Loading...
1/*
2 * n_gsm.c GSM 0710 tty multiplexor
3 * Copyright (c) 2009/10 Intel Corporation
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17 *
18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
19 *
20 * TO DO:
21 * Mostly done: ioctls for setting modes/timing
22 * Partly done: hooks so you can pull off frames to non tty devs
23 * Restart DLCI 0 when it closes ?
24 * Test basic encoding
25 * Improve the tx engine
26 * Resolve tx side locking by adding a queue_head and routing
27 * all control traffic via it
28 * General tidy/document
29 * Review the locking/move to refcounts more (mux now moved to an
30 * alloc/free model ready)
31 * Use newest tty open/close port helpers and install hooks
32 * What to do about power functions ?
33 * Termios setting and negotiation
34 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
35 *
36 */
37
38#include <linux/types.h>
39#include <linux/major.h>
40#include <linux/errno.h>
41#include <linux/signal.h>
42#include <linux/fcntl.h>
43#include <linux/sched.h>
44#include <linux/interrupt.h>
45#include <linux/tty.h>
46#include <linux/ctype.h>
47#include <linux/mm.h>
48#include <linux/string.h>
49#include <linux/slab.h>
50#include <linux/poll.h>
51#include <linux/bitops.h>
52#include <linux/file.h>
53#include <linux/uaccess.h>
54#include <linux/module.h>
55#include <linux/timer.h>
56#include <linux/tty_flip.h>
57#include <linux/tty_driver.h>
58#include <linux/serial.h>
59#include <linux/kfifo.h>
60#include <linux/skbuff.h>
61#include <net/arp.h>
62#include <linux/ip.h>
63#include <linux/netdevice.h>
64#include <linux/etherdevice.h>
65#include <linux/gsmmux.h>
66
67static int debug;
68module_param(debug, int, 0600);
69
70#define T1 (HZ/10)
71#define T2 (HZ/3)
72#define N2 3
73
74/* Use long timers for testing at low speed with debug on */
75#ifdef DEBUG_TIMING
76#define T1 HZ
77#define T2 (2 * HZ)
78#endif
79
80/*
81 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
82 * limits so this is plenty
83 */
84#define MAX_MRU 1500
85#define MAX_MTU 1500
86#define GSM_NET_TX_TIMEOUT (HZ*10)
87
88/**
89 * struct gsm_mux_net - network interface
90 * @struct gsm_dlci* dlci
91 * @struct net_device_stats stats;
92 *
93 * Created when net interface is initialized.
94 **/
95struct gsm_mux_net {
96 struct kref ref;
97 struct gsm_dlci *dlci;
98 struct net_device_stats stats;
99};
100
101#define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats)
102
103/*
104 * Each block of data we have queued to go out is in the form of
105 * a gsm_msg which holds everything we need in a link layer independent
106 * format
107 */
108
109struct gsm_msg {
110 struct gsm_msg *next;
111 u8 addr; /* DLCI address + flags */
112 u8 ctrl; /* Control byte + flags */
113 unsigned int len; /* Length of data block (can be zero) */
114 unsigned char *data; /* Points into buffer but not at the start */
115 unsigned char buffer[0];
116};
117
118/*
119 * Each active data link has a gsm_dlci structure associated which ties
120 * the link layer to an optional tty (if the tty side is open). To avoid
121 * complexity right now these are only ever freed up when the mux is
122 * shut down.
123 *
124 * At the moment we don't free DLCI objects until the mux is torn down
125 * this avoid object life time issues but might be worth review later.
126 */
127
128struct gsm_dlci {
129 struct gsm_mux *gsm;
130 int addr;
131 int state;
132#define DLCI_CLOSED 0
133#define DLCI_OPENING 1 /* Sending SABM not seen UA */
134#define DLCI_OPEN 2 /* SABM/UA complete */
135#define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
136 struct kref ref; /* freed from port or mux close */
137 struct mutex mutex;
138
139 /* Link layer */
140 spinlock_t lock; /* Protects the internal state */
141 struct timer_list t1; /* Retransmit timer for SABM and UA */
142 int retries;
143 /* Uplink tty if active */
144 struct tty_port port; /* The tty bound to this DLCI if there is one */
145 struct kfifo *fifo; /* Queue fifo for the DLCI */
146 struct kfifo _fifo; /* For new fifo API porting only */
147 int adaption; /* Adaption layer in use */
148 int prev_adaption;
149 u32 modem_rx; /* Our incoming virtual modem lines */
150 u32 modem_tx; /* Our outgoing modem lines */
151 int dead; /* Refuse re-open */
152 /* Flow control */
153 int throttled; /* Private copy of throttle state */
154 int constipated; /* Throttle status for outgoing */
155 /* Packetised I/O */
156 struct sk_buff *skb; /* Frame being sent */
157 struct sk_buff_head skb_list; /* Queued frames */
158 /* Data handling callback */
159 void (*data)(struct gsm_dlci *dlci, u8 *data, int len);
160 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len);
161 struct net_device *net; /* network interface, if created */
162};
163
164/* DLCI 0, 62/63 are special or reseved see gsmtty_open */
165
166#define NUM_DLCI 64
167
168/*
169 * DLCI 0 is used to pass control blocks out of band of the data
170 * flow (and with a higher link priority). One command can be outstanding
171 * at a time and we use this structure to manage them. They are created
172 * and destroyed by the user context, and updated by the receive paths
173 * and timers
174 */
175
176struct gsm_control {
177 u8 cmd; /* Command we are issuing */
178 u8 *data; /* Data for the command in case we retransmit */
179 int len; /* Length of block for retransmission */
180 int done; /* Done flag */
181 int error; /* Error if any */
182};
183
184/*
185 * Each GSM mux we have is represented by this structure. If we are
186 * operating as an ldisc then we use this structure as our ldisc
187 * state. We need to sort out lifetimes and locking with respect
188 * to the gsm mux array. For now we don't free DLCI objects that
189 * have been instantiated until the mux itself is terminated.
190 *
191 * To consider further: tty open versus mux shutdown.
192 */
193
194struct gsm_mux {
195 struct tty_struct *tty; /* The tty our ldisc is bound to */
196 spinlock_t lock;
197 unsigned int num;
198 struct kref ref;
199
200 /* Events on the GSM channel */
201 wait_queue_head_t event;
202
203 /* Bits for GSM mode decoding */
204
205 /* Framing Layer */
206 unsigned char *buf;
207 int state;
208#define GSM_SEARCH 0
209#define GSM_START 1
210#define GSM_ADDRESS 2
211#define GSM_CONTROL 3
212#define GSM_LEN 4
213#define GSM_DATA 5
214#define GSM_FCS 6
215#define GSM_OVERRUN 7
216#define GSM_LEN0 8
217#define GSM_LEN1 9
218#define GSM_SSOF 10
219 unsigned int len;
220 unsigned int address;
221 unsigned int count;
222 int escape;
223 int encoding;
224 u8 control;
225 u8 fcs;
226 u8 received_fcs;
227 u8 *txframe; /* TX framing buffer */
228
229 /* Methods for the receiver side */
230 void (*receive)(struct gsm_mux *gsm, u8 ch);
231 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
232 /* And transmit side */
233 int (*output)(struct gsm_mux *mux, u8 *data, int len);
234
235 /* Link Layer */
236 unsigned int mru;
237 unsigned int mtu;
238 int initiator; /* Did we initiate connection */
239 int dead; /* Has the mux been shut down */
240 struct gsm_dlci *dlci[NUM_DLCI];
241 int constipated; /* Asked by remote to shut up */
242
243 spinlock_t tx_lock;
244 unsigned int tx_bytes; /* TX data outstanding */
245#define TX_THRESH_HI 8192
246#define TX_THRESH_LO 2048
247 struct gsm_msg *tx_head; /* Pending data packets */
248 struct gsm_msg *tx_tail;
249
250 /* Control messages */
251 struct timer_list t2_timer; /* Retransmit timer for commands */
252 int cretries; /* Command retry counter */
253 struct gsm_control *pending_cmd;/* Our current pending command */
254 spinlock_t control_lock; /* Protects the pending command */
255
256 /* Configuration */
257 int adaption; /* 1 or 2 supported */
258 u8 ftype; /* UI or UIH */
259 int t1, t2; /* Timers in 1/100th of a sec */
260 int n2; /* Retry count */
261
262 /* Statistics (not currently exposed) */
263 unsigned long bad_fcs;
264 unsigned long malformed;
265 unsigned long io_error;
266 unsigned long bad_size;
267 unsigned long unsupported;
268};
269
270
271/*
272 * Mux objects - needed so that we can translate a tty index into the
273 * relevant mux and DLCI.
274 */
275
276#define MAX_MUX 4 /* 256 minors */
277static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
278static spinlock_t gsm_mux_lock;
279
280static struct tty_driver *gsm_tty_driver;
281
282/*
283 * This section of the driver logic implements the GSM encodings
284 * both the basic and the 'advanced'. Reliable transport is not
285 * supported.
286 */
287
288#define CR 0x02
289#define EA 0x01
290#define PF 0x10
291
292/* I is special: the rest are ..*/
293#define RR 0x01
294#define UI 0x03
295#define RNR 0x05
296#define REJ 0x09
297#define DM 0x0F
298#define SABM 0x2F
299#define DISC 0x43
300#define UA 0x63
301#define UIH 0xEF
302
303/* Channel commands */
304#define CMD_NSC 0x09
305#define CMD_TEST 0x11
306#define CMD_PSC 0x21
307#define CMD_RLS 0x29
308#define CMD_FCOFF 0x31
309#define CMD_PN 0x41
310#define CMD_RPN 0x49
311#define CMD_FCON 0x51
312#define CMD_CLD 0x61
313#define CMD_SNC 0x69
314#define CMD_MSC 0x71
315
316/* Virtual modem bits */
317#define MDM_FC 0x01
318#define MDM_RTC 0x02
319#define MDM_RTR 0x04
320#define MDM_IC 0x20
321#define MDM_DV 0x40
322
323#define GSM0_SOF 0xF9
324#define GSM1_SOF 0x7E
325#define GSM1_ESCAPE 0x7D
326#define GSM1_ESCAPE_BITS 0x20
327#define XON 0x11
328#define XOFF 0x13
329
330static const struct tty_port_operations gsm_port_ops;
331
332/*
333 * CRC table for GSM 0710
334 */
335
336static const u8 gsm_fcs8[256] = {
337 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
338 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
339 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
340 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
341 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
342 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
343 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
344 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
345 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
346 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
347 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
348 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
349 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
350 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
351 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
352 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
353 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
354 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
355 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
356 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
357 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
358 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
359 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
360 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
361 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
362 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
363 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
364 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
365 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
366 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
367 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
368 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
369};
370
371#define INIT_FCS 0xFF
372#define GOOD_FCS 0xCF
373
374/**
375 * gsm_fcs_add - update FCS
376 * @fcs: Current FCS
377 * @c: Next data
378 *
379 * Update the FCS to include c. Uses the algorithm in the specification
380 * notes.
381 */
382
383static inline u8 gsm_fcs_add(u8 fcs, u8 c)
384{
385 return gsm_fcs8[fcs ^ c];
386}
387
388/**
389 * gsm_fcs_add_block - update FCS for a block
390 * @fcs: Current FCS
391 * @c: buffer of data
392 * @len: length of buffer
393 *
394 * Update the FCS to include c. Uses the algorithm in the specification
395 * notes.
396 */
397
398static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
399{
400 while (len--)
401 fcs = gsm_fcs8[fcs ^ *c++];
402 return fcs;
403}
404
405/**
406 * gsm_read_ea - read a byte into an EA
407 * @val: variable holding value
408 * c: byte going into the EA
409 *
410 * Processes one byte of an EA. Updates the passed variable
411 * and returns 1 if the EA is now completely read
412 */
413
414static int gsm_read_ea(unsigned int *val, u8 c)
415{
416 /* Add the next 7 bits into the value */
417 *val <<= 7;
418 *val |= c >> 1;
419 /* Was this the last byte of the EA 1 = yes*/
420 return c & EA;
421}
422
423/**
424 * gsm_encode_modem - encode modem data bits
425 * @dlci: DLCI to encode from
426 *
427 * Returns the correct GSM encoded modem status bits (6 bit field) for
428 * the current status of the DLCI and attached tty object
429 */
430
431static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
432{
433 u8 modembits = 0;
434 /* FC is true flow control not modem bits */
435 if (dlci->throttled)
436 modembits |= MDM_FC;
437 if (dlci->modem_tx & TIOCM_DTR)
438 modembits |= MDM_RTC;
439 if (dlci->modem_tx & TIOCM_RTS)
440 modembits |= MDM_RTR;
441 if (dlci->modem_tx & TIOCM_RI)
442 modembits |= MDM_IC;
443 if (dlci->modem_tx & TIOCM_CD)
444 modembits |= MDM_DV;
445 return modembits;
446}
447
448/**
449 * gsm_print_packet - display a frame for debug
450 * @hdr: header to print before decode
451 * @addr: address EA from the frame
452 * @cr: C/R bit from the frame
453 * @control: control including PF bit
454 * @data: following data bytes
455 * @dlen: length of data
456 *
457 * Displays a packet in human readable format for debugging purposes. The
458 * style is based on amateur radio LAP-B dump display.
459 */
460
461static void gsm_print_packet(const char *hdr, int addr, int cr,
462 u8 control, const u8 *data, int dlen)
463{
464 if (!(debug & 1))
465 return;
466
467 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
468
469 switch (control & ~PF) {
470 case SABM:
471 pr_cont("SABM");
472 break;
473 case UA:
474 pr_cont("UA");
475 break;
476 case DISC:
477 pr_cont("DISC");
478 break;
479 case DM:
480 pr_cont("DM");
481 break;
482 case UI:
483 pr_cont("UI");
484 break;
485 case UIH:
486 pr_cont("UIH");
487 break;
488 default:
489 if (!(control & 0x01)) {
490 pr_cont("I N(S)%d N(R)%d",
491 (control & 0x0E) >> 1, (control & 0xE) >> 5);
492 } else switch (control & 0x0F) {
493 case RR:
494 pr_cont("RR(%d)", (control & 0xE0) >> 5);
495 break;
496 case RNR:
497 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
498 break;
499 case REJ:
500 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
501 break;
502 default:
503 pr_cont("[%02X]", control);
504 }
505 }
506
507 if (control & PF)
508 pr_cont("(P)");
509 else
510 pr_cont("(F)");
511
512 if (dlen) {
513 int ct = 0;
514 while (dlen--) {
515 if (ct % 8 == 0) {
516 pr_cont("\n");
517 pr_debug(" ");
518 }
519 pr_cont("%02X ", *data++);
520 ct++;
521 }
522 }
523 pr_cont("\n");
524}
525
526
527/*
528 * Link level transmission side
529 */
530
531/**
532 * gsm_stuff_packet - bytestuff a packet
533 * @ibuf: input
534 * @obuf: output
535 * @len: length of input
536 *
537 * Expand a buffer by bytestuffing it. The worst case size change
538 * is doubling and the caller is responsible for handing out
539 * suitable sized buffers.
540 */
541
542static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
543{
544 int olen = 0;
545 while (len--) {
546 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
547 || *input == XON || *input == XOFF) {
548 *output++ = GSM1_ESCAPE;
549 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
550 olen++;
551 } else
552 *output++ = *input++;
553 olen++;
554 }
555 return olen;
556}
557
558/**
559 * gsm_send - send a control frame
560 * @gsm: our GSM mux
561 * @addr: address for control frame
562 * @cr: command/response bit
563 * @control: control byte including PF bit
564 *
565 * Format up and transmit a control frame. These do not go via the
566 * queueing logic as they should be transmitted ahead of data when
567 * they are needed.
568 *
569 * FIXME: Lock versus data TX path
570 */
571
572static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
573{
574 int len;
575 u8 cbuf[10];
576 u8 ibuf[3];
577
578 switch (gsm->encoding) {
579 case 0:
580 cbuf[0] = GSM0_SOF;
581 cbuf[1] = (addr << 2) | (cr << 1) | EA;
582 cbuf[2] = control;
583 cbuf[3] = EA; /* Length of data = 0 */
584 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
585 cbuf[5] = GSM0_SOF;
586 len = 6;
587 break;
588 case 1:
589 case 2:
590 /* Control frame + packing (but not frame stuffing) in mode 1 */
591 ibuf[0] = (addr << 2) | (cr << 1) | EA;
592 ibuf[1] = control;
593 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
594 /* Stuffing may double the size worst case */
595 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
596 /* Now add the SOF markers */
597 cbuf[0] = GSM1_SOF;
598 cbuf[len + 1] = GSM1_SOF;
599 /* FIXME: we can omit the lead one in many cases */
600 len += 2;
601 break;
602 default:
603 WARN_ON(1);
604 return;
605 }
606 gsm->output(gsm, cbuf, len);
607 gsm_print_packet("-->", addr, cr, control, NULL, 0);
608}
609
610/**
611 * gsm_response - send a control response
612 * @gsm: our GSM mux
613 * @addr: address for control frame
614 * @control: control byte including PF bit
615 *
616 * Format up and transmit a link level response frame.
617 */
618
619static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
620{
621 gsm_send(gsm, addr, 0, control);
622}
623
624/**
625 * gsm_command - send a control command
626 * @gsm: our GSM mux
627 * @addr: address for control frame
628 * @control: control byte including PF bit
629 *
630 * Format up and transmit a link level command frame.
631 */
632
633static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
634{
635 gsm_send(gsm, addr, 1, control);
636}
637
638/* Data transmission */
639
640#define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
641
642/**
643 * gsm_data_alloc - allocate data frame
644 * @gsm: GSM mux
645 * @addr: DLCI address
646 * @len: length excluding header and FCS
647 * @ctrl: control byte
648 *
649 * Allocate a new data buffer for sending frames with data. Space is left
650 * at the front for header bytes but that is treated as an implementation
651 * detail and not for the high level code to use
652 */
653
654static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
655 u8 ctrl)
656{
657 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
658 GFP_ATOMIC);
659 if (m == NULL)
660 return NULL;
661 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
662 m->len = len;
663 m->addr = addr;
664 m->ctrl = ctrl;
665 m->next = NULL;
666 return m;
667}
668
669/**
670 * gsm_data_kick - poke the queue
671 * @gsm: GSM Mux
672 *
673 * The tty device has called us to indicate that room has appeared in
674 * the transmit queue. Ram more data into the pipe if we have any
675 *
676 * FIXME: lock against link layer control transmissions
677 */
678
679static void gsm_data_kick(struct gsm_mux *gsm)
680{
681 struct gsm_msg *msg = gsm->tx_head;
682 int len;
683 int skip_sof = 0;
684
685 /* FIXME: We need to apply this solely to data messages */
686 if (gsm->constipated)
687 return;
688
689 while (gsm->tx_head != NULL) {
690 msg = gsm->tx_head;
691 if (gsm->encoding != 0) {
692 gsm->txframe[0] = GSM1_SOF;
693 len = gsm_stuff_frame(msg->data,
694 gsm->txframe + 1, msg->len);
695 gsm->txframe[len + 1] = GSM1_SOF;
696 len += 2;
697 } else {
698 gsm->txframe[0] = GSM0_SOF;
699 memcpy(gsm->txframe + 1 , msg->data, msg->len);
700 gsm->txframe[msg->len + 1] = GSM0_SOF;
701 len = msg->len + 2;
702 }
703
704 if (debug & 4)
705 print_hex_dump_bytes("gsm_data_kick: ",
706 DUMP_PREFIX_OFFSET,
707 gsm->txframe, len);
708
709 if (gsm->output(gsm, gsm->txframe + skip_sof,
710 len - skip_sof) < 0)
711 break;
712 /* FIXME: Can eliminate one SOF in many more cases */
713 gsm->tx_head = msg->next;
714 if (gsm->tx_head == NULL)
715 gsm->tx_tail = NULL;
716 gsm->tx_bytes -= msg->len;
717 kfree(msg);
718 /* For a burst of frames skip the extra SOF within the
719 burst */
720 skip_sof = 1;
721 }
722}
723
724/**
725 * __gsm_data_queue - queue a UI or UIH frame
726 * @dlci: DLCI sending the data
727 * @msg: message queued
728 *
729 * Add data to the transmit queue and try and get stuff moving
730 * out of the mux tty if not already doing so. The Caller must hold
731 * the gsm tx lock.
732 */
733
734static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
735{
736 struct gsm_mux *gsm = dlci->gsm;
737 u8 *dp = msg->data;
738 u8 *fcs = dp + msg->len;
739
740 /* Fill in the header */
741 if (gsm->encoding == 0) {
742 if (msg->len < 128)
743 *--dp = (msg->len << 1) | EA;
744 else {
745 *--dp = (msg->len >> 7); /* bits 7 - 15 */
746 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
747 }
748 }
749
750 *--dp = msg->ctrl;
751 if (gsm->initiator)
752 *--dp = (msg->addr << 2) | 2 | EA;
753 else
754 *--dp = (msg->addr << 2) | EA;
755 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
756 /* Ugly protocol layering violation */
757 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
758 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
759 *fcs = 0xFF - *fcs;
760
761 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
762 msg->data, msg->len);
763
764 /* Move the header back and adjust the length, also allow for the FCS
765 now tacked on the end */
766 msg->len += (msg->data - dp) + 1;
767 msg->data = dp;
768
769 /* Add to the actual output queue */
770 if (gsm->tx_tail)
771 gsm->tx_tail->next = msg;
772 else
773 gsm->tx_head = msg;
774 gsm->tx_tail = msg;
775 gsm->tx_bytes += msg->len;
776 gsm_data_kick(gsm);
777}
778
779/**
780 * gsm_data_queue - queue a UI or UIH frame
781 * @dlci: DLCI sending the data
782 * @msg: message queued
783 *
784 * Add data to the transmit queue and try and get stuff moving
785 * out of the mux tty if not already doing so. Take the
786 * the gsm tx lock and dlci lock.
787 */
788
789static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
790{
791 unsigned long flags;
792 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
793 __gsm_data_queue(dlci, msg);
794 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
795}
796
797/**
798 * gsm_dlci_data_output - try and push data out of a DLCI
799 * @gsm: mux
800 * @dlci: the DLCI to pull data from
801 *
802 * Pull data from a DLCI and send it into the transmit queue if there
803 * is data. Keep to the MRU of the mux. This path handles the usual tty
804 * interface which is a byte stream with optional modem data.
805 *
806 * Caller must hold the tx_lock of the mux.
807 */
808
809static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
810{
811 struct gsm_msg *msg;
812 u8 *dp;
813 int len, size;
814 int h = dlci->adaption - 1;
815
816 len = kfifo_len(dlci->fifo);
817 if (len == 0)
818 return 0;
819
820 /* MTU/MRU count only the data bits */
821 if (len > gsm->mtu)
822 len = gsm->mtu;
823
824 size = len + h;
825
826 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
827 /* FIXME: need a timer or something to kick this so it can't
828 get stuck with no work outstanding and no buffer free */
829 if (msg == NULL)
830 return -ENOMEM;
831 dp = msg->data;
832 switch (dlci->adaption) {
833 case 1: /* Unstructured */
834 break;
835 case 2: /* Unstructed with modem bits. Always one byte as we never
836 send inline break data */
837 *dp += gsm_encode_modem(dlci);
838 len--;
839 break;
840 }
841 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
842 __gsm_data_queue(dlci, msg);
843 /* Bytes of data we used up */
844 return size;
845}
846
847/**
848 * gsm_dlci_data_output_framed - try and push data out of a DLCI
849 * @gsm: mux
850 * @dlci: the DLCI to pull data from
851 *
852 * Pull data from a DLCI and send it into the transmit queue if there
853 * is data. Keep to the MRU of the mux. This path handles framed data
854 * queued as skbuffs to the DLCI.
855 *
856 * Caller must hold the tx_lock of the mux.
