1/* 2 * n_gsm.c GSM 0710 tty multiplexor 3 * Copyright (c) 2009/10 Intel Corporation 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 * 18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 19 * 20 * TO DO: 21 * Mostly done: ioctls for setting modes/timing 22 * Partly done: hooks so you can pull off frames to non tty devs 23 * Restart DLCI 0 when it closes ? 24 * Improve the tx engine 25 * Resolve tx side locking by adding a queue_head and routing 26 * all control traffic via it 27 * General tidy/document 28 * Review the locking/move to refcounts more (mux now moved to an 29 * alloc/free model ready) 30 * Use newest tty open/close port helpers and install hooks 31 * What to do about power functions ? 32 * Termios setting and negotiation 33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 34 * 35 */ 36 37#include <linux/types.h> 38#include <linux/major.h> 39#include <linux/errno.h> 40#include <linux/signal.h> 41#include <linux/fcntl.h> 42#include <linux/sched.h> 43#include <linux/interrupt.h> 44#include <linux/tty.h> 45#include <linux/ctype.h> 46#include <linux/mm.h> 47#include <linux/string.h> 48#include <linux/slab.h> 49#include <linux/poll.h> 50#include <linux/bitops.h> 51#include <linux/file.h> 52#include <linux/uaccess.h> 53#include <linux/module.h> 54#include <linux/timer.h> 55#include <linux/tty_flip.h> 56#include <linux/tty_driver.h> 57#include <linux/serial.h> 58#include <linux/kfifo.h> 59#include <linux/skbuff.h> 60#include <net/arp.h> 61#include <linux/ip.h> 62#include <linux/netdevice.h> 63#include <linux/etherdevice.h> 64#include <linux/gsmmux.h> 65 66static int debug; 67module_param(debug, int, 0600); 68 69/* Defaults: these are from the specification */ 70 71#define T1 10 /* 100mS */ 72#define T2 34 /* 333mS */ 73#define N2 3 /* Retry 3 times */ 74 75/* Use long timers for testing at low speed with debug on */ 76#ifdef DEBUG_TIMING 77#define T1 100 78#define T2 200 79#endif 80 81/* 82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 83 * limits so this is plenty 84 */ 85#define MAX_MRU 1500 86#define MAX_MTU 1500 87#define GSM_NET_TX_TIMEOUT (HZ*10) 88 89/** 90 * struct gsm_mux_net - network interface 91 * @struct gsm_dlci* dlci 92 * @struct net_device_stats stats; 93 * 94 * Created when net interface is initialized. 95 **/ 96struct gsm_mux_net { 97 struct kref ref; 98 struct gsm_dlci *dlci; 99 struct net_device_stats stats; 100}; 101 102#define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats) 103 104/* 105 * Each block of data we have queued to go out is in the form of 106 * a gsm_msg which holds everything we need in a link layer independent 107 * format 108 */ 109 110struct gsm_msg { 111 struct list_head list; 112 u8 addr; /* DLCI address + flags */ 113 u8 ctrl; /* Control byte + flags */ 114 unsigned int len; /* Length of data block (can be zero) */ 115 unsigned char *data; /* Points into buffer but not at the start */ 116 unsigned char buffer[0]; 117}; 118 119/* 120 * Each active data link has a gsm_dlci structure associated which ties 121 * the link layer to an optional tty (if the tty side is open). To avoid 122 * complexity right now these are only ever freed up when the mux is 123 * shut down. 124 * 125 * At the moment we don't free DLCI objects until the mux is torn down 126 * this avoid object life time issues but might be worth review later. 127 */ 128 129struct gsm_dlci { 130 struct gsm_mux *gsm; 131 int addr; 132 int state; 133#define DLCI_CLOSED 0 134#define DLCI_OPENING 1 /* Sending SABM not seen UA */ 135#define DLCI_OPEN 2 /* SABM/UA complete */ 136#define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */ 137 struct mutex mutex; 138 139 /* Link layer */ 140 spinlock_t lock; /* Protects the internal state */ 141 struct timer_list t1; /* Retransmit timer for SABM and UA */ 142 int retries; 143 /* Uplink tty if active */ 144 struct tty_port port; /* The tty bound to this DLCI if there is one */ 145 struct kfifo *fifo; /* Queue fifo for the DLCI */ 146 struct kfifo _fifo; /* For new fifo API porting only */ 147 int adaption; /* Adaption layer in use */ 148 int prev_adaption; 149 u32 modem_rx; /* Our incoming virtual modem lines */ 150 u32 modem_tx; /* Our outgoing modem lines */ 151 int dead; /* Refuse re-open */ 152 /* Flow control */ 153 int throttled; /* Private copy of throttle state */ 154 int constipated; /* Throttle status for outgoing */ 155 /* Packetised I/O */ 156 struct sk_buff *skb; /* Frame being sent */ 157 struct sk_buff_head skb_list; /* Queued frames */ 158 /* Data handling callback */ 159 void (*data)(struct gsm_dlci *dlci, u8 *data, int len); 160 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len); 161 struct net_device *net; /* network interface, if created */ 162}; 163 164/* DLCI 0, 62/63 are special or reseved see gsmtty_open */ 165 166#define NUM_DLCI 64 167 168/* 169 * DLCI 0 is used to pass control blocks out of band of the data 170 * flow (and with a higher link priority). One command can be outstanding 171 * at a time and we use this structure to manage them. They are created 172 * and destroyed by the user context, and updated by the receive paths 173 * and timers 174 */ 175 176struct gsm_control { 177 u8 cmd; /* Command we are issuing */ 178 u8 *data; /* Data for the command in case we retransmit */ 179 int len; /* Length of block for retransmission */ 180 int done; /* Done flag */ 181 int error; /* Error if any */ 182}; 183 184/* 185 * Each GSM mux we have is represented by this structure. If we are 186 * operating as an ldisc then we use this structure as our ldisc 187 * state. We need to sort out lifetimes and locking with respect 188 * to the gsm mux array. For now we don't free DLCI objects that 189 * have been instantiated until the mux itself is terminated. 190 * 191 * To consider further: tty open versus mux shutdown. 192 */ 193 194struct gsm_mux { 195 struct tty_struct *tty; /* The tty our ldisc is bound to */ 196 spinlock_t lock; 197 struct mutex mutex; 198 unsigned int num; 199 struct kref ref; 200 201 /* Events on the GSM channel */ 202 wait_queue_head_t event; 203 204 /* Bits for GSM mode decoding */ 205 206 /* Framing Layer */ 207 unsigned char *buf; 208 int state; 209#define GSM_SEARCH 0 210#define GSM_START 1 211#define GSM_ADDRESS 2 212#define GSM_CONTROL 3 213#define GSM_LEN 4 214#define GSM_DATA 5 215#define GSM_FCS 6 216#define GSM_OVERRUN 7 217#define GSM_LEN0 8 218#define GSM_LEN1 9 219#define GSM_SSOF 10 220 unsigned int len; 221 unsigned int address; 222 unsigned int count; 223 int escape; 224 int encoding; 225 u8 control; 226 u8 fcs; 227 u8 received_fcs; 228 u8 *txframe; /* TX framing buffer */ 229 230 /* Methods for the receiver side */ 231 void (*receive)(struct gsm_mux *gsm, u8 ch); 232 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag); 233 /* And transmit side */ 234 int (*output)(struct gsm_mux *mux, u8 *data, int len); 235 236 /* Link Layer */ 237 unsigned int mru; 238 unsigned int mtu; 239 int initiator; /* Did we initiate connection */ 240 int dead; /* Has the mux been shut down */ 241 struct gsm_dlci *dlci[NUM_DLCI]; 242 int constipated; /* Asked by remote to shut up */ 243 244 spinlock_t tx_lock; 245 unsigned int tx_bytes; /* TX data outstanding */ 246#define TX_THRESH_HI 8192 247#define TX_THRESH_LO 2048 248 struct list_head tx_list; /* Pending data packets */ 249 250 /* Control messages */ 251 struct timer_list t2_timer; /* Retransmit timer for commands */ 252 int cretries; /* Command retry counter */ 253 struct gsm_control *pending_cmd;/* Our current pending command */ 254 spinlock_t control_lock; /* Protects the pending command */ 255 256 /* Configuration */ 257 int adaption; /* 1 or 2 supported */ 258 u8 ftype; /* UI or UIH */ 259 int t1, t2; /* Timers in 1/100th of a sec */ 260 int n2; /* Retry count */ 261 262 /* Statistics (not currently exposed) */ 263 unsigned long bad_fcs; 264 unsigned long malformed; 265 unsigned long io_error; 266 unsigned long bad_size; 267 unsigned long unsupported; 268}; 269 270 271/* 272 * Mux objects - needed so that we can translate a tty index into the 273 * relevant mux and DLCI. 274 */ 275 276#define MAX_MUX 4 /* 256 minors */ 277static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 278static spinlock_t gsm_mux_lock; 279 280static struct tty_driver *gsm_tty_driver; 281 282/* 283 * This section of the driver logic implements the GSM encodings 284 * both the basic and the 'advanced'. Reliable transport is not 285 * supported. 286 */ 287 288#define CR 0x02 289#define EA 0x01 290#define PF 0x10 291 292/* I is special: the rest are ..*/ 293#define RR 0x01 294#define UI 0x03 295#define RNR 0x05 296#define REJ 0x09 297#define DM 0x0F 298#define SABM 0x2F 299#define DISC 0x43 300#define UA 0x63 301#define UIH 0xEF 302 303/* Channel commands */ 304#define CMD_NSC 0x09 305#define CMD_TEST 0x11 306#define CMD_PSC 0x21 307#define CMD_RLS 0x29 308#define CMD_FCOFF 0x31 309#define CMD_PN 0x41 310#define CMD_RPN 0x49 311#define CMD_FCON 0x51 312#define CMD_CLD 0x61 313#define CMD_SNC 0x69 314#define CMD_MSC 0x71 315 316/* Virtual modem bits */ 317#define MDM_FC 0x01 318#define MDM_RTC 0x02 319#define MDM_RTR 0x04 320#define MDM_IC 0x20 321#define MDM_DV 0x40 322 323#define GSM0_SOF 0xF9 324#define GSM1_SOF 0x7E 325#define GSM1_ESCAPE 0x7D 326#define GSM1_ESCAPE_BITS 0x20 327#define XON 0x11 328#define XOFF 0x13 329 330static const struct tty_port_operations gsm_port_ops; 331 332/* 333 * CRC table for GSM 0710 334 */ 335 336static const u8 gsm_fcs8[256] = { 337 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 338 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 339 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 340 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 341 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 342 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 343 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 344 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 345 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 346 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 347 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 348 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 349 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 350 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 351 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 352 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 353 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 354 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 355 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 356 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 357 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 358 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 359 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 360 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 361 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 362 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 363 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 364 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 365 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 366 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 367 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 368 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 369}; 370 371#define INIT_FCS 0xFF 372#define GOOD_FCS 0xCF 373 374/** 375 * gsm_fcs_add - update FCS 376 * @fcs: Current FCS 377 * @c: Next data 378 * 379 * Update the FCS to include c. Uses the algorithm in the specification 380 * notes. 