1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * n_gsm.c GSM 0710 tty multiplexor 4 * Copyright (c) 2009/10 Intel Corporation 5 * 6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 7 * 8 * TO DO: 9 * Mostly done: ioctls for setting modes/timing 10 * Partly done: hooks so you can pull off frames to non tty devs 11 * Restart DLCI 0 when it closes ? 12 * Improve the tx engine 13 * Resolve tx side locking by adding a queue_head and routing 14 * all control traffic via it 15 * General tidy/document 16 * Review the locking/move to refcounts more (mux now moved to an 17 * alloc/free model ready) 18 * Use newest tty open/close port helpers and install hooks 19 * What to do about power functions ? 20 * Termios setting and negotiation 21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 22 * 23 */ 24 25 #include <linux/types.h> 26 #include <linux/major.h> 27 #include <linux/errno.h> 28 #include <linux/signal.h> 29 #include <linux/fcntl.h> 30 #include <linux/sched/signal.h> 31 #include <linux/interrupt.h> 32 #include <linux/tty.h> 33 #include <linux/ctype.h> 34 #include <linux/mm.h> 35 #include <linux/string.h> 36 #include <linux/slab.h> 37 #include <linux/poll.h> 38 #include <linux/bitops.h> 39 #include <linux/file.h> 40 #include <linux/uaccess.h> 41 #include <linux/module.h> 42 #include <linux/timer.h> 43 #include <linux/tty_flip.h> 44 #include <linux/tty_driver.h> 45 #include <linux/serial.h> 46 #include <linux/kfifo.h> 47 #include <linux/skbuff.h> 48 #include <net/arp.h> 49 #include <linux/ip.h> 50 #include <linux/netdevice.h> 51 #include <linux/etherdevice.h> 52 #include <linux/gsmmux.h> 53 #include "tty.h" 54 55 static int debug; 56 module_param(debug, int, 0600); 57 58 /* Defaults: these are from the specification */ 59 60 #define T1 10 /* 100mS */ 61 #define T2 34 /* 333mS */ 62 #define N2 3 /* Retry 3 times */ 63 64 /* Use long timers for testing at low speed with debug on */ 65 #ifdef DEBUG_TIMING 66 #define T1 100 67 #define T2 200 68 #endif 69 70 /* 71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 72 * limits so this is plenty 73 */ 74 #define MAX_MRU 1500 75 #define MAX_MTU 1500 76 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */ 77 #define PROT_OVERHEAD 7 78 #define GSM_NET_TX_TIMEOUT (HZ*10) 79 80 /* 81 * struct gsm_mux_net - network interface 82 * 83 * Created when net interface is initialized. 84 */ 85 struct gsm_mux_net { 86 struct kref ref; 87 struct gsm_dlci *dlci; 88 }; 89 90 /* 91 * Each block of data we have queued to go out is in the form of 92 * a gsm_msg which holds everything we need in a link layer independent 93 * format 94 */ 95 96 struct gsm_msg { 97 struct list_head list; 98 u8 addr; /* DLCI address + flags */ 99 u8 ctrl; /* Control byte + flags */ 100 unsigned int len; /* Length of data block (can be zero) */ 101 unsigned char *data; /* Points into buffer but not at the start */ 102 unsigned char buffer[]; 103 }; 104 105 enum gsm_dlci_state { 106 DLCI_CLOSED, 107 DLCI_OPENING, /* Sending SABM not seen UA */ 108 DLCI_OPEN, /* SABM/UA complete */ 109 DLCI_CLOSING, /* Sending DISC not seen UA/DM */ 110 }; 111 112 enum gsm_dlci_mode { 113 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */ 114 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */ 115 }; 116 117 /* 118 * Each active data link has a gsm_dlci structure associated which ties 119 * the link layer to an optional tty (if the tty side is open). To avoid 120 * complexity right now these are only ever freed up when the mux is 121 * shut down. 122 * 123 * At the moment we don't free DLCI objects until the mux is torn down 124 * this avoid object life time issues but might be worth review later. 125 */ 126 127 struct gsm_dlci { 128 struct gsm_mux *gsm; 129 int addr; 130 enum gsm_dlci_state state; 131 struct mutex mutex; 132 133 /* Link layer */ 134 enum gsm_dlci_mode mode; 135 spinlock_t lock; /* Protects the internal state */ 136 struct timer_list t1; /* Retransmit timer for SABM and UA */ 137 int retries; 138 /* Uplink tty if active */ 139 struct tty_port port; /* The tty bound to this DLCI if there is one */ 140 #define TX_SIZE 4096 /* Must be power of 2. */ 141 struct kfifo fifo; /* Queue fifo for the DLCI */ 142 int adaption; /* Adaption layer in use */ 143 int prev_adaption; 144 u32 modem_rx; /* Our incoming virtual modem lines */ 145 u32 modem_tx; /* Our outgoing modem lines */ 146 bool dead; /* Refuse re-open */ 147 /* Flow control */ 148 bool throttled; /* Private copy of throttle state */ 149 bool constipated; /* Throttle status for outgoing */ 150 /* Packetised I/O */ 151 struct sk_buff *skb; /* Frame being sent */ 152 struct sk_buff_head skb_list; /* Queued frames */ 153 /* Data handling callback */ 154 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len); 155 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len); 156 struct net_device *net; /* network interface, if created */ 157 }; 158 159 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */ 160 161 #define NUM_DLCI 64 162 163 /* 164 * DLCI 0 is used to pass control blocks out of band of the data 165 * flow (and with a higher link priority). One command can be outstanding 166 * at a time and we use this structure to manage them. They are created 167 * and destroyed by the user context, and updated by the receive paths 168 * and timers 169 */ 170 171 struct gsm_control { 172 u8 cmd; /* Command we are issuing */ 173 u8 *data; /* Data for the command in case we retransmit */ 174 int len; /* Length of block for retransmission */ 175 int done; /* Done flag */ 176 int error; /* Error if any */ 177 }; 178 179 enum gsm_mux_state { 180 GSM_SEARCH, 181 GSM_START, 182 GSM_ADDRESS, 183 GSM_CONTROL, 184 GSM_LEN, 185 GSM_DATA, 186 GSM_FCS, 187 GSM_OVERRUN, 188 GSM_LEN0, 189 GSM_LEN1, 190 GSM_SSOF, 191 }; 192 193 /* 194 * Each GSM mux we have is represented by this structure. If we are 195 * operating as an ldisc then we use this structure as our ldisc 196 * state. We need to sort out lifetimes and locking with respect 197 * to the gsm mux array. For now we don't free DLCI objects that 198 * have been instantiated until the mux itself is terminated. 199 * 200 * To consider further: tty open versus mux shutdown. 201 */ 202 203 struct gsm_mux { 204 struct tty_struct *tty; /* The tty our ldisc is bound to */ 205 spinlock_t lock; 206 struct mutex mutex; 207 unsigned int num; 208 struct kref ref; 209 210 /* Events on the GSM channel */ 211 wait_queue_head_t event; 212 213 /* Bits for GSM mode decoding */ 214 215 /* Framing Layer */ 216 unsigned char *buf; 217 enum gsm_mux_state state; 218 unsigned int len; 219 unsigned int address; 220 unsigned int count; 221 bool escape; 222 int encoding; 223 u8 control; 224 u8 fcs; 225 u8 *txframe; /* TX framing buffer */ 226 227 /* Method for the receiver side */ 228 void (*receive)(struct gsm_mux *gsm, u8 ch); 229 230 /* Link Layer */ 231 unsigned int mru; 232 unsigned int mtu; 233 int initiator; /* Did we initiate connection */ 234 bool dead; /* Has the mux been shut down */ 235 struct gsm_dlci *dlci[NUM_DLCI]; 236 int old_c_iflag; /* termios c_iflag value before attach */ 237 bool constipated; /* Asked by remote to shut up */ 238 239 spinlock_t tx_lock; 240 unsigned int tx_bytes; /* TX data outstanding */ 241 #define TX_THRESH_HI 8192 242 #define TX_THRESH_LO 2048 243 struct list_head tx_list; /* Pending data packets */ 244 245 /* Control messages */ 246 struct timer_list t2_timer; /* Retransmit timer for commands */ 247 int cretries; /* Command retry counter */ 248 struct gsm_control *pending_cmd;/* Our current pending command */ 249 spinlock_t control_lock; /* Protects the pending command */ 250 251 /* Configuration */ 252 int adaption; /* 1 or 2 supported */ 253 u8 ftype; /* UI or UIH */ 254 int t1, t2; /* Timers in 1/100th of a sec */ 255 int n2; /* Retry count */ 256 257 /* Statistics (not currently exposed) */ 258 unsigned long bad_fcs; 259 unsigned long malformed; 260 unsigned long io_error; 261 unsigned long bad_size; 262 unsigned long unsupported; 263 }; 264 265 266 /* 267 * Mux objects - needed so that we can translate a tty index into the 268 * relevant mux and DLCI. 269 */ 270 271 #define MAX_MUX 4 /* 256 minors */ 272 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 273 static DEFINE_SPINLOCK(gsm_mux_lock); 274 275 static struct tty_driver *gsm_tty_driver; 276 277 /* 278 * This section of the driver logic implements the GSM encodings 279 * both the basic and the 'advanced'. Reliable transport is not 280 * supported. 281 */ 282 283 #define CR 0x02 284 #define EA 0x01 285 #define PF 0x10 286 287 /* I is special: the rest are ..*/ 288 #define RR 0x01 289 #define UI 0x03 290 #define RNR 0x05 291 #define REJ 0x09 292 #define DM 0x0F 293 #define SABM 0x2F 294 #define DISC 0x43 295 #define UA 0x63 296 #define UIH 0xEF 297 298 /* Channel commands */ 299 #define CMD_NSC 0x09 300 #define CMD_TEST 0x11 301 #define CMD_PSC 0x21 302 #define CMD_RLS 0x29 303 #define CMD_FCOFF 0x31 304 #define CMD_PN 0x41 305 #define CMD_RPN 0x49 306 #define CMD_FCON 0x51 307 #define CMD_CLD 0x61 308 #define CMD_SNC 0x69 309 #define CMD_MSC 0x71 310 311 /* Virtual modem bits */ 312 #define MDM_FC 0x01 313 #define MDM_RTC 0x02 314 #define MDM_RTR 0x04 315 #define MDM_IC 0x20 316 #define MDM_DV 0x40 317 318 #define GSM0_SOF 0xF9 319 #define GSM1_SOF 0x7E 320 #define GSM1_ESCAPE 0x7D 321 #define GSM1_ESCAPE_BITS 0x20 322 #define XON 0x11 323 #define XOFF 0x13 324 #define ISO_IEC_646_MASK 0x7F 325 326 static const struct tty_port_operations gsm_port_ops; 327 328 /* 329 * CRC table for GSM 0710 330 */ 331 332 static const u8 gsm_fcs8[256] = { 333 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 334 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 335 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 336 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 337 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 338 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 339 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 340 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 341 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 342 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 343 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 344 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 345 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 346 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 347 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 348 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 349 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 350 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 351 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 352 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 353 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 354 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 355 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 356 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 357 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 358 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 359 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 360 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 361 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 362 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 363 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 364 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 365 }; 366 367 #define INIT_FCS 0xFF 368 #define GOOD_FCS 0xCF 369 370 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len); 371 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk); 372 373 /** 374 * gsm_fcs_add - update FCS 375 * @fcs: Current FCS 376 * @c: Next data 377 * 378 * Update the FCS to include c. Uses the algorithm in the specification 379 * notes. 380 */ 381 382 static inline u8 gsm_fcs_add(u8 fcs, u8 c) 383 { 384 return gsm_fcs8[fcs ^ c]; 385 } 386 387 /** 388 * gsm_fcs_add_block - update FCS for a block 389 * @fcs: Current FCS 390 * @c: buffer of data 391 * @len: length of buffer 392 * 393 * Update the FCS to include c. Uses the algorithm in the specification 394 * notes. 