857 */
858
859static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
860 struct gsm_dlci *dlci)
861{
862 struct gsm_msg *msg;
863 u8 *dp;
864 int len, size;
865 int last = 0, first = 0;
866 int overhead = 0;
867
868 /* One byte per frame is used for B/F flags */
869 if (dlci->adaption == 4)
870 overhead = 1;
871
872 /* dlci->skb is locked by tx_lock */
873 if (dlci->skb == NULL) {
874 dlci->skb = skb_dequeue(&dlci->skb_list);
875 if (dlci->skb == NULL)
876 return 0;
877 first = 1;
878 }
879 len = dlci->skb->len + overhead;
880
881 /* MTU/MRU count only the data bits */
882 if (len > gsm->mtu) {
883 if (dlci->adaption == 3) {
884 /* Over long frame, bin it */
885 kfree_skb(dlci->skb);
886 dlci->skb = NULL;
887 return 0;
888 }
889 len = gsm->mtu;
890 } else
891 last = 1;
892
893 size = len + overhead;
894 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
895
896 /* FIXME: need a timer or something to kick this so it can't
897 get stuck with no work outstanding and no buffer free */
898 if (msg == NULL)
899 return -ENOMEM;
900 dp = msg->data;
901
902 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
903 /* Flag byte to carry the start/end info */
904 *dp++ = last << 7 | first << 6 | 1; /* EA */
905 len--;
906 }
907 memcpy(dp, dlci->skb->data, len);
908 skb_pull(dlci->skb, len);
909 __gsm_data_queue(dlci, msg);
910 if (last) {
911 kfree_skb(dlci->skb);
912 dlci->skb = NULL;
913 }
914 return size;
915}
916
917/**
918 * gsm_dlci_data_sweep - look for data to send
919 * @gsm: the GSM mux
920 *
921 * Sweep the GSM mux channels in priority order looking for ones with
922 * data to send. We could do with optimising this scan a bit. We aim
923 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
924 * TX_THRESH_LO we get called again
925 *
926 * FIXME: We should round robin between groups and in theory you can
927 * renegotiate DLCI priorities with optional stuff. Needs optimising.
928 */
929
930static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
931{
932 int len;
933 /* Priority ordering: We should do priority with RR of the groups */
934 int i = 1;
935
936 while (i < NUM_DLCI) {
937 struct gsm_dlci *dlci;
938
939 if (gsm->tx_bytes > TX_THRESH_HI)
940 break;
941 dlci = gsm->dlci[i];
942 if (dlci == NULL || dlci->constipated) {
943 i++;
944 continue;
945 }
946 if (dlci->adaption < 3 && !dlci->net)
947 len = gsm_dlci_data_output(gsm, dlci);
948 else
949 len = gsm_dlci_data_output_framed(gsm, dlci);
950 if (len < 0)
951 break;
952 /* DLCI empty - try the next */
953 if (len == 0)
954 i++;
955 }
956}
957
958/**
959 * gsm_dlci_data_kick - transmit if possible
960 * @dlci: DLCI to kick
961 *
962 * Transmit data from this DLCI if the queue is empty. We can't rely on
963 * a tty wakeup except when we filled the pipe so we need to fire off
964 * new data ourselves in other cases.
965 */
966
967static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
968{
969 unsigned long flags;
970
971 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
972 /* If we have nothing running then we need to fire up */
973 if (dlci->gsm->tx_bytes == 0) {
974 if (dlci->net)
975 gsm_dlci_data_output_framed(dlci->gsm, dlci);
976 else
977 gsm_dlci_data_output(dlci->gsm, dlci);
978 } else if (dlci->gsm->tx_bytes < TX_THRESH_LO)
979 gsm_dlci_data_sweep(dlci->gsm);
980 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
981}
982
983/*
984 * Control message processing
985 */
986
987
988/**
989 * gsm_control_reply - send a response frame to a control
990 * @gsm: gsm channel
991 * @cmd: the command to use
992 * @data: data to follow encoded info
993 * @dlen: length of data
994 *
995 * Encode up and queue a UI/UIH frame containing our response.
996 */
997
998static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data,
999 int dlen)
1000{
1001 struct gsm_msg *msg;
1002 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1003 if (msg == NULL)
1004 return;
1005 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1006 msg->data[1] = (dlen << 1) | EA;
1007 memcpy(msg->data + 2, data, dlen);
1008 gsm_data_queue(gsm->dlci[0], msg);
1009}
1010
1011/**
1012 * gsm_process_modem - process received modem status
1013 * @tty: virtual tty bound to the DLCI
1014 * @dlci: DLCI to affect
1015 * @modem: modem bits (full EA)
1016 *
1017 * Used when a modem control message or line state inline in adaption
1018 * layer 2 is processed. Sort out the local modem state and throttles
1019 */
1020
1021static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1022 u32 modem, int clen)
1023{
1024 int mlines = 0;
1025 u8 brk = 0;
1026
1027 /* The modem status command can either contain one octet (v.24 signals)
1028 or two octets (v.24 signals + break signals). The length field will
1029 either be 2 or 3 respectively. This is specified in section
1030 5.4.6.3.7 of the 27.010 mux spec. */
1031
1032 if (clen == 2)
1033 modem = modem & 0x7f;
1034 else {
1035 brk = modem & 0x7f;
1036 modem = (modem >> 7) & 0x7f;
1037 };
1038
1039 /* Flow control/ready to communicate */
1040 if (modem & MDM_FC) {
1041 /* Need to throttle our output on this device */
1042 dlci->constipated = 1;
1043 }
1044 if (modem & MDM_RTC) {
1045 mlines |= TIOCM_DSR | TIOCM_DTR;
1046 dlci->constipated = 0;
1047 gsm_dlci_data_kick(dlci);
1048 }
1049 /* Map modem bits */
1050 if (modem & MDM_RTR)
1051 mlines |= TIOCM_RTS | TIOCM_CTS;
1052 if (modem & MDM_IC)
1053 mlines |= TIOCM_RI;
1054 if (modem & MDM_DV)
1055 mlines |= TIOCM_CD;
1056
1057 /* Carrier drop -> hangup */
1058 if (tty) {
1059 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1060 if (!(tty->termios->c_cflag & CLOCAL))
1061 tty_hangup(tty);
1062 if (brk & 0x01)
1063 tty_insert_flip_char(tty, 0, TTY_BREAK);
1064 }
1065 dlci->modem_rx = mlines;
1066}
1067
1068/**
1069 * gsm_control_modem - modem status received
1070 * @gsm: GSM channel
1071 * @data: data following command
1072 * @clen: command length
1073 *
1074 * We have received a modem status control message. This is used by
1075 * the GSM mux protocol to pass virtual modem line status and optionally
1076 * to indicate break signals. Unpack it, convert to Linux representation
1077 * and if need be stuff a break message down the tty.
1078 */
1079
1080static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen)
1081{
1082 unsigned int addr = 0;
1083 unsigned int modem = 0;
1084 struct gsm_dlci *dlci;
1085 int len = clen;
1086 u8 *dp = data;
1087 struct tty_struct *tty;
1088
1089 while (gsm_read_ea(&addr, *dp++) == 0) {
1090 len--;
1091 if (len == 0)
1092 return;
1093 }
1094 /* Must be at least one byte following the EA */
1095 len--;
1096 if (len <= 0)
1097 return;
1098
1099 addr >>= 1;
1100 /* Closed port, or invalid ? */
1101 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1102 return;
1103 dlci = gsm->dlci[addr];
1104
1105 while (gsm_read_ea(&modem, *dp++) == 0) {
1106 len--;
1107 if (len == 0)
1108 return;
1109 }
1110 tty = tty_port_tty_get(&dlci->port);
1111 gsm_process_modem(tty, dlci, modem, clen);
1112 if (tty) {
1113 tty_wakeup(tty);
1114 tty_kref_put(tty);
1115 }
1116 gsm_control_reply(gsm, CMD_MSC, data, clen);
1117}
1118
1119/**
1120 * gsm_control_rls - remote line status
1121 * @gsm: GSM channel
1122 * @data: data bytes
1123 * @clen: data length
1124 *
1125 * The modem sends us a two byte message on the control channel whenever
1126 * it wishes to send us an error state from the virtual link. Stuff
1127 * this into the uplink tty if present
1128 */
1129
1130static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen)
1131{
1132 struct tty_struct *tty;
1133 unsigned int addr = 0 ;
1134 u8 bits;
1135 int len = clen;
1136 u8 *dp = data;
1137
1138 while (gsm_read_ea(&addr, *dp++) == 0) {
1139 len--;
1140 if (len == 0)
1141 return;
1142 }
1143 /* Must be at least one byte following ea */
1144 len--;
1145 if (len <= 0)
1146 return;
1147 addr >>= 1;
1148 /* Closed port, or invalid ? */
1149 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1150 return;
1151 /* No error ? */
1152 bits = *dp;
1153 if ((bits & 1) == 0)
1154 return;
1155 /* See if we have an uplink tty */
1156 tty = tty_port_tty_get(&gsm->dlci[addr]->port);
1157
1158 if (tty) {
1159 if (bits & 2)
1160 tty_insert_flip_char(tty, 0, TTY_OVERRUN);
1161 if (bits & 4)
1162 tty_insert_flip_char(tty, 0, TTY_PARITY);
1163 if (bits & 8)
1164 tty_insert_flip_char(tty, 0, TTY_FRAME);
1165 tty_flip_buffer_push(tty);
1166 tty_kref_put(tty);
1167 }
1168 gsm_control_reply(gsm, CMD_RLS, data, clen);
1169}
1170
1171static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1172
1173/**
1174 * gsm_control_message - DLCI 0 control processing
1175 * @gsm: our GSM mux
1176 * @command: the command EA
1177 * @data: data beyond the command/length EAs
1178 * @clen: length
1179 *
1180 * Input processor for control messages from the other end of the link.
1181 * Processes the incoming request and queues a response frame or an
1182 * NSC response if not supported
1183 */
1184
1185static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1186 u8 *data, int clen)
1187{
1188 u8 buf[1];
1189 switch (command) {
1190 case CMD_CLD: {
1191 struct gsm_dlci *dlci = gsm->dlci[0];
1192 /* Modem wishes to close down */
1193 if (dlci) {
1194 dlci->dead = 1;
1195 gsm->dead = 1;
1196 gsm_dlci_begin_close(dlci);
1197 }
1198 }
1199 break;
1200 case CMD_TEST:
1201 /* Modem wishes to test, reply with the data */
1202 gsm_control_reply(gsm, CMD_TEST, data, clen);
1203 break;
1204 case CMD_FCON:
1205 /* Modem wants us to STFU */
1206 gsm->constipated = 1;
1207 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1208 break;
1209 case CMD_FCOFF:
1210 /* Modem can accept data again */
1211 gsm->constipated = 0;
1212 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1213 /* Kick the link in case it is idling */
1214 gsm_data_kick(gsm);
1215 break;
1216 case CMD_MSC:
1217 /* Out of band modem line change indicator for a DLCI */
1218 gsm_control_modem(gsm, data, clen);
1219 break;
1220 case CMD_RLS:
1221 /* Out of band error reception for a DLCI */
1222 gsm_control_rls(gsm, data, clen);
1223 break;
1224 case CMD_PSC:
1225 /* Modem wishes to enter power saving state */
1226 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1227 break;
1228 /* Optional unsupported commands */
1229 case CMD_PN: /* Parameter negotiation */
1230 case CMD_RPN: /* Remote port negotiation */
1231 case CMD_SNC: /* Service negotiation command */
1232 default:
1233 /* Reply to bad commands with an NSC */
1234 buf[0] = command;
1235 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1236 break;
1237 }
1238}
1239
1240/**
1241 * gsm_control_response - process a response to our control
1242 * @gsm: our GSM mux
1243 * @command: the command (response) EA
1244 * @data: data beyond the command/length EA
1245 * @clen: length
1246 *
1247 * Process a response to an outstanding command. We only allow a single
1248 * control message in flight so this is fairly easy. All the clean up
1249 * is done by the caller, we just update the fields, flag it as done
1250 * and return
1251 */
1252
1253static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1254 u8 *data, int clen)
1255{
1256 struct gsm_control *ctrl;
1257 unsigned long flags;
1258
1259 spin_lock_irqsave(&gsm->control_lock, flags);
1260
1261 ctrl = gsm->pending_cmd;
1262 /* Does the reply match our command */
1263 command |= 1;
1264 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1265 /* Our command was replied to, kill the retry timer */
1266 del_timer(&gsm->t2_timer);
1267 gsm->pending_cmd = NULL;
1268 /* Rejected by the other end */
1269 if (command == CMD_NSC)
1270 ctrl->error = -EOPNOTSUPP;
1271 ctrl->done = 1;
1272 wake_up(&gsm->event);
1273 }
1274 spin_unlock_irqrestore(&gsm->control_lock, flags);
1275}
1276
1277/**
1278 * gsm_control_transmit - send control packet
1279 * @gsm: gsm mux
1280 * @ctrl: frame to send
1281 *
1282 * Send out a pending control command (called under control lock)
1283 */
1284
1285static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1286{
1287 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1288 if (msg == NULL)
1289 return;
1290 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1291 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1292 gsm_data_queue(gsm->dlci[0], msg);
1293}
1294
1295/**
1296 * gsm_control_retransmit - retransmit a control frame
1297 * @data: pointer to our gsm object
1298 *
1299 * Called off the T2 timer expiry in order to retransmit control frames
1300 * that have been lost in the system somewhere. The control_lock protects
1301 * us from colliding with another sender or a receive completion event.
1302 * In that situation the timer may still occur in a small window but
1303 * gsm->pending_cmd will be NULL and we just let the timer expire.
1304 */
1305
1306static void gsm_control_retransmit(unsigned long data)
1307{
1308 struct gsm_mux *gsm = (struct gsm_mux *)data;
1309 struct gsm_control *ctrl;
1310 unsigned long flags;
1311 spin_lock_irqsave(&gsm->control_lock, flags);
1312 ctrl = gsm->pending_cmd;
1313 if (ctrl) {
1314 gsm->cretries--;
1315 if (gsm->cretries == 0) {
1316 gsm->pending_cmd = NULL;
1317 ctrl->error = -ETIMEDOUT;
1318 ctrl->done = 1;
1319 spin_unlock_irqrestore(&gsm->control_lock, flags);
1320 wake_up(&gsm->event);
1321 return;
1322 }
1323 gsm_control_transmit(gsm, ctrl);
1324 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1325 }
1326 spin_unlock_irqrestore(&gsm->control_lock, flags);
1327}
1328
1329/**
1330 * gsm_control_send - send a control frame on DLCI 0
1331 * @gsm: the GSM channel
1332 * @command: command to send including CR bit
1333 * @data: bytes of data (must be kmalloced)
1334 * @len: length of the block to send
1335 *
1336 * Queue and dispatch a control command. Only one command can be
1337 * active at a time. In theory more can be outstanding but the matching
1338 * gets really complicated so for now stick to one outstanding.
1339 */
1340
1341static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1342 unsigned int command, u8 *data, int clen)
1343{
1344 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1345 GFP_KERNEL);
1346 unsigned long flags;
1347 if (ctrl == NULL)
1348 return NULL;
1349retry:
1350 wait_event(gsm->event, gsm->pending_cmd == NULL);
1351 spin_lock_irqsave(&gsm->control_lock, flags);
1352 if (gsm->pending_cmd != NULL) {
1353 spin_unlock_irqrestore(&gsm->control_lock, flags);
1354 goto retry;
1355 }
1356 ctrl->cmd = command;
1357 ctrl->data = data;
1358 ctrl->len = clen;
1359 gsm->pending_cmd = ctrl;
1360 gsm->cretries = gsm->n2;
1361 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1362 gsm_control_transmit(gsm, ctrl);
1363 spin_unlock_irqrestore(&gsm->control_lock, flags);
1364 return ctrl;
1365}
1366
1367/**
1368 * gsm_control_wait - wait for a control to finish
1369 * @gsm: GSM mux
1370 * @control: control we are waiting on
1371 *
1372 * Waits for the control to complete or time out. Frees any used
1373 * resources and returns 0 for success, or an error if the remote
1374 * rejected or ignored the request.
1375 */
1376
1377static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1378{
1379 int err;
1380 wait_event(gsm->event, control->done == 1);
1381 err = control->error;
1382 kfree(control);
1383 return err;
1384}
1385
1386
1387/*
1388 * DLCI level handling: Needs krefs
1389 */
1390
1391/*
1392 * State transitions and timers
1393 */
1394
1395/**
1396 * gsm_dlci_close - a DLCI has closed
1397 * @dlci: DLCI that closed
1398 *
1399 * Perform processing when moving a DLCI into closed state. If there
1400 * is an attached tty this is hung up
1401 */
1402
1403static void gsm_dlci_close(struct gsm_dlci *dlci)
1404{
1405 del_timer(&dlci->t1);
1406 if (debug & 8)
1407 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1408 dlci->state = DLCI_CLOSED;
1409 if (dlci->addr != 0) {
1410 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1411 if (tty) {
1412 tty_hangup(tty);
1413 tty_kref_put(tty);
1414 }
1415 kfifo_reset(dlci->fifo);
1416 } else
1417 dlci->gsm->dead = 1;
1418 wake_up(&dlci->gsm->event);
1419 /* A DLCI 0 close is a MUX termination so we need to kick that
1420 back to userspace somehow */
1421}
1422
1423/**
1424 * gsm_dlci_open - a DLCI has opened
1425 * @dlci: DLCI that opened
1426 *
1427 * Perform processing when moving a DLCI into open state.
1428 */
1429
1430static void gsm_dlci_open(struct gsm_dlci *dlci)
1431{
1432 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1433 open -> open */
1434 del_timer(&dlci->t1);
1435 /* This will let a tty open continue */
1436 dlci->state = DLCI_OPEN;
1437 if (debug & 8)
1438 pr_debug("DLCI %d goes open.\n", dlci->addr);
1439 wake_up(&dlci->gsm->event);
1440}
1441
1442/**
1443 * gsm_dlci_t1 - T1 timer expiry
1444 * @dlci: DLCI that opened
1445 *
1446 * The T1 timer handles retransmits of control frames (essentially of
1447 * SABM and DISC). We resend the command until the retry count runs out
1448 * in which case an opening port goes back to closed and a closing port
1449 * is simply put into closed state (any further frames from the other
1450 * end will get a DM response)
1451 */
1452
1453static void gsm_dlci_t1(unsigned long data)
1454{
1455 struct gsm_dlci *dlci = (struct gsm_dlci *)data;
1456 struct gsm_mux *gsm = dlci->gsm;
1457
1458 switch (dlci->state) {
1459 case DLCI_OPENING:
1460 dlci->retries--;
1461 if (dlci->retries) {
1462 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1463 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1464 } else
1465 gsm_dlci_close(dlci);
1466 break;
1467 case DLCI_CLOSING:
1468 dlci->retries--;
1469 if (dlci->retries) {
1470 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1471 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1472 } else
1473 gsm_dlci_close(dlci);
1474 break;
1475 }
1476}
1477
1478/**
1479 * gsm_dlci_begin_open - start channel open procedure
1480 * @dlci: DLCI to open
1481 *
1482 * Commence opening a DLCI from the Linux side. We issue SABM messages
1483 * to the modem which should then reply with a UA, at which point we
1484 * will move into open state. Opening is done asynchronously with retry
1485 * running off timers and the responses.
1486 */
1487
1488static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1489{
1490 struct gsm_mux *gsm = dlci->gsm;
1491 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1492 return;
1493 dlci->retries = gsm->n2;
1494 dlci->state = DLCI_OPENING;
1495 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1496 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1497}
1498
1499/**
1500 * gsm_dlci_begin_close - start channel open procedure
1501 * @dlci: DLCI to open
1502 *
1503 * Commence closing a DLCI from the Linux side. We issue DISC messages
1504 * to the modem which should then reply with a UA, at which point we
1505 * will move into closed state. Closing is done asynchronously with retry
1506 * off timers. We may also receive a DM reply from the other end which
1507 * indicates the channel was already closed.
1508 */
1509
1510static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1511{
1512 struct gsm_mux *gsm = dlci->gsm;
1513 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1514 return;
1515 dlci->retries = gsm->n2;
1516 dlci->state = DLCI_CLOSING;
1517 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1518 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1519}
1520
1521/**
1522 * gsm_dlci_data - data arrived
1523 * @dlci: channel
1524 * @data: block of bytes received
1525 * @len: length of received block
1526 *
1527 * A UI or UIH frame has arrived which contains data for a channel
1528 * other than the control channel. If the relevant virtual tty is
1529 * open we shovel the bits down it, if not we drop them.
1530 */
1531
1532static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen)
1533{
1534 /* krefs .. */
1535 struct tty_port *port = &dlci->port;
1536 struct tty_struct *tty = tty_port_tty_get(port);
1537 unsigned int modem = 0;
1538 int len = clen;
1539
1540 if (debug & 16)
1541 pr_debug("%d bytes for tty %p\n", len, tty);
1542 if (tty) {
1543 switch (dlci->adaption) {
1544 /* Unsupported types */
1545 /* Packetised interruptible data */
1546 case 4:
1547 break;
1548 /* Packetised uininterruptible voice/data */
1549 case 3:
1550 break;
1551 /* Asynchronous serial with line state in each frame */
1552 case 2:
1553 while (gsm_read_ea(&modem, *data++) == 0) {
1554 len--;
1555 if (len == 0)
1556 return;
1557 }
1558 gsm_process_modem(tty, dlci, modem, clen);
1559 /* Line state will go via DLCI 0 controls only */
1560 case 1:
1561 default:
1562 tty_insert_flip_string(tty, data, len);
1563 tty_flip_buffer_push(tty);
1564 }
1565 tty_kref_put(tty);
1566 }
1567}
1568
1569/**
1570 * gsm_dlci_control - data arrived on control channel
1571 * @dlci: channel
1572 * @data: block of bytes received
1573 * @len: length of received block
1574 *
1575 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1576 * control channel. This should contain a command EA followed by
1577 * control data bytes. The command EA contains a command/response bit
1578 * and we divide up the work accordingly.
1579 */
1580
1581static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len)
1582{
1583 /* See what command is involved */
1584 unsigned int command = 0;
1585 while (len-- > 0) {
1586 if (gsm_read_ea(&command, *data++) == 1) {
1587 int clen = *data++;
1588 len--;
1589 /* FIXME: this is properly an EA */
1590 clen >>= 1;
1591 /* Malformed command ? */
1592 if (clen > len)
1593 return;
1594 if (command & 1)
1595 gsm_control_message(dlci->gsm, command,
1596 data, clen);
1597 else
1598 gsm_control_response(dlci->gsm, command,
1599 data, clen);
1600 return;
1601 }
1602 }
1603}
1604
1605/*
1606 * Allocate/Free DLCI channels
1607 */
1608
1609/**
1610 * gsm_dlci_alloc - allocate a DLCI
1611 * @gsm: GSM mux
1612 * @addr: address of the DLCI
1613 *
1614 * Allocate and install a new DLCI object into the GSM mux.
1615 *
1616 * FIXME: review locking races
1617 */
1618
1619static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1620{
1621 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1622 if (dlci == NULL)
1623 return NULL;
1624 spin_lock_init(&dlci->lock);
1625 kref_init(&dlci->ref);
1626 mutex_init(&dlci->mutex);
1627 dlci->fifo = &dlci->_fifo;
1628 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1629 kfree(dlci);
1630 return NULL;
1631 }
1632
1633 skb_queue_head_init(&dlci->skb_list);
1634 init_timer(&dlci->t1);
1635 dlci->t1.function = gsm_dlci_t1;
1636 dlci->t1.data = (unsigned long)dlci;
1637 tty_port_init(&dlci->port);
1638 dlci->port.ops = &gsm_port_ops;
1639 dlci->gsm = gsm;
1640 dlci->addr = addr;
1641 dlci->adaption = gsm->adaption;
1642 dlci->state = DLCI_CLOSED;
1643 if (addr)
1644 dlci->data = gsm_dlci_data;
1645 else
1646 dlci->data = gsm_dlci_command;
1647 gsm->dlci[addr] = dlci;
1648 return dlci;
1649}
1650
1651/**
1652 * gsm_dlci_free - free DLCI
1653 * @dlci: DLCI to free
1654 *
1655 * Free up a DLCI.
1656 *
1657 * Can sleep.
1658 */
1659static void gsm_dlci_free(struct kref *ref)
1660{
1661 struct gsm_dlci *dlci = container_of(ref, struct gsm_dlci, ref);
1662
1663 del_timer_sync(&dlci->t1);
1664 dlci->gsm->dlci[dlci->addr] = NULL;
1665 kfifo_free(dlci->fifo);
1666 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1667 kfree_skb(dlci->skb);
1668 kfree(dlci);
1669}
1670
1671static inline void dlci_get(struct gsm_dlci *dlci)
1672{
1673 kref_get(&dlci->ref);
1674}
1675
1676static inline void dlci_put(struct gsm_dlci *dlci)
1677{
1678 kref_put(&dlci->ref, gsm_dlci_free);
1679}
1680
1681/**
1682 * gsm_dlci_release - release DLCI
1683 * @dlci: DLCI to destroy
1684 *
1685 * Release a DLCI. Actual free is deferred until either
1686 * mux is closed or tty is closed - whichever is last.
1687 *
1688 * Can sleep.
1689 */
1690static void gsm_dlci_release(struct gsm_dlci *dlci)
1691{
1692 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1693 if (tty) {
1694 tty_vhangup(tty);
1695 tty_kref_put(tty);
1696 }
1697 dlci_put(dlci);
1698}
1699
1700/*
1701 * LAPBish link layer logic
1702 */
1703
1704/**
1705 * gsm_queue - a GSM frame is ready to process
1706 * @gsm: pointer to our gsm mux
1707 *
1708 * At this point in time a frame has arrived and been demangled from
1709 * the line encoding. All the differences between the encodings have
1710 * been handled below us and the frame is unpacked into the structures.
