Avoid beyond bounds copy while caching ACL
[zen-stable.git] / net / irda / irttp.c
blob5c93f2952b082b6fa5ef6c0bc8211dfdb68f3693
1 /*********************************************************************
3 * Filename: irttp.c
4 * Version: 1.2
5 * Description: Tiny Transport Protocol (TTP) implementation
6 * Status: Stable
7 * Author: Dag Brattli <dagb@cs.uit.no>
8 * Created at: Sun Aug 31 20:14:31 1997
9 * Modified at: Wed Jan 5 11:31:27 2000
10 * Modified by: Dag Brattli <dagb@cs.uit.no>
12 * Copyright (c) 1998-2000 Dag Brattli <dagb@cs.uit.no>,
13 * All Rights Reserved.
14 * Copyright (c) 2000-2003 Jean Tourrilhes <jt@hpl.hp.com>
16 * This program is free software; you can redistribute it and/or
17 * modify it under the terms of the GNU General Public License as
18 * published by the Free Software Foundation; either version 2 of
19 * the License, or (at your option) any later version.
21 * Neither Dag Brattli nor University of Tromsø admit liability nor
22 * provide warranty for any of this software. This material is
23 * provided "AS-IS" and at no charge.
25 ********************************************************************/
27 #include <linux/skbuff.h>
28 #include <linux/init.h>
29 #include <linux/fs.h>
30 #include <linux/seq_file.h>
31 #include <linux/slab.h>
32 #include <linux/export.h>
34 #include <asm/byteorder.h>
35 #include <asm/unaligned.h>
37 #include <net/irda/irda.h>
38 #include <net/irda/irlap.h>
39 #include <net/irda/irlmp.h>
40 #include <net/irda/parameters.h>
41 #include <net/irda/irttp.h>
43 static struct irttp_cb *irttp;
45 static void __irttp_close_tsap(struct tsap_cb *self);
47 static int irttp_data_indication(void *instance, void *sap,
48 struct sk_buff *skb);
49 static int irttp_udata_indication(void *instance, void *sap,
50 struct sk_buff *skb);
51 static void irttp_disconnect_indication(void *instance, void *sap,
52 LM_REASON reason, struct sk_buff *);
53 static void irttp_connect_indication(void *instance, void *sap,
54 struct qos_info *qos, __u32 max_sdu_size,
55 __u8 header_size, struct sk_buff *skb);
56 static void irttp_connect_confirm(void *instance, void *sap,
57 struct qos_info *qos, __u32 max_sdu_size,
58 __u8 header_size, struct sk_buff *skb);
59 static void irttp_run_tx_queue(struct tsap_cb *self);
60 static void irttp_run_rx_queue(struct tsap_cb *self);
62 static void irttp_flush_queues(struct tsap_cb *self);
63 static void irttp_fragment_skb(struct tsap_cb *self, struct sk_buff *skb);
64 static struct sk_buff *irttp_reassemble_skb(struct tsap_cb *self);
65 static void irttp_todo_expired(unsigned long data);
66 static int irttp_param_max_sdu_size(void *instance, irda_param_t *param,
67 int get);
69 static void irttp_flow_indication(void *instance, void *sap, LOCAL_FLOW flow);
70 static void irttp_status_indication(void *instance,
71 LINK_STATUS link, LOCK_STATUS lock);
73 /* Information for parsing parameters in IrTTP */
74 static pi_minor_info_t pi_minor_call_table[] = {
75 { NULL, 0 }, /* 0x00 */
76 { irttp_param_max_sdu_size, PV_INTEGER | PV_BIG_ENDIAN } /* 0x01 */
78 static pi_major_info_t pi_major_call_table[] = {{ pi_minor_call_table, 2 }};
79 static pi_param_info_t param_info = { pi_major_call_table, 1, 0x0f, 4 };
81 /************************ GLOBAL PROCEDURES ************************/
84 * Function irttp_init (void)
86 * Initialize the IrTTP layer. Called by module initialization code
89 int __init irttp_init(void)
91 irttp = kzalloc(sizeof(struct irttp_cb), GFP_KERNEL);
92 if (irttp == NULL)
93 return -ENOMEM;
95 irttp->magic = TTP_MAGIC;
97 irttp->tsaps = hashbin_new(HB_LOCK);
98 if (!irttp->tsaps) {
99 IRDA_ERROR("%s: can't allocate IrTTP hashbin!\n",
100 __func__);
101 kfree(irttp);
102 return -ENOMEM;
105 return 0;
109 * Function irttp_cleanup (void)
111 * Called by module destruction/cleanup code
114 void irttp_cleanup(void)
116 /* Check for main structure */
117 IRDA_ASSERT(irttp->magic == TTP_MAGIC, return;);
120 * Delete hashbin and close all TSAP instances in it
122 hashbin_delete(irttp->tsaps, (FREE_FUNC) __irttp_close_tsap);
124 irttp->magic = 0;
126 /* De-allocate main structure */
127 kfree(irttp);
129 irttp = NULL;
132 /*************************** SUBROUTINES ***************************/
135 * Function irttp_start_todo_timer (self, timeout)
137 * Start todo timer.
139 * Made it more effient and unsensitive to race conditions - Jean II
141 static inline void irttp_start_todo_timer(struct tsap_cb *self, int timeout)
143 /* Set new value for timer */
144 mod_timer(&self->todo_timer, jiffies + timeout);
148 * Function irttp_todo_expired (data)
150 * Todo timer has expired!
152 * One of the restriction of the timer is that it is run only on the timer
153 * interrupt which run every 10ms. This mean that even if you set the timer
154 * with a delay of 0, it may take up to 10ms before it's run.
155 * So, to minimise latency and keep cache fresh, we try to avoid using
156 * it as much as possible.
157 * Note : we can't use tasklets, because they can't be asynchronously
158 * killed (need user context), and we can't guarantee that here...
159 * Jean II
161 static void irttp_todo_expired(unsigned long data)
163 struct tsap_cb *self = (struct tsap_cb *) data;
165 /* Check that we still exist */
166 if (!self || self->magic != TTP_TSAP_MAGIC)
167 return;
169 IRDA_DEBUG(4, "%s(instance=%p)\n", __func__, self);
171 /* Try to make some progress, especially on Tx side - Jean II */
172 irttp_run_rx_queue(self);
173 irttp_run_tx_queue(self);
175 /* Check if time for disconnect */
176 if (test_bit(0, &self->disconnect_pend)) {
177 /* Check if it's possible to disconnect yet */
178 if (skb_queue_empty(&self->tx_queue)) {
179 /* Make sure disconnect is not pending anymore */
180 clear_bit(0, &self->disconnect_pend); /* FALSE */
182 /* Note : self->disconnect_skb may be NULL */
183 irttp_disconnect_request(self, self->disconnect_skb,
184 P_NORMAL);
185 self->disconnect_skb = NULL;
186 } else {
187 /* Try again later */
188 irttp_start_todo_timer(self, HZ/10);
190 /* No reason to try and close now */
191 return;
195 /* Check if it's closing time */
196 if (self->close_pend)
197 /* Finish cleanup */
198 irttp_close_tsap(self);
202 * Function irttp_flush_queues (self)
204 * Flushes (removes all frames) in transitt-buffer (tx_list)
206 static void irttp_flush_queues(struct tsap_cb *self)
208 struct sk_buff* skb;
210 IRDA_DEBUG(4, "%s()\n", __func__);
212 IRDA_ASSERT(self != NULL, return;);
213 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
215 /* Deallocate frames waiting to be sent */
216 while ((skb = skb_dequeue(&self->tx_queue)) != NULL)
217 dev_kfree_skb(skb);
219 /* Deallocate received frames */
220 while ((skb = skb_dequeue(&self->rx_queue)) != NULL)
221 dev_kfree_skb(skb);
223 /* Deallocate received fragments */
224 while ((skb = skb_dequeue(&self->rx_fragments)) != NULL)
225 dev_kfree_skb(skb);
229 * Function irttp_reassemble (self)
231 * Makes a new (continuous) skb of all the fragments in the fragment
232 * queue
235 static struct sk_buff *irttp_reassemble_skb(struct tsap_cb *self)
237 struct sk_buff *skb, *frag;
238 int n = 0; /* Fragment index */
240 IRDA_ASSERT(self != NULL, return NULL;);
241 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return NULL;);
243 IRDA_DEBUG(2, "%s(), self->rx_sdu_size=%d\n", __func__,
244 self->rx_sdu_size);
246 skb = dev_alloc_skb(TTP_HEADER + self->rx_sdu_size);
247 if (!skb)
248 return NULL;
251 * Need to reserve space for TTP header in case this skb needs to
252 * be requeued in case delivery failes
254 skb_reserve(skb, TTP_HEADER);
255 skb_put(skb, self->rx_sdu_size);
258 * Copy all fragments to a new buffer
260 while ((frag = skb_dequeue(&self->rx_fragments)) != NULL) {
261 skb_copy_to_linear_data_offset(skb, n, frag->data, frag->len);
262 n += frag->len;
264 dev_kfree_skb(frag);
267 IRDA_DEBUG(2,
268 "%s(), frame len=%d, rx_sdu_size=%d, rx_max_sdu_size=%d\n",
269 __func__, n, self->rx_sdu_size, self->rx_max_sdu_size);
270 /* Note : irttp_run_rx_queue() calculate self->rx_sdu_size
271 * by summing the size of all fragments, so we should always
272 * have n == self->rx_sdu_size, except in cases where we
273 * droped the last fragment (when self->rx_sdu_size exceed
274 * self->rx_max_sdu_size), where n < self->rx_sdu_size.
