1 /* 2 * This program is free software; you can distribute it and/or modify it 3 * under the terms of the GNU General Public License (Version 2) as 4 * published by the Free Software Foundation. 5 * 6 * This program is distributed in the hope it will be useful, but WITHOUT 7 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 8 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 9 * for more details. 10 * 11 * You should have received a copy of the GNU General Public License along 12 * with this program; if not, write to the Free Software Foundation, Inc., 13 * 59 Temple Place - Suite 330, Boston MA 02111-1307, USA. 14 * 15 * Copyright (C) Hans Alblas PE1AYX <hans@esrac.ele.tue.nl> 16 * Copyright (C) 2004, 05 Ralf Baechle DL5RB <ralf@linux-mips.org> 17 * Copyright (C) 2004, 05 Thomas Osterried DL9SAU <thomas@x-berg.in-berlin.de> 18 */ 19 #include <linux/config.h> 20 #include <linux/module.h> 21 #include <asm/system.h> 22 #include <linux/bitops.h> 23 #include <asm/uaccess.h> 24 #include <linux/crc16.h> 25 #include <linux/string.h> 26 #include <linux/mm.h> 27 #include <linux/interrupt.h> 28 #include <linux/in.h> 29 #include <linux/inet.h> 30 #include <linux/tty.h> 31 #include <linux/errno.h> 32 #include <linux/netdevice.h> 33 #include <linux/major.h> 34 #include <linux/init.h> 35 #include <linux/rtnetlink.h> 36 #include <linux/etherdevice.h> 37 #include <linux/skbuff.h> 38 #include <linux/if_arp.h> 39 #include <linux/jiffies.h> 40 41 #include <net/ax25.h> 42 43 #define AX_MTU 236 44 45 /* SLIP/KISS protocol characters. */ 46 #define END 0300 /* indicates end of frame */ 47 #define ESC 0333 /* indicates byte stuffing */ 48 #define ESC_END 0334 /* ESC ESC_END means END 'data' */ 49 #define ESC_ESC 0335 /* ESC ESC_ESC means ESC 'data' */ 50 51 struct mkiss { 52 struct tty_struct *tty; /* ptr to TTY structure */ 53 struct net_device *dev; /* easy for intr handling */ 54 55 /* These are pointers to the malloc()ed frame buffers. */ 56 spinlock_t buflock;/* lock for rbuf and xbuf */ 57 unsigned char *rbuff; /* receiver buffer */ 58 int rcount; /* received chars counter */ 59 unsigned char *xbuff; /* transmitter buffer */ 60 unsigned char *xhead; /* pointer to next byte to XMIT */ 61 int xleft; /* bytes left in XMIT queue */ 62 63 struct net_device_stats stats; 64 65 /* Detailed SLIP statistics. */ 66 int mtu; /* Our mtu (to spot changes!) */ 67 int buffsize; /* Max buffers sizes */ 68 69 unsigned long flags; /* Flag values/ mode etc */ 70 /* long req'd: used by set_bit --RR */ 71 #define AXF_INUSE 0 /* Channel in use */ 72 #define AXF_ESCAPE 1 /* ESC received */ 73 #define AXF_ERROR 2 /* Parity, etc. error */ 74 #define AXF_KEEPTEST 3 /* Keepalive test flag */ 75 #define AXF_OUTWAIT 4 /* is outpacket was flag */ 76 77 int mode; 78 int crcmode; /* MW: for FlexNet, SMACK etc. */ 79 int crcauto; /* CRC auto mode */ 80 81 #define CRC_MODE_NONE 0 82 #define CRC_MODE_FLEX 1 83 #define CRC_MODE_SMACK 2 84 #define CRC_MODE_FLEX_TEST 3 85 #define CRC_MODE_SMACK_TEST 4 86 87 atomic_t refcnt; 88 struct semaphore dead_sem; 89 }; 90 91 /*---------------------------------------------------------------------------*/ 92 93 static const unsigned short crc_flex_table[] = { 94 0x0f87, 0x1e0e, 0x2c95, 0x3d1c, 0x49a3, 0x582a, 0x6ab1, 0x7b38, 95 0x83cf, 0x9246, 0xa0dd, 0xb154, 0xc5eb, 0xd462, 0xe6f9, 0xf770, 96 0x1f06, 0x0e8f, 0x3c14, 