1711 * The fcs holds the header FCS but any data FCS must be added here.
1712 */
1713
1714static void gsm_queue(struct gsm_mux *gsm)
1715{
1716 struct gsm_dlci *dlci;
1717 u8 cr;
1718 int address;
1719 /* We have to sneak a look at the packet body to do the FCS.
1720 A somewhat layering violation in the spec */
1721
1722 if ((gsm->control & ~PF) == UI)
1723 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1724 if (gsm->encoding == 0){
1725 /* WARNING: gsm->received_fcs is used for gsm->encoding = 0 only.
1726 In this case it contain the last piece of data
1727 required to generate final CRC */
1728 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1729 }
1730 if (gsm->fcs != GOOD_FCS) {
1731 gsm->bad_fcs++;
1732 if (debug & 4)
1733 pr_debug("BAD FCS %02x\n", gsm->fcs);
1734 return;
1735 }
1736 address = gsm->address >> 1;
1737 if (address >= NUM_DLCI)
1738 goto invalid;
1739
1740 cr = gsm->address & 1; /* C/R bit */
1741
1742 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1743
1744 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1745 dlci = gsm->dlci[address];
1746
1747 switch (gsm->control) {
1748 case SABM|PF:
1749 if (cr == 0)
1750 goto invalid;
1751 if (dlci == NULL)
1752 dlci = gsm_dlci_alloc(gsm, address);
1753 if (dlci == NULL)
1754 return;
1755 if (dlci->dead)
1756 gsm_response(gsm, address, DM);
1757 else {
1758 gsm_response(gsm, address, UA);
1759 gsm_dlci_open(dlci);
1760 }
1761 break;
1762 case DISC|PF:
1763 if (cr == 0)
1764 goto invalid;
1765 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1766 gsm_response(gsm, address, DM);
1767 return;
1768 }
1769 /* Real close complete */
1770 gsm_response(gsm, address, UA);
1771 gsm_dlci_close(dlci);
1772 break;
1773 case UA:
1774 case UA|PF:
1775 if (cr == 0 || dlci == NULL)
1776 break;
1777 switch (dlci->state) {
1778 case DLCI_CLOSING:
1779 gsm_dlci_close(dlci);
1780 break;
1781 case DLCI_OPENING:
1782 gsm_dlci_open(dlci);
1783 break;
1784 }
1785 break;
1786 case DM: /* DM can be valid unsolicited */
1787 case DM|PF:
1788 if (cr)
1789 goto invalid;
1790 if (dlci == NULL)
1791 return;
1792 gsm_dlci_close(dlci);
1793 break;
1794 case UI:
1795 case UI|PF:
1796 case UIH:
1797 case UIH|PF:
1798#if 0
1799 if (cr)
1800 goto invalid;
1801#endif
1802 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1803 gsm_command(gsm, address, DM|PF);
1804 return;
1805 }
1806 dlci->data(dlci, gsm->buf, gsm->len);
1807 break;
1808 default:
1809 goto invalid;
1810 }
1811 return;
1812invalid:
1813 gsm->malformed++;
1814 return;
1815}
1816
1817
1818/**
1819 * gsm0_receive - perform processing for non-transparency
1820 * @gsm: gsm data for this ldisc instance
1821 * @c: character
1822 *
1823 * Receive bytes in gsm mode 0
1824 */
1825
1826static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1827{
1828 unsigned int len;
1829
1830 switch (gsm->state) {
1831 case GSM_SEARCH: /* SOF marker */
1832 if (c == GSM0_SOF) {
1833 gsm->state = GSM_ADDRESS;
1834 gsm->address = 0;
1835 gsm->len = 0;
1836 gsm->fcs = INIT_FCS;
1837 }
1838 break;
1839 case GSM_ADDRESS: /* Address EA */
1840 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1841 if (gsm_read_ea(&gsm->address, c))
1842 gsm->state = GSM_CONTROL;
1843 break;
1844 case GSM_CONTROL: /* Control Byte */
1845 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1846 gsm->control = c;
1847 gsm->state = GSM_LEN0;
1848 break;
1849 case GSM_LEN0: /* Length EA */
1850 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1851 if (gsm_read_ea(&gsm->len, c)) {
1852 if (gsm->len > gsm->mru) {
1853 gsm->bad_size++;
1854 gsm->state = GSM_SEARCH;
1855 break;
1856 }
1857 gsm->count = 0;
1858 if (!gsm->len)
1859 gsm->state = GSM_FCS;
1860 else
1861 gsm->state = GSM_DATA;
1862 break;
1863 }
1864 gsm->state = GSM_LEN1;
1865 break;
1866 case GSM_LEN1:
1867 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1868 len = c;
1869 gsm->len |= len << 7;
1870 if (gsm->len > gsm->mru) {
1871 gsm->bad_size++;
1872 gsm->state = GSM_SEARCH;
1873 break;
1874 }
1875 gsm->count = 0;
1876 if (!gsm->len)
1877 gsm->state = GSM_FCS;
1878 else
1879 gsm->state = GSM_DATA;
1880 break;
1881 case GSM_DATA: /* Data */
1882 gsm->buf[gsm->count++] = c;
1883 if (gsm->count == gsm->len)
1884 gsm->state = GSM_FCS;
1885 break;
1886 case GSM_FCS: /* FCS follows the packet */
1887 gsm->received_fcs = c;
1888 gsm_queue(gsm);
1889 gsm->state = GSM_SSOF;
1890 break;
1891 case GSM_SSOF:
1892 if (c == GSM0_SOF) {
1893 gsm->state = GSM_SEARCH;
1894 break;
1895 }
1896 break;
1897 }
1898}
1899
1900/**
1901 * gsm1_receive - perform processing for non-transparency
1902 * @gsm: gsm data for this ldisc instance
1903 * @c: character
1904 *
1905 * Receive bytes in mode 1 (Advanced option)
1906 */
1907
1908static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1909{
1910 if (c == GSM1_SOF) {
1911 /* EOF is only valid in frame if we have got to the data state
1912 and received at least one byte (the FCS) */
1913 if (gsm->state == GSM_DATA && gsm->count) {
1914 /* Extract the FCS */
1915 gsm->count--;
1916 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1917 gsm->len = gsm->count;
1918 gsm_queue(gsm);
1919 gsm->state = GSM_START;
1920 return;
1921 }
1922 /* Any partial frame was a runt so go back to start */
1923 if (gsm->state != GSM_START) {
1924 gsm->malformed++;
1925 gsm->state = GSM_START;
1926 }
1927 /* A SOF in GSM_START means we are still reading idling or
1928 framing bytes */
1929 return;
1930 }
1931
1932 if (c == GSM1_ESCAPE) {
1933 gsm->escape = 1;
1934 return;
1935 }
1936
1937 /* Only an unescaped SOF gets us out of GSM search */
1938 if (gsm->state == GSM_SEARCH)
1939 return;
1940
1941 if (gsm->escape) {
1942 c ^= GSM1_ESCAPE_BITS;
1943 gsm->escape = 0;
1944 }
1945 switch (gsm->state) {
1946 case GSM_START: /* First byte after SOF */
1947 gsm->address = 0;
1948 gsm->state = GSM_ADDRESS;
1949 gsm->fcs = INIT_FCS;
1950 /* Drop through */
1951 case GSM_ADDRESS: /* Address continuation */
1952 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1953 if (gsm_read_ea(&gsm->address, c))
1954 gsm->state = GSM_CONTROL;
1955 break;
1956 case GSM_CONTROL: /* Control Byte */
1957 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1958 gsm->control = c;
1959 gsm->count = 0;
1960 gsm->state = GSM_DATA;
1961 break;
1962 case GSM_DATA: /* Data */
1963 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
1964 gsm->state = GSM_OVERRUN;
1965 gsm->bad_size++;
1966 } else
1967 gsm->buf[gsm->count++] = c;
1968 break;
1969 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
1970 break;
1971 }
1972}
1973
1974/**
1975 * gsm_error - handle tty error
1976 * @gsm: ldisc data
1977 * @data: byte received (may be invalid)
1978 * @flag: error received
1979 *
1980 * Handle an error in the receipt of data for a frame. Currently we just
1981 * go back to hunting for a SOF.
1982 *
1983 * FIXME: better diagnostics ?
1984 */
1985
1986static void gsm_error(struct gsm_mux *gsm,
1987 unsigned char data, unsigned char flag)
1988{
1989 gsm->state = GSM_SEARCH;
1990 gsm->io_error++;
1991}
1992
1993/**
1994 * gsm_cleanup_mux - generic GSM protocol cleanup
1995 * @gsm: our mux
1996 *
1997 * Clean up the bits of the mux which are the same for all framing
1998 * protocols. Remove the mux from the mux table, stop all the timers
1999 * and then shut down each device hanging up the channels as we go.
2000 */
2001
2002void gsm_cleanup_mux(struct gsm_mux *gsm)
2003{
2004 int i;
2005 struct gsm_dlci *dlci = gsm->dlci[0];
2006 struct gsm_msg *txq;
2007
2008 gsm->dead = 1;
2009
2010 spin_lock(&gsm_mux_lock);
2011 for (i = 0; i < MAX_MUX; i++) {
2012 if (gsm_mux[i] == gsm) {
2013 gsm_mux[i] = NULL;
2014 break;
2015 }
2016 }
2017 spin_unlock(&gsm_mux_lock);
2018 WARN_ON(i == MAX_MUX);
2019
2020 del_timer_sync(&gsm->t2_timer);
2021 /* Now we are sure T2 has stopped */
2022 if (dlci) {
2023 dlci->dead = 1;
2024 gsm_dlci_begin_close(dlci);
2025 wait_event_interruptible(gsm->event,
2026 dlci->state == DLCI_CLOSED);
2027 }
2028 /* Free up any link layer users */
2029 for (i = 0; i < NUM_DLCI; i++)
2030 if (gsm->dlci[i])
2031 gsm_dlci_release(gsm->dlci[i]);
2032 /* Now wipe the queues */
2033 for (txq = gsm->tx_head; txq != NULL; txq = gsm->tx_head) {
2034 gsm->tx_head = txq->next;
2035 kfree(txq);
2036 }
2037 gsm->tx_tail = NULL;
2038}
2039EXPORT_SYMBOL_GPL(gsm_cleanup_mux);
2040
2041/**
2042 * gsm_activate_mux - generic GSM setup
2043 * @gsm: our mux
2044 *
2045 * Set up the bits of the mux which are the same for all framing
2046 * protocols. Add the mux to the mux table so it can be opened and
2047 * finally kick off connecting to DLCI 0 on the modem.
2048 */
2049
2050int gsm_activate_mux(struct gsm_mux *gsm)
2051{
2052 struct gsm_dlci *dlci;
2053 int i = 0;
2054
2055 init_timer(&gsm->t2_timer);
2056 gsm->t2_timer.function = gsm_control_retransmit;
2057 gsm->t2_timer.data = (unsigned long)gsm;
2058 init_waitqueue_head(&gsm->event);
2059 spin_lock_init(&gsm->control_lock);
2060 spin_lock_init(&gsm->tx_lock);
2061
2062 if (gsm->encoding == 0)
2063 gsm->receive = gsm0_receive;
2064 else
2065 gsm->receive = gsm1_receive;
2066 gsm->error = gsm_error;
2067
2068 spin_lock(&gsm_mux_lock);
2069 for (i = 0; i < MAX_MUX; i++) {
2070 if (gsm_mux[i] == NULL) {
2071 gsm->num = i;
2072 gsm_mux[i] = gsm;
2073 break;
2074 }
2075 }
2076 spin_unlock(&gsm_mux_lock);
2077 if (i == MAX_MUX)
2078 return -EBUSY;
2079
2080 dlci = gsm_dlci_alloc(gsm, 0);
2081 if (dlci == NULL)
2082 return -ENOMEM;
2083 gsm->dead = 0; /* Tty opens are now permissible */
2084 return 0;
2085}
2086EXPORT_SYMBOL_GPL(gsm_activate_mux);
2087
2088/**
2089 * gsm_free_mux - free up a mux
2090 * @mux: mux to free
2091 *
2092 * Dispose of allocated resources for a dead mux
2093 */
2094void gsm_free_mux(struct gsm_mux *gsm)
2095{
2096 kfree(gsm->txframe);
2097 kfree(gsm->buf);
2098 kfree(gsm);
2099}
2100EXPORT_SYMBOL_GPL(gsm_free_mux);
2101
2102/**
2103 * gsm_free_muxr - free up a mux
2104 * @mux: mux to free
2105 *
2106 * Dispose of allocated resources for a dead mux
2107 */
2108static void gsm_free_muxr(struct kref *ref)
2109{
2110 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2111 gsm_free_mux(gsm);
2112}
2113
2114static inline void mux_get(struct gsm_mux *gsm)
2115{
2116 kref_get(&gsm->ref);
2117}
2118
2119static inline void mux_put(struct gsm_mux *gsm)
2120{
2121 kref_put(&gsm->ref, gsm_free_muxr);
2122}
2123
2124/**
2125 * gsm_alloc_mux - allocate a mux
2126 *
2127 * Creates a new mux ready for activation.
2128 */
2129
2130struct gsm_mux *gsm_alloc_mux(void)
2131{
2132 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2133 if (gsm == NULL)
2134 return NULL;
2135 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2136 if (gsm->buf == NULL) {
2137 kfree(gsm);
2138 return NULL;
2139 }
2140 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2141 if (gsm->txframe == NULL) {
2142 kfree(gsm->buf);
2143 kfree(gsm);
2144 return NULL;
2145 }
2146 spin_lock_init(&gsm->lock);
2147 kref_init(&gsm->ref);
2148
2149 gsm->t1 = T1;
2150 gsm->t2 = T2;
2151 gsm->n2 = N2;
2152 gsm->ftype = UIH;
2153 gsm->adaption = 1;
2154 gsm->encoding = 1;
2155 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2156 gsm->mtu = 64;
2157 gsm->dead = 1; /* Avoid early tty opens */
2158
2159 return gsm;
2160}
2161EXPORT_SYMBOL_GPL(gsm_alloc_mux);
2162
2163/**
2164 * gsmld_output - write to link
2165 * @gsm: our mux
2166 * @data: bytes to output
2167 * @len: size
2168 *
2169 * Write a block of data from the GSM mux to the data channel. This
2170 * will eventually be serialized from above but at the moment isn't.
2171 */
2172
2173static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2174{
2175 if (tty_write_room(gsm->tty) < len) {
2176 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2177 return -ENOSPC;
2178 }
2179 if (debug & 4)
2180 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2181 data, len);
2182 gsm->tty->ops->write(gsm->tty, data, len);
2183 return len;
2184}
2185
2186/**
2187 * gsmld_attach_gsm - mode set up
2188 * @tty: our tty structure
2189 * @gsm: our mux
2190 *
2191 * Set up the MUX for basic mode and commence connecting to the
2192 * modem. Currently called from the line discipline set up but
2193 * will need moving to an ioctl path.
2194 */
2195
2196static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2197{
2198 int ret, i;
2199 int base = gsm->num << 6; /* Base for this MUX */
2200
2201 gsm->tty = tty_kref_get(tty);
2202 gsm->output = gsmld_output;
2203 ret = gsm_activate_mux(gsm);
2204 if (ret != 0)
2205 tty_kref_put(gsm->tty);
2206 else {
2207 /* Don't register device 0 - this is the control channel and not
2208 a usable tty interface */
2209 for (i = 1; i < NUM_DLCI; i++)
2210 tty_register_device(gsm_tty_driver, base + i, NULL);
2211 }
2212 return ret;
2213}
2214
2215
2216/**
2217 * gsmld_detach_gsm - stop doing 0710 mux
2218 * @tty: tty attached to the mux
2219 * @gsm: mux
2220 *
2221 * Shutdown and then clean up the resources used by the line discipline
2222 */
2223
2224static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2225{
2226 int i;
2227 int base = gsm->num << 6; /* Base for this MUX */
2228
2229 WARN_ON(tty != gsm->tty);
2230 for (i = 1; i < NUM_DLCI; i++)
2231 tty_unregister_device(gsm_tty_driver, base + i);
2232 gsm_cleanup_mux(gsm);
2233 tty_kref_put(gsm->tty);
2234 gsm->tty = NULL;
2235}
2236
2237static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2238 char *fp, int count)
2239{
2240 struct gsm_mux *gsm = tty->disc_data;
2241 const unsigned char *dp;
2242 char *f;
2243 int i;
2244 char buf[64];
2245 char flags;
2246
2247 if (debug & 4)
2248 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2249 cp, count);
2250
2251 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2252 flags = *f++;
2253 switch (flags) {
2254 case TTY_NORMAL:
2255 gsm->receive(gsm, *dp);
2256 break;
2257 case TTY_OVERRUN:
2258 case TTY_BREAK:
2259 case TTY_PARITY:
2260 case TTY_FRAME:
2261 gsm->error(gsm, *dp, flags);
2262 break;
2263 default:
2264 WARN_ONCE("%s: unknown flag %d\n",
2265 tty_name(tty, buf), flags);
2266 break;
2267 }
2268 }
2269 /* FASYNC if needed ? */
2270 /* If clogged call tty_throttle(tty); */
2271}
2272
2273/**
2274 * gsmld_chars_in_buffer - report available bytes
2275 * @tty: tty device
2276 *
2277 * Report the number of characters buffered to be delivered to user
2278 * at this instant in time.
2279 *
2280 * Locking: gsm lock
2281 */
2282
2283static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty)
2284{
2285 return 0;
2286}
2287
2288/**
2289 * gsmld_flush_buffer - clean input queue
2290 * @tty: terminal device
2291 *
2292 * Flush the input buffer. Called when the line discipline is
2293 * being closed, when the tty layer wants the buffer flushed (eg
2294 * at hangup).
2295 */
2296
2297static void gsmld_flush_buffer(struct tty_struct *tty)
2298{
2299}
2300
2301/**
2302 * gsmld_close - close the ldisc for this tty
2303 * @tty: device
2304 *
2305 * Called from the terminal layer when this line discipline is
2306 * being shut down, either because of a close or becsuse of a
2307 * discipline change. The function will not be called while other
2308 * ldisc methods are in progress.
2309 */
2310
2311static void gsmld_close(struct tty_struct *tty)
2312{
2313 struct gsm_mux *gsm = tty->disc_data;
2314
2315 gsmld_detach_gsm(tty, gsm);
2316
2317 gsmld_flush_buffer(tty);
2318 /* Do other clean up here */
2319 mux_put(gsm);
2320}
2321
2322/**
2323 * gsmld_open - open an ldisc
2324 * @tty: terminal to open
2325 *
2326 * Called when this line discipline is being attached to the
2327 * terminal device. Can sleep. Called serialized so that no
2328 * other events will occur in parallel. No further open will occur
2329 * until a close.
2330 */
2331
2332static int gsmld_open(struct tty_struct *tty)
2333{
2334 struct gsm_mux *gsm;
2335
2336 if (tty->ops->write == NULL)
2337 return -EINVAL;
2338
2339 /* Attach our ldisc data */
2340 gsm = gsm_alloc_mux();
2341 if (gsm == NULL)
2342 return -ENOMEM;
2343
2344 tty->disc_data = gsm;
2345 tty->receive_room = 65536;
2346
2347 /* Attach the initial passive connection */
2348 gsm->encoding = 1;
2349 return gsmld_attach_gsm(tty, gsm);
2350}
2351
2352/**
2353 * gsmld_write_wakeup - asynchronous I/O notifier
2354 * @tty: tty device
2355 *
2356 * Required for the ptys, serial driver etc. since processes
2357 * that attach themselves to the master and rely on ASYNC
2358 * IO must be woken up
2359 */
2360
2361static void gsmld_write_wakeup(struct tty_struct *tty)
2362{
2363 struct gsm_mux *gsm = tty->disc_data;
2364 unsigned long flags;
2365
2366 /* Queue poll */
2367 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2368 gsm_data_kick(gsm);
2369 if (gsm->tx_bytes < TX_THRESH_LO) {
2370 spin_lock_irqsave(&gsm->tx_lock, flags);
2371 gsm_dlci_data_sweep(gsm);
2372 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2373 }
2374}
2375
2376/**
2377 * gsmld_read - read function for tty
2378 * @tty: tty device
2379 * @file: file object
2380 * @buf: userspace buffer pointer
2381 * @nr: size of I/O
2382 *
2383 * Perform reads for the line discipline. We are guaranteed that the
2384 * line discipline will not be closed under us but we may get multiple
2385 * parallel readers and must handle this ourselves. We may also get
2386 * a hangup. Always called in user context, may sleep.
2387 *
2388 * This code must be sure never to sleep through a hangup.
2389 */
2390
2391static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2392 unsigned char __user *buf, size_t nr)
2393{
2394 return -EOPNOTSUPP;
2395}
2396
2397/**
2398 * gsmld_write - write function for tty
2399 * @tty: tty device
2400 * @file: file object
2401 * @buf: userspace buffer pointer
2402 * @nr: size of I/O
2403 *
2404 * Called when the owner of the device wants to send a frame
2405 * itself (or some other control data). The data is transferred
2406 * as-is and must be properly framed and checksummed as appropriate
2407 * by userspace. Frames are either sent whole or not at all as this
2408 * avoids pain user side.
2409 */
2410
2411static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2412 const unsigned char *buf, size_t nr)
2413{
2414 int space = tty_write_room(tty);
2415 if (space >= nr)
2416 return tty->ops->write(tty, buf, nr);
2417 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2418 return -ENOBUFS;
2419}
2420
2421/**
2422 * gsmld_poll - poll method for N_GSM0710
2423 * @tty: terminal device
2424 * @file: file accessing it
2425 * @wait: poll table
2426 *
2427 * Called when the line discipline is asked to poll() for data or
2428 * for special events. This code is not serialized with respect to
2429 * other events save open/close.
2430 *
2431 * This code must be sure never to sleep through a hangup.
