search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gpio: rcar: Fix runtime PM imbalance on error
[linux/fpc-iii.git] / drivers / tty / n_gsm.c
blobd77ed82a4840e74c39a736290e45dc127843157c
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
5 *
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
7 *
8 * TO DO:
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
22 *
23 */
24
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
34 #include <linux/mm.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
48 #include <net/arp.h>
49 #include <linux/ip.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
53
54 static int debug;
55 module_param(debug, int, 0600);
56
57 /* Defaults: these are from the specification */
58
59 #define T1 10 /* 100mS */
60 #define T2 34 /* 333mS */
61 #define N2 3 /* Retry 3 times */
62
63 /* Use long timers for testing at low speed with debug on */
64 #ifdef DEBUG_TIMING
65 #define T1 100
66 #define T2 200
67 #endif
68
69 /*
70 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
71 * limits so this is plenty
72 */
73 #define MAX_MRU 1500
74 #define MAX_MTU 1500
75 #define GSM_NET_TX_TIMEOUT (HZ*10)
76
77 /**
78 * struct gsm_mux_net - network interface
79 * @struct gsm_dlci* dlci
80 *
81 * Created when net interface is initialized.
82 **/
83 struct gsm_mux_net {
84 struct kref ref;
85 struct gsm_dlci *dlci;
86 };
87
88 /*
89 * Each block of data we have queued to go out is in the form of
90 * a gsm_msg which holds everything we need in a link layer independent
91 * format
92 */
93
94 struct gsm_msg {
95 struct list_head list;
96 u8 addr; /* DLCI address + flags */
97 u8 ctrl; /* Control byte + flags */
98 unsigned int len; /* Length of data block (can be zero) */
99 unsigned char *data; /* Points into buffer but not at the start */
100 unsigned char buffer[];
101 };
102
103 enum gsm_dlci_state {
104 DLCI_CLOSED,
105 DLCI_OPENING, /* Sending SABM not seen UA */
106 DLCI_OPEN, /* SABM/UA complete */
107 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
108 };
109
110 enum gsm_dlci_mode {
111 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
112 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
113 };
114
115 /*
116 * Each active data link has a gsm_dlci structure associated which ties
117 * the link layer to an optional tty (if the tty side is open). To avoid
118 * complexity right now these are only ever freed up when the mux is
119 * shut down.
120 *
121 * At the moment we don't free DLCI objects until the mux is torn down
122 * this avoid object life time issues but might be worth review later.
123 */
124
125 struct gsm_dlci {
126 struct gsm_mux *gsm;
127 int addr;
128 enum gsm_dlci_state state;
129 struct mutex mutex;
130
131 /* Link layer */
132 enum gsm_dlci_mode mode;
133 spinlock_t lock; /* Protects the internal state */
134 struct timer_list t1; /* Retransmit timer for SABM and UA */
135 int retries;
136 /* Uplink tty if active */
137 struct tty_port port; /* The tty bound to this DLCI if there is one */
138 struct kfifo fifo; /* Queue fifo for the DLCI */
139 int adaption; /* Adaption layer in use */
140 int prev_adaption;
141 u32 modem_rx; /* Our incoming virtual modem lines */
142 u32 modem_tx; /* Our outgoing modem lines */
143 bool dead; /* Refuse re-open */
144 /* Flow control */
145 bool throttled; /* Private copy of throttle state */
146 bool constipated; /* Throttle status for outgoing */
147 /* Packetised I/O */
148 struct sk_buff *skb; /* Frame being sent */
149 struct sk_buff_head skb_list; /* Queued frames */
150 /* Data handling callback */
151 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
152 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
153 struct net_device *net; /* network interface, if created */
154 };
155
156 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
157
158 #define NUM_DLCI 64
159
160 /*
161 * DLCI 0 is used to pass control blocks out of band of the data
162 * flow (and with a higher link priority). One command can be outstanding
163 * at a time and we use this structure to manage them. They are created
164 * and destroyed by the user context, and updated by the receive paths
165 * and timers
166 */
167
168 struct gsm_control {
169 u8 cmd; /* Command we are issuing */
170 u8 *data; /* Data for the command in case we retransmit */
171 int len; /* Length of block for retransmission */
172 int done; /* Done flag */
173 int error; /* Error if any */
174 };
175
176 enum gsm_mux_state {
177 GSM_SEARCH,
178 GSM_START,
179 GSM_ADDRESS,
180 GSM_CONTROL,
181 GSM_LEN,
182 GSM_DATA,
183 GSM_FCS,
184 GSM_OVERRUN,
185 GSM_LEN0,
186 GSM_LEN1,
187 GSM_SSOF,
188 };
189
190 /*
191 * Each GSM mux we have is represented by this structure. If we are
192 * operating as an ldisc then we use this structure as our ldisc
193 * state. We need to sort out lifetimes and locking with respect
194 * to the gsm mux array. For now we don't free DLCI objects that
195 * have been instantiated until the mux itself is terminated.
196 *
197 * To consider further: tty open versus mux shutdown.
198 */
199
200 struct gsm_mux {
201 struct tty_struct *tty; /* The tty our ldisc is bound to */
202 spinlock_t lock;
203 struct mutex mutex;
204 unsigned int num;
205 struct kref ref;
206
207 /* Events on the GSM channel */
208 wait_queue_head_t event;
209
210 /* Bits for GSM mode decoding */
211
212 /* Framing Layer */
213 unsigned char *buf;
214 enum gsm_mux_state state;
215 unsigned int len;
216 unsigned int address;
217 unsigned int count;
218 bool escape;
219 int encoding;
220 u8 control;
221 u8 fcs;
222 u8 received_fcs;
223 u8 *txframe; /* TX framing buffer */
224
225 /* Methods for the receiver side */
226 void (*receive)(struct gsm_mux *gsm, u8 ch);
227 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
228 /* And transmit side */
229 int (*output)(struct gsm_mux *mux, u8 *data, int len);
230
231 /* Link Layer */
232 unsigned int mru;
233 unsigned int mtu;
234 int initiator; /* Did we initiate connection */
235 bool dead; /* Has the mux been shut down */
236 struct gsm_dlci *dlci[NUM_DLCI];
237 bool constipated; /* Asked by remote to shut up */
238
239 spinlock_t tx_lock;
240 unsigned int tx_bytes; /* TX data outstanding */
241 #define TX_THRESH_HI 8192
242 #define TX_THRESH_LO 2048
243 struct list_head tx_list; /* Pending data packets */
244
245 /* Control messages */
246 struct timer_list t2_timer; /* Retransmit timer for commands */
247 int cretries; /* Command retry counter */
248 struct gsm_control *pending_cmd;/* Our current pending command */
249 spinlock_t control_lock; /* Protects the pending command */
250
251 /* Configuration */
252 int adaption; /* 1 or 2 supported */
253 u8 ftype; /* UI or UIH */
254 int t1, t2; /* Timers in 1/100th of a sec */
255 int n2; /* Retry count */
256
257 /* Statistics (not currently exposed) */
258 unsigned long bad_fcs;
259 unsigned long malformed;
260 unsigned long io_error;
261 unsigned long bad_size;
262 unsigned long unsupported;
263 };
264
265
266 /*
267 * Mux objects - needed so that we can translate a tty index into the
268 * relevant mux and DLCI.
269 */
270
271 #define MAX_MUX 4 /* 256 minors */
272 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
273 static spinlock_t gsm_mux_lock;
274
275 static struct tty_driver *gsm_tty_driver;
276
277 /*
278 * This section of the driver logic implements the GSM encodings
279 * both the basic and the 'advanced'. Reliable transport is not
280 * supported.
281 */
282
283 #define CR 0x02
284 #define EA 0x01
285 #define PF 0x10
286
287 /* I is special: the rest are ..*/
288 #define RR 0x01
289 #define UI 0x03
290 #define RNR 0x05
291 #define REJ 0x09
292 #define DM 0x0F
293 #define SABM 0x2F
294 #define DISC 0x43
295 #define UA 0x63
296 #define UIH 0xEF
297
298 /* Channel commands */
299 #define CMD_NSC 0x09
300 #define CMD_TEST 0x11
301 #define CMD_PSC 0x21
302 #define CMD_RLS 0x29
303 #define CMD_FCOFF 0x31
304 #define CMD_PN 0x41
305 #define CMD_RPN 0x49
306 #define CMD_FCON 0x51
307 #define CMD_CLD 0x61
308 #define CMD_SNC 0x69
309 #define CMD_MSC 0x71
310
311 /* Virtual modem bits */
312 #define MDM_FC 0x01
313 #define MDM_RTC 0x02
314 #define MDM_RTR 0x04
315 #define MDM_IC 0x20
316 #define MDM_DV 0x40
317
318 #define GSM0_SOF 0xF9
319 #define GSM1_SOF 0x7E
320 #define GSM1_ESCAPE 0x7D
321 #define GSM1_ESCAPE_BITS 0x20
322 #define XON 0x11
323 #define XOFF 0x13
324
325 static const struct tty_port_operations gsm_port_ops;
326
327 /*
328 * CRC table for GSM 0710
329 */
330
331 static const u8 gsm_fcs8[256] = {
332 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
333 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
334 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
335 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
336 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
337 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
338 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
339 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
340 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
341 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
342 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
343 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
344 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
345 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
346 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
347 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
348 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
349 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
350 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
351 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
352 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
353 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
354 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
355 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
356 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
357 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
358 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
359 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
360 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
361 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
362 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
363 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
364 };
365
366 #define INIT_FCS 0xFF
367 #define GOOD_FCS 0xCF
368
369 /**
370 * gsm_fcs_add - update FCS
371 * @fcs: Current FCS
372 * @c: Next data
373 *
374 * Update the FCS to include c. Uses the algorithm in the specification
375 * notes.
376 */
377
378 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
379 {
380 return gsm_fcs8[fcs ^ c];
381 }
382
383 /**
384 * gsm_fcs_add_block - update FCS for a block
385 * @fcs: Current FCS
386 * @c: buffer of data
387 * @len: length of buffer
388 *
389 * Update the FCS to include c. Uses the algorithm in the specification
390 * notes.
391 */
392
393 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
394 {
395 while (len--)
396 fcs = gsm_fcs8[fcs ^ *c++];
397 return fcs;
398 }
399
400 /**
401 * gsm_read_ea - read a byte into an EA
402 * @val: variable holding value
403 * c: byte going into the EA
404 *
405 * Processes one byte of an EA. Updates the passed variable
406 * and returns 1 if the EA is now completely read
407 */
408
409 static int gsm_read_ea(unsigned int *val, u8 c)
410 {
411 /* Add the next 7 bits into the value */
412 *val <<= 7;
413 *val |= c >> 1;
414 /* Was this the last byte of the EA 1 = yes*/
415 return c & EA;
416 }
417
418 /**
419 * gsm_encode_modem - encode modem data bits
420 * @dlci: DLCI to encode from
421 *
422 * Returns the correct GSM encoded modem status bits (6 bit field) for
423 * the current status of the DLCI and attached tty object
424 */
425
426 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
427 {
428 u8 modembits = 0;
429 /* FC is true flow control not modem bits */
430 if (dlci->throttled)
431 modembits |= MDM_FC;
432 if (dlci->modem_tx & TIOCM_DTR)
433 modembits |= MDM_RTC;
434 if (dlci->modem_tx & TIOCM_RTS)
435 modembits |= MDM_RTR;
436 if (dlci->modem_tx & TIOCM_RI)
437 modembits |= MDM_IC;
438 if (dlci->modem_tx & TIOCM_CD)
439 modembits |= MDM_DV;
440 return modembits;
441 }
442
443 /**
444 * gsm_print_packet - display a frame for debug
445 * @hdr: header to print before decode
446 * @addr: address EA from the frame
447 * @cr: C/R bit from the frame
448 * @control: control including PF bit
449 * @data: following data bytes
450 * @dlen: length of data
451 *
452 * Displays a packet in human readable format for debugging purposes. The
453 * style is based on amateur radio LAP-B dump display.