395 */ 396 397 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 398 { 399 while (len--) 400 fcs = gsm_fcs8[fcs ^ *c++]; 401 return fcs; 402 } 403 404 /** 405 * gsm_read_ea - read a byte into an EA 406 * @val: variable holding value 407 * @c: byte going into the EA 408 * 409 * Processes one byte of an EA. Updates the passed variable 410 * and returns 1 if the EA is now completely read 411 */ 412 413 static int gsm_read_ea(unsigned int *val, u8 c) 414 { 415 /* Add the next 7 bits into the value */ 416 *val <<= 7; 417 *val |= c >> 1; 418 /* Was this the last byte of the EA 1 = yes*/ 419 return c & EA; 420 } 421 422 /** 423 * gsm_encode_modem - encode modem data bits 424 * @dlci: DLCI to encode from 425 * 426 * Returns the correct GSM encoded modem status bits (6 bit field) for 427 * the current status of the DLCI and attached tty object 428 */ 429 430 static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 431 { 432 u8 modembits = 0; 433 /* FC is true flow control not modem bits */ 434 if (dlci->throttled) 435 modembits |= MDM_FC; 436 if (dlci->modem_tx & TIOCM_DTR) 437 modembits |= MDM_RTC; 438 if (dlci->modem_tx & TIOCM_RTS) 439 modembits |= MDM_RTR; 440 if (dlci->modem_tx & TIOCM_RI) 441 modembits |= MDM_IC; 442 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator) 443 modembits |= MDM_DV; 444 return modembits; 445 } 446 447 /** 448 * gsm_print_packet - display a frame for debug 449 * @hdr: header to print before decode 450 * @addr: address EA from the frame 451 * @cr: C/R bit seen as initiator 452 * @control: control including PF bit 453 * @data: following data bytes 454 * @dlen: length of data 455 * 456 * Displays a packet in human readable format for debugging purposes. The 457 * style is based on amateur radio LAP-B dump display. 458 */ 459 460 static void gsm_print_packet(const char *hdr, int addr, int cr, 461 u8 control, const u8 *data, int dlen) 462 { 463 if (!(debug & 1)) 464 return; 465 466 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 467 468 switch (control & ~PF) { 469 case SABM: 470 pr_cont("SABM"); 471 break; 472 case UA: 473 pr_cont("UA"); 474 break; 475 case DISC: 476 pr_cont("DISC"); 477 break; 478 case DM: 479 pr_cont("DM"); 480 break; 481 case UI: 482 pr_cont("UI"); 483 break; 484 case UIH: 485 pr_cont("UIH"); 486 break; 487 default: 488 if (!(control & 0x01)) { 489 pr_cont("I N(S)%d N(R)%d", 490 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 491 } else switch (control & 0x0F) { 492 case RR: 493 pr_cont("RR(%d)", (control & 0xE0) >> 5); 494 break; 495 case RNR: 496 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 497 break; 498 case REJ: 499 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 500 break; 501 default: 502 pr_cont("[%02X]", control); 503 } 504 } 505 506 if (control & PF) 507 pr_cont("(P)"); 508 else 509 pr_cont("(F)"); 510 511 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen); 512 } 513 514 515 /* 516 * Link level transmission side 517 */ 518 519 /** 520 * gsm_stuff_frame - bytestuff a packet 521 * @input: input buffer 522 * @output: output buffer 523 * @len: length of input 524 * 525 * Expand a buffer by bytestuffing it. The worst case size change 526 * is doubling and the caller is responsible for handing out 527 * suitable sized buffers. 528 */ 529 530 static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 531 { 532 int olen = 0; 533 while (len--) { 534 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 535 || (*input & ISO_IEC_646_MASK) == XON 536 || (*input & ISO_IEC_646_MASK) == XOFF) { 537 *output++ = GSM1_ESCAPE; 538 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 539 olen++; 540 } else 541 *output++ = *input++; 542 olen++; 543 } 544 return olen; 545 } 546 547 /** 548 * gsm_send - send a control frame 549 * @gsm: our GSM mux 550 * @addr: address for control frame 551 * @cr: command/response bit seen as initiator 552 * @control: control byte including PF bit 553 * 554 * Format up and transmit a control frame. These do not go via the 555 * queueing logic as they should be transmitted ahead of data when 556 * they are needed. 557 * 558 * FIXME: Lock versus data TX path 559 */ 560 561 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 562 { 563 int len; 564 u8 cbuf[10]; 565 u8 ibuf[3]; 566 int ocr; 567 568 /* toggle C/R coding if not initiator */ 569 ocr = cr ^ (gsm->initiator ? 0 : 1); 570 571 switch (gsm->encoding) { 572 case 0: 573 cbuf[0] = GSM0_SOF; 574 cbuf[1] = (addr << 2) | (ocr << 1) | EA; 575 cbuf[2] = control; 576 cbuf[3] = EA; /* Length of data = 0 */ 577 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 578 cbuf[5] = GSM0_SOF; 579 len = 6; 580 break; 581 case 1: 582 case 2: 583 /* Control frame + packing (but not frame stuffing) in mode 1 */ 584 ibuf[0] = (addr << 2) | (ocr << 1) | EA; 585 ibuf[1] = control; 586 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 587 /* Stuffing may double the size worst case */ 588 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 589 /* Now add the SOF markers */ 590 cbuf[0] = GSM1_SOF; 591 cbuf[len + 1] = GSM1_SOF; 592 /* FIXME: we can omit the lead one in many cases */ 593 len += 2; 594 break; 595 default: 596 WARN_ON(1); 597 return; 598 } 599 gsmld_output(gsm, cbuf, len); 600 if (!gsm->initiator) { 601 cr = cr & gsm->initiator; 602 control = control & ~PF; 603 } 604 gsm_print_packet("-->", addr, cr, control, NULL, 0); 605 } 606 607 /** 608 * gsm_response - send a control response 609 * @gsm: our GSM mux 610 * @addr: address for control frame 611 * @control: control byte including PF bit 612 * 613 * Format up and transmit a link level response frame. 614 */ 615 616 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 617 { 618 gsm_send(gsm, addr, 0, control); 619 } 620 621 /** 622 * gsm_command - send a control command 623 * @gsm: our GSM mux 624 * @addr: address for control frame 625 * @control: control byte including PF bit 626 * 627 * Format up and transmit a link level command frame. 628 */ 629 630 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 631 { 632 gsm_send(gsm, addr, 1, control); 633 } 634 635 /* Data transmission */ 636 637 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 638 639 /** 640 * gsm_data_alloc - allocate data frame 641 * @gsm: GSM mux 642 * @addr: DLCI address 643 * @len: length excluding header and FCS 644 * @ctrl: control byte 645 * 646 * Allocate a new data buffer for sending frames with data. Space is left 647 * at the front for header bytes but that is treated as an implementation 648 * detail and not for the high level code to use 649 */ 650 651 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 652 u8 ctrl) 653 { 654 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 655 GFP_ATOMIC); 656 if (m == NULL) 657 return NULL; 658 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 659 m->len = len; 660 m->addr = addr; 661 m->ctrl = ctrl; 662 INIT_LIST_HEAD(&m->list); 663 return m; 664 } 665 666 /** 667 * gsm_data_kick - poke the queue 668 * @gsm: GSM Mux 669 * @dlci: DLCI sending the data 670 * 671 * The tty device has called us to indicate that room has appeared in 672 * the transmit queue. Ram more data into the pipe if we have any 673 * If we have been flow-stopped by a CMD_FCOFF, then we can only 674 * send messages on DLCI0 until CMD_FCON 675 * 676 * FIXME: lock against link layer control transmissions 677 */ 678 679 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci) 680 { 681 struct gsm_msg *msg, *nmsg; 682 int len; 683 684 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 685 if (gsm->constipated && msg->addr) 686 continue; 687 if (gsm->encoding != 0) { 688 gsm->txframe[0] = GSM1_SOF; 689 len = gsm_stuff_frame(msg->data, 690 gsm->txframe + 1, msg->len); 691 gsm->txframe[len + 1] = GSM1_SOF; 692 len += 2; 693 } else { 694 gsm->txframe[0] = GSM0_SOF; 695 memcpy(gsm->txframe + 1 , msg->data, msg->len); 696 gsm->txframe[msg->len + 1] = GSM0_SOF; 697 len = msg->len + 2; 698 } 699 700 if (debug & 4) 701 print_hex_dump_bytes("gsm_data_kick: ", 702 DUMP_PREFIX_OFFSET, 703 gsm->txframe, len); 704 if (gsmld_output(gsm, gsm->txframe, len) <= 0) 705 break; 706 /* FIXME: Can eliminate one SOF in many more cases */ 707 gsm->tx_bytes -= msg->len; 708 709 list_del(&msg->list); 710 kfree(msg); 711 712 if (dlci) { 713 tty_port_tty_wakeup(&dlci->port); 714 } else { 715 int i = 0; 716 717 for (i = 0; i < NUM_DLCI; i++) 718 if (gsm->dlci[i]) 719 tty_port_tty_wakeup(&gsm->dlci[i]->port); 720 } 721 } 722 } 723 724 /** 725 * __gsm_data_queue - queue a UI or UIH frame 726 * @dlci: DLCI sending the data 727 * @msg: message queued 728 * 729 * Add data to the transmit queue and try and get stuff moving 730 * out of the mux tty if not already doing so. The Caller must hold 731 * the gsm tx lock. 732 */ 733 734 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 735 { 736 struct gsm_mux *gsm = dlci->gsm; 737 u8 *dp = msg->data; 738 u8 *fcs = dp + msg->len; 739 740 /* Fill in the header */ 741 if (gsm->encoding == 0) { 742 if (msg->len < 128) 743 *--dp = (msg->len << 1) | EA; 744 else { 745 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 746 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 747 } 748 } 749 750 *--dp = msg->ctrl; 751 if (gsm->initiator) 752 *--dp = (msg->addr << 2) | 2 | EA; 753 else 754 *--dp = (msg->addr << 2) | EA; 755 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 756 /* Ugly protocol layering violation */ 757 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 758 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 759 *fcs = 0xFF - *fcs; 760 761 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 762 msg->data, msg->len); 763 764 /* Move the header back and adjust the length, also allow for the FCS 765 now tacked on the end */ 766 msg->len += (msg->data - dp) + 1; 767 msg->data = dp; 768 769 /* Add to the actual output queue */ 770 list_add_tail(&msg->list, &gsm->tx_list); 771 gsm->tx_bytes += msg->len; 772 gsm_data_kick(gsm, dlci); 773 } 774 775 /** 776 * gsm_data_queue - queue a UI or UIH frame 777 * @dlci: DLCI sending the data 778 * @msg: message queued 779 * 780 * Add data to the transmit queue and try and get stuff moving 781 * out of the mux tty if not already doing so. Take the 782 * the gsm tx lock and dlci lock. 783 */ 784 785 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 786 { 787 unsigned long flags; 788 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 789 __gsm_data_queue(dlci, msg); 790 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 791 } 792 793 /** 794 * gsm_dlci_data_output - try and push data out of a DLCI 795 * @gsm: mux 796 * @dlci: the DLCI to pull data from 797 * 798 * Pull data from a DLCI and send it into the transmit queue if there 799 * is data. Keep to the MRU of the mux. This path handles the usual tty 800 * interface which is a byte stream with optional modem data. 801 * 802 * Caller must hold the tx_lock of the mux. 803 */ 804 805 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 806 { 807 struct gsm_msg *msg; 808 u8 *dp; 809 int len, total_size, size; 810 int h = dlci->adaption - 1; 811 812 total_size = 0; 813 while (1) { 814 len = kfifo_len(&dlci->fifo); 815 if (len == 0) 816 return total_size; 817 818 /* MTU/MRU count only the data bits */ 819 if (len > gsm->mtu) 820 len = gsm->mtu; 821 822 size = len + h; 823 824 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 825 /* FIXME: need a timer or something to kick this so it can't 826 get stuck with no work outstanding and no buffer free */ 827 if (msg == NULL) 828 return -ENOMEM; 829 dp = msg->data; 830 switch (dlci->adaption) { 831 case 1: /* Unstructured */ 832 break; 833 case 2: /* Unstructed with modem bits. 834 Always one byte as we never send inline break data */ 835 *dp++ = (gsm_encode_modem(dlci) << 1) | EA; 836 break; 837 } 838 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len); 839 __gsm_data_queue(dlci, msg); 840 total_size += size; 841 } 842 /* Bytes of data we used up */ 843 return