1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * n_gsm.c GSM 0710 tty multiplexor 4 * Copyright (c) 2009/10 Intel Corporation 5 * 6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE * 7 * 8 * TO DO: 9 * Mostly done: ioctls for setting modes/timing 10 * Partly done: hooks so you can pull off frames to non tty devs 11 * Restart DLCI 0 when it closes ? 12 * Improve the tx engine 13 * Resolve tx side locking by adding a queue_head and routing 14 * all control traffic via it 15 * General tidy/document 16 * Review the locking/move to refcounts more (mux now moved to an 17 * alloc/free model ready) 18 * Use newest tty open/close port helpers and install hooks 19 * What to do about power functions ? 20 * Termios setting and negotiation 21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets 22 * 23 */ 24 25 #include <linux/types.h> 26 #include <linux/major.h> 27 #include <linux/errno.h> 28 #include <linux/signal.h> 29 #include <linux/fcntl.h> 30 #include <linux/sched/signal.h> 31 #include <linux/interrupt.h> 32 #include <linux/tty.h> 33 #include <linux/ctype.h> 34 #include <linux/mm.h> 35 #include <linux/string.h> 36 #include <linux/slab.h> 37 #include <linux/poll.h> 38 #include <linux/bitops.h> 39 #include <linux/file.h> 40 #include <linux/uaccess.h> 41 #include <linux/module.h> 42 #include <linux/timer.h> 43 #include <linux/tty_flip.h> 44 #include <linux/tty_driver.h> 45 #include <linux/serial.h> 46 #include <linux/kfifo.h> 47 #include <linux/skbuff.h> 48 #include <net/arp.h> 49 #include <linux/ip.h> 50 #include <linux/netdevice.h> 51 #include <linux/etherdevice.h> 52 #include <linux/gsmmux.h> 53 #include "tty.h" 54 55 static int debug; 56 module_param(debug, int, 0600); 57 58 /* Defaults: these are from the specification */ 59 60 #define T1 10 /* 100mS */ 61 #define T2 34 /* 333mS */ 62 #define N2 3 /* Retry 3 times */ 63 64 /* Use long timers for testing at low speed with debug on */ 65 #ifdef DEBUG_TIMING 66 #define T1 100 67 #define T2 200 68 #endif 69 70 /* 71 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte 72 * limits so this is plenty 73 */ 74 #define MAX_MRU 1500 75 #define MAX_MTU 1500 76 /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */ 77 #define PROT_OVERHEAD 7 78 #define GSM_NET_TX_TIMEOUT (HZ*10) 79 80 /* 81 * struct gsm_mux_net - network interface 82 * 83 * Created when net interface is initialized. 84 */ 85 struct gsm_mux_net { 86 struct kref ref; 87 struct gsm_dlci *dlci; 88 }; 89 90 /* 91 * Each block of data we have queued to go out is in the form of 92 * a gsm_msg which holds everything we need in a link layer independent 93 * format 94 */ 95 96 struct gsm_msg { 97 struct list_head list; 98 u8 addr; /* DLCI address + flags */ 99 u8 ctrl; /* Control byte + flags */ 100 unsigned int len; /* Length of data block (can be zero) */ 101 unsigned char *data; /* Points into buffer but not at the start */ 102 unsigned char buffer[]; 103 }; 104 105 enum gsm_dlci_state { 106 DLCI_CLOSED, 107 DLCI_OPENING, /* Sending SABM not seen UA */ 108 DLCI_OPEN, /* SABM/UA complete */ 109 DLCI_CLOSING, /* Sending DISC not seen UA/DM */ 110 }; 111 112 enum gsm_dlci_mode { 113 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */ 114 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */ 115 }; 116 117 /* 118 * Each active data link has a gsm_dlci structure associated which ties 119 * the link layer to an optional tty (if the tty side is open). To avoid 120 * complexity right now these are only ever freed up when the mux is 121 * shut down. 122 * 123 * At the moment we don't free DLCI objects until the mux is torn down 124 * this avoid object life time issues but might be worth review later. 125 */ 126 127 struct gsm_dlci { 128 struct gsm_mux *gsm; 129 int addr; 130 enum gsm_dlci_state state; 131 struct mutex mutex; 132 133 /* Link layer */ 134 enum gsm_dlci_mode mode; 135 spinlock_t lock; /* Protects the internal state */ 136 struct timer_list t1; /* Retransmit timer for SABM and UA */ 137 int retries; 138 /* Uplink tty if active */ 139 struct tty_port port; /* The tty bound to this DLCI if there is one */ 140 #define TX_SIZE 4096 /* Must be power of 2. */ 141 struct kfifo fifo; /* Queue fifo for the DLCI */ 142 int adaption; /* Adaption layer in use */ 143 int prev_adaption; 144 u32 modem_rx; /* Our incoming virtual modem lines */ 145 u32 modem_tx; /* Our outgoing modem lines */ 146 bool dead; /* Refuse re-open */ 147 /* Flow control */ 148 bool throttled; /* Private copy of throttle state */ 149 bool constipated; /* Throttle status for outgoing */ 150 /* Packetised I/O */ 151 struct sk_buff *skb; /* Frame being sent */ 152 struct sk_buff_head skb_list; /* Queued frames */ 153 /* Data handling callback */ 154 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len); 155 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len); 156 struct net_device *net; /* network interface, if created */ 157 }; 158 159 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */ 160 161 #define NUM_DLCI 64 162 163 /* 164 * DLCI 0 is used to pass control blocks out of band of the data 165 * flow (and with a higher link priority). One command can be outstanding 166 * at a time and we use this structure to manage them. They are created 167 * and destroyed by the user context, and updated by the receive paths 168 * and timers 169 */ 170 171 struct gsm_control { 172 u8 cmd; /* Command we are issuing */ 173 u8 *data; /* Data for the command in case we retransmit */ 174 int len; /* Length of block for retransmission */ 175 int done; /* Done flag */ 176 int error; /* Error if any */ 177 }; 178 179 enum gsm_mux_state { 180 GSM_SEARCH, 181 GSM_START, 182 GSM_ADDRESS, 183 GSM_CONTROL, 184 GSM_LEN, 185 GSM_DATA, 186 GSM_FCS, 187 GSM_OVERRUN, 188 GSM_LEN0, 189 GSM_LEN1, 190 GSM_SSOF, 191 }; 192 193 /* 194 * Each GSM mux we have is represented by this structure. If we are 195 * operating as an ldisc then we use this structure as our ldisc 196 * state. We need to sort out lifetimes and locking with respect 197 * to the gsm mux array. For now we don't free DLCI objects that 198 * have been instantiated until the mux itself is terminated. 199 * 200 * To consider further: tty open versus mux shutdown. 201 */ 202 203 struct gsm_mux { 204 struct tty_struct *tty; /* The tty our ldisc is bound to */ 205 spinlock_t lock; 206 struct mutex mutex; 207 unsigned int num; 208 struct kref ref; 209 210 /* Events on the GSM channel */ 211 wait_queue_head_t event; 212 213 /* Bits for GSM mode decoding */ 214 215 /* Framing Layer */ 216 unsigned char *buf; 217 enum gsm_mux_state state; 218 unsigned int len; 219 unsigned int address; 220 unsigned int count; 221 bool escape; 222 int encoding; 223 u8 control; 224 u8 fcs; 225 u8 *txframe; /* TX framing buffer */ 226 227 /* Method for the receiver side */ 228 void (*receive)(struct gsm_mux *gsm, u8 ch); 229 230 /* Link Layer */ 231 unsigned int mru; 232 unsigned int mtu; 233 int initiator; /* Did we initiate connection */ 234 bool dead; /* Has the mux been shut down */ 235 struct gsm_dlci *dlci[NUM_DLCI]; 236 int old_c_iflag; /* termios c_iflag value before attach */ 237 bool constipated; /* Asked by remote to shut up */ 238 239 spinlock_t tx_lock; 240 unsigned int tx_bytes; /* TX data outstanding */ 241 #define TX_THRESH_HI 8192 242 #define TX_THRESH_LO 2048 243 struct list_head tx_list; /* Pending data packets */ 244 245 /* Control messages */ 246 struct timer_list t2_timer; /* Retransmit timer for commands */ 247 int cretries; /* Command retry counter */ 248 struct gsm_control *pending_cmd;/* Our current pending command */ 249 spinlock_t control_lock; /* Protects the pending command */ 250 251 /* Configuration */ 252 int adaption; /* 1 or 2 supported */ 253 u8 ftype; /* UI or UIH */ 254 int t1, t2; /* Timers in 1/100th of a sec */ 255 int n2; /* Retry count */ 256 257 /* Statistics (not currently exposed) */ 258 unsigned long bad_fcs; 259 unsigned long malformed; 260 unsigned long io_error; 261 unsigned long bad_size; 262 unsigned long unsupported; 263 }; 264 265 266 /* 267 * Mux objects - needed so that we can translate a tty index into the 268 * relevant mux and DLCI. 269 */ 270 271 #define MAX_MUX 4 /* 256 minors */ 272 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */ 273 static DEFINE_SPINLOCK(gsm_mux_lock); 274 275 static struct tty_driver *gsm_tty_driver; 276 277 /* 278 * This section of the driver logic implements the GSM encodings 279 * both the basic and the 'advanced'. Reliable transport is not 280 * supported. 281 */ 282 283 #define CR 0x02 284 #define EA 0x01 285 #define PF 0x10 286 287 /* I is special: the rest are ..*/ 288 #define RR 0x01 289 #define UI 0x03 290 #define RNR 0x05 291 #define REJ 0x09 292 #define DM 0x0F 293 #define SABM 0x2F 294 #define DISC 0x43 295 #define UA 0x63 296 #define UIH 0xEF 297 298 /* Channel commands */ 299 #define CMD_NSC 0x09 300 #define CMD_TEST 0x11 301 #define CMD_PSC 0x21 302 #define CMD_RLS 0x29 303 #define CMD_FCOFF 0x31 304 #define CMD_PN 0x41 305 #define CMD_RPN 0x49 306 #define CMD_FCON 0x51 307 #define CMD_CLD 0x61 308 #define CMD_SNC 0x69 309 #define CMD_MSC 0x71 310 311 /* Virtual modem bits */ 312 #define MDM_FC 0x01 313 #define MDM_RTC 0x02 314 #define MDM_RTR 0x04 315 #define MDM_IC 0x20 316 #define MDM_DV 0x40 317 318 #define GSM0_SOF 0xF9 319 #define GSM1_SOF 0x7E 320 #define GSM1_ESCAPE 0x7D 321 #define GSM1_ESCAPE_BITS 0x20 322 #define XON 0x11 323 #define XOFF 0x13 324 #define ISO_IEC_646_MASK 0x7F 325 326 static const struct tty_port_operations gsm_port_ops; 327 328 /* 329 * CRC table for GSM 0710 330 */ 331 332 static const u8 gsm_fcs8[256] = { 333 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75, 334 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B, 335 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69, 336 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67, 337 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D, 338 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43, 339 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51, 340 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F, 341 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05, 342 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B, 343 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19, 344 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17, 345 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D, 346 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33, 347 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21, 348 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F, 349 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95, 350 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B, 351 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89, 352 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87, 353 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD, 354 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3, 355 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1, 356 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF, 357 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5, 358 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB, 359 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9, 360 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7, 361 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD, 362 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3, 363 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1, 364 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF 365 }; 366 367 #define INIT_FCS 0xFF 368 #define GOOD_FCS 0xCF 369 370 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len); 371 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk); 372 373 /** 374 * gsm_fcs_add - update FCS 375 * @fcs: Current FCS 376 * @c: Next data 377 * 378 * Update the FCS to include c. Uses the algorithm in the specification 379 * notes. 380 */ 381 382 static inline u8 gsm_fcs_add(u8 fcs, u8 c) 383 { 384 return gsm_fcs8[fcs ^ c]; 385 } 386 387 /** 388 * gsm_fcs_add_block - update FCS for a block 389 * @fcs: Current FCS 390 * @c: buffer of data 391 * @len: length of buffer 392 * 393 * Update the FCS to include c. Uses the algorithm in the specification 394 * notes. 