275 * Jean II */
276 IRDA_ASSERT(n <= self->rx_sdu_size, n = self->rx_sdu_size;);
278 /* Set the new length */
279 skb_trim(skb, n);
281 self->rx_sdu_size = 0;
283 return skb;
287 * Function irttp_fragment_skb (skb)
289 * Fragments a frame and queues all the fragments for transmission
292 static inline void irttp_fragment_skb(struct tsap_cb *self,
293 struct sk_buff *skb)
295 struct sk_buff *frag;
296 __u8 *frame;
298 IRDA_DEBUG(2, "%s()\n", __func__);
300 IRDA_ASSERT(self != NULL, return;);
301 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
302 IRDA_ASSERT(skb != NULL, return;);
305 * Split frame into a number of segments
307 while (skb->len > self->max_seg_size) {
308 IRDA_DEBUG(2, "%s(), fragmenting ...\n", __func__);
310 /* Make new segment */
311 frag = alloc_skb(self->max_seg_size+self->max_header_size,
312 GFP_ATOMIC);
313 if (!frag)
314 return;
316 skb_reserve(frag, self->max_header_size);
318 /* Copy data from the original skb into this fragment. */
319 skb_copy_from_linear_data(skb, skb_put(frag, self->max_seg_size),
320 self->max_seg_size);
322 /* Insert TTP header, with the more bit set */
323 frame = skb_push(frag, TTP_HEADER);
324 frame[0] = TTP_MORE;
326 /* Hide the copied data from the original skb */
327 skb_pull(skb, self->max_seg_size);
329 /* Queue fragment */
330 skb_queue_tail(&self->tx_queue, frag);
332 /* Queue what is left of the original skb */
333 IRDA_DEBUG(2, "%s(), queuing last segment\n", __func__);
335 frame = skb_push(skb, TTP_HEADER);
336 frame[0] = 0x00; /* Clear more bit */
338 /* Queue fragment */
339 skb_queue_tail(&self->tx_queue, skb);
343 * Function irttp_param_max_sdu_size (self, param)
345 * Handle the MaxSduSize parameter in the connect frames, this function
346 * will be called both when this parameter needs to be inserted into, and
347 * extracted from the connect frames
349 static int irttp_param_max_sdu_size(void *instance, irda_param_t *param,
350 int get)
352 struct tsap_cb *self;
354 self = instance;
356 IRDA_ASSERT(self != NULL, return -1;);
357 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
359 if (get)
360 param->pv.i = self->tx_max_sdu_size;
361 else
362 self->tx_max_sdu_size = param->pv.i;
364 IRDA_DEBUG(1, "%s(), MaxSduSize=%d\n", __func__, param->pv.i);
366 return 0;
369 /*************************** CLIENT CALLS ***************************/
370 /************************** LMP CALLBACKS **************************/
371 /* Everything is happily mixed up. Waiting for next clean up - Jean II */
374 * Initialization, that has to be done on new tsap
375 * instance allocation and on duplication
377 static void irttp_init_tsap(struct tsap_cb *tsap)
379 spin_lock_init(&tsap->lock);
380 init_timer(&tsap->todo_timer);
382 skb_queue_head_init(&tsap->rx_queue);
383 skb_queue_head_init(&tsap->tx_queue);
384 skb_queue_head_init(&tsap->rx_fragments);
388 * Function irttp_open_tsap (stsap, notify)
390 * Create TSAP connection endpoint,
392 struct tsap_cb *irttp_open_tsap(__u8 stsap_sel, int credit, notify_t *notify)
394 struct tsap_cb *self;
395 struct lsap_cb *lsap;
396 notify_t ttp_notify;
398 IRDA_ASSERT(irttp->magic == TTP_MAGIC, return NULL;);
400 /* The IrLMP spec (IrLMP 1.1 p10) says that we have the right to
401 * use only 0x01-0x6F. Of course, we can use LSAP_ANY as well.
