1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
56 module_param(debug, int, 0600);
58 /* Defaults: these are from the specification */
60 #define T1 10 /* 100mS */
61 #define T2 34 /* 333mS */
62 #define N2 3 /* Retry 3 times */
64 /* Use long timers for testing at low speed with debug on */
71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
72 * limits so this is plenty
76 #define GSM_NET_TX_TIMEOUT (HZ*10)
79 * struct gsm_mux_net - network interface
81 * Created when net interface is initialized.
85 struct gsm_dlci *dlci;
89 * Each block of data we have queued to go out is in the form of
90 * a gsm_msg which holds everything we need in a link layer independent
95 struct list_head list;
96 u8 addr; /* DLCI address + flags */
97 u8 ctrl; /* Control byte + flags */
98 unsigned int len; /* Length of data block (can be zero) */
99 unsigned char *data; /* Points into buffer but not at the start */
100 unsigned char buffer[];
103 enum gsm_dlci_state {
105 DLCI_OPENING, /* Sending SABM not seen UA */
106 DLCI_OPEN, /* SABM/UA complete */
107 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
111 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
112 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
116 * Each active data link has a gsm_dlci structure associated which ties
117 * the link layer to an optional tty (if the tty side is open). To avoid
118 * complexity right now these are only ever freed up when the mux is
121 * At the moment we don't free DLCI objects until the mux is torn down
122 * this avoid object life time issues but might be worth review later.
128 enum gsm_dlci_state state;
132 enum gsm_dlci_mode mode;
133 spinlock_t lock; /* Protects the internal state */
134 struct timer_list t1; /* Retransmit timer for SABM and UA */
136 /* Uplink tty if active */
137 struct tty_port port; /* The tty bound to this DLCI if there is one */
138 struct kfifo fifo; /* Queue fifo for the DLCI */
139 int adaption; /* Adaption layer in use */
141 u32 modem_rx; /* Our incoming virtual modem lines */
142 u32 modem_tx; /* Our outgoing modem lines */
143 bool dead; /* Refuse re-open */
145 bool throttled; /* Private copy of throttle state */
146 bool constipated; /* Throttle status for outgoing */
148 struct sk_buff *skb; /* Frame being sent */
149 struct sk_buff_head skb_list; /* Queued frames */
150 /* Data handling callback */
151 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
152 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
153 struct net_device *net; /* network interface, if created */
156 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
161 * DLCI 0 is used to pass control blocks out of band of the data
162 * flow (and with a higher link priority). One command can be outstanding
163 * at a time and we use this structure to manage them. They are created
164 * and destroyed by the user context, and updated by the receive paths
169 u8 cmd; /* Command we are issuing */
170 u8 *data; /* Data for the command in case we retransmit */
171 int len; /* Length of block for retransmission */
172 int done; /* Done flag */
173 int error; /* Error if any */
191 * Each GSM mux we have is represented by this structure. If we are
192 * operating as an ldisc then we use this structure as our ldisc
193 * state. We need to sort out lifetimes and locking with respect
194 * to the gsm mux array. For now we don't free DLCI objects that
195 * have been instantiated until the mux itself is terminated.
197 * To consider further: tty open versus mux shutdown.
201 struct tty_struct *tty; /* The tty our ldisc is bound to */
207 /* Events on the GSM channel */
208 wait_queue_head_t event;
210 /* Bits for GSM mode decoding */
214 enum gsm_mux_state state;
216 unsigned int address;
223 u8 *txframe; /* TX framing buffer */
225 /* Method for the receiver side */
226 void (*receive)(struct gsm_mux *gsm, u8 ch);
231 int initiator; /* Did we initiate connection */
232 bool dead; /* Has the mux been shut down */
233 struct gsm_dlci *dlci[NUM_DLCI];
234 bool constipated; /* Asked by remote to shut up */
237 unsigned int tx_bytes; /* TX data outstanding */
238 #define TX_THRESH_HI 8192
239 #define TX_THRESH_LO 2048
240 struct list_head tx_list; /* Pending data packets */
242 /* Control messages */
243 struct timer_list t2_timer; /* Retransmit timer for commands */
244 int cretries; /* Command retry counter */
245 struct gsm_control *pending_cmd;/* Our current pending command */
246 spinlock_t control_lock; /* Protects the pending command */
249 int adaption; /* 1 or 2 supported */
250 u8 ftype; /* UI or UIH */
251 int t1, t2; /* Timers in 1/100th of a sec */
252 int n2; /* Retry count */
254 /* Statistics (not currently exposed) */
255 unsigned long bad_fcs;
256 unsigned long malformed;
257 unsigned long io_error;
258 unsigned long bad_size;
259 unsigned long unsupported;
264 * Mux objects - needed so that we can translate a tty index into the
265 * relevant mux and DLCI.
268 #define MAX_MUX 4 /* 256 minors */
269 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
270 static DEFINE_SPINLOCK(gsm_mux_lock);
272 static struct tty_driver *gsm_tty_driver;
275 * This section of the driver logic implements the GSM encodings
276 * both the basic and the 'advanced'. Reliable transport is not
284 /* I is special: the rest are ..*/
295 /* Channel commands */
297 #define CMD_TEST 0x11
300 #define CMD_FCOFF 0x31
303 #define CMD_FCON 0x51
308 /* Virtual modem bits */
315 #define GSM0_SOF 0xF9
316 #define GSM1_SOF 0x7E
317 #define GSM1_ESCAPE 0x7D
318 #define GSM1_ESCAPE_BITS 0x20
321 #define ISO_IEC_646_MASK 0x7F
323 static const struct tty_port_operations gsm_port_ops;
326 * CRC table for GSM 0710
329 static const u8 gsm_fcs8[256] = {
330 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
331 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
332 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
333 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
334 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
335 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
336 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
337 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
338 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
339 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
340 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
341 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
342 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
343 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
344 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
345 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
346 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
347 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
348 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
349 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
350 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
351 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
352 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
353 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
354 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
355 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
356 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
357 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
358 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
359 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
360 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
361 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
364 #define INIT_FCS 0xFF
365 #define GOOD_FCS 0xCF
367 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
370 * gsm_fcs_add - update FCS
374 * Update the FCS to include c. Uses the algorithm in the specification
378 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
380 return gsm_fcs8[fcs ^ c];
384 * gsm_fcs_add_block - update FCS for a block
387 * @len: length of buffer
389 * Update the FCS to include c. Uses the algorithm in the specification
393 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
396 fcs = gsm_fcs8[fcs ^ *c++];
401 * gsm_read_ea - read a byte into an EA
402 * @val: variable holding value
403 * @c: byte going into the EA
405 * Processes one byte of an EA. Updates the passed variable
406 * and returns 1 if the EA is now completely read
409 static int gsm_read_ea(unsigned int *val, u8 c)
411 /* Add the next 7 bits into the value */
414 /* Was this the last byte of the EA 1 = yes*/
419 * gsm_encode_modem - encode modem data bits
420 * @dlci: DLCI to encode from
422 * Returns the correct GSM encoded modem status bits (6 bit field) for
423 * the current status of the DLCI and attached tty object
426 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
429 /* FC is true flow control not modem bits */
432 if (dlci->modem_tx & TIOCM_DTR)
433 modembits |= MDM_RTC;
434 if (dlci->modem_tx & TIOCM_RTS)
435 modembits |= MDM_RTR;
436 if (dlci->modem_tx & TIOCM_RI)
438 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
444 * gsm_print_packet - display a frame for debug
445 * @hdr: header to print before decode
446 * @addr: address EA from the frame
447 * @cr: C/R bit from the frame
448 * @control: control including PF bit
449 * @data: following data bytes
450 * @dlen: length of data
452 * Displays a packet in human readable format for debugging purposes. The
453 * style is based on amateur radio LAP-B dump display.
456 static void gsm_print_packet(const char *hdr, int addr, int cr,
457 u8 control, const u8 *data, int dlen)
462 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
464 switch (control & ~PF) {
484 if (!(control & 0x01)) {
485 pr_cont("I N(S)%d N(R)%d",
486 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
487 } else switch (control & 0x0F) {
489 pr_cont("RR(%d)", (control & 0xE0) >> 5);
492 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
495 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
498 pr_cont("[%02X]", control);
507 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen);
512 * Link level transmission side
516 * gsm_stuff_frame - bytestuff a packet
517 * @input: input buffer
518 * @output: output buffer
519 * @len: length of input
521 * Expand a buffer by bytestuffing it. The worst case size change
522 * is doubling and the caller is responsible for handing out
523 * suitable sized buffers.
