1 /* 2 * n_gsm.c GSM 0710 tty multiplexor 3 * Copyright (c) 2009/10 Intel Corporation 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 * 18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 19 * 20 * TO DO: 21 * Mostly done: ioctls for setting modes/timing 22 * Partly done: hooks so you can pull off frames to non tty devs 23 * Restart DLCI 0 when it closes ? 24 * Improve the tx engine 25 * Resolve tx side locking by adding a queue_head and routing 26 * all control traffic via it 27 * General tidy/document 28 * Review the locking/move to refcounts more (mux now moved to an 29 * alloc/free model ready) 30 * Use newest tty open/close port helpers and install hooks 31 * What to do about power functions ? 32 * Termios setting and negotiation 33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 34 * 35 */ 36 37 #include <linux/types.h> 38 #include <linux/major.h> 39 #include <linux/errno.h> 40 #include <linux/signal.h> 41 #include <linux/fcntl.h> 42 #include <linux/sched.h> 43 #include <linux/interrupt.h> 44 #include <linux/tty.h> 45 #include <linux/ctype.h> 46 #include <linux/mm.h> 47 #include <linux/string.h> 48 #include <linux/slab.h> 49 #include <linux/poll.h> 50 #include <linux/bitops.h> 51 #include <linux/file.h> 52 #include <linux/uaccess.h> 53 #include <linux/module.h> 54 #include <linux/timer.h> 55 #include <linux/tty_flip.h> 56 #include <linux/tty_driver.h> 57 #include <linux/serial.h> 58 #include <linux/kfifo.h> 59 #include <linux/skbuff.h> 60 #include <net/arp.h> 61 #include <linux/ip.h> 62 #include <linux/netdevice.h> 63 #include <linux/etherdevice.h> 64 #include <linux/gsmmux.h> 65 66 static int debug; 67 module_param(debug, int, 0600); 68 69 /* Defaults: these are from the specification */ 70 71 #define T1 10 /* 100mS */ 72 #define T2 34 /* 333mS */ 73 #define N2 3 /* Retry 3 times */ 74 75 /* Use long timers for testing at low speed with debug on */ 76 #ifdef DEBUG_TIMING 77 #define T1 100 78 #define T2 200 79 #endif 80 81 /* 82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 83 * limits so this is plenty 84 */ 85 #define MAX_MRU 1500 86 #define MAX_MTU 1500 87 #define GSM_NET_TX_TIMEOUT (HZ*10) 88 89 /** 90 * struct gsm_mux_net - network interface 91 * @struct gsm_dlci* dlci 92 * @struct net_device_stats stats; 93 * 94 * Created when net interface is initialized. 95 **/ 96 struct gsm_mux_net { 97 struct kref ref; 98 struct gsm_dlci *dlci; 99 struct net_device_stats stats; 100 }; 101 102 #define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats) 103 104 /* 105 * Each block of data we have queued to go out is in the form of 106 * a gsm_msg which holds everything we need in a link layer independent 107 * format 108 */ 109 110 struct gsm_msg { 111 struct list_head list; 112 u8 addr; /* DLCI address + flags */ 113 u8 ctrl; /* Control byte + flags */ 114 unsigned int len; /* Length of data block (can be zero) */ 115 unsigned char *data; /* Points into buffer but not at the start */ 116 unsigned char buffer[0]; 117 }; 118 119 /* 120 * Each active data link has a gsm_dlci structure associated which ties 121 * the link layer to an optional tty (if the tty side is open). To avoid 122 * complexity right now these are only ever freed up when the mux is 123 * shut down. 124 * 125 * At the moment we don't free DLCI objects until the mux is torn down 126 * this avoid object life time issues but might be worth review later. 127 */ 128 129 struct gsm_dlci { 130 struct gsm_mux *gsm; 131 int addr; 132 int state; 133 #define DLCI_CLOSED 0 134 #define DLCI_OPENING 1 /* Sending SABM not seen UA */ 135 #define DLCI_OPEN 2 /* SABM/UA complete */ 136 #define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */ 137 struct mutex mutex; 138 139 /* Link layer */ 140 spinlock_t lock; /* Protects the internal state */ 141 struct timer_list t1; /* Retransmit timer for SABM and UA */ 142 int retries; 143 /* Uplink tty if active */ 144 struct tty_port port; /* The tty bound to this DLCI if there is one */ 145 struct kfifo *fifo; /* Queue fifo for the DLCI */ 146 struct kfifo _fifo; /* For new fifo API porting only */ 147 int adaption; /* Adaption layer in use */ 148 int prev_adaption; 149 u32 modem_rx; /* Our incoming virtual modem lines */ 150 u32 modem_tx; /* Our outgoing modem lines */ 151 int dead; /* Refuse re-open */ 152 /* Flow control */ 153 int throttled; /* Private copy of throttle state */ 154 int constipated; /* Throttle status for outgoing */ 155 /* Packetised I/O */ 156 struct sk_buff *skb; /* Frame being sent */ 157 struct sk_buff_head skb_list; /* Queued frames */ 158 /* Data handling callback */ 159 void (*data)(struct gsm_dlci *dlci, u8 *data, int len); 160 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len); 161 struct net_device *net; /* network interface, if created */ 162 }; 163 164 /* DLCI 0, 62/63 are special or reseved see gsmtty_open */ 165 166 #define NUM_DLCI 64 167 168 /* 169 * DLCI 0 is used to pass control blocks out of band of the data 170 * flow (and with a higher link priority). One command can be outstanding 171 * at a time and we use this structure to manage them. They are created 172 * and destroyed by the user context, and updated by the receive paths 173 * and timers 174 */ 175 176 struct gsm_control { 177 u8 cmd; /* Command we are issuing */ 178 u8 *data; /* Data for the command in case we retransmit */ 179 int len; /* Length of block for retransmission */ 180 int done; /* Done flag */ 181 int error; /* Error if any */ 182 }; 183 184 /* 185 * Each GSM mux we have is represented by this structure. If we are 186 * operating as an ldisc then we use this structure as our ldisc 187 * state. We need to sort out lifetimes and locking with respect 188 * to the gsm mux array. For now we don't free DLCI objects that 189 * have been instantiated until the mux itself is terminated. 190 * 191 * To consider further: tty open versus mux shutdown. 192 */ 193 194 struct gsm_mux { 195 struct tty_struct *tty; /* The tty our ldisc is bound to */ 196 spinlock_t lock; 197 unsigned int num; 198 struct kref ref; 199 200 /* Events on the GSM channel */ 201 wait_queue_head_t event; 202 203 /* Bits for GSM mode decoding */ 204 205 /* Framing Layer */ 206 unsigned char *buf; 207 int state; 208 #define GSM_SEARCH 0 209 #define GSM_START 1 210 #define GSM_ADDRESS 2 211 #define GSM_CONTROL 3 212 #define GSM_LEN 4 213 #define GSM_DATA 5 214 #define GSM_FCS 6 215 #define GSM_OVERRUN 7 216 #define GSM_LEN0 8 217 #define GSM_LEN1 9 218 #define GSM_SSOF 10 219 unsigned int len; 220 unsigned int address; 221 unsigned int count; 222 int escape; 223 int encoding; 224 u8 control; 225 u8 fcs; 226 u8 received_fcs; 227 u8 *txframe; /* TX framing buffer */ 228 229 /* Methods for the receiver side */ 230 void (*receive)(struct gsm_mux *gsm, u8 ch); 231 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag); 232 /* And transmit side */ 233 int (*output)(struct gsm_mux *mux, u8 *data, int len); 234 235 /* Link Layer */ 236 unsigned int mru; 237 unsigned int mtu; 238 int initiator; /* Did we initiate connection */ 239 int dead; /* Has the mux been shut down */ 240 struct gsm_dlci *dlci[NUM_DLCI]; 241 int constipated; /* Asked by remote to shut up */ 242 243 spinlock_t tx_lock; 244 unsigned int tx_bytes; /* TX data outstanding */ 245 #define TX_THRESH_HI 8192 246 #define TX_THRESH_LO 2048 247 struct list_head tx_list; /* Pending data packets */ 248 249 /* Control messages */ 250 struct timer_list t2_timer; /* Retransmit timer for commands */ 251 int cretries; /* Command retry counter */ 252 struct gsm_control *pending_cmd;/* Our current pending command */ 253 spinlock_t control_lock; /* Protects the pending command */ 254 255 /* Configuration */ 256 int adaption; /* 1 or 2 supported */ 257 u8 ftype; /* UI or UIH */ 258 int t1, t2; /* Timers in 1/100th of a sec */ 259 int n2; /* Retry count */ 260 261 /* Statistics (not currently exposed) */ 262 unsigned long bad_fcs; 263 unsigned long malformed; 264 unsigned long io_error; 265 unsigned long bad_size; 266 unsigned long unsupported; 267 }; 268 269 270 /* 271 * Mux objects - needed so that we can translate a tty index into the 272 * relevant mux and DLCI. 273 */ 274 275 #define MAX_MUX 4 /* 256 minors */ 276 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 277 static spinlock_t gsm_mux_lock; 278 279 static struct tty_driver *gsm_tty_driver; 280 281 /* 282 * This section of the driver logic implements the GSM encodings 283 * both the basic and the 'advanced'. Reliable transport is not 284 * supported. 285 */ 286 287 #define CR 0x02 288 #define EA 0x01 289 #define PF 0x10 290 291 /* I is special: the rest are ..*/ 292 #define RR 0x01 293 #define UI 0x03 294 #define RNR 0x05 295 #define REJ 0x09 296 #define DM 0x0F 297 #define SABM 0x2F 298 #define DISC 0x43 299 #define UA 0x63 300 #define UIH 0xEF 301 302 /* Channel commands */ 303 #define CMD_NSC 0x09 304 #define CMD_TEST 0x11 305 #define CMD_PSC 0x21 306 #define CMD_RLS 0x29 307 #define CMD_FCOFF 0x31 308 #define CMD_PN 0x41 309 #define CMD_RPN 0x49 310 #define CMD_FCON 0x51 311 #define CMD_CLD 0x61 312 #define CMD_SNC 0x69 313 #define CMD_MSC 0x71 314 315 /* Virtual modem bits */ 316 #define MDM_FC 0x01 317 #define MDM_RTC 0x02 318 #define MDM_RTR 0x04 319 #define MDM_IC 0x20 320 #define MDM_DV 0x40 321 322 #define GSM0_SOF 0xF9 323 #define GSM1_SOF 0x7E 324 #define GSM1_ESCAPE 0x7D 325 #define GSM1_ESCAPE_BITS 0x20 326 #define XON 0x11 327 #define XOFF 0x13 328 329 static const struct tty_port_operations gsm_port_ops; 330 331 /* 332 * CRC table for GSM 0710 333 */ 334 335 static const u8 gsm_fcs8[256] = { 336 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 337 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 338 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 339 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 340 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 341 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 342 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 343 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 344 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 345 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 346 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 347 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 348 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 349 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 350 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 351 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 352 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 353 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 354 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 355 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 356 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 357 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 358 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 359 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 360 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 361 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 362 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 363 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 364 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 365 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 366 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 367 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 368 }; 369 370 #define INIT_FCS 0xFF 371 #define GOOD_FCS 0xCF 372 373 /** 374 * gsm_fcs_add - update FCS 375 * @fcs: Current FCS 376 * @c: Next data 377 * 378 * Update the FCS to include c. Uses the algorithm in the specification 379 * notes. 