402 * JeanII */
403 if((stsap_sel != LSAP_ANY) &&
404 ((stsap_sel < 0x01) || (stsap_sel >= 0x70))) {
405 IRDA_DEBUG(0, "%s(), invalid tsap!\n", __func__);
406 return NULL;
409 self = kzalloc(sizeof(struct tsap_cb), GFP_ATOMIC);
410 if (self == NULL) {
411 IRDA_DEBUG(0, "%s(), unable to kmalloc!\n", __func__);
412 return NULL;
415 /* Initialize internal objects */
416 irttp_init_tsap(self);
418 /* Initialise todo timer */
419 self->todo_timer.data = (unsigned long) self;
420 self->todo_timer.function = &irttp_todo_expired;
422 /* Initialize callbacks for IrLMP to use */
423 irda_notify_init(&ttp_notify);
424 ttp_notify.connect_confirm = irttp_connect_confirm;
425 ttp_notify.connect_indication = irttp_connect_indication;
426 ttp_notify.disconnect_indication = irttp_disconnect_indication;
427 ttp_notify.data_indication = irttp_data_indication;
428 ttp_notify.udata_indication = irttp_udata_indication;
429 ttp_notify.flow_indication = irttp_flow_indication;
430 if(notify->status_indication != NULL)
431 ttp_notify.status_indication = irttp_status_indication;
432 ttp_notify.instance = self;
433 strncpy(ttp_notify.name, notify->name, NOTIFY_MAX_NAME);
435 self->magic = TTP_TSAP_MAGIC;
436 self->connected = FALSE;
439 * Create LSAP at IrLMP layer
441 lsap = irlmp_open_lsap(stsap_sel, &ttp_notify, 0);
442 if (lsap == NULL) {
443 IRDA_WARNING("%s: unable to allocate LSAP!!\n", __func__);
444 return NULL;
448 * If user specified LSAP_ANY as source TSAP selector, then IrLMP
449 * will replace it with whatever source selector which is free, so
450 * the stsap_sel we have might not be valid anymore
452 self->stsap_sel = lsap->slsap_sel;
453 IRDA_DEBUG(4, "%s(), stsap_sel=%02x\n", __func__, self->stsap_sel);
455 self->notify = *notify;
456 self->lsap = lsap;
458 hashbin_insert(irttp->tsaps, (irda_queue_t *) self, (long) self, NULL);
460 if (credit > TTP_RX_MAX_CREDIT)
461 self->initial_credit = TTP_RX_MAX_CREDIT;
462 else
463 self->initial_credit = credit;
465 return self;
467 EXPORT_SYMBOL(irttp_open_tsap);
470 * Function irttp_close (handle)
472 * Remove an instance of a TSAP. This function should only deal with the
473 * deallocation of the TSAP, and resetting of the TSAPs values;
476 static void __irttp_close_tsap(struct tsap_cb *self)
478 /* First make sure we're connected. */
479 IRDA_ASSERT(self != NULL, return;);
480 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
482 irttp_flush_queues(self);
484 del_timer(&self->todo_timer);
486 /* This one won't be cleaned up if we are disconnect_pend + close_pend
487 * and we receive a disconnect_indication */
488 if (self->disconnect_skb)
489 dev_kfree_skb(self->disconnect_skb);
491 self->connected = FALSE;
492 self->magic = ~TTP_TSAP_MAGIC;
494 kfree(self);
498 * Function irttp_close (self)
500 * Remove TSAP from list of all TSAPs and then deallocate all resources
501 * associated with this TSAP
503 * Note : because we *free* the tsap structure, it is the responsibility
504 * of the caller to make sure we are called only once and to deal with
505 * possible race conditions. - Jean II
507 int irttp_close_tsap(struct tsap_cb *self)
509 struct tsap_cb *tsap;
511 IRDA_DEBUG(4, "%s()\n", __func__);
513 IRDA_ASSERT(self != NULL, return -1;);
514 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
516 /* Make sure tsap has been disconnected */
517 if (self->connected) {
518 /* Check if disconnect is not pending */
519 if (!test_bit(0, &self->disconnect_pend)) {
520 IRDA_WARNING("%s: TSAP still connected!\n",
521 __func__);
522 irttp_disconnect_request(self, NULL, P_NORMAL);
524 self->close_pend = TRUE;
525 irttp_start_todo_timer(self, HZ/10);
527 return 0; /* Will be back! */
530 tsap = hashbin_remove(irttp->tsaps, (long) self, NULL);
532 IRDA_ASSERT(tsap == self, return -1;);
534 /* Close corresponding LSAP */
535 if (self->lsap) {
536 irlmp_close_lsap(self->lsap);
537 self->lsap = NULL;
540 __irttp_close_tsap(self);
542 return 0;
544 EXPORT_SYMBOL(irttp_close_tsap);
547 * Function irttp_udata_request (self, skb)
549 * Send unreliable data on this TSAP
552 int irttp_udata_request(struct tsap_cb *self, struct sk_buff *skb)
554 int ret;
556 IRDA_ASSERT(self != NULL, return -1;);
557 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
558 IRDA_ASSERT(skb != NULL, return -1;);
560 IRDA_DEBUG(4, "%s()\n", __func__);
562 /* Take shortcut on zero byte packets */
563 if (skb->len == 0) {
564 ret = 0;
565 goto err;
568 /* Check that nothing bad happens */
569 if (!self->connected) {
570 IRDA_WARNING("%s(), Not connected\n", __func__);
571 ret = -ENOTCONN;
572 goto err;
575 if (skb->len > self->max_seg_size) {
576 IRDA_ERROR("%s(), UData is too large for IrLAP!\n", __func__);
577 ret = -EMSGSIZE;
578 goto err;
581 irlmp_udata_request(self->lsap, skb);
582 self->stats.tx_packets++;
584 return 0;
586 err:
587 dev_kfree_skb(skb);
588 return ret;
590 EXPORT_SYMBOL(irttp_udata_request);
594 * Function irttp_data_request (handle, skb)
596 * Queue frame for transmission. If SAR is enabled, fragement the frame
597 * and queue the fragments for transmission
599 int irttp_data_request(struct tsap_cb *self, struct sk_buff *skb)
601 __u8 *frame;
602 int ret;
604 IRDA_ASSERT(self != NULL, return -1;);
605 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
606 IRDA_ASSERT(skb != NULL, return -1;);
608 IRDA_DEBUG(2, "%s() : queue len = %d\n", __func__,
609 skb_queue_len(&self->tx_queue));
611 /* Take shortcut on zero byte packets */
612 if (skb->len == 0) {
613 ret = 0;
614 goto err;
617 /* Check that nothing bad happens */
618 if (!self->connected) {
619 IRDA_WARNING("%s: Not connected\n", __func__);
620 ret = -ENOTCONN;
621 goto err;
625 * Check if SAR is disabled, and the frame is larger than what fits
626 * inside an IrLAP frame
628 if ((self->tx_max_sdu_size == 0) && (skb->len > self->max_seg_size)) {
629 IRDA_ERROR("%s: SAR disabled, and data is too large for IrLAP!\n",
630 __func__);
631 ret = -EMSGSIZE;
632 goto err;
636 * Check if SAR is enabled, and the frame is larger than the
637 * TxMaxSduSize
639 if ((self->tx_max_sdu_size != 0) &&
640 (self->tx_max_sdu_size != TTP_SAR_UNBOUND) &&
641 (skb->len > self->tx_max_sdu_size))
643 IRDA_ERROR("%s: SAR enabled, but data is larger than TxMaxSduSize!\n",
644 __func__);
645 ret = -EMSGSIZE;
646 goto err;
649 * Check if transmit queue is full
651 if (skb_queue_len(&self->tx_queue) >= TTP_TX_MAX_QUEUE) {
653 * Give it a chance to empty itself
655 irttp_run_tx_queue(self);
657 /* Drop packet. This error code should trigger the caller
658 * to resend the data in the client code - Jean II */
659 ret = -ENOBUFS;
660 goto err;
663 /* Queue frame, or queue frame segments */
664 if ((self->tx_max_sdu_size == 0) || (skb->len < self->max_seg_size)) {
665 /* Queue frame */
666 IRDA_ASSERT(skb_headroom(skb) >= TTP_HEADER, return -1;);
667 frame = skb_push(skb, TTP_HEADER);
668 frame[0] = 0x00; /* Clear more bit */
670 skb_queue_tail(&self->tx_queue, skb);
671 } else {
673 * Fragment the frame, this function will also queue the
674 * fragments, we don't care about the fact the transmit
675 * queue may be overfilled by all the segments for a little
676 * while
678 irttp_fragment_skb(self, skb);
681 /* Check if we can accept more data from client */
682 if ((!self->tx_sdu_busy) &&
683 (skb_queue_len(&self->tx_queue) > TTP_TX_HIGH_THRESHOLD)) {
684 /* Tx queue filling up, so stop client. */
685 if (self->notify.flow_indication) {
686 self->notify.flow_indication(self->notify.instance,
687 self, FLOW_STOP);
689 /* self->tx_sdu_busy is the state of the client.
690 * Update state after notifying client to avoid
691 * race condition with irttp_flow_indication().
692 * If the queue empty itself after our test but before
693 * we set the flag, we will fix ourselves below in
694 * irttp_run_tx_queue().