526 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
530 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
531 || (*input & ISO_IEC_646_MASK) == XON
532 || (*input & ISO_IEC_646_MASK) == XOFF) {
533 *output++ = GSM1_ESCAPE;
534 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
537 *output++ = *input++;
544 * gsm_send - send a control frame
546 * @addr: address for control frame
547 * @cr: command/response bit
548 * @control: control byte including PF bit
550 * Format up and transmit a control frame. These do not go via the
551 * queueing logic as they should be transmitted ahead of data when
554 * FIXME: Lock versus data TX path
557 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
563 switch (gsm->encoding) {
566 cbuf[1] = (addr << 2) | (cr << 1) | EA;
568 cbuf[3] = EA; /* Length of data = 0 */
569 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
575 /* Control frame + packing (but not frame stuffing) in mode 1 */
576 ibuf[0] = (addr << 2) | (cr << 1) | EA;
578 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
579 /* Stuffing may double the size worst case */
580 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
581 /* Now add the SOF markers */
583 cbuf[len + 1] = GSM1_SOF;
584 /* FIXME: we can omit the lead one in many cases */
591 gsmld_output(gsm, cbuf, len);
592 gsm_print_packet("-->", addr, cr, control, NULL, 0);
596 * gsm_response - send a control response
598 * @addr: address for control frame
599 * @control: control byte including PF bit
601 * Format up and transmit a link level response frame.
604 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
606 gsm_send(gsm, addr, 0, control);
610 * gsm_command - send a control command
612 * @addr: address for control frame
613 * @control: control byte including PF bit
615 * Format up and transmit a link level command frame.
618 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
620 gsm_send(gsm, addr, 1, control);
623 /* Data transmission */
625 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
628 * gsm_data_alloc - allocate data frame
630 * @addr: DLCI address
631 * @len: length excluding header and FCS
632 * @ctrl: control byte
634 * Allocate a new data buffer for sending frames with data. Space is left
635 * at the front for header bytes but that is treated as an implementation
636 * detail and not for the high level code to use
639 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
642 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
646 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
650 INIT_LIST_HEAD(&m->list);
655 * gsm_data_kick - poke the queue
657 * @dlci: DLCI sending the data
659 * The tty device has called us to indicate that room has appeared in
660 * the transmit queue. Ram more data into the pipe if we have any
661 * If we have been flow-stopped by a CMD_FCOFF, then we can only
662 * send messages on DLCI0 until CMD_FCON
664 * FIXME: lock against link layer control transmissions
667 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
669 struct gsm_msg *msg, *nmsg;
672 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
673 if (gsm->constipated && msg->addr)
675 if (gsm->encoding != 0) {
676 gsm->txframe[0] = GSM1_SOF;
677 len = gsm_stuff_frame(msg->data,
678 gsm->txframe + 1, msg->len);
679 gsm->txframe[len + 1] = GSM1_SOF;
682 gsm->txframe[0] = GSM0_SOF;
683 memcpy(gsm->txframe + 1 , msg->data, msg->len);
684 gsm->txframe[msg->len + 1] = GSM0_SOF;
689 print_hex_dump_bytes("gsm_data_kick: ",
692 if (gsmld_output(gsm, gsm->txframe, len) < 0)
694 /* FIXME: Can eliminate one SOF in many more cases */
695 gsm->tx_bytes -= msg->len;
697 list_del(&msg->list);
701 tty_port_tty_wakeup(&dlci->port);
705 for (i = 0; i < NUM_DLCI; i++)
707 tty_port_tty_wakeup(&gsm->dlci[i]->port);
713 * __gsm_data_queue - queue a UI or UIH frame
714 * @dlci: DLCI sending the data
715 * @msg: message queued
717 * Add data to the transmit queue and try and get stuff moving
718 * out of the mux tty if not already doing so. The Caller must hold
722 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
724 struct gsm_mux *gsm = dlci->gsm;
726 u8 *fcs = dp + msg->len;
728 /* Fill in the header */
729 if (gsm->encoding == 0) {
731 *--dp = (msg->len << 1) | EA;
733 *--dp = (msg->len >> 7); /* bits 7 - 15 */
734 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
740 *--dp = (msg->addr << 2) | 2 | EA;
742 *--dp = (msg->addr << 2) | EA;
743 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
744 /* Ugly protocol layering violation */
745 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
746 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
749 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
750 msg->data, msg->len);
752 /* Move the header back and adjust the length, also allow for the FCS
753 now tacked on the end */
754 msg->len += (msg->data - dp) + 1;
757 /* Add to the actual output queue */
758 list_add_tail(&msg->list, &gsm->tx_list);
759 gsm->tx_bytes += msg->len;
760 gsm_data_kick(gsm, dlci);
764 * gsm_data_queue - queue a UI or UIH frame
765 * @dlci: DLCI sending the data
766 * @msg: message queued
768 * Add data to the transmit queue and try and get stuff moving
769 * out of the mux tty if not already doing so. Take the
770 * the gsm tx lock and dlci lock.
773 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
776 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
777 __gsm_data_queue(dlci, msg);
778 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
782 * gsm_dlci_data_output - try and push data out of a DLCI
784 * @dlci: the DLCI to pull data from
786 * Pull data from a DLCI and send it into the transmit queue if there
787 * is data. Keep to the MRU of the mux. This path handles the usual tty
788 * interface which is a byte stream with optional modem data.
790 * Caller must hold the tx_lock of the mux.
793 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
797 int len, total_size, size;
798 int h = dlci->adaption - 1;
802 len = kfifo_len(&dlci->fifo);
806 /* MTU/MRU count only the data bits */
812 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
813 /* FIXME: need a timer or something to kick this so it can't
814 get stuck with no work outstanding and no buffer free */
818 switch (dlci->adaption) {
819 case 1: /* Unstructured */
821 case 2: /* Unstructed with modem bits.
822 Always one byte as we never send inline break data */
823 *dp++ = gsm_encode_modem(dlci);
826 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len);
827 __gsm_data_queue(dlci, msg);
830 /* Bytes of data we used up */
835 * gsm_dlci_data_output_framed - try and push data out of a DLCI
837 * @dlci: the DLCI to pull data from
839 * Pull data from a DLCI and send it into the transmit queue if there
840 * is data. Keep to the MRU of the mux. This path handles framed data
841 * queued as skbuffs to the DLCI.
843 * Caller must hold the tx_lock of the mux.
846 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
847 struct gsm_dlci *dlci)
852 int last = 0, first = 0;
855 /* One byte per frame is used for B/F flags */
856 if (dlci->adaption == 4)
859 /* dlci->skb is locked by tx_lock */
860 if (dlci->skb == NULL) {
861 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
862 if (dlci->skb == NULL)
866 len = dlci->skb->len + overhead;
868 /* MTU/MRU count only the data bits */
869 if (len > gsm->mtu) {
870 if (dlci->adaption == 3) {
871 /* Over long frame, bin it */
872 dev_kfree_skb_any(dlci->skb);
880 size = len + overhead;
881 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
883 /* FIXME: need a timer or something to kick this so it can't
884 get stuck with no work outstanding and no buffer free */
886 skb_queue_tail(&dlci->skb_list, dlci->skb);
892 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
893 /* Flag byte to carry the start/end info */
894 *dp++ = last << 7 | first << 6 | 1; /* EA */
897 memcpy(dp, dlci->skb->data, len);
898 skb_pull(dlci->skb, len);
899 __gsm_data_queue(dlci, msg);
901 dev_kfree_skb_any(dlci->skb);
908 * gsm_dlci_data_sweep - look for data to send
911 * Sweep the GSM mux channels in priority order looking for ones with
912 * data to send. We could do with optimising this scan a bit. We aim
913 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
914 * TX_THRESH_LO we get called again
916 * FIXME: We should round robin between groups and in theory you can
917 * renegotiate DLCI priorities with optional stuff. Needs optimising.
920 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
923 /* Priority ordering: We should do priority with RR of the groups */
926 while (i < NUM_DLCI) {
927 struct gsm_dlci *dlci;
929 if (gsm->tx_bytes > TX_THRESH_HI)
932 if (dlci == NULL || dlci->constipated) {
936 if (dlci->adaption < 3 && !dlci->net)
937 len = gsm_dlci_data_output(gsm, dlci);
939 len = gsm_dlci_data_output_framed(gsm, dlci);
942 /* DLCI empty - try the next */
949 * gsm_dlci_data_kick - transmit if possible
950 * @dlci: DLCI to kick
952 * Transmit data from this DLCI if the queue is empty. We can't rely on
953 * a tty wakeup except when we filled the pipe so we need to fire off
954 * new data ourselves in other cases.
