n_gsm.c 114 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * n_gsm.c GSM 0710 tty multiplexor
  4. * Copyright (c) 2009/10 Intel Corporation
  5. * Copyright (c) 2022/23 Siemens Mobility GmbH
  6. *
  7. * * THIS IS A DEVELOPMENT SNAPSHOT IT IS NOT A FINAL RELEASE *
  8. *
  9. * Outgoing path:
  10. * tty -> DLCI fifo -> scheduler -> GSM MUX data queue ---o-> ldisc
  11. * control message -> GSM MUX control queue --´
  12. *
  13. * Incoming path:
  14. * ldisc -> gsm_queue() -o--> tty
  15. * `-> gsm_control_response()
  16. *
  17. * TO DO:
  18. * Mostly done: ioctls for setting modes/timing
  19. * Partly done: hooks so you can pull off frames to non tty devs
  20. * Restart DLCI 0 when it closes ?
  21. * Improve the tx engine
  22. * Resolve tx side locking by adding a queue_head and routing
  23. * all control traffic via it
  24. * General tidy/document
  25. * Review the locking/move to refcounts more (mux now moved to an
  26. * alloc/free model ready)
  27. * Use newest tty open/close port helpers and install hooks
  28. * What to do about power functions ?
  29. * Termios setting and negotiation
  30. * Do we need a 'which mux are you' ioctl to correlate mux and tty sets
  31. *
  32. */
  33. #include <linux/types.h>
  34. #include <linux/major.h>
  35. #include <linux/errno.h>
  36. #include <linux/signal.h>
  37. #include <linux/fcntl.h>
  38. #include <linux/sched/signal.h>
  39. #include <linux/interrupt.h>
  40. #include <linux/tty.h>
  41. #include <linux/bitfield.h>
  42. #include <linux/ctype.h>
  43. #include <linux/mm.h>
  44. #include <linux/math.h>
  45. #include <linux/nospec.h>
  46. #include <linux/string.h>
  47. #include <linux/slab.h>
  48. #include <linux/poll.h>
  49. #include <linux/bitops.h>
  50. #include <linux/file.h>
  51. #include <linux/uaccess.h>
  52. #include <linux/module.h>
  53. #include <linux/timer.h>
  54. #include <linux/tty_flip.h>
  55. #include <linux/tty_driver.h>
  56. #include <linux/serial.h>
  57. #include <linux/kfifo.h>
  58. #include <linux/skbuff.h>
  59. #include <net/arp.h>
  60. #include <linux/ip.h>
  61. #include <linux/netdevice.h>
  62. #include <linux/etherdevice.h>
  63. #include <linux/gsmmux.h>
  64. #include "tty.h"
  65. static int debug;
  66. module_param(debug, int, 0600);
  67. /* Module debug bits */
  68. #define DBG_DUMP BIT(0) /* Data transmission dump. */
  69. #define DBG_CD_ON BIT(1) /* Always assume CD line on. */
  70. #define DBG_DATA BIT(2) /* Data transmission details. */
  71. #define DBG_ERRORS BIT(3) /* Details for fail conditions. */
  72. #define DBG_TTY BIT(4) /* Transmission statistics for DLCI TTYs. */
  73. #define DBG_PAYLOAD BIT(5) /* Limits DBG_DUMP to payload frames. */
  74. /* Defaults: these are from the specification */
  75. #define T1 10 /* 100mS */
  76. #define T2 34 /* 333mS */
  77. #define T3 10 /* 10s */
  78. #define N2 3 /* Retry 3 times */
  79. #define K 2 /* outstanding I frames */
  80. #define MAX_T3 255 /* In seconds. */
  81. #define MAX_WINDOW_SIZE 7 /* Limit of K in error recovery mode. */
  82. /* Use long timers for testing at low speed with debug on */
  83. #ifdef DEBUG_TIMING
  84. #define T1 100
  85. #define T2 200
  86. #endif
  87. /*
  88. * Semi-arbitrary buffer size limits. 0710 is normally run with 32-64 byte
  89. * limits so this is plenty
  90. */
  91. #define MAX_MRU 1500
  92. #define MAX_MTU 1500
  93. #define MIN_MTU (PROT_OVERHEAD + 1)
  94. /* SOF, ADDR, CTRL, LEN1, LEN2, ..., FCS, EOF */
  95. #define PROT_OVERHEAD 7
  96. #define GSM_NET_TX_TIMEOUT (HZ*10)
  97. /*
  98. * struct gsm_mux_net - network interface
  99. *
  100. * Created when net interface is initialized.
