 mux_net = netdev_priv(net);
2929 mux_net->dlci = dlci;
2930 kref_init(&mux_net->ref);
2931 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2933 /* reconfigure dlci for network */
2934 dlci->prev_adaption = dlci->adaption;
2935 dlci->prev_data = dlci->data;
2936 dlci->adaption = nc->adaption;
2937 dlci->data = gsm_mux_rx_netchar;
2940 pr_debug("register netdev\n");
2941 retval = register_netdev(net);
2943 pr_err("network register fail %d\n", retval);
2944 dlci_net_free(dlci);
2947 return net->ifindex; /* return network index */
2950 /* Line discipline for real tty */
2951 static struct tty_ldisc_ops tty_ldisc_packet = {
2952 .owner = THIS_MODULE,
2956 .close = gsmld_close,
2957 .flush_buffer = gsmld_flush_buffer,
2959 .write = gsmld_write,
2960 .ioctl = gsmld_ioctl,
2962 .receive_buf = gsmld_receive_buf,
2963 .write_wakeup = gsmld_write_wakeup
2973 * gsm_modem_upd_via_data - send modem bits via convergence layer
2975 * @brk: break signal
2977 * Send an empty frame to signal mobile state changes and to transmit the
2978 * break signal for adaption 2.
2981 static void gsm_modem_upd_via_data(struct gsm_dlci *dlci, u8 brk)
2983 struct gsm_mux *gsm = dlci->gsm;
2984 unsigned long flags;
2986 if (dlci->state != DLCI_OPEN || dlci->adaption != 2)
2989 spin_lock_irqsave(&gsm->tx_lock, flags);
2990 gsm_dlci_modem_output(gsm, dlci, brk);
2991 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2995 * gsm_modem_upd_via_msc - send modem bits via control frame
2997 * @brk: break signal
3000 static int gsm_modem_upd_via_msc(struct gsm_dlci *dlci, u8 brk)
3003 struct gsm_control *ctrl;
3006 if (dlci->gsm->encoding != 0)
3009 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
3011 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
3013 modembits[1] = gsm_encode_modem(dlci) << 1;
3014 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
3017 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
3020 return gsm_control_wait(dlci->gsm, ctrl);
3024 * gsm_modem_update - send modem status line state
3026 * @brk: break signal
3029 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk)
3031 if (dlci->adaption == 2) {
3032 /* Send convergence layer type 2 empty data frame. */
3033 gsm_modem_upd_via_data(dlci, brk);
3035 } else if (dlci->gsm->encoding == 0) {
3036 /* Send as MSC control message. */
3037 return gsm_modem_upd_via_msc(dlci, brk);
3040 /* Modem status lines are not supported. */
3041 return -EPROTONOSUPPORT;
3044 static int gsm_carrier_raised(struct tty_port *port)
3046 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3047 struct gsm_mux *gsm = dlci->gsm;
3049 /* Not yet open so no carrier info */
3050 if (dlci->state != DLCI_OPEN)
3056 * Basic mode with control channel in ADM mode may not respond
3057 * to CMD_MSC at all and modem_rx is empty.
3059 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
3063 return dlci->modem_rx & TIOCM_CD;
3066 static void gsm_dtr_rts(struct tty_port *port, int onoff)
3068 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
3069 unsigned int modem_tx = dlci->modem_tx;
3071 modem_tx |= TIOCM_DTR | TIOCM_RTS;
3073 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
3074 if (modem_tx != dlci->modem_tx) {
3075 dlci->modem_tx = modem_tx;
3076 gsm_modem_update(dlci, 0);
3080 static const struct tty_port_operations gsm_port_ops = {
3081 .carrier_raised = gsm_carrier_raised,
3082 .dtr_rts = gsm_dtr_rts,
3083 .destruct = gsm_dlci_free,
3086 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
3088 struct gsm_mux *gsm;
3089 struct gsm_dlci *dlci;
3090 unsigned int line = tty->index;
3091 unsigned int mux = mux_line_to_num(line);
3099 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
3100 if (gsm_mux[mux] == NULL)
3102 if (line == 0 || line > 61) /* 62/63 reserved */
3107 /* If DLCI 0 is not yet fully open return an error.
