1/* 2 * n_gsm.c GSM 0710 tty multiplexor 3 * Copyright (c) 2009/10 Intel Corporation 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 * 18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 19 * 20 * TO DO: 21 * Mostly done: ioctls for setting modes/timing 22 * Partly done: hooks so you can pull off frames to non tty devs 23 * Restart DLCI 0 when it closes ? 24 * Improve the tx engine 25 * Resolve tx side locking by adding a queue_head and routing 26 * all control traffic via it 27 * General tidy/document 28 * Review the locking/move to refcounts more (mux now moved to an 29 * alloc/free model ready) 30 * Use newest tty open/close port helpers and install hooks 31 * What to do about power functions ? 32 * Termios setting and negotiation 33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 34 * 35 */ 36 37#include <linux/types.h> 38#include <linux/major.h> 39#include <linux/errno.h> 40#include <linux/signal.h> 41#include <linux/fcntl.h> 42#include <linux/sched.h> 43#include <linux/interrupt.h> 44#include <linux/tty.h> 45#include <linux/ctype.h> 46#include <linux/mm.h> 47#include <linux/string.h> 48#include <linux/slab.h> 49#include <linux/poll.h> 50#include <linux/bitops.h> 51#include <linux/file.h> 52#include <linux/uaccess.h> 53#include <linux/module.h> 54#include <linux/timer.h> 55#include <linux/tty_flip.h> 56#include <linux/tty_driver.h> 57#include <linux/serial.h> 58#include <linux/kfifo.h> 59#include <linux/skbuff.h> 60#include <net/arp.h> 61#include <linux/ip.h> 62#include <linux/netdevice.h> 63#include <linux/etherdevice.h> 64#include <linux/gsmmux.h> 65 66static int debug; 67module_param(debug, int, 0600); 68 69/* Defaults: these are from the specification */ 70 71#define T1 10 /* 100mS */ 72#define T2 34 /* 333mS */ 73#define N2 3 /* Retry 3 times */ 74 75/* Use long timers for testing at low speed with debug on */ 76#ifdef DEBUG_TIMING 77#define T1 100 78#define T2 200 79#endif 80 81/* 82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 83 * limits so this is plenty 84 */ 85#define MAX_MRU 1500 86#define MAX_MTU 1500 87#define GSM_NET_TX_TIMEOUT (HZ*10) 88 89/** 90 * struct gsm_mux_net - network interface 91 * @struct gsm_dlci* dlci 92 * @struct net_device_stats stats; 93 * 94 * Created when net interface is initialized. 95 **/ 96struct gsm_mux_net { 97 struct kref ref; 98 struct gsm_dlci *dlci; 99 struct net_device_stats stats; 100}; 101 102#define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats) 103 104/* 105 * Each block of data we have queued to go out is in the form of 106 * a gsm_msg which holds everything we need in a link layer independent 107 * format 108 */ 109 110struct gsm_msg { 111 struct list_head list; 112 u8 addr; /* DLCI address + flags */ 113 u8 ctrl; /* Control byte + flags */ 114 unsigned int len; /* Length of data block (can be zero) */ 115 unsigned char *data; /* Points into buffer but not at the start */ 116 unsigned char buffer[0]; 117}; 118 119/* 120 * Each active data link has a gsm_dlci structure associated which ties 121 * the link layer to an optional tty (if the tty side is open). To avoid 122 * complexity right now these are only ever freed up when the mux is 123 * shut down. 124 * 125 * At the moment we don't free DLCI objects until the mux is torn down 126 * this avoid object life time issues but might be worth review later. 127 */ 128 129struct gsm_dlci { 130 struct gsm_mux *gsm; 131 int addr; 132 int state; 133#define DLCI_CLOSED 0 134#define DLCI_OPENING 1 /* Sending SABM not seen UA */ 135#define DLCI_OPEN 2 /* SABM/UA complete */ 136#define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */ 137 struct mutex mutex; 138 139 /* Link layer */ 140 spinlock_t lock; /* Protects the internal state */ 141 struct timer_list t1; /* Retransmit timer for SABM and UA */ 142 int retries; 143 /* Uplink tty if active */ 144 struct tty_port port; /* The tty bound to this DLCI if there is one */ 145 struct kfifo *fifo; /* Queue fifo for the DLCI */ 146 struct kfifo _fifo; /* For new fifo API porting only */ 147 int adaption; /* Adaption layer in use */ 148 int prev_adaption; 149 u32 modem_rx; /* Our incoming virtual modem lines */ 150 u32 modem_tx; /* Our outgoing modem lines */ 151 int dead; /* Refuse re-open */ 152 /* Flow control */ 153 int throttled; /* Private copy of throttle state */ 154 int constipated; /* Throttle status for outgoing */ 155 /* Packetised I/O */ 156 struct sk_buff *skb; /* Frame being sent */ 157 struct sk_buff_head skb_list; /* Queued frames */ 158 /* Data handling callback */ 159 void (*data)(struct gsm_dlci *dlci, u8 *data, int len); 160 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len); 161 struct net_device *net; /* network interface, if created */ 162}; 163 164/* DLCI 0, 62/63 are special or reseved see gsmtty_open */ 165 166#define NUM_DLCI 64 167 168/* 169 * DLCI 0 is used to pass control blocks out of band of the data 170 * flow (and with a higher link priority). One command can be outstanding 171 * at a time and we use this structure to manage them. They are created 172 * and destroyed by the user context, and updated by the receive paths 173 * and timers 174 */ 175 176struct gsm_control { 177 u8 cmd; /* Command we are issuing */ 178 u8 *data; /* Data for the command in case we retransmit */ 179 int len; /* Length of block for retransmission */ 180 int done; /* Done flag */ 181 int error; /* Error if any */ 182}; 183 184/* 185 * Each GSM mux we have is represented by this structure. If we are 186 * operating as an ldisc then we use this structure as our ldisc 187 * state. We need to sort out lifetimes and locking with respect 188 * to the gsm mux array. For now we don't free DLCI objects that 189 * have been instantiated until the mux itself is terminated. 190 * 191 * To consider further: tty open versus mux shutdown. 192 */ 193 194struct gsm_mux { 195 struct tty_struct *tty; /* The tty our ldisc is bound to */ 196 spinlock_t lock; 197 struct mutex mutex; 198 unsigned int num; 199 struct kref ref; 200 201 /* Events on the GSM channel */ 202 wait_queue_head_t event; 203 204 /* Bits for GSM mode decoding */ 205 206 /* Framing Layer */ 207 unsigned char *buf; 208 int state; 209#define GSM_SEARCH 0 210#define GSM_START 1 211#define GSM_ADDRESS 2 212#define GSM_CONTROL 3 213#define GSM_LEN 4 214#define GSM_DATA 5 215#define GSM_FCS 6 216#define GSM_OVERRUN 7 217#define GSM_LEN0 8 218#define GSM_LEN1 9 219#define GSM_SSOF 10 220 unsigned int len; 221 unsigned int address; 222 unsigned int count; 223 int escape; 224 int encoding; 225 u8 control; 226 u8 fcs; 227 u8 received_fcs; 228 u8 *txframe; /* TX framing buffer */ 229 230 /* Methods for the receiver side */ 231 void (*receive)(struct gsm_mux *gsm, u8 ch); 232 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag); 233 /* And transmit side */ 234 int (*output)(struct gsm_mux *mux, u8 *data, int len); 235 236 /* Link Layer */ 237 unsigned int mru; 238 unsigned int mtu; 239 int initiator; /* Did we initiate connection */ 240 int dead; /* Has the mux been shut down */ 241 struct gsm_dlci *dlci[NUM_DLCI]; 242 int constipated; /* Asked by remote to shut up */ 243 244 spinlock_t tx_lock; 245 unsigned int tx_bytes; /* TX data outstanding */ 246#define TX_THRESH_HI 8192 247#define TX_THRESH_LO 2048 248 struct list_head tx_list; /* Pending data packets */ 249 250 /* Control messages */ 251 struct timer_list t2_timer; /* Retransmit timer for commands */ 252 int cretries; /* Command retry counter */ 253 struct gsm_control *pending_cmd;/* Our current pending command */ 254 spinlock_t control_lock; /* Protects the pending command */ 255 256 /* Configuration */ 257 int adaption; /* 1 or 2 supported */ 258 u8 ftype; /* UI or UIH */ 259 int t1, t2; /* Timers in 1/100th of a sec */ 260 int n2; /* Retry count */ 261 262 /* Statistics (not currently exposed) */ 263 unsigned long bad_fcs; 264 unsigned long malformed; 265 unsigned long io_error; 266 unsigned long bad_size; 267 unsigned long unsupported; 268}; 269 270 271/* 272 * Mux objects - needed so that we can translate a tty index into the 273 * relevant mux and DLCI. 274 */ 275 276#define MAX_MUX 4 /* 256 minors */ 277static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 278static spinlock_t gsm_mux_lock; 279 280static struct tty_driver *gsm_tty_driver; 281 282/* 283 * This section of the driver logic implements the GSM encodings 284 * both the basic and the 'advanced'. Reliable transport is not 285 * supported. 286 */ 287 288#define CR 0x02 289#define EA 0x01 290#define PF 0x10 291 292/* I is special: the rest are ..*/ 293#define RR 0x01 294#define UI 0x03 295#define RNR 0x05 296#define REJ 0x09 297#define DM 0x0F 298#define SABM 0x2F 299#define DISC 0x43 300#define UA 0x63 301#define UIH 0xEF 302 303/* Channel commands */ 304#define CMD_NSC 0x09 305#define CMD_TEST 0x11 306#define CMD_PSC 0x21 307#define CMD_RLS 0x29 308#define CMD_FCOFF 0x31 309#define CMD_PN 0x41 310#define CMD_RPN 0x49 311#define CMD_FCON 0x51 312#define CMD_CLD 0x61 313#define CMD_SNC 0x69 314#define CMD_MSC 0x71 315 316/* Virtual modem bits */ 317#define MDM_FC 0x01 318#define MDM_RTC 0x02 319#define MDM_RTR 0x04 320#define MDM_IC 0x20 321#define MDM_DV 0x40 322 323#define GSM0_SOF 0xF9 324#define GSM1_SOF 0x7E 325#define GSM1_ESCAPE 0x7D 326#define GSM1_ESCAPE_BITS 0x20 327#define XON 0x11 328#define XOFF 0x13 329 330static const struct tty_port_operations gsm_port_ops; 331 332/* 333 * CRC table for GSM 0710 334 */ 335 336static const u8 gsm_fcs8[256] = { 337 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 338 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 339 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 340 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 341 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 342 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 343 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 344 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 345 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 346 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 347 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 348 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 349 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 350 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 351 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 352 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 353 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 354 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 355 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 356 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 357 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 358 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 359 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 360 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 361 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 362 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 363 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 364 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 365 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 366 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 367 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 368 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 369}; 370 371#define INIT_FCS 0xFF 372#define GOOD_FCS 0xCF 373 374/** 375 * gsm_fcs_add - update FCS 376 * @fcs: Current FCS 377 * @c: Next data 378 * 379 * Update the FCS to include c. Uses the algorithm in the specification 380 * notes. 