0x2d9d, 0x5922, 0x48ab, 0x7a30, 0x6bb9, 97 0x934e, 0x82c7, 0xb05c, 0xa1d5, 0xd56a, 0xc4e3, 0xf678, 0xe7f1, 98 0x2e85, 0x3f0c, 0x0d97, 0x1c1e, 0x68a1, 0x7928, 0x4bb3, 0x5a3a, 99 0xa2cd, 0xb344, 0x81df, 0x9056, 0xe4e9, 0xf560, 0xc7fb, 0xd672, 100 0x3e04, 0x2f8d, 0x1d16, 0x0c9f, 0x7820, 0x69a9, 0x5b32, 0x4abb, 101 0xb24c, 0xa3c5, 0x915e, 0x80d7, 0xf468, 0xe5e1, 0xd77a, 0xc6f3, 102 0x4d83, 0x5c0a, 0x6e91, 0x7f18, 0x0ba7, 0x1a2e, 0x28b5, 0x393c, 103 0xc1cb, 0xd042, 0xe2d9, 0xf350, 0x87ef, 0x9666, 0xa4fd, 0xb574, 104 0x5d02, 0x4c8b, 0x7e10, 0x6f99, 0x1b26, 0x0aaf, 0x3834, 0x29bd, 105 0xd14a, 0xc0c3, 0xf258, 0xe3d1, 0x976e, 0x86e7, 0xb47c, 0xa5f5, 106 0x6c81, 0x7d08, 0x4f93, 0x5e1a, 0x2aa5, 0x3b2c, 0x09b7, 0x183e, 107 0xe0c9, 0xf140, 0xc3db, 0xd252, 0xa6ed, 0xb764, 0x85ff, 0x9476, 108 0x7c00, 0x6d89, 0x5f12, 0x4e9b, 0x3a24, 0x2bad, 0x1936, 0x08bf, 109 0xf048, 0xe1c1, 0xd35a, 0xc2d3, 0xb66c, 0xa7e5, 0x957e, 0x84f7, 110 0x8b8f, 0x9a06, 0xa89d, 0xb914, 0xcdab, 0xdc22, 0xeeb9, 0xff30, 111 0x07c7, 0x164e, 0x24d5, 0x355c, 0x41e3, 0x506a, 0x62f1, 0x7378, 112 0x9b0e, 0x8a87, 0xb81c, 0xa995, 0xdd2a, 0xcca3, 0xfe38, 0xefb1, 113 0x1746, 0x06cf, 0x3454, 0x25dd, 0x5162, 0x40eb, 0x7270, 0x63f9, 114 0xaa8d, 0xbb04, 0x899f, 0x9816, 0xeca9, 0xfd20, 0xcfbb, 0xde32, 115 0x26c5, 0x374c, 0x05d7, 0x145e, 0x60e1, 0x7168, 0x43f3, 0x527a, 116 0xba0c, 0xab85, 0x991e, 0x8897, 0xfc28, 0xeda1, 0xdf3a, 0xceb3, 117 0x3644, 0x27cd, 0x1556, 0x04df, 0x7060, 0x61e9, 0x5372, 0x42fb, 118 0xc98b, 0xd802, 0xea99, 0xfb10, 0x8faf, 0x9e26, 0xacbd, 0xbd34, 119 0x45c3, 0x544a, 0x66d1, 0x7758, 0x03e7, 0x126e, 0x20f5, 0x317c, 120 0xd90a, 0xc883, 0xfa18, 0xeb91, 0x9f2e, 0x8ea7, 0xbc3c, 0xadb5, 121 0x5542, 0x44cb, 0x7650, 0x67d9, 0x1366, 0x02ef, 0x3074, 0x21fd, 122 0xe889, 0xf900, 0xcb9b, 0xda12, 0xaead, 0xbf24, 0x8dbf, 0x9c36, 123 0x64c1, 0x7548, 0x47d3, 0x565a, 0x22e5, 0x336c, 0x01f7, 0x107e, 124 0xf808, 0xe981, 0xdb1a, 0xca93, 0xbe2c, 0xafa5, 0x9d3e, 0x8cb7, 125 0x7440, 0x65c9, 0x5752, 0x46db, 0x3264, 0x23ed, 0x1176, 0x00ff 126 }; 127 128 static unsigned short calc_crc_flex(unsigned char *cp, int size) 129 { 130 unsigned short crc = 0xffff; 131 132 while (size--) 133 crc = (crc << 8) ^ crc_flex_table[((crc >> 8) ^ *cp++) & 0xff]; 134 135 return crc; 136 } 137 138 static int check_crc_flex(unsigned char *cp, int size) 139 { 140 unsigned short crc = 0xffff; 141 142 if (size < 3) 143 return -1; 144 145 while (size--) 146 crc = (crc << 8) ^ crc_flex_table[((crc >> 8) ^ *cp++) & 0xff]; 147 148 if ((crc & 0xffff) != 0x7070) 149 return -1; 150 151 return 0; 152 } 153 154 static int check_crc_16(unsigned char *cp, int size) 155 { 156 unsigned short crc = 0x0000; 157 158 if (size < 3) 159 return -1; 160 161 crc = crc16(0, cp, size); 162 163 if (crc != 0x0000) 164 return -1; 165 166 return 0; 167 } 168 169 /* 170 * Standard encapsulation 171 */ 172 173 static int kiss_esc(unsigned char *s, unsigned char *d, int len) 174 { 175 unsigned char *ptr = d; 176 unsigned char c; 177 178 /* 179 * Send an initial END character to flush out any data that may have 180 * accumulated in the receiver due to line noise. 