380 */ 381 382 static inline u8 gsm_fcs_add(u8 fcs, u8 c) 383 { 384 return gsm_fcs8[fcs ^ c]; 385 } 386 387 /** 388 * gsm_fcs_add_block - update FCS for a block 389 * @fcs: Current FCS 390 * @c: buffer of data 391 * @len: length of buffer 392 * 393 * Update the FCS to include c. Uses the algorithm in the specification 394 * notes. 395 */ 396 397 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 398 { 399 while (len--) 400 fcs = gsm_fcs8[fcs ^ *c++]; 401 return fcs; 402 } 403 404 /** 405 * gsm_read_ea - read a byte into an EA 406 * @val: variable holding value 407 * c: byte going into the EA 408 * 409 * Processes one byte of an EA. Updates the passed variable 410 * and returns 1 if the EA is now completely read 411 */ 412 413 static int gsm_read_ea(unsigned int *val, u8 c) 414 { 415 /* Add the next 7 bits into the value */ 416 *val <<= 7; 417 *val |= c >> 1; 418 /* Was this the last byte of the EA 1 = yes*/ 419 return c & EA; 420 } 421 422 /** 423 * gsm_encode_modem - encode modem data bits 424 * @dlci: DLCI to encode from 425 * 426 * Returns the correct GSM encoded modem status bits (6 bit field) for 427 * the current status of the DLCI and attached tty object 428 */ 429 430 static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 431 { 432 u8 modembits = 0; 433 /* FC is true flow control not modem bits */ 434 if (dlci->throttled) 435 modembits |= MDM_FC; 436 if (dlci->modem_tx & TIOCM_DTR) 437 modembits |= MDM_RTC; 438 if (dlci->modem_tx & TIOCM_RTS) 439 modembits |= MDM_RTR; 440 if (dlci->modem_tx & TIOCM_RI) 441 modembits |= MDM_IC; 442 if (dlci->modem_tx & TIOCM_CD) 443 modembits |= MDM_DV; 444 return modembits; 445 } 446 447 /** 448 * gsm_print_packet - display a frame for debug 449 * @hdr: header to print before decode 450 * @addr: address EA from the frame 451 * @cr: C/R bit from the frame 452 * @control: control including PF bit 453 * @data: following data bytes 454 * @dlen: length of data 455 * 456 * Displays a packet in human readable format for debugging purposes. The 457 * style is based on amateur radio LAP-B dump display. 458 */ 459 460 static void gsm_print_packet(const char *hdr, int addr, int cr, 461 u8 control, const u8 *data, int dlen) 462 { 463 if (!(debug & 1)) 464 return; 465 466 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 467 468 switch (control & ~PF) { 469 case SABM: 470 pr_cont("SABM"); 471 break; 472 case UA: 473 pr_cont("UA"); 474 break; 475 case DISC: 476 pr_cont("DISC"); 477 break; 478 case DM: 479 pr_cont("DM"); 480 break; 481 case UI: 482 pr_cont("UI"); 483 break; 484 case UIH: 485 pr_cont("UIH"); 486 break; 487 default: 488 if (!(control & 0x01)) { 489 pr_cont("I N(S)%d N(R)%d", 490 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 491 } else switch (control & 0x0F) { 492 case RR: 493 pr_cont("RR(%d)", (control & 0xE0) >> 5); 494 break; 495 case RNR: 496 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 497 break; 498 case REJ: 499 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 500 break; 501 default: 502 pr_cont("[%02X]", control); 503 } 504 } 505 506 if (control & PF) 507 pr_cont("(P)"); 508 else 509 pr_cont("(F)"); 510 511 if (dlen) { 512 int ct = 0; 513 while (dlen--) { 514 if (ct % 8 == 0) { 515 pr_cont("\n"); 516 pr_debug(" "); 517 } 518 pr_cont("%02X ", *data++); 519 ct++; 520 } 521 } 522 pr_cont("\n"); 523 } 524 525 526 /* 527 * Link level transmission side 528 */ 529 530 /** 531 * gsm_stuff_packet - bytestuff a packet 532 * @ibuf: input 533 * @obuf: output 534 * @len: length of input 535 * 536 * Expand a buffer by bytestuffing it. The worst case size change 537 * is doubling and the caller is responsible for handing out 538 * suitable sized buffers. 539 */ 540 541 static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 542 { 543 int olen = 0; 544 while (len--) { 545 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 546 || *input == XON || *input == XOFF) { 547 *output++ = GSM1_ESCAPE; 548 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 549 olen++; 550 } else 551 *output++ = *input++; 552 olen++; 553 } 554 return olen; 555 } 556 557 /** 558 * gsm_send - send a control frame 559 * @gsm: our GSM mux 560 * @addr: address for control frame 561 * @cr: command/response bit 562 * @control: control byte including PF bit 563 * 564 * Format up and transmit a control frame. These do not go via the 565 * queueing logic as they should be transmitted ahead of data when 566 * they are needed. 567 * 568 * FIXME: Lock versus data TX path 569 */ 570 571 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 572 { 573 int len; 574 u8 cbuf[10]; 575 u8 ibuf[3]; 576 577 switch (gsm->encoding) { 578 case 0: 579 cbuf[0] = GSM0_SOF; 580 cbuf[1] = (addr << 2) | (cr << 1) | EA; 581 cbuf[2] = control; 582 cbuf[3] = EA; /* Length of data = 0 */ 583 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 584 cbuf[5] = GSM0_SOF; 585 len = 6; 586 break; 587 case 1: 588 case 2: 589 /* Control frame + packing (but not frame stuffing) in mode 1 */ 590 ibuf[0] = (addr << 2) | (cr << 1) | EA; 591 ibuf[1] = control; 592 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 593 /* Stuffing may double the size worst case */ 594 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 595 /* Now add the SOF markers */ 596 cbuf[0] = GSM1_SOF; 597 cbuf[len + 1] = GSM1_SOF; 598 /* FIXME: we can omit the lead one in many cases */ 599 len += 2; 600 break; 601 default: 602 WARN_ON(1); 603 return; 604 } 605 gsm->output(gsm, cbuf, len); 606 gsm_print_packet("-->", addr, cr, control, NULL, 0); 607 } 608 609 /** 610 * gsm_response - send a control response 611 * @gsm: our GSM mux 612 * @addr: address for control frame 613 * @control: control byte including PF bit 614 * 615 * Format up and transmit a link level response frame. 616 */ 617 618 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 619 { 620 gsm_send(gsm, addr, 0, control); 621 } 622 623 /** 624 * gsm_command - send a control command 625 * @gsm: our GSM mux 626 * @addr: address for control frame 627 * @control: control byte including PF bit 628 * 629 * Format up and transmit a link level command frame. 630 */ 631 632 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 633 { 634 gsm_send(gsm, addr, 1, control); 635 } 636 637 /* Data transmission */ 638 639 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 640 641 /** 642 * gsm_data_alloc - allocate data frame 643 * @gsm: GSM mux 644 * @addr: DLCI address 645 * @len: length excluding header and FCS 646 * @ctrl: control byte 647 * 648 * Allocate a new data buffer for sending frames with data. Space is left 649 * at the front for header bytes but that is treated as an implementation 650 * detail and not for the high level code to use 651 */ 652 653 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 654 u8 ctrl) 655 { 656 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 657 GFP_ATOMIC); 658 if (m == NULL) 659 return NULL; 660 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 661 m->len = len; 662 m->addr = addr; 663 m->ctrl = ctrl; 664 INIT_LIST_HEAD(&m->list); 665 return m; 666 } 667 668 /** 669 * gsm_data_kick - poke the queue 670 * @gsm: GSM Mux 671 * 672 * The tty device has called us to indicate that room has appeared in 673 * the transmit queue. Ram more data into the pipe if we have any 674 * If we have been flow-stopped by a CMD_FCOFF, then we can only 675 * send messages on DLCI0 until CMD_FCON 676 * 677 * FIXME: lock against link layer control transmissions 678 */ 679 680 static void gsm_data_kick(struct gsm_mux *gsm) 681 { 682 struct gsm_msg *msg, *nmsg; 683 int len; 684 int skip_sof = 0; 685 686 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 687 if (gsm->constipated && msg->addr) 688 continue; 689 if (gsm->encoding != 0) { 690 gsm->txframe[0] = GSM1_SOF; 691 len = gsm_stuff_frame(msg->data, 692 gsm->txframe + 1, msg->len); 693 gsm->txframe[len + 1] = GSM1_SOF; 694 len += 2; 695 } else { 696 gsm->txframe[0] = GSM0_SOF; 697 memcpy(gsm->txframe + 1 , msg->data, msg->len); 698 gsm->txframe[msg->len + 1] = GSM0_SOF; 699 len = msg->len + 2; 700 } 701 702 if (debug & 4) 703 print_hex_dump_bytes("gsm_data_kick: ", 704 DUMP_PREFIX_OFFSET, 705 gsm->txframe, len); 706 707 if (gsm->output(gsm, gsm->txframe + skip_sof, 708 len - skip_sof) < 0) 709 break; 710 /* FIXME: Can eliminate one SOF in many more cases */ 711 gsm->tx_bytes -= msg->len; 712 /* For a burst of frames skip the extra SOF within the 713 burst */ 714 skip_sof = 1; 715 716 list_del(&msg->list); 717 kfree(msg); 718 } 719 } 720 721 /** 722 * __gsm_data_queue - queue a UI or UIH frame 723 * @dlci: DLCI sending the data 724 * @msg: message queued 725 * 726 * Add data to the transmit queue and try and get stuff moving 727 * out of the mux tty if not already doing so. The Caller must hold 728 * the gsm tx lock. 729 */ 730 731 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 732 { 733 struct gsm_mux *gsm = dlci->gsm; 734 u8 *dp = msg->data; 735 u8 *fcs = dp + msg->len; 736 737 /* Fill in the header */ 738 if (gsm->encoding == 0) { 739 if (msg->len < 128) 740 *--dp = (msg->len << 1) | EA; 741 else { 742 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 743 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 744 } 745 } 746 747 *--dp = msg->ctrl; 748 if (gsm->initiator) 749 *--dp = (msg->addr << 2) | 2 | EA; 750 else 751 *--dp = (msg->addr << 2) | EA; 752 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 753 /* Ugly protocol layering violation */ 754 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 755 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 756 *fcs = 0xFF - *fcs; 757 758 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 759 msg->data, msg->len); 760 761 /* Move the header back and adjust the length, also allow for the FCS 762 now tacked on the end */ 763 msg->len += (msg->data - dp) + 1; 764 msg->data = dp; 765 766 /* Add to the actual output queue */ 767 list_add_tail(&msg->list, &gsm->tx_list); 768 gsm->tx_bytes += msg->len; 769 gsm_data_kick(gsm); 770 } 771 772 /** 773 * gsm_data_queue - queue a UI or UIH frame 774 * @dlci: DLCI sending the data 775 * @msg: message queued 776 * 777 * Add data to the transmit queue and try and get stuff moving 778 * out of the mux tty if not already doing so. Take the 779 * the gsm tx lock and dlci lock. 780 */ 781 782 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 783 { 784 unsigned long flags; 785 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 786 __gsm_data_queue(dlci, msg); 787 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 788 } 789 790 /** 791 * gsm_dlci_data_output - try and push data out of a DLCI 792 * @gsm: mux 793 * @dlci: the DLCI to pull data from 794 * 795 * Pull data from a DLCI and send it into the transmit queue if there 796 * is data. Keep to the MRU of the mux. This path handles the usual tty 797 * interface which is a byte stream with