total_size; 844 } 845 846 /** 847 * gsm_dlci_data_output_framed - try and push data out of a DLCI 848 * @gsm: mux 849 * @dlci: the DLCI to pull data from 850 * 851 * Pull data from a DLCI and send it into the transmit queue if there 852 * is data. Keep to the MRU of the mux. This path handles framed data 853 * queued as skbuffs to the DLCI. 854 * 855 * Caller must hold the tx_lock of the mux. 856 */ 857 858 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 859 struct gsm_dlci *dlci) 860 { 861 struct gsm_msg *msg; 862 u8 *dp; 863 int len, size; 864 int last = 0, first = 0; 865 int overhead = 0; 866 867 /* One byte per frame is used for B/F flags */ 868 if (dlci->adaption == 4) 869 overhead = 1; 870 871 /* dlci->skb is locked by tx_lock */ 872 if (dlci->skb == NULL) { 873 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 874 if (dlci->skb == NULL) 875 return 0; 876 first = 1; 877 } 878 len = dlci->skb->len + overhead; 879 880 /* MTU/MRU count only the data bits */ 881 if (len > gsm->mtu) { 882 if (dlci->adaption == 3) { 883 /* Over long frame, bin it */ 884 dev_kfree_skb_any(dlci->skb); 885 dlci->skb = NULL; 886 return 0; 887 } 888 len = gsm->mtu; 889 } else 890 last = 1; 891 892 size = len + overhead; 893 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 894 895 /* FIXME: need a timer or something to kick this so it can't 896 get stuck with no work outstanding and no buffer free */ 897 if (msg == NULL) { 898 skb_queue_tail(&dlci->skb_list, dlci->skb); 899 dlci->skb = NULL; 900 return -ENOMEM; 901 } 902 dp = msg->data; 903 904 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 905 /* Flag byte to carry the start/end info */ 906 *dp++ = last << 7 | first << 6 | 1; /* EA */ 907 len--; 908 } 909 memcpy(dp, dlci->skb->data, len); 910 skb_pull(dlci->skb, len); 911 __gsm_data_queue(dlci, msg); 912 if (last) { 913 dev_kfree_skb_any(dlci->skb); 914 dlci->skb = NULL; 915 } 916 return size; 917 } 918 919 /** 920 * gsm_dlci_modem_output - try and push modem status out of a DLCI 921 * @gsm: mux 922 * @dlci: the DLCI to pull modem status from 923 * @brk: break signal 924 * 925 * Push an empty frame in to the transmit queue to update the modem status 926 * bits and to transmit an optional break. 927 * 928 * Caller must hold the tx_lock of the mux. 929 */ 930 931 static int gsm_dlci_modem_output(struct gsm_mux *gsm, struct gsm_dlci *dlci, 932 u8 brk) 933 { 934 u8 *dp = NULL; 935 struct gsm_msg *msg; 936 int size = 0; 937 938 /* for modem bits without break data */ 939 switch (dlci->adaption) { 940 case 1: /* Unstructured */ 941 break; 942 case 2: /* Unstructured with modem bits. */ 943 size++; 944 if (brk > 0) 945 size++; 946 break; 947 default: 948 pr_err("%s: unsupported adaption %d\n", __func__, 949 dlci->adaption); 950 return -EINVAL; 951 } 952 953 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 954 if (!msg) { 955 pr_err("%s: gsm_data_alloc error", __func__); 956 return -ENOMEM; 957 } 958 dp = msg->data; 959 switch (dlci->adaption) { 960 case 1: /* Unstructured */ 961 break; 962 case 2: /* Unstructured with modem bits. */ 963 if (brk == 0) { 964 *dp++ = (gsm_encode_modem(dlci) << 1) | EA; 965 } else { 966 *dp++ = gsm_encode_modem(dlci) << 1; 967 *dp++ = (brk << 4) | 2 | EA; /* Length, Break, EA */ 968 } 969 break; 970 default: 971 /* Handled above */ 972 break; 973 } 974 975 __gsm_data_queue(dlci, msg); 976 return size; 977 } 978 979 /** 980 * gsm_dlci_data_sweep - look for data to send 981 * @gsm: the GSM mux 982 * 983 * Sweep the GSM mux channels in priority order looking for ones with 984 * data to send. We could do with optimising this scan a bit. We aim 985 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 986 * TX_THRESH_LO we get called again 987 * 988 * FIXME: We should round robin between groups and in theory you can 989 * renegotiate DLCI priorities with optional stuff. Needs optimising. 990 */ 991 992 static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 993 { 994 int len; 995 /* Priority ordering: We should do priority with RR of the groups */ 996 int i = 1; 997 998 while (i < NUM_DLCI) { 999 struct gsm_dlci *dlci; 1000 1001 if (gsm->tx_bytes > TX_THRESH_HI) 1002 break; 1003 dlci = gsm->dlci[i]; 1004 if (dlci == NULL || dlci->constipated) { 1005 i++; 1006 continue; 1007 } 1008 if (dlci->adaption < 3 && !dlci->net) 1009 len = gsm_dlci_data_output(gsm, dlci); 1010 else 1011 len = gsm_dlci_data_output_framed(gsm, dlci); 1012 if (len < 0) 1013 break; 1014 /* DLCI empty - try the next */ 1015 if (len == 0) 1016 i++; 1017 } 1018 } 1019 1020 /** 1021 * gsm_dlci_data_kick - transmit if possible 1022 * @dlci: DLCI to kick 1023 * 1024 * Transmit data from this DLCI if the queue is empty. We can't rely on 1025 * a tty wakeup except when we filled the pipe so we need to fire off 1026 * new data ourselves in other cases. 1027 */ 1028 1029 static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 1030 { 1031 unsigned long flags; 1032 int sweep; 1033 1034 if (dlci->constipated) 1035 return; 1036 1037 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 1038 /* If we have nothing running then we need to fire up */ 1039 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 1040 if (dlci->gsm->tx_bytes == 0) { 1041 if (dlci->net) 1042 gsm_dlci_data_output_framed(dlci->gsm, dlci); 1043 else 1044 gsm_dlci_data_output(dlci->gsm, dlci); 1045 } 1046 if (sweep) 1047 gsm_dlci_data_sweep(dlci->gsm); 1048 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 1049 } 1050 1051 /* 1052 * Control message processing 1053 */ 1054 1055 1056 /** 1057 * gsm_control_reply - send a response frame to a control 1058 * @gsm: gsm channel 1059 * @cmd: the command to use 1060 * @data: data to follow encoded info 1061 * @dlen: length of data 1062 * 1063 * Encode up and queue a UI/UIH frame containing our response. 1064 */ 1065 1066 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data, 1067 int dlen) 1068 { 1069 struct gsm_msg *msg; 1070 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1071 if (msg == NULL) 1072 return; 1073 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1074 msg->data[1] = (dlen << 1) | EA; 1075 memcpy(msg->data + 2, data, dlen); 1076 gsm_data_queue(gsm->dlci[0], msg); 1077 } 1078 1079 /** 1080 * gsm_process_modem - process received modem status 1081 * @tty: virtual tty bound to the DLCI 1082 * @dlci: DLCI to affect 1083 * @modem: modem bits (full EA) 1084 * @slen: number of signal octets 1085 * 1086 * Used when a modem control message or line state inline in adaption 1087 * layer 2 is processed. Sort out the local modem state and throttles 1088 */ 1089 1090 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1091 u32 modem, int slen) 1092 { 1093 int mlines = 0; 1094 u8 brk = 0; 1095 int fc; 1096 1097 /* The modem status command can either contain one octet (V.24 signals) 1098 * or two octets (V.24 signals + break signals). This is specified in 1099 * section 5.4.6.3.7 of the 07.10 mux spec. 1100 */ 1101 1102 if (slen == 1) 1103 modem = modem & 0x7f; 1104 else { 1105 brk = modem & 0x7f; 1106 modem = (modem >> 7) & 0x7f; 1107 } 1108 1109 /* Flow control/ready to communicate */ 1110 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1111 if (fc && !dlci->constipated) { 1112 /* Need to throttle our output on this device */ 1113 dlci->constipated = true; 1114 } else if (!fc && dlci->constipated) { 1115 dlci->constipated = false; 1116 gsm_dlci_data_kick(dlci); 1117 } 1118 1119 /* Map modem bits */ 1120 if (modem & MDM_RTC) 1121 mlines |= TIOCM_DSR | TIOCM_DTR; 1122 if (modem & MDM_RTR) 1123 mlines |= TIOCM_RTS | TIOCM_CTS; 1124 if (modem & MDM_IC) 1125 mlines |= TIOCM_RI; 1126 if (modem & MDM_DV) 1127 mlines |= TIOCM_CD; 1128 1129 /* Carrier drop -> hangup */ 1130 if (tty) { 1131 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1132 if (!C_CLOCAL(tty)) 1133 tty_hangup(tty); 1134 } 1135 if (brk & 0x01) 1136 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1137 dlci->modem_rx = mlines; 1138 } 1139 1140 /** 1141 * gsm_control_modem - modem status received 1142 * @gsm: GSM channel 1143 * @data: data following command 1144 * @clen: command length 1145 * 1146 * We have received a modem status control message. This is used by 1147 * the GSM mux protocol to pass virtual modem line status and optionally 1148 * to indicate break signals. Unpack it, convert to Linux representation 1149 * and if need be stuff a break message down the tty. 1150 */ 1151 1152 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen) 1153 { 1154 unsigned int addr = 0; 1155 unsigned int modem = 0; 1156 struct gsm_dlci *dlci; 1157 int len = clen; 1158 int slen; 1159 const u8 *dp = data; 1160 struct tty_struct *tty; 1161 1162 while (gsm_read_ea(&addr, *dp++) == 0) { 1163 len--; 1164 if (len == 0) 1165 return; 1166 } 1167 /* Must be at least one byte following the EA */ 1168 len--; 1169 if (len <= 0) 1170 return; 1171 1172 addr >>= 1; 1173 /* Closed port, or invalid ? */ 1174 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1175 return; 1176 dlci = gsm->dlci[addr]; 1177 1178 slen = len; 1179 while (gsm_read_ea(&modem, *dp++) == 0) { 1180 len--; 1181 if (len == 0) 1182 return; 1183 } 1184 len--; 1185 tty = tty_port_tty_get(&dlci->port); 1186 gsm_process_modem(tty, dlci, modem, slen - len); 1187 if (tty) { 1188 tty_wakeup(tty); 1189 tty_kref_put(tty); 1190 } 1191 gsm_control_reply(gsm, CMD_MSC, data, clen); 1192 } 1193 1194 /** 1195 * gsm_control_rls - remote line status 1196 * @gsm: GSM channel 1197 * @data: data bytes 1198 * @clen: data length 1199 * 1200 * The modem sends us a two byte message on the control channel whenever 1201 * it wishes to send us an error state from the virtual link. Stuff 1202 * this into the uplink tty if present 1203 */ 1204 1205 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen) 1206 { 1207 struct tty_port *port; 1208 unsigned int addr = 0; 1209 u8 bits; 1210 int len = clen; 1211 const u8 *dp = data; 1212 1213 while (gsm_read_ea(&addr, *dp++) == 0) { 1214 len--; 1215 if (len == 0) 1216 return; 1217 } 1218 /* Must be at least one byte following ea */ 1219 len--; 1220 if (len <= 0) 1221 return; 1222 addr >>= 1; 1223 /* Closed port, or invalid ? */ 1224 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1225 return; 1226 /* No error ? */ 1227 bits = *dp; 1228 if ((bits & 1) == 0) 1229 return; 1230 1231 port = &gsm->dlci[addr]->port; 1232 1233 if (bits & 2) 1234 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1235 if (bits & 4) 1236 tty_insert_flip_char(port, 0, TTY_PARITY); 1237 if (bits & 8) 1238 tty_insert_flip_char(port, 0, TTY_FRAME); 1239 1240 tty_flip_buffer_push(port); 1241 1242 gsm_control_reply(gsm, CMD_RLS, data, clen); 1243 } 1244 1245 static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1246 1247 /** 1248 * gsm_control_message - DLCI 0 control processing 1249 * @gsm: our GSM mux 1250 * @command: the command EA 1251 * @data: data beyond the command/length EAs 1252 * @clen: length 1253 * 1254 * Input processor for control messages from the other end of the link. 1255 * Processes the incoming request and queues a response frame or an 1256 * NSC response if not supported 1257 */ 1258 1259 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1260 const u8 *data, int clen) 1261 { 1262 u8 buf[1]; 1263 unsigned long flags; 1264 1265 switch (command) { 1266 case CMD_CLD: { 1267 struct gsm_dlci *dlci = gsm->dlci[0]; 1268 /* Modem wishes to close down */ 1269 if (dlci) { 1270 dlci->dead = true; 1271 gsm->dead = true; 1272 gsm_dlci_begin_close(dlci); 1273 } 1274 } 1275 break; 1276 case CMD_TEST: 1277 /* Modem wishes to test, reply with the data */ 1278 gsm_control_reply(gsm, CMD_TEST, data, clen); 1279 break; 1280 case CMD_FCON: 1281 /* Modem can accept data again */ 1282 gsm->constipated = false; 1283 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1284 /* Kick the link in case it is idling */ 1285 spin_lock_irqsave(&gsm->tx_lock, flags); 1286 gsm_data_kick(gsm, NULL); 1287 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1288 break; 1289 case CMD_FCOFF: 1290 /* Modem wants us to STFU */ 1291 