181 */ 182 183 *ptr++ = END; 184 185 while (len-- > 0) { 186 switch (c = *s++) { 187 case END: 188 *ptr++ = ESC; 189 *ptr++ = ESC_END; 190 break; 191 case ESC: 192 *ptr++ = ESC; 193 *ptr++ = ESC_ESC; 194 break; 195 default: 196 *ptr++ = c; 197 break; 198 } 199 } 200 201 *ptr++ = END; 202 203 return ptr - d; 204 } 205 206 /* 207 * MW: 208 * OK its ugly, but tell me a better solution without copying the 209 * packet to a temporary buffer :-) 210 */ 211 static int kiss_esc_crc(unsigned char *s, unsigned char *d, unsigned short crc, 212 int len) 213 { 214 unsigned char *ptr = d; 215 unsigned char c=0; 216 217 *ptr++ = END; 218 while (len > 0) { 219 if (len > 2) 220 c = *s++; 221 else if (len > 1) 222 c = crc >> 8; 223 else if (len > 0) 224 c = crc & 0xff; 225 226 len--; 227 228 switch (c) { 229 case END: 230 *ptr++ = ESC; 231 *ptr++ = ESC_END; 232 break; 233 case ESC: 234 *ptr++ = ESC; 235 *ptr++ = ESC_ESC; 236 break; 237 default: 238 *ptr++ = c; 239 break; 240 } 241 } 242 *ptr++ = END; 243 244 return ptr - d; 245 } 246 247 /* Send one completely decapsulated AX.25 packet to the AX.25 layer. */ 248 static void ax_bump(struct mkiss *ax) 249 { 250 struct sk_buff *skb; 251 int count; 252 253 spin_lock_bh(&ax->buflock); 254 if (ax->rbuff[0] > 0x0f) { 255 if (ax->rbuff[0] & 0x80) { 256 if (check_crc_16(ax->rbuff, ax->rcount) < 0) { 257 ax->stats.rx_errors++; 258 spin_unlock_bh(&ax->buflock); 259 260 return; 261 } 262 if (ax->crcmode != CRC_MODE_SMACK && ax->crcauto) { 263 printk(KERN_INFO 264 "mkiss: %s: Switchting to crc-smack\n", 265 ax->dev->name); 266 ax->crcmode = CRC_MODE_SMACK; 267 } 268 ax->rcount -= 2; 269 *ax->rbuff &= ~0x80; 270 } else if (ax->rbuff[0] & 0x20) { 271 if (check_crc_flex(ax->rbuff, ax->rcount) < 0) { 272 ax->stats.rx_errors++; 273 spin_unlock_bh(&ax->buflock); 274 return; 275 } 276 if (ax->crcmode != CRC_MODE_FLEX && ax->crcauto) { 277 printk(KERN_INFO 278 "mkiss: %s: Switchting to crc-flexnet\n", 279 ax->dev->name); 280 ax->crcmode = CRC_MODE_FLEX; 281 } 282 ax->rcount -= 2; 283 284 /* 285 * dl9sau bugfix: the trailling two bytes flexnet crc 286 * will not be passed to the kernel. thus we have to 287 * correct the kissparm signature, because it indicates 288 * a crc but there's none 289 */ 290 *ax->rbuff &= ~0x20; 291 } 292 } 293 spin_unlock_bh(&ax->buflock); 294 295 count = ax->rcount; 296 297 if ((skb = dev_alloc_skb(count)) == NULL) { 298 printk(KERN_ERR "mkiss: %s: memory squeeze, dropping packet.\n", 299 ax->dev->name); 300 ax->stats.rx_dropped++; 301 return; 302 } 303 304 spin_lock_bh(&ax->buflock); 305 memcpy(skb_put(skb,count), ax->rbuff, count); 306 spin_unlock_bh(&ax->buflock); 307 skb->protocol = ax25_type_trans(skb, ax->dev); 308 netif_rx(skb); 309 ax->dev->last_rx = jiffies; 310 ax->stats.rx_packets++; 311 ax->stats.rx_bytes += count; 312 } 313 314 static void kiss_unesc(struct mkiss *ax, unsigned char s) 315 { 316 switch (s) { 317 case END: 318 /* drop keeptest bit = VSV */ 319 if (test_bit(AXF_KEEPTEST, &ax->flags)) 320 clear_bit(AXF_KEEPTEST, &ax->flags); 321 322 if (!test_and_clear_bit(AXF_ERROR, &ax->flags) && (ax->rcount > 2)) 323 ax_bump(ax); 324 325 clear_bit(AXF_ESCAPE, &ax->flags); 326 ax->rcount = 0; 327 return; 328 329 case ESC: 330 set_bit(AXF_ESCAPE, &ax->flags); 331 return; 332 case ESC_ESC: 333 if (test_and_clear_bit(AXF_ESCAPE, &ax->flags)) 334 s = ESC; 335 break; 336 case ESC_END: 337 if (test_and_clear_bit(AXF_ESCAPE, &ax->flags)) 338 s = END; 339 break; 340 } 341 342 spin_lock_bh(&ax->buflock); 343 if (!test_bit(AXF_ERROR, &ax->flags)) { 344 if (ax->rcount < ax->buffsize) { 345 ax->rbuff[ax->rcount++] = s; 346 spin_unlock_bh(&ax->buflock); 