optional modem data. 798 * 799 * Caller must hold the tx_lock of the mux. 800 */ 801 802 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 803 { 804 struct gsm_msg *msg; 805 u8 *dp; 806 int len, total_size, size; 807 int h = dlci->adaption - 1; 808 809 total_size = 0; 810 while (1) { 811 len = kfifo_len(dlci->fifo); 812 if (len == 0) 813 return total_size; 814 815 /* MTU/MRU count only the data bits */ 816 if (len > gsm->mtu) 817 len = gsm->mtu; 818 819 size = len + h; 820 821 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 822 /* FIXME: need a timer or something to kick this so it can't 823 get stuck with no work outstanding and no buffer free */ 824 if (msg == NULL) 825 return -ENOMEM; 826 dp = msg->data; 827 switch (dlci->adaption) { 828 case 1: /* Unstructured */ 829 break; 830 case 2: /* Unstructed with modem bits. 831 Always one byte as we never send inline break data */ 832 *dp++ = gsm_encode_modem(dlci); 833 break; 834 } 835 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len); 836 __gsm_data_queue(dlci, msg); 837 total_size += size; 838 } 839 /* Bytes of data we used up */ 840 return total_size; 841 } 842 843 /** 844 * gsm_dlci_data_output_framed - try and push data out of a DLCI 845 * @gsm: mux 846 * @dlci: the DLCI to pull data from 847 * 848 * Pull data from a DLCI and send it into the transmit queue if there 849 * is data. Keep to the MRU of the mux. This path handles framed data 850 * queued as skbuffs to the DLCI. 851 * 852 * Caller must hold the tx_lock of the mux. 853 */ 854 855 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 856 struct gsm_dlci *dlci) 857 { 858 struct gsm_msg *msg; 859 u8 *dp; 860 int len, size; 861 int last = 0, first = 0; 862 int overhead = 0; 863 864 /* One byte per frame is used for B/F flags */ 865 if (dlci->adaption == 4) 866 overhead = 1; 867 868 /* dlci->skb is locked by tx_lock */ 869 if (dlci->skb == NULL) { 870 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 871 if (dlci->skb == NULL) 872 return 0; 873 first = 1; 874 } 875 len = dlci->skb->len + overhead; 876 877 /* MTU/MRU count only the data bits */ 878 if (len > gsm->mtu) { 879 if (dlci->adaption == 3) { 880 /* Over long frame, bin it */ 881 dev_kfree_skb_any(dlci->skb); 882 dlci->skb = NULL; 883 return 0; 884 } 885 len = gsm->mtu; 886 } else 887 last = 1; 888 889 size = len + overhead; 890 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 891 892 /* FIXME: need a timer or something to kick this so it can't 893 get stuck with no work outstanding and no buffer free */ 894 if (msg == NULL) { 895 skb_queue_tail(&dlci->skb_list, dlci->skb); 896 dlci->skb = NULL; 897 return -ENOMEM; 898 } 899 dp = msg->data; 900 901 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 902 /* Flag byte to carry the start/end info */ 903 *dp++ = last << 7 | first << 6 | 1; /* EA */ 904 len--; 905 } 906 memcpy(dp, dlci->skb->data, len); 907 skb_pull(dlci->skb, len); 908 __gsm_data_queue(dlci, msg); 909 if (last) { 910 dev_kfree_skb_any(dlci->skb); 911 dlci->skb = NULL; 912 } 913 return size; 914 } 915 916 /** 917 * gsm_dlci_data_sweep - look for data to send 918 * @gsm: the GSM mux 919 * 920 * Sweep the GSM mux channels in priority order looking for ones with 921 * data to send. We could do with optimising this scan a bit. We aim 922 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 923 * TX_THRESH_LO we get called again 924 * 925 * FIXME: We should round robin between groups and in theory you can 926 * renegotiate DLCI priorities with optional stuff. Needs optimising. 927 */ 928 929 static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 930 { 931 int len; 932 /* Priority ordering: We should do priority with RR of the groups */ 933 int i = 1; 934 935 while (i < NUM_DLCI) { 936 struct gsm_dlci *dlci; 937 938 if (gsm->tx_bytes > TX_THRESH_HI) 939 break; 940 dlci = gsm->dlci[i]; 941 if (dlci == NULL || dlci->constipated) { 942 i++; 943 continue; 944 } 945 if (dlci->adaption < 3 && !dlci->net) 946 len = gsm_dlci_data_output(gsm, dlci); 947 else 948 len = gsm_dlci_data_output_framed(gsm, dlci); 949 if (len < 0) 950 break; 951 /* DLCI empty - try the next */ 952 if (len == 0) 953 i++; 954 } 955 } 956 957 /** 958 * gsm_dlci_data_kick - transmit if possible 959 * @dlci: DLCI to kick 960 * 961 * Transmit data from this DLCI if the queue is empty. We can't rely on 962 * a tty wakeup except when we filled the pipe so we need to fire off 963 * new data ourselves in other cases. 964 */ 965 966 static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 967 { 968 unsigned long flags; 969 int sweep; 970 971 if (dlci->constipated) 972 return; 973 974 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 975 /* If we have nothing running then we need to fire up */ 976 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 977 if (dlci->gsm->tx_bytes == 0) { 978 if (dlci->net) 979 gsm_dlci_data_output_framed(dlci->gsm, dlci); 980 else 981 gsm_dlci_data_output(dlci->gsm, dlci); 982 } 983 if (sweep) 984 gsm_dlci_data_sweep(dlci->gsm); 985 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 986 } 987 988 /* 989 * Control message processing 990 */ 991 992 993 /** 994 * gsm_control_reply - send a response frame to a control 995 * @gsm: gsm channel 996 * @cmd: the command to use 997 * @data: data to follow encoded info 998 * @dlen: length of data 999 * 1000 * Encode up and queue a UI/UIH frame containing our response. 1001 */ 1002 1003 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data, 1004 int dlen) 1005 { 1006 struct gsm_msg *msg; 1007 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1008 if (msg == NULL) 1009 return; 1010 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1011 msg->data[1] = (dlen << 1) | EA; 1012 memcpy(msg->data + 2, data, dlen); 1013 gsm_data_queue(gsm->dlci[0], msg); 1014 } 1015 1016 /** 1017 * gsm_process_modem - process received modem status 1018 * @tty: virtual tty bound to the DLCI 1019 * @dlci: DLCI to affect 1020 * @modem: modem bits (full EA) 1021 * 1022 * Used when a modem control message or line state inline in adaption 1023 * layer 2 is processed. Sort out the local modem state and throttles 1024 */ 1025 1026 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1027 u32 modem, int clen) 1028 { 1029 int mlines = 0; 1030 u8 brk = 0; 1031 int fc; 1032 1033 /* The modem status command can either contain one octet (v.24 signals) 1034 or two octets (v.24 signals + break signals). The length field will 1035 either be 2 or 3 respectively. This is specified in section 1036 5.4.6.3.7 of the 27.010 mux spec. */ 1037 1038 if (clen == 2) 1039 modem = modem & 0x7f; 1040 else { 1041 brk = modem & 0x7f; 1042 modem = (modem >> 7) & 0x7f; 1043 } 1044 1045 /* Flow control/ready to communicate */ 1046 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1047 if (fc && !dlci->constipated) { 1048 /* Need to throttle our output on this device */ 1049 dlci->constipated = 1; 1050 } else if (!fc && dlci->constipated) { 1051 dlci->constipated = 0; 1052 gsm_dlci_data_kick(dlci); 1053 } 1054 1055 /* Map modem bits */ 1056 if (modem & MDM_RTC) 1057 mlines |= TIOCM_DSR | TIOCM_DTR; 1058 if (modem & MDM_RTR) 1059 mlines |= TIOCM_RTS | TIOCM_CTS; 1060 if (modem & MDM_IC) 1061 mlines |= TIOCM_RI; 1062 if (modem & MDM_DV) 1063 mlines |= TIOCM_CD; 1064 1065 /* Carrier drop -> hangup */ 1066 if (tty) { 1067 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1068 if (!(tty->termios.c_cflag & CLOCAL)) 1069 tty_hangup(tty); 1070 } 1071 if (brk & 0x01) 1072 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1073 dlci->modem_rx = mlines; 1074 } 1075 1076 /** 1077 * gsm_control_modem - modem status received 1078 * @gsm: GSM channel 1079 * @data: data following command 1080 * @clen: command length 1081 * 1082 * We have received a modem status control message. This is used by 1083 * the GSM mux protocol to pass virtual modem line status and optionally 1084 * to indicate break signals. Unpack it, convert to Linux representation 1085 * and if need be stuff a break message down the tty. 1086 */ 1087 1088 static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen) 1089 { 1090 unsigned int addr = 0; 1091 unsigned int modem = 0; 1092 struct gsm_dlci *dlci; 1093 int len = clen; 1094 u8 *dp = data; 1095 struct tty_struct *tty; 1096 1097 while (gsm_read_ea(&addr, *dp++) == 0) { 1098 len--; 1099 if (len == 0) 1100 return; 1101 } 1102 /* Must be at least one byte following the EA */ 1103 len--; 1104 if (len <= 0) 1105 return; 1106 1107 addr >>= 1; 1108 /* Closed port, or invalid ? */ 1109 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1110 return; 1111 dlci = gsm->dlci[addr]; 1112 1113 while (gsm_read_ea(&modem, *dp++) == 0) { 1114 len--; 1115 if (len == 0) 1116 return; 1117 } 1118 tty = tty_port_tty_get(&dlci->port); 1119 gsm_process_modem(tty, dlci, modem, clen); 1120 if (tty) { 1121 tty_wakeup(tty); 1122 tty_kref_put(tty); 1123 } 1124 gsm_control_reply(gsm, CMD_MSC, data, clen); 1125 } 1126 1127 /** 1128 * gsm_control_rls - remote line status 1129 * @gsm: GSM channel 1130 * @data: data bytes 1131 * @clen: data length 1132 * 1133 * The modem sends us a two byte message on the control channel whenever 1134 * it wishes to send us an error state from the virtual link. Stuff 1135 * this into the uplink tty if present 1136 */ 1137 1138 static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen) 1139 { 1140 struct tty_port *port; 1141 unsigned int addr = 0; 1142 u8 bits; 1143 int len = clen; 1144 u8 *dp = data; 1145 1146 while (gsm_read_ea(&addr, *dp++) == 0) { 1147 len--; 1148 if (len == 0) 1149 return; 1150 } 1151 /* Must be at least one byte following ea */ 1152 len--; 1153 if (len <= 0) 1154 return; 1155 addr >>= 1; 1156 /* Closed port, or invalid ? */ 1157 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1158 return; 1159 /* No error ? */ 1160 bits = *dp; 1161 if ((bits & 1) == 0) 1162 return; 1163 1164 port = &gsm->dlci[addr]->port; 1165 1166 if (bits & 2) 1167 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1168 if (bits & 4) 1169 tty_insert_flip_char(port, 0, TTY_PARITY); 1170 if (bits & 8) 1171 tty_insert_flip_char(port, 0, TTY_FRAME); 1172 1173 tty_flip_buffer_push(port); 1174 1175 gsm_control_reply(gsm, CMD_RLS, data, clen); 1176 } 1177 1178 static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1179 1180 /** 1181 * gsm_control_message - DLCI 0 control processing 1182 * @gsm: our GSM mux 1183 * @command: the command EA 1184 * @data: data beyond the command/length EAs 1185 * @clen: length 1186 * 1187 * Input processor for control messages from the other end of the link. 1188 * Processes the incoming request and queues a response frame or an 1189 * NSC response if not supported 1190 */ 1191 1192 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1193 u8 *data, int clen) 1194 { 1195 u8 buf[1]; 1196 unsigned long flags; 1197 1198 switch (command) { 1199 case CMD_CLD: { 1200 struct gsm_dlci *dlci = gsm->dlci[0]; 1201 /* Modem wishes to close down */ 1202 if (dlci) { 1203 dlci->dead = 1; 1204 gsm->dead = 1; 1205 gsm_dlci_begin_close(dlci); 1206 } 1207 } 1208 break; 1209 case CMD_TEST: 1210 /* Modem wishes to test, reply with the data */ 1211 gsm_control_reply(gsm, CMD_TEST, data, clen); 1212 break; 1213 case CMD_FCON: 1214 /* Modem can accept data again */ 