  101. */
  102. struct gsm_mux_net {
  103. struct kref ref;
  104. struct gsm_dlci *dlci;
  105. };
  106. /*
  107. * Each block of data we have queued to go out is in the form of
  108. * a gsm_msg which holds everything we need in a link layer independent
  109. * format
  110. */
  111. struct gsm_msg {
  112. struct list_head list;
  113. u8 addr; /* DLCI address + flags */
  114. u8 ctrl; /* Control byte + flags */
  115. unsigned int len; /* Length of data block (can be zero) */
  116. u8 *data; /* Points into buffer but not at the start */
  117. u8 buffer[];
  118. };
  119. enum gsm_dlci_state {
  120. DLCI_CLOSED,
  121. DLCI_WAITING_CONFIG, /* Waiting for DLCI configuration from user */
  122. DLCI_CONFIGURE, /* Sending PN (for adaption > 1) */
  123. DLCI_OPENING, /* Sending SABM not seen UA */
  124. DLCI_OPEN, /* SABM/UA complete */
  125. DLCI_CLOSING, /* Sending DISC not seen UA/DM */
  126. };
  127. enum gsm_dlci_mode {
  128. DLCI_MODE_ABM, /* Normal Asynchronous Balanced Mode */
  129. DLCI_MODE_ADM, /* Asynchronous Disconnected Mode */
  130. };
  131. /*
  132. * Each active data link has a gsm_dlci structure associated which ties
  133. * the link layer to an optional tty (if the tty side is open). To avoid
  134. * complexity right now these are only ever freed up when the mux is
  135. * shut down.
  136. *
  137. * At the moment we don't free DLCI objects until the mux is torn down
  138. * this avoid object life time issues but might be worth review later.
  139. */
  140. struct gsm_dlci {
  141. struct gsm_mux *gsm;
  142. int addr;
  143. enum gsm_dlci_state state;
  144. struct mutex mutex;
  145. /* Link layer */
  146. enum gsm_dlci_mode mode;
  147. spinlock_t lock; /* Protects the internal state */
  148. struct timer_list t1; /* Retransmit timer for SABM and UA */
  149. int retries;
  150. /* Uplink tty if active */
  151. struct tty_port port; /* The tty bound to this DLCI if there is one */
  152. #define TX_SIZE 4096 /* Must be power of 2. */
  153. struct kfifo fifo; /* Queue fifo for the DLCI */
  154. int adaption; /* Adaption layer in use */
  155. int prev_adaption;
  156. u32 modem_rx; /* Our incoming virtual modem lines */
  157. u32 modem_tx; /* Our outgoing modem lines */
  158. unsigned int mtu;
  159. bool dead; /* Refuse re-open */
  160. /* Configuration */
  161. u8 prio; /* Priority */
  162. u8 ftype; /* Frame type */
  163. u8 k; /* Window size */
  164. /* Flow control */
  165. bool throttled; /* Private copy of throttle state */
  166. bool constipated; /* Throttle status for outgoing */
  167. /* Packetised I/O */
  168. struct sk_buff *skb; /* Frame being sent */
  169. struct sk_buff_head skb_list; /* Queued frames */
  170. /* Data handling callback */
  171. void (*data)(struct gsm_dlci *dlci, const u8 *data, int len);
  172. void (*prev_data)(struct gsm_dlci *dlci, const u8 *data, int len);
  173. struct net_device *net; /* network interface, if created */
  174. };
  175. /*
  176. * Parameter bits used for parameter negotiation according to 3GPP 27.010
  177. * chapter 5.4.6.3.1.
