1 /* 2 * n_gsm.c GSM 0710 tty multiplexor 3 * Copyright (c) 2009/10 Intel Corporation 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 17 * 18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 19 * 20 * TO DO: 21 * Mostly done: ioctls for setting modes/timing 22 * Partly done: hooks so you can pull off frames to non tty devs 23 * Restart DLCI 0 when it closes ? 24 * Improve the tx engine 25 * Resolve tx side locking by adding a queue_head and routing 26 * all control traffic via it 27 * General tidy/document 28 * Review the locking/move to refcounts more (mux now moved to an 29 * alloc/free model ready) 30 * Use newest tty open/close port helpers and install hooks 31 * What to do about power functions ? 32 * Termios setting and negotiation 33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 34 * 35 */ 36 37 #include <linux/types.h> 38 #include <linux/major.h> 39 #include <linux/errno.h> 40 #include <linux/signal.h> 41 #include <linux/fcntl.h> 42 #include <linux/sched/signal.h> 43 #include <linux/interrupt.h> 44 #include <linux/tty.h> 45 #include <linux/ctype.h> 46 #include <linux/mm.h> 47 #include <linux/string.h> 48 #include <linux/slab.h> 49 #include <linux/poll.h> 50 #include <linux/bitops.h> 51 #include <linux/file.h> 52 #include <linux/uaccess.h> 53 #include <linux/module.h> 54 #include <linux/timer.h> 55 #include <linux/tty_flip.h> 56 #include <linux/tty_driver.h> 57 #include <linux/serial.h> 58 #include <linux/kfifo.h> 59 #include <linux/skbuff.h> 60 #include <net/arp.h> 61 #include <linux/ip.h> 62 #include <linux/netdevice.h> 63 #include <linux/etherdevice.h> 64 #include <linux/gsmmux.h> 65 66 static int debug; 67 module_param(debug, int, 0600); 68 69 /* Defaults: these are from the specification */ 70 71 #define T1 10 /* 100mS */ 72 #define T2 34 /* 333mS */ 73 #define N2 3 /* Retry 3 times */ 74 75 /* Use long timers for testing at low speed with debug on */ 76 #ifdef DEBUG_TIMING 77 #define T1 100 78 #define T2 200 79 #endif 80 81 /* 82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 83 * limits so this is plenty 84 */ 85 #define MAX_MRU 1500 86 #define MAX_MTU 1500 87 #define GSM_NET_TX_TIMEOUT (HZ*10) 88 89 /** 90 * struct gsm_mux_net - network interface 91 * @struct gsm_dlci* dlci 92 * 93 * Created when net interface is initialized. 94 **/ 95 struct gsm_mux_net { 96 struct kref ref; 97 struct gsm_dlci *dlci; 98 }; 99 100 /* 101 * Each block of data we have queued to go out is in the form of 102 * a gsm_msg which holds everything we need in a link layer independent 103 * format 104 */ 105 106 struct gsm_msg { 107 struct list_head list; 108 u8 addr; /* DLCI address + flags */ 109 u8 ctrl; /* Control byte + flags */ 110 unsigned int len; /* Length of data block (can be zero) */ 111 unsigned char *data; /* Points into buffer but not at the start */ 112 unsigned char buffer[0]; 113 }; 114 115 /* 116 * Each active data link has a gsm_dlci structure associated which ties 117 * the link layer to an optional tty (if the tty side is open). To avoid 118 * complexity right now these are only ever freed up when the mux is 119 * shut down. 120 * 121 * At the moment we don't free DLCI objects until the mux is torn down 122 * this avoid object life time issues but might be worth review later. 123 */ 124 125 struct gsm_dlci { 126 struct gsm_mux *gsm; 127 int addr; 128 int state; 129 #define DLCI_CLOSED 0 130 #define DLCI_OPENING 1 /* Sending SABM not seen UA */ 131 #define DLCI_OPEN 2 /* SABM/UA complete */ 132 #define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */ 133 struct mutex mutex; 134 135 /* Link layer */ 136 spinlock_t lock; /* Protects the internal state */ 137 struct timer_list t1; /* Retransmit timer for SABM and UA */ 138 int retries; 139 /* Uplink tty if active */ 140 struct tty_port port; /* The tty bound to this DLCI if there is one */ 141 struct kfifo *fifo; /* Queue fifo for the DLCI */ 142 struct kfifo _fifo; /* For new fifo API porting only */ 143 int adaption; /* Adaption layer in use */ 144 int prev_adaption; 145 u32 modem_rx; /* Our incoming virtual modem lines */ 146 u32 modem_tx; /* Our outgoing modem lines */ 147 int dead; /* Refuse re-open */ 148 /* Flow control */ 149 int throttled; /* Private copy of throttle state */ 150 int constipated; /* Throttle status for outgoing */ 151 /* Packetised I/O */ 152 struct sk_buff *skb; /* Frame being sent */ 153 struct sk_buff_head skb_list; /* Queued frames */ 154 /* Data handling callback */ 155 void (*data)(struct gsm_dlci *dlci, u8 *data, int len); 156 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len); 157 struct net_device *net; /* network interface, if created */ 158 }; 159 160 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */ 161 162 #define NUM_DLCI 64 163 164 /* 165 * DLCI 0 is used to pass control blocks out of band of the data 166 * flow (and with a higher link priority). One command can be outstanding 167 * at a time and we use this structure to manage them. They are created 168 * and destroyed by the user context, and updated by the receive paths 169 * and timers 170 */ 171 172 struct gsm_control { 173 u8 cmd; /* Command we are issuing */ 174 u8 *data; /* Data for the command in case we retransmit */ 175 int len; /* Length of block for retransmission */ 176 int done; /* Done flag */ 177 int error; /* Error if any */ 178 }; 179 180 /* 181 * Each GSM mux we have is represented by this structure. If we are 182 * operating as an ldisc then we use this structure as our ldisc 183 * state. We need to sort out lifetimes and locking with respect 184 * to the gsm mux array. For now we don't free DLCI objects that 185 * have been instantiated until the mux itself is terminated. 186 * 187 * To consider further: tty open versus mux shutdown. 188 */ 189 190 struct gsm_mux { 191 struct tty_struct *tty; /* The tty our ldisc is bound to */ 192 spinlock_t lock; 193 struct mutex mutex; 194 unsigned int num; 195 struct kref ref; 196 197 /* Events on the GSM channel */ 198 wait_queue_head_t event; 199 200 /* Bits for GSM mode decoding */ 201 202 /* Framing Layer */ 203 unsigned char *buf; 204 int state; 205 #define GSM_SEARCH 0 206 #define GSM_START 1 207 #define GSM_ADDRESS 2 208 #define GSM_CONTROL 3 209 #define GSM_LEN 4 210 #define GSM_DATA 5 211 #define GSM_FCS 6 212 #define GSM_OVERRUN 7 213 #define GSM_LEN0 8 214 #define GSM_LEN1 9 215 #define GSM_SSOF 10 216 unsigned int len; 217 unsigned int address; 218 unsigned int count; 219 int escape; 220 int encoding; 221 u8 control; 222 u8 fcs; 223 u8 received_fcs; 224 u8 *txframe; /* TX framing buffer */ 225 226 /* Methods for the receiver side */ 227 void (*receive)(struct gsm_mux *gsm, u8 ch); 228 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag); 229 /* And transmit side */ 230 int (*output)(struct gsm_mux *mux, u8 *data, int len); 231 232 /* Link Layer */ 233 unsigned int mru; 234 unsigned int mtu; 235 int initiator; /* Did we initiate connection */ 236 int dead; /* Has the mux been shut down */ 237 struct gsm_dlci *dlci[NUM_DLCI]; 238 int constipated; /* Asked by remote to shut up */ 239 240 spinlock_t tx_lock; 241 unsigned int tx_bytes; /* TX data outstanding */ 242 #define TX_THRESH_HI 8192 243 #define TX_THRESH_LO 2048 244 struct list_head tx_list; /* Pending data packets */ 245 246 /* Control messages */ 247 struct timer_list t2_timer; /* Retransmit timer for commands */ 248 int cretries; /* Command retry counter */ 249 struct gsm_control *pending_cmd;/* Our current pending command */ 250 spinlock_t control_lock; /* Protects the pending command */ 251 252 /* Configuration */ 253 int adaption; /* 1 or 2 supported */ 254 u8 ftype; /* UI or UIH */ 255 int t1, t2; /* Timers in 1/100th of a sec */ 256 int n2; /* Retry count */ 257 258 /* Statistics (not currently exposed) */ 259 unsigned long bad_fcs; 260 unsigned long malformed; 261 unsigned long io_error; 262 unsigned long bad_size; 263 unsigned long unsupported; 264 }; 265 266 267 /* 268 * Mux objects - needed so that we can translate a tty index into the 269 * relevant mux and DLCI. 270 */ 271 272 #define MAX_MUX 4 /* 256 minors */ 273 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 274 static spinlock_t gsm_mux_lock; 275 276 static struct tty_driver *gsm_tty_driver; 277 278 /* 279 * This section of the driver logic implements the GSM encodings 280 * both the basic and the 'advanced'. Reliable transport is not 281 * supported. 282 */ 283 284 #define CR 0x02 285 #define EA 0x01 286 #define PF 0x10 287 288 /* I is special: the rest are ..*/ 289 #define RR 0x01 290 #define UI 0x03 291 #define RNR 0x05 292 #define REJ 0x09 293 #define DM 0x0F 294 #define SABM 0x2F 295 #define DISC 0x43 296 #define UA 0x63 297 #define UIH 0xEF 298 299 /* Channel commands */ 300 #define CMD_NSC 0x09 301 #define CMD_TEST 0x11 302 #define CMD_PSC 0x21 303 #define CMD_RLS 0x29 304 #define CMD_FCOFF 0x31 305 #define CMD_PN 0x41 306 #define CMD_RPN 0x49 307 #define CMD_FCON 0x51 308 #define CMD_CLD 0x61 309 #define CMD_SNC 0x69 310 #define CMD_MSC 0x71 311 312 /* Virtual modem bits */ 313 #define MDM_FC 0x01 314 #define MDM_RTC 0x02 315 #define MDM_RTR 0x04 316 #define MDM_IC 0x20 317 #define MDM_DV 0x40 318 319 #define GSM0_SOF 0xF9 320 #define GSM1_SOF 0x7E 321 #define GSM1_ESCAPE 0x7D 322 #define GSM1_ESCAPE_BITS 0x20 323 #define XON 0x11 324 #define XOFF 0x13 325 326 static const struct tty_port_operations gsm_port_ops; 327 328 /* 329 * CRC table for GSM 0710 330 */ 331 332 static const u8 gsm_fcs8[256] = { 333 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 334 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 335 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 336 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 337 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 338 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 339 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 340 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 341 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 342 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 343 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 344 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 345 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 346 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 347 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 348 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 349 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 350 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 351 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 352 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 353 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 354 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 355 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 356 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 357 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 358 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 359 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 360 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 361 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 362 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 363 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 364 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 365 }; 366 367 #define INIT_FCS 0xFF 368 #define GOOD_FCS 0xCF 369 370 /** 371 * gsm_fcs_add - update FCS 372 * @fcs: Current FCS 373 * @c: Next data 374 * 375 * Update the FCS to include c. Uses the algorithm in the specification 376 * notes. 