Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
n_gsm.c
Go to the documentation of this file.
1 /*
2  * n_gsm.c GSM 0710 tty multiplexor
3  * Copyright (c) 2009/10 Intel Corporation
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License version 2 as
7  * published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17  *
18  * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
19  *
20  * TO DO:
21  * Mostly done: ioctls for setting modes/timing
22  * Partly done: hooks so you can pull off frames to non tty devs
23  * Restart DLCI 0 when it closes ?
24  * Improve the tx engine
25  * Resolve tx side locking by adding a queue_head and routing
26  * all control traffic via it
27  * General tidy/document
28  * Review the locking/move to refcounts more (mux now moved to an
29  * alloc/free model ready)
30  * Use newest tty open/close port helpers and install hooks
31  * What to do about power functions ?
32  * Termios setting and negotiation
33  * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
34  *
35  */
36 
37 #include <linux/types.h>
38 #include <linux/major.h>
39 #include <linux/errno.h>
40 #include <linux/signal.h>
41 #include <linux/fcntl.h>
42 #include <linux/sched.h>
43 #include <linux/interrupt.h>
44 #include <linux/tty.h>
45 #include <linux/ctype.h>
46 #include <linux/mm.h>
47 #include <linux/string.h>
48 #include <linux/slab.h>
49 #include <linux/poll.h>
50 #include <linux/bitops.h>
51 #include <linux/file.h>
52 #include <linux/uaccess.h>
53 #include <linux/module.h>
54 #include <linux/timer.h>
55 #include <linux/tty_flip.h>
56 #include <linux/tty_driver.h>
57 #include <linux/serial.h>
58 #include <linux/kfifo.h>
59 #include <linux/skbuff.h>
60 #include <net/arp.h>
61 #include <linux/ip.h>
62 #include <linux/netdevice.h>
63 #include <linux/etherdevice.h>
64 #include <linux/gsmmux.h>
65 
66 static int debug;
67 module_param(debug, int, 0600);
68 
69 /* Defaults: these are from the specification */
70 
71 #define T1 10 /* 100mS */
72 #define T2 34 /* 333mS */
73 #define N2 3 /* Retry 3 times */
74 
75 /* Use long timers for testing at low speed with debug on */
76 #ifdef DEBUG_TIMING
77 #define T1 100
78 #define T2 200
79 #endif
80 
81 /*
82  * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
83  * limits so this is plenty
84  */
85 #define MAX_MRU 1500
86 #define MAX_MTU 1500
87 #define GSM_NET_TX_TIMEOUT (HZ*10)
88 
96 struct gsm_mux_net {
97  struct kref ref;
98  struct gsm_dlci *dlci;
99  struct net_device_stats stats;
100 };
101 
102 #define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats)
103 
104 /*
105  * Each block of data we have queued to go out is in the form of
106  * a gsm_msg which holds everything we need in a link layer independent
107  * format
108  */
109 
110 struct gsm_msg {
111  struct list_head list;
112  u8 addr; /* DLCI address + flags */
113  u8 ctrl; /* Control byte + flags */
114  unsigned int len; /* Length of data block (can be zero) */
115  unsigned char *data; /* Points into buffer but not at the start */
116  unsigned char buffer[0];
117 };
118 
119 /*
120  * Each active data link has a gsm_dlci structure associated which ties
121  * the link layer to an optional tty (if the tty side is open). To avoid
122  * complexity right now these are only ever freed up when the mux is
123  * shut down.
124  *
125  * At the moment we don't free DLCI objects until the mux is torn down
126  * this avoid object life time issues but might be worth review later.
127  */
128 
129 struct gsm_dlci {
130  struct gsm_mux *gsm;
131  int addr;
132  int state;
133 #define DLCI_CLOSED 0
134 #define DLCI_OPENING 1 /* Sending SABM not seen UA */
135 #define DLCI_OPEN 2 /* SABM/UA complete */
136 #define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
137  struct kref ref; /* freed from port or mux close */
138  struct mutex mutex;
139 
140  /* Link layer */
141  spinlock_t lock; /* Protects the internal state */
142  struct timer_list t1; /* Retransmit timer for SABM and UA */
143  int retries;
144  /* Uplink tty if active */
145  struct tty_port port; /* The tty bound to this DLCI if there is one */
146  struct kfifo *fifo; /* Queue fifo for the DLCI */
147  struct kfifo _fifo; /* For new fifo API porting only */
148  int adaption; /* Adaption layer in use */
149  int prev_adaption;
150  u32 modem_rx; /* Our incoming virtual modem lines */
151  u32 modem_tx; /* Our outgoing modem lines */
152  int dead; /* Refuse re-open */
153  /* Flow control */
154  int throttled; /* Private copy of throttle state */
155  int constipated; /* Throttle status for outgoing */
156  /* Packetised I/O */
157  struct sk_buff *skb; /* Frame being sent */
158  struct sk_buff_head skb_list; /* Queued frames */
159  /* Data handling callback */
160  void (*data)(struct gsm_dlci *dlci, u8 *data, int len);
161  void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len);
162  struct net_device *net; /* network interface, if created */
163 };
164 
165 /* DLCI 0, 62/63 are special or reseved see gsmtty_open */
166 
167 #define NUM_DLCI 64
168 
169 /*
170  * DLCI 0 is used to pass control blocks out of band of the data
171  * flow (and with a higher link priority). One command can be outstanding
172  * at a time and we use this structure to manage them. They are created
173  * and destroyed by the user context, and updated by the receive paths
174  * and timers
175  */
176 
177 struct gsm_control {
178  u8 cmd; /* Command we are issuing */
179  u8 *data; /* Data for the command in case we retransmit */
180  int len; /* Length of block for retransmission */
181  int done; /* Done flag */
182  int error; /* Error if any */
183 };
184 
185 /*
186  * Each GSM mux we have is represented by this structure. If we are
187  * operating as an ldisc then we use this structure as our ldisc
188  * state. We need to sort out lifetimes and locking with respect
189  * to the gsm mux array. For now we don't free DLCI objects that
190  * have been instantiated until the mux itself is terminated.
191  *
192  * To consider further: tty open versus mux shutdown.
193  */
194 
195 struct gsm_mux {
196  struct tty_struct *tty; /* The tty our ldisc is bound to */
197  spinlock_t lock;
198  unsigned int num;
199  struct kref ref;
200 
201  /* Events on the GSM channel */
202  wait_queue_head_t event;
203 
204  /* Bits for GSM mode decoding */
205 
206  /* Framing Layer */
207  unsigned char *buf;
208  int state;
209 #define GSM_SEARCH 0
210 #define GSM_START 1
211 #define GSM_ADDRESS 2
212 #define GSM_CONTROL 3
213 #define GSM_LEN 4
214 #define GSM_DATA 5
215 #define GSM_FCS 6
216 #define GSM_OVERRUN 7
217 #define GSM_LEN0 8
218 #define GSM_LEN1 9
219 #define GSM_SSOF 10
220  unsigned int len;
221  unsigned int address;
222  unsigned int count;
223  int escape;
224  int encoding;
225  u8 control;
226  u8 fcs;
227  u8 received_fcs;
228  u8 *txframe; /* TX framing buffer */
229 
230  /* Methods for the receiver side */
231  void (*receive)(struct gsm_mux *gsm, u8 ch);
232  void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
233  /* And transmit side */
234  int (*output)(struct gsm_mux *mux, u8 *data, int len);
235 
236  /* Link Layer */
237  unsigned int mru;
238  unsigned int mtu;
239  int initiator; /* Did we initiate connection */
240  int dead; /* Has the mux been shut down */
241  struct gsm_dlci *dlci[NUM_DLCI];
242  int constipated; /* Asked by remote to shut up */
243 
244  spinlock_t tx_lock;
245  unsigned int tx_bytes; /* TX data outstanding */
246 #define TX_THRESH_HI 8192
247 #define TX_THRESH_LO 2048
248  struct list_head tx_list; /* Pending data packets */
249 
250  /* Control messages */
251  struct timer_list t2_timer; /* Retransmit timer for commands */
252  int cretries; /* Command retry counter */
253  struct gsm_control *pending_cmd;/* Our current pending command */
254  spinlock_t control_lock; /* Protects the pending command */
255 
256  /* Configuration */
257  int adaption; /* 1 or 2 supported */
258  u8 ftype; /* UI or UIH */
259  int t1, t2; /* Timers in 1/100th of a sec */
260  int n2; /* Retry count */
261 
262  /* Statistics (not currently exposed) */
263  unsigned long bad_fcs;
264  unsigned long malformed;
265  unsigned long io_error;
266  unsigned long bad_size;
267  unsigned long unsupported;
268 };
269 
270 
271 /*
272  * Mux objects - needed so that we can translate a tty index into the
273  * relevant mux and DLCI.
274  */
275 
276 #define MAX_MUX 4 /* 256 minors */
277 static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
278 static spinlock_t gsm_mux_lock;
279 
280 static struct tty_driver *gsm_tty_driver;
281 
282 /*
283  * This section of the driver logic implements the GSM encodings
284  * both the basic and the 'advanced'. Reliable transport is not
285  * supported.