gsm->constipated = true; 1292 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1293 break; 1294 case CMD_MSC: 1295 /* Out of band modem line change indicator for a DLCI */ 1296 gsm_control_modem(gsm, data, clen); 1297 break; 1298 case CMD_RLS: 1299 /* Out of band error reception for a DLCI */ 1300 gsm_control_rls(gsm, data, clen); 1301 break; 1302 case CMD_PSC: 1303 /* Modem wishes to enter power saving state */ 1304 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1305 break; 1306 /* Optional unsupported commands */ 1307 case CMD_PN: /* Parameter negotiation */ 1308 case CMD_RPN: /* Remote port negotiation */ 1309 case CMD_SNC: /* Service negotiation command */ 1310 default: 1311 /* Reply to bad commands with an NSC */ 1312 buf[0] = command; 1313 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1314 break; 1315 } 1316 } 1317 1318 /** 1319 * gsm_control_response - process a response to our control 1320 * @gsm: our GSM mux 1321 * @command: the command (response) EA 1322 * @data: data beyond the command/length EA 1323 * @clen: length 1324 * 1325 * Process a response to an outstanding command. We only allow a single 1326 * control message in flight so this is fairly easy. All the clean up 1327 * is done by the caller, we just update the fields, flag it as done 1328 * and return 1329 */ 1330 1331 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1332 const u8 *data, int clen) 1333 { 1334 struct gsm_control *ctrl; 1335 unsigned long flags; 1336 1337 spin_lock_irqsave(&gsm->control_lock, flags); 1338 1339 ctrl = gsm->pending_cmd; 1340 /* Does the reply match our command */ 1341 command |= 1; 1342 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1343 /* Our command was replied to, kill the retry timer */ 1344 del_timer(&gsm->t2_timer); 1345 gsm->pending_cmd = NULL; 1346 /* Rejected by the other end */ 1347 if (command == CMD_NSC) 1348 ctrl->error = -EOPNOTSUPP; 1349 ctrl->done = 1; 1350 wake_up(&gsm->event); 1351 } 1352 spin_unlock_irqrestore(&gsm->control_lock, flags); 1353 } 1354 1355 /** 1356 * gsm_control_transmit - send control packet 1357 * @gsm: gsm mux 1358 * @ctrl: frame to send 1359 * 1360 * Send out a pending control command (called under control lock) 1361 */ 1362 1363 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1364 { 1365 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype); 1366 if (msg == NULL) 1367 return; 1368 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */ 1369 msg->data[1] = (ctrl->len << 1) | EA; 1370 memcpy(msg->data + 2, ctrl->data, ctrl->len); 1371 gsm_data_queue(gsm->dlci[0], msg); 1372 } 1373 1374 /** 1375 * gsm_control_retransmit - retransmit a control frame 1376 * @t: timer contained in our gsm object 1377 * 1378 * Called off the T2 timer expiry in order to retransmit control frames 1379 * that have been lost in the system somewhere. The control_lock protects 1380 * us from colliding with another sender or a receive completion event. 1381 * In that situation the timer may still occur in a small window but 1382 * gsm->pending_cmd will be NULL and we just let the timer expire. 1383 */ 1384 1385 static void gsm_control_retransmit(struct timer_list *t) 1386 { 1387 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer); 1388 struct gsm_control *ctrl; 1389 unsigned long flags; 1390 spin_lock_irqsave(&gsm->control_lock, flags); 1391 ctrl = gsm->pending_cmd; 1392 if (ctrl) { 1393 if (gsm->cretries == 0) { 1394 gsm->pending_cmd = NULL; 1395 ctrl->error = -ETIMEDOUT; 1396 ctrl->done = 1; 1397 spin_unlock_irqrestore(&gsm->control_lock, flags); 1398 wake_up(&gsm->event); 1399 return; 1400 } 1401 gsm->cretries--; 1402 gsm_control_transmit(gsm, ctrl); 1403 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1404 } 1405 spin_unlock_irqrestore(&gsm->control_lock, flags); 1406 } 1407 1408 /** 1409 * gsm_control_send - send a control frame on DLCI 0 1410 * @gsm: the GSM channel 1411 * @command: command to send including CR bit 1412 * @data: bytes of data (must be kmalloced) 1413 * @clen: length of the block to send 1414 * 1415 * Queue and dispatch a control command. Only one command can be 1416 * active at a time. In theory more can be outstanding but the matching 1417 * gets really complicated so for now stick to one outstanding. 1418 */ 1419 1420 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1421 unsigned int command, u8 *data, int clen) 1422 { 1423 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1424 GFP_KERNEL); 1425 unsigned long flags; 1426 if (ctrl == NULL) 1427 return NULL; 1428 retry: 1429 wait_event(gsm->event, gsm->pending_cmd == NULL); 1430 spin_lock_irqsave(&gsm->control_lock, flags); 1431 if (gsm->pending_cmd != NULL) { 1432 spin_unlock_irqrestore(&gsm->control_lock, flags); 1433 goto retry; 1434 } 1435 ctrl->cmd = command; 1436 ctrl->data = data; 1437 ctrl->len = clen; 1438 gsm->pending_cmd = ctrl; 1439 1440 /* If DLCI0 is in ADM mode skip retries, it won't respond */ 1441 if (gsm->dlci[0]->mode == DLCI_MODE_ADM) 1442 gsm->cretries = 0; 1443 else 1444 gsm->cretries = gsm->n2; 1445 1446 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1447 gsm_control_transmit(gsm, ctrl); 1448 spin_unlock_irqrestore(&gsm->control_lock, flags); 1449 return ctrl; 1450 } 1451 1452 /** 1453 * gsm_control_wait - wait for a control to finish 1454 * @gsm: GSM mux 1455 * @control: control we are waiting on 1456 * 1457 * Waits for the control to complete or time out. Frees any used 1458 * resources and returns 0 for success, or an error if the remote 1459 * rejected or ignored the request. 1460 */ 1461 1462 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1463 { 1464 int err; 1465 wait_event(gsm->event, control->done == 1); 1466 err = control->error; 1467 kfree(control); 1468 return err; 1469 } 1470 1471 1472 /* 1473 * DLCI level handling: Needs krefs 1474 */ 1475 1476 /* 1477 * State transitions and timers 1478 */ 1479 1480 /** 1481 * gsm_dlci_close - a DLCI has closed 1482 * @dlci: DLCI that closed 1483 * 1484 * Perform processing when moving a DLCI into closed state. If there 1485 * is an attached tty this is hung up 1486 */ 1487 1488 static void gsm_dlci_close(struct gsm_dlci *dlci) 1489 { 1490 unsigned long flags; 1491 1492 del_timer(&dlci->t1); 1493 if (debug & 8) 1494 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1495 dlci->state = DLCI_CLOSED; 1496 if (dlci->addr != 0) { 1497 tty_port_tty_hangup(&dlci->port, false); 1498 spin_lock_irqsave(&dlci->lock, flags); 1499 kfifo_reset(&dlci->fifo); 1500 spin_unlock_irqrestore(&dlci->lock, flags); 1501 /* Ensure that gsmtty_open() can return. */ 1502 tty_port_set_initialized(&dlci->port, 0); 1503 wake_up_interruptible(&dlci->port.open_wait); 1504 } else 1505 dlci->gsm->dead = true; 1506 wake_up(&dlci->gsm->event); 1507 /* A DLCI 0 close is a MUX termination so we need to kick that 1508 back to userspace somehow */ 1509 } 1510 1511 /** 1512 * gsm_dlci_open - a DLCI has opened 1513 * @dlci: DLCI that opened 1514 * 1515 * Perform processing when moving a DLCI into open state. 1516 */ 1517 1518 static void gsm_dlci_open(struct gsm_dlci *dlci) 1519 { 1520 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1521 open -> open */ 1522 del_timer(&dlci->t1); 1523 /* This will let a tty open continue */ 1524 dlci->state = DLCI_OPEN; 1525 if (debug & 8) 1526 pr_debug("DLCI %d goes open.\n", dlci->addr); 1527 /* Send current modem state */ 1528 if (dlci->addr) 1529 gsm_modem_update(dlci, 0); 1530 wake_up(&dlci->gsm->event); 1531 } 1532 1533 /** 1534 * gsm_dlci_t1 - T1 timer expiry 1535 * @t: timer contained in the DLCI that opened 1536 * 1537 * The T1 timer handles retransmits of control frames (essentially of 1538 * SABM and DISC). We resend the command until the retry count runs out 1539 * in which case an opening port goes back to closed and a closing port 1540 * is simply put into closed state (any further frames from the other 1541 * end will get a DM response) 1542 * 1543 * Some control dlci can stay in ADM mode with other dlci working just 1544 * fine. In that case we can just keep the control dlci open after the 1545 * DLCI_OPENING retries time out. 1546 */ 1547 1548 static void gsm_dlci_t1(struct timer_list *t) 1549 { 1550 struct gsm_dlci *dlci = from_timer(dlci, t, t1); 1551 struct gsm_mux *gsm = dlci->gsm; 1552 1553 switch (dlci->state) { 1554 case DLCI_OPENING: 1555 dlci->retries--; 1556 if (dlci->retries) { 1557 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1558 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1559 } else if (!dlci->addr && gsm->control == (DM | PF)) { 1560 if (debug & 8) 1561 pr_info("DLCI %d opening in ADM mode.\n", 1562 dlci->addr); 1563 dlci->mode = DLCI_MODE_ADM; 1564 gsm_dlci_open(dlci); 1565 } else { 1566 gsm_dlci_begin_close(dlci); /* prevent half open link */ 1567 } 1568 1569 break; 1570 case DLCI_CLOSING: 1571 dlci->retries--; 1572 if (dlci->retries) { 1573 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1574 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1575 } else 1576 gsm_dlci_close(dlci); 1577 break; 1578 default: 1579 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state); 1580 break; 1581 } 1582 } 1583 1584 /** 1585 * gsm_dlci_begin_open - start channel open procedure 1586 * @dlci: DLCI to open 1587 * 1588 * Commence opening a DLCI from the Linux side. We issue SABM messages 1589 * to the modem which should then reply with a UA or ADM, at which point 1590 * we will move into open state. Opening is done asynchronously with retry 1591 * running off timers and the responses. 1592 */ 1593 1594 static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1595 { 1596 struct gsm_mux *gsm = dlci->gsm; 1597 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1598 return; 1599 dlci->retries = gsm->n2; 1600 dlci->state = DLCI_OPENING; 1601 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1602 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1603 } 1604 1605 /** 1606 * gsm_dlci_begin_close - start channel open procedure 1607 * @dlci: DLCI to open 1608 * 1609 * Commence closing a DLCI from the Linux side. We issue DISC messages 1610 * to the modem which should then reply with a UA, at which point we 1611 * will move into closed state. Closing is done asynchronously with retry 1612 * off timers. We may also receive a DM reply from the other end which 1613 * indicates the channel was already closed. 1614 */ 1615 1616 static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1617 { 1618 struct gsm_mux *gsm = dlci->gsm; 1619 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1620 return; 1621 dlci->retries = gsm->n2; 1622 dlci->state = DLCI_CLOSING; 1623 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1624 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1625 } 1626 1627 /** 1628 * gsm_dlci_data - data arrived 1629 * @dlci: channel 1630 * @data: block of bytes received 1631 * @clen: length of received block 1632 * 1633 * A UI or UIH frame has arrived which contains data for a channel 1634 * other than the control channel. If the relevant virtual tty is 1635 * open we shovel the bits down it, if not we drop them. 1636 */ 1637 1638 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen) 1639 { 1640 /* krefs .. */ 1641 struct tty_port *port = &dlci->port; 1642 struct tty_struct *tty; 1643 unsigned int modem = 0; 1644 int len = clen; 1645 int slen = 0; 1646 1647 if (debug & 16) 1648 pr_debug("%d bytes for tty\n", len); 1649 switch (dlci->adaption) { 1650 /* Unsupported types */ 1651 case 4: /* Packetised interruptible data */ 1652 break; 1653 case 3: /* Packetised uininterruptible voice/data */ 1654 break; 1655 case 2: /* Asynchronous serial with line state in each frame */ 1656 while (gsm_read_ea(&modem, *data++) == 0) { 1657 len--; 1658 slen++; 1659 if (len == 0) 1660 return; 1661 } 1662 len--; 1663 slen++; 1664 tty = tty_port_tty_get(port); 1665 if (tty) { 1666 gsm_process_modem(tty, dlci, modem, slen); 1667 tty_wakeup(tty); 1668 tty_kref_put(tty); 1669 } 1670 fallthrough; 1671 case 1: /* Line state will go via DLCI 0 controls only */ 1672 default: 1673 tty_insert_flip_string(port, data, len); 1674 tty_flip_buffer_push(port); 1675 } 1676 } 1677 1678 /** 1679 * gsm_dlci_command - data arrived on control channel 1680 * @dlci: channel 1681 * @data: block of bytes received 1682 * @len: length of received block 1683 * 1684 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1685 * control channel. This should contain a command EA followed by 1686 * control data bytes. The command EA contains a command/response bit 1687 * and we divide up the work accordingly. 