395 */ 396 397 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len) 398 { 399 while (len--) 400 fcs = gsm_fcs8[fcs ^ *c++]; 401 return fcs; 402 } 403 404 /** 405 * gsm_read_ea - read a byte into an EA 406 * @val: variable holding value 407 * @c: byte going into the EA 408 * 409 * Processes one byte of an EA. Updates the passed variable 410 * and returns 1 if the EA is now completely read 411 */ 412 413 static int gsm_read_ea(unsigned int *val, u8 c) 414 { 415 /* Add the next 7 bits into the value */ 416 *val <<= 7; 417 *val |= c >> 1; 418 /* Was this the last byte of the EA 1 = yes*/ 419 return c & EA; 420 } 421 422 /** 423 * gsm_encode_modem - encode modem data bits 424 * @dlci: DLCI to encode from 425 * 426 * Returns the correct GSM encoded modem status bits (6 bit field) for 427 * the current status of the DLCI and attached tty object 428 */ 429 430 static u8 gsm_encode_modem(const struct gsm_dlci *dlci) 431 { 432 u8 modembits = 0; 433 /* FC is true flow control not modem bits */ 434 if (dlci->throttled) 435 modembits |= MDM_FC; 436 if (dlci->modem_tx & TIOCM_DTR) 437 modembits |= MDM_RTC; 438 if (dlci->modem_tx & TIOCM_RTS) 439 modembits |= MDM_RTR; 440 if (dlci->modem_tx & TIOCM_RI) 441 modembits |= MDM_IC; 442 if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator) 443 modembits |= MDM_DV; 444 return modembits; 445 } 446 447 static void gsm_hex_dump_bytes(const char *fname, const u8 *data, 448 unsigned long len) 449 { 450 char *prefix; 451 452 if (!fname) { 453 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, data, len, 454 true); 455 return; 456 } 457 458 prefix = kasprintf(GFP_ATOMIC, "%s: ", fname); 459 if (!prefix) 460 return; 461 print_hex_dump(KERN_INFO, prefix, DUMP_PREFIX_OFFSET, 16, 1, data, len, 462 true); 463 kfree(prefix); 464 } 465 466 /** 467 * gsm_print_packet - display a frame for debug 468 * @hdr: header to print before decode 469 * @addr: address EA from the frame 470 * @cr: C/R bit seen as initiator 471 * @control: control including PF bit 472 * @data: following data bytes 473 * @dlen: length of data 474 * 475 * Displays a packet in human readable format for debugging purposes. The 476 * style is based on amateur radio LAP-B dump display. 477 */ 478 479 static void gsm_print_packet(const char *hdr, int addr, int cr, 480 u8 control, const u8 *data, int dlen) 481 { 482 if (!(debug & 1)) 483 return; 484 485 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]); 486 487 switch (control & ~PF) { 488 case SABM: 489 pr_cont("SABM"); 490 break; 491 case UA: 492 pr_cont("UA"); 493 break; 494 case DISC: 495 pr_cont("DISC"); 496 break; 497 case DM: 498 pr_cont("DM"); 499 break; 500 case UI: 501 pr_cont("UI"); 502 break; 503 case UIH: 504 pr_cont("UIH"); 505 break; 506 default: 507 if (!(control & 0x01)) { 508 pr_cont("I N(S)%d N(R)%d", 509 (control & 0x0E) >> 1, (control & 0xE0) >> 5); 510 } else switch (control & 0x0F) { 511 case RR: 512 pr_cont("RR(%d)", (control & 0xE0) >> 5); 513 break; 514 case RNR: 515 pr_cont("RNR(%d)", (control & 0xE0) >> 5); 516 break; 517 case REJ: 518 pr_cont("REJ(%d)", (control & 0xE0) >> 5); 519 break; 520 default: 521 pr_cont("[%02X]", control); 522 } 523 } 524 525 if (control & PF) 526 pr_cont("(P)"); 527 else 528 pr_cont("(F)"); 529 530 gsm_hex_dump_bytes(NULL, data, dlen); 531 } 532 533 534 /* 535 * Link level transmission side 536 */ 537 538 /** 539 * gsm_stuff_frame - bytestuff a packet 540 * @input: input buffer 541 * @output: output buffer 542 * @len: length of input 543 * 544 * Expand a buffer by bytestuffing it. The worst case size change 545 * is doubling and the caller is responsible for handing out 546 * suitable sized buffers. 547 */ 548 549 static int gsm_stuff_frame(const u8 *input, u8 *output, int len) 550 { 551 int olen = 0; 552 while (len--) { 553 if (*input == GSM1_SOF || *input == GSM1_ESCAPE 554 || (*input & ISO_IEC_646_MASK) == XON 555 || (*input & ISO_IEC_646_MASK) == XOFF) { 556 *output++ = GSM1_ESCAPE; 557 *output++ = *input++ ^ GSM1_ESCAPE_BITS; 558 olen++; 559 } else 560 *output++ = *input++; 561 olen++; 562 } 563 return olen; 564 } 565 566 /** 567 * gsm_send - send a control frame 568 * @gsm: our GSM mux 569 * @addr: address for control frame 570 * @cr: command/response bit seen as initiator 571 * @control: control byte including PF bit 572 * 573 * Format up and transmit a control frame. These do not go via the 574 * queueing logic as they should be transmitted ahead of data when 575 * they are needed. 576 * 577 * FIXME: Lock versus data TX path 578 */ 579 580 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control) 581 { 582 int len; 583 u8 cbuf[10]; 584 u8 ibuf[3]; 585 int ocr; 586 587 /* toggle C/R coding if not initiator */ 588 ocr = cr ^ (gsm->initiator ? 0 : 1); 589 590 switch (gsm->encoding) { 591 case 0: 592 cbuf[0] = GSM0_SOF; 593 cbuf[1] = (addr << 2) | (ocr << 1) | EA; 594 cbuf[2] = control; 595 cbuf[3] = EA; /* Length of data = 0 */ 596 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3); 597 cbuf[5] = GSM0_SOF; 598 len = 6; 599 break; 600 case 1: 601 case 2: 602 /* Control frame + packing (but not frame stuffing) in mode 1 */ 603 ibuf[0] = (addr << 2) | (ocr << 1) | EA; 604 ibuf[1] = control; 605 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2); 606 /* Stuffing may double the size worst case */ 607 len = gsm_stuff_frame(ibuf, cbuf + 1, 3); 608 /* Now add the SOF markers */ 609 cbuf[0] = GSM1_SOF; 610 cbuf[len + 1] = GSM1_SOF; 611 /* FIXME: we can omit the lead one in many cases */ 612 len += 2; 613 break; 614 default: 615 WARN_ON(1); 616 return; 617 } 618 gsmld_output(gsm, cbuf, len); 619 if (!gsm->initiator) { 620 cr = cr & gsm->initiator; 621 control = control & ~PF; 622 } 623 gsm_print_packet("-->", addr, cr, control, NULL, 0); 624 } 625 626 /** 627 * gsm_response - send a control response 628 * @gsm: our GSM mux 629 * @addr: address for control frame 630 * @control: control byte including PF bit 631 * 632 * Format up and transmit a link level response frame. 633 */ 634 635 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control) 636 { 637 gsm_send(gsm, addr, 0, control); 638 } 639 640 /** 641 * gsm_command - send a control command 642 * @gsm: our GSM mux 643 * @addr: address for control frame 644 * @control: control byte including PF bit 645 * 646 * Format up and transmit a link level command frame. 647 */ 648 649 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control) 650 { 651 gsm_send(gsm, addr, 1, control); 652 } 653 654 /* Data transmission */ 655 656 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */ 657 658 /** 659 * gsm_data_alloc - allocate data frame 660 * @gsm: GSM mux 661 * @addr: DLCI address 662 * @len: length excluding header and FCS 663 * @ctrl: control byte 664 * 665 * Allocate a new data buffer for sending frames with data. Space is left 666 * at the front for header bytes but that is treated as an implementation 667 * detail and not for the high level code to use 668 */ 669 670 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len, 671 u8 ctrl) 672 { 673 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN, 674 GFP_ATOMIC); 675 if (m == NULL) 676 return NULL; 677 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */ 678 m->len = len; 679 m->addr = addr; 680 m->ctrl = ctrl; 681 INIT_LIST_HEAD(&m->list); 682 return m; 683 } 684 685 /** 686 * gsm_data_kick - poke the queue 687 * @gsm: GSM Mux 688 * @dlci: DLCI sending the data 689 * 690 * The tty device has called us to indicate that room has appeared in 691 * the transmit queue. Ram more data into the pipe if we have any 692 * If we have been flow-stopped by a CMD_FCOFF, then we can only 693 * send messages on DLCI0 until CMD_FCON 694 * 695 * FIXME: lock against link layer control transmissions 696 */ 697 698 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci) 699 { 700 struct gsm_msg *msg, *nmsg; 701 int len; 702 703 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) { 704 if (gsm->constipated && msg->addr) 705 continue; 706 if (gsm->encoding != 0) { 707 gsm->txframe[0] = GSM1_SOF; 708 len = gsm_stuff_frame(msg->data, 709 gsm->txframe + 1, msg->len); 710 gsm->txframe[len + 1] = GSM1_SOF; 711 len += 2; 712 } else { 713 gsm->txframe[0] = GSM0_SOF; 714 memcpy(gsm->txframe + 1 , msg->data, msg->len); 715 gsm->txframe[msg->len + 1] = GSM0_SOF; 716 len = msg->len + 2; 717 } 718 719 if (debug & 4) 720 gsm_hex_dump_bytes(__func__, gsm->txframe, len); 721 if (gsmld_output(gsm, gsm->txframe, len) <= 0) 722 break; 723 /* FIXME: Can eliminate one SOF in many more cases */ 724 gsm->tx_bytes -= msg->len; 725 726 list_del(&msg->list); 727 kfree(msg); 728 729 if (dlci) { 730 tty_port_tty_wakeup(&dlci->port); 731 } else { 732 int i = 0; 733 734 for (i = 0; i < NUM_DLCI; i++) 735 if (gsm->dlci[i]) 736 tty_port_tty_wakeup(&gsm->dlci[i]->port); 737 } 738 } 739 } 740 741 /** 742 * __gsm_data_queue - queue a UI or UIH frame 743 * @dlci: DLCI sending the data 744 * @msg: message queued 745 * 746 * Add data to the transmit queue and try and get stuff moving 747 * out of the mux tty if not already doing so. The Caller must hold 748 * the gsm tx lock. 749 */ 750 751 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 752 { 753 struct gsm_mux *gsm = dlci->gsm; 754 u8 *dp = msg->data; 755 u8 *fcs = dp + msg->len; 756 757 /* Fill in the header */ 758 if (gsm->encoding == 0) { 759 if (msg->len < 128) 760 *--dp = (msg->len << 1) | EA; 761 else { 762 *--dp = (msg->len >> 7); /* bits 7 - 15 */ 763 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */ 764 } 765 } 766 767 *--dp = msg->ctrl; 768 if (gsm->initiator) 769 *--dp = (msg->addr << 2) | CR | EA; 770 else 771 *--dp = (msg->addr << 2) | EA; 772 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp); 773 /* Ugly protocol layering violation */ 774 if (msg->ctrl == UI || msg->ctrl == (UI|PF)) 775 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len); 776 *fcs = 0xFF - *fcs; 777 778 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl, 779 msg->data, msg->len); 780 781 /* Move the header back and adjust the length, also allow for the FCS 782 now tacked on the end */ 783 msg->len += (msg->data - dp) + 1; 784 msg->data = dp; 785 786 /* Add to the actual output queue */ 787 list_add_tail(&msg->list, &gsm->tx_list); 788 gsm->tx_bytes += msg->len; 789 gsm_data_kick(gsm, dlci); 790 } 791 792 /** 793 * gsm_data_queue - queue a UI or UIH frame 794 * @dlci: DLCI sending the data 795 * @msg: message queued 796 * 797 * Add data to the transmit queue and try and get stuff moving 798 * out of the mux tty if not already doing so. Take the 799 * the gsm tx lock and dlci lock. 800 */ 801 802 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg) 803 { 804 unsigned long flags; 805 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 806 __gsm_data_queue(dlci, msg); 807 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 808 } 809 810 /** 811 * gsm_dlci_data_output - try and push data out of a DLCI 812 * @gsm: mux 813 * @dlci: the DLCI to pull data from 814 * 815 * Pull data from a DLCI and send it into the transmit queue if there 816 * is data. Keep to the MRU of the mux. This path handles the usual tty 817 * interface which is a byte stream with optional modem data. 818 * 819 * Caller must hold the tx_lock of the mux. 820 */ 821 822 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci) 823 { 824 struct gsm_msg *msg; 825 u8 *dp; 826 int len, total_size, size; 827 int h = dlci->adaption - 1; 828 829 total_size = 0; 830 while (1) { 831 len = kfifo_len(&dlci->fifo); 832 if (len == 0) 833 return total_size; 834 835 /* MTU/MRU count only the data bits */ 836 if (len > gsm->mtu) 837 len = gsm->mtu; 838 839 size = len + h; 840 841 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 842 /* FIXME: need a timer or something to kick this so it can't 843 get stuck with no work outstanding and no buffer free */ 844 if (msg == NULL) 845 return -ENOMEM; 846 dp = msg->data; 847 switch (dlci->adaption) { 848 case 1: /* Unstructured */ 849 break; 850 