381 */ 382 383static inline u8 gsm_fcs_add(u8 fcs, u8 c) 384{ 385 return gsm_fcs8[fcs ^ c]; 386} 387 388/** 389 * gsm_fcs_add_block - update FCS for a block 390 * @fcs: Current FCS 391 * @c: buffer of data 392 * @len: length of buffer 393 * 394 * Update the FCS to include c. Uses the algorithm in the specification 395 * notes. 396 */ 397 398static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 399{ 400 while (len--) 401 fcs = gsm_fcs8[fcs ^ *c++]; 402 return fcs; 403} 404 405/** 406 * gsm_read_ea - read a byte into an EA 407 * @val: variable holding value 408 * c: byte going into the EA 409 * 410 * Processes one byte of an EA. Updates the passed variable 411 * and returns 1 if the EA is now completely read 412 */ 413 414static int gsm_read_ea(unsigned int *val, u8 c) 415{ 416 /* Add the next 7 bits into the value */ 417 *val <<= 7; 418 *val |= c >> 1; 419 /* Was this the last byte of the EA 1 = yes*/ 420 return c & EA; 421} 422 423/** 424 * gsm_encode_modem - encode modem data bits 425 * @dlci: DLCI to encode from 426 * 427 * Returns the correct GSM encoded modem status bits (6 bit field) for 428 * the current status of the DLCI and attached tty object 429 */ 430 431static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 432{ 433 u8 modembits = 0; 434 /* FC is true flow control not modem bits */ 435 if (dlci->throttled) 436 modembits |= MDM_FC; 437 if (dlci->modem_tx & TIOCM_DTR) 438 modembits |= MDM_RTC; 439 if (dlci->modem_tx & TIOCM_RTS) 440 modembits |= MDM_RTR; 441 if (dlci->modem_tx & TIOCM_RI) 442 modembits |= MDM_IC; 443 if (dlci->modem_tx & TIOCM_CD) 444 modembits |= MDM_DV; 445 return modembits; 446} 447 448/** 449 * gsm_print_packet - display a frame for debug 450 * @hdr: header to print before decode 451 * @addr: address EA from the frame 452 * @cr: C/R bit from the frame 453 * @control: control including PF bit 454 * @data: following data bytes 455 * @dlen: length of data 456 * 457 * Displays a packet in human readable format for debugging purposes. The 458 * style is based on amateur radio LAP-B dump display. 459 */ 460 461static void gsm_print_packet(const char *hdr, int addr, int cr, 462 u8 control, const u8 *data, int dlen) 463{ 464 if (!(debug & 1)) 465 return; 466 467 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 468 469 switch (control & ~PF) { 470 case SABM: 471 pr_cont("SABM"); 472 break; 473 case UA: 474 pr_cont("UA"); 475 break; 476 case DISC: 477 pr_cont("DISC"); 478 break; 479 case DM: 480 pr_cont("DM"); 481 break; 482 case UI: 483 pr_cont("UI"); 484 break; 485 case UIH: 486 pr_cont("UIH"); 487 break; 488 default: 489 if (!(control & 0x01)) { 490 pr_cont("I N(S)%d N(R)%d", 491 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 492 } else switch (control & 0x0F) { 493 case RR: 494 pr_cont("RR(%d)", (control & 0xE0) >> 5); 495 break; 496 case RNR: 497 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 498 break; 499 case REJ: 500 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 501 break; 502 default: 503 pr_cont("[%02X]", control); 504 } 505 } 506 507 if (control & PF) 508 pr_cont("(P)"); 509 else 510 pr_cont("(F)"); 511 512 if (dlen) { 513 int ct = 0; 514 while (dlen--) { 515 if (ct % 8 == 0) { 516 pr_cont("\n"); 517 pr_debug(" "); 518 } 519 pr_cont("%02X ", *data++); 520 ct++; 521 } 522 } 523 pr_cont("\n"); 524} 525 526 527/* 528 * Link level transmission side 529 */ 530 531/** 532 * gsm_stuff_packet - bytestuff a packet 533 * @ibuf: input 534 * @obuf: output 535 * @len: length of input 536 * 537 * Expand a buffer by bytestuffing it. The worst case size change 538 * is doubling and the caller is responsible for handing out 539 * suitable sized buffers. 540 */ 541 542static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 543{ 544 int olen = 0; 545 while (len--) { 546 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 547 || *input == XON || *input == XOFF) { 548 *output++ = GSM1_ESCAPE; 549 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 550 olen++; 551 } else 552 *output++ = *input++; 553 olen++; 554 } 555 return olen; 556} 557 558/** 559 * gsm_send - send a control frame 560 * @gsm: our GSM mux 561 * @addr: address for control frame 562 * @cr: command/response bit 563 * @control: control byte including PF bit 564 * 565 * Format up and transmit a control frame. These do not go via the 566 * queueing logic as they should be transmitted ahead of data when 567 * they are needed. 568 * 569 * FIXME: Lock versus data TX path 570 */ 571 572static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 573{ 574 int len; 575 u8 cbuf[10]; 576 u8 ibuf[3]; 577 578 switch (gsm->encoding) { 579 case 0: 580 cbuf[0] = GSM0_SOF; 581 cbuf[1] = (addr << 2) | (cr << 1) | EA; 582 cbuf[2] = control; 583 cbuf[3] = EA; /* Length of data = 0 */ 584 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 585 cbuf[5] = GSM0_SOF; 586 len = 6; 587 break; 588 case 1: 589 case 2: 590 /* Control frame + packing (but not frame stuffing) in mode 1 */ 591 ibuf[0] = (addr << 2) | (cr << 1) | EA; 592 ibuf[1] = control; 593 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 594 /* Stuffing may double the size worst case */ 595 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 596 /* Now add the SOF markers */ 597 cbuf[0] = GSM1_SOF; 598 cbuf[len + 1] = GSM1_SOF; 599 /* FIXME: we can omit the lead one in many cases */ 600 len += 2; 601 break; 602 default: 603 WARN_ON(1); 604 return; 605 } 606 gsm->output(gsm, cbuf, len); 607 gsm_print_packet("-->", addr, cr, control, NULL, 0); 608} 609 610/** 611 * gsm_response - send a control response 612 * @gsm: our GSM mux 613 * @addr: address for control frame 614 * @control: control byte including PF bit 615 * 616 * Format up and transmit a link level response frame. 617 */ 618 619static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 620{ 621 gsm_send(gsm, addr, 0, control); 622} 623 624/** 625 * gsm_command - send a control command 626 * @gsm: our GSM mux 627 * @addr: address for control frame 628 * @control: control byte including PF bit 629 * 630 * Format up and transmit a link level command frame. 631 */ 632 633static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 634{ 635 gsm_send(gsm, addr, 1, control); 636} 637 638/* Data transmission */ 639 640#define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 641 642/** 643 * gsm_data_alloc - allocate data frame 644 * @gsm: GSM mux 645 * @addr: DLCI address 646 * @len: length excluding header and FCS 647 * @ctrl: control byte 648 * 649 * Allocate a new data buffer for sending frames with data. Space is left 650 * at the front for header bytes but that is treated as an implementation 651 * detail and not for the high level code to use 652 */ 653 654static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 655 u8 ctrl) 656{ 657 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 658 GFP_ATOMIC); 659 if (m == NULL) 660 return NULL; 661 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 662 m->len = len; 663 m->addr = addr; 664 m->ctrl = ctrl; 665 INIT_LIST_HEAD(&m->list); 666 return m; 667} 668 669/** 670 * gsm_data_kick - poke the queue 671 * @gsm: GSM Mux 672 * 673 * The tty device has called us to indicate that room has appeared in 674 * the transmit queue. Ram more data into the pipe if we have any 675 * If we have been flow-stopped by a CMD_FCOFF, then we can only 676 * send messages on DLCI0 until CMD_FCON 677 * 678 * FIXME: lock against link layer control transmissions 679 */ 680 681static void gsm_data_kick(struct gsm_mux *gsm) 682{ 683 struct gsm_msg *msg, *nmsg; 684 int len; 685 int skip_sof = 0; 686 687 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 688 if (gsm->constipated && msg->addr) 689 continue; 690 if (gsm->encoding != 0) { 691 gsm->txframe[0] = GSM1_SOF; 692 len = gsm_stuff_frame(msg->data, 693 gsm->txframe + 1, msg->len); 694 gsm->txframe[len + 1] = GSM1_SOF; 695 len += 2; 696 } else { 697 gsm->txframe[0] = GSM0_SOF; 698 memcpy(gsm->txframe + 1 , msg->data, msg->len); 699 gsm->txframe[msg->len + 1] = GSM0_SOF; 700 len = msg->len + 2; 701 } 702 703 if (debug & 4) 704 print_hex_dump_bytes("gsm_data_kick: ", 705 DUMP_PREFIX_OFFSET, 706 gsm->txframe, len); 707 708 if (gsm->output(gsm, gsm->txframe + skip_sof, 709 len - skip_sof) < 0) 710 break; 711 /* FIXME: Can eliminate one SOF in many more cases */ 712 gsm->tx_bytes -= msg->len; 713 /* For a burst of frames skip the extra SOF within the 714 burst */ 715 skip_sof = 1; 716 717 list_del(&msg->list); 718 kfree(msg); 719 } 720} 721 722/** 723 * __gsm_data_queue - queue a UI or UIH frame 724 * @dlci: DLCI sending the data 725 * @msg: message queued 726 * 727 * Add data to the transmit queue and try and get stuff moving 728 * out of the mux tty if not already doing so. The Caller must hold 729 * the gsm tx lock. 730 */ 731 732static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 733{ 734 struct gsm_mux *gsm = dlci->gsm; 735 u8 *dp = msg->data; 736 u8 *fcs = dp + msg->len; 737 738 /* Fill in the header */ 739 if (gsm->encoding == 0) { 740 if (msg->len < 128) 741 *--dp = (msg->len << 1) | EA; 742 else { 743 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 744 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 745 } 746 } 747 748 *--dp = msg->ctrl; 749 if (gsm->initiator) 750 *--dp = (msg->addr << 2) | 2 | EA; 751 else 752 *--dp = (msg->addr << 2) | EA; 753 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 754 /* Ugly protocol layering violation */ 755 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 756 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 757 *fcs = 0xFF - *fcs; 758 759 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 760 msg->data, msg->len); 761 762 /* Move the header back and adjust the length, also allow for the FCS 763 now tacked on the end */ 764 msg->len += (msg->data - dp) + 1; 765 msg->data = dp; 766 767 /* Add to the actual output queue */ 768 list_add_tail(&msg->list, &gsm->tx_list); 769 gsm->tx_bytes += msg->len; 770 gsm_data_kick(gsm); 771} 772 773/** 774 * gsm_data_queue - queue a UI or UIH frame 775 * @dlci: DLCI sending the data 776 * @msg: message queued 777 * 778 * Add data to the transmit queue and try and get stuff moving 779 * out of the mux tty if not already doing so. Take the 780 * the gsm tx lock and dlci lock. 781 */ 782 783static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 784{ 785 unsigned long flags; 786 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 787 __gsm_data_queue(dlci, msg); 788 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 789} 790 791/** 792 * gsm_dlci_data_output - try and push data out of a DLCI 793 * @gsm: mux 794 * @dlci: the DLCI to pull data from 795 * 796 * Pull data from a DLCI and send it into the transmit queue if there 797 * is data. Keep to the MRU of the mux. This path handles the usual tty 798 * interface which is a byte stream with optional modem data. 799 * 800 * Caller must hold the tx_lock of the mux. 801 */ 802 803static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 804{ 805 struct