454 */
455
456 static void gsm_print_packet(const char *hdr, int addr, int cr,
457 u8 control, const u8 *data, int dlen)
458 {
459 if (!(debug & 1))
460 return;
461
462 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
463
464 switch (control & ~PF) {
465 case SABM:
466 pr_cont("SABM");
467 break;
468 case UA:
469 pr_cont("UA");
470 break;
471 case DISC:
472 pr_cont("DISC");
473 break;
474 case DM:
475 pr_cont("DM");
476 break;
477 case UI:
478 pr_cont("UI");
479 break;
480 case UIH:
481 pr_cont("UIH");
482 break;
483 default:
484 if (!(control & 0x01)) {
485 pr_cont("I N(S)%d N(R)%d",
486 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
487 } else switch (control & 0x0F) {
488 case RR:
489 pr_cont("RR(%d)", (control & 0xE0) >> 5);
490 break;
491 case RNR:
492 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
493 break;
494 case REJ:
495 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
496 break;
497 default:
498 pr_cont("[%02X]", control);
499 }
500 }
501
502 if (control & PF)
503 pr_cont("(P)");
504 else
505 pr_cont("(F)");
506
507 if (dlen) {
508 int ct = 0;
509 while (dlen--) {
510 if (ct % 8 == 0) {
511 pr_cont("\n");
512 pr_debug(" ");
513 }
514 pr_cont("%02X ", *data++);
515 ct++;
516 }
517 }
518 pr_cont("\n");
519 }
520
521
522 /*
523 * Link level transmission side
524 */
525
526 /**
527 * gsm_stuff_packet - bytestuff a packet
528 * @ibuf: input
529 * @obuf: output
530 * @len: length of input
531 *
532 * Expand a buffer by bytestuffing it. The worst case size change
533 * is doubling and the caller is responsible for handing out
534 * suitable sized buffers.
535 */
536
537 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
538 {
539 int olen = 0;
540 while (len--) {
541 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
542 || *input == XON || *input == XOFF) {
543 *output++ = GSM1_ESCAPE;
544 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
545 olen++;
546 } else
547 *output++ = *input++;
548 olen++;
549 }
550 return olen;
551 }
552
553 /**
554 * gsm_send - send a control frame
555 * @gsm: our GSM mux
556 * @addr: address for control frame
557 * @cr: command/response bit
558 * @control: control byte including PF bit
559 *
560 * Format up and transmit a control frame. These do not go via the
561 * queueing logic as they should be transmitted ahead of data when
562 * they are needed.
563 *
564 * FIXME: Lock versus data TX path
565 */
566
567 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
568 {
569 int len;
570 u8 cbuf[10];
571 u8 ibuf[3];
572
573 switch (gsm->encoding) {
574 case 0:
575 cbuf[0] = GSM0_SOF;
576 cbuf[1] = (addr << 2) | (cr << 1) | EA;
577 cbuf[2] = control;
578 cbuf[3] = EA; /* Length of data = 0 */
579 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
580 cbuf[5] = GSM0_SOF;
581 len = 6;
582 break;
583 case 1:
584 case 2:
585 /* Control frame + packing (but not frame stuffing) in mode 1 */
586 ibuf[0] = (addr << 2) | (cr << 1) | EA;
587 ibuf[1] = control;
588 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
589 /* Stuffing may double the size worst case */
590 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
591 /* Now add the SOF markers */
592 cbuf[0] = GSM1_SOF;
593 cbuf[len + 1] = GSM1_SOF;
594 /* FIXME: we can omit the lead one in many cases */
595 len += 2;
596 break;
597 default:
598 WARN_ON(1);
599 return;
600 }
601 gsm->output(gsm, cbuf, len);
602 gsm_print_packet("-->", addr, cr, control, NULL, 0);
603 }
604
605 /**
606 * gsm_response - send a control response
607 * @gsm: our GSM mux
608 * @addr: address for control frame
609 * @control: control byte including PF bit
610 *
611 * Format up and transmit a link level response frame.
612 */
613
614 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
615 {
616 gsm_send(gsm, addr, 0, control);
617 }
618
619 /**
620 * gsm_command - send a control command
621 * @gsm: our GSM mux
622 * @addr: address for control frame
623 * @control: control byte including PF bit
624 *
625 * Format up and transmit a link level command frame.
626 */
627
628 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
629 {
630 gsm_send(gsm, addr, 1, control);
631 }
632
633 /* Data transmission */
634
635 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
636
637 /**
638 * gsm_data_alloc - allocate data frame
639 * @gsm: GSM mux
640 * @addr: DLCI address
641 * @len: length excluding header and FCS
642 * @ctrl: control byte
643 *
644 * Allocate a new data buffer for sending frames with data. Space is left
645 * at the front for header bytes but that is treated as an implementation
646 * detail and not for the high level code to use
647 */
648
649 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
650 u8 ctrl)
651 {
652 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
653 GFP_ATOMIC);
654 if (m == NULL)
655 return NULL;
656 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
657 m->len = len;
658 m->addr = addr;
659 m->ctrl = ctrl;
660 INIT_LIST_HEAD(&m->list);
661 return m;
662 }
663
664 /**
665 * gsm_data_kick - poke the queue
666 * @gsm: GSM Mux
667 *
668 * The tty device has called us to indicate that room has appeared in
669 * the transmit queue. Ram more data into the pipe if we have any
670 * If we have been flow-stopped by a CMD_FCOFF, then we can only
671 * send messages on DLCI0 until CMD_FCON
672 *
673 * FIXME: lock against link layer control transmissions
674 */
675
676 static void gsm_data_kick(struct gsm_mux *gsm)
677 {
678 struct gsm_msg *msg, *nmsg;
679 int len;
680 int skip_sof = 0;
681
682 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
683 if (gsm->constipated && msg->addr)
684 continue;
685 if (gsm->encoding != 0) {
686 gsm->txframe[0] = GSM1_SOF;
687 len = gsm_stuff_frame(msg->data,
688 gsm->txframe + 1, msg->len);
689 gsm->txframe[len + 1] = GSM1_SOF;
690 len += 2;
691 } else {
692 gsm->txframe[0] = GSM0_SOF;
693 memcpy(gsm->txframe + 1 , msg->data, msg->len);
694 gsm->txframe[msg->len + 1] = GSM0_SOF;
695 len = msg->len + 2;
696 }
697
698 if (debug & 4)
699 print_hex_dump_bytes("gsm_data_kick: ",
700 DUMP_PREFIX_OFFSET,
701 gsm->txframe, len);
702
703 if (gsm->output(gsm, gsm->txframe + skip_sof,
704 len - skip_sof) < 0)
705 break;
706 /* FIXME: Can eliminate one SOF in many more cases */
707 gsm->tx_bytes -= msg->len;
708 /* For a burst of frames skip the extra SOF within the
709 burst */
710 skip_sof = 1;
711
712 list_del(&msg->list);
713 kfree(msg);
714 }
715 }
716
717 /**
718 * __gsm_data_queue - queue a UI or UIH frame
719 * @dlci: DLCI sending the data
720 * @msg: message queued
721 *
722 * Add data to the transmit queue and try and get stuff moving
723 * out of the mux tty if not already doing so. The Caller must hold
724 * the gsm tx lock.
725 */
726
727 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
728 {
729 struct gsm_mux *gsm = dlci->gsm;
730 u8 *dp = msg->data;
731 u8 *fcs = dp + msg->len;
732
733 /* Fill in the header */
734 if (gsm->encoding == 0) {
735 if (msg->len < 128)
736 *--dp = (msg->len << 1) | EA;
737 else {
738 *--dp = (msg->len >> 7); /* bits 7 - 15 */
739 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
740 }
741 }
742
743 *--dp = msg->ctrl;
744 if (gsm->initiator)
745 *--dp = (msg->addr << 2) | 2 | EA;
746 else
747 *--dp = (msg->addr << 2) | EA;
748 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
749 /* Ugly protocol layering violation */
750 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
751 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
752 *fcs = 0xFF - *fcs;
753
754 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
755 msg->data, msg->len);
756
757 /* Move the header back and adjust the length, also allow for the FCS
758 now tacked on the end */
759 msg->len += (msg->data - dp) + 1;
760 msg->data = dp;
761
762 /* Add to the actual output queue */
763 list_add_tail(&msg->list, &gsm->tx_list);
764 gsm->tx_bytes += msg->len;
765 gsm_data_kick(gsm);
766 }
767
768 /**
769 * gsm_data_queue - queue a UI or UIH frame
770 * @dlci: DLCI sending the data
771 * @msg: message queued
772 *
773 * Add data to the transmit queue and try and get stuff moving
774 * out of the mux tty if not already doing so. Take the
775 * the gsm tx lock and dlci lock.
776 */
777
778 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
779 {
780 unsigned long flags;
781 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
782 __gsm_data_queue(dlci, msg);
783 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
784 }
785
786 /**
787 * gsm_dlci_data_output - try and push data out of a DLCI
788 * @gsm: mux
789 * @dlci: the DLCI to pull data from
790 *
791 * Pull data from a DLCI and send it into the transmit queue if there
792 * is data. Keep to the MRU of the mux. This path handles the usual tty
793 * interface which is a byte stream with optional modem data.
794 *
795 * Caller must hold the tx_lock of the mux.
796 */
797
798 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
799 {
800 struct gsm_msg *msg;
801 u8 *dp;
802 int len, total_size, size;
803 int h = dlci->adaption - 1;
804
805 total_size = 0;
806 while (1) {
807 len = kfifo_len(&dlci->fifo);
808 if (len == 0)
809 return total_size;
810
811 /* MTU/MRU count only the data bits */
812 if (len > gsm->mtu)
813 len = gsm->mtu;
814
815 size = len + h;
816
817 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
818 /* FIXME: need a timer or something to kick this so it can't
819 get stuck with no work outstanding and no buffer free */
820 if (msg == NULL)
821 return -ENOMEM;
822 dp = msg->data;
823 switch (dlci->adaption) {
824 case 1: /* Unstructured */
825 break;
826 case 2: /* Unstructed with modem bits.
827 Always one byte as we never send inline break data */
828 *dp++ = gsm_encode_modem(dlci);
829 break;
830 }
831 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len);
832 __gsm_data_queue(dlci, msg);
833 total_size += size;
834 }
835 /* Bytes of data we used up */
836 return total_size;
837 }
838
839 /**
840 * gsm_dlci_data_output_framed - try and push data out of a DLCI
841 * @gsm: mux
842 * @dlci: the DLCI to pull data from
843 *
844 * Pull data from a DLCI and send it into the transmit queue if there
845 * is data. Keep to the MRU of the mux. This path handles framed data
846 * queued as skbuffs to the DLCI.
847 *
848 * Caller must hold the tx_lock of the mux.
849 */
850
851 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
852 struct gsm_dlci *dlci)
853 {
854 struct gsm_msg *msg;
855 u8 *dp;
856 int len, size;
857 int last = 0, first = 0;
858 int overhead = 0;
859
860 /* One byte per frame is used for B/F flags */
861 if (dlci->adaption == 4)
862 overhead = 1;
863
864 /* dlci->skb is locked by tx_lock */
865 if (dlci->skb == NULL) {
866 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
867 if (dlci->skb == NULL)
868 return 0;
869 first = 1;
870 }
871 len = dlci->skb->len + overhead;
872
873 /* MTU/MRU count only the data bits */
874 if (len > gsm->mtu) {
875 if (dlci->adaption == 3) {
876 /* Over long frame, bin it */
877 dev_kfree_skb_any(dlci->skb);
878 dlci->skb = NULL;
879 return 0;
880 }
881 len = gsm->mtu;
882 } else
883 last = 1;
884
885 size = len + overhead;
886 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
887
888 /* FIXME: need a timer or something to kick this so it can't
889 get stuck with no work outstanding and no buffer free */
890 if (msg == NULL) {
891 skb_queue_tail(&dlci->skb_list, dlci->skb);
892 dlci->skb = NULL;
893 return -ENOMEM;
894 }
895 dp = msg->data;
896
897 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
898 /* Flag byte to carry the start/end info */
899 *dp++ = last << 7 | first << 6 | 1; /* EA */
900 len--;
901 }
902 memcpy(dp, dlci->skb->data, len);
903 skb_pull(dlci->skb, len);
904 __gsm_data_queue(dlci, msg);
905 if (last) {
906 dev_kfree_skb_any(dlci->skb);
907 dlci->skb = NULL;
908 }
909 return size;
910 }
911
912 /**
913 * gsm_dlci_data_sweep - look for data to send
914 * @gsm: the GSM mux
915 *
916 * Sweep the GSM mux channels in priority order looking for ones with
917 * data to send. We could do with optimising this scan a bit. We aim
918 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
919 * TX_THRESH_LO we get called again
920 *
921 * FIXME: We should round robin between groups and in theory you can
922 * renegotiate DLCI priorities with optional stuff. Needs optimising.