1215 gsm->constipated = 0; 1216 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1217 /* Kick the link in case it is idling */ 1218 spin_lock_irqsave(&gsm->tx_lock, flags); 1219 gsm_data_kick(gsm); 1220 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1221 break; 1222 case CMD_FCOFF: 1223 /* Modem wants us to STFU */ 1224 gsm->constipated = 1; 1225 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1226 break; 1227 case CMD_MSC: 1228 /* Out of band modem line change indicator for a DLCI */ 1229 gsm_control_modem(gsm, data, clen); 1230 break; 1231 case CMD_RLS: 1232 /* Out of band error reception for a DLCI */ 1233 gsm_control_rls(gsm, data, clen); 1234 break; 1235 case CMD_PSC: 1236 /* Modem wishes to enter power saving state */ 1237 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1238 break; 1239 /* Optional unsupported commands */ 1240 case CMD_PN: /* Parameter negotiation */ 1241 case CMD_RPN: /* Remote port negotiation */ 1242 case CMD_SNC: /* Service negotiation command */ 1243 default: 1244 /* Reply to bad commands with an NSC */ 1245 buf[0] = command; 1246 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1247 break; 1248 } 1249 } 1250 1251 /** 1252 * gsm_control_response - process a response to our control 1253 * @gsm: our GSM mux 1254 * @command: the command (response) EA 1255 * @data: data beyond the command/length EA 1256 * @clen: length 1257 * 1258 * Process a response to an outstanding command. We only allow a single 1259 * control message in flight so this is fairly easy. All the clean up 1260 * is done by the caller, we just update the fields, flag it as done 1261 * and return 1262 */ 1263 1264 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1265 u8 *data, int clen) 1266 { 1267 struct gsm_control *ctrl; 1268 unsigned long flags; 1269 1270 spin_lock_irqsave(&gsm->control_lock, flags); 1271 1272 ctrl = gsm->pending_cmd; 1273 /* Does the reply match our command */ 1274 command |= 1; 1275 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1276 /* Our command was replied to, kill the retry timer */ 1277 del_timer(&gsm->t2_timer); 1278 gsm->pending_cmd = NULL; 1279 /* Rejected by the other end */ 1280 if (command == CMD_NSC) 1281 ctrl->error = -EOPNOTSUPP; 1282 ctrl->done = 1; 1283 wake_up(&gsm->event); 1284 } 1285 spin_unlock_irqrestore(&gsm->control_lock, flags); 1286 } 1287 1288 /** 1289 * gsm_control_transmit - send control packet 1290 * @gsm: gsm mux 1291 * @ctrl: frame to send 1292 * 1293 * Send out a pending control command (called under control lock) 1294 */ 1295 1296 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1297 { 1298 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype); 1299 if (msg == NULL) 1300 return; 1301 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */ 1302 memcpy(msg->data + 1, ctrl->data, ctrl->len); 1303 gsm_data_queue(gsm->dlci[0], msg); 1304 } 1305 1306 /** 1307 * gsm_control_retransmit - retransmit a control frame 1308 * @data: pointer to our gsm object 1309 * 1310 * Called off the T2 timer expiry in order to retransmit control frames 1311 * that have been lost in the system somewhere. The control_lock protects 1312 * us from colliding with another sender or a receive completion event. 1313 * In that situation the timer may still occur in a small window but 1314 * gsm->pending_cmd will be NULL and we just let the timer expire. 1315 */ 1316 1317 static void gsm_control_retransmit(unsigned long data) 1318 { 1319 struct gsm_mux *gsm = (struct gsm_mux *)data; 1320 struct gsm_control *ctrl; 1321 unsigned long flags; 1322 spin_lock_irqsave(&gsm->control_lock, flags); 1323 ctrl = gsm->pending_cmd; 1324 if (ctrl) { 1325 gsm->cretries--; 1326 if (gsm->cretries == 0) { 1327 gsm->pending_cmd = NULL; 1328 ctrl->error = -ETIMEDOUT; 1329 ctrl->done = 1; 1330 spin_unlock_irqrestore(&gsm->control_lock, flags); 1331 wake_up(&gsm->event); 1332 return; 1333 } 1334 gsm_control_transmit(gsm, ctrl); 1335 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1336 } 1337 spin_unlock_irqrestore(&gsm->control_lock, flags); 1338 } 1339 1340 /** 1341 * gsm_control_send - send a control frame on DLCI 0 1342 * @gsm: the GSM channel 1343 * @command: command to send including CR bit 1344 * @data: bytes of data (must be kmalloced) 1345 * @len: length of the block to send 1346 * 1347 * Queue and dispatch a control command. Only one command can be 1348 * active at a time. In theory more can be outstanding but the matching 1349 * gets really complicated so for now stick to one outstanding. 1350 */ 1351 1352 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1353 unsigned int command, u8 *data, int clen) 1354 { 1355 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1356 GFP_KERNEL); 1357 unsigned long flags; 1358 if (ctrl == NULL) 1359 return NULL; 1360 retry: 1361 wait_event(gsm->event, gsm->pending_cmd == NULL); 1362 spin_lock_irqsave(&gsm->control_lock, flags); 1363 if (gsm->pending_cmd != NULL) { 1364 spin_unlock_irqrestore(&gsm->control_lock, flags); 1365 goto retry; 1366 } 1367 ctrl->cmd = command; 1368 ctrl->data = data; 1369 ctrl->len = clen; 1370 gsm->pending_cmd = ctrl; 1371 gsm->cretries = gsm->n2; 1372 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1373 gsm_control_transmit(gsm, ctrl); 1374 spin_unlock_irqrestore(&gsm->control_lock, flags); 1375 return ctrl; 1376 } 1377 1378 /** 1379 * gsm_control_wait - wait for a control to finish 1380 * @gsm: GSM mux 1381 * @control: control we are waiting on 1382 * 1383 * Waits for the control to complete or time out. Frees any used 1384 * resources and returns 0 for success, or an error if the remote 1385 * rejected or ignored the request. 1386 */ 1387 1388 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1389 { 1390 int err; 1391 wait_event(gsm->event, control->done == 1); 1392 err = control->error; 1393 kfree(control); 1394 return err; 1395 } 1396 1397 1398 /* 1399 * DLCI level handling: Needs krefs 1400 */ 1401 1402 /* 1403 * State transitions and timers 1404 */ 1405 1406 /** 1407 * gsm_dlci_close - a DLCI has closed 1408 * @dlci: DLCI that closed 1409 * 1410 * Perform processing when moving a DLCI into closed state. If there 1411 * is an attached tty this is hung up 1412 */ 1413 1414 static void gsm_dlci_close(struct gsm_dlci *dlci) 1415 { 1416 del_timer(&dlci->t1); 1417 if (debug & 8) 1418 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1419 dlci->state = DLCI_CLOSED; 1420 if (dlci->addr != 0) { 1421 tty_port_tty_hangup(&dlci->port, false); 1422 kfifo_reset(dlci->fifo); 1423 } else 1424 dlci->gsm->dead = 1; 1425 wake_up(&dlci->gsm->event); 1426 /* A DLCI 0 close is a MUX termination so we need to kick that 1427 back to userspace somehow */ 1428 } 1429 1430 /** 1431 * gsm_dlci_open - a DLCI has opened 1432 * @dlci: DLCI that opened 1433 * 1434 * Perform processing when moving a DLCI into open state. 1435 */ 1436 1437 static void gsm_dlci_open(struct gsm_dlci *dlci) 1438 { 1439 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1440 open -> open */ 1441 del_timer(&dlci->t1); 1442 /* This will let a tty open continue */ 1443 dlci->state = DLCI_OPEN; 1444 if (debug & 8) 1445 pr_debug("DLCI %d goes open.\n", dlci->addr); 1446 wake_up(&dlci->gsm->event); 1447 } 1448 1449 /** 1450 * gsm_dlci_t1 - T1 timer expiry 1451 * @dlci: DLCI that opened 1452 * 1453 * The T1 timer handles retransmits of control frames (essentially of 1454 * SABM and DISC). We resend the command until the retry count runs out 1455 * in which case an opening port goes back to closed and a closing port 1456 * is simply put into closed state (any further frames from the other 1457 * end will get a DM response) 1458 */ 1459 1460 static void gsm_dlci_t1(unsigned long data) 1461 { 1462 struct gsm_dlci *dlci = (struct gsm_dlci *)data; 1463 struct gsm_mux *gsm = dlci->gsm; 1464 1465 switch (dlci->state) { 1466 case DLCI_OPENING: 1467 dlci->retries--; 1468 if (dlci->retries) { 1469 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1470 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1471 } else 1472 gsm_dlci_close(dlci); 1473 break; 1474 case DLCI_CLOSING: 1475 dlci->retries--; 1476 if (dlci->retries) { 1477 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1478 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1479 } else 1480 gsm_dlci_close(dlci); 1481 break; 1482 } 1483 } 1484 1485 /** 1486 * gsm_dlci_begin_open - start channel open procedure 1487 * @dlci: DLCI to open 1488 * 1489 * Commence opening a DLCI from the Linux side. We issue SABM messages 1490 * to the modem which should then reply with a UA, at which point we 1491 * will move into open state. Opening is done asynchronously with retry 1492 * running off timers and the responses. 1493 */ 1494 1495 static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1496 { 1497 struct gsm_mux *gsm = dlci->gsm; 1498 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1499 return; 1500 dlci->retries = gsm->n2; 1501 dlci->state = DLCI_OPENING; 1502 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1503 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1504 } 1505 1506 /** 1507 * gsm_dlci_begin_close - start channel open procedure 1508 * @dlci: DLCI to open 1509 * 1510 * Commence closing a DLCI from the Linux side. We issue DISC messages 1511 * to the modem which should then reply with a UA, at which point we 1512 * will move into closed state. Closing is done asynchronously with retry 1513 * off timers. We may also receive a DM reply from the other end which 1514 * indicates the channel was already closed. 1515 */ 1516 1517 static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1518 { 1519 struct gsm_mux *gsm = dlci->gsm; 1520 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1521 return; 1522 dlci->retries = gsm->n2; 1523 dlci->state = DLCI_CLOSING; 1524 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1525 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1526 } 1527 1528 /** 1529 * gsm_dlci_data - data arrived 1530 * @dlci: channel 1531 * @data: block of bytes received 1532 * @len: length of received block 1533 * 1534 * A UI or UIH frame has arrived which contains data for a channel 1535 * other than the control channel. If the relevant virtual tty is 1536 * open we shovel the bits down it, if not we drop them. 1537 */ 1538 1539 static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen) 1540 { 1541 /* krefs .. */ 1542 struct tty_port *port = &dlci->port; 1543 struct tty_struct *tty; 1544 unsigned int modem = 0; 1545 int len = clen; 1546 1547 if (debug & 16) 1548 pr_debug("%d bytes for tty\n", len); 1549 switch (dlci->adaption) { 1550 /* Unsupported types */ 1551 /* Packetised interruptible data */ 1552 case 4: 1553 break; 1554 /* Packetised uininterruptible voice/data */ 1555 case 3: 1556 break; 1557 /* Asynchronous serial with line state in each frame */ 1558 case 2: 1559 while (gsm_read_ea(&modem, *data++) == 0) { 1560 len--; 1561 if (len == 0) 1562 return; 1563 } 1564 tty = tty_port_tty_get(port); 1565 if (tty) { 1566 gsm_process_modem(tty, dlci, modem, clen); 1567 tty_kref_put(tty); 1568 } 1569 /* Line state will go via DLCI 0 controls only */ 1570 case 1: 1571 default: 1572 tty_insert_flip_string(port, data, len); 1573 tty_flip_buffer_push(port); 1574 } 1575 } 1576 1577 /** 1578 * gsm_dlci_control - data arrived on control channel 1579 * @dlci: channel 1580 * @data: block of bytes received 1581 * @len: length of received block 1582 * 1583 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1584 * control channel. This should contain a command EA followed by 1585 * control data bytes. The command EA contains a command/response bit 1586 * and we divide up the work accordingly. 