1 // SPDX-License-Identifier: GPL-2.0
3 * n_gsm.c GSM 0710 tty multiplexor
4 * Copyright (c) 2009/10 Intel Corporation
6 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
9 * Mostly done: ioctls for setting modes/timing
10 * Partly done: hooks so you can pull off frames to non tty devs
11 * Restart DLCI 0 when it closes ?
12 * Improve the tx engine
13 * Resolve tx side locking by adding a queue_head and routing
14 * all control traffic via it
15 * General tidy/document
16 * Review the locking/move to refcounts more (mux now moved to an
17 * alloc/free model ready)
18 * Use newest tty open/close port helpers and install hooks
19 * What to do about power functions ?
20 * Termios setting and negotiation
21 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
25 #include <linux/types.h>
26 #include <linux/major.h>
27 #include <linux/errno.h>
28 #include <linux/signal.h>
29 #include <linux/fcntl.h>
30 #include <linux/sched/signal.h>
31 #include <linux/interrupt.h>
32 #include <linux/tty.h>
33 #include <linux/ctype.h>
35 #include <linux/string.h>
36 #include <linux/slab.h>
37 #include <linux/poll.h>
38 #include <linux/bitops.h>
39 #include <linux/file.h>
40 #include <linux/uaccess.h>
41 #include <linux/module.h>
42 #include <linux/timer.h>
43 #include <linux/tty_flip.h>
44 #include <linux/tty_driver.h>
45 #include <linux/serial.h>
46 #include <linux/kfifo.h>
47 #include <linux/skbuff.h>
50 #include <linux/netdevice.h>
51 #include <linux/etherdevice.h>
52 #include <linux/gsmmux.h>
55 module_param(debug, int, 0600);
57 /* Defaults: these are from the specification */
59 #define T1 10 /* 100mS */
60 #define T2 34 /* 333mS */
61 #define N2 3 /* Retry 3 times */
63 /* Use long timers for testing at low speed with debug on */
70 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
71 * limits so this is plenty
75 #define GSM_NET_TX_TIMEOUT (HZ*10)
78 * struct gsm_mux_net - network interface
80 * Created when net interface is initialized.
84 struct gsm_dlci *dlci;
88 * Each block of data we have queued to go out is in the form of
89 * a gsm_msg which holds everything we need in a link layer independent
94 struct list_head list;
95 u8 addr; /* DLCI address + flags */
96 u8 ctrl; /* Control byte + flags */
97 unsigned int len; /* Length of data block (can be zero) */
98 unsigned char *data; /* Points into buffer but not at the start */
99 unsigned char buffer[];
102 enum gsm_dlci_state {
104 DLCI_OPENING, /* Sending SABM not seen UA */
105 DLCI_OPEN, /* SABM/UA complete */
106 DLCI_CLOSING, /* Sending DISC not seen UA/DM */
110 DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
111 DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
115 * Each active data link has a gsm_dlci structure associated which ties
116 * the link layer to an optional tty (if the tty side is open). To avoid
117 * complexity right now these are only ever freed up when the mux is
120 * At the moment we don't free DLCI objects until the mux is torn down
121 * this avoid object life time issues but might be worth review later.
127 enum gsm_dlci_state state;
131 enum gsm_dlci_mode mode;
132 spinlock_t lock; /* Protects the internal state */
133 struct timer_list t1; /* Retransmit timer for SABM and UA */
135 /* Uplink tty if active */
136 struct tty_port port; /* The tty bound to this DLCI if there is one */
137 struct kfifo fifo; /* Queue fifo for the DLCI */
138 int adaption; /* Adaption layer in use */
140 u32 modem_rx; /* Our incoming virtual modem lines */
141 u32 modem_tx; /* Our outgoing modem lines */
142 bool dead; /* Refuse re-open */
144 bool throttled; /* Private copy of throttle state */
145 bool constipated; /* Throttle status for outgoing */
147 struct sk_buff *skb; /* Frame being sent */
148 struct sk_buff_head skb_list; /* Queued frames */
149 /* Data handling callback */
150 void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
151 void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
152 struct net_device *net; /* network interface, if created */
155 /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
160 * DLCI 0 is used to pass control blocks out of band of the data
161 * flow (and with a higher link priority). One command can be outstanding
162 * at a time and we use this structure to manage them. They are created
163 * and destroyed by the user context, and updated by the receive paths
168 u8 cmd; /* Command we are issuing */
169 u8 *data; /* Data for the command in case we retransmit */
170 int len; /* Length of block for retransmission */
171 int done; /* Done flag */
172 int error; /* Error if any */
190 * Each GSM mux we have is represented by this structure. If we are
191 * operating as an ldisc then we use this structure as our ldisc
192 * state. We need to sort out lifetimes and locking with respect
193 * to the gsm mux array. For now we don't free DLCI objects that
194 * have been instantiated until the mux itself is terminated.
196 * To consider further: tty open versus mux shutdown.
200 struct tty_struct *tty; /* The tty our ldisc is bound to */
206 /* Events on the GSM channel */
207 wait_queue_head_t event;
209 /* Bits for GSM mode decoding */
213 enum gsm_mux_state state;
215 unsigned int address;
222 u8 *txframe; /* TX framing buffer */
224 /* Method for the receiver side */
225 void (*receive)(struct gsm_mux *gsm, u8 ch);
230 int initiator; /* Did we initiate connection */
231 bool dead; /* Has the mux been shut down */
232 struct gsm_dlci *dlci[NUM_DLCI];
233 bool constipated; /* Asked by remote to shut up */
236 unsigned int tx_bytes; /* TX data outstanding */
237 #define TX_THRESH_HI 8192
238 #define TX_THRESH_LO 2048
239 struct list_head tx_list; /* Pending data packets */
241 /* Control messages */
242 struct timer_list t2_timer; /* Retransmit timer for commands */
243 int cretries; /* Command retry counter */
244 struct gsm_control *pending_cmd;/* Our current pending command */
245 spinlock_t control_lock; /* Protects the pending command */
248 int adaption; /* 1 or 2 supported */
249 u8 ftype; /* UI or UIH */
250 int t1, t2; /* Timers in 1/100th of a sec */
251 int n2; /* Retry count */
253 /* Statistics (not currently exposed) */
254 unsigned long bad_fcs;
255 unsigned long malformed;
256 unsigned long io_error;
257 unsigned long bad_size;
258 unsigned long unsupported;
263 * Mux objects - needed so that we can translate a tty index into the
264 * relevant mux and DLCI.
267 #define MAX_MUX 4 /* 256 minors */
268 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
269 static spinlock_t gsm_mux_lock;
271 static struct tty_driver *gsm_tty_driver;
274 * This section of the driver logic implements the GSM encodings
275 * both the basic and the 'advanced'. Reliable transport is not
283 /* I is special: the rest are ..*/
294 /* Channel commands */
296 #define CMD_TEST 0x11
299 #define CMD_FCOFF 0x31
302 #define CMD_FCON 0x51
307 /* Virtual modem bits */
314 #define GSM0_SOF 0xF9
315 #define GSM1_SOF 0x7E
316 #define GSM1_ESCAPE 0x7D
317 #define GSM1_ESCAPE_BITS 0x20
321 static const struct tty_port_operations gsm_port_ops;
324 * CRC table for GSM 0710
327 static const u8 gsm_fcs8[256] = {
328 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
329 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
330 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
331 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
332 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
333 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
334 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
335 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
336 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
337 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
338 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
339 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
340 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
341 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
342 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
343 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
344 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
345 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
346 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
347 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
348 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
349 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
350 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
351 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
352 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
353 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
354 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
355 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
356 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
357 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
358 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
359 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
362 #define INIT_FCS 0xFF
363 #define GOOD_FCS 0xCF
365 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
368 * gsm_fcs_add - update FCS
372 * Update the FCS to include c. Uses the algorithm in the specification
376 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
378 return gsm_fcs8[fcs ^ c];
382 * gsm_fcs_add_block - update FCS for a block
385 * @len: length of buffer
387 * Update the FCS to include c. Uses the algorithm in the specification
391 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
394 fcs = gsm_fcs8[fcs ^ *c++];
399 * gsm_read_ea - read a byte into an EA
400 * @val: variable holding value
401 * @c: byte going into the EA
403 * Processes one byte of an EA. Updates the passed variable
404 * and returns 1 if the EA is now completely read
407 static int gsm_read_ea(unsigned int *val, u8 c)
409 /* Add the next 7 bits into the value */
412 /* Was this the last byte of the EA 1 = yes*/
417 * gsm_encode_modem - encode modem data bits
418 * @dlci: DLCI to encode from
420 * Returns the correct GSM encoded modem status bits (6 bit field) for
421 * the current status of the DLCI and attached tty object
424 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
427 /* FC is true flow control not modem bits */
430 if (dlci->modem_tx & TIOCM_DTR)
431 modembits |= MDM_RTC;
432 if (dlci->modem_tx & TIOCM_RTS)
433 modembits |= MDM_RTR;
434 if (dlci->modem_tx & TIOCM_RI)
436 if (dlci->modem_tx & TIOCM_CD)
442 * gsm_print_packet - display a frame for debug
443 * @hdr: header to print before decode
444 * @addr: address EA from the frame
445 * @cr: C/R bit from the frame
446 * @control: control including PF bit
447 * @data: following data bytes
448 * @dlen: length of data
450 * Displays a packet in human readable format for debugging purposes. The
451 * style is based on amateur radio LAP-B dump display.