case 2: /* Unstructed with modem bits. 851 Always one byte as we never send inline break data */ 852 *dp++ = (gsm_encode_modem(dlci) << 1) | EA; 853 break; 854 } 855 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len); 856 __gsm_data_queue(dlci, msg); 857 total_size += size; 858 } 859 /* Bytes of data we used up */ 860 return total_size; 861 } 862 863 /** 864 * gsm_dlci_data_output_framed - try and push data out of a DLCI 865 * @gsm: mux 866 * @dlci: the DLCI to pull data from 867 * 868 * Pull data from a DLCI and send it into the transmit queue if there 869 * is data. Keep to the MRU of the mux. This path handles framed data 870 * queued as skbuffs to the DLCI. 871 * 872 * Caller must hold the tx_lock of the mux. 873 */ 874 875 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm, 876 struct gsm_dlci *dlci) 877 { 878 struct gsm_msg *msg; 879 u8 *dp; 880 int len, size; 881 int last = 0, first = 0; 882 int overhead = 0; 883 884 /* One byte per frame is used for B/F flags */ 885 if (dlci->adaption == 4) 886 overhead = 1; 887 888 /* dlci->skb is locked by tx_lock */ 889 if (dlci->skb == NULL) { 890 dlci->skb = skb_dequeue_tail(&dlci->skb_list); 891 if (dlci->skb == NULL) 892 return 0; 893 first = 1; 894 } 895 len = dlci->skb->len + overhead; 896 897 /* MTU/MRU count only the data bits */ 898 if (len > gsm->mtu) { 899 if (dlci->adaption == 3) { 900 /* Over long frame, bin it */ 901 dev_kfree_skb_any(dlci->skb); 902 dlci->skb = NULL; 903 return 0; 904 } 905 len = gsm->mtu; 906 } else 907 last = 1; 908 909 size = len + overhead; 910 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 911 912 /* FIXME: need a timer or something to kick this so it can't 913 get stuck with no work outstanding and no buffer free */ 914 if (msg == NULL) { 915 skb_queue_tail(&dlci->skb_list, dlci->skb); 916 dlci->skb = NULL; 917 return -ENOMEM; 918 } 919 dp = msg->data; 920 921 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */ 922 /* Flag byte to carry the start/end info */ 923 *dp++ = last << 7 | first << 6 | 1; /* EA */ 924 len--; 925 } 926 memcpy(dp, dlci->skb->data, len); 927 skb_pull(dlci->skb, len); 928 __gsm_data_queue(dlci, msg); 929 if (last) { 930 dev_kfree_skb_any(dlci->skb); 931 dlci->skb = NULL; 932 } 933 return size; 934 } 935 936 /** 937 * gsm_dlci_modem_output - try and push modem status out of a DLCI 938 * @gsm: mux 939 * @dlci: the DLCI to pull modem status from 940 * @brk: break signal 941 * 942 * Push an empty frame in to the transmit queue to update the modem status 943 * bits and to transmit an optional break. 944 * 945 * Caller must hold the tx_lock of the mux. 946 */ 947 948 static int gsm_dlci_modem_output(struct gsm_mux *gsm, struct gsm_dlci *dlci, 949 u8 brk) 950 { 951 u8 *dp = NULL; 952 struct gsm_msg *msg; 953 int size = 0; 954 955 /* for modem bits without break data */ 956 switch (dlci->adaption) { 957 case 1: /* Unstructured */ 958 break; 959 case 2: /* Unstructured with modem bits. */ 960 size++; 961 if (brk > 0) 962 size++; 963 break; 964 default: 965 pr_err("%s: unsupported adaption %d\n", __func__, 966 dlci->adaption); 967 return -EINVAL; 968 } 969 970 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype); 971 if (!msg) { 972 pr_err("%s: gsm_data_alloc error", __func__); 973 return -ENOMEM; 974 } 975 dp = msg->data; 976 switch (dlci->adaption) { 977 case 1: /* Unstructured */ 978 break; 979 case 2: /* Unstructured with modem bits. */ 980 if (brk == 0) { 981 *dp++ = (gsm_encode_modem(dlci) << 1) | EA; 982 } else { 983 *dp++ = gsm_encode_modem(dlci) << 1; 984 *dp++ = (brk << 4) | 2 | EA; /* Length, Break, EA */ 985 } 986 break; 987 default: 988 /* Handled above */ 989 break; 990 } 991 992 __gsm_data_queue(dlci, msg); 993 return size; 994 } 995 996 /** 997 * gsm_dlci_data_sweep - look for data to send 998 * @gsm: the GSM mux 999 * 1000 * Sweep the GSM mux channels in priority order looking for ones with 1001 * data to send. We could do with optimising this scan a bit. We aim 1002 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit 1003 * TX_THRESH_LO we get called again 1004 * 1005 * FIXME: We should round robin between groups and in theory you can 1006 * renegotiate DLCI priorities with optional stuff. Needs optimising. 1007 */ 1008 1009 static void gsm_dlci_data_sweep(struct gsm_mux *gsm) 1010 { 1011 int len; 1012 /* Priority ordering: We should do priority with RR of the groups */ 1013 int i = 1; 1014 1015 while (i < NUM_DLCI) { 1016 struct gsm_dlci *dlci; 1017 1018 if (gsm->tx_bytes > TX_THRESH_HI) 1019 break; 1020 dlci = gsm->dlci[i]; 1021 if (dlci == NULL || dlci->constipated) { 1022 i++; 1023 continue; 1024 } 1025 if (dlci->adaption < 3 && !dlci->net) 1026 len = gsm_dlci_data_output(gsm, dlci); 1027 else 1028 len = gsm_dlci_data_output_framed(gsm, dlci); 1029 if (len < 0) 1030 break; 1031 /* DLCI empty - try the next */ 1032 if (len == 0) 1033 i++; 1034 } 1035 } 1036 1037 /** 1038 * gsm_dlci_data_kick - transmit if possible 1039 * @dlci: DLCI to kick 1040 * 1041 * Transmit data from this DLCI if the queue is empty. We can't rely on 1042 * a tty wakeup except when we filled the pipe so we need to fire off 1043 * new data ourselves in other cases. 1044 */ 1045 1046 static void gsm_dlci_data_kick(struct gsm_dlci *dlci) 1047 { 1048 unsigned long flags; 1049 int sweep; 1050 1051 if (dlci->constipated) 1052 return; 1053 1054 spin_lock_irqsave(&dlci->gsm->tx_lock, flags); 1055 /* If we have nothing running then we need to fire up */ 1056 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO); 1057 if (dlci->gsm->tx_bytes == 0) { 1058 if (dlci->net) 1059 gsm_dlci_data_output_framed(dlci->gsm, dlci); 1060 else 1061 gsm_dlci_data_output(dlci->gsm, dlci); 1062 } 1063 if (sweep) 1064 gsm_dlci_data_sweep(dlci->gsm); 1065 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags); 1066 } 1067 1068 /* 1069 * Control message processing 1070 */ 1071 1072 1073 /** 1074 * gsm_control_reply - send a response frame to a control 1075 * @gsm: gsm channel 1076 * @cmd: the command to use 1077 * @data: data to follow encoded info 1078 * @dlen: length of data 1079 * 1080 * Encode up and queue a UI/UIH frame containing our response. 1081 */ 1082 1083 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data, 1084 int dlen) 1085 { 1086 struct gsm_msg *msg; 1087 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype); 1088 if (msg == NULL) 1089 return; 1090 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */ 1091 msg->data[1] = (dlen << 1) | EA; 1092 memcpy(msg->data + 2, data, dlen); 1093 gsm_data_queue(gsm->dlci[0], msg); 1094 } 1095 1096 /** 1097 * gsm_process_modem - process received modem status 1098 * @tty: virtual tty bound to the DLCI 1099 * @dlci: DLCI to affect 1100 * @modem: modem bits (full EA) 1101 * @slen: number of signal octets 1102 * 1103 * Used when a modem control message or line state inline in adaption 1104 * layer 2 is processed. Sort out the local modem state and throttles 1105 */ 1106 1107 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci, 1108 u32 modem, int slen) 1109 { 1110 int mlines = 0; 1111 u8 brk = 0; 1112 int fc; 1113 1114 /* The modem status command can either contain one octet (V.24 signals) 1115 * or two octets (V.24 signals + break signals). This is specified in 1116 * section 5.4.6.3.7 of the 07.10 mux spec. 1117 */ 1118 1119 if (slen == 1) 1120 modem = modem & 0x7f; 1121 else { 1122 brk = modem & 0x7f; 1123 modem = (modem >> 7) & 0x7f; 1124 } 1125 1126 /* Flow control/ready to communicate */ 1127 fc = (modem & MDM_FC) || !(modem & MDM_RTR); 1128 if (fc && !dlci->constipated) { 1129 /* Need to throttle our output on this device */ 1130 dlci->constipated = true; 1131 } else if (!fc && dlci->constipated) { 1132 dlci->constipated = false; 1133 gsm_dlci_data_kick(dlci); 1134 } 1135 1136 /* Map modem bits */ 1137 if (modem & MDM_RTC) 1138 mlines |= TIOCM_DSR | TIOCM_DTR; 1139 if (modem & MDM_RTR) 1140 mlines |= TIOCM_RTS | TIOCM_CTS; 1141 if (modem & MDM_IC) 1142 mlines |= TIOCM_RI; 1143 if (modem & MDM_DV) 1144 mlines |= TIOCM_CD; 1145 1146 /* Carrier drop -> hangup */ 1147 if (tty) { 1148 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD)) 1149 if (!C_CLOCAL(tty)) 1150 tty_hangup(tty); 1151 } 1152 if (brk & 0x01) 1153 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK); 1154 dlci->modem_rx = mlines; 1155 } 1156 1157 /** 1158 * gsm_control_modem - modem status received 1159 * @gsm: GSM channel 1160 * @data: data following command 1161 * @clen: command length 1162 * 1163 * We have received a modem status control message. This is used by 1164 * the GSM mux protocol to pass virtual modem line status and optionally 1165 * to indicate break signals. Unpack it, convert to Linux representation 1166 * and if need be stuff a break message down the tty. 1167 */ 1168 1169 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen) 1170 { 1171 unsigned int addr = 0; 1172 unsigned int modem = 0; 1173 struct gsm_dlci *dlci; 1174 int len = clen; 1175 int slen; 1176 const u8 *dp = data; 1177 struct tty_struct *tty; 1178 1179 while (gsm_read_ea(&addr, *dp++) == 0) { 1180 len--; 1181 if (len == 0) 1182 return; 1183 } 1184 /* Must be at least one byte following the EA */ 1185 len--; 1186 if (len <= 0) 1187 return; 1188 1189 addr >>= 1; 1190 /* Closed port, or invalid ? */ 1191 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1192 return; 1193 dlci = gsm->dlci[addr]; 1194 1195 slen = len; 1196 while (gsm_read_ea(&modem, *dp++) == 0) { 1197 len--; 1198 if (len == 0) 1199 return; 1200 } 1201 len--; 1202 tty = tty_port_tty_get(&dlci->port); 1203 gsm_process_modem(tty, dlci, modem, slen - len); 1204 if (tty) { 1205 tty_wakeup(tty); 1206 tty_kref_put(tty); 1207 } 1208 gsm_control_reply(gsm, CMD_MSC, data, clen); 1209 } 1210 1211 /** 1212 * gsm_control_rls - remote line status 1213 * @gsm: GSM channel 1214 * @data: data bytes 1215 * @clen: data length 1216 * 1217 * The modem sends us a two byte message on the control channel whenever 1218 * it wishes to send us an error state from the virtual link. Stuff 1219 * this into the uplink tty if present 1220 */ 1221 1222 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen) 1223 { 1224 struct tty_port *port; 1225 unsigned int addr = 0; 1226 u8 bits; 1227 int len = clen; 1228 const u8 *dp = data; 1229 1230 while (gsm_read_ea(&addr, *dp++) == 0) { 1231 len--; 1232 if (len == 0) 1233 return; 1234 } 1235 /* Must be at least one byte following ea */ 1236 len--; 1237 if (len <= 0) 1238 return; 1239 addr >>= 1; 1240 /* Closed port, or invalid ? */ 1241 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL) 1242 return; 1243 /* No error ? */ 1244 bits = *dp; 1245 if ((bits & 1) == 0) 1246 return; 1247 1248 port = &gsm->dlci[addr]->port; 1249 1250 if (bits & 2) 1251 tty_insert_flip_char(port, 0, TTY_OVERRUN); 1252 if (bits & 4) 1253 tty_insert_flip_char(port, 0, TTY_PARITY); 1254 if (bits & 8) 1255 tty_insert_flip_char(port, 0, TTY_FRAME); 1256 1257 tty_flip_buffer_push(port); 1258 1259 gsm_control_reply(gsm, CMD_RLS, data, clen); 1260 } 1261 1262 static void gsm_dlci_begin_close(struct gsm_dlci *dlci); 1263 1264 /** 1265 * gsm_control_message - DLCI 0 control processing 1266 * @gsm: our GSM mux 1267 * @command: the command EA 1268 * @data: data beyond the command/length EAs 1269 * @clen: length 1270 * 1271 * Input processor for control messages from the other end of the link. 1272 * Processes the incoming request and queues a response frame or an 1273 * NSC response if not supported 1274 */ 1275 1276 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command, 1277 const u8 *data, int clen) 1278 { 1279 u8 buf[1]; 1280 unsigned long flags; 1281 1282 switch (command) { 1283 case CMD_CLD: { 1284 struct gsm_dlci *dlci = gsm->dlci[0]; 1285 /* Modem wishes to close down */ 1286 if (dlci) { 1287 dlci->dead = true; 1288 gsm->dead = true; 1289 gsm_dlci_begin_close(dlci); 1290 } 1291 } 1292 break; 1293 case CMD_TEST: 1294 /* Modem wishes to test, reply with the data */ 1295 gsm_control_reply(gsm, CMD_TEST, data, clen); 1296 break; 1297 case CMD_FCON: 1298 /* Modem can accept data again */ 1299 gsm->constipated = false; 1300 