  178. */
  179. struct gsm_dlci_param_bits {
  180. u8 d_bits;
  181. u8 i_cl_bits;
  182. u8 p_bits;
  183. u8 t_bits;
  184. __le16 n_bits;
  185. u8 na_bits;
  186. u8 k_bits;
  187. };
  188. static_assert(sizeof(struct gsm_dlci_param_bits) == 8);
  189. #define PN_D_FIELD_DLCI GENMASK(5, 0)
  190. #define PN_I_CL_FIELD_FTYPE GENMASK(3, 0)
  191. #define PN_I_CL_FIELD_ADAPTION GENMASK(7, 4)
  192. #define PN_P_FIELD_PRIO GENMASK(5, 0)
  193. #define PN_T_FIELD_T1 GENMASK(7, 0)
  194. #define PN_N_FIELD_N1 GENMASK(15, 0)
  195. #define PN_NA_FIELD_N2 GENMASK(7, 0)
  196. #define PN_K_FIELD_K GENMASK(2, 0)
  197. /* Total number of supported devices */
  198. #define GSM_TTY_MINORS 256
  199. /* DLCI 0, 62/63 are special or reserved see gsmtty_open */
  200. #define NUM_DLCI 64
  201. /*
  202. * DLCI 0 is used to pass control blocks out of band of the data
  203. * flow (and with a higher link priority). One command can be outstanding
  204. * at a time and we use this structure to manage them. They are created
  205. * and destroyed by the user context, and updated by the receive paths
  206. * and timers
  207. */
  208. struct gsm_control {
  209. u8 cmd; /* Command we are issuing */
  210. u8 *data; /* Data for the command in case we retransmit */
  211. int len; /* Length of block for retransmission */
  212. int done; /* Done flag */
  213. int error; /* Error if any */
  214. };
  215. enum gsm_encoding {
  216. GSM_BASIC_OPT,
  217. GSM_ADV_OPT,
  218. };
  219. enum gsm_mux_state {
  220. GSM_SEARCH,
  221. GSM0_ADDRESS,
  222. GSM0_CONTROL,
  223. GSM0_LEN0,
  224. GSM0_LEN1,
  225. GSM0_DATA,
  226. GSM0_FCS,
  227. GSM0_SSOF,
  228. GSM1_START,
  229. GSM1_ADDRESS,
  230. GSM1_CONTROL,
  231. GSM1_DATA,
  232. GSM1_OVERRUN,
  233. };
  234. /*
  235. * Each GSM mux we have is represented by this structure. If we are
  236. * operating as an ldisc then we use this structure as our ldisc
  237. * state. We need to sort out lifetimes and locking with respect
  238. * to the gsm mux array. For now we don't free DLCI objects that
  239. * have been instantiated until the mux itself is terminated.
  240. *
  241. * To consider further: tty open versus mux shutdown.
  242. */
  243. struct gsm_mux {
  244. struct tty_struct *tty; /* The tty our ldisc is bound to */
  245. spinlock_t lock;
  246. struct mutex mutex;
  247. unsigned int num;
  248. struct kref ref;
  249. /* Events on the GSM channel */
  250. wait_queue_head_t event;
  251. /* ldisc send work */
  252. struct work_struct tx_work;
  253. /* Bits for GSM mode decoding */
  254. /* Framing Layer */
  255. u8 *buf;
  256. enum gsm_mux_state state;
  257. unsigned int len;
  258. unsigned int address;
  259. unsigned int count;
  260. bool escape;
  261. enum gsm_encoding encoding;
  262. u8 control;
  263. u8 fcs;
  264. u8 *txframe; /* TX framing buffer */
  265. /* Method for the receiver side */
  266. void (*receive)(struct gsm_mux *gsm, u8 ch);
  267. /* Link Layer */
  268. unsigned int mru;
  269. unsigned int mtu;
  270. int initiator; /* Did we initiate connection */