454 static void gsm_print_packet(const char *hdr, int addr, int cr,
455 u8 control, const u8 *data, int dlen)
460 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
462 switch (control & ~PF) {
482 if (!(control & 0x01)) {
483 pr_cont("I N(S)%d N(R)%d",
484 (control & 0x0E) >> 1, (control & 0xE0) >> 5);
485 } else switch (control & 0x0F) {
487 pr_cont("RR(%d)", (control & 0xE0) >> 5);
490 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
493 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
496 pr_cont("[%02X]", control);
505 print_hex_dump_bytes("", DUMP_PREFIX_NONE, data, dlen);
510 * Link level transmission side
514 * gsm_stuff_packet - bytestuff a packet
515 * @input: input buffer
516 * @output: output buffer
517 * @len: length of input
519 * Expand a buffer by bytestuffing it. The worst case size change
520 * is doubling and the caller is responsible for handing out
521 * suitable sized buffers.
524 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
528 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
529 || *input == XON || *input == XOFF) {
530 *output++ = GSM1_ESCAPE;
531 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
534 *output++ = *input++;
541 * gsm_send - send a control frame
543 * @addr: address for control frame
544 * @cr: command/response bit
545 * @control: control byte including PF bit
547 * Format up and transmit a control frame. These do not go via the
548 * queueing logic as they should be transmitted ahead of data when
551 * FIXME: Lock versus data TX path
554 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
560 switch (gsm->encoding) {
563 cbuf[1] = (addr << 2) | (cr << 1) | EA;
565 cbuf[3] = EA; /* Length of data = 0 */
566 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
572 /* Control frame + packing (but not frame stuffing) in mode 1 */
573 ibuf[0] = (addr << 2) | (cr << 1) | EA;
575 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
576 /* Stuffing may double the size worst case */
577 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
578 /* Now add the SOF markers */
580 cbuf[len + 1] = GSM1_SOF;
581 /* FIXME: we can omit the lead one in many cases */
588 gsmld_output(gsm, cbuf, len);
589 gsm_print_packet("-->", addr, cr, control, NULL, 0);
593 * gsm_response - send a control response
595 * @addr: address for control frame
596 * @control: control byte including PF bit
598 * Format up and transmit a link level response frame.
601 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
603 gsm_send(gsm, addr, 0, control);
607 * gsm_command - send a control command
609 * @addr: address for control frame
610 * @control: control byte including PF bit
612 * Format up and transmit a link level command frame.
615 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
617 gsm_send(gsm, addr, 1, control);
620 /* Data transmission */
622 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
625 * gsm_data_alloc - allocate data frame
627 * @addr: DLCI address
628 * @len: length excluding header and FCS
629 * @ctrl: control byte
631 * Allocate a new data buffer for sending frames with data. Space is left
632 * at the front for header bytes but that is treated as an implementation
633 * detail and not for the high level code to use
636 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
639 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
643 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
647 INIT_LIST_HEAD(&m->list);
652 * gsm_data_kick - poke the queue
655 * The tty device has called us to indicate that room has appeared in
656 * the transmit queue. Ram more data into the pipe if we have any
657 * If we have been flow-stopped by a CMD_FCOFF, then we can only
658 * send messages on DLCI0 until CMD_FCON
660 * FIXME: lock against link layer control transmissions
663 static void gsm_data_kick(struct gsm_mux *gsm, struct gsm_dlci *dlci)
665 struct gsm_msg *msg, *nmsg;
668 list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
669 if (gsm->constipated && msg->addr)
671 if (gsm->encoding != 0) {
672 gsm->txframe[0] = GSM1_SOF;
673 len = gsm_stuff_frame(msg->data,
674 gsm->txframe + 1, msg->len);
675 gsm->txframe[len + 1] = GSM1_SOF;
678 gsm->txframe[0] = GSM0_SOF;
679 memcpy(gsm->txframe + 1 , msg->data, msg->len);
680 gsm->txframe[msg->len + 1] = GSM0_SOF;
685 print_hex_dump_bytes("gsm_data_kick: ",
688 if (gsmld_output(gsm, gsm->txframe, len) < 0)
690 /* FIXME: Can eliminate one SOF in many more cases */
691 gsm->tx_bytes -= msg->len;
693 list_del(&msg->list);
697 tty_port_tty_wakeup(&dlci->port);
701 for (i = 0; i < NUM_DLCI; i++)
703 tty_port_tty_wakeup(&gsm->dlci[i]->port);
709 * __gsm_data_queue - queue a UI or UIH frame
710 * @dlci: DLCI sending the data
711 * @msg: message queued
713 * Add data to the transmit queue and try and get stuff moving
714 * out of the mux tty if not already doing so. The Caller must hold
718 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
720 struct gsm_mux *gsm = dlci->gsm;
722 u8 *fcs = dp + msg->len;
724 /* Fill in the header */
725 if (gsm->encoding == 0) {
727 *--dp = (msg->len << 1) | EA;
729 *--dp = (msg->len >> 7); /* bits 7 - 15 */
730 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
736 *--dp = (msg->addr << 2) | 2 | EA;
738 *--dp = (msg->addr << 2) | EA;
739 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
740 /* Ugly protocol layering violation */
741 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
742 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
745 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
746 msg->data, msg->len);
748 /* Move the header back and adjust the length, also allow for the FCS
749 now tacked on the end */
750 msg->len += (msg->data - dp) + 1;
753 /* Add to the actual output queue */
754 list_add_tail(&msg->list, &gsm->tx_list);
755 gsm->tx_bytes += msg->len;
756 gsm_data_kick(gsm, dlci);
760 * gsm_data_queue - queue a UI or UIH frame
761 * @dlci: DLCI sending the data
762 * @msg: message queued
764 * Add data to the transmit queue and try and get stuff moving
765 * out of the mux tty if not already doing so. Take the
766 * the gsm tx lock and dlci lock.
769 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
772 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
773 __gsm_data_queue(dlci, msg);
774 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
778 * gsm_dlci_data_output - try and push data out of a DLCI
780 * @dlci: the DLCI to pull data from
782 * Pull data from a DLCI and send it into the transmit queue if there
783 * is data. Keep to the MRU of the mux. This path handles the usual tty
784 * interface which is a byte stream with optional modem data.
786 * Caller must hold the tx_lock of the mux.
789 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
793 int len, total_size, size;
794 int h = dlci->adaption - 1;
798 len = kfifo_len(&dlci->fifo);
802 /* MTU/MRU count only the data bits */
808 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
809 /* FIXME: need a timer or something to kick this so it can't
810 get stuck with no work outstanding and no buffer free */
814 switch (dlci->adaption) {
815 case 1: /* Unstructured */
817 case 2: /* Unstructed with modem bits.
818 Always one byte as we never send inline break data */
819 *dp++ = gsm_encode_modem(dlci);
822 WARN_ON(kfifo_out_locked(&dlci->fifo, dp , len, &dlci->lock) != len);
823 __gsm_data_queue(dlci, msg);
826 /* Bytes of data we used up */
831 * gsm_dlci_data_output_framed - try and push data out of a DLCI
833 * @dlci: the DLCI to pull data from
835 * Pull data from a DLCI and send it into the transmit queue if there
836 * is data. Keep to the MRU of the mux. This path handles framed data
837 * queued as skbuffs to the DLCI.
839 * Caller must hold the tx_lock of the mux.
842 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
843 struct gsm_dlci *dlci)
848 int last = 0, first = 0;
851 /* One byte per frame is used for B/F flags */
852 if (dlci->adaption == 4)
855 /* dlci->skb is locked by tx_lock */
856 if (dlci->skb == NULL) {
857 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
858 if (dlci->skb == NULL)
862 len = dlci->skb->len + overhead;
864 /* MTU/MRU count only the data bits */
865 if (len > gsm->mtu) {
866 if (dlci->adaption == 3) {
867 /* Over long frame, bin it */
868 dev_kfree_skb_any(dlci->skb);
876 size = len + overhead;
877 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
879 /* FIXME: need a timer or something to kick this so it can't
880 get stuck with no work outstanding and no buffer free */
882 skb_queue_tail(&dlci->skb_list, dlci->skb);
888 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
889 /* Flag byte to carry the start/end info */
890 *dp++ = last << 7 | first << 6 | 1; /* EA */
893 memcpy(dp, dlci->skb->data, len);
894 skb_pull(dlci->skb, len);
895 __gsm_data_queue(dlci, msg);
897 dev_kfree_skb_any(dlci->skb);
904 * gsm_dlci_data_sweep - look for data to send
907 * Sweep the GSM mux channels in priority order looking for ones with
908 * data to send. We could do with optimising this scan a bit. We aim
909 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
910 * TX_THRESH_LO we get called again
912 * FIXME: We should round robin between groups and in theory you can
913 * renegotiate DLCI priorities with optional stuff. Needs optimising.