381 */ 382 383static inline u8 gsm_fcs_add(u8 fcs, u8 c) 384{ 385 return gsm_fcs8[fcs ^ c]; 386} 387 388/** 389 * gsm_fcs_add_block - update FCS for a block 390 * @fcs: Current FCS 391 * @c: buffer of data 392 * @len: length of buffer 393 * 394 * Update the FCS to include c. Uses the algorithm in the specification 395 * notes. 396 */ 397 398static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 399{ 400 while (len--) 401 fcs = gsm_fcs8[fcs ^ *c++]; 402 return fcs; 403} 404 405/** 406 * gsm_read_ea - read a byte into an EA 407 * @val: variable holding value 408 * c: byte going into the EA 409 * 410 * Processes one byte of an EA. Updates the passed variable 411 * and returns 1 if the EA is now completely read 412 */ 413 414static int gsm_read_ea(unsigned int *val, u8 c) 415{ 416 /* Add the next 7 bits into the value */ 417 *val <<= 7; 418 *val |= c >> 1; 419 /* Was this the last byte of the EA 1 = yes*/ 420 return c & EA; 421} 422 423/** 424 * gsm_encode_modem - encode modem data bits 425 * @dlci: DLCI to encode from 426 * 427 * Returns the correct GSM encoded modem status bits (6 bit field) for 428 * the current status of the DLCI and attached tty object 429 */ 430 431static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 432{ 433 u8 modembits = 0; 434 /* FC is true flow control not modem bits */ 435 if (dlci->throttled) 436 modembits |= MDM_FC; 437 if (dlci->modem_tx & TIOCM_DTR) 438 modembits |= MDM_RTC; 439 if (dlci->modem_tx & TIOCM_RTS) 440 modembits |= MDM_RTR; 441 if (dlci->modem_tx & TIOCM_RI) 442 modembits |= MDM_IC; 443 if (dlci->modem_tx & TIOCM_CD) 444 modembits |= MDM_DV; 445 return modembits; 446} 447 448/** 449 * gsm_print_packet - display a frame for debug 450 * @hdr: header to print before decode 451 * @addr: address EA from the frame 452 * @cr: C/R bit from the frame 453 * @control: control including PF bit 454 * @data: following data bytes 455 * @dlen: length of data 456 * 457 * Displays a packet in human readable format for debugging purposes. The 458 * style is based on amateur radio LAP-B dump display. 459 */ 460 461static void gsm_print_packet(const char *hdr, int addr, int cr, 462 u8 control, const u8 *data, int dlen) 463{ 464 if (!(debug & 1)) 465 return; 466 467 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 468 469 switch (control & ~PF) { 470 case SABM: 471 pr_cont("SABM"); 472 break; 473 case UA: 474 pr_cont("UA"); 475 break; 476 case DISC: 477 pr_cont("DISC"); 478 break; 479 case DM: 480 pr_cont("DM"); 481 break; 482 case UI: 483 pr_cont("UI"); 484 break; 485 case UIH: 486 pr_cont("UIH"); 487 break; 488 default: 489 if (!(control & 0x01)) { 490 pr_cont("I N(S)%d N(R)%d", 491 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 492 } else switch (control & 0x0F) { 493 case RR: 494 pr_cont("RR(%d)", (control & 0xE0) >> 5); 495 break; 496 case RNR: 497 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 498 break; 499 case REJ: 500 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 501 break; 502 default: 503 pr_cont("[%02X]", control); 504 } 505 } 506 507 if (control & PF) 508 pr_cont("(P)"); 509 else 510 pr_cont("(F)"); 511 512 if (dlen) { 513 int ct = 0; 514 while (dlen--) { 515 if (ct % 8 == 0) { 516 pr_cont("\n"); 517 pr_debug(" "); 518 } 519 pr_cont("%02X ", *data++); 520 ct++; 521 } 522 } 523 pr_cont("\n"); 524} 525 526 527/* 528 * Link level transmission side 529 */ 530 531/** 532 * gsm_stuff_packet - bytestuff a packet 533 * @ibuf: input 534 * @obuf: output 535 * @len: length of input 536 * 537 * Expand a buffer by bytestuffing it. The worst case size change 538 * is doubling and the caller is responsible for handing out 539 * suitable sized buffers. 540 */ 541 542static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 543{ 544 int olen = 0; 545 while (len--) { 546 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 547 || *input == XON || *input == XOFF) { 548 *output++ = GSM1_ESCAPE; 549 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 550 olen++; 551 } else 552 *output++ = *input++; 553 olen++; 554 } 555 return olen; 556} 557 558/** 559 * gsm_send - send a control frame 560 * @gsm: our GSM mux 561 * @addr: address for control frame 562 * @cr: command/response bit 563 * @control: control byte including PF bit 564 * 565 * Format up and transmit a control frame. These do not go via the 566 * queueing logic as they should be transmitted ahead of data when 567 * they are needed. 568 * 569 * FIXME: Lock versus data TX path 570 */ 571 572static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 573{ 574 int len; 575 u8 cbuf[10]; 576 u8 ibuf[3]; 577 578 switch (gsm->encoding) { 579 case 0: 580 cbuf[0] = GSM0_SOF; 581 cbuf[1] = (addr << 2) | (cr << 1) | EA; 582 cbuf[2] = control; 583 cbuf[3] = EA; /* Length of data = 0 */ 584 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 585 cbuf[5] = GSM0_SOF; 586 len = 6; 587 break; 588 case 1: 589 case 2: 590 /* Control frame + packing (but not frame stuffing) in mode 1 */ 591 ibuf[0] = (addr << 2) | (cr << 1) | EA; 592 ibuf[1] = control; 593 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 594 /* Stuffing may double the size worst case */ 595 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 596 /* Now add the SOF markers */ 597 cbuf[0] = GSM1_SOF; 598 cbuf[len + 1] = GSM1_SOF; 599 /* FIXME: we can omit the lead one in many cases */ 600 len += 2; 601 break; 602 default: 603 WARN_ON(1); 604 return; 605 } 606 gsm->output(gsm, cbuf, len); 607 gsm_print_packet("-->", addr, cr, control, NULL, 0); 608} 609 610/** 611 * gsm_response - send a control response 612 * @gsm: our GSM mux 613 * @addr: address for control frame 614 * @control: control byte including PF bit 615 * 616 * Format up and transmit a link level response frame. 617 */ 618 619static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 620{ 621 gsm_send(gsm, addr, 0, control); 622} 623 624/** 625 * gsm_command - send a control command 626 * @gsm: our GSM mux 627 * @addr: address for control frame 628 * @control: control byte including PF bit 629 * 630 * Format up and transmit a link level command frame. 631 */ 632 633static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 634{ 635 gsm_send(gsm, addr, 1, control); 636} 637 638/* Data transmission */ 639 640#define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 641 642/** 643 * gsm_data_alloc - allocate data frame 644 * @gsm: GSM mux 645 * @addr: DLCI address 646 * @len: length excluding header and FCS 647 * @ctrl: control byte 648 * 649 * Allocate a new data buffer for sending frames with data. Space is left 650 * at the front for header bytes but that is treated as an implementation 651 * detail and not for the high level code to use 652 */ 653 654static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 655 u8 ctrl) 656{ 657 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 658 GFP_ATOMIC); 659 if (m == NULL) 660 return NULL; 661 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 662 m->len = len; 663 m->addr = addr; 664 m->ctrl = ctrl; 665 INIT_LIST_HEAD(&m->list); 666 return m; 667} 668 669/** 670 * gsm_data_kick - poke the queue 671 * @gsm: GSM Mux 672 * 673 * The tty device has called us to indicate that room has appeared in 674 * the transmit queue. Ram more data into the pipe if we have any 675 * If we have been flow-stopped by a CMD_FCOFF, then we can only 676 * send messages on DLCI0 until CMD_FCON 677 * 678 * FIXME: lock against link layer control transmissions 679 */ 680 681static void gsm_data_kick(struct gsm_mux *gsm) 682{ 683 struct gsm_msg *msg, *nmsg; 684 int len; 685 int skip_sof = 0; 686 687 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 688 if (gsm->constipated && msg->addr) 689 continue; 690 if (gsm->encoding != 0) { 691 gsm->txframe[0] = GSM1_SOF; 692 len = gsm_stuff_frame(msg->data, 693 gsm->txframe + 1, msg->len); 694 gsm->txframe[len + 1] = GSM1_SOF; 695 len += 2; 696 } else { 697 gsm->txframe[0] = GSM0_SOF; 698 memcpy(gsm->txframe + 1 , msg->data, msg->len); 699 gsm->txframe[msg->len + 1] = GSM0_SOF; 700 len = msg->len + 2; 701 } 702 703 if (debug & 4) 704 print_hex_dump_bytes("gsm_data_kick: ", 705 DUMP_PREFIX_OFFSET, 706 gsm->txframe, len); 707 708 if (gsm->output(gsm, gsm->txframe + skip_sof, 709 len - skip_sof) < 0) 710 break; 711 /* FIXME: Can eliminate one SOF in many more cases */ 712 gsm->tx_bytes -= msg->len; 713 /* For a burst of frames skip the extra SOF within the 714 burst */ 715 skip_sof = 1; 716 717 list_del(&msg->list); 718 kfree(msg); 719 } 720} 721 722/** 723 * __gsm_data_queue - queue a UI or UIH frame 724 * @dlci: DLCI sending the data 725 * @msg: message queued 726 * 727 * Add data to the transmit queue and try and get stuff moving 728 * out of the mux tty if not already doing so. The Caller must hold 729 * the gsm tx lock. 730 */ 731 732static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 733{ 734 struct gsm_mux *gsm = dlci->gsm; 735 u8 *dp = msg->data; 736 u8 *fcs = dp + msg->len; 737 738 /* Fill in the header */ 739 if (gsm->encoding == 0) { 740 if (msg->len < 128) 741 *--dp = (msg->len << 1) | EA; 742 else { 743 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 744 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 745 } 746 } 747 748 *--dp = msg->ctrl; 749 if (gsm->initiator) 750 *--dp = (msg->addr << 2) | 2 | EA; 751 else 752 *--dp = (msg->addr << 2) | EA; 753 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 754 /* Ugly protocol layering violation */ 755 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 756 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 757 *fcs = 0xFF - *fcs; 758 759 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 760 msg->data, msg->len); 761 762 /* Move the header back and adjust the length, also allow for the FCS 763 now tacked on the end */ 764 msg->len += (msg->data - dp) + 1; 765 msg->data = dp; 766 767 /* Add to the actual output queue */ 768 list_add_tail(&msg->list, &gsm->tx_list); 769 gsm->tx_bytes += msg->len; 770 gsm_data_kick(gsm); 771} 772 773/** 774 * gsm_data_queue - queue a UI or UIH frame 775 * @dlci: DLCI sending the data 776 * @msg: message queued 777 * 778 * Add data to the transmit queue and try and get stuff moving 779 * out of the mux tty if not already doing so. Take the 780 * the gsm tx lock and dlci lock. 781 */ 782 783static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 784{ 785 unsigned long flags; 786 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 787 __gsm_data_queue(dlci, msg); 788 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 789} 790 791/** 792 * gsm_dlci_data_output - try and push data out of a DLCI 793 * @gsm: mux 794 * @dlci: the DLCI to pull data from 795 * 796 * Pull data from a DLCI and send it into the transmit queue if there 797 * is data. Keep to the MRU of the mux. This path handles the usual tty 798 * interface which is a byte stream with optional modem data. 799 * 800 * Caller must hold the tx_lock of the mux. 801 */ 802 803static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 804{ 805 struct gsm_msg *msg; 806 u8 *dp; 807 int len, total_size, size; 808 int h = dlci->adaption - 1; 809 810 total_size = 0; 811 while (1) { 812 len = kfifo_len(dlci->fifo); 813 if (len == 0) 814 return total_size; 815 816 /* MTU/MRU count only the data bits */ 817 if (len > gsm->mtu) 818 len = gsm->mtu; 819 820 size = len + h; 821 822 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 823 /* FIXME: need a timer or something to kick this so it can't 824 get stuck with no work outstanding and no buffer free */ 825 if (msg == NULL) 826 return -ENOMEM; 827 dp = msg->data; 828 switch (dlci->adaption) { 829 case 1: /* Unstructured */ 830 break; 831 case 2: /* Unstructed with modem bits. 832 Always one byte as we never send inline break data */ 833 *dp++ = gsm_encode_modem(dlci); 834 break; 835 } 836 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len); 837 __gsm_data_queue(dlci, msg); 838 total_size += size; 839 } 840 /* Bytes of data we used up */ 841 return total_size; 842} 843 844/** 845 * gsm_dlci_data_output_framed - try and push data out of a DLCI 846 * @gsm: mux 847 * @dlci: the DLCI to pull data from 848 * 849 * Pull data from a DLCI and send it into the transmit queue if there 850 * is data. Keep to the MRU of the mux. This path handles framed data 851 * queued as skbuffs to the DLCI. 852 * 853 * Caller must hold the tx_lock of the mux. 854 */ 855 856static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 857 struct gsm_dlci *dlci) 858{ 859 struct gsm_msg *msg; 860 u8 *dp; 861 int len, size; 862 int last = 0, first = 0; 863 int overhead = 0; 864 865 /* One byte per frame is used for B/F flags */ 866 if (dlci->adaption == 4) 867 overhead = 1; 868 869 /* dlci->skb is locked by tx_lock */ 870 if (dlci->skb == NULL) { 871 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 872 if (dlci->skb == NULL) 873 return 0; 874 first = 1; 875 } 876 len = dlci->skb->len + overhead; 877 878 /* MTU/MRU count only the data bits */ 879 if (len > gsm->mtu) { 880 if (dlci->adaption == 3) { 881 /* Over long frame, bin it */ 882 dev_kfree_skb_any(dlci->skb); 883 dlci->skb = NULL; 884 return 0; 885 } 886 len = gsm->mtu; 887 } else 888 last = 1; 889 890 size = len + overhead; 891 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 892 893 /* FIXME: need a timer or something to kick this so it can't 894 get stuck with no work outstanding and no buffer free */ 895 if (msg == NULL) { 896 skb_queue_tail(&dlci->skb_list, dlci->skb); 897 dlci->skb = NULL; 898 return -ENOMEM; 899 } 900 dp = msg->data; 901 902 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 903 /* Flag byte to carry the start/end info */ 904 *dp++ = last << 7 | first << 6 | 1; /* EA */ 905 len--; 906 } 907 memcpy(dp, dlci->skb->data, len); 908 skb_pull(dlci->skb, len); 909 __gsm_data_queue(dlci, msg); 910 if (last) { 911 dev_kfree_skb_any(dlci->skb); 912 dlci->skb = NULL; 913 } 914 return size; 915} 916 917/** 918 * gsm_dlci_data_sweep - look for data to send 919 * @gsm: the GSM mux 920 * 921 * Sweep the GSM mux channels in priority order looking for ones with 922 * data to send. We could do with optimising this scan a bit. We aim 923 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 924 * TX_THRESH_LO we get called again 925 * 926 * FIXME: We should round robin between groups and in theory you can 927 * renegotiate DLCI priorities with optional stuff. Needs optimising. 928 */ 929 930static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 931{ 932 int len; 933 /* Priority ordering: We should do priority with RR of the groups */ 934 int i = 1; 935 936 while (i < NUM_DLCI) { 937 struct gsm_dlci *dlci; 938 939 if (gsm->tx_bytes > TX_THRESH_HI) 940 break; 941 dlci = gsm->dlci[i]; 942 if (dlci == NULL || dlci->constipated) { 943 i++; 944 continue; 945 } 946 if (dlci->adaption < 3 && !dlci->net) 947 len = gsm_dlci_data_output(gsm, dlci); 948 else 949 len = gsm_dlci_data_output_framed(gsm, dlci); 950 if (len < 0) 951 break; 952 /* DLCI empty - try the next */ 953 if (len == 0) 954 i++; 955 } 956} 957 958/** 959 * gsm_dlci_data_kick - transmit if possible 960 * @dlci: DLCI to kick 961 * 962 * Transmit data from this DLCI if the queue is empty. We can't rely on 963 * a tty wakeup except when we filled the pipe so we need to fire off 964 * new data ourselves in other cases. 965 */ 966 967static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 968{ 969 unsigned long flags; 970 int sweep; 971 972 if (dlci->constipated) 973 return; 974 975 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 976 /* If we have nothing running then we need to fire up */ 977 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 978 if (dlci->gsm->tx_bytes == 0) { 979 if (dlci->net) 980 gsm_dlci_data_output_framed(dlci->gsm, dlci); 981 else 982 gsm_dlci_data_output(dlci->gsm, dlci); 983 } 984 if (sweep) 985 gsm_dlci_data_sweep(dlci->gsm); 986 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 987} 988 989/* 990 * Control message processing 991 */ 992 993 994/** 995 * gsm_control_reply - send a response frame to a control 996 * @gsm: gsm channel 997 * @cmd: the command to use 998 * @data: data to follow encoded info 999 * @dlen: length of data 1000 * 1001 * Encode up and queue a UI/UIH frame containing our response. 1002 */ 1003 1004static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data, 1005 int dlen) 1006{ 1007 struct gsm_msg *msg; 1008 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1009 if (msg == NULL) 1010 return; 1011 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1012 msg->data[1] = (dlen << 1) | EA; 1013 memcpy(msg->data + 2, data, dlen); 1014 gsm_data_queue(gsm->dlci[0], msg); 1015} 1016 1017/** 1018 * gsm_process_modem - process received modem status 1019 * @tty: virtual tty bound to the DLCI 1020 * @dlci: DLCI to affect 1021 * @modem: modem bits (full EA) 1022 * 1023 * Used when a modem control message or line state inline in adaption 1024 * layer 2 is processed. Sort out the local modem state and throttles 1025 */ 1026 1027static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1028 u32 modem, int clen) 1029{ 1030 int mlines = 0; 1031 u8 brk = 0; 1032 int fc; 1033 1034 /* The modem status command can either contain one octet (v.24 signals) 1035 or two octets (v.24 signals + break signals). The length field will 1036 either be 2 or 3 respectively. This is specified in section 1037 5.4.6.3.7 of the 27.010 mux spec. */ 1038 1039 if (clen == 2) 1040 modem = modem & 0x7f; 1041 else { 1042 brk = modem & 0x7f; 1043 modem = (modem >> 7) & 0x7f; 1044 } 1045 1046 /* Flow control/ready to communicate */ 1047 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1048 if (fc && !dlci->constipated) { 1049 /* Need to throttle our output on this device */ 1050 dlci->constipated = 1; 1051 } else if (!fc && dlci->constipated) { 1052 dlci->constipated = 0; 1053 gsm_dlci_data_kick(dlci); 1054 } 1055 1056 /* Map modem bits */ 1057 if (modem & MDM_RTC) 1058 mlines |= TIOCM_DSR | TIOCM_DTR; 1059 if (modem & MDM_RTR) 1060 mlines |= TIOCM_RTS | TIOCM_CTS; 1061 if (modem & MDM_IC) 1062 mlines |= TIOCM_RI; 1063 if (modem & MDM_DV) 1064 mlines |= TIOCM_CD; 1065 1066 /* Carrier drop -> hangup */ 1067 if (tty) { 1068 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1069 if (!(tty->termios.c_cflag & CLOCAL)) 1070 tty_hangup(tty); 1071 } 1072 if (brk & 0x01) 1073 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1074 dlci->modem_rx = mlines; 1075} 1076 1077/** 1078 * gsm_control_modem - modem status received 1079 * @gsm: GSM channel 1080 * @data: data following command 1081 * @clen: command length 1082 * 1083 * We have received a modem status control message. This is used by 1084 * the GSM mux protocol to pass virtual modem line status and optionally 1085 * to indicate break signals. Unpack it, convert to Linux representation 1086 * and if need be stuff a break message down the tty. 1087 */ 1088 1089static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen) 1090{ 1091 unsigned int addr = 0; 1092 unsigned int modem = 0; 1093 unsigned int brk = 0; 1094 struct gsm_dlci *dlci; 1095 int len = clen; 1096 u8 *dp = data; 1097 struct tty_struct *tty; 1098 1099 while (gsm_read_ea(&addr, *dp++) == 0) { 1100 len--; 1101 if (len == 0) 1102 return; 1103 } 1104 /* Must be at least one byte following the EA */ 1105 len--; 1106 if (len <= 0) 1107 return; 1108 1109 addr >>= 1; 1110 /* Closed port, or invalid ? */ 1111 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1112 return; 1113 dlci = gsm->dlci[addr]; 1114 1115 while (gsm_read_ea(&modem, *dp++) == 0) { 1116 len--; 1117 if (len == 0) 1118 return; 1119 } 1120 len--; 1121 if (len > 0) { 1122 while (gsm_read_ea(&brk, *dp++) == 0) { 1123 len--; 1124 if (len == 0) 1125 return; 1126 } 1127 modem <<= 7; 1128 modem |= (brk & 0x7f); 1129 } 1130 tty = tty_port_tty_get(&dlci->port); 1131 gsm_process_modem(tty, dlci, modem, clen); 1132 if (tty) { 1133 tty_wakeup(tty); 1134 tty_kref_put(tty); 1135 } 1136 gsm_control_reply(gsm, CMD_MSC, data, clen); 1137} 1138 1139/** 1140 * gsm_control_rls - remote line status 1141 * @gsm: GSM channel 1142 * @data: data bytes 1143 * @clen: data length 1144 * 1145 * The modem sends us a two byte message on the control channel whenever 1146 * it wishes to send us an error state from the virtual link. Stuff 1147 * this into the uplink tty if present 1148 */ 1149 1150static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen) 1151{ 1152 struct tty_port *port; 1153 unsigned int addr = 0; 1154 u8 bits; 1155 int len = clen; 1156 u8 *dp = data; 1157 1158 while (gsm_read_ea(&addr, *dp++) == 0) { 1159 len--; 1160 if (len == 0) 1161 return; 1162 } 1163 /* Must be at least one byte following ea */ 1164 len--; 1165 if (len <= 0) 1166 return; 1167 addr >>= 1; 1168 /* Closed port, or invalid ? */ 1169 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1170 return; 1171 /* No error ? */ 1172 bits = *dp; 1173 if ((bits & 1) == 0) 1174 return; 1175 1176 port = &gsm->dlci[addr]->port; 1177 1178 if (bits & 2) 1179 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1180 if (bits & 4) 1181 tty_insert_flip_char(port, 0, TTY_PARITY); 1182 if (bits & 8) 1183 tty_insert_flip_char(port, 0, TTY_FRAME); 1184 1185 tty_flip_buffer_push(port); 1186 1187 gsm_control_reply(gsm, CMD_RLS, data, clen); 1188} 1189 1190static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1191 1192/** 1193 * gsm_control_message - DLCI 0 control processing 1194 * @gsm: our GSM mux 1195 * @command: the command EA 1196 * @data: data beyond the command/length EAs 1197 * @clen: length 1198 * 1199 * Input processor for control messages from the other end of the link. 1200 * Processes the incoming request and queues a response frame or an 1201 * NSC response if not supported 1202 */ 1203 1204static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1205 u8 *data, int clen) 1206{ 1207 u8 buf[1]; 1208 unsigned long flags; 1209 1210 switch (command) { 1211 case CMD_CLD: { 1212 struct gsm_dlci *dlci = gsm->dlci[0]; 1213 /* Modem wishes to close down */ 1214 if (dlci) { 1215 dlci->dead = 1; 1216 gsm->dead = 1; 1217 gsm_dlci_begin_close(dlci); 1218 } 1219 } 1220 break; 1221 case CMD_TEST: 1222 /* Modem wishes to test, reply with the data */ 1223 gsm_control_reply(gsm, CMD_TEST, data, clen); 1224 break; 1225 case CMD_FCON: 1226 /* Modem can accept data again */ 