957 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
962 if (dlci->constipated)
965 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
966 /* If we have nothing running then we need to fire up */
967 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
968 if (dlci->gsm->tx_bytes == 0) {
970 gsm_dlci_data_output_framed(dlci->gsm, dlci);
972 gsm_dlci_data_output(dlci->gsm, dlci);
975 gsm_dlci_data_sweep(dlci->gsm);
976 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
980 * Control message processing
985 * gsm_control_reply - send a response frame to a control
987 * @cmd: the command to use
988 * @data: data to follow encoded info
989 * @dlen: length of data
991 * Encode up and queue a UI/UIH frame containing our response.
994 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
998 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1001 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1002 msg->data[1] = (dlen << 1) | EA;
1003 memcpy(msg->data + 2, data, dlen);
1004 gsm_data_queue(gsm->dlci[0], msg);
1008 * gsm_process_modem - process received modem status
1009 * @tty: virtual tty bound to the DLCI
1010 * @dlci: DLCI to affect
1011 * @modem: modem bits (full EA)
1012 * @clen: command length
1014 * Used when a modem control message or line state inline in adaption
1015 * layer 2 is processed. Sort out the local modem state and throttles
1018 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1019 u32 modem, int clen)
1025 /* The modem status command can either contain one octet (v.24 signals)
1026 or two octets (v.24 signals + break signals). The length field will
1027 either be 2 or 3 respectively. This is specified in section
1028 5.4.6.3.7 of the 27.010 mux spec. */
1031 modem = modem & 0x7f;
1034 modem = (modem >> 7) & 0x7f;
1037 /* Flow control/ready to communicate */
1038 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1039 if (fc && !dlci->constipated) {
1040 /* Need to throttle our output on this device */
1041 dlci->constipated = true;
1042 } else if (!fc && dlci->constipated) {
1043 dlci->constipated = false;
1044 gsm_dlci_data_kick(dlci);
1047 /* Map modem bits */
1048 if (modem & MDM_RTC)
1049 mlines |= TIOCM_DSR | TIOCM_DTR;
1050 if (modem & MDM_RTR)
1051 mlines |= TIOCM_RTS | TIOCM_CTS;
1057 /* Carrier drop -> hangup */
1059 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1064 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1065 dlci->modem_rx = mlines;
1069 * gsm_control_modem - modem status received
1071 * @data: data following command
1072 * @clen: command length
1074 * We have received a modem status control message. This is used by
1075 * the GSM mux protocol to pass virtual modem line status and optionally
1076 * to indicate break signals. Unpack it, convert to Linux representation
1077 * and if need be stuff a break message down the tty.
1080 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1082 unsigned int addr = 0;
1083 unsigned int modem = 0;
1084 unsigned int brk = 0;
1085 struct gsm_dlci *dlci;
1087 const u8 *dp = data;
1088 struct tty_struct *tty;
1090 while (gsm_read_ea(&addr, *dp++) == 0) {
1095 /* Must be at least one byte following the EA */
1101 /* Closed port, or invalid ? */
1102 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1104 dlci = gsm->dlci[addr];
1106 while (gsm_read_ea(&modem, *dp++) == 0) {
1113 while (gsm_read_ea(&brk, *dp++) == 0) {
1119 modem |= (brk & 0x7f);
1121 tty = tty_port_tty_get(&dlci->port);
1122 gsm_process_modem(tty, dlci, modem, clen);
1127 gsm_control_reply(gsm, CMD_MSC, data, clen);
1131 * gsm_control_rls - remote line status
1134 * @clen: data length
1136 * The modem sends us a two byte message on the control channel whenever
1137 * it wishes to send us an error state from the virtual link. Stuff
1138 * this into the uplink tty if present
1141 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1143 struct tty_port *port;
1144 unsigned int addr = 0;
1147 const u8 *dp = data;
1149 while (gsm_read_ea(&addr, *dp++) == 0) {
1154 /* Must be at least one byte following ea */
1159 /* Closed port, or invalid ? */
1160 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1164 if ((bits & 1) == 0)
1167 port = &gsm->dlci[addr]->port;
1170 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1172 tty_insert_flip_char(port, 0, TTY_PARITY);
1174 tty_insert_flip_char(port, 0, TTY_FRAME);
1176 tty_flip_buffer_push(port);
1178 gsm_control_reply(gsm, CMD_RLS, data, clen);
1181 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1184 * gsm_control_message - DLCI 0 control processing
1186 * @command: the command EA
1187 * @data: data beyond the command/length EAs
1190 * Input processor for control messages from the other end of the link.
1191 * Processes the incoming request and queues a response frame or an
1192 * NSC response if not supported
1195 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1196 const u8 *data, int clen)
1199 unsigned long flags;
1203 struct gsm_dlci *dlci = gsm->dlci[0];
1204 /* Modem wishes to close down */
1208 gsm_dlci_begin_close(dlci);
1213 /* Modem wishes to test, reply with the data */
1214 gsm_control_reply(gsm, CMD_TEST, data, clen);
1217 /* Modem can accept data again */
1218 gsm->constipated = false;
1219 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1220 /* Kick the link in case it is idling */
1221 spin_lock_irqsave(&gsm->tx_lock, flags);
1222 gsm_data_kick(gsm, NULL);
1223 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1226 /* Modem wants us to STFU */
1227 gsm->constipated = true;
1228 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1231 /* Out of band modem line change indicator for a DLCI */
1232 gsm_control_modem(gsm, data, clen);
1235 /* Out of band error reception for a DLCI */
1236 gsm_control_rls(gsm, data, clen);
1239 /* Modem wishes to enter power saving state */
1240 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1242 /* Optional unsupported commands */
1243 case CMD_PN: /* Parameter negotiation */
1244 case CMD_RPN: /* Remote port negotiation */
1245 case CMD_SNC: /* Service negotiation command */
1247 /* Reply to bad commands with an NSC */
1249 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1255 * gsm_control_response - process a response to our control
1257 * @command: the command (response) EA
1258 * @data: data beyond the command/length EA
1261 * Process a response to an outstanding command. We only allow a single
1262 * control message in flight so this is fairly easy. All the clean up
1263 * is done by the caller, we just update the fields, flag it as done
1267 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1268 const u8 *data, int clen)
1270 struct gsm_control *ctrl;
1271 unsigned long flags;
1273 spin_lock_irqsave(&gsm->control_lock, flags);
1275 ctrl = gsm->pending_cmd;
1276 /* Does the reply match our command */
1278 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1279 /* Our command was replied to, kill the retry timer */
1280 del_timer(&gsm->t2_timer);
1281 gsm->pending_cmd = NULL;
1282 /* Rejected by the other end */
1283 if (command == CMD_NSC)
1284 ctrl->error = -EOPNOTSUPP;
1286 wake_up(&gsm->event);
1288 spin_unlock_irqrestore(&gsm->control_lock, flags);
1292 * gsm_control_transmit - send control packet
1294 * @ctrl: frame to send
1296 * Send out a pending control command (called under control lock)
1299 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1301 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1304 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1305 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1306 gsm_data_queue(gsm->dlci[0], msg);
1310 * gsm_control_retransmit - retransmit a control frame
1311 * @t: timer contained in our gsm object
1313 * Called off the T2 timer expiry in order to retransmit control frames
1314 * that have been lost in the system somewhere. The control_lock protects
1315 * us from colliding with another sender or a receive completion event.
1316 * In that situation the timer may still occur in a small window but
1317 * gsm->pending_cmd will be NULL and we just let the timer expire.
1320 static void gsm_control_retransmit(struct timer_list *t)
1322 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1323 struct gsm_control *ctrl;
1324 unsigned long flags;
1325 spin_lock_irqsave(&gsm->control_lock, flags);
1326 ctrl = gsm->pending_cmd;
1329 if (gsm->cretries == 0) {
1330 gsm->pending_cmd = NULL;
1331 ctrl->error = -ETIMEDOUT;
1333 spin_unlock_irqrestore(&gsm->control_lock, flags);
1334 wake_up(&gsm->event);
1337 gsm_control_transmit(gsm, ctrl);
1338 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1340 spin_unlock_irqrestore(&gsm->control_lock, flags);
1344 * gsm_control_send - send a control frame on DLCI 0
1345 * @gsm: the GSM channel
1346 * @command: command to send including CR bit
1347 * @data: bytes of data (must be kmalloced)
1348 * @clen: length of the block to send
1350 * Queue and dispatch a control command. Only one command can be
1351 * active at a time. In theory more can be outstanding but the matching
1352 * gets really complicated so for now stick to one outstanding.