923 */
924
925 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
926 {
927 int len;
928 /* Priority ordering: We should do priority with RR of the groups */
929 int i = 1;
930
931 while (i < NUM_DLCI) {
932 struct gsm_dlci *dlci;
933
934 if (gsm->tx_bytes > TX_THRESH_HI)
935 break;
936 dlci = gsm->dlci[i];
937 if (dlci == NULL || dlci->constipated) {
938 i++;
939 continue;
940 }
941 if (dlci->adaption < 3 && !dlci->net)
942 len = gsm_dlci_data_output(gsm, dlci);
943 else
944 len = gsm_dlci_data_output_framed(gsm, dlci);
945 if (len < 0)
946 break;
947 /* DLCI empty - try the next */
948 if (len == 0)
949 i++;
950 }
951 }
952
953 /**
954 * gsm_dlci_data_kick - transmit if possible
955 * @dlci: DLCI to kick
956 *
957 * Transmit data from this DLCI if the queue is empty. We can't rely on
958 * a tty wakeup except when we filled the pipe so we need to fire off
959 * new data ourselves in other cases.
960 */
961
962 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
963 {
964 unsigned long flags;
965 int sweep;
966
967 if (dlci->constipated)
968 return;
969
970 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
971 /* If we have nothing running then we need to fire up */
972 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
973 if (dlci->gsm->tx_bytes == 0) {
974 if (dlci->net)
975 gsm_dlci_data_output_framed(dlci->gsm, dlci);
976 else
977 gsm_dlci_data_output(dlci->gsm, dlci);
978 }
979 if (sweep)
980 gsm_dlci_data_sweep(dlci->gsm);
981 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
982 }
983
984 /*
985 * Control message processing
986 */
987
988
989 /**
990 * gsm_control_reply - send a response frame to a control
991 * @gsm: gsm channel
992 * @cmd: the command to use
993 * @data: data to follow encoded info
994 * @dlen: length of data
995 *
996 * Encode up and queue a UI/UIH frame containing our response.
997 */
998
999 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
1000 int dlen)
1001 {
1002 struct gsm_msg *msg;
1003 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1004 if (msg == NULL)
1005 return;
1006 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1007 msg->data[1] = (dlen << 1) | EA;
1008 memcpy(msg->data + 2, data, dlen);
1009 gsm_data_queue(gsm->dlci[0], msg);
1010 }
1011
1012 /**
1013 * gsm_process_modem - process received modem status
1014 * @tty: virtual tty bound to the DLCI
1015 * @dlci: DLCI to affect
1016 * @modem: modem bits (full EA)
1017 *
1018 * Used when a modem control message or line state inline in adaption
1019 * layer 2 is processed. Sort out the local modem state and throttles
1020 */
1021
1022 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1023 u32 modem, int clen)
1024 {
1025 int mlines = 0;
1026 u8 brk = 0;
1027 int fc;
1028
1029 /* The modem status command can either contain one octet (v.24 signals)
1030 or two octets (v.24 signals + break signals). The length field will
1031 either be 2 or 3 respectively. This is specified in section
1032 5.4.6.3.7 of the 27.010 mux spec. */
1033
1034 if (clen == 2)
1035 modem = modem & 0x7f;
1036 else {
1037 brk = modem & 0x7f;
1038 modem = (modem >> 7) & 0x7f;
1039 }
1040
1041 /* Flow control/ready to communicate */
1042 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1043 if (fc && !dlci->constipated) {
1044 /* Need to throttle our output on this device */
1045 dlci->constipated = true;
1046 } else if (!fc && dlci->constipated) {
1047 dlci->constipated = false;
1048 gsm_dlci_data_kick(dlci);
1049 }
1050
1051 /* Map modem bits */
1052 if (modem & MDM_RTC)
1053 mlines |= TIOCM_DSR | TIOCM_DTR;
1054 if (modem & MDM_RTR)
1055 mlines |= TIOCM_RTS | TIOCM_CTS;
1056 if (modem & MDM_IC)
1057 mlines |= TIOCM_RI;
1058 if (modem & MDM_DV)
1059 mlines |= TIOCM_CD;
1060
1061 /* Carrier drop -> hangup */
1062 if (tty) {
1063 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1064 if (!C_CLOCAL(tty))
1065 tty_hangup(tty);
1066 }
1067 if (brk & 0x01)
1068 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1069 dlci->modem_rx = mlines;
1070 }
1071
1072 /**
1073 * gsm_control_modem - modem status received
1074 * @gsm: GSM channel
1075 * @data: data following command
1076 * @clen: command length
1077 *
1078 * We have received a modem status control message. This is used by
1079 * the GSM mux protocol to pass virtual modem line status and optionally
1080 * to indicate break signals. Unpack it, convert to Linux representation
1081 * and if need be stuff a break message down the tty.
1082 */
1083
1084 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1085 {
1086 unsigned int addr = 0;
1087 unsigned int modem = 0;
1088 unsigned int brk = 0;
1089 struct gsm_dlci *dlci;
1090 int len = clen;
1091 const u8 *dp = data;
1092 struct tty_struct *tty;
1093
1094 while (gsm_read_ea(&addr, *dp++) == 0) {
1095 len--;
1096 if (len == 0)
1097 return;
1098 }
1099 /* Must be at least one byte following the EA */
1100 len--;
1101 if (len <= 0)
1102 return;
1103
1104 addr >>= 1;
1105 /* Closed port, or invalid ? */
1106 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1107 return;
1108 dlci = gsm->dlci[addr];
1109
1110 while (gsm_read_ea(&modem, *dp++) == 0) {
1111 len--;
1112 if (len == 0)
1113 return;
1114 }
1115 len--;
1116 if (len > 0) {
1117 while (gsm_read_ea(&brk, *dp++) == 0) {
1118 len--;
1119 if (len == 0)
1120 return;
1121 }
1122 modem <<= 7;
1123 modem |= (brk & 0x7f);
1124 }
1125 tty = tty_port_tty_get(&dlci->port);
1126 gsm_process_modem(tty, dlci, modem, clen);
1127 if (tty) {
1128 tty_wakeup(tty);
1129 tty_kref_put(tty);
1130 }
1131 gsm_control_reply(gsm, CMD_MSC, data, clen);
1132 }
1133
1134 /**
1135 * gsm_control_rls - remote line status
1136 * @gsm: GSM channel
1137 * @data: data bytes
1138 * @clen: data length
1139 *
1140 * The modem sends us a two byte message on the control channel whenever
1141 * it wishes to send us an error state from the virtual link. Stuff
1142 * this into the uplink tty if present
1143 */
1144
1145 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1146 {
1147 struct tty_port *port;
1148 unsigned int addr = 0;
1149 u8 bits;
1150 int len = clen;
1151 const u8 *dp = data;
1152
1153 while (gsm_read_ea(&addr, *dp++) == 0) {
1154 len--;
1155 if (len == 0)
1156 return;
1157 }
1158 /* Must be at least one byte following ea */
1159 len--;
1160 if (len <= 0)
1161 return;
1162 addr >>= 1;
1163 /* Closed port, or invalid ? */
1164 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1165 return;
1166 /* No error ? */
1167 bits = *dp;
1168 if ((bits & 1) == 0)
1169 return;
1170
1171 port = &gsm->dlci[addr]->port;
1172
1173 if (bits & 2)
1174 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1175 if (bits & 4)
1176 tty_insert_flip_char(port, 0, TTY_PARITY);
1177 if (bits & 8)
1178 tty_insert_flip_char(port, 0, TTY_FRAME);
1179
1180 tty_flip_buffer_push(port);
1181
1182 gsm_control_reply(gsm, CMD_RLS, data, clen);
1183 }
1184
1185 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1186
1187 /**
1188 * gsm_control_message - DLCI 0 control processing
1189 * @gsm: our GSM mux
1190 * @command: the command EA
1191 * @data: data beyond the command/length EAs
1192 * @clen: length
1193 *
1194 * Input processor for control messages from the other end of the link.
1195 * Processes the incoming request and queues a response frame or an
1196 * NSC response if not supported
1197 */
1198
1199 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1200 const u8 *data, int clen)
1201 {
1202 u8 buf[1];
1203 unsigned long flags;
1204
1205 switch (command) {
1206 case CMD_CLD: {
1207 struct gsm_dlci *dlci = gsm->dlci[0];
1208 /* Modem wishes to close down */
1209 if (dlci) {
1210 dlci->dead = true;
1211 gsm->dead = true;
1212 gsm_dlci_begin_close(dlci);
1213 }
1214 }
1215 break;
1216 case CMD_TEST:
1217 /* Modem wishes to test, reply with the data */
1218 gsm_control_reply(gsm, CMD_TEST, data, clen);
1219 break;
1220 case CMD_FCON:
1221 /* Modem can accept data again */
1222 gsm->constipated = false;
1223 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1224 /* Kick the link in case it is idling */
1225 spin_lock_irqsave(&gsm->tx_lock, flags);
1226 gsm_data_kick(gsm);
1227 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1228 break;
1229 case CMD_FCOFF:
1230 /* Modem wants us to STFU */
1231 gsm->constipated = true;
1232 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1233 break;
1234 case CMD_MSC:
1235 /* Out of band modem line change indicator for a DLCI */
1236 gsm_control_modem(gsm, data, clen);
1237 break;
1238 case CMD_RLS:
1239 /* Out of band error reception for a DLCI */
1240 gsm_control_rls(gsm, data, clen);
1241 break;
1242 case CMD_PSC:
1243 /* Modem wishes to enter power saving state */
1244 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1245 break;
1246 /* Optional unsupported commands */
1247 case CMD_PN: /* Parameter negotiation */
1248 case CMD_RPN: /* Remote port negotiation */
1249 case CMD_SNC: /* Service negotiation command */
1250 default:
1251 /* Reply to bad commands with an NSC */
1252 buf[0] = command;
1253 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1254 break;
1255 }
1256 }
1257
1258 /**
1259 * gsm_control_response - process a response to our control
1260 * @gsm: our GSM mux
1261 * @command: the command (response) EA
1262 * @data: data beyond the command/length EA
1263 * @clen: length
1264 *
1265 * Process a response to an outstanding command. We only allow a single
1266 * control message in flight so this is fairly easy. All the clean up
1267 * is done by the caller, we just update the fields, flag it as done
1268 * and return
1269 */
1270
1271 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1272 const u8 *data, int clen)
1273 {
1274 struct gsm_control *ctrl;
1275 unsigned long flags;
1276
1277 spin_lock_irqsave(&gsm->control_lock, flags);
1278
1279 ctrl = gsm->pending_cmd;
1280 /* Does the reply match our command */
1281 command |= 1;
1282 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1283 /* Our command was replied to, kill the retry timer */
1284 del_timer(&gsm->t2_timer);
1285 gsm->pending_cmd = NULL;
1286 /* Rejected by the other end */
1287 if (command == CMD_NSC)
1288 ctrl->error = -EOPNOTSUPP;
1289 ctrl->done = 1;
1290 wake_up(&gsm->event);
1291 }
1292 spin_unlock_irqrestore(&gsm->control_lock, flags);
1293 }
1294
1295 /**
1296 * gsm_control_transmit - send control packet
1297 * @gsm: gsm mux
1298 * @ctrl: frame to send
1299 *
1300 * Send out a pending control command (called under control lock)
1301 */
1302
1303 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1304 {
1305 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1306 if (msg == NULL)
1307 return;
1308 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1309 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1310 gsm_data_queue(gsm->dlci[0], msg);
1311 }
1312
1313 /**
1314 * gsm_control_retransmit - retransmit a control frame
1315 * @data: pointer to our gsm object
1316 *
1317 * Called off the T2 timer expiry in order to retransmit control frames
1318 * that have been lost in the system somewhere. The control_lock protects
1319 * us from colliding with another sender or a receive completion event.
1320 * In that situation the timer may still occur in a small window but
1321 * gsm->pending_cmd will be NULL and we just let the timer expire.