916 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
919 /* Priority ordering: We should do priority with RR of the groups */
922 while (i < NUM_DLCI) {
923 struct gsm_dlci *dlci;
925 if (gsm->tx_bytes > TX_THRESH_HI)
928 if (dlci == NULL || dlci->constipated) {
932 if (dlci->adaption < 3 && !dlci->net)
933 len = gsm_dlci_data_output(gsm, dlci);
935 len = gsm_dlci_data_output_framed(gsm, dlci);
938 /* DLCI empty - try the next */
945 * gsm_dlci_data_kick - transmit if possible
946 * @dlci: DLCI to kick
948 * Transmit data from this DLCI if the queue is empty. We can't rely on
949 * a tty wakeup except when we filled the pipe so we need to fire off
950 * new data ourselves in other cases.
953 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
958 if (dlci->constipated)
961 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
962 /* If we have nothing running then we need to fire up */
963 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
964 if (dlci->gsm->tx_bytes == 0) {
966 gsm_dlci_data_output_framed(dlci->gsm, dlci);
968 gsm_dlci_data_output(dlci->gsm, dlci);
971 gsm_dlci_data_sweep(dlci->gsm);
972 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
976 * Control message processing
981 * gsm_control_reply - send a response frame to a control
983 * @cmd: the command to use
984 * @data: data to follow encoded info
985 * @dlen: length of data
987 * Encode up and queue a UI/UIH frame containing our response.
990 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
994 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
997 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
998 msg->data[1] = (dlen << 1) | EA;
999 memcpy(msg->data + 2, data, dlen);
1000 gsm_data_queue(gsm->dlci[0], msg);
1004 * gsm_process_modem - process received modem status
1005 * @tty: virtual tty bound to the DLCI
1006 * @dlci: DLCI to affect
1007 * @modem: modem bits (full EA)
1009 * Used when a modem control message or line state inline in adaption
1010 * layer 2 is processed. Sort out the local modem state and throttles
1013 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1014 u32 modem, int clen)
1020 /* The modem status command can either contain one octet (v.24 signals)
1021 or two octets (v.24 signals + break signals). The length field will
1022 either be 2 or 3 respectively. This is specified in section
1023 5.4.6.3.7 of the 27.010 mux spec. */
1026 modem = modem & 0x7f;
1029 modem = (modem >> 7) & 0x7f;
1032 /* Flow control/ready to communicate */
1033 fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1034 if (fc && !dlci->constipated) {
1035 /* Need to throttle our output on this device */
1036 dlci->constipated = true;
1037 } else if (!fc && dlci->constipated) {
1038 dlci->constipated = false;
1039 gsm_dlci_data_kick(dlci);
1042 /* Map modem bits */
1043 if (modem & MDM_RTC)
1044 mlines |= TIOCM_DSR | TIOCM_DTR;
1045 if (modem & MDM_RTR)
1046 mlines |= TIOCM_RTS | TIOCM_CTS;
1052 /* Carrier drop -> hangup */
1054 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1059 tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
1060 dlci->modem_rx = mlines;
1064 * gsm_control_modem - modem status received
1066 * @data: data following command
1067 * @clen: command length
1069 * We have received a modem status control message. This is used by
1070 * the GSM mux protocol to pass virtual modem line status and optionally
1071 * to indicate break signals. Unpack it, convert to Linux representation
1072 * and if need be stuff a break message down the tty.
1075 static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
1077 unsigned int addr = 0;
1078 unsigned int modem = 0;
1079 unsigned int brk = 0;
1080 struct gsm_dlci *dlci;
1082 const u8 *dp = data;
1083 struct tty_struct *tty;
1085 while (gsm_read_ea(&addr, *dp++) == 0) {
1090 /* Must be at least one byte following the EA */
1096 /* Closed port, or invalid ? */
1097 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1099 dlci = gsm->dlci[addr];
1101 while (gsm_read_ea(&modem, *dp++) == 0) {
1108 while (gsm_read_ea(&brk, *dp++) == 0) {
1114 modem |= (brk & 0x7f);
1116 tty = tty_port_tty_get(&dlci->port);
1117 gsm_process_modem(tty, dlci, modem, clen);
1122 gsm_control_reply(gsm, CMD_MSC, data, clen);
1126 * gsm_control_rls - remote line status
1129 * @clen: data length
1131 * The modem sends us a two byte message on the control channel whenever
1132 * it wishes to send us an error state from the virtual link. Stuff
1133 * this into the uplink tty if present
1136 static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
1138 struct tty_port *port;
1139 unsigned int addr = 0;
1142 const u8 *dp = data;
1144 while (gsm_read_ea(&addr, *dp++) == 0) {
1149 /* Must be at least one byte following ea */
1154 /* Closed port, or invalid ? */
1155 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1159 if ((bits & 1) == 0)
1162 port = &gsm->dlci[addr]->port;
1165 tty_insert_flip_char(port, 0, TTY_OVERRUN);
1167 tty_insert_flip_char(port, 0, TTY_PARITY);
1169 tty_insert_flip_char(port, 0, TTY_FRAME);
1171 tty_flip_buffer_push(port);
1173 gsm_control_reply(gsm, CMD_RLS, data, clen);
1176 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1179 * gsm_control_message - DLCI 0 control processing
1181 * @command: the command EA
1182 * @data: data beyond the command/length EAs
1185 * Input processor for control messages from the other end of the link.
1186 * Processes the incoming request and queues a response frame or an
1187 * NSC response if not supported
1190 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1191 const u8 *data, int clen)
1194 unsigned long flags;
1198 struct gsm_dlci *dlci = gsm->dlci[0];
1199 /* Modem wishes to close down */
1203 gsm_dlci_begin_close(dlci);
1208 /* Modem wishes to test, reply with the data */
1209 gsm_control_reply(gsm, CMD_TEST, data, clen);
1212 /* Modem can accept data again */
1213 gsm->constipated = false;
1214 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1215 /* Kick the link in case it is idling */
1216 spin_lock_irqsave(&gsm->tx_lock, flags);
1217 gsm_data_kick(gsm, NULL);
1218 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1221 /* Modem wants us to STFU */
1222 gsm->constipated = true;
1223 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1226 /* Out of band modem line change indicator for a DLCI */
1227 gsm_control_modem(gsm, data, clen);
1230 /* Out of band error reception for a DLCI */
1231 gsm_control_rls(gsm, data, clen);
1234 /* Modem wishes to enter power saving state */
1235 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1237 /* Optional unsupported commands */
1238 case CMD_PN: /* Parameter negotiation */
1239 case CMD_RPN: /* Remote port negotiation */
1240 case CMD_SNC: /* Service negotiation command */
1242 /* Reply to bad commands with an NSC */
1244 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1250 * gsm_control_response - process a response to our control
1252 * @command: the command (response) EA
1253 * @data: data beyond the command/length EA
1256 * Process a response to an outstanding command. We only allow a single
1257 * control message in flight so this is fairly easy. All the clean up
1258 * is done by the caller, we just update the fields, flag it as done
1262 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1263 const u8 *data, int clen)
1265 struct gsm_control *ctrl;
1266 unsigned long flags;
1268 spin_lock_irqsave(&gsm->control_lock, flags);
1270 ctrl = gsm->pending_cmd;
1271 /* Does the reply match our command */
1273 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1274 /* Our command was replied to, kill the retry timer */
1275 del_timer(&gsm->t2_timer);
1276 gsm->pending_cmd = NULL;
1277 /* Rejected by the other end */
1278 if (command == CMD_NSC)
1279 ctrl->error = -EOPNOTSUPP;
1281 wake_up(&gsm->event);
1283 spin_unlock_irqrestore(&gsm->control_lock, flags);
1287 * gsm_control_transmit - send control packet
1289 * @ctrl: frame to send
1291 * Send out a pending control command (called under control lock)
1294 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1296 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1299 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1300 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1301 gsm_data_queue(gsm->dlci[0], msg);
1305 * gsm_control_retransmit - retransmit a control frame
1306 * @t: timer contained in our gsm object
1308 * Called off the T2 timer expiry in order to retransmit control frames
1309 * that have been lost in the system somewhere. The control_lock protects
1310 * us from colliding with another sender or a receive completion event.
1311 * In that situation the timer may still occur in a small window but
1312 * gsm->pending_cmd will be NULL and we just let the timer expire.