1587 */ 1588 1589 static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len) 1590 { 1591 /* See what command is involved */ 1592 unsigned int command = 0; 1593 while (len-- > 0) { 1594 if (gsm_read_ea(&command, *data++) == 1) { 1595 int clen = *data++; 1596 len--; 1597 /* FIXME: this is properly an EA */ 1598 clen >>= 1; 1599 /* Malformed command ? */ 1600 if (clen > len) 1601 return; 1602 if (command & 1) 1603 gsm_control_message(dlci->gsm, command, 1604 data, clen); 1605 else 1606 gsm_control_response(dlci->gsm, command, 1607 data, clen); 1608 return; 1609 } 1610 } 1611 } 1612 1613 /* 1614 * Allocate/Free DLCI channels 1615 */ 1616 1617 /** 1618 * gsm_dlci_alloc - allocate a DLCI 1619 * @gsm: GSM mux 1620 * @addr: address of the DLCI 1621 * 1622 * Allocate and install a new DLCI object into the GSM mux. 1623 * 1624 * FIXME: review locking races 1625 */ 1626 1627 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1628 { 1629 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1630 if (dlci == NULL) 1631 return NULL; 1632 spin_lock_init(&dlci->lock); 1633 mutex_init(&dlci->mutex); 1634 dlci->fifo = &dlci->_fifo; 1635 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) { 1636 kfree(dlci); 1637 return NULL; 1638 } 1639 1640 skb_queue_head_init(&dlci->skb_list); 1641 init_timer(&dlci->t1); 1642 dlci->t1.function = gsm_dlci_t1; 1643 dlci->t1.data = (unsigned long)dlci; 1644 tty_port_init(&dlci->port); 1645 dlci->port.ops = &gsm_port_ops; 1646 dlci->gsm = gsm; 1647 dlci->addr = addr; 1648 dlci->adaption = gsm->adaption; 1649 dlci->state = DLCI_CLOSED; 1650 if (addr) 1651 dlci->data = gsm_dlci_data; 1652 else 1653 dlci->data = gsm_dlci_command; 1654 gsm->dlci[addr] = dlci; 1655 return dlci; 1656 } 1657 1658 /** 1659 * gsm_dlci_free - free DLCI 1660 * @dlci: DLCI to free 1661 * 1662 * Free up a DLCI. 1663 * 1664 * Can sleep. 1665 */ 1666 static void gsm_dlci_free(struct tty_port *port) 1667 { 1668 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1669 1670 del_timer_sync(&dlci->t1); 1671 dlci->gsm->dlci[dlci->addr] = NULL; 1672 kfifo_free(dlci->fifo); 1673 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1674 dev_kfree_skb(dlci->skb); 1675 kfree(dlci); 1676 } 1677 1678 static inline void dlci_get(struct gsm_dlci *dlci) 1679 { 1680 tty_port_get(&dlci->port); 1681 } 1682 1683 static inline void dlci_put(struct gsm_dlci *dlci) 1684 { 1685 tty_port_put(&dlci->port); 1686 } 1687 1688 static void gsm_destroy_network(struct gsm_dlci *dlci); 1689 1690 /** 1691 * gsm_dlci_release - release DLCI 1692 * @dlci: DLCI to destroy 1693 * 1694 * Release a DLCI. Actual free is deferred until either 1695 * mux is closed or tty is closed - whichever is last. 1696 * 1697 * Can sleep. 1698 */ 1699 static void gsm_dlci_release(struct gsm_dlci *dlci) 1700 { 1701 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1702 if (tty) { 1703 mutex_lock(&dlci->mutex); 1704 gsm_destroy_network(dlci); 1705 mutex_unlock(&dlci->mutex); 1706 1707 /* tty_vhangup needs the tty_lock, so unlock and 1708 relock after doing the hangup. */ 1709 tty_unlock(tty); 1710 tty_vhangup(tty); 1711 tty_lock(tty); 1712 tty_port_tty_set(&dlci->port, NULL); 1713 tty_kref_put(tty); 1714 } 1715 dlci->state = DLCI_CLOSED; 1716 dlci_put(dlci); 1717 } 1718 1719 /* 1720 * LAPBish link layer logic 1721 */ 1722 1723 /** 1724 * gsm_queue - a GSM frame is ready to process 1725 * @gsm: pointer to our gsm mux 1726 * 1727 * At this point in time a frame has arrived and been demangled from 1728 * the line encoding. All the differences between the encodings have 1729 * been handled below us and the frame is unpacked into the structures. 1730 * The fcs holds the header FCS but any data FCS must be added here. 1731 */ 1732 1733 static void gsm_queue(struct gsm_mux *gsm) 1734 { 1735 struct gsm_dlci *dlci; 1736 u8 cr; 1737 int address; 1738 /* We have to sneak a look at the packet body to do the FCS. 1739 A somewhat layering violation in the spec */ 1740 1741 if ((gsm->control & ~PF) == UI) 1742 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len); 1743 if (gsm->encoding == 0) { 1744 /* WARNING: gsm->received_fcs is used for 1745 gsm->encoding = 0 only. 1746 In this case it contain the last piece of data 1747 required to generate final CRC */ 1748 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs); 1749 } 1750 if (gsm->fcs != GOOD_FCS) { 1751 gsm->bad_fcs++; 1752 if (debug & 4) 1753 pr_debug("BAD FCS %02x\n", gsm->fcs); 1754 return; 1755 } 1756 address = gsm->address >> 1; 1757 if (address >= NUM_DLCI) 1758 goto invalid; 1759 1760 cr = gsm->address & 1; /* C/R bit */ 1761 1762 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1763 1764 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */ 1765 dlci = gsm->dlci[address]; 1766 1767 switch (gsm->control) { 1768 case SABM|PF: 1769 if (cr == 0) 1770 goto invalid; 1771 if (dlci == NULL) 1772 dlci = gsm_dlci_alloc(gsm, address); 1773 if (dlci == NULL) 1774 return; 1775 if (dlci->dead) 1776 gsm_response(gsm, address, DM); 1777 else { 1778 gsm_response(gsm, address, UA); 1779 gsm_dlci_open(dlci); 1780 } 1781 break; 1782 case DISC|PF: 1783 if (cr == 0) 1784 goto invalid; 1785 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1786 gsm_response(gsm, address, DM); 1787 return; 1788 } 1789 /* Real close complete */ 1790 gsm_response(gsm, address, UA); 1791 gsm_dlci_close(dlci); 1792 break; 1793 case UA: 1794 case UA|PF: 1795 if (cr == 0 || dlci == NULL) 1796 break; 1797 switch (dlci->state) { 1798 case DLCI_CLOSING: 1799 gsm_dlci_close(dlci); 1800 break; 1801 case DLCI_OPENING: 1802 gsm_dlci_open(dlci); 1803 break; 1804 } 1805 break; 1806 case DM: /* DM can be valid unsolicited */ 1807 case DM|PF: 1808 if (cr) 1809 goto invalid; 1810 if (dlci == NULL) 1811 return; 1812 gsm_dlci_close(dlci); 1813 break; 1814 case UI: 1815 case UI|PF: 1816 case UIH: 1817 case UIH|PF: 1818 #if 0 1819 if (cr) 1820 goto invalid; 1821 #endif 1822 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1823 gsm_command(gsm, address, DM|PF); 1824 return; 1825 } 1826 dlci->data(dlci, gsm->buf, gsm->len); 1827 break; 1828 default: 1829 goto invalid; 1830 } 1831 return; 1832 invalid: 1833 gsm->malformed++; 1834 return; 1835 } 1836 1837 1838 /** 1839 * gsm0_receive - perform processing for non-transparency 1840 * @gsm: gsm data for this ldisc instance 1841 * @c: character 1842 * 1843 * Receive bytes in gsm mode 0 1844 */ 1845 1846 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1847 { 1848 unsigned int len; 1849 1850 switch (gsm->state) { 1851 case GSM_SEARCH: /* SOF marker */ 1852 if (c == GSM0_SOF) { 1853 gsm->state = GSM_ADDRESS; 1854 gsm->address = 0; 1855 gsm->len = 0; 1856 gsm->fcs = INIT_FCS; 1857 } 1858 break; 1859 case GSM_ADDRESS: /* Address EA */ 1860 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1861 if (gsm_read_ea(&gsm->address, c)) 1862 gsm->state = GSM_CONTROL; 1863 break; 1864 case GSM_CONTROL: /* Control Byte */ 1865 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1866 gsm->control = c; 1867 gsm->state = GSM_LEN0; 1868 break; 1869 case GSM_LEN0: /* Length EA */ 1870 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1871 if (gsm_read_ea(&gsm->len, c)) { 1872 if (gsm->len > gsm->mru) { 1873 gsm->bad_size++; 1874 gsm->state = GSM_SEARCH; 1875 break; 1876 } 1877 gsm->count = 0; 1878 if (!gsm->len) 1879 gsm->state = GSM_FCS; 1880 else 1881 gsm->state = GSM_DATA; 1882 break; 1883 } 1884 gsm->state = GSM_LEN1; 1885 break; 1886 case GSM_LEN1: 1887 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1888 len = c; 1889 gsm->len |= len << 7; 1890 if (gsm->len > gsm->mru) { 1891 gsm->bad_size++; 1892 gsm->state = GSM_SEARCH; 1893 break; 1894 } 1895 gsm->count = 0; 1896 if (!gsm->len) 1897 gsm->state = GSM_FCS; 1898 else 1899 gsm->state = GSM_DATA; 1900 break; 1901 case GSM_DATA: /* Data */ 1902 gsm->buf[gsm->count++] = c; 1903 if (gsm->count == gsm->len) 1904 gsm->state = GSM_FCS; 1905 break; 1906 case GSM_FCS: /* FCS follows the packet */ 1907 gsm->received_fcs = c; 1908 gsm_queue(gsm); 1909 gsm->state = GSM_SSOF; 1910 break; 1911 case GSM_SSOF: 1912 if (c == GSM0_SOF) { 1913 gsm->state = GSM_SEARCH; 1914 break; 1915 } 1916 break; 1917 } 1918 } 1919 1920 /** 1921 * gsm1_receive - perform processing for non-transparency 1922 * @gsm: gsm data for this ldisc instance 1923 * @c: character 1924 * 1925 * Receive bytes in mode 1 (Advanced option) 1926 */ 1927 1928 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 1929 { 1930 if (c == GSM1_SOF) { 1931 /* EOF is only valid in frame if we have got to the data state 1932 and received at least one byte (the FCS) */ 1933 if (gsm->state == GSM_DATA && gsm->count) { 1934 /* Extract the FCS */ 1935 gsm->count--; 1936 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 1937 gsm->len = gsm->count; 1938 gsm_queue(gsm); 1939 gsm->state = GSM_START; 1940 return; 1941 } 1942 /* Any partial frame was a runt so go back to start */ 1943 if (gsm->state != GSM_START) { 1944 gsm->malformed++; 1945 gsm->state = GSM_START; 1946 } 1947 /* A SOF in GSM_START means we are still reading idling or 1948 framing bytes */ 1949 return; 1950 } 1951 1952 if (c == GSM1_ESCAPE) { 1953 gsm->escape = 1; 1954 return; 1955 } 1956 1957 /* Only an unescaped SOF gets us out of GSM search */ 1958 if (gsm->state == GSM_SEARCH) 1959 return; 1960 1961 if (gsm->escape) { 1962 c ^= GSM1_ESCAPE_BITS; 1963 gsm->escape = 0; 1964 } 1965 switch (gsm->state) { 1966 case GSM_START: /* First byte after SOF */ 1967 gsm->address = 0; 1968 gsm->state = GSM_ADDRESS; 1969 gsm->fcs = INIT_FCS; 1970 /* Drop through */ 1971 case GSM_ADDRESS: /* Address continuation */ 1972 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1973 if (gsm_read_ea(&gsm->address, c)) 1974 gsm->state = GSM_CONTROL; 1975 break; 1976 case GSM_CONTROL: /* Control Byte */ 1977 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1978 gsm->control = c; 1979 gsm->count = 0; 1980 gsm->state = GSM_DATA; 1981 break; 1982 case GSM_DATA: /* Data */ 1983 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 1984 gsm->state = GSM_OVERRUN; 1985 gsm->bad_size++; 1986 } else 1987 gsm->buf[gsm->count++] = c; 1988 break; 1989 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 1990 break; 1991 } 1992 } 1993 1994 /** 1995 * gsm_error - handle tty error 1996 * @gsm: ldisc data 1997 * @data: byte received (may be invalid) 1998 * @flag: error received 1999 * 2000 * Handle an error in the receipt of data for a frame. Currently we just 2001 * go back to hunting for a SOF. 2002 * 2003 * FIXME: better diagnostics ? 