1322 */
1323
1324 static void gsm_control_retransmit(struct timer_list *t)
1325 {
1326 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1327 struct gsm_control *ctrl;
1328 unsigned long flags;
1329 spin_lock_irqsave(&gsm->control_lock, flags);
1330 ctrl = gsm->pending_cmd;
1331 if (ctrl) {
1332 gsm->cretries--;
1333 if (gsm->cretries == 0) {
1334 gsm->pending_cmd = NULL;
1335 ctrl->error = -ETIMEDOUT;
1336 ctrl->done = 1;
1337 spin_unlock_irqrestore(&gsm->control_lock, flags);
1338 wake_up(&gsm->event);
1339 return;
1340 }
1341 gsm_control_transmit(gsm, ctrl);
1342 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1343 }
1344 spin_unlock_irqrestore(&gsm->control_lock, flags);
1345 }
1346
1347 /**
1348 * gsm_control_send - send a control frame on DLCI 0
1349 * @gsm: the GSM channel
1350 * @command: command to send including CR bit
1351 * @data: bytes of data (must be kmalloced)
1352 * @len: length of the block to send
1353 *
1354 * Queue and dispatch a control command. Only one command can be
1355 * active at a time. In theory more can be outstanding but the matching
1356 * gets really complicated so for now stick to one outstanding.
1357 */
1358
1359 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1360 unsigned int command, u8 *data, int clen)
1361 {
1362 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1363 GFP_KERNEL);
1364 unsigned long flags;
1365 if (ctrl == NULL)
1366 return NULL;
1367 retry:
1368 wait_event(gsm->event, gsm->pending_cmd == NULL);
1369 spin_lock_irqsave(&gsm->control_lock, flags);
1370 if (gsm->pending_cmd != NULL) {
1371 spin_unlock_irqrestore(&gsm->control_lock, flags);
1372 goto retry;
1373 }
1374 ctrl->cmd = command;
1375 ctrl->data = data;
1376 ctrl->len = clen;
1377 gsm->pending_cmd = ctrl;
1378
1379 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1380 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1381 gsm->cretries = 1;
1382 else
1383 gsm->cretries = gsm->n2;
1384
1385 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1386 gsm_control_transmit(gsm, ctrl);
1387 spin_unlock_irqrestore(&gsm->control_lock, flags);
1388 return ctrl;
1389 }
1390
1391 /**
1392 * gsm_control_wait - wait for a control to finish
1393 * @gsm: GSM mux
1394 * @control: control we are waiting on
1395 *
1396 * Waits for the control to complete or time out. Frees any used
1397 * resources and returns 0 for success, or an error if the remote
1398 * rejected or ignored the request.
1399 */
1400
1401 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1402 {
1403 int err;
1404 wait_event(gsm->event, control->done == 1);
1405 err = control->error;
1406 kfree(control);
1407 return err;
1408 }
1409
1410
1411 /*
1412 * DLCI level handling: Needs krefs
1413 */
1414
1415 /*
1416 * State transitions and timers
1417 */
1418
1419 /**
1420 * gsm_dlci_close - a DLCI has closed
1421 * @dlci: DLCI that closed
1422 *
1423 * Perform processing when moving a DLCI into closed state. If there
1424 * is an attached tty this is hung up
1425 */
1426
1427 static void gsm_dlci_close(struct gsm_dlci *dlci)
1428 {
1429 del_timer(&dlci->t1);
1430 if (debug & 8)
1431 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1432 dlci->state = DLCI_CLOSED;
1433 if (dlci->addr != 0) {
1434 tty_port_tty_hangup(&dlci->port, false);
1435 kfifo_reset(&dlci->fifo);
1436 } else
1437 dlci->gsm->dead = true;
1438 wake_up(&dlci->gsm->event);
1439 /* A DLCI 0 close is a MUX termination so we need to kick that
1440 back to userspace somehow */
1441 }
1442
1443 /**
1444 * gsm_dlci_open - a DLCI has opened
1445 * @dlci: DLCI that opened
1446 *
1447 * Perform processing when moving a DLCI into open state.
1448 */
1449
1450 static void gsm_dlci_open(struct gsm_dlci *dlci)
1451 {
1452 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1453 open -> open */
1454 del_timer(&dlci->t1);
1455 /* This will let a tty open continue */
1456 dlci->state = DLCI_OPEN;
1457 if (debug & 8)
1458 pr_debug("DLCI %d goes open.\n", dlci->addr);
1459 wake_up(&dlci->gsm->event);
1460 }
1461
1462 /**
1463 * gsm_dlci_t1 - T1 timer expiry
1464 * @dlci: DLCI that opened
1465 *
1466 * The T1 timer handles retransmits of control frames (essentially of
1467 * SABM and DISC). We resend the command until the retry count runs out
1468 * in which case an opening port goes back to closed and a closing port
1469 * is simply put into closed state (any further frames from the other
1470 * end will get a DM response)
1471 *
1472 * Some control dlci can stay in ADM mode with other dlci working just
1473 * fine. In that case we can just keep the control dlci open after the
1474 * DLCI_OPENING retries time out.
1475 */
1476
1477 static void gsm_dlci_t1(struct timer_list *t)
1478 {
1479 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1480 struct gsm_mux *gsm = dlci->gsm;
1481
1482 switch (dlci->state) {
1483 case DLCI_OPENING:
1484 dlci->retries--;
1485 if (dlci->retries) {
1486 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1487 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1488 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1489 if (debug & 8)
1490 pr_info("DLCI %d opening in ADM mode.\n",
1491 dlci->addr);
1492 dlci->mode = DLCI_MODE_ADM;
1493 gsm_dlci_open(dlci);
1494 } else {
1495 gsm_dlci_close(dlci);
1496 }
1497
1498 break;
1499 case DLCI_CLOSING:
1500 dlci->retries--;
1501 if (dlci->retries) {
1502 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1503 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1504 } else
1505 gsm_dlci_close(dlci);
1506 break;
1507 default:
1508 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1509 break;
1510 }
1511 }
1512
1513 /**
1514 * gsm_dlci_begin_open - start channel open procedure
1515 * @dlci: DLCI to open
1516 *
1517 * Commence opening a DLCI from the Linux side. We issue SABM messages
1518 * to the modem which should then reply with a UA or ADM, at which point
1519 * we will move into open state. Opening is done asynchronously with retry
1520 * running off timers and the responses.
1521 */
1522
1523 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1524 {
1525 struct gsm_mux *gsm = dlci->gsm;
1526 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1527 return;
1528 dlci->retries = gsm->n2;
1529 dlci->state = DLCI_OPENING;
1530 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1531 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1532 }
1533
1534 /**
1535 * gsm_dlci_begin_close - start channel open procedure
1536 * @dlci: DLCI to open
1537 *
1538 * Commence closing a DLCI from the Linux side. We issue DISC messages
1539 * to the modem which should then reply with a UA, at which point we
1540 * will move into closed state. Closing is done asynchronously with retry
1541 * off timers. We may also receive a DM reply from the other end which
1542 * indicates the channel was already closed.
1543 */
1544
1545 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1546 {
1547 struct gsm_mux *gsm = dlci->gsm;
1548 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1549 return;
1550 dlci->retries = gsm->n2;
1551 dlci->state = DLCI_CLOSING;
1552 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1553 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1554 }
1555
1556 /**
1557 * gsm_dlci_data - data arrived
1558 * @dlci: channel
1559 * @data: block of bytes received
1560 * @len: length of received block
1561 *
1562 * A UI or UIH frame has arrived which contains data for a channel
1563 * other than the control channel. If the relevant virtual tty is
1564 * open we shovel the bits down it, if not we drop them.
1565 */
1566
1567 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1568 {
1569 /* krefs .. */
1570 struct tty_port *port = &dlci->port;
1571 struct tty_struct *tty;
1572 unsigned int modem = 0;
1573 int len = clen;
1574
1575 if (debug & 16)
1576 pr_debug("%d bytes for tty\n", len);
1577 switch (dlci->adaption) {
1578 /* Unsupported types */
1579 case 4: /* Packetised interruptible data */
1580 break;
1581 case 3: /* Packetised uininterruptible voice/data */
1582 break;
1583 case 2: /* Asynchronous serial with line state in each frame */
1584 while (gsm_read_ea(&modem, *data++) == 0) {
1585 len--;
1586 if (len == 0)
1587 return;
1588 }
1589 tty = tty_port_tty_get(port);
1590 if (tty) {
1591 gsm_process_modem(tty, dlci, modem, clen);
1592 tty_kref_put(tty);
1593 }
1594 /* Fall through */
1595 case 1: /* Line state will go via DLCI 0 controls only */
1596 default:
1597 tty_insert_flip_string(port, data, len);
1598 tty_flip_buffer_push(port);
1599 }
1600 }
1601
1602 /**
1603 * gsm_dlci_control - data arrived on control channel
1604 * @dlci: channel
1605 * @data: block of bytes received
1606 * @len: length of received block
1607 *
1608 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1609 * control channel. This should contain a command EA followed by
1610 * control data bytes. The command EA contains a command/response bit
1611 * and we divide up the work accordingly.
1612 */
1613
1614 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1615 {
1616 /* See what command is involved */
1617 unsigned int command = 0;
1618 while (len-- > 0) {
1619 if (gsm_read_ea(&command, *data++) == 1) {
1620 int clen = *data++;
1621 len--;
1622 /* FIXME: this is properly an EA */
1623 clen >>= 1;
1624 /* Malformed command ? */
1625 if (clen > len)
1626 return;
1627 if (command & 1)
1628 gsm_control_message(dlci->gsm, command,
1629 data, clen);
1630 else
1631 gsm_control_response(dlci->gsm, command,
1632 data, clen);
1633 return;
1634 }
1635 }
1636 }
1637
1638 /*
1639 * Allocate/Free DLCI channels
1640 */
1641
1642 /**
1643 * gsm_dlci_alloc - allocate a DLCI
1644 * @gsm: GSM mux
1645 * @addr: address of the DLCI
1646 *
1647 * Allocate and install a new DLCI object into the GSM mux.
1648 *
1649 * FIXME: review locking races
1650 */
1651
1652 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1653 {
1654 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1655 if (dlci == NULL)
1656 return NULL;
1657 spin_lock_init(&dlci->lock);
1658 mutex_init(&dlci->mutex);
1659 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1660 kfree(dlci);
1661 return NULL;
1662 }
1663
1664 skb_queue_head_init(&dlci->skb_list);
1665 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1666 tty_port_init(&dlci->port);
1667 dlci->port.ops = &gsm_port_ops;
1668 dlci->gsm = gsm;
1669 dlci->addr = addr;
1670 dlci->adaption = gsm->adaption;
1671 dlci->state = DLCI_CLOSED;
1672 if (addr)
1673 dlci->data = gsm_dlci_data;
1674 else
1675 dlci->data = gsm_dlci_command;
1676 gsm->dlci[addr] = dlci;
1677 return dlci;
1678 }
1679
1680 /**
1681 * gsm_dlci_free - free DLCI
1682 * @dlci: DLCI to free
1683 *
1684 * Free up a DLCI.
1685 *
1686 * Can sleep.
1687 */
1688 static void gsm_dlci_free(struct tty_port *port)
1689 {
1690 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1691
1692 del_timer_sync(&dlci->t1);
1693 dlci->gsm->dlci[dlci->addr] = NULL;
1694 kfifo_free(&dlci->fifo);
1695 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1696 dev_kfree_skb(dlci->skb);
1697 kfree(dlci);
1698 }
1699
1700 static inline void dlci_get(struct gsm_dlci *dlci)
1701 {
1702 tty_port_get(&dlci->port);
1703 }
1704
1705 static inline void dlci_put(struct gsm_dlci *dlci)
1706 {
1707 tty_port_put(&dlci->port);
1708 }
1709
1710 static void gsm_destroy_network(struct gsm_dlci *dlci);
1711
1712 /**
1713 * gsm_dlci_release - release DLCI
1714 * @dlci: DLCI to destroy
1715 *
1716 * Release a DLCI. Actual free is deferred until either
1717 * mux is closed or tty is closed - whichever is last.
1718 *
1719 * Can sleep.