1315 static void gsm_control_retransmit(struct timer_list *t)
1317 struct gsm_mux *gsm = from_timer(gsm, t, t2_timer);
1318 struct gsm_control *ctrl;
1319 unsigned long flags;
1320 spin_lock_irqsave(&gsm->control_lock, flags);
1321 ctrl = gsm->pending_cmd;
1324 if (gsm->cretries == 0) {
1325 gsm->pending_cmd = NULL;
1326 ctrl->error = -ETIMEDOUT;
1328 spin_unlock_irqrestore(&gsm->control_lock, flags);
1329 wake_up(&gsm->event);
1332 gsm_control_transmit(gsm, ctrl);
1333 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1335 spin_unlock_irqrestore(&gsm->control_lock, flags);
1339 * gsm_control_send - send a control frame on DLCI 0
1340 * @gsm: the GSM channel
1341 * @command: command to send including CR bit
1342 * @data: bytes of data (must be kmalloced)
1343 * @clen: length of the block to send
1345 * Queue and dispatch a control command. Only one command can be
1346 * active at a time. In theory more can be outstanding but the matching
1347 * gets really complicated so for now stick to one outstanding.
1350 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1351 unsigned int command, u8 *data, int clen)
1353 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1355 unsigned long flags;
1359 wait_event(gsm->event, gsm->pending_cmd == NULL);
1360 spin_lock_irqsave(&gsm->control_lock, flags);
1361 if (gsm->pending_cmd != NULL) {
1362 spin_unlock_irqrestore(&gsm->control_lock, flags);
1365 ctrl->cmd = command;
1368 gsm->pending_cmd = ctrl;
1370 /* If DLCI0 is in ADM mode skip retries, it won't respond */
1371 if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
1374 gsm->cretries = gsm->n2;
1376 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1377 gsm_control_transmit(gsm, ctrl);
1378 spin_unlock_irqrestore(&gsm->control_lock, flags);
1383 * gsm_control_wait - wait for a control to finish
1385 * @control: control we are waiting on
1387 * Waits for the control to complete or time out. Frees any used
1388 * resources and returns 0 for success, or an error if the remote
1389 * rejected or ignored the request.
1392 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1395 wait_event(gsm->event, control->done == 1);
1396 err = control->error;
1403 * DLCI level handling: Needs krefs
1407 * State transitions and timers
1411 * gsm_dlci_close - a DLCI has closed
1412 * @dlci: DLCI that closed
1414 * Perform processing when moving a DLCI into closed state. If there
1415 * is an attached tty this is hung up
1418 static void gsm_dlci_close(struct gsm_dlci *dlci)
1420 del_timer(&dlci->t1);
1422 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1423 dlci->state = DLCI_CLOSED;
1424 if (dlci->addr != 0) {
1425 tty_port_tty_hangup(&dlci->port, false);
1426 kfifo_reset(&dlci->fifo);
1428 dlci->gsm->dead = true;
1429 wake_up(&dlci->gsm->event);
1430 /* A DLCI 0 close is a MUX termination so we need to kick that
1431 back to userspace somehow */
1435 * gsm_dlci_open - a DLCI has opened
1436 * @dlci: DLCI that opened
1438 * Perform processing when moving a DLCI into open state.
1441 static void gsm_dlci_open(struct gsm_dlci *dlci)
1443 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1445 del_timer(&dlci->t1);
1446 /* This will let a tty open continue */
1447 dlci->state = DLCI_OPEN;
1449 pr_debug("DLCI %d goes open.\n", dlci->addr);
1450 wake_up(&dlci->gsm->event);
1454 * gsm_dlci_t1 - T1 timer expiry
1455 * @t: timer contained in the DLCI that opened
1457 * The T1 timer handles retransmits of control frames (essentially of
1458 * SABM and DISC). We resend the command until the retry count runs out
1459 * in which case an opening port goes back to closed and a closing port
1460 * is simply put into closed state (any further frames from the other
1461 * end will get a DM response)
1463 * Some control dlci can stay in ADM mode with other dlci working just
1464 * fine. In that case we can just keep the control dlci open after the
1465 * DLCI_OPENING retries time out.
1468 static void gsm_dlci_t1(struct timer_list *t)
1470 struct gsm_dlci *dlci = from_timer(dlci, t, t1);
1471 struct gsm_mux *gsm = dlci->gsm;
1473 switch (dlci->state) {
1476 if (dlci->retries) {
1477 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1478 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1479 } else if (!dlci->addr && gsm->control == (DM | PF)) {
1481 pr_info("DLCI %d opening in ADM mode.\n",
1483 dlci->mode = DLCI_MODE_ADM;
1484 gsm_dlci_open(dlci);
1486 gsm_dlci_close(dlci);
1492 if (dlci->retries) {
1493 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1494 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1496 gsm_dlci_close(dlci);
1499 pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
1505 * gsm_dlci_begin_open - start channel open procedure
1506 * @dlci: DLCI to open
1508 * Commence opening a DLCI from the Linux side. We issue SABM messages
1509 * to the modem which should then reply with a UA or ADM, at which point
1510 * we will move into open state. Opening is done asynchronously with retry
1511 * running off timers and the responses.
1514 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1516 struct gsm_mux *gsm = dlci->gsm;
1517 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1519 dlci->retries = gsm->n2;
1520 dlci->state = DLCI_OPENING;
1521 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1522 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1526 * gsm_dlci_begin_close - start channel open procedure
1527 * @dlci: DLCI to open
1529 * Commence closing a DLCI from the Linux side. We issue DISC messages
1530 * to the modem which should then reply with a UA, at which point we
1531 * will move into closed state. Closing is done asynchronously with retry
1532 * off timers. We may also receive a DM reply from the other end which
1533 * indicates the channel was already closed.
1536 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1538 struct gsm_mux *gsm = dlci->gsm;
1539 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1541 dlci->retries = gsm->n2;
1542 dlci->state = DLCI_CLOSING;
1543 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1544 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1548 * gsm_dlci_data - data arrived
1550 * @data: block of bytes received
1551 * @clen: length of received block
1553 * A UI or UIH frame has arrived which contains data for a channel
1554 * other than the control channel. If the relevant virtual tty is
1555 * open we shovel the bits down it, if not we drop them.
1558 static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
1561 struct tty_port *port = &dlci->port;
1562 struct tty_struct *tty;
1563 unsigned int modem = 0;
1567 pr_debug("%d bytes for tty\n", len);
1568 switch (dlci->adaption) {
1569 /* Unsupported types */
1570 case 4: /* Packetised interruptible data */
1572 case 3: /* Packetised uininterruptible voice/data */
1574 case 2: /* Asynchronous serial with line state in each frame */
1575 while (gsm_read_ea(&modem, *data++) == 0) {
1580 tty = tty_port_tty_get(port);
1582 gsm_process_modem(tty, dlci, modem, clen);
1586 case 1: /* Line state will go via DLCI 0 controls only */
1588 tty_insert_flip_string(port, data, len);
1589 tty_flip_buffer_push(port);
1594 * gsm_dlci_control - data arrived on control channel
1596 * @data: block of bytes received
1597 * @len: length of received block
1599 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1600 * control channel. This should contain a command EA followed by
1601 * control data bytes. The command EA contains a command/response bit
1602 * and we divide up the work accordingly.
1605 static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
1607 /* See what command is involved */
1608 unsigned int command = 0;
1610 if (gsm_read_ea(&command, *data++) == 1) {
1613 /* FIXME: this is properly an EA */
1615 /* Malformed command ? */
1619 gsm_control_message(dlci->gsm, command,
1622 gsm_control_response(dlci->gsm, command,
1630 * Allocate/Free DLCI channels
1634 * gsm_dlci_alloc - allocate a DLCI
1636 * @addr: address of the DLCI
1638 * Allocate and install a new DLCI object into the GSM mux.
1640 * FIXME: review locking races
1643 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1645 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1648 spin_lock_init(&dlci->lock);
1649 mutex_init(&dlci->mutex);
1650 if (kfifo_alloc(&dlci->fifo, 4096, GFP_KERNEL) < 0) {
1655 skb_queue_head_init(&dlci->skb_list);
1656 timer_setup(&dlci->t1, gsm_dlci_t1, 0);
1657 tty_port_init(&dlci->port);
1658 dlci->port.ops = &gsm_port_ops;
1661 dlci->adaption = gsm->adaption;
1662 dlci->state = DLCI_CLOSED;
1664 dlci->data = gsm_dlci_data;
1666 dlci->data = gsm_dlci_command;
1667 gsm->dlci[addr] = dlci;
1672 * gsm_dlci_free - free DLCI
1673 * @port: tty port for DLCI to free
1679 static void gsm_dlci_free(struct tty_port *port)
1681 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
1683 del_timer_sync(&dlci->t1);
1684 dlci->gsm->dlci[dlci->addr] = NULL;
1685 kfifo_free(&dlci->fifo);
1686 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1687 dev_kfree_skb(dlci->skb);
1691 static inline void dlci_get(struct gsm_dlci *dlci)
1693 tty_port_get(&dlci->port);
1696 static inline void dlci_put(struct gsm_dlci *dlci)
1698 tty_port_put(&dlci->port);
1701 static void gsm_destroy_network(struct gsm_dlci *dlci);
1704 * gsm_dlci_release - release DLCI
1705 * @dlci: DLCI to destroy
1707 * Release a DLCI. Actual free is deferred until either
1708 * mux is closed or tty is closed - whichever is last.