  271. bool dead; /* Has the mux been shut down */
  272. struct gsm_dlci *dlci[NUM_DLCI];
  273. int old_c_iflag; /* termios c_iflag value before attach */
  274. bool constipated; /* Asked by remote to shut up */
  275. bool has_devices; /* Devices were registered */
  276. spinlock_t tx_lock;
  277. unsigned int tx_bytes; /* TX data outstanding */
  278. #define TX_THRESH_HI 8192
  279. #define TX_THRESH_LO 2048
  280. struct list_head tx_ctrl_list; /* Pending control packets */
  281. struct list_head tx_data_list; /* Pending data packets */
  282. /* Control messages */
  283. struct timer_list kick_timer; /* Kick TX queuing on timeout */
  284. struct timer_list t2_timer; /* Retransmit timer for commands */
  285. int cretries; /* Command retry counter */
  286. struct gsm_control *pending_cmd;/* Our current pending command */
  287. spinlock_t control_lock; /* Protects the pending command */
  288. /* Keep-alive */
  289. struct timer_list ka_timer; /* Keep-alive response timer */
  290. u8 ka_num; /* Keep-alive match pattern */
  291. signed int ka_retries; /* Keep-alive retry counter, -1 if not yet initialized */
  292. /* Configuration */
  293. int adaption; /* 1 or 2 supported */
  294. u8 ftype; /* UI or UIH */
  295. int t1, t2; /* Timers in 1/100th of a sec */
  296. unsigned int t3; /* Power wake-up timer in seconds. */
  297. int n2; /* Retry count */
  298. u8 k; /* Window size */
  299. bool wait_config; /* Wait for configuration by ioctl before DLCI open */
  300. u32 keep_alive; /* Control channel keep-alive in 10ms */
  301. /* Statistics (not currently exposed) */
  302. unsigned long bad_fcs;
  303. unsigned long malformed;
  304. unsigned long io_error;
  305. unsigned long open_error;
  306. unsigned long bad_size;
  307. unsigned long unsupported;
  308. };
  309. /*
  310. * Mux objects - needed so that we can translate a tty index into the
  311. * relevant mux and DLCI.
  312. */
  313. #define MAX_MUX 4 /* 256 minors */
  314. static struct gsm_mux *gsm_mux[MAX_MUX]; /* GSM muxes */
  315. static DEFINE_SPINLOCK(gsm_mux_lock);
  316. static struct tty_driver *gsm_tty_driver;
  317. /*
  318. * This section of the driver logic implements the GSM encodings
  319. * both the basic and the 'advanced'. Reliable transport is not
  320. * supported.
  321. */
  322. #define CR 0x02
  323. #define EA 0x01
  324. #define PF 0x10
  325. /* I is special: the rest are ..*/
  326. #define RR 0x01
  327. #define UI 0x03
  328. #define RNR 0x05
  329. #define REJ 0x09
  330. #define DM 0x0F
  331. #define SABM 0x2F
  332. #define DISC 0x43
  333. #define UA 0x63
  334. #define UIH 0xEF
  335. /* Channel commands */
  336. #define CMD_NSC 0x09
  337. #define CMD_TEST 0x11
  338. #define CMD_PSC 0x21
  339. #define CMD_RLS 0x29
  340. #define CMD_FCOFF 0x31
  341. #define CMD_PN 0x41
  342. #define CMD_RPN 0x49
  343. #define CMD_FCON 0x51
  344. #define CMD_CLD 0x61
  345. #define CMD_SNC 0x69
  346. #define CMD_MSC 0x71
  347. /* Virtual modem bits */
  348. #define MDM_FC 0x01
  349. #define MDM_RTC 0x02