1355 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1356 unsigned int command, u8 *data, int clen)
1358 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1360 unsigned long flags;
1364 wait_event(gsm->event, gsm->pending_cmd == NULL);
1365 spin_lock_irqsave(&gsm->control_lock, flags);
1366 if (gsm->pending_cmd != NULL) {
1367 spin_unlock_irqrestore(&gsm->control_lock, flags);
1370 ctrl->cmd = command;
1373 gsm->pending_cmd = ctrl;
1375 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1376 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1379 gsm->cretries = gsm->n2;
1381 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1382 gsm_control_transmit(gsm, ctrl);
1383 spin_unlock_irqrestore(&gsm->control_lock, flags);
1388 * gsm_control_wait - wait for a control to finish
1390 * @control: control we are waiting on
1392 * Waits for the control to complete or time out. Frees any used
1393 * resources and returns 0 for success, or an error if the remote
1394 * rejected or ignored the request.
1397 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1400 wait_event(gsm->event, control->done == 1);
1401 err = control->error;
1408 * DLCI level handling: Needs krefs
1412 * State transitions and timers
1416 * gsm_dlci_close - a DLCI has closed
1417 * @dlci: DLCI that closed
1419 * Perform processing when moving a DLCI into closed state. If there
1420 * is an attached tty this is hung up
1423 static void gsm_dlci_close(struct gsm_dlci *dlci)
1425 del_timer(&dlci->t1);
1427 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1428 dlci->state = DLCI_CLOSED;
1429 if (dlci->addr != 0) {
1430 tty_port_tty_hangup(&dlci->port, false);
1431 kfifo_reset(&dlci->fifo);
1433 dlci->gsm->dead = true;
1434 wake_up(&dlci->gsm->event);
1435 /* A DLCI 0 close is a MUX termination so we need to kick that
1436 back to userspace somehow */
1440 * gsm_dlci_open - a DLCI has opened
1441 * @dlci: DLCI that opened
1443 * Perform processing when moving a DLCI into open state.
1446 static void gsm_dlci_open(struct gsm_dlci *dlci)
1448 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1450 del_timer(&dlci->t1);
1451 /* This will let a tty open continue */
1452 dlci->state = DLCI_OPEN;
1454 pr_debug("DLCI %d goes open.\n", dlci->addr);
1455 wake_up(&dlci->gsm->event);
1459 * gsm_dlci_t1 - T1 timer expiry
1460 * @t: timer contained in the DLCI that opened
1462 * The T1 timer handles retransmits of control frames (essentially of
1463 * SABM and DISC). We resend the command until the retry count runs out
1464 * in which case an opening port goes back to closed and a closing port
1465 * is simply put into closed state (any further frames from the other
1466 * end will get a DM response)
1468 * Some control dlci can stay in ADM mode with other dlci working just
1469 * fine. In that case we can just keep the control dlci open after the
1470 * DLCI_OPENING retries time out.
1473 static void gsm_dlci_t1(struct timer_list *t)
1475 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1476 struct gsm_mux *gsm = dlci->gsm;
1478 switch (dlci->state) {
1481 if (dlci->retries) {
1482 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1483 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1484 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1486 pr_info("DLCI %d opening in ADM mode.\n",
1488 dlci->mode = DLCI_MODE_ADM;
1489 gsm_dlci_open(dlci);
1491 gsm_dlci_begin_close(dlci); /* prevent half open link */
1497 if (dlci->retries) {
1498 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1499 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1501 gsm_dlci_close(dlci);
1504 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1510 * gsm_dlci_begin_open - start channel open procedure
1511 * @dlci: DLCI to open
1513 * Commence opening a DLCI from the Linux side. We issue SABM messages
1514 * to the modem which should then reply with a UA or ADM, at which point
1515 * we will move into open state. Opening is done asynchronously with retry
1516 * running off timers and the responses.
1519 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1521 struct gsm_mux *gsm = dlci->gsm;
1522 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1524 dlci->retries = gsm->n2;
1525 dlci->state = DLCI_OPENING;
1526 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1527 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1531 * gsm_dlci_begin_close - start channel open procedure
1532 * @dlci: DLCI to open
1534 * Commence closing a DLCI from the Linux side. We issue DISC messages
1535 * to the modem which should then reply with a UA, at which point we
1536 * will move into closed state. Closing is done asynchronously with retry
1537 * off timers. We may also receive a DM reply from the other end which
1538 * indicates the channel was already closed.
1541 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1543 struct gsm_mux *gsm = dlci->gsm;
1544 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1546 dlci->retries = gsm->n2;
1547 dlci->state = DLCI_CLOSING;
1548 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1549 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1553 * gsm_dlci_data - data arrived
1555 * @data: block of bytes received
1556 * @clen: length of received block
1558 * A UI or UIH frame has arrived which contains data for a channel
1559 * other than the control channel. If the relevant virtual tty is
1560 * open we shovel the bits down it, if not we drop them.
1563 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1566 struct tty_port *port = &dlci->port;
1567 struct tty_struct *tty;
1568 unsigned int modem = 0;
1572 pr_debug("%d bytes for tty\n", len);
1573 switch (dlci->adaption) {
1574 /* Unsupported types */
1575 case 4: /* Packetised interruptible data */
1577 case 3: /* Packetised uininterruptible voice/data */
1579 case 2: /* Asynchronous serial with line state in each frame */
1580 while (gsm_read_ea(&modem, *data++) == 0) {
1585 tty = tty_port_tty_get(port);
1587 gsm_process_modem(tty, dlci, modem, clen);
1591 case 1: /* Line state will go via DLCI 0 controls only */
1593 tty_insert_flip_string(port, data, len);
1594 tty_flip_buffer_push(port);
1599 * gsm_dlci_command - data arrived on control channel
1601 * @data: block of bytes received
1602 * @len: length of received block
1604 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1605 * control channel. This should contain a command EA followed by
1606 * control data bytes. The command EA contains a command/response bit
1607 * and we divide up the work accordingly.
1610 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1612 /* See what command is involved */
1613 unsigned int command = 0;
1615 if (gsm_read_ea(&command, *data++) == 1) {
1618 /* FIXME: this is properly an EA */
1620 /* Malformed command ? */
1624 gsm_control_message(dlci->gsm, command,
1627 gsm_control_response(dlci->gsm, command,
1635 * Allocate/Free DLCI channels
1639 * gsm_dlci_alloc - allocate a DLCI
1641 * @addr: address of the DLCI
1643 * Allocate and install a new DLCI object into the GSM mux.
1645 * FIXME: review locking races
1648 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1650 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1653 spin_lock_init(&dlci->lock);
1654 mutex_init(&dlci->mutex);
1655 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1660 skb_queue_head_init(&dlci->skb_list);
1661 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1662 tty_port_init(&dlci->port);
1663 dlci->port.ops = &gsm_port_ops;
1666 dlci->adaption = gsm->adaption;
1667 dlci->state = DLCI_CLOSED;
1669 dlci->data = gsm_dlci_data;
1671 dlci->data = gsm_dlci_command;
1672 gsm->dlci[addr] = dlci;
1677 * gsm_dlci_free - free DLCI
1678 * @port: tty port for DLCI to free
1684 static void gsm_dlci_free(struct tty_port *port)
1686 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1688 del_timer_sync(&dlci->t1);
1689 dlci->gsm->dlci[dlci->addr] = NULL;
1690 kfifo_free(&dlci->fifo);
1691 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1692 dev_kfree_skb(dlci->skb);
1696 static inline void dlci_get(struct gsm_dlci *dlci)
1698 tty_port_get(&dlci->port);
1701 static inline void dlci_put(struct gsm_dlci *dlci)
1703 tty_port_put(&dlci->port);
1706 static void gsm_destroy_network(struct gsm_dlci *dlci);
1709 * gsm_dlci_release - release DLCI
1710 * @dlci: DLCI to destroy
1712 * Release a DLCI. Actual free is deferred until either
1713 * mux is closed or tty is closed - whichever is last.
1717 static void gsm_dlci_release(struct gsm_dlci *dlci)
1719 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1721 mutex_lock(&dlci->mutex);
1722 gsm_destroy_network(dlci);
1723 mutex_unlock(&dlci->mutex);
1725 /* We cannot use tty_hangup() because in tty_kref_put() the tty
1726 * driver assumes that the hangup queue is free and reuses it to
1727 * queue release_one_tty() -> NULL pointer panic in
1728 * process_one_work().
1732 tty_port_tty_set(&dlci->port, NULL);
1735 dlci->state = DLCI_CLOSED;
1740 * LAPBish link layer logic
1744 * gsm_queue - a GSM frame is ready to process
1745 * @gsm: pointer to our gsm mux
1747 * At this point in time a frame has arrived and been demangled from
1748 * the line encoding. All the differences between the encodings have
1749 * been handled below us and the frame is unpacked into the structures.