2004 */ 2005 2006 static void gsm_error(struct gsm_mux *gsm, 2007 unsigned char data, unsigned char flag) 2008 { 2009 gsm->state = GSM_SEARCH; 2010 gsm->io_error++; 2011 } 2012 2013 /** 2014 * gsm_cleanup_mux - generic GSM protocol cleanup 2015 * @gsm: our mux 2016 * 2017 * Clean up the bits of the mux which are the same for all framing 2018 * protocols. Remove the mux from the mux table, stop all the timers 2019 * and then shut down each device hanging up the channels as we go. 2020 */ 2021 2022 void gsm_cleanup_mux(struct gsm_mux *gsm) 2023 { 2024 int i; 2025 struct gsm_dlci *dlci = gsm->dlci[0]; 2026 struct gsm_msg *txq, *ntxq; 2027 struct gsm_control *gc; 2028 2029 gsm->dead = 1; 2030 2031 spin_lock(&gsm_mux_lock); 2032 for (i = 0; i < MAX_MUX; i++) { 2033 if (gsm_mux[i] == gsm) { 2034 gsm_mux[i] = NULL; 2035 break; 2036 } 2037 } 2038 spin_unlock(&gsm_mux_lock); 2039 WARN_ON(i == MAX_MUX); 2040 2041 /* In theory disconnecting DLCI 0 is sufficient but for some 2042 modems this is apparently not the case. */ 2043 if (dlci) { 2044 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0); 2045 if (gc) 2046 gsm_control_wait(gsm, gc); 2047 } 2048 del_timer_sync(&gsm->t2_timer); 2049 /* Now we are sure T2 has stopped */ 2050 if (dlci) { 2051 dlci->dead = 1; 2052 gsm_dlci_begin_close(dlci); 2053 wait_event_interruptible(gsm->event, 2054 dlci->state == DLCI_CLOSED); 2055 } 2056 /* Free up any link layer users */ 2057 for (i = 0; i < NUM_DLCI; i++) 2058 if (gsm->dlci[i]) 2059 gsm_dlci_release(gsm->dlci[i]); 2060 /* Now wipe the queues */ 2061 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2062 kfree(txq); 2063 INIT_LIST_HEAD(&gsm->tx_list); 2064 } 2065 EXPORT_SYMBOL_GPL(gsm_cleanup_mux); 2066 2067 /** 2068 * gsm_activate_mux - generic GSM setup 2069 * @gsm: our mux 2070 * 2071 * Set up the bits of the mux which are the same for all framing 2072 * protocols. Add the mux to the mux table so it can be opened and 2073 * finally kick off connecting to DLCI 0 on the modem. 2074 */ 2075 2076 int gsm_activate_mux(struct gsm_mux *gsm) 2077 { 2078 struct gsm_dlci *dlci; 2079 int i = 0; 2080 2081 init_timer(&gsm->t2_timer); 2082 gsm->t2_timer.function = gsm_control_retransmit; 2083 gsm->t2_timer.data = (unsigned long)gsm; 2084 init_waitqueue_head(&gsm->event); 2085 spin_lock_init(&gsm->control_lock); 2086 spin_lock_init(&gsm->tx_lock); 2087 2088 if (gsm->encoding == 0) 2089 gsm->receive = gsm0_receive; 2090 else 2091 gsm->receive = gsm1_receive; 2092 gsm->error = gsm_error; 2093 2094 spin_lock(&gsm_mux_lock); 2095 for (i = 0; i < MAX_MUX; i++) { 2096 if (gsm_mux[i] == NULL) { 2097 gsm->num = i; 2098 gsm_mux[i] = gsm; 2099 break; 2100 } 2101 } 2102 spin_unlock(&gsm_mux_lock); 2103 if (i == MAX_MUX) 2104 return -EBUSY; 2105 2106 dlci = gsm_dlci_alloc(gsm, 0); 2107 if (dlci == NULL) 2108 return -ENOMEM; 2109 gsm->dead = 0; /* Tty opens are now permissible */ 2110 return 0; 2111 } 2112 EXPORT_SYMBOL_GPL(gsm_activate_mux); 2113 2114 /** 2115 * gsm_free_mux - free up a mux 2116 * @mux: mux to free 2117 * 2118 * Dispose of allocated resources for a dead mux 2119 */ 2120 void gsm_free_mux(struct gsm_mux *gsm) 2121 { 2122 kfree(gsm->txframe); 2123 kfree(gsm->buf); 2124 kfree(gsm); 2125 } 2126 EXPORT_SYMBOL_GPL(gsm_free_mux); 2127 2128 /** 2129 * gsm_free_muxr - free up a mux 2130 * @mux: mux to free 2131 * 2132 * Dispose of allocated resources for a dead mux 2133 */ 2134 static void gsm_free_muxr(struct kref *ref) 2135 { 2136 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2137 gsm_free_mux(gsm); 2138 } 2139 2140 static inline void mux_get(struct gsm_mux *gsm) 2141 { 2142 kref_get(&gsm->ref); 2143 } 2144 2145 static inline void mux_put(struct gsm_mux *gsm) 2146 { 2147 kref_put(&gsm->ref, gsm_free_muxr); 2148 } 2149 2150 /** 2151 * gsm_alloc_mux - allocate a mux 2152 * 2153 * Creates a new mux ready for activation. 2154 */ 2155 2156 struct gsm_mux *gsm_alloc_mux(void) 2157 { 2158 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2159 if (gsm == NULL) 2160 return NULL; 2161 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2162 if (gsm->buf == NULL) { 2163 kfree(gsm); 2164 return NULL; 2165 } 2166 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL); 2167 if (gsm->txframe == NULL) { 2168 kfree(gsm->buf); 2169 kfree(gsm); 2170 return NULL; 2171 } 2172 spin_lock_init(&gsm->lock); 2173 kref_init(&gsm->ref); 2174 INIT_LIST_HEAD(&gsm->tx_list); 2175 2176 gsm->t1 = T1; 2177 gsm->t2 = T2; 2178 gsm->n2 = N2; 2179 gsm->ftype = UIH; 2180 gsm->adaption = 1; 2181 gsm->encoding = 1; 2182 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2183 gsm->mtu = 64; 2184 gsm->dead = 1; /* Avoid early tty opens */ 2185 2186 return gsm; 2187 } 2188 EXPORT_SYMBOL_GPL(gsm_alloc_mux); 2189 2190 /** 2191 * gsmld_output - write to link 2192 * @gsm: our mux 2193 * @data: bytes to output 2194 * @len: size 2195 * 2196 * Write a block of data from the GSM mux to the data channel. This 2197 * will eventually be serialized from above but at the moment isn't. 2198 */ 2199 2200 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2201 { 2202 if (tty_write_room(gsm->tty) < len) { 2203 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2204 return -ENOSPC; 2205 } 2206 if (debug & 4) 2207 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET, 2208 data, len); 2209 gsm->tty->ops->write(gsm->tty, data, len); 2210 return len; 2211 } 2212 2213 /** 2214 * gsmld_attach_gsm - mode set up 2215 * @tty: our tty structure 2216 * @gsm: our mux 2217 * 2218 * Set up the MUX for basic mode and commence connecting to the 2219 * modem. Currently called from the line discipline set up but 2220 * will need moving to an ioctl path. 2221 */ 2222 2223 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2224 { 2225 int ret, i; 2226 int base = gsm->num << 6; /* Base for this MUX */ 2227 2228 gsm->tty = tty_kref_get(tty); 2229 gsm->output = gsmld_output; 2230 ret = gsm_activate_mux(gsm); 2231 if (ret != 0) 2232 tty_kref_put(gsm->tty); 2233 else { 2234 /* Don't register device 0 - this is the control channel and not 2235 a usable tty interface */ 2236 for (i = 1; i < NUM_DLCI; i++) 2237 tty_register_device(gsm_tty_driver, base + i, NULL); 2238 } 2239 return ret; 2240 } 2241 2242 2243 /** 2244 * gsmld_detach_gsm - stop doing 0710 mux 2245 * @tty: tty attached to the mux 2246 * @gsm: mux 2247 * 2248 * Shutdown and then clean up the resources used by the line discipline 2249 */ 2250 2251 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2252 { 2253 int i; 2254 int base = gsm->num << 6; /* Base for this MUX */ 2255 2256 WARN_ON(tty != gsm->tty); 2257 for (i = 1; i < NUM_DLCI; i++) 2258 tty_unregister_device(gsm_tty_driver, base + i); 2259 gsm_cleanup_mux(gsm); 2260 tty_kref_put(gsm->tty); 2261 gsm->tty = NULL; 2262 } 2263 2264 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2265 char *fp, int count) 2266 { 2267 struct gsm_mux *gsm = tty->disc_data; 2268 const unsigned char *dp; 2269 char *f; 2270 int i; 2271 char buf[64]; 2272 char flags; 2273 2274 if (debug & 4) 2275 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET, 2276 cp, count); 2277 2278 for (i = count, dp = cp, f = fp; i; i--, dp++) { 2279 flags = *f++; 2280 switch (flags) { 2281 case TTY_NORMAL: 2282 gsm->receive(gsm, *dp); 2283 break; 2284 case TTY_OVERRUN: 2285 case TTY_BREAK: 2286 case TTY_PARITY: 2287 case TTY_FRAME: 2288 gsm->error(gsm, *dp, flags); 2289 break; 2290 default: 2291 WARN_ONCE(1, "%s: unknown flag %d\n", 2292 tty_name(tty, buf), flags); 2293 break; 2294 } 2295 } 2296 /* FASYNC if needed ? */ 2297 /* If clogged call tty_throttle(tty); */ 2298 } 2299 2300 /** 2301 * gsmld_chars_in_buffer - report available bytes 2302 * @tty: tty device 2303 * 2304 * Report the number of characters buffered to be delivered to user 2305 * at this instant in time. 2306 * 2307 * Locking: gsm lock 2308 */ 2309 2310 static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty) 2311 { 2312 return 0; 2313 } 2314 2315 /** 2316 * gsmld_flush_buffer - clean input queue 2317 * @tty: terminal device 2318 * 2319 * Flush the input buffer. Called when the line discipline is 2320 * being closed, when the tty layer wants the buffer flushed (eg 2321 * at hangup). 2322 */ 2323 2324 static void gsmld_flush_buffer(struct tty_struct *tty) 2325 { 2326 } 2327 2328 /** 2329 * gsmld_close - close the ldisc for this tty 2330 * @tty: device 2331 * 2332 * Called from the terminal layer when this line discipline is 2333 * being shut down, either because of a close or becsuse of a 2334 * discipline change. The function will not be called while other 2335 * ldisc methods are in progress. 2336 */ 2337 2338 static void gsmld_close(struct tty_struct *tty) 2339 { 2340 struct gsm_mux *gsm = tty->disc_data; 2341 2342 gsmld_detach_gsm(tty, gsm); 2343 2344 gsmld_flush_buffer(tty); 2345 /* Do other clean up here */ 2346 mux_put(gsm); 2347 } 2348 2349 /** 2350 * gsmld_open - open an ldisc 2351 * @tty: terminal to open 2352 * 2353 * Called when this line discipline is being attached to the 2354 * terminal device. Can sleep. Called serialized so that no 2355 * other events will occur in parallel. No further open will occur 2356 * until a close. 2357 */ 2358 2359 static int gsmld_open(struct tty_struct *tty) 2360 { 2361 struct gsm_mux *gsm; 2362 2363 if (tty->ops->write == NULL) 2364 return -EINVAL; 2365 2366 /* Attach our ldisc data */ 2367 gsm = gsm_alloc_mux(); 2368 if (gsm == NULL) 2369 return -ENOMEM; 2370 2371 tty->disc_data = gsm; 2372 tty->receive_room = 65536; 2373 2374 /* Attach the initial passive connection */ 2375 gsm->encoding = 1; 2376 return gsmld_attach_gsm(tty, gsm); 2377 } 2378 2379 /** 2380 * gsmld_write_wakeup - asynchronous I/O notifier 2381 * @tty: tty device 2382 * 2383 * Required for the ptys, serial driver etc. since processes 2384 * that attach themselves to the master and rely on ASYNC 2385 * IO must be woken up 2386 */ 2387 2388 static void gsmld_write_wakeup(struct tty_struct *tty) 2389 { 2390 struct gsm_mux *gsm = tty->disc_data; 2391 unsigned long flags; 2392 2393 /* Queue poll */ 2394 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2395 spin_lock_irqsave(&gsm->tx_lock, flags); 2396 gsm_data_kick(gsm); 2397 if (gsm->tx_bytes < TX_THRESH_LO) { 2398 gsm_dlci_data_sweep(gsm); 2399 } 2400 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2401 } 2402 2403 /** 2404 * gsmld_read - read function for tty 2405 * @tty: tty device 2406 * @file: file object 2407 * @buf: userspace buffer pointer 2408 * @nr: size of I/O 2409 * 2410 * Perform reads for the line discipline. We are guaranteed that the 2411 * line discipline will not be closed under us but we may get multiple 2412 * parallel readers and must handle this ourselves. We may also get 2413 * a hangup. Always called in user context, may sleep. 2414 * 2415 * This code must be sure never to sleep through a hangup. 2416 */ 2417 2418 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2419 unsigned char __user *buf, size_t nr) 2420 { 2421 return -EOPNOTSUPP; 2422 } 2423 2424 /** 2425 * gsmld_write - write function for tty 2426 * @tty: tty device 2427 * @file: file object 2428 * @buf: userspace buffer pointer 2429 * @nr: size of I/O 2430 * 2431 * Called when the owner of the device wants to send a frame 2432 * itself (or some other control data). The data is transferred 2433 * as-is and must be properly framed and checksummed as appropriate 2434 * by userspace. Frames are either sent whole or not at all as this 2435 * avoids pain user side. 2436 */ 2437 2438 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2439 const unsigned char *buf, size_t nr) 2440 { 2441 int space = tty_write_room(tty); 2442 if (space >= nr) 2443 return tty->ops->write(tty, buf, nr); 2444 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2445 return -ENOBUFS; 2446 } 2447 2448 /** 2449 * gsmld_poll - poll method for N_GSM0710 2450 * @tty: terminal device 2451 * @file: file accessing it 2452 * @wait: poll table 2453 * 2454 * Called when the line discipline is asked to poll() for data or 2455 * for special events. This code is not serialized with respect to 2456 * other events save open/close. 