gsm_control_reply(gsm, CMD_FCON, NULL, 0); 1301 /* Kick the link in case it is idling */ 1302 spin_lock_irqsave(&gsm->tx_lock, flags); 1303 gsm_data_kick(gsm, NULL); 1304 spin_unlock_irqrestore(&gsm->tx_lock, flags); 1305 break; 1306 case CMD_FCOFF: 1307 /* Modem wants us to STFU */ 1308 gsm->constipated = true; 1309 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0); 1310 break; 1311 case CMD_MSC: 1312 /* Out of band modem line change indicator for a DLCI */ 1313 gsm_control_modem(gsm, data, clen); 1314 break; 1315 case CMD_RLS: 1316 /* Out of band error reception for a DLCI */ 1317 gsm_control_rls(gsm, data, clen); 1318 break; 1319 case CMD_PSC: 1320 /* Modem wishes to enter power saving state */ 1321 gsm_control_reply(gsm, CMD_PSC, NULL, 0); 1322 break; 1323 /* Optional unsupported commands */ 1324 case CMD_PN: /* Parameter negotiation */ 1325 case CMD_RPN: /* Remote port negotiation */ 1326 case CMD_SNC: /* Service negotiation command */ 1327 default: 1328 /* Reply to bad commands with an NSC */ 1329 buf[0] = command; 1330 gsm_control_reply(gsm, CMD_NSC, buf, 1); 1331 break; 1332 } 1333 } 1334 1335 /** 1336 * gsm_control_response - process a response to our control 1337 * @gsm: our GSM mux 1338 * @command: the command (response) EA 1339 * @data: data beyond the command/length EA 1340 * @clen: length 1341 * 1342 * Process a response to an outstanding command. We only allow a single 1343 * control message in flight so this is fairly easy. All the clean up 1344 * is done by the caller, we just update the fields, flag it as done 1345 * and return 1346 */ 1347 1348 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command, 1349 const u8 *data, int clen) 1350 { 1351 struct gsm_control *ctrl; 1352 unsigned long flags; 1353 1354 spin_lock_irqsave(&gsm->control_lock, flags); 1355 1356 ctrl = gsm->pending_cmd; 1357 /* Does the reply match our command */ 1358 command |= 1; 1359 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) { 1360 /* Our command was replied to, kill the retry timer */ 1361 del_timer(&gsm->t2_timer); 1362 gsm->pending_cmd = NULL; 1363 /* Rejected by the other end */ 1364 if (command == CMD_NSC) 1365 ctrl->error = -EOPNOTSUPP; 1366 ctrl->done = 1; 1367 wake_up(&gsm->event); 1368 } 1369 spin_unlock_irqrestore(&gsm->control_lock, flags); 1370 } 1371 1372 /** 1373 * gsm_control_transmit - send control packet 1374 * @gsm: gsm mux 1375 * @ctrl: frame to send 1376 * 1377 * Send out a pending control command (called under control lock) 1378 */ 1379 1380 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl) 1381 { 1382 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 2, gsm->ftype); 1383 if (msg == NULL) 1384 return; 1385 msg->data[0] = (ctrl->cmd << 1) | CR | EA; /* command */ 1386 msg->data[1] = (ctrl->len << 1) | EA; 1387 memcpy(msg->data + 2, ctrl->data, ctrl->len); 1388 gsm_data_queue(gsm->dlci[0], msg); 1389 } 1390 1391 /** 1392 * gsm_control_retransmit - retransmit a control frame 1393 * @t: timer contained in our gsm object 1394 * 1395 * Called off the T2 timer expiry in order to retransmit control frames 1396 * that have been lost in the system somewhere. The control_lock protects 1397 * us from colliding with another sender or a receive completion event. 1398 * In that situation the timer may still occur in a small window but 1399 * gsm->pending_cmd will be NULL and we just let the timer expire. 1400 */ 1401 1402 static void gsm_control_retransmit(struct timer_list *t) 1403 { 1404 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer); 1405 struct gsm_control *ctrl; 1406 unsigned long flags; 1407 spin_lock_irqsave(&gsm->control_lock, flags); 1408 ctrl = gsm->pending_cmd; 1409 if (ctrl) { 1410 if (gsm->cretries == 0) { 1411 gsm->pending_cmd = NULL; 1412 ctrl->error = -ETIMEDOUT; 1413 ctrl->done = 1; 1414 spin_unlock_irqrestore(&gsm->control_lock, flags); 1415 wake_up(&gsm->event); 1416 return; 1417 } 1418 gsm->cretries--; 1419 gsm_control_transmit(gsm, ctrl); 1420 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1421 } 1422 spin_unlock_irqrestore(&gsm->control_lock, flags); 1423 } 1424 1425 /** 1426 * gsm_control_send - send a control frame on DLCI 0 1427 * @gsm: the GSM channel 1428 * @command: command to send including CR bit 1429 * @data: bytes of data (must be kmalloced) 1430 * @clen: length of the block to send 1431 * 1432 * Queue and dispatch a control command. Only one command can be 1433 * active at a time. In theory more can be outstanding but the matching 1434 * gets really complicated so for now stick to one outstanding. 1435 */ 1436 1437 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, 1438 unsigned int command, u8 *data, int clen) 1439 { 1440 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control), 1441 GFP_KERNEL); 1442 unsigned long flags; 1443 if (ctrl == NULL) 1444 return NULL; 1445 retry: 1446 wait_event(gsm->event, gsm->pending_cmd == NULL); 1447 spin_lock_irqsave(&gsm->control_lock, flags); 1448 if (gsm->pending_cmd != NULL) { 1449 spin_unlock_irqrestore(&gsm->control_lock, flags); 1450 goto retry; 1451 } 1452 ctrl->cmd = command; 1453 ctrl->data = data; 1454 ctrl->len = clen; 1455 gsm->pending_cmd = ctrl; 1456 1457 /* If DLCI0 is in ADM mode skip retries, it won't respond */ 1458 if (gsm->dlci[0]->mode == DLCI_MODE_ADM) 1459 gsm->cretries = 0; 1460 else 1461 gsm->cretries = gsm->n2; 1462 1463 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); 1464 gsm_control_transmit(gsm, ctrl); 1465 spin_unlock_irqrestore(&gsm->control_lock, flags); 1466 return ctrl; 1467 } 1468 1469 /** 1470 * gsm_control_wait - wait for a control to finish 1471 * @gsm: GSM mux 1472 * @control: control we are waiting on 1473 * 1474 * Waits for the control to complete or time out. Frees any used 1475 * resources and returns 0 for success, or an error if the remote 1476 * rejected or ignored the request. 1477 */ 1478 1479 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control) 1480 { 1481 int err; 1482 wait_event(gsm->event, control->done == 1); 1483 err = control->error; 1484 kfree(control); 1485 return err; 1486 } 1487 1488 1489 /* 1490 * DLCI level handling: Needs krefs 1491 */ 1492 1493 /* 1494 * State transitions and timers 1495 */ 1496 1497 /** 1498 * gsm_dlci_close - a DLCI has closed 1499 * @dlci: DLCI that closed 1500 * 1501 * Perform processing when moving a DLCI into closed state. If there 1502 * is an attached tty this is hung up 1503 */ 1504 1505 static void gsm_dlci_close(struct gsm_dlci *dlci) 1506 { 1507 unsigned long flags; 1508 1509 del_timer(&dlci->t1); 1510 if (debug & 8) 1511 pr_debug("DLCI %d goes closed.\n", dlci->addr); 1512 dlci->state = DLCI_CLOSED; 1513 if (dlci->addr != 0) { 1514 tty_port_tty_hangup(&dlci->port, false); 1515 spin_lock_irqsave(&dlci->lock, flags); 1516 kfifo_reset(&dlci->fifo); 1517 spin_unlock_irqrestore(&dlci->lock, flags); 1518 /* Ensure that gsmtty_open() can return. */ 1519 tty_port_set_initialized(&dlci->port, 0); 1520 wake_up_interruptible(&dlci->port.open_wait); 1521 } else 1522 dlci->gsm->dead = true; 1523 wake_up(&dlci->gsm->event); 1524 /* A DLCI 0 close is a MUX termination so we need to kick that 1525 back to userspace somehow */ 1526 } 1527 1528 /** 1529 * gsm_dlci_open - a DLCI has opened 1530 * @dlci: DLCI that opened 1531 * 1532 * Perform processing when moving a DLCI into open state. 1533 */ 1534 1535 static void gsm_dlci_open(struct gsm_dlci *dlci) 1536 { 1537 /* Note that SABM UA .. SABM UA first UA lost can mean that we go 1538 open -> open */ 1539 del_timer(&dlci->t1); 1540 /* This will let a tty open continue */ 1541 dlci->state = DLCI_OPEN; 1542 if (debug & 8) 1543 pr_debug("DLCI %d goes open.\n", dlci->addr); 1544 /* Send current modem state */ 1545 if (dlci->addr) 1546 gsm_modem_update(dlci, 0); 1547 wake_up(&dlci->gsm->event); 1548 } 1549 1550 /** 1551 * gsm_dlci_t1 - T1 timer expiry 1552 * @t: timer contained in the DLCI that opened 1553 * 1554 * The T1 timer handles retransmits of control frames (essentially of 1555 * SABM and DISC). We resend the command until the retry count runs out 1556 * in which case an opening port goes back to closed and a closing port 1557 * is simply put into closed state (any further frames from the other 1558 * end will get a DM response) 1559 * 1560 * Some control dlci can stay in ADM mode with other dlci working just 1561 * fine. In that case we can just keep the control dlci open after the 1562 * DLCI_OPENING retries time out. 1563 */ 1564 1565 static void gsm_dlci_t1(struct timer_list *t) 1566 { 1567 struct gsm_dlci *dlci = from_timer(dlci, t, t1); 1568 struct gsm_mux *gsm = dlci->gsm; 1569 1570 switch (dlci->state) { 1571 case DLCI_OPENING: 1572 dlci->retries--; 1573 if (dlci->retries) { 1574 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1575 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1576 } else if (!dlci->addr && gsm->control == (DM | PF)) { 1577 if (debug & 8) 1578 pr_info("DLCI %d opening in ADM mode.\n", 1579 dlci->addr); 1580 dlci->mode = DLCI_MODE_ADM; 1581 gsm_dlci_open(dlci); 1582 } else { 1583 gsm_dlci_begin_close(dlci); /* prevent half open link */ 1584 } 1585 1586 break; 1587 case DLCI_CLOSING: 1588 dlci->retries--; 1589 if (dlci->retries) { 1590 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1591 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1592 } else 1593 gsm_dlci_close(dlci); 1594 break; 1595 default: 1596 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state); 1597 break; 1598 } 1599 } 1600 1601 /** 1602 * gsm_dlci_begin_open - start channel open procedure 1603 * @dlci: DLCI to open 1604 * 1605 * Commence opening a DLCI from the Linux side. We issue SABM messages 1606 * to the modem which should then reply with a UA or ADM, at which point 1607 * we will move into open state. Opening is done asynchronously with retry 1608 * running off timers and the responses. 1609 */ 1610 1611 static void gsm_dlci_begin_open(struct gsm_dlci *dlci) 1612 { 1613 struct gsm_mux *gsm = dlci->gsm; 1614 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING) 1615 return; 1616 dlci->retries = gsm->n2; 1617 dlci->state = DLCI_OPENING; 1618 gsm_command(dlci->gsm, dlci->addr, SABM|PF); 1619 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1620 } 1621 1622 /** 1623 * gsm_dlci_begin_close - start channel open procedure 1624 * @dlci: DLCI to open 1625 * 1626 * Commence closing a DLCI from the Linux side. We issue DISC messages 1627 * to the modem which should then reply with a UA, at which point we 1628 * will move into closed state. Closing is done asynchronously with retry 1629 * off timers. We may also receive a DM reply from the other end which 1630 * indicates the channel was already closed. 1631 */ 1632 1633 static void gsm_dlci_begin_close(struct gsm_dlci *dlci) 1634 { 1635 struct gsm_mux *gsm = dlci->gsm; 1636 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING) 1637 return; 1638 dlci->retries = gsm->n2; 1639 dlci->state = DLCI_CLOSING; 1640 gsm_command(dlci->gsm, dlci->addr, DISC|PF); 1641 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100); 1642 } 1643 1644 /** 1645 * gsm_dlci_data - data arrived 1646 * @dlci: channel 1647 * @data: block of bytes received 1648 * @clen: length of received block 1649 * 1650 * A UI or UIH frame has arrived which contains data for a channel 1651 * other than the control channel. If the relevant virtual tty is 1652 * open we shovel the bits down it, if not we drop them. 1653 */ 1654 1655 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen) 1656 { 1657 /* krefs .. */ 1658 struct tty_port *port = &dlci->port; 1659 struct tty_struct *tty; 1660 unsigned int modem = 0; 1661 int len = clen; 1662 int slen = 0; 1663 1664 if (debug & 16) 1665 pr_debug("%d bytes for tty\n", len); 1666 switch (dlci->adaption) { 1667 /* Unsupported types */ 1668 case 4: /* Packetised interruptible data */ 1669 break; 1670 case 3: /* Packetised uininterruptible voice/data */ 1671 break; 1672 case 2: /* Asynchronous serial with line state in each frame */ 1673 while (gsm_read_ea(&modem, *data++) == 0) { 1674 len--; 1675 slen++; 1676 if (len == 0) 1677 return; 1678 } 1679 len--; 1680 slen++; 1681 tty = tty_port_tty_get(port); 1682 if (tty) { 1683 gsm_process_modem(tty, dlci, modem, slen); 1684 tty_wakeup(tty); 1685 tty_kref_put(tty); 1686 } 1687 fallthrough; 1688 case 1: /* Line state will go via DLCI 0 controls only */ 1689 default: 1690 tty_insert_flip_string(port, data, len); 1691 tty_flip_buffer_push(port); 1692 } 1693 } 1694 1695 /** 1696 * gsm_dlci_command - data arrived on control channel 1697 * @dlci: channel 1698 * @data: block of bytes received 1699 * @len: length of received block 1700 * 1701 * A UI or UIH frame has arrived which contains data for DLCI 0 the 1702 * control channel. This should contain a command EA followed by 1703 * control data bytes. The command EA contains a command/response bit 1704 * and we divide up the work accordingly. 