1720 */
1721 static void gsm_dlci_release(struct gsm_dlci *dlci)
1722 {
1723 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1724 if (tty) {
1725 mutex_lock(&dlci->mutex);
1726 gsm_destroy_network(dlci);
1727 mutex_unlock(&dlci->mutex);
1728
1729 tty_hangup(tty);
1730
1731 tty_port_tty_set(&dlci->port, NULL);
1732 tty_kref_put(tty);
1733 }
1734 dlci->state = DLCI_CLOSED;
1735 dlci_put(dlci);
1736 }
1737
1738 /*
1739 * LAPBish link layer logic
1740 */
1741
1742 /**
1743 * gsm_queue - a GSM frame is ready to process
1744 * @gsm: pointer to our gsm mux
1745 *
1746 * At this point in time a frame has arrived and been demangled from
1747 * the line encoding. All the differences between the encodings have
1748 * been handled below us and the frame is unpacked into the structures.
1749 * The fcs holds the header FCS but any data FCS must be added here.
1750 */
1751
1752 static void gsm_queue(struct gsm_mux *gsm)
1753 {
1754 struct gsm_dlci *dlci;
1755 u8 cr;
1756 int address;
1757 /* We have to sneak a look at the packet body to do the FCS.
1758 A somewhat layering violation in the spec */
1759
1760 if ((gsm->control & ~PF) == UI)
1761 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1762 if (gsm->encoding == 0) {
1763 /* WARNING: gsm->received_fcs is used for
1764 gsm->encoding = 0 only.
1765 In this case it contain the last piece of data
1766 required to generate final CRC */
1767 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1768 }
1769 if (gsm->fcs != GOOD_FCS) {
1770 gsm->bad_fcs++;
1771 if (debug & 4)
1772 pr_debug("BAD FCS %02x\n", gsm->fcs);
1773 return;
1774 }
1775 address = gsm->address >> 1;
1776 if (address >= NUM_DLCI)
1777 goto invalid;
1778
1779 cr = gsm->address & 1; /* C/R bit */
1780
1781 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1782
1783 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1784 dlci = gsm->dlci[address];
1785
1786 switch (gsm->control) {
1787 case SABM|PF:
1788 if (cr == 0)
1789 goto invalid;
1790 if (dlci == NULL)
1791 dlci = gsm_dlci_alloc(gsm, address);
1792 if (dlci == NULL)
1793 return;
1794 if (dlci->dead)
1795 gsm_response(gsm, address, DM);
1796 else {
1797 gsm_response(gsm, address, UA);
1798 gsm_dlci_open(dlci);
1799 }
1800 break;
1801 case DISC|PF:
1802 if (cr == 0)
1803 goto invalid;
1804 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1805 gsm_response(gsm, address, DM);
1806 return;
1807 }
1808 /* Real close complete */
1809 gsm_response(gsm, address, UA);
1810 gsm_dlci_close(dlci);
1811 break;
1812 case UA:
1813 case UA|PF:
1814 if (cr == 0 || dlci == NULL)
1815 break;
1816 switch (dlci->state) {
1817 case DLCI_CLOSING:
1818 gsm_dlci_close(dlci);
1819 break;
1820 case DLCI_OPENING:
1821 gsm_dlci_open(dlci);
1822 break;
1823 default:
1824 pr_debug("%s: unhandled state: %d\n", __func__,
1825 dlci->state);
1826 break;
1827 }
1828 break;
1829 case DM: /* DM can be valid unsolicited */
1830 case DM|PF:
1831 if (cr)
1832 goto invalid;
1833 if (dlci == NULL)
1834 return;
1835 gsm_dlci_close(dlci);
1836 break;
1837 case UI:
1838 case UI|PF:
1839 case UIH:
1840 case UIH|PF:
1841 #if 0
1842 if (cr)
1843 goto invalid;
1844 #endif
1845 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1846 gsm_command(gsm, address, DM|PF);
1847 return;
1848 }
1849 dlci->data(dlci, gsm->buf, gsm->len);
1850 break;
1851 default:
1852 goto invalid;
1853 }
1854 return;
1855 invalid:
1856 gsm->malformed++;
1857 return;
1858 }
1859
1860
1861 /**
1862 * gsm0_receive - perform processing for non-transparency
1863 * @gsm: gsm data for this ldisc instance
1864 * @c: character
1865 *
1866 * Receive bytes in gsm mode 0
1867 */
1868
1869 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1870 {
1871 unsigned int len;
1872
1873 switch (gsm->state) {
1874 case GSM_SEARCH: /* SOF marker */
1875 if (c == GSM0_SOF) {
1876 gsm->state = GSM_ADDRESS;
1877 gsm->address = 0;
1878 gsm->len = 0;
1879 gsm->fcs = INIT_FCS;
1880 }
1881 break;
1882 case GSM_ADDRESS: /* Address EA */
1883 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1884 if (gsm_read_ea(&gsm->address, c))
1885 gsm->state = GSM_CONTROL;
1886 break;
1887 case GSM_CONTROL: /* Control Byte */
1888 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1889 gsm->control = c;
1890 gsm->state = GSM_LEN0;
1891 break;
1892 case GSM_LEN0: /* Length EA */
1893 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1894 if (gsm_read_ea(&gsm->len, c)) {
1895 if (gsm->len > gsm->mru) {
1896 gsm->bad_size++;
1897 gsm->state = GSM_SEARCH;
1898 break;
1899 }
1900 gsm->count = 0;
1901 if (!gsm->len)
1902 gsm->state = GSM_FCS;
1903 else
1904 gsm->state = GSM_DATA;
1905 break;
1906 }
1907 gsm->state = GSM_LEN1;
1908 break;
1909 case GSM_LEN1:
1910 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1911 len = c;
1912 gsm->len |= len << 7;
1913 if (gsm->len > gsm->mru) {
1914 gsm->bad_size++;
1915 gsm->state = GSM_SEARCH;
1916 break;
1917 }
1918 gsm->count = 0;
1919 if (!gsm->len)
1920 gsm->state = GSM_FCS;
1921 else
1922 gsm->state = GSM_DATA;
1923 break;
1924 case GSM_DATA: /* Data */
1925 gsm->buf[gsm->count++] = c;
1926 if (gsm->count == gsm->len)
1927 gsm->state = GSM_FCS;
1928 break;
1929 case GSM_FCS: /* FCS follows the packet */
1930 gsm->received_fcs = c;
1931 gsm_queue(gsm);
1932 gsm->state = GSM_SSOF;
1933 break;
1934 case GSM_SSOF:
1935 if (c == GSM0_SOF) {
1936 gsm->state = GSM_SEARCH;
1937 break;
1938 }
1939 break;
1940 default:
1941 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
1942 break;
1943 }
1944 }
1945
1946 /**
1947 * gsm1_receive - perform processing for non-transparency
1948 * @gsm: gsm data for this ldisc instance
1949 * @c: character
1950 *
1951 * Receive bytes in mode 1 (Advanced option)
1952 */
1953
1954 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1955 {
1956 if (c == GSM1_SOF) {
1957 /* EOF is only valid in frame if we have got to the data state
1958 and received at least one byte (the FCS) */
1959 if (gsm->state == GSM_DATA && gsm->count) {
1960 /* Extract the FCS */
1961 gsm->count--;
1962 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1963 gsm->len = gsm->count;
1964 gsm_queue(gsm);
1965 gsm->state = GSM_START;
1966 return;
1967 }
1968 /* Any partial frame was a runt so go back to start */
1969 if (gsm->state != GSM_START) {
1970 gsm->malformed++;
1971 gsm->state = GSM_START;
1972 }
1973 /* A SOF in GSM_START means we are still reading idling or
1974 framing bytes */
1975 return;
1976 }
1977
1978 if (c == GSM1_ESCAPE) {
1979 gsm->escape = true;
1980 return;
1981 }
1982
1983 /* Only an unescaped SOF gets us out of GSM search */
1984 if (gsm->state == GSM_SEARCH)
1985 return;
1986
1987 if (gsm->escape) {
1988 c ^= GSM1_ESCAPE_BITS;
1989 gsm->escape = false;
1990 }
1991 switch (gsm->state) {
1992 case GSM_START: /* First byte after SOF */
1993 gsm->address = 0;
1994 gsm->state = GSM_ADDRESS;
1995 gsm->fcs = INIT_FCS;
1996 /* Fall through */
1997 case GSM_ADDRESS: /* Address continuation */
1998 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1999 if (gsm_read_ea(&gsm->address, c))
2000 gsm->state = GSM_CONTROL;
2001 break;
2002 case GSM_CONTROL: /* Control Byte */
2003 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
2004 gsm->control = c;
2005 gsm->count = 0;
2006 gsm->state = GSM_DATA;
2007 break;
2008 case GSM_DATA: /* Data */
2009 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2010 gsm->state = GSM_OVERRUN;
2011 gsm->bad_size++;
2012 } else
2013 gsm->buf[gsm->count++] = c;
2014 break;
2015 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2016 break;
2017 default:
2018 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2019 break;
2020 }
2021 }
2022
2023 /**
2024 * gsm_error - handle tty error
2025 * @gsm: ldisc data
2026 * @data: byte received (may be invalid)
2027 * @flag: error received
2028 *
2029 * Handle an error in the receipt of data for a frame. Currently we just
2030 * go back to hunting for a SOF.
2031 *
2032 * FIXME: better diagnostics ?
2033 */
2034
2035 static void gsm_error(struct gsm_mux *gsm,
2036 unsigned char data, unsigned char flag)
2037 {
2038 gsm->state = GSM_SEARCH;
2039 gsm->io_error++;
2040 }
2041
2042 static int gsm_disconnect(struct gsm_mux *gsm)
2043 {
2044 struct gsm_dlci *dlci = gsm->dlci[0];
2045 struct gsm_control *gc;
2046
2047 if (!dlci)
2048 return 0;
2049
2050 /* In theory disconnecting DLCI 0 is sufficient but for some
2051 modems this is apparently not the case. */
2052 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2053 if (gc)
2054 gsm_control_wait(gsm, gc);
2055
2056 del_timer_sync(&gsm->t2_timer);
2057 /* Now we are sure T2 has stopped */
2058
2059 gsm_dlci_begin_close(dlci);
2060 wait_event_interruptible(gsm->event,
2061 dlci->state == DLCI_CLOSED);
2062
2063 if (signal_pending(current))
2064 return -EINTR;
2065
2066 return 0;
2067 }
2068
2069 /**
2070 * gsm_cleanup_mux - generic GSM protocol cleanup
2071 * @gsm: our mux
2072 *
2073 * Clean up the bits of the mux which are the same for all framing
2074 * protocols. Remove the mux from the mux table, stop all the timers
2075 * and then shut down each device hanging up the channels as we go.
2076 */
2077
2078 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2079 {
2080 int i;
2081 struct gsm_dlci *dlci = gsm->dlci[0];
2082 struct gsm_msg *txq, *ntxq;
2083
2084 gsm->dead = true;
2085
2086 spin_lock(&gsm_mux_lock);
2087 for (i = 0; i < MAX_MUX; i++) {
2088 if (gsm_mux[i] == gsm) {
2089 gsm_mux[i] = NULL;
2090 break;
2091 }
2092 }
2093 spin_unlock(&gsm_mux_lock);
2094 /* open failed before registering => nothing to do */
2095 if (i == MAX_MUX)
2096 return;
2097
2098 del_timer_sync(&gsm->t2_timer);
2099 /* Now we are sure T2 has stopped */
2100 if (dlci)
2101 dlci->dead = true;
2102
2103 /* Free up any link layer users */
2104 mutex_lock(&gsm->mutex);
2105 for (i = 0; i < NUM_DLCI; i++)
2106 if (gsm->dlci[i])
2107 gsm_dlci_release(gsm->dlci[i]);
2108 mutex_unlock(&gsm->mutex);
2109 /* Now wipe the queues */
2110 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2111 kfree(txq);
2112 INIT_LIST_HEAD(&gsm->tx_list);
2113 }
2114
2115 /**
2116 * gsm_activate_mux - generic GSM setup
2117 * @gsm: our mux
2118 *
2119 * Set up the bits of the mux which are the same for all framing
2120 * protocols. Add the mux to the mux table so it can be opened and
2121 * finally kick off connecting to DLCI 0 on the modem.