1227 gsm->constipated = 0; 1228 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1229 /* Kick the link in case it is idling */ 1230 spin_lock_irqsave(&gsm->tx_lock, flags); 1231 gsm_data_kick(gsm); 1232 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1233 break; 1234 case CMD_FCOFF: 1235 /* Modem wants us to STFU */ 1236 gsm->constipated = 1; 1237 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1238 break; 1239 case CMD_MSC: 1240 /* Out of band modem line change indicator for a DLCI */ 1241 gsm_control_modem(gsm, data, clen); 1242 break; 1243 case CMD_RLS: 1244 /* Out of band error reception for a DLCI */ 1245 gsm_control_rls(gsm, data, clen); 1246 break; 1247 case CMD_PSC: 1248 /* Modem wishes to enter power saving state */ 1249 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1250 break; 1251 /* Optional unsupported commands */ 1252 case CMD_PN: /* Parameter negotiation */ 1253 case CMD_RPN: /* Remote port negotiation */ 1254 case CMD_SNC: /* Service negotiation command */ 1255 default: 1256 /* Reply to bad commands with an NSC */ 1257 buf[0] = command; 1258 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1259 break; 1260 } 1261} 1262 1263/** 1264 * gsm_control_response - process a response to our control 1265 * @gsm: our GSM mux 1266 * @command: the command (response) EA 1267 * @data: data beyond the command/length EA 1268 * @clen: length 1269 * 1270 * Process a response to an outstanding command. We only allow a single 1271 * control message in flight so this is fairly easy. All the clean up 1272 * is done by the caller, we just update the fields, flag it as done 1273 * and return 1274 */ 1275 1276static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1277 u8 *data, int clen) 1278{ 1279 struct gsm_control *ctrl; 1280 unsigned long flags; 1281 1282 spin_lock_irqsave(&gsm->control_lock, flags); 1283 1284 ctrl = gsm->pending_cmd; 1285 /* Does the reply match our command */ 1286 command |= 1; 1287 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1288 /* Our command was replied to, kill the retry timer */ 1289 del_timer(&gsm->t2_timer); 1290 gsm->pending_cmd = NULL; 1291 /* Rejected by the other end */ 1292 if (command == CMD_NSC) 1293 ctrl->error = -EOPNOTSUPP; 1294 ctrl->done = 1; 1295 wake_up(&gsm->event); 1296 } 1297 spin_unlock_irqrestore(&gsm->control_lock, flags); 1298} 1299 1300/** 1301 * gsm_control_transmit - send control packet 1302 * @gsm: gsm mux 1303 * @ctrl: frame to send 1304 * 1305 * Send out a pending control command (called under control lock) 1306 */ 1307 1308static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1309{ 1310 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype); 1311 if (msg == NULL) 1312 return; 1313 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */ 1314 memcpy(msg->data + 1, ctrl->data, ctrl->len); 1315 gsm_data_queue(gsm->dlci[0], msg); 1316} 1317 1318/** 1319 * gsm_control_retransmit - retransmit a control frame 1320 * @data: pointer to our gsm object 1321 * 1322 * Called off the T2 timer expiry in order to retransmit control frames 1323 * that have been lost in the system somewhere. The control_lock protects 1324 * us from colliding with another sender or a receive completion event. 1325 * In that situation the timer may still occur in a small window but 1326 * gsm->pending_cmd will be NULL and we just let the timer expire. 1327 */ 1328 1329static void gsm_control_retransmit(unsigned long data) 1330{ 1331 struct gsm_mux *gsm = (struct gsm_mux *)data; 1332 struct gsm_control *ctrl; 1333 unsigned long flags; 1334 spin_lock_irqsave(&gsm->control_lock, flags); 1335 ctrl = gsm->pending_cmd; 1336 if (ctrl) { 1337 gsm->cretries--; 1338 if (gsm->cretries == 0) { 1339 gsm->pending_cmd = NULL; 1340 ctrl->error = -ETIMEDOUT; 1341 ctrl->done = 1; 1342 spin_unlock_irqrestore(&gsm->control_lock, flags); 1343 wake_up(&gsm->event); 1344 return; 1345 } 1346 gsm_control_transmit(gsm, ctrl); 1347 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1348 } 1349 spin_unlock_irqrestore(&gsm->control_lock, flags); 1350} 1351 1352/** 1353 * gsm_control_send - send a control frame on DLCI 0 1354 * @gsm: the GSM channel 1355 * @command: command to send including CR bit 1356 * @data: bytes of data (must be kmalloced) 1357 * @len: length of the block to send 1358 * 1359 * Queue and dispatch a control command. Only one command can be 1360 * active at a time. In theory more can be outstanding but the matching 1361 * gets really complicated so for now stick to one outstanding. 1362 */ 1363 1364static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1365 unsigned int command, u8 *data, int clen) 1366{ 1367 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1368 GFP_KERNEL); 1369 unsigned long flags; 1370 if (ctrl == NULL) 1371 return NULL; 1372retry: 1373 wait_event(gsm->event, gsm->pending_cmd == NULL); 1374 spin_lock_irqsave(&gsm->control_lock, flags); 1375 if (gsm->pending_cmd != NULL) { 1376 spin_unlock_irqrestore(&gsm->control_lock, flags); 1377 goto retry; 1378 } 1379 ctrl->cmd = command; 1380 ctrl->data = data; 1381 ctrl->len = clen; 1382 gsm->pending_cmd = ctrl; 1383 gsm->cretries = gsm->n2; 1384 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1385 gsm_control_transmit(gsm, ctrl); 1386 spin_unlock_irqrestore(&gsm->control_lock, flags); 1387 return ctrl; 1388} 1389 1390/** 1391 * gsm_control_wait - wait for a control to finish 1392 * @gsm: GSM mux 1393 * @control: control we are waiting on 1394 * 1395 * Waits for the control to complete or time out. Frees any used 1396 * resources and returns 0 for success, or an error if the remote 1397 * rejected or ignored the request. 1398 */ 1399 1400static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1401{ 1402 int err; 1403 wait_event(gsm->event, control->done == 1); 1404 err = control->error; 1405 kfree(control); 1406 return err; 1407} 1408 1409 1410/* 1411 * DLCI level handling: Needs krefs 1412 */ 1413 1414/* 1415 * State transitions and timers 1416 */ 1417 1418/** 1419 * gsm_dlci_close - a DLCI has closed 1420 * @dlci: DLCI that closed 1421 * 1422 * Perform processing when moving a DLCI into closed state. If there 1423 * is an attached tty this is hung up 1424 */ 1425 1426static void gsm_dlci_close(struct gsm_dlci *dlci) 1427{ 1428 del_timer(&dlci->t1); 1429 if (debug & 8) 1430 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1431 dlci->state = DLCI_CLOSED; 1432 if (dlci->addr != 0) { 1433 tty_port_tty_hangup(&dlci->port, false); 1434 kfifo_reset(dlci->fifo); 1435 } else 1436 dlci->gsm->dead = 1; 1437 wake_up(&dlci->gsm->event); 1438 /* A DLCI 0 close is a MUX termination so we need to kick that 1439 back to userspace somehow */ 1440} 1441 1442/** 1443 * gsm_dlci_open - a DLCI has opened 1444 * @dlci: DLCI that opened 1445 * 1446 * Perform processing when moving a DLCI into open state. 1447 */ 1448 1449static void gsm_dlci_open(struct gsm_dlci *dlci) 1450{ 1451 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1452 open -> open */ 1453 del_timer(&dlci->t1); 1454 /* This will let a tty open continue */ 1455 dlci->state = DLCI_OPEN; 1456 if (debug & 8) 1457 pr_debug("DLCI %d goes open.\n", dlci->addr); 1458 wake_up(&dlci->gsm->event); 1459} 1460 1461/** 1462 * gsm_dlci_t1 - T1 timer expiry 1463 * @dlci: DLCI that opened 1464 * 1465 * The T1 timer handles retransmits of control frames (essentially of 1466 * SABM and DISC). We resend the command until the retry count runs out 1467 * in which case an opening port goes back to closed and a closing port 1468 * is simply put into closed state (any further frames from the other 1469 * end will get a DM response) 1470 */ 1471 1472static void gsm_dlci_t1(unsigned long data) 1473{ 1474 struct gsm_dlci *dlci = (struct gsm_dlci *)data; 1475 struct gsm_mux *gsm = dlci->gsm; 1476 1477 switch (dlci->state) { 1478 case DLCI_OPENING: 1479 dlci->retries--; 1480 if (dlci->retries) { 1481 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1482 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1483 } else 1484 gsm_dlci_close(dlci); 1485 break; 1486 case DLCI_CLOSING: 1487 dlci->retries--; 1488 if (dlci->retries) { 1489 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1490 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1491 } else 1492 gsm_dlci_close(dlci); 1493 break; 1494 } 1495} 1496 1497/** 1498 * gsm_dlci_begin_open - start channel open procedure 1499 * @dlci: DLCI to open 1500 * 1501 * Commence opening a DLCI from the Linux side. We issue SABM messages 1502 * to the modem which should then reply with a UA, at which point we 1503 * will move into open state. Opening is done asynchronously with retry 1504 * running off timers and the responses. 1505 */ 1506 1507static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1508{ 1509 struct gsm_mux *gsm = dlci->gsm; 1510 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1511 return; 1512 dlci->retries = gsm->n2; 1513 dlci->state = DLCI_OPENING; 1514 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1515 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1516} 1517 1518/** 1519 * gsm_dlci_begin_close - start channel open procedure 1520 * @dlci: DLCI to open 1521 * 1522 * Commence closing a DLCI from the Linux side. We issue DISC messages 1523 * to the modem which should then reply with a UA, at which point we 1524 * will move into closed state. Closing is done asynchronously with retry 1525 * off timers. We may also receive a DM reply from the other end which 1526 * indicates the channel was already closed. 1527 */ 1528 1529static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1530{ 1531 struct gsm_mux *gsm = dlci->gsm; 1532 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1533 return; 1534 dlci->retries = gsm->n2; 1535 dlci->state = DLCI_CLOSING; 1536 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1537 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1538} 1539 1540/** 1541 * gsm_dlci_data - data arrived 1542 * @dlci: channel 1543 * @data: block of bytes received 1544 * @len: length of received block 1545 * 1546 * A UI or UIH frame has arrived which contains data for a channel 1547 * other than the control channel. If the relevant virtual tty is 1548 * open we shovel the bits down it, if not we drop them. 1549 */ 1550 1551static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen) 1552{ 1553 /* krefs .. */ 1554 struct tty_port *port = &dlci->port; 1555 struct tty_struct *tty; 1556 unsigned int modem = 0; 1557 int len = clen; 1558 1559 if (debug & 16) 1560 pr_debug("%d bytes for tty\n", len); 1561 switch (dlci->adaption) { 1562 /* Unsupported types */ 1563 /* Packetised interruptible data */ 1564 case 4: 1565 break; 1566 /* Packetised uininterruptible voice/data */ 1567 case 3: 1568 break; 1569 /* Asynchronous serial with line state in each frame */ 1570 case 2: 1571 while (gsm_read_ea(&modem, *data++) == 0) { 1572 len--; 1573 if (len == 0) 1574 return; 1575 } 1576 tty = tty_port_tty_get(port); 1577 if (tty) { 1578 gsm_process_modem(tty, dlci, modem, clen); 1579 tty_kref_put(tty); 1580 } 1581 /* Line state will go via DLCI 0 controls only */ 1582 case 1: 1583 default: 1584 tty_insert_flip_string(port, data, len); 1585 tty_flip_buffer_push(port); 1586 } 1587} 1588 1589/** 1590 * gsm_dlci_control - data arrived on control channel 1591 * @dlci: channel 1592 * @data: block of bytes received 1593 * @len: length of received block 1594 * 1595 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1596 * control channel. This should contain a command EA followed by 1597 * control data bytes. The command EA contains a command/response bit 1598 * and we divide up the work accordingly. 