1705 */ 1706 1707 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len) 1708 { 1709 /* See what command is involved */ 1710 unsigned int command = 0; 1711 while (len-- > 0) { 1712 if (gsm_read_ea(&command, *data++) == 1) { 1713 int clen = *data++; 1714 len--; 1715 /* FIXME: this is properly an EA */ 1716 clen >>= 1; 1717 /* Malformed command ? */ 1718 if (clen > len) 1719 return; 1720 if (command & 1) 1721 gsm_control_message(dlci->gsm, command, 1722 data, clen); 1723 else 1724 gsm_control_response(dlci->gsm, command, 1725 data, clen); 1726 return; 1727 } 1728 } 1729 } 1730 1731 /* 1732 * Allocate/Free DLCI channels 1733 */ 1734 1735 /** 1736 * gsm_dlci_alloc - allocate a DLCI 1737 * @gsm: GSM mux 1738 * @addr: address of the DLCI 1739 * 1740 * Allocate and install a new DLCI object into the GSM mux. 1741 * 1742 * FIXME: review locking races 1743 */ 1744 1745 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr) 1746 { 1747 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC); 1748 if (dlci == NULL) 1749 return NULL; 1750 spin_lock_init(&dlci->lock); 1751 mutex_init(&dlci->mutex); 1752 if (kfifo_alloc(&dlci->fifo, TX_SIZE, GFP_KERNEL) < 0) { 1753 kfree(dlci); 1754 return NULL; 1755 } 1756 1757 skb_queue_head_init(&dlci->skb_list); 1758 timer_setup(&dlci->t1, gsm_dlci_t1, 0); 1759 tty_port_init(&dlci->port); 1760 dlci->port.ops = &gsm_port_ops; 1761 dlci->gsm = gsm; 1762 dlci->addr = addr; 1763 dlci->adaption = gsm->adaption; 1764 dlci->state = DLCI_CLOSED; 1765 if (addr) 1766 dlci->data = gsm_dlci_data; 1767 else 1768 dlci->data = gsm_dlci_command; 1769 gsm->dlci[addr] = dlci; 1770 return dlci; 1771 } 1772 1773 /** 1774 * gsm_dlci_free - free DLCI 1775 * @port: tty port for DLCI to free 1776 * 1777 * Free up a DLCI. 1778 * 1779 * Can sleep. 1780 */ 1781 static void gsm_dlci_free(struct tty_port *port) 1782 { 1783 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 1784 1785 del_timer_sync(&dlci->t1); 1786 dlci->gsm->dlci[dlci->addr] = NULL; 1787 kfifo_free(&dlci->fifo); 1788 while ((dlci->skb = skb_dequeue(&dlci->skb_list))) 1789 dev_kfree_skb(dlci->skb); 1790 kfree(dlci); 1791 } 1792 1793 static inline void dlci_get(struct gsm_dlci *dlci) 1794 { 1795 tty_port_get(&dlci->port); 1796 } 1797 1798 static inline void dlci_put(struct gsm_dlci *dlci) 1799 { 1800 tty_port_put(&dlci->port); 1801 } 1802 1803 static void gsm_destroy_network(struct gsm_dlci *dlci); 1804 1805 /** 1806 * gsm_dlci_release - release DLCI 1807 * @dlci: DLCI to destroy 1808 * 1809 * Release a DLCI. Actual free is deferred until either 1810 * mux is closed or tty is closed - whichever is last. 1811 * 1812 * Can sleep. 1813 */ 1814 static void gsm_dlci_release(struct gsm_dlci *dlci) 1815 { 1816 struct tty_struct *tty = tty_port_tty_get(&dlci->port); 1817 if (tty) { 1818 mutex_lock(&dlci->mutex); 1819 gsm_destroy_network(dlci); 1820 mutex_unlock(&dlci->mutex); 1821 1822 /* We cannot use tty_hangup() because in tty_kref_put() the tty 1823 * driver assumes that the hangup queue is free and reuses it to 1824 * queue release_one_tty() -> NULL pointer panic in 1825 * process_one_work(). 1826 */ 1827 tty_vhangup(tty); 1828 1829 tty_port_tty_set(&dlci->port, NULL); 1830 tty_kref_put(tty); 1831 } 1832 dlci->state = DLCI_CLOSED; 1833 dlci_put(dlci); 1834 } 1835 1836 /* 1837 * LAPBish link layer logic 1838 */ 1839 1840 /** 1841 * gsm_queue - a GSM frame is ready to process 1842 * @gsm: pointer to our gsm mux 1843 * 1844 * At this point in time a frame has arrived and been demangled from 1845 * the line encoding. All the differences between the encodings have 1846 * been handled below us and the frame is unpacked into the structures. 1847 * The fcs holds the header FCS but any data FCS must be added here. 1848 */ 1849 1850 static void gsm_queue(struct gsm_mux *gsm) 1851 { 1852 struct gsm_dlci *dlci; 1853 u8 cr; 1854 int address; 1855 1856 if (gsm->fcs != GOOD_FCS) { 1857 gsm->bad_fcs++; 1858 if (debug & 4) 1859 pr_debug("BAD FCS %02x\n", gsm->fcs); 1860 return; 1861 } 1862 address = gsm->address >> 1; 1863 if (address >= NUM_DLCI) 1864 goto invalid; 1865 1866 cr = gsm->address & 1; /* C/R bit */ 1867 cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */ 1868 1869 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len); 1870 1871 dlci = gsm->dlci[address]; 1872 1873 switch (gsm->control) { 1874 case SABM|PF: 1875 if (cr == 1) 1876 goto invalid; 1877 if (dlci == NULL) 1878 dlci = gsm_dlci_alloc(gsm, address); 1879 if (dlci == NULL) 1880 return; 1881 if (dlci->dead) 1882 gsm_response(gsm, address, DM|PF); 1883 else { 1884 gsm_response(gsm, address, UA|PF); 1885 gsm_dlci_open(dlci); 1886 } 1887 break; 1888 case DISC|PF: 1889 if (cr == 1) 1890 goto invalid; 1891 if (dlci == NULL || dlci->state == DLCI_CLOSED) { 1892 gsm_response(gsm, address, DM|PF); 1893 return; 1894 } 1895 /* Real close complete */ 1896 gsm_response(gsm, address, UA|PF); 1897 gsm_dlci_close(dlci); 1898 break; 1899 case UA|PF: 1900 if (cr == 0 || dlci == NULL) 1901 break; 1902 switch (dlci->state) { 1903 case DLCI_CLOSING: 1904 gsm_dlci_close(dlci); 1905 break; 1906 case DLCI_OPENING: 1907 gsm_dlci_open(dlci); 1908 break; 1909 default: 1910 pr_debug("%s: unhandled state: %d\n", __func__, 1911 dlci->state); 1912 break; 1913 } 1914 break; 1915 case DM: /* DM can be valid unsolicited */ 1916 case DM|PF: 1917 if (cr) 1918 goto invalid; 1919 if (dlci == NULL) 1920 return; 1921 gsm_dlci_close(dlci); 1922 break; 1923 case UI: 1924 case UI|PF: 1925 case UIH: 1926 case UIH|PF: 1927 if (dlci == NULL || dlci->state != DLCI_OPEN) { 1928 gsm_command(gsm, address, DM|PF); 1929 return; 1930 } 1931 dlci->data(dlci, gsm->buf, gsm->len); 1932 break; 1933 default: 1934 goto invalid; 1935 } 1936 return; 1937 invalid: 1938 gsm->malformed++; 1939 return; 1940 } 1941 1942 1943 /** 1944 * gsm0_receive - perform processing for non-transparency 1945 * @gsm: gsm data for this ldisc instance 1946 * @c: character 1947 * 1948 * Receive bytes in gsm mode 0 1949 */ 1950 1951 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c) 1952 { 1953 unsigned int len; 1954 1955 switch (gsm->state) { 1956 case GSM_SEARCH: /* SOF marker */ 1957 if (c == GSM0_SOF) { 1958 gsm->state = GSM_ADDRESS; 1959 gsm->address = 0; 1960 gsm->len = 0; 1961 gsm->fcs = INIT_FCS; 1962 } 1963 break; 1964 case GSM_ADDRESS: /* Address EA */ 1965 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1966 if (gsm_read_ea(&gsm->address, c)) 1967 gsm->state = GSM_CONTROL; 1968 break; 1969 case GSM_CONTROL: /* Control Byte */ 1970 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1971 gsm->control = c; 1972 gsm->state = GSM_LEN0; 1973 break; 1974 case GSM_LEN0: /* Length EA */ 1975 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1976 if (gsm_read_ea(&gsm->len, c)) { 1977 if (gsm->len > gsm->mru) { 1978 gsm->bad_size++; 1979 gsm->state = GSM_SEARCH; 1980 break; 1981 } 1982 gsm->count = 0; 1983 if (!gsm->len) 1984 gsm->state = GSM_FCS; 1985 else 1986 gsm->state = GSM_DATA; 1987 break; 1988 } 1989 gsm->state = GSM_LEN1; 1990 break; 1991 case GSM_LEN1: 1992 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 1993 len = c; 1994 gsm->len |= len << 7; 1995 if (gsm->len > gsm->mru) { 1996 gsm->bad_size++; 1997 gsm->state = GSM_SEARCH; 1998 break; 1999 } 2000 gsm->count = 0; 2001 if (!gsm->len) 2002 gsm->state = GSM_FCS; 2003 else 2004 gsm->state = GSM_DATA; 2005 break; 2006 case GSM_DATA: /* Data */ 2007 gsm->buf[gsm->count++] = c; 2008 if (gsm->count == gsm->len) { 2009 /* Calculate final FCS for UI frames over all data */ 2010 if ((gsm->control & ~PF) != UIH) { 2011 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, 2012 gsm->count); 2013 } 2014 gsm->state = GSM_FCS; 2015 } 2016 break; 2017 case GSM_FCS: /* FCS follows the packet */ 2018 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2019 gsm->state = GSM_SSOF; 2020 break; 2021 case GSM_SSOF: 2022 gsm->state = GSM_SEARCH; 2023 if (c == GSM0_SOF) 2024 gsm_queue(gsm); 2025 else 2026 gsm->bad_size++; 2027 break; 2028 default: 2029 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state); 2030 break; 2031 } 2032 } 2033 2034 /** 2035 * gsm1_receive - perform processing for non-transparency 2036 * @gsm: gsm data for this ldisc instance 2037 * @c: character 2038 * 2039 * Receive bytes in mode 1 (Advanced option) 2040 */ 2041 2042 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c) 2043 { 2044 /* handle XON/XOFF */ 2045 if ((c & ISO_IEC_646_MASK) == XON) { 2046 gsm->constipated = true; 2047 return; 2048 } else if ((c & ISO_IEC_646_MASK) == XOFF) { 2049 gsm->constipated = false; 2050 /* Kick the link in case it is idling */ 2051 gsm_data_kick(gsm, NULL); 2052 return; 2053 } 2054 if (c == GSM1_SOF) { 2055 /* EOF is only valid in frame if we have got to the data state */ 2056 if (gsm->state == GSM_DATA) { 2057 if (gsm->count < 1) { 2058 /* Missing FSC */ 2059 gsm->malformed++; 2060 gsm->state = GSM_START; 2061 return; 2062 } 2063 /* Remove the FCS from data */ 2064 gsm->count--; 2065 if ((gsm->control & ~PF) != UIH) { 2066 /* Calculate final FCS for UI frames over all 2067 * data but FCS 2068 */ 2069 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, 2070 gsm->count); 2071 } 2072 /* Add the FCS itself to test against GOOD_FCS */ 2073 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]); 2074 gsm->len = gsm->count; 2075 gsm_queue(gsm); 2076 gsm->state = GSM_START; 2077 return; 2078 } 2079 /* Any partial frame was a runt so go back to start */ 2080 if (gsm->state != GSM_START) { 2081 if (gsm->state != GSM_SEARCH) 2082 gsm->malformed++; 2083 gsm->state = GSM_START; 2084 } 2085 /* A SOF in GSM_START means we are still reading idling or 2086 framing bytes */ 2087 return; 2088 } 2089 2090 if (c == GSM1_ESCAPE) { 2091 gsm->escape = true; 2092 return; 2093 } 2094 2095 /* Only an unescaped SOF gets us out of GSM search */ 2096 if (gsm->state == GSM_SEARCH) 2097 return; 2098 2099 if (gsm->escape) { 2100 c ^= GSM1_ESCAPE_BITS; 2101 gsm->escape = false; 2102 } 2103 switch (gsm->state) { 2104 case GSM_START: /* First byte after SOF */ 2105 gsm->address = 0; 2106 gsm->state = GSM_ADDRESS; 2107 gsm->fcs = INIT_FCS; 2108 fallthrough; 2109 case GSM_ADDRESS: /* Address continuation */ 2110 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2111 if (gsm_read_ea(&gsm->address, c)) 2112 gsm->state = GSM_CONTROL; 2113 break; 2114 case GSM_CONTROL: /* Control Byte */ 2115 gsm->fcs = gsm_fcs_add(gsm->fcs, c); 2116 gsm->control = c; 2117 gsm->count = 0; 2118 gsm->state = GSM_DATA; 2119 break; 2120 case GSM_DATA: /* Data */ 2121 if (gsm->count > gsm->mru) { /* Allow one for the FCS */ 2122 gsm->state = GSM_OVERRUN; 2123 gsm->bad_size++; 2124 } else 2125 gsm->buf[gsm->count++] = c; 2126 break; 2127 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */ 2128 break; 2129 default: 2130 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state); 2131 break; 2132 } 2133 } 2134 2135 /** 2136 * gsm_error - handle tty error 2137 * @gsm: ldisc data 2138 * 2139 * Handle an error in the receipt of data for a frame. Currently we just 2140 * go back to hunting for a SOF. 2141 * 2142 * FIXME: better diagnostics ? 