1712 static void gsm_dlci_release(struct gsm_dlci *dlci)
1714 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1716 mutex_lock(&dlci->mutex);
1717 gsm_destroy_network(dlci);
1718 mutex_unlock(&dlci->mutex);
1722 tty_port_tty_set(&dlci->port, NULL);
1725 dlci->state = DLCI_CLOSED;
1730 * LAPBish link layer logic
1734 * gsm_queue - a GSM frame is ready to process
1735 * @gsm: pointer to our gsm mux
1737 * At this point in time a frame has arrived and been demangled from
1738 * the line encoding. All the differences between the encodings have
1739 * been handled below us and the frame is unpacked into the structures.
1740 * The fcs holds the header FCS but any data FCS must be added here.
1743 static void gsm_queue(struct gsm_mux *gsm)
1745 struct gsm_dlci *dlci;
1748 /* We have to sneak a look at the packet body to do the FCS.
1749 A somewhat layering violation in the spec */
1751 if ((gsm->control & ~PF) == UI)
1752 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1753 if (gsm->encoding == 0) {
1754 /* WARNING: gsm->received_fcs is used for
1755 gsm->encoding = 0 only.
1756 In this case it contain the last piece of data
1757 required to generate final CRC */
1758 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1760 if (gsm->fcs != GOOD_FCS) {
1763 pr_debug("BAD FCS %02x\n", gsm->fcs);
1766 address = gsm->address >> 1;
1767 if (address >= NUM_DLCI)
1770 cr = gsm->address & 1; /* C/R bit */
1772 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1774 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1775 dlci = gsm->dlci[address];
1777 switch (gsm->control) {
1782 dlci = gsm_dlci_alloc(gsm, address);
1786 gsm_response(gsm, address, DM);
1788 gsm_response(gsm, address, UA);
1789 gsm_dlci_open(dlci);
1795 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1796 gsm_response(gsm, address, DM);
1799 /* Real close complete */
1800 gsm_response(gsm, address, UA);
1801 gsm_dlci_close(dlci);
1805 if (cr == 0 || dlci == NULL)
1807 switch (dlci->state) {
1809 gsm_dlci_close(dlci);
1812 gsm_dlci_open(dlci);
1815 pr_debug("%s: unhandled state: %d\n", __func__,
1820 case DM: /* DM can be valid unsolicited */
1826 gsm_dlci_close(dlci);
1836 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1837 gsm_command(gsm, address, DM|PF);
1840 dlci->data(dlci, gsm->buf, gsm->len);
1853 * gsm0_receive - perform processing for non-transparency
1854 * @gsm: gsm data for this ldisc instance
1857 * Receive bytes in gsm mode 0
1860 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1864 switch (gsm->state) {
1865 case GSM_SEARCH: /* SOF marker */
1866 if (c == GSM0_SOF) {
1867 gsm->state = GSM_ADDRESS;
1870 gsm->fcs = INIT_FCS;
1873 case GSM_ADDRESS: /* Address EA */
1874 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1875 if (gsm_read_ea(&gsm->address, c))
1876 gsm->state = GSM_CONTROL;
1878 case GSM_CONTROL: /* Control Byte */
1879 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1881 gsm->state = GSM_LEN0;
1883 case GSM_LEN0: /* Length EA */
1884 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1885 if (gsm_read_ea(&gsm->len, c)) {
1886 if (gsm->len > gsm->mru) {
1888 gsm->state = GSM_SEARCH;
1893 gsm->state = GSM_FCS;
1895 gsm->state = GSM_DATA;
1898 gsm->state = GSM_LEN1;
1901 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1903 gsm->len |= len << 7;
1904 if (gsm->len > gsm->mru) {
1906 gsm->state = GSM_SEARCH;
1911 gsm->state = GSM_FCS;
1913 gsm->state = GSM_DATA;
1915 case GSM_DATA: /* Data */
1916 gsm->buf[gsm->count++] = c;
1917 if (gsm->count == gsm->len)
1918 gsm->state = GSM_FCS;
1920 case GSM_FCS: /* FCS follows the packet */
1921 gsm->received_fcs = c;
1923 gsm->state = GSM_SSOF;
1926 if (c == GSM0_SOF) {
1927 gsm->state = GSM_SEARCH;
1932 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
1938 * gsm1_receive - perform processing for non-transparency
1939 * @gsm: gsm data for this ldisc instance
1942 * Receive bytes in mode 1 (Advanced option)
1945 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1947 if (c == GSM1_SOF) {
1948 /* EOF is only valid in frame if we have got to the data state
1949 and received at least one byte (the FCS) */
1950 if (gsm->state == GSM_DATA && gsm->count) {
1951 /* Extract the FCS */
1953 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1954 gsm->len = gsm->count;
1956 gsm->state = GSM_START;
1959 /* Any partial frame was a runt so go back to start */
1960 if (gsm->state != GSM_START) {
1962 gsm->state = GSM_START;
1964 /* A SOF in GSM_START means we are still reading idling or
1969 if (c == GSM1_ESCAPE) {
1974 /* Only an unescaped SOF gets us out of GSM search */
1975 if (gsm->state == GSM_SEARCH)
1979 c ^= GSM1_ESCAPE_BITS;
1980 gsm->escape = false;
1982 switch (gsm->state) {
1983 case GSM_START: /* First byte after SOF */
1985 gsm->state = GSM_ADDRESS;
1986 gsm->fcs = INIT_FCS;
1988 case GSM_ADDRESS: /* Address continuation */
1989 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1990 if (gsm_read_ea(&gsm->address, c))
1991 gsm->state = GSM_CONTROL;
1993 case GSM_CONTROL: /* Control Byte */
1994 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1997 gsm->state = GSM_DATA;
1999 case GSM_DATA: /* Data */
2000 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
2001 gsm->state = GSM_OVERRUN;
2004 gsm->buf[gsm->count++] = c;
2006 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
2009 pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
2015 * gsm_error - handle tty error
2017 * @data: byte received (may be invalid)
2018 * @flag: error received
2020 * Handle an error in the receipt of data for a frame. Currently we just
2021 * go back to hunting for a SOF.
2023 * FIXME: better diagnostics ?
2026 static void gsm_error(struct gsm_mux *gsm,
2027 unsigned char data, unsigned char flag)
2029 gsm->state = GSM_SEARCH;
2033 static int gsm_disconnect(struct gsm_mux *gsm)
2035 struct gsm_dlci *dlci = gsm->dlci[0];
2036 struct gsm_control *gc;
2041 /* In theory disconnecting DLCI 0 is sufficient but for some
2042 modems this is apparently not the case. */
2043 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2045 gsm_control_wait(gsm, gc);
2047 del_timer_sync(&gsm->t2_timer);
2048 /* Now we are sure T2 has stopped */
2050 gsm_dlci_begin_close(dlci);
2051 wait_event_interruptible(gsm->event,
2052 dlci->state == DLCI_CLOSED);
2054 if (signal_pending(current))
2061 * gsm_cleanup_mux - generic GSM protocol cleanup
2064 * Clean up the bits of the mux which are the same for all framing
2065 * protocols. Remove the mux from the mux table, stop all the timers
2066 * and then shut down each device hanging up the channels as we go.
2069 static void gsm_cleanup_mux(struct gsm_mux *gsm)
2072 struct gsm_dlci *dlci = gsm->dlci[0];
2073 struct gsm_msg *txq, *ntxq;
2077 spin_lock(&gsm_mux_lock);
2078 for (i = 0; i < MAX_MUX; i++) {
2079 if (gsm_mux[i] == gsm) {
2084 spin_unlock(&gsm_mux_lock);
2085 /* open failed before registering => nothing to do */
2089 del_timer_sync(&gsm->t2_timer);
2090 /* Now we are sure T2 has stopped */
2094 /* Free up any link layer users */
2095 mutex_lock(&gsm->mutex);
2096 for (i = 0; i < NUM_DLCI; i++)
2098 gsm_dlci_release(gsm->dlci[i]);
2099 mutex_unlock(&gsm->mutex);
2100 /* Now wipe the queues */
2101 list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2103 INIT_LIST_HEAD(&gsm->tx_list);
2107 * gsm_activate_mux - generic GSM setup
2110 * Set up the bits of the mux which are the same for all framing
2111 * protocols. Add the mux to the mux table so it can be opened and
2112 * finally kick off connecting to DLCI 0 on the modem.