1750 * The fcs holds the header FCS but any data FCS must be added here.
1753 static void gsm_queue(struct gsm_mux *gsm)
1755 struct gsm_dlci *dlci;
1758 /* We have to sneak a look at the packet body to do the FCS.
1759 A somewhat layering violation in the spec */
1761 if ((gsm->control & ~PF) == UI)
1762 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1763 if (gsm->encoding == 0) {
1764 /* WARNING: gsm->received_fcs is used for
1765 gsm->encoding = 0 only.
1766 In this case it contain the last piece of data
1767 required to generate final CRC */
1768 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1770 if (gsm->fcs != GOOD_FCS) {
1773 pr_debug("BAD FCS %02x\n", gsm->fcs);
1776 address = gsm->address >> 1;
1777 if (address >= NUM_DLCI)
1780 cr = gsm->address & 1; /* C/R bit */
1782 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1784 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1785 dlci = gsm->dlci[address];
1787 switch (gsm->control) {
1792 dlci = gsm_dlci_alloc(gsm, address);
1796 gsm_response(gsm, address, DM);
1798 gsm_response(gsm, address, UA);
1799 gsm_dlci_open(dlci);
1805 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1806 gsm_response(gsm, address, DM);
1809 /* Real close complete */
1810 gsm_response(gsm, address, UA);
1811 gsm_dlci_close(dlci);
1815 if (cr == 0 || dlci == NULL)
1817 switch (dlci->state) {
1819 gsm_dlci_close(dlci);
1822 gsm_dlci_open(dlci);
1825 pr_debug("%s: unhandled state: %d\n", __func__,
1830 case DM: /* DM can be valid unsolicited */
1836 gsm_dlci_close(dlci);
1846 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1847 gsm_command(gsm, address, DM|PF);
1850 dlci->data(dlci, gsm->buf, gsm->len);
1863 * gsm0_receive - perform processing for non-transparency
1864 * @gsm: gsm data for this ldisc instance
1867 * Receive bytes in gsm mode 0
1870 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1874 switch (gsm->state) {
1875 case GSM_SEARCH: /* SOF marker */
1876 if (c == GSM0_SOF) {
1877 gsm->state = GSM_ADDRESS;
1880 gsm->fcs = INIT_FCS;
1883 case GSM_ADDRESS: /* Address EA */
1884 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1885 if (gsm_read_ea(&gsm->address, c))
1886 gsm->state = GSM_CONTROL;
1888 case GSM_CONTROL: /* Control Byte */
1889 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1891 gsm->state = GSM_LEN0;
1893 case GSM_LEN0: /* Length EA */
1894 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1895 if (gsm_read_ea(&gsm->len, c)) {
1896 if (gsm->len > gsm->mru) {
1898 gsm->state = GSM_SEARCH;
1903 gsm->state = GSM_FCS;
1905 gsm->state = GSM_DATA;
1908 gsm->state = GSM_LEN1;
1911 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1913 gsm->len |= len << 7;
1914 if (gsm->len > gsm->mru) {
1916 gsm->state = GSM_SEARCH;
1921 gsm->state = GSM_FCS;
1923 gsm->state = GSM_DATA;
1925 case GSM_DATA: /* Data */
1926 gsm->buf[gsm->count++] = c;
1927 if (gsm->count == gsm->len)
1928 gsm->state = GSM_FCS;
1930 case GSM_FCS: /* FCS follows the packet */
1931 gsm->received_fcs = c;
1933 gsm->state = GSM_SSOF;
1936 if (c == GSM0_SOF) {
1937 gsm->state = GSM_SEARCH;
1942 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
1948 * gsm1_receive - perform processing for non-transparency
1949 * @gsm: gsm data for this ldisc instance
1952 * Receive bytes in mode 1 (Advanced option)
1955 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1957 if (c == GSM1_SOF) {
1958 /* EOF is only valid in frame if we have got to the data state
1959 and received at least one byte (the FCS) */
1960 if (gsm->state == GSM_DATA && gsm->count) {
1961 /* Extract the FCS */
1963 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1964 gsm->len = gsm->count;
1966 gsm->state = GSM_START;
1969 /* Any partial frame was a runt so go back to start */
1970 if (gsm->state != GSM_START) {
1972 gsm->state = GSM_START;
1974 /* A SOF in GSM_START means we are still reading idling or
1979 if (c == GSM1_ESCAPE) {
1984 /* Only an unescaped SOF gets us out of GSM search */
1985 if (gsm->state == GSM_SEARCH)
1989 c ^= GSM1_ESCAPE_BITS;
1990 gsm->escape = false;
1992 switch (gsm->state) {
1993 case GSM_START: /* First byte after SOF */
1995 gsm->state = GSM_ADDRESS;
1996 gsm->fcs = INIT_FCS;
1998 case GSM_ADDRESS: /* Address continuation */
1999 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2000 if (gsm_read_ea(&gsm->address, c))
2001 gsm->state = GSM_CONTROL;
2003 case GSM_CONTROL: /* Control Byte */
2004 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2007 gsm->state = GSM_DATA;
2009 case GSM_DATA: /* Data */
2010 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2011 gsm->state = GSM_OVERRUN;
2014 gsm->buf[gsm->count++] = c;
2016 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2019 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2025 * gsm_error - handle tty error
2027 * @data: byte received (may be invalid)
2028 * @flag: error received
2030 * Handle an error in the receipt of data for a frame. Currently we just
2031 * go back to hunting for a SOF.
2033 * FIXME: better diagnostics ?
2036 static void gsm_error(struct gsm_mux *gsm,
2037 unsigned char data, unsigned char flag)
2039 gsm->state = GSM_SEARCH;
2043 static int gsm_disconnect(struct gsm_mux *gsm)
2045 struct gsm_dlci *dlci = gsm->dlci[0];
2046 struct gsm_control *gc;
2051 /* In theory disconnecting DLCI 0 is sufficient but for some
2052 modems this is apparently not the case. */
2053 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2055 gsm_control_wait(gsm, gc);
2057 del_timer_sync(&gsm->t2_timer);
2058 /* Now we are sure T2 has stopped */
2060 gsm_dlci_begin_close(dlci);
2061 wait_event_interruptible(gsm->event,
2062 dlci->state == DLCI_CLOSED);
2064 if (signal_pending(current))
2071 * gsm_cleanup_mux - generic GSM protocol cleanup
2074 * Clean up the bits of the mux which are the same for all framing
2075 * protocols. Remove the mux from the mux table, stop all the timers
2076 * and then shut down each device hanging up the channels as we go.
2079 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2082 struct gsm_dlci *dlci = gsm->dlci[0];
2083 struct gsm_msg *txq, *ntxq;
2087 spin_lock(&gsm_mux_lock);
2088 for (i = 0; i < MAX_MUX; i++) {
2089 if (gsm_mux[i] == gsm) {
2094 spin_unlock(&gsm_mux_lock);
2095 /* open failed before registering => nothing to do */
2099 del_timer_sync(&gsm->t2_timer);
2100 /* Now we are sure T2 has stopped */
2104 /* Free up any link layer users */
2105 mutex_lock(&gsm->mutex);
2106 for (i = 0; i < NUM_DLCI; i++)
2108 gsm_dlci_release(gsm->dlci[i]);
2109 mutex_unlock(&gsm->mutex);
2110 /* Now wipe the queues */
2111 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2113 INIT_LIST_HEAD(&gsm->tx_list);
2117 * gsm_activate_mux - generic GSM setup
2120 * Set up the bits of the mux which are the same for all framing
2121 * protocols. Add the mux to the mux table so it can be opened and
2122 * finally kick off connecting to DLCI 0 on the modem.
2125 static int gsm_activate_mux(struct gsm_mux *gsm)
2127 struct gsm_dlci *dlci;
2130 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2131 init_waitqueue_head(&gsm->event);
2132 spin_lock_init(&gsm->control_lock);
2133 spin_lock_init(&gsm->tx_lock);
2135 if (gsm->encoding == 0)
2136 gsm->receive = gsm0_receive;
2138 gsm->receive = gsm1_receive;
2140 spin_lock(&gsm_mux_lock);
2141 for (i = 0; i < MAX_MUX; i++) {
2142 if (gsm_mux[i] == NULL) {
2148 spin_unlock(&gsm_mux_lock);
2152 dlci = gsm_dlci_alloc(gsm, 0);
2155 gsm->dead = false; /* Tty opens are now permissible */
2160 * gsm_free_mux - free up a mux
2163 * Dispose of allocated resources for a dead mux
2165 static void gsm_free_mux(struct gsm_mux *gsm)
2167 kfree(gsm->txframe);
2173 * gsm_free_muxr - free up a mux
2174 * @ref: kreference to the mux to free
2176 * Dispose of allocated resources for a dead mux
2178 static void gsm_free_muxr(struct kref *ref)
2180 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2184 static inline void mux_get(struct gsm_mux *gsm)
2186 kref_get(&gsm->ref);
2189 static inline void mux_put(struct gsm_mux *gsm)
2191 kref_put(&gsm->ref, gsm_free_muxr);
2194 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2196 return gsm->num * NUM_DLCI;
2199 static inline unsigned int mux_line_to_num(unsigned int line)
2201 return line / NUM_DLCI;
2205 * gsm_alloc_mux - allocate a mux
2207 * Creates a new mux ready for activation.