695 * Jean II */
696 self->tx_sdu_busy = TRUE;
699 /* Try to make some progress */
700 irttp_run_tx_queue(self);
702 return 0;
704 err:
705 dev_kfree_skb(skb);
706 return ret;
708 EXPORT_SYMBOL(irttp_data_request);
711 * Function irttp_run_tx_queue (self)
713 * Transmit packets queued for transmission (if possible)
716 static void irttp_run_tx_queue(struct tsap_cb *self)
718 struct sk_buff *skb;
719 unsigned long flags;
720 int n;
722 IRDA_DEBUG(2, "%s() : send_credit = %d, queue_len = %d\n",
723 __func__,
724 self->send_credit, skb_queue_len(&self->tx_queue));
726 /* Get exclusive access to the tx queue, otherwise don't touch it */
727 if (irda_lock(&self->tx_queue_lock) == FALSE)
728 return;
730 /* Try to send out frames as long as we have credits
731 * and as long as LAP is not full. If LAP is full, it will
732 * poll us through irttp_flow_indication() - Jean II */
733 while ((self->send_credit > 0) &&
734 (!irlmp_lap_tx_queue_full(self->lsap)) &&
735 (skb = skb_dequeue(&self->tx_queue)))
738 * Since we can transmit and receive frames concurrently,
739 * the code below is a critical region and we must assure that
740 * nobody messes with the credits while we update them.
742 spin_lock_irqsave(&self->lock, flags);
744 n = self->avail_credit;
745 self->avail_credit = 0;
747 /* Only room for 127 credits in frame */
748 if (n > 127) {
749 self->avail_credit = n-127;
750 n = 127;
752 self->remote_credit += n;
753 self->send_credit--;
755 spin_unlock_irqrestore(&self->lock, flags);
758 * More bit must be set by the data_request() or fragment()
759 * functions
761 skb->data[0] |= (n & 0x7f);
763 /* Detach from socket.
764 * The current skb has a reference to the socket that sent
765 * it (skb->sk). When we pass it to IrLMP, the skb will be
766 * stored in in IrLAP (self->wx_list). When we are within
767 * IrLAP, we lose the notion of socket, so we should not
768 * have a reference to a socket. So, we drop it here.
770 * Why does it matter ?
771 * When the skb is freed (kfree_skb), if it is associated
772 * with a socket, it release buffer space on the socket
773 * (through sock_wfree() and sock_def_write_space()).
774 * If the socket no longer exist, we may crash. Hard.
775 * When we close a socket, we make sure that associated packets
776 * in IrTTP are freed. However, we have no way to cancel
777 * the packet that we have passed to IrLAP. So, if a packet
778 * remains in IrLAP (retry on the link or else) after we
779 * close the socket, we are dead !
780 * Jean II */
781 if (skb->sk != NULL) {
782 /* IrSOCK application, IrOBEX, ... */
783 skb_orphan(skb);
785 /* IrCOMM over IrTTP, IrLAN, ... */
787 /* Pass the skb to IrLMP - done */
788 irlmp_data_request(self->lsap, skb);
789 self->stats.tx_packets++;
792 /* Check if we can accept more frames from client.
793 * We don't want to wait until the todo timer to do that, and we
794 * can't use tasklets (grr...), so we are obliged to give control
795 * to client. That's ok, this test will be true not too often
796 * (max once per LAP window) and we are called from places
797 * where we can spend a bit of time doing stuff. - Jean II */
798 if ((self->tx_sdu_busy) &&
799 (skb_queue_len(&self->tx_queue) < TTP_TX_LOW_THRESHOLD) &&
800 (!self->close_pend))
802 if (self->notify.flow_indication)
803 self->notify.flow_indication(self->notify.instance,
804 self, FLOW_START);
806 /* self->tx_sdu_busy is the state of the client.
807 * We don't really have a race here, but it's always safer
808 * to update our state after the client - Jean II */
809 self->tx_sdu_busy = FALSE;
812 /* Reset lock */
813 self->tx_queue_lock = 0;
817 * Function irttp_give_credit (self)
819 * Send a dataless flowdata TTP-PDU and give available credit to peer
820 * TSAP
822 static inline void irttp_give_credit(struct tsap_cb *self)
824 struct sk_buff *tx_skb = NULL;
825 unsigned long flags;
826 int n;
828 IRDA_ASSERT(self != NULL, return;);
829 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
831 IRDA_DEBUG(4, "%s() send=%d,avail=%d,remote=%d\n",
832 __func__,
833 self->send_credit, self->avail_credit, self->remote_credit);
835 /* Give credit to peer */
836 tx_skb = alloc_skb(TTP_MAX_HEADER, GFP_ATOMIC);
837 if (!tx_skb)
838 return;
840 /* Reserve space for LMP, and LAP header */
841 skb_reserve(tx_skb, LMP_MAX_HEADER);
844 * Since we can transmit and receive frames concurrently,
845 * the code below is a critical region and we must assure that
846 * nobody messes with the credits while we update them.
848 spin_lock_irqsave(&self->lock, flags);
850 n = self->avail_credit;
851 self->avail_credit = 0;
853 /* Only space for 127 credits in frame */
854 if (n > 127) {
855 self->avail_credit = n - 127;
856 n = 127;
858 self->remote_credit += n;
860 spin_unlock_irqrestore(&self->lock, flags);
862 skb_put(tx_skb, 1);
863 tx_skb->data[0] = (__u8) (n & 0x7f);
865 irlmp_data_request(self->lsap, tx_skb);
866 self->stats.tx_packets++;
870 * Function irttp_udata_indication (instance, sap, skb)
872 * Received some unit-data (unreliable)
875 static int irttp_udata_indication(void *instance, void *sap,
876 struct sk_buff *skb)
878 struct tsap_cb *self;
879 int err;
881 IRDA_DEBUG(4, "%s()\n", __func__);
883 self = instance;
885 IRDA_ASSERT(self != NULL, return -1;);
886 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
887 IRDA_ASSERT(skb != NULL, return -1;);
889 self->stats.rx_packets++;
891 /* Just pass data to layer above */
892 if (self->notify.udata_indication) {
893 err = self->notify.udata_indication(self->notify.instance,
894 self,skb);
895 /* Same comment as in irttp_do_data_indication() */
896 if (!err)
897 return 0;
899 /* Either no handler, or handler returns an error */
900 dev_kfree_skb(skb);
902 return 0;
906 * Function irttp_data_indication (instance, sap, skb)
908 * Receive segment from IrLMP.
911 static int irttp_data_indication(void *instance, void *sap,
912 struct sk_buff *skb)
914 struct tsap_cb *self;
915 unsigned long flags;
916 int n;
918 self = instance;
920 n = skb->data[0] & 0x7f; /* Extract the credits */
922 self->stats.rx_packets++;
924 /* Deal with inbound credit
925 * Since we can transmit and receive frames concurrently,
926 * the code below is a critical region and we must assure that
927 * nobody messes with the credits while we update them.
929 spin_lock_irqsave(&self->lock, flags);
930 self->send_credit += n;
931 if (skb->len > 1)
932 self->remote_credit--;
933 spin_unlock_irqrestore(&self->lock, flags);
936 * Data or dataless packet? Dataless frames contains only the
937 * TTP_HEADER.
939 if (skb->len > 1) {
941 * We don't remove the TTP header, since we must preserve the
942 * more bit, so the defragment routing knows what to do
944 skb_queue_tail(&self->rx_queue, skb);
945 } else {
946 /* Dataless flowdata TTP-PDU */
947 dev_kfree_skb(skb);
951 /* Push data to the higher layer.
952 * We do it synchronously because running the todo timer for each
953 * receive packet would be too much overhead and latency.
954 * By passing control to the higher layer, we run the risk that
955 * it may take time or grab a lock. Most often, the higher layer
956 * will only put packet in a queue.
957 * Anyway, packets are only dripping through the IrDA, so we can
958 * have time before the next packet.
959 * Further, we are run from NET_BH, so the worse that can happen is
960 * us missing the optimal time to send back the PF bit in LAP.
961 * Jean II */
962 irttp_run_rx_queue(self);
964 /* We now give credits to peer in irttp_run_rx_queue().
965 * We need to send credit *NOW*, otherwise we are going
966 * to miss the next Tx window. The todo timer may take
967 * a while before it's run... - Jean II */
970 * If the peer device has given us some credits and we didn't have
971 * anyone from before, then we need to shedule the tx queue.