2432 * Called without the kernel lock held - fine
2433 */
2434
2435static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file,
2436 poll_table *wait)
2437{
2438 unsigned int mask = 0;
2439 struct gsm_mux *gsm = tty->disc_data;
2440
2441 poll_wait(file, &tty->read_wait, wait);
2442 poll_wait(file, &tty->write_wait, wait);
2443 if (tty_hung_up_p(file))
2444 mask |= POLLHUP;
2445 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2446 mask |= POLLOUT | POLLWRNORM;
2447 if (gsm->dead)
2448 mask |= POLLHUP;
2449 return mask;
2450}
2451
2452static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm,
2453 struct gsm_config *c)
2454{
2455 int need_close = 0;
2456 int need_restart = 0;
2457
2458 /* Stuff we don't support yet - UI or I frame transport, windowing */
2459 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2460 return -EOPNOTSUPP;
2461 /* Check the MRU/MTU range looks sane */
2462 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2463 return -EINVAL;
2464 if (c->n2 < 3)
2465 return -EINVAL;
2466 if (c->encapsulation > 1) /* Basic, advanced, no I */
2467 return -EINVAL;
2468 if (c->initiator > 1)
2469 return -EINVAL;
2470 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2471 return -EINVAL;
2472 /*
2473 * See what is needed for reconfiguration
2474 */
2475
2476 /* Timing fields */
2477 if (c->t1 != 0 && c->t1 != gsm->t1)
2478 need_restart = 1;
2479 if (c->t2 != 0 && c->t2 != gsm->t2)
2480 need_restart = 1;
2481 if (c->encapsulation != gsm->encoding)
2482 need_restart = 1;
2483 if (c->adaption != gsm->adaption)
2484 need_restart = 1;
2485 /* Requires care */
2486 if (c->initiator != gsm->initiator)
2487 need_close = 1;
2488 if (c->mru != gsm->mru)
2489 need_restart = 1;
2490 if (c->mtu != gsm->mtu)
2491 need_restart = 1;
2492
2493 /*
2494 * Close down what is needed, restart and initiate the new
2495 * configuration
2496 */
2497
2498 if (need_close || need_restart) {
2499 gsm_dlci_begin_close(gsm->dlci[0]);
2500 /* This will timeout if the link is down due to N2 expiring */
2501 wait_event_interruptible(gsm->event,
2502 gsm->dlci[0]->state == DLCI_CLOSED);
2503 if (signal_pending(current))
2504 return -EINTR;
2505 }
2506 if (need_restart)
2507 gsm_cleanup_mux(gsm);
2508
2509 gsm->initiator = c->initiator;
2510 gsm->mru = c->mru;
2511 gsm->mtu = c->mtu;
2512 gsm->encoding = c->encapsulation;
2513 gsm->adaption = c->adaption;
2514 gsm->n2 = c->n2;
2515
2516 if (c->i == 1)
2517 gsm->ftype = UIH;
2518 else if (c->i == 2)
2519 gsm->ftype = UI;
2520
2521 if (c->t1)
2522 gsm->t1 = c->t1;
2523 if (c->t2)
2524 gsm->t2 = c->t2;
2525
2526 /* FIXME: We need to separate activation/deactivation from adding
2527 and removing from the mux array */
2528 if (need_restart)
2529 gsm_activate_mux(gsm);
2530 if (gsm->initiator && need_close)
2531 gsm_dlci_begin_open(gsm->dlci[0]);
2532 return 0;
2533}
2534
2535static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2536 unsigned int cmd, unsigned long arg)
2537{
2538 struct gsm_config c;
2539 struct gsm_mux *gsm = tty->disc_data;
2540
2541 switch (cmd) {
2542 case GSMIOC_GETCONF:
2543 memset(&c, 0, sizeof(c));
2544 c.adaption = gsm->adaption;
2545 c.encapsulation = gsm->encoding;
2546 c.initiator = gsm->initiator;
2547 c.t1 = gsm->t1;
2548 c.t2 = gsm->t2;
2549 c.t3 = 0; /* Not supported */
2550 c.n2 = gsm->n2;
2551 if (gsm->ftype == UIH)
2552 c.i = 1;
2553 else
2554 c.i = 2;
2555 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i);
2556 c.mru = gsm->mru;
2557 c.mtu = gsm->mtu;
2558 c.k = 0;
2559 if (copy_to_user((void *)arg, &c, sizeof(c)))
2560 return -EFAULT;
2561 return 0;
2562 case GSMIOC_SETCONF:
2563 if (copy_from_user(&c, (void *)arg, sizeof(c)))
2564 return -EFAULT;
2565 return gsmld_config(tty, gsm, &c);
2566 default:
2567 return n_tty_ioctl_helper(tty, file, cmd, arg);
2568 }
2569}
2570
2571/*
2572 * Network interface
2573 *
2574 */
2575
2576static int gsm_mux_net_open(struct net_device *net)
2577{
2578 pr_debug("%s called\n", __func__);
2579 netif_start_queue(net);
2580 return 0;
2581}
2582
2583static int gsm_mux_net_close(struct net_device *net)
2584{
2585 netif_stop_queue(net);
2586 return 0;
2587}
2588
2589static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net)
2590{
2591 return &((struct gsm_mux_net *)netdev_priv(net))->stats;
2592}
2593static void dlci_net_free(struct gsm_dlci *dlci)
2594{
2595 if (!dlci->net) {
2596 WARN_ON(1);
2597 return;
2598 }
2599 dlci->adaption = dlci->prev_adaption;
2600 dlci->data = dlci->prev_data;
2601 free_netdev(dlci->net);
2602 dlci->net = NULL;
2603}
2604static void net_free(struct kref *ref)
2605{
2606 struct gsm_mux_net *mux_net;
2607 struct gsm_dlci *dlci;
2608
2609 mux_net = container_of(ref, struct gsm_mux_net, ref);
2610 dlci = mux_net->dlci;
2611
2612 if (dlci->net) {
2613 unregister_netdev(dlci->net);
2614 dlci_net_free(dlci);
2615 }
2616}
2617
2618static inline void muxnet_get(struct gsm_mux_net *mux_net)
2619{
2620 kref_get(&mux_net->ref);
2621}
2622
2623static inline void muxnet_put(struct gsm_mux_net *mux_net)
2624{
2625 kref_put(&mux_net->ref, net_free);
2626}
2627
2628static int gsm_mux_net_start_xmit(struct sk_buff *skb,
2629 struct net_device *net)
2630{
2631 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2632 struct gsm_dlci *dlci = mux_net->dlci;
2633 muxnet_get(mux_net);
2634
2635 skb_queue_head(&dlci->skb_list, skb);
2636 STATS(net).tx_packets++;
2637 STATS(net).tx_bytes += skb->len;
2638 gsm_dlci_data_kick(dlci);
2639 /* And tell the kernel when the last transmit started. */
2640 net->trans_start = jiffies;
2641 muxnet_put(mux_net);
2642 return NETDEV_TX_OK;
2643}
2644
2645/* called when a packet did not ack after watchdogtimeout */
2646static void gsm_mux_net_tx_timeout(struct net_device *net)
2647{
2648 /* Tell syslog we are hosed. */
2649 dev_dbg(&net->dev, "Tx timed out.\n");
2650
2651 /* Update statistics */
2652 STATS(net).tx_errors++;
2653}
2654
2655static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2656 unsigned char *in_buf, int size)
2657{
2658 struct net_device *net = dlci->net;
2659 struct sk_buff *skb;
2660 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2661 muxnet_get(mux_net);
2662
2663 /* Allocate an sk_buff */
2664 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2665 if (!skb) {
2666 /* We got no receive buffer. */
2667 STATS(net).rx_dropped++;
2668 muxnet_put(mux_net);
2669 return;
2670 }
2671 skb_reserve(skb, NET_IP_ALIGN);
2672 memcpy(skb_put(skb, size), in_buf, size);
2673
2674 skb->dev = net;
2675 skb->protocol = __constant_htons(ETH_P_IP);
2676
2677 /* Ship it off to the kernel */
2678 netif_rx(skb);
2679
2680 /* update out statistics */
2681 STATS(net).rx_packets++;
2682 STATS(net).rx_bytes += size;
2683 muxnet_put(mux_net);
2684 return;
2685}
2686
2687int gsm_change_mtu(struct net_device *net, int new_mtu)
2688{
2689 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2690 if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu))
2691 return -EINVAL;
2692 net->mtu = new_mtu;
2693 return 0;
2694}
2695
2696static void gsm_mux_net_init(struct net_device *net)
2697{
2698 static const struct net_device_ops gsm_netdev_ops = {
2699 .ndo_open = gsm_mux_net_open,
2700 .ndo_stop = gsm_mux_net_close,
2701 .ndo_start_xmit = gsm_mux_net_start_xmit,
2702 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2703 .ndo_get_stats = gsm_mux_net_get_stats,
2704 .ndo_change_mtu = gsm_change_mtu,
2705 };
2706
2707 net->netdev_ops = &gsm_netdev_ops;
2708
2709 /* fill in the other fields */
2710 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2711 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2712 net->type = ARPHRD_NONE;
2713 net->tx_queue_len = 10;
2714}
2715
2716
2717/* caller holds the dlci mutex */
2718static void gsm_destroy_network(struct gsm_dlci *dlci)
2719{
2720 struct gsm_mux_net *mux_net;
2721
2722 pr_debug("destroy network interface");
2723 if (!dlci->net)
2724 return;
2725 mux_net = (struct gsm_mux_net *)netdev_priv(dlci->net);
2726 muxnet_put(mux_net);
2727}
2728
2729
2730/* caller holds the dlci mutex */
2731static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2732{
2733 char *netname;
2734 int retval = 0;
2735 struct net_device *net;
2736 struct gsm_mux_net *mux_net;
2737
2738 if (!capable(CAP_NET_ADMIN))
2739 return -EPERM;
2740
2741 /* Already in a non tty mode */
2742 if (dlci->adaption > 2)
2743 return -EBUSY;
2744
2745 if (nc->protocol != htons(ETH_P_IP))
2746 return -EPROTONOSUPPORT;
2747
2748 if (nc->adaption != 3 && nc->adaption != 4)
2749 return -EPROTONOSUPPORT;
2750
2751 pr_debug("create network interface");
2752
2753 netname = "gsm%d";
2754 if (nc->if_name[0] != '\0')
2755 netname = nc->if_name;
2756 net = alloc_netdev(sizeof(struct gsm_mux_net),
2757 netname,
2758 gsm_mux_net_init);
2759 if (!net) {
2760 pr_err("alloc_netdev failed");
2761 return -ENOMEM;
2762 }
2763 net->mtu = dlci->gsm->mtu;
2764 mux_net = (struct gsm_mux_net *)netdev_priv(net);
2765 mux_net->dlci = dlci;
2766 kref_init(&mux_net->ref);
2767 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2768
2769 /* reconfigure dlci for network */
2770 dlci->prev_adaption = dlci->adaption;
2771 dlci->prev_data = dlci->data;
2772 dlci->adaption = nc->adaption;
2773 dlci->data = gsm_mux_rx_netchar;
2774 dlci->net = net;
2775
2776 pr_debug("register netdev");
2777 retval = register_netdev(net);
2778 if (retval) {
2779 pr_err("network register fail %d\n", retval);
2780 dlci_net_free(dlci);
2781 return retval;
2782 }
2783 return net->ifindex; /* return network index */
2784}
2785
2786/* Line discipline for real tty */
2787struct tty_ldisc_ops tty_ldisc_packet = {
2788 .owner = THIS_MODULE,
2789 .magic = TTY_LDISC_MAGIC,
2790 .name = "n_gsm",
2791 .open = gsmld_open,
2792 .close = gsmld_close,
2793 .flush_buffer = gsmld_flush_buffer,
2794 .chars_in_buffer = gsmld_chars_in_buffer,
2795 .read = gsmld_read,
2796 .write = gsmld_write,
2797 .ioctl = gsmld_ioctl,
2798 .poll = gsmld_poll,
2799 .receive_buf = gsmld_receive_buf,
2800 .write_wakeup = gsmld_write_wakeup
2801};
2802
2803/*
2804 * Virtual tty side
2805 */
2806
2807#define TX_SIZE 512
2808
2809static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2810{
2811 u8 modembits[5];
2812 struct gsm_control *ctrl;
2813 int len = 2;
2814
2815 if (brk)
2816 len++;
2817
2818 modembits[0] = len << 1 | EA; /* Data bytes */
2819 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2820 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2821 if (brk)
2822 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2823 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2824 if (ctrl == NULL)
2825 return -ENOMEM;
2826 return gsm_control_wait(dlci->gsm, ctrl);
2827}
2828
2829static int gsm_carrier_raised(struct tty_port *port)
2830{
2831 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2832 /* Not yet open so no carrier info */
2833 if (dlci->state != DLCI_OPEN)
2834 return 0;
2835 if (debug & 2)
2836 return 1;
2837 return dlci->modem_rx & TIOCM_CD;
2838}
2839
2840static void gsm_dtr_rts(struct tty_port *port, int onoff)
2841{
2842 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2843 unsigned int modem_tx = dlci->modem_tx;
2844 if (onoff)
2845 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2846 else
2847 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2848 if (modem_tx != dlci->modem_tx) {
2849 dlci->modem_tx = modem_tx;
2850 gsmtty_modem_update(dlci, 0);
2851 }
2852}
2853
2854static const struct tty_port_operations gsm_port_ops = {
2855 .carrier_raised = gsm_carrier_raised,
2856 .dtr_rts = gsm_dtr_rts,
2857};
2858
2859
2860static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2861{
2862 struct gsm_mux *gsm;
2863 struct gsm_dlci *dlci;
2864 struct tty_port *port;
2865 unsigned int line = tty->index;
2866 unsigned int mux = line >> 6;
2867
2868 line = line & 0x3F;
2869
2870 if (mux >= MAX_MUX)
2871 return -ENXIO;
2872 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2873 if (gsm_mux[mux] == NULL)
2874 return -EUNATCH;
2875 if (line == 0 || line > 61) /* 62/63 reserved */
2876 return -ECHRNG;
2877 gsm = gsm_mux[mux];
2878 if (gsm->dead)
2879 return -EL2HLT;
2880 dlci = gsm->dlci[line];
2881 if (dlci == NULL)
2882 dlci = gsm_dlci_alloc(gsm, line);
2883 if (dlci == NULL)
2884 return -ENOMEM;
2885 port = &dlci->port;
2886 port->count++;
2887 tty->driver_data = dlci;
2888 dlci_get(dlci);
2889 dlci_get(dlci->gsm->dlci[0]);
2890 mux_get(dlci->gsm);
2891 tty_port_tty_set(port, tty);
2892
2893 dlci->modem_rx = 0;
2894 /* We could in theory open and close before we wait - eg if we get
2895 a DM straight back. This is ok as that will have caused a hangup */
2896 set_bit(ASYNCB_INITIALIZED, &port->flags);
2897 /* Start sending off SABM messages */
2898 gsm_dlci_begin_open(dlci);
2899 /* And wait for virtual carrier */
2900 return tty_port_block_til_ready(port, tty, filp);
2901}
2902
2903static void gsmtty_close(struct tty_struct *tty, struct file *filp)
2904{
2905 struct gsm_dlci *dlci = tty->driver_data;
2906 struct gsm_mux *gsm;
2907
2908 if (dlci == NULL)
2909 return;
2910 mutex_lock(&dlci->mutex);
2911 gsm_destroy_network(dlci);
2912 mutex_unlock(&dlci->mutex);
2913 gsm = dlci->gsm;
2914 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
2915 goto out;
2916 gsm_dlci_begin_close(dlci);
2917 tty_port_close_end(&dlci->port, tty);
2918 tty_port_tty_set(&dlci->port, NULL);
2919out:
2920 dlci_put(dlci);
2921 dlci_put(gsm->dlci[0]);
2922 mux_put(gsm);
2923}
2924
2925static void gsmtty_hangup(struct tty_struct *tty)
2926{
2927 struct gsm_dlci *dlci = tty->driver_data;
2928 tty_port_hangup(&dlci->port);
2929 gsm_dlci_begin_close(dlci);
2930}
2931
2932static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
2933 int len)
2934{
2935 struct gsm_dlci *dlci = tty->driver_data;
2936 /* Stuff the bytes into the fifo queue */
2937 int sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
2938 /* Need to kick the channel */
2939 gsm_dlci_data_kick(dlci);
2940 return sent;
2941}
2942
2943static int gsmtty_write_room(struct tty_struct *tty)
2944{
2945 struct gsm_dlci *dlci = tty->driver_data;
2946 return TX_SIZE - kfifo_len(dlci->fifo);
2947}
2948
2949static int gsmtty_chars_in_buffer(struct tty_struct *tty)
2950{
2951 struct gsm_dlci *dlci = tty->driver_data;
2952 return kfifo_len(dlci->fifo);
2953}
2954
2955static void gsmtty_flush_buffer(struct tty_struct *tty)
2956{
2957 struct gsm_dlci *dlci = tty->driver_data;
2958 /* Caution needed: If we implement reliable transport classes
2959 then the data being transmitted can't simply be junked once
2960 it has first hit the stack. Until then we can just blow it
2961 away */
2962 kfifo_reset(dlci->fifo);
2963 /* Need to unhook this DLCI from the transmit queue logic */
2964}
2965
2966static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
2967{
2968 /* The FIFO handles the queue so the kernel will do the right
2969 thing waiting on chars_in_buffer before calling us. No work
2970 to do here */
2971}
2972
2973static int gsmtty_tiocmget(struct tty_struct *tty)
2974{
2975 struct gsm_dlci *dlci = tty->driver_data;
2976 return dlci->modem_rx;
2977}
2978
2979static int gsmtty_tiocmset(struct tty_struct *tty,
2980 unsigned int set, unsigned int clear)
2981{
2982 struct gsm_dlci *dlci = tty->driver_data;
2983 unsigned int modem_tx = dlci->modem_tx;
2984
2985 modem_tx &= clear;
2986 modem_tx |= set;
2987
2988 if (modem_tx != dlci->modem_tx) {
2989 dlci->modem_tx = modem_tx;
2990 return gsmtty_modem_update(dlci, 0);
2991 }
2992 return 0;
2993}
2994
2995
2996static int gsmtty_ioctl(struct tty_struct *tty,
2997 unsigned int cmd, unsigned long arg)
2998{
2999 struct gsm_dlci *dlci = tty->driver_data;
3000 struct gsm_netconfig nc;
3001 int index;
3002
3003 switch (cmd) {
3004 case GSMIOC_ENABLE_NET:
3005 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3006 return -EFAULT;
3007 nc.if_name[IFNAMSIZ-1] = '\0';
3008 /* return net interface index or error code */
3009 mutex_lock(&dlci->mutex);
3010 index = gsm_create_network(dlci, &nc);
3011 mutex_unlock(&dlci->mutex);
3012 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3013 return -EFAULT;
3014 return index;
3015 case GSMIOC_DISABLE_NET:
3016 if (!capable(CAP_NET_ADMIN))
3017 return -EPERM;
3018 mutex_lock(&dlci->mutex);
3019 gsm_destroy_network(dlci);
3020 mutex_unlock(&dlci->mutex);
3021 return 0;
3022 default:
3023 return -ENOIOCTLCMD;
3024 }
3025}
3026
3027static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3028{
3029 /* For the moment its fixed. In actual fact the speed information
3030 for the virtual channel can be propogated in both directions by
3031 the RPN control message. This however rapidly gets nasty as we
3032 then have to remap modem signals each way according to whether
3033 our virtual cable is null modem etc .. */
3034 tty_termios_copy_hw(tty->termios, old);
3035}
3036
3037static void gsmtty_throttle(struct tty_struct *tty)
3038{
3039 struct gsm_dlci *dlci = tty->driver_data;
3040 if (tty->termios->c_cflag & CRTSCTS)
3041 dlci->modem_tx &= ~TIOCM_DTR;
3042 dlci->throttled = 1;
3043 /* Send an MSC with DTR cleared */
3044 gsmtty_modem_update(dlci, 0);
3045}
3046
3047static void gsmtty_unthrottle(struct tty_struct *tty)
3048{
3049 struct gsm_dlci *dlci = tty->driver_data;
3050 if (tty->termios->c_cflag & CRTSCTS)
3051 dlci->modem_tx |= TIOCM_DTR;
3052 dlci->throttled = 0;
3053 /* Send an MSC with DTR set */
3054 gsmtty_modem_update(dlci, 0);
3055}
3056
3057static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3058{
3059 struct gsm_dlci *dlci = tty->driver_data;
3060 int encode = 0; /* Off */
3061
3062 if (state == -1) /* "On indefinitely" - we can't encode this
3063 properly */
3064 encode = 0x0F;
3065 else if (state > 0) {
3066 encode = state / 200; /* mS to encoding */
3067 if (encode > 0x0F)
3068 encode = 0x0F; /* Best effort */
3069 }
3070 return gsmtty_modem_update(dlci, encode);
3071}
3072
3073
3074/* Virtual ttys for the demux */
3075static const struct tty_operations gsmtty_ops = {
3076 .open = gsmtty_open,
3077 .close = gsmtty_close,
3078 .write = gsmtty_write,
3079 .write_room = gsmtty_write_room,
3080 .chars_in_buffer = gsmtty_chars_in_buffer,
3081 .flush_buffer = gsmtty_flush_buffer,
3082 .ioctl = gsmtty_ioctl,
3083 .throttle = gsmtty_throttle,
3084 .unthrottle = gsmtty_unthrottle,
3085 .set_termios = gsmtty_set_termios,
3086 .hangup = gsmtty_hangup,
3087 .wait_until_sent = gsmtty_wait_until_sent,
3088 .tiocmget = gsmtty_tiocmget,
3089 .tiocmset = gsmtty_tiocmset,
3090 .break_ctl = gsmtty_break_ctl,
3091};
3092
3093
3094
3095static int __init gsm_init(void)
3096{
3097 /* Fill in our line protocol discipline, and register it */
3098 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3099 if (status != 0) {
3100 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3101 status);
3102 return status;
3103 }
3104
3105 gsm_tty_driver = alloc_tty_driver(256);
3106 if (!gsm_tty_driver) {
3107 tty_unregister_ldisc(N_GSM0710);
3108 pr_err("gsm_init: tty allocation failed.\n");
3109 return -EINVAL;
3110 }
3111 gsm_tty_driver->owner = THIS_MODULE;
3112 gsm_tty_driver->driver_name = "gsmtty";
3113 gsm_tty_driver->name = "gsmtty";
3114 gsm_tty_driver->major = 0; /* Dynamic */
3115 gsm_tty_driver->minor_start = 0;
3116 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3117 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3118 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3119 | TTY_DRIVER_HARDWARE_BREAK;
3120 gsm_tty_driver->init_termios = tty_std_termios;
3121 /* Fixme */
3122 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3123 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3124
3125 spin_lock_init(&gsm_mux_lock);
3126
3127 if (tty_register_driver(gsm_tty_driver)) {
3128 put_tty_driver(gsm_tty_driver);
3129 tty_unregister_ldisc(N_GSM0710);
3130 pr_err("gsm_init: tty registration failed.\n");
3131 return -EBUSY;
3132 }
3133 pr_debug("gsm_init: loaded as %d,%d.\n",
3134 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3135 return 0;
3136}
3137
3138static void __exit gsm_exit(void)
3139{
3140 int status = tty_unregister_ldisc(N_GSM0710);
3141 if (status != 0)
3142 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3143 status);
3144 tty_unregister_driver(gsm_tty_driver);
3145 put_tty_driver(gsm_tty_driver);
3146}
3147
3148module_init(gsm_init);
3149module_exit(gsm_exit);
3150
3151
3152MODULE_LICENSE("GPL");
3153MODULE_ALIAS_LDISC(N_GSM0710);
1/*
2 * n_gsm.c GSM 0710 tty multiplexor
3 * Copyright (c) 2009/10 Intel Corporation
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17 *
18 * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
19 *
20 * TO DO:
21 * Mostly done: ioctls for setting modes/timing
22 * Partly done: hooks so you can pull off frames to non tty devs
23 * Restart DLCI 0 when it closes ?
24 * Improve the tx engine
25 * Resolve tx side locking by adding a queue_head and routing
26 * all control traffic via it
27 * General tidy/document
28 * Review the locking/move to refcounts more (mux now moved to an
29 * alloc/free model ready)
30 * Use newest tty open/close port helpers and install hooks
31 * What to do about power functions ?
32 * Termios setting and negotiation
33 * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
34 *
35 */
36
37#include <linux/types.h>
38#include <linux/major.h>
39#include <linux/errno.h>
40#include <linux/signal.h>
41#include <linux/fcntl.h>
42#include <linux/sched.h>
43#include <linux/interrupt.h>
44#include <linux/tty.h>
45#include <linux/ctype.h>
46#include <linux/mm.h>
47#include <linux/string.h>
48#include <linux/slab.h>
49#include <linux/poll.h>
50#include <linux/bitops.h>
51#include <linux/file.h>
52#include <linux/uaccess.h>
53#include <linux/module.h>
54#include <linux/timer.h>
55#include <linux/tty_flip.h>
56#include <linux/tty_driver.h>
57#include <linux/serial.h>
58#include <linux/kfifo.h>
59#include <linux/skbuff.h>
60#include <net/arp.h>
61#include <linux/ip.h>
62#include <linux/netdevice.h>
63#include <linux/etherdevice.h>
64#include <linux/gsmmux.h>
65
66static int debug;
67module_param(debug, int, 0600);
68
69/* Defaults: these are from the specification */
70
71#define T1 10 /* 100mS */
72#define T2 34 /* 333mS */
73#define N2 3 /* Retry 3 times */
74
75/* Use long timers for testing at low speed with debug on */
76#ifdef DEBUG_TIMING
77#define T1 100
78#define T2 200
79#endif
80
81/*
82 * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
83 * limits so this is plenty
84 */
85#define MAX_MRU 1500
86#define MAX_MTU 1500
87#define GSM_NET_TX_TIMEOUT (HZ*10)
88
89/**
90 * struct gsm_mux_net - network interface
91 * @struct gsm_dlci* dlci
92 * @struct net_device_stats stats;
93 *
94 * Created when net interface is initialized.
95 **/
96struct gsm_mux_net {
97 struct kref ref;
98 struct gsm_dlci *dlci;
99 struct net_device_stats stats;
100};
101
102#define STATS(net) (((struct gsm_mux_net *)netdev_priv(net))->stats)
103
104/*
105 * Each block of data we have queued to go out is in the form of
106 * a gsm_msg which holds everything we need in a link layer independent
107 * format
108 */
109
110struct gsm_msg {
111 struct gsm_msg *next;
112 u8 addr; /* DLCI address + flags */
113 u8 ctrl; /* Control byte + flags */
114 unsigned int len; /* Length of data block (can be zero) */
115 unsigned char *data; /* Points into buffer but not at the start */
116 unsigned char buffer[0];
117};
118
119/*
120 * Each active data link has a gsm_dlci structure associated which ties
121 * the link layer to an optional tty (if the tty side is open). To avoid
122 * complexity right now these are only ever freed up when the mux is
123 * shut down.
124 *
125 * At the moment we don't free DLCI objects until the mux is torn down
126 * this avoid object life time issues but might be worth review later.