377 */ 378 379 static inline u8 gsm_fcs_add(u8 fcs, u8 c) 380 { 381 return gsm_fcs8[fcs ^ c]; 382 } 383 384 /** 385 * gsm_fcs_add_block - update FCS for a block 386 * @fcs: Current FCS 387 * @c: buffer of data 388 * @len: length of buffer 389 * 390 * Update the FCS to include c. Uses the algorithm in the specification 391 * notes. 392 */ 393 394 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 395 { 396 while (len--) 397 fcs = gsm_fcs8[fcs ^ *c++]; 398 return fcs; 399 } 400 401 /** 402 * gsm_read_ea - read a byte into an EA 403 * @val: variable holding value 404 * c: byte going into the EA 405 * 406 * Processes one byte of an EA. Updates the passed variable 407 * and returns 1 if the EA is now completely read 408 */ 409 410 static int gsm_read_ea(unsigned int *val, u8 c) 411 { 412 /* Add the next 7 bits into the value */ 413 *val <<= 7; 414 *val |= c >> 1; 415 /* Was this the last byte of the EA 1 = yes*/ 416 return c & EA; 417 } 418 419 /** 420 * gsm_encode_modem - encode modem data bits 421 * @dlci: DLCI to encode from 422 * 423 * Returns the correct GSM encoded modem status bits (6 bit field) for 424 * the current status of the DLCI and attached tty object 425 */ 426 427 static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 428 { 429 u8 modembits = 0; 430 /* FC is true flow control not modem bits */ 431 if (dlci->throttled) 432 modembits |= MDM_FC; 433 if (dlci->modem_tx & TIOCM_DTR) 434 modembits |= MDM_RTC; 435 if (dlci->modem_tx & TIOCM_RTS) 436 modembits |= MDM_RTR; 437 if (dlci->modem_tx & TIOCM_RI) 438 modembits |= MDM_IC; 439 if (dlci->modem_tx & TIOCM_CD) 440 modembits |= MDM_DV; 441 return modembits; 442 } 443 444 /** 445 * gsm_print_packet - display a frame for debug 446 * @hdr: header to print before decode 447 * @addr: address EA from the frame 448 * @cr: C/R bit from the frame 449 * @control: control including PF bit 450 * @data: following data bytes 451 * @dlen: length of data 452 * 453 * Displays a packet in human readable format for debugging purposes. The 454 * style is based on amateur radio LAP-B dump display. 455 */ 456 457 static void gsm_print_packet(const char *hdr, int addr, int cr, 458 u8 control, const u8 *data, int dlen) 459 { 460 if (!(debug & 1)) 461 return; 462 463 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 464 465 switch (control & ~PF) { 466 case SABM: 467 pr_cont("SABM"); 468 break; 469 case UA: 470 pr_cont("UA"); 471 break; 472 case DISC: 473 pr_cont("DISC"); 474 break; 475 case DM: 476 pr_cont("DM"); 477 break; 478 case UI: 479 pr_cont("UI"); 480 break; 481 case UIH: 482 pr_cont("UIH"); 483 break; 484 default: 485 if (!(control & 0x01)) { 486 pr_cont("I N(S)%d N(R)%d", 487 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 488 } else switch (control & 0x0F) { 489 case RR: 490 pr_cont("RR(%d)", (control & 0xE0) >> 5); 491 break; 492 case RNR: 493 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 494 break; 495 case REJ: 496 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 497 break; 498 default: 499 pr_cont("[%02X]", control); 500 } 501 } 502 503 if (control & PF) 504 pr_cont("(P)"); 505 else 506 pr_cont("(F)"); 507 508 if (dlen) { 509 int ct = 0; 510 while (dlen--) { 511 if (ct % 8 == 0) { 512 pr_cont("\n"); 513 pr_debug(" "); 514 } 515 pr_cont("%02X ", *data++); 516 ct++; 517 } 518 } 519 pr_cont("\n"); 520 } 521 522 523 /* 524 * Link level transmission side 525 */ 526 527 /** 528 * gsm_stuff_packet - bytestuff a packet 529 * @ibuf: input 530 * @obuf: output 531 * @len: length of input 532 * 533 * Expand a buffer by bytestuffing it. The worst case size change 534 * is doubling and the caller is responsible for handing out 535 * suitable sized buffers. 536 */ 537 538 static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 539 { 540 int olen = 0; 541 while (len--) { 542 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 543 || *input == XON || *input == XOFF) { 544 *output++ = GSM1_ESCAPE; 545 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 546 olen++; 547 } else 548 *output++ = *input++; 549 olen++; 550 } 551 return olen; 552 } 553 554 /** 555 * gsm_send - send a control frame 556 * @gsm: our GSM mux 557 * @addr: address for control frame 558 * @cr: command/response bit 559 * @control: control byte including PF bit 560 * 561 * Format up and transmit a control frame. These do not go via the 562 * queueing logic as they should be transmitted ahead of data when 563 * they are needed. 564 * 565 * FIXME: Lock versus data TX path 566 */ 567 568 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 569 { 570 int len; 571 u8 cbuf[10]; 572 u8 ibuf[3]; 573 574 switch (gsm->encoding) { 575 case 0: 576 cbuf[0] = GSM0_SOF; 577 cbuf[1] = (addr << 2) | (cr << 1) | EA; 578 cbuf[2] = control; 579 cbuf[3] = EA; /* Length of data = 0 */ 580 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 581 cbuf[5] = GSM0_SOF; 582 len = 6; 583 break; 584 case 1: 585 case 2: 586 /* Control frame + packing (but not frame stuffing) in mode 1 */ 587 ibuf[0] = (addr << 2) | (cr << 1) | EA; 588 ibuf[1] = control; 589 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 590 /* Stuffing may double the size worst case */ 591 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 592 /* Now add the SOF markers */ 593 cbuf[0] = GSM1_SOF; 594 cbuf[len + 1] = GSM1_SOF; 595 /* FIXME: we can omit the lead one in many cases */ 596 len += 2; 597 break; 598 default: 599 WARN_ON(1); 600 return; 601 } 602 gsm->output(gsm, cbuf, len); 603 gsm_print_packet("-->", addr, cr, control, NULL, 0); 604 } 605 606 /** 607 * gsm_response - send a control response 608 * @gsm: our GSM mux 609 * @addr: address for control frame 610 * @control: control byte including PF bit 611 * 612 * Format up and transmit a link level response frame. 613 */ 614 615 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 616 { 617 gsm_send(gsm, addr, 0, control); 618 } 619 620 /** 621 * gsm_command - send a control command 622 * @gsm: our GSM mux 623 * @addr: address for control frame 624 * @control: control byte including PF bit 625 * 626 * Format up and transmit a link level command frame. 627 */ 628 629 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 630 { 631 gsm_send(gsm, addr, 1, control); 632 } 633 634 /* Data transmission */ 635 636 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 637 638 /** 639 * gsm_data_alloc - allocate data frame 640 * @gsm: GSM mux 641 * @addr: DLCI address 642 * @len: length excluding header and FCS 643 * @ctrl: control byte 644 * 645 * Allocate a new data buffer for sending frames with data. Space is left 646 * at the front for header bytes but that is treated as an implementation 647 * detail and not for the high level code to use 648 */ 649 650 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 651 u8 ctrl) 652 { 653 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 654 GFP_ATOMIC); 655 if (m == NULL) 656 return NULL; 657 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 658 m->len = len; 659 m->addr = addr; 660 m->ctrl = ctrl; 661 INIT_LIST_HEAD(&m->list); 662 return m; 663 } 664 665 /** 666 * gsm_data_kick - poke the queue 667 * @gsm: GSM Mux 668 * 669 * The tty device has called us to indicate that room has appeared in 670 * the transmit queue. Ram more data into the pipe if we have any 671 * If we have been flow-stopped by a CMD_FCOFF, then we can only 672 * send messages on DLCI0 until CMD_FCON 673 * 674 * FIXME: lock against link layer control transmissions 675 */ 676 677 static void gsm_data_kick(struct gsm_mux *gsm) 678 { 679 struct gsm_msg *msg, *nmsg; 680 int len; 681 int skip_sof = 0; 682 683 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 684 if (gsm->constipated && msg->addr) 685 continue; 686 if (gsm->encoding != 0) { 687 gsm->txframe[0] = GSM1_SOF; 688 len = gsm_stuff_frame(msg->data, 689 gsm->txframe + 1, msg->len); 690 gsm->txframe[len + 1] = GSM1_SOF; 691 len += 2; 692 } else { 693 gsm->txframe[0] = GSM0_SOF; 694 memcpy(gsm->txframe + 1 , msg->data, msg->len); 695 gsm->txframe[msg->len + 1] = GSM0_SOF; 696 len = msg->len + 2; 697 } 698 699 if (debug & 4) 700 print_hex_dump_bytes("gsm_data_kick: ", 701 DUMP_PREFIX_OFFSET, 702 gsm->txframe, len); 703 704 if (gsm->output(gsm, gsm->txframe + skip_sof, 705 len - skip_sof) < 0) 706 break; 707 /* FIXME: Can eliminate one SOF in many more cases */ 708 gsm->tx_bytes -= msg->len; 709 /* For a burst of frames skip the extra SOF within the 710 burst */ 711 skip_sof = 1; 712 713 list_del(&msg->list); 714 kfree(msg); 715 } 716 } 717 718 /** 719 * __gsm_data_queue - queue a UI or UIH frame 720 * @dlci: DLCI sending the data 721 * @msg: message queued 722 * 723 * Add data to the transmit queue and try and get stuff moving 724 * out of the mux tty if not already doing so. The Caller must hold 725 * the gsm tx lock. 726 */ 727 728 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 729 { 730 struct gsm_mux *gsm = dlci->gsm; 731 u8 *dp = msg->data; 732 u8 *fcs = dp + msg->len; 733 734 /* Fill in the header */ 735 if (gsm->encoding == 0) { 736 if (msg->len < 128) 737 *--dp = (msg->len << 1) | EA; 738 else { 739 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 740 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 741 } 742 } 743 744 *--dp = msg->ctrl; 745 if (gsm->initiator) 746 *--dp = (msg->addr << 2) | 2 | EA; 747 else 748 *--dp = (msg->addr << 2) | EA; 749 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 750 /* Ugly protocol layering violation */ 751 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 752 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 753 *fcs = 0xFF - *fcs; 754 755 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 756 msg->data, msg->len); 757 758 /* Move the header back and adjust the length, also allow for the FCS 759 now tacked on the end */ 760 msg->len += (msg->data - dp) + 1; 761 msg->data = dp; 762 763 /* Add to the actual output queue */ 764 list_add_tail(&msg->list, &gsm->tx_list); 765 gsm->tx_bytes += msg->len; 766 gsm_data_kick(gsm); 767 } 768 769 /** 770 * gsm_data_queue - queue a UI or UIH frame 771 * @dlci: DLCI sending the data 772 * @msg: message queued 773 * 774 * Add data to the transmit queue and try and get stuff moving 775 * out of the mux tty if not already doing so. Take the 776 * the gsm tx lock and dlci lock. 777 */ 778 779 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 780 { 781 unsigned long flags; 782 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 783 __gsm_data_queue(dlci, msg); 784 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 785 } 786 787 /** 788 * gsm_dlci_data_output - try and push data out of a DLCI 789 * @gsm: mux 790 * @dlci: the DLCI to pull data from 791 * 792 * Pull data from a DLCI and send it into the transmit queue if there 793 * is data. Keep to the MRU of the mux. This path handles the usual tty 794 * interface which is a byte stream with optional