2122 */
2123
2124 static int gsm_activate_mux(struct gsm_mux *gsm)
2125 {
2126 struct gsm_dlci *dlci;
2127 int i = 0;
2128
2129 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2130 init_waitqueue_head(&gsm->event);
2131 spin_lock_init(&gsm->control_lock);
2132 spin_lock_init(&gsm->tx_lock);
2133
2134 if (gsm->encoding == 0)
2135 gsm->receive = gsm0_receive;
2136 else
2137 gsm->receive = gsm1_receive;
2138 gsm->error = gsm_error;
2139
2140 spin_lock(&gsm_mux_lock);
2141 for (i = 0; i < MAX_MUX; i++) {
2142 if (gsm_mux[i] == NULL) {
2143 gsm->num = i;
2144 gsm_mux[i] = gsm;
2145 break;
2146 }
2147 }
2148 spin_unlock(&gsm_mux_lock);
2149 if (i == MAX_MUX)
2150 return -EBUSY;
2151
2152 dlci = gsm_dlci_alloc(gsm, 0);
2153 if (dlci == NULL)
2154 return -ENOMEM;
2155 gsm->dead = false; /* Tty opens are now permissible */
2156 return 0;
2157 }
2158
2159 /**
2160 * gsm_free_mux - free up a mux
2161 * @mux: mux to free
2162 *
2163 * Dispose of allocated resources for a dead mux
2164 */
2165 static void gsm_free_mux(struct gsm_mux *gsm)
2166 {
2167 kfree(gsm->txframe);
2168 kfree(gsm->buf);
2169 kfree(gsm);
2170 }
2171
2172 /**
2173 * gsm_free_muxr - free up a mux
2174 * @mux: mux to free
2175 *
2176 * Dispose of allocated resources for a dead mux
2177 */
2178 static void gsm_free_muxr(struct kref *ref)
2179 {
2180 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2181 gsm_free_mux(gsm);
2182 }
2183
2184 static inline void mux_get(struct gsm_mux *gsm)
2185 {
2186 kref_get(&gsm->ref);
2187 }
2188
2189 static inline void mux_put(struct gsm_mux *gsm)
2190 {
2191 kref_put(&gsm->ref, gsm_free_muxr);
2192 }
2193
2194 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2195 {
2196 return gsm->num * NUM_DLCI;
2197 }
2198
2199 static inline unsigned int mux_line_to_num(unsigned int line)
2200 {
2201 return line / NUM_DLCI;
2202 }
2203
2204 /**
2205 * gsm_alloc_mux - allocate a mux
2206 *
2207 * Creates a new mux ready for activation.
2208 */
2209
2210 static struct gsm_mux *gsm_alloc_mux(void)
2211 {
2212 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2213 if (gsm == NULL)
2214 return NULL;
2215 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2216 if (gsm->buf == NULL) {
2217 kfree(gsm);
2218 return NULL;
2219 }
2220 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2221 if (gsm->txframe == NULL) {
2222 kfree(gsm->buf);
2223 kfree(gsm);
2224 return NULL;
2225 }
2226 spin_lock_init(&gsm->lock);
2227 mutex_init(&gsm->mutex);
2228 kref_init(&gsm->ref);
2229 INIT_LIST_HEAD(&gsm->tx_list);
2230
2231 gsm->t1 = T1;
2232 gsm->t2 = T2;
2233 gsm->n2 = N2;
2234 gsm->ftype = UIH;
2235 gsm->adaption = 1;
2236 gsm->encoding = 1;
2237 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2238 gsm->mtu = 64;
2239 gsm->dead = true; /* Avoid early tty opens */
2240
2241 return gsm;
2242 }
2243
2244 static void gsm_copy_config_values(struct gsm_mux *gsm,
2245 struct gsm_config *c)
2246 {
2247 memset(c, 0, sizeof(*c));
2248 c->adaption = gsm->adaption;
2249 c->encapsulation = gsm->encoding;
2250 c->initiator = gsm->initiator;
2251 c->t1 = gsm->t1;
2252 c->t2 = gsm->t2;
2253 c->t3 = 0; /* Not supported */
2254 c->n2 = gsm->n2;
2255 if (gsm->ftype == UIH)
2256 c->i = 1;
2257 else
2258 c->i = 2;
2259 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2260 c->mru = gsm->mru;
2261 c->mtu = gsm->mtu;
2262 c->k = 0;
2263 }
2264
2265 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2266 {
2267 int need_close = 0;
2268 int need_restart = 0;
2269
2270 /* Stuff we don't support yet - UI or I frame transport, windowing */
2271 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2272 return -EOPNOTSUPP;
2273 /* Check the MRU/MTU range looks sane */
2274 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2275 return -EINVAL;
2276 if (c->n2 < 3)
2277 return -EINVAL;
2278 if (c->encapsulation > 1) /* Basic, advanced, no I */
2279 return -EINVAL;
2280 if (c->initiator > 1)
2281 return -EINVAL;
2282 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2283 return -EINVAL;
2284 /*
2285 * See what is needed for reconfiguration
2286 */
2287
2288 /* Timing fields */
2289 if (c->t1 != 0 && c->t1 != gsm->t1)
2290 need_restart = 1;
2291 if (c->t2 != 0 && c->t2 != gsm->t2)
2292 need_restart = 1;
2293 if (c->encapsulation != gsm->encoding)
2294 need_restart = 1;
2295 if (c->adaption != gsm->adaption)
2296 need_restart = 1;
2297 /* Requires care */
2298 if (c->initiator != gsm->initiator)
2299 need_close = 1;
2300 if (c->mru != gsm->mru)
2301 need_restart = 1;
2302 if (c->mtu != gsm->mtu)
2303 need_restart = 1;
2304
2305 /*
2306 * Close down what is needed, restart and initiate the new
2307 * configuration
2308 */
2309
2310 if (need_close || need_restart) {
2311 int ret;
2312
2313 ret = gsm_disconnect(gsm);
2314
2315 if (ret)
2316 return ret;
2317 }
2318 if (need_restart)
2319 gsm_cleanup_mux(gsm);
2320
2321 gsm->initiator = c->initiator;
2322 gsm->mru = c->mru;
2323 gsm->mtu = c->mtu;
2324 gsm->encoding = c->encapsulation;
2325 gsm->adaption = c->adaption;
2326 gsm->n2 = c->n2;
2327
2328 if (c->i == 1)
2329 gsm->ftype = UIH;
2330 else if (c->i == 2)
2331 gsm->ftype = UI;
2332
2333 if (c->t1)
2334 gsm->t1 = c->t1;
2335 if (c->t2)
2336 gsm->t2 = c->t2;
2337
2338 /*
2339 * FIXME: We need to separate activation/deactivation from adding
2340 * and removing from the mux array
2341 */
2342 if (need_restart)
2343 gsm_activate_mux(gsm);
2344 if (gsm->initiator && need_close)
2345 gsm_dlci_begin_open(gsm->dlci[0]);
2346 return 0;
2347 }
2348
2349 /**
2350 * gsmld_output - write to link
2351 * @gsm: our mux
2352 * @data: bytes to output
2353 * @len: size
2354 *
2355 * Write a block of data from the GSM mux to the data channel. This
2356 * will eventually be serialized from above but at the moment isn't.
2357 */
2358
2359 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2360 {
2361 if (tty_write_room(gsm->tty) < len) {
2362 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2363 return -ENOSPC;
2364 }
2365 if (debug & 4)
2366 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2367 data, len);
2368 gsm->tty->ops->write(gsm->tty, data, len);
2369 return len;
2370 }
2371
2372 /**
2373 * gsmld_attach_gsm - mode set up
2374 * @tty: our tty structure
2375 * @gsm: our mux
2376 *
2377 * Set up the MUX for basic mode and commence connecting to the
2378 * modem. Currently called from the line discipline set up but
2379 * will need moving to an ioctl path.
2380 */
2381
2382 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2383 {
2384 unsigned int base;
2385 int ret, i;
2386
2387 gsm->tty = tty_kref_get(tty);
2388 gsm->output = gsmld_output;
2389 ret = gsm_activate_mux(gsm);
2390 if (ret != 0)
2391 tty_kref_put(gsm->tty);
2392 else {
2393 /* Don't register device 0 - this is the control channel and not
2394 a usable tty interface */
2395 base = mux_num_to_base(gsm); /* Base for this MUX */
2396 for (i = 1; i < NUM_DLCI; i++)
2397 tty_register_device(gsm_tty_driver, base + i, NULL);
2398 }
2399 return ret;
2400 }
2401
2402
2403 /**
2404 * gsmld_detach_gsm - stop doing 0710 mux
2405 * @tty: tty attached to the mux
2406 * @gsm: mux
2407 *
2408 * Shutdown and then clean up the resources used by the line discipline
2409 */
2410
2411 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2412 {
2413 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2414 int i;
2415
2416 WARN_ON(tty != gsm->tty);
2417 for (i = 1; i < NUM_DLCI; i++)
2418 tty_unregister_device(gsm_tty_driver, base + i);
2419 gsm_cleanup_mux(gsm);
2420 tty_kref_put(gsm->tty);
2421 gsm->tty = NULL;
2422 }
2423
2424 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2425 char *fp, int count)
2426 {
2427 struct gsm_mux *gsm = tty->disc_data;
2428 const unsigned char *dp;
2429 char *f;
2430 int i;
2431 char flags = TTY_NORMAL;
2432
2433 if (debug & 4)
2434 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2435 cp, count);
2436
2437 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2438 if (f)
2439 flags = *f++;
2440 switch (flags) {
2441 case TTY_NORMAL:
2442 gsm->receive(gsm, *dp);
2443 break;
2444 case TTY_OVERRUN:
2445 case TTY_BREAK:
2446 case TTY_PARITY:
2447 case TTY_FRAME:
2448 gsm->error(gsm, *dp, flags);
2449 break;
2450 default:
2451 WARN_ONCE(1, "%s: unknown flag %d\n",
2452 tty_name(tty), flags);
2453 break;
2454 }
2455 }
2456 /* FASYNC if needed ? */
2457 /* If clogged call tty_throttle(tty); */
2458 }
2459
2460 /**
2461 * gsmld_flush_buffer - clean input queue
2462 * @tty: terminal device
2463 *
2464 * Flush the input buffer. Called when the line discipline is
2465 * being closed, when the tty layer wants the buffer flushed (eg
2466 * at hangup).
2467 */
2468
2469 static void gsmld_flush_buffer(struct tty_struct *tty)
2470 {
2471 }
2472
2473 /**
2474 * gsmld_close - close the ldisc for this tty
2475 * @tty: device
2476 *
2477 * Called from the terminal layer when this line discipline is
2478 * being shut down, either because of a close or becsuse of a
2479 * discipline change. The function will not be called while other
2480 * ldisc methods are in progress.
2481 */
2482
2483 static void gsmld_close(struct tty_struct *tty)
2484 {
2485 struct gsm_mux *gsm = tty->disc_data;
2486
2487 gsmld_detach_gsm(tty, gsm);
2488
2489 gsmld_flush_buffer(tty);
2490 /* Do other clean up here */
2491 mux_put(gsm);
2492 }
2493
2494 /**
2495 * gsmld_open - open an ldisc
2496 * @tty: terminal to open
2497 *
2498 * Called when this line discipline is being attached to the
2499 * terminal device. Can sleep. Called serialized so that no
2500 * other events will occur in parallel. No further open will occur
2501 * until a close.
2502 */
2503
2504 static int gsmld_open(struct tty_struct *tty)
2505 {
2506 struct gsm_mux *gsm;
2507 int ret;
2508
2509 if (tty->ops->write == NULL)
2510 return -EINVAL;
2511
2512 /* Attach our ldisc data */
2513 gsm = gsm_alloc_mux();
2514 if (gsm == NULL)
2515 return -ENOMEM;
2516
2517 tty->disc_data = gsm;
2518 tty->receive_room = 65536;
2519
2520 /* Attach the initial passive connection */
2521 gsm->encoding = 1;
2522
2523 ret = gsmld_attach_gsm(tty, gsm);
2524 if (ret != 0) {
2525 gsm_cleanup_mux(gsm);
2526 mux_put(gsm);
2527 }
2528 return ret;
2529 }
2530
2531 /**
2532 * gsmld_write_wakeup - asynchronous I/O notifier
2533 * @tty: tty device
2534 *
2535 * Required for the ptys, serial driver etc. since processes
2536 * that attach themselves to the master and rely on ASYNC
2537 * IO must be woken up
2538 */
2539
2540 static void gsmld_write_wakeup(struct tty_struct *tty)
2541 {
2542 struct gsm_mux *gsm = tty->disc_data;
2543 unsigned long flags;
2544
2545 /* Queue poll */
2546 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2547 spin_lock_irqsave(&gsm->tx_lock, flags);
2548 gsm_data_kick(gsm);
2549 if (gsm->tx_bytes < TX_THRESH_LO) {
2550 gsm_dlci_data_sweep(gsm);
2551 }
2552 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2553 }
2554
2555 /**
2556 * gsmld_read - read function for tty
2557 * @tty: tty device
2558 * @file: file object
2559 * @buf: userspace buffer pointer
2560 * @nr: size of I/O
2561 *
2562 * Perform reads for the line discipline. We are guaranteed that the
2563 * line discipline will not be closed under us but we may get multiple
2564 * parallel readers and must handle this ourselves. We may also get
2565 * a hangup. Always called in user context, may sleep.