347 return; 348 } 349 350 ax->stats.rx_over_errors++; 351 set_bit(AXF_ERROR, &ax->flags); 352 } 353 spin_unlock_bh(&ax->buflock); 354 } 355 356 static int ax_set_mac_address(struct net_device *dev, void *addr) 357 { 358 struct sockaddr_ax25 *sa = addr; 359 360 spin_lock_irq(&dev->xmit_lock); 361 memcpy(dev->dev_addr, &sa->sax25_call, AX25_ADDR_LEN); 362 spin_unlock_irq(&dev->xmit_lock); 363 364 return 0; 365 } 366 367 /*---------------------------------------------------------------------------*/ 368 369 static void ax_changedmtu(struct mkiss *ax) 370 { 371 struct net_device *dev = ax->dev; 372 unsigned char *xbuff, *rbuff, *oxbuff, *orbuff; 373 int len; 374 375 len = dev->mtu * 2; 376 377 /* 378 * allow for arrival of larger UDP packets, even if we say not to 379 * also fixes a bug in which SunOS sends 512-byte packets even with 380 * an MSS of 128 381 */ 382 if (len < 576 * 2) 383 len = 576 * 2; 384 385 xbuff = kmalloc(len + 4, GFP_ATOMIC); 386 rbuff = kmalloc(len + 4, GFP_ATOMIC); 387 388 if (xbuff == NULL || rbuff == NULL) { 389 printk(KERN_ERR "mkiss: %s: unable to grow ax25 buffers, " 390 "MTU change cancelled.\n", 391 ax->dev->name); 392 dev->mtu = ax->mtu; 393 kfree(xbuff); 394 kfree(rbuff); 395 return; 396 } 397 398 spin_lock_bh(&ax->buflock); 399 400 oxbuff = ax->xbuff; 401 ax->xbuff = xbuff; 402 orbuff = ax->rbuff; 403 ax->rbuff = rbuff; 404 405 if (ax->xleft) { 406 if (ax->xleft <= len) { 407 memcpy(ax->xbuff, ax->xhead, ax->xleft); 408 } else { 409 ax->xleft = 0; 410 ax->stats.tx_dropped++; 411 } 412 } 413 414 ax->xhead = ax->xbuff; 415 416 if (ax->rcount) { 417 if (ax->rcount <= len) { 418 memcpy(ax->rbuff, orbuff, ax->rcount); 419 } else { 420 ax->rcount = 0; 421 ax->stats.rx_over_errors++; 422 set_bit(AXF_ERROR, &ax->flags); 423 } 424 } 425 426 ax->mtu = dev->mtu + 73; 427 ax->buffsize = len; 428 429 spin_unlock_bh(&ax->buflock); 430 431 kfree(oxbuff); 432 kfree(orbuff); 433 } 434 435 /* Encapsulate one AX.25 packet and stuff into a TTY queue. */ 436 static void ax_encaps(struct net_device *dev, unsigned char *icp, int len) 437 { 438 struct mkiss *ax = netdev_priv(dev); 439 unsigned char *p; 440 int actual, count; 441 442 if (ax->mtu != ax->dev->mtu + 73) /* Someone has been ifconfigging */ 443 ax_changedmtu(ax); 444 445 if (len > ax->mtu) { /* Sigh, shouldn't occur BUT ... */ 446 len = ax->mtu; 447 printk(KERN_ERR "mkiss: %s: truncating oversized transmit packet!\n", ax->dev->name); 448 ax->stats.tx_dropped++; 449 netif_start_queue(dev); 450 return; 451 } 452 453 p = icp; 454 455 spin_lock_bh(&ax->buflock); 456 if ((*p & 0x0f) != 0) { 457 /* Configuration Command (kissparms(1). 458 * Protocol spec says: never append CRC. 459 * This fixes a very old bug in the linux 460 * kiss driver. -- dl9sau */ 461 switch (*p & 0xff) { 462 case 0x85: 463 /* command from userspace especially for us, 464 * not for delivery to the tnc */ 465 if (len > 1) { 466 int cmd = (p[1] & 0xff); 467 switch(cmd) { 468 case 3: 469 ax->crcmode = CRC_MODE_SMACK; 470 break; 471 case 2: 472 ax->crcmode = CRC_MODE_FLEX; 473 break; 474 case 1: 475 ax->crcmode = CRC_MODE_NONE; 476 break; 477 case 0: 478 default: 479 ax->crcmode = CRC_MODE_SMACK_TEST; 480 cmd = 0; 481 } 482 ax->crcauto = (cmd ? 