gsm_msg *msg; 806 u8 *dp; 807 int len, total_size, size; 808 int h = dlci->adaption - 1; 809 810 total_size = 0; 811 while (1) { 812 len = kfifo_len(dlci->fifo); 813 if (len == 0) 814 return total_size; 815 816 /* MTU/MRU count only the data bits */ 817 if (len > gsm->mtu) 818 len = gsm->mtu; 819 820 size = len + h; 821 822 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 823 /* FIXME: need a timer or something to kick this so it can't 824 get stuck with no work outstanding and no buffer free */ 825 if (msg == NULL) 826 return -ENOMEM; 827 dp = msg->data; 828 switch (dlci->adaption) { 829 case 1: /* Unstructured */ 830 break; 831 case 2: /* Unstructed with modem bits. 832 Always one byte as we never send inline break data */ 833 *dp++ = gsm_encode_modem(dlci); 834 break; 835 } 836 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len); 837 __gsm_data_queue(dlci, msg); 838 total_size += size; 839 } 840 /* Bytes of data we used up */ 841 return total_size; 842} 843 844/** 845 * gsm_dlci_data_output_framed - try and push data out of a DLCI 846 * @gsm: mux 847 * @dlci: the DLCI to pull data from 848 * 849 * Pull data from a DLCI and send it into the transmit queue if there 850 * is data. Keep to the MRU of the mux. This path handles framed data 851 * queued as skbuffs to the DLCI. 852 * 853 * Caller must hold the tx_lock of the mux. 854 */ 855 856static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 857 struct gsm_dlci *dlci) 858{ 859 struct gsm_msg *msg; 860 u8 *dp; 861 int len, size; 862 int last = 0, first = 0; 863 int overhead = 0; 864 865 /* One byte per frame is used for B/F flags */ 866 if (dlci->adaption == 4) 867 overhead = 1; 868 869 /* dlci->skb is locked by tx_lock */ 870 if (dlci->skb == NULL) { 871 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 872 if (dlci->skb == NULL) 873 return 0; 874 first = 1; 875 } 876 len = dlci->skb->len + overhead; 877 878 /* MTU/MRU count only the data bits */ 879 if (len > gsm->mtu) { 880 if (dlci->adaption == 3) { 881 /* Over long frame, bin it */ 882 dev_kfree_skb_any(dlci->skb); 883 dlci->skb = NULL; 884 return 0; 885 } 886 len = gsm->mtu; 887 } else 888 last = 1; 889 890 size = len + overhead; 891 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 892 893 /* FIXME: need a timer or something to kick this so it can't 894 get stuck with no work outstanding and no buffer free */ 895 if (msg == NULL) { 896 skb_queue_tail(&dlci->skb_list, dlci->skb); 897 dlci->skb = NULL; 898 return -ENOMEM; 899 } 900 dp = msg->data; 901 902 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 903 /* Flag byte to carry the start/end info */ 904 *dp++ = last << 7 | first << 6 | 1; /* EA */ 905 len--; 906 } 907 memcpy(dp, dlci->skb->data, len); 908 skb_pull(dlci->skb, len); 909 __gsm_data_queue(dlci, msg); 910 if (last) { 911 dev_kfree_skb_any(dlci->skb); 912 dlci->skb = NULL; 913 } 914 return size; 915} 916 917/** 918 * gsm_dlci_data_sweep - look for data to send 919 * @gsm: the GSM mux 920 * 921 * Sweep the GSM mux channels in priority order looking for ones with 922 * data to send. We could do with optimising this scan a bit. We aim 923 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 924 * TX_THRESH_LO we get called again 925 * 926 * FIXME: We should round robin between groups and in theory you can 927 * renegotiate DLCI priorities with optional stuff. Needs optimising. 928 */ 929 930static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 931{ 932 int len; 933 /* Priority ordering: We should do priority with RR of the groups */ 934 int i = 1; 935 936 while (i < NUM_DLCI) { 937 struct gsm_dlci *dlci; 938 939 if (gsm->tx_bytes > TX_THRESH_HI) 940 break; 941 dlci = gsm->dlci[i]; 942 if (dlci == NULL || dlci->constipated) { 943 i++; 944 continue; 945 } 946 if (dlci->adaption < 3 && !dlci->net) 947 len = gsm_dlci_data_output(gsm, dlci); 948 else 949 len = gsm_dlci_data_output_framed(gsm, dlci); 950 if (len < 0) 951 break; 952 /* DLCI empty - try the next */ 953 if (len == 0) 954 i++; 955 } 956} 957 958/** 959 * gsm_dlci_data_kick - transmit if possible 960 * @dlci: DLCI to kick 961 * 962 * Transmit data from this DLCI if the queue is empty. We can't rely on 963 * a tty wakeup except when we filled the pipe so we need to fire off 964 * new data ourselves in other cases. 965 */ 966 967static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 968{ 969 unsigned long flags; 970 int sweep; 971 972 if (dlci->constipated) 973 return; 974 975 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 976 /* If we have nothing running then we need to fire up */ 977 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 978 if (dlci->gsm->tx_bytes == 0) { 979 if (dlci->net) 980 gsm_dlci_data_output_framed(dlci->gsm, dlci); 981 else 982 gsm_dlci_data_output(dlci->gsm, dlci); 983 } 984 if (sweep) 985 gsm_dlci_data_sweep(dlci->gsm); 986 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 987} 988 989/* 990 * Control message processing 991 */ 992 993 994/** 995 * gsm_control_reply - send a response frame to a control 996 * @gsm: gsm channel 997 * @cmd: the command to use 998 * @data: data to follow encoded info 999 * @dlen: length of data 1000 * 1001 * Encode up and queue a UI/UIH frame containing our response. 1002 */ 1003 1004static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data, 1005 int dlen) 1006{ 1007 struct gsm_msg *msg; 1008 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1009 if (msg == NULL) 1010 return; 1011 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1012 msg->data[1] = (dlen << 1) | EA; 1013 memcpy(msg->data + 2, data, dlen); 1014 gsm_data_queue(gsm->dlci[0], msg); 1015} 1016 1017/** 1018 * gsm_process_modem - process received modem status 1019 * @tty: virtual tty bound to the DLCI 1020 * @dlci: DLCI to affect 1021 * @modem: modem bits (full EA) 1022 * 1023 * Used when a modem control message or line state inline in adaption 1024 * layer 2 is processed. Sort out the local modem state and throttles 1025 */ 1026 1027static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1028 u32 modem, int clen) 1029{ 1030 int mlines = 0; 1031 u8 brk = 0; 1032 int fc; 1033 1034 /* The modem status command can either contain one octet (v.24 signals) 1035 or two octets (v.24 signals + break signals). The length field will 1036 either be 2 or 3 respectively. This is specified in section 1037 5.4.6.3.7 of the 27.010 mux spec. */ 1038 1039 if (clen == 2) 1040 modem = modem & 0x7f; 1041 else { 1042 brk = modem & 0x7f; 1043 modem = (modem >> 7) & 0x7f; 1044 } 1045 1046 /* Flow control/ready to communicate */ 1047 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1048 if (fc && !dlci->constipated) { 1049 /* Need to throttle our output on this device */ 1050 dlci->constipated = 1; 1051 } else if (!fc && dlci->constipated) { 1052 dlci->constipated = 0; 1053 gsm_dlci_data_kick(dlci); 1054 } 1055 1056 /* Map modem bits */ 1057 if (modem & MDM_RTC) 1058 mlines |= TIOCM_DSR | TIOCM_DTR; 1059 if (modem & MDM_RTR) 1060 mlines |= TIOCM_RTS | TIOCM_CTS; 1061 if (modem & MDM_IC) 1062 mlines |= TIOCM_RI; 1063 if (modem & MDM_DV) 1064 mlines |= TIOCM_CD; 1065 1066 /* Carrier drop -> hangup */ 1067 if (tty) { 1068 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1069 if (!(tty->termios.c_cflag & CLOCAL)) 1070 tty_hangup(tty); 1071 } 1072 if (brk & 0x01) 1073 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1074 dlci->modem_rx = mlines; 1075} 1076 1077/** 1078 * gsm_control_modem - modem status received 1079 * @gsm: GSM channel 1080 * @data: data following command 1081 * @clen: command length 1082 * 1083 * We have received a modem status control message. This is used by 1084 * the GSM mux protocol to pass virtual modem line status and optionally 1085 * to indicate break signals. Unpack it, convert to Linux representation 1086 * and if need be stuff a break message down the tty. 1087 */ 1088 1089static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen) 1090{ 1091 unsigned int addr = 0; 1092 unsigned int modem = 0; 1093 unsigned int brk = 0; 1094 struct gsm_dlci *dlci; 1095 int len = clen; 1096 u8 *dp = data; 1097 struct tty_struct *tty; 1098 1099 while (gsm_read_ea(&addr, *dp++) == 0) { 1100 len--; 1101 if (len == 0) 1102 return; 1103 } 1104 /* Must be at least one byte following the EA */ 1105 len--; 1106 if (len <= 0) 1107 return; 1108 1109 addr >>= 1; 1110 /* Closed port, or invalid ? */ 1111 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1112 return; 1113 dlci = gsm->dlci[addr]; 1114 1115 while (gsm_read_ea(&modem, *dp++) == 0) { 1116 len--; 1117 if (len == 0) 1118 return; 1119 } 1120 len--; 1121 if (len > 0) { 1122 while (gsm_read_ea(&brk, *dp++) == 0) { 1123 len--; 1124 if (len == 0) 1125 return; 1126 } 1127 modem <<= 7; 1128 modem |= (brk & 0x7f); 1129 } 1130 tty = tty_port_tty_get(&dlci->port); 1131 gsm_process_modem(tty, dlci, modem, clen); 1132 if (tty) { 1133 tty_wakeup(tty); 1134 tty_kref_put(tty); 1135 } 1136 gsm_control_reply(gsm, CMD_MSC, data, clen); 1137} 1138 1139/** 1140 * gsm_control_rls - remote line status 1141 * @gsm: GSM channel 1142 * @data: data bytes 1143 * @clen: data length 1144 * 1145 * The modem sends us a two byte message on the control channel whenever 1146 * it wishes to send us an error state from the virtual link. Stuff 1147 * this into the uplink tty if present 1148 */ 1149 1150static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen) 1151{ 1152 struct tty_port *port; 1153 unsigned int addr = 0; 1154 u8 bits; 1155 int len = clen; 1156 u8 *dp = data; 1157 1158 while (gsm_read_ea(&addr, *dp++) == 0) { 1159 len--; 1160 if (len == 0) 1161 return; 1162 } 1163 /* Must be at least one byte following ea */ 1164 len--; 1165 if (len <= 0) 1166 return; 1167 addr >>= 1; 1168 /* Closed port, or invalid ? */ 1169 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1170 return; 1171 /* No error ? */ 1172 bits = *dp; 1173 if ((bits & 1) == 0) 1174 return; 1175 1176 port = &gsm->dlci[addr]->port; 1177 1178 if (bits & 2) 1179 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1180 if (bits & 4) 1181 tty_insert_flip_char(port, 0, TTY_PARITY); 1182 if (bits & 8) 1183 tty_insert_flip_char(port, 0, TTY_FRAME); 1184 1185 tty_flip_buffer_push(port); 1186 1187 gsm_control_reply(gsm, CMD_RLS, data, clen); 1188} 1189 1190static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1191 1192/** 1193 * gsm_control_message - DLCI 0 control processing 1194 * @gsm: our GSM mux 1195 * @command: the command EA 1196 * @data: data beyond the command/length EAs 1197 * @clen: length 1198 * 1199 * Input processor for control messages from the other end of the link. 1200 * Processes the incoming request and queues a response frame or an 1201 * NSC response if not supported 1202 */ 1203 1204static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1205 u8 *data, int clen) 1206{ 1207 u8 buf[1]; 1208 unsigned long flags; 1209 1210 switch (command) { 1211 case CMD_CLD: { 1212 struct gsm_dlci *dlci = gsm->dlci[0]; 1213 /* Modem wishes to close down */ 1214 if (dlci) { 1215 dlci->dead = 1; 1216 gsm->dead = 1; 1217 gsm_dlci_begin_close(dlci); 1218 } 1219 } 1220 break; 1221 case CMD_TEST: 1222 /* Modem wishes to test, reply with the data */ 1223 gsm_control_reply(gsm, CMD_TEST, data, clen); 1224 break; 1225 case CMD_FCON: 1226 /* Modem can accept