2566 *
2567 * This code must be sure never to sleep through a hangup.
2568 */
2569
2570 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2571 unsigned char __user *buf, size_t nr)
2572 {
2573 return -EOPNOTSUPP;
2574 }
2575
2576 /**
2577 * gsmld_write - write function for tty
2578 * @tty: tty device
2579 * @file: file object
2580 * @buf: userspace buffer pointer
2581 * @nr: size of I/O
2582 *
2583 * Called when the owner of the device wants to send a frame
2584 * itself (or some other control data). The data is transferred
2585 * as-is and must be properly framed and checksummed as appropriate
2586 * by userspace. Frames are either sent whole or not at all as this
2587 * avoids pain user side.
2588 */
2589
2590 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2591 const unsigned char *buf, size_t nr)
2592 {
2593 int space = tty_write_room(tty);
2594 if (space >= nr)
2595 return tty->ops->write(tty, buf, nr);
2596 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2597 return -ENOBUFS;
2598 }
2599
2600 /**
2601 * gsmld_poll - poll method for N_GSM0710
2602 * @tty: terminal device
2603 * @file: file accessing it
2604 * @wait: poll table
2605 *
2606 * Called when the line discipline is asked to poll() for data or
2607 * for special events. This code is not serialized with respect to
2608 * other events save open/close.
2609 *
2610 * This code must be sure never to sleep through a hangup.
2611 * Called without the kernel lock held - fine
2612 */
2613
2614 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2615 poll_table *wait)
2616 {
2617 __poll_t mask = 0;
2618 struct gsm_mux *gsm = tty->disc_data;
2619
2620 poll_wait(file, &tty->read_wait, wait);
2621 poll_wait(file, &tty->write_wait, wait);
2622 if (tty_hung_up_p(file))
2623 mask |= EPOLLHUP;
2624 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2625 mask |= EPOLLOUT | EPOLLWRNORM;
2626 if (gsm->dead)
2627 mask |= EPOLLHUP;
2628 return mask;
2629 }
2630
2631 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2632 unsigned int cmd, unsigned long arg)
2633 {
2634 struct gsm_config c;
2635 struct gsm_mux *gsm = tty->disc_data;
2636 unsigned int base;
2637
2638 switch (cmd) {
2639 case GSMIOC_GETCONF:
2640 gsm_copy_config_values(gsm, &c);
2641 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2642 return -EFAULT;
2643 return 0;
2644 case GSMIOC_SETCONF:
2645 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2646 return -EFAULT;
2647 return gsm_config(gsm, &c);
2648 case GSMIOC_GETFIRST:
2649 base = mux_num_to_base(gsm);
2650 return put_user(base + 1, (__u32 __user *)arg);
2651 default:
2652 return n_tty_ioctl_helper(tty, file, cmd, arg);
2653 }
2654 }
2655
2656 /*
2657 * Network interface
2658 *
2659 */
2660
2661 static int gsm_mux_net_open(struct net_device *net)
2662 {
2663 pr_debug("%s called\n", __func__);
2664 netif_start_queue(net);
2665 return 0;
2666 }
2667
2668 static int gsm_mux_net_close(struct net_device *net)
2669 {
2670 netif_stop_queue(net);
2671 return 0;
2672 }
2673
2674 static void dlci_net_free(struct gsm_dlci *dlci)
2675 {
2676 if (!dlci->net) {
2677 WARN_ON(1);
2678 return;
2679 }
2680 dlci->adaption = dlci->prev_adaption;
2681 dlci->data = dlci->prev_data;
2682 free_netdev(dlci->net);
2683 dlci->net = NULL;
2684 }
2685 static void net_free(struct kref *ref)
2686 {
2687 struct gsm_mux_net *mux_net;
2688 struct gsm_dlci *dlci;
2689
2690 mux_net = container_of(ref, struct gsm_mux_net, ref);
2691 dlci = mux_net->dlci;
2692
2693 if (dlci->net) {
2694 unregister_netdev(dlci->net);
2695 dlci_net_free(dlci);
2696 }
2697 }
2698
2699 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2700 {
2701 kref_get(&mux_net->ref);
2702 }
2703
2704 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2705 {
2706 kref_put(&mux_net->ref, net_free);
2707 }
2708
2709 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2710 struct net_device *net)
2711 {
2712 struct gsm_mux_net *mux_net = netdev_priv(net);
2713 struct gsm_dlci *dlci = mux_net->dlci;
2714 muxnet_get(mux_net);
2715
2716 skb_queue_head(&dlci->skb_list, skb);
2717 net->stats.tx_packets++;
2718 net->stats.tx_bytes += skb->len;
2719 gsm_dlci_data_kick(dlci);
2720 /* And tell the kernel when the last transmit started. */
2721 netif_trans_update(net);
2722 muxnet_put(mux_net);
2723 return NETDEV_TX_OK;
2724 }
2725
2726 /* called when a packet did not ack after watchdogtimeout */
2727 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2728 {
2729 /* Tell syslog we are hosed. */
2730 dev_dbg(&net->dev, "Tx timed out.\n");
2731
2732 /* Update statistics */
2733 net->stats.tx_errors++;
2734 }
2735
2736 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2737 const unsigned char *in_buf, int size)
2738 {
2739 struct net_device *net = dlci->net;
2740 struct sk_buff *skb;
2741 struct gsm_mux_net *mux_net = netdev_priv(net);
2742 muxnet_get(mux_net);
2743
2744 /* Allocate an sk_buff */
2745 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2746 if (!skb) {
2747 /* We got no receive buffer. */
2748 net->stats.rx_dropped++;
2749 muxnet_put(mux_net);
2750 return;
2751 }
2752 skb_reserve(skb, NET_IP_ALIGN);
2753 skb_put_data(skb, in_buf, size);
2754
2755 skb->dev = net;
2756 skb->protocol = htons(ETH_P_IP);
2757
2758 /* Ship it off to the kernel */
2759 netif_rx(skb);
2760
2761 /* update out statistics */
2762 net->stats.rx_packets++;
2763 net->stats.rx_bytes += size;
2764 muxnet_put(mux_net);
2765 return;
2766 }
2767
2768 static void gsm_mux_net_init(struct net_device *net)
2769 {
2770 static const struct net_device_ops gsm_netdev_ops = {
2771 .ndo_open = gsm_mux_net_open,
2772 .ndo_stop = gsm_mux_net_close,
2773 .ndo_start_xmit = gsm_mux_net_start_xmit,
2774 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2775 };
2776
2777 net->netdev_ops = &gsm_netdev_ops;
2778
2779 /* fill in the other fields */
2780 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2781 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2782 net->type = ARPHRD_NONE;
2783 net->tx_queue_len = 10;
2784 }
2785
2786
2787 /* caller holds the dlci mutex */
2788 static void gsm_destroy_network(struct gsm_dlci *dlci)
2789 {
2790 struct gsm_mux_net *mux_net;
2791
2792 pr_debug("destroy network interface\n");
2793 if (!dlci->net)
2794 return;
2795 mux_net = netdev_priv(dlci->net);
2796 muxnet_put(mux_net);
2797 }
2798
2799
2800 /* caller holds the dlci mutex */
2801 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2802 {
2803 char *netname;
2804 int retval = 0;
2805 struct net_device *net;
2806 struct gsm_mux_net *mux_net;
2807
2808 if (!capable(CAP_NET_ADMIN))
2809 return -EPERM;
2810
2811 /* Already in a non tty mode */
2812 if (dlci->adaption > 2)
2813 return -EBUSY;
2814
2815 if (nc->protocol != htons(ETH_P_IP))
2816 return -EPROTONOSUPPORT;
2817
2818 if (nc->adaption != 3 && nc->adaption != 4)
2819 return -EPROTONOSUPPORT;
2820
2821 pr_debug("create network interface\n");
2822
2823 netname = "gsm%d";
2824 if (nc->if_name[0] != '\0')
2825 netname = nc->if_name;
2826 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2827 NET_NAME_UNKNOWN, gsm_mux_net_init);
2828 if (!net) {
2829 pr_err("alloc_netdev failed\n");
2830 return -ENOMEM;
2831 }
2832 net->mtu = dlci->gsm->mtu;
2833 net->min_mtu = 8;
2834 net->max_mtu = dlci->gsm->mtu;
2835 mux_net = netdev_priv(net);
2836 mux_net->dlci = dlci;
2837 kref_init(&mux_net->ref);
2838 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2839
2840 /* reconfigure dlci for network */
2841 dlci->prev_adaption = dlci->adaption;
2842 dlci->prev_data = dlci->data;
2843 dlci->adaption = nc->adaption;
2844 dlci->data = gsm_mux_rx_netchar;
2845 dlci->net = net;
2846
2847 pr_debug("register netdev\n");
2848 retval = register_netdev(net);
2849 if (retval) {
2850 pr_err("network register fail %d\n", retval);
2851 dlci_net_free(dlci);
2852 return retval;
2853 }
2854 return net->ifindex; /* return network index */
2855 }
2856
2857 /* Line discipline for real tty */
2858 static struct tty_ldisc_ops tty_ldisc_packet = {
2859 .owner = THIS_MODULE,
2860 .magic = TTY_LDISC_MAGIC,
2861 .name = "n_gsm",
2862 .open = gsmld_open,
2863 .close = gsmld_close,
2864 .flush_buffer = gsmld_flush_buffer,
2865 .read = gsmld_read,
2866 .write = gsmld_write,
2867 .ioctl = gsmld_ioctl,
2868 .poll = gsmld_poll,
2869 .receive_buf = gsmld_receive_buf,
2870 .write_wakeup = gsmld_write_wakeup
2871 };
2872
2873 /*
2874 * Virtual tty side
2875 */
2876
2877 #define TX_SIZE 512
2878
2879 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2880 {
2881 u8 modembits[5];
2882 struct gsm_control *ctrl;
2883 int len = 2;
2884
2885 if (brk)
2886 len++;
2887
2888 modembits[0] = len << 1 | EA; /* Data bytes */
2889 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2890 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2891 if (brk)
2892 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2893 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2894 if (ctrl == NULL)
2895 return -ENOMEM;
2896 return gsm_control_wait(dlci->gsm, ctrl);
2897 }
2898
2899 static int gsm_carrier_raised(struct tty_port *port)
2900 {
2901 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2902 struct gsm_mux *gsm = dlci->gsm;
2903
2904 /* Not yet open so no carrier info */
2905 if (dlci->state != DLCI_OPEN)
2906 return 0;
2907 if (debug & 2)
2908 return 1;
2909
2910 /*
2911 * Basic mode with control channel in ADM mode may not respond
2912 * to CMD_MSC at all and modem_rx is empty.
2913 */
2914 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2915 !dlci->modem_rx)
2916 return 1;
2917
2918 return dlci->modem_rx & TIOCM_CD;
2919 }
2920
2921 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2922 {
2923 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2924 unsigned int modem_tx = dlci->modem_tx;
2925 if (onoff)
2926 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2927 else
2928 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2929 if (modem_tx != dlci->modem_tx) {
2930 dlci->modem_tx = modem_tx;
2931 gsmtty_modem_update(dlci, 0);
2932 }
2933 }
2934
2935 static const struct tty_port_operations gsm_port_ops = {
2936 .carrier_raised = gsm_carrier_raised,
2937 .dtr_rts = gsm_dtr_rts,
2938 .destruct = gsm_dlci_free,
2939 };
2940
2941 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
2942 {
2943 struct gsm_mux *gsm;
2944 struct gsm_dlci *dlci;
2945 unsigned int line = tty->index;
2946 unsigned int mux = mux_line_to_num(line);
2947 bool alloc = false;
2948 int ret;
2949
2950 line = line & 0x3F;
2951
2952 if (mux >= MAX_MUX)
2953 return -ENXIO;
2954 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2955 if (gsm_mux[mux] == NULL)
2956 return -EUNATCH;
2957 if (line == 0 || line > 61) /* 62/63 reserved */
2958 return -ECHRNG;
2959 gsm = gsm_mux[mux];
2960 if (gsm->dead)
2961 return -EL2HLT;
2962 /* If DLCI 0 is not yet fully open return an error.