modem data. 795 * 796 * Caller must hold the tx_lock of the mux. 797 */ 798 799 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 800 { 801 struct gsm_msg *msg; 802 u8 *dp; 803 int len, total_size, size; 804 int h = dlci->adaption - 1; 805 806 total_size = 0; 807 while (1) { 808 len = kfifo_len(dlci->fifo); 809 if (len == 0) 810 return total_size; 811 812 /* MTU/MRU count only the data bits */ 813 if (len > gsm->mtu) 814 len = gsm->mtu; 815 816 size = len + h; 817 818 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 819 /* FIXME: need a timer or something to kick this so it can't 820 get stuck with no work outstanding and no buffer free */ 821 if (msg == NULL) 822 return -ENOMEM; 823 dp = msg->data; 824 switch (dlci->adaption) { 825 case 1: /* Unstructured */ 826 break; 827 case 2: /* Unstructed with modem bits. 828 Always one byte as we never send inline break data */ 829 *dp++ = gsm_encode_modem(dlci); 830 break; 831 } 832 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len); 833 __gsm_data_queue(dlci, msg); 834 total_size += size; 835 } 836 /* Bytes of data we used up */ 837 return total_size; 838 } 839 840 /** 841 * gsm_dlci_data_output_framed - try and push data out of a DLCI 842 * @gsm: mux 843 * @dlci: the DLCI to pull data from 844 * 845 * Pull data from a DLCI and send it into the transmit queue if there 846 * is data. Keep to the MRU of the mux. This path handles framed data 847 * queued as skbuffs to the DLCI. 848 * 849 * Caller must hold the tx_lock of the mux. 850 */ 851 852 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 853 struct gsm_dlci *dlci) 854 { 855 struct gsm_msg *msg; 856 u8 *dp; 857 int len, size; 858 int last = 0, first = 0; 859 int overhead = 0; 860 861 /* One byte per frame is used for B/F flags */ 862 if (dlci->adaption == 4) 863 overhead = 1; 864 865 /* dlci->skb is locked by tx_lock */ 866 if (dlci->skb == NULL) { 867 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 868 if (dlci->skb == NULL) 869 return 0; 870 first = 1; 871 } 872 len = dlci->skb->len + overhead; 873 874 /* MTU/MRU count only the data bits */ 875 if (len > gsm->mtu) { 876 if (dlci->adaption == 3) { 877 /* Over long frame, bin it */ 878 dev_kfree_skb_any(dlci->skb); 879 dlci->skb = NULL; 880 return 0; 881 } 882 len = gsm->mtu; 883 } else 884 last = 1; 885 886 size = len + overhead; 887 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 888 889 /* FIXME: need a timer or something to kick this so it can't 890 get stuck with no work outstanding and no buffer free */ 891 if (msg == NULL) { 892 skb_queue_tail(&dlci->skb_list, dlci->skb); 893 dlci->skb = NULL; 894 return -ENOMEM; 895 } 896 dp = msg->data; 897 898 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 899 /* Flag byte to carry the start/end info */ 900 *dp++ = last << 7 | first << 6 | 1; /* EA */ 901 len--; 902 } 903 memcpy(dp, dlci->skb->data, len); 904 skb_pull(dlci->skb, len); 905 __gsm_data_queue(dlci, msg); 906 if (last) { 907 dev_kfree_skb_any(dlci->skb); 908 dlci->skb = NULL; 909 } 910 return size; 911 } 912 913 /** 914 * gsm_dlci_data_sweep - look for data to send 915 * @gsm: the GSM mux 916 * 917 * Sweep the GSM mux channels in priority order looking for ones with 918 * data to send. We could do with optimising this scan a bit. We aim 919 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 920 * TX_THRESH_LO we get called again 921 * 922 * FIXME: We should round robin between groups and in theory you can 923 * renegotiate DLCI priorities with optional stuff. Needs optimising. 924 */ 925 926 static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 927 { 928 int len; 929 /* Priority ordering: We should do priority with RR of the groups */ 930 int i = 1; 931 932 while (i < NUM_DLCI) { 933 struct gsm_dlci *dlci; 934 935 if (gsm->tx_bytes > TX_THRESH_HI) 936 break; 937 dlci = gsm->dlci[i]; 938 if (dlci == NULL || dlci->constipated) { 939 i++; 940 continue; 941 } 942 if (dlci->adaption < 3 && !dlci->net) 943 len = gsm_dlci_data_output(gsm, dlci); 944 else 945 len = gsm_dlci_data_output_framed(gsm, dlci); 946 if (len < 0) 947 break; 948 /* DLCI empty - try the next */ 949 if (len == 0) 950 i++; 951 } 952 } 953 954 /** 955 * gsm_dlci_data_kick - transmit if possible 956 * @dlci: DLCI to kick 957 * 958 * Transmit data from this DLCI if the queue is empty. We can't rely on 959 * a tty wakeup except when we filled the pipe so we need to fire off 960 * new data ourselves in other cases. 961 */ 962 963 static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 964 { 965 unsigned long flags; 966 int sweep; 967 968 if (dlci->constipated) 969 return; 970 971 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 972 /* If we have nothing running then we need to fire up */ 973 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 974 if (dlci->gsm->tx_bytes == 0) { 975 if (dlci->net) 976 gsm_dlci_data_output_framed(dlci->gsm, dlci); 977 else 978 gsm_dlci_data_output(dlci->gsm, dlci); 979 } 980 if (sweep) 981 gsm_dlci_data_sweep(dlci->gsm); 982 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 983 } 984 985 /* 986 * Control message processing 987 */ 988 989 990 /** 991 * gsm_control_reply - send a response frame to a control 992 * @gsm: gsm channel 993 * @cmd: the command to use 994 * @data: data to follow encoded info 995 * @dlen: length of data 996 * 997 * Encode up and queue a UI/UIH frame containing our response. 998 */ 999 1000 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data, 1001 int dlen) 1002 { 1003 struct gsm_msg *msg; 1004 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1005 if (msg == NULL) 1006 return; 1007 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1008 msg->data[1] = (dlen << 1) | EA; 1009 memcpy(msg->data + 2, data, dlen); 1010 gsm_data_queue(gsm->dlci[0], msg); 1011 } 1012 1013 /** 1014 * gsm_process_modem - process received modem status 1015 * @tty: virtual tty bound to the DLCI 1016 * @dlci: DLCI to affect 1017 * @modem: modem bits (full EA) 1018 * 1019 * Used when a modem control message or line state inline in adaption 1020 * layer 2 is processed. Sort out the local modem state and throttles 1021 */ 1022 1023 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1024 u32 modem, int clen) 1025 { 1026 int mlines = 0; 1027 u8 brk = 0; 1028 int fc; 1029 1030 /* The modem status command can either contain one octet (v.24 signals) 1031 or two octets (v.24 signals + break signals). The length field will 1032 either be 2 or 3 respectively. This is specified in section 1033 5.4.6.3.7 of the 27.010 mux spec. */ 1034 1035 if (clen == 2) 1036 modem = modem & 0x7f; 1037 else { 1038 brk = modem & 0x7f; 1039 modem = (modem >> 7) & 0x7f; 1040 } 1041 1042 /* Flow control/ready to communicate */ 1043 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1044 if (fc && !dlci->constipated) { 1045 /* Need to throttle our output on this device */ 1046 dlci->constipated = 1; 1047 } else if (!fc && dlci->constipated) { 1048 dlci->constipated = 0; 1049 gsm_dlci_data_kick(dlci); 1050 } 1051 1052 /* Map modem bits */ 1053 if (modem & MDM_RTC) 1054 mlines |= TIOCM_DSR | TIOCM_DTR; 1055 if (modem & MDM_RTR) 1056 mlines |= TIOCM_RTS | TIOCM_CTS; 1057 if (modem & MDM_IC) 1058 mlines |= TIOCM_RI; 1059 if (modem & MDM_DV) 1060 mlines |= TIOCM_CD; 1061 1062 /* Carrier drop -> hangup */ 1063 if (tty) { 1064 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1065 if (!C_CLOCAL(tty)) 1066 tty_hangup(tty); 1067 } 1068 if (brk & 0x01) 1069 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1070 dlci->modem_rx = mlines; 1071 } 1072 1073 /** 1074 * gsm_control_modem - modem status received 1075 * @gsm: GSM channel 1076 * @data: data following command 1077 * @clen: command length 1078 * 1079 * We have received a modem status control message. This is used by 1080 * the GSM mux protocol to pass virtual modem line status and optionally 1081 * to indicate break signals. Unpack it, convert to Linux representation 1082 * and if need be stuff a break message down the tty. 1083 */ 1084 1085 static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen) 1086 { 1087 unsigned int addr = 0; 1088 unsigned int modem = 0; 1089 unsigned int brk = 0; 1090 struct gsm_dlci *dlci; 1091 int len = clen; 1092 u8 *dp = data; 1093 struct tty_struct *tty; 1094 1095 while (gsm_read_ea(&addr, *dp++) == 0) { 1096 len--; 1097 if (len == 0) 1098 return; 1099 } 1100 /* Must be at least one byte following the EA */ 1101 len--; 1102 if (len <= 0) 1103 return; 1104 1105 addr >>= 1; 1106 /* Closed port, or invalid ? */ 1107 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1108 return; 1109 dlci = gsm->dlci[addr]; 1110 1111 while (gsm_read_ea(&modem, *dp++) == 0) { 1112 len--; 1113 if (len == 0) 1114 return; 1115 } 1116 len--; 1117 if (len > 0) { 1118 while (gsm_read_ea(&brk, *dp++) == 0) { 1119 len--; 1120 if (len == 0) 1121 return; 1122 } 1123 modem <<= 7; 1124 modem |= (brk & 0x7f); 1125 } 1126 tty = tty_port_tty_get(&dlci->port); 1127 gsm_process_modem(tty, dlci, modem, clen); 1128 if (tty) { 1129 tty_wakeup(tty); 1130 tty_kref_put(tty); 1131 } 1132 gsm_control_reply(gsm, CMD_MSC, data, clen); 1133 } 1134 1135 /** 1136 * gsm_control_rls - remote line status 1137 * @gsm: GSM channel 1138 * @data: data bytes 1139 * @clen: data length 1140 * 1141 * The modem sends us a two byte message on the control channel whenever 1142 * it wishes to send us an error state from the virtual link. Stuff 1143 * this into the uplink tty if present 1144 */ 1145 1146 static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen) 1147 { 1148 struct tty_port *port; 1149 unsigned int addr = 0; 1150 u8 bits; 1151 int len = clen; 1152 u8 *dp = data; 1153 1154 while (gsm_read_ea(&addr, *dp++) == 0) { 1155 len--; 1156 if (len == 0) 1157 return; 1158 } 1159 /* Must be at least one byte following ea */ 1160 len--; 1161 if (len <= 0) 1162 return; 1163 addr >>= 1; 1164 /* Closed port, or invalid ? */ 1165 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1166 return; 1167 /* No error ? */ 1168 bits = *dp; 1169 if ((bits & 1) == 0) 1170 return; 1171 1172 port = &gsm->dlci[addr]->port; 1173 1174 if (bits & 2) 1175 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1176 if (bits & 4) 1177 tty_insert_flip_char(port, 0, TTY_PARITY); 1178 if (bits & 8) 1179 tty_insert_flip_char(port, 0, TTY_FRAME); 1180 1181 tty_flip_buffer_push(port); 1182 1183 gsm_control_reply(gsm, CMD_RLS, data, clen); 1184 } 1185 1186 static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1187 1188 /** 1189 * gsm_control_message - DLCI 0 control processing 1190 * @gsm: our GSM mux 1191 * @command: the command EA 1192 * @data: data beyond the command/length EAs 1193 * @clen: length 1194 * 1195 * Input processor for control messages from the other end of the link. 1196 * Processes the incoming request and queues a response frame or an 1197 * NSC response if not supported 1198 */ 1199 1200 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1201 u8 *data, int clen) 1202 { 1203 u8 buf[1]; 1204 unsigned long flags; 1205 1206 switch (command) { 1207 case CMD_CLD: { 1208 struct gsm_dlci *dlci = gsm->dlci[0]; 1209 /* Modem wishes to close down */ 1210 if (dlci) { 1211 dlci->dead = 1; 1212 gsm->dead = 1; 1213 