286  */
287 
288 #define CR 0x02
289 #define EA 0x01
290 #define PF 0x10
291 
292 /* I is special: the rest are ..*/
293 #define RR 0x01
294 #define UI 0x03
295 #define RNR 0x05
296 #define REJ 0x09
297 #define DM 0x0F
298 #define SABM 0x2F
299 #define DISC 0x43
300 #define UA 0x63
301 #define UIH 0xEF
302 
303 /* Channel commands */
304 #define CMD_NSC 0x09
305 #define CMD_TEST 0x11
306 #define CMD_PSC 0x21
307 #define CMD_RLS 0x29
308 #define CMD_FCOFF 0x31
309 #define CMD_PN 0x41
310 #define CMD_RPN 0x49
311 #define CMD_FCON 0x51
312 #define CMD_CLD 0x61
313 #define CMD_SNC 0x69
314 #define CMD_MSC 0x71
315 
316 /* Virtual modem bits */
317 #define MDM_FC 0x01
318 #define MDM_RTC 0x02
319 #define MDM_RTR 0x04
320 #define MDM_IC 0x20
321 #define MDM_DV 0x40
322 
323 #define GSM0_SOF 0xF9
324 #define GSM1_SOF 0x7E
325 #define GSM1_ESCAPE 0x7D
326 #define GSM1_ESCAPE_BITS 0x20
327 #define XON 0x11
328 #define XOFF 0x13
329 
330 static const struct tty_port_operations gsm_port_ops;
331 
332 /*
333  * CRC table for GSM 0710
334  */
335 
336 static const u8 gsm_fcs8[256] = {
337  0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
338  0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
339  0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
340  0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
341  0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
342  0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
343  0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
344  0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
345  0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
346  0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
347  0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
348  0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
349  0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
350  0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
351  0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
352  0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
353  0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
354  0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
355  0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
356  0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
357  0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
358  0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
359  0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
360  0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
361  0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
362  0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
363  0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
364  0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
365  0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
366  0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
367  0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
368  0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
369 };
370 
371 #define INIT_FCS 0xFF
372 #define GOOD_FCS 0xCF
373 
383 static inline u8 gsm_fcs_add(u8 fcs, u8 c)
384 {
385  return gsm_fcs8[fcs ^ c];
386 }
387 
398 static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
399 {
400  while (len--)
401  fcs = gsm_fcs8[fcs ^ *c++];
402  return fcs;
403 }
404 
414 static int gsm_read_ea(unsigned int *val, u8 c)
415 {
416  /* Add the next 7 bits into the value */
417  *val <<= 7;
418  *val |= c >> 1;
419  /* Was this the last byte of the EA 1 = yes*/
420  return c & EA;
421 }
422 
431 static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
432 {
433  u8 modembits = 0;
434  /* FC is true flow control not modem bits */
435  if (dlci->throttled)
436  modembits |= MDM_FC;
437  if (dlci->modem_tx & TIOCM_DTR)
438  modembits |= MDM_RTC;
439  if (dlci->modem_tx & TIOCM_RTS)
440  modembits |= MDM_RTR;
441  if (dlci->modem_tx & TIOCM_RI)
442  modembits |= MDM_IC;
443  if (dlci->modem_tx & TIOCM_CD)
444  modembits |= MDM_DV;
445  return modembits;
446 }
447 
461 static void gsm_print_packet(const char *hdr, int addr, int cr,
462  u8 control, const u8 *data, int dlen)
463 {
464  if (!(debug & 1))
465  return;
466 
467  pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
468 
469  switch (control & ~PF) {
470  case SABM:
471  pr_cont("SABM");
472  break;
473  case UA:
474  pr_cont("UA");
475  break;
476  case DISC:
477  pr_cont("DISC");
478  break;
479  case DM:
480  pr_cont("DM");
481  break;
482  case UI:
483  pr_cont("UI");
484  break;
485  case UIH:
486  pr_cont("UIH");
487  break;
488  default:
489  if (!(control & 0x01)) {
490  pr_cont("I N(S)%d N(R)%d",
491  (control & 0x0E) >> 1, (control & 0xE0) >> 5);
492  } else switch (control & 0x0F) {
493  case RR:
494  pr_cont("RR(%d)", (control & 0xE0) >> 5);
495  break;
496  case RNR:
497  pr_cont("RNR(%d)", (control & 0xE0) >> 5);
498  break;
499  case REJ:
500  pr_cont("REJ(%d)", (control & 0xE0) >> 5);
501  break;
502  default:
503  pr_cont("[%02X]", control);
504  }
505  }
506 
507  if (control & PF)
508  pr_cont("(P)");
509  else
510  pr_cont("(F)");
511 
512  if (dlen) {
513  int ct = 0;
514  while (dlen--) {
515  if (ct % 8 == 0) {
516  pr_cont("\n");
517  pr_debug(" ");
518  }
519  pr_cont("%02X ", *data++);
520  ct++;
521  }
522  }
523  pr_cont("\n");
524 }
525 
526 
527 /*
528  * Link level transmission side
529  */
530 
542 static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
543 {
544  int olen = 0;
545  while (len--) {
546  if (*input == GSM1_SOF || *input == GSM1_ESCAPE
547  || *input == XON || *input == XOFF) {
548  *output++ = GSM1_ESCAPE;
549  *output++ = *input++ ^ GSM1_ESCAPE_BITS;
550  olen++;
551  } else
552  *output++ = *input++;
553  olen++;
554  }
555  return olen;
556 }
557 
572 static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
573 {
574  int len;
575  u8 cbuf[10];
576  u8 ibuf[3];
577 
578  switch (gsm->encoding) {
579  case 0:
580  cbuf[0] = GSM0_SOF;
581  cbuf[1] = (addr << 2) | (cr << 1) | EA;
582  cbuf[2] = control;
583  cbuf[3] = EA; /* Length of data = 0 */
584  cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
585  cbuf[5] = GSM0_SOF;
586  len = 6;
587  break;
588  case 1:
589  case 2:
590  /* Control frame + packing (but not frame stuffing) in mode 1 */
591  ibuf[0] = (addr << 2) | (cr << 1) | EA;
592  ibuf[1] = control;
593  ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
594  /* Stuffing may double the size worst case */
595  len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
596  /* Now add the SOF markers */
597  cbuf[0] = GSM1_SOF;
598  cbuf[len + 1] = GSM1_SOF;
599  /* FIXME: we can omit the lead one in many cases */
600  len += 2;
601  break;
602  default:
603  WARN_ON(1);
604  return;
605  }
606  gsm->output(gsm, cbuf, len);
607  gsm_print_packet("-->", addr, cr, control, NULL, 0);
608 }
609 
619 static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
620 {
621  gsm_send(gsm, addr, 0, control);
622 }
623 
633 static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
634 {
635  gsm_send(gsm, addr, 1, control);
636 }
637 
638 /* Data transmission */
639 
640 #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
641 
654 static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
655  u8 ctrl)
656 {
657  struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
658  GFP_ATOMIC);
659  if (m == NULL)
660  return NULL;
661  m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
662  m->len = len;
663  m->addr = addr;
664  m->ctrl = ctrl;
665  INIT_LIST_HEAD(&m->list);
666  return m;
667 }
668 
681 static void gsm_data_kick(struct gsm_mux *gsm)
682 {
683  struct gsm_msg *msg, *nmsg;
684  int len;
685  int skip_sof = 0;
686 
687  list_for_each_entry_safe(msg, nmsg, &gsm->tx_list, list) {
688  if (gsm->constipated && msg->addr)
689  continue;
690  if (gsm->encoding != 0) {
691  gsm->txframe[0] = GSM1_SOF;
692  len = gsm_stuff_frame(msg->data,
693  gsm->txframe + 1, msg->len);
694  gsm->txframe[len + 1] = GSM1_SOF;
695  len += 2;
696  } else {
697  gsm->txframe[0] = GSM0_SOF;
698  memcpy(gsm->txframe + 1 , msg->data, msg->len);
699  gsm->txframe[msg->len + 1] = GSM0_SOF;
700  len = msg->len + 2;
701  }
702 
703  if (debug & 4)
704  print_hex_dump_bytes("gsm_data_kick: ",
705  DUMP_PREFIX_OFFSET,
706  gsm->txframe, len);
707 
708  if (gsm->output(gsm, gsm->txframe + skip_sof,
709  len - skip_sof) < 0)
710  break;
711  /* FIXME: Can eliminate one SOF in many more cases */
712  gsm->tx_bytes -= msg->len;
713  /* For a burst of frames skip the extra SOF within the
714  burst */
715  skip_sof = 1;
716 
717  list_del(&msg->list);
718  kfree(msg);
719  }
720 }
721 
732 static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
733 {
734  struct gsm_mux *gsm = dlci->gsm;
735  u8 *dp = msg->data;
736  u8 *fcs = dp + msg->len;
737 
738  /* Fill in the header */
739  if (gsm->encoding == 0) {
740  if (msg->len < 128)
741  *--dp = (msg->len << 1) | EA;
742  else {
743  *--dp = (msg->len >> 7); /* bits 7 - 15 */
744  *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
745  }
746  }
747 
748  *--dp = msg->ctrl;
749  if (gsm->initiator)
750  *--dp = (msg->addr << 2) | 2 | EA;
751  else
752  *--dp = (msg->addr << 2) | EA;
753  *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
754  /* Ugly protocol layering violation */
755  if (msg->ctrl == UI || msg->ctrl == (UI|PF))
756  *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
757  *fcs = 0xFF - *fcs;
758 
759  gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
760  msg->data, msg->len);
761 
762  /* Move the header back and adjust the length, also allow for the FCS
763  now tacked on the end */
764  msg->len += (msg->data - dp) + 1;
765  msg->data = dp;
766 
767  /* Add to the actual output queue */