972 * We need to do that because our Tx have stopped (so we may not
973 * get any LAP flow indication) and the user may be stopped as
974 * well. - Jean II
976 if (self->send_credit == n) {
977 /* Restart pushing stuff to LAP */
978 irttp_run_tx_queue(self);
979 /* Note : we don't want to schedule the todo timer
980 * because it has horrible latency. No tasklets
981 * because the tasklet API is broken. - Jean II */
984 return 0;
988 * Function irttp_status_indication (self, reason)
990 * Status_indication, just pass to the higher layer...
993 static void irttp_status_indication(void *instance,
994 LINK_STATUS link, LOCK_STATUS lock)
996 struct tsap_cb *self;
998 IRDA_DEBUG(4, "%s()\n", __func__);
1000 self = instance;
1002 IRDA_ASSERT(self != NULL, return;);
1003 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1005 /* Check if client has already closed the TSAP and gone away */
1006 if (self->close_pend)
1007 return;
1010 * Inform service user if he has requested it
1012 if (self->notify.status_indication != NULL)
1013 self->notify.status_indication(self->notify.instance,
1014 link, lock);
1015 else
1016 IRDA_DEBUG(2, "%s(), no handler\n", __func__);
1020 * Function irttp_flow_indication (self, reason)
1022 * Flow_indication : IrLAP tells us to send more data.
1025 static void irttp_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
1027 struct tsap_cb *self;
1029 self = instance;
1031 IRDA_ASSERT(self != NULL, return;);
1032 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1034 IRDA_DEBUG(4, "%s(instance=%p)\n", __func__, self);
1036 /* We are "polled" directly from LAP, and the LAP want to fill
1037 * its Tx window. We want to do our best to send it data, so that
1038 * we maximise the window. On the other hand, we want to limit the
1039 * amount of work here so that LAP doesn't hang forever waiting
1040 * for packets. - Jean II */
1042 /* Try to send some packets. Currently, LAP calls us every time
1043 * there is one free slot, so we will send only one packet.
1044 * This allow the scheduler to do its round robin - Jean II */
1045 irttp_run_tx_queue(self);
1047 /* Note regarding the interraction with higher layer.
1048 * irttp_run_tx_queue() may call the client when its queue
1049 * start to empty, via notify.flow_indication(). Initially.
1050 * I wanted this to happen in a tasklet, to avoid client
1051 * grabbing the CPU, but we can't use tasklets safely. And timer
1052 * is definitely too slow.
1053 * This will happen only once per LAP window, and usually at
1054 * the third packet (unless window is smaller). LAP is still
1055 * doing mtt and sending first packet so it's sort of OK
1056 * to do that. Jean II */
1058 /* If we need to send disconnect. try to do it now */
1059 if(self->disconnect_pend)
1060 irttp_start_todo_timer(self, 0);
1064 * Function irttp_flow_request (self, command)
1066 * This function could be used by the upper layers to tell IrTTP to stop
1067 * delivering frames if the receive queues are starting to get full, or
1068 * to tell IrTTP to start delivering frames again.
1070 void irttp_flow_request(struct tsap_cb *self, LOCAL_FLOW flow)
1072 IRDA_DEBUG(1, "%s()\n", __func__);
1074 IRDA_ASSERT(self != NULL, return;);
1075 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1077 switch (flow) {
1078 case FLOW_STOP:
1079 IRDA_DEBUG(1, "%s(), flow stop\n", __func__);
1080 self->rx_sdu_busy = TRUE;
1081 break;
1082 case FLOW_START:
1083 IRDA_DEBUG(1, "%s(), flow start\n", __func__);
1084 self->rx_sdu_busy = FALSE;
1086 /* Client say he can accept more data, try to free our
1087 * queues ASAP - Jean II */
1088 irttp_run_rx_queue(self);
1090 break;
1091 default:
1092 IRDA_DEBUG(1, "%s(), Unknown flow command!\n", __func__);
1095 EXPORT_SYMBOL(irttp_flow_request);
1098 * Function irttp_connect_request (self, dtsap_sel, daddr, qos)
1100 * Try to connect to remote destination TSAP selector
1103 int irttp_connect_request(struct tsap_cb *self, __u8 dtsap_sel,
1104 __u32 saddr, __u32 daddr,
1105 struct qos_info *qos, __u32 max_sdu_size,
1106 struct sk_buff *userdata)
1108 struct sk_buff *tx_skb;
1109 __u8 *frame;
1110 __u8 n;
1112 IRDA_DEBUG(4, "%s(), max_sdu_size=%d\n", __func__, max_sdu_size);
1114 IRDA_ASSERT(self != NULL, return -EBADR;);
1115 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -EBADR;);
1117 if (self->connected) {
1118 if(userdata)
1119 dev_kfree_skb(userdata);
1120 return -EISCONN;
1123 /* Any userdata supplied? */
1124 if (userdata == NULL) {
1125 tx_skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
1126 GFP_ATOMIC);
1127 if (!tx_skb)
1128 return -ENOMEM;
1130 /* Reserve space for MUX_CONTROL and LAP header */
1131 skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER);
1132 } else {
1133 tx_skb = userdata;
1135 * Check that the client has reserved enough space for
1136 * headers
1138 IRDA_ASSERT(skb_headroom(userdata) >= TTP_MAX_HEADER,
1139 { dev_kfree_skb(userdata); return -1; } );
1142 /* Initialize connection parameters */
1143 self->connected = FALSE;
1144 self->avail_credit = 0;
1145 self->rx_max_sdu_size = max_sdu_size;
1146 self->rx_sdu_size = 0;
1147 self->rx_sdu_busy = FALSE;
1148 self->dtsap_sel = dtsap_sel;
1150 n = self->initial_credit;
1152 self->remote_credit = 0;
1153 self->send_credit = 0;
1156 * Give away max 127 credits for now
1158 if (n > 127) {
1159 self->avail_credit=n-127;
1160 n = 127;
1163 self->remote_credit = n;
1165 /* SAR enabled? */
1166 if (max_sdu_size > 0) {
1167 IRDA_ASSERT(skb_headroom(tx_skb) >= (TTP_MAX_HEADER + TTP_SAR_HEADER),
1168 { dev_kfree_skb(tx_skb); return -1; } );
1170 /* Insert SAR parameters */
1171 frame = skb_push(tx_skb, TTP_HEADER+TTP_SAR_HEADER);
1173 frame[0] = TTP_PARAMETERS | n;
1174 frame[1] = 0x04; /* Length */
1175 frame[2] = 0x01; /* MaxSduSize */
1176 frame[3] = 0x02; /* Value length */
1178 put_unaligned(cpu_to_be16((__u16) max_sdu_size),
1179 (__be16 *)(frame+4));
1180 } else {
1181 /* Insert plain TTP header */
1182 frame = skb_push(tx_skb, TTP_HEADER);
1184 /* Insert initial credit in frame */
1185 frame[0] = n & 0x7f;
1188 /* Connect with IrLMP. No QoS parameters for now */
1189 return irlmp_connect_request(self->lsap, dtsap_sel, saddr, daddr, qos,
1190 tx_skb);
1192 EXPORT_SYMBOL(irttp_connect_request);
1195 * Function irttp_connect_confirm (handle, qos, skb)
1197 * Service user confirms TSAP connection with peer.
1200 static void irttp_connect_confirm(void *instance, void *sap,
1201 struct qos_info *qos, __u32 max_seg_size,
1202 __u8 max_header_size, struct sk_buff *skb)
1204 struct tsap_cb *self;
1205 int parameters;
1206 int ret;
1207 __u8 plen;
1208 __u8 n;
1210 IRDA_DEBUG(4, "%s()\n", __func__);
1212 self = instance;
1214 IRDA_ASSERT(self != NULL, return;);
1215 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1216 IRDA_ASSERT(skb != NULL, return;);
1218 self->max_seg_size = max_seg_size - TTP_HEADER;
1219 self->max_header_size = max_header_size + TTP_HEADER;
1222 * Check if we have got some QoS parameters back! This should be the
1223 * negotiated QoS for the link.