1688 */ 1689 1690 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len) 1691 { 1692 /* See what command is involved */ 1693 unsigned int command = 0; 1694 while (len-- > 0) { 1695 if (gsm_read_ea(&command, *data++) == 1) { 1696 int clen = *data++; 1697 len--; 1698 /* FIXME: this is properly an EA */ 1699 clen >>= 1; 1700 /* Malformed command ? */ 1701 if (clen > len) 1702 return; 1703 if (command & 1) 1704 gsm_control_message(dlci->gsm, command, 1705 data, clen); 1706 else 1707 gsm_control_response(dlci->gsm, command, 1708 data, clen); 1709 return; 1710 } 1711 } 1712 } 1713 1714 /* 1715 * Allocate/Free DLCI channels 1716 */ 1717 1718 /** 1719 * gsm_dlci_alloc - allocate a DLCI 1720 * @gsm: GSM mux 1721 * @addr: address of the DLCI 1722 * 1723 * Allocate and install a new DLCI object into the GSM mux. 1724 * 1725 * FIXME: review locking races 1726 */ 1727 1728 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1729 { 1730 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1731 if (dlci == NULL) 1732 return NULL; 1733 spin_lock_init(&dlci->lock); 1734 mutex_init(&dlci->mutex); 1735 if (kfifo_alloc(&dlci->fifo, TX_SIZE, GFP_KERNEL) < 0) { 1736 kfree(dlci); 1737 return NULL; 1738 } 1739 1740 skb_queue_head_init(&dlci->skb_list); 1741 timer_setup(&dlci->t1, gsm_dlci_t1, 0); 1742 tty_port_init(&dlci->port); 1743 dlci->port.ops = &gsm_port_ops; 1744 dlci->gsm = gsm; 1745 dlci->addr = addr; 1746 dlci->adaption = gsm->adaption; 1747 dlci->state = DLCI_CLOSED; 1748 if (addr) 1749 dlci->data = gsm_dlci_data; 1750 else 1751 dlci->data = gsm_dlci_command; 1752 gsm->dlci[addr] = dlci; 1753 return dlci; 1754 } 1755 1756 /** 1757 * gsm_dlci_free - free DLCI 1758 * @port: tty port for DLCI to free 1759 * 1760 * Free up a DLCI. 1761 * 1762 * Can sleep. 1763 */ 1764 static void gsm_dlci_free(struct tty_port *port) 1765 { 1766 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1767 1768 del_timer_sync(&dlci->t1); 1769 dlci->gsm->dlci[dlci->addr] = NULL; 1770 kfifo_free(&dlci->fifo); 1771 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1772 dev_kfree_skb(dlci->skb); 1773 kfree(dlci); 1774 } 1775 1776 static inline void dlci_get(struct gsm_dlci *dlci) 1777 { 1778 tty_port_get(&dlci->port); 1779 } 1780 1781 static inline void dlci_put(struct gsm_dlci *dlci) 1782 { 1783 tty_port_put(&dlci->port); 1784 } 1785 1786 static void gsm_destroy_network(struct gsm_dlci *dlci); 1787 1788 /** 1789 * gsm_dlci_release - release DLCI 1790 * @dlci: DLCI to destroy 1791 * 1792 * Release a DLCI. Actual free is deferred until either 1793 * mux is closed or tty is closed - whichever is last. 1794 * 1795 * Can sleep. 1796 */ 1797 static void gsm_dlci_release(struct gsm_dlci *dlci) 1798 { 1799 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1800 if (tty) { 1801 mutex_lock(&dlci->mutex); 1802 gsm_destroy_network(dlci); 1803 mutex_unlock(&dlci->mutex); 1804 1805 /* We cannot use tty_hangup() because in tty_kref_put() the tty 1806 * driver assumes that the hangup queue is free and reuses it to 1807 * queue release_one_tty() -> NULL pointer panic in 1808 * process_one_work(). 1809 */ 1810 tty_vhangup(tty); 1811 1812 tty_port_tty_set(&dlci->port, NULL); 1813 tty_kref_put(tty); 1814 } 1815 dlci->state = DLCI_CLOSED; 1816 dlci_put(dlci); 1817 } 1818 1819 /* 1820 * LAPBish link layer logic 1821 */ 1822 1823 /** 1824 * gsm_queue - a GSM frame is ready to process 1825 * @gsm: pointer to our gsm mux 1826 * 1827 * At this point in time a frame has arrived and been demangled from 1828 * the line encoding. All the differences between the encodings have 1829 * been handled below us and the frame is unpacked into the structures. 1830 * The fcs holds the header FCS but any data FCS must be added here. 1831 */ 1832 1833 static void gsm_queue(struct gsm_mux *gsm) 1834 { 1835 struct gsm_dlci *dlci; 1836 u8 cr; 1837 int address; 1838 1839 if (gsm->fcs != GOOD_FCS) { 1840 gsm->bad_fcs++; 1841 if (debug & 4) 1842 pr_debug("BAD FCS %02x\n", gsm->fcs); 1843 return; 1844 } 1845 address = gsm->address >> 1; 1846 if (address >= NUM_DLCI) 1847 goto invalid; 1848 1849 cr = gsm->address & 1; /* C/R bit */ 1850 cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */ 1851 1852 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1853 1854 dlci = gsm->dlci[address]; 1855 1856 switch (gsm->control) { 1857 case SABM|PF: 1858 if (cr == 1) 1859 goto invalid; 1860 if (dlci == NULL) 1861 dlci = gsm_dlci_alloc(gsm, address); 1862 if (dlci == NULL) 1863 return; 1864 if (dlci->dead) 1865 gsm_response(gsm, address, DM|PF); 1866 else { 1867 gsm_response(gsm, address, UA|PF); 1868 gsm_dlci_open(dlci); 1869 } 1870 break; 1871 case DISC|PF: 1872 if (cr == 1) 1873 goto invalid; 1874 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1875 gsm_response(gsm, address, DM|PF); 1876 return; 1877 } 1878 /* Real close complete */ 1879 gsm_response(gsm, address, UA|PF); 1880 gsm_dlci_close(dlci); 1881 break; 1882 case UA|PF: 1883 if (cr == 0 || dlci == NULL) 1884 break; 1885 switch (dlci->state) { 1886 case DLCI_CLOSING: 1887 gsm_dlci_close(dlci); 1888 break; 1889 case DLCI_OPENING: 1890 gsm_dlci_open(dlci); 1891 break; 1892 default: 1893 pr_debug("%s: unhandled state: %d\n", __func__, 1894 dlci->state); 1895 break; 1896 } 1897 break; 1898 case DM: /* DM can be valid unsolicited */ 1899 case DM|PF: 1900 if (cr) 1901 goto invalid; 1902 if (dlci == NULL) 1903 return; 1904 gsm_dlci_close(dlci); 1905 break; 1906 case UI: 1907 case UI|PF: 1908 case UIH: 1909 case UIH|PF: 1910 #if 0 1911 if (cr) 1912 goto invalid; 1913 #endif 1914 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1915 gsm_command(gsm, address, DM|PF); 1916 return; 1917 } 1918 dlci->data(dlci, gsm->buf, gsm->len); 1919 break; 1920 default: 1921 goto invalid; 1922 } 1923 return; 1924 invalid: 1925 gsm->malformed++; 1926 return; 1927 } 1928 1929 1930 /** 1931 * gsm0_receive - perform processing for non-transparency 1932 * @gsm: gsm data for this ldisc instance 1933 * @c: character 1934 * 1935 * Receive bytes in gsm mode 0 1936 */ 1937 1938 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1939 { 1940 unsigned int len; 1941 1942 switch (gsm->state) { 1943 case GSM_SEARCH: /* SOF marker */ 1944 if (c == GSM0_SOF) { 1945 gsm->state = GSM_ADDRESS; 1946 gsm->address = 0; 1947 gsm->len = 0; 1948 gsm->fcs = INIT_FCS; 1949 } 1950 break; 1951 case GSM_ADDRESS: /* Address EA */ 1952 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1953 if (gsm_read_ea(&gsm->address, c)) 1954 gsm->state = GSM_CONTROL; 1955 break; 1956 case GSM_CONTROL: /* Control Byte */ 1957 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1958 gsm->control = c; 1959 gsm->state = GSM_LEN0; 1960 break; 1961 case GSM_LEN0: /* Length EA */ 1962 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1963 if (gsm_read_ea(&gsm->len, c)) { 1964 if (gsm->len > gsm->mru) { 1965 gsm->bad_size++; 1966 gsm->state = GSM_SEARCH; 1967 break; 1968 } 1969 gsm->count = 0; 1970 if (!gsm->len) 1971 gsm->state = GSM_FCS; 1972 else 1973 gsm->state = GSM_DATA; 1974 break; 1975 } 1976 gsm->state = GSM_LEN1; 1977 break; 1978 case GSM_LEN1: 1979 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1980 len = c; 1981 gsm->len |= len << 7; 1982 if (gsm->len > gsm->mru) { 1983 gsm->bad_size++; 1984 gsm->state = GSM_SEARCH; 1985 break; 1986 } 1987 gsm->count = 0; 1988 if (!gsm->len) 1989 gsm->state = GSM_FCS; 1990 else 1991 gsm->state = GSM_DATA; 1992 break; 1993 case GSM_DATA: /* Data */ 1994 gsm->buf[gsm->count++] = c; 1995 if (gsm->count == gsm->len) { 1996 /* Calculate final FCS for UI frames over all data */ 1997 if ((gsm->control & ~PF) != UIH) { 1998 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, 1999 gsm->count); 2000 } 2001 gsm->state = GSM_FCS; 2002 } 2003 break; 2004 case GSM_FCS: /* FCS follows the packet */ 2005 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2006 gsm->state = GSM_SSOF; 2007 break; 2008 case GSM_SSOF: 2009 gsm->state = GSM_SEARCH; 2010 if (c == GSM0_SOF) 2011 gsm_queue(gsm); 2012 else 2013 gsm->bad_size++; 2014 break; 2015 default: 2016 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state); 2017 break; 2018 } 2019 } 2020 2021 /** 2022 * gsm1_receive - perform processing for non-transparency 2023 * @gsm: gsm data for this ldisc instance 2024 * @c: character 2025 * 2026 * Receive bytes in mode 1 (Advanced option) 2027 */ 2028 2029 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 2030 { 2031 /* handle XON/XOFF */ 2032 if ((c & ISO_IEC_646_MASK) == XON) { 2033 gsm->constipated = true; 2034 return; 2035 } else if ((c & ISO_IEC_646_MASK) == XOFF) { 2036 gsm->constipated = false; 2037 /* Kick the link in case it is idling */ 2038 gsm_data_kick(gsm, NULL); 2039 return; 2040 } 2041 if (c == GSM1_SOF) { 2042 /* EOF is only valid in frame if we have got to the data state */ 2043 if (gsm->state == GSM_DATA) { 2044 if (gsm->count < 1) { 2045 /* Missing FSC */ 2046 gsm->malformed++; 2047 gsm->state = GSM_START; 2048 return; 2049 } 2050 /* Remove the FCS from data */ 2051 gsm->count--; 2052 if ((gsm->control & ~PF) != UIH) { 2053 /* Calculate final FCS for UI frames over all 2054 * data but FCS 2055 */ 2056 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, 2057 gsm->count); 2058 } 2059 /* Add the FCS itself to test against GOOD_FCS */ 2060 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 2061 gsm->len = gsm->count; 2062 gsm_queue(gsm); 2063 gsm->state = GSM_START; 2064 return; 2065 } 2066 /* Any partial frame was a runt so go back to start */ 2067 if (gsm->state != GSM_START) { 2068 if (gsm->state != GSM_SEARCH) 2069 gsm->malformed++; 2070 gsm->state = GSM_START; 2071 } 2072 /* A SOF in GSM_START means we are still reading idling or 2073 framing bytes */ 2074 return; 2075 } 2076 2077 if (c == GSM1_ESCAPE) { 2078 gsm->escape = true; 2079 return; 2080 } 2081 2082 /* Only an unescaped SOF gets us out of GSM search */ 2083 if (gsm->state == GSM_SEARCH) 2084 return; 2085 2086 if (gsm->escape) { 2087 c ^= GSM1_ESCAPE_BITS; 2088 gsm->escape = false; 2089 } 2090 switch (gsm->state) { 2091 case GSM_START: /* First byte after SOF */ 2092 gsm->address = 0; 2093 gsm->state = GSM_ADDRESS; 2094 gsm->fcs = INIT_FCS; 2095 fallthrough; 2096 case GSM_ADDRESS: /* Address continuation */ 2097 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2098 if (gsm_read_ea(&gsm->address, c)) 2099 gsm->state = GSM_CONTROL; 2100 break; 2101 case GSM_CONTROL: /* Control Byte */ 2102 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2103 gsm->control = c; 2104 gsm->count = 0; 2105 gsm->state = GSM_DATA; 2106 break; 2107 case GSM_DATA: /* Data */ 2108 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 2109 gsm->state = GSM_OVERRUN; 2110 gsm->bad_size++; 2111 } else 2112 gsm->buf[gsm->count++] = c; 2113 break; 2114 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 2115 break; 2116 default: 2117 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state); 2118 break; 2119 } 2120 } 2121 2122 /** 2123 * gsm_error - handle tty error 2124 * @gsm: ldisc data 2125 * 2126 * Handle an error in the receipt of data for a frame. Currently we just 2127 * go back to hunting for a SOF. 2128 * 2129 * FIXME: better diagnostics ? 