768  list_add_tail(&msg->list, &gsm->tx_list);
769  gsm->tx_bytes += msg->len;
770  gsm_data_kick(gsm);
771 }
772 
783 static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
784 {
785  unsigned long flags;
786  spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
787  __gsm_data_queue(dlci, msg);
788  spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
789 }
790 
803 static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
804 {
805  struct gsm_msg *msg;
806  u8 *dp;
807  int len, total_size, size;
808  int h = dlci->adaption - 1;
809 
810  total_size = 0;
811  while(1) {
812  len = kfifo_len(dlci->fifo);
813  if (len == 0)
814  return total_size;
815 
816  /* MTU/MRU count only the data bits */
817  if (len > gsm->mtu)
818  len = gsm->mtu;
819 
820  size = len + h;
821 
822  msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
823  /* FIXME: need a timer or something to kick this so it can't
824  get stuck with no work outstanding and no buffer free */
825  if (msg == NULL)
826  return -ENOMEM;
827  dp = msg->data;
828  switch (dlci->adaption) {
829  case 1: /* Unstructured */
830  break;
831  case 2: /* Unstructed with modem bits. Always one byte as we never
832  send inline break data */
833  *dp++ = gsm_encode_modem(dlci);
834  break;
835  }
836  WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
837  __gsm_data_queue(dlci, msg);
838  total_size += size;
839  }
840  /* Bytes of data we used up */
841  return total_size;
842 }
843 
856 static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
857  struct gsm_dlci *dlci)
858 {
859  struct gsm_msg *msg;
860  u8 *dp;
861  int len, size;
862  int last = 0, first = 0;
863  int overhead = 0;
864 
865  /* One byte per frame is used for B/F flags */
866  if (dlci->adaption == 4)
867  overhead = 1;
868 
869  /* dlci->skb is locked by tx_lock */
870  if (dlci->skb == NULL) {
871  dlci->skb = skb_dequeue_tail(&dlci->skb_list);
872  if (dlci->skb == NULL)
873  return 0;
874  first = 1;
875  }
876  len = dlci->skb->len + overhead;
877 
878  /* MTU/MRU count only the data bits */
879  if (len > gsm->mtu) {
880  if (dlci->adaption == 3) {
881  /* Over long frame, bin it */
882  dev_kfree_skb_any(dlci->skb);
883  dlci->skb = NULL;
884  return 0;
885  }
886  len = gsm->mtu;
887  } else
888  last = 1;
889 
890  size = len + overhead;
891  msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
892 
893  /* FIXME: need a timer or something to kick this so it can't
894  get stuck with no work outstanding and no buffer free */
895  if (msg == NULL) {
896  skb_queue_tail(&dlci->skb_list, dlci->skb);
897  dlci->skb = NULL;
898  return -ENOMEM;
899  }
900  dp = msg->data;
901 
902  if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
903  /* Flag byte to carry the start/end info */
904  *dp++ = last << 7 | first << 6 | 1; /* EA */
905  len--;
906  }
907  memcpy(dp, dlci->skb->data, len);
908  skb_pull(dlci->skb, len);
909  __gsm_data_queue(dlci, msg);
910  if (last) {
911  dev_kfree_skb_any(dlci->skb);
912  dlci->skb = NULL;
913  }
914  return size;
915 }
916 
930 static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
931 {
932  int len;
933  /* Priority ordering: We should do priority with RR of the groups */
934  int i = 1;
935 
936  while (i < NUM_DLCI) {
937  struct gsm_dlci *dlci;
938 
939  if (gsm->tx_bytes > TX_THRESH_HI)
940  break;
941  dlci = gsm->dlci[i];
942  if (dlci == NULL || dlci->constipated) {
943  i++;
944  continue;
945  }
946  if (dlci->adaption < 3 && !dlci->net)
947  len = gsm_dlci_data_output(gsm, dlci);
948  else
949  len = gsm_dlci_data_output_framed(gsm, dlci);
950  if (len < 0)
951  break;
952  /* DLCI empty - try the next */
953  if (len == 0)
954  i++;
955  }
956 }
957 
967 static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
968 {
969  unsigned long flags;
970  int sweep;
971 
972  if (dlci->constipated)
973  return;
974 
975  spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
976  /* If we have nothing running then we need to fire up */
977  sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
978  if (dlci->gsm->tx_bytes == 0) {
979  if (dlci->net)
980  gsm_dlci_data_output_framed(dlci->gsm, dlci);
981  else
982  gsm_dlci_data_output(dlci->gsm, dlci);
983  }
984  if (sweep)
985  gsm_dlci_data_sweep(dlci->gsm);
986  spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
987 }
988 
989 /*
990  * Control message processing
991  */
992 
993 
1004 static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data,
1005  int dlen)
1006 {
1007  struct gsm_msg *msg;
1008  msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1009  if (msg == NULL)
1010  return;
1011  msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1012  msg->data[1] = (dlen << 1) | EA;
1013  memcpy(msg->data + 2, data, dlen);
1014  gsm_data_queue(gsm->dlci[0], msg);
1015 }
1016 
1027 static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1028  u32 modem, int clen)
1029 {
1030  int mlines = 0;
1031  u8 brk = 0;
1032  int fc;
1033 
1034  /* The modem status command can either contain one octet (v.24 signals)
1035  or two octets (v.24 signals + break signals). The length field will
1036  either be 2 or 3 respectively. This is specified in section
1037  5.4.6.3.7 of the 27.010 mux spec. */
1038 
1039  if (clen == 2)
1040  modem = modem & 0x7f;
1041  else {
1042  brk = modem & 0x7f;
1043  modem = (modem >> 7) & 0x7f;
1044  }
1045 
1046  /* Flow control/ready to communicate */
1047  fc = (modem & MDM_FC) || !(modem & MDM_RTR);
1048  if (fc && !dlci->constipated) {
1049  /* Need to throttle our output on this device */
1050  dlci->constipated = 1;
1051  } else if (!fc && dlci->constipated) {
1052  dlci->constipated = 0;
1053  gsm_dlci_data_kick(dlci);
1054  }
1055 
1056  /* Map modem bits */
1057  if (modem & MDM_RTC)
1058  mlines |= TIOCM_DSR | TIOCM_DTR;
1059  if (modem & MDM_RTR)
1060  mlines |= TIOCM_RTS | TIOCM_CTS;
1061  if (modem & MDM_IC)
1062  mlines |= TIOCM_RI;
1063  if (modem & MDM_DV)
1064  mlines |= TIOCM_CD;
1065 
1066  /* Carrier drop -> hangup */
1067  if (tty) {
1068  if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1069  if (!(tty->termios.c_cflag & CLOCAL))
1070  tty_hangup(tty);
1071  if (brk & 0x01)
1072  tty_insert_flip_char(tty, 0, TTY_BREAK);
1073  }
1074  dlci->modem_rx = mlines;
1075 }
1076 
1089 static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen)
1090 {
1091  unsigned int addr = 0;
1092  unsigned int modem = 0;
1093  struct gsm_dlci *dlci;
1094  int len = clen;
1095  u8 *dp = data;
1096  struct tty_struct *tty;
1097 
1098  while (gsm_read_ea(&addr, *dp++) == 0) {
1099  len--;
1100  if (len == 0)
1101  return;
1102  }
1103  /* Must be at least one byte following the EA */
1104  len--;
1105  if (len <= 0)
1106  return;
1107 
1108  addr >>= 1;
1109  /* Closed port, or invalid ? */
1110  if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1111  return;
1112  dlci = gsm->dlci[addr];
1113 
1114  while (gsm_read_ea(&modem, *dp++) == 0) {
1115  len--;
1116  if (len == 0)
1117  return;
1118  }
1119  tty = tty_port_tty_get(&dlci->port);
1120  gsm_process_modem(tty, dlci, modem, clen);
1121  if (tty) {
1122  tty_wakeup(tty);
1123  tty_kref_put(tty);
1124  }
1125  gsm_control_reply(gsm, CMD_MSC, data, clen);
1126 }
1127 
1139 static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen)
1140 {
1141  struct tty_struct *tty;
1142  unsigned int addr = 0 ;
1143  u8 bits;
1144  int len = clen;
1145  u8 *dp = data;
1146 
1147  while (gsm_read_ea(&addr, *dp++) == 0) {
1148  len--;
1149  if (len == 0)
1150  return;
1151  }
1152  /* Must be at least one byte following ea */
1153  len--;
1154  if (len <= 0)
1155  return;
1156  addr >>= 1;
1157  /* Closed port, or invalid ? */
1158  if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1159  return;
1160  /* No error ? */
1161  bits = *dp;
1162  if ((bits & 1) == 0)
1163  return;
1164  /* See if we have an uplink tty */
1165  tty = tty_port_tty_get(&gsm->dlci[addr]->port);
1166 
1167  if (tty) {
1168  if (bits & 2)
1169  tty_insert_flip_char(tty, 0, TTY_OVERRUN);
1170  if (bits & 4)
1171  tty_insert_flip_char(tty, 0, TTY_PARITY);
1172  if (bits & 8)
1173  tty_insert_flip_char(tty, 0, TTY_FRAME);
1174  tty_flip_buffer_push(tty);
1175  tty_kref_put(tty);
1176  }
1177  gsm_control_reply(gsm, CMD_RLS, data, clen);
1178 }
1179 
1180 static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1181 
1194 static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1195  u8 *data, int clen)
1196 {
1197  u8 buf[1];
1198  unsigned long flags;
1199 
1200  switch (command) {
1201  case CMD_CLD: {
1202  struct gsm_dlci *dlci = gsm->dlci[0];
1203  /* Modem wishes to close down */
1204  if (dlci) {
1205  dlci->dead = 1;
1206  gsm->dead = 1;
1207  gsm_dlci_begin_close(dlci);
1208  }
1209  }
1210  break;
1211  case CMD_TEST:
1212  /* Modem wishes to test, reply with the data */
1213  gsm_control_reply(gsm, CMD_TEST, data, clen);
1214  break;
1215  case CMD_FCON:
1216  /* Modem can accept data again */
1217  gsm->constipated = 0;
1218  gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1219  /* Kick the link in case it is idling */
1220  spin_lock_irqsave(&gsm->tx_lock, flags);
1221  gsm_data_kick(gsm);
1222  spin_unlock_irqrestore(&gsm->tx_lock, flags);
1223  break;
1224  case CMD_FCOFF:
1225  /* Modem wants us to STFU */
1226  gsm->constipated = 1;
1227  gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1228  break;
1229  case CMD_MSC:
1230  /* Out of band modem line change indicator for a DLCI */
1231  gsm_control_modem(gsm, data, clen);
1232  break;
1233  case CMD_RLS:
1234  /* Out of band error reception for a DLCI */
1235  gsm_control_rls(gsm, data, clen);
1236  break;
1237  case CMD_PSC:
1238  /* Modem wishes to enter power saving state */
1239  gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1240  break;
1241  /* Optional unsupported commands */
1242  case CMD_PN: /* Parameter negotiation */
1243  case CMD_RPN: /* Remote port negotiation */
1244  case CMD_SNC: /* Service negotiation command */
1245  default:
1246  /* Reply to bad commands with an NSC */
1247  buf[0] = command;
1248  gsm_control_reply(gsm, CMD_NSC, buf, 1);
1249  break;
1250  }
1251 }
1252 
1266 static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1267  u8 *data, int clen)
1268 {
1269  struct gsm_control *ctrl;
1270  unsigned long flags;
1271 
1272  spin_lock_irqsave(&gsm->control_lock, flags);
1273 
1274  ctrl = gsm->pending_cmd;
1275  /* Does the reply match our command */
1276  command |= 1;
1277  if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1278  /* Our command was replied to, kill the retry timer */
1279  del_timer(&gsm->t2_timer);
1280  gsm->pending_cmd = NULL;
1281  /* Rejected by the other end */
1282  if (command == CMD_NSC)
1283  ctrl->error = -EOPNOTSUPP;
1284  ctrl->done = 1;
1285  wake_up(&gsm->event);
1286  }
1287  spin_unlock_irqrestore(&gsm->control_lock, flags);
1288 }
1289 
1298 static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1299 {
1300  struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1301  if (msg == NULL)
1302  return;
1303  msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1304  memcpy(msg->data + 1, ctrl->data, ctrl->len);
1305  gsm_data_queue(gsm->dlci[0], msg);
1306 }
1307 
1319 static void gsm_control_retransmit(unsigned long data)
1320 {
1321  struct gsm_mux *gsm = (struct gsm_mux *)data;
1322  struct gsm_control *ctrl;
1323  unsigned long flags;
1324  spin_lock_irqsave(&gsm->control_lock, flags);
1325  ctrl = gsm->pending_cmd;
1326  if (ctrl) {
1327  gsm->cretries--;
1328  if (gsm->cretries == 0) {
1329  gsm->pending_cmd = NULL;
1330  ctrl->error = -ETIMEDOUT;
1331  ctrl->done = 1;
1332  spin_unlock_irqrestore(&gsm->control_lock, flags);
1333  wake_up(&gsm->event);
1334  return;
1335  }
1336  gsm_control_transmit(gsm, ctrl);
1337  mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1338  }
1339  spin_unlock_irqrestore(&gsm->control_lock, flags);
1340 }
1341 
1354 static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1355  unsigned int command, u8 *data, int clen)
1356 {
1357  struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1358  GFP_KERNEL);
1359  unsigned long flags;
1360  if (ctrl == NULL)
1361  return NULL;
1362 retry:
1363  wait_event(gsm->event, gsm->pending_cmd == NULL);
1364  spin_lock_irqsave(&gsm->control_lock, flags);
1365  if (gsm->pending_cmd != NULL) {
1366  spin_unlock_irqrestore(&gsm->control_lock, flags);
1367  goto retry;
1368  }
1369  ctrl->cmd = command;
1370  ctrl->data = data;
1371  ctrl->len = clen;
1372  gsm->pending_cmd = ctrl;
1373  gsm->cretries = gsm->n2;
1374  mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1375  gsm_control_transmit(gsm, ctrl);
1376  spin_unlock_irqrestore(&gsm->control_lock, flags);
1377  return ctrl;
1378 }
1379 
1390 static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1391 {
1392  int err;
1393  wait_event(gsm->event, control->done == 1);
1394  err = control->error;
1395  kfree(control);
1396  return err;
1397 }
1398 
1399 
1400 /*
1401  * DLCI level handling: Needs krefs
1402  */
1403 
1404 /*
1405  * State transitions and timers
1406  */
1407 
1416 static void gsm_dlci_close(struct gsm_dlci *dlci)
1417 {
1418  del_timer(&dlci->t1);
1419  if (debug & 8)
1420  pr_debug("DLCI %d goes closed.\n", dlci->addr);
1421  dlci->state = DLCI_CLOSED;
1422  if (dlci->addr != 0) {
1423  struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1424  if (tty) {
1425  tty_hangup(tty);
1426  tty_kref_put(tty);
1427  }
1428  kfifo_reset(dlci->fifo);
1429  } else
1430  dlci->gsm->dead = 1;
1431  wake_up(&dlci->gsm->event);
1432  /* A DLCI 0 close is a MUX termination so we need to kick that
1433  back to userspace somehow */
1434 }
1435 
1443 static void gsm_dlci_open(struct gsm_dlci *dlci)
1444 {
1445  /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1446  open -> open */
1447  del_timer(&dlci->t1);
1448  /* This will let a tty open continue */
1449  dlci->state = DLCI_OPEN;
1450  if (debug & 8)
1451  pr_debug("DLCI %d goes open.\n", dlci->addr);
1452  wake_up(&dlci->gsm->event);
1453 }
1454 
1466 static void gsm_dlci_t1(unsigned long data)
1467 {
1468  struct gsm_dlci *dlci = (struct gsm_dlci *)data;
1469  struct gsm_mux *gsm = dlci->gsm;
1470 
1471  switch (dlci->state) {
1472  case DLCI_OPENING:
1473  dlci->retries--;
1474  if (dlci->retries) {
1475  gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1476  mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1477  } else
1478  gsm_dlci_close(dlci);
1479  break;
1480  case DLCI_CLOSING:
1481  dlci->retries--;
1482  if (dlci->retries) {
1483  gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1484  mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1485  } else
1486  gsm_dlci_close(dlci);
1487  break;
1488  }
1489 }
1490 
1501 static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1502 {
1503  struct gsm_mux *gsm = dlci->gsm;
1504  if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1505  return;
1506  dlci->retries = gsm->n2;
1507  dlci->state = DLCI_OPENING;
1508  gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1509  mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1510 }
1511 
1523 static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1524 {
1525  struct gsm_mux *gsm = dlci->gsm;
1526  if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1527  return;
1528  dlci->retries = gsm->n2;
1529  dlci->state = DLCI_CLOSING;
1530  gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1531  mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1532 }
1533 
1545 static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen)
1546 {
1547  /* krefs .. */
1548  struct tty_port *port = &dlci->port;
1549  struct tty_struct *tty = tty_port_tty_get(port);
1550  unsigned int modem = 0;
1551  int len = clen;
1552 
1553  if (debug & 16)
1554  pr_debug("%d bytes for tty %p\n", len, tty);
1555  if (tty) {
1556  switch (dlci->adaption) {
1557  /* Unsupported types */
1558  /* Packetised interruptible data */
1559  case 4:
1560  break;
1561  /* Packetised uininterruptible voice/data */
1562  case 3:
1563  break;
1564  /* Asynchronous serial with line state in each frame */
1565  case 2:
1566  while (gsm_read_ea(&modem, *data++) == 0) {
1567  len--;
1568  if (len == 0)
1569  return;
1570  }
1571  gsm_process_modem(tty, dlci, modem, clen);
1572  /* Line state will go via DLCI 0 controls only */
1573  case 1:
1574  default:
1575  tty_insert_flip_string(tty, data, len);
1576  tty_flip_buffer_push(tty);
1577  }
1578  tty_kref_put(tty);
1579  }
1580 }
1581 
1594 static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len)
1595 {
1596  /* See what command is involved */
1597  unsigned int command = 0;
1598  while (len-- > 0) {
1599  if (gsm_read_ea(&command, *data++) == 1) {
1600  int clen = *data++;
1601  len--;
1602  /* FIXME: this is properly an EA */
1603  clen >>= 1;
1604  /* Malformed command ? */
1605  if (clen > len)
1606  return;
1607  if (command & 1)
1608  gsm_control_message(dlci->gsm, command,
1609  data, clen);
1610  else
1611  gsm_control_response(dlci->gsm, command,
1612  data, clen);
1613  return;
1614  }
1615  }
1616 }
1617 
1618 /*
1619  * Allocate/Free DLCI channels
1620  */
1621 
1632 static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1633 {
1634  struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1635  if (dlci == NULL)
1636  return NULL;
1637  spin_lock_init(&dlci->lock);
1638  kref_init(&dlci->ref);
1639  mutex_init(&dlci->mutex);
1640  dlci->fifo = &dlci->_fifo;
1641  if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1642  kfree(dlci);
1643  return NULL;
1644  }
1645 
1646  skb_queue_head_init(&dlci->skb_list);
1647  init_timer(&dlci->t1);
1648  dlci->t1.function = gsm_dlci_t1;
1649  dlci->t1.data = (unsigned long)dlci;
1650  tty_port_init(&dlci->port);
1651  dlci->port.ops = &gsm_port_ops;
1652  dlci->gsm = gsm;
1653  dlci->addr = addr;
1654  dlci->adaption = gsm->adaption;
1655  dlci->state = DLCI_CLOSED;
1656  if (addr)
1657  dlci->data = gsm_dlci_data;
1658  else
1659  dlci->data = gsm_dlci_command;
1660  gsm->dlci[addr] = dlci;
1661  return dlci;
1662 }
1663 
1672 static void gsm_dlci_free(struct kref *ref)
1673 {
1674  struct gsm_dlci *dlci = container_of(ref, struct gsm_dlci, ref);
1675 
1676  del_timer_sync(&dlci->t1);
1677  dlci->gsm->dlci[dlci->addr] = NULL;
1678  kfifo_free(dlci->fifo);
1679  while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1680  dev_kfree_skb(dlci->skb);
1681  kfree(dlci);
1682 }
1683 
1684 static inline void dlci_get(struct gsm_dlci *dlci)
1685 {
1686  kref_get(&dlci->ref);
1687 }
1688 
1689 static inline void dlci_put(struct gsm_dlci *dlci)
1690 {
1691  kref_put(&dlci->ref, gsm_dlci_free);
1692 }
1693 
1703 static void gsm_dlci_release(struct gsm_dlci *dlci)
1704 {
1705  struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1706  if (tty) {
1707  tty_vhangup(tty);
1708  tty_kref_put(tty);
1709  }
1710  dlci_put(dlci);
1711 }
1712 
1713 /*
1714  * LAPBish link layer logic
1715  */
1716 
1727 static void gsm_queue(struct gsm_mux *gsm)
1728 {
1729  struct gsm_dlci *dlci;
1730  u8 cr;
1731  int address;
1732  /* We have to sneak a look at the packet body to do the FCS.
1733  A somewhat layering violation in the spec */
1734 
1735  if ((gsm->control & ~PF) == UI)
1736  gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1737  if (gsm->encoding == 0){
1738  /* WARNING: gsm->received_fcs is used for gsm->encoding = 0 only.