127 */
128
129struct gsm_dlci {
130 struct gsm_mux *gsm;
131 int addr;
132 int state;
133#define DLCI_CLOSED 0
134#define DLCI_OPENING 1 /* Sending SABM not seen UA */
135#define DLCI_OPEN 2 /* SABM/UA complete */
136#define DLCI_CLOSING 3 /* Sending DISC not seen UA/DM */
137 struct kref ref; /* freed from port or mux close */
138 struct mutex mutex;
139
140 /* Link layer */
141 spinlock_t lock; /* Protects the internal state */
142 struct timer_list t1; /* Retransmit timer for SABM and UA */
143 int retries;
144 /* Uplink tty if active */
145 struct tty_port port; /* The tty bound to this DLCI if there is one */
146 struct kfifo *fifo; /* Queue fifo for the DLCI */
147 struct kfifo _fifo; /* For new fifo API porting only */
148 int adaption; /* Adaption layer in use */
149 int prev_adaption;
150 u32 modem_rx; /* Our incoming virtual modem lines */
151 u32 modem_tx; /* Our outgoing modem lines */
152 int dead; /* Refuse re-open */
153 /* Flow control */
154 int throttled; /* Private copy of throttle state */
155 int constipated; /* Throttle status for outgoing */
156 /* Packetised I/O */
157 struct sk_buff *skb; /* Frame being sent */
158 struct sk_buff_head skb_list; /* Queued frames */
159 /* Data handling callback */
160 void (*data)(struct gsm_dlci *dlci, u8 *data, int len);
161 void (*prev_data)(struct gsm_dlci *dlci, u8 *data, int len);
162 struct net_device *net; /* network interface, if created */
163};
164
165/* DLCI 0, 62/63 are special or reseved see gsmtty_open */
166
167#define NUM_DLCI 64
168
169/*
170 * DLCI 0 is used to pass control blocks out of band of the data
171 * flow (and with a higher link priority). One command can be outstanding
172 * at a time and we use this structure to manage them. They are created
173 * and destroyed by the user context, and updated by the receive paths
174 * and timers
175 */
176
177struct gsm_control {
178 u8 cmd; /* Command we are issuing */
179 u8 *data; /* Data for the command in case we retransmit */
180 int len; /* Length of block for retransmission */
181 int done; /* Done flag */
182 int error; /* Error if any */
183};
184
185/*
186 * Each GSM mux we have is represented by this structure. If we are
187 * operating as an ldisc then we use this structure as our ldisc
188 * state. We need to sort out lifetimes and locking with respect
189 * to the gsm mux array. For now we don't free DLCI objects that
190 * have been instantiated until the mux itself is terminated.
191 *
192 * To consider further: tty open versus mux shutdown.
193 */
194
195struct gsm_mux {
196 struct tty_struct *tty; /* The tty our ldisc is bound to */
197 spinlock_t lock;
198 unsigned int num;
199 struct kref ref;
200
201 /* Events on the GSM channel */
202 wait_queue_head_t event;
203
204 /* Bits for GSM mode decoding */
205
206 /* Framing Layer */
207 unsigned char *buf;
208 int state;
209#define GSM_SEARCH 0
210#define GSM_START 1
211#define GSM_ADDRESS 2
212#define GSM_CONTROL 3
213#define GSM_LEN 4
214#define GSM_DATA 5
215#define GSM_FCS 6
216#define GSM_OVERRUN 7
217#define GSM_LEN0 8
218#define GSM_LEN1 9
219#define GSM_SSOF 10
220 unsigned int len;
221 unsigned int address;
222 unsigned int count;
223 int escape;
224 int encoding;
225 u8 control;
226 u8 fcs;
227 u8 received_fcs;
228 u8 *txframe; /* TX framing buffer */
229
230 /* Methods for the receiver side */
231 void (*receive)(struct gsm_mux *gsm, u8 ch);
232 void (*error)(struct gsm_mux *gsm, u8 ch, u8 flag);
233 /* And transmit side */
234 int (*output)(struct gsm_mux *mux, u8 *data, int len);
235
236 /* Link Layer */
237 unsigned int mru;
238 unsigned int mtu;
239 int initiator; /* Did we initiate connection */
240 int dead; /* Has the mux been shut down */
241 struct gsm_dlci *dlci[NUM_DLCI];
242 int constipated; /* Asked by remote to shut up */
243
244 spinlock_t tx_lock;
245 unsigned int tx_bytes; /* TX data outstanding */
246#define TX_THRESH_HI 8192
247#define TX_THRESH_LO 2048
248 struct gsm_msg *tx_head; /* Pending data packets */
249 struct gsm_msg *tx_tail;
250
251 /* Control messages */
252 struct timer_list t2_timer; /* Retransmit timer for commands */
253 int cretries; /* Command retry counter */
254 struct gsm_control *pending_cmd;/* Our current pending command */
255 spinlock_t control_lock; /* Protects the pending command */
256
257 /* Configuration */
258 int adaption; /* 1 or 2 supported */
259 u8 ftype; /* UI or UIH */
260 int t1, t2; /* Timers in 1/100th of a sec */
261 int n2; /* Retry count */
262
263 /* Statistics (not currently exposed) */
264 unsigned long bad_fcs;
265 unsigned long malformed;
266 unsigned long io_error;
267 unsigned long bad_size;
268 unsigned long unsupported;
269};
270
271
272/*
273 * Mux objects - needed so that we can translate a tty index into the
274 * relevant mux and DLCI.
275 */
276
277#define MAX_MUX 4 /* 256 minors */
278static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
279static spinlock_t gsm_mux_lock;
280
281static struct tty_driver *gsm_tty_driver;
282
283/*
284 * This section of the driver logic implements the GSM encodings
285 * both the basic and the 'advanced'. Reliable transport is not
286 * supported.
287 */
288
289#define CR 0x02
290#define EA 0x01
291#define PF 0x10
292
293/* I is special: the rest are ..*/
294#define RR 0x01
295#define UI 0x03
296#define RNR 0x05
297#define REJ 0x09
298#define DM 0x0F
299#define SABM 0x2F
300#define DISC 0x43
301#define UA 0x63
302#define UIH 0xEF
303
304/* Channel commands */
305#define CMD_NSC 0x09
306#define CMD_TEST 0x11
307#define CMD_PSC 0x21
308#define CMD_RLS 0x29
309#define CMD_FCOFF 0x31
310#define CMD_PN 0x41
311#define CMD_RPN 0x49
312#define CMD_FCON 0x51
313#define CMD_CLD 0x61
314#define CMD_SNC 0x69
315#define CMD_MSC 0x71
316
317/* Virtual modem bits */
318#define MDM_FC 0x01
319#define MDM_RTC 0x02
320#define MDM_RTR 0x04
321#define MDM_IC 0x20
322#define MDM_DV 0x40
323
324#define GSM0_SOF 0xF9
325#define GSM1_SOF 0x7E
326#define GSM1_ESCAPE 0x7D
327#define GSM1_ESCAPE_BITS 0x20
328#define XON 0x11
329#define XOFF 0x13
330
331static const struct tty_port_operations gsm_port_ops;
332
333/*
334 * CRC table for GSM 0710
335 */
336
337static const u8 gsm_fcs8[256] = {
338 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
339 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
340 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
341 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
342 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
343 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
344 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
345 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
346 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
347 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
348 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
349 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
350 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
351 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
352 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
353 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
354 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
355 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
356 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
357 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
358 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
359 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
360 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
361 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
362 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
363 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
364 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
365 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
366 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
367 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
368 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
369 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
370};
371
372#define INIT_FCS 0xFF
373#define GOOD_FCS 0xCF
374
375/**
376 * gsm_fcs_add - update FCS
377 * @fcs: Current FCS
378 * @c: Next data
379 *
380 * Update the FCS to include c. Uses the algorithm in the specification
381 * notes.
382 */
383
384static inline u8 gsm_fcs_add(u8 fcs, u8 c)
385{
386 return gsm_fcs8[fcs ^ c];
387}
388
389/**
390 * gsm_fcs_add_block - update FCS for a block
391 * @fcs: Current FCS
392 * @c: buffer of data
393 * @len: length of buffer
394 *
395 * Update the FCS to include c. Uses the algorithm in the specification
396 * notes.
397 */
398
399static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
400{
401 while (len--)
402 fcs = gsm_fcs8[fcs ^ *c++];
403 return fcs;
404}
405
406/**
407 * gsm_read_ea - read a byte into an EA
408 * @val: variable holding value
409 * c: byte going into the EA
410 *
411 * Processes one byte of an EA. Updates the passed variable
412 * and returns 1 if the EA is now completely read
413 */
414
415static int gsm_read_ea(unsigned int *val, u8 c)
416{
417 /* Add the next 7 bits into the value */
418 *val <<= 7;
419 *val |= c >> 1;
420 /* Was this the last byte of the EA 1 = yes*/
421 return c & EA;
422}
423
424/**
425 * gsm_encode_modem - encode modem data bits
426 * @dlci: DLCI to encode from
427 *
428 * Returns the correct GSM encoded modem status bits (6 bit field) for
429 * the current status of the DLCI and attached tty object
430 */
431
432static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
433{
434 u8 modembits = 0;
435 /* FC is true flow control not modem bits */
436 if (dlci->throttled)
437 modembits |= MDM_FC;
438 if (dlci->modem_tx & TIOCM_DTR)
439 modembits |= MDM_RTC;
440 if (dlci->modem_tx & TIOCM_RTS)
441 modembits |= MDM_RTR;
442 if (dlci->modem_tx & TIOCM_RI)
443 modembits |= MDM_IC;
444 if (dlci->modem_tx & TIOCM_CD)
445 modembits |= MDM_DV;
446 return modembits;
447}
448
449/**
450 * gsm_print_packet - display a frame for debug
451 * @hdr: header to print before decode
452 * @addr: address EA from the frame
453 * @cr: C/R bit from the frame
454 * @control: control including PF bit
455 * @data: following data bytes
456 * @dlen: length of data
457 *
458 * Displays a packet in human readable format for debugging purposes. The
459 * style is based on amateur radio LAP-B dump display.
460 */
461
462static void gsm_print_packet(const char *hdr, int addr, int cr,
463 u8 control, const u8 *data, int dlen)
464{
465 if (!(debug & 1))
466 return;
467
468 pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
469
470 switch (control & ~PF) {
471 case SABM:
472 pr_cont("SABM");
473 break;
474 case UA:
475 pr_cont("UA");
476 break;
477 case DISC:
478 pr_cont("DISC");
479 break;
480 case DM:
481 pr_cont("DM");
482 break;
483 case UI:
484 pr_cont("UI");
485 break;
486 case UIH:
487 pr_cont("UIH");
488 break;
489 default:
490 if (!(control & 0x01)) {
491 pr_cont("I N(S)%d N(R)%d",
492 (control & 0x0E) >> 1, (control & 0xE) >> 5);
493 } else switch (control & 0x0F) {
494 case RR:
495 pr_cont("RR(%d)", (control & 0xE0) >> 5);
496 break;
497 case RNR:
498 pr_cont("RNR(%d)", (control & 0xE0) >> 5);
499 break;
500 case REJ:
501 pr_cont("REJ(%d)", (control & 0xE0) >> 5);
502 break;
503 default:
504 pr_cont("[%02X]", control);
505 }
506 }
507
508 if (control & PF)
509 pr_cont("(P)");
510 else
511 pr_cont("(F)");
512
513 if (dlen) {
514 int ct = 0;
515 while (dlen--) {
516 if (ct % 8 == 0) {
517 pr_cont("\n");
518 pr_debug(" ");
519 }
520 pr_cont("%02X ", *data++);
521 ct++;
522 }
523 }
524 pr_cont("\n");
525}
526
527
528/*
529 * Link level transmission side
530 */
531
532/**
533 * gsm_stuff_packet - bytestuff a packet
534 * @ibuf: input
535 * @obuf: output
536 * @len: length of input
537 *
538 * Expand a buffer by bytestuffing it. The worst case size change
539 * is doubling and the caller is responsible for handing out
540 * suitable sized buffers.
541 */
542
543static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
544{
545 int olen = 0;
546 while (len--) {
547 if (*input == GSM1_SOF || *input == GSM1_ESCAPE
548 || *input == XON || *input == XOFF) {
549 *output++ = GSM1_ESCAPE;
550 *output++ = *input++ ^ GSM1_ESCAPE_BITS;
551 olen++;
552 } else
553 *output++ = *input++;
554 olen++;
555 }
556 return olen;
557}
558
559/**
560 * gsm_send - send a control frame
561 * @gsm: our GSM mux
562 * @addr: address for control frame
563 * @cr: command/response bit
564 * @control: control byte including PF bit
565 *
566 * Format up and transmit a control frame. These do not go via the
567 * queueing logic as they should be transmitted ahead of data when
568 * they are needed.
569 *
570 * FIXME: Lock versus data TX path
571 */
572
573static void gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
574{
575 int len;
576 u8 cbuf[10];
577 u8 ibuf[3];
578
579 switch (gsm->encoding) {
580 case 0:
581 cbuf[0] = GSM0_SOF;
582 cbuf[1] = (addr << 2) | (cr << 1) | EA;
583 cbuf[2] = control;
584 cbuf[3] = EA; /* Length of data = 0 */
585 cbuf[4] = 0xFF - gsm_fcs_add_block(INIT_FCS, cbuf + 1, 3);
586 cbuf[5] = GSM0_SOF;
587 len = 6;
588 break;
589 case 1:
590 case 2:
591 /* Control frame + packing (but not frame stuffing) in mode 1 */
592 ibuf[0] = (addr << 2) | (cr << 1) | EA;
593 ibuf[1] = control;
594 ibuf[2] = 0xFF - gsm_fcs_add_block(INIT_FCS, ibuf, 2);
595 /* Stuffing may double the size worst case */
596 len = gsm_stuff_frame(ibuf, cbuf + 1, 3);
597 /* Now add the SOF markers */
598 cbuf[0] = GSM1_SOF;
599 cbuf[len + 1] = GSM1_SOF;
600 /* FIXME: we can omit the lead one in many cases */
601 len += 2;
602 break;
603 default:
604 WARN_ON(1);
605 return;
606 }
607 gsm->output(gsm, cbuf, len);
608 gsm_print_packet("-->", addr, cr, control, NULL, 0);
609}
610
611/**
612 * gsm_response - send a control response
613 * @gsm: our GSM mux
614 * @addr: address for control frame
615 * @control: control byte including PF bit
616 *
617 * Format up and transmit a link level response frame.
618 */
619
620static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
621{
622 gsm_send(gsm, addr, 0, control);
623}
624
625/**
626 * gsm_command - send a control command
627 * @gsm: our GSM mux
628 * @addr: address for control frame
629 * @control: control byte including PF bit
630 *
631 * Format up and transmit a link level command frame.
632 */
633
634static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
635{
636 gsm_send(gsm, addr, 1, control);
637}
638
639/* Data transmission */
640
641#define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
642
643/**
644 * gsm_data_alloc - allocate data frame
645 * @gsm: GSM mux
646 * @addr: DLCI address
647 * @len: length excluding header and FCS
648 * @ctrl: control byte
649 *
650 * Allocate a new data buffer for sending frames with data. Space is left
651 * at the front for header bytes but that is treated as an implementation
652 * detail and not for the high level code to use
653 */
654
655static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
656 u8 ctrl)
657{
658 struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
659 GFP_ATOMIC);
660 if (m == NULL)
661 return NULL;
662 m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
663 m->len = len;
664 m->addr = addr;
665 m->ctrl = ctrl;
666 m->next = NULL;
667 return m;
668}
669
670/**
671 * gsm_data_kick - poke the queue
672 * @gsm: GSM Mux
673 *
674 * The tty device has called us to indicate that room has appeared in
675 * the transmit queue. Ram more data into the pipe if we have any
676 *
677 * FIXME: lock against link layer control transmissions
678 */
679
680static void gsm_data_kick(struct gsm_mux *gsm)
681{
682 struct gsm_msg *msg = gsm->tx_head;
683 int len;
684 int skip_sof = 0;
685
686 /* FIXME: We need to apply this solely to data messages */
687 if (gsm->constipated)
688 return;
689
690 while (gsm->tx_head != NULL) {
691 msg = gsm->tx_head;
692 if (gsm->encoding != 0) {
693 gsm->txframe[0] = GSM1_SOF;
694 len = gsm_stuff_frame(msg->data,
695 gsm->txframe + 1, msg->len);
696 gsm->txframe[len + 1] = GSM1_SOF;
697 len += 2;
698 } else {
699 gsm->txframe[0] = GSM0_SOF;
700 memcpy(gsm->txframe + 1 , msg->data, msg->len);
701 gsm->txframe[msg->len + 1] = GSM0_SOF;
702 len = msg->len + 2;
703 }
704
705 if (debug & 4)
706 print_hex_dump_bytes("gsm_data_kick: ",
707 DUMP_PREFIX_OFFSET,
708 gsm->txframe, len);
709
710 if (gsm->output(gsm, gsm->txframe + skip_sof,
711 len - skip_sof) < 0)
712 break;
713 /* FIXME: Can eliminate one SOF in many more cases */
714 gsm->tx_head = msg->next;
715 if (gsm->tx_head == NULL)
716 gsm->tx_tail = NULL;
717 gsm->tx_bytes -= msg->len;
718 kfree(msg);
719 /* For a burst of frames skip the extra SOF within the
720 burst */
721 skip_sof = 1;
722 }
723}
724
725/**
726 * __gsm_data_queue - queue a UI or UIH frame
727 * @dlci: DLCI sending the data
728 * @msg: message queued
729 *
730 * Add data to the transmit queue and try and get stuff moving
731 * out of the mux tty if not already doing so. The Caller must hold
732 * the gsm tx lock.
733 */
734
735static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
736{
737 struct gsm_mux *gsm = dlci->gsm;
738 u8 *dp = msg->data;
739 u8 *fcs = dp + msg->len;
740
741 /* Fill in the header */
742 if (gsm->encoding == 0) {
743 if (msg->len < 128)
744 *--dp = (msg->len << 1) | EA;
745 else {
746 *--dp = (msg->len >> 7); /* bits 7 - 15 */
747 *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
748 }
749 }
750
751 *--dp = msg->ctrl;
752 if (gsm->initiator)
753 *--dp = (msg->addr << 2) | 2 | EA;
754 else
755 *--dp = (msg->addr << 2) | EA;
756 *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
757 /* Ugly protocol layering violation */
758 if (msg->ctrl == UI || msg->ctrl == (UI|PF))
759 *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
760 *fcs = 0xFF - *fcs;
761
762 gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
763 msg->data, msg->len);
764
765 /* Move the header back and adjust the length, also allow for the FCS
766 now tacked on the end */
767 msg->len += (msg->data - dp) + 1;
768 msg->data = dp;
769
770 /* Add to the actual output queue */
771 if (gsm->tx_tail)
772 gsm->tx_tail->next = msg;
773 else
774 gsm->tx_head = msg;
775 gsm->tx_tail = msg;
776 gsm->tx_bytes += msg->len;
777 gsm_data_kick(gsm);
778}
779
780/**
781 * gsm_data_queue - queue a UI or UIH frame
782 * @dlci: DLCI sending the data
783 * @msg: message queued
784 *
785 * Add data to the transmit queue and try and get stuff moving
786 * out of the mux tty if not already doing so. Take the
787 * the gsm tx lock and dlci lock.
788 */
789
790static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
791{
792 unsigned long flags;
793 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
794 __gsm_data_queue(dlci, msg);
795 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
796}
797
798/**
799 * gsm_dlci_data_output - try and push data out of a DLCI
800 * @gsm: mux
801 * @dlci: the DLCI to pull data from
802 *
803 * Pull data from a DLCI and send it into the transmit queue if there
804 * is data. Keep to the MRU of the mux. This path handles the usual tty
805 * interface which is a byte stream with optional modem data.
806 *
807 * Caller must hold the tx_lock of the mux.
808 */
809
810static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
811{
812 struct gsm_msg *msg;
813 u8 *dp;
814 int len, total_size, size;
815 int h = dlci->adaption - 1;
816
817 total_size = 0;
818 while(1) {
819 len = kfifo_len(dlci->fifo);
820 if (len == 0)
821 return total_size;
822
823 /* MTU/MRU count only the data bits */
824 if (len > gsm->mtu)
825 len = gsm->mtu;
826
827 size = len + h;
828
829 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
830 /* FIXME: need a timer or something to kick this so it can't
831 get stuck with no work outstanding and no buffer free */
832 if (msg == NULL)
833 return -ENOMEM;
834 dp = msg->data;
835 switch (dlci->adaption) {
836 case 1: /* Unstructured */
837 break;
838 case 2: /* Unstructed with modem bits. Always one byte as we never
839 send inline break data */
840 *dp++ = gsm_encode_modem(dlci);
841 break;
842 }
843 WARN_ON(kfifo_out_locked(dlci->fifo, dp , len, &dlci->lock) != len);
844 __gsm_data_queue(dlci, msg);
845 total_size += size;
846 }
847 /* Bytes of data we used up */
848 return total_size;
849}
850
851/**
852 * gsm_dlci_data_output_framed - try and push data out of a DLCI
853 * @gsm: mux
854 * @dlci: the DLCI to pull data from
855 *
856 * Pull data from a DLCI and send it into the transmit queue if there
857 * is data. Keep to the MRU of the mux. This path handles framed data
858 * queued as skbuffs to the DLCI.
859 *
860 * Caller must hold the tx_lock of the mux.
861 */
862
863static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
864 struct gsm_dlci *dlci)
865{
866 struct gsm_msg *msg;
867 u8 *dp;
868 int len, size;
869 int last = 0, first = 0;
870 int overhead = 0;
871
872 /* One byte per frame is used for B/F flags */
873 if (dlci->adaption == 4)
874 overhead = 1;
875
876 /* dlci->skb is locked by tx_lock */
877 if (dlci->skb == NULL) {
878 dlci->skb = skb_dequeue_tail(&dlci->skb_list);
879 if (dlci->skb == NULL)
880 return 0;
881 first = 1;
882 }
883 len = dlci->skb->len + overhead;
884
885 /* MTU/MRU count only the data bits */
886 if (len > gsm->mtu) {
887 if (dlci->adaption == 3) {
888 /* Over long frame, bin it */
889 kfree_skb(dlci->skb);
890 dlci->skb = NULL;
891 return 0;
892 }
893 len = gsm->mtu;
894 } else
895 last = 1;
896
897 size = len + overhead;
898 msg = gsm_data_alloc(gsm, dlci->addr, size, gsm->ftype);
899
900 /* FIXME: need a timer or something to kick this so it can't
901 get stuck with no work outstanding and no buffer free */
902 if (msg == NULL) {
903 skb_queue_tail(&dlci->skb_list, dlci->skb);
904 dlci->skb = NULL;
905 return -ENOMEM;
906 }
907 dp = msg->data;
908
909 if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
910 /* Flag byte to carry the start/end info */
911 *dp++ = last << 7 | first << 6 | 1; /* EA */
912 len--;
913 }
914 memcpy(dp, dlci->skb->data, len);
915 skb_pull(dlci->skb, len);
916 __gsm_data_queue(dlci, msg);
917 if (last) {
918 kfree_skb(dlci->skb);
919 dlci->skb = NULL;
920 }
921 return size;
922}
923
924/**
925 * gsm_dlci_data_sweep - look for data to send
926 * @gsm: the GSM mux
927 *
928 * Sweep the GSM mux channels in priority order looking for ones with
929 * data to send. We could do with optimising this scan a bit. We aim
930 * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
931 * TX_THRESH_LO we get called again
932 *
933 * FIXME: We should round robin between groups and in theory you can
934 * renegotiate DLCI priorities with optional stuff. Needs optimising.
935 */
936
937static void gsm_dlci_data_sweep(struct gsm_mux *gsm)
938{
939 int len;
940 /* Priority ordering: We should do priority with RR of the groups */
941 int i = 1;
942
943 while (i < NUM_DLCI) {
944 struct gsm_dlci *dlci;
945
946 if (gsm->tx_bytes > TX_THRESH_HI)
947 break;
948 dlci = gsm->dlci[i];
949 if (dlci == NULL || dlci->constipated) {
950 i++;
951 continue;
952 }
953 if (dlci->adaption < 3 && !dlci->net)
954 len = gsm_dlci_data_output(gsm, dlci);
955 else
956 len = gsm_dlci_data_output_framed(gsm, dlci);
957 if (len < 0)
958 break;
959 /* DLCI empty - try the next */
960 if (len == 0)
961 i++;
962 }
963}
964
965/**
966 * gsm_dlci_data_kick - transmit if possible
967 * @dlci: DLCI to kick
968 *
969 * Transmit data from this DLCI if the queue is empty. We can't rely on
970 * a tty wakeup except when we filled the pipe so we need to fire off
971 * new data ourselves in other cases.