2130 */ 2131 2132 static void gsm_error(struct gsm_mux *gsm) 2133 { 2134 gsm->state = GSM_SEARCH; 2135 gsm->io_error++; 2136 } 2137 2138 /** 2139 * gsm_cleanup_mux - generic GSM protocol cleanup 2140 * @gsm: our mux 2141 * @disc: disconnect link? 2142 * 2143 * Clean up the bits of the mux which are the same for all framing 2144 * protocols. Remove the mux from the mux table, stop all the timers 2145 * and then shut down each device hanging up the channels as we go. 2146 */ 2147 2148 static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc) 2149 { 2150 int i; 2151 struct gsm_dlci *dlci = gsm->dlci[0]; 2152 struct gsm_msg *txq, *ntxq; 2153 2154 gsm->dead = true; 2155 mutex_lock(&gsm->mutex); 2156 2157 if (dlci) { 2158 if (disc && dlci->state != DLCI_CLOSED) { 2159 gsm_dlci_begin_close(dlci); 2160 wait_event(gsm->event, dlci->state == DLCI_CLOSED); 2161 } 2162 dlci->dead = true; 2163 } 2164 2165 /* Finish outstanding timers, making sure they are done */ 2166 del_timer_sync(&gsm->t2_timer); 2167 2168 /* Free up any link layer users and finally the control channel */ 2169 for (i = NUM_DLCI - 1; i >= 0; i--) 2170 if (gsm->dlci[i]) 2171 gsm_dlci_release(gsm->dlci[i]); 2172 mutex_unlock(&gsm->mutex); 2173 /* Now wipe the queues */ 2174 tty_ldisc_flush(gsm->tty); 2175 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2176 kfree(txq); 2177 INIT_LIST_HEAD(&gsm->tx_list); 2178 } 2179 2180 /** 2181 * gsm_activate_mux - generic GSM setup 2182 * @gsm: our mux 2183 * 2184 * Set up the bits of the mux which are the same for all framing 2185 * protocols. Add the mux to the mux table so it can be opened and 2186 * finally kick off connecting to DLCI 0 on the modem. 2187 */ 2188 2189 static int gsm_activate_mux(struct gsm_mux *gsm) 2190 { 2191 struct gsm_dlci *dlci; 2192 2193 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0); 2194 init_waitqueue_head(&gsm->event); 2195 spin_lock_init(&gsm->control_lock); 2196 spin_lock_init(&gsm->tx_lock); 2197 2198 if (gsm->encoding == 0) 2199 gsm->receive = gsm0_receive; 2200 else 2201 gsm->receive = gsm1_receive; 2202 2203 dlci = gsm_dlci_alloc(gsm, 0); 2204 if (dlci == NULL) 2205 return -ENOMEM; 2206 gsm->dead = false; /* Tty opens are now permissible */ 2207 return 0; 2208 } 2209 2210 /** 2211 * gsm_free_mux - free up a mux 2212 * @gsm: mux to free 2213 * 2214 * Dispose of allocated resources for a dead mux 2215 */ 2216 static void gsm_free_mux(struct gsm_mux *gsm) 2217 { 2218 int i; 2219 2220 for (i = 0; i < MAX_MUX; i++) { 2221 if (gsm == gsm_mux[i]) { 2222 gsm_mux[i] = NULL; 2223 break; 2224 } 2225 } 2226 mutex_destroy(&gsm->mutex); 2227 kfree(gsm->txframe); 2228 kfree(gsm->buf); 2229 kfree(gsm); 2230 } 2231 2232 /** 2233 * gsm_free_muxr - free up a mux 2234 * @ref: kreference to the mux to free 2235 * 2236 * Dispose of allocated resources for a dead mux 2237 */ 2238 static void gsm_free_muxr(struct kref *ref) 2239 { 2240 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2241 gsm_free_mux(gsm); 2242 } 2243 2244 static inline void mux_get(struct gsm_mux *gsm) 2245 { 2246 unsigned long flags; 2247 2248 spin_lock_irqsave(&gsm_mux_lock, flags); 2249 kref_get(&gsm->ref); 2250 spin_unlock_irqrestore(&gsm_mux_lock, flags); 2251 } 2252 2253 static inline void mux_put(struct gsm_mux *gsm) 2254 { 2255 unsigned long flags; 2256 2257 spin_lock_irqsave(&gsm_mux_lock, flags); 2258 kref_put(&gsm->ref, gsm_free_muxr); 2259 spin_unlock_irqrestore(&gsm_mux_lock, flags); 2260 } 2261 2262 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm) 2263 { 2264 return gsm->num * NUM_DLCI; 2265 } 2266 2267 static inline unsigned int mux_line_to_num(unsigned int line) 2268 { 2269 return line / NUM_DLCI; 2270 } 2271 2272 /** 2273 * gsm_alloc_mux - allocate a mux 2274 * 2275 * Creates a new mux ready for activation. 2276 */ 2277 2278 static struct gsm_mux *gsm_alloc_mux(void) 2279 { 2280 int i; 2281 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2282 if (gsm == NULL) 2283 return NULL; 2284 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2285 if (gsm->buf == NULL) { 2286 kfree(gsm); 2287 return NULL; 2288 } 2289 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL); 2290 if (gsm->txframe == NULL) { 2291 kfree(gsm->buf); 2292 kfree(gsm); 2293 return NULL; 2294 } 2295 spin_lock_init(&gsm->lock); 2296 mutex_init(&gsm->mutex); 2297 kref_init(&gsm->ref); 2298 INIT_LIST_HEAD(&gsm->tx_list); 2299 2300 gsm->t1 = T1; 2301 gsm->t2 = T2; 2302 gsm->n2 = N2; 2303 gsm->ftype = UIH; 2304 gsm->adaption = 1; 2305 gsm->encoding = 1; 2306 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2307 gsm->mtu = 64; 2308 gsm->dead = true; /* Avoid early tty opens */ 2309 2310 /* Store the instance to the mux array or abort if no space is 2311 * available. 2312 */ 2313 spin_lock(&gsm_mux_lock); 2314 for (i = 0; i < MAX_MUX; i++) { 2315 if (!gsm_mux[i]) { 2316 gsm_mux[i] = gsm; 2317 gsm->num = i; 2318 break; 2319 } 2320 } 2321 spin_unlock(&gsm_mux_lock); 2322 if (i == MAX_MUX) { 2323 mutex_destroy(&gsm->mutex); 2324 kfree(gsm->txframe); 2325 kfree(gsm->buf); 2326 kfree(gsm); 2327 return NULL; 2328 } 2329 2330 return gsm; 2331 } 2332 2333 static void gsm_copy_config_values(struct gsm_mux *gsm, 2334 struct gsm_config *c) 2335 { 2336 memset(c, 0, sizeof(*c)); 2337 c->adaption = gsm->adaption; 2338 c->encapsulation = gsm->encoding; 2339 c->initiator = gsm->initiator; 2340 c->t1 = gsm->t1; 2341 c->t2 = gsm->t2; 2342 c->t3 = 0; /* Not supported */ 2343 c->n2 = gsm->n2; 2344 if (gsm->ftype == UIH) 2345 c->i = 1; 2346 else 2347 c->i = 2; 2348 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i); 2349 c->mru = gsm->mru; 2350 c->mtu = gsm->mtu; 2351 c->k = 0; 2352 } 2353 2354 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c) 2355 { 2356 int ret = 0; 2357 int need_close = 0; 2358 int need_restart = 0; 2359 2360 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2361 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2362 return -EOPNOTSUPP; 2363 /* Check the MRU/MTU range looks sane */ 2364 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2365 return -EINVAL; 2366 if (c->n2 > 255) 2367 return -EINVAL; 2368 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2369 return -EINVAL; 2370 if (c->initiator > 1) 2371 return -EINVAL; 2372 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2373 return -EINVAL; 2374 /* 2375 * See what is needed for reconfiguration 2376 */ 2377 2378 /* Timing fields */ 2379 if (c->t1 != 0 && c->t1 != gsm->t1) 2380 need_restart = 1; 2381 if (c->t2 != 0 && c->t2 != gsm->t2) 2382 need_restart = 1; 2383 if (c->encapsulation != gsm->encoding) 2384 need_restart = 1; 2385 if (c->adaption != gsm->adaption) 2386 need_restart = 1; 2387 /* Requires care */ 2388 if (c->initiator != gsm->initiator) 2389 need_close = 1; 2390 if (c->mru != gsm->mru) 2391 need_restart = 1; 2392 if (c->mtu != gsm->mtu) 2393 need_restart = 1; 2394 2395 /* 2396 * Close down what is needed, restart and initiate the new 2397 * configuration. On the first time there is no DLCI[0] 2398 * and closing or cleaning up is not necessary. 2399 */ 2400 if (need_close || need_restart) 2401 gsm_cleanup_mux(gsm, true); 2402 2403 gsm->initiator = c->initiator; 2404 gsm->mru = c->mru; 2405 gsm->mtu = c->mtu; 2406 gsm->encoding = c->encapsulation; 2407 gsm->adaption = c->adaption; 2408 gsm->n2 = c->n2; 2409 2410 if (c->i == 1) 2411 gsm->ftype = UIH; 2412 else if (c->i == 2) 2413 gsm->ftype = UI; 2414 2415 if (c->t1) 2416 gsm->t1 = c->t1; 2417 if (c->t2) 2418 gsm->t2 = c->t2; 2419 2420 /* 2421 * FIXME: We need to separate activation/deactivation from adding 2422 * and removing from the mux array 2423 */ 2424 if (gsm->dead) { 2425 ret = gsm_activate_mux(gsm); 2426 if (ret) 2427 return ret; 2428 if (gsm->initiator) 2429 gsm_dlci_begin_open(gsm->dlci[0]); 2430 } 2431 return 0; 2432 } 2433 2434 /** 2435 * gsmld_output - write to link 2436 * @gsm: our mux 2437 * @data: bytes to output 2438 * @len: size 2439 * 2440 * Write a block of data from the GSM mux to the data channel. This 2441 * will eventually be serialized from above but at the moment isn't. 2442 */ 2443 2444 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2445 { 2446 if (tty_write_room(gsm->tty) < len) { 2447 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2448 return -ENOSPC; 2449 } 2450 if (debug & 4) 2451 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET, 2452 data, len); 2453 return gsm->tty->ops->write(gsm->tty, data, len); 2454 } 2455 2456 /** 2457 * gsmld_attach_gsm - mode set up 2458 * @tty: our tty structure 2459 * @gsm: our mux 2460 * 2461 * Set up the MUX for basic mode and commence connecting to the 2462 * modem. Currently called from the line discipline set up but 2463 * will need moving to an ioctl path. 2464 */ 2465 2466 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2467 { 2468 unsigned int base; 2469 int ret, i; 2470 2471 gsm->tty = tty_kref_get(tty); 2472 /* Turn off tty XON/XOFF handling to handle it explicitly. */ 2473 gsm->old_c_iflag = tty->termios.c_iflag; 2474 tty->termios.c_iflag &= (IXON | IXOFF); 2475 ret = gsm_activate_mux(gsm); 2476 if (ret != 0) 2477 tty_kref_put(gsm->tty); 2478 else { 2479 /* Don't register device 0 - this is the control channel and not 2480 a usable tty interface */ 2481 base = mux_num_to_base(gsm); /* Base for this MUX */ 2482 for (i = 1; i < NUM_DLCI; i++) { 2483 struct device *dev; 2484 2485 dev = tty_register_device(gsm_tty_driver, 2486 base + i, NULL); 2487 if (IS_ERR(dev)) { 2488 for (i--; i >= 1; i--) 2489 tty_unregister_device(gsm_tty_driver, 2490 base + i); 2491 return PTR_ERR(dev); 2492 } 2493 } 2494 } 2495 return ret; 2496 } 2497 2498 2499 /** 2500 * gsmld_detach_gsm - stop doing 0710 mux 2501 * @tty: tty attached to the mux 2502 * @gsm: mux 2503 * 2504 * Shutdown and then clean up the resources used by the line discipline 2505 */ 2506 2507 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2508 { 2509 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */ 2510 int i; 2511 2512 WARN_ON(tty != gsm->tty); 2513 for (i = 1; i < NUM_DLCI; i++) 2514 tty_unregister_device(gsm_tty_driver, base + i); 2515 /* Restore tty XON/XOFF handling. */ 2516 gsm->tty->termios.c_iflag = gsm->old_c_iflag; 2517 tty_kref_put(gsm->tty); 2518 gsm->tty = NULL; 2519 } 2520 2521 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2522 const char *fp, int count) 2523 { 2524 struct gsm_mux *gsm = tty->disc_data; 2525 char flags = TTY_NORMAL; 2526 2527 if (debug & 4) 2528 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET, 2529 cp, count); 2530 2531 for (; count; count--, cp++) { 2532 if (fp) 2533 flags = *fp++; 2534 switch (flags) { 2535 case TTY_NORMAL: 2536 gsm->receive(gsm, *cp); 2537 break; 2538 case TTY_OVERRUN: 2539 case TTY_BREAK: 2540 case TTY_PARITY: 2541 case TTY_FRAME: 2542 gsm_error(gsm); 2543 break; 2544 default: 2545 WARN_ONCE(1, "%s: unknown flag %d\n", 2546 tty_name(tty), flags); 2547 break; 2548 } 2549 } 2550 /* FASYNC if needed ? */ 2551 /* If clogged call tty_throttle(tty); */ 2552 } 2553 2554 /** 2555 * gsmld_flush_buffer - clean input queue 2556 * @tty: terminal device 2557 * 2558 * Flush the input buffer. Called when the line discipline is 2559 * being closed, when the tty layer wants the buffer flushed (eg 2560 * at hangup). 2561 */ 2562 2563 static void gsmld_flush_buffer(struct tty_struct *tty) 2564 { 2565 } 2566 2567 /** 2568 * gsmld_close - close the ldisc for this tty 2569 * @tty: device 2570 * 2571 * Called from the terminal layer when this line discipline is 2572 * being shut down, either because of a close or becsuse of a 2573 * discipline change. The function will not be called while other 2574 * ldisc methods are in progress. 2575 */ 2576 2577 static void gsmld_close(struct tty_struct *tty) 2578 { 2579 struct gsm_mux *gsm = tty->disc_data; 2580 2581 /* The ldisc locks and closes the port before calling our close. This 2582 * means we have no way to do a proper disconnect. We will not bother 2583 * to do one. 2584 */ 2585 gsm_cleanup_mux(gsm, false); 2586 2587 gsmld_detach_gsm(tty, gsm); 2588 2589 gsmld_flush_buffer(tty); 2590 /* Do other clean up here */ 2591 mux_put(gsm); 2592 } 2593 2594 /** 2595 * gsmld_open - open an ldisc 2596 * @tty: terminal to open 2597 * 2598 * Called when this line discipline is being attached to the 2599 * terminal device. Can sleep. Called serialized so that no 2600 * other events will occur in parallel. No further open will occur 2601 * until a close. 