2457 * 2458 * This code must be sure never to sleep through a hangup. 2459 * Called without the kernel lock held - fine 2460 */ 2461 2462 static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file, 2463 poll_table *wait) 2464 { 2465 unsigned int mask = 0; 2466 struct gsm_mux *gsm = tty->disc_data; 2467 2468 poll_wait(file, &tty->read_wait, wait); 2469 poll_wait(file, &tty->write_wait, wait); 2470 if (tty_hung_up_p(file)) 2471 mask |= POLLHUP; 2472 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2473 mask |= POLLOUT | POLLWRNORM; 2474 if (gsm->dead) 2475 mask |= POLLHUP; 2476 return mask; 2477 } 2478 2479 static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm, 2480 struct gsm_config *c) 2481 { 2482 int need_close = 0; 2483 int need_restart = 0; 2484 2485 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2486 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2487 return -EOPNOTSUPP; 2488 /* Check the MRU/MTU range looks sane */ 2489 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2490 return -EINVAL; 2491 if (c->n2 < 3) 2492 return -EINVAL; 2493 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2494 return -EINVAL; 2495 if (c->initiator > 1) 2496 return -EINVAL; 2497 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2498 return -EINVAL; 2499 /* 2500 * See what is needed for reconfiguration 2501 */ 2502 2503 /* Timing fields */ 2504 if (c->t1 != 0 && c->t1 != gsm->t1) 2505 need_restart = 1; 2506 if (c->t2 != 0 && c->t2 != gsm->t2) 2507 need_restart = 1; 2508 if (c->encapsulation != gsm->encoding) 2509 need_restart = 1; 2510 if (c->adaption != gsm->adaption) 2511 need_restart = 1; 2512 /* Requires care */ 2513 if (c->initiator != gsm->initiator) 2514 need_close = 1; 2515 if (c->mru != gsm->mru) 2516 need_restart = 1; 2517 if (c->mtu != gsm->mtu) 2518 need_restart = 1; 2519 2520 /* 2521 * Close down what is needed, restart and initiate the new 2522 * configuration 2523 */ 2524 2525 if (need_close || need_restart) { 2526 gsm_dlci_begin_close(gsm->dlci[0]); 2527 /* This will timeout if the link is down due to N2 expiring */ 2528 wait_event_interruptible(gsm->event, 2529 gsm->dlci[0]->state == DLCI_CLOSED); 2530 if (signal_pending(current)) 2531 return -EINTR; 2532 } 2533 if (need_restart) 2534 gsm_cleanup_mux(gsm); 2535 2536 gsm->initiator = c->initiator; 2537 gsm->mru = c->mru; 2538 gsm->mtu = c->mtu; 2539 gsm->encoding = c->encapsulation; 2540 gsm->adaption = c->adaption; 2541 gsm->n2 = c->n2; 2542 2543 if (c->i == 1) 2544 gsm->ftype = UIH; 2545 else if (c->i == 2) 2546 gsm->ftype = UI; 2547 2548 if (c->t1) 2549 gsm->t1 = c->t1; 2550 if (c->t2) 2551 gsm->t2 = c->t2; 2552 2553 /* FIXME: We need to separate activation/deactivation from adding 2554 and removing from the mux array */ 2555 if (need_restart) 2556 gsm_activate_mux(gsm); 2557 if (gsm->initiator && need_close) 2558 gsm_dlci_begin_open(gsm->dlci[0]); 2559 return 0; 2560 } 2561 2562 static int gsmld_ioctl(struct tty_struct *tty, struct file *file, 2563 unsigned int cmd, unsigned long arg) 2564 { 2565 struct gsm_config c; 2566 struct gsm_mux *gsm = tty->disc_data; 2567 2568 switch (cmd) { 2569 case GSMIOC_GETCONF: 2570 memset(&c, 0, sizeof(c)); 2571 c.adaption = gsm->adaption; 2572 c.encapsulation = gsm->encoding; 2573 c.initiator = gsm->initiator; 2574 c.t1 = gsm->t1; 2575 c.t2 = gsm->t2; 2576 c.t3 = 0; /* Not supported */ 2577 c.n2 = gsm->n2; 2578 if (gsm->ftype == UIH) 2579 c.i = 1; 2580 else 2581 c.i = 2; 2582 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i); 2583 c.mru = gsm->mru; 2584 c.mtu = gsm->mtu; 2585 c.k = 0; 2586 if (copy_to_user((void *)arg, &c, sizeof(c))) 2587 return -EFAULT; 2588 return 0; 2589 case GSMIOC_SETCONF: 2590 if (copy_from_user(&c, (void *)arg, sizeof(c))) 2591 return -EFAULT; 2592 return gsmld_config(tty, gsm, &c); 2593 default: 2594 return n_tty_ioctl_helper(tty, file, cmd, arg); 2595 } 2596 } 2597 2598 /* 2599 * Network interface 2600 * 2601 */ 2602 2603 static int gsm_mux_net_open(struct net_device *net) 2604 { 2605 pr_debug("%s called\n", __func__); 2606 netif_start_queue(net); 2607 return 0; 2608 } 2609 2610 static int gsm_mux_net_close(struct net_device *net) 2611 { 2612 netif_stop_queue(net); 2613 return 0; 2614 } 2615 2616 static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net) 2617 { 2618 return &((struct gsm_mux_net *)netdev_priv(net))->stats; 2619 } 2620 static void dlci_net_free(struct gsm_dlci *dlci) 2621 { 2622 if (!dlci->net) { 2623 WARN_ON(1); 2624 return; 2625 } 2626 dlci->adaption = dlci->prev_adaption; 2627 dlci->data = dlci->prev_data; 2628 free_netdev(dlci->net); 2629 dlci->net = NULL; 2630 } 2631 static void net_free(struct kref *ref) 2632 { 2633 struct gsm_mux_net *mux_net; 2634 struct gsm_dlci *dlci; 2635 2636 mux_net = container_of(ref, struct gsm_mux_net, ref); 2637 dlci = mux_net->dlci; 2638 2639 if (dlci->net) { 2640 unregister_netdev(dlci->net); 2641 dlci_net_free(dlci); 2642 } 2643 } 2644 2645 static inline void muxnet_get(struct gsm_mux_net *mux_net) 2646 { 2647 kref_get(&mux_net->ref); 2648 } 2649 2650 static inline void muxnet_put(struct gsm_mux_net *mux_net) 2651 { 2652 kref_put(&mux_net->ref, net_free); 2653 } 2654 2655 static int gsm_mux_net_start_xmit(struct sk_buff *skb, 2656 struct net_device *net) 2657 { 2658 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2659 struct gsm_dlci *dlci = mux_net->dlci; 2660 muxnet_get(mux_net); 2661 2662 skb_queue_head(&dlci->skb_list, skb); 2663 STATS(net).tx_packets++; 2664 STATS(net).tx_bytes += skb->len; 2665 gsm_dlci_data_kick(dlci); 2666 /* And tell the kernel when the last transmit started. */ 2667 net->trans_start = jiffies; 2668 muxnet_put(mux_net); 2669 return NETDEV_TX_OK; 2670 } 2671 2672 /* called when a packet did not ack after watchdogtimeout */ 2673 static void gsm_mux_net_tx_timeout(struct net_device *net) 2674 { 2675 /* Tell syslog we are hosed. */ 2676 dev_dbg(&net->dev, "Tx timed out.\n"); 2677 2678 /* Update statistics */ 2679 STATS(net).tx_errors++; 2680 } 2681 2682 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2683 unsigned char *in_buf, int size) 2684 { 2685 struct net_device *net = dlci->net; 2686 struct sk_buff *skb; 2687 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2688 muxnet_get(mux_net); 2689 2690 /* Allocate an sk_buff */ 2691 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2692 if (!skb) { 2693 /* We got no receive buffer. */ 2694 STATS(net).rx_dropped++; 2695 muxnet_put(mux_net); 2696 return; 2697 } 2698 skb_reserve(skb, NET_IP_ALIGN); 2699 memcpy(skb_put(skb, size), in_buf, size); 2700 2701 skb->dev = net; 2702 skb->protocol = __constant_htons(ETH_P_IP); 2703 2704 /* Ship it off to the kernel */ 2705 netif_rx(skb); 2706 2707 /* update out statistics */ 2708 STATS(net).rx_packets++; 2709 STATS(net).rx_bytes += size; 2710 muxnet_put(mux_net); 2711 return; 2712 } 2713 2714 int gsm_change_mtu(struct net_device *net, int new_mtu) 2715 { 2716 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net); 2717 if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu)) 2718 return -EINVAL; 2719 net->mtu = new_mtu; 2720 return 0; 2721 } 2722 2723 static void gsm_mux_net_init(struct net_device *net) 2724 { 2725 static const struct net_device_ops gsm_netdev_ops = { 2726 .ndo_open = gsm_mux_net_open, 2727 .ndo_stop = gsm_mux_net_close, 2728 .ndo_start_xmit = gsm_mux_net_start_xmit, 2729 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2730 .ndo_get_stats = gsm_mux_net_get_stats, 2731 .ndo_change_mtu = gsm_change_mtu, 2732 }; 2733 2734 net->netdev_ops = &gsm_netdev_ops; 2735 2736 /* fill in the other fields */ 2737 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2738 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2739 net->type = ARPHRD_NONE; 2740 net->tx_queue_len = 10; 2741 } 2742 2743 2744 /* caller holds the dlci mutex */ 2745 static void gsm_destroy_network(struct gsm_dlci *dlci) 2746 { 2747 struct gsm_mux_net *mux_net; 2748 2749 pr_debug("destroy network interface"); 2750 if (!dlci->net) 2751 return; 2752 mux_net = (struct gsm_mux_net *)netdev_priv(dlci->net); 2753 muxnet_put(mux_net); 2754 } 2755 2756 2757 /* caller holds the dlci mutex */ 2758 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2759 { 2760 char *netname; 2761 int retval = 0; 2762 struct net_device *net; 2763 struct gsm_mux_net *mux_net; 2764 2765 if (!capable(CAP_NET_ADMIN)) 2766 return -EPERM; 2767 2768 /* Already in a non tty mode */ 2769 if (dlci->adaption > 2) 2770 return -EBUSY; 2771 2772 if (nc->protocol != htons(ETH_P_IP)) 2773 return -EPROTONOSUPPORT; 2774 2775 if (nc->adaption != 3 && nc->adaption != 4) 2776 return -EPROTONOSUPPORT; 2777 2778 pr_debug("create network interface"); 2779 2780 netname = "gsm%d"; 2781 if (nc->if_name[0] != '\0') 2782 netname = nc->if_name; 2783 net = alloc_netdev(sizeof(struct gsm_mux_net), 2784 netname, 2785 gsm_mux_net_init); 2786 if (!net) { 2787 pr_err("alloc_netdev failed"); 2788 return -ENOMEM; 2789 } 2790 net->mtu = dlci->gsm->mtu; 2791 mux_net = (struct gsm_mux_net *)netdev_priv(net); 2792 mux_net->dlci = dlci; 2793 kref_init(&mux_net->ref); 2794 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2795 2796 /* reconfigure dlci for network */ 2797 dlci->prev_adaption = dlci->adaption; 2798 dlci->prev_data = dlci->data; 2799 dlci->adaption = nc->adaption; 2800 dlci->data = gsm_mux_rx_netchar; 2801 dlci->net = net; 2802 2803 pr_debug("register netdev"); 2804 retval = register_netdev(net); 2805 if (retval) { 2806 pr_err("network register fail %d\n", retval); 2807 dlci_net_free(dlci); 2808 return retval; 2809 } 2810 return net->ifindex; /* return network index */ 2811 } 2812 2813 /* Line discipline for real tty */ 2814 struct tty_ldisc_ops tty_ldisc_packet = { 2815 .owner = THIS_MODULE, 2816 .magic = TTY_LDISC_MAGIC, 2817 .name = "n_gsm", 2818 .open = gsmld_open, 2819 .close = gsmld_close, 2820 .flush_buffer = gsmld_flush_buffer, 2821 .chars_in_buffer = gsmld_chars_in_buffer, 2822 .read = gsmld_read, 2823 .write = gsmld_write, 2824 .ioctl = gsmld_ioctl, 2825 .poll = gsmld_poll, 2826 .receive_buf = gsmld_receive_buf, 2827 .write_wakeup = gsmld_write_wakeup 2828 }; 2829 2830 /* 2831 * Virtual tty side 2832 */ 2833 2834 #define TX_SIZE 512 2835 2836 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk) 2837 { 2838 u8 modembits[5]; 2839 struct gsm_control *ctrl; 2840 int len = 2; 2841 2842 if (brk) 2843 len++; 2844 2845 modembits[0] = len << 1 | EA; /* Data bytes */ 2846 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */ 2847 modembits[2] = gsm_encode_modem(dlci) << 1 | EA; 2848 if (brk) 2849 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */ 2850 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1); 2851 if (ctrl == NULL) 2852 return -ENOMEM; 2853 return gsm_control_wait(dlci->gsm, ctrl); 2854 } 2855 2856 static int gsm_carrier_raised(struct tty_port *port) 2857 { 2858 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2859 /* Not yet open so no carrier info */ 2860 if (dlci->state != DLCI_OPEN) 2861 return 0; 2862 if (debug & 2) 2863 return 1; 2864 return dlci->modem_rx & TIOCM_CD; 2865 } 2866 2867 static void gsm_dtr_rts(struct tty_port *port, int onoff) 2868 { 2869 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2870 unsigned int modem_tx = dlci->modem_tx; 2871 if (onoff) 2872 modem_tx |= TIOCM_DTR | TIOCM_RTS; 2873 else 2874 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 2875 if (modem_tx != dlci->modem_tx) { 2876 dlci->modem_tx = modem_tx; 2877 gsmtty_modem_update(dlci, 0); 2878 } 2879 } 2880 2881 static const struct tty_port_operations gsm_port_ops = { 2882 .carrier_raised = gsm_carrier_raised, 2883 .dtr_rts = gsm_dtr_rts, 2884 .destruct = gsm_dlci_free, 2885 }; 2886 2887 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 2888 { 2889 struct gsm_mux *gsm; 2890 struct gsm_dlci *dlci; 2891 unsigned int line = tty->index; 2892 unsigned int mux = line >> 6; 2893 bool alloc = false; 2894 int ret; 2895 2896 line = line & 0x3F; 2897 2898 if (mux >= MAX_MUX) 2899 return -ENXIO; 2900 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 2901 if (gsm_mux[mux] == NULL) 2902 return -EUNATCH; 2903 if (line == 0 || line > 61) /* 62/63 reserved */ 2904 return -ECHRNG; 2905 gsm = gsm_mux[mux]; 2906 if (gsm->dead) 2907 return -EL2HLT; 2908 /* If DLCI 0 is not yet fully open return an error. 