gsm_dlci_begin_close(dlci); 1214 } 1215 } 1216 break; 1217 case CMD_TEST: 1218 /* Modem wishes to test, reply with the data */ 1219 gsm_control_reply(gsm, CMD_TEST, data, clen); 1220 break; 1221 case CMD_FCON: 1222 /* Modem can accept data again */ 1223 gsm->constipated = 0; 1224 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1225 /* Kick the link in case it is idling */ 1226 spin_lock_irqsave(&gsm->tx_lock, flags); 1227 gsm_data_kick(gsm); 1228 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1229 break; 1230 case CMD_FCOFF: 1231 /* Modem wants us to STFU */ 1232 gsm->constipated = 1; 1233 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1234 break; 1235 case CMD_MSC: 1236 /* Out of band modem line change indicator for a DLCI */ 1237 gsm_control_modem(gsm, data, clen); 1238 break; 1239 case CMD_RLS: 1240 /* Out of band error reception for a DLCI */ 1241 gsm_control_rls(gsm, data, clen); 1242 break; 1243 case CMD_PSC: 1244 /* Modem wishes to enter power saving state */ 1245 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1246 break; 1247 /* Optional unsupported commands */ 1248 case CMD_PN: /* Parameter negotiation */ 1249 case CMD_RPN: /* Remote port negotiation */ 1250 case CMD_SNC: /* Service negotiation command */ 1251 default: 1252 /* Reply to bad commands with an NSC */ 1253 buf[0] = command; 1254 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1255 break; 1256 } 1257 } 1258 1259 /** 1260 * gsm_control_response - process a response to our control 1261 * @gsm: our GSM mux 1262 * @command: the command (response) EA 1263 * @data: data beyond the command/length EA 1264 * @clen: length 1265 * 1266 * Process a response to an outstanding command. We only allow a single 1267 * control message in flight so this is fairly easy. All the clean up 1268 * is done by the caller, we just update the fields, flag it as done 1269 * and return 1270 */ 1271 1272 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1273 u8 *data, int clen) 1274 { 1275 struct gsm_control *ctrl; 1276 unsigned long flags; 1277 1278 spin_lock_irqsave(&gsm->control_lock, flags); 1279 1280 ctrl = gsm->pending_cmd; 1281 /* Does the reply match our command */ 1282 command |= 1; 1283 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1284 /* Our command was replied to, kill the retry timer */ 1285 del_timer(&gsm->t2_timer); 1286 gsm->pending_cmd = NULL; 1287 /* Rejected by the other end */ 1288 if (command == CMD_NSC) 1289 ctrl->error = -EOPNOTSUPP; 1290 ctrl->done = 1; 1291 wake_up(&gsm->event); 1292 } 1293 spin_unlock_irqrestore(&gsm->control_lock, flags); 1294 } 1295 1296 /** 1297 * gsm_control_transmit - send control packet 1298 * @gsm: gsm mux 1299 * @ctrl: frame to send 1300 * 1301 * Send out a pending control command (called under control lock) 1302 */ 1303 1304 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1305 { 1306 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype); 1307 if (msg == NULL) 1308 return; 1309 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */ 1310 memcpy(msg->data + 1, ctrl->data, ctrl->len); 1311 gsm_data_queue(gsm->dlci[0], msg); 1312 } 1313 1314 /** 1315 * gsm_control_retransmit - retransmit a control frame 1316 * @data: pointer to our gsm object 1317 * 1318 * Called off the T2 timer expiry in order to retransmit control frames 1319 * that have been lost in the system somewhere. The control_lock protects 1320 * us from colliding with another sender or a receive completion event. 1321 * In that situation the timer may still occur in a small window but 1322 * gsm->pending_cmd will be NULL and we just let the timer expire. 1323 */ 1324 1325 static void gsm_control_retransmit(unsigned long data) 1326 { 1327 struct gsm_mux *gsm = (struct gsm_mux *)data; 1328 struct gsm_control *ctrl; 1329 unsigned long flags; 1330 spin_lock_irqsave(&gsm->control_lock, flags); 1331 ctrl = gsm->pending_cmd; 1332 if (ctrl) { 1333 gsm->cretries--; 1334 if (gsm->cretries == 0) { 1335 gsm->pending_cmd = NULL; 1336 ctrl->error = -ETIMEDOUT; 1337 ctrl->done = 1; 1338 spin_unlock_irqrestore(&gsm->control_lock, flags); 1339 wake_up(&gsm->event); 1340 return; 1341 } 1342 gsm_control_transmit(gsm, ctrl); 1343 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1344 } 1345 spin_unlock_irqrestore(&gsm->control_lock, flags); 1346 } 1347 1348 /** 1349 * gsm_control_send - send a control frame on DLCI 0 1350 * @gsm: the GSM channel 1351 * @command: command to send including CR bit 1352 * @data: bytes of data (must be kmalloced) 1353 * @len: length of the block to send 1354 * 1355 * Queue and dispatch a control command. Only one command can be 1356 * active at a time. In theory more can be outstanding but the matching 1357 * gets really complicated so for now stick to one outstanding. 1358 */ 1359 1360 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1361 unsigned int command, u8 *data, int clen) 1362 { 1363 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1364 GFP_KERNEL); 1365 unsigned long flags; 1366 if (ctrl == NULL) 1367 return NULL; 1368 retry: 1369 wait_event(gsm->event, gsm->pending_cmd == NULL); 1370 spin_lock_irqsave(&gsm->control_lock, flags); 1371 if (gsm->pending_cmd != NULL) { 1372 spin_unlock_irqrestore(&gsm->control_lock, flags); 1373 goto retry; 1374 } 1375 ctrl->cmd = command; 1376 ctrl->data = data; 1377 ctrl->len = clen; 1378 gsm->pending_cmd = ctrl; 1379 gsm->cretries = gsm->n2; 1380 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1381 gsm_control_transmit(gsm, ctrl); 1382 spin_unlock_irqrestore(&gsm->control_lock, flags); 1383 return ctrl; 1384 } 1385 1386 /** 1387 * gsm_control_wait - wait for a control to finish 1388 * @gsm: GSM mux 1389 * @control: control we are waiting on 1390 * 1391 * Waits for the control to complete or time out. Frees any used 1392 * resources and returns 0 for success, or an error if the remote 1393 * rejected or ignored the request. 1394 */ 1395 1396 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1397 { 1398 int err; 1399 wait_event(gsm->event, control->done == 1); 1400 err = control->error; 1401 kfree(control); 1402 return err; 1403 } 1404 1405 1406 /* 1407 * DLCI level handling: Needs krefs 1408 */ 1409 1410 /* 1411 * State transitions and timers 1412 */ 1413 1414 /** 1415 * gsm_dlci_close - a DLCI has closed 1416 * @dlci: DLCI that closed 1417 * 1418 * Perform processing when moving a DLCI into closed state. If there 1419 * is an attached tty this is hung up 1420 */ 1421 1422 static void gsm_dlci_close(struct gsm_dlci *dlci) 1423 { 1424 del_timer(&dlci->t1); 1425 if (debug & 8) 1426 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1427 dlci->state = DLCI_CLOSED; 1428 if (dlci->addr != 0) { 1429 tty_port_tty_hangup(&dlci->port, false); 1430 kfifo_reset(dlci->fifo); 1431 } else 1432 dlci->gsm->dead = 1; 1433 wake_up(&dlci->gsm->event); 1434 /* A DLCI 0 close is a MUX termination so we need to kick that 1435 back to userspace somehow */ 1436 } 1437 1438 /** 1439 * gsm_dlci_open - a DLCI has opened 1440 * @dlci: DLCI that opened 1441 * 1442 * Perform processing when moving a DLCI into open state. 1443 */ 1444 1445 static void gsm_dlci_open(struct gsm_dlci *dlci) 1446 { 1447 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1448 open -> open */ 1449 del_timer(&dlci->t1); 1450 /* This will let a tty open continue */ 1451 dlci->state = DLCI_OPEN; 1452 if (debug & 8) 1453 pr_debug("DLCI %d goes open.\n", dlci->addr); 1454 wake_up(&dlci->gsm->event); 1455 } 1456 1457 /** 1458 * gsm_dlci_t1 - T1 timer expiry 1459 * @dlci: DLCI that opened 1460 * 1461 * The T1 timer handles retransmits of control frames (essentially of 1462 * SABM and DISC). We resend the command until the retry count runs out 1463 * in which case an opening port goes back to closed and a closing port 1464 * is simply put into closed state (any further frames from the other 1465 * end will get a DM response) 1466 */ 1467 1468 static void gsm_dlci_t1(unsigned long data) 1469 { 1470 struct gsm_dlci *dlci = (struct gsm_dlci *)data; 1471 struct gsm_mux *gsm = dlci->gsm; 1472 1473 switch (dlci->state) { 1474 case DLCI_OPENING: 1475 dlci->retries--; 1476 if (dlci->retries) { 1477 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1478 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1479 } else 1480 gsm_dlci_close(dlci); 1481 break; 1482 case DLCI_CLOSING: 1483 dlci->retries--; 1484 if (dlci->retries) { 1485 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1486 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1487 } else 1488 gsm_dlci_close(dlci); 1489 break; 1490 } 1491 } 1492 1493 /** 1494 * gsm_dlci_begin_open - start channel open procedure 1495 * @dlci: DLCI to open 1496 * 1497 * Commence opening a DLCI from the Linux side. We issue SABM messages 1498 * to the modem which should then reply with a UA, at which point we 1499 * will move into open state. Opening is done asynchronously with retry 1500 * running off timers and the responses. 1501 */ 1502 1503 static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1504 { 1505 struct gsm_mux *gsm = dlci->gsm; 1506 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1507 return; 1508 dlci->retries = gsm->n2; 1509 dlci->state = DLCI_OPENING; 1510 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1511 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1512 } 1513 1514 /** 1515 * gsm_dlci_begin_close - start channel open procedure 1516 * @dlci: DLCI to open 1517 * 1518 * Commence closing a DLCI from the Linux side. We issue DISC messages 1519 * to the modem which should then reply with a UA, at which point we 1520 * will move into closed state. Closing is done asynchronously with retry 1521 * off timers. We may also receive a DM reply from the other end which 1522 * indicates the channel was already closed. 1523 */ 1524 1525 static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1526 { 1527 struct gsm_mux *gsm = dlci->gsm; 1528 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1529 return; 1530 dlci->retries = gsm->n2; 1531 dlci->state = DLCI_CLOSING; 1532 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1533 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1534 } 1535 1536 /** 1537 * gsm_dlci_data - data arrived 1538 * @dlci: channel 1539 * @data: block of bytes received 1540 * @len: length of received block 1541 * 1542 * A UI or UIH frame has arrived which contains data for a channel 1543 * other than the control channel. If the relevant virtual tty is 1544 * open we shovel the bits down it, if not we drop them. 1545 */ 1546 1547 static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen) 1548 { 1549 /* krefs .. */ 1550 struct tty_port *port = &dlci->port; 1551 struct tty_struct *tty; 1552 unsigned int modem = 0; 1553 int len = clen; 1554 1555 if (debug & 16) 1556 pr_debug("%d bytes for tty\n", len); 1557 switch (dlci->adaption) { 1558 /* Unsupported types */ 1559 /* Packetised interruptible data */ 1560 case 4: 1561 break; 1562 /* Packetised uininterruptible voice/data */ 1563 case 3: 1564 break; 1565 /* Asynchronous serial with line state in each frame */ 1566 case 2: 1567 while (gsm_read_ea(&modem, *data++) == 0) { 1568 len--; 1569 if (len == 0) 1570 return; 1571 } 1572 tty = tty_port_tty_get(port); 1573 if (tty) { 1574 gsm_process_modem(tty, dlci, modem, clen); 1575 tty_kref_put(tty); 1576 } 1577 /* Line state will go via DLCI 0 controls only */ 1578 case 1: 1579 default: 1580 tty_insert_flip_string(port, data, len); 1581 tty_flip_buffer_push(port); 1582 } 1583 } 1584 1585 /** 1586 * gsm_dlci_control - data arrived on control channel 1587 * @dlci: channel 1588 * @data: block of bytes received 1589 * @len: length of received block 1590 * 1591 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1592 * control channel. This should contain a command EA followed by 1593 * control data bytes. The command EA contains a command/response bit 1594 * and we divide up the work accordingly. 