1599 */ 1600 1601static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len) 1602{ 1603 /* See what command is involved */ 1604 unsigned int command = 0; 1605 while (len-- > 0) { 1606 if (gsm_read_ea(&command, *data++) == 1) { 1607 int clen = *data++; 1608 len--; 1609 /* FIXME: this is properly an EA */ 1610 clen >>= 1; 1611 /* Malformed command ? */ 1612 if (clen > len) 1613 return; 1614 if (command & 1) 1615 gsm_control_message(dlci->gsm, command, 1616 data, clen); 1617 else 1618 gsm_control_response(dlci->gsm, command, 1619 data, clen); 1620 return; 1621 } 1622 } 1623} 1624 1625/* 1626 * Allocate/Free DLCI channels 1627 */ 1628 1629/** 1630 * gsm_dlci_alloc - allocate a DLCI 1631 * @gsm: GSM mux 1632 * @addr: address of the DLCI 1633 * 1634 * Allocate and install a new DLCI object into the GSM mux. 1635 * 1636 * FIXME: review locking races 1637 */ 1638 1639static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1640{ 1641 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1642 if (dlci == NULL) 1643 return NULL; 1644 spin_lock_init(&dlci->lock); 1645 mutex_init(&dlci->mutex); 1646 dlci->fifo = &dlci->_fifo; 1647 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) { 1648 kfree(dlci); 1649 return NULL; 1650 } 1651 1652 skb_queue_head_init(&dlci->skb_list); 1653 init_timer(&dlci->t1); 1654 dlci->t1.function = gsm_dlci_t1; 1655 dlci->t1.data = (unsigned long)dlci; 1656 tty_port_init(&dlci->port); 1657 dlci->port.ops = &gsm_port_ops; 1658 dlci->gsm = gsm; 1659 dlci->addr = addr; 1660 dlci->adaption = gsm->adaption; 1661 dlci->state = DLCI_CLOSED; 1662 if (addr) 1663 dlci->data = gsm_dlci_data; 1664 else 1665 dlci->data = gsm_dlci_command; 1666 gsm->dlci[addr] = dlci; 1667 return dlci; 1668} 1669 1670/** 1671 * gsm_dlci_free - free DLCI 1672 * @dlci: DLCI to free 1673 * 1674 * Free up a DLCI. 1675 * 1676 * Can sleep. 1677 */ 1678static void gsm_dlci_free(struct tty_port *port) 1679{ 1680 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1681 1682 del_timer_sync(&dlci->t1); 1683 dlci->gsm->dlci[dlci->addr] = NULL; 1684 kfifo_free(dlci->fifo); 1685 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1686 dev_kfree_skb(dlci->skb); 1687 kfree(dlci); 1688} 1689 1690static inline void dlci_get(struct gsm_dlci *dlci) 1691{ 1692 tty_port_get(&dlci->port); 1693} 1694 1695static inline void dlci_put(struct gsm_dlci *dlci) 1696{ 1697 tty_port_put(&dlci->port); 1698} 1699 1700static void gsm_destroy_network(struct gsm_dlci *dlci); 1701 1702/** 1703 * gsm_dlci_release - release DLCI 1704 * @dlci: DLCI to destroy 1705 * 1706 * Release a DLCI. Actual free is deferred until either 1707 * mux is closed or tty is closed - whichever is last. 1708 * 1709 * Can sleep. 1710 */ 1711static void gsm_dlci_release(struct gsm_dlci *dlci) 1712{ 1713 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1714 if (tty) { 1715 mutex_lock(&dlci->mutex); 1716 gsm_destroy_network(dlci); 1717 mutex_unlock(&dlci->mutex); 1718 1719 tty_vhangup(tty); 1720 1721 tty_port_tty_set(&dlci->port, NULL); 1722 tty_kref_put(tty); 1723 } 1724 dlci->state = DLCI_CLOSED; 1725 dlci_put(dlci); 1726} 1727 1728/* 1729 * LAPBish link layer logic 1730 */ 1731 1732/** 1733 * gsm_queue - a GSM frame is ready to process 1734 * @gsm: pointer to our gsm mux 1735 * 1736 * At this point in time a frame has arrived and been demangled from 1737 * the line encoding. All the differences between the encodings have 1738 * been handled below us and the frame is unpacked into the structures. 1739 * The fcs holds the header FCS but any data FCS must be added here. 1740 */ 1741 1742static void gsm_queue(struct gsm_mux *gsm) 1743{ 1744 struct gsm_dlci *dlci; 1745 u8 cr; 1746 int address; 1747 /* We have to sneak a look at the packet body to do the FCS. 1748 A somewhat layering violation in the spec */ 1749 1750 if ((gsm->control & ~PF) == UI) 1751 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len); 1752 if (gsm->encoding == 0) { 1753 /* WARNING: gsm->received_fcs is used for 1754 gsm->encoding = 0 only. 1755 In this case it contain the last piece of data 1756 required to generate final CRC */ 1757 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs); 1758 } 1759 if (gsm->fcs != GOOD_FCS) { 1760 gsm->bad_fcs++; 1761 if (debug & 4) 1762 pr_debug("BAD FCS %02x\n", gsm->fcs); 1763 return; 1764 } 1765 address = gsm->address >> 1; 1766 if (address >= NUM_DLCI) 1767 goto invalid; 1768 1769 cr = gsm->address & 1; /* C/R bit */ 1770 1771 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1772 1773 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */ 1774 dlci = gsm->dlci[address]; 1775 1776 switch (gsm->control) { 1777 case SABM|PF: 1778 if (cr == 0) 1779 goto invalid; 1780 if (dlci == NULL) 1781 dlci = gsm_dlci_alloc(gsm, address); 1782 if (dlci == NULL) 1783 return; 1784 if (dlci->dead) 1785 gsm_response(gsm, address, DM); 1786 else { 1787 gsm_response(gsm, address, UA); 1788 gsm_dlci_open(dlci); 1789 } 1790 break; 1791 case DISC|PF: 1792 if (cr == 0) 1793 goto invalid; 1794 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1795 gsm_response(gsm, address, DM); 1796 return; 1797 } 1798 /* Real close complete */ 1799 gsm_response(gsm, address, UA); 1800 gsm_dlci_close(dlci); 1801 break; 1802 case UA: 1803 case UA|PF: 1804 if (cr == 0 || dlci == NULL) 1805 break; 1806 switch (dlci->state) { 1807 case DLCI_CLOSING: 1808 gsm_dlci_close(dlci); 1809 break; 1810 case DLCI_OPENING: 1811 gsm_dlci_open(dlci); 1812 break; 1813 } 1814 break; 1815 case DM: /* DM can be valid unsolicited */ 1816 case DM|PF: 1817 if (cr) 1818 goto invalid; 1819 if (dlci == NULL) 1820 return; 1821 gsm_dlci_close(dlci); 1822 break; 1823 case UI: 1824 case UI|PF: 1825 case UIH: 1826 case UIH|PF: 1827#if 0 1828 if (cr) 1829 goto invalid; 1830#endif 1831 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1832 gsm_command(gsm, address, DM|PF); 1833 return; 1834 } 1835 dlci->data(dlci, gsm->buf, gsm->len); 1836 break; 1837 default: 1838 goto invalid; 1839 } 1840 return; 1841invalid: 1842 gsm->malformed++; 1843 return; 1844} 1845 1846 1847/** 1848 * gsm0_receive - perform processing for non-transparency 1849 * @gsm: gsm data for this ldisc instance 1850 * @c: character 1851 * 1852 * Receive bytes in gsm mode 0 1853 */ 1854 1855static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1856{ 1857 unsigned int len; 1858 1859 switch (gsm->state) { 1860 case GSM_SEARCH: /* SOF marker */ 1861 if (c == GSM0_SOF) { 1862 gsm->state = GSM_ADDRESS; 1863 gsm->address = 0; 1864 gsm->len = 0; 1865 gsm->fcs = INIT_FCS; 1866 } 1867 break; 1868 case GSM_ADDRESS: /* Address EA */ 1869 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1870 if (gsm_read_ea(&gsm->address, c)) 1871 gsm->state = GSM_CONTROL; 1872 break; 1873 case GSM_CONTROL: /* Control Byte */ 1874 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1875 gsm->control = c; 1876 gsm->state = GSM_LEN0; 1877 break; 1878 case GSM_LEN0: /* Length EA */ 1879 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1880 if (gsm_read_ea(&gsm->len, c)) { 1881 if (gsm->len > gsm->mru) { 1882 gsm->bad_size++; 1883 gsm->state = GSM_SEARCH; 1884 break; 1885 } 1886 gsm->count = 0; 1887 if (!gsm->len) 1888 gsm->state = GSM_FCS; 1889 else 1890 gsm->state = GSM_DATA; 1891 break; 1892 } 1893 gsm->state = GSM_LEN1; 1894 break; 1895 case GSM_LEN1: 1896 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1897 len = c; 1898 gsm->len |= len << 7; 1899 if (gsm->len > gsm->mru) { 1900 gsm->bad_size++; 1901 gsm->state = GSM_SEARCH; 1902 break; 1903 } 1904 gsm->count = 0; 1905 if (!gsm->len) 1906 gsm->state = GSM_FCS; 1907 else 1908 gsm->state = GSM_DATA; 1909 break; 1910 case GSM_DATA: /* Data */ 1911 gsm->buf[gsm->count++] = c; 1912 if (gsm->count == gsm->len) 1913 gsm->state = GSM_FCS; 1914 break; 1915 case GSM_FCS: /* FCS follows the packet */ 1916 gsm->received_fcs = c; 1917 gsm_queue(gsm); 1918 gsm->state = GSM_SSOF; 1919 break; 1920 case GSM_SSOF: 1921 if (c == GSM0_SOF) { 1922 gsm->state = GSM_SEARCH; 1923 break; 1924 } 1925 break; 1926 } 1927} 1928 1929/** 1930 * gsm1_receive - perform processing for non-transparency 1931 * @gsm: gsm data for this ldisc instance 1932 * @c: character 1933 * 1934 * Receive bytes in mode 1 (Advanced option) 1935 */ 1936 1937static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 1938{ 1939 if (c == GSM1_SOF) { 1940 /* EOF is only valid in frame if we have got to the data state 1941 and received at least one byte (the FCS) */ 1942 if (gsm->state == GSM_DATA && gsm->count) { 1943 /* Extract the FCS */ 1944 gsm->count--; 1945 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 1946 gsm->len = gsm->count; 1947 gsm_queue(gsm); 1948 gsm->state = GSM_START; 1949 return; 1950 } 1951 /* Any partial frame was a runt so go back to start */ 1952 if (gsm->state != GSM_START) { 1953 gsm->malformed++; 1954 gsm->state = GSM_START; 1955 } 1956 /* A SOF in GSM_START means we are still reading idling or 1957 framing bytes */ 1958 return; 1959 } 1960 1961 if (c == GSM1_ESCAPE) { 1962 gsm->escape = 1; 1963 return; 1964 } 1965 1966 /* Only an unescaped SOF gets us out of GSM search */ 1967 if (gsm->state == GSM_SEARCH) 1968 return; 1969 1970 if (gsm->escape) { 1971 c ^= GSM1_ESCAPE_BITS; 1972 gsm->escape = 0; 1973 } 1974 switch (gsm->state) { 1975 case GSM_START: /* First byte after SOF */ 1976 gsm->address = 0; 1977 gsm->state = GSM_ADDRESS; 1978 gsm->fcs = INIT_FCS; 1979 /* Drop through */ 1980 case GSM_ADDRESS: /* Address continuation */ 1981 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1982 if (gsm_read_ea(&gsm->address, c)) 1983 gsm->state = GSM_CONTROL; 1984 break; 1985 case GSM_CONTROL: /* Control Byte */ 1986 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1987 gsm->control = c; 1988 gsm->count = 0; 1989 gsm->state = GSM_DATA; 1990 break; 1991 case GSM_DATA: /* Data */ 1992 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 1993 gsm->state = GSM_OVERRUN; 1994 gsm->bad_size++; 1995 } else 1996 gsm->buf[gsm->count++] = c; 1997 break; 1998 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 1999 break; 2000 } 2001} 2002 2003/** 2004 * gsm_error - handle tty error 2005 * @gsm: ldisc data 2006 * @data: byte received (may be invalid) 2007 * @flag: error received 2008 * 2009 * Handle an error in the receipt of data for a frame. Currently we just 2010 * go back to hunting for a SOF. 2011 * 2012 * FIXME: better diagnostics ? 