1225 if (qos) {
1226 IRDA_DEBUG(4, "IrTTP, Negotiated BAUD_RATE: %02x\n",
1227 qos->baud_rate.bits);
1228 IRDA_DEBUG(4, "IrTTP, Negotiated BAUD_RATE: %d bps.\n",
1229 qos->baud_rate.value);
1232 n = skb->data[0] & 0x7f;
1234 IRDA_DEBUG(4, "%s(), Initial send_credit=%d\n", __func__, n);
1236 self->send_credit = n;
1237 self->tx_max_sdu_size = 0;
1238 self->connected = TRUE;
1240 parameters = skb->data[0] & 0x80;
1242 IRDA_ASSERT(skb->len >= TTP_HEADER, return;);
1243 skb_pull(skb, TTP_HEADER);
1245 if (parameters) {
1246 plen = skb->data[0];
1248 ret = irda_param_extract_all(self, skb->data+1,
1249 IRDA_MIN(skb->len-1, plen),
1250 &param_info);
1252 /* Any errors in the parameter list? */
1253 if (ret < 0) {
1254 IRDA_WARNING("%s: error extracting parameters\n",
1255 __func__);
1256 dev_kfree_skb(skb);
1258 /* Do not accept this connection attempt */
1259 return;
1261 /* Remove parameters */
1262 skb_pull(skb, IRDA_MIN(skb->len, plen+1));
1265 IRDA_DEBUG(4, "%s() send=%d,avail=%d,remote=%d\n", __func__,
1266 self->send_credit, self->avail_credit, self->remote_credit);
1268 IRDA_DEBUG(2, "%s(), MaxSduSize=%d\n", __func__,
1269 self->tx_max_sdu_size);
1271 if (self->notify.connect_confirm) {
1272 self->notify.connect_confirm(self->notify.instance, self, qos,
1273 self->tx_max_sdu_size,
1274 self->max_header_size, skb);
1275 } else
1276 dev_kfree_skb(skb);
1280 * Function irttp_connect_indication (handle, skb)
1282 * Some other device is connecting to this TSAP
1285 static void irttp_connect_indication(void *instance, void *sap,
1286 struct qos_info *qos, __u32 max_seg_size, __u8 max_header_size,
1287 struct sk_buff *skb)
1289 struct tsap_cb *self;
1290 struct lsap_cb *lsap;
1291 int parameters;
1292 int ret;
1293 __u8 plen;
1294 __u8 n;
1296 self = instance;
1298 IRDA_ASSERT(self != NULL, return;);
1299 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1300 IRDA_ASSERT(skb != NULL, return;);
1302 lsap = sap;
1304 self->max_seg_size = max_seg_size - TTP_HEADER;
1305 self->max_header_size = max_header_size+TTP_HEADER;
1307 IRDA_DEBUG(4, "%s(), TSAP sel=%02x\n", __func__, self->stsap_sel);
1309 /* Need to update dtsap_sel if its equal to LSAP_ANY */
1310 self->dtsap_sel = lsap->dlsap_sel;
1312 n = skb->data[0] & 0x7f;
1314 self->send_credit = n;
1315 self->tx_max_sdu_size = 0;
1317 parameters = skb->data[0] & 0x80;
1319 IRDA_ASSERT(skb->len >= TTP_HEADER, return;);
1320 skb_pull(skb, TTP_HEADER);
1322 if (parameters) {
1323 plen = skb->data[0];
1325 ret = irda_param_extract_all(self, skb->data+1,
1326 IRDA_MIN(skb->len-1, plen),
1327 &param_info);
1329 /* Any errors in the parameter list? */
1330 if (ret < 0) {
1331 IRDA_WARNING("%s: error extracting parameters\n",
1332 __func__);
1333 dev_kfree_skb(skb);
1335 /* Do not accept this connection attempt */
1336 return;
1339 /* Remove parameters */
1340 skb_pull(skb, IRDA_MIN(skb->len, plen+1));
1343 if (self->notify.connect_indication) {
1344 self->notify.connect_indication(self->notify.instance, self,
1345 qos, self->tx_max_sdu_size,
1346 self->max_header_size, skb);
1347 } else
1348 dev_kfree_skb(skb);
1352 * Function irttp_connect_response (handle, userdata)
1354 * Service user is accepting the connection, just pass it down to
1355 * IrLMP!
1358 int irttp_connect_response(struct tsap_cb *self, __u32 max_sdu_size,
1359 struct sk_buff *userdata)
1361 struct sk_buff *tx_skb;
1362 __u8 *frame;
1363 int ret;
1364 __u8 n;
1366 IRDA_ASSERT(self != NULL, return -1;);
1367 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
1369 IRDA_DEBUG(4, "%s(), Source TSAP selector=%02x\n", __func__,
1370 self->stsap_sel);
1372 /* Any userdata supplied? */
1373 if (userdata == NULL) {
1374 tx_skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
1375 GFP_ATOMIC);
1376 if (!tx_skb)
1377 return -ENOMEM;
1379 /* Reserve space for MUX_CONTROL and LAP header */
1380 skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER);
1381 } else {
1382 tx_skb = userdata;
1384 * Check that the client has reserved enough space for
1385 * headers
1387 IRDA_ASSERT(skb_headroom(userdata) >= TTP_MAX_HEADER,
1388 { dev_kfree_skb(userdata); return -1; } );
1391 self->avail_credit = 0;
1392 self->remote_credit = 0;
1393 self->rx_max_sdu_size = max_sdu_size;
1394 self->rx_sdu_size = 0;
1395 self->rx_sdu_busy = FALSE;
1397 n = self->initial_credit;
1399 /* Frame has only space for max 127 credits (7 bits) */
1400 if (n > 127) {
1401 self->avail_credit = n - 127;
1402 n = 127;
1405 self->remote_credit = n;
1406 self->connected = TRUE;
1408 /* SAR enabled? */
1409 if (max_sdu_size > 0) {
1410 IRDA_ASSERT(skb_headroom(tx_skb) >= (TTP_MAX_HEADER + TTP_SAR_HEADER),
1411 { dev_kfree_skb(tx_skb); return -1; } );
1413 /* Insert TTP header with SAR parameters */
1414 frame = skb_push(tx_skb, TTP_HEADER+TTP_SAR_HEADER);
1416 frame[0] = TTP_PARAMETERS | n;
1417 frame[1] = 0x04; /* Length */
1419 /* irda_param_insert(self, IRTTP_MAX_SDU_SIZE, frame+1, */
1420 /* TTP_SAR_HEADER, &param_info) */
1422 frame[2] = 0x01; /* MaxSduSize */
1423 frame[3] = 0x02; /* Value length */
1425 put_unaligned(cpu_to_be16((__u16) max_sdu_size),
1426 (__be16 *)(frame+4));
1427 } else {
1428 /* Insert TTP header */
1429 frame = skb_push(tx_skb, TTP_HEADER);
1431 frame[0] = n & 0x7f;
1434 ret = irlmp_connect_response(self->lsap, tx_skb);
1436 return ret;
1438 EXPORT_SYMBOL(irttp_connect_response);
1441 * Function irttp_dup (self, instance)
1443 * Duplicate TSAP, can be used by servers to confirm a connection on a
1444 * new TSAP so it can keep listening on the old one.