data again */ 1227 gsm->constipated = 0; 1228 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1229 /* Kick the link in case it is idling */ 1230 spin_lock_irqsave(&gsm->tx_lock, flags); 1231 gsm_data_kick(gsm); 1232 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1233 break; 1234 case CMD_FCOFF: 1235 /* Modem wants us to STFU */ 1236 gsm->constipated = 1; 1237 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1238 break; 1239 case CMD_MSC: 1240 /* Out of band modem line change indicator for a DLCI */ 1241 gsm_control_modem(gsm, data, clen); 1242 break; 1243 case CMD_RLS: 1244 /* Out of band error reception for a DLCI */ 1245 gsm_control_rls(gsm, data, clen); 1246 break; 1247 case CMD_PSC: 1248 /* Modem wishes to enter power saving state */ 1249 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1250 break; 1251 /* Optional unsupported commands */ 1252 case CMD_PN: /* Parameter negotiation */ 1253 case CMD_RPN: /* Remote port negotiation */ 1254 case CMD_SNC: /* Service negotiation command */ 1255 default: 1256 /* Reply to bad commands with an NSC */ 1257 buf[0] = command; 1258 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1259 break; 1260 } 1261} 1262 1263/** 1264 * gsm_control_response - process a response to our control 1265 * @gsm: our GSM mux 1266 * @command: the command (response) EA 1267 * @data: data beyond the command/length EA 1268 * @clen: length 1269 * 1270 * Process a response to an outstanding command. We only allow a single 1271 * control message in flight so this is fairly easy. All the clean up 1272 * is done by the caller, we just update the fields, flag it as done 1273 * and return 1274 */ 1275 1276static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1277 u8 *data, int clen) 1278{ 1279 struct gsm_control *ctrl; 1280 unsigned long flags; 1281 1282 spin_lock_irqsave(&gsm->control_lock, flags); 1283 1284 ctrl = gsm->pending_cmd; 1285 /* Does the reply match our command */ 1286 command |= 1; 1287 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1288 /* Our command was replied to, kill the retry timer */ 1289 del_timer(&gsm->t2_timer); 1290 gsm->pending_cmd = NULL; 1291 /* Rejected by the other end */ 1292 if (command == CMD_NSC) 1293 ctrl->error = -EOPNOTSUPP; 1294 ctrl->done = 1; 1295 wake_up(&gsm->event); 1296 } 1297 spin_unlock_irqrestore(&gsm->control_lock, flags); 1298} 1299 1300/** 1301 * gsm_control_transmit - send control packet 1302 * @gsm: gsm mux 1303 * @ctrl: frame to send 1304 * 1305 * Send out a pending control command (called under control lock) 1306 */ 1307 1308static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1309{ 1310 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype); 1311 if (msg == NULL) 1312 return; 1313 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */ 1314 memcpy(msg->data + 1, ctrl->data, ctrl->len); 1315 gsm_data_queue(gsm->dlci[0], msg); 1316} 1317 1318/** 1319 * gsm_control_retransmit - retransmit a control frame 1320 * @data: pointer to our gsm object 1321 * 1322 * Called off the T2 timer expiry in order to retransmit control frames 1323 * that have been lost in the system somewhere. The control_lock protects 1324 * us from colliding with another sender or a receive completion event. 1325 * In that situation the timer may still occur in a small window but 1326 * gsm->pending_cmd will be NULL and we just let the timer expire. 1327 */ 1328 1329static void gsm_control_retransmit(unsigned long data) 1330{ 1331 struct gsm_mux *gsm = (struct gsm_mux *)data; 1332 struct gsm_control *ctrl; 1333 unsigned long flags; 1334 spin_lock_irqsave(&gsm->control_lock, flags); 1335 ctrl = gsm->pending_cmd; 1336 if (ctrl) { 1337 gsm->cretries--; 1338 if (gsm->cretries == 0) { 1339 gsm->pending_cmd = NULL; 1340 ctrl->error = -ETIMEDOUT; 1341 ctrl->done = 1; 1342 spin_unlock_irqrestore(&gsm->control_lock, flags); 1343 wake_up(&gsm->event); 1344 return; 1345 } 1346 gsm_control_transmit(gsm, ctrl); 1347 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1348 } 1349 spin_unlock_irqrestore(&gsm->control_lock, flags); 1350} 1351 1352/** 1353 * gsm_control_send - send a control frame on DLCI 0 1354 * @gsm: the GSM channel 1355 * @command: command to send including CR bit 1356 * @data: bytes of data (must be kmalloced) 1357 * @len: length of the block to send 1358 * 1359 * Queue and dispatch a control command. Only one command can be 1360 * active at a time. In theory more can be outstanding but the matching 1361 * gets really complicated so for now stick to one outstanding. 1362 */ 1363 1364static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1365 unsigned int command, u8 *data, int clen) 1366{ 1367 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1368 GFP_KERNEL); 1369 unsigned long flags; 1370 if (ctrl == NULL) 1371 return NULL; 1372retry: 1373 wait_event(gsm->event, gsm->pending_cmd == NULL); 1374 spin_lock_irqsave(&gsm->control_lock, flags); 1375 if (gsm->pending_cmd != NULL) { 1376 spin_unlock_irqrestore(&gsm->control_lock, flags); 1377 goto retry; 1378 } 1379 ctrl->cmd = command; 1380 ctrl->data = data; 1381 ctrl->len = clen; 1382 gsm->pending_cmd = ctrl; 1383 gsm->cretries = gsm->n2; 1384 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1385 gsm_control_transmit(gsm, ctrl); 1386 spin_unlock_irqrestore(&gsm->control_lock, flags); 1387 return ctrl; 1388} 1389 1390/** 1391 * gsm_control_wait - wait for a control to finish 1392 * @gsm: GSM mux 1393 * @control: control we are waiting on 1394 * 1395 * Waits for the control to complete or time out. Frees any used 1396 * resources and returns 0 for success, or an error if the remote 1397 * rejected or ignored the request. 1398 */ 1399 1400static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1401{ 1402 int err; 1403 wait_event(gsm->event, control->done == 1); 1404 err = control->error; 1405 kfree(control); 1406 return err; 1407} 1408 1409 1410/* 1411 * DLCI level handling: Needs krefs 1412 */ 1413 1414/* 1415 * State transitions and timers 1416 */ 1417 1418/** 1419 * gsm_dlci_close - a DLCI has closed 1420 * @dlci: DLCI that closed 1421 * 1422 * Perform processing when moving a DLCI into closed state. If there 1423 * is an attached tty this is hung up 1424 */ 1425 1426static void gsm_dlci_close(struct gsm_dlci *dlci) 1427{ 1428 del_timer(&dlci->t1); 1429 if (debug & 8) 1430 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1431 dlci->state = DLCI_CLOSED; 1432 if (dlci->addr != 0) { 1433 tty_port_tty_hangup(&dlci->port, false); 1434 kfifo_reset(dlci->fifo); 1435 } else 1436 dlci->gsm->dead = 1; 1437 wake_up(&dlci->gsm->event); 1438 /* A DLCI 0 close is a MUX termination so we need to kick that 1439 back to userspace somehow */ 1440} 1441 1442/** 1443 * gsm_dlci_open - a DLCI has opened 1444 * @dlci: DLCI that opened 1445 * 1446 * Perform processing when moving a DLCI into open state. 1447 */ 1448 1449static void gsm_dlci_open(struct gsm_dlci *dlci) 1450{ 1451 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1452 open -> open */ 1453 del_timer(&dlci->t1); 1454 /* This will let a tty open continue */ 1455 dlci->state = DLCI_OPEN; 1456 if (debug & 8) 1457 pr_debug("DLCI %d goes open.\n", dlci->addr); 1458 wake_up(&dlci->gsm->event); 1459} 1460 1461/** 1462 * gsm_dlci_t1 - T1 timer expiry 1463 * @dlci: DLCI that opened 1464 * 1465 * The T1 timer handles retransmits of control frames (essentially of 1466 * SABM and DISC). We resend the command until the retry count runs out 1467 * in which case an opening port goes back to closed and a closing port 1468 * is simply put into closed state (any further frames from the other 1469 * end will get a DM response) 1470 */ 1471 1472static void gsm_dlci_t1(unsigned long data) 1473{ 1474 struct gsm_dlci *dlci = (struct gsm_dlci *)data; 1475 struct gsm_mux *gsm = dlci->gsm; 1476 1477 switch (dlci->state) { 1478 case DLCI_OPENING: 1479 dlci->retries--; 1480 if (dlci->retries) { 1481 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1482 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1483 } else 1484 gsm_dlci_close(dlci); 1485 break; 1486 case DLCI_CLOSING: 1487 dlci->retries--; 1488 if (dlci->retries) { 1489 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1490 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1491 } else 1492 gsm_dlci_close(dlci); 1493 break; 1494 } 1495} 1496 1497/** 1498 * gsm_dlci_begin_open - start channel open procedure 1499 * @dlci: DLCI to open 1500 * 1501 * Commence opening a DLCI from the Linux side. We issue SABM messages 1502 * to the modem which should then reply with a UA, at which point we 1503 * will move into open state. Opening is done asynchronously with retry 1504 * running off timers and the responses. 1505 */ 1506 1507static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1508{ 1509 struct gsm_mux *gsm = dlci->gsm; 1510 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1511 return; 1512 dlci->retries = gsm->n2; 1513 dlci->state = DLCI_OPENING; 1514 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1515 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1516} 1517 1518/** 1519 * gsm_dlci_begin_close - start channel open procedure 1520 * @dlci: DLCI to open 1521 * 1522 * Commence closing a DLCI from the Linux side. We issue DISC messages 1523 * to the modem which should then reply with a UA, at which point we 1524 * will move into closed state. Closing is done asynchronously with retry 1525 * off timers. We may also receive a DM reply from the other end which 1526 * indicates the channel was already closed. 1527 */ 1528 1529static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1530{ 1531 struct gsm_mux *gsm = dlci->gsm; 1532 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1533 return; 1534 dlci->retries = gsm->n2; 1535 dlci->state = DLCI_CLOSING; 1536 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1537 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1538} 1539 1540/** 1541 * gsm_dlci_data - data arrived 1542 * @dlci: channel 1543 * @data: block of bytes received 1544 * @len: length of received block 1545 * 1546 * A UI or UIH frame has arrived which contains data for a channel 1547 * other than the control channel. If the relevant virtual tty is 1548 * open we shovel the bits down it, if not we drop them. 1549 */ 1550 1551static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen) 1552{ 1553 /* krefs .. */ 1554 struct tty_port *port = &dlci->port; 1555 struct tty_struct *tty; 1556 unsigned int modem = 0; 1557 int len = clen; 1558 1559 if (debug & 16) 1560 pr_debug("%d bytes for tty\n", len); 1561 switch (dlci->adaption) { 1562 /* Unsupported types */ 1563 /* Packetised interruptible data */ 1564 case 4: 1565 break; 1566 /* Packetised uininterruptible voice/data */ 1567 case 3: 1568 break; 1569 /* Asynchronous serial with line state in each frame */ 1570 case 2: 1571 while (gsm_read_ea(&modem, *data++) == 0) { 1572 len--; 1573 if (len == 0) 1574 return; 1575 } 1576 tty = tty_port_tty_get(port); 1577 if (tty) { 1578 gsm_process_modem(tty, dlci, modem, clen); 1579 tty_kref_put(tty); 1580 } 1581 /* Line state will go via DLCI 0 controls only */ 1582 case 1: 1583 default: 1584 tty_insert_flip_string(port, data, len); 1585 tty_flip_buffer_push(port); 1586 } 1587} 1588 1589/** 1590 * gsm_dlci_control - data arrived on control channel 1591 * @dlci: channel 1592 * @data: block of bytes received 1593 * @len: length of received block 1594 * 1595 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1596 * control channel. This should contain a command EA followed by 1597 * control data bytes. The command EA contains a command/response bit 1598 * and we divide up the work accordingly. 