  350. #define MDM_RTR 0x04
  351. #define MDM_IC 0x20
  352. #define MDM_DV 0x40
  353. #define GSM0_SOF 0xF9
  354. #define GSM1_SOF 0x7E
  355. #define GSM1_ESCAPE 0x7D
  356. #define GSM1_ESCAPE_BITS 0x20
  357. #define XON 0x11
  358. #define XOFF 0x13
  359. #define ISO_IEC_646_MASK 0x7F
  360. static const struct tty_port_operations gsm_port_ops;
  361. /*
  362. * CRC table for GSM 0710
  363. */
  364. static const u8 gsm_fcs8[256] = {
  365. 0x00, 0x91, 0xE3, 0x72, 0x07, 0x96, 0xE4, 0x75,
  366. 0x0E, 0x9F, 0xED, 0x7C, 0x09, 0x98, 0xEA, 0x7B,
  367. 0x1C, 0x8D, 0xFF, 0x6E, 0x1B, 0x8A, 0xF8, 0x69,
  368. 0x12, 0x83, 0xF1, 0x60, 0x15, 0x84, 0xF6, 0x67,
  369. 0x38, 0xA9, 0xDB, 0x4A, 0x3F, 0xAE, 0xDC, 0x4D,
  370. 0x36, 0xA7, 0xD5, 0x44, 0x31, 0xA0, 0xD2, 0x43,
  371. 0x24, 0xB5, 0xC7, 0x56, 0x23, 0xB2, 0xC0, 0x51,
  372. 0x2A, 0xBB, 0xC9, 0x58, 0x2D, 0xBC, 0xCE, 0x5F,
  373. 0x70, 0xE1, 0x93, 0x02, 0x77, 0xE6, 0x94, 0x05,
  374. 0x7E, 0xEF, 0x9D, 0x0C, 0x79, 0xE8, 0x9A, 0x0B,
  375. 0x6C, 0xFD, 0x8F, 0x1E, 0x6B, 0xFA, 0x88, 0x19,
  376. 0x62, 0xF3, 0x81, 0x10, 0x65, 0xF4, 0x86, 0x17,
  377. 0x48, 0xD9, 0xAB, 0x3A, 0x4F, 0xDE, 0xAC, 0x3D,
  378. 0x46, 0xD7, 0xA5, 0x34, 0x41, 0xD0, 0xA2, 0x33,
  379. 0x54, 0xC5, 0xB7, 0x26, 0x53, 0xC2, 0xB0, 0x21,
  380. 0x5A, 0xCB, 0xB9, 0x28, 0x5D, 0xCC, 0xBE, 0x2F,
  381. 0xE0, 0x71, 0x03, 0x92, 0xE7, 0x76, 0x04, 0x95,
  382. 0xEE, 0x7F, 0x0D, 0x9C, 0xE9, 0x78, 0x0A, 0x9B,
  383. 0xFC, 0x6D, 0x1F, 0x8E, 0xFB, 0x6A, 0x18, 0x89,
  384. 0xF2, 0x63, 0x11, 0x80, 0xF5, 0x64, 0x16, 0x87,
  385. 0xD8, 0x49, 0x3B, 0xAA, 0xDF, 0x4E, 0x3C, 0xAD,
  386. 0xD6, 0x47, 0x35, 0xA4, 0xD1, 0x40, 0x32, 0xA3,
  387. 0xC4, 0x55, 0x27, 0xB6, 0xC3, 0x52, 0x20, 0xB1,
  388. 0xCA, 0x5B, 0x29, 0xB8, 0xCD, 0x5C, 0x2E, 0xBF,
  389. 0x90, 0x01, 0x73, 0xE2, 0x97, 0x06, 0x74, 0xE5,
  390. 0x9E, 0x0F, 0x7D, 0xEC, 0x99, 0x08, 0x7A, 0xEB,
  391. 0x8C, 0x1D, 0x6F, 0xFE, 0x8B, 0x1A, 0x68, 0xF9,
  392. 0x82, 0x13, 0x61, 0xF0, 0x85, 0x14, 0x66, 0xF7,
  393. 0xA8, 0x39, 0x4B, 0xDA, 0xAF, 0x3E, 0x4C, 0xDD,
  394. 0xA6, 0x37, 0x45, 0xD4, 0xA1, 0x30, 0x42, 0xD3,
  395. 0xB4, 0x25, 0x57, 0xC6, 0xB3, 0x22, 0x50, 0xC1,
  396. 0xBA, 0x2B, 0x59, 0xC8, 0xBD, 0x2C, 0x5E, 0xCF
  397. };
  398. #define INIT_FCS 0xFF
  399. #define GOOD_FCS 0xCF
  400. static void gsm_dlci_close(struct gsm_dlci *dlci);
  401. static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len);
  402. static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk);
  403. static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
  404. u8 ctrl);
  405. static int gsm_send_packet(struct gsm_mux *gsm, struct gsm_msg *msg);
  406. static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr);
  407. static void gsmld_write_trigger(struct gsm_mux *gsm);
  408. static void gsmld_write_task(struct work_struct *work);
  409. static int gsm_modem_send_initial_msc(struct gsm_dlci *dlci);
  410. /**
  411. * gsm_fcs_add - update FCS
  412. * @fcs: Current FCS
  413. * @c: Next data
  414. *
  415. * Update the FCS to include c. Uses the algorithm in the specification
  416. * notes.