1739  In this case it contain the last piece of data
1740  required to generate final CRC */
1741  gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1742  }
1743  if (gsm->fcs != GOOD_FCS) {
1744  gsm->bad_fcs++;
1745  if (debug & 4)
1746  pr_debug("BAD FCS %02x\n", gsm->fcs);
1747  return;
1748  }
1749  address = gsm->address >> 1;
1750  if (address >= NUM_DLCI)
1751  goto invalid;
1752 
1753  cr = gsm->address & 1; /* C/R bit */
1754 
1755  gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1756 
1757  cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1758  dlci = gsm->dlci[address];
1759 
1760  switch (gsm->control) {
1761  case SABM|PF:
1762  if (cr == 0)
1763  goto invalid;
1764  if (dlci == NULL)
1765  dlci = gsm_dlci_alloc(gsm, address);
1766  if (dlci == NULL)
1767  return;
1768  if (dlci->dead)
1769  gsm_response(gsm, address, DM);
1770  else {
1771  gsm_response(gsm, address, UA);
1772  gsm_dlci_open(dlci);
1773  }
1774  break;
1775  case DISC|PF:
1776  if (cr == 0)
1777  goto invalid;
1778  if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1779  gsm_response(gsm, address, DM);
1780  return;
1781  }
1782  /* Real close complete */
1783  gsm_response(gsm, address, UA);
1784  gsm_dlci_close(dlci);
1785  break;
1786  case UA:
1787  case UA|PF:
1788  if (cr == 0 || dlci == NULL)
1789  break;
1790  switch (dlci->state) {
1791  case DLCI_CLOSING:
1792  gsm_dlci_close(dlci);
1793  break;
1794  case DLCI_OPENING:
1795  gsm_dlci_open(dlci);
1796  break;
1797  }
1798  break;
1799  case DM: /* DM can be valid unsolicited */
1800  case DM|PF:
1801  if (cr)
1802  goto invalid;
1803  if (dlci == NULL)
1804  return;
1805  gsm_dlci_close(dlci);
1806  break;
1807  case UI:
1808  case UI|PF:
1809  case UIH:
1810  case UIH|PF:
1811 #if 0
1812  if (cr)
1813  goto invalid;
1814 #endif
1815  if (dlci == NULL || dlci->state != DLCI_OPEN) {
1816  gsm_command(gsm, address, DM|PF);
1817  return;
1818  }
1819  dlci->data(dlci, gsm->buf, gsm->len);
1820  break;
1821  default:
1822  goto invalid;
1823  }
1824  return;
1825 invalid:
1826  gsm->malformed++;
1827  return;
1828 }
1829 
1830 
1839 static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1840 {
1841  unsigned int len;
1842 
1843  switch (gsm->state) {
1844  case GSM_SEARCH: /* SOF marker */
1845  if (c == GSM0_SOF) {
1846  gsm->state = GSM_ADDRESS;
1847  gsm->address = 0;
1848  gsm->len = 0;
1849  gsm->fcs = INIT_FCS;
1850  }
1851  break;
1852  case GSM_ADDRESS: /* Address EA */
1853  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1854  if (gsm_read_ea(&gsm->address, c))
1855  gsm->state = GSM_CONTROL;
1856  break;
1857  case GSM_CONTROL: /* Control Byte */
1858  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1859  gsm->control = c;
1860  gsm->state = GSM_LEN0;
1861  break;
1862  case GSM_LEN0: /* Length EA */
1863  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1864  if (gsm_read_ea(&gsm->len, c)) {
1865  if (gsm->len > gsm->mru) {
1866  gsm->bad_size++;
1867  gsm->state = GSM_SEARCH;
1868  break;
1869  }
1870  gsm->count = 0;
1871  if (!gsm->len)
1872  gsm->state = GSM_FCS;
1873  else
1874  gsm->state = GSM_DATA;
1875  break;
1876  }
1877  gsm->state = GSM_LEN1;
1878  break;
1879  case GSM_LEN1:
1880  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1881  len = c;
1882  gsm->len |= len << 7;
1883  if (gsm->len > gsm->mru) {
1884  gsm->bad_size++;
1885  gsm->state = GSM_SEARCH;
1886  break;
1887  }
1888  gsm->count = 0;
1889  if (!gsm->len)
1890  gsm->state = GSM_FCS;
1891  else
1892  gsm->state = GSM_DATA;
1893  break;
1894  case GSM_DATA: /* Data */
1895  gsm->buf[gsm->count++] = c;
1896  if (gsm->count == gsm->len)
1897  gsm->state = GSM_FCS;
1898  break;
1899  case GSM_FCS: /* FCS follows the packet */
1900  gsm->received_fcs = c;
1901  gsm_queue(gsm);
1902  gsm->state = GSM_SSOF;
1903  break;
1904  case GSM_SSOF:
1905  if (c == GSM0_SOF) {
1906  gsm->state = GSM_SEARCH;
1907  break;
1908  }
1909  break;
1910  }
1911 }
1912 
1921 static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1922 {
1923  if (c == GSM1_SOF) {
1924  /* EOF is only valid in frame if we have got to the data state
1925  and received at least one byte (the FCS) */
1926  if (gsm->state == GSM_DATA && gsm->count) {
1927  /* Extract the FCS */
1928  gsm->count--;
1929  gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1930  gsm->len = gsm->count;
1931  gsm_queue(gsm);
1932  gsm->state = GSM_START;
1933  return;
1934  }
1935  /* Any partial frame was a runt so go back to start */
1936  if (gsm->state != GSM_START) {
1937  gsm->malformed++;
1938  gsm->state = GSM_START;
1939  }
1940  /* A SOF in GSM_START means we are still reading idling or
1941  framing bytes */
1942  return;
1943  }
1944 
1945  if (c == GSM1_ESCAPE) {
1946  gsm->escape = 1;
1947  return;
1948  }
1949 
1950  /* Only an unescaped SOF gets us out of GSM search */
1951  if (gsm->state == GSM_SEARCH)
1952  return;
1953 
1954  if (gsm->escape) {
1955  c ^= GSM1_ESCAPE_BITS;
1956  gsm->escape = 0;
1957  }
1958  switch (gsm->state) {
1959  case GSM_START: /* First byte after SOF */
1960  gsm->address = 0;
1961  gsm->state = GSM_ADDRESS;
1962  gsm->fcs = INIT_FCS;
1963  /* Drop through */
1964  case GSM_ADDRESS: /* Address continuation */
1965  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1966  if (gsm_read_ea(&gsm->address, c))
1967  gsm->state = GSM_CONTROL;
1968  break;
1969  case GSM_CONTROL: /* Control Byte */
1970  gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1971  gsm->control = c;
1972  gsm->count = 0;
1973  gsm->state = GSM_DATA;
1974  break;
1975  case GSM_DATA: /* Data */
1976  if (gsm->count > gsm->mru) { /* Allow one for the FCS */
1977  gsm->state = GSM_OVERRUN;
1978  gsm->bad_size++;
1979  } else
1980  gsm->buf[gsm->count++] = c;
1981  break;
1982  case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
1983  break;
1984  }
1985 }
1986 
1999 static void gsm_error(struct gsm_mux *gsm,
2000  unsigned char data, unsigned char flag)
2001 {
2002  gsm->state = GSM_SEARCH;
2003  gsm->io_error++;
2004 }
2005 
2015 void gsm_cleanup_mux(struct gsm_mux *gsm)
2016 {
2017  int i;
2018  struct gsm_dlci *dlci = gsm->dlci[0];
2019  struct gsm_msg *txq, *ntxq;
2020  struct gsm_control *gc;
2021 
2022  gsm->dead = 1;
2023 
2024  spin_lock(&gsm_mux_lock);
2025  for (i = 0; i < MAX_MUX; i++) {
2026  if (gsm_mux[i] == gsm) {
2027  gsm_mux[i] = NULL;
2028  break;
2029  }
2030  }
2031  spin_unlock(&gsm_mux_lock);
2032  WARN_ON(i == MAX_MUX);
2033 
2034  /* In theory disconnecting DLCI 0 is sufficient but for some
2035  modems this is apparently not the case. */
2036  if (dlci) {
2037  gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2038  if (gc)
2039  gsm_control_wait(gsm, gc);
2040  }
2041  del_timer_sync(&gsm->t2_timer);
2042  /* Now we are sure T2 has stopped */
2043  if (dlci) {
2044  dlci->dead = 1;
2045  gsm_dlci_begin_close(dlci);
2046  wait_event_interruptible(gsm->event,
2047  dlci->state == DLCI_CLOSED);
2048  }
2049  /* Free up any link layer users */
2050  for (i = 0; i < NUM_DLCI; i++)
2051  if (gsm->dlci[i])
2052  gsm_dlci_release(gsm->dlci[i]);
2053  /* Now wipe the queues */
2054  list_for_each_entry_safe(txq, ntxq, &gsm->tx_list, list)
2055  kfree(txq);
2056  INIT_LIST_HEAD(&gsm->tx_list);
2057 }
2058 EXPORT_SYMBOL_GPL(gsm_cleanup_mux);
2059 
2069 int gsm_activate_mux(struct gsm_mux *gsm)
2070 {
2071  struct gsm_dlci *dlci;
2072  int i = 0;
2073 
2074  init_timer(&gsm->t2_timer);
2075  gsm->t2_timer.function = gsm_control_retransmit;
2076  gsm->t2_timer.data = (unsigned long)gsm;
2077  init_waitqueue_head(&gsm->event);
2078  spin_lock_init(&gsm->control_lock);
2079  spin_lock_init(&gsm->tx_lock);
2080 
2081  if (gsm->encoding == 0)
2082  gsm->receive = gsm0_receive;
2083  else
2084  gsm->receive = gsm1_receive;
2085  gsm->error = gsm_error;
2086 
2087  spin_lock(&gsm_mux_lock);
2088  for (i = 0; i < MAX_MUX; i++) {
2089  if (gsm_mux[i] == NULL) {
2090  gsm->num = i;
2091  gsm_mux[i] = gsm;
2092  break;
2093  }
2094  }
2095  spin_unlock(&gsm_mux_lock);
2096  if (i == MAX_MUX)
2097  return -EBUSY;
2098 
2099  dlci = gsm_dlci_alloc(gsm, 0);
2100  if (dlci == NULL)
2101  return -ENOMEM;
2102  gsm->dead = 0; /* Tty opens are now permissible */
2103  return 0;
2104 }
2105 EXPORT_SYMBOL_GPL(gsm_activate_mux);
2106 
2113 void gsm_free_mux(struct gsm_mux *gsm)
2114 {
2115  kfree(gsm->txframe);
2116  kfree(gsm->buf);
2117  kfree(gsm);
2118 }
2119 EXPORT_SYMBOL_GPL(gsm_free_mux);
2120 
2127 static void gsm_free_muxr(struct kref *ref)
2128 {
2129  struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2130  gsm_free_mux(gsm);
2131 }
2132 
2133 static inline void mux_get(struct gsm_mux *gsm)
2134 {
2135  kref_get(&gsm->ref);
2136 }
2137 
2138 static inline void mux_put(struct gsm_mux *gsm)
2139 {
2140  kref_put(&gsm->ref, gsm_free_muxr);
2141 }
2142 