1599 */ 1600 1601static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len) 1602{ 1603 /* See what command is involved */ 1604 unsigned int command = 0; 1605 while (len-- > 0) { 1606 if (gsm_read_ea(&command, *data++) == 1) { 1607 int clen = *data++; 1608 len--; 1609 /* FIXME: this is properly an EA */ 1610 clen >>= 1; 1611 /* Malformed command ? */ 1612 if (clen > len) 1613 return; 1614 if (command & 1) 1615 gsm_control_message(dlci->gsm, command, 1616 data, clen); 1617 else 1618 gsm_control_response(dlci->gsm, command, 1619 data, clen); 1620 return; 1621 } 1622 } 1623} 1624 1625/* 1626 * Allocate/Free DLCI channels 1627 */ 1628 1629/** 1630 * gsm_dlci_alloc - allocate a DLCI 1631 * @gsm: GSM mux 1632 * @addr: address of the DLCI 1633 * 1634 * Allocate and install a new DLCI object into the GSM mux. 1635 * 1636 * FIXME: review locking races 1637 */ 1638 1639static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1640{ 1641 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1642 if (dlci == NULL) 1643 return NULL; 1644 spin_lock_init(&dlci->lock); 1645 mutex_init(&dlci->mutex); 1646 dlci->fifo = &dlci->_fifo; 1647 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) { 1648 kfree(dlci); 1649 return NULL; 1650 } 1651 1652 skb_queue_head_init(&dlci->skb_list); 1653 init_timer(&dlci->t1); 1654 dlci->t1.function = gsm_dlci_t1; 1655 dlci->t1.data = (unsigned long)dlci; 1656 tty_port_init(&dlci->port); 1657 dlci->port.ops = &gsm_port_ops; 1658 dlci->gsm = gsm; 1659 dlci->addr = addr; 1660 dlci->adaption = gsm->adaption; 1661 dlci->state = DLCI_CLOSED; 1662 if (addr) 1663 dlci->data = gsm_dlci_data; 1664 else 1665 dlci->data = gsm_dlci_command; 1666 gsm->dlci[addr] = dlci; 1667 return dlci; 1668} 1669 1670/** 1671 * gsm_dlci_free - free DLCI 1672 * @dlci: DLCI to free 1673 * 1674 * Free up a DLCI. 1675 * 1676 * Can sleep. 1677 */ 1678static void gsm_dlci_free(struct tty_port *port) 1679{ 1680 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1681 1682 del_timer_sync(&dlci->t1); 1683 dlci->gsm->dlci[dlci->addr] = NULL; 1684 kfifo_free(dlci->fifo); 1685 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1686 dev_kfree_skb(dlci->skb); 1687 kfree(dlci); 1688} 1689 1690static inline void dlci_get(struct gsm_dlci *dlci) 1691{ 1692 tty_port_get(&dlci->port); 1693} 1694 1695static inline void dlci_put(struct gsm_dlci *dlci) 1696{ 1697 tty_port_put(&dlci->port); 1698} 1699 1700static void gsm_destroy_network(struct gsm_dlci *dlci); 1701 1702/** 1703 * gsm_dlci_release - release DLCI 1704 * @dlci: DLCI to destroy 1705 * 1706 * Release a DLCI. Actual free is deferred until either 1707 * mux is closed or tty is closed - whichever is last. 1708 * 1709 * Can sleep. 1710 */ 1711static void gsm_dlci_release(struct gsm_dlci *dlci) 1712{ 1713 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1714 if (tty) { 1715 mutex_lock(&dlci->mutex); 1716 gsm_destroy_network(dlci); 1717 mutex_unlock(&dlci->mutex); 1718 1719 tty_vhangup(tty); 1720 1721 tty_port_tty_set(&dlci->port, NULL); 1722 tty_kref_put(tty); 1723 } 1724 dlci->state = DLCI_CLOSED; 1725 dlci_put(dlci); 1726} 1727 1728/* 1729 * LAPBish link layer logic 1730 */ 1731 1732/** 1733 * gsm_queue - a GSM frame is ready to process 1734 * @gsm: pointer to our gsm mux 1735 * 1736 * At this point in time a frame has arrived and been demangled from 1737 * the line encoding. All the differences between the encodings have 1738 * been handled below us and the frame is unpacked into the structures. 1739 * The fcs holds the header FCS but any data FCS must be added here. 1740 */ 1741 1742static void gsm_queue(struct gsm_mux *gsm) 1743{ 1744 struct gsm_dlci *dlci; 1745 u8 cr; 1746 int address; 1747 /* We have to sneak a look at the packet body to do the FCS. 1748 A somewhat layering violation in the spec */ 1749 1750 if ((gsm->control & ~PF) == UI) 1751 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len); 1752 if (gsm->encoding == 0) { 1753 /* WARNING: gsm->received_fcs is used for 1754 gsm->encoding = 0 only. 1755 In this case it contain the last piece of data 1756 required to generate final CRC */ 1757 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs); 1758 } 1759 if (gsm->fcs != GOOD_FCS) { 1760 gsm->bad_fcs++; 1761 if (debug & 4) 1762 pr_debug("BAD FCS %02x\n", gsm->fcs); 1763 return; 1764 } 1765 address = gsm->address >> 1; 1766 if (address >= NUM_DLCI) 1767 goto invalid; 1768 1769 cr = gsm->address & 1; /* C/R bit */ 1770 1771 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1772 1773 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */ 1774 dlci = gsm->dlci[address]; 1775 1776 switch (gsm->control) { 1777 case SABM|PF: 1778 if (cr == 0) 1779 goto invalid; 1780 if (dlci == NULL) 1781 dlci = gsm_dlci_alloc(gsm, address); 1782 if (dlci == NULL) 1783 return; 1784 if (dlci->dead) 1785 gsm_response(gsm, address, DM); 1786 else { 1787 gsm_response(gsm, address, UA); 1788 gsm_dlci_open(dlci); 1789 } 1790 break; 1791 case DISC|PF: 1792 if (cr == 0) 1793 goto invalid; 1794 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1795 gsm_response(gsm, address, DM); 1796 return; 1797 } 1798 /* Real close complete */ 1799 gsm_response(gsm, address, UA); 1800 gsm_dlci_close(dlci); 1801 break; 1802 case UA: 1803 case UA|PF: 1804 if (cr == 0 || dlci == NULL) 1805 break; 1806 switch (dlci->state) { 1807 case DLCI_CLOSING: 1808 gsm_dlci_close(dlci); 1809 break; 1810 case DLCI_OPENING: 1811 gsm_dlci_open(dlci); 1812 break; 1813 } 1814 break; 1815 case DM: /* DM can be valid unsolicited */ 1816 case DM|PF: 1817 if (cr) 1818 goto invalid; 1819 if (dlci == NULL) 1820 return; 1821 gsm_dlci_close(dlci); 1822 break; 1823 case UI: 1824 case UI|PF: 1825 case UIH: 1826 case UIH|PF: 1827#if 0 1828 if (cr) 1829 goto invalid; 1830#endif 1831 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1832 gsm_command(gsm, address, DM|PF); 1833 return; 1834 } 1835 dlci->data(dlci, gsm->buf, gsm->len); 1836 break; 1837 default: 1838 goto invalid; 1839 } 1840 return; 1841invalid: 1842 gsm->malformed++; 1843 return; 1844} 1845 1846 1847/** 1848 * gsm0_receive - perform processing for non-transparency 1849 * @gsm: gsm data for this ldisc instance 1850 * @c: character 1851 * 1852 * Receive bytes in gsm mode 0 1853 */ 1854 1855static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1856{ 1857 unsigned int len; 1858 1859 switch (gsm->state) { 1860 case GSM_SEARCH: /* SOF marker */ 1861 if (c == GSM0_SOF) { 1862 gsm->state = GSM_ADDRESS; 1863 gsm->address = 0; 1864 gsm->len = 0; 1865 gsm->fcs = INIT_FCS; 1866 } 1867 break; 1868 case GSM_ADDRESS: /* Address EA */ 1869 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1870 if (gsm_read_ea(&gsm->address, c)) 1871 gsm->state = GSM_CONTROL; 1872 break; 1873 case GSM_CONTROL: /* Control Byte */ 1874 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1875 gsm->control = c; 1876 gsm->state = GSM_LEN0; 1877 break; 1878 case GSM_LEN0: /* Length EA */ 1879 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1880 if (gsm_read_ea(&gsm->len, c)) { 1881 if (gsm->len > gsm->mru) { 1882 gsm->bad_size++; 1883 gsm->state = GSM_SEARCH; 1884 break; 1885 } 1886 gsm->count = 0; 1887 if (!gsm->len) 1888 gsm->state = GSM_FCS; 1889 else 1890 gsm->state = GSM_DATA; 1891 break; 1892 } 1893 gsm->state = GSM_LEN1; 1894 break; 1895 case GSM_LEN1: 1896 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1897 len = c; 1898 gsm->len |= len << 7; 1899 if (gsm->len > gsm->mru) { 1900 gsm->bad_size++; 1901 gsm->state = GSM_SEARCH; 1902 break; 1903 } 1904 gsm->count = 0; 1905 if (!gsm->len) 1906 gsm->state = GSM_FCS; 1907 else 1908 gsm->state = GSM_DATA; 1909 break; 1910 case GSM_DATA: /* Data */ 1911 gsm->buf[gsm->count++] = c; 1912 if (gsm->count == gsm->len) 1913 gsm->state = GSM_FCS; 1914 break; 1915 case GSM_FCS: /* FCS follows the packet */ 1916 gsm->received_fcs = c; 1917 gsm_queue(gsm); 1918 gsm->state = GSM_SSOF; 1919 break; 1920 case GSM_SSOF: 1921 if (c == GSM0_SOF) { 1922 gsm->state = GSM_SEARCH; 1923 break; 1924 } 1925 break; 1926 } 1927} 1928 1929/** 1930 * gsm1_receive - perform processing for non-transparency 1931 * @gsm: gsm data for this ldisc instance 1932 * @c: character 1933 * 1934 * Receive bytes in mode 1 (Advanced option) 1935 */ 1936 1937static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 1938{ 1939 if (c == GSM1_SOF) { 1940 /* EOF is only valid in frame if we have got to the data state 1941 and received at least one byte (the FCS) */ 1942 if (gsm->state == GSM_DATA && gsm->count) { 1943 /* Extract the FCS */ 1944 gsm->count--; 1945 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 1946 gsm->len = gsm->count; 1947 gsm_queue(gsm); 1948 gsm->state = GSM_START; 1949 return; 1950 } 1951 /* Any partial frame was a runt so go back to start */ 1952 if (gsm->state != GSM_START) { 1953 gsm->malformed++; 1954 gsm->state = GSM_START; 1955 } 1956 /* A SOF in GSM_START means we are still reading idling or 1957 framing bytes */ 1958 return; 1959 } 1960 1961 if (c == GSM1_ESCAPE) { 1962 gsm->escape = 1; 1963 return; 1964 } 1965 1966 /* Only an unescaped SOF gets us out of GSM search */ 1967 if (gsm->state == GSM_SEARCH) 1968 return; 1969 1970 if (gsm->escape) { 1971 c ^= GSM1_ESCAPE_BITS; 1972 gsm->escape = 0; 1973 } 1974 switch (gsm->state) { 1975 case GSM_START: /* First byte after SOF */ 1976 gsm->address = 0; 1977 gsm->state = GSM_ADDRESS; 1978 gsm->fcs = INIT_FCS; 1979 /* Drop through */ 1980 case GSM_ADDRESS: /* Address continuation */ 1981 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1982 if (gsm_read_ea(&gsm->address, c)) 1983 gsm->state = GSM_CONTROL; 1984 break; 1985 case GSM_CONTROL: /* Control Byte */ 1986 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1987 gsm->control = c; 1988 gsm->count = 0; 1989 gsm->state = GSM_DATA; 1990 break; 1991 case GSM_DATA: /* Data */ 1992 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 1993 gsm->state = GSM_OVERRUN; 1994 gsm->bad_size++; 1995 } else 1996 gsm->buf[gsm->count++] = c; 1997 break; 1998 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 1999 break; 2000 } 2001} 2002 2003/** 2004 * gsm_error - handle tty error 2005 * @gsm: ldisc data 2006 * @data: byte received (may be invalid) 2007 * @flag: error received 2008 * 2009 * Handle an error in the receipt of data for a frame. Currently we just 2010 * go back to hunting for a SOF. 2011 * 2012 * FIXME: better diagnostics ? 