1446 struct tsap_cb *irttp_dup(struct tsap_cb *orig, void *instance)
1448 struct tsap_cb *new;
1449 unsigned long flags;
1451 IRDA_DEBUG(1, "%s()\n", __func__);
1453 /* Protect our access to the old tsap instance */
1454 spin_lock_irqsave(&irttp->tsaps->hb_spinlock, flags);
1456 /* Find the old instance */
1457 if (!hashbin_find(irttp->tsaps, (long) orig, NULL)) {
1458 IRDA_DEBUG(0, "%s(), unable to find TSAP\n", __func__);
1459 spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1460 return NULL;
1463 /* Allocate a new instance */
1464 new = kmemdup(orig, sizeof(struct tsap_cb), GFP_ATOMIC);
1465 if (!new) {
1466 IRDA_DEBUG(0, "%s(), unable to kmalloc\n", __func__);
1467 spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1468 return NULL;
1470 spin_lock_init(&new->lock);
1472 /* We don't need the old instance any more */
1473 spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1475 /* Try to dup the LSAP (may fail if we were too slow) */
1476 new->lsap = irlmp_dup(orig->lsap, new);
1477 if (!new->lsap) {
1478 IRDA_DEBUG(0, "%s(), dup failed!\n", __func__);
1479 kfree(new);
1480 return NULL;
1483 /* Not everything should be copied */
1484 new->notify.instance = instance;
1486 /* Initialize internal objects */
1487 irttp_init_tsap(new);
1489 /* This is locked */
1490 hashbin_insert(irttp->tsaps, (irda_queue_t *) new, (long) new, NULL);
1492 return new;
1494 EXPORT_SYMBOL(irttp_dup);
1497 * Function irttp_disconnect_request (self)
1499 * Close this connection please! If priority is high, the queued data
1500 * segments, if any, will be deallocated first
1503 int irttp_disconnect_request(struct tsap_cb *self, struct sk_buff *userdata,
1504 int priority)
1506 int ret;
1508 IRDA_ASSERT(self != NULL, return -1;);
1509 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
1511 /* Already disconnected? */
1512 if (!self->connected) {
1513 IRDA_DEBUG(4, "%s(), already disconnected!\n", __func__);
1514 if (userdata)
1515 dev_kfree_skb(userdata);
1516 return -1;
1519 /* Disconnect already pending ?
1520 * We need to use an atomic operation to prevent reentry. This
1521 * function may be called from various context, like user, timer
1522 * for following a disconnect_indication() (i.e. net_bh).
1523 * Jean II */
1524 if(test_and_set_bit(0, &self->disconnect_pend)) {
1525 IRDA_DEBUG(0, "%s(), disconnect already pending\n",
1526 __func__);
1527 if (userdata)
1528 dev_kfree_skb(userdata);
1530 /* Try to make some progress */
1531 irttp_run_tx_queue(self);
1532 return -1;
1536 * Check if there is still data segments in the transmit queue
1538 if (!skb_queue_empty(&self->tx_queue)) {
1539 if (priority == P_HIGH) {
1541 * No need to send the queued data, if we are
1542 * disconnecting right now since the data will
1543 * not have any usable connection to be sent on
1545 IRDA_DEBUG(1, "%s(): High priority!!()\n", __func__);
1546 irttp_flush_queues(self);
1547 } else if (priority == P_NORMAL) {
1549 * Must delay disconnect until after all data segments
1550 * have been sent and the tx_queue is empty
1552 /* We'll reuse this one later for the disconnect */
1553 self->disconnect_skb = userdata; /* May be NULL */
1555 irttp_run_tx_queue(self);
1557 irttp_start_todo_timer(self, HZ/10);
1558 return -1;
1561 /* Note : we don't need to check if self->rx_queue is full and the
1562 * state of self->rx_sdu_busy because the disconnect response will
1563 * be sent at the LMP level (so even if the peer has its Tx queue
1564 * full of data). - Jean II */
1566 IRDA_DEBUG(1, "%s(), Disconnecting ...\n", __func__);
1567 self->connected = FALSE;
1569 if (!userdata) {
1570 struct sk_buff *tx_skb;
1571 tx_skb = alloc_skb(LMP_MAX_HEADER, GFP_ATOMIC);
1572 if (!tx_skb)
1573 return -ENOMEM;
1576 * Reserve space for MUX and LAP header
1578 skb_reserve(tx_skb, LMP_MAX_HEADER);
1580 userdata = tx_skb;
1582 ret = irlmp_disconnect_request(self->lsap, userdata);
1584 /* The disconnect is no longer pending */
1585 clear_bit(0, &self->disconnect_pend); /* FALSE */
1587 return ret;
1589 EXPORT_SYMBOL(irttp_disconnect_request);
1592 * Function irttp_disconnect_indication (self, reason)
1594 * Disconnect indication, TSAP disconnected by peer?
1597 static void irttp_disconnect_indication(void *instance, void *sap,
1598 LM_REASON reason, struct sk_buff *skb)
1600 struct tsap_cb *self;
1602 IRDA_DEBUG(4, "%s()\n", __func__);
1604 self = instance;
1606 IRDA_ASSERT(self != NULL, return;);
1607 IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1609 /* Prevent higher layer to send more data */
1610 self->connected = FALSE;
1612 /* Check if client has already tried to close the TSAP */
1613 if (self->close_pend) {
1614 /* In this case, the higher layer is probably gone. Don't
1615 * bother it and clean up the remains - Jean II */
1616 if (skb)
1617 dev_kfree_skb(skb);
1618 irttp_close_tsap(self);
1619 return;
1622 /* If we are here, we assume that is the higher layer is still
1623 * waiting for the disconnect notification and able to process it,
1624 * even if he tried to disconnect. Otherwise, it would have already
1625 * attempted to close the tsap and self->close_pend would be TRUE.
1626 * Jean II */
1628 /* No need to notify the client if has already tried to disconnect */
1629 if(self->notify.disconnect_indication)
1630 self->notify.disconnect_indication(self->notify.instance, self,
1631 reason, skb);
1632 else
1633 if (skb)
1634 dev_kfree_skb(skb);
1638 * Function irttp_do_data_indication (self, skb)
1640 * Try to deliver reassembled skb to layer above, and requeue it if that
1641 * for some reason should fail. We mark rx sdu as busy to apply back
1642 * pressure is necessary.
1644 static void irttp_do_data_indication(struct tsap_cb *self, struct sk_buff *skb)
1646 int err;
1648 /* Check if client has already closed the TSAP and gone away */
1649 if (self->close_pend) {
1650 dev_kfree_skb(skb);
1651 return;
1654 err = self->notify.data_indication(self->notify.instance, self, skb);
1656 /* Usually the layer above will notify that it's input queue is
1657 * starting to get filled by using the flow request, but this may
1658 * be difficult, so it can instead just refuse to eat it and just
1659 * give an error back
1661 if (err) {
1662 IRDA_DEBUG(0, "%s() requeueing skb!\n", __func__);
1664 /* Make sure we take a break */
1665 self->rx_sdu_busy = TRUE;
1667 /* Need to push the header in again */
1668 skb_push(skb, TTP_HEADER);
1669 skb->data[0] = 0x00; /* Make sure MORE bit is cleared */
1671 /* Put skb back on queue */
1672 skb_queue_head(&self->rx_queue, skb);
1677 * Function irttp_run_rx_queue (self)
1679 * Check if we have any frames to be transmitted, or if we have any
1680 * available credit to give away.