2149 struct gsm_mux *gsm_alloc_mux(void)
2150 {
2151  struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2152  if (gsm == NULL)
2153  return NULL;
2154  gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2155  if (gsm->buf == NULL) {
2156  kfree(gsm);
2157  return NULL;
2158  }
2159  gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2160  if (gsm->txframe == NULL) {
2161  kfree(gsm->buf);
2162  kfree(gsm);
2163  return NULL;
2164  }
2165  spin_lock_init(&gsm->lock);
2166  kref_init(&gsm->ref);
2167  INIT_LIST_HEAD(&gsm->tx_list);
2168 
2169  gsm->t1 = T1;
2170  gsm->t2 = T2;
2171  gsm->n2 = N2;
2172  gsm->ftype = UIH;
2173  gsm->adaption = 1;
2174  gsm->encoding = 1;
2175  gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2176  gsm->mtu = 64;
2177  gsm->dead = 1; /* Avoid early tty opens */
2178 
2179  return gsm;
2180 }
2181 EXPORT_SYMBOL_GPL(gsm_alloc_mux);
2182 
2193 static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2194 {
2195  if (tty_write_room(gsm->tty) < len) {
2196  set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2197  return -ENOSPC;
2198  }
2199  if (debug & 4)
2200  print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2201  data, len);
2202  gsm->tty->ops->write(gsm->tty, data, len);
2203  return len;
2204 }
2205 
2216 static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2217 {
2218  int ret, i;
2219  int base = gsm->num << 6; /* Base for this MUX */
2220 
2221  gsm->tty = tty_kref_get(tty);
2222  gsm->output = gsmld_output;
2223  ret = gsm_activate_mux(gsm);
2224  if (ret != 0)
2225  tty_kref_put(gsm->tty);
2226  else {
2227  /* Don't register device 0 - this is the control channel and not
2228  a usable tty interface */
2229  for (i = 1; i < NUM_DLCI; i++)
2230  tty_register_device(gsm_tty_driver, base + i, NULL);
2231  }
2232  return ret;
2233 }
2234 
2235 
2244 static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2245 {
2246  int i;
2247  int base = gsm->num << 6; /* Base for this MUX */
2248 
2249  WARN_ON(tty != gsm->tty);
2250  for (i = 1; i < NUM_DLCI; i++)
2251  tty_unregister_device(gsm_tty_driver, base + i);
2252  gsm_cleanup_mux(gsm);
2253  tty_kref_put(gsm->tty);
2254  gsm->tty = NULL;
2255 }
2256 
2257 static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2258  char *fp, int count)
2259 {
2260  struct gsm_mux *gsm = tty->disc_data;
2261  const unsigned char *dp;
2262  char *f;
2263  int i;
2264  char buf[64];
2265  char flags;
2266 
2267  if (debug & 4)
2268  print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2269  cp, count);
2270 
2271  for (i = count, dp = cp, f = fp; i; i--, dp++) {
2272  flags = *f++;
2273  switch (flags) {
2274  case TTY_NORMAL:
2275  gsm->receive(gsm, *dp);
2276  break;
2277  case TTY_OVERRUN:
2278  case TTY_BREAK:
2279  case TTY_PARITY:
2280  case TTY_FRAME:
2281  gsm->error(gsm, *dp, flags);
2282  break;
2283  default:
2284  WARN_ONCE(1, "%s: unknown flag %d\n",
2285  tty_name(tty, buf), flags);
2286  break;
2287  }
2288  }
2289  /* FASYNC if needed ? */
2290  /* If clogged call tty_throttle(tty); */
2291 }
2292 
2303 static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty)
2304 {
2305  return 0;
2306 }
2307 
2317 static void gsmld_flush_buffer(struct tty_struct *tty)
2318 {
2319 }
2320 
2331 static void gsmld_close(struct tty_struct *tty)
2332 {
2333  struct gsm_mux *gsm = tty->disc_data;
2334 
2335  gsmld_detach_gsm(tty, gsm);
2336 
2337  gsmld_flush_buffer(tty);
2338  /* Do other clean up here */
2339  mux_put(gsm);
2340 }
2341 
2352 static int gsmld_open(struct tty_struct *tty)
2353 {
2354  struct gsm_mux *gsm;
2355 
2356  if (tty->ops->write == NULL)
2357  return -EINVAL;
2358 
2359  /* Attach our ldisc data */
2360  gsm = gsm_alloc_mux();
2361  if (gsm == NULL)
2362  return -ENOMEM;
2363 
2364  tty->disc_data = gsm;
2365  tty->receive_room = 65536;
2366 
2367  /* Attach the initial passive connection */
2368  gsm->encoding = 1;
2369  return gsmld_attach_gsm(tty, gsm);
2370 }
2371 
2381 static void gsmld_write_wakeup(struct tty_struct *tty)
2382 {
2383  struct gsm_mux *gsm = tty->disc_data;
2384  unsigned long flags;
2385 
2386  /* Queue poll */
2387  clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2388  spin_lock_irqsave(&gsm->tx_lock, flags);
2389  gsm_data_kick(gsm);
2390  if (gsm->tx_bytes < TX_THRESH_LO) {
2391  gsm_dlci_data_sweep(gsm);
2392  }
2393  spin_unlock_irqrestore(&gsm->tx_lock, flags);
2394 }
2395 
2411 static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2412  unsigned char __user *buf, size_t nr)
2413 {
2414  return -EOPNOTSUPP;
2415 }
2416 
2431 static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2432  const unsigned char *buf, size_t nr)
2433 {
2434  int space = tty_write_room(tty);
2435  if (space >= nr)
2436  return tty->ops->write(tty, buf, nr);
2437  set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2438  return -ENOBUFS;
2439 }
2440 
2455 static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file,
2456  poll_table *wait)
2457 {
2458  unsigned int mask = 0;
2459  struct gsm_mux *gsm = tty->disc_data;
2460 
2461  poll_wait(file, &tty->read_wait, wait);
2462  poll_wait(file, &tty->write_wait, wait);
2463  if (tty_hung_up_p(file))
2464  mask |= POLLHUP;
2465  if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2466  mask |= POLLOUT | POLLWRNORM;
2467  if (gsm->dead)
2468  mask |= POLLHUP;
2469  return mask;
2470 }
2471 
2472 static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm,
2473  struct gsm_config *c)
2474 {
2475  int need_close = 0;
2476  int need_restart = 0;
2477 
2478  /* Stuff we don't support yet - UI or I frame transport, windowing */
2479  if ((c->adaption != 1 && c->adaption != 2) || c->k)
2480  return -EOPNOTSUPP;
2481  /* Check the MRU/MTU range looks sane */
2482  if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2483  return -EINVAL;
2484  if (c->n2 < 3)
2485  return -EINVAL;
2486  if (c->encapsulation > 1) /* Basic, advanced, no I */
2487  return -EINVAL;
2488  if (c->initiator > 1)
2489  return -EINVAL;
2490  if (c->i == 0 || c->i > 2) /* UIH and UI only */
2491  return -EINVAL;
2492  /*
2493  * See what is needed for reconfiguration
2494  */
2495 
2496  /* Timing fields */
2497  if (c->t1 != 0 && c->t1 != gsm->t1)
2498  need_restart = 1;
2499  if (c->t2 != 0 && c->t2 != gsm->t2)
2500  need_restart = 1;
2501  if (c->encapsulation != gsm->encoding)
2502  need_restart = 1;
2503  if (c->adaption != gsm->adaption)
2504  need_restart = 1;
2505  /* Requires care */
2506  if (c->initiator != gsm->initiator)
2507  need_close = 1;
2508  if (c->mru != gsm->mru)
2509  need_restart = 1;
2510  if (c->mtu != gsm->mtu)
2511  need_restart = 1;
2512 
2513  /*
2514  * Close down what is needed, restart and initiate the new
2515  * configuration
2516  */
2517 
2518  if (need_close || need_restart) {
2519  gsm_dlci_begin_close(gsm->dlci[0]);
2520  /* This will timeout if the link is down due to N2 expiring */
2521  wait_event_interruptible(gsm->event,
2522  gsm->dlci[0]->state == DLCI_CLOSED);
2523  if (signal_pending(current))
2524  return -EINTR;
2525  }
2526  if (need_restart)
2527  gsm_cleanup_mux(gsm);
2528 
2529  gsm->initiator = c->initiator;
2530  gsm->mru = c->mru;
2531  gsm->mtu = c->mtu;
2532  gsm->encoding = c->encapsulation;
2533  gsm->adaption = c->adaption;
2534  gsm->n2 = c->n2;
2535 
2536  if (c->i == 1)
2537  gsm->ftype = UIH;
2538  else if (c->i == 2)
2539  gsm->ftype = UI;
2540 
2541  if (c->t1)
2542  gsm->t1 = c->t1;
2543  if (c->t2)
2544  gsm->t2 = c->t2;
2545 
2546  /* FIXME: We need to separate activation/deactivation from adding
2547  and removing from the mux array */
2548  if (need_restart)
2549  gsm_activate_mux(gsm);
2550  if (gsm->initiator && need_close)
2551  gsm_dlci_begin_open(gsm->dlci[0]);
2552  return 0;
2553 }
2554 
2555 static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2556  unsigned int cmd, unsigned long arg)
2557 {
2558  struct gsm_config c;
2559  struct gsm_mux *gsm = tty->disc_data;
2560 
2561  switch (cmd) {
2562  case GSMIOC_GETCONF:
2563  memset(&c, 0, sizeof(c));
2564  c.adaption = gsm->adaption;
2565  c.encapsulation = gsm->encoding;
2566  c.initiator = gsm->initiator;
2567  c.t1 = gsm->t1;
2568  c.t2 = gsm->t2;
2569  c.t3 = 0; /* Not supported */
2570  c.n2 = gsm->n2;
2571  if (gsm->ftype == UIH)
2572  c.i = 1;
2573  else
2574  c.i = 2;
2575  pr_debug("Ftype %d i %d\n", gsm->ftype, c.i);
2576  c.mru = gsm->mru;
2577  c.mtu = gsm->mtu;
2578  c.k = 0;
2579  if (copy_to_user((void *)arg, &c, sizeof(c)))
2580  return -EFAULT;
2581  return 0;
2582  case GSMIOC_SETCONF:
2583  if (copy_from_user(&c, (void *)arg, sizeof(c)))
2584  return -EFAULT;
2585  return gsmld_config(tty, gsm, &c);
2586  default:
2587  return n_tty_ioctl_helper(tty, file, cmd, arg);
2588  }
2589 }
2590 
2591 /*
2592  * Network interface
2593  *
2594  */
2595 
2596 static int gsm_mux_net_open(struct net_device *net)