  417. */
  418. static inline u8 gsm_fcs_add(u8 fcs, u8 c)
  419. {
  420. return gsm_fcs8[fcs ^ c];
  421. }
  422. /**
  423. * gsm_fcs_add_block - update FCS for a block
  424. * @fcs: Current FCS
  425. * @c: buffer of data
  426. * @len: length of buffer
  427. *
  428. * Update the FCS to include c. Uses the algorithm in the specification
  429. * notes.
  430. */
  431. static inline u8 gsm_fcs_add_block(u8 fcs, u8 *c, int len)
  432. {
  433. while (len--)
  434. fcs = gsm_fcs8[fcs ^ *c++];
  435. return fcs;
  436. }
  437. /**
  438. * gsm_read_ea - read a byte into an EA
  439. * @val: variable holding value
  440. * @c: byte going into the EA
  441. *
  442. * Processes one byte of an EA. Updates the passed variable
  443. * and returns 1 if the EA is now completely read
  444. */
  445. static int gsm_read_ea(unsigned int *val, u8 c)
  446. {
  447. /* Add the next 7 bits into the value */
  448. *val <<= 7;
  449. *val |= c >> 1;
  450. /* Was this the last byte of the EA 1 = yes*/
  451. return c & EA;
  452. }
  453. /**
  454. * gsm_read_ea_val - read a value until EA
  455. * @val: variable holding value
  456. * @data: buffer of data
  457. * @dlen: length of data
  458. *
  459. * Processes an EA value. Updates the passed variable and
  460. * returns the processed data length.
  461. */
  462. static unsigned int gsm_read_ea_val(unsigned int *val, const u8 *data, int dlen)
  463. {
  464. unsigned int len = 0;
  465. for (; dlen > 0; dlen--) {
  466. len++;
  467. if (gsm_read_ea(val, *data++))
  468. break;
  469. }
  470. return len;
  471. }
  472. /**
  473. * gsm_encode_modem - encode modem data bits
  474. * @dlci: DLCI to encode from
  475. *
  476. * Returns the correct GSM encoded modem status bits (6 bit field) for
  477. * the current status of the DLCI and attached tty object
  478. */
  479. static u8 gsm_encode_modem(const struct gsm_dlci *dlci)
  480. {
  481. u8 modembits = 0;
  482. /* FC is true flow control not modem bits */
  483. if (dlci->throttled)
  484. modembits |= MDM_FC;
  485. if (dlci->modem_tx & TIOCM_DTR)
  486. modembits |= MDM_RTC;
  487. if (dlci->modem_tx & TIOCM_RTS)
  488. modembits |= MDM_RTR;
  489. if (dlci->modem_tx & TIOCM_RI)
  490. modembits |= MDM_IC;
  491. if (dlci->modem_tx & TIOCM_CD || dlci->gsm->initiator)
  492. modembits |= MDM_DV;
  493. /* special mappings for passive side to operate as UE */
  494. if (dlci->modem_tx & TIOCM_OUT1)
  495. modembits |= MDM_IC;
  496. if (dlci->modem_tx & TIOCM_OUT2)
  497. modembits |= MDM_DV;
  498. return modembits;
  499. }
  500. static void gsm_hex_dump_bytes(const char *fname, const u8 *data,
  501. unsigned long len)
  502. {
  503. char *prefix;
  504. if (!fname) {
  505. print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, data, len,
  506. true);
  507. return;
  508. }
  509. prefix = kasprintf(GFP_ATOMIC, "%s: ", fname);
  510. if (!prefix)
  511. return;
  512. print_hex_dump(KERN_INFO, prefix, DUMP_PREFIX_OFFSET, 16, 1, data, len,
  513. true);
  514. kfree(prefix);
  515. }
  516. /**
  517. * gsm_encode_params - encode DLCI parameters
  518. * @dlci: DLCI to encode from
  519. * @params: buffer to fill with the encoded parameters
  520. *
  521. * Encodes the parameters according to GSM 07.10 section 5.4.6.3.1
  522. * table 3.