2115 static int gsm_activate_mux(struct gsm_mux *gsm)
2117 struct gsm_dlci *dlci;
2120 timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
2121 init_waitqueue_head(&gsm->event);
2122 spin_lock_init(&gsm->control_lock);
2123 spin_lock_init(&gsm->tx_lock);
2125 if (gsm->encoding == 0)
2126 gsm->receive = gsm0_receive;
2128 gsm->receive = gsm1_receive;
2130 spin_lock(&gsm_mux_lock);
2131 for (i = 0; i < MAX_MUX; i++) {
2132 if (gsm_mux[i] == NULL) {
2138 spin_unlock(&gsm_mux_lock);
2142 dlci = gsm_dlci_alloc(gsm, 0);
2145 gsm->dead = false; /* Tty opens are now permissible */
2150 * gsm_free_mux - free up a mux
2153 * Dispose of allocated resources for a dead mux
2155 static void gsm_free_mux(struct gsm_mux *gsm)
2157 kfree(gsm->txframe);
2163 * gsm_free_muxr - free up a mux
2164 * @ref: kreference to the mux to free
2166 * Dispose of allocated resources for a dead mux
2168 static void gsm_free_muxr(struct kref *ref)
2170 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2174 static inline void mux_get(struct gsm_mux *gsm)
2176 kref_get(&gsm->ref);
2179 static inline void mux_put(struct gsm_mux *gsm)
2181 kref_put(&gsm->ref, gsm_free_muxr);
2184 static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
2186 return gsm->num * NUM_DLCI;
2189 static inline unsigned int mux_line_to_num(unsigned int line)
2191 return line / NUM_DLCI;
2195 * gsm_alloc_mux - allocate a mux
2197 * Creates a new mux ready for activation.
2200 static struct gsm_mux *gsm_alloc_mux(void)
2202 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2205 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2206 if (gsm->buf == NULL) {
2210 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2211 if (gsm->txframe == NULL) {
2216 spin_lock_init(&gsm->lock);
2217 mutex_init(&gsm->mutex);
2218 kref_init(&gsm->ref);
2219 INIT_LIST_HEAD(&gsm->tx_list);
2227 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2229 gsm->dead = true; /* Avoid early tty opens */
2234 static void gsm_copy_config_values(struct gsm_mux *gsm,
2235 struct gsm_config *c)
2237 memset(c, 0, sizeof(*c));
2238 c->adaption = gsm->adaption;
2239 c->encapsulation = gsm->encoding;
2240 c->initiator = gsm->initiator;
2243 c->t3 = 0; /* Not supported */
2245 if (gsm->ftype == UIH)
2249 pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
2255 static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
2258 int need_restart = 0;
2260 /* Stuff we don't support yet - UI or I frame transport, windowing */
2261 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2263 /* Check the MRU/MTU range looks sane */
2264 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2268 if (c->encapsulation > 1) /* Basic, advanced, no I */
2270 if (c->initiator > 1)
2272 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2275 * See what is needed for reconfiguration
2279 if (c->t1 != 0 && c->t1 != gsm->t1)
2281 if (c->t2 != 0 && c->t2 != gsm->t2)
2283 if (c->encapsulation != gsm->encoding)
2285 if (c->adaption != gsm->adaption)
2288 if (c->initiator != gsm->initiator)
2290 if (c->mru != gsm->mru)
2292 if (c->mtu != gsm->mtu)
2296 * Close down what is needed, restart and initiate the new
2300 if (need_close || need_restart) {
2303 ret = gsm_disconnect(gsm);
2309 gsm_cleanup_mux(gsm);
2311 gsm->initiator = c->initiator;
2314 gsm->encoding = c->encapsulation;
2315 gsm->adaption = c->adaption;
2329 * FIXME: We need to separate activation/deactivation from adding
2330 * and removing from the mux array
2333 gsm_activate_mux(gsm);
2334 if (gsm->initiator && need_close)
2335 gsm_dlci_begin_open(gsm->dlci[0]);
2340 * gsmld_output - write to link
2342 * @data: bytes to output
2345 * Write a block of data from the GSM mux to the data channel. This
2346 * will eventually be serialized from above but at the moment isn't.
2349 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2351 if (tty_write_room(gsm->tty) < len) {
2352 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2356 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2358 gsm->tty->ops->write(gsm->tty, data, len);
2363 * gsmld_attach_gsm - mode set up
2364 * @tty: our tty structure
2367 * Set up the MUX for basic mode and commence connecting to the
2368 * modem. Currently called from the line discipline set up but
2369 * will need moving to an ioctl path.
2372 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2377 gsm->tty = tty_kref_get(tty);
2378 ret = gsm_activate_mux(gsm);
2380 tty_kref_put(gsm->tty);
2382 /* Don't register device 0 - this is the control channel and not
2383 a usable tty interface */
2384 base = mux_num_to_base(gsm); /* Base for this MUX */
2385 for (i = 1; i < NUM_DLCI; i++)
2386 tty_register_device(gsm_tty_driver, base + i, NULL);
2393 * gsmld_detach_gsm - stop doing 0710 mux
2394 * @tty: tty attached to the mux
2397 * Shutdown and then clean up the resources used by the line discipline
2400 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2402 unsigned int base = mux_num_to_base(gsm); /* Base for this MUX */
2405 WARN_ON(tty != gsm->tty);
2406 for (i = 1; i < NUM_DLCI; i++)
2407 tty_unregister_device(gsm_tty_driver, base + i);
2408 gsm_cleanup_mux(gsm);
2409 tty_kref_put(gsm->tty);
2413 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2414 char *fp, int count)
2416 struct gsm_mux *gsm = tty->disc_data;
2417 const unsigned char *dp;
2420 char flags = TTY_NORMAL;
2423 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2426 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2431 gsm->receive(gsm, *dp);
2437 gsm_error(gsm, *dp, flags);
2440 WARN_ONCE(1, "%s: unknown flag %d\n",
2441 tty_name(tty), flags);
2445 /* FASYNC if needed ? */
2446 /* If clogged call tty_throttle(tty); */
2450 * gsmld_flush_buffer - clean input queue
2451 * @tty: terminal device
2453 * Flush the input buffer. Called when the line discipline is
2454 * being closed, when the tty layer wants the buffer flushed (eg
2458 static void gsmld_flush_buffer(struct tty_struct *tty)
2463 * gsmld_close - close the ldisc for this tty
2466 * Called from the terminal layer when this line discipline is
2467 * being shut down, either because of a close or becsuse of a
2468 * discipline change. The function will not be called while other
2469 * ldisc methods are in progress.
2472 static void gsmld_close(struct tty_struct *tty)
2474 struct gsm_mux *gsm = tty->disc_data;
2476 gsmld_detach_gsm(tty, gsm);
2478 gsmld_flush_buffer(tty);
2479 /* Do other clean up here */
2484 * gsmld_open - open an ldisc
2485 * @tty: terminal to open
2487 * Called when this line discipline is being attached to the
2488 * terminal device. Can sleep. Called serialized so that no
2489 * other events will occur in parallel. No further open will occur
2493 static int gsmld_open(struct tty_struct *tty)
2495 struct gsm_mux *gsm;
2498 if (tty->ops->write == NULL)
2501 /* Attach our ldisc data */
2502 gsm = gsm_alloc_mux();
2506 tty->disc_data = gsm;
2507 tty->receive_room = 65536;
2509 /* Attach the initial passive connection */
2512 ret = gsmld_attach_gsm(tty, gsm);
2514 gsm_cleanup_mux(gsm);
2521 * gsmld_write_wakeup - asynchronous I/O notifier
2524 * Required for the ptys, serial driver etc. since processes
2525 * that attach themselves to the master and rely on ASYNC
2526 * IO must be woken up
2529 static void gsmld_write_wakeup(struct tty_struct *tty)
2531 struct gsm_mux *gsm = tty->disc_data;
2532 unsigned long flags;
2535 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2536 spin_lock_irqsave(&gsm->tx_lock, flags);
2537 gsm_data_kick(gsm, NULL);
2538 if (gsm->tx_bytes < TX_THRESH_LO) {
2539 gsm_dlci_data_sweep(gsm);
2541 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2545 * gsmld_read - read function for tty
2547 * @file: file object
2548 * @buf: userspace buffer pointer
2551 * Perform reads for the line discipline. We are guaranteed that the
2552 * line discipline will not be closed under us but we may get multiple
2553 * parallel readers and must handle this ourselves. We may also get
2554 * a hangup. Always called in user context, may sleep.
2556 * This code must be sure never to sleep through a hangup.
2559 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2560 unsigned char __user *buf, size_t nr)
2566 * gsmld_write - write function for tty
2568 * @file: file object
2569 * @buf: userspace buffer pointer
2572 * Called when the owner of the device wants to send a frame
2573 * itself (or some other control data). The data is transferred
2574 * as-is and must be properly framed and checksummed as appropriate
2575 * by userspace. Frames are either sent whole or not at all as this
2576 * avoids pain user side.