2210 static struct gsm_mux *gsm_alloc_mux(void)
2212 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2215 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2216 if (gsm->buf == NULL) {
2220 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2221 if (gsm->txframe == NULL) {
2226 spin_lock_init(&gsm->lock);
2227 mutex_init(&gsm->mutex);
2228 kref_init(&gsm->ref);
2229 INIT_LIST_HEAD(&gsm->tx_list);
2237 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2239 gsm->dead = true; /* Avoid early tty opens */
2244 static void gsm_copy_config_values(struct gsm_mux *gsm,
2245 struct gsm_config *c)
2247 memset(c, 0, sizeof(*c));
2248 c->adaption = gsm->adaption;
2249 c->encapsulation = gsm->encoding;
2250 c->initiator = gsm->initiator;
2253 c->t3 = 0; /* Not supported */
2255 if (gsm->ftype == UIH)
2259 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2265 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2268 int need_restart = 0;
2270 /* Stuff we don't support yet - UI or I frame transport, windowing */
2271 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2273 /* Check the MRU/MTU range looks sane */
2274 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2278 if (c->encapsulation > 1) /* Basic, advanced, no I */
2280 if (c->initiator > 1)
2282 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2285 * See what is needed for reconfiguration
2289 if (c->t1 != 0 && c->t1 != gsm->t1)
2291 if (c->t2 != 0 && c->t2 != gsm->t2)
2293 if (c->encapsulation != gsm->encoding)
2295 if (c->adaption != gsm->adaption)
2298 if (c->initiator != gsm->initiator)
2300 if (c->mru != gsm->mru)
2302 if (c->mtu != gsm->mtu)
2306 * Close down what is needed, restart and initiate the new
2310 if (need_close || need_restart) {
2313 ret = gsm_disconnect(gsm);
2319 gsm_cleanup_mux(gsm);
2321 gsm->initiator = c->initiator;
2324 gsm->encoding = c->encapsulation;
2325 gsm->adaption = c->adaption;
2339 * FIXME: We need to separate activation/deactivation from adding
2340 * and removing from the mux array
2343 gsm_activate_mux(gsm);
2344 if (gsm->initiator && need_close)
2345 gsm_dlci_begin_open(gsm->dlci[0]);
2350 * gsmld_output - write to link
2352 * @data: bytes to output
2355 * Write a block of data from the GSM mux to the data channel. This
2356 * will eventually be serialized from above but at the moment isn't.
2359 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2361 if (tty_write_room(gsm->tty) < len) {
2362 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2366 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2368 gsm->tty->ops->write(gsm->tty, data, len);
2373 * gsmld_attach_gsm - mode set up
2374 * @tty: our tty structure
2377 * Set up the MUX for basic mode and commence connecting to the
2378 * modem. Currently called from the line discipline set up but
2379 * will need moving to an ioctl path.
2382 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2387 gsm->tty = tty_kref_get(tty);
2388 ret = gsm_activate_mux(gsm);
2390 tty_kref_put(gsm->tty);
2392 /* Don't register device 0 - this is the control channel and not
2393 a usable tty interface */
2394 base = mux_num_to_base(gsm); /* Base for this MUX */
2395 for (i = 1; i < NUM_DLCI; i++) {
2398 dev = tty_register_device(gsm_tty_driver,
2401 for (i--; i >= 1; i--)
2402 tty_unregister_device(gsm_tty_driver,
2404 return PTR_ERR(dev);
2413 * gsmld_detach_gsm - stop doing 0710 mux
2414 * @tty: tty attached to the mux
2417 * Shutdown and then clean up the resources used by the line discipline
2420 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2422 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2425 WARN_ON(tty != gsm->tty);
2426 for (i = 1; i < NUM_DLCI; i++)
2427 tty_unregister_device(gsm_tty_driver, base + i);
2428 gsm_cleanup_mux(gsm);
2429 tty_kref_put(gsm->tty);
2433 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2434 const char *fp, int count)
2436 struct gsm_mux *gsm = tty->disc_data;
2437 char flags = TTY_NORMAL;
2440 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2443 for (; count; count--, cp++) {
2448 gsm->receive(gsm, *cp);
2454 gsm_error(gsm, *cp, flags);
2457 WARN_ONCE(1, "%s: unknown flag %d\n",
2458 tty_name(tty), flags);
2462 /* FASYNC if needed ? */
2463 /* If clogged call tty_throttle(tty); */
2467 * gsmld_flush_buffer - clean input queue
2468 * @tty: terminal device
2470 * Flush the input buffer. Called when the line discipline is
2471 * being closed, when the tty layer wants the buffer flushed (eg
2475 static void gsmld_flush_buffer(struct tty_struct *tty)
2480 * gsmld_close - close the ldisc for this tty
2483 * Called from the terminal layer when this line discipline is
2484 * being shut down, either because of a close or becsuse of a
2485 * discipline change. The function will not be called while other
2486 * ldisc methods are in progress.
2489 static void gsmld_close(struct tty_struct *tty)
2491 struct gsm_mux *gsm = tty->disc_data;
2493 gsmld_detach_gsm(tty, gsm);
2495 gsmld_flush_buffer(tty);
2496 /* Do other clean up here */
2501 * gsmld_open - open an ldisc
2502 * @tty: terminal to open
2504 * Called when this line discipline is being attached to the
2505 * terminal device. Can sleep. Called serialized so that no
2506 * other events will occur in parallel. No further open will occur
2510 static int gsmld_open(struct tty_struct *tty)
2512 struct gsm_mux *gsm;
2515 if (tty->ops->write == NULL)
2518 /* Attach our ldisc data */
2519 gsm = gsm_alloc_mux();
2523 tty->disc_data = gsm;
2524 tty->receive_room = 65536;
2526 /* Attach the initial passive connection */
2529 ret = gsmld_attach_gsm(tty, gsm);
2531 gsm_cleanup_mux(gsm);
2538 * gsmld_write_wakeup - asynchronous I/O notifier
2541 * Required for the ptys, serial driver etc. since processes
2542 * that attach themselves to the master and rely on ASYNC
2543 * IO must be woken up
2546 static void gsmld_write_wakeup(struct tty_struct *tty)
2548 struct gsm_mux *gsm = tty->disc_data;
2549 unsigned long flags;
2552 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2553 spin_lock_irqsave(&gsm->tx_lock, flags);
2554 gsm_data_kick(gsm, NULL);
2555 if (gsm->tx_bytes < TX_THRESH_LO) {
2556 gsm_dlci_data_sweep(gsm);
2558 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2562 * gsmld_read - read function for tty
2564 * @file: file object
2565 * @buf: userspace buffer pointer
2570 * Perform reads for the line discipline. We are guaranteed that the
2571 * line discipline will not be closed under us but we may get multiple
2572 * parallel readers and must handle this ourselves. We may also get
2573 * a hangup. Always called in user context, may sleep.
2575 * This code must be sure never to sleep through a hangup.
2578 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2579 unsigned char *buf, size_t nr,
2580 void **cookie, unsigned long offset)
2586 * gsmld_write - write function for tty
2588 * @file: file object
2589 * @buf: userspace buffer pointer
2592 * Called when the owner of the device wants to send a frame
2593 * itself (or some other control data). The data is transferred
2594 * as-is and must be properly framed and checksummed as appropriate
2595 * by userspace. Frames are either sent whole or not at all as this
2596 * avoids pain user side.
2599 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2600 const unsigned char *buf, size_t nr)
2602 int space = tty_write_room(tty);
2604 return tty->ops->write(tty, buf, nr);
2605 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2610 * gsmld_poll - poll method for N_GSM0710
2611 * @tty: terminal device
2612 * @file: file accessing it
2615 * Called when the line discipline is asked to poll() for data or
2616 * for special events. This code is not serialized with respect to
2617 * other events save open/close.
2619 * This code must be sure never to sleep through a hangup.