0 : 1); 483 printk(KERN_INFO "mkiss: %s: crc mode %s %d\n", ax->dev->name, (len) ? "set to" : "is", cmd); 484 } 485 spin_unlock_bh(&ax->buflock); 486 netif_start_queue(dev); 487 488 return; 489 default: 490 count = kiss_esc(p, (unsigned char *)ax->xbuff, len); 491 } 492 } else { 493 unsigned short crc; 494 switch (ax->crcmode) { 495 case CRC_MODE_SMACK_TEST: 496 ax->crcmode = CRC_MODE_FLEX_TEST; 497 printk(KERN_INFO "mkiss: %s: Trying crc-smack\n", ax->dev->name); 498 // fall through 499 case CRC_MODE_SMACK: 500 *p |= 0x80; 501 crc = swab16(crc16(0, p, len)); 502 count = kiss_esc_crc(p, (unsigned char *)ax->xbuff, crc, len+2); 503 break; 504 case CRC_MODE_FLEX_TEST: 505 ax->crcmode = CRC_MODE_NONE; 506 printk(KERN_INFO "mkiss: %s: Trying crc-flexnet\n", ax->dev->name); 507 // fall through 508 case CRC_MODE_FLEX: 509 *p |= 0x20; 510 crc = calc_crc_flex(p, len); 511 count = kiss_esc_crc(p, (unsigned char *)ax->xbuff, crc, len+2); 512 break; 513 514 default: 515 count = kiss_esc(p, (unsigned char *)ax->xbuff, len); 516 } 517 } 518 spin_unlock_bh(&ax->buflock); 519 520 set_bit(TTY_DO_WRITE_WAKEUP, &ax->tty->flags); 521 actual = ax->tty->driver->write(ax->tty, ax->xbuff, count); 522 ax->stats.tx_packets++; 523 ax->stats.tx_bytes += actual; 524 525 ax->dev->trans_start = jiffies; 526 ax->xleft = count - actual; 527 ax->xhead = ax->xbuff + actual; 528 } 529 530 /* Encapsulate an AX.25 packet and kick it into a TTY queue. */ 531 static int ax_xmit(struct sk_buff *skb, struct net_device *dev) 532 { 533 struct mkiss *ax = netdev_priv(dev); 534 535 if (!netif_running(dev)) { 536 printk(KERN_ERR "mkiss: %s: xmit call when iface is down\n", dev->name); 537 return 1; 538 } 539 540 if (netif_queue_stopped(dev)) { 541 /* 542 * May be we must check transmitter timeout here ? 543 * 14 Oct 1994 Dmitry Gorodchanin. 544 */ 545 if (time_before(jiffies, dev->trans_start + 20 * HZ)) { 546 /* 20 sec timeout not reached */ 547 return 1; 548 } 549 550 printk(KERN_ERR "mkiss: %s: transmit timed out, %s?\n", dev->name, 551 (ax->tty->driver->chars_in_buffer(ax->tty) || ax->xleft) ? 552 "bad line quality" : "driver error"); 553 554 ax->xleft = 0; 555 clear_bit(TTY_DO_WRITE_WAKEUP, &ax->tty->flags); 556 netif_start_queue(dev); 557 } 558 559 /* We were not busy, so we are now... :-) */ 560 if (skb != NULL) { 561 netif_stop_queue(dev); 562 ax_encaps(dev, skb->data, skb->len); 563 kfree_skb(skb); 564 } 565 566 return 0; 567 } 568 569 static int ax_open_dev(struct net_device *dev) 570 { 571 struct mkiss *ax = netdev_priv(dev); 572 573 if (ax->tty == NULL) 574 return -ENODEV; 575 576 return 0; 577 } 578 579 #if defined(CONFIG_AX25) || defined(CONFIG_AX25_MODULE) 580 581 /* Return the frame type ID */ 582 static int ax_header(struct sk_buff *skb, struct net_device *dev, unsigned short type, 583 void *daddr, void *saddr, unsigned len) 584 { 585 #ifdef CONFIG_INET 586 if (type != htons(ETH_P_AX25)) 587 return ax25_hard_header(skb, dev, type, daddr, saddr, len); 588 #endif 589 return 0; 590 } 591 592 593 static int ax_rebuild_header(struct sk_buff *skb) 594 { 595 #ifdef CONFIG_INET 596 return ax25_rebuild_header(skb); 597 #else 598 return 0; 599 #endif 600 } 601 602 #endif /* CONFIG_{AX25,AX25_MODULE} */ 603 604 /* Open the low-level part of the AX25 channel. Easy! */ 605 static int ax_open(struct net_device *dev) 606 { 607 struct mkiss *ax = netdev_priv(dev); 608 unsigned long len; 609 610 if (ax->tty == NULL) 611 return -ENODEV; 612 613 /* 614 * Allocate the frame buffers: 615 * 616 * rbuff Receive buffer. 