1595 */ 1596 1597 static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len) 1598 { 1599 /* See what command is involved */ 1600 unsigned int command = 0; 1601 while (len-- > 0) { 1602 if (gsm_read_ea(&command, *data++) == 1) { 1603 int clen = *data++; 1604 len--; 1605 /* FIXME: this is properly an EA */ 1606 clen >>= 1; 1607 /* Malformed command ? */ 1608 if (clen > len) 1609 return; 1610 if (command & 1) 1611 gsm_control_message(dlci->gsm, command, 1612 data, clen); 1613 else 1614 gsm_control_response(dlci->gsm, command, 1615 data, clen); 1616 return; 1617 } 1618 } 1619 } 1620 1621 /* 1622 * Allocate/Free DLCI channels 1623 */ 1624 1625 /** 1626 * gsm_dlci_alloc - allocate a DLCI 1627 * @gsm: GSM mux 1628 * @addr: address of the DLCI 1629 * 1630 * Allocate and install a new DLCI object into the GSM mux. 1631 * 1632 * FIXME: review locking races 1633 */ 1634 1635 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1636 { 1637 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1638 if (dlci == NULL) 1639 return NULL; 1640 spin_lock_init(&dlci->lock); 1641 mutex_init(&dlci->mutex); 1642 dlci->fifo = &dlci->_fifo; 1643 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) { 1644 kfree(dlci); 1645 return NULL; 1646 } 1647 1648 skb_queue_head_init(&dlci->skb_list); 1649 init_timer(&dlci->t1); 1650 dlci->t1.function = gsm_dlci_t1; 1651 dlci->t1.data = (unsigned long)dlci; 1652 tty_port_init(&dlci->port); 1653 dlci->port.ops = &gsm_port_ops; 1654 dlci->gsm = gsm; 1655 dlci->addr = addr; 1656 dlci->adaption = gsm->adaption; 1657 dlci->state = DLCI_CLOSED; 1658 if (addr) 1659 dlci->data = gsm_dlci_data; 1660 else 1661 dlci->data = gsm_dlci_command; 1662 gsm->dlci[addr] = dlci; 1663 return dlci; 1664 } 1665 1666 /** 1667 * gsm_dlci_free - free DLCI 1668 * @dlci: DLCI to free 1669 * 1670 * Free up a DLCI. 1671 * 1672 * Can sleep. 1673 */ 1674 static void gsm_dlci_free(struct tty_port *port) 1675 { 1676 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1677 1678 del_timer_sync(&dlci->t1); 1679 dlci->gsm->dlci[dlci->addr] = NULL; 1680 kfifo_free(dlci->fifo); 1681 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1682 dev_kfree_skb(dlci->skb); 1683 kfree(dlci); 1684 } 1685 1686 static inline void dlci_get(struct gsm_dlci *dlci) 1687 { 1688 tty_port_get(&dlci->port); 1689 } 1690 1691 static inline void dlci_put(struct gsm_dlci *dlci) 1692 { 1693 tty_port_put(&dlci->port); 1694 } 1695 1696 static void gsm_destroy_network(struct gsm_dlci *dlci); 1697 1698 /** 1699 * gsm_dlci_release - release DLCI 1700 * @dlci: DLCI to destroy 1701 * 1702 * Release a DLCI. Actual free is deferred until either 1703 * mux is closed or tty is closed - whichever is last. 1704 * 1705 * Can sleep. 1706 */ 1707 static void gsm_dlci_release(struct gsm_dlci *dlci) 1708 { 1709 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1710 if (tty) { 1711 mutex_lock(&dlci->mutex); 1712 gsm_destroy_network(dlci); 1713 mutex_unlock(&dlci->mutex); 1714 1715 tty_vhangup(tty); 1716 1717 tty_port_tty_set(&dlci->port, NULL); 1718 tty_kref_put(tty); 1719 } 1720 dlci->state = DLCI_CLOSED; 1721 dlci_put(dlci); 1722 } 1723 1724 /* 1725 * LAPBish link layer logic 1726 */ 1727 1728 /** 1729 * gsm_queue - a GSM frame is ready to process 1730 * @gsm: pointer to our gsm mux 1731 * 1732 * At this point in time a frame has arrived and been demangled from 1733 * the line encoding. All the differences between the encodings have 1734 * been handled below us and the frame is unpacked into the structures. 1735 * The fcs holds the header FCS but any data FCS must be added here. 1736 */ 1737 1738 static void gsm_queue(struct gsm_mux *gsm) 1739 { 1740 struct gsm_dlci *dlci; 1741 u8 cr; 1742 int address; 1743 /* We have to sneak a look at the packet body to do the FCS. 1744 A somewhat layering violation in the spec */ 1745 1746 if ((gsm->control & ~PF) == UI) 1747 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len); 1748 if (gsm->encoding == 0) { 1749 /* WARNING: gsm->received_fcs is used for 1750 gsm->encoding = 0 only. 1751 In this case it contain the last piece of data 1752 required to generate final CRC */ 1753 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs); 1754 } 1755 if (gsm->fcs != GOOD_FCS) { 1756 gsm->bad_fcs++; 1757 if (debug & 4) 1758 pr_debug("BAD FCS %02x\n", gsm->fcs); 1759 return; 1760 } 1761 address = gsm->address >> 1; 1762 if (address >= NUM_DLCI) 1763 goto invalid; 1764 1765 cr = gsm->address & 1; /* C/R bit */ 1766 1767 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1768 1769 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */ 1770 dlci = gsm->dlci[address]; 1771 1772 switch (gsm->control) { 1773 case SABM|PF: 1774 if (cr == 0) 1775 goto invalid; 1776 if (dlci == NULL) 1777 dlci = gsm_dlci_alloc(gsm, address); 1778 if (dlci == NULL) 1779 return; 1780 if (dlci->dead) 1781 gsm_response(gsm, address, DM); 1782 else { 1783 gsm_response(gsm, address, UA); 1784 gsm_dlci_open(dlci); 1785 } 1786 break; 1787 case DISC|PF: 1788 if (cr == 0) 1789 goto invalid; 1790 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1791 gsm_response(gsm, address, DM); 1792 return; 1793 } 1794 /* Real close complete */ 1795 gsm_response(gsm, address, UA); 1796 gsm_dlci_close(dlci); 1797 break; 1798 case UA: 1799 case UA|PF: 1800 if (cr == 0 || dlci == NULL) 1801 break; 1802 switch (dlci->state) { 1803 case DLCI_CLOSING: 1804 gsm_dlci_close(dlci); 1805 break; 1806 case DLCI_OPENING: 1807 gsm_dlci_open(dlci); 1808 break; 1809 } 1810 break; 1811 case DM: /* DM can be valid unsolicited */ 1812 case DM|PF: 1813 if (cr) 1814 goto invalid; 1815 if (dlci == NULL) 1816 return; 1817 gsm_dlci_close(dlci); 1818 break; 1819 case UI: 1820 case UI|PF: 1821 case UIH: 1822 case UIH|PF: 1823 #if 0 1824 if (cr) 1825 goto invalid; 1826 #endif 1827 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1828 gsm_command(gsm, address, DM|PF); 1829 return; 1830 } 1831 dlci->data(dlci, gsm->buf, gsm->len); 1832 break; 1833 default: 1834 goto invalid; 1835 } 1836 return; 1837 invalid: 1838 gsm->malformed++; 1839 return; 1840 } 1841 1842 1843 /** 1844 * gsm0_receive - perform processing for non-transparency 1845 * @gsm: gsm data for this ldisc instance 1846 * @c: character 1847 * 1848 * Receive bytes in gsm mode 0 1849 */ 1850 1851 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1852 { 1853 unsigned int len; 1854 1855 switch (gsm->state) { 1856 case GSM_SEARCH: /* SOF marker */ 1857 if (c == GSM0_SOF) { 1858 gsm->state = GSM_ADDRESS; 1859 gsm->address = 0; 1860 gsm->len = 0; 1861 gsm->fcs = INIT_FCS; 1862 } 1863 break; 1864 case GSM_ADDRESS: /* Address EA */ 1865 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1866 if (gsm_read_ea(&gsm->address, c)) 1867 gsm->state = GSM_CONTROL; 1868 break; 1869 case GSM_CONTROL: /* Control Byte */ 1870 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1871 gsm->control = c; 1872 gsm->state = GSM_LEN0; 1873 break; 1874 case GSM_LEN0: /* Length EA */ 1875 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1876 if (gsm_read_ea(&gsm->len, c)) { 1877 if (gsm->len > gsm->mru) { 1878 gsm->bad_size++; 1879 gsm->state = GSM_SEARCH; 1880 break; 1881 } 1882 gsm->count = 0; 1883 if (!gsm->len) 1884 gsm->state = GSM_FCS; 1885 else 1886 gsm->state = GSM_DATA; 1887 break; 1888 } 1889 gsm->state = GSM_LEN1; 1890 break; 1891 case GSM_LEN1: 1892 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1893 len = c; 1894 gsm->len |= len << 7; 1895 if (gsm->len > gsm->mru) { 1896 gsm->bad_size++; 1897 gsm->state = GSM_SEARCH; 1898 break; 1899 } 1900 gsm->count = 0; 1901 if (!gsm->len) 1902 gsm->state = GSM_FCS; 1903 else 1904 gsm->state = GSM_DATA; 1905 break; 1906 case GSM_DATA: /* Data */ 1907 gsm->buf[gsm->count++] = c; 1908 if (gsm->count == gsm->len) 1909 gsm->state = GSM_FCS; 1910 break; 1911 case GSM_FCS: /* FCS follows the packet */ 1912 gsm->received_fcs = c; 1913 gsm_queue(gsm); 1914 gsm->state = GSM_SSOF; 1915 break; 1916 case GSM_SSOF: 1917 if (c == GSM0_SOF) { 1918 gsm->state = GSM_SEARCH; 1919 break; 1920 } 1921 break; 1922 } 1923 } 1924 1925 /** 1926 * gsm1_receive - perform processing for non-transparency 1927 * @gsm: gsm data for this ldisc instance 1928 * @c: character 1929 * 1930 * Receive bytes in mode 1 (Advanced option) 1931 */ 1932 1933 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 1934 { 1935 if (c == GSM1_SOF) { 1936 /* EOF is only valid in frame if we have got to the data state 1937 and received at least one byte (the FCS) */ 1938 if (gsm->state == GSM_DATA && gsm->count) { 1939 /* Extract the FCS */ 1940 gsm->count--; 1941 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 1942 gsm->len = gsm->count; 1943 gsm_queue(gsm); 1944 gsm->state = GSM_START; 1945 return; 1946 } 1947 /* Any partial frame was a runt so go back to start */ 1948 if (gsm->state != GSM_START) { 1949 gsm->malformed++; 1950 gsm->state = GSM_START; 1951 } 1952 /* A SOF in GSM_START means we are still reading idling or 1953 framing bytes */ 1954 return; 1955 } 1956 1957 if (c == GSM1_ESCAPE) { 1958 gsm->escape = 1; 1959 return; 1960 } 1961 1962 /* Only an unescaped SOF gets us out of GSM search */ 1963 if (gsm->state == GSM_SEARCH) 1964 return; 1965 1966 if (gsm->escape) { 1967 c ^= GSM1_ESCAPE_BITS; 1968 gsm->escape = 0; 1969 } 1970 switch (gsm->state) { 1971 case GSM_START: /* First byte after SOF */ 1972 gsm->address = 0; 1973 gsm->state = GSM_ADDRESS; 1974 gsm->fcs = INIT_FCS; 1975 /* Drop through */ 1976 case GSM_ADDRESS: /* Address continuation */ 1977 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1978 if (gsm_read_ea(&gsm->address, c)) 1979 gsm->state = GSM_CONTROL; 1980 break; 1981 case GSM_CONTROL: /* Control Byte */ 1982 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1983 gsm->control = c; 1984 gsm->count = 0; 1985 gsm->state = GSM_DATA; 1986 break; 1987 case GSM_DATA: /* Data */ 1988 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 1989 gsm->state = GSM_OVERRUN; 1990 gsm->bad_size++; 1991 } else 1992 gsm->buf[gsm->count++] = c; 1993 break; 1994 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 1995 break; 1996 } 1997 } 1998 1999 /** 2000 * gsm_error - handle tty error 2001 * @gsm: ldisc data 2002 * @data: byte received (may be invalid) 2003 * @flag: error received 2004 * 2005 * Handle an error in the receipt of data for a frame. Currently we just 2006 * go back to hunting for a SOF. 2007 * 2008 * FIXME: better diagnostics ? 