2620 * Called without the kernel lock held - fine
2623 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2627 struct gsm_mux *gsm = tty->disc_data;
2629 poll_wait(file, &tty->read_wait, wait);
2630 poll_wait(file, &tty->write_wait, wait);
2631 if (tty_hung_up_p(file))
2633 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2634 mask |= EPOLLOUT | EPOLLWRNORM;
2640 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2641 unsigned int cmd, unsigned long arg)
2643 struct gsm_config c;
2644 struct gsm_mux *gsm = tty->disc_data;
2648 case GSMIOC_GETCONF:
2649 gsm_copy_config_values(gsm, &c);
2650 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2653 case GSMIOC_SETCONF:
2654 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2656 return gsm_config(gsm, &c);
2657 case GSMIOC_GETFIRST:
2658 base = mux_num_to_base(gsm);
2659 return put_user(base + 1, (__u32 __user *)arg);
2661 return n_tty_ioctl_helper(tty, file, cmd, arg);
2670 static int gsm_mux_net_open(struct net_device *net)
2672 pr_debug("%s called\n", __func__);
2673 netif_start_queue(net);
2677 static int gsm_mux_net_close(struct net_device *net)
2679 netif_stop_queue(net);
2683 static void dlci_net_free(struct gsm_dlci *dlci)
2689 dlci->adaption = dlci->prev_adaption;
2690 dlci->data = dlci->prev_data;
2691 free_netdev(dlci->net);
2694 static void net_free(struct kref *ref)
2696 struct gsm_mux_net *mux_net;
2697 struct gsm_dlci *dlci;
2699 mux_net = container_of(ref, struct gsm_mux_net, ref);
2700 dlci = mux_net->dlci;
2703 unregister_netdev(dlci->net);
2704 dlci_net_free(dlci);
2708 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2710 kref_get(&mux_net->ref);
2713 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2715 kref_put(&mux_net->ref, net_free);
2718 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2719 struct net_device *net)
2721 struct gsm_mux_net *mux_net = netdev_priv(net);
2722 struct gsm_dlci *dlci = mux_net->dlci;
2723 muxnet_get(mux_net);
2725 skb_queue_head(&dlci->skb_list, skb);
2726 net->stats.tx_packets++;
2727 net->stats.tx_bytes += skb->len;
2728 gsm_dlci_data_kick(dlci);
2729 /* And tell the kernel when the last transmit started. */
2730 netif_trans_update(net);
2731 muxnet_put(mux_net);
2732 return NETDEV_TX_OK;
2735 /* called when a packet did not ack after watchdogtimeout */
2736 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2738 /* Tell syslog we are hosed. */
2739 dev_dbg(&net->dev, "Tx timed out.\n");
2741 /* Update statistics */
2742 net->stats.tx_errors++;
2745 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2746 const unsigned char *in_buf, int size)
2748 struct net_device *net = dlci->net;
2749 struct sk_buff *skb;
2750 struct gsm_mux_net *mux_net = netdev_priv(net);
2751 muxnet_get(mux_net);
2753 /* Allocate an sk_buff */
2754 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2756 /* We got no receive buffer. */
2757 net->stats.rx_dropped++;
2758 muxnet_put(mux_net);
2761 skb_reserve(skb, NET_IP_ALIGN);
2762 skb_put_data(skb, in_buf, size);
2765 skb->protocol = htons(ETH_P_IP);
2767 /* Ship it off to the kernel */
2770 /* update out statistics */
2771 net->stats.rx_packets++;
2772 net->stats.rx_bytes += size;
2773 muxnet_put(mux_net);
2777 static void gsm_mux_net_init(struct net_device *net)
2779 static const struct net_device_ops gsm_netdev_ops = {
2780 .ndo_open = gsm_mux_net_open,
2781 .ndo_stop = gsm_mux_net_close,
2782 .ndo_start_xmit = gsm_mux_net_start_xmit,
2783 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2786 net->netdev_ops = &gsm_netdev_ops;
2788 /* fill in the other fields */
2789 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2790 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2791 net->type = ARPHRD_NONE;
2792 net->tx_queue_len = 10;
2796 /* caller holds the dlci mutex */
2797 static void gsm_destroy_network(struct gsm_dlci *dlci)
2799 struct gsm_mux_net *mux_net;
2801 pr_debug("destroy network interface\n");
2804 mux_net = netdev_priv(dlci->net);
2805 muxnet_put(mux_net);
2809 /* caller holds the dlci mutex */
2810 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2814 struct net_device *net;
2815 struct gsm_mux_net *mux_net;
2817 if (!capable(CAP_NET_ADMIN))
2820 /* Already in a non tty mode */
2821 if (dlci->adaption > 2)
2824 if (nc->protocol != htons(ETH_P_IP))
2825 return -EPROTONOSUPPORT;
2827 if (nc->adaption != 3 && nc->adaption != 4)
2828 return -EPROTONOSUPPORT;
2830 pr_debug("create network interface\n");
2833 if (nc->if_name[0] != '\0')
2834 netname = nc->if_name;
2835 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2836 NET_NAME_UNKNOWN, gsm_mux_net_init);
2838 pr_err("alloc_netdev failed\n");
2841 net->mtu = dlci->gsm->mtu;
2843 net->max_mtu = dlci->gsm->mtu;
2844 mux_net = netdev_priv(net);
2845 mux_net->dlci = dlci;
2846 kref_init(&mux_net->ref);
2847 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2849 /* reconfigure dlci for network */
2850 dlci->prev_adaption = dlci->adaption;
2851 dlci->prev_data = dlci->data;
2852 dlci->adaption = nc->adaption;
2853 dlci->data = gsm_mux_rx_netchar;
2856 pr_debug("register netdev\n");
2857 retval = register_netdev(net);
2859 pr_err("network register fail %d\n", retval);
2860 dlci_net_free(dlci);
2863 return net->ifindex; /* return network index */
2866 /* Line discipline for real tty */
2867 static struct tty_ldisc_ops tty_ldisc_packet = {
2868 .owner = THIS_MODULE,
2872 .close = gsmld_close,
2873 .flush_buffer = gsmld_flush_buffer,
2875 .write = gsmld_write,
2876 .ioctl = gsmld_ioctl,
2878 .receive_buf = gsmld_receive_buf,
2879 .write_wakeup = gsmld_write_wakeup
2888 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2891 struct gsm_control *ctrl;
2897 modembits[0] = len << 1 | EA; /* Data bytes */
2898 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2899 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2901 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2902 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2905 return gsm_control_wait(dlci->gsm, ctrl);
2908 static int gsm_carrier_raised(struct tty_port *port)
2910 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2911 struct gsm_mux *gsm = dlci->gsm;
2913 /* Not yet open so no carrier info */
2914 if (dlci->state != DLCI_OPEN)
2920 * Basic mode with control channel in ADM mode may not respond
2921 * to CMD_MSC at all and modem_rx is empty.
2923 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2927 return dlci->modem_rx & TIOCM_CD;
2930 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2932 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2933 unsigned int modem_tx = dlci->modem_tx;
2935 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2937 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2938 if (modem_tx != dlci->modem_tx) {
2939 dlci->modem_tx = modem_tx;
2940 gsmtty_modem_update(dlci, 0);
2944 static const struct tty_port_operations gsm_port_ops = {
2945 .carrier_raised = gsm_carrier_raised,
2946 .dtr_rts = gsm_dtr_rts,
2947 .destruct = gsm_dlci_free,
2950 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
2952 struct gsm_mux *gsm;
2953 struct gsm_dlci *dlci;
2954 unsigned int line = tty->index;
2955 unsigned int mux = mux_line_to_num(line);
2963 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2964 if (gsm_mux[mux] == NULL)
2966 if (line == 0 || line > 61) /* 62/63 reserved */
2971 /* If DLCI 0 is not yet fully open return an error.