2143 */ 2144 2145 static void gsm_error(struct gsm_mux *gsm) 2146 { 2147 gsm->state = GSM_SEARCH; 2148 gsm->io_error++; 2149 } 2150 2151 /** 2152 * gsm_cleanup_mux - generic GSM protocol cleanup 2153 * @gsm: our mux 2154 * @disc: disconnect link? 2155 * 2156 * Clean up the bits of the mux which are the same for all framing 2157 * protocols. Remove the mux from the mux table, stop all the timers 2158 * and then shut down each device hanging up the channels as we go. 2159 */ 2160 2161 static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc) 2162 { 2163 int i; 2164 struct gsm_dlci *dlci = gsm->dlci[0]; 2165 struct gsm_msg *txq, *ntxq; 2166 2167 gsm->dead = true; 2168 mutex_lock(&gsm->mutex); 2169 2170 if (dlci) { 2171 if (disc && dlci->state != DLCI_CLOSED) { 2172 gsm_dlci_begin_close(dlci); 2173 wait_event(gsm->event, dlci->state == DLCI_CLOSED); 2174 } 2175 dlci->dead = true; 2176 } 2177 2178 /* Finish outstanding timers, making sure they are done */ 2179 del_timer_sync(&gsm->t2_timer); 2180 2181 /* Free up any link layer users and finally the control channel */ 2182 for (i = NUM_DLCI - 1; i >= 0; i--) 2183 if (gsm->dlci[i]) 2184 gsm_dlci_release(gsm->dlci[i]); 2185 mutex_unlock(&gsm->mutex); 2186 /* Now wipe the queues */ 2187 tty_ldisc_flush(gsm->tty); 2188 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list) 2189 kfree(txq); 2190 INIT_LIST_HEAD(&gsm->tx_list); 2191 } 2192 2193 /** 2194 * gsm_activate_mux - generic GSM setup 2195 * @gsm: our mux 2196 * 2197 * Set up the bits of the mux which are the same for all framing 2198 * protocols. Add the mux to the mux table so it can be opened and 2199 * finally kick off connecting to DLCI 0 on the modem. 2200 */ 2201 2202 static int gsm_activate_mux(struct gsm_mux *gsm) 2203 { 2204 struct gsm_dlci *dlci; 2205 2206 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0); 2207 init_waitqueue_head(&gsm->event); 2208 spin_lock_init(&gsm->control_lock); 2209 spin_lock_init(&gsm->tx_lock); 2210 2211 if (gsm->encoding == 0) 2212 gsm->receive = gsm0_receive; 2213 else 2214 gsm->receive = gsm1_receive; 2215 2216 dlci = gsm_dlci_alloc(gsm, 0); 2217 if (dlci == NULL) 2218 return -ENOMEM; 2219 gsm->dead = false; /* Tty opens are now permissible */ 2220 return 0; 2221 } 2222 2223 /** 2224 * gsm_free_mux - free up a mux 2225 * @gsm: mux to free 2226 * 2227 * Dispose of allocated resources for a dead mux 2228 */ 2229 static void gsm_free_mux(struct gsm_mux *gsm) 2230 { 2231 int i; 2232 2233 for (i = 0; i < MAX_MUX; i++) { 2234 if (gsm == gsm_mux[i]) { 2235 gsm_mux[i] = NULL; 2236 break; 2237 } 2238 } 2239 mutex_destroy(&gsm->mutex); 2240 kfree(gsm->txframe); 2241 kfree(gsm->buf); 2242 kfree(gsm); 2243 } 2244 2245 /** 2246 * gsm_free_muxr - free up a mux 2247 * @ref: kreference to the mux to free 2248 * 2249 * Dispose of allocated resources for a dead mux 2250 */ 2251 static void gsm_free_muxr(struct kref *ref) 2252 { 2253 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref); 2254 gsm_free_mux(gsm); 2255 } 2256 2257 static inline void mux_get(struct gsm_mux *gsm) 2258 { 2259 unsigned long flags; 2260 2261 spin_lock_irqsave(&gsm_mux_lock, flags); 2262 kref_get(&gsm->ref); 2263 spin_unlock_irqrestore(&gsm_mux_lock, flags); 2264 } 2265 2266 static inline void mux_put(struct gsm_mux *gsm) 2267 { 2268 unsigned long flags; 2269 2270 spin_lock_irqsave(&gsm_mux_lock, flags); 2271 kref_put(&gsm->ref, gsm_free_muxr); 2272 spin_unlock_irqrestore(&gsm_mux_lock, flags); 2273 } 2274 2275 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm) 2276 { 2277 return gsm->num * NUM_DLCI; 2278 } 2279 2280 static inline unsigned int mux_line_to_num(unsigned int line) 2281 { 2282 return line / NUM_DLCI; 2283 } 2284 2285 /** 2286 * gsm_alloc_mux - allocate a mux 2287 * 2288 * Creates a new mux ready for activation. 2289 */ 2290 2291 static struct gsm_mux *gsm_alloc_mux(void) 2292 { 2293 int i; 2294 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL); 2295 if (gsm == NULL) 2296 return NULL; 2297 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL); 2298 if (gsm->buf == NULL) { 2299 kfree(gsm); 2300 return NULL; 2301 } 2302 gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL); 2303 if (gsm->txframe == NULL) { 2304 kfree(gsm->buf); 2305 kfree(gsm); 2306 return NULL; 2307 } 2308 spin_lock_init(&gsm->lock); 2309 mutex_init(&gsm->mutex); 2310 kref_init(&gsm->ref); 2311 INIT_LIST_HEAD(&gsm->tx_list); 2312 2313 gsm->t1 = T1; 2314 gsm->t2 = T2; 2315 gsm->n2 = N2; 2316 gsm->ftype = UIH; 2317 gsm->adaption = 1; 2318 gsm->encoding = 1; 2319 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */ 2320 gsm->mtu = 64; 2321 gsm->dead = true; /* Avoid early tty opens */ 2322 2323 /* Store the instance to the mux array or abort if no space is 2324 * available. 2325 */ 2326 spin_lock(&gsm_mux_lock); 2327 for (i = 0; i < MAX_MUX; i++) { 2328 if (!gsm_mux[i]) { 2329 gsm_mux[i] = gsm; 2330 gsm->num = i; 2331 break; 2332 } 2333 } 2334 spin_unlock(&gsm_mux_lock); 2335 if (i == MAX_MUX) { 2336 mutex_destroy(&gsm->mutex); 2337 kfree(gsm->txframe); 2338 kfree(gsm->buf); 2339 kfree(gsm); 2340 return NULL; 2341 } 2342 2343 return gsm; 2344 } 2345 2346 static void gsm_copy_config_values(struct gsm_mux *gsm, 2347 struct gsm_config *c) 2348 { 2349 memset(c, 0, sizeof(*c)); 2350 c->adaption = gsm->adaption; 2351 c->encapsulation = gsm->encoding; 2352 c->initiator = gsm->initiator; 2353 c->t1 = gsm->t1; 2354 c->t2 = gsm->t2; 2355 c->t3 = 0; /* Not supported */ 2356 c->n2 = gsm->n2; 2357 if (gsm->ftype == UIH) 2358 c->i = 1; 2359 else 2360 c->i = 2; 2361 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i); 2362 c->mru = gsm->mru; 2363 c->mtu = gsm->mtu; 2364 c->k = 0; 2365 } 2366 2367 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c) 2368 { 2369 int ret = 0; 2370 int need_close = 0; 2371 int need_restart = 0; 2372 2373 /* Stuff we don't support yet - UI or I frame transport, windowing */ 2374 if ((c->adaption != 1 && c->adaption != 2) || c->k) 2375 return -EOPNOTSUPP; 2376 /* Check the MRU/MTU range looks sane */ 2377 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8) 2378 return -EINVAL; 2379 if (c->n2 > 255) 2380 return -EINVAL; 2381 if (c->encapsulation > 1) /* Basic, advanced, no I */ 2382 return -EINVAL; 2383 if (c->initiator > 1) 2384 return -EINVAL; 2385 if (c->i == 0 || c->i > 2) /* UIH and UI only */ 2386 return -EINVAL; 2387 /* 2388 * See what is needed for reconfiguration 2389 */ 2390 2391 /* Timing fields */ 2392 if (c->t1 != 0 && c->t1 != gsm->t1) 2393 need_restart = 1; 2394 if (c->t2 != 0 && c->t2 != gsm->t2) 2395 need_restart = 1; 2396 if (c->encapsulation != gsm->encoding) 2397 need_restart = 1; 2398 if (c->adaption != gsm->adaption) 2399 need_restart = 1; 2400 /* Requires care */ 2401 if (c->initiator != gsm->initiator) 2402 need_close = 1; 2403 if (c->mru != gsm->mru) 2404 need_restart = 1; 2405 if (c->mtu != gsm->mtu) 2406 need_restart = 1; 2407 2408 /* 2409 * Close down what is needed, restart and initiate the new 2410 * configuration. On the first time there is no DLCI[0] 2411 * and closing or cleaning up is not necessary. 2412 */ 2413 if (need_close || need_restart) 2414 gsm_cleanup_mux(gsm, true); 2415 2416 gsm->initiator = c->initiator; 2417 gsm->mru = c->mru; 2418 gsm->mtu = c->mtu; 2419 gsm->encoding = c->encapsulation; 2420 gsm->adaption = c->adaption; 2421 gsm->n2 = c->n2; 2422 2423 if (c->i == 1) 2424 gsm->ftype = UIH; 2425 else if (c->i == 2) 2426 gsm->ftype = UI; 2427 2428 if (c->t1) 2429 gsm->t1 = c->t1; 2430 if (c->t2) 2431 gsm->t2 = c->t2; 2432 2433 /* 2434 * FIXME: We need to separate activation/deactivation from adding 2435 * and removing from the mux array 2436 */ 2437 if (gsm->dead) { 2438 ret = gsm_activate_mux(gsm); 2439 if (ret) 2440 return ret; 2441 if (gsm->initiator) 2442 gsm_dlci_begin_open(gsm->dlci[0]); 2443 } 2444 return 0; 2445 } 2446 2447 /** 2448 * gsmld_output - write to link 2449 * @gsm: our mux 2450 * @data: bytes to output 2451 * @len: size 2452 * 2453 * Write a block of data from the GSM mux to the data channel. This 2454 * will eventually be serialized from above but at the moment isn't. 2455 */ 2456 2457 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len) 2458 { 2459 if (tty_write_room(gsm->tty) < len) { 2460 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags); 2461 return -ENOSPC; 2462 } 2463 if (debug & 4) 2464 gsm_hex_dump_bytes(__func__, data, len); 2465 return gsm->tty->ops->write(gsm->tty, data, len); 2466 } 2467 2468 /** 2469 * gsmld_attach_gsm - mode set up 2470 * @tty: our tty structure 2471 * @gsm: our mux 2472 * 2473 * Set up the MUX for basic mode and commence connecting to the 2474 * modem. Currently called from the line discipline set up but 2475 * will need moving to an ioctl path. 2476 */ 2477 2478 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2479 { 2480 unsigned int base; 2481 int ret, i; 2482 2483 gsm->tty = tty_kref_get(tty); 2484 /* Turn off tty XON/XOFF handling to handle it explicitly. */ 2485 gsm->old_c_iflag = tty->termios.c_iflag; 2486 tty->termios.c_iflag &= (IXON | IXOFF); 2487 ret = gsm_activate_mux(gsm); 2488 if (ret != 0) 2489 tty_kref_put(gsm->tty); 2490 else { 2491 /* Don't register device 0 - this is the control channel and not 2492 a usable tty interface */ 2493 base = mux_num_to_base(gsm); /* Base for this MUX */ 2494 for (i = 1; i < NUM_DLCI; i++) { 2495 struct device *dev; 2496 2497 dev = tty_register_device(gsm_tty_driver, 2498 base + i, NULL); 2499 if (IS_ERR(dev)) { 2500 for (i--; i >= 1; i--) 2501 tty_unregister_device(gsm_tty_driver, 2502 base + i); 2503 return PTR_ERR(dev); 2504 } 2505 } 2506 } 2507 return ret; 2508 } 2509 2510 2511 /** 2512 * gsmld_detach_gsm - stop doing 0710 mux 2513 * @tty: tty attached to the mux 2514 * @gsm: mux 2515 * 2516 * Shutdown and then clean up the resources used by the line discipline 2517 */ 2518 2519 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm) 2520 { 2521 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */ 2522 int i; 2523 2524 WARN_ON(tty != gsm->tty); 2525 for (i = 1; i < NUM_DLCI; i++) 2526 tty_unregister_device(gsm_tty_driver, base + i); 2527 /* Restore tty XON/XOFF handling. */ 2528 gsm->tty->termios.c_iflag = gsm->old_c_iflag; 2529 tty_kref_put(gsm->tty); 2530 gsm->tty = NULL; 2531 } 2532 2533 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp, 2534 const char *fp, int count) 2535 { 2536 struct gsm_mux *gsm = tty->disc_data; 2537 char flags = TTY_NORMAL; 2538 2539 if (debug & 4) 2540 gsm_hex_dump_bytes(__func__, cp, count); 2541 2542 for (; count; count--, cp++) { 2543 if (fp) 2544 flags = *fp++; 2545 switch (flags) { 2546 case TTY_NORMAL: 2547 gsm->receive(gsm, *cp); 2548 break; 2549 case TTY_OVERRUN: 2550 case TTY_BREAK: 2551 case TTY_PARITY: 2552 case TTY_FRAME: 2553 gsm_error(gsm); 2554 break; 2555 default: 2556 WARN_ONCE(1, "%s: unknown flag %d\n", 2557 tty_name(tty), flags); 2558 break; 2559 } 2560 } 2561 /* FASYNC if needed ? */ 2562 /* If clogged call tty_throttle(tty); */ 2563 } 2564 2565 /** 2566 * gsmld_flush_buffer - clean input queue 2567 * @tty: terminal device 2568 * 2569 * Flush the input buffer. Called when the line discipline is 2570 * being closed, when the tty layer wants the buffer flushed (eg 2571 * at hangup). 2572 */ 2573 2574 static void gsmld_flush_buffer(struct tty_struct *tty) 2575 { 2576 } 2577 2578 /** 2579 * gsmld_close - close the ldisc for this tty 2580 * @tty: device 2581 * 2582 * Called from the terminal layer when this line discipline is 2583 * being shut down, either because of a close or becsuse of a 2584 * discipline change. The function will not be called while other 2585 * ldisc methods are in progress. 2586 */ 2587 2588 static void gsmld_close(struct tty_struct *tty) 2589 { 2590 struct gsm_mux *gsm = tty->disc_data; 2591 2592 /* The ldisc locks and closes the port before calling our close. This 2593 * means we have no way to do a proper disconnect. We will not bother 2594 * to do one. 2595 */ 2596 gsm_cleanup_mux(gsm, false); 2597 2598 gsmld_detach_gsm(tty, gsm); 2599 2600 gsmld_flush_buffer(tty); 2601 /* Do other clean up here */ 2602 mux_put(gsm); 2603 } 2604 2605 /** 2606 * gsmld_open - open an ldisc 2607 * @tty: terminal to open 2608 * 2609 * Called when this line discipline is being attached to the 2610 * terminal device. Can sleep. Called serialized so that no 2611 * other events will occur in parallel. No further open will occur 2612 * until a close. 