1682 static void irttp_run_rx_queue(struct tsap_cb *self)
1684 struct sk_buff *skb;
1685 int more = 0;
1687 IRDA_DEBUG(2, "%s() send=%d,avail=%d,remote=%d\n", __func__,
1688 self->send_credit, self->avail_credit, self->remote_credit);
1690 /* Get exclusive access to the rx queue, otherwise don't touch it */
1691 if (irda_lock(&self->rx_queue_lock) == FALSE)
1692 return;
1695 * Reassemble all frames in receive queue and deliver them
1697 while (!self->rx_sdu_busy && (skb = skb_dequeue(&self->rx_queue))) {
1698 /* This bit will tell us if it's the last fragment or not */
1699 more = skb->data[0] & 0x80;
1701 /* Remove TTP header */
1702 skb_pull(skb, TTP_HEADER);
1704 /* Add the length of the remaining data */
1705 self->rx_sdu_size += skb->len;
1708 * If SAR is disabled, or user has requested no reassembly
1709 * of received fragments then we just deliver them
1710 * immediately. This can be requested by clients that
1711 * implements byte streams without any message boundaries
1713 if (self->rx_max_sdu_size == TTP_SAR_DISABLE) {
1714 irttp_do_data_indication(self, skb);
1715 self->rx_sdu_size = 0;
1717 continue;
1720 /* Check if this is a fragment, and not the last fragment */
1721 if (more) {
1723 * Queue the fragment if we still are within the
1724 * limits of the maximum size of the rx_sdu
1726 if (self->rx_sdu_size <= self->rx_max_sdu_size) {
1727 IRDA_DEBUG(4, "%s(), queueing frag\n",
1728 __func__);
1729 skb_queue_tail(&self->rx_fragments, skb);
1730 } else {
1731 /* Free the part of the SDU that is too big */
1732 dev_kfree_skb(skb);
1734 continue;
1737 * This is the last fragment, so time to reassemble!
1739 if ((self->rx_sdu_size <= self->rx_max_sdu_size) ||
1740 (self->rx_max_sdu_size == TTP_SAR_UNBOUND))
1743 * A little optimizing. Only queue the fragment if
1744 * there are other fragments. Since if this is the
1745 * last and only fragment, there is no need to
1746 * reassemble :-)
1748 if (!skb_queue_empty(&self->rx_fragments)) {
1749 skb_queue_tail(&self->rx_fragments,
1750 skb);
1752 skb = irttp_reassemble_skb(self);
1755 /* Now we can deliver the reassembled skb */
1756 irttp_do_data_indication(self, skb);
1757 } else {
1758 IRDA_DEBUG(1, "%s(), Truncated frame\n", __func__);
1760 /* Free the part of the SDU that is too big */
1761 dev_kfree_skb(skb);
1763 /* Deliver only the valid but truncated part of SDU */
1764 skb = irttp_reassemble_skb(self);
1766 irttp_do_data_indication(self, skb);
1768 self->rx_sdu_size = 0;
1772 * It's not trivial to keep track of how many credits are available
1773 * by incrementing at each packet, because delivery may fail
1774 * (irttp_do_data_indication() may requeue the frame) and because
1775 * we need to take care of fragmentation.
1776 * We want the other side to send up to initial_credit packets.
1777 * We have some frames in our queues, and we have already allowed it
1778 * to send remote_credit.
1779 * No need to spinlock, write is atomic and self correcting...
1780 * Jean II
1782 self->avail_credit = (self->initial_credit -
1783 (self->remote_credit +
1784 skb_queue_len(&self->rx_queue) +
1785 skb_queue_len(&self->rx_fragments)));
1787 /* Do we have too much credits to send to peer ? */
1788 if ((self->remote_credit <= TTP_RX_MIN_CREDIT) &&
1789 (self->avail_credit > 0)) {
1790 /* Send explicit credit frame */
1791 irttp_give_credit(self);
1792 /* Note : do *NOT* check if tx_queue is non-empty, that
1793 * will produce deadlocks. I repeat : send a credit frame
1794 * even if we have something to send in our Tx queue.
1795 * If we have credits, it means that our Tx queue is blocked.
1797 * Let's suppose the peer can't keep up with our Tx. He will
1798 * flow control us by not sending us any credits, and we
1799 * will stop Tx and start accumulating credits here.
1800 * Up to the point where the peer will stop its Tx queue,
1801 * for lack of credits.
1802 * Let's assume the peer application is single threaded.
1803 * It will block on Tx and never consume any Rx buffer.
1804 * Deadlock. Guaranteed. - Jean II
1808 /* Reset lock */
1809 self->rx_queue_lock = 0;
1812 #ifdef CONFIG_PROC_FS
1813 struct irttp_iter_state {
1814 int id;
1817 static void *irttp_seq_start(struct seq_file *seq, loff_t *pos)
1819 struct irttp_iter_state *iter = seq->private;
1820 struct tsap_cb *self;
1822 /* Protect our access to the tsap list */
1823 spin_lock_irq(&irttp->tsaps->hb_spinlock);
1824 iter->id = 0;
1826 for (self = (struct tsap_cb *) hashbin_get_first(irttp->tsaps);
1827 self != NULL;
1828 self = (struct tsap_cb *) hashbin_get_next(irttp->tsaps)) {
1829 if (iter->id == *pos)
1830 break;
1831 ++iter->id;
1834 return self;
1837 static void *irttp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1839 struct irttp_iter_state *iter = seq->private;
1841 ++*pos;
1842 ++iter->id;
1843 return (void *) hashbin_get_next(irttp->tsaps);
1846 static void irttp_seq_stop(struct seq_file *seq, void *v)
1848 spin_unlock_irq(&irttp->tsaps->hb_spinlock);
1851 static int irttp_seq_show(struct seq_file *seq, void *v)
1853 const struct irttp_iter_state *iter = seq->private;
1854 const struct tsap_cb *self = v;
1856 seq_printf(seq, "TSAP %d, ", iter->id);
1857 seq_printf(seq, "stsap_sel: %02x, ",
1858 self->stsap_sel);
1859 seq_printf(seq, "dtsap_sel: %02x\n",
1860 self->dtsap_sel);
1861 seq_printf(seq, " connected: %s, ",
1862 self->connected? "TRUE":"FALSE");
1863 seq_printf(seq, "avail credit: %d, ",
1864 self->avail_credit);
1865 seq_printf(seq, "remote credit: %d, ",
1866 self->remote_credit);
1867 seq_printf(seq, "send credit: %d\n",
1868 self->send_credit);
1869 seq_printf(seq, " tx packets: %lu, ",
1870 self->stats.tx_packets);
1871 seq_printf(seq, "rx packets: %lu, ",
1872 self->stats.rx_packets);
1873 seq_printf(seq, "tx_queue len: %u ",
1874 skb_queue_len(&self->tx_queue));
1875 seq_printf(seq, "rx_queue len: %u\n",
1876 skb_queue_len(&self->rx_queue));
1877 seq_printf(seq, " tx_sdu_busy: %s, ",
1878 self->tx_sdu_busy? "TRUE":"FALSE");
1879 seq_printf(seq, "rx_sdu_busy: %s\n",
1880 self->rx_sdu_busy? "TRUE":"FALSE");
1881 seq_printf(seq, " max_seg_size: %u, ",
1882 self->max_seg_size);
1883 seq_printf(seq, "tx_max_sdu_size: %u, ",
1884 self->tx_max_sdu_size);
1885 seq_printf(seq, "rx_max_sdu_size: %u\n",
1886 self->rx_max_sdu_size);
1888 seq_printf(seq, " Used by (%s)\n\n",
1889 self->notify.name);
1890 return 0;
1893 static const struct seq_operations irttp_seq_ops = {
1894 .start = irttp_seq_start,
1895 .next = irttp_seq_next,
1896 .stop = irttp_seq_stop,
1897 .show = irttp_seq_show,
1900 static int irttp_seq_open(struct inode *inode, struct file *file)
1902 return seq_open_private(file, &irttp_seq_ops,
1903 sizeof(struct irttp_iter_state));
1906 const struct file_operations irttp_seq_fops = {
1907 .owner = THIS_MODULE,
1908 .open = irttp_seq_open,
1909 .read = seq_read,
1910 .llseek = seq_lseek,
1911 .release = seq_release_private,
1914 #endif /* PROC_FS */