2013 */ 2014 2015static void gsm_error(struct gsm_mux *gsm, 2016 unsigned char data, unsigned char flag) 2017{ 2018 gsm->state = GSM_SEARCH; 2019 gsm->io_error++; 2020} 2021 2022/** 2023 * gsm_cleanup_mux - generic GSM protocol cleanup 2024 * @gsm: our mux 2025 * 2026 * Clean up the bits of the mux which are the same for all framing 2027 * protocols. Remove the mux from the mux table, stop all the timers 2028 * and then shut down each device hanging up the channels as we go. 2029 */ 2030 2031static void gsm_cleanup_mux(struct gsm_mux *gsm) 2032{ 2033 int i; 2034 struct gsm_dlci *dlci = gsm->dlci[0]; 2035 struct gsm_msg *txq, *ntxq; 2036 struct gsm_control *gc; 2037 2038 gsm->dead = 1; 2039 2040 spin_lock(&gsm_mux_lock); 2041 for (i = 0; i < MAX_MUX; i++) { 2042 if (gsm_mux[i] == gsm) { 2043 gsm_mux[i] = NULL; 2044 break; 2045 } 2046 } 2047 spin_unlock(&gsm_mux_lock); 2048 WARN_ON(i == MAX_MUX); 2049 2050 /* In theory disconnecting DLCI 0 is sufficient but for some 2051 modems this is apparently not the case. */ 2052 if (dlci) { 2053 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0); 2054 if (gc) 2055 gsm_control_wait(gsm, gc); 2056 } 2057 del_timer_sync(&gsm->t2_timer); 2058 /* Now we are sure T2 has stopped */ 2059 if (dlci) { 2060 dlci->dead = 1; 2061 gsm_dlci_begin_close(dlci); 2062 wait_event_interruptible(gsm->event, 2063 dlci->state == DLCI_CLOSED); 2064 } 2065 /* Free up any link layer users */ 2066 mutex_lock(&gsm->mutex); 2067 for (i = 0; i < NUM_DLCI; i++) 2068 if (gsm->dlci[i]) 2069 gsm_dlci_release(gsm->dlci[i]); 2070 mutex_unlock(&gsm->mutex); 2071 /* Now wipe the queues */ 2072 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2073 kfree(txq); 2074 INIT_LIST_HEAD(&gsm->tx_list); 2075} 2076 2077/** 2078 * gsm_activate_mux - generic GSM setup 2079 * @gsm: our mux 2080 * 2081 * Set up the bits of the mux which are the same for all framing 2082 * protocols. Add the mux to the mux table so it can be opened and 2083 * finally kick off connecting to DLCI 0 on the modem. 2084 */ 2085 2086static int gsm_activate_mux(struct gsm_mux *gsm) 2087{ 2088 struct gsm_dlci *dlci; 2089 int i = 0; 2090 2091 setup_timer(&gsm->t2_timer, gsm_control_retransmit, (unsigned long)gsm); 2092 init_waitqueue_head(&gsm->event); 2093 spin_lock_init(&gsm->control_lock); 2094 spin_lock_init(&gsm->tx_lock); 2095 2096 if (gsm->encoding == 0) 2097 gsm->receive = gsm0_receive; 2098 else 2099 gsm->receive = gsm1_receive; 2100 gsm->error = gsm_error; 2101 2102 spin_lock(&gsm_mux_lock); 2103 for (i = 0; i < MAX_MUX; i++) { 2104 if (gsm_mux[i] == NULL) { 2105 gsm->num = i; 2106 gsm_mux[i] = gsm; 2107 break; 2108 } 2109 } 2110 spin_unlock(&gsm_mux_lock); 2111 if (i == MAX_MUX) 2112 return -EBUSY; 2113 2114 dlci = gsm_dlci_alloc(gsm, 0); 2115 if (dlci == NULL) 2116 return -ENOMEM; 2117 gsm->dead = 0; /* Tty opens are now permissible */ 2118 return 0; 2119} 2120 2121/** 2122 * gsm_free_mux - free up a mux 2123 * @mux: mux to free 2124 * 2125 * Dispose of allocated resources for a dead mux 2126 */ 2127static void gsm_free_mux(struct gsm_mux *gsm) 2128{ 2129 kfree(gsm->txframe); 2130 kfree(gsm->buf); 2131 kfree(gsm); 2132} 2133 2134/** 2135 * gsm_free_muxr - free up a mux 2136 * @mux: mux to free 2137 * 2138 * Dispose of allocated resources for a dead mux 2139 */ 2140static void gsm_free_muxr(struct kref *ref) 2141{ 2142 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2143 gsm_free_mux(gsm); 2144} 2145 2146static inline void mux_get(struct gsm_mux *gsm) 2147{ 2148 kref_get(&gsm->ref); 2149} 2150 2151static inline void mux_put(struct gsm_mux *gsm) 2152{ 2153 kref_put(&gsm->ref, gsm_free_muxr); 2154} 2155 2156/** 2157 * gsm_alloc_mux - allocate a mux 2158 * 2159 * Creates a new mux ready for activation. 2160 */ 2161 2162static struct gsm_mux *gsm_alloc_mux(void) 2163{ 2164 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2165 if (gsm == NULL) 2166 return NULL; 2167 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2168 if (gsm->buf == NULL) { 2169 kfree(gsm); 2170 return NULL; 2171 } 2172 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL); 2173 if (gsm->txframe == NULL) { 2174 kfree(gsm->buf); 2175 kfree(gsm); 2176 return NULL; 2177 } 2178 spin_lock_init(&gsm->lock); 2179 mutex_init(&gsm->mutex); 2180 kref_init(&gsm->ref); 2181 INIT_LIST_HEAD(&gsm->tx_list); 2182 2183 gsm->t1 = T1; 2184 gsm->t2 = T2; 2185 gsm->n2 = N2; 2186 gsm->ftype = UIH; 2187 gsm->adaption = 1; 2188 gsm->encoding = 1; 2189 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2190 gsm->mtu = 64; 2191 gsm->dead = 1; /* Avoid early tty opens */ 2192 2193 return gsm; 2194} 2195 2196/** 2197 * gsmld_output - write to link 2198 * @gsm: our mux 2199 * @data: bytes to output 2200 * @len: size 2201 * 2202 * Write a block of data from the GSM mux to the data channel. This 2203 * will eventually be serialized from above but at the moment isn't. 2204 */ 2205 2206static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2207{ 2208 if (tty_write_room(gsm->tty) < len) { 2209 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2210 return -ENOSPC; 2211 } 2212 if (debug & 4) 2213 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET, 2214 data, len); 2215 gsm->tty->ops->write(gsm->tty, data, len); 2216 return len; 2217} 2218 2219/** 2220 * gsmld_attach_gsm - mode set up 2221 * @tty: our tty structure 2222 * @gsm: our mux 2223 * 2224 * Set up the MUX for basic mode and commence connecting to the 2225 * modem. Currently called from the line discipline set up but 2226 * will need moving to an ioctl path. 2227 */ 2228 2229static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2230{ 2231 int ret, i, base; 2232 2233 gsm->tty = tty_kref_get(tty); 2234 gsm->output = gsmld_output; 2235 ret = gsm_activate_mux(gsm); 2236 if (ret != 0) 2237 tty_kref_put(gsm->tty); 2238 else { 2239 /* Don't register device 0 - this is the control channel and not 2240 a usable tty interface */ 2241 base = gsm->num << 6; /* Base for this MUX */ 2242 for (i = 1; i < NUM_DLCI; i++) 2243 tty_register_device(gsm_tty_driver, base + i, NULL); 2244 } 2245 return ret; 2246} 2247 2248 2249/** 2250 * gsmld_detach_gsm - stop doing 0710 mux 2251 * @tty: tty attached to the mux 2252 * @gsm: mux 2253 * 2254 * Shutdown and then clean up the resources used by the line discipline 2255 */ 2256 2257static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2258{ 2259 int i; 2260 int base = gsm->num << 6; /* Base for this MUX */ 2261 2262 WARN_ON(tty != gsm->tty); 2263 for (i = 1; i < NUM_DLCI; i++) 2264 tty_unregister_device(gsm_tty_driver, base + i); 2265 gsm_cleanup_mux(gsm); 2266 tty_kref_put(gsm->tty); 2267 gsm->tty = NULL; 2268} 2269 2270static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2271 char *fp, int count) 2272{ 2273 struct gsm_mux *gsm = tty->disc_data; 2274 const unsigned char *dp; 2275 char *f; 2276 int i; 2277 char buf[64]; 2278 char flags = TTY_NORMAL; 2279 2280 if (debug & 4) 2281 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET, 2282 cp, count); 2283 2284 for (i = count, dp = cp, f = fp; i; i--, dp++) { 2285 if (f) 2286 flags = *f++; 2287 switch (flags) { 2288 case TTY_NORMAL: 2289 gsm->receive(gsm, *dp); 2290 break; 2291 case TTY_OVERRUN: 2292 case TTY_BREAK: 2293 case TTY_PARITY: 2294 case TTY_FRAME: 2295 gsm->error(gsm, *dp, flags); 2296 break; 2297 default: 2298 WARN_ONCE(1, "%s: unknown flag %d\n", 2299 tty_name(tty, buf), flags); 2300 break; 2301 } 2302 } 2303 /* FASYNC if needed ? */ 2304 /* If clogged call tty_throttle(tty); */ 2305} 2306 2307/** 2308 * gsmld_chars_in_buffer - report available bytes 2309 * @tty: tty device 2310 * 2311 * Report the number of characters buffered to be delivered to user 2312 * at this instant in time. 2313 * 2314 * Locking: gsm lock 2315 */ 2316 2317static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty) 2318{ 2319 return 0; 2320} 2321 2322/** 2323 * gsmld_flush_buffer - clean input queue 2324 * @tty: terminal device 2325 * 2326 * Flush the input buffer. Called when the line discipline is 2327 * being closed, when the tty layer wants the buffer flushed (eg 2328 * at hangup). 2329 */ 2330 2331static void gsmld_flush_buffer(struct tty_struct *tty) 2332{ 2333} 2334 2335/** 2336 * gsmld_close - close the ldisc for this tty 2337 * @tty: device 2338 * 2339 * Called from the terminal layer when this line discipline is 2340 * being shut down, either because of a close or becsuse of a 2341 * discipline change. The function will not be called while other 2342 * ldisc methods are in progress. 2343 */ 2344 2345static void gsmld_close(struct tty_struct *tty) 2346{ 2347 struct gsm_mux *gsm = tty->disc_data; 2348 2349 gsmld_detach_gsm(tty, gsm); 2350 2351 gsmld_flush_buffer(tty); 2352 /* Do other clean up here */ 2353 mux_put(gsm); 2354} 2355 2356/** 2357 * gsmld_open - open an ldisc 2358 * @tty: terminal to open 2359 * 2360 * Called when this line discipline is being attached to the 2361 * terminal device. Can sleep. Called serialized so that no 2362 * other events will occur in parallel. No further open will occur 2363 * until a close. 2364 */ 2365 2366static int gsmld_open(struct tty_struct *tty) 2367{ 2368 struct gsm_mux *gsm; 2369 int ret; 2370 2371 if (tty->ops->write == NULL) 2372 return -EINVAL; 2373 2374 /* Attach our ldisc data */ 2375 gsm = gsm_alloc_mux(); 2376 if (gsm == NULL) 2377 return -ENOMEM; 2378 2379 tty->disc_data = gsm; 2380 tty->receive_room = 65536; 2381 2382 /* Attach the initial passive connection */ 2383 gsm->encoding = 1; 2384 2385 ret = gsmld_attach_gsm(tty, gsm); 2386 if (ret != 0) { 2387 gsm_cleanup_mux(gsm); 2388 mux_put(gsm); 2389 } 2390 return ret; 2391} 2392 2393/** 2394 * gsmld_write_wakeup - asynchronous I/O notifier 2395 * @tty: tty device 2396 * 2397 * Required for the ptys, serial driver etc. since processes 2398 * that attach themselves to the master and rely on ASYNC 2399 * IO must be woken up 2400 */ 2401 2402static void gsmld_write_wakeup(struct tty_struct *tty) 2403{ 2404 struct gsm_mux *gsm = tty->disc_data; 2405 unsigned long flags; 2406 2407 /* Queue poll */ 2408 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2409 spin_lock_irqsave(&gsm->tx_lock, flags); 2410 gsm_data_kick(gsm); 2411 if (gsm->tx_bytes < TX_THRESH_LO) { 2412 gsm_dlci_data_sweep(gsm); 2413 } 2414 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2415} 2416 2417/** 2418 * gsmld_read - read function for tty 2419 * @tty: tty device 2420 * @file: file object 2421 * @buf: userspace buffer pointer 2422 * @nr: size of I/O 2423 * 2424 * Perform reads for the line discipline. We are guaranteed that the 2425 * line discipline will not be closed under us but we may get multiple 2426 * parallel readers and must handle this ourselves. We may also get 2427 * a hangup. Always called in user context, may sleep. 2428 * 2429 * This code must be sure never to sleep through a hangup. 2430 */ 2431 2432static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2433 unsigned char __user *buf, size_t nr) 2434{ 2435 return -EOPNOTSUPP; 2436} 2437 2438/** 2439 * gsmld_write - write function for tty 2440 * @tty: tty device 2441 * @file: file object 2442 * @buf: userspace buffer pointer 2443 * @nr: size of I/O 2444 * 2445 * Called when the owner of the device wants to send a frame 2446 * itself (or some other control data). The data is transferred 2447 * as-is and must be properly framed and checksummed as appropriate 2448 * by userspace. Frames are either sent whole or not at all as this 2449 * avoids pain user side. 2450 */ 2451 2452static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2453 const unsigned char *buf, size_t nr) 2454{ 2455 int space = tty_write_room(tty); 2456 if (space >= nr) 2457 return tty->ops->write(tty, buf, nr); 2458 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2459 return -ENOBUFS; 2460} 2461 2462/** 2463 * gsmld_poll - poll method for N_GSM0710 2464 * @tty: terminal device 2465 * @file: file accessing it 2466 * @wait: poll table 2467 * 2468 * Called when the line discipline is asked to poll() for data or 2469 * for special events. This code is not serialized with respect to 2470 * other events save open/close. 