2613 */ 2614 2615 static int gsmld_open(struct tty_struct *tty) 2616 { 2617 struct gsm_mux *gsm; 2618 int ret; 2619 2620 if (tty->ops->write == NULL) 2621 return -EINVAL; 2622 2623 /* Attach our ldisc data */ 2624 gsm = gsm_alloc_mux(); 2625 if (gsm == NULL) 2626 return -ENOMEM; 2627 2628 tty->disc_data = gsm; 2629 tty->receive_room = 65536; 2630 2631 /* Attach the initial passive connection */ 2632 gsm->encoding = 1; 2633 2634 ret = gsmld_attach_gsm(tty, gsm); 2635 if (ret != 0) { 2636 gsm_cleanup_mux(gsm, false); 2637 mux_put(gsm); 2638 } 2639 return ret; 2640 } 2641 2642 /** 2643 * gsmld_write_wakeup - asynchronous I/O notifier 2644 * @tty: tty device 2645 * 2646 * Required for the ptys, serial driver etc. since processes 2647 * that attach themselves to the master and rely on ASYNC 2648 * IO must be woken up 2649 */ 2650 2651 static void gsmld_write_wakeup(struct tty_struct *tty) 2652 { 2653 struct gsm_mux *gsm = tty->disc_data; 2654 unsigned long flags; 2655 2656 /* Queue poll */ 2657 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2658 spin_lock_irqsave(&gsm->tx_lock, flags); 2659 gsm_data_kick(gsm, NULL); 2660 if (gsm->tx_bytes < TX_THRESH_LO) { 2661 gsm_dlci_data_sweep(gsm); 2662 } 2663 spin_unlock_irqrestore(&gsm->tx_lock, flags); 2664 } 2665 2666 /** 2667 * gsmld_read - read function for tty 2668 * @tty: tty device 2669 * @file: file object 2670 * @buf: userspace buffer pointer 2671 * @nr: size of I/O 2672 * @cookie: unused 2673 * @offset: unused 2674 * 2675 * Perform reads for the line discipline. We are guaranteed that the 2676 * line discipline will not be closed under us but we may get multiple 2677 * parallel readers and must handle this ourselves. We may also get 2678 * a hangup. Always called in user context, may sleep. 2679 * 2680 * This code must be sure never to sleep through a hangup. 2681 */ 2682 2683 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, 2684 unsigned char *buf, size_t nr, 2685 void **cookie, unsigned long offset) 2686 { 2687 return -EOPNOTSUPP; 2688 } 2689 2690 /** 2691 * gsmld_write - write function for tty 2692 * @tty: tty device 2693 * @file: file object 2694 * @buf: userspace buffer pointer 2695 * @nr: size of I/O 2696 * 2697 * Called when the owner of the device wants to send a frame 2698 * itself (or some other control data). The data is transferred 2699 * as-is and must be properly framed and checksummed as appropriate 2700 * by userspace. Frames are either sent whole or not at all as this 2701 * avoids pain user side. 2702 */ 2703 2704 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file, 2705 const unsigned char *buf, size_t nr) 2706 { 2707 int space = tty_write_room(tty); 2708 if (space >= nr) 2709 return tty->ops->write(tty, buf, nr); 2710 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags); 2711 return -ENOBUFS; 2712 } 2713 2714 /** 2715 * gsmld_poll - poll method for N_GSM0710 2716 * @tty: terminal device 2717 * @file: file accessing it 2718 * @wait: poll table 2719 * 2720 * Called when the line discipline is asked to poll() for data or 2721 * for special events. This code is not serialized with respect to 2722 * other events save open/close. 2723 * 2724 * This code must be sure never to sleep through a hangup. 2725 * Called without the kernel lock held - fine 2726 */ 2727 2728 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file, 2729 poll_table *wait) 2730 { 2731 __poll_t mask = 0; 2732 struct gsm_mux *gsm = tty->disc_data; 2733 2734 poll_wait(file, &tty->read_wait, wait); 2735 poll_wait(file, &tty->write_wait, wait); 2736 if (tty_hung_up_p(file)) 2737 mask |= EPOLLHUP; 2738 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0) 2739 mask |= EPOLLOUT | EPOLLWRNORM; 2740 if (gsm->dead) 2741 mask |= EPOLLHUP; 2742 return mask; 2743 } 2744 2745 static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd, 2746 unsigned long arg) 2747 { 2748 struct gsm_config c; 2749 struct gsm_mux *gsm = tty->disc_data; 2750 unsigned int base; 2751 2752 switch (cmd) { 2753 case GSMIOC_GETCONF: 2754 gsm_copy_config_values(gsm, &c); 2755 if (copy_to_user((void __user *)arg, &c, sizeof(c))) 2756 return -EFAULT; 2757 return 0; 2758 case GSMIOC_SETCONF: 2759 if (copy_from_user(&c, (void __user *)arg, sizeof(c))) 2760 return -EFAULT; 2761 return gsm_config(gsm, &c); 2762 case GSMIOC_GETFIRST: 2763 base = mux_num_to_base(gsm); 2764 return put_user(base + 1, (__u32 __user *)arg); 2765 default: 2766 return n_tty_ioctl_helper(tty, cmd, arg); 2767 } 2768 } 2769 2770 /* 2771 * Network interface 2772 * 2773 */ 2774 2775 static int gsm_mux_net_open(struct net_device *net) 2776 { 2777 pr_debug("%s called\n", __func__); 2778 netif_start_queue(net); 2779 return 0; 2780 } 2781 2782 static int gsm_mux_net_close(struct net_device *net) 2783 { 2784 netif_stop_queue(net); 2785 return 0; 2786 } 2787 2788 static void dlci_net_free(struct gsm_dlci *dlci) 2789 { 2790 if (!dlci->net) { 2791 WARN_ON(1); 2792 return; 2793 } 2794 dlci->adaption = dlci->prev_adaption; 2795 dlci->data = dlci->prev_data; 2796 free_netdev(dlci->net); 2797 dlci->net = NULL; 2798 } 2799 static void net_free(struct kref *ref) 2800 { 2801 struct gsm_mux_net *mux_net; 2802 struct gsm_dlci *dlci; 2803 2804 mux_net = container_of(ref, struct gsm_mux_net, ref); 2805 dlci = mux_net->dlci; 2806 2807 if (dlci->net) { 2808 unregister_netdev(dlci->net); 2809 dlci_net_free(dlci); 2810 } 2811 } 2812 2813 static inline void muxnet_get(struct gsm_mux_net *mux_net) 2814 { 2815 kref_get(&mux_net->ref); 2816 } 2817 2818 static inline void muxnet_put(struct gsm_mux_net *mux_net) 2819 { 2820 kref_put(&mux_net->ref, net_free); 2821 } 2822 2823 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb, 2824 struct net_device *net) 2825 { 2826 struct gsm_mux_net *mux_net = netdev_priv(net); 2827 struct gsm_dlci *dlci = mux_net->dlci; 2828 muxnet_get(mux_net); 2829 2830 skb_queue_head(&dlci->skb_list, skb); 2831 net->stats.tx_packets++; 2832 net->stats.tx_bytes += skb->len; 2833 gsm_dlci_data_kick(dlci); 2834 /* And tell the kernel when the last transmit started. */ 2835 netif_trans_update(net); 2836 muxnet_put(mux_net); 2837 return NETDEV_TX_OK; 2838 } 2839 2840 /* called when a packet did not ack after watchdogtimeout */ 2841 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue) 2842 { 2843 /* Tell syslog we are hosed. */ 2844 dev_dbg(&net->dev, "Tx timed out.\n"); 2845 2846 /* Update statistics */ 2847 net->stats.tx_errors++; 2848 } 2849 2850 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, 2851 const unsigned char *in_buf, int size) 2852 { 2853 struct net_device *net = dlci->net; 2854 struct sk_buff *skb; 2855 struct gsm_mux_net *mux_net = netdev_priv(net); 2856 muxnet_get(mux_net); 2857 2858 /* Allocate an sk_buff */ 2859 skb = dev_alloc_skb(size + NET_IP_ALIGN); 2860 if (!skb) { 2861 /* We got no receive buffer. */ 2862 net->stats.rx_dropped++; 2863 muxnet_put(mux_net); 2864 return; 2865 } 2866 skb_reserve(skb, NET_IP_ALIGN); 2867 skb_put_data(skb, in_buf, size); 2868 2869 skb->dev = net; 2870 skb->protocol = htons(ETH_P_IP); 2871 2872 /* Ship it off to the kernel */ 2873 netif_rx(skb); 2874 2875 /* update out statistics */ 2876 net->stats.rx_packets++; 2877 net->stats.rx_bytes += size; 2878 muxnet_put(mux_net); 2879 return; 2880 } 2881 2882 static void gsm_mux_net_init(struct net_device *net) 2883 { 2884 static const struct net_device_ops gsm_netdev_ops = { 2885 .ndo_open = gsm_mux_net_open, 2886 .ndo_stop = gsm_mux_net_close, 2887 .ndo_start_xmit = gsm_mux_net_start_xmit, 2888 .ndo_tx_timeout = gsm_mux_net_tx_timeout, 2889 }; 2890 2891 net->netdev_ops = &gsm_netdev_ops; 2892 2893 /* fill in the other fields */ 2894 net->watchdog_timeo = GSM_NET_TX_TIMEOUT; 2895 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; 2896 net->type = ARPHRD_NONE; 2897 net->tx_queue_len = 10; 2898 } 2899 2900 2901 /* caller holds the dlci mutex */ 2902 static void gsm_destroy_network(struct gsm_dlci *dlci) 2903 { 2904 struct gsm_mux_net *mux_net; 2905 2906 pr_debug("destroy network interface\n"); 2907 if (!dlci->net) 2908 return; 2909 mux_net = netdev_priv(dlci->net); 2910 muxnet_put(mux_net); 2911 } 2912 2913 2914 /* caller holds the dlci mutex */ 2915 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc) 2916 { 2917 char *netname; 2918 int retval = 0; 2919 struct net_device *net; 2920 struct gsm_mux_net *mux_net; 2921 2922 if (!capable(CAP_NET_ADMIN)) 2923 return -EPERM; 2924 2925 /* Already in a non tty mode */ 2926 if (dlci->adaption > 2) 2927 return -EBUSY; 2928 2929 if (nc->protocol != htons(ETH_P_IP)) 2930 return -EPROTONOSUPPORT; 2931 2932 if (nc->adaption != 3 && nc->adaption != 4) 2933 return -EPROTONOSUPPORT; 2934 2935 pr_debug("create network interface\n"); 2936 2937 netname = "gsm%d"; 2938 if (nc->if_name[0] != '\0') 2939 netname = nc->if_name; 2940 net = alloc_netdev(sizeof(struct gsm_mux_net), netname, 2941 NET_NAME_UNKNOWN, gsm_mux_net_init); 2942 if (!net) { 2943 pr_err("alloc_netdev failed\n"); 2944 return -ENOMEM; 2945 } 2946 net->mtu = dlci->gsm->mtu; 2947 net->min_mtu = 8; 2948 net->max_mtu = dlci->gsm->mtu; 2949 mux_net = netdev_priv(net); 2950 mux_net->dlci = dlci; 2951 kref_init(&mux_net->ref); 2952 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */ 2953 2954 /* reconfigure dlci for network */ 2955 dlci->prev_adaption = dlci->adaption; 2956 dlci->prev_data = dlci->data; 2957 dlci->adaption = nc->adaption; 2958 dlci->data = gsm_mux_rx_netchar; 2959 dlci->net = net; 2960 2961 pr_debug("register netdev\n"); 2962 retval = register_netdev(net); 2963 if (retval) { 2964 pr_err("network register fail %d\n", retval); 2965 dlci_net_free(dlci); 2966 return retval; 2967 } 2968 return net->ifindex; /* return network index */ 2969 } 2970 2971 /* Line discipline for real tty */ 2972 static struct tty_ldisc_ops tty_ldisc_packet = { 2973 .owner = THIS_MODULE, 2974 .num = N_GSM0710, 2975 .name = "n_gsm", 2976 .open = gsmld_open, 2977 .close = gsmld_close, 2978 .flush_buffer = gsmld_flush_buffer, 2979 .read = gsmld_read, 2980 .write = gsmld_write, 2981 .ioctl = gsmld_ioctl, 2982 .poll = gsmld_poll, 2983 .receive_buf = gsmld_receive_buf, 2984 .write_wakeup = gsmld_write_wakeup 2985 }; 2986 2987 /* 2988 * Virtual tty side 2989 */ 2990 2991 /** 2992 * gsm_modem_upd_via_data - send modem bits via convergence layer 2993 * @dlci: channel 2994 * @brk: break signal 2995 * 2996 * Send an empty frame to signal mobile state changes and to transmit the 2997 * break signal for adaption 2. 2998 */ 2999 3000 static void gsm_modem_upd_via_data(struct gsm_dlci *dlci, u8 brk) 3001 { 3002 struct gsm_mux *gsm = dlci->gsm; 3003 unsigned long flags; 3004 3005 if (dlci->state != DLCI_OPEN || dlci->adaption != 2) 3006 return; 3007 3008 spin_lock_irqsave(&gsm->tx_lock, flags); 3009 gsm_dlci_modem_output(gsm, dlci, brk); 3010 spin_unlock_irqrestore(&gsm->tx_lock, flags); 3011 } 3012 3013 /** 3014 * gsm_modem_upd_via_msc - send modem bits via control frame 3015 * @dlci: channel 3016 * @brk: break signal 3017 */ 3018 3019 static int gsm_modem_upd_via_msc(struct gsm_dlci *dlci, u8 brk) 3020 { 3021 u8 modembits[3]; 3022 struct gsm_control *ctrl; 3023 int len = 2; 3024 3025 if (dlci->gsm->encoding != 0) 3026 return 0; 3027 3028 modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */ 3029 if (!brk) { 3030 modembits[1] = (gsm_encode_modem(dlci) << 1) | EA; 3031 } else { 3032 modembits[1] = gsm_encode_modem(dlci) << 1; 3033 modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */ 3034 len++; 3035 } 3036 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len); 3037 if (ctrl == NULL) 3038 return -ENOMEM; 3039 return gsm_control_wait(dlci->gsm, ctrl); 3040 } 3041 3042 /** 3043 * gsm_modem_update - send modem status line state 3044 * @dlci: channel 3045 * @brk: break signal 3046 */ 3047 3048 static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk) 3049 { 3050 if (dlci->adaption == 2) { 3051 /* Send convergence layer type 2 empty data frame. */ 3052 gsm_modem_upd_via_data(dlci, brk); 3053 return 0; 3054 } else if (dlci->gsm->encoding == 0) { 3055 /* Send as MSC control message. */ 3056 return gsm_modem_upd_via_msc(dlci, brk); 3057 } 3058 3059 /* Modem status lines are not supported. */ 3060 return -EPROTONOSUPPORT; 3061 } 3062 3063 static int gsm_carrier_raised(struct tty_port *port) 3064 { 3065 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 3066 struct gsm_mux *gsm = dlci->gsm; 3067 3068 /* Not yet open so no carrier info */ 3069 if (dlci->state != DLCI_OPEN) 3070 return 0; 3071 if (debug & 2) 3072 return 1; 3073 3074 /* 3075 * Basic mode with control channel in ADM mode may not respond 3076 * to CMD_MSC at all and modem_rx is empty. 