3108 This is ok from a locking
3109 perspective as we don't have to worry about this
3111 mutex_lock(&gsm->mutex);
3112 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
3113 mutex_unlock(&gsm->mutex);
3116 dlci = gsm->dlci[line];
3119 dlci = gsm_dlci_alloc(gsm, line);
3122 mutex_unlock(&gsm->mutex);
3125 ret = tty_port_install(&dlci->port, driver, tty);
3129 mutex_unlock(&gsm->mutex);
3134 dlci_get(gsm->dlci[0]);
3136 tty->driver_data = dlci;
3137 mutex_unlock(&gsm->mutex);
3142 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3144 struct gsm_dlci *dlci = tty->driver_data;
3145 struct tty_port *port = &dlci->port;
3146 struct gsm_mux *gsm = dlci->gsm;
3149 tty_port_tty_set(port, tty);
3152 /* We could in theory open and close before we wait - eg if we get
3153 a DM straight back. This is ok as that will have caused a hangup */
3154 tty_port_set_initialized(port, 1);
3155 /* Start sending off SABM messages */
3157 gsm_dlci_begin_open(dlci);
3158 /* And wait for virtual carrier */
3159 return tty_port_block_til_ready(port, tty, filp);
3162 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3164 struct gsm_dlci *dlci = tty->driver_data;
3168 if (dlci->state == DLCI_CLOSED)
3170 mutex_lock(&dlci->mutex);
3171 gsm_destroy_network(dlci);
3172 mutex_unlock(&dlci->mutex);
3173 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3175 gsm_dlci_begin_close(dlci);
3176 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3177 tty_port_lower_dtr_rts(&dlci->port);
3178 tty_port_close_end(&dlci->port, tty);
3179 tty_port_tty_set(&dlci->port, NULL);
3183 static void gsmtty_hangup(struct tty_struct *tty)
3185 struct gsm_dlci *dlci = tty->driver_data;
3186 if (dlci->state == DLCI_CLOSED)
3188 tty_port_hangup(&dlci->port);
3189 gsm_dlci_begin_close(dlci);
3192 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3196 struct gsm_dlci *dlci = tty->driver_data;
3197 if (dlci->state == DLCI_CLOSED)
3199 /* Stuff the bytes into the fifo queue */
3200 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3201 /* Need to kick the channel */
3202 gsm_dlci_data_kick(dlci);
3206 static unsigned int gsmtty_write_room(struct tty_struct *tty)
3208 struct gsm_dlci *dlci = tty->driver_data;
3209 if (dlci->state == DLCI_CLOSED)
3211 return TX_SIZE - kfifo_len(&dlci->fifo);
3214 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty)
3216 struct gsm_dlci *dlci = tty->driver_data;
3217 if (dlci->state == DLCI_CLOSED)
3219 return kfifo_len(&dlci->fifo);
3222 static void gsmtty_flush_buffer(struct tty_struct *tty)
3224 struct gsm_dlci *dlci = tty->driver_data;
3225 unsigned long flags;
3227 if (dlci->state == DLCI_CLOSED)
3229 /* Caution needed: If we implement reliable transport classes
3230 then the data being transmitted can't simply be junked once
3231 it has first hit the stack. Until then we can just blow it
3233 spin_lock_irqsave(&dlci->lock, flags);
3234 kfifo_reset(&dlci->fifo);
3235 spin_unlock_irqrestore(&dlci->lock, flags);
3236 /* Need to unhook this DLCI from the transmit queue logic */
3239 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3241 /* The FIFO handles the queue so the kernel will do the right
3242 thing waiting on chars_in_buffer before calling us. No work
3246 static int gsmtty_tiocmget(struct tty_struct *tty)
3248 struct gsm_dlci *dlci = tty->driver_data;
3249 if (dlci->state == DLCI_CLOSED)
3251 return dlci->modem_rx;
3254 static int gsmtty_tiocmset(struct tty_struct *tty,
3255 unsigned int set, unsigned int clear)
3257 struct gsm_dlci *dlci = tty->driver_data;
3258 unsigned int modem_tx = dlci->modem_tx;
3260 if (dlci->state == DLCI_CLOSED)
3265 if (modem_tx != dlci->modem_tx) {
3266 dlci->modem_tx = modem_tx;
3267 return gsm_modem_update(dlci, 0);
3273 static int gsmtty_ioctl(struct tty_struct *tty,
3274 unsigned int cmd, unsigned long arg)
3276 struct gsm_dlci *dlci = tty->driver_data;
3277 struct gsm_netconfig nc;
3280 if (dlci->state == DLCI_CLOSED)
3283 case GSMIOC_ENABLE_NET:
3284 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3286 nc.if_name[IFNAMSIZ-1] = '\0';
3287 /* return net interface index or error code */
3288 mutex_lock(&dlci->mutex);
3289 index = gsm_create_network(dlci, &nc);