2597 {
2598  pr_debug("%s called\n", __func__);
2599  netif_start_queue(net);
2600  return 0;
2601 }
2602 
2603 static int gsm_mux_net_close(struct net_device *net)
2604 {
2605  netif_stop_queue(net);
2606  return 0;
2607 }
2608 
2609 static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net)
2610 {
2611  return &((struct gsm_mux_net *)netdev_priv(net))->stats;
2612 }
2613 static void dlci_net_free(struct gsm_dlci *dlci)
2614 {
2615  if (!dlci->net) {
2616  WARN_ON(1);
2617  return;
2618  }
2619  dlci->adaption = dlci->prev_adaption;
2620  dlci->data = dlci->prev_data;
2621  free_netdev(dlci->net);
2622  dlci->net = NULL;
2623 }
2624 static void net_free(struct kref *ref)
2625 {
2626  struct gsm_mux_net *mux_net;
2627  struct gsm_dlci *dlci;
2628 
2629  mux_net = container_of(ref, struct gsm_mux_net, ref);
2630  dlci = mux_net->dlci;
2631 
2632  if (dlci->net) {
2633  unregister_netdev(dlci->net);
2634  dlci_net_free(dlci);
2635  }
2636 }
2637 
2638 static inline void muxnet_get(struct gsm_mux_net *mux_net)
2639 {
2640  kref_get(&mux_net->ref);
2641 }
2642 
2643 static inline void muxnet_put(struct gsm_mux_net *mux_net)
2644 {
2645  kref_put(&mux_net->ref, net_free);
2646 }
2647 
2648 static int gsm_mux_net_start_xmit(struct sk_buff *skb,
2649  struct net_device *net)
2650 {
2651  struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2652  struct gsm_dlci *dlci = mux_net->dlci;
2653  muxnet_get(mux_net);
2654 
2655  skb_queue_head(&dlci->skb_list, skb);
2656  STATS(net).tx_packets++;
2657  STATS(net).tx_bytes += skb->len;
2658  gsm_dlci_data_kick(dlci);
2659  /* And tell the kernel when the last transmit started. */
2660  net->trans_start = jiffies;
2661  muxnet_put(mux_net);
2662  return NETDEV_TX_OK;
2663 }
2664 
2665 /* called when a packet did not ack after watchdogtimeout */
2666 static void gsm_mux_net_tx_timeout(struct net_device *net)
2667 {
2668  /* Tell syslog we are hosed. */
2669  dev_dbg(&net->dev, "Tx timed out.\n");
2670 
2671  /* Update statistics */
2672  STATS(net).tx_errors++;
2673 }
2674 
2675 static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2676  unsigned char *in_buf, int size)
2677 {
2678  struct net_device *net = dlci->net;
2679  struct sk_buff *skb;
2680  struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2681  muxnet_get(mux_net);
2682 
2683  /* Allocate an sk_buff */
2684  skb = dev_alloc_skb(size + NET_IP_ALIGN);
2685  if (!skb) {
2686  /* We got no receive buffer. */
2687  STATS(net).rx_dropped++;
2688  muxnet_put(mux_net);
2689  return;
2690  }
2691  skb_reserve(skb, NET_IP_ALIGN);
2692  memcpy(skb_put(skb, size), in_buf, size);
2693 
2694  skb->dev = net;
2695  skb->protocol = __constant_htons(ETH_P_IP);
2696 
2697  /* Ship it off to the kernel */
2698  netif_rx(skb);
2699 
2700  /* update out statistics */
2701  STATS(net).rx_packets++;
2702  STATS(net).rx_bytes += size;
2703  muxnet_put(mux_net);
2704  return;
2705 }
2706 
2707 int gsm_change_mtu(struct net_device *net, int new_mtu)
2708 {
2709  struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2710  if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu))
2711  return -EINVAL;
2712  net->mtu = new_mtu;
2713  return 0;
2714 }
2715 
2716 static void gsm_mux_net_init(struct net_device *net)
2717 {
2718  static const struct net_device_ops gsm_netdev_ops = {
2719  .ndo_open = gsm_mux_net_open,
2720  .ndo_stop = gsm_mux_net_close,
2721  .ndo_start_xmit = gsm_mux_net_start_xmit,
2722  .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2723  .ndo_get_stats = gsm_mux_net_get_stats,
2724  .ndo_change_mtu = gsm_change_mtu,
2725  };
2726 
2727  net->netdev_ops = &gsm_netdev_ops;
2728 
2729  /* fill in the other fields */
2730  net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2731  net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2732  net->type = ARPHRD_NONE;
2733  net->tx_queue_len = 10;
2734 }
2735 
2736 
2737 /* caller holds the dlci mutex */
2738 static void gsm_destroy_network(struct gsm_dlci *dlci)
2739 {
2740  struct gsm_mux_net *mux_net;
2741 
2742  pr_debug("destroy network interface");
2743  if (!dlci->net)
2744  return;
2745  mux_net = (struct gsm_mux_net *)netdev_priv(dlci->net);
2746  muxnet_put(mux_net);
2747 }
2748 
2749 
2750 /* caller holds the dlci mutex */
2751 static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2752 {
2753  char *netname;
2754  int retval = 0;
2755  struct net_device *net;
2756  struct gsm_mux_net *mux_net;
2757 
2758  if (!capable(CAP_NET_ADMIN))
2759  return -EPERM;
2760 
2761  /* Already in a non tty mode */
2762  if (dlci->adaption > 2)
2763  return -EBUSY;
2764 
2765  if (nc->protocol != htons(ETH_P_IP))
2766  return -EPROTONOSUPPORT;
2767 
2768  if (nc->adaption != 3 && nc->adaption != 4)
2769  return -EPROTONOSUPPORT;
2770 
2771  pr_debug("create network interface");
2772 
2773  netname = "gsm%d";
2774  if (nc->if_name[0] != '\0')
2775  netname = nc->if_name;
2776  net = alloc_netdev(sizeof(struct gsm_mux_net),
2777  netname,
2778  gsm_mux_net_init);
2779  if (!net) {
2780  pr_err("alloc_netdev failed");
2781  return -ENOMEM;
2782  }
2783  net->mtu = dlci->gsm->mtu;
2784  mux_net = (struct gsm_mux_net *)netdev_priv(net);
2785  mux_net->dlci = dlci;
2786  kref_init(&mux_net->ref);
2787  strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2788 
2789  /* reconfigure dlci for network */
2790  dlci->prev_adaption = dlci->adaption;
2791  dlci->prev_data = dlci->data;
2792  dlci->adaption = nc->adaption;
2793  dlci->data = gsm_mux_rx_netchar;
2794  dlci->net = net;
2795 
2796  pr_debug("register netdev");
2797  retval = register_netdev(net);
2798  if (retval) {
2799  pr_err("network register fail %d\n", retval);
2800  dlci_net_free(dlci);
2801  return retval;
2802  }
2803  return net->ifindex; /* return network index */
2804 }
2805 
2806 /* Line discipline for real tty */
2807 struct tty_ldisc_ops tty_ldisc_packet = {
2808  .owner = THIS_MODULE,
2809  .magic = TTY_LDISC_MAGIC,
2810  .name = "n_gsm",
2811  .open = gsmld_open,
2812  .close = gsmld_close,
2813  .flush_buffer = gsmld_flush_buffer,
2814  .chars_in_buffer = gsmld_chars_in_buffer,
2815  .read = gsmld_read,
2816  .write = gsmld_write,
2817  .ioctl = gsmld_ioctl,
2818  .poll = gsmld_poll,
2819  .receive_buf = gsmld_receive_buf,
2820  .write_wakeup = gsmld_write_wakeup
2821 };
2822 
2823 /*
2824  * Virtual tty side
2825  */
2826 
2827 #define TX_SIZE 512
2828 
2829 static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2830 {
2831  u8 modembits[5];
2832  struct gsm_control *ctrl;
2833  int len = 2;
2834 
2835  if (brk)
2836  len++;
2837 
2838  modembits[0] = len << 1 | EA; /* Data bytes */
2839  modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2840  modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2841  if (brk)
2842  modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2843  ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2844  if (ctrl == NULL)
2845  return -ENOMEM;
2846  return gsm_control_wait(dlci->gsm, ctrl);
2847 }
2848 
2849 static int gsm_carrier_raised(struct tty_port *port)
2850 {
2851  struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2852  /* Not yet open so no carrier info */
2853  if (dlci->state != DLCI_OPEN)
2854  return 0;
2855  if (debug & 2)
2856  return 1;
2857  return dlci->modem_rx & TIOCM_CD;
2858 }
2859 
2860 static void gsm_dtr_rts(struct tty_port *port, int onoff)
2861 {
2862  struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2863  unsigned int modem_tx = dlci->modem_tx;
2864  if (onoff)
2865  modem_tx |= TIOCM_DTR | TIOCM_RTS;
2866  else
2867  modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2868  if (modem_tx != dlci->modem_tx) {
2869  dlci->modem_tx = modem_tx;
2870  gsmtty_modem_update(dlci, 0);
2871  }
2872 }
2873 
2874 static const struct tty_port_operations gsm_port_ops = {
2875  .carrier_raised = gsm_carrier_raised,
2876  .dtr_rts = gsm_dtr_rts,
2877 };
2878 
2879 static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
2880 {
2881  struct gsm_mux *gsm;
2882  struct gsm_dlci *dlci;
2883  unsigned int line = tty->index;
2884  unsigned int mux = line >> 6;
2885  bool alloc = false;
2886  int ret;
2887 
2888  line = line & 0x3F;
2889 
2890  if (mux >= MAX_MUX)
2891  return -ENXIO;
2892  /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2893  if (gsm_mux[mux] == NULL)
2894  return -EUNATCH;
2895  if (line == 0 || line > 61) /* 62/63 reserved */
2896  return -ECHRNG;
2897  gsm = gsm_mux[mux];
2898  if (gsm->dead)
2899  return -EL2HLT;
2900  /* If DLCI 0 is not yet fully open return an error. This is ok from a locking
2901  perspective as we don't have to worry about this if DLCI0 is lost */
2902  if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN)
2903  return -EL2NSYNC;
2904  dlci = gsm->dlci[line];
2905  if (dlci == NULL) {
2906  alloc = true;
2907  dlci = gsm_dlci_alloc(gsm, line);