3077 */ 3078 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM && 3079 !dlci->modem_rx) 3080 return 1; 3081 3082 return dlci->modem_rx & TIOCM_CD; 3083 } 3084 3085 static void gsm_dtr_rts(struct tty_port *port, int onoff) 3086 { 3087 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); 3088 unsigned int modem_tx = dlci->modem_tx; 3089 if (onoff) 3090 modem_tx |= TIOCM_DTR | TIOCM_RTS; 3091 else 3092 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS); 3093 if (modem_tx != dlci->modem_tx) { 3094 dlci->modem_tx = modem_tx; 3095 gsm_modem_update(dlci, 0); 3096 } 3097 } 3098 3099 static const struct tty_port_operations gsm_port_ops = { 3100 .carrier_raised = gsm_carrier_raised, 3101 .dtr_rts = gsm_dtr_rts, 3102 .destruct = gsm_dlci_free, 3103 }; 3104 3105 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty) 3106 { 3107 struct gsm_mux *gsm; 3108 struct gsm_dlci *dlci; 3109 unsigned int line = tty->index; 3110 unsigned int mux = mux_line_to_num(line); 3111 bool alloc = false; 3112 int ret; 3113 3114 line = line & 0x3F; 3115 3116 if (mux >= MAX_MUX) 3117 return -ENXIO; 3118 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */ 3119 if (gsm_mux[mux] == NULL) 3120 return -EUNATCH; 3121 if (line == 0 || line > 61) /* 62/63 reserved */ 3122 return -ECHRNG; 3123 gsm = gsm_mux[mux]; 3124 if (gsm->dead) 3125 return -EL2HLT; 3126 /* If DLCI 0 is not yet fully open return an error. 3127 This is ok from a locking 3128 perspective as we don't have to worry about this 3129 if DLCI0 is lost */ 3130 mutex_lock(&gsm->mutex); 3131 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) { 3132 mutex_unlock(&gsm->mutex); 3133 return -EL2NSYNC; 3134 } 3135 dlci = gsm->dlci[line]; 3136 if (dlci == NULL) { 3137 alloc = true; 3138 dlci = gsm_dlci_alloc(gsm, line); 3139 } 3140 if (dlci == NULL) { 3141 mutex_unlock(&gsm->mutex); 3142 return -ENOMEM; 3143 } 3144 ret = tty_port_install(&dlci->port, driver, tty); 3145 if (ret) { 3146 if (alloc) 3147 dlci_put(dlci); 3148 mutex_unlock(&gsm->mutex); 3149 return ret; 3150 } 3151 3152 dlci_get(dlci); 3153 dlci_get(gsm->dlci[0]); 3154 mux_get(gsm); 3155 tty->driver_data = dlci; 3156 mutex_unlock(&gsm->mutex); 3157 3158 return 0; 3159 } 3160 3161 static int gsmtty_open(struct tty_struct *tty, struct file *filp) 3162 { 3163 struct gsm_dlci *dlci = tty->driver_data; 3164 struct tty_port *port = &dlci->port; 3165 struct gsm_mux *gsm = dlci->gsm; 3166 3167 port->count++; 3168 tty_port_tty_set(port, tty); 3169 3170 dlci->modem_rx = 0; 3171 /* We could in theory open and close before we wait - eg if we get 3172 a DM straight back. This is ok as that will have caused a hangup */ 3173 tty_port_set_initialized(port, 1); 3174 /* Start sending off SABM messages */ 3175 if (gsm->initiator) 3176 gsm_dlci_begin_open(dlci); 3177 /* And wait for virtual carrier */ 3178 return tty_port_block_til_ready(port, tty, filp); 3179 } 3180 3181 static void gsmtty_close(struct tty_struct *tty, struct file *filp) 3182 { 3183 struct gsm_dlci *dlci = tty->driver_data; 3184 3185 if (dlci == NULL) 3186 return; 3187 if (dlci->state == DLCI_CLOSED) 3188 return; 3189 mutex_lock(&dlci->mutex); 3190 gsm_destroy_network(dlci); 3191 mutex_unlock(&dlci->mutex); 3192 if (tty_port_close_start(&dlci->port, tty, filp) == 0) 3193 return; 3194 gsm_dlci_begin_close(dlci); 3195 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty)) 3196 tty_port_lower_dtr_rts(&dlci->port); 3197 tty_port_close_end(&dlci->port, tty); 3198 tty_port_tty_set(&dlci->port, NULL); 3199 return; 3200 } 3201 3202 static void gsmtty_hangup(struct tty_struct *tty) 3203 { 3204 struct gsm_dlci *dlci = tty->driver_data; 3205 if (dlci->state == DLCI_CLOSED) 3206 return; 3207 tty_port_hangup(&dlci->port); 3208 gsm_dlci_begin_close(dlci); 3209 } 3210 3211 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf, 3212 int len) 3213 { 3214 int sent; 3215 struct gsm_dlci *dlci = tty->driver_data; 3216 if (dlci->state == DLCI_CLOSED) 3217 return -EINVAL; 3218 /* Stuff the bytes into the fifo queue */ 3219 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock); 3220 /* Need to kick the channel */ 3221 gsm_dlci_data_kick(dlci); 3222 return sent; 3223 } 3224 3225 static unsigned int gsmtty_write_room(struct tty_struct *tty) 3226 { 3227 struct gsm_dlci *dlci = tty->driver_data; 3228 if (dlci->state == DLCI_CLOSED) 3229 return 0; 3230 return kfifo_avail(&dlci->fifo); 3231 } 3232 3233 static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty) 3234 { 3235 struct gsm_dlci *dlci = tty->driver_data; 3236 if (dlci->state == DLCI_CLOSED) 3237 return 0; 3238 return kfifo_len(&dlci->fifo); 3239 } 3240 3241 static void gsmtty_flush_buffer(struct tty_struct *tty) 3242 { 3243 struct gsm_dlci *dlci = tty->driver_data; 3244 unsigned long flags; 3245 3246 if (dlci->state == DLCI_CLOSED) 3247 return; 3248 /* Caution needed: If we implement reliable transport classes 3249 then the data being transmitted can't simply be junked once 3250 it has first hit the stack. Until then we can just blow it 3251 away */ 3252 spin_lock_irqsave(&dlci->lock, flags); 3253 kfifo_reset(&dlci->fifo); 3254 spin_unlock_irqrestore(&dlci->lock, flags); 3255 /* Need to unhook this DLCI from the transmit queue logic */ 3256 } 3257 3258 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout) 3259 { 3260 /* The FIFO handles the queue so the kernel will do the right 3261 thing waiting on chars_in_buffer before calling us. No work 3262 to do here */ 3263 } 3264 3265 static int gsmtty_tiocmget(struct tty_struct *tty) 3266 { 3267 struct gsm_dlci *dlci = tty->driver_data; 3268 if (dlci->state == DLCI_CLOSED) 3269 return -EINVAL; 3270 return dlci->modem_rx; 3271 } 3272 3273 static int gsmtty_tiocmset(struct tty_struct *tty, 3274 unsigned int set, unsigned int clear) 3275 { 3276 struct gsm_dlci *dlci = tty->driver_data; 3277 unsigned int modem_tx = dlci->modem_tx; 3278 3279 if (dlci->state == DLCI_CLOSED) 3280 return -EINVAL; 3281 modem_tx &= ~clear; 3282 modem_tx |= set; 3283 3284 if (modem_tx != dlci->modem_tx) { 3285 dlci->modem_tx = modem_tx; 3286 return gsm_modem_update(dlci, 0); 3287 } 3288 return 0; 3289 } 3290 3291 3292 static int gsmtty_ioctl(struct tty_struct *tty, 3293 unsigned int cmd, unsigned long arg) 3294 { 3295 struct gsm_dlci *dlci = tty->driver_data; 3296 struct gsm_netconfig nc; 3297 int index; 3298 3299 if (dlci->state == DLCI_CLOSED) 3300 return -EINVAL; 3301 switch (cmd) { 3302 case GSMIOC_ENABLE_NET: 3303 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc))) 3304 return -EFAULT; 3305 nc.if_name[IFNAMSIZ-1] = '\0'; 3306 /* return net interface index or error code */ 3307 mutex_lock(&dlci->mutex); 3308 index = gsm_create_network(dlci, &nc); 3309 mutex_unlock(&dlci->mutex); 3310 if (copy_to_user((void __user *)arg, &nc, sizeof(nc))) 3311 return -EFAULT; 3312 return index; 3313 case GSMIOC_DISABLE_NET: 3314 if (!capable(CAP_NET_ADMIN)) 3315 return -EPERM; 3316 mutex_lock(&dlci->mutex); 3317 gsm_destroy_network(dlci); 3318 mutex_unlock(&dlci->mutex); 3319 return 0; 3320 default: 3321 return -ENOIOCTLCMD; 3322 } 3323 } 3324 3325 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old) 3326 { 3327 struct gsm_dlci *dlci = tty->driver_data; 3328 if (dlci->state == DLCI_CLOSED) 3329 return; 3330 /* For the moment its fixed. In actual fact the speed information 3331 for the virtual channel can be propogated in both directions by 3332 the RPN control message. This however rapidly gets nasty as we 3333 then have to remap modem signals each way according to whether 3334 our virtual cable is null modem etc .. */ 3335 tty_termios_copy_hw(&tty->termios, old); 3336 } 3337 3338 static void gsmtty_throttle(struct tty_struct *tty) 3339 { 3340 struct gsm_dlci *dlci = tty->driver_data; 3341 if (dlci->state == DLCI_CLOSED) 3342 return; 3343 if (C_CRTSCTS(tty)) 3344 dlci->modem_tx &= ~TIOCM_RTS; 3345 dlci->throttled = true; 3346 /* Send an MSC with RTS cleared */ 3347 gsm_modem_update(dlci, 0); 3348 } 3349 3350 static void gsmtty_unthrottle(struct tty_struct *tty) 3351 { 3352 struct gsm_dlci *dlci = tty->driver_data; 3353 if (dlci->state == DLCI_CLOSED) 3354 return; 3355 if (C_CRTSCTS(tty)) 3356 dlci->modem_tx |= TIOCM_RTS; 3357 dlci->throttled = false; 3358 /* Send an MSC with RTS set */ 3359 gsm_modem_update(dlci, 0); 3360 } 3361 3362 static int gsmtty_break_ctl(struct tty_struct *tty, int state) 3363 { 3364 struct gsm_dlci *dlci = tty->driver_data; 3365 int encode = 0; /* Off */ 3366 if (dlci->state == DLCI_CLOSED) 3367 return -EINVAL; 3368 3369 if (state == -1) /* "On indefinitely" - we can't encode this 3370 properly */ 3371 encode = 0x0F; 3372 else if (state > 0) { 3373 encode = state / 200; /* mS to encoding */ 3374 if (encode > 0x0F) 3375 encode = 0x0F; /* Best effort */ 3376 } 3377 return gsm_modem_update(dlci, encode); 3378 } 3379 3380 static void gsmtty_cleanup(struct tty_struct *tty) 3381 { 3382 struct gsm_dlci *dlci = tty->driver_data; 3383 struct gsm_mux *gsm = dlci->gsm; 3384 3385 dlci_put(dlci); 3386 dlci_put(gsm->dlci[0]); 3387 mux_put(gsm); 3388 } 3389 3390 /* Virtual ttys for the demux */ 3391 static const struct tty_operations gsmtty_ops = { 3392 .install = gsmtty_install, 3393 .open = gsmtty_open, 3394 .close = gsmtty_close, 3395 .write = gsmtty_write, 3396 .write_room = gsmtty_write_room, 3397 .chars_in_buffer = gsmtty_chars_in_buffer, 3398 .flush_buffer = gsmtty_flush_buffer, 3399 .ioctl = gsmtty_ioctl, 3400 .throttle = gsmtty_throttle, 3401 .unthrottle = gsmtty_unthrottle, 3402 .set_termios = gsmtty_set_termios, 3403 .hangup = gsmtty_hangup, 3404 .wait_until_sent = gsmtty_wait_until_sent, 3405 .tiocmget = gsmtty_tiocmget, 3406 .tiocmset = gsmtty_tiocmset, 3407 .break_ctl = gsmtty_break_ctl, 3408 .cleanup = gsmtty_cleanup, 3409 }; 3410 3411 3412 3413 static int __init gsm_init(void) 3414 { 3415 /* Fill in our line protocol discipline, and register it */ 3416 int status = tty_register_ldisc(&tty_ldisc_packet); 3417 if (status != 0) { 3418 pr_err("n_gsm: can't register line discipline (err = %d)\n", 3419 status); 3420 return status; 3421 } 3422 3423 gsm_tty_driver = tty_alloc_driver(256, TTY_DRIVER_REAL_RAW | 3424 TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK); 3425 if (IS_ERR(gsm_tty_driver)) { 3426 pr_err("gsm_init: tty allocation failed.\n"); 3427 status = PTR_ERR(gsm_tty_driver); 3428 goto err_unreg_ldisc; 3429 } 3430 gsm_tty_driver->driver_name = "gsmtty"; 3431 gsm_tty_driver->name = "gsmtty"; 3432 gsm_tty_driver->major = 0; /* Dynamic */ 3433 gsm_tty_driver->minor_start = 0; 3434 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL; 3435 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 3436 gsm_tty_driver->init_termios = tty_std_termios; 3437 /* Fixme */ 3438 gsm_tty_driver->init_termios.c_lflag &= ~ECHO; 3439 tty_set_operations(gsm_tty_driver, &gsmtty_ops); 3440 3441 if (tty_register_driver(gsm_tty_driver)) { 3442 pr_err("gsm_init: tty registration failed.\n"); 3443 status = -EBUSY; 3444 goto err_put_driver; 3445 } 3446 pr_debug("gsm_init: loaded as %d,%d.\n", 3447 gsm_tty_driver->major, gsm_tty_driver->minor_start); 3448 return 0; 3449 err_put_driver: 3450 tty_driver_kref_put(gsm_tty_driver); 3451 err_unreg_ldisc: 3452 tty_unregister_ldisc(&tty_ldisc_packet); 3453 return status; 3454 } 3455 3456 static void __exit gsm_exit(void) 3457 { 3458 tty_unregister_ldisc(&tty_ldisc_packet); 3459 tty_unregister_driver(gsm_tty_driver); 3460 tty_driver_kref_put(gsm_tty_driver); 3461 } 3462 3463 module_init(gsm_init); 3464 module_exit(gsm_exit); 3465 3466 3467 MODULE_LICENSE("GPL"); 3468 MODULE_ALIAS_LDISC(N_GSM0710); 3469