617 * xbuff Transmit buffer. 618 */ 619 len = dev->mtu * 2; 620 621 /* 622 * allow for arrival of larger UDP packets, even if we say not to 623 * also fixes a bug in which SunOS sends 512-byte packets even with 624 * an MSS of 128 625 */ 626 if (len < 576 * 2) 627 len = 576 * 2; 628 629 if ((ax->rbuff = kmalloc(len + 4, GFP_KERNEL)) == NULL) 630 goto norbuff; 631 632 if ((ax->xbuff = kmalloc(len + 4, GFP_KERNEL)) == NULL) 633 goto noxbuff; 634 635 ax->mtu = dev->mtu + 73; 636 ax->buffsize = len; 637 ax->rcount = 0; 638 ax->xleft = 0; 639 640 ax->flags &= (1 << AXF_INUSE); /* Clear ESCAPE & ERROR flags */ 641 642 spin_lock_init(&ax->buflock); 643 644 return 0; 645 646 noxbuff: 647 kfree(ax->rbuff); 648 649 norbuff: 650 return -ENOMEM; 651 } 652 653 654 /* Close the low-level part of the AX25 channel. Easy! */ 655 static int ax_close(struct net_device *dev) 656 { 657 struct mkiss *ax = netdev_priv(dev); 658 659 if (ax->tty) 660 clear_bit(TTY_DO_WRITE_WAKEUP, &ax->tty->flags); 661 662 netif_stop_queue(dev); 663 664 return 0; 665 } 666 667 static struct net_device_stats *ax_get_stats(struct net_device *dev) 668 { 669 struct mkiss *ax = netdev_priv(dev); 670 671 return &ax->stats; 672 } 673 674 static void ax_setup(struct net_device *dev) 675 { 676 static char ax25_bcast[AX25_ADDR_LEN] = 677 {'Q'<<1,'S'<<1,'T'<<1,' '<<1,' '<<1,' '<<1,'0'<<1}; 678 static char ax25_test[AX25_ADDR_LEN] = 679 {'L'<<1,'I'<<1,'N'<<1,'U'<<1,'X'<<1,' '<<1,'1'<<1}; 680 681 /* Finish setting up the DEVICE info. */ 682 dev->mtu = AX_MTU; 683 dev->hard_start_xmit = ax_xmit; 684 dev->open = ax_open_dev; 685 dev->stop = ax_close; 686 dev->get_stats = ax_get_stats; 687 dev->set_mac_address = ax_set_mac_address; 688 dev->hard_header_len = 0; 689 dev->addr_len = 0; 690 dev->type = ARPHRD_AX25; 691 dev->tx_queue_len = 10; 692 dev->hard_header = ax_header; 693 dev->rebuild_header = ax_rebuild_header; 694 695 memcpy(dev->broadcast, ax25_bcast, AX25_ADDR_LEN); 696 memcpy(dev->dev_addr, ax25_test, AX25_ADDR_LEN); 697 698 dev->flags = IFF_BROADCAST | IFF_MULTICAST; 699 } 700 701 /* 702 * We have a potential race on dereferencing tty->disc_data, because the tty 703 * layer provides no locking at all - thus one cpu could be running 704 * sixpack_receive_buf while another calls sixpack_close, which zeroes 705 * tty->disc_data and frees the memory that sixpack_receive_buf is using. The 706 * best way to fix this is to use a rwlock in the tty struct, but for now we 707 * use a single global rwlock for all ttys in ppp line discipline. 708 */ 709 static DEFINE_RWLOCK(disc_data_lock); 710 711 static struct mkiss *mkiss_get(struct tty_struct *tty) 712 { 713 struct mkiss *ax; 714 715 read_lock(&disc_data_lock); 716 ax = tty->disc_data; 717 if (ax) 718 atomic_inc(&ax->refcnt); 719 read_unlock(&disc_data_lock); 720 721 return ax; 722 } 723 724 static void mkiss_put(struct mkiss *ax) 725 { 726 if (atomic_dec_and_test(&ax->refcnt)) 727 up(&ax->dead_sem); 728 } 729 730 static int crc_force = 0; /* Can be overridden with insmod */ 731 732 static int mkiss_open(struct tty_struct *tty) 733 { 734 struct net_device *dev; 735 struct mkiss *ax; 736 int err; 737 738 if (!capable(CAP_NET_ADMIN)) 739 return -EPERM; 740 741 dev = alloc_netdev(sizeof(struct mkiss), "ax%d", ax_setup); 742 if (!dev) { 743 err = -ENOMEM; 744 goto out; 745 } 746 747 ax = netdev_priv(dev); 