2013 */ 2014 2015static void gsm_error(struct gsm_mux *gsm, 2016 unsigned char data, unsigned char flag) 2017{ 2018 gsm->state = GSM_SEARCH; 2019 gsm->io_error++; 2020} 2021 2022/** 2023 * gsm_cleanup_mux - generic GSM protocol cleanup 2024 * @gsm: our mux 2025 * 2026 * Clean up the bits of the mux which are the same for all framing 2027 * protocols. Remove the mux from the mux table, stop all the timers 2028 * and then shut down each device hanging up the channels as we go. 2029 */ 2030 2031static void gsm_cleanup_mux(struct gsm_mux *gsm) 2032{ 2033 int i; 2034 struct gsm_dlci *dlci = gsm->dlci[0]; 2035 struct gsm_msg *txq, *ntxq; 2036 struct gsm_control *gc; 2037 2038 gsm->dead = 1; 2039 2040 spin_lock(&gsm_mux_lock); 2041 for (i = 0; i < MAX_MUX; i++) { 2042 if (gsm_mux[i] == gsm) { 2043 gsm_mux[i] = NULL; 2044 break; 2045 } 2046 } 2047 spin_unlock(&gsm_mux_lock); 2048 /* open failed before registering => nothing to do */ 2049 if (i == MAX_MUX) 2050 return; 2051 2052 /* In theory disconnecting DLCI 0 is sufficient but for some 2053 modems this is apparently not the case. */ 2054 if (dlci) { 2055 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0); 2056 if (gc) 2057 gsm_control_wait(gsm, gc); 2058 } 2059 del_timer_sync(&gsm->t2_timer); 2060 /* Now we are sure T2 has stopped */ 2061 if (dlci) { 2062 dlci->dead = 1; 2063 gsm_dlci_begin_close(dlci); 2064 wait_event_interruptible(gsm->event, 2065 dlci->state == DLCI_CLOSED); 2066 } 2067 /* Free up any link layer users */ 2068 mutex_lock(&gsm->mutex); 2069 for (i = 0; i < NUM_DLCI; i++) 2070 if (gsm->dlci[i]) 2071 gsm_dlci_release(gsm->dlci[i]); 2072 mutex_unlock(&gsm->mutex); 2073 /* Now wipe the queues */ 2074 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2075 kfree(txq); 2076 INIT_LIST_HEAD(&gsm->tx_list); 2077} 2078 2079/** 2080 * gsm_activate_mux - generic GSM setup 2081 * @gsm: our mux 2082 * 2083 * Set up the bits of the mux which are the same for all framing 2084 * protocols. Add the mux to the mux table so it can be opened and 2085 * finally kick off connecting to DLCI 0 on the modem. 2086 */ 2087 2088static int gsm_activate_mux(struct gsm_mux *gsm) 2089{ 2090 struct gsm_dlci *dlci; 2091 int i = 0; 2092 2093 setup_timer(&gsm->t2_timer, gsm_control_retransmit, (unsigned long)gsm); 2094 init_waitqueue_head(&gsm->event); 2095 spin_lock_init(&gsm->control_lock); 2096 spin_lock_init(&gsm->tx_lock); 2097 2098 if (gsm->encoding == 0) 2099 gsm->receive = gsm0_receive; 2100 else 2101 gsm->receive = gsm1_receive; 2102 gsm->error = gsm_error; 2103 2104 spin_lock(&gsm_mux_lock); 2105 for (i = 0; i < MAX_MUX; i++) { 2106 if (gsm_mux[i] == NULL) { 2107 gsm->num = i; 2108 gsm_mux[i] = gsm; 2109 break; 2110 } 2111 } 2112 spin_unlock(&gsm_mux_lock); 2113 if (i == MAX_MUX) 2114 return -EBUSY; 2115 2116 dlci = gsm_dlci_alloc(gsm, 0); 2117 if (dlci == NULL) 2118 return -ENOMEM; 2119 gsm->dead = 0; /* Tty opens are now permissible */ 2120 return 0; 2121} 2122 2123/** 2124 * gsm_free_mux - free up a mux 2125 * @mux: mux to free 2126 * 2127 * Dispose of allocated resources for a dead mux 2128 */ 2129static void gsm_free_mux(struct gsm_mux *gsm) 2130{ 2131 kfree(gsm->txframe); 2132 kfree(gsm->buf); 2133 kfree(gsm); 2134} 2135 2136/** 2137 * gsm_free_muxr - free up a mux 2138 * @mux: mux to free 2139 * 2140 * Dispose of allocated resources for a dead mux 2141 */ 2142static void gsm_free_muxr(struct kref *ref) 2143{ 2144 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2145 gsm_free_mux(gsm); 2146} 2147 2148static inline void mux_get(struct gsm_mux *gsm) 2149{ 2150 kref_get(&gsm->ref); 2151} 2152 2153static inline void mux_put(struct gsm_mux *gsm) 2154{ 2155 kref_put(&gsm->ref, gsm_free_muxr); 2156} 2157 2158/** 2159 * gsm_alloc_mux - allocate a mux 2160 * 2161 * Creates a new mux ready for activation. 2162 */ 2163 2164static struct gsm_mux *gsm_alloc_mux(void) 2165{ 2166 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2167 if (gsm == NULL) 2168 return NULL; 2169 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2170 if (gsm->buf == NULL) { 2171 kfree(gsm); 2172 return NULL; 2173 } 2174 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL); 2175 if (gsm->txframe == NULL) { 2176 kfree(gsm->buf); 2177 kfree(gsm); 2178 return NULL; 2179 } 2180 spin_lock_init(&gsm->lock); 2181 mutex_init(&gsm->mutex); 2182 kref_init(&gsm->ref); 2183 INIT_LIST_HEAD(&gsm->tx_list); 2184 2185 gsm->t1 = T1; 2186 gsm->t2 = T2; 2187 gsm->n2 = N2; 2188 gsm->ftype = UIH; 2189 gsm->adaption = 1; 2190 gsm->encoding = 1; 2191 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2192 gsm->mtu = 64; 2193 gsm->dead = 1; /* Avoid early tty opens */ 2194 2195 return gsm; 2196} 2197 2198/** 2199 * gsmld_output - write to link 2200 * @gsm: our mux 2201 * @data: bytes to output 2202 * @len: size 2203 * 2204 * Write a block of data from the GSM mux to the data channel. This 2205 * will eventually be serialized from above but at the moment isn't. 2206 */ 2207 2208static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2209{ 2210 if (tty_write_room(gsm->tty) < len) { 2211 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2212 return -ENOSPC; 2213 } 2214 if (debug & 4) 2215 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET, 2216 data, len); 2217 gsm->tty->ops->write(gsm->tty, data, len); 2218 return len; 2219} 2220 2221/** 2222 * gsmld_attach_gsm - mode set up 2223 * @tty: our tty structure 2224 * @gsm: our mux 2225 * 2226 * Set up the MUX for basic mode and commence connecting to the 2227 * modem. Currently called from the line discipline set up but 2228 * will need moving to an ioctl path. 2229 */ 2230 2231static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2232{ 2233 int ret, i, base; 2234 2235 gsm->tty = tty_kref_get(tty); 2236 gsm->output = gsmld_output; 2237 ret = gsm_activate_mux(gsm); 2238 if (ret != 0) 2239 tty_kref_put(gsm->tty); 2240 else { 2241 /* Don't register device 0 - this is the control channel and not 2242 a usable tty interface */ 2243 base = gsm->num << 6; /* Base for this MUX */ 2244 for (i = 1; i < NUM_DLCI; i++) 2245 tty_register_device(gsm_tty_driver, base + i, NULL); 2246 } 2247 return ret; 2248} 2249 2250 2251/** 2252 * gsmld_detach_gsm - stop doing 0710 mux 2253 * @tty: tty attached to the mux 2254 * @gsm: mux 2255 * 2256 * Shutdown and then clean up the resources used by the line discipline 2257 */ 2258 2259static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2260{ 2261 int i; 2262 int base = gsm->num << 6; /* Base for this MUX */ 2263 2264 WARN_ON(tty != gsm->tty); 2265 for (i = 1; i < NUM_DLCI; i++) 2266 tty_unregister_device(gsm_tty_driver, base + i); 2267 gsm_cleanup_mux(gsm); 2268 tty_kref_put(gsm->tty); 2269 gsm->tty = NULL; 2270} 2271 2272static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2273 char *fp, int count) 2274{ 2275 struct gsm_mux *gsm = tty->disc_data; 2276 const unsigned char *dp; 2277 char *f; 2278 int i; 2279 char buf[64]; 2280 char flags = TTY_NORMAL; 2281 2282 if (debug & 4) 2283 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET, 2284 cp, count); 2285 2286 for (i = count, dp = cp, f = fp; i; i--, dp++) { 2287 if (f) 2288 flags = *f++; 2289 switch (flags) { 2290 case TTY_NORMAL: 2291 gsm->receive(gsm, *dp); 2292 break; 2293 case TTY_OVERRUN: 2294 case TTY_BREAK: 2295 case TTY_PARITY: 2296 case TTY_FRAME: 2297 gsm->error(gsm, *dp, flags); 2298 break; 2299 default: 2300 WARN_ONCE(1, "%s: unknown flag %d\n", 2301 tty_name(tty, buf), flags); 2302 break; 2303 } 2304 } 2305 /* FASYNC if needed ? */ 2306 /* If clogged call tty_throttle(tty); */ 2307} 2308 2309/** 2310 * gsmld_chars_in_buffer - report available bytes 2311 * @tty: tty device 2312 * 2313 * Report the number of characters buffered to be delivered to user 2314 * at this instant in time. 2315 * 2316 * Locking: gsm lock 2317 */ 2318 2319static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty) 2320{ 2321 return 0; 2322} 2323 2324/** 2325 * gsmld_flush_buffer - clean input queue 2326 * @tty: terminal device 2327 * 2328 * Flush the input buffer. Called when the line discipline is 2329 * being closed, when the tty layer wants the buffer flushed (eg 2330 * at hangup). 2331 */ 2332 2333static void gsmld_flush_buffer(struct tty_struct *tty) 2334{ 2335} 2336 2337/** 2338 * gsmld_close - close the ldisc for this tty 2339 * @tty: device 2340 * 2341 * Called from the terminal layer when this line discipline is 2342 * being shut down, either because of a close or becsuse of a 2343 * discipline change. The function will not be called while other 2344 * ldisc methods are in progress. 2345 */ 2346 2347static void gsmld_close(struct tty_struct *tty) 2348{ 2349 struct gsm_mux *gsm = tty->disc_data; 2350 2351 gsmld_detach_gsm(tty, gsm); 2352 2353 gsmld_flush_buffer(tty); 2354 /* Do other clean up here */ 2355 mux_put(gsm); 2356} 2357 2358/** 2359 * gsmld_open - open an ldisc 2360 * @tty: terminal to open 2361 * 2362 * Called when this line discipline is being attached to the 2363 * terminal device. Can sleep. Called serialized so that no 2364 * other events will occur in parallel. No further open will occur 2365 * until a close. 2366 */ 2367 2368static int gsmld_open(struct tty_struct *tty) 2369{ 2370 struct gsm_mux *gsm; 2371 int ret; 2372 2373 if (tty->ops->write == NULL) 2374 return -EINVAL; 2375 2376 /* Attach our ldisc data */ 2377 gsm = gsm_alloc_mux(); 2378 if (gsm == NULL) 2379 return -ENOMEM; 2380 2381 tty->disc_data = gsm; 2382 tty->receive_room = 65536; 2383 2384 /* Attach the initial passive connection */ 2385 gsm->encoding = 1; 2386 2387 ret = gsmld_attach_gsm(tty, gsm); 2388 if (ret != 0) { 2389 gsm_cleanup_mux(gsm); 2390 mux_put(gsm); 2391 } 2392 return ret; 2393} 2394 2395/** 2396 * gsmld_write_wakeup - asynchronous I/O notifier 2397 * @tty: tty device 2398 * 2399 * Required for the ptys, serial driver etc. since processes 2400 * that attach themselves to the master and rely on ASYNC 2401 * IO must be woken up 2402 */ 2403 2404static void gsmld_write_wakeup(struct tty_struct *tty) 2405{ 2406 struct gsm_mux *gsm = tty->disc_data; 2407 unsigned long flags; 2408 2409 /* Queue poll */ 2410 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2411 spin_lock_irqsave(&gsm->tx_lock, flags); 2412 gsm_data_kick(gsm); 2413 if (gsm->tx_bytes < TX_THRESH_LO) { 2414 gsm_dlci_data_sweep(gsm); 2415 } 2416 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2417} 2418 2419/** 2420 * gsmld_read - read function for tty 2421 * @tty: tty device 2422 * @file: file object 2423 * @buf: userspace buffer pointer 2424 * @nr: size of I/O 2425 * 2426 * Perform reads for the line discipline. We are guaranteed that the 2427 * line discipline will not be closed under us but we may get multiple 2428 * parallel readers and must handle this ourselves. We may also get 2429 * a hangup. Always called in user context, may sleep. 2430 * 2431 * This code must be sure never to sleep through a hangup. 2432 */ 2433 2434static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2435 unsigned char __user *buf, size_t nr) 2436{ 2437 return -EOPNOTSUPP; 2438} 2439 2440/** 2441 * gsmld_write - write function for tty 2442 * @tty: tty device 2443 * @file: file object 2444 * @buf: userspace buffer pointer 2445 * @nr: size of I/O 2446 * 2447 * Called when the owner of the device wants to send a frame 2448 * itself (or some other control data). The data is transferred 2449 * as-is and must be properly framed and checksummed as appropriate 2450 * by userspace. Frames are either sent whole or not at all as this 2451 * avoids pain user side. 2452 */ 2453 2454static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2455 const unsigned char *buf, size_t nr) 2456{ 2457 int space = tty_write_room(tty); 2458 if (space >= nr) 2459 return tty->ops->write(tty, buf, nr); 2460 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2461 return -ENOBUFS; 2462} 2463 2464/** 2465 * gsmld_poll - poll method for N_GSM0710 2466 * @tty: terminal device 2467 * @file: file accessing it 2468 * @wait: poll table 2469 * 2470 * Called when the line discipline is asked to poll() for data or 2471 * for special events. This code is not serialized with respect to 2472 * other events save open/close. 