2009 */ 2010 2011 static void gsm_error(struct gsm_mux *gsm, 2012 unsigned char data, unsigned char flag) 2013 { 2014 gsm->state = GSM_SEARCH; 2015 gsm->io_error++; 2016 } 2017 2018 static int gsm_disconnect(struct gsm_mux *gsm) 2019 { 2020 struct gsm_dlci *dlci = gsm->dlci[0]; 2021 struct gsm_control *gc; 2022 2023 if (!dlci) 2024 return 0; 2025 2026 /* In theory disconnecting DLCI 0 is sufficient but for some 2027 modems this is apparently not the case. */ 2028 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0); 2029 if (gc) 2030 gsm_control_wait(gsm, gc); 2031 2032 del_timer_sync(&gsm->t2_timer); 2033 /* Now we are sure T2 has stopped */ 2034 2035 gsm_dlci_begin_close(dlci); 2036 wait_event_interruptible(gsm->event, 2037 dlci->state == DLCI_CLOSED); 2038 2039 if (signal_pending(current)) 2040 return -EINTR; 2041 2042 return 0; 2043 } 2044 2045 /** 2046 * gsm_cleanup_mux - generic GSM protocol cleanup 2047 * @gsm: our mux 2048 * 2049 * Clean up the bits of the mux which are the same for all framing 2050 * protocols. Remove the mux from the mux table, stop all the timers 2051 * and then shut down each device hanging up the channels as we go. 2052 */ 2053 2054 static void gsm_cleanup_mux(struct gsm_mux *gsm) 2055 { 2056 int i; 2057 struct gsm_dlci *dlci = gsm->dlci[0]; 2058 struct gsm_msg *txq, *ntxq; 2059 2060 gsm->dead = 1; 2061 2062 spin_lock(&gsm_mux_lock); 2063 for (i = 0; i < MAX_MUX; i++) { 2064 if (gsm_mux[i] == gsm) { 2065 gsm_mux[i] = NULL; 2066 break; 2067 } 2068 } 2069 spin_unlock(&gsm_mux_lock); 2070 /* open failed before registering => nothing to do */ 2071 if (i == MAX_MUX) 2072 return; 2073 2074 del_timer_sync(&gsm->t2_timer); 2075 /* Now we are sure T2 has stopped */ 2076 if (dlci) 2077 dlci->dead = 1; 2078 2079 /* Free up any link layer users */ 2080 mutex_lock(&gsm->mutex); 2081 for (i = 0; i < NUM_DLCI; i++) 2082 if (gsm->dlci[i]) 2083 gsm_dlci_release(gsm->dlci[i]); 2084 mutex_unlock(&gsm->mutex); 2085 /* Now wipe the queues */ 2086 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2087 kfree(txq); 2088 INIT_LIST_HEAD(&gsm->tx_list); 2089 } 2090 2091 /** 2092 * gsm_activate_mux - generic GSM setup 2093 * @gsm: our mux 2094 * 2095 * Set up the bits of the mux which are the same for all framing 2096 * protocols. Add the mux to the mux table so it can be opened and 2097 * finally kick off connecting to DLCI 0 on the modem. 2098 */ 2099 2100 static int gsm_activate_mux(struct gsm_mux *gsm) 2101 { 2102 struct gsm_dlci *dlci; 2103 int i = 0; 2104 2105 setup_timer(&gsm->t2_timer, gsm_control_retransmit, (unsigned long)gsm); 2106 init_waitqueue_head(&gsm->event); 2107 spin_lock_init(&gsm->control_lock); 2108 spin_lock_init(&gsm->tx_lock); 2109 2110 if (gsm->encoding == 0) 2111 gsm->receive = gsm0_receive; 2112 else 2113 gsm->receive = gsm1_receive; 2114 gsm->error = gsm_error; 2115 2116 spin_lock(&gsm_mux_lock); 2117 for (i = 0; i < MAX_MUX; i++) { 2118 if (gsm_mux[i] == NULL) { 2119 gsm->num = i; 2120 gsm_mux[i] = gsm; 2121 break; 2122 } 2123 } 2124 spin_unlock(&gsm_mux_lock); 2125 if (i == MAX_MUX) 2126 return -EBUSY; 2127 2128 dlci = gsm_dlci_alloc(gsm, 0); 2129 if (dlci == NULL) 2130 return -ENOMEM; 2131 gsm->dead = 0; /* Tty opens are now permissible */ 2132 return 0; 2133 } 2134 2135 /** 2136 * gsm_free_mux - free up a mux 2137 * @mux: mux to free 2138 * 2139 * Dispose of allocated resources for a dead mux 2140 */ 2141 static void gsm_free_mux(struct gsm_mux *gsm) 2142 { 2143 kfree(gsm->txframe); 2144 kfree(gsm->buf); 2145 kfree(gsm); 2146 } 2147 2148 /** 2149 * gsm_free_muxr - free up a mux 2150 * @mux: mux to free 2151 * 2152 * Dispose of allocated resources for a dead mux 2153 */ 2154 static void gsm_free_muxr(struct kref *ref) 2155 { 2156 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2157 gsm_free_mux(gsm); 2158 } 2159 2160 static inline void mux_get(struct gsm_mux *gsm) 2161 { 2162 kref_get(&gsm->ref); 2163 } 2164 2165 static inline void mux_put(struct gsm_mux *gsm) 2166 { 2167 kref_put(&gsm->ref, gsm_free_muxr); 2168 } 2169 2170 /** 2171 * gsm_alloc_mux - allocate a mux 2172 * 2173 * Creates a new mux ready for activation. 2174 */ 2175 2176 static struct gsm_mux *gsm_alloc_mux(void) 2177 { 2178 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2179 if (gsm == NULL) 2180 return NULL; 2181 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2182 if (gsm->buf == NULL) { 2183 kfree(gsm); 2184 return NULL; 2185 } 2186 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL); 2187 if (gsm->txframe == NULL) { 2188 kfree(gsm->buf); 2189 kfree(gsm); 2190 return NULL; 2191 } 2192 spin_lock_init(&gsm->lock); 2193 mutex_init(&gsm->mutex); 2194 kref_init(&gsm->ref); 2195 INIT_LIST_HEAD(&gsm->tx_list); 2196 2197 gsm->t1 = T1; 2198 gsm->t2 = T2; 2199 gsm->n2 = N2; 2200 gsm->ftype = UIH; 2201 gsm->adaption = 1; 2202 gsm->encoding = 1; 2203 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2204 gsm->mtu = 64; 2205 gsm->dead = 1; /* Avoid early tty opens */ 2206 2207 return gsm; 2208 } 2209 2210 /** 2211 * gsmld_output - write to link 2212 * @gsm: our mux 2213 * @data: bytes to output 2214 * @len: size 2215 * 2216 * Write a block of data from the GSM mux to the data channel. This 2217 * will eventually be serialized from above but at the moment isn't. 2218 */ 2219 2220 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2221 { 2222 if (tty_write_room(gsm->tty) < len) { 2223 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2224 return -ENOSPC; 2225 } 2226 if (debug & 4) 2227 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET, 2228 data, len); 2229 gsm->tty->ops->write(gsm->tty, data, len); 2230 return len; 2231 } 2232 2233 /** 2234 * gsmld_attach_gsm - mode set up 2235 * @tty: our tty structure 2236 * @gsm: our mux 2237 * 2238 * Set up the MUX for basic mode and commence connecting to the 2239 * modem. Currently called from the line discipline set up but 2240 * will need moving to an ioctl path. 2241 */ 2242 2243 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2244 { 2245 int ret, i, base; 2246 2247 gsm->tty = tty_kref_get(tty); 2248 gsm->output = gsmld_output; 2249 ret = gsm_activate_mux(gsm); 2250 if (ret != 0) 2251 tty_kref_put(gsm->tty); 2252 else { 2253 /* Don't register device 0 - this is the control channel and not 2254 a usable tty interface */ 2255 base = gsm->num << 6; /* Base for this MUX */ 2256 for (i = 1; i < NUM_DLCI; i++) 2257 tty_register_device(gsm_tty_driver, base + i, NULL); 2258 } 2259 return ret; 2260 } 2261 2262 2263 /** 2264 * gsmld_detach_gsm - stop doing 0710 mux 2265 * @tty: tty attached to the mux 2266 * @gsm: mux 2267 * 2268 * Shutdown and then clean up the resources used by the line discipline 2269 */ 2270 2271 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2272 { 2273 int i; 2274 int base = gsm->num << 6; /* Base for this MUX */ 2275 2276 WARN_ON(tty != gsm->tty); 2277 for (i = 1; i < NUM_DLCI; i++) 2278 tty_unregister_device(gsm_tty_driver, base + i); 2279 gsm_cleanup_mux(gsm); 2280 tty_kref_put(gsm->tty); 2281 gsm->tty = NULL; 2282 } 2283 2284 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2285 char *fp, int count) 2286 { 2287 struct gsm_mux *gsm = tty->disc_data; 2288 const unsigned char *dp; 2289 char *f; 2290 int i; 2291 char flags = TTY_NORMAL; 2292 2293 if (debug & 4) 2294 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET, 2295 cp, count); 2296 2297 for (i = count, dp = cp, f = fp; i; i--, dp++) { 2298 if (f) 2299 flags = *f++; 2300 switch (flags) { 2301 case TTY_NORMAL: 2302 gsm->receive(gsm, *dp); 2303 break; 2304 case TTY_OVERRUN: 2305 case TTY_BREAK: 2306 case TTY_PARITY: 2307 case TTY_FRAME: 2308 gsm->error(gsm, *dp, flags); 2309 break; 2310 default: 2311 WARN_ONCE(1, "%s: unknown flag %d\n", 2312 tty_name(tty), flags); 2313 break; 2314 } 2315 } 2316 /* FASYNC if needed ? */ 2317 /* If clogged call tty_throttle(tty); */ 2318 } 2319 2320 /** 2321 * gsmld_flush_buffer - clean input queue 2322 * @tty: terminal device 2323 * 2324 * Flush the input buffer. Called when the line discipline is 2325 * being closed, when the tty layer wants the buffer flushed (eg 2326 * at hangup). 2327 */ 2328 2329 static void gsmld_flush_buffer(struct tty_struct *tty) 2330 { 2331 } 2332 2333 /** 2334 * gsmld_close - close the ldisc for this tty 2335 * @tty: device 2336 * 2337 * Called from the terminal layer when this line discipline is 2338 * being shut down, either because of a close or becsuse of a 2339 * discipline change. The function will not be called while other 2340 * ldisc methods are in progress. 2341 */ 2342 2343 static void gsmld_close(struct tty_struct *tty) 2344 { 2345 struct gsm_mux *gsm = tty->disc_data; 2346 2347 gsmld_detach_gsm(tty, gsm); 2348 2349 gsmld_flush_buffer(tty); 2350 /* Do other clean up here */ 2351 mux_put(gsm); 2352 } 2353 2354 /** 2355 * gsmld_open - open an ldisc 2356 * @tty: terminal to open 2357 * 2358 * Called when this line discipline is being attached to the 2359 * terminal device. Can sleep. Called serialized so that no 2360 * other events will occur in parallel. No further open will occur 2361 * until a close. 2362 */ 2363 2364 static int gsmld_open(struct tty_struct *tty) 2365 { 2366 struct gsm_mux *gsm; 2367 int ret; 2368 2369 if (tty->ops->write == NULL) 2370 return -EINVAL; 2371 2372 /* Attach our ldisc data */ 2373 gsm = gsm_alloc_mux(); 2374 if (gsm == NULL) 2375 return -ENOMEM; 2376 2377 tty->disc_data = gsm; 2378 tty->receive_room = 65536; 2379 2380 /* Attach the initial passive connection */ 2381 gsm->encoding = 1; 2382 2383 ret = gsmld_attach_gsm(tty, gsm); 2384 if (ret != 0) { 2385 gsm_cleanup_mux(gsm); 2386 mux_put(gsm); 2387 } 2388 return ret; 2389 } 2390 2391 /** 2392 * gsmld_write_wakeup - asynchronous I/O notifier 2393 * @tty: tty device 2394 * 2395 * Required for the ptys, serial driver etc. since processes 2396 * that attach themselves to the master and rely on ASYNC 2397 * IO must be woken up 2398 */ 2399 2400 static void gsmld_write_wakeup(struct tty_struct *tty) 2401 { 2402 struct gsm_mux *gsm = tty->disc_data; 2403 unsigned long flags; 2404 2405 /* Queue poll */ 2406 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2407 spin_lock_irqsave(&gsm->tx_lock, flags); 2408 gsm_data_kick(gsm); 2409 if (gsm->tx_bytes < TX_THRESH_LO) { 2410 gsm_dlci_data_sweep(gsm); 2411 } 2412 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2413 } 2414 2415 /** 2416 * gsmld_read - read function for tty 2417 * @tty: tty device 2418 * @file: file object 2419 * @buf: userspace buffer pointer 2420 * @nr: size of I/O 2421 * 2422 * Perform reads for the line discipline. We are guaranteed that the 2423 * line discipline will not be closed under us but we may get multiple 2424 * parallel readers and must handle this ourselves. We may also get 2425 * a hangup. Always called in user context, may sleep. 2426 * 2427 * This code must be sure never to sleep through a hangup. 