2909 This is ok from a locking 2910 perspective as we don't have to worry about this 2911 if DLCI0 is lost */ 2912 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) 2913 return -EL2NSYNC; 2914 dlci = gsm->dlci[line]; 2915 if (dlci == NULL) { 2916 alloc = true; 2917 dlci = gsm_dlci_alloc(gsm, line); 2918 } 2919 if (dlci == NULL) 2920 return -ENOMEM; 2921 ret = tty_port_install(&dlci->port, driver, tty); 2922 if (ret) { 2923 if (alloc) 2924 dlci_put(dlci); 2925 return ret; 2926 } 2927 2928 tty->driver_data = dlci; 2929 2930 return 0; 2931 } 2932 2933 static int gsmtty_open(struct tty_struct *tty, struct file *filp) 2934 { 2935 struct gsm_dlci *dlci = tty->driver_data; 2936 struct tty_port *port = &dlci->port; 2937 2938 port->count++; 2939 dlci_get(dlci); 2940 dlci_get(dlci->gsm->dlci[0]); 2941 mux_get(dlci->gsm); 2942 tty_port_tty_set(port, tty); 2943 2944 dlci->modem_rx = 0; 2945 /* We could in theory open and close before we wait - eg if we get 2946 a DM straight back. This is ok as that will have caused a hangup */ 2947 set_bit(ASYNCB_INITIALIZED, &port->flags); 2948 /* Start sending off SABM messages */ 2949 gsm_dlci_begin_open(dlci); 2950 /* And wait for virtual carrier */ 2951 return tty_port_block_til_ready(port, tty, filp); 2952 } 2953 2954 static void gsmtty_close(struct tty_struct *tty, struct file *filp) 2955 { 2956 struct gsm_dlci *dlci = tty->driver_data; 2957 struct gsm_mux *gsm; 2958 2959 if (dlci == NULL) 2960 return; 2961 if (dlci->state == DLCI_CLOSED) 2962 return; 2963 mutex_lock(&dlci->mutex); 2964 gsm_destroy_network(dlci); 2965 mutex_unlock(&dlci->mutex); 2966 gsm = dlci->gsm; 2967 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 2968 goto out; 2969 gsm_dlci_begin_close(dlci); 2970 if (test_bit(ASYNCB_INITIALIZED, &dlci->port.flags)) { 2971 if (C_HUPCL(tty)) 2972 tty_port_lower_dtr_rts(&dlci->port); 2973 } 2974 tty_port_close_end(&dlci->port, tty); 2975 tty_port_tty_set(&dlci->port, NULL); 2976 out: 2977 dlci_put(dlci); 2978 dlci_put(gsm->dlci[0]); 2979 mux_put(gsm); 2980 } 2981 2982 static void gsmtty_hangup(struct tty_struct *tty) 2983 { 2984 struct gsm_dlci *dlci = tty->driver_data; 2985 if (dlci->state == DLCI_CLOSED) 2986 return; 2987 tty_port_hangup(&dlci->port); 2988 gsm_dlci_begin_close(dlci); 2989 } 2990 2991 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 2992 int len) 2993 { 2994 int sent; 2995 struct gsm_dlci *dlci = tty->driver_data; 2996 if (dlci->state == DLCI_CLOSED) 2997 return -EINVAL; 2998 /* Stuff the bytes into the fifo queue */ 2999 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock); 3000 /* Need to kick the channel */ 3001 gsm_dlci_data_kick(dlci); 3002 return sent; 3003 } 3004 3005 static int gsmtty_write_room(struct tty_struct *tty) 3006 { 3007 struct gsm_dlci *dlci = tty->driver_data; 3008 if (dlci->state == DLCI_CLOSED) 3009 return -EINVAL; 3010 return TX_SIZE - kfifo_len(dlci->fifo); 3011 } 3012 3013 static int gsmtty_chars_in_buffer(struct tty_struct *tty) 3014 { 3015 struct gsm_dlci *dlci = tty->driver_data; 3016 if (dlci->state == DLCI_CLOSED) 3017 return -EINVAL; 3018 return kfifo_len(dlci->fifo); 3019 } 3020 3021 static void gsmtty_flush_buffer(struct tty_struct *tty) 3022 { 3023 struct gsm_dlci *dlci = tty->driver_data; 3024 if (dlci->state == DLCI_CLOSED) 3025 return; 3026 /* Caution needed: If we implement reliable transport classes 3027 then the data being transmitted can't simply be junked once 3028 it has first hit the stack. Until then we can just blow it 3029 away */ 3030 kfifo_reset(dlci->fifo); 3031 /* Need to unhook this DLCI from the transmit queue logic */ 3032 } 3033 3034 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3035 { 3036 /* The FIFO handles the queue so the kernel will do the right 3037 thing waiting on chars_in_buffer before calling us. No work 3038 to do here */ 3039 } 3040 3041 static int gsmtty_tiocmget(struct tty_struct *tty) 3042 { 3043 struct gsm_dlci *dlci = tty->driver_data; 3044 if (dlci->state == DLCI_CLOSED) 3045 return -EINVAL; 3046 return dlci->modem_rx; 3047 } 3048 3049 static int gsmtty_tiocmset(struct tty_struct *tty, 3050 unsigned int set, unsigned int clear) 3051 { 3052 struct gsm_dlci *dlci = tty->driver_data; 3053 unsigned int modem_tx = dlci->modem_tx; 3054 3055 if (dlci->state == DLCI_CLOSED) 3056 return -EINVAL; 3057 modem_tx &= ~clear; 3058 modem_tx |= set; 3059 3060 if (modem_tx != dlci->modem_tx) { 3061 dlci->modem_tx = modem_tx; 3062 return gsmtty_modem_update(dlci, 0); 3063 } 3064 return 0; 3065 } 3066 3067 3068 static int gsmtty_ioctl(struct tty_struct *tty, 3069 unsigned int cmd, unsigned long arg) 3070 { 3071 struct gsm_dlci *dlci = tty->driver_data; 3072 struct gsm_netconfig nc; 3073 int index; 3074 3075 if (dlci->state == DLCI_CLOSED) 3076 return -EINVAL; 3077 switch (cmd) { 3078 case GSMIOC_ENABLE_NET: 3079 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3080 return -EFAULT; 3081 nc.if_name[IFNAMSIZ-1] = '\0'; 3082 /* return net interface index or error code */ 3083 mutex_lock(&dlci->mutex); 3084 index = gsm_create_network(dlci, &nc); 3085 mutex_unlock(&dlci->mutex); 3086 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3087 return -EFAULT; 3088 return index; 3089 case GSMIOC_DISABLE_NET: 3090 if (!capable(CAP_NET_ADMIN)) 3091 return -EPERM; 3092 mutex_lock(&dlci->mutex); 3093 gsm_destroy_network(dlci); 3094 mutex_unlock(&dlci->mutex); 3095 return 0; 3096 default: 3097 return -ENOIOCTLCMD; 3098 } 3099 } 3100 3101 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3102 { 3103 struct gsm_dlci *dlci = tty->driver_data; 3104 if (dlci->state == DLCI_CLOSED) 3105 return; 3106 /* For the moment its fixed. In actual fact the speed information 3107 for the virtual channel can be propogated in both directions by 3108 the RPN control message. This however rapidly gets nasty as we 3109 then have to remap modem signals each way according to whether 3110 our virtual cable is null modem etc .. */ 3111 tty_termios_copy_hw(&tty->termios, old); 3112 } 3113 3114 static void gsmtty_throttle(struct tty_struct *tty) 3115 { 3116 struct gsm_dlci *dlci = tty->driver_data; 3117 if (dlci->state == DLCI_CLOSED) 3118 return; 3119 if (tty->termios.c_cflag & CRTSCTS) 3120 dlci->modem_tx &= ~TIOCM_DTR; 3121 dlci->throttled = 1; 3122 /* Send an MSC with DTR cleared */ 3123 gsmtty_modem_update(dlci, 0); 3124 } 3125 3126 static void gsmtty_unthrottle(struct tty_struct *tty) 3127 { 3128 struct gsm_dlci *dlci = tty->driver_data; 3129 if (dlci->state == DLCI_CLOSED) 3130 return; 3131 if (tty->termios.c_cflag & CRTSCTS) 3132 dlci->modem_tx |= TIOCM_DTR; 3133 dlci->throttled = 0; 3134 /* Send an MSC with DTR set */ 3135 gsmtty_modem_update(dlci, 0); 3136 } 3137 3138 static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3139 { 3140 struct gsm_dlci *dlci = tty->driver_data; 3141 int encode = 0; /* Off */ 3142 if (dlci->state == DLCI_CLOSED) 3143 return -EINVAL; 3144 3145 if (state == -1) /* "On indefinitely" - we can't encode this 3146 properly */ 3147 encode = 0x0F; 3148 else if (state > 0) { 3149 encode = state / 200; /* mS to encoding */ 3150 if (encode > 0x0F) 3151 encode = 0x0F; /* Best effort */ 3152 } 3153 return gsmtty_modem_update(dlci, encode); 3154 } 3155 3156 3157 /* Virtual ttys for the demux */ 3158 static const struct tty_operations gsmtty_ops = { 3159 .install = gsmtty_install, 3160 .open = gsmtty_open, 3161 .close = gsmtty_close, 3162 .write = gsmtty_write, 3163 .write_room = gsmtty_write_room, 3164 .chars_in_buffer = gsmtty_chars_in_buffer, 3165 .flush_buffer = gsmtty_flush_buffer, 3166 .ioctl = gsmtty_ioctl, 3167 .throttle = gsmtty_throttle, 3168 .unthrottle = gsmtty_unthrottle, 3169 .set_termios = gsmtty_set_termios, 3170 .hangup = gsmtty_hangup, 3171 .wait_until_sent = gsmtty_wait_until_sent, 3172 .tiocmget = gsmtty_tiocmget, 3173 .tiocmset = gsmtty_tiocmset, 3174 .break_ctl = gsmtty_break_ctl, 3175 }; 3176 3177 3178 3179 static int __init gsm_init(void) 3180 { 3181 /* Fill in our line protocol discipline, and register it */ 3182 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet); 3183 if (status != 0) { 3184 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3185 status); 3186 return status; 3187 } 3188 3189 gsm_tty_driver = alloc_tty_driver(256); 3190 if (!gsm_tty_driver) { 3191 tty_unregister_ldisc(N_GSM0710); 3192 pr_err("gsm_init: tty allocation failed.\n"); 3193 return -EINVAL; 3194 } 3195 gsm_tty_driver->driver_name = "gsmtty"; 3196 gsm_tty_driver->name = "gsmtty"; 3197 gsm_tty_driver->major = 0; /* Dynamic */ 3198 gsm_tty_driver->minor_start = 0; 3199 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3200 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3201 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV 3202 | TTY_DRIVER_HARDWARE_BREAK; 3203 gsm_tty_driver->init_termios = tty_std_termios; 3204 /* Fixme */ 3205 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3206 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3207 3208 spin_lock_init(&gsm_mux_lock); 3209 3210 if (tty_register_driver(gsm_tty_driver)) { 3211 put_tty_driver(gsm_tty_driver); 3212 tty_unregister_ldisc(N_GSM0710); 3213 pr_err("gsm_init: tty registration failed.\n"); 3214 return -EBUSY; 3215 } 3216 pr_debug("gsm_init: loaded as %d,%d.\n", 3217 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3218 return 0; 3219 } 3220 3221 static void __exit gsm_exit(void) 3222 { 3223 int status = tty_unregister_ldisc(N_GSM0710); 3224 if (status != 0) 3225 pr_err("n_gsm: can't unregister line discipline (err = %d)\n", 3226 status); 3227 tty_unregister_driver(gsm_tty_driver); 3228 put_tty_driver(gsm_tty_driver); 3229 } 3230 3231 module_init(gsm_init); 3232 module_exit(gsm_exit); 3233 3234 3235 MODULE_LICENSE("GPL"); 3236 MODULE_ALIAS_LDISC(N_GSM0710); 3237