2473 * 2474 * This code must be sure never to sleep through a hangup. 2475 * Called without the kernel lock held - fine 2476 */ 2477 2478static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file, 2479 poll_table *wait) 2480{ 2481 unsigned int mask = 0; 2482 struct gsm_mux *gsm = tty->disc_data; 2483 2484 poll_wait(file, &tty->read_wait, wait); 2485 poll_wait(file, &tty->write_wait, wait); 2486 if (tty_hung_up_p(file)) 2487 mask |= POLLHUP; 2488 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2489 mask |= POLLOUT | POLLWRNORM; 2490 if (gsm->dead) 2491 mask |= POLLHUP; 2492 return mask; 2493} 2494 2495static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm, 2496 struct gsm_config *c) 2497{ 2498 int need_close = 0; 2499 int need_restart = 0; 2500 2501 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2502 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2503 return -EOPNOTSUPP; 2504 /* Check the MRU/MTU range looks sane */ 2505 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2506 return -EINVAL; 2507 if (c->n2 < 3) 2508 return -EINVAL; 2509 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2510 return -EINVAL; 2511 if (c->initiator > 1) 2512 return -EINVAL; 2513 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2514 return -EINVAL; 2515 /* 2516 * See what is needed for reconfiguration 2517 */ 2518 2519 /* Timing fields */ 2520 if (c->t1 != 0 && c->t1 != gsm->t1) 2521 need_restart = 1; 2522 if (c->t2 != 0 && c->t2 != gsm->t2) 2523 need_restart = 1; 2524 if (c->encapsulation != gsm->encoding) 2525 need_restart = 1; 2526 if (c->adaption != gsm->adaption) 2527 need_restart = 1; 2528 /* Requires care */ 2529 if (c->initiator != gsm->initiator) 2530 need_close = 1; 2531 if (c->mru != gsm->mru) 2532 need_restart = 1; 2533 if (c->mtu != gsm->mtu) 2534 need_restart = 1; 2535 2536 /* 2537 * Close down what is needed, restart and initiate the new 2538 * configuration 2539 */ 2540 2541 if (need_close || need_restart) { 2542 gsm_dlci_begin_close(gsm->dlci[0]); 2543 /* This will timeout if the link is down due to N2 expiring */ 2544 wait_event_interruptible(gsm->event, 2545 gsm->dlci[0]->state == DLCI_CLOSED); 2546 if (signal_pending(current)) 2547 return -EINTR; 2548 } 2549 if (need_restart) 2550 gsm_cleanup_mux(gsm); 2551 2552 gsm->initiator = c->initiator; 2553 gsm->mru = c->mru; 2554 gsm->mtu = c->mtu; 2555 gsm->encoding = c->encapsulation; 2556 gsm->adaption = c->adaption; 2557 gsm->n2 = c->n2; 2558 2559 if (c->i == 1) 2560 gsm->ftype = UIH; 2561 else if (c->i == 2) 2562 gsm->ftype = UI; 2563 2564 if (c->t1) 2565 gsm->t1 = c->t1; 2566 if (c->t2) 2567 gsm->t2 = c->t2; 2568 2569 /* FIXME: We need to separate activation/deactivation from adding 2570 and removing from the mux array */ 2571 if (need_restart) 2572 gsm_activate_mux(gsm); 2573 if (gsm->initiator && need_close) 2574 gsm_dlci_begin_open(gsm->dlci[0]); 2575 return 0; 2576} 2577 2578static int gsmld_ioctl(struct tty_struct *tty, struct file *file, 2579 unsigned int cmd, unsigned long arg) 2580{ 2581 struct gsm_config c; 2582 struct gsm_mux *gsm = tty->disc_data; 2583 2584 switch (cmd) { 2585 case GSMIOC_GETCONF: 2586 memset(&c, 0, sizeof(c)); 2587 c.adaption = gsm->adaption; 2588 c.encapsulation = gsm->encoding; 2589 c.initiator = gsm->initiator; 2590 c.t1 = gsm->t1; 2591 c.t2 = gsm->t2; 2592 c.t3 = 0; /* Not supported */ 2593 c.n2 = gsm->n2; 2594 if (gsm->ftype == UIH) 2595 c.i = 1; 2596 else 2597 c.i = 2; 2598 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i); 2599 c.mru = gsm->mru; 2600 c.mtu = gsm->mtu; 2601 c.k = 0; 2602 if (copy_to_user((void *)arg, &c, sizeof(c))) 2603 return -EFAULT; 2604 return 0; 2605 case GSMIOC_SETCONF: 2606 if (copy_from_user(&c, (void *)arg, sizeof(c))) 2607 return -EFAULT; 2608 return gsmld_config(tty, gsm, &c); 2609 default: 2610 return n_tty_ioctl_helper(tty, file, cmd, arg); 2611 } 2612} 2613 2614/* 2615 * Network interface 2616 * 2617 */ 2618 2619static int gsm_mux_net_open(struct net_device *net) 2620{ 2621 pr_debug("%s called\n", __func__); 2622 netif_start_queue(net); 2623 return 0; 2624} 2625 2626static int gsm_mux_net_close(struct net_device *net) 2627{ 2628 netif_stop_queue(net); 2629 return 0; 2630} 2631 2632static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net) 2633{ 2634 return &((struct gsm_mux_net *)netdev_priv(net))->stats; 2635} 2636static void dlci_net_free(struct gsm_dlci *dlci) 2637{ 2638 if (!dlci->net) { 2639 WARN_ON(1); 2640 return; 2641 } 2642 dlci->adaption = dlci->prev_adaption; 2643 dlci->data = dlci->prev_data; 2644 free_netdev(dlci->net); 2645 dlci->net = NULL; 2646} 2647static void net_free(struct kref *ref) 2648{ 2649 struct gsm_mux_net *mux_net; 2650 struct gsm_dlci *dlci; 2651 2652 mux_net = container_of(ref, struct gsm_mux_net, ref); 2653 dlci = mux_net->dlci; 2654 2655 if (dlci->net) { 2656 unregister_netdev(dlci->net); 2657 dlci_net_free(dlci); 2658 } 2659} 2660 2661static inline void muxnet_get(struct gsm_mux_net *mux_net) 2662{ 2663 kref_get(&mux_net->ref); 2664} 2665 2666static inline void muxnet_put(struct gsm_mux_net *mux_net) 2667{ 2668 kref_put(&mux_net->ref, net_free); 2669} 2670 2671static int gsm_mux_net_start_xmit(struct sk_buff *skb, 2672 struct net_device *net) 2673{ 2674 struct gsm_mux_net *mux_net = netdev_priv(net); 2675 struct gsm_dlci *dlci = mux_net->dlci; 2676 muxnet_get(mux_net); 2677 2678 skb_queue_head(&dlci->skb_list, skb); 2679 STATS(net).tx_packets++; 2680 STATS(net).tx_bytes += skb->len; 2681 gsm_dlci_data_kick(dlci); 2682 /* And tell the kernel when the last transmit started. */ 2683 net->trans_start = jiffies; 2684 muxnet_put(mux_net); 2685 return NETDEV_TX_OK; 2686} 2687 2688/* called when a packet did not ack after watchdogtimeout */ 2689static void gsm_mux_net_tx_timeout(struct net_device *net) 2690{ 2691 /* Tell syslog we are hosed. */ 2692 dev_dbg(&net->dev, "Tx timed out.\n"); 2693 2694 /* Update statistics */ 2695 STATS(net).tx_errors++; 2696} 2697 2698static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2699 unsigned char *in_buf, int size) 2700{ 2701 struct net_device *net = dlci->net; 2702 struct sk_buff *skb; 2703 struct gsm_mux_net *mux_net = netdev_priv(net); 2704 muxnet_get(mux_net); 2705 2706 /* Allocate an sk_buff */ 2707 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2708 if (!skb) { 2709 /* We got no receive buffer. */ 2710 STATS(net).rx_dropped++; 2711 muxnet_put(mux_net); 2712 return; 2713 } 2714 skb_reserve(skb, NET_IP_ALIGN); 2715 memcpy(skb_put(skb, size), in_buf, size); 2716 2717 skb->dev = net; 2718 skb->protocol = __constant_htons(ETH_P_IP); 2719 2720 /* Ship it off to the kernel */ 2721 netif_rx(skb); 2722 2723 /* update out statistics */ 2724 STATS(net).rx_packets++; 2725 STATS(net).rx_bytes += size; 2726 muxnet_put(mux_net); 2727 return; 2728} 2729 2730static int gsm_change_mtu(struct net_device *net, int new_mtu) 2731{ 2732 struct gsm_mux_net *mux_net = netdev_priv(net); 2733 if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu)) 2734 return -EINVAL; 2735 net->mtu = new_mtu; 2736 return 0; 2737} 2738 2739static void gsm_mux_net_init(struct net_device *net) 2740{ 2741 static const struct net_device_ops gsm_netdev_ops = { 2742 .ndo_open = gsm_mux_net_open, 2743 .ndo_stop = gsm_mux_net_close, 2744 .ndo_start_xmit = gsm_mux_net_start_xmit, 2745 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2746 .ndo_get_stats = gsm_mux_net_get_stats, 2747 .ndo_change_mtu = gsm_change_mtu, 2748 }; 2749 2750 net->netdev_ops = &gsm_netdev_ops; 2751 2752 /* fill in the other fields */ 2753 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2754 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2755 net->type = ARPHRD_NONE; 2756 net->tx_queue_len = 10; 2757} 2758 2759 2760/* caller holds the dlci mutex */ 2761static void gsm_destroy_network(struct gsm_dlci *dlci) 2762{ 2763 struct gsm_mux_net *mux_net; 2764 2765 pr_debug("destroy network interface"); 2766 if (!dlci->net) 2767 return; 2768 mux_net = netdev_priv(dlci->net); 2769 muxnet_put(mux_net); 2770} 2771 2772 2773/* caller holds the dlci mutex */ 2774static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2775{ 2776 char *netname; 2777 int retval = 0; 2778 struct net_device *net; 2779 struct gsm_mux_net *mux_net; 2780 2781 if (!capable(CAP_NET_ADMIN)) 2782 return -EPERM; 2783 2784 /* Already in a non tty mode */ 2785 if (dlci->adaption > 2) 2786 return -EBUSY; 2787 2788 if (nc->protocol != htons(ETH_P_IP)) 2789 return -EPROTONOSUPPORT; 2790 2791 if (nc->adaption != 3 && nc->adaption != 4) 2792 return -EPROTONOSUPPORT; 2793 2794 pr_debug("create network interface"); 2795 2796 netname = "gsm%d"; 2797 if (nc->if_name[0] != '\0') 2798 netname = nc->if_name; 2799 net = alloc_netdev(sizeof(struct gsm_mux_net), netname, 2800 NET_NAME_UNKNOWN, gsm_mux_net_init); 2801 if (!net) { 2802 pr_err("alloc_netdev failed"); 2803 return -ENOMEM; 2804 } 2805 net->mtu = dlci->gsm->mtu; 2806 mux_net = netdev_priv(net); 2807 mux_net->dlci = dlci; 2808 kref_init(&mux_net->ref); 2809 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2810 2811 /* reconfigure dlci for network */ 2812 dlci->prev_adaption = dlci->adaption; 2813 dlci->prev_data = dlci->data; 2814 dlci->adaption = nc->adaption; 2815 dlci->data = gsm_mux_rx_netchar; 2816 dlci->net = net; 2817 2818 pr_debug("register netdev"); 2819 retval = register_netdev(net); 2820 if (retval) { 2821 pr_err("network register fail %d\n", retval); 2822 dlci_net_free(dlci); 2823 return retval; 2824 } 2825 return net->ifindex; /* return network index */ 2826} 2827 2828/* Line discipline for real tty */ 2829static struct tty_ldisc_ops tty_ldisc_packet = { 2830 .owner = THIS_MODULE, 2831 .magic = TTY_LDISC_MAGIC, 2832 .name = "n_gsm", 2833 .open = gsmld_open, 2834 .close = gsmld_close, 2835 .flush_buffer = gsmld_flush_buffer, 2836 .chars_in_buffer = gsmld_chars_in_buffer, 2837 .read = gsmld_read, 2838 .write = gsmld_write, 2839 .ioctl = gsmld_ioctl, 2840 .poll = gsmld_poll, 2841 .receive_buf = gsmld_receive_buf, 2842 .write_wakeup = gsmld_write_wakeup 2843}; 2844 2845/* 2846 * Virtual tty side 2847 */ 2848 2849#define TX_SIZE 512 2850 2851static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk) 2852{ 2853 u8 modembits[5]; 2854 struct gsm_control *ctrl; 2855 int len = 2; 2856 2857 if (brk) 2858 len++; 2859 2860 modembits[0] = len << 1 | EA; /* Data bytes */ 2861 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */ 2862 modembits[2] = gsm_encode_modem(dlci) << 1 | EA; 2863 if (brk) 2864 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */ 2865 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1); 2866 if (ctrl == NULL) 2867 return -ENOMEM; 2868 return gsm_control_wait(dlci->gsm, ctrl); 2869} 2870 2871static int gsm_carrier_raised(struct tty_port *port) 2872{ 2873 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2874 /* Not yet open so no carrier info */ 2875 if (dlci->state != DLCI_OPEN) 2876 return 0; 2877 if (debug & 2) 2878 return 1; 2879 return dlci->modem_rx & TIOCM_CD; 2880} 2881 2882static void gsm_dtr_rts(struct tty_port *port, int onoff) 2883{ 2884 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2885 unsigned int modem_tx = dlci->modem_tx; 2886 if (onoff) 2887 modem_tx |= TIOCM_DTR | TIOCM_RTS; 2888 else 2889 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 2890 if (modem_tx != dlci->modem_tx) { 2891 dlci->modem_tx = modem_tx; 2892 gsmtty_modem_update(dlci, 0); 2893 } 2894} 2895 2896static const struct tty_port_operations gsm_port_ops = { 2897 .carrier_raised = gsm_carrier_raised, 2898 .dtr_rts = gsm_dtr_rts, 2899 .destruct = gsm_dlci_free, 2900}; 2901 2902static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 2903{ 2904 struct gsm_mux *gsm; 2905 struct gsm_dlci *dlci; 2906 unsigned int line = tty->index; 2907 unsigned int mux = line >> 6; 2908 bool alloc = false; 2909 int ret; 2910 2911 line = line & 0x3F; 2912 2913 if (mux >= MAX_MUX) 2914 return -ENXIO; 2915 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 2916 if (gsm_mux[mux] == NULL) 2917 return -EUNATCH; 2918 if (line == 0 || line > 61) /* 62/63 reserved */ 2919 return -ECHRNG; 2920 gsm = gsm_mux[mux]; 2921 if (gsm->dead) 2922 return -EL2HLT; 2923 /* If DLCI 0 is not yet fully open return an error. 