2428 */ 2429 2430 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2431 unsigned char __user *buf, size_t nr) 2432 { 2433 return -EOPNOTSUPP; 2434 } 2435 2436 /** 2437 * gsmld_write - write function for tty 2438 * @tty: tty device 2439 * @file: file object 2440 * @buf: userspace buffer pointer 2441 * @nr: size of I/O 2442 * 2443 * Called when the owner of the device wants to send a frame 2444 * itself (or some other control data). The data is transferred 2445 * as-is and must be properly framed and checksummed as appropriate 2446 * by userspace. Frames are either sent whole or not at all as this 2447 * avoids pain user side. 2448 */ 2449 2450 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2451 const unsigned char *buf, size_t nr) 2452 { 2453 int space = tty_write_room(tty); 2454 if (space >= nr) 2455 return tty->ops->write(tty, buf, nr); 2456 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2457 return -ENOBUFS; 2458 } 2459 2460 /** 2461 * gsmld_poll - poll method for N_GSM0710 2462 * @tty: terminal device 2463 * @file: file accessing it 2464 * @wait: poll table 2465 * 2466 * Called when the line discipline is asked to poll() for data or 2467 * for special events. This code is not serialized with respect to 2468 * other events save open/close. 2469 * 2470 * This code must be sure never to sleep through a hangup. 2471 * Called without the kernel lock held - fine 2472 */ 2473 2474 static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file, 2475 poll_table *wait) 2476 { 2477 unsigned int mask = 0; 2478 struct gsm_mux *gsm = tty->disc_data; 2479 2480 poll_wait(file, &tty->read_wait, wait); 2481 poll_wait(file, &tty->write_wait, wait); 2482 if (tty_hung_up_p(file)) 2483 mask |= POLLHUP; 2484 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2485 mask |= POLLOUT | POLLWRNORM; 2486 if (gsm->dead) 2487 mask |= POLLHUP; 2488 return mask; 2489 } 2490 2491 static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm, 2492 struct gsm_config *c) 2493 { 2494 int need_close = 0; 2495 int need_restart = 0; 2496 2497 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2498 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2499 return -EOPNOTSUPP; 2500 /* Check the MRU/MTU range looks sane */ 2501 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2502 return -EINVAL; 2503 if (c->n2 < 3) 2504 return -EINVAL; 2505 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2506 return -EINVAL; 2507 if (c->initiator > 1) 2508 return -EINVAL; 2509 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2510 return -EINVAL; 2511 /* 2512 * See what is needed for reconfiguration 2513 */ 2514 2515 /* Timing fields */ 2516 if (c->t1 != 0 && c->t1 != gsm->t1) 2517 need_restart = 1; 2518 if (c->t2 != 0 && c->t2 != gsm->t2) 2519 need_restart = 1; 2520 if (c->encapsulation != gsm->encoding) 2521 need_restart = 1; 2522 if (c->adaption != gsm->adaption) 2523 need_restart = 1; 2524 /* Requires care */ 2525 if (c->initiator != gsm->initiator) 2526 need_close = 1; 2527 if (c->mru != gsm->mru) 2528 need_restart = 1; 2529 if (c->mtu != gsm->mtu) 2530 need_restart = 1; 2531 2532 /* 2533 * Close down what is needed, restart and initiate the new 2534 * configuration 2535 */ 2536 2537 if (need_close || need_restart) { 2538 int ret; 2539 2540 ret = gsm_disconnect(gsm); 2541 2542 if (ret) 2543 return ret; 2544 } 2545 if (need_restart) 2546 gsm_cleanup_mux(gsm); 2547 2548 gsm->initiator = c->initiator; 2549 gsm->mru = c->mru; 2550 gsm->mtu = c->mtu; 2551 gsm->encoding = c->encapsulation; 2552 gsm->adaption = c->adaption; 2553 gsm->n2 = c->n2; 2554 2555 if (c->i == 1) 2556 gsm->ftype = UIH; 2557 else if (c->i == 2) 2558 gsm->ftype = UI; 2559 2560 if (c->t1) 2561 gsm->t1 = c->t1; 2562 if (c->t2) 2563 gsm->t2 = c->t2; 2564 2565 /* FIXME: We need to separate activation/deactivation from adding 2566 and removing from the mux array */ 2567 if (need_restart) 2568 gsm_activate_mux(gsm); 2569 if (gsm->initiator && need_close) 2570 gsm_dlci_begin_open(gsm->dlci[0]); 2571 return 0; 2572 } 2573 2574 static int gsmld_ioctl(struct tty_struct *tty, struct file *file, 2575 unsigned int cmd, unsigned long arg) 2576 { 2577 struct gsm_config c; 2578 struct gsm_mux *gsm = tty->disc_data; 2579 2580 switch (cmd) { 2581 case GSMIOC_GETCONF: 2582 memset(&c, 0, sizeof(c)); 2583 c.adaption = gsm->adaption; 2584 c.encapsulation = gsm->encoding; 2585 c.initiator = gsm->initiator; 2586 c.t1 = gsm->t1; 2587 c.t2 = gsm->t2; 2588 c.t3 = 0; /* Not supported */ 2589 c.n2 = gsm->n2; 2590 if (gsm->ftype == UIH) 2591 c.i = 1; 2592 else 2593 c.i = 2; 2594 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i); 2595 c.mru = gsm->mru; 2596 c.mtu = gsm->mtu; 2597 c.k = 0; 2598 if (copy_to_user((void *)arg, &c, sizeof(c))) 2599 return -EFAULT; 2600 return 0; 2601 case GSMIOC_SETCONF: 2602 if (copy_from_user(&c, (void *)arg, sizeof(c))) 2603 return -EFAULT; 2604 return gsmld_config(tty, gsm, &c); 2605 default: 2606 return n_tty_ioctl_helper(tty, file, cmd, arg); 2607 } 2608 } 2609 2610 /* 2611 * Network interface 2612 * 2613 */ 2614 2615 static int gsm_mux_net_open(struct net_device *net) 2616 { 2617 pr_debug("%s called\n", __func__); 2618 netif_start_queue(net); 2619 return 0; 2620 } 2621 2622 static int gsm_mux_net_close(struct net_device *net) 2623 { 2624 netif_stop_queue(net); 2625 return 0; 2626 } 2627 2628 static void dlci_net_free(struct gsm_dlci *dlci) 2629 { 2630 if (!dlci->net) { 2631 WARN_ON(1); 2632 return; 2633 } 2634 dlci->adaption = dlci->prev_adaption; 2635 dlci->data = dlci->prev_data; 2636 free_netdev(dlci->net); 2637 dlci->net = NULL; 2638 } 2639 static void net_free(struct kref *ref) 2640 { 2641 struct gsm_mux_net *mux_net; 2642 struct gsm_dlci *dlci; 2643 2644 mux_net = container_of(ref, struct gsm_mux_net, ref); 2645 dlci = mux_net->dlci; 2646 2647 if (dlci->net) { 2648 unregister_netdev(dlci->net); 2649 dlci_net_free(dlci); 2650 } 2651 } 2652 2653 static inline void muxnet_get(struct gsm_mux_net *mux_net) 2654 { 2655 kref_get(&mux_net->ref); 2656 } 2657 2658 static inline void muxnet_put(struct gsm_mux_net *mux_net) 2659 { 2660 kref_put(&mux_net->ref, net_free); 2661 } 2662 2663 static int gsm_mux_net_start_xmit(struct sk_buff *skb, 2664 struct net_device *net) 2665 { 2666 struct gsm_mux_net *mux_net = netdev_priv(net); 2667 struct gsm_dlci *dlci = mux_net->dlci; 2668 muxnet_get(mux_net); 2669 2670 skb_queue_head(&dlci->skb_list, skb); 2671 net->stats.tx_packets++; 2672 net->stats.tx_bytes += skb->len; 2673 gsm_dlci_data_kick(dlci); 2674 /* And tell the kernel when the last transmit started. */ 2675 netif_trans_update(net); 2676 muxnet_put(mux_net); 2677 return NETDEV_TX_OK; 2678 } 2679 2680 /* called when a packet did not ack after watchdogtimeout */ 2681 static void gsm_mux_net_tx_timeout(struct net_device *net) 2682 { 2683 /* Tell syslog we are hosed. */ 2684 dev_dbg(&net->dev, "Tx timed out.\n"); 2685 2686 /* Update statistics */ 2687 net->stats.tx_errors++; 2688 } 2689 2690 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2691 unsigned char *in_buf, int size) 2692 { 2693 struct net_device *net = dlci->net; 2694 struct sk_buff *skb; 2695 struct gsm_mux_net *mux_net = netdev_priv(net); 2696 muxnet_get(mux_net); 2697 2698 /* Allocate an sk_buff */ 2699 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2700 if (!skb) { 2701 /* We got no receive buffer. */ 2702 net->stats.rx_dropped++; 2703 muxnet_put(mux_net); 2704 return; 2705 } 2706 skb_reserve(skb, NET_IP_ALIGN); 2707 skb_put_data(skb, in_buf, size); 2708 2709 skb->dev = net; 2710 skb->protocol = htons(ETH_P_IP); 2711 2712 /* Ship it off to the kernel */ 2713 netif_rx(skb); 2714 2715 /* update out statistics */ 2716 net->stats.rx_packets++; 2717 net->stats.rx_bytes += size; 2718 muxnet_put(mux_net); 2719 return; 2720 } 2721 2722 static void gsm_mux_net_init(struct net_device *net) 2723 { 2724 static const struct net_device_ops gsm_netdev_ops = { 2725 .ndo_open = gsm_mux_net_open, 2726 .ndo_stop = gsm_mux_net_close, 2727 .ndo_start_xmit = gsm_mux_net_start_xmit, 2728 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2729 }; 2730 2731 net->netdev_ops = &gsm_netdev_ops; 2732 2733 /* fill in the other fields */ 2734 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2735 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2736 net->type = ARPHRD_NONE; 2737 net->tx_queue_len = 10; 2738 } 2739 2740 2741 /* caller holds the dlci mutex */ 2742 static void gsm_destroy_network(struct gsm_dlci *dlci) 2743 { 2744 struct gsm_mux_net *mux_net; 2745 2746 pr_debug("destroy network interface"); 2747 if (!dlci->net) 2748 return; 2749 mux_net = netdev_priv(dlci->net); 2750 muxnet_put(mux_net); 2751 } 2752 2753 2754 /* caller holds the dlci mutex */ 2755 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2756 { 2757 char *netname; 2758 int retval = 0; 2759 struct net_device *net; 2760 struct gsm_mux_net *mux_net; 2761 2762 if (!capable(CAP_NET_ADMIN)) 2763 return -EPERM; 2764 2765 /* Already in a non tty mode */ 2766 if (dlci->adaption > 2) 2767 return -EBUSY; 2768 2769 if (nc->protocol != htons(ETH_P_IP)) 2770 return -EPROTONOSUPPORT; 2771 2772 if (nc->adaption != 3 && nc->adaption != 4) 2773 return -EPROTONOSUPPORT; 2774 2775 pr_debug("create network interface"); 2776 2777 netname = "gsm%d"; 2778 if (nc->if_name[0] != '\0') 2779 netname = nc->if_name; 2780 net = alloc_netdev(sizeof(struct gsm_mux_net), netname, 2781 NET_NAME_UNKNOWN, gsm_mux_net_init); 2782 if (!net) { 2783 pr_err("alloc_netdev failed"); 2784 return -ENOMEM; 2785 } 2786 net->mtu = dlci->gsm->mtu; 2787 net->min_mtu = 8; 2788 net->max_mtu = dlci->gsm->mtu; 2789 mux_net = netdev_priv(net); 2790 mux_net->dlci = dlci; 2791 kref_init(&mux_net->ref); 2792 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2793 2794 /* reconfigure dlci for network */ 2795 dlci->prev_adaption = dlci->adaption; 2796 dlci->prev_data = dlci->data; 2797 dlci->adaption = nc->adaption; 2798 dlci->data = gsm_mux_rx_netchar; 2799 dlci->net = net; 2800 2801 pr_debug("register netdev"); 2802 retval = register_netdev(net); 2803 if (retval) { 2804 pr_err("network register fail %d\n", retval); 2805 dlci_net_free(dlci); 2806 return retval; 2807 } 2808 return net->ifindex; /* return network index */ 2809 } 2810 2811 /* Line discipline for real tty */ 2812 static struct tty_ldisc_ops tty_ldisc_packet = { 2813 .owner = THIS_MODULE, 2814 .magic = TTY_LDISC_MAGIC, 2815 .name = "n_gsm", 2816 .open = gsmld_open, 2817 .close = gsmld_close, 2818 .flush_buffer = gsmld_flush_buffer, 2819 .read = gsmld_read, 2820 .write = gsmld_write, 2821 .ioctl = gsmld_ioctl, 2822 .poll = gsmld_poll, 2823 .receive_buf = gsmld_receive_buf, 2824 .write_wakeup = gsmld_write_wakeup 2825 }; 2826 2827 /* 2828 * Virtual tty side 2829 */ 2830 2831 #define TX_SIZE 512 2832 2833 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk) 2834 { 2835 u8 modembits[5]; 2836 struct gsm_control *ctrl; 2837 int len = 2; 2838 2839 if (brk) 2840 len++; 2841 2842 modembits[0] = len << 1 | EA; /* Data bytes */ 2843 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */ 2844 modembits[2] = gsm_encode_modem(dlci) << 1 | EA; 2845 if (brk) 2846 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */ 2847 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1); 2848 if (ctrl == NULL) 2849 return -ENOMEM; 2850 return gsm_control_wait(dlci->gsm, ctrl); 2851 } 2852 2853 static int gsm_carrier_raised(struct tty_port *port) 2854 { 2855 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2856 /* Not yet open so no carrier info */ 2857 if (dlci->state != DLCI_OPEN) 2858 return 0; 2859 if (debug & 2) 2860 return 1; 2861 return dlci->modem_rx & TIOCM_CD; 2862 } 2863 2864 static void gsm_dtr_rts(struct tty_port *port, int onoff) 2865 { 2866 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 2867 unsigned int modem_tx = dlci->modem_tx; 2868 if (onoff) 2869 modem_tx |= TIOCM_DTR | TIOCM_RTS; 2870 else 2871 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 2872 if (modem_tx != dlci->modem_tx) { 2873 dlci->modem_tx = modem_tx; 2874 gsmtty_modem_update(dlci, 0); 2875 } 2876 } 2877 2878 static const struct tty_port_operations gsm_port_ops = { 2879 .carrier_raised = gsm_carrier_raised, 2880 .dtr_rts = gsm_dtr_rts, 2881 .destruct = gsm_dlci_free, 2882 }; 2883 2884 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 2885 { 2886 struct gsm_mux *gsm; 2887 struct gsm_dlci *dlci; 2888 unsigned int line = tty->index; 2889 unsigned int mux = line >> 6; 2890 bool alloc = false; 2891 int ret; 2892 2893 line = line & 0x3F; 2894 2895 if (mux >= MAX_MUX) 2896 return -ENXIO; 2897 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 2898 if (gsm_mux[mux] == NULL) 2899 return -EUNATCH; 2900 if (line == 0 || line > 61) /* 62/63 reserved */ 2901 return -ECHRNG; 2902 gsm = gsm_mux[mux]; 2903 if (gsm->dead) 2904 return -EL2HLT; 2905 /* If DLCI 0 is not yet fully open return an error. 