3290 mutex_unlock(&dlci->mutex);
3291 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3294 case GSMIOC_DISABLE_NET:
3295 if (!capable(CAP_NET_ADMIN))
3297 mutex_lock(&dlci->mutex);
3298 gsm_destroy_network(dlci);
3299 mutex_unlock(&dlci->mutex);
3302 return -ENOIOCTLCMD;
3306 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3308 struct gsm_dlci *dlci = tty->driver_data;
3309 if (dlci->state == DLCI_CLOSED)
3311 /* For the moment its fixed. In actual fact the speed information
3312 for the virtual channel can be propogated in both directions by
3313 the RPN control message. This however rapidly gets nasty as we
3314 then have to remap modem signals each way according to whether
3315 our virtual cable is null modem etc .. */
3316 tty_termios_copy_hw(&tty->termios, old);
3319 static void gsmtty_throttle(struct tty_struct *tty)
3321 struct gsm_dlci *dlci = tty->driver_data;
3322 if (dlci->state == DLCI_CLOSED)
3325 dlci->modem_tx &= ~TIOCM_RTS;
3326 dlci->throttled = true;
3327 /* Send an MSC with RTS cleared */
3328 gsm_modem_update(dlci, 0);
3331 static void gsmtty_unthrottle(struct tty_struct *tty)
3333 struct gsm_dlci *dlci = tty->driver_data;
3334 if (dlci->state == DLCI_CLOSED)
3337 dlci->modem_tx |= TIOCM_RTS;
3338 dlci->throttled = false;
3339 /* Send an MSC with RTS set */
3340 gsm_modem_update(dlci, 0);
3343 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3345 struct gsm_dlci *dlci = tty->driver_data;
3346 int encode = 0; /* Off */
3347 if (dlci->state == DLCI_CLOSED)
3350 if (state == -1) /* "On indefinitely" - we can't encode this
3353 else if (state > 0) {
3354 encode = state / 200; /* mS to encoding */
3356 encode = 0x0F; /* Best effort */
3358 return gsm_modem_update(dlci, encode);
3361 static void gsmtty_cleanup(struct tty_struct *tty)
3363 struct gsm_dlci *dlci = tty->driver_data;
3364 struct gsm_mux *gsm = dlci->gsm;
3367 dlci_put(gsm->dlci[0]);
3371 /* Virtual ttys for the demux */
3372 static const struct tty_operations gsmtty_ops = {
3373 .install = gsmtty_install,
3374 .open = gsmtty_open,
3375 .close = gsmtty_close,
3376 .write = gsmtty_write,
3377 .write_room = gsmtty_write_room,
3378 .chars_in_buffer = gsmtty_chars_in_buffer,
3379 .flush_buffer = gsmtty_flush_buffer,
3380 .ioctl = gsmtty_ioctl,
3381 .throttle = gsmtty_throttle,
3382 .unthrottle = gsmtty_unthrottle,
3383 .set_termios = gsmtty_set_termios,
3384 .hangup = gsmtty_hangup,
3385 .wait_until_sent = gsmtty_wait_until_sent,
3386 .tiocmget = gsmtty_tiocmget,
3387 .tiocmset = gsmtty_tiocmset,
3388 .break_ctl = gsmtty_break_ctl,
3389 .cleanup = gsmtty_cleanup,
3394 static int __init gsm_init(void)
3396 /* Fill in our line protocol discipline, and register it */
3397 int status = tty_register_ldisc(&tty_ldisc_packet);
3399 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3404 gsm_tty_driver = tty_alloc_driver(256, TTY_DRIVER_REAL_RAW |
3405 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK);
3406 if (IS_ERR(gsm_tty_driver)) {
3407 pr_err("gsm_init: tty allocation failed.\n");
3408 status = PTR_ERR(gsm_tty_driver);
3409 goto err_unreg_ldisc;
3411 gsm_tty_driver->driver_name = "gsmtty";
3412 gsm_tty_driver->name = "gsmtty";
3413 gsm_tty_driver->major = 0; /* Dynamic */
3414 gsm_tty_driver->minor_start = 0;
3415 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3416 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3417 gsm_tty_driver->init_termios = tty_std_termios;
3419 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3420 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3422 if (tty_register_driver(gsm_tty_driver)) {
3423 pr_err("gsm_init: tty registration failed.\n");
3425 goto err_put_driver;
3427 pr_debug("gsm_init: loaded as %d,%d.\n",
3428 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3431 tty_driver_kref_put(gsm_tty_driver);
3433 tty_unregister_ldisc(&tty_ldisc_packet);
3437 static void __exit gsm_exit(void)
3439 tty_unregister_ldisc(&tty_ldisc_packet);
3440 tty_unregister_driver(gsm_tty_driver);
3441 tty_driver_kref_put(gsm_tty_driver);
3444 module_init(gsm_init);
3445 module_exit(gsm_exit);
3448 MODULE_LICENSE("GPL");
3449 MODULE_ALIAS_LDISC(N_GSM0710);
projects / linux-2.6-microblaze.git / blob