748 ax->dev = dev; 749 750 spin_lock_init(&ax->buflock); 751 atomic_set(&ax->refcnt, 1); 752 init_MUTEX_LOCKED(&ax->dead_sem); 753 754 ax->tty = tty; 755 tty->disc_data = ax; 756 757 if (tty->driver->flush_buffer) 758 tty->driver->flush_buffer(tty); 759 760 /* Restore default settings */ 761 dev->type = ARPHRD_AX25; 762 763 /* Perform the low-level AX25 initialization. */ 764 if ((err = ax_open(ax->dev))) { 765 goto out_free_netdev; 766 } 767 768 if (register_netdev(dev)) 769 goto out_free_buffers; 770 771 /* after register_netdev() - because else printk smashes the kernel */ 772 switch (crc_force) { 773 case 3: 774 ax->crcmode = CRC_MODE_SMACK; 775 printk(KERN_INFO "mkiss: %s: crc mode smack forced.\n", 776 ax->dev->name); 777 break; 778 case 2: 779 ax->crcmode = CRC_MODE_FLEX; 780 printk(KERN_INFO "mkiss: %s: crc mode flexnet forced.\n", 781 ax->dev->name); 782 break; 783 case 1: 784 ax->crcmode = CRC_MODE_NONE; 785 printk(KERN_INFO "mkiss: %s: crc mode disabled.\n", 786 ax->dev->name); 787 break; 788 case 0: 789 /* fall through */ 790 default: 791 crc_force = 0; 792 printk(KERN_INFO "mkiss: %s: crc mode is auto.\n", 793 ax->dev->name); 794 ax->crcmode = CRC_MODE_SMACK_TEST; 795 } 796 ax->crcauto = (crc_force ? 0 : 1); 797 798 netif_start_queue(dev); 799 800 /* Done. We have linked the TTY line to a channel. */ 801 return 0; 802 803 out_free_buffers: 804 kfree(ax->rbuff); 805 kfree(ax->xbuff); 806 807 out_free_netdev: 808 free_netdev(dev); 809 810 out: 811 return err; 812 } 813 814 static void mkiss_close(struct tty_struct *tty) 815 { 816 struct mkiss *ax; 817 818 write_lock(&disc_data_lock); 819 ax = tty->disc_data; 820 tty->disc_data = NULL; 821 write_unlock(&disc_data_lock); 822 823 if (ax == 0) 824 return; 825 826 /* 827 * We have now ensured that nobody can start using ap from now on, but 828 * we have to wait for all existing users to finish. 829 */ 830 if (!atomic_dec_and_test(&ax->refcnt)) 831 down(&ax->dead_sem); 832 833 unregister_netdev(ax->dev); 834 835 /* Free all AX25 frame buffers. */ 836 kfree(ax->rbuff); 837 kfree(ax->xbuff); 838 839 ax->tty = NULL; 840 } 841 842 /* Perform I/O control on an active ax25 channel. */ 843 static int mkiss_ioctl(struct tty_struct *tty, struct file *file, 844 unsigned int cmd, unsigned long arg) 845 { 846 struct mkiss *ax = mkiss_get(tty); 847 struct net_device *dev = ax->dev; 848 unsigned int tmp, err; 849 850 /* First make sure we're connected. */ 851 if (ax == NULL) 852 return -ENXIO; 853 854 switch (cmd) { 855 case SIOCGIFNAME: 856 err = copy_to_user((void __user *) arg, ax->dev->name, 857 strlen(ax->dev->name) + 1) ? -EFAULT : 0; 858 break; 859 860 case SIOCGIFENCAP: 861 err = put_user(4, (int __user *) arg); 862 break; 863 864 case SIOCSIFENCAP: 865 if (get_user(tmp, (int __user *) arg)) { 866 err = -EFAULT; 867 break; 868 } 869 870 ax->mode = tmp; 871 dev->addr_len = AX25_ADDR_LEN; 872 dev->hard_header_len = AX25_KISS_HEADER_LEN + 873 AX25_MAX_HEADER_LEN + 3; 874 dev->type = ARPHRD_AX25; 875 876 err = 0; 877 break; 878 879 case SIOCSIFHWADDR: { 880 char addr[AX25_ADDR_LEN]; 881 882 if (copy_from_user(&addr, 883 (void __user *) arg, AX25_ADDR_LEN)) { 884 err = -EFAULT; 885 break; 886 } 887 888 spin_lock_irq(&dev->xmit_lock); 889 memcpy(dev->dev_addr, addr, AX25_ADDR_LEN); 890 spin_unlock_irq(&dev->xmit_lock); 891 892 err = 0; 893 break; 894 } 895 default: 896 err = -ENOIOCTLCMD; 897 } 898 899 mkiss_put(ax); 900 901 return err; 902 } 903 904 /* 905 * Handle the 'receiver data ready' interrupt. 