2906 This is ok from a locking 2907 perspective as we don't have to worry about this 2908 if DLCI0 is lost */ 2909 mutex_lock(&gsm->mutex); 2910 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) { 2911 mutex_unlock(&gsm->mutex); 2912 return -EL2NSYNC; 2913 } 2914 dlci = gsm->dlci[line]; 2915 if (dlci == NULL) { 2916 alloc = true; 2917 dlci = gsm_dlci_alloc(gsm, line); 2918 } 2919 if (dlci == NULL) { 2920 mutex_unlock(&gsm->mutex); 2921 return -ENOMEM; 2922 } 2923 ret = tty_port_install(&dlci->port, driver, tty); 2924 if (ret) { 2925 if (alloc) 2926 dlci_put(dlci); 2927 mutex_unlock(&gsm->mutex); 2928 return ret; 2929 } 2930 2931 dlci_get(dlci); 2932 dlci_get(gsm->dlci[0]); 2933 mux_get(gsm); 2934 tty->driver_data = dlci; 2935 mutex_unlock(&gsm->mutex); 2936 2937 return 0; 2938 } 2939 2940 static int gsmtty_open(struct tty_struct *tty, struct file *filp) 2941 { 2942 struct gsm_dlci *dlci = tty->driver_data; 2943 struct tty_port *port = &dlci->port; 2944 2945 port->count++; 2946 tty_port_tty_set(port, tty); 2947 2948 dlci->modem_rx = 0; 2949 /* We could in theory open and close before we wait - eg if we get 2950 a DM straight back. This is ok as that will have caused a hangup */ 2951 tty_port_set_initialized(port, 1); 2952 /* Start sending off SABM messages */ 2953 gsm_dlci_begin_open(dlci); 2954 /* And wait for virtual carrier */ 2955 return tty_port_block_til_ready(port, tty, filp); 2956 } 2957 2958 static void gsmtty_close(struct tty_struct *tty, struct file *filp) 2959 { 2960 struct gsm_dlci *dlci = tty->driver_data; 2961 struct gsm_mux *gsm; 2962 2963 if (dlci == NULL) 2964 return; 2965 if (dlci->state == DLCI_CLOSED) 2966 return; 2967 mutex_lock(&dlci->mutex); 2968 gsm_destroy_network(dlci); 2969 mutex_unlock(&dlci->mutex); 2970 gsm = dlci->gsm; 2971 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 2972 return; 2973 gsm_dlci_begin_close(dlci); 2974 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty)) 2975 tty_port_lower_dtr_rts(&dlci->port); 2976 tty_port_close_end(&dlci->port, tty); 2977 tty_port_tty_set(&dlci->port, NULL); 2978 return; 2979 } 2980 2981 static void gsmtty_hangup(struct tty_struct *tty) 2982 { 2983 struct gsm_dlci *dlci = tty->driver_data; 2984 if (dlci->state == DLCI_CLOSED) 2985 return; 2986 tty_port_hangup(&dlci->port); 2987 gsm_dlci_begin_close(dlci); 2988 } 2989 2990 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 2991 int len) 2992 { 2993 int sent; 2994 struct gsm_dlci *dlci = tty->driver_data; 2995 if (dlci->state == DLCI_CLOSED) 2996 return -EINVAL; 2997 /* Stuff the bytes into the fifo queue */ 2998 sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock); 2999 /* Need to kick the channel */ 3000 gsm_dlci_data_kick(dlci); 3001 return sent; 3002 } 3003 3004 static int gsmtty_write_room(struct tty_struct *tty) 3005 { 3006 struct gsm_dlci *dlci = tty->driver_data; 3007 if (dlci->state == DLCI_CLOSED) 3008 return -EINVAL; 3009 return TX_SIZE - kfifo_len(dlci->fifo); 3010 } 3011 3012 static int gsmtty_chars_in_buffer(struct tty_struct *tty) 3013 { 3014 struct gsm_dlci *dlci = tty->driver_data; 3015 if (dlci->state == DLCI_CLOSED) 3016 return -EINVAL; 3017 return kfifo_len(dlci->fifo); 3018 } 3019 3020 static void gsmtty_flush_buffer(struct tty_struct *tty) 3021 { 3022 struct gsm_dlci *dlci = tty->driver_data; 3023 if (dlci->state == DLCI_CLOSED) 3024 return; 3025 /* Caution needed: If we implement reliable transport classes 3026 then the data being transmitted can't simply be junked once 3027 it has first hit the stack. Until then we can just blow it 3028 away */ 3029 kfifo_reset(dlci->fifo); 3030 /* Need to unhook this DLCI from the transmit queue logic */ 3031 } 3032 3033 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3034 { 3035 /* The FIFO handles the queue so the kernel will do the right 3036 thing waiting on chars_in_buffer before calling us. No work 3037 to do here */ 3038 } 3039 3040 static int gsmtty_tiocmget(struct tty_struct *tty) 3041 { 3042 struct gsm_dlci *dlci = tty->driver_data; 3043 if (dlci->state == DLCI_CLOSED) 3044 return -EINVAL; 3045 return dlci->modem_rx; 3046 } 3047 3048 static int gsmtty_tiocmset(struct tty_struct *tty, 3049 unsigned int set, unsigned int clear) 3050 { 3051 struct gsm_dlci *dlci = tty->driver_data; 3052 unsigned int modem_tx = dlci->modem_tx; 3053 3054 if (dlci->state == DLCI_CLOSED) 3055 return -EINVAL; 3056 modem_tx &= ~clear; 3057 modem_tx |= set; 3058 3059 if (modem_tx != dlci->modem_tx) { 3060 dlci->modem_tx = modem_tx; 3061 return gsmtty_modem_update(dlci, 0); 3062 } 3063 return 0; 3064 } 3065 3066 3067 static int gsmtty_ioctl(struct tty_struct *tty, 3068 unsigned int cmd, unsigned long arg) 3069 { 3070 struct gsm_dlci *dlci = tty->driver_data; 3071 struct gsm_netconfig nc; 3072 int index; 3073 3074 if (dlci->state == DLCI_CLOSED) 3075 return -EINVAL; 3076 switch (cmd) { 3077 case GSMIOC_ENABLE_NET: 3078 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3079 return -EFAULT; 3080 nc.if_name[IFNAMSIZ-1] = '\0'; 3081 /* return net interface index or error code */ 3082 mutex_lock(&dlci->mutex); 3083 index = gsm_create_network(dlci, &nc); 3084 mutex_unlock(&dlci->mutex); 3085 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3086 return -EFAULT; 3087 return index; 3088 case GSMIOC_DISABLE_NET: 3089 if (!capable(CAP_NET_ADMIN)) 3090 return -EPERM; 3091 mutex_lock(&dlci->mutex); 3092 gsm_destroy_network(dlci); 3093 mutex_unlock(&dlci->mutex); 3094 return 0; 3095 default: 3096 return -ENOIOCTLCMD; 3097 } 3098 } 3099 3100 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3101 { 3102 struct gsm_dlci *dlci = tty->driver_data; 3103 if (dlci->state == DLCI_CLOSED) 3104 return; 3105 /* For the moment its fixed. In actual fact the speed information 3106 for the virtual channel can be propogated in both directions by 3107 the RPN control message. This however rapidly gets nasty as we 3108 then have to remap modem signals each way according to whether 3109 our virtual cable is null modem etc .. */ 3110 tty_termios_copy_hw(&tty->termios, old); 3111 } 3112 3113 static void gsmtty_throttle(struct tty_struct *tty) 3114 { 3115 struct gsm_dlci *dlci = tty->driver_data; 3116 if (dlci->state == DLCI_CLOSED) 3117 return; 3118 if (C_CRTSCTS(tty)) 3119 dlci->modem_tx &= ~TIOCM_DTR; 3120 dlci->throttled = 1; 3121 /* Send an MSC with DTR cleared */ 3122 gsmtty_modem_update(dlci, 0); 3123 } 3124 3125 static void gsmtty_unthrottle(struct tty_struct *tty) 3126 { 3127 struct gsm_dlci *dlci = tty->driver_data; 3128 if (dlci->state == DLCI_CLOSED) 3129 return; 3130 if (C_CRTSCTS(tty)) 3131 dlci->modem_tx |= TIOCM_DTR; 3132 dlci->throttled = 0; 3133 /* Send an MSC with DTR set */ 3134 gsmtty_modem_update(dlci, 0); 3135 } 3136 3137 static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3138 { 3139 struct gsm_dlci *dlci = tty->driver_data; 3140 int encode = 0; /* Off */ 3141 if (dlci->state == DLCI_CLOSED) 3142 return -EINVAL; 3143 3144 if (state == -1) /* "On indefinitely" - we can't encode this 3145 properly */ 3146 encode = 0x0F; 3147 else if (state > 0) { 3148 encode = state / 200; /* mS to encoding */ 3149 if (encode > 0x0F) 3150 encode = 0x0F; /* Best effort */ 3151 } 3152 return gsmtty_modem_update(dlci, encode); 3153 } 3154 3155 static void gsmtty_cleanup(struct tty_struct *tty) 3156 { 3157 struct gsm_dlci *dlci = tty->driver_data; 3158 struct gsm_mux *gsm = dlci->gsm; 3159 3160 dlci_put(dlci); 3161 dlci_put(gsm->dlci[0]); 3162 mux_put(gsm); 3163 } 3164 3165 /* Virtual ttys for the demux */ 3166 static const struct tty_operations gsmtty_ops = { 3167 .install = gsmtty_install, 3168 .open = gsmtty_open, 3169 .close = gsmtty_close, 3170 .write = gsmtty_write, 3171 .write_room = gsmtty_write_room, 3172 .chars_in_buffer = gsmtty_chars_in_buffer, 3173 .flush_buffer = gsmtty_flush_buffer, 3174 .ioctl = gsmtty_ioctl, 3175 .throttle = gsmtty_throttle, 3176 .unthrottle = gsmtty_unthrottle, 3177 .set_termios = gsmtty_set_termios, 3178 .hangup = gsmtty_hangup, 3179 .wait_until_sent = gsmtty_wait_until_sent, 3180 .tiocmget = gsmtty_tiocmget, 3181 .tiocmset = gsmtty_tiocmset, 3182 .break_ctl = gsmtty_break_ctl, 3183 .cleanup = gsmtty_cleanup, 3184 }; 3185 3186 3187 3188 static int __init gsm_init(void) 3189 { 3190 /* Fill in our line protocol discipline, and register it */ 3191 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet); 3192 if (status != 0) { 3193 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3194 status); 3195 return status; 3196 } 3197 3198 gsm_tty_driver = alloc_tty_driver(256); 3199 if (!gsm_tty_driver) { 3200 tty_unregister_ldisc(N_GSM0710); 3201 pr_err("gsm_init: tty allocation failed.\n"); 3202 return -EINVAL; 3203 } 3204 gsm_tty_driver->driver_name = "gsmtty"; 3205 gsm_tty_driver->name = "gsmtty"; 3206 gsm_tty_driver->major = 0; /* Dynamic */ 3207 gsm_tty_driver->minor_start = 0; 3208 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3209 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3210 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV 3211 | TTY_DRIVER_HARDWARE_BREAK; 3212 gsm_tty_driver->init_termios = tty_std_termios; 3213 /* Fixme */ 3214 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3215 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3216 3217 spin_lock_init(&gsm_mux_lock); 3218 3219 if (tty_register_driver(gsm_tty_driver)) { 3220 put_tty_driver(gsm_tty_driver); 3221 tty_unregister_ldisc(N_GSM0710); 3222 pr_err("gsm_init: tty registration failed.\n"); 3223 return -EBUSY; 3224 } 3225 pr_debug("gsm_init: loaded as %d,%d.\n", 3226 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3227 return 0; 3228 } 3229 3230 static void __exit gsm_exit(void) 3231 { 3232 int status = tty_unregister_ldisc(N_GSM0710); 3233 if (status != 0) 3234 pr_err("n_gsm: can't unregister line discipline (err = %d)\n", 3235 status); 3236 tty_unregister_driver(gsm_tty_driver); 3237 put_tty_driver(gsm_tty_driver); 3238 } 3239 3240 module_init(gsm_init); 3241 module_exit(gsm_exit); 3242 3243 3244 MODULE_LICENSE("GPL"); 3245 MODULE_ALIAS_LDISC(N_GSM0710); 3246