2471 * 2472 * This code must be sure never to sleep through a hangup. 2473 * Called without the kernel lock held - fine 2474 */ 2475 2476static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file, 2477 poll_table *wait) 2478{ 2479 unsigned int mask = 0; 2480 struct gsm_mux *gsm = tty->disc_data; 2481 2482 poll_wait(file, &tty->read_wait, wait); 2483 poll_wait(file, &tty->write_wait, wait); 2484 if (tty_hung_up_p(file)) 2485 mask |= POLLHUP; 2486 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2487 mask |= POLLOUT | POLLWRNORM; 2488 if (gsm->dead) 2489 mask |= POLLHUP; 2490 return mask; 2491} 2492 2493static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm, 2494 struct gsm_config *c) 2495{ 2496 int need_close = 0; 2497 int need_restart = 0; 2498 2499 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2500 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2501 return -EOPNOTSUPP; 2502 /* Check the MRU/MTU range looks sane */ 2503 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2504 return -EINVAL; 2505 if (c->n2 < 3) 2506 return -EINVAL; 2507 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2508 return -EINVAL; 2509 if (c->initiator > 1) 2510 return -EINVAL; 2511 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2512 return -EINVAL; 2513 /* 2514 * See what is needed for reconfiguration 2515 */ 2516 2517 /* Timing fields */ 2518 if (c->t1 != 0 && c->t1 != gsm->t1) 2519 need_restart = 1; 2520 if (c->t2 != 0 && c->t2 != gsm->t2) 2521 need_restart = 1; 2522 if (c->encapsulation != gsm->encoding) 2523 need_restart = 1; 2524 if (c->adaption != gsm->adaption) 2525 need_restart = 1; 2526 /* Requires care */ 2527 if (c->initiator != gsm->initiator) 2528 need_close = 1; 2529 if (c->mru != gsm->mru) 2530 need_restart = 1; 2531 if (c->mtu != gsm->mtu) 2532 need_restart = 1; 2533 2534 /* 2535 * Close down what is needed, restart and initiate the new 2536 * configuration 2537 */ 2538 2539 if (need_close || need_restart) { 2540 gsm_dlci_begin_close(gsm->dlci[0]); 2541 /* This will timeout if the link is down due to N2 expiring */ 2542 wait_event_interruptible(gsm->event, 2543 gsm->dlci[0]->state == DLCI_CLOSED); 2544 if (signal_pending(current)) 2545 return -EINTR; 2546 } 2547 if (need_restart) 2548 gsm_cleanup_mux(gsm); 2549 2550 gsm->initiator = c->initiator; 2551 gsm->mru = c->mru; 2552 gsm->mtu = c->mtu; 2553 gsm->encoding = c->encapsulation; 2554 gsm->adaption = c->adaption; 2555 gsm->n2 = c->n2; 2556 2557 if (c->i == 1) 2558 gsm->ftype = UIH; 2559 else if (c->i == 2) 2560 gsm->ftype = UI; 2561 2562 if (c->t1) 2563 gsm->t1 = c->t1; 2564 if (c->t2) 2565 gsm->t2 = c->t2; 2566 2567 /* FIXME: We need to separate activation/deactivation from adding 2568 and removing from the mux array */ 2569 if (need_restart) 2570 gsm_activate_mux(gsm); 2571 if (gsm->initiator && need_close) 2572 gsm_dlci_begin_open(gsm->dlci[0]); 2573 return 0; 2574} 2575 2576static int gsmld_ioctl(struct tty_struct *tty, struct file *file, 2577 unsigned int cmd, unsigned long arg) 2578{ 2579 struct gsm_config c; 2580 struct gsm_mux *gsm = tty->disc_data; 2581 2582 switch (cmd) { 2583 case GSMIOC_GETCONF: 2584 memset(&c, 0, sizeof(c)); 2585 c.adaption = gsm->adaption; 2586 c.encapsulation = gsm->encoding; 2587 c.initiator = gsm->initiator; 2588 c.t1 = gsm->t1; 2589 c.t2 = gsm->t2; 2590 c.t3 = 0; /* Not supported */ 2591 c.n2 = gsm->n2; 2592 if (gsm->ftype == UIH) 2593 c.i = 1; 2594 else 2595 c.i = 2; 2596 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i); 2597 c.mru = gsm->mru; 2598 c.mtu = gsm->mtu; 2599 c.k = 0; 2600 if (copy_to_user((void *)arg, &c, sizeof(c))) 2601 return -EFAULT; 2602 return 0; 2603 case GSMIOC_SETCONF: 2604 if (copy_from_user(&c, (void *)arg, sizeof(c))) 2605 return -EFAULT; 2606 return gsmld_config(tty, gsm, &c); 2607 default: 2608 return n_tty_ioctl_helper(tty, file, cmd, arg); 2609 } 2610} 2611 2612/* 2613 * Network interface 2614 * 2615 */ 2616 2617static int gsm_mux_net_open(struct net_device *net) 2618{ 2619 pr_debug("%s called\n", __func__); 2620 netif_start_queue(net); 2621 return 0; 2622} 2623 2624static int gsm_mux_net_close(struct net_device *net) 2625{ 2626 netif_stop_queue(net); 2627 return 0; 2628} 2629 2630static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net) 2631{ 2632 return &((struct gsm_mux_net *)netdev_priv(net))->stats; 2633} 2634static void dlci_net_free(struct gsm_dlci *dlci) 2635{ 2636 if (!dlci->net) { 2637 WARN_ON(1); 2638 return; 2639 } 2640 dlci->adaption = dlci->prev_adaption; 2641 dlci->data = dlci->prev_data; 2642 free_netdev(dlci->net); 2643 dlci->net = NULL; 2644} 2645static void net_free(struct kref *ref) 2646{ 2647 struct gsm_mux_net *mux_net; 2648 struct gsm_dlci *dlci; 2649 2650 mux_net = container_of(ref, struct gsm_mux_net, ref); 2651 dlci = mux_net->dlci; 2652 2653 if (dlci->net) { 2654 unregister_netdev(dlci->net); 2655 dlci_net_free(dlci); 2656 } 2657} 2658 2659static inline void muxnet_get(struct gsm_mux_net *mux_net) 2660{ 2661 kref_get(&mux_net->ref); 2662} 2663 2664static inline void muxnet_put(struct gsm_mux_net *mux_net) 2665{ 2666 kref_put(&mux_net->ref, net_free); 2667} 2668 2669static int gsm_mux_net_start_xmit(struct sk_buff *skb, 2670 struct net_device *net) 2671{ 2672 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2673 struct gsm_dlci *dlci = mux_net->dlci; 2674 muxnet_get(mux_net); 2675 2676 skb_queue_head(&dlci->skb_list, skb); 2677 STATS(net).tx_packets++; 2678 STATS(net).tx_bytes += skb->len; 2679 gsm_dlci_data_kick(dlci); 2680 /* And tell the kernel when the last transmit started. */ 2681 net->trans_start = jiffies; 2682 muxnet_put(mux_net); 2683 return NETDEV_TX_OK; 2684} 2685 2686/* called when a packet did not ack after watchdogtimeout */ 2687static void gsm_mux_net_tx_timeout(struct net_device *net) 2688{ 2689 /* Tell syslog we are hosed. */ 2690 dev_dbg(&net->dev, "Tx timed out.\n"); 2691 2692 /* Update statistics */ 2693 STATS(net).tx_errors++; 2694} 2695 2696static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2697 unsigned char *in_buf, int size) 2698{ 2699 struct net_device *net = dlci->net; 2700 struct sk_buff *skb; 2701 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2702 muxnet_get(mux_net); 2703 2704 /* Allocate an sk_buff */ 2705 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2706 if (!skb) { 2707 /* We got no receive buffer. */ 2708 STATS(net).rx_dropped++; 2709 muxnet_put(mux_net); 2710 return; 2711 } 2712 skb_reserve(skb, NET_IP_ALIGN); 2713 memcpy(skb_put(skb, size), in_buf, size); 2714 2715 skb->dev = net; 2716 skb->protocol = __constant_htons(ETH_P_IP); 2717 2718 /* Ship it off to the kernel */ 2719 netif_rx(skb); 2720 2721 /* update out statistics */ 2722 STATS(net).rx_packets++; 2723 STATS(net).rx_bytes += size; 2724 muxnet_put(mux_net); 2725 return; 2726} 2727 2728static int gsm_change_mtu(struct net_device *net, int new_mtu) 2729{ 2730 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2731 if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu)) 2732 return -EINVAL; 2733 net->mtu = new_mtu; 2734 return 0; 2735} 2736 2737static void gsm_mux_net_init(struct net_device *net) 2738{ 2739 static const struct net_device_ops gsm_netdev_ops = { 2740 .ndo_open = gsm_mux_net_open, 2741 .ndo_stop = gsm_mux_net_close, 2742 .ndo_start_xmit = gsm_mux_net_start_xmit, 2743 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2744 .ndo_get_stats = gsm_mux_net_get_stats, 2745 .ndo_change_mtu = gsm_change_mtu, 2746 }; 2747 2748 net->netdev_ops = &gsm_netdev_ops; 2749 2750 /* fill in the other fields */ 2751 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2752 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2753 net->type = ARPHRD_NONE; 2754 net->tx_queue_len = 10; 2755} 2756 2757 2758/* caller holds the dlci mutex */ 2759static void gsm_destroy_network(struct gsm_dlci *dlci) 2760{ 2761 struct gsm_mux_net *mux_net; 2762 2763 pr_debug("destroy network interface"); 2764 if (!dlci->net) 2765 return; 2766 mux_net = (struct gsm_mux_net *)netdev_priv(dlci->net); 2767 muxnet_put(mux_net); 2768} 2769 2770 2771/* caller holds the dlci mutex */ 2772static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2773{ 2774 char *netname; 2775 int retval = 0; 2776 struct net_device *net; 2777 struct gsm_mux_net *mux_net; 2778 2779 if (!capable(CAP_NET_ADMIN)) 2780 return -EPERM; 2781 2782 /* Already in a non tty mode */ 2783 if (dlci->adaption > 2) 2784 return -EBUSY; 2785 2786 if (nc->protocol != htons(ETH_P_IP)) 2787 return -EPROTONOSUPPORT; 2788 2789 if (nc->adaption != 3 && nc->adaption != 4) 2790 return -EPROTONOSUPPORT; 2791 2792 pr_debug("create network interface"); 2793 2794 netname = "gsm%d"; 2795 if (nc->if_name[0] != '\0') 2796 netname = nc->if_name; 2797 net = alloc_netdev(sizeof(struct gsm_mux_net), netname, 2798 NET_NAME_UNKNOWN, gsm_mux_net_init); 2799 if (!net) { 2800 pr_err("alloc_netdev failed"); 2801 return -ENOMEM; 2802 } 2803 net->mtu = dlci->gsm->mtu; 2804 mux_net = (struct gsm_mux_net *)netdev_priv(net); 2805 mux_net->dlci = dlci; 2806 kref_init(&mux_net->ref); 2807 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2808 2809 /* reconfigure dlci for network */ 2810 dlci->prev_adaption = dlci->adaption; 2811 dlci->prev_data = dlci->data; 2812 dlci->adaption = nc->adaption; 2813 dlci->data = gsm_mux_rx_netchar; 2814 dlci->net = net; 2815 2816 pr_debug("register netdev"); 2817 retval = register_netdev(net); 2818 if (retval) { 2819 pr_err("network register fail %d\n", retval); 2820 dlci_net_free(dlci); 2821 return retval; 2822 } 2823 return net->ifindex; /* return network index */ 2824} 2825 2826/* Line discipline for real tty */ 2827struct tty_ldisc_ops tty_ldisc_packet = { 2828 .owner = THIS_MODULE, 2829 .magic = TTY_LDISC_MAGIC, 2830 .name = "n_gsm", 2831 .open = gsmld_open, 2832 .close = gsmld_close, 2833 .flush_buffer = gsmld_flush_buffer, 2834 .chars_in_buffer = gsmld_chars_in_buffer, 2835 .read = gsmld_read, 2836 .write = gsmld_write, 2837 .ioctl = gsmld_ioctl, 2838 .poll = gsmld_poll, 2839 .receive_buf = gsmld_receive_buf, 2840 .write_wakeup = gsmld_write_wakeup 2841}; 2842 2843/* 2844 * Virtual tty side 2845 */ 2846 2847#define TX_SIZE 512 2848 2849static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk) 2850{ 2851 u8 modembits[5]; 2852 struct gsm_control *ctrl; 2853 int len = 2; 2854 2855 if (brk) 2856 len++; 2857 2858 modembits[0] = len << 1 | EA; /* Data bytes */ 2859 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */ 2860 modembits[2] = gsm_encode_modem(dlci) << 1 | EA; 2861 if (brk) 2862 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */ 2863 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1); 2864 if (ctrl == NULL) 2865 return -ENOMEM; 2866 return gsm_control_wait(dlci->gsm, ctrl); 2867} 2868 2869static int gsm_carrier_raised(struct tty_port *port) 2870{ 2871 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2872 /* Not yet open so no carrier info */ 2873 if (dlci->state != DLCI_OPEN) 2874 return 0; 2875 if (debug & 2) 2876 return 1; 2877 return dlci->modem_rx & TIOCM_CD; 2878} 2879 2880static void gsm_dtr_rts(struct tty_port *port, int onoff) 2881{ 2882 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2883 unsigned int modem_tx = dlci->modem_tx; 2884 if (onoff) 2885 modem_tx |= TIOCM_DTR | TIOCM_RTS; 2886 else 2887 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 2888 if (modem_tx != dlci->modem_tx) { 2889 dlci->modem_tx = modem_tx; 2890 gsmtty_modem_update(dlci, 0); 2891 } 2892} 2893 2894static const struct tty_port_operations gsm_port_ops = { 2895 .carrier_raised = gsm_carrier_raised, 2896 .dtr_rts = gsm_dtr_rts, 2897 .destruct = gsm_dlci_free, 2898}; 2899 2900static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 2901{ 2902 struct gsm_mux *gsm; 2903 struct gsm_dlci *dlci; 2904 unsigned int line = tty->index; 2905 unsigned int mux = line >> 6; 2906 bool alloc = false; 2907 int ret; 2908 2909 line = line & 0x3F; 2910 2911 if (mux >= MAX_MUX) 2912 return -ENXIO; 2913 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 2914 if (gsm_mux[mux] == NULL) 2915 return -EUNATCH; 2916 if (line == 0 || line > 61) /* 62/63 reserved */ 2917 return -ECHRNG; 2918 gsm = gsm_mux[mux]; 2919 if (gsm->dead) 2920 return -EL2HLT; 2921 /* If DLCI 0 is not yet fully open return an error. 