972 */
973
974static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
975{
976 unsigned long flags;
977 int sweep;
978
979 spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
980 /* If we have nothing running then we need to fire up */
981 sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
982 if (dlci->gsm->tx_bytes == 0) {
983 if (dlci->net)
984 gsm_dlci_data_output_framed(dlci->gsm, dlci);
985 else
986 gsm_dlci_data_output(dlci->gsm, dlci);
987 }
988 if (sweep)
989 gsm_dlci_data_sweep(dlci->gsm);
990 spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
991}
992
993/*
994 * Control message processing
995 */
996
997
998/**
999 * gsm_control_reply - send a response frame to a control
1000 * @gsm: gsm channel
1001 * @cmd: the command to use
1002 * @data: data to follow encoded info
1003 * @dlen: length of data
1004 *
1005 * Encode up and queue a UI/UIH frame containing our response.
1006 */
1007
1008static void gsm_control_reply(struct gsm_mux *gsm, int cmd, u8 *data,
1009 int dlen)
1010{
1011 struct gsm_msg *msg;
1012 msg = gsm_data_alloc(gsm, 0, dlen + 2, gsm->ftype);
1013 if (msg == NULL)
1014 return;
1015 msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
1016 msg->data[1] = (dlen << 1) | EA;
1017 memcpy(msg->data + 2, data, dlen);
1018 gsm_data_queue(gsm->dlci[0], msg);
1019}
1020
1021/**
1022 * gsm_process_modem - process received modem status
1023 * @tty: virtual tty bound to the DLCI
1024 * @dlci: DLCI to affect
1025 * @modem: modem bits (full EA)
1026 *
1027 * Used when a modem control message or line state inline in adaption
1028 * layer 2 is processed. Sort out the local modem state and throttles
1029 */
1030
1031static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
1032 u32 modem, int clen)
1033{
1034 int mlines = 0;
1035 u8 brk = 0;
1036
1037 /* The modem status command can either contain one octet (v.24 signals)
1038 or two octets (v.24 signals + break signals). The length field will
1039 either be 2 or 3 respectively. This is specified in section
1040 5.4.6.3.7 of the 27.010 mux spec. */
1041
1042 if (clen == 2)
1043 modem = modem & 0x7f;
1044 else {
1045 brk = modem & 0x7f;
1046 modem = (modem >> 7) & 0x7f;
1047 };
1048
1049 /* Flow control/ready to communicate */
1050 if (modem & MDM_FC) {
1051 /* Need to throttle our output on this device */
1052 dlci->constipated = 1;
1053 }
1054 if (modem & MDM_RTC) {
1055 mlines |= TIOCM_DSR | TIOCM_DTR;
1056 dlci->constipated = 0;
1057 gsm_dlci_data_kick(dlci);
1058 }
1059 /* Map modem bits */
1060 if (modem & MDM_RTR)
1061 mlines |= TIOCM_RTS | TIOCM_CTS;
1062 if (modem & MDM_IC)
1063 mlines |= TIOCM_RI;
1064 if (modem & MDM_DV)
1065 mlines |= TIOCM_CD;
1066
1067 /* Carrier drop -> hangup */
1068 if (tty) {
1069 if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
1070 if (!(tty->termios->c_cflag & CLOCAL))
1071 tty_hangup(tty);
1072 if (brk & 0x01)
1073 tty_insert_flip_char(tty, 0, TTY_BREAK);
1074 }
1075 dlci->modem_rx = mlines;
1076}
1077
1078/**
1079 * gsm_control_modem - modem status received
1080 * @gsm: GSM channel
1081 * @data: data following command
1082 * @clen: command length
1083 *
1084 * We have received a modem status control message. This is used by
1085 * the GSM mux protocol to pass virtual modem line status and optionally
1086 * to indicate break signals. Unpack it, convert to Linux representation
1087 * and if need be stuff a break message down the tty.
1088 */
1089
1090static void gsm_control_modem(struct gsm_mux *gsm, u8 *data, int clen)
1091{
1092 unsigned int addr = 0;
1093 unsigned int modem = 0;
1094 struct gsm_dlci *dlci;
1095 int len = clen;
1096 u8 *dp = data;
1097 struct tty_struct *tty;
1098
1099 while (gsm_read_ea(&addr, *dp++) == 0) {
1100 len--;
1101 if (len == 0)
1102 return;
1103 }
1104 /* Must be at least one byte following the EA */
1105 len--;
1106 if (len <= 0)
1107 return;
1108
1109 addr >>= 1;
1110 /* Closed port, or invalid ? */
1111 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1112 return;
1113 dlci = gsm->dlci[addr];
1114
1115 while (gsm_read_ea(&modem, *dp++) == 0) {
1116 len--;
1117 if (len == 0)
1118 return;
1119 }
1120 tty = tty_port_tty_get(&dlci->port);
1121 gsm_process_modem(tty, dlci, modem, clen);
1122 if (tty) {
1123 tty_wakeup(tty);
1124 tty_kref_put(tty);
1125 }
1126 gsm_control_reply(gsm, CMD_MSC, data, clen);
1127}
1128
1129/**
1130 * gsm_control_rls - remote line status
1131 * @gsm: GSM channel
1132 * @data: data bytes
1133 * @clen: data length
1134 *
1135 * The modem sends us a two byte message on the control channel whenever
1136 * it wishes to send us an error state from the virtual link. Stuff
1137 * this into the uplink tty if present
1138 */
1139
1140static void gsm_control_rls(struct gsm_mux *gsm, u8 *data, int clen)
1141{
1142 struct tty_struct *tty;
1143 unsigned int addr = 0 ;
1144 u8 bits;
1145 int len = clen;
1146 u8 *dp = data;
1147
1148 while (gsm_read_ea(&addr, *dp++) == 0) {
1149 len--;
1150 if (len == 0)
1151 return;
1152 }
1153 /* Must be at least one byte following ea */
1154 len--;
1155 if (len <= 0)
1156 return;
1157 addr >>= 1;
1158 /* Closed port, or invalid ? */
1159 if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
1160 return;
1161 /* No error ? */
1162 bits = *dp;
1163 if ((bits & 1) == 0)
1164 return;
1165 /* See if we have an uplink tty */
1166 tty = tty_port_tty_get(&gsm->dlci[addr]->port);
1167
1168 if (tty) {
1169 if (bits & 2)
1170 tty_insert_flip_char(tty, 0, TTY_OVERRUN);
1171 if (bits & 4)
1172 tty_insert_flip_char(tty, 0, TTY_PARITY);
1173 if (bits & 8)
1174 tty_insert_flip_char(tty, 0, TTY_FRAME);
1175 tty_flip_buffer_push(tty);
1176 tty_kref_put(tty);
1177 }
1178 gsm_control_reply(gsm, CMD_RLS, data, clen);
1179}
1180
1181static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
1182
1183/**
1184 * gsm_control_message - DLCI 0 control processing
1185 * @gsm: our GSM mux
1186 * @command: the command EA
1187 * @data: data beyond the command/length EAs
1188 * @clen: length
1189 *
1190 * Input processor for control messages from the other end of the link.
1191 * Processes the incoming request and queues a response frame or an
1192 * NSC response if not supported
1193 */
1194
1195static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
1196 u8 *data, int clen)
1197{
1198 u8 buf[1];
1199 unsigned long flags;
1200
1201 switch (command) {
1202 case CMD_CLD: {
1203 struct gsm_dlci *dlci = gsm->dlci[0];
1204 /* Modem wishes to close down */
1205 if (dlci) {
1206 dlci->dead = 1;
1207 gsm->dead = 1;
1208 gsm_dlci_begin_close(dlci);
1209 }
1210 }
1211 break;
1212 case CMD_TEST:
1213 /* Modem wishes to test, reply with the data */
1214 gsm_control_reply(gsm, CMD_TEST, data, clen);
1215 break;
1216 case CMD_FCON:
1217 /* Modem wants us to STFU */
1218 gsm->constipated = 1;
1219 gsm_control_reply(gsm, CMD_FCON, NULL, 0);
1220 break;
1221 case CMD_FCOFF:
1222 /* Modem can accept data again */
1223 gsm->constipated = 0;
1224 gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
1225 /* Kick the link in case it is idling */
1226 spin_lock_irqsave(&gsm->tx_lock, flags);
1227 gsm_data_kick(gsm);
1228 spin_unlock_irqrestore(&gsm->tx_lock, flags);
1229 break;
1230 case CMD_MSC:
1231 /* Out of band modem line change indicator for a DLCI */
1232 gsm_control_modem(gsm, data, clen);
1233 break;
1234 case CMD_RLS:
1235 /* Out of band error reception for a DLCI */
1236 gsm_control_rls(gsm, data, clen);
1237 break;
1238 case CMD_PSC:
1239 /* Modem wishes to enter power saving state */
1240 gsm_control_reply(gsm, CMD_PSC, NULL, 0);
1241 break;
1242 /* Optional unsupported commands */
1243 case CMD_PN: /* Parameter negotiation */
1244 case CMD_RPN: /* Remote port negotiation */
1245 case CMD_SNC: /* Service negotiation command */
1246 default:
1247 /* Reply to bad commands with an NSC */
1248 buf[0] = command;
1249 gsm_control_reply(gsm, CMD_NSC, buf, 1);
1250 break;
1251 }
1252}
1253
1254/**
1255 * gsm_control_response - process a response to our control
1256 * @gsm: our GSM mux
1257 * @command: the command (response) EA
1258 * @data: data beyond the command/length EA
1259 * @clen: length
1260 *
1261 * Process a response to an outstanding command. We only allow a single
1262 * control message in flight so this is fairly easy. All the clean up
1263 * is done by the caller, we just update the fields, flag it as done
1264 * and return
1265 */
1266
1267static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
1268 u8 *data, int clen)
1269{
1270 struct gsm_control *ctrl;
1271 unsigned long flags;
1272
1273 spin_lock_irqsave(&gsm->control_lock, flags);
1274
1275 ctrl = gsm->pending_cmd;
1276 /* Does the reply match our command */
1277 command |= 1;
1278 if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
1279 /* Our command was replied to, kill the retry timer */
1280 del_timer(&gsm->t2_timer);
1281 gsm->pending_cmd = NULL;
1282 /* Rejected by the other end */
1283 if (command == CMD_NSC)
1284 ctrl->error = -EOPNOTSUPP;
1285 ctrl->done = 1;
1286 wake_up(&gsm->event);
1287 }
1288 spin_unlock_irqrestore(&gsm->control_lock, flags);
1289}
1290
1291/**
1292 * gsm_control_transmit - send control packet
1293 * @gsm: gsm mux
1294 * @ctrl: frame to send
1295 *
1296 * Send out a pending control command (called under control lock)
1297 */
1298
1299static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
1300{
1301 struct gsm_msg *msg = gsm_data_alloc(gsm, 0, ctrl->len + 1, gsm->ftype);
1302 if (msg == NULL)
1303 return;
1304 msg->data[0] = (ctrl->cmd << 1) | 2 | EA; /* command */
1305 memcpy(msg->data + 1, ctrl->data, ctrl->len);
1306 gsm_data_queue(gsm->dlci[0], msg);
1307}
1308
1309/**
1310 * gsm_control_retransmit - retransmit a control frame
1311 * @data: pointer to our gsm object
1312 *
1313 * Called off the T2 timer expiry in order to retransmit control frames
1314 * that have been lost in the system somewhere. The control_lock protects
1315 * us from colliding with another sender or a receive completion event.
1316 * In that situation the timer may still occur in a small window but
1317 * gsm->pending_cmd will be NULL and we just let the timer expire.
1318 */
1319
1320static void gsm_control_retransmit(unsigned long data)
1321{
1322 struct gsm_mux *gsm = (struct gsm_mux *)data;
1323 struct gsm_control *ctrl;
1324 unsigned long flags;
1325 spin_lock_irqsave(&gsm->control_lock, flags);
1326 ctrl = gsm->pending_cmd;
1327 if (ctrl) {
1328 gsm->cretries--;
1329 if (gsm->cretries == 0) {
1330 gsm->pending_cmd = NULL;
1331 ctrl->error = -ETIMEDOUT;
1332 ctrl->done = 1;
1333 spin_unlock_irqrestore(&gsm->control_lock, flags);
1334 wake_up(&gsm->event);
1335 return;
1336 }
1337 gsm_control_transmit(gsm, ctrl);
1338 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1339 }
1340 spin_unlock_irqrestore(&gsm->control_lock, flags);
1341}
1342
1343/**
1344 * gsm_control_send - send a control frame on DLCI 0
1345 * @gsm: the GSM channel
1346 * @command: command to send including CR bit
1347 * @data: bytes of data (must be kmalloced)
1348 * @len: length of the block to send
1349 *
1350 * Queue and dispatch a control command. Only one command can be
1351 * active at a time. In theory more can be outstanding but the matching
1352 * gets really complicated so for now stick to one outstanding.
1353 */
1354
1355static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
1356 unsigned int command, u8 *data, int clen)
1357{
1358 struct gsm_control *ctrl = kzalloc(sizeof(struct gsm_control),
1359 GFP_KERNEL);
1360 unsigned long flags;
1361 if (ctrl == NULL)
1362 return NULL;
1363retry:
1364 wait_event(gsm->event, gsm->pending_cmd == NULL);
1365 spin_lock_irqsave(&gsm->control_lock, flags);
1366 if (gsm->pending_cmd != NULL) {
1367 spin_unlock_irqrestore(&gsm->control_lock, flags);
1368 goto retry;
1369 }
1370 ctrl->cmd = command;
1371 ctrl->data = data;
1372 ctrl->len = clen;
1373 gsm->pending_cmd = ctrl;
1374 gsm->cretries = gsm->n2;
1375 mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
1376 gsm_control_transmit(gsm, ctrl);
1377 spin_unlock_irqrestore(&gsm->control_lock, flags);
1378 return ctrl;
1379}
1380
1381/**
1382 * gsm_control_wait - wait for a control to finish
1383 * @gsm: GSM mux
1384 * @control: control we are waiting on
1385 *
1386 * Waits for the control to complete or time out. Frees any used
1387 * resources and returns 0 for success, or an error if the remote
1388 * rejected or ignored the request.
1389 */
1390
1391static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
1392{
1393 int err;
1394 wait_event(gsm->event, control->done == 1);
1395 err = control->error;
1396 kfree(control);
1397 return err;
1398}
1399
1400
1401/*
1402 * DLCI level handling: Needs krefs
1403 */
1404
1405/*
1406 * State transitions and timers
1407 */
1408
1409/**
1410 * gsm_dlci_close - a DLCI has closed
1411 * @dlci: DLCI that closed
1412 *
1413 * Perform processing when moving a DLCI into closed state. If there
1414 * is an attached tty this is hung up
1415 */
1416
1417static void gsm_dlci_close(struct gsm_dlci *dlci)
1418{
1419 del_timer(&dlci->t1);
1420 if (debug & 8)
1421 pr_debug("DLCI %d goes closed.\n", dlci->addr);
1422 dlci->state = DLCI_CLOSED;
1423 if (dlci->addr != 0) {
1424 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1425 if (tty) {
1426 tty_hangup(tty);
1427 tty_kref_put(tty);
1428 }
1429 kfifo_reset(dlci->fifo);
1430 } else
1431 dlci->gsm->dead = 1;
1432 wake_up(&dlci->gsm->event);
1433 /* A DLCI 0 close is a MUX termination so we need to kick that
1434 back to userspace somehow */
1435}
1436
1437/**
1438 * gsm_dlci_open - a DLCI has opened
1439 * @dlci: DLCI that opened
1440 *
1441 * Perform processing when moving a DLCI into open state.
1442 */
1443
1444static void gsm_dlci_open(struct gsm_dlci *dlci)
1445{
1446 /* Note that SABM UA .. SABM UA first UA lost can mean that we go
1447 open -> open */
1448 del_timer(&dlci->t1);
1449 /* This will let a tty open continue */
1450 dlci->state = DLCI_OPEN;
1451 if (debug & 8)
1452 pr_debug("DLCI %d goes open.\n", dlci->addr);
1453 wake_up(&dlci->gsm->event);
1454}
1455
1456/**
1457 * gsm_dlci_t1 - T1 timer expiry
1458 * @dlci: DLCI that opened
1459 *
1460 * The T1 timer handles retransmits of control frames (essentially of
1461 * SABM and DISC). We resend the command until the retry count runs out
1462 * in which case an opening port goes back to closed and a closing port
1463 * is simply put into closed state (any further frames from the other
1464 * end will get a DM response)
1465 */
1466
1467static void gsm_dlci_t1(unsigned long data)
1468{
1469 struct gsm_dlci *dlci = (struct gsm_dlci *)data;
1470 struct gsm_mux *gsm = dlci->gsm;
1471
1472 switch (dlci->state) {
1473 case DLCI_OPENING:
1474 dlci->retries--;
1475 if (dlci->retries) {
1476 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1477 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1478 } else
1479 gsm_dlci_close(dlci);
1480 break;
1481 case DLCI_CLOSING:
1482 dlci->retries--;
1483 if (dlci->retries) {
1484 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1485 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1486 } else
1487 gsm_dlci_close(dlci);
1488 break;
1489 }
1490}
1491
1492/**
1493 * gsm_dlci_begin_open - start channel open procedure
1494 * @dlci: DLCI to open
1495 *
1496 * Commence opening a DLCI from the Linux side. We issue SABM messages
1497 * to the modem which should then reply with a UA, at which point we
1498 * will move into open state. Opening is done asynchronously with retry
1499 * running off timers and the responses.
1500 */
1501
1502static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
1503{
1504 struct gsm_mux *gsm = dlci->gsm;
1505 if (dlci->state == DLCI_OPEN || dlci->state == DLCI_OPENING)
1506 return;
1507 dlci->retries = gsm->n2;
1508 dlci->state = DLCI_OPENING;
1509 gsm_command(dlci->gsm, dlci->addr, SABM|PF);
1510 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1511}
1512
1513/**
1514 * gsm_dlci_begin_close - start channel open procedure
1515 * @dlci: DLCI to open
1516 *
1517 * Commence closing a DLCI from the Linux side. We issue DISC messages
1518 * to the modem which should then reply with a UA, at which point we
1519 * will move into closed state. Closing is done asynchronously with retry
1520 * off timers. We may also receive a DM reply from the other end which
1521 * indicates the channel was already closed.
1522 */
1523
1524static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
1525{
1526 struct gsm_mux *gsm = dlci->gsm;
1527 if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
1528 return;
1529 dlci->retries = gsm->n2;
1530 dlci->state = DLCI_CLOSING;
1531 gsm_command(dlci->gsm, dlci->addr, DISC|PF);
1532 mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
1533}
1534
1535/**
1536 * gsm_dlci_data - data arrived
1537 * @dlci: channel
1538 * @data: block of bytes received
1539 * @len: length of received block
1540 *
1541 * A UI or UIH frame has arrived which contains data for a channel
1542 * other than the control channel. If the relevant virtual tty is
1543 * open we shovel the bits down it, if not we drop them.
1544 */
1545
1546static void gsm_dlci_data(struct gsm_dlci *dlci, u8 *data, int clen)
1547{
1548 /* krefs .. */
1549 struct tty_port *port = &dlci->port;
1550 struct tty_struct *tty = tty_port_tty_get(port);
1551 unsigned int modem = 0;
1552 int len = clen;
1553
1554 if (debug & 16)
1555 pr_debug("%d bytes for tty %p\n", len, tty);
1556 if (tty) {
1557 switch (dlci->adaption) {
1558 /* Unsupported types */
1559 /* Packetised interruptible data */
1560 case 4:
1561 break;
1562 /* Packetised uininterruptible voice/data */
1563 case 3:
1564 break;
1565 /* Asynchronous serial with line state in each frame */
1566 case 2:
1567 while (gsm_read_ea(&modem, *data++) == 0) {
1568 len--;
1569 if (len == 0)
1570 return;
1571 }
1572 gsm_process_modem(tty, dlci, modem, clen);
1573 /* Line state will go via DLCI 0 controls only */
1574 case 1:
1575 default:
1576 tty_insert_flip_string(tty, data, len);
1577 tty_flip_buffer_push(tty);
1578 }
1579 tty_kref_put(tty);
1580 }
1581}
1582
1583/**
1584 * gsm_dlci_control - data arrived on control channel
1585 * @dlci: channel
1586 * @data: block of bytes received
1587 * @len: length of received block
1588 *
1589 * A UI or UIH frame has arrived which contains data for DLCI 0 the
1590 * control channel. This should contain a command EA followed by
1591 * control data bytes. The command EA contains a command/response bit
1592 * and we divide up the work accordingly.
1593 */
1594
1595static void gsm_dlci_command(struct gsm_dlci *dlci, u8 *data, int len)
1596{
1597 /* See what command is involved */
1598 unsigned int command = 0;
1599 while (len-- > 0) {
1600 if (gsm_read_ea(&command, *data++) == 1) {
1601 int clen = *data++;
1602 len--;
1603 /* FIXME: this is properly an EA */
1604 clen >>= 1;
1605 /* Malformed command ? */
1606 if (clen > len)
1607 return;
1608 if (command & 1)
1609 gsm_control_message(dlci->gsm, command,
1610 data, clen);
1611 else
1612 gsm_control_response(dlci->gsm, command,
1613 data, clen);
1614 return;
1615 }
1616 }
1617}
1618
1619/*
1620 * Allocate/Free DLCI channels
1621 */
1622
1623/**
1624 * gsm_dlci_alloc - allocate a DLCI
1625 * @gsm: GSM mux
1626 * @addr: address of the DLCI
1627 *
1628 * Allocate and install a new DLCI object into the GSM mux.
1629 *
1630 * FIXME: review locking races
1631 */
1632
1633static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
1634{
1635 struct gsm_dlci *dlci = kzalloc(sizeof(struct gsm_dlci), GFP_ATOMIC);
1636 if (dlci == NULL)
1637 return NULL;
1638 spin_lock_init(&dlci->lock);
1639 kref_init(&dlci->ref);
1640 mutex_init(&dlci->mutex);
1641 dlci->fifo = &dlci->_fifo;
1642 if (kfifo_alloc(&dlci->_fifo, 4096, GFP_KERNEL) < 0) {
1643 kfree(dlci);
1644 return NULL;
1645 }
1646
1647 skb_queue_head_init(&dlci->skb_list);
1648 init_timer(&dlci->t1);
1649 dlci->t1.function = gsm_dlci_t1;
1650 dlci->t1.data = (unsigned long)dlci;
1651 tty_port_init(&dlci->port);
1652 dlci->port.ops = &gsm_port_ops;
1653 dlci->gsm = gsm;
1654 dlci->addr = addr;
1655 dlci->adaption = gsm->adaption;
1656 dlci->state = DLCI_CLOSED;
1657 if (addr)
1658 dlci->data = gsm_dlci_data;
1659 else
1660 dlci->data = gsm_dlci_command;
1661 gsm->dlci[addr] = dlci;
1662 return dlci;
1663}
1664
1665/**
1666 * gsm_dlci_free - free DLCI
1667 * @dlci: DLCI to free
1668 *
1669 * Free up a DLCI.
1670 *
1671 * Can sleep.
1672 */
1673static void gsm_dlci_free(struct kref *ref)
1674{
1675 struct gsm_dlci *dlci = container_of(ref, struct gsm_dlci, ref);
1676
1677 del_timer_sync(&dlci->t1);
1678 dlci->gsm->dlci[dlci->addr] = NULL;
1679 kfifo_free(dlci->fifo);
1680 while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
1681 kfree_skb(dlci->skb);
1682 kfree(dlci);
1683}
1684
1685static inline void dlci_get(struct gsm_dlci *dlci)
1686{
1687 kref_get(&dlci->ref);
1688}
1689
1690static inline void dlci_put(struct gsm_dlci *dlci)
1691{
1692 kref_put(&dlci->ref, gsm_dlci_free);
1693}
1694
1695/**
1696 * gsm_dlci_release - release DLCI
1697 * @dlci: DLCI to destroy
1698 *
1699 * Release a DLCI. Actual free is deferred until either
1700 * mux is closed or tty is closed - whichever is last.
1701 *
1702 * Can sleep.
1703 */
1704static void gsm_dlci_release(struct gsm_dlci *dlci)
1705{
1706 struct tty_struct *tty = tty_port_tty_get(&dlci->port);
1707 if (tty) {
1708 tty_vhangup(tty);
1709 tty_kref_put(tty);
1710 }
1711 dlci_put(dlci);
1712}
1713
1714/*
1715 * LAPBish link layer logic
1716 */
1717
1718/**
1719 * gsm_queue - a GSM frame is ready to process
1720 * @gsm: pointer to our gsm mux
1721 *
1722 * At this point in time a frame has arrived and been demangled from
1723 * the line encoding. All the differences between the encodings have
1724 * been handled below us and the frame is unpacked into the structures.
1725 * The fcs holds the header FCS but any data FCS must be added here.