2908  }
2909  if (dlci == NULL)
2910  return -ENOMEM;
2911  ret = tty_port_install(&dlci->port, driver, tty);
2912  if (ret) {
2913  if (alloc)
2914  dlci_put(dlci);
2915  return ret;
2916  }
2917 
2918  tty->driver_data = dlci;
2919 
2920  return 0;
2921 }
2922 
2923 static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2924 {
2925  struct gsm_dlci *dlci = tty->driver_data;
2926  struct tty_port *port = &dlci->port;
2927 
2928  port->count++;
2929  dlci_get(dlci);
2930  dlci_get(dlci->gsm->dlci[0]);
2931  mux_get(dlci->gsm);
2932  tty_port_tty_set(port, tty);
2933 
2934  dlci->modem_rx = 0;
2935  /* We could in theory open and close before we wait - eg if we get
2936  a DM straight back. This is ok as that will have caused a hangup */
2937  set_bit(ASYNCB_INITIALIZED, &port->flags);
2938  /* Start sending off SABM messages */
2939  gsm_dlci_begin_open(dlci);
2940  /* And wait for virtual carrier */
2941  return tty_port_block_til_ready(port, tty, filp);
2942 }
2943 
2944 static void gsmtty_close(struct tty_struct *tty, struct file *filp)
2945 {
2946  struct gsm_dlci *dlci = tty->driver_data;
2947  struct gsm_mux *gsm;
2948 
2949  if (dlci == NULL)
2950  return;
2951  mutex_lock(&dlci->mutex);
2952  gsm_destroy_network(dlci);
2953  mutex_unlock(&dlci->mutex);
2954  gsm = dlci->gsm;
2955  if (tty_port_close_start(&dlci->port, tty, filp) == 0)
2956  goto out;
2957  gsm_dlci_begin_close(dlci);
2958  tty_port_close_end(&dlci->port, tty);
2959  tty_port_tty_set(&dlci->port, NULL);
2960 out:
2961  dlci_put(dlci);
2962  dlci_put(gsm->dlci[0]);
2963  mux_put(gsm);
2964 }
2965 
2966 static void gsmtty_hangup(struct tty_struct *tty)
2967 {
2968  struct gsm_dlci *dlci = tty->driver_data;
2969  tty_port_hangup(&dlci->port);
2970  gsm_dlci_begin_close(dlci);
2971 }
2972 
2973 static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
2974  int len)
2975 {
2976  struct gsm_dlci *dlci = tty->driver_data;
2977  /* Stuff the bytes into the fifo queue */
2978  int sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
2979  /* Need to kick the channel */
2980  gsm_dlci_data_kick(dlci);
2981  return sent;
2982 }
2983 
2984 static int gsmtty_write_room(struct tty_struct *tty)
2985 {
2986  struct gsm_dlci *dlci = tty->driver_data;
2987  return TX_SIZE - kfifo_len(dlci->fifo);
2988 }
2989 
2990 static int gsmtty_chars_in_buffer(struct tty_struct *tty)
2991 {
2992  struct gsm_dlci *dlci = tty->driver_data;
2993  return kfifo_len(dlci->fifo);
2994 }
2995 
2996 static void gsmtty_flush_buffer(struct tty_struct *tty)
2997 {
2998  struct gsm_dlci *dlci = tty->driver_data;
2999  /* Caution needed: If we implement reliable transport classes
3000  then the data being transmitted can't simply be junked once
3001  it has first hit the stack. Until then we can just blow it
3002  away */
3003  kfifo_reset(dlci->fifo);
3004  /* Need to unhook this DLCI from the transmit queue logic */
3005 }
3006 
3007 static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
3008 {
3009  /* The FIFO handles the queue so the kernel will do the right
3010  thing waiting on chars_in_buffer before calling us. No work
3011  to do here */
3012 }
3013 
3014 static int gsmtty_tiocmget(struct tty_struct *tty)
3015 {
3016  struct gsm_dlci *dlci = tty->driver_data;
3017  return dlci->modem_rx;
3018 }
3019 
3020 static int gsmtty_tiocmset(struct tty_struct *tty,
3021  unsigned int set, unsigned int clear)
3022 {
3023  struct gsm_dlci *dlci = tty->driver_data;
3024  unsigned int modem_tx = dlci->modem_tx;
3025 
3026  modem_tx &= ~clear;
3027  modem_tx |= set;
3028 
3029  if (modem_tx != dlci->modem_tx) {
3030  dlci->modem_tx = modem_tx;
3031  return gsmtty_modem_update(dlci, 0);
3032  }
3033  return 0;
3034 }
3035 
3036 
3037 static int gsmtty_ioctl(struct tty_struct *tty,
3038  unsigned int cmd, unsigned long arg)
3039 {
3040  struct gsm_dlci *dlci = tty->driver_data;
3041  struct gsm_netconfig nc;
3042  int index;
3043 
3044  switch (cmd) {
3045  case GSMIOC_ENABLE_NET:
3046  if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3047  return -EFAULT;
3048  nc.if_name[IFNAMSIZ-1] = '\0';
3049  /* return net interface index or error code */
3050  mutex_lock(&dlci->mutex);
3051  index = gsm_create_network(dlci, &nc);
3052  mutex_unlock(&dlci->mutex);
3053  if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3054  return -EFAULT;
3055  return index;
3056  case GSMIOC_DISABLE_NET:
3057  if (!capable(CAP_NET_ADMIN))
3058  return -EPERM;
3059  mutex_lock(&dlci->mutex);
3060  gsm_destroy_network(dlci);
3061  mutex_unlock(&dlci->mutex);
3062  return 0;
3063  default:
3064  return -ENOIOCTLCMD;
3065  }
3066 }
3067 
3068 static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3069 {
3070  /* For the moment its fixed. In actual fact the speed information
3071  for the virtual channel can be propogated in both directions by
3072  the RPN control message. This however rapidly gets nasty as we
3073  then have to remap modem signals each way according to whether
3074  our virtual cable is null modem etc .. */
3075  tty_termios_copy_hw(&tty->termios, old);
3076 }
3077 
3078 static void gsmtty_throttle(struct tty_struct *tty)
3079 {
3080  struct gsm_dlci *dlci = tty->driver_data;
3081  if (tty->termios.c_cflag & CRTSCTS)
3082  dlci->modem_tx &= ~TIOCM_DTR;
3083  dlci->throttled = 1;
3084  /* Send an MSC with DTR cleared */
3085  gsmtty_modem_update(dlci, 0);
3086 }
3087 
3088 static void gsmtty_unthrottle(struct tty_struct *tty)
3089 {
3090  struct gsm_dlci *dlci = tty->driver_data;
3091  if (tty->termios.c_cflag & CRTSCTS)
3092  dlci->modem_tx |= TIOCM_DTR;
3093  dlci->throttled = 0;
3094  /* Send an MSC with DTR set */
3095  gsmtty_modem_update(dlci, 0);
3096 }
3097 
3098 static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3099 {
3100  struct gsm_dlci *dlci = tty->driver_data;
3101  int encode = 0; /* Off */
3102 
3103  if (state == -1) /* "On indefinitely" - we can't encode this
3104  properly */
3105  encode = 0x0F;
3106  else if (state > 0) {
3107  encode = state / 200; /* mS to encoding */
3108  if (encode > 0x0F)
3109  encode = 0x0F; /* Best effort */
3110  }
3111  return gsmtty_modem_update(dlci, encode);
3112 }
3113 
3114 
3115 /* Virtual ttys for the demux */
3116 static const struct tty_operations gsmtty_ops = {
3117  .install = gsmtty_install,
3118  .open = gsmtty_open,
3119  .close = gsmtty_close,
3120  .write = gsmtty_write,
3121  .write_room = gsmtty_write_room,
3122  .chars_in_buffer = gsmtty_chars_in_buffer,
3123  .flush_buffer = gsmtty_flush_buffer,
3124  .ioctl = gsmtty_ioctl,
3125  .throttle = gsmtty_throttle,
3126  .unthrottle = gsmtty_unthrottle,
3127  .set_termios = gsmtty_set_termios,
3128  .hangup = gsmtty_hangup,
3129  .wait_until_sent = gsmtty_wait_until_sent,
3130  .tiocmget = gsmtty_tiocmget,
3131  .tiocmset = gsmtty_tiocmset,
3132  .break_ctl = gsmtty_break_ctl,
3133 };
3134 
3135 
3136 
3137 static int __init gsm_init(void)
3138 {
3139  /* Fill in our line protocol discipline, and register it */
3140  int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3141  if (status != 0) {
3142  pr_err("n_gsm: can't register line discipline (err = %d)\n",
3143  status);
3144  return status;
3145  }
3146 
3147  gsm_tty_driver = alloc_tty_driver(256);
3148  if (!gsm_tty_driver) {
3149  tty_unregister_ldisc(N_GSM0710);
3150  pr_err("gsm_init: tty allocation failed.\n");
3151  return -EINVAL;
3152  }
3153  gsm_tty_driver->driver_name = "gsmtty";
3154  gsm_tty_driver->name = "gsmtty";
3155  gsm_tty_driver->major = 0; /* Dynamic */
3156  gsm_tty_driver->minor_start = 0;
3157  gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3158  gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3159  gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3160  | TTY_DRIVER_HARDWARE_BREAK;
3161  gsm_tty_driver->init_termios = tty_std_termios;
3162  /* Fixme */
3163  gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3164  tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3165 
3166  spin_lock_init(&gsm_mux_lock);
3167 
3168  if (tty_register_driver(gsm_tty_driver)) {
3169  put_tty_driver(gsm_tty_driver);
3170  tty_unregister_ldisc(N_GSM0710);
3171  pr_err("gsm_init: tty registration failed.\n");
3172  return -EBUSY;
3173  }
3174  pr_debug("gsm_init: loaded as %d,%d.\n",
3175  gsm_tty_driver->major, gsm_tty_driver->minor_start);
3176  return 0;
3177 }
3178 
3179 static void __exit gsm_exit(void)
3180 {
3181  int status = tty_unregister_ldisc(N_GSM0710);
3182  if (status != 0)
3183  pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3184  status);
3185  tty_unregister_driver(gsm_tty_driver);
3186  put_tty_driver(gsm_tty_driver);
3187 }
3188 
3189 module_init(gsm_init);
3190 module_exit(gsm_exit);
3191 
3192 
3193 MODULE_LICENSE("GPL");
3194 MODULE_ALIAS_LDISC(N_GSM0710);
Generated on Thu Jan 10 2013 14:33:51 for Linux Kernel by   doxygen 1.8.2