2579 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2580 const unsigned char *buf, size_t nr)
2582 int space = tty_write_room(tty);
2584 return tty->ops->write(tty, buf, nr);
2585 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2590 * gsmld_poll - poll method for N_GSM0710
2591 * @tty: terminal device
2592 * @file: file accessing it
2595 * Called when the line discipline is asked to poll() for data or
2596 * for special events. This code is not serialized with respect to
2597 * other events save open/close.
2599 * This code must be sure never to sleep through a hangup.
2600 * Called without the kernel lock held - fine
2603 static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
2607 struct gsm_mux *gsm = tty->disc_data;
2609 poll_wait(file, &tty->read_wait, wait);
2610 poll_wait(file, &tty->write_wait, wait);
2611 if (tty_hung_up_p(file))
2613 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2614 mask |= EPOLLOUT | EPOLLWRNORM;
2620 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2621 unsigned int cmd, unsigned long arg)
2623 struct gsm_config c;
2624 struct gsm_mux *gsm = tty->disc_data;
2628 case GSMIOC_GETCONF:
2629 gsm_copy_config_values(gsm, &c);
2630 if (copy_to_user((void __user *)arg, &c, sizeof(c)))
2633 case GSMIOC_SETCONF:
2634 if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
2636 return gsm_config(gsm, &c);
2637 case GSMIOC_GETFIRST:
2638 base = mux_num_to_base(gsm);
2639 return put_user(base + 1, (__u32 __user *)arg);
2641 return n_tty_ioctl_helper(tty, file, cmd, arg);
2650 static int gsm_mux_net_open(struct net_device *net)
2652 pr_debug("%s called\n", __func__);
2653 netif_start_queue(net);
2657 static int gsm_mux_net_close(struct net_device *net)
2659 netif_stop_queue(net);
2663 static void dlci_net_free(struct gsm_dlci *dlci)
2669 dlci->adaption = dlci->prev_adaption;
2670 dlci->data = dlci->prev_data;
2671 free_netdev(dlci->net);
2674 static void net_free(struct kref *ref)
2676 struct gsm_mux_net *mux_net;
2677 struct gsm_dlci *dlci;
2679 mux_net = container_of(ref, struct gsm_mux_net, ref);
2680 dlci = mux_net->dlci;
2683 unregister_netdev(dlci->net);
2684 dlci_net_free(dlci);
2688 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2690 kref_get(&mux_net->ref);
2693 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2695 kref_put(&mux_net->ref, net_free);
2698 static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
2699 struct net_device *net)
2701 struct gsm_mux_net *mux_net = netdev_priv(net);
2702 struct gsm_dlci *dlci = mux_net->dlci;
2703 muxnet_get(mux_net);
2705 skb_queue_head(&dlci->skb_list, skb);
2706 net->stats.tx_packets++;
2707 net->stats.tx_bytes += skb->len;
2708 gsm_dlci_data_kick(dlci);
2709 /* And tell the kernel when the last transmit started. */
2710 netif_trans_update(net);
2711 muxnet_put(mux_net);
2712 return NETDEV_TX_OK;
2715 /* called when a packet did not ack after watchdogtimeout */
2716 static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
2718 /* Tell syslog we are hosed. */
2719 dev_dbg(&net->dev, "Tx timed out.\n");
2721 /* Update statistics */
2722 net->stats.tx_errors++;
2725 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2726 const unsigned char *in_buf, int size)
2728 struct net_device *net = dlci->net;
2729 struct sk_buff *skb;
2730 struct gsm_mux_net *mux_net = netdev_priv(net);
2731 muxnet_get(mux_net);
2733 /* Allocate an sk_buff */
2734 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2736 /* We got no receive buffer. */
2737 net->stats.rx_dropped++;
2738 muxnet_put(mux_net);
2741 skb_reserve(skb, NET_IP_ALIGN);
2742 skb_put_data(skb, in_buf, size);
2745 skb->protocol = htons(ETH_P_IP);
2747 /* Ship it off to the kernel */
2750 /* update out statistics */
2751 net->stats.rx_packets++;
2752 net->stats.rx_bytes += size;
2753 muxnet_put(mux_net);
2757 static void gsm_mux_net_init(struct net_device *net)
2759 static const struct net_device_ops gsm_netdev_ops = {
2760 .ndo_open = gsm_mux_net_open,
2761 .ndo_stop = gsm_mux_net_close,
2762 .ndo_start_xmit = gsm_mux_net_start_xmit,
2763 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2766 net->netdev_ops = &gsm_netdev_ops;
2768 /* fill in the other fields */
2769 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2770 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2771 net->type = ARPHRD_NONE;
2772 net->tx_queue_len = 10;
2776 /* caller holds the dlci mutex */
2777 static void gsm_destroy_network(struct gsm_dlci *dlci)
2779 struct gsm_mux_net *mux_net;
2781 pr_debug("destroy network interface\n");
2784 mux_net = netdev_priv(dlci->net);
2785 muxnet_put(mux_net);
2789 /* caller holds the dlci mutex */
2790 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2794 struct net_device *net;
2795 struct gsm_mux_net *mux_net;
2797 if (!capable(CAP_NET_ADMIN))
2800 /* Already in a non tty mode */
2801 if (dlci->adaption > 2)
2804 if (nc->protocol != htons(ETH_P_IP))
2805 return -EPROTONOSUPPORT;
2807 if (nc->adaption != 3 && nc->adaption != 4)
2808 return -EPROTONOSUPPORT;
2810 pr_debug("create network interface\n");
2813 if (nc->if_name[0] != '\0')
2814 netname = nc->if_name;
2815 net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
2816 NET_NAME_UNKNOWN, gsm_mux_net_init);
2818 pr_err("alloc_netdev failed\n");
2821 net->mtu = dlci->gsm->mtu;
2823 net->max_mtu = dlci->gsm->mtu;
2824 mux_net = netdev_priv(net);
2825 mux_net->dlci = dlci;
2826 kref_init(&mux_net->ref);
2827 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2829 /* reconfigure dlci for network */
2830 dlci->prev_adaption = dlci->adaption;
2831 dlci->prev_data = dlci->data;
2832 dlci->adaption = nc->adaption;
2833 dlci->data = gsm_mux_rx_netchar;
2836 pr_debug("register netdev\n");
2837 retval = register_netdev(net);
2839 pr_err("network register fail %d\n", retval);
2840 dlci_net_free(dlci);
2843 return net->ifindex; /* return network index */
2846 /* Line discipline for real tty */
2847 static struct tty_ldisc_ops tty_ldisc_packet = {
2848 .owner = THIS_MODULE,
2849 .magic = TTY_LDISC_MAGIC,
2852 .close = gsmld_close,
2853 .flush_buffer = gsmld_flush_buffer,
2855 .write = gsmld_write,
2856 .ioctl = gsmld_ioctl,
2858 .receive_buf = gsmld_receive_buf,
2859 .write_wakeup = gsmld_write_wakeup
2868 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2871 struct gsm_control *ctrl;
2877 modembits[0] = len << 1 | EA; /* Data bytes */
2878 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2879 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2881 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2882 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2885 return gsm_control_wait(dlci->gsm, ctrl);
2888 static int gsm_carrier_raised(struct tty_port *port)
2890 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2891 struct gsm_mux *gsm = dlci->gsm;
2893 /* Not yet open so no carrier info */
2894 if (dlci->state != DLCI_OPEN)
2900 * Basic mode with control channel in ADM mode may not respond
2901 * to CMD_MSC at all and modem_rx is empty.
2903 if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM &&
2907 return dlci->modem_rx & TIOCM_CD;
2910 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2912 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2913 unsigned int modem_tx = dlci->modem_tx;
2915 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2917 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2918 if (modem_tx != dlci->modem_tx) {
2919 dlci->modem_tx = modem_tx;
2920 gsmtty_modem_update(dlci, 0);
2924 static const struct tty_port_operations gsm_port_ops = {
2925 .carrier_raised = gsm_carrier_raised,
2926 .dtr_rts = gsm_dtr_rts,
2927 .destruct = gsm_dlci_free,
2930 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
2932 struct gsm_mux *gsm;
2933 struct gsm_dlci *dlci;
2934 unsigned int line = tty->index;
2935 unsigned int mux = mux_line_to_num(line);
2943 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2944 if (gsm_mux[mux] == NULL)
2946 if (line == 0 || line > 61) /* 62/63 reserved */
2951 /* If DLCI 0 is not yet fully open return an error.