2972 This is ok from a locking
2973 perspective as we don't have to worry about this
2975 mutex_lock(&gsm->mutex);
2976 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
2977 mutex_unlock(&gsm->mutex);
2980 dlci = gsm->dlci[line];
2983 dlci = gsm_dlci_alloc(gsm, line);
2986 mutex_unlock(&gsm->mutex);
2989 ret = tty_port_install(&dlci->port, driver, tty);
2993 mutex_unlock(&gsm->mutex);
2998 dlci_get(gsm->dlci[0]);
3000 tty->driver_data = dlci;
3001 mutex_unlock(&gsm->mutex);
3006 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
3008 struct gsm_dlci *dlci = tty->driver_data;
3009 struct tty_port *port = &dlci->port;
3012 tty_port_tty_set(port, tty);
3015 /* We could in theory open and close before we wait - eg if we get
3016 a DM straight back. This is ok as that will have caused a hangup */
3017 tty_port_set_initialized(port, 1);
3018 /* Start sending off SABM messages */
3019 gsm_dlci_begin_open(dlci);
3020 /* And wait for virtual carrier */
3021 return tty_port_block_til_ready(port, tty, filp);
3024 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3026 struct gsm_dlci *dlci = tty->driver_data;
3030 if (dlci->state == DLCI_CLOSED)
3032 mutex_lock(&dlci->mutex);
3033 gsm_destroy_network(dlci);
3034 mutex_unlock(&dlci->mutex);
3035 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3037 gsm_dlci_begin_close(dlci);
3038 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3039 tty_port_lower_dtr_rts(&dlci->port);
3040 tty_port_close_end(&dlci->port, tty);
3041 tty_port_tty_set(&dlci->port, NULL);
3045 static void gsmtty_hangup(struct tty_struct *tty)
3047 struct gsm_dlci *dlci = tty->driver_data;
3048 if (dlci->state == DLCI_CLOSED)
3050 tty_port_hangup(&dlci->port);
3051 gsm_dlci_begin_close(dlci);
3054 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3058 struct gsm_dlci *dlci = tty->driver_data;
3059 if (dlci->state == DLCI_CLOSED)
3061 /* Stuff the bytes into the fifo queue */
3062 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3063 /* Need to kick the channel */
3064 gsm_dlci_data_kick(dlci);
3068 static unsigned int gsmtty_write_room(struct tty_struct *tty)
3070 struct gsm_dlci *dlci = tty->driver_data;
3071 if (dlci->state == DLCI_CLOSED)
3073 return TX_SIZE - kfifo_len(&dlci->fifo);
3076 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty)
3078 struct gsm_dlci *dlci = tty->driver_data;
3079 if (dlci->state == DLCI_CLOSED)
3081 return kfifo_len(&dlci->fifo);
3084 static void gsmtty_flush_buffer(struct tty_struct *tty)
3086 struct gsm_dlci *dlci = tty->driver_data;
3087 if (dlci->state == DLCI_CLOSED)
3089 /* Caution needed: If we implement reliable transport classes
3090 then the data being transmitted can't simply be junked once
3091 it has first hit the stack. Until then we can just blow it
3093 kfifo_reset(&dlci->fifo);
3094 /* Need to unhook this DLCI from the transmit queue logic */
3097 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3099 /* The FIFO handles the queue so the kernel will do the right
3100 thing waiting on chars_in_buffer before calling us. No work
3104 static int gsmtty_tiocmget(struct tty_struct *tty)
3106 struct gsm_dlci *dlci = tty->driver_data;
3107 if (dlci->state == DLCI_CLOSED)
3109 return dlci->modem_rx;
3112 static int gsmtty_tiocmset(struct tty_struct *tty,
3113 unsigned int set, unsigned int clear)
3115 struct gsm_dlci *dlci = tty->driver_data;
3116 unsigned int modem_tx = dlci->modem_tx;
3118 if (dlci->state == DLCI_CLOSED)
3123 if (modem_tx != dlci->modem_tx) {
3124 dlci->modem_tx = modem_tx;
3125 return gsmtty_modem_update(dlci, 0);
3131 static int gsmtty_ioctl(struct tty_struct *tty,
3132 unsigned int cmd, unsigned long arg)
3134 struct gsm_dlci *dlci = tty->driver_data;
3135 struct gsm_netconfig nc;
3138 if (dlci->state == DLCI_CLOSED)
3141 case GSMIOC_ENABLE_NET:
3142 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3144 nc.if_name[IFNAMSIZ-1] = '\0';
3145 /* return net interface index or error code */
3146 mutex_lock(&dlci->mutex);
3147 index = gsm_create_network(dlci, &nc);
3148 mutex_unlock(&dlci->mutex);
3149 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3152 case GSMIOC_DISABLE_NET:
3153 if (!capable(CAP_NET_ADMIN))
3155 mutex_lock(&dlci->mutex);
3156 gsm_destroy_network(dlci);
3157 mutex_unlock(&dlci->mutex);
3160 return -ENOIOCTLCMD;
3164 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3166 struct gsm_dlci *dlci = tty->driver_data;
3167 if (dlci->state == DLCI_CLOSED)
3169 /* For the moment its fixed. In actual fact the speed information
3170 for the virtual channel can be propogated in both directions by
3171 the RPN control message. This however rapidly gets nasty as we
3172 then have to remap modem signals each way according to whether
3173 our virtual cable is null modem etc .. */
3174 tty_termios_copy_hw(&tty->termios, old);
3177 static void gsmtty_throttle(struct tty_struct *tty)
3179 struct gsm_dlci *dlci = tty->driver_data;
3180 if (dlci->state == DLCI_CLOSED)
3183 dlci->modem_tx &= ~TIOCM_DTR;
3184 dlci->throttled = true;
3185 /* Send an MSC with DTR cleared */
3186 gsmtty_modem_update(dlci, 0);
3189 static void gsmtty_unthrottle(struct tty_struct *tty)
3191 struct gsm_dlci *dlci = tty->driver_data;
3192 if (dlci->state == DLCI_CLOSED)
3195 dlci->modem_tx |= TIOCM_DTR;
3196 dlci->throttled = false;
3197 /* Send an MSC with DTR set */
3198 gsmtty_modem_update(dlci, 0);
3201 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3203 struct gsm_dlci *dlci = tty->driver_data;
3204 int encode = 0; /* Off */
3205 if (dlci->state == DLCI_CLOSED)
3208 if (state == -1) /* "On indefinitely" - we can't encode this
3211 else if (state > 0) {
3212 encode = state / 200; /* mS to encoding */
3214 encode = 0x0F; /* Best effort */
3216 return gsmtty_modem_update(dlci, encode);
3219 static void gsmtty_cleanup(struct tty_struct *tty)
3221 struct gsm_dlci *dlci = tty->driver_data;
3222 struct gsm_mux *gsm = dlci->gsm;
3225 dlci_put(gsm->dlci[0]);
3229 /* Virtual ttys for the demux */
3230 static const struct tty_operations gsmtty_ops = {
3231 .install = gsmtty_install,
3232 .open = gsmtty_open,
3233 .close = gsmtty_close,
3234 .write = gsmtty_write,
3235 .write_room = gsmtty_write_room,
3236 .chars_in_buffer = gsmtty_chars_in_buffer,
3237 .flush_buffer = gsmtty_flush_buffer,
3238 .ioctl = gsmtty_ioctl,
3239 .throttle = gsmtty_throttle,
3240 .unthrottle = gsmtty_unthrottle,
3241 .set_termios = gsmtty_set_termios,
3242 .hangup = gsmtty_hangup,
3243 .wait_until_sent = gsmtty_wait_until_sent,
3244 .tiocmget = gsmtty_tiocmget,
3245 .tiocmset = gsmtty_tiocmset,
3246 .break_ctl = gsmtty_break_ctl,
3247 .cleanup = gsmtty_cleanup,
3252 static int __init gsm_init(void)
3254 /* Fill in our line protocol discipline, and register it */
3255 int status = tty_register_ldisc(&tty_ldisc_packet);
3257 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3262 gsm_tty_driver = tty_alloc_driver(256, TTY_DRIVER_REAL_RAW |
3263 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK);
3264 if (IS_ERR(gsm_tty_driver)) {
3265 pr_err("gsm_init: tty allocation failed.\n");
3266 status = PTR_ERR(gsm_tty_driver);
3267 goto err_unreg_ldisc;
3269 gsm_tty_driver->driver_name = "gsmtty";
3270 gsm_tty_driver->name = "gsmtty";
3271 gsm_tty_driver->major = 0; /* Dynamic */
3272 gsm_tty_driver->minor_start = 0;
3273 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3274 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3275 gsm_tty_driver->init_termios = tty_std_termios;
3277 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3278 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3280 if (tty_register_driver(gsm_tty_driver)) {
3281 pr_err("gsm_init: tty registration failed.\n");
3283 goto err_put_driver;
3285 pr_debug("gsm_init: loaded as %d,%d.\n",
3286 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3289 tty_driver_kref_put(gsm_tty_driver);
3291 tty_unregister_ldisc(&tty_ldisc_packet);
3295 static void __exit gsm_exit(void)
3297 tty_unregister_ldisc(&tty_ldisc_packet);
3298 tty_unregister_driver(gsm_tty_driver);
3299 tty_driver_kref_put(gsm_tty_driver);
3302 module_init(gsm_init);
3303 module_exit(gsm_exit);
3306 MODULE_LICENSE("GPL");
3307 MODULE_ALIAS_LDISC(N_GSM0710);
projects / platform / kernel / linux-rpi.git / blob