1726 */
1727
1728static void gsm_queue(struct gsm_mux *gsm)
1729{
1730 struct gsm_dlci *dlci;
1731 u8 cr;
1732 int address;
1733 /* We have to sneak a look at the packet body to do the FCS.
1734 A somewhat layering violation in the spec */
1735
1736 if ((gsm->control & ~PF) == UI)
1737 gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf, gsm->len);
1738 if (gsm->encoding == 0){
1739 /* WARNING: gsm->received_fcs is used for gsm->encoding = 0 only.
1740 In this case it contain the last piece of data
1741 required to generate final CRC */
1742 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->received_fcs);
1743 }
1744 if (gsm->fcs != GOOD_FCS) {
1745 gsm->bad_fcs++;
1746 if (debug & 4)
1747 pr_debug("BAD FCS %02x\n", gsm->fcs);
1748 return;
1749 }
1750 address = gsm->address >> 1;
1751 if (address >= NUM_DLCI)
1752 goto invalid;
1753
1754 cr = gsm->address & 1; /* C/R bit */
1755
1756 gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
1757
1758 cr ^= 1 - gsm->initiator; /* Flip so 1 always means command */
1759 dlci = gsm->dlci[address];
1760
1761 switch (gsm->control) {
1762 case SABM|PF:
1763 if (cr == 0)
1764 goto invalid;
1765 if (dlci == NULL)
1766 dlci = gsm_dlci_alloc(gsm, address);
1767 if (dlci == NULL)
1768 return;
1769 if (dlci->dead)
1770 gsm_response(gsm, address, DM);
1771 else {
1772 gsm_response(gsm, address, UA);
1773 gsm_dlci_open(dlci);
1774 }
1775 break;
1776 case DISC|PF:
1777 if (cr == 0)
1778 goto invalid;
1779 if (dlci == NULL || dlci->state == DLCI_CLOSED) {
1780 gsm_response(gsm, address, DM);
1781 return;
1782 }
1783 /* Real close complete */
1784 gsm_response(gsm, address, UA);
1785 gsm_dlci_close(dlci);
1786 break;
1787 case UA:
1788 case UA|PF:
1789 if (cr == 0 || dlci == NULL)
1790 break;
1791 switch (dlci->state) {
1792 case DLCI_CLOSING:
1793 gsm_dlci_close(dlci);
1794 break;
1795 case DLCI_OPENING:
1796 gsm_dlci_open(dlci);
1797 break;
1798 }
1799 break;
1800 case DM: /* DM can be valid unsolicited */
1801 case DM|PF:
1802 if (cr)
1803 goto invalid;
1804 if (dlci == NULL)
1805 return;
1806 gsm_dlci_close(dlci);
1807 break;
1808 case UI:
1809 case UI|PF:
1810 case UIH:
1811 case UIH|PF:
1812#if 0
1813 if (cr)
1814 goto invalid;
1815#endif
1816 if (dlci == NULL || dlci->state != DLCI_OPEN) {
1817 gsm_command(gsm, address, DM|PF);
1818 return;
1819 }
1820 dlci->data(dlci, gsm->buf, gsm->len);
1821 break;
1822 default:
1823 goto invalid;
1824 }
1825 return;
1826invalid:
1827 gsm->malformed++;
1828 return;
1829}
1830
1831
1832/**
1833 * gsm0_receive - perform processing for non-transparency
1834 * @gsm: gsm data for this ldisc instance
1835 * @c: character
1836 *
1837 * Receive bytes in gsm mode 0
1838 */
1839
1840static void gsm0_receive(struct gsm_mux *gsm, unsigned char c)
1841{
1842 unsigned int len;
1843
1844 switch (gsm->state) {
1845 case GSM_SEARCH: /* SOF marker */
1846 if (c == GSM0_SOF) {
1847 gsm->state = GSM_ADDRESS;
1848 gsm->address = 0;
1849 gsm->len = 0;
1850 gsm->fcs = INIT_FCS;
1851 }
1852 break;
1853 case GSM_ADDRESS: /* Address EA */
1854 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1855 if (gsm_read_ea(&gsm->address, c))
1856 gsm->state = GSM_CONTROL;
1857 break;
1858 case GSM_CONTROL: /* Control Byte */
1859 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1860 gsm->control = c;
1861 gsm->state = GSM_LEN0;
1862 break;
1863 case GSM_LEN0: /* Length EA */
1864 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1865 if (gsm_read_ea(&gsm->len, c)) {
1866 if (gsm->len > gsm->mru) {
1867 gsm->bad_size++;
1868 gsm->state = GSM_SEARCH;
1869 break;
1870 }
1871 gsm->count = 0;
1872 if (!gsm->len)
1873 gsm->state = GSM_FCS;
1874 else
1875 gsm->state = GSM_DATA;
1876 break;
1877 }
1878 gsm->state = GSM_LEN1;
1879 break;
1880 case GSM_LEN1:
1881 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1882 len = c;
1883 gsm->len |= len << 7;
1884 if (gsm->len > gsm->mru) {
1885 gsm->bad_size++;
1886 gsm->state = GSM_SEARCH;
1887 break;
1888 }
1889 gsm->count = 0;
1890 if (!gsm->len)
1891 gsm->state = GSM_FCS;
1892 else
1893 gsm->state = GSM_DATA;
1894 break;
1895 case GSM_DATA: /* Data */
1896 gsm->buf[gsm->count++] = c;
1897 if (gsm->count == gsm->len)
1898 gsm->state = GSM_FCS;
1899 break;
1900 case GSM_FCS: /* FCS follows the packet */
1901 gsm->received_fcs = c;
1902 gsm_queue(gsm);
1903 gsm->state = GSM_SSOF;
1904 break;
1905 case GSM_SSOF:
1906 if (c == GSM0_SOF) {
1907 gsm->state = GSM_SEARCH;
1908 break;
1909 }
1910 break;
1911 }
1912}
1913
1914/**
1915 * gsm1_receive - perform processing for non-transparency
1916 * @gsm: gsm data for this ldisc instance
1917 * @c: character
1918 *
1919 * Receive bytes in mode 1 (Advanced option)
1920 */
1921
1922static void gsm1_receive(struct gsm_mux *gsm, unsigned char c)
1923{
1924 if (c == GSM1_SOF) {
1925 /* EOF is only valid in frame if we have got to the data state
1926 and received at least one byte (the FCS) */
1927 if (gsm->state == GSM_DATA && gsm->count) {
1928 /* Extract the FCS */
1929 gsm->count--;
1930 gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
1931 gsm->len = gsm->count;
1932 gsm_queue(gsm);
1933 gsm->state = GSM_START;
1934 return;
1935 }
1936 /* Any partial frame was a runt so go back to start */
1937 if (gsm->state != GSM_START) {
1938 gsm->malformed++;
1939 gsm->state = GSM_START;
1940 }
1941 /* A SOF in GSM_START means we are still reading idling or
1942 framing bytes */
1943 return;
1944 }
1945
1946 if (c == GSM1_ESCAPE) {
1947 gsm->escape = 1;
1948 return;
1949 }
1950
1951 /* Only an unescaped SOF gets us out of GSM search */
1952 if (gsm->state == GSM_SEARCH)
1953 return;
1954
1955 if (gsm->escape) {
1956 c ^= GSM1_ESCAPE_BITS;
1957 gsm->escape = 0;
1958 }
1959 switch (gsm->state) {
1960 case GSM_START: /* First byte after SOF */
1961 gsm->address = 0;
1962 gsm->state = GSM_ADDRESS;
1963 gsm->fcs = INIT_FCS;
1964 /* Drop through */
1965 case GSM_ADDRESS: /* Address continuation */
1966 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1967 if (gsm_read_ea(&gsm->address, c))
1968 gsm->state = GSM_CONTROL;
1969 break;
1970 case GSM_CONTROL: /* Control Byte */
1971 gsm->fcs = gsm_fcs_add(gsm->fcs, c);
1972 gsm->control = c;
1973 gsm->count = 0;
1974 gsm->state = GSM_DATA;
1975 break;
1976 case GSM_DATA: /* Data */
1977 if (gsm->count > gsm->mru) { /* Allow one for the FCS */
1978 gsm->state = GSM_OVERRUN;
1979 gsm->bad_size++;
1980 } else
1981 gsm->buf[gsm->count++] = c;
1982 break;
1983 case GSM_OVERRUN: /* Over-long - eg a dropped SOF */
1984 break;
1985 }
1986}
1987
1988/**
1989 * gsm_error - handle tty error
1990 * @gsm: ldisc data
1991 * @data: byte received (may be invalid)
1992 * @flag: error received
1993 *
1994 * Handle an error in the receipt of data for a frame. Currently we just
1995 * go back to hunting for a SOF.
1996 *
1997 * FIXME: better diagnostics ?
1998 */
1999
2000static void gsm_error(struct gsm_mux *gsm,
2001 unsigned char data, unsigned char flag)
2002{
2003 gsm->state = GSM_SEARCH;
2004 gsm->io_error++;
2005}
2006
2007/**
2008 * gsm_cleanup_mux - generic GSM protocol cleanup
2009 * @gsm: our mux
2010 *
2011 * Clean up the bits of the mux which are the same for all framing
2012 * protocols. Remove the mux from the mux table, stop all the timers
2013 * and then shut down each device hanging up the channels as we go.
2014 */
2015
2016void gsm_cleanup_mux(struct gsm_mux *gsm)
2017{
2018 int i;
2019 struct gsm_dlci *dlci = gsm->dlci[0];
2020 struct gsm_msg *txq;
2021 struct gsm_control *gc;
2022
2023 gsm->dead = 1;
2024
2025 spin_lock(&gsm_mux_lock);
2026 for (i = 0; i < MAX_MUX; i++) {
2027 if (gsm_mux[i] == gsm) {
2028 gsm_mux[i] = NULL;
2029 break;
2030 }
2031 }
2032 spin_unlock(&gsm_mux_lock);
2033 WARN_ON(i == MAX_MUX);
2034
2035 /* In theory disconnecting DLCI 0 is sufficient but for some
2036 modems this is apparently not the case. */
2037 if (dlci) {
2038 gc = gsm_control_send(gsm, CMD_CLD, NULL, 0);
2039 if (gc)
2040 gsm_control_wait(gsm, gc);
2041 }
2042 del_timer_sync(&gsm->t2_timer);
2043 /* Now we are sure T2 has stopped */
2044 if (dlci) {
2045 dlci->dead = 1;
2046 gsm_dlci_begin_close(dlci);
2047 wait_event_interruptible(gsm->event,
2048 dlci->state == DLCI_CLOSED);
2049 }
2050 /* Free up any link layer users */
2051 for (i = 0; i < NUM_DLCI; i++)
2052 if (gsm->dlci[i])
2053 gsm_dlci_release(gsm->dlci[i]);
2054 /* Now wipe the queues */
2055 for (txq = gsm->tx_head; txq != NULL; txq = gsm->tx_head) {
2056 gsm->tx_head = txq->next;
2057 kfree(txq);
2058 }
2059 gsm->tx_tail = NULL;
2060}
2061EXPORT_SYMBOL_GPL(gsm_cleanup_mux);
2062
2063/**
2064 * gsm_activate_mux - generic GSM setup
2065 * @gsm: our mux
2066 *
2067 * Set up the bits of the mux which are the same for all framing
2068 * protocols. Add the mux to the mux table so it can be opened and
2069 * finally kick off connecting to DLCI 0 on the modem.
2070 */
2071
2072int gsm_activate_mux(struct gsm_mux *gsm)
2073{
2074 struct gsm_dlci *dlci;
2075 int i = 0;
2076
2077 init_timer(&gsm->t2_timer);
2078 gsm->t2_timer.function = gsm_control_retransmit;
2079 gsm->t2_timer.data = (unsigned long)gsm;
2080 init_waitqueue_head(&gsm->event);
2081 spin_lock_init(&gsm->control_lock);
2082 spin_lock_init(&gsm->tx_lock);
2083
2084 if (gsm->encoding == 0)
2085 gsm->receive = gsm0_receive;
2086 else
2087 gsm->receive = gsm1_receive;
2088 gsm->error = gsm_error;
2089
2090 spin_lock(&gsm_mux_lock);
2091 for (i = 0; i < MAX_MUX; i++) {
2092 if (gsm_mux[i] == NULL) {
2093 gsm->num = i;
2094 gsm_mux[i] = gsm;
2095 break;
2096 }
2097 }
2098 spin_unlock(&gsm_mux_lock);
2099 if (i == MAX_MUX)
2100 return -EBUSY;
2101
2102 dlci = gsm_dlci_alloc(gsm, 0);
2103 if (dlci == NULL)
2104 return -ENOMEM;
2105 gsm->dead = 0; /* Tty opens are now permissible */
2106 return 0;
2107}
2108EXPORT_SYMBOL_GPL(gsm_activate_mux);
2109
2110/**
2111 * gsm_free_mux - free up a mux
2112 * @mux: mux to free
2113 *
2114 * Dispose of allocated resources for a dead mux
2115 */
2116void gsm_free_mux(struct gsm_mux *gsm)
2117{
2118 kfree(gsm->txframe);
2119 kfree(gsm->buf);
2120 kfree(gsm);
2121}
2122EXPORT_SYMBOL_GPL(gsm_free_mux);
2123
2124/**
2125 * gsm_free_muxr - free up a mux
2126 * @mux: mux to free
2127 *
2128 * Dispose of allocated resources for a dead mux
2129 */
2130static void gsm_free_muxr(struct kref *ref)
2131{
2132 struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
2133 gsm_free_mux(gsm);
2134}
2135
2136static inline void mux_get(struct gsm_mux *gsm)
2137{
2138 kref_get(&gsm->ref);
2139}
2140
2141static inline void mux_put(struct gsm_mux *gsm)
2142{
2143 kref_put(&gsm->ref, gsm_free_muxr);
2144}
2145
2146/**
2147 * gsm_alloc_mux - allocate a mux
2148 *
2149 * Creates a new mux ready for activation.
2150 */
2151
2152struct gsm_mux *gsm_alloc_mux(void)
2153{
2154 struct gsm_mux *gsm = kzalloc(sizeof(struct gsm_mux), GFP_KERNEL);
2155 if (gsm == NULL)
2156 return NULL;
2157 gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
2158 if (gsm->buf == NULL) {
2159 kfree(gsm);
2160 return NULL;
2161 }
2162 gsm->txframe = kmalloc(2 * MAX_MRU + 2, GFP_KERNEL);
2163 if (gsm->txframe == NULL) {
2164 kfree(gsm->buf);
2165 kfree(gsm);
2166 return NULL;
2167 }
2168 spin_lock_init(&gsm->lock);
2169 kref_init(&gsm->ref);
2170
2171 gsm->t1 = T1;
2172 gsm->t2 = T2;
2173 gsm->n2 = N2;
2174 gsm->ftype = UIH;
2175 gsm->adaption = 1;
2176 gsm->encoding = 1;
2177 gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
2178 gsm->mtu = 64;
2179 gsm->dead = 1; /* Avoid early tty opens */
2180
2181 return gsm;
2182}
2183EXPORT_SYMBOL_GPL(gsm_alloc_mux);
2184
2185/**
2186 * gsmld_output - write to link
2187 * @gsm: our mux
2188 * @data: bytes to output
2189 * @len: size
2190 *
2191 * Write a block of data from the GSM mux to the data channel. This
2192 * will eventually be serialized from above but at the moment isn't.
2193 */
2194
2195static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
2196{
2197 if (tty_write_room(gsm->tty) < len) {
2198 set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
2199 return -ENOSPC;
2200 }
2201 if (debug & 4)
2202 print_hex_dump_bytes("gsmld_output: ", DUMP_PREFIX_OFFSET,
2203 data, len);
2204 gsm->tty->ops->write(gsm->tty, data, len);
2205 return len;
2206}
2207
2208/**
2209 * gsmld_attach_gsm - mode set up
2210 * @tty: our tty structure
2211 * @gsm: our mux
2212 *
2213 * Set up the MUX for basic mode and commence connecting to the
2214 * modem. Currently called from the line discipline set up but
2215 * will need moving to an ioctl path.
2216 */
2217
2218static int gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2219{
2220 int ret, i;
2221 int base = gsm->num << 6; /* Base for this MUX */
2222
2223 gsm->tty = tty_kref_get(tty);
2224 gsm->output = gsmld_output;
2225 ret = gsm_activate_mux(gsm);
2226 if (ret != 0)
2227 tty_kref_put(gsm->tty);
2228 else {
2229 /* Don't register device 0 - this is the control channel and not
2230 a usable tty interface */
2231 for (i = 1; i < NUM_DLCI; i++)
2232 tty_register_device(gsm_tty_driver, base + i, NULL);
2233 }
2234 return ret;
2235}
2236
2237
2238/**
2239 * gsmld_detach_gsm - stop doing 0710 mux
2240 * @tty: tty attached to the mux
2241 * @gsm: mux
2242 *
2243 * Shutdown and then clean up the resources used by the line discipline
2244 */
2245
2246static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
2247{
2248 int i;
2249 int base = gsm->num << 6; /* Base for this MUX */
2250
2251 WARN_ON(tty != gsm->tty);
2252 for (i = 1; i < NUM_DLCI; i++)
2253 tty_unregister_device(gsm_tty_driver, base + i);
2254 gsm_cleanup_mux(gsm);
2255 tty_kref_put(gsm->tty);
2256 gsm->tty = NULL;
2257}
2258
2259static void gsmld_receive_buf(struct tty_struct *tty, const unsigned char *cp,
2260 char *fp, int count)
2261{
2262 struct gsm_mux *gsm = tty->disc_data;
2263 const unsigned char *dp;
2264 char *f;
2265 int i;
2266 char buf[64];
2267 char flags;
2268
2269 if (debug & 4)
2270 print_hex_dump_bytes("gsmld_receive: ", DUMP_PREFIX_OFFSET,
2271 cp, count);
2272
2273 for (i = count, dp = cp, f = fp; i; i--, dp++) {
2274 flags = *f++;
2275 switch (flags) {
2276 case TTY_NORMAL:
2277 gsm->receive(gsm, *dp);
2278 break;
2279 case TTY_OVERRUN:
2280 case TTY_BREAK:
2281 case TTY_PARITY:
2282 case TTY_FRAME:
2283 gsm->error(gsm, *dp, flags);
2284 break;
2285 default:
2286 WARN_ONCE("%s: unknown flag %d\n",
2287 tty_name(tty, buf), flags);
2288 break;
2289 }
2290 }
2291 /* FASYNC if needed ? */
2292 /* If clogged call tty_throttle(tty); */
2293}
2294
2295/**
2296 * gsmld_chars_in_buffer - report available bytes
2297 * @tty: tty device
2298 *
2299 * Report the number of characters buffered to be delivered to user
2300 * at this instant in time.
2301 *
2302 * Locking: gsm lock
2303 */
2304
2305static ssize_t gsmld_chars_in_buffer(struct tty_struct *tty)
2306{
2307 return 0;
2308}
2309
2310/**
2311 * gsmld_flush_buffer - clean input queue
2312 * @tty: terminal device
2313 *
2314 * Flush the input buffer. Called when the line discipline is
2315 * being closed, when the tty layer wants the buffer flushed (eg
2316 * at hangup).
2317 */
2318
2319static void gsmld_flush_buffer(struct tty_struct *tty)
2320{
2321}
2322
2323/**
2324 * gsmld_close - close the ldisc for this tty
2325 * @tty: device
2326 *
2327 * Called from the terminal layer when this line discipline is
2328 * being shut down, either because of a close or becsuse of a
2329 * discipline change. The function will not be called while other
2330 * ldisc methods are in progress.
2331 */
2332
2333static void gsmld_close(struct tty_struct *tty)
2334{
2335 struct gsm_mux *gsm = tty->disc_data;
2336
2337 gsmld_detach_gsm(tty, gsm);
2338
2339 gsmld_flush_buffer(tty);
2340 /* Do other clean up here */
2341 mux_put(gsm);
2342}
2343
2344/**
2345 * gsmld_open - open an ldisc
2346 * @tty: terminal to open
2347 *
2348 * Called when this line discipline is being attached to the
2349 * terminal device. Can sleep. Called serialized so that no
2350 * other events will occur in parallel. No further open will occur
2351 * until a close.
2352 */
2353
2354static int gsmld_open(struct tty_struct *tty)
2355{
2356 struct gsm_mux *gsm;
2357
2358 if (tty->ops->write == NULL)
2359 return -EINVAL;
2360
2361 /* Attach our ldisc data */
2362 gsm = gsm_alloc_mux();
2363 if (gsm == NULL)
2364 return -ENOMEM;
2365
2366 tty->disc_data = gsm;
2367 tty->receive_room = 65536;
2368
2369 /* Attach the initial passive connection */
2370 gsm->encoding = 1;
2371 return gsmld_attach_gsm(tty, gsm);
2372}
2373
2374/**
2375 * gsmld_write_wakeup - asynchronous I/O notifier
2376 * @tty: tty device
2377 *
2378 * Required for the ptys, serial driver etc. since processes
2379 * that attach themselves to the master and rely on ASYNC
2380 * IO must be woken up
2381 */
2382
2383static void gsmld_write_wakeup(struct tty_struct *tty)
2384{
2385 struct gsm_mux *gsm = tty->disc_data;
2386 unsigned long flags;
2387
2388 /* Queue poll */
2389 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2390 spin_lock_irqsave(&gsm->tx_lock, flags);
2391 gsm_data_kick(gsm);
2392 if (gsm->tx_bytes < TX_THRESH_LO) {
2393 gsm_dlci_data_sweep(gsm);
2394 }
2395 spin_unlock_irqrestore(&gsm->tx_lock, flags);
2396}
2397
2398/**
2399 * gsmld_read - read function for tty
2400 * @tty: tty device
2401 * @file: file object
2402 * @buf: userspace buffer pointer
2403 * @nr: size of I/O
2404 *
2405 * Perform reads for the line discipline. We are guaranteed that the
2406 * line discipline will not be closed under us but we may get multiple
2407 * parallel readers and must handle this ourselves. We may also get
2408 * a hangup. Always called in user context, may sleep.
2409 *
2410 * This code must be sure never to sleep through a hangup.
2411 */
2412
2413static ssize_t gsmld_read(struct tty_struct *tty, struct file *file,
2414 unsigned char __user *buf, size_t nr)
2415{
2416 return -EOPNOTSUPP;
2417}
2418
2419/**
2420 * gsmld_write - write function for tty
2421 * @tty: tty device
2422 * @file: file object
2423 * @buf: userspace buffer pointer
2424 * @nr: size of I/O
2425 *
2426 * Called when the owner of the device wants to send a frame
2427 * itself (or some other control data). The data is transferred
2428 * as-is and must be properly framed and checksummed as appropriate
2429 * by userspace. Frames are either sent whole or not at all as this
2430 * avoids pain user side.
2431 */
2432
2433static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
2434 const unsigned char *buf, size_t nr)
2435{
2436 int space = tty_write_room(tty);
2437 if (space >= nr)
2438 return tty->ops->write(tty, buf, nr);
2439 set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
2440 return -ENOBUFS;
2441}
2442
2443/**
2444 * gsmld_poll - poll method for N_GSM0710
2445 * @tty: terminal device
2446 * @file: file accessing it
2447 * @wait: poll table
2448 *
2449 * Called when the line discipline is asked to poll() for data or
2450 * for special events. This code is not serialized with respect to
2451 * other events save open/close.
2452 *
2453 * This code must be sure never to sleep through a hangup.