2924 This is ok from a locking 2925 perspective as we don't have to worry about this 2926 if DLCI0 is lost */ 2927 mutex_lock(&gsm->mutex); 2928 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) { 2929 mutex_unlock(&gsm->mutex); 2930 return -EL2NSYNC; 2931 } 2932 dlci = gsm->dlci[line]; 2933 if (dlci == NULL) { 2934 alloc = true; 2935 dlci = gsm_dlci_alloc(gsm, line); 2936 } 2937 if (dlci == NULL) { 2938 mutex_unlock(&gsm->mutex); 2939 return -ENOMEM; 2940 } 2941 ret = tty_port_install(&dlci->port, driver, tty); 2942 if (ret) { 2943 if (alloc) 2944 dlci_put(dlci); 2945 mutex_unlock(&gsm->mutex); 2946 return ret; 2947 } 2948 2949 dlci_get(dlci); 2950 dlci_get(gsm->dlci[0]); 2951 mux_get(gsm); 2952 tty->driver_data = dlci; 2953 mutex_unlock(&gsm->mutex); 2954 2955 return 0; 2956} 2957 2958static int gsmtty_open(struct tty_struct *tty, struct file *filp) 2959{ 2960 struct gsm_dlci *dlci = tty->driver_data; 2961 struct tty_port *port = &dlci->port; 2962 2963 port->count++; 2964 tty_port_tty_set(port, tty); 2965 2966 dlci->modem_rx = 0; 2967 /* We could in theory open and close before we wait - eg if we get 2968 a DM straight back. This is ok as that will have caused a hangup */ 2969 set_bit(ASYNCB_INITIALIZED, &port->flags); 2970 /* Start sending off SABM messages */ 2971 gsm_dlci_begin_open(dlci); 2972 /* And wait for virtual carrier */ 2973 return tty_port_block_til_ready(port, tty, filp); 2974} 2975 2976static void gsmtty_close(struct tty_struct *tty, struct file *filp) 2977{ 2978 struct gsm_dlci *dlci = tty->driver_data; 2979 struct gsm_mux *gsm; 2980 2981 if (dlci == NULL) 2982 return; 2983 if (dlci->state == DLCI_CLOSED) 2984 return; 2985 mutex_lock(&dlci->mutex); 2986 gsm_destroy_network(dlci); 2987 mutex_unlock(&dlci->mutex); 2988 gsm = dlci->gsm; 2989 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 2990 return; 2991 gsm_dlci_begin_close(dlci); 2992 if (test_bit(ASYNCB_INITIALIZED, &dlci->port.flags)) { 2993 if (C_HUPCL(tty)) 2994 tty_port_lower_dtr_rts(&dlci->port); 2995 } 2996 tty_port_close_end(&dlci->port, tty); 2997 tty_port_tty_set(&dlci->port, NULL); 2998 return; 2999} 3000 3001static void gsmtty_hangup(struct tty_struct *tty) 3002{ 3003 struct gsm_dlci *dlci = tty->driver_data; 3004 if (dlci->state == DLCI_CLOSED) 3005 return; 3006 tty_port_hangup(&dlci->port); 3007 gsm_dlci_begin_close(dlci); 3008} 3009 3010static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 3011 int len) 3012{ 3013 int sent; 3014 struct gsm_dlci *dlci = tty->driver_data; 3015 if (dlci->state == DLCI_CLOSED) 3016 return -EINVAL; 3017 /* Stuff the bytes into the fifo queue */ 3018 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock); 3019 /* Need to kick the channel */ 3020 gsm_dlci_data_kick(dlci); 3021 return sent; 3022} 3023 3024static int gsmtty_write_room(struct tty_struct *tty) 3025{ 3026 struct gsm_dlci *dlci = tty->driver_data; 3027 if (dlci->state == DLCI_CLOSED) 3028 return -EINVAL; 3029 return TX_SIZE - kfifo_len(dlci->fifo); 3030} 3031 3032static int gsmtty_chars_in_buffer(struct tty_struct *tty) 3033{ 3034 struct gsm_dlci *dlci = tty->driver_data; 3035 if (dlci->state == DLCI_CLOSED) 3036 return -EINVAL; 3037 return kfifo_len(dlci->fifo); 3038} 3039 3040static void gsmtty_flush_buffer(struct tty_struct *tty) 3041{ 3042 struct gsm_dlci *dlci = tty->driver_data; 3043 if (dlci->state == DLCI_CLOSED) 3044 return; 3045 /* Caution needed: If we implement reliable transport classes 3046 then the data being transmitted can't simply be junked once 3047 it has first hit the stack. Until then we can just blow it 3048 away */ 3049 kfifo_reset(dlci->fifo); 3050 /* Need to unhook this DLCI from the transmit queue logic */ 3051} 3052 3053static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3054{ 3055 /* The FIFO handles the queue so the kernel will do the right 3056 thing waiting on chars_in_buffer before calling us. No work 3057 to do here */ 3058} 3059 3060static int gsmtty_tiocmget(struct tty_struct *tty) 3061{ 3062 struct gsm_dlci *dlci = tty->driver_data; 3063 if (dlci->state == DLCI_CLOSED) 3064 return -EINVAL; 3065 return dlci->modem_rx; 3066} 3067 3068static int gsmtty_tiocmset(struct tty_struct *tty, 3069 unsigned int set, unsigned int clear) 3070{ 3071 struct gsm_dlci *dlci = tty->driver_data; 3072 unsigned int modem_tx = dlci->modem_tx; 3073 3074 if (dlci->state == DLCI_CLOSED) 3075 return -EINVAL; 3076 modem_tx &= ~clear; 3077 modem_tx |= set; 3078 3079 if (modem_tx != dlci->modem_tx) { 3080 dlci->modem_tx = modem_tx; 3081 return gsmtty_modem_update(dlci, 0); 3082 } 3083 return 0; 3084} 3085 3086 3087static int gsmtty_ioctl(struct tty_struct *tty, 3088 unsigned int cmd, unsigned long arg) 3089{ 3090 struct gsm_dlci *dlci = tty->driver_data; 3091 struct gsm_netconfig nc; 3092 int index; 3093 3094 if (dlci->state == DLCI_CLOSED) 3095 return -EINVAL; 3096 switch (cmd) { 3097 case GSMIOC_ENABLE_NET: 3098 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3099 return -EFAULT; 3100 nc.if_name[IFNAMSIZ-1] = '\0'; 3101 /* return net interface index or error code */ 3102 mutex_lock(&dlci->mutex); 3103 index = gsm_create_network(dlci, &nc); 3104 mutex_unlock(&dlci->mutex); 3105 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3106 return -EFAULT; 3107 return index; 3108 case GSMIOC_DISABLE_NET: 3109 if (!capable(CAP_NET_ADMIN)) 3110 return -EPERM; 3111 mutex_lock(&dlci->mutex); 3112 gsm_destroy_network(dlci); 3113 mutex_unlock(&dlci->mutex); 3114 return 0; 3115 default: 3116 return -ENOIOCTLCMD; 3117 } 3118} 3119 3120static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3121{ 3122 struct gsm_dlci *dlci = tty->driver_data; 3123 if (dlci->state == DLCI_CLOSED) 3124 return; 3125 /* For the moment its fixed. In actual fact the speed information 3126 for the virtual channel can be propogated in both directions by 3127 the RPN control message. This however rapidly gets nasty as we 3128 then have to remap modem signals each way according to whether 3129 our virtual cable is null modem etc .. */ 3130 tty_termios_copy_hw(&tty->termios, old); 3131} 3132 3133static void gsmtty_throttle(struct tty_struct *tty) 3134{ 3135 struct gsm_dlci *dlci = tty->driver_data; 3136 if (dlci->state == DLCI_CLOSED) 3137 return; 3138 if (tty->termios.c_cflag & CRTSCTS) 3139 dlci->modem_tx &= ~TIOCM_DTR; 3140 dlci->throttled = 1; 3141 /* Send an MSC with DTR cleared */ 3142 gsmtty_modem_update(dlci, 0); 3143} 3144 3145static void gsmtty_unthrottle(struct tty_struct *tty) 3146{ 3147 struct gsm_dlci *dlci = tty->driver_data; 3148 if (dlci->state == DLCI_CLOSED) 3149 return; 3150 if (tty->termios.c_cflag & CRTSCTS) 3151 dlci->modem_tx |= TIOCM_DTR; 3152 dlci->throttled = 0; 3153 /* Send an MSC with DTR set */ 3154 gsmtty_modem_update(dlci, 0); 3155} 3156 3157static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3158{ 3159 struct gsm_dlci *dlci = tty->driver_data; 3160 int encode = 0; /* Off */ 3161 if (dlci->state == DLCI_CLOSED) 3162 return -EINVAL; 3163 3164 if (state == -1) /* "On indefinitely" - we can't encode this 3165 properly */ 3166 encode = 0x0F; 3167 else if (state > 0) { 3168 encode = state / 200; /* mS to encoding */ 3169 if (encode > 0x0F) 3170 encode = 0x0F; /* Best effort */ 3171 } 3172 return gsmtty_modem_update(dlci, encode); 3173} 3174 3175static void gsmtty_cleanup(struct tty_struct *tty) 3176{ 3177 struct gsm_dlci *dlci = tty->driver_data; 3178 struct gsm_mux *gsm = dlci->gsm; 3179 3180 dlci_put(dlci); 3181 dlci_put(gsm->dlci[0]); 3182 mux_put(gsm); 3183} 3184 3185/* Virtual ttys for the demux */ 3186static const struct tty_operations gsmtty_ops = { 3187 .install = gsmtty_install, 3188 .open = gsmtty_open, 3189 .close = gsmtty_close, 3190 .write = gsmtty_write, 3191 .write_room = gsmtty_write_room, 3192 .chars_in_buffer = gsmtty_chars_in_buffer, 3193 .flush_buffer = gsmtty_flush_buffer, 3194 .ioctl = gsmtty_ioctl, 3195 .throttle = gsmtty_throttle, 3196 .unthrottle = gsmtty_unthrottle, 3197 .set_termios = gsmtty_set_termios, 3198 .hangup = gsmtty_hangup, 3199 .wait_until_sent = gsmtty_wait_until_sent, 3200 .tiocmget = gsmtty_tiocmget, 3201 .tiocmset = gsmtty_tiocmset, 3202 .break_ctl = gsmtty_break_ctl, 3203 .cleanup = gsmtty_cleanup, 3204}; 3205 3206 3207 3208static int __init gsm_init(void) 3209{ 3210 /* Fill in our line protocol discipline, and register it */ 3211 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet); 3212 if (status != 0) { 3213 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3214 status); 3215 return status; 3216 } 3217 3218 gsm_tty_driver = alloc_tty_driver(256); 3219 if (!gsm_tty_driver) { 3220 tty_unregister_ldisc(N_GSM0710); 3221 pr_err("gsm_init: tty allocation failed.\n"); 3222 return -EINVAL; 3223 } 3224 gsm_tty_driver->driver_name = "gsmtty"; 3225 gsm_tty_driver->name = "gsmtty"; 3226 gsm_tty_driver->major = 0; /* Dynamic */ 3227 gsm_tty_driver->minor_start = 0; 3228 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3229 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3230 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV 3231 | TTY_DRIVER_HARDWARE_BREAK; 3232 gsm_tty_driver->init_termios = tty_std_termios; 3233 /* Fixme */ 3234 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3235 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3236 3237 spin_lock_init(&gsm_mux_lock); 3238 3239 if (tty_register_driver(gsm_tty_driver)) { 3240 put_tty_driver(gsm_tty_driver); 3241 tty_unregister_ldisc(N_GSM0710); 3242 pr_err("gsm_init: tty registration failed.\n"); 3243 return -EBUSY; 3244 } 3245 pr_debug("gsm_init: loaded as %d,%d.\n", 3246 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3247 return 0; 3248} 3249 3250static void __exit gsm_exit(void) 3251{ 3252 int status = tty_unregister_ldisc(N_GSM0710); 3253 if (status != 0) 3254 pr_err("n_gsm: can't unregister line discipline (err = %d)\n", 3255 status); 3256 tty_unregister_driver(gsm_tty_driver); 3257 put_tty_driver(gsm_tty_driver); 3258} 3259 3260module_init(gsm_init); 3261module_exit(gsm_exit); 3262 3263 3264MODULE_LICENSE("GPL"); 3265MODULE_ALIAS_LDISC(N_GSM0710); 3266