2602 */ 2603 2604 static int gsmld_open(struct tty_struct *tty) 2605 { 2606 struct gsm_mux *gsm; 2607 int ret; 2608 2609 if (tty->ops->write == NULL) 2610 return -EINVAL; 2611 2612 /* Attach our ldisc data */ 2613 gsm = gsm_alloc_mux(); 2614 if (gsm == NULL) 2615 return -ENOMEM; 2616 2617 tty->disc_data = gsm; 2618 tty->receive_room = 65536; 2619 2620 /* Attach the initial passive connection */ 2621 gsm->encoding = 1; 2622 2623 ret = gsmld_attach_gsm(tty, gsm); 2624 if (ret != 0) { 2625 gsm_cleanup_mux(gsm, false); 2626 mux_put(gsm); 2627 } 2628 return ret; 2629 } 2630 2631 /** 2632 * gsmld_write_wakeup - asynchronous I/O notifier 2633 * @tty: tty device 2634 * 2635 * Required for the ptys, serial driver etc. since processes 2636 * that attach themselves to the master and rely on ASYNC 2637 * IO must be woken up 2638 */ 2639 2640 static void gsmld_write_wakeup(struct tty_struct *tty) 2641 { 2642 struct gsm_mux *gsm = tty->disc_data; 2643 unsigned long flags; 2644 2645 /* Queue poll */ 2646 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2647 spin_lock_irqsave(&gsm->tx_lock, flags); 2648 gsm_data_kick(gsm, NULL); 2649 if (gsm->tx_bytes < TX_THRESH_LO) { 2650 gsm_dlci_data_sweep(gsm); 2651 } 2652 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2653 } 2654 2655 /** 2656 * gsmld_read - read function for tty 2657 * @tty: tty device 2658 * @file: file object 2659 * @buf: userspace buffer pointer 2660 * @nr: size of I/O 2661 * @cookie: unused 2662 * @offset: unused 2663 * 2664 * Perform reads for the line discipline. We are guaranteed that the 2665 * line discipline will not be closed under us but we may get multiple 2666 * parallel readers and must handle this ourselves. We may also get 2667 * a hangup. Always called in user context, may sleep. 2668 * 2669 * This code must be sure never to sleep through a hangup. 2670 */ 2671 2672 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2673 unsigned char *buf, size_t nr, 2674 void **cookie, unsigned long offset) 2675 { 2676 return -EOPNOTSUPP; 2677 } 2678 2679 /** 2680 * gsmld_write - write function for tty 2681 * @tty: tty device 2682 * @file: file object 2683 * @buf: userspace buffer pointer 2684 * @nr: size of I/O 2685 * 2686 * Called when the owner of the device wants to send a frame 2687 * itself (or some other control data). The data is transferred 2688 * as-is and must be properly framed and checksummed as appropriate 2689 * by userspace. Frames are either sent whole or not at all as this 2690 * avoids pain user side. 2691 */ 2692 2693 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2694 const unsigned char *buf, size_t nr) 2695 { 2696 int space = tty_write_room(tty); 2697 if (space >= nr) 2698 return tty->ops->write(tty, buf, nr); 2699 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2700 return -ENOBUFS; 2701 } 2702 2703 /** 2704 * gsmld_poll - poll method for N_GSM0710 2705 * @tty: terminal device 2706 * @file: file accessing it 2707 * @wait: poll table 2708 * 2709 * Called when the line discipline is asked to poll() for data or 2710 * for special events. This code is not serialized with respect to 2711 * other events save open/close. 2712 * 2713 * This code must be sure never to sleep through a hangup. 2714 * Called without the kernel lock held - fine 2715 */ 2716 2717 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file, 2718 poll_table *wait) 2719 { 2720 __poll_t mask = 0; 2721 struct gsm_mux *gsm = tty->disc_data; 2722 2723 poll_wait(file, &tty->read_wait, wait); 2724 poll_wait(file, &tty->write_wait, wait); 2725 if (tty_hung_up_p(file)) 2726 mask |= EPOLLHUP; 2727 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2728 mask |= EPOLLOUT | EPOLLWRNORM; 2729 if (gsm->dead) 2730 mask |= EPOLLHUP; 2731 return mask; 2732 } 2733 2734 static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd, 2735 unsigned long arg) 2736 { 2737 struct gsm_config c; 2738 struct gsm_mux *gsm = tty->disc_data; 2739 unsigned int base; 2740 2741 switch (cmd) { 2742 case GSMIOC_GETCONF: 2743 gsm_copy_config_values(gsm, &c); 2744 if (copy_to_user((void __user *)arg, &c, sizeof(c))) 2745 return -EFAULT; 2746 return 0; 2747 case GSMIOC_SETCONF: 2748 if (copy_from_user(&c, (void __user *)arg, sizeof(c))) 2749 return -EFAULT; 2750 return gsm_config(gsm, &c); 2751 case GSMIOC_GETFIRST: 2752 base = mux_num_to_base(gsm); 2753 return put_user(base + 1, (__u32 __user *)arg); 2754 default: 2755 return n_tty_ioctl_helper(tty, cmd, arg); 2756 } 2757 } 2758 2759 /* 2760 * Network interface 2761 * 2762 */ 2763 2764 static int gsm_mux_net_open(struct net_device *net) 2765 { 2766 pr_debug("%s called\n", __func__); 2767 netif_start_queue(net); 2768 return 0; 2769 } 2770 2771 static int gsm_mux_net_close(struct net_device *net) 2772 { 2773 netif_stop_queue(net); 2774 return 0; 2775 } 2776 2777 static void dlci_net_free(struct gsm_dlci *dlci) 2778 { 2779 if (!dlci->net) { 2780 WARN_ON(1); 2781 return; 2782 } 2783 dlci->adaption = dlci->prev_adaption; 2784 dlci->data = dlci->prev_data; 2785 free_netdev(dlci->net); 2786 dlci->net = NULL; 2787 } 2788 static void net_free(struct kref *ref) 2789 { 2790 struct gsm_mux_net *mux_net; 2791 struct gsm_dlci *dlci; 2792 2793 mux_net = container_of(ref, struct gsm_mux_net, ref); 2794 dlci = mux_net->dlci; 2795 2796 if (dlci->net) { 2797 unregister_netdev(dlci->net); 2798 dlci_net_free(dlci); 2799 } 2800 } 2801 2802 static inline void muxnet_get(struct gsm_mux_net *mux_net) 2803 { 2804 kref_get(&mux_net->ref); 2805 } 2806 2807 static inline void muxnet_put(struct gsm_mux_net *mux_net) 2808 { 2809 kref_put(&mux_net->ref, net_free); 2810 } 2811 2812 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb, 2813 struct net_device *net) 2814 { 2815 struct gsm_mux_net *mux_net = netdev_priv(net); 2816 struct gsm_dlci *dlci = mux_net->dlci; 2817 muxnet_get(mux_net); 2818 2819 skb_queue_head(&dlci->skb_list, skb); 2820 net->stats.tx_packets++; 2821 net->stats.tx_bytes += skb->len; 2822 gsm_dlci_data_kick(dlci); 2823 /* And tell the kernel when the last transmit started. */ 2824 netif_trans_update(net); 2825 muxnet_put(mux_net); 2826 return NETDEV_TX_OK; 2827 } 2828 2829 /* called when a packet did not ack after watchdogtimeout */ 2830 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue) 2831 { 2832 /* Tell syslog we are hosed. */ 2833 dev_dbg(&net->dev, "Tx timed out.\n"); 2834 2835 /* Update statistics */ 2836 net->stats.tx_errors++; 2837 } 2838 2839 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2840 const unsigned char *in_buf, int size) 2841 { 2842 struct net_device *net = dlci->net; 2843 struct sk_buff *skb; 2844 struct gsm_mux_net *mux_net = netdev_priv(net); 2845 muxnet_get(mux_net); 2846 2847 /* Allocate an sk_buff */ 2848 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2849 if (!skb) { 2850 /* We got no receive buffer. */ 2851 net->stats.rx_dropped++; 2852 muxnet_put(mux_net); 2853 return; 2854 } 2855 skb_reserve(skb, NET_IP_ALIGN); 2856 skb_put_data(skb, in_buf, size); 2857 2858 skb->dev = net; 2859 skb->protocol = htons(ETH_P_IP); 2860 2861 /* Ship it off to the kernel */ 2862 netif_rx(skb); 2863 2864 /* update out statistics */ 2865 net->stats.rx_packets++; 2866 net->stats.rx_bytes += size; 2867 muxnet_put(mux_net); 2868 return; 2869 } 2870 2871 static void gsm_mux_net_init(struct net_device *net) 2872 { 2873 static const struct net_device_ops gsm_netdev_ops = { 2874 .ndo_open = gsm_mux_net_open, 2875 .ndo_stop = gsm_mux_net_close, 2876 .ndo_start_xmit = gsm_mux_net_start_xmit, 2877 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2878 }; 2879 2880 net->netdev_ops = &gsm_netdev_ops; 2881 2882 /* fill in the other fields */ 2883 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2884 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2885 net->type = ARPHRD_NONE; 2886 net->tx_queue_len = 10; 2887 } 2888 2889 2890 /* caller holds the dlci mutex */ 2891 static void gsm_destroy_network(struct gsm_dlci *dlci) 2892 { 2893 struct gsm_mux_net *mux_net; 2894 2895 pr_debug("destroy network interface\n"); 2896 if (!dlci->net) 2897 return; 2898 mux_net = netdev_priv(dlci->net); 2899 muxnet_put(mux_net); 2900 } 2901 2902 2903 /* caller holds the dlci mutex */ 2904 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2905 { 2906 char *netname; 2907 int retval = 0; 2908 struct net_device *net; 2909 struct gsm_mux_net *mux_net; 2910 2911 if (!capable(CAP_NET_ADMIN)) 2912 return -EPERM; 2913 2914 /* Already in a non tty mode */ 2915 if (dlci->adaption > 2) 2916 return -EBUSY; 2917 2918 if (nc->protocol != htons(ETH_P_IP)) 2919 return -EPROTONOSUPPORT; 2920 2921 if (nc->adaption != 3 && nc->adaption != 4) 2922 return -EPROTONOSUPPORT; 2923 2924 pr_debug("create network interface\n"); 2925 2926 netname = "gsm%d"; 2927 if (nc->if_name[0] != '\0') 2928 netname = nc->if_name; 2929 net = alloc_netdev(sizeof(struct gsm_mux_net), netname, 2930 NET_NAME_UNKNOWN, gsm_mux_net_init); 2931 if (!net) { 2932 pr_err("alloc_netdev failed\n"); 2933 return -ENOMEM; 2934 } 2935 net->mtu = dlci->gsm->mtu; 2936 net->min_mtu = 8; 2937 net->max_mtu = dlci->gsm->mtu; 2938 mux_net = netdev_priv(net); 2939 mux_net->dlci = dlci; 2940 kref_init(&mux_net->ref); 2941 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2942 2943 /* reconfigure dlci for network */ 2944 dlci->prev_adaption = dlci->adaption; 2945 dlci->prev_data = dlci->data; 2946 dlci->adaption = nc->adaption; 2947 dlci->data = gsm_mux_rx_netchar; 2948 dlci->net = net; 2949 2950 pr_debug("register netdev\n"); 2951 retval = register_netdev(net); 2952 if (retval) { 2953 pr_err("network register fail %d\n", retval); 2954 dlci_net_free(dlci); 2955 return retval; 2956 } 2957 return net->ifindex; /* return network index */ 2958 } 2959 2960 /* Line discipline for real tty */ 2961 static struct tty_ldisc_ops tty_ldisc_packet = { 2962 .owner = THIS_MODULE, 2963 .num = N_GSM0710, 2964 .name = "n_gsm", 2965 .open = gsmld_open, 2966 .close = gsmld_close, 2967 .flush_buffer = gsmld_flush_buffer, 2968 .read = gsmld_read, 2969 .write = gsmld_write, 2970 .ioctl = gsmld_ioctl, 2971 .poll = gsmld_poll, 2972 .receive_buf = gsmld_receive_buf, 2973 .write_wakeup = gsmld_write_wakeup 2974 }; 2975 2976 /* 2977 * Virtual tty side 2978 */ 2979 2980 /** 2981 * gsm_modem_upd_via_data - send modem bits via convergence layer 2982 * @dlci: channel 2983 * @brk: break signal 2984 * 2985 * Send an empty frame to signal mobile state changes and to transmit the 2986 * break signal for adaption 2. 2987 */ 2988 2989 static void gsm_modem_upd_via_data(struct gsm_dlci *dlci, u8 brk) 2990 { 2991 struct gsm_mux *gsm = dlci->gsm; 2992 unsigned long flags; 2993 2994 if (dlci->state != DLCI_OPEN || dlci->adaption != 2) 2995 return; 2996 2997 spin_lock_irqsave(&gsm->tx_lock, flags); 2998 gsm_dlci_modem_output(gsm, dlci, brk); 2999 spin_unlock_irqrestore(&gsm->tx_lock, flags); 3000 } 3001 3002 /** 3003 * gsm_modem_upd_via_msc - send modem bits via control frame 3004 * @dlci: channel 3005 * @brk: break signal 3006 */ 3007 3008 static int gsm_modem_upd_via_msc(struct gsm_dlci *dlci, u8 brk) 3009 { 3010 u8 modembits[3]; 3011 struct gsm_control *ctrl; 3012 int len = 2; 3013 3014 if (dlci->gsm->encoding != 0) 3015 return 0; 3016 3017 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */ 3018 if (!brk) { 3019 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA; 3020 } else { 3021 modembits[1] = gsm_encode_modem(dlci) << 1; 3022 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */ 3023 len++; 3024 } 3025 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len); 3026 if (ctrl == NULL) 3027 return -ENOMEM; 3028 return gsm_control_wait(dlci->gsm, ctrl); 3029 } 3030 3031 /** 3032 * gsm_modem_update - send modem status line state 3033 * @dlci: channel 3034 * @brk: break signal 3035 */ 3036 3037 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk) 3038 { 3039 if (dlci->adaption == 2) { 3040 /* Send convergence layer type 2 empty data frame. */ 3041 gsm_modem_upd_via_data(dlci, brk); 3042 return 0; 3043 } else if (dlci->gsm->encoding == 0) { 3044 /* Send as MSC control message. */ 3045 return gsm_modem_upd_via_msc(dlci, brk); 3046 } 3047 3048 /* Modem status lines are not supported. */ 3049 return -EPROTONOSUPPORT; 3050 } 3051 3052 static int gsm_carrier_raised(struct tty_port *port) 3053 { 3054 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 3055 struct gsm_mux *gsm = dlci->gsm; 3056 3057 /* Not yet open so no carrier info */ 3058 if (dlci->state != DLCI_OPEN) 3059 return 0; 3060 if (debug & 2) 3061 return 1; 3062 3063 /* 3064 * Basic mode with control channel in ADM mode may not respond 3065 * to CMD_MSC at all and modem_rx is empty. 