2454 * Called without the kernel lock held - fine
2455 */
2456
2457static unsigned int gsmld_poll(struct tty_struct *tty, struct file *file,
2458 poll_table *wait)
2459{
2460 unsigned int mask = 0;
2461 struct gsm_mux *gsm = tty->disc_data;
2462
2463 poll_wait(file, &tty->read_wait, wait);
2464 poll_wait(file, &tty->write_wait, wait);
2465 if (tty_hung_up_p(file))
2466 mask |= POLLHUP;
2467 if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
2468 mask |= POLLOUT | POLLWRNORM;
2469 if (gsm->dead)
2470 mask |= POLLHUP;
2471 return mask;
2472}
2473
2474static int gsmld_config(struct tty_struct *tty, struct gsm_mux *gsm,
2475 struct gsm_config *c)
2476{
2477 int need_close = 0;
2478 int need_restart = 0;
2479
2480 /* Stuff we don't support yet - UI or I frame transport, windowing */
2481 if ((c->adaption != 1 && c->adaption != 2) || c->k)
2482 return -EOPNOTSUPP;
2483 /* Check the MRU/MTU range looks sane */
2484 if (c->mru > MAX_MRU || c->mtu > MAX_MTU || c->mru < 8 || c->mtu < 8)
2485 return -EINVAL;
2486 if (c->n2 < 3)
2487 return -EINVAL;
2488 if (c->encapsulation > 1) /* Basic, advanced, no I */
2489 return -EINVAL;
2490 if (c->initiator > 1)
2491 return -EINVAL;
2492 if (c->i == 0 || c->i > 2) /* UIH and UI only */
2493 return -EINVAL;
2494 /*
2495 * See what is needed for reconfiguration
2496 */
2497
2498 /* Timing fields */
2499 if (c->t1 != 0 && c->t1 != gsm->t1)
2500 need_restart = 1;
2501 if (c->t2 != 0 && c->t2 != gsm->t2)
2502 need_restart = 1;
2503 if (c->encapsulation != gsm->encoding)
2504 need_restart = 1;
2505 if (c->adaption != gsm->adaption)
2506 need_restart = 1;
2507 /* Requires care */
2508 if (c->initiator != gsm->initiator)
2509 need_close = 1;
2510 if (c->mru != gsm->mru)
2511 need_restart = 1;
2512 if (c->mtu != gsm->mtu)
2513 need_restart = 1;
2514
2515 /*
2516 * Close down what is needed, restart and initiate the new
2517 * configuration
2518 */
2519
2520 if (need_close || need_restart) {
2521 gsm_dlci_begin_close(gsm->dlci[0]);
2522 /* This will timeout if the link is down due to N2 expiring */
2523 wait_event_interruptible(gsm->event,
2524 gsm->dlci[0]->state == DLCI_CLOSED);
2525 if (signal_pending(current))
2526 return -EINTR;
2527 }
2528 if (need_restart)
2529 gsm_cleanup_mux(gsm);
2530
2531 gsm->initiator = c->initiator;
2532 gsm->mru = c->mru;
2533 gsm->mtu = c->mtu;
2534 gsm->encoding = c->encapsulation;
2535 gsm->adaption = c->adaption;
2536 gsm->n2 = c->n2;
2537
2538 if (c->i == 1)
2539 gsm->ftype = UIH;
2540 else if (c->i == 2)
2541 gsm->ftype = UI;
2542
2543 if (c->t1)
2544 gsm->t1 = c->t1;
2545 if (c->t2)
2546 gsm->t2 = c->t2;
2547
2548 /* FIXME: We need to separate activation/deactivation from adding
2549 and removing from the mux array */
2550 if (need_restart)
2551 gsm_activate_mux(gsm);
2552 if (gsm->initiator && need_close)
2553 gsm_dlci_begin_open(gsm->dlci[0]);
2554 return 0;
2555}
2556
2557static int gsmld_ioctl(struct tty_struct *tty, struct file *file,
2558 unsigned int cmd, unsigned long arg)
2559{
2560 struct gsm_config c;
2561 struct gsm_mux *gsm = tty->disc_data;
2562
2563 switch (cmd) {
2564 case GSMIOC_GETCONF:
2565 memset(&c, 0, sizeof(c));
2566 c.adaption = gsm->adaption;
2567 c.encapsulation = gsm->encoding;
2568 c.initiator = gsm->initiator;
2569 c.t1 = gsm->t1;
2570 c.t2 = gsm->t2;
2571 c.t3 = 0; /* Not supported */
2572 c.n2 = gsm->n2;
2573 if (gsm->ftype == UIH)
2574 c.i = 1;
2575 else
2576 c.i = 2;
2577 pr_debug("Ftype %d i %d\n", gsm->ftype, c.i);
2578 c.mru = gsm->mru;
2579 c.mtu = gsm->mtu;
2580 c.k = 0;
2581 if (copy_to_user((void *)arg, &c, sizeof(c)))
2582 return -EFAULT;
2583 return 0;
2584 case GSMIOC_SETCONF:
2585 if (copy_from_user(&c, (void *)arg, sizeof(c)))
2586 return -EFAULT;
2587 return gsmld_config(tty, gsm, &c);
2588 default:
2589 return n_tty_ioctl_helper(tty, file, cmd, arg);
2590 }
2591}
2592
2593/*
2594 * Network interface
2595 *
2596 */
2597
2598static int gsm_mux_net_open(struct net_device *net)
2599{
2600 pr_debug("%s called\n", __func__);
2601 netif_start_queue(net);
2602 return 0;
2603}
2604
2605static int gsm_mux_net_close(struct net_device *net)
2606{
2607 netif_stop_queue(net);
2608 return 0;
2609}
2610
2611static struct net_device_stats *gsm_mux_net_get_stats(struct net_device *net)
2612{
2613 return &((struct gsm_mux_net *)netdev_priv(net))->stats;
2614}
2615static void dlci_net_free(struct gsm_dlci *dlci)
2616{
2617 if (!dlci->net) {
2618 WARN_ON(1);
2619 return;
2620 }
2621 dlci->adaption = dlci->prev_adaption;
2622 dlci->data = dlci->prev_data;
2623 free_netdev(dlci->net);
2624 dlci->net = NULL;
2625}
2626static void net_free(struct kref *ref)
2627{
2628 struct gsm_mux_net *mux_net;
2629 struct gsm_dlci *dlci;
2630
2631 mux_net = container_of(ref, struct gsm_mux_net, ref);
2632 dlci = mux_net->dlci;
2633
2634 if (dlci->net) {
2635 unregister_netdev(dlci->net);
2636 dlci_net_free(dlci);
2637 }
2638}
2639
2640static inline void muxnet_get(struct gsm_mux_net *mux_net)
2641{
2642 kref_get(&mux_net->ref);
2643}
2644
2645static inline void muxnet_put(struct gsm_mux_net *mux_net)
2646{
2647 kref_put(&mux_net->ref, net_free);
2648}
2649
2650static int gsm_mux_net_start_xmit(struct sk_buff *skb,
2651 struct net_device *net)
2652{
2653 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2654 struct gsm_dlci *dlci = mux_net->dlci;
2655 muxnet_get(mux_net);
2656
2657 skb_queue_head(&dlci->skb_list, skb);
2658 STATS(net).tx_packets++;
2659 STATS(net).tx_bytes += skb->len;
2660 gsm_dlci_data_kick(dlci);
2661 /* And tell the kernel when the last transmit started. */
2662 net->trans_start = jiffies;
2663 muxnet_put(mux_net);
2664 return NETDEV_TX_OK;
2665}
2666
2667/* called when a packet did not ack after watchdogtimeout */
2668static void gsm_mux_net_tx_timeout(struct net_device *net)
2669{
2670 /* Tell syslog we are hosed. */
2671 dev_dbg(&net->dev, "Tx timed out.\n");
2672
2673 /* Update statistics */
2674 STATS(net).tx_errors++;
2675}
2676
2677static void gsm_mux_rx_netchar(struct gsm_dlci *dlci,
2678 unsigned char *in_buf, int size)
2679{
2680 struct net_device *net = dlci->net;
2681 struct sk_buff *skb;
2682 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2683 muxnet_get(mux_net);
2684
2685 /* Allocate an sk_buff */
2686 skb = dev_alloc_skb(size + NET_IP_ALIGN);
2687 if (!skb) {
2688 /* We got no receive buffer. */
2689 STATS(net).rx_dropped++;
2690 muxnet_put(mux_net);
2691 return;
2692 }
2693 skb_reserve(skb, NET_IP_ALIGN);
2694 memcpy(skb_put(skb, size), in_buf, size);
2695
2696 skb->dev = net;
2697 skb->protocol = __constant_htons(ETH_P_IP);
2698
2699 /* Ship it off to the kernel */
2700 netif_rx(skb);
2701
2702 /* update out statistics */
2703 STATS(net).rx_packets++;
2704 STATS(net).rx_bytes += size;
2705 muxnet_put(mux_net);
2706 return;
2707}
2708
2709int gsm_change_mtu(struct net_device *net, int new_mtu)
2710{
2711 struct gsm_mux_net *mux_net = (struct gsm_mux_net *)netdev_priv(net);
2712 if ((new_mtu < 8) || (new_mtu > mux_net->dlci->gsm->mtu))
2713 return -EINVAL;
2714 net->mtu = new_mtu;
2715 return 0;
2716}
2717
2718static void gsm_mux_net_init(struct net_device *net)
2719{
2720 static const struct net_device_ops gsm_netdev_ops = {
2721 .ndo_open = gsm_mux_net_open,
2722 .ndo_stop = gsm_mux_net_close,
2723 .ndo_start_xmit = gsm_mux_net_start_xmit,
2724 .ndo_tx_timeout = gsm_mux_net_tx_timeout,
2725 .ndo_get_stats = gsm_mux_net_get_stats,
2726 .ndo_change_mtu = gsm_change_mtu,
2727 };
2728
2729 net->netdev_ops = &gsm_netdev_ops;
2730
2731 /* fill in the other fields */
2732 net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
2733 net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
2734 net->type = ARPHRD_NONE;
2735 net->tx_queue_len = 10;
2736}
2737
2738
2739/* caller holds the dlci mutex */
2740static void gsm_destroy_network(struct gsm_dlci *dlci)
2741{
2742 struct gsm_mux_net *mux_net;
2743
2744 pr_debug("destroy network interface");
2745 if (!dlci->net)
2746 return;
2747 mux_net = (struct gsm_mux_net *)netdev_priv(dlci->net);
2748 muxnet_put(mux_net);
2749}
2750
2751
2752/* caller holds the dlci mutex */
2753static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
2754{
2755 char *netname;
2756 int retval = 0;
2757 struct net_device *net;
2758 struct gsm_mux_net *mux_net;
2759
2760 if (!capable(CAP_NET_ADMIN))
2761 return -EPERM;
2762
2763 /* Already in a non tty mode */
2764 if (dlci->adaption > 2)
2765 return -EBUSY;
2766
2767 if (nc->protocol != htons(ETH_P_IP))
2768 return -EPROTONOSUPPORT;
2769
2770 if (nc->adaption != 3 && nc->adaption != 4)
2771 return -EPROTONOSUPPORT;
2772
2773 pr_debug("create network interface");
2774
2775 netname = "gsm%d";
2776 if (nc->if_name[0] != '\0')
2777 netname = nc->if_name;
2778 net = alloc_netdev(sizeof(struct gsm_mux_net),
2779 netname,
2780 gsm_mux_net_init);
2781 if (!net) {
2782 pr_err("alloc_netdev failed");
2783 return -ENOMEM;
2784 }
2785 net->mtu = dlci->gsm->mtu;
2786 mux_net = (struct gsm_mux_net *)netdev_priv(net);
2787 mux_net->dlci = dlci;
2788 kref_init(&mux_net->ref);
2789 strncpy(nc->if_name, net->name, IFNAMSIZ); /* return net name */
2790
2791 /* reconfigure dlci for network */
2792 dlci->prev_adaption = dlci->adaption;
2793 dlci->prev_data = dlci->data;
2794 dlci->adaption = nc->adaption;
2795 dlci->data = gsm_mux_rx_netchar;
2796 dlci->net = net;
2797
2798 pr_debug("register netdev");
2799 retval = register_netdev(net);
2800 if (retval) {
2801 pr_err("network register fail %d\n", retval);
2802 dlci_net_free(dlci);
2803 return retval;
2804 }
2805 return net->ifindex; /* return network index */
2806}
2807
2808/* Line discipline for real tty */
2809struct tty_ldisc_ops tty_ldisc_packet = {
2810 .owner = THIS_MODULE,
2811 .magic = TTY_LDISC_MAGIC,
2812 .name = "n_gsm",
2813 .open = gsmld_open,
2814 .close = gsmld_close,
2815 .flush_buffer = gsmld_flush_buffer,
2816 .chars_in_buffer = gsmld_chars_in_buffer,
2817 .read = gsmld_read,
2818 .write = gsmld_write,
2819 .ioctl = gsmld_ioctl,
2820 .poll = gsmld_poll,
2821 .receive_buf = gsmld_receive_buf,
2822 .write_wakeup = gsmld_write_wakeup
2823};
2824
2825/*
2826 * Virtual tty side
2827 */
2828
2829#define TX_SIZE 512
2830
2831static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk)
2832{
2833 u8 modembits[5];
2834 struct gsm_control *ctrl;
2835 int len = 2;
2836
2837 if (brk)
2838 len++;
2839
2840 modembits[0] = len << 1 | EA; /* Data bytes */
2841 modembits[1] = dlci->addr << 2 | 3; /* DLCI, EA, 1 */
2842 modembits[2] = gsm_encode_modem(dlci) << 1 | EA;
2843 if (brk)
2844 modembits[3] = brk << 4 | 2 | EA; /* Valid, EA */
2845 ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len + 1);
2846 if (ctrl == NULL)
2847 return -ENOMEM;
2848 return gsm_control_wait(dlci->gsm, ctrl);
2849}
2850
2851static int gsm_carrier_raised(struct tty_port *port)
2852{
2853 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2854 /* Not yet open so no carrier info */
2855 if (dlci->state != DLCI_OPEN)
2856 return 0;
2857 if (debug & 2)
2858 return 1;
2859 return dlci->modem_rx & TIOCM_CD;
2860}
2861
2862static void gsm_dtr_rts(struct tty_port *port, int onoff)
2863{
2864 struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
2865 unsigned int modem_tx = dlci->modem_tx;
2866 if (onoff)
2867 modem_tx |= TIOCM_DTR | TIOCM_RTS;
2868 else
2869 modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
2870 if (modem_tx != dlci->modem_tx) {
2871 dlci->modem_tx = modem_tx;
2872 gsmtty_modem_update(dlci, 0);
2873 }
2874}
2875
2876static const struct tty_port_operations gsm_port_ops = {
2877 .carrier_raised = gsm_carrier_raised,
2878 .dtr_rts = gsm_dtr_rts,
2879};
2880
2881
2882static int gsmtty_open(struct tty_struct *tty, struct file *filp)
2883{
2884 struct gsm_mux *gsm;
2885 struct gsm_dlci *dlci;
2886 struct tty_port *port;
2887 unsigned int line = tty->index;
2888 unsigned int mux = line >> 6;
2889
2890 line = line & 0x3F;
2891
2892 if (mux >= MAX_MUX)
2893 return -ENXIO;
2894 /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
2895 if (gsm_mux[mux] == NULL)
2896 return -EUNATCH;
2897 if (line == 0 || line > 61) /* 62/63 reserved */
2898 return -ECHRNG;
2899 gsm = gsm_mux[mux];
2900 if (gsm->dead)
2901 return -EL2HLT;
2902 /* If DLCI 0 is not yet fully open return an error. This is ok from a locking
2903 perspective as we don't have to worry about this if DLCI0 is lost */
2904 if (gsm->dlci[0] && gsm->dlci[0]->state != DLCI_OPEN)
2905 return -EL2NSYNC;
2906 dlci = gsm->dlci[line];
2907 if (dlci == NULL)
2908 dlci = gsm_dlci_alloc(gsm, line);
2909 if (dlci == NULL)
2910 return -ENOMEM;
2911 port = &dlci->port;
2912 port->count++;
2913 tty->driver_data = dlci;
2914 dlci_get(dlci);
2915 dlci_get(dlci->gsm->dlci[0]);
2916 mux_get(dlci->gsm);
2917 tty_port_tty_set(port, tty);
2918
2919 dlci->modem_rx = 0;
2920 /* We could in theory open and close before we wait - eg if we get
2921 a DM straight back. This is ok as that will have caused a hangup */
2922 set_bit(ASYNCB_INITIALIZED, &port->flags);
2923 /* Start sending off SABM messages */
2924 gsm_dlci_begin_open(dlci);
2925 /* And wait for virtual carrier */
2926 return tty_port_block_til_ready(port, tty, filp);
2927}
2928
2929static void gsmtty_close(struct tty_struct *tty, struct file *filp)
2930{
2931 struct gsm_dlci *dlci = tty->driver_data;
2932 struct gsm_mux *gsm;
2933
2934 if (dlci == NULL)
2935 return;
2936 mutex_lock(&dlci->mutex);
2937 gsm_destroy_network(dlci);
2938 mutex_unlock(&dlci->mutex);
2939 gsm = dlci->gsm;
2940 if (tty_port_close_start(&dlci->port, tty, filp) == 0)
2941 goto out;
2942 gsm_dlci_begin_close(dlci);
2943 tty_port_close_end(&dlci->port, tty);
2944 tty_port_tty_set(&dlci->port, NULL);
2945out:
2946 dlci_put(dlci);
2947 dlci_put(gsm->dlci[0]);
2948 mux_put(gsm);
2949}
2950
2951static void gsmtty_hangup(struct tty_struct *tty)
2952{
2953 struct gsm_dlci *dlci = tty->driver_data;
2954 tty_port_hangup(&dlci->port);
2955 gsm_dlci_begin_close(dlci);
2956}
2957
2958static int gsmtty_write(struct tty_struct *tty, const unsigned char *buf,
2959 int len)
2960{
2961 struct gsm_dlci *dlci = tty->driver_data;
2962 /* Stuff the bytes into the fifo queue */
2963 int sent = kfifo_in_locked(dlci->fifo, buf, len, &dlci->lock);
2964 /* Need to kick the channel */
2965 gsm_dlci_data_kick(dlci);
2966 return sent;
2967}
2968
2969static int gsmtty_write_room(struct tty_struct *tty)
2970{
2971 struct gsm_dlci *dlci = tty->driver_data;
2972 return TX_SIZE - kfifo_len(dlci->fifo);
2973}
2974
2975static int gsmtty_chars_in_buffer(struct tty_struct *tty)
2976{
2977 struct gsm_dlci *dlci = tty->driver_data;
2978 return kfifo_len(dlci->fifo);
2979}
2980
2981static void gsmtty_flush_buffer(struct tty_struct *tty)
2982{
2983 struct gsm_dlci *dlci = tty->driver_data;
2984 /* Caution needed: If we implement reliable transport classes
2985 then the data being transmitted can't simply be junked once
2986 it has first hit the stack. Until then we can just blow it
2987 away */
2988 kfifo_reset(dlci->fifo);
2989 /* Need to unhook this DLCI from the transmit queue logic */
2990}
2991
2992static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
2993{
2994 /* The FIFO handles the queue so the kernel will do the right
2995 thing waiting on chars_in_buffer before calling us. No work
2996 to do here */
2997}
2998
2999static int gsmtty_tiocmget(struct tty_struct *tty)
3000{
3001 struct gsm_dlci *dlci = tty->driver_data;
3002 return dlci->modem_rx;
3003}
3004
3005static int gsmtty_tiocmset(struct tty_struct *tty,
3006 unsigned int set, unsigned int clear)
3007{
3008 struct gsm_dlci *dlci = tty->driver_data;
3009 unsigned int modem_tx = dlci->modem_tx;
3010
3011 modem_tx &= ~clear;
3012 modem_tx |= set;
3013
3014 if (modem_tx != dlci->modem_tx) {
3015 dlci->modem_tx = modem_tx;
3016 return gsmtty_modem_update(dlci, 0);
3017 }
3018 return 0;
3019}
3020
3021
3022static int gsmtty_ioctl(struct tty_struct *tty,
3023 unsigned int cmd, unsigned long arg)
3024{
3025 struct gsm_dlci *dlci = tty->driver_data;
3026 struct gsm_netconfig nc;
3027 int index;
3028
3029 switch (cmd) {
3030 case GSMIOC_ENABLE_NET:
3031 if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
3032 return -EFAULT;
3033 nc.if_name[IFNAMSIZ-1] = '\0';
3034 /* return net interface index or error code */
3035 mutex_lock(&dlci->mutex);
3036 index = gsm_create_network(dlci, &nc);
3037 mutex_unlock(&dlci->mutex);
3038 if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
3039 return -EFAULT;
3040 return index;
3041 case GSMIOC_DISABLE_NET:
3042 if (!capable(CAP_NET_ADMIN))
3043 return -EPERM;
3044 mutex_lock(&dlci->mutex);
3045 gsm_destroy_network(dlci);
3046 mutex_unlock(&dlci->mutex);
3047 return 0;
3048 default:
3049 return -ENOIOCTLCMD;
3050 }
3051}
3052
3053static void gsmtty_set_termios(struct tty_struct *tty, struct ktermios *old)
3054{
3055 /* For the moment its fixed. In actual fact the speed information
3056 for the virtual channel can be propogated in both directions by
3057 the RPN control message. This however rapidly gets nasty as we
3058 then have to remap modem signals each way according to whether
3059 our virtual cable is null modem etc .. */
3060 tty_termios_copy_hw(tty->termios, old);
3061}
3062
3063static void gsmtty_throttle(struct tty_struct *tty)
3064{
3065 struct gsm_dlci *dlci = tty->driver_data;
3066 if (tty->termios->c_cflag & CRTSCTS)
3067 dlci->modem_tx &= ~TIOCM_DTR;
3068 dlci->throttled = 1;
3069 /* Send an MSC with DTR cleared */
3070 gsmtty_modem_update(dlci, 0);
3071}
3072
3073static void gsmtty_unthrottle(struct tty_struct *tty)
3074{
3075 struct gsm_dlci *dlci = tty->driver_data;
3076 if (tty->termios->c_cflag & CRTSCTS)
3077 dlci->modem_tx |= TIOCM_DTR;
3078 dlci->throttled = 0;
3079 /* Send an MSC with DTR set */
3080 gsmtty_modem_update(dlci, 0);
3081}
3082
3083static int gsmtty_break_ctl(struct tty_struct *tty, int state)
3084{
3085 struct gsm_dlci *dlci = tty->driver_data;
3086 int encode = 0; /* Off */
3087
3088 if (state == -1) /* "On indefinitely" - we can't encode this
3089 properly */
3090 encode = 0x0F;
3091 else if (state > 0) {
3092 encode = state / 200; /* mS to encoding */
3093 if (encode > 0x0F)
3094 encode = 0x0F; /* Best effort */
3095 }
3096 return gsmtty_modem_update(dlci, encode);
3097}
3098
3099
3100/* Virtual ttys for the demux */
3101static const struct tty_operations gsmtty_ops = {
3102 .open = gsmtty_open,
3103 .close = gsmtty_close,
3104 .write = gsmtty_write,
3105 .write_room = gsmtty_write_room,
3106 .chars_in_buffer = gsmtty_chars_in_buffer,
3107 .flush_buffer = gsmtty_flush_buffer,
3108 .ioctl = gsmtty_ioctl,
3109 .throttle = gsmtty_throttle,
3110 .unthrottle = gsmtty_unthrottle,
3111 .set_termios = gsmtty_set_termios,
3112 .hangup = gsmtty_hangup,
3113 .wait_until_sent = gsmtty_wait_until_sent,
3114 .tiocmget = gsmtty_tiocmget,
3115 .tiocmset = gsmtty_tiocmset,
3116 .break_ctl = gsmtty_break_ctl,
3117};
3118
3119
3120
3121static int __init gsm_init(void)
3122{
3123 /* Fill in our line protocol discipline, and register it */
3124 int status = tty_register_ldisc(N_GSM0710, &tty_ldisc_packet);
3125 if (status != 0) {
3126 pr_err("n_gsm: can't register line discipline (err = %d)\n",
3127 status);
3128 return status;
3129 }
3130
3131 gsm_tty_driver = alloc_tty_driver(256);
3132 if (!gsm_tty_driver) {
3133 tty_unregister_ldisc(N_GSM0710);
3134 pr_err("gsm_init: tty allocation failed.\n");
3135 return -EINVAL;
3136 }
3137 gsm_tty_driver->driver_name = "gsmtty";
3138 gsm_tty_driver->name = "gsmtty";
3139 gsm_tty_driver->major = 0; /* Dynamic */
3140 gsm_tty_driver->minor_start = 0;
3141 gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
3142 gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
3143 gsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV
3144 | TTY_DRIVER_HARDWARE_BREAK;
3145 gsm_tty_driver->init_termios = tty_std_termios;
3146 /* Fixme */
3147 gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
3148 tty_set_operations(gsm_tty_driver, &gsmtty_ops);
3149
3150 spin_lock_init(&gsm_mux_lock);
3151
3152 if (tty_register_driver(gsm_tty_driver)) {
3153 put_tty_driver(gsm_tty_driver);
3154 tty_unregister_ldisc(N_GSM0710);
3155 pr_err("gsm_init: tty registration failed.\n");
3156 return -EBUSY;
3157 }
3158 pr_debug("gsm_init: loaded as %d,%d.\n",
3159 gsm_tty_driver->major, gsm_tty_driver->minor_start);
3160 return 0;
3161}
3162
3163static void __exit gsm_exit(void)
3164{
3165 int status = tty_unregister_ldisc(N_GSM0710);
3166 if (status != 0)
3167 pr_err("n_gsm: can't unregister line discipline (err = %d)\n",
3168 status);
3169 tty_unregister_driver(gsm_tty_driver);
3170 put_tty_driver(gsm_tty_driver);
3171}
3172
3173module_init(gsm_init);
3174module_exit(gsm_exit);
3175
3176
3177MODULE_LICENSE("GPL");
3178MODULE_ALIAS_LDISC(N_GSM0710);