906 * This function is called by the 'tty_io' module in the kernel when 907 * a block of data has been received, which can now be decapsulated 908 * and sent on to the AX.25 layer for further processing. 909 */ 910 static void mkiss_receive_buf(struct tty_struct *tty, const unsigned char *cp, 911 char *fp, int count) 912 { 913 struct mkiss *ax = mkiss_get(tty); 914 915 if (!ax) 916 return; 917 918 /* 919 * Argh! mtu change time! - costs us the packet part received 920 * at the change 921 */ 922 if (ax->mtu != ax->dev->mtu + 73) 923 ax_changedmtu(ax); 924 925 /* Read the characters out of the buffer */ 926 while (count--) { 927 if (fp != NULL && *fp++) { 928 if (!test_and_set_bit(AXF_ERROR, &ax->flags)) 929 ax->stats.rx_errors++; 930 cp++; 931 continue; 932 } 933 934 kiss_unesc(ax, *cp++); 935 } 936 937 mkiss_put(ax); 938 if (test_and_clear_bit(TTY_THROTTLED, &tty->flags) 939 && tty->driver->unthrottle) 940 tty->driver->unthrottle(tty); 941 } 942 943 static int mkiss_receive_room(struct tty_struct *tty) 944 { 945 return 65536; /* We can handle an infinite amount of data. :-) */ 946 } 947 948 /* 949 * Called by the driver when there's room for more data. If we have 950 * more packets to send, we send them here. 951 */ 952 static void mkiss_write_wakeup(struct tty_struct *tty) 953 { 954 struct mkiss *ax = mkiss_get(tty); 955 int actual; 956 957 if (!ax) 958 return; 959 960 if (ax->xleft <= 0) { 961 /* Now serial buffer is almost free & we can start 962 * transmission of another packet 963 */ 964 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 965 966 netif_wake_queue(ax->dev); 967 goto out; 968 } 969 970 actual = tty->driver->write(tty, ax->xhead, ax->xleft); 971 ax->xleft -= actual; 972 ax->xhead += actual; 973 974 out: 975 mkiss_put(ax); 976 } 977 978 static struct tty_ldisc ax_ldisc = { 979 .owner = THIS_MODULE, 980 .magic = TTY_LDISC_MAGIC, 981 .name = "mkiss", 982 .open = mkiss_open, 983 .close = mkiss_close, 984 .ioctl = mkiss_ioctl, 985 .receive_buf = mkiss_receive_buf, 986 .receive_room = mkiss_receive_room, 987 .write_wakeup = mkiss_write_wakeup 988 }; 989 990 static char banner[] __initdata = KERN_INFO \ 991 "mkiss: AX.25 Multikiss, Hans Albas PE1AYX\n"; 992 static char msg_regfail[] __initdata = KERN_ERR \ 993 "mkiss: can't register line discipline (err = %d)\n"; 994 995 static int __init mkiss_init_driver(void) 996 { 997 int status; 998 999 printk(banner); 1000 1001 if ((status = tty_register_ldisc(N_AX25, &ax_ldisc)) != 0) 1002 printk(msg_regfail); 1003 1004 return status; 1005 } 1006 1007 static const char msg_unregfail[] __exitdata = KERN_ERR \ 1008 "mkiss: can't unregister line discipline (err = %d)\n"; 1009 1010 static void __exit mkiss_exit_driver(void) 1011 { 1012 int ret; 1013 1014 if ((ret = tty_unregister_ldisc(N_AX25))) 1015 printk(msg_unregfail, ret); 1016 } 1017 1018 MODULE_AUTHOR("Ralf Baechle DL5RB <ralf@linux-mips.org>"); 1019 MODULE_DESCRIPTION("KISS driver for AX.25 over TTYs"); 1020 MODULE_PARM(crc_force, "i"); 1021 MODULE_PARM_DESC(crc_force, "crc [0 = auto | 1 = none | 2 = flexnet | 3 = smack]"); 1022 MODULE_LICENSE("GPL"); 1023 MODULE_ALIAS_LDISC(N_AX25); 1024 1025 module_init(mkiss_init_driver); 1026 module_exit(mkiss_exit_driver); 1027