2952 This is ok from a locking
2953 perspective as we don't have to worry about this
2955 mutex_lock(&gsm->mutex);
2956 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN) {
2957 mutex_unlock(&gsm->mutex);
2960 dlci = gsm->dlci[line];
2963 dlci = gsm_dlci_alloc(gsm, line);
2966 mutex_unlock(&gsm->mutex);
2969 ret = tty_port_install(&dlci->port, driver, tty);
2973 mutex_unlock(&gsm->mutex);
2978 dlci_get(gsm->dlci[0]);
2980 tty->driver_data = dlci;
2981 mutex_unlock(&gsm->mutex);
2986 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2988 struct gsm_dlci *dlci = tty->driver_data;
2989 struct tty_port *port = &dlci->port;
2992 tty_port_tty_set(port, tty);
2995 /* We could in theory open and close before we wait - eg if we get
2996 a DM straight back. This is ok as that will have caused a hangup */
2997 tty_port_set_initialized(port, 1);
2998 /* Start sending off SABM messages */
2999 gsm_dlci_begin_open(dlci);
3000 /* And wait for virtual carrier */
3001 return tty_port_block_til_ready(port, tty, filp);
3004 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
3006 struct gsm_dlci *dlci = tty->driver_data;
3010 if (dlci->state == DLCI_CLOSED)
3012 mutex_lock(&dlci->mutex);
3013 gsm_destroy_network(dlci);
3014 mutex_unlock(&dlci->mutex);
3015 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
3017 gsm_dlci_begin_close(dlci);
3018 if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
3019 tty_port_lower_dtr_rts(&dlci->port);
3020 tty_port_close_end(&dlci->port, tty);
3021 tty_port_tty_set(&dlci->port, NULL);
3025 static void gsmtty_hangup(struct tty_struct *tty)
3027 struct gsm_dlci *dlci = tty->driver_data;
3028 if (dlci->state == DLCI_CLOSED)
3030 tty_port_hangup(&dlci->port);
3031 gsm_dlci_begin_close(dlci);
3034 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
3038 struct gsm_dlci *dlci = tty->driver_data;
3039 if (dlci->state == DLCI_CLOSED)
3041 /* Stuff the bytes into the fifo queue */
3042 sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
3043 /* Need to kick the channel */
3044 gsm_dlci_data_kick(dlci);
3048 static int gsmtty_write_room(struct tty_struct *tty)
3050 struct gsm_dlci *dlci = tty->driver_data;
3051 if (dlci->state == DLCI_CLOSED)
3053 return TX_SIZE - kfifo_len(&dlci->fifo);
3056 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
3058 struct gsm_dlci *dlci = tty->driver_data;
3059 if (dlci->state == DLCI_CLOSED)
3061 return kfifo_len(&dlci->fifo);
3064 static void gsmtty_flush_buffer(struct tty_struct *tty)
3066 struct gsm_dlci *dlci = tty->driver_data;
3067 if (dlci->state == DLCI_CLOSED)
3069 /* Caution needed: If we implement reliable transport classes
3070 then the data being transmitted can't simply be junked once
3071 it has first hit the stack. Until then we can just blow it
3073 kfifo_reset(&dlci->fifo);
3074 /* Need to unhook this DLCI from the transmit queue logic */
3077 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3079 /* The FIFO handles the queue so the kernel will do the right
3080 thing waiting on chars_in_buffer before calling us. No work
3084 static int gsmtty_tiocmget(struct tty_struct *tty)
3086 struct gsm_dlci *dlci = tty->driver_data;
3087 if (dlci->state == DLCI_CLOSED)
3089 return dlci->modem_rx;
3092 static int gsmtty_tiocmset(struct tty_struct *tty,
3093 unsigned int set, unsigned int clear)
3095 struct gsm_dlci *dlci = tty->driver_data;
3096 unsigned int modem_tx = dlci->modem_tx;
3098 if (dlci->state == DLCI_CLOSED)
3103 if (modem_tx != dlci->modem_tx) {
3104 dlci->modem_tx = modem_tx;
3105 return gsmtty_modem_update(dlci, 0);
3111 static int gsmtty_ioctl(struct tty_struct *tty,
3112 unsigned int cmd, unsigned long arg)
3114 struct gsm_dlci *dlci = tty->driver_data;
3115 struct gsm_netconfig nc;
3118 if (dlci->state == DLCI_CLOSED)
3121 case GSMIOC_ENABLE_NET:
3122 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3124 nc.if_name[IFNAMSIZ-1] = '\0';
3125 /* return net interface index or error code */
3126 mutex_lock(&dlci->mutex);
3127 index = gsm_create_network(dlci, &nc);
3128 mutex_unlock(&dlci->mutex);
3129 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3132 case GSMIOC_DISABLE_NET:
3133 if (!capable(CAP_NET_ADMIN))
3135 mutex_lock(&dlci->mutex);
3136 gsm_destroy_network(dlci);
3137 mutex_unlock(&dlci->mutex);
3140 return -ENOIOCTLCMD;
3144 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3146 struct gsm_dlci *dlci = tty->driver_data;
3147 if (dlci->state == DLCI_CLOSED)
3149 /* For the moment its fixed. In actual fact the speed information
3150 for the virtual channel can be propogated in both directions by
3151 the RPN control message. This however rapidly gets nasty as we
3152 then have to remap modem signals each way according to whether
3153 our virtual cable is null modem etc .. */
3154 tty_termios_copy_hw(&tty->termios, old);
3157 static void gsmtty_throttle(struct tty_struct *tty)
3159 struct gsm_dlci *dlci = tty->driver_data;
3160 if (dlci->state == DLCI_CLOSED)
3163 dlci->modem_tx &= ~TIOCM_DTR;
3164 dlci->throttled = true;
3165 /* Send an MSC with DTR cleared */
3166 gsmtty_modem_update(dlci, 0);
3169 static void gsmtty_unthrottle(struct tty_struct *tty)
3171 struct gsm_dlci *dlci = tty->driver_data;
3172 if (dlci->state == DLCI_CLOSED)
3175 dlci->modem_tx |= TIOCM_DTR;
3176 dlci->throttled = false;
3177 /* Send an MSC with DTR set */
3178 gsmtty_modem_update(dlci, 0);
3181 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3183 struct gsm_dlci *dlci = tty->driver_data;
3184 int encode = 0; /* Off */
3185 if (dlci->state == DLCI_CLOSED)
3188 if (state == -1) /* "On indefinitely" - we can't encode this
3191 else if (state > 0) {
3192 encode = state / 200; /* mS to encoding */
3194 encode = 0x0F; /* Best effort */
3196 return gsmtty_modem_update(dlci, encode);
3199 static void gsmtty_cleanup(struct tty_struct *tty)
3201 struct gsm_dlci *dlci = tty->driver_data;
3202 struct gsm_mux *gsm = dlci->gsm;
3205 dlci_put(gsm->dlci[0]);
3209 /* Virtual ttys for the demux */
3210 static const struct tty_operations gsmtty_ops = {
3211 .install = gsmtty_install,
3212 .open = gsmtty_open,
3213 .close = gsmtty_close,
3214 .write = gsmtty_write,
3215 .write_room = gsmtty_write_room,
3216 .chars_in_buffer = gsmtty_chars_in_buffer,
3217 .flush_buffer = gsmtty_flush_buffer,
3218 .ioctl = gsmtty_ioctl,
3219 .throttle = gsmtty_throttle,
3220 .unthrottle = gsmtty_unthrottle,
3221 .set_termios = gsmtty_set_termios,
3222 .hangup = gsmtty_hangup,
3223 .wait_until_sent = gsmtty_wait_until_sent,
3224 .tiocmget = gsmtty_tiocmget,
3225 .tiocmset = gsmtty_tiocmset,
3226 .break_ctl = gsmtty_break_ctl,
3227 .cleanup = gsmtty_cleanup,
3232 static int __init gsm_init(void)
3234 /* Fill in our line protocol discipline, and register it */
3235 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3237 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3242 gsm_tty_driver = alloc_tty_driver(256);
3243 if (!gsm_tty_driver) {
3244 tty_unregister_ldisc(N_GSM0710);
3245 pr_err("gsm_init: tty allocation failed.\n");
3248 gsm_tty_driver->driver_name = "gsmtty";
3249 gsm_tty_driver->name = "gsmtty";
3250 gsm_tty_driver->major = 0; /* Dynamic */
3251 gsm_tty_driver->minor_start = 0;
3252 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3253 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3254 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3255 | TTY_DRIVER_HARDWARE_BREAK;
3256 gsm_tty_driver->init_termios = tty_std_termios;
3258 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3259 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3261 spin_lock_init(&gsm_mux_lock);
3263 if (tty_register_driver(gsm_tty_driver)) {
3264 put_tty_driver(gsm_tty_driver);
3265 tty_unregister_ldisc(N_GSM0710);
3266 pr_err("gsm_init: tty registration failed.\n");
3269 pr_debug("gsm_init: loaded as %d,%d.\n",
3270 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3274 static void __exit gsm_exit(void)
3276 int status = tty_unregister_ldisc(N_GSM0710);
3278 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3280 tty_unregister_driver(gsm_tty_driver);
3281 put_tty_driver(gsm_tty_driver);
3284 module_init(gsm_init);
3285 module_exit(gsm_exit);
3288 MODULE_LICENSE("GPL");
3289 MODULE_ALIAS_LDISC(N_GSM0710);