2922 This is ok from a locking 2923 perspective as we don't have to worry about this 2924 if DLCI0 is lost */ 2925 mutex_lock(&gsm->mutex); 2926 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) { 2927 mutex_unlock(&gsm->mutex); 2928 return -EL2NSYNC; 2929 } 2930 dlci = gsm->dlci[line]; 2931 if (dlci == NULL) { 2932 alloc = true; 2933 dlci = gsm_dlci_alloc(gsm, line); 2934 } 2935 if (dlci == NULL) { 2936 mutex_unlock(&gsm->mutex); 2937 return -ENOMEM; 2938 } 2939 ret = tty_port_install(&dlci->port, driver, tty); 2940 if (ret) { 2941 if (alloc) 2942 dlci_put(dlci); 2943 mutex_unlock(&gsm->mutex); 2944 return ret; 2945 } 2946 2947 dlci_get(dlci); 2948 dlci_get(gsm->dlci[0]); 2949 mux_get(gsm); 2950 tty->driver_data = dlci; 2951 mutex_unlock(&gsm->mutex); 2952 2953 return 0; 2954} 2955 2956static int gsmtty_open(struct tty_struct *tty, struct file *filp) 2957{ 2958 struct gsm_dlci *dlci = tty->driver_data; 2959 struct tty_port *port = &dlci->port; 2960 2961 port->count++; 2962 tty_port_tty_set(port, tty); 2963 2964 dlci->modem_rx = 0; 2965 /* We could in theory open and close before we wait - eg if we get 2966 a DM straight back. This is ok as that will have caused a hangup */ 2967 set_bit(ASYNCB_INITIALIZED, &port->flags); 2968 /* Start sending off SABM messages */ 2969 gsm_dlci_begin_open(dlci); 2970 /* And wait for virtual carrier */ 2971 return tty_port_block_til_ready(port, tty, filp); 2972} 2973 2974static void gsmtty_close(struct tty_struct *tty, struct file *filp) 2975{ 2976 struct gsm_dlci *dlci = tty->driver_data; 2977 struct gsm_mux *gsm; 2978 2979 if (dlci == NULL) 2980 return; 2981 if (dlci->state == DLCI_CLOSED) 2982 return; 2983 mutex_lock(&dlci->mutex); 2984 gsm_destroy_network(dlci); 2985 mutex_unlock(&dlci->mutex); 2986 gsm = dlci->gsm; 2987 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 2988 return; 2989 gsm_dlci_begin_close(dlci); 2990 if (test_bit(ASYNCB_INITIALIZED, &dlci->port.flags)) { 2991 if (C_HUPCL(tty)) 2992 tty_port_lower_dtr_rts(&dlci->port); 2993 } 2994 tty_port_close_end(&dlci->port, tty); 2995 tty_port_tty_set(&dlci->port, NULL); 2996 return; 2997} 2998 2999static void gsmtty_hangup(struct tty_struct *tty) 3000{ 3001 struct gsm_dlci *dlci = tty->driver_data; 3002 if (dlci->state == DLCI_CLOSED) 3003 return; 3004 tty_port_hangup(&dlci->port); 3005 gsm_dlci_begin_close(dlci); 3006} 3007 3008static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 3009 int len) 3010{ 3011 int sent; 3012 struct gsm_dlci *dlci = tty->driver_data; 3013 if (dlci->state == DLCI_CLOSED) 3014 return -EINVAL; 3015 /* Stuff the bytes into the fifo queue */ 3016 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock); 3017 /* Need to kick the channel */ 3018 gsm_dlci_data_kick(dlci); 3019 return sent; 3020} 3021 3022static int gsmtty_write_room(struct tty_struct *tty) 3023{ 3024 struct gsm_dlci *dlci = tty->driver_data; 3025 if (dlci->state == DLCI_CLOSED) 3026 return -EINVAL; 3027 return TX_SIZE - kfifo_len(dlci->fifo); 3028} 3029 3030static int gsmtty_chars_in_buffer(struct tty_struct *tty) 3031{ 3032 struct gsm_dlci *dlci = tty->driver_data; 3033 if (dlci->state == DLCI_CLOSED) 3034 return -EINVAL; 3035 return kfifo_len(dlci->fifo); 3036} 3037 3038static void gsmtty_flush_buffer(struct tty_struct *tty) 3039{ 3040 struct gsm_dlci *dlci = tty->driver_data; 3041 if (dlci->state == DLCI_CLOSED) 3042 return; 3043 /* Caution needed: If we implement reliable transport classes 3044 then the data being transmitted can't simply be junked once 3045 it has first hit the stack. Until then we can just blow it 3046 away */ 3047 kfifo_reset(dlci->fifo); 3048 /* Need to unhook this DLCI from the transmit queue logic */ 3049} 3050 3051static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3052{ 3053 /* The FIFO handles the queue so the kernel will do the right 3054 thing waiting on chars_in_buffer before calling us. No work 3055 to do here */ 3056} 3057 3058static int gsmtty_tiocmget(struct tty_struct *tty) 3059{ 3060 struct gsm_dlci *dlci = tty->driver_data; 3061 if (dlci->state == DLCI_CLOSED) 3062 return -EINVAL; 3063 return dlci->modem_rx; 3064} 3065 3066static int gsmtty_tiocmset(struct tty_struct *tty, 3067 unsigned int set, unsigned int clear) 3068{ 3069 struct gsm_dlci *dlci = tty->driver_data; 3070 unsigned int modem_tx = dlci->modem_tx; 3071 3072 if (dlci->state == DLCI_CLOSED) 3073 return -EINVAL; 3074 modem_tx &= ~clear; 3075 modem_tx |= set; 3076 3077 if (modem_tx != dlci->modem_tx) { 3078 dlci->modem_tx = modem_tx; 3079 return gsmtty_modem_update(dlci, 0); 3080 } 3081 return 0; 3082} 3083 3084 3085static int gsmtty_ioctl(struct tty_struct *tty, 3086 unsigned int cmd, unsigned long arg) 3087{ 3088 struct gsm_dlci *dlci = tty->driver_data; 3089 struct gsm_netconfig nc; 3090 int index; 3091 3092 if (dlci->state == DLCI_CLOSED) 3093 return -EINVAL; 3094 switch (cmd) { 3095 case GSMIOC_ENABLE_NET: 3096 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3097 return -EFAULT; 3098 nc.if_name[IFNAMSIZ-1] = '\0'; 3099 /* return net interface index or error code */ 3100 mutex_lock(&dlci->mutex); 3101 index = gsm_create_network(dlci, &nc); 3102 mutex_unlock(&dlci->mutex); 3103 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3104 return -EFAULT; 3105 return index; 3106 case GSMIOC_DISABLE_NET: 3107 if (!capable(CAP_NET_ADMIN)) 3108 return -EPERM; 3109 mutex_lock(&dlci->mutex); 3110 gsm_destroy_network(dlci); 3111 mutex_unlock(&dlci->mutex); 3112 return 0; 3113 default: 3114 return -ENOIOCTLCMD; 3115 } 3116} 3117 3118static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3119{ 3120 struct gsm_dlci *dlci = tty->driver_data; 3121 if (dlci->state == DLCI_CLOSED) 3122 return; 3123 /* For the moment its fixed. In actual fact the speed information 3124 for the virtual channel can be propogated in both directions by 3125 the RPN control message. This however rapidly gets nasty as we 3126 then have to remap modem signals each way according to whether 3127 our virtual cable is null modem etc .. */ 3128 tty_termios_copy_hw(&tty->termios, old); 3129} 3130 3131static void gsmtty_throttle(struct tty_struct *tty) 3132{ 3133 struct gsm_dlci *dlci = tty->driver_data; 3134 if (dlci->state == DLCI_CLOSED) 3135 return; 3136 if (tty->termios.c_cflag & CRTSCTS) 3137 dlci->modem_tx &= ~TIOCM_DTR; 3138 dlci->throttled = 1; 3139 /* Send an MSC with DTR cleared */ 3140 gsmtty_modem_update(dlci, 0); 3141} 3142 3143static void gsmtty_unthrottle(struct tty_struct *tty) 3144{ 3145 struct gsm_dlci *dlci = tty->driver_data; 3146 if (dlci->state == DLCI_CLOSED) 3147 return; 3148 if (tty->termios.c_cflag & CRTSCTS) 3149 dlci->modem_tx |= TIOCM_DTR; 3150 dlci->throttled = 0; 3151 /* Send an MSC with DTR set */ 3152 gsmtty_modem_update(dlci, 0); 3153} 3154 3155static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3156{ 3157 struct gsm_dlci *dlci = tty->driver_data; 3158 int encode = 0; /* Off */ 3159 if (dlci->state == DLCI_CLOSED) 3160 return -EINVAL; 3161 3162 if (state == -1) /* "On indefinitely" - we can't encode this 3163 properly */ 3164 encode = 0x0F; 3165 else if (state > 0) { 3166 encode = state / 200; /* mS to encoding */ 3167 if (encode > 0x0F) 3168 encode = 0x0F; /* Best effort */ 3169 } 3170 return gsmtty_modem_update(dlci, encode); 3171} 3172 3173static void gsmtty_remove(struct tty_driver *driver, struct tty_struct *tty) 3174{ 3175 struct gsm_dlci *dlci = tty->driver_data; 3176 struct gsm_mux *gsm = dlci->gsm; 3177 3178 dlci_put(dlci); 3179 dlci_put(gsm->dlci[0]); 3180 mux_put(gsm); 3181 driver->ttys[tty->index] = NULL; 3182} 3183 3184/* Virtual ttys for the demux */ 3185static const struct tty_operations gsmtty_ops = { 3186 .install = gsmtty_install, 3187 .open = gsmtty_open, 3188 .close = gsmtty_close, 3189 .write = gsmtty_write, 3190 .write_room = gsmtty_write_room, 3191 .chars_in_buffer = gsmtty_chars_in_buffer, 3192 .flush_buffer = gsmtty_flush_buffer, 3193 .ioctl = gsmtty_ioctl, 3194 .throttle = gsmtty_throttle, 3195 .unthrottle = gsmtty_unthrottle, 3196 .set_termios = gsmtty_set_termios, 3197 .hangup = gsmtty_hangup, 3198 .wait_until_sent = gsmtty_wait_until_sent, 3199 .tiocmget = gsmtty_tiocmget, 3200 .tiocmset = gsmtty_tiocmset, 3201 .break_ctl = gsmtty_break_ctl, 3202 .remove = gsmtty_remove, 3203}; 3204 3205 3206 3207static int __init gsm_init(void) 3208{ 3209 /* Fill in our line protocol discipline, and register it */ 3210 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet); 3211 if (status != 0) { 3212 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3213 status); 3214 return status; 3215 } 3216 3217 gsm_tty_driver = alloc_tty_driver(256); 3218 if (!gsm_tty_driver) { 3219 tty_unregister_ldisc(N_GSM0710); 3220 pr_err("gsm_init: tty allocation failed.\n"); 3221 return -EINVAL; 3222 } 3223 gsm_tty_driver->driver_name = "gsmtty"; 3224 gsm_tty_driver->name = "gsmtty"; 3225 gsm_tty_driver->major = 0; /* Dynamic */ 3226 gsm_tty_driver->minor_start = 0; 3227 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3228 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3229 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV 3230 | TTY_DRIVER_HARDWARE_BREAK; 3231 gsm_tty_driver->init_termios = tty_std_termios; 3232 /* Fixme */ 3233 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3234 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3235 3236 spin_lock_init(&gsm_mux_lock); 3237 3238 if (tty_register_driver(gsm_tty_driver)) { 3239 put_tty_driver(gsm_tty_driver); 3240 tty_unregister_ldisc(N_GSM0710); 3241 pr_err("gsm_init: tty registration failed.\n"); 3242 return -EBUSY; 3243 } 3244 pr_debug("gsm_init: loaded as %d,%d.\n", 3245 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3246 return 0; 3247} 3248 3249static void __exit gsm_exit(void) 3250{ 3251 int status = tty_unregister_ldisc(N_GSM0710); 3252 if (status != 0) 3253 pr_err("n_gsm: can't unregister line discipline (err = %d)\n", 3254 status); 3255 tty_unregister_driver(gsm_tty_driver); 3256 put_tty_driver(gsm_tty_driver); 3257} 3258 3259module_init(gsm_init); 3260module_exit(gsm_exit); 3261 3262 3263MODULE_LICENSE("GPL"); 3264MODULE_ALIAS_LDISC(N_GSM0710); 3265