3066 */ 3067 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM && 3068 !dlci->modem_rx) 3069 return 1; 3070 3071 return dlci->modem_rx & TIOCM_CD; 3072 } 3073 3074 static void gsm_dtr_rts(struct tty_port *port, int onoff) 3075 { 3076 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 3077 unsigned int modem_tx = dlci->modem_tx; 3078 if (onoff) 3079 modem_tx |= TIOCM_DTR | TIOCM_RTS; 3080 else 3081 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 3082 if (modem_tx != dlci->modem_tx) { 3083 dlci->modem_tx = modem_tx; 3084 gsm_modem_update(dlci, 0); 3085 } 3086 } 3087 3088 static const struct tty_port_operations gsm_port_ops = { 3089 .carrier_raised = gsm_carrier_raised, 3090 .dtr_rts = gsm_dtr_rts, 3091 .destruct = gsm_dlci_free, 3092 }; 3093 3094 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 3095 { 3096 struct gsm_mux *gsm; 3097 struct gsm_dlci *dlci; 3098 unsigned int line = tty->index; 3099 unsigned int mux = mux_line_to_num(line); 3100 bool alloc = false; 3101 int ret; 3102 3103 line = line & 0x3F; 3104 3105 if (mux >= MAX_MUX) 3106 return -ENXIO; 3107 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 3108 if (gsm_mux[mux] == NULL) 3109 return -EUNATCH; 3110 if (line == 0 || line > 61) /* 62/63 reserved */ 3111 return -ECHRNG; 3112 gsm = gsm_mux[mux]; 3113 if (gsm->dead) 3114 return -EL2HLT; 3115 /* If DLCI 0 is not yet fully open return an error. 3116 This is ok from a locking 3117 perspective as we don't have to worry about this 3118 if DLCI0 is lost */ 3119 mutex_lock(&gsm->mutex); 3120 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) { 3121 mutex_unlock(&gsm->mutex); 3122 return -EL2NSYNC; 3123 } 3124 dlci = gsm->dlci[line]; 3125 if (dlci == NULL) { 3126 alloc = true; 3127 dlci = gsm_dlci_alloc(gsm, line); 3128 } 3129 if (dlci == NULL) { 3130 mutex_unlock(&gsm->mutex); 3131 return -ENOMEM; 3132 } 3133 ret = tty_port_install(&dlci->port, driver, tty); 3134 if (ret) { 3135 if (alloc) 3136 dlci_put(dlci); 3137 mutex_unlock(&gsm->mutex); 3138 return ret; 3139 } 3140 3141 dlci_get(dlci); 3142 dlci_get(gsm->dlci[0]); 3143 mux_get(gsm); 3144 tty->driver_data = dlci; 3145 mutex_unlock(&gsm->mutex); 3146 3147 return 0; 3148 } 3149 3150 static int gsmtty_open(struct tty_struct *tty, struct file *filp) 3151 { 3152 struct gsm_dlci *dlci = tty->driver_data; 3153 struct tty_port *port = &dlci->port; 3154 struct gsm_mux *gsm = dlci->gsm; 3155 3156 port->count++; 3157 tty_port_tty_set(port, tty); 3158 3159 dlci->modem_rx = 0; 3160 /* We could in theory open and close before we wait - eg if we get 3161 a DM straight back. This is ok as that will have caused a hangup */ 3162 tty_port_set_initialized(port, 1); 3163 /* Start sending off SABM messages */ 3164 if (gsm->initiator) 3165 gsm_dlci_begin_open(dlci); 3166 /* And wait for virtual carrier */ 3167 return tty_port_block_til_ready(port, tty, filp); 3168 } 3169 3170 static void gsmtty_close(struct tty_struct *tty, struct file *filp) 3171 { 3172 struct gsm_dlci *dlci = tty->driver_data; 3173 3174 if (dlci == NULL) 3175 return; 3176 if (dlci->state == DLCI_CLOSED) 3177 return; 3178 mutex_lock(&dlci->mutex); 3179 gsm_destroy_network(dlci); 3180 mutex_unlock(&dlci->mutex); 3181 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 3182 return; 3183 gsm_dlci_begin_close(dlci); 3184 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty)) 3185 tty_port_lower_dtr_rts(&dlci->port); 3186 tty_port_close_end(&dlci->port, tty); 3187 tty_port_tty_set(&dlci->port, NULL); 3188 return; 3189 } 3190 3191 static void gsmtty_hangup(struct tty_struct *tty) 3192 { 3193 struct gsm_dlci *dlci = tty->driver_data; 3194 if (dlci->state == DLCI_CLOSED) 3195 return; 3196 tty_port_hangup(&dlci->port); 3197 gsm_dlci_begin_close(dlci); 3198 } 3199 3200 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 3201 int len) 3202 { 3203 int sent; 3204 struct gsm_dlci *dlci = tty->driver_data; 3205 if (dlci->state == DLCI_CLOSED) 3206 return -EINVAL; 3207 /* Stuff the bytes into the fifo queue */ 3208 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock); 3209 /* Need to kick the channel */ 3210 gsm_dlci_data_kick(dlci); 3211 return sent; 3212 } 3213 3214 static unsigned int gsmtty_write_room(struct tty_struct *tty) 3215 { 3216 struct gsm_dlci *dlci = tty->driver_data; 3217 if (dlci->state == DLCI_CLOSED) 3218 return 0; 3219 return kfifo_avail(&dlci->fifo); 3220 } 3221 3222 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty) 3223 { 3224 struct gsm_dlci *dlci = tty->driver_data; 3225 if (dlci->state == DLCI_CLOSED) 3226 return 0; 3227 return kfifo_len(&dlci->fifo); 3228 } 3229 3230 static void gsmtty_flush_buffer(struct tty_struct *tty) 3231 { 3232 struct gsm_dlci *dlci = tty->driver_data; 3233 unsigned long flags; 3234 3235 if (dlci->state == DLCI_CLOSED) 3236 return; 3237 /* Caution needed: If we implement reliable transport classes 3238 then the data being transmitted can't simply be junked once 3239 it has first hit the stack. Until then we can just blow it 3240 away */ 3241 spin_lock_irqsave(&dlci->lock, flags); 3242 kfifo_reset(&dlci->fifo); 3243 spin_unlock_irqrestore(&dlci->lock, flags); 3244 /* Need to unhook this DLCI from the transmit queue logic */ 3245 } 3246 3247 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3248 { 3249 /* The FIFO handles the queue so the kernel will do the right 3250 thing waiting on chars_in_buffer before calling us. No work 3251 to do here */ 3252 } 3253 3254 static int gsmtty_tiocmget(struct tty_struct *tty) 3255 { 3256 struct gsm_dlci *dlci = tty->driver_data; 3257 if (dlci->state == DLCI_CLOSED) 3258 return -EINVAL; 3259 return dlci->modem_rx; 3260 } 3261 3262 static int gsmtty_tiocmset(struct tty_struct *tty, 3263 unsigned int set, unsigned int clear) 3264 { 3265 struct gsm_dlci *dlci = tty->driver_data; 3266 unsigned int modem_tx = dlci->modem_tx; 3267 3268 if (dlci->state == DLCI_CLOSED) 3269 return -EINVAL; 3270 modem_tx &= ~clear; 3271 modem_tx |= set; 3272 3273 if (modem_tx != dlci->modem_tx) { 3274 dlci->modem_tx = modem_tx; 3275 return gsm_modem_update(dlci, 0); 3276 } 3277 return 0; 3278 } 3279 3280 3281 static int gsmtty_ioctl(struct tty_struct *tty, 3282 unsigned int cmd, unsigned long arg) 3283 { 3284 struct gsm_dlci *dlci = tty->driver_data; 3285 struct gsm_netconfig nc; 3286 int index; 3287 3288 if (dlci->state == DLCI_CLOSED) 3289 return -EINVAL; 3290 switch (cmd) { 3291 case GSMIOC_ENABLE_NET: 3292 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3293 return -EFAULT; 3294 nc.if_name[IFNAMSIZ-1] = '\0'; 3295 /* return net interface index or error code */ 3296 mutex_lock(&dlci->mutex); 3297 index = gsm_create_network(dlci, &nc); 3298 mutex_unlock(&dlci->mutex); 3299 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3300 return -EFAULT; 3301 return index; 3302 case GSMIOC_DISABLE_NET: 3303 if (!capable(CAP_NET_ADMIN)) 3304 return -EPERM; 3305 mutex_lock(&dlci->mutex); 3306 gsm_destroy_network(dlci); 3307 mutex_unlock(&dlci->mutex); 3308 return 0; 3309 default: 3310 return -ENOIOCTLCMD; 3311 } 3312 } 3313 3314 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3315 { 3316 struct gsm_dlci *dlci = tty->driver_data; 3317 if (dlci->state == DLCI_CLOSED) 3318 return; 3319 /* For the moment its fixed. In actual fact the speed information 3320 for the virtual channel can be propogated in both directions by 3321 the RPN control message. This however rapidly gets nasty as we 3322 then have to remap modem signals each way according to whether 3323 our virtual cable is null modem etc .. */ 3324 tty_termios_copy_hw(&tty->termios, old); 3325 } 3326 3327 static void gsmtty_throttle(struct tty_struct *tty) 3328 { 3329 struct gsm_dlci *dlci = tty->driver_data; 3330 if (dlci->state == DLCI_CLOSED) 3331 return; 3332 if (C_CRTSCTS(tty)) 3333 dlci->modem_tx &= ~TIOCM_RTS; 3334 dlci->throttled = true; 3335 /* Send an MSC with RTS cleared */ 3336 gsm_modem_update(dlci, 0); 3337 } 3338 3339 static void gsmtty_unthrottle(struct tty_struct *tty) 3340 { 3341 struct gsm_dlci *dlci = tty->driver_data; 3342 if (dlci->state == DLCI_CLOSED) 3343 return; 3344 if (C_CRTSCTS(tty)) 3345 dlci->modem_tx |= TIOCM_RTS; 3346 dlci->throttled = false; 3347 /* Send an MSC with RTS set */ 3348 gsm_modem_update(dlci, 0); 3349 } 3350 3351 static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3352 { 3353 struct gsm_dlci *dlci = tty->driver_data; 3354 int encode = 0; /* Off */ 3355 if (dlci->state == DLCI_CLOSED) 3356 return -EINVAL; 3357 3358 if (state == -1) /* "On indefinitely" - we can't encode this 3359 properly */ 3360 encode = 0x0F; 3361 else if (state > 0) { 3362 encode = state / 200; /* mS to encoding */ 3363 if (encode > 0x0F) 3364 encode = 0x0F; /* Best effort */ 3365 } 3366 return gsm_modem_update(dlci, encode); 3367 } 3368 3369 static void gsmtty_cleanup(struct tty_struct *tty) 3370 { 3371 struct gsm_dlci *dlci = tty->driver_data; 3372 struct gsm_mux *gsm = dlci->gsm; 3373 3374 dlci_put(dlci); 3375 dlci_put(gsm->dlci[0]); 3376 mux_put(gsm); 3377 } 3378 3379 /* Virtual ttys for the demux */ 3380 static const struct tty_operations gsmtty_ops = { 3381 .install = gsmtty_install, 3382 .open = gsmtty_open, 3383 .close = gsmtty_close, 3384 .write = gsmtty_write, 3385 .write_room = gsmtty_write_room, 3386 .chars_in_buffer = gsmtty_chars_in_buffer, 3387 .flush_buffer = gsmtty_flush_buffer, 3388 .ioctl = gsmtty_ioctl, 3389 .throttle = gsmtty_throttle, 3390 .unthrottle = gsmtty_unthrottle, 3391 .set_termios = gsmtty_set_termios, 3392 .hangup = gsmtty_hangup, 3393 .wait_until_sent = gsmtty_wait_until_sent, 3394 .tiocmget = gsmtty_tiocmget, 3395 .tiocmset = gsmtty_tiocmset, 3396 .break_ctl = gsmtty_break_ctl, 3397 .cleanup = gsmtty_cleanup, 3398 }; 3399 3400 3401 3402 static int __init gsm_init(void) 3403 { 3404 /* Fill in our line protocol discipline, and register it */ 3405 int status = tty_register_ldisc(&tty_ldisc_packet); 3406 if (status != 0) { 3407 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3408 status); 3409 return status; 3410 } 3411 3412 gsm_tty_driver = tty_alloc_driver(256, TTY_DRIVER_REAL_RAW | 3413 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK); 3414 if (IS_ERR(gsm_tty_driver)) { 3415 pr_err("gsm_init: tty allocation failed.\n"); 3416 status = PTR_ERR(gsm_tty_driver); 3417 goto err_unreg_ldisc; 3418 } 3419 gsm_tty_driver->driver_name = "gsmtty"; 3420 gsm_tty_driver->name = "gsmtty"; 3421 gsm_tty_driver->major = 0; /* Dynamic */ 3422 gsm_tty_driver->minor_start = 0; 3423 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3424 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3425 gsm_tty_driver->init_termios = tty_std_termios; 3426 /* Fixme */ 3427 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3428 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3429 3430 if (tty_register_driver(gsm_tty_driver)) { 3431 pr_err("gsm_init: tty registration failed.\n"); 3432 status = -EBUSY; 3433 goto err_put_driver; 3434 } 3435 pr_debug("gsm_init: loaded as %d,%d.\n", 3436 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3437 return 0; 3438 err_put_driver: 3439 tty_driver_kref_put(gsm_tty_driver); 3440 err_unreg_ldisc: 3441 tty_unregister_ldisc(&tty_ldisc_packet); 3442 return status; 3443 } 3444 3445 static void __exit gsm_exit(void) 3446 { 3447 tty_unregister_ldisc(&tty_ldisc_packet); 3448 tty_unregister_driver(gsm_tty_driver); 3449 tty_driver_kref_put(gsm_tty_driver); 3450 } 3451 3452 module_init(gsm_init); 3453 module_exit(gsm_exit); 3454 3455 3456 MODULE_LICENSE("GPL"); 3457 MODULE_ALIAS_LDISC(N_GSM0710); 3458