2963 This is ok from a locking
2964 perspective as we don't have to worry about this
2965 if DLCI0 is lost */
2966 mutex_lock(&gsm->mutex);
2967 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
2968 mutex_unlock(&gsm->mutex);
2969 return -EL2NSYNC;
2970 }
2971 dlci = gsm->dlci[line];
2972 if (dlci == NULL) {
2973 alloc = true;
2974 dlci = gsm_dlci_alloc(gsm, line);
2975 }
2976 if (dlci == NULL) {
2977 mutex_unlock(&gsm->mutex);
2978 return -ENOMEM;
2979 }
2980 ret = tty_port_install(&dlci->port, driver, tty);
2981 if (ret) {
2982 if (alloc)
2983 dlci_put(dlci);
2984 mutex_unlock(&gsm->mutex);
2985 return ret;
2986 }
2987
2988 dlci_get(dlci);
2989 dlci_get(gsm->dlci[0]);
2990 mux_get(gsm);
2991 tty->driver_data = dlci;
2992 mutex_unlock(&gsm->mutex);
2993
2994 return 0;
2995 }
2996
2997 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2998 {
2999 struct gsm_dlci *dlci = tty->driver_data;
3000 struct tty_port *port = &dlci->port;
3001
3002 port->count++;
3003 tty_port_tty_set(port, tty);
3004
3005 dlci->modem_rx = 0;
3006 /* We could in theory open and close before we wait - eg if we get
3007 a DM straight back. This is ok as that will have caused a hangup */
3008 tty_port_set_initialized(port, 1);
3009 /* Start sending off SABM messages */
3010 gsm_dlci_begin_open(dlci);
3011 /* And wait for virtual carrier */
3012 return tty_port_block_til_ready(port, tty, filp);
3013 }
3014
3015 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3016 {
3017 struct gsm_dlci *dlci = tty->driver_data;
3018
3019 if (dlci == NULL)
3020 return;
3021 if (dlci->state == DLCI_CLOSED)
3022 return;
3023 mutex_lock(&dlci->mutex);
3024 gsm_destroy_network(dlci);
3025 mutex_unlock(&dlci->mutex);
3026 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3027 return;
3028 gsm_dlci_begin_close(dlci);
3029 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3030 tty_port_lower_dtr_rts(&dlci->port);
3031 tty_port_close_end(&dlci->port, tty);
3032 tty_port_tty_set(&dlci->port, NULL);
3033 return;
3034 }
3035
3036 static void gsmtty_hangup(struct tty_struct *tty)
3037 {
3038 struct gsm_dlci *dlci = tty->driver_data;
3039 if (dlci->state == DLCI_CLOSED)
3040 return;
3041 tty_port_hangup(&dlci->port);
3042 gsm_dlci_begin_close(dlci);
3043 }
3044
3045 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3046 int len)
3047 {
3048 int sent;
3049 struct gsm_dlci *dlci = tty->driver_data;
3050 if (dlci->state == DLCI_CLOSED)
3051 return -EINVAL;
3052 /* Stuff the bytes into the fifo queue */
3053 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3054 /* Need to kick the channel */
3055 gsm_dlci_data_kick(dlci);
3056 return sent;
3057 }
3058
3059 static int gsmtty_write_room(struct tty_struct *tty)
3060 {
3061 struct gsm_dlci *dlci = tty->driver_data;
3062 if (dlci->state == DLCI_CLOSED)
3063 return -EINVAL;
3064 return TX_SIZE - kfifo_len(&dlci->fifo);
3065 }
3066
3067 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
3068 {
3069 struct gsm_dlci *dlci = tty->driver_data;
3070 if (dlci->state == DLCI_CLOSED)
3071 return -EINVAL;
3072 return kfifo_len(&dlci->fifo);
3073 }
3074
3075 static void gsmtty_flush_buffer(struct tty_struct *tty)
3076 {
3077 struct gsm_dlci *dlci = tty->driver_data;
3078 if (dlci->state == DLCI_CLOSED)
3079 return;
3080 /* Caution needed: If we implement reliable transport classes
3081 then the data being transmitted can't simply be junked once
3082 it has first hit the stack. Until then we can just blow it
3083 away */
3084 kfifo_reset(&dlci->fifo);
3085 /* Need to unhook this DLCI from the transmit queue logic */
3086 }
3087
3088 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3089 {
3090 /* The FIFO handles the queue so the kernel will do the right
3091 thing waiting on chars_in_buffer before calling us. No work
3092 to do here */
3093 }
3094
3095 static int gsmtty_tiocmget(struct tty_struct *tty)
3096 {
3097 struct gsm_dlci *dlci = tty->driver_data;
3098 if (dlci->state == DLCI_CLOSED)
3099 return -EINVAL;
3100 return dlci->modem_rx;
3101 }
3102
3103 static int gsmtty_tiocmset(struct tty_struct *tty,
3104 unsigned int set, unsigned int clear)
3105 {
3106 struct gsm_dlci *dlci = tty->driver_data;
3107 unsigned int modem_tx = dlci->modem_tx;
3108
3109 if (dlci->state == DLCI_CLOSED)
3110 return -EINVAL;
3111 modem_tx &= ~clear;
3112 modem_tx |= set;
3113
3114 if (modem_tx != dlci->modem_tx) {
3115 dlci->modem_tx = modem_tx;
3116 return gsmtty_modem_update(dlci, 0);
3117 }
3118 return 0;
3119 }
3120
3121
3122 static int gsmtty_ioctl(struct tty_struct *tty,
3123 unsigned int cmd, unsigned long arg)
3124 {
3125 struct gsm_dlci *dlci = tty->driver_data;
3126 struct gsm_netconfig nc;
3127 int index;
3128
3129 if (dlci->state == DLCI_CLOSED)
3130 return -EINVAL;
3131 switch (cmd) {
3132 case GSMIOC_ENABLE_NET:
3133 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3134 return -EFAULT;
3135 nc.if_name[IFNAMSIZ-1] = '\0';
3136 /* return net interface index or error code */
3137 mutex_lock(&dlci->mutex);
3138 index = gsm_create_network(dlci, &nc);
3139 mutex_unlock(&dlci->mutex);
3140 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3141 return -EFAULT;
3142 return index;
3143 case GSMIOC_DISABLE_NET:
3144 if (!capable(CAP_NET_ADMIN))
3145 return -EPERM;
3146 mutex_lock(&dlci->mutex);
3147 gsm_destroy_network(dlci);
3148 mutex_unlock(&dlci->mutex);
3149 return 0;
3150 default:
3151 return -ENOIOCTLCMD;
3152 }
3153 }
3154
3155 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3156 {
3157 struct gsm_dlci *dlci = tty->driver_data;
3158 if (dlci->state == DLCI_CLOSED)
3159 return;
3160 /* For the moment its fixed. In actual fact the speed information
3161 for the virtual channel can be propogated in both directions by
3162 the RPN control message. This however rapidly gets nasty as we
3163 then have to remap modem signals each way according to whether
3164 our virtual cable is null modem etc .. */
3165 tty_termios_copy_hw(&tty->termios, old);
3166 }
3167
3168 static void gsmtty_throttle(struct tty_struct *tty)
3169 {
3170 struct gsm_dlci *dlci = tty->driver_data;
3171 if (dlci->state == DLCI_CLOSED)
3172 return;
3173 if (C_CRTSCTS(tty))
3174 dlci->modem_tx &= ~TIOCM_DTR;
3175 dlci->throttled = true;
3176 /* Send an MSC with DTR cleared */
3177 gsmtty_modem_update(dlci, 0);
3178 }
3179
3180 static void gsmtty_unthrottle(struct tty_struct *tty)
3181 {
3182 struct gsm_dlci *dlci = tty->driver_data;
3183 if (dlci->state == DLCI_CLOSED)
3184 return;
3185 if (C_CRTSCTS(tty))
3186 dlci->modem_tx |= TIOCM_DTR;
3187 dlci->throttled = false;
3188 /* Send an MSC with DTR set */
3189 gsmtty_modem_update(dlci, 0);
3190 }
3191
3192 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3193 {
3194 struct gsm_dlci *dlci = tty->driver_data;
3195 int encode = 0; /* Off */
3196 if (dlci->state == DLCI_CLOSED)
3197 return -EINVAL;
3198
3199 if (state == -1) /* "On indefinitely" - we can't encode this
3200 properly */
3201 encode = 0x0F;
3202 else if (state > 0) {
3203 encode = state / 200; /* mS to encoding */
3204 if (encode > 0x0F)
3205 encode = 0x0F; /* Best effort */
3206 }
3207 return gsmtty_modem_update(dlci, encode);
3208 }
3209
3210 static void gsmtty_cleanup(struct tty_struct *tty)
3211 {
3212 struct gsm_dlci *dlci = tty->driver_data;
3213 struct gsm_mux *gsm = dlci->gsm;
3214
3215 dlci_put(dlci);
3216 dlci_put(gsm->dlci[0]);
3217 mux_put(gsm);
3218 }
3219
3220 /* Virtual ttys for the demux */
3221 static const struct tty_operations gsmtty_ops = {
3222 .install = gsmtty_install,
3223 .open = gsmtty_open,
3224 .close = gsmtty_close,
3225 .write = gsmtty_write,
3226 .write_room = gsmtty_write_room,
3227 .chars_in_buffer = gsmtty_chars_in_buffer,
3228 .flush_buffer = gsmtty_flush_buffer,
3229 .ioctl = gsmtty_ioctl,
3230 .throttle = gsmtty_throttle,
3231 .unthrottle = gsmtty_unthrottle,
3232 .set_termios = gsmtty_set_termios,
3233 .hangup = gsmtty_hangup,
3234 .wait_until_sent = gsmtty_wait_until_sent,
3235 .tiocmget = gsmtty_tiocmget,
3236 .tiocmset = gsmtty_tiocmset,
3237 .break_ctl = gsmtty_break_ctl,
3238 .cleanup = gsmtty_cleanup,
3239 };
3240
3241
3242
3243 static int __init gsm_init(void)
3244 {
3245 /* Fill in our line protocol discipline, and register it */
3246 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3247 if (status != 0) {
3248 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3249 status);
3250 return status;
3251 }
3252
3253 gsm_tty_driver = alloc_tty_driver(256);
3254 if (!gsm_tty_driver) {
3255 tty_unregister_ldisc(N_GSM0710);
3256 pr_err("gsm_init: tty allocation failed.\n");
3257 return -EINVAL;
3258 }
3259 gsm_tty_driver->driver_name = "gsmtty";
3260 gsm_tty_driver->name = "gsmtty";
3261 gsm_tty_driver->major = 0; /* Dynamic */
3262 gsm_tty_driver->minor_start = 0;
3263 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3264 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3265 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3266 | TTY_DRIVER_HARDWARE_BREAK;
3267 gsm_tty_driver->init_termios = tty_std_termios;
3268 /* Fixme */
3269 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3270 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3271
3272 spin_lock_init(&gsm_mux_lock);
3273
3274 if (tty_register_driver(gsm_tty_driver)) {
3275 put_tty_driver(gsm_tty_driver);
3276 tty_unregister_ldisc(N_GSM0710);
3277 pr_err("gsm_init: tty registration failed.\n");
3278 return -EBUSY;
3279 }
3280 pr_debug("gsm_init: loaded as %d,%d.\n",
3281 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3282 return 0;
3283 }
3284
3285 static void __exit gsm_exit(void)
3286 {
3287 int status = tty_unregister_ldisc(N_GSM0710);
3288 if (status != 0)
3289 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3290 status);
3291 tty_unregister_driver(gsm_tty_driver);
3292 put_tty_driver(gsm_tty_driver);
3293 }
3294
3295 module_init(gsm_init);
3296 module_exit(gsm_exit);
3297
3298
3299 MODULE_LICENSE("GPL");
3300 MODULE_ALIAS_LDISC(N_GSM0710);
Linux with added FPC-III support