  523. */
  524. static int gsm_encode_params(const struct gsm_dlci *dlci,
  525. struct gsm_dlci_param_bits *params)
  526. {
  527. const struct gsm_mux *gsm = dlci->gsm;
  528. unsigned int i, cl;
  529. switch (dlci->ftype) {
  530. case UIH:
  531. i = 0; /* UIH */
  532. break;
  533. case UI:
  534. i = 1; /* UI */
  535. break;
  536. default:
  537. pr_debug("unsupported frame type %d\n", dlci->ftype);
  538. return -EINVAL;
  539. }
  540. switch (dlci->adaption) {
  541. case 1: /* Unstructured */
  542. cl = 0; /* convergence layer type 1 */
  543. break;
  544. case 2: /* Unstructured with modem bits. */
  545. cl = 1; /* convergence layer type 2 */
  546. break;
  547. default:
  548. pr_debug("unsupported adaption %d\n", dlci->adaption);
  549. return -EINVAL;
  550. }
  551. params->d_bits = FIELD_PREP(PN_D_FIELD_DLCI, dlci->addr);
  552. /* UIH, convergence layer type 1 */
  553. params->i_cl_bits = FIELD_PREP(PN_I_CL_FIELD_FTYPE, i) |
  554. FIELD_PREP(PN_I_CL_FIELD_ADAPTION, cl);
  555. params->p_bits = FIELD_PREP(PN_P_FIELD_PRIO, dlci->prio);
  556. params->t_bits = FIELD_PREP(PN_T_FIELD_T1, gsm->t1);
  557. params->n_bits = cpu_to_le16(FIELD_PREP(PN_N_FIELD_N1, dlci->mtu));
  558. params->na_bits = FIELD_PREP(PN_NA_FIELD_N2, gsm->n2);
  559. params->k_bits = FIELD_PREP(PN_K_FIELD_K, dlci->k);
  560. return 0;
  561. }
  562. /**
  563. * gsm_register_devices - register all tty devices for a given mux index
  564. *
  565. * @driver: the tty driver that describes the tty devices
  566. * @index: the mux number is used to calculate the minor numbers of the
  567. * ttys for this mux and may differ from the position in the
  568. * mux array.
  569. */
  570. static int gsm_register_devices(struct tty_driver *driver, unsigned int index)
  571. {
  572. struct device *dev;
  573. int i;
  574. unsigned int base;
  575. if (!driver || index >= MAX_MUX)
  576. return -EINVAL;
  577. base = index * NUM_DLCI; /* first minor for this index */
  578. for (i = 1; i < NUM_DLCI; i++) {
  579. /* Don't register device 0 - this is the control channel
  580. * and not a usable tty interface
  581. */
  582. dev = tty_register_device(gsm_tty_driver, base + i, NULL);
  583. if (IS_ERR(dev)) {
  584. if (debug & DBG_ERRORS)
  585. pr_info("%s failed to register device minor %u",
  586. __func__, base + i);
  587. for (i--; i >= 1; i--)
  588. tty_unregister_device(gsm_tty_driver, base + i);
  589. return PTR_ERR(dev);
  590. }
  591. }
  592. return 0;
  593. }
  594. /**
  595. * gsm_unregister_devices - unregister all tty devices for a given mux index
  596. *
  597. * @driver: the tty driver that describes the tty devices
  598. * @index: the mux number is used to calculate the minor numbers of the
  599. * ttys for this mux and may differ from the position in the
  600. * mux array.
  601. */
  602. static void gsm_unregister_devices(struct tty_driver *driver,
  603. unsigned int index)
  604. {
  605. int i;
  606. unsigned int base;
  607. if (!driver || index >= MAX_MUX)
  608. return;
  609. base = index * NUM_DLCI; /* first minor for this index */
  610. for (i = 1; i < NUM_DLCI; i++) {
  611. /* Don't unregister device 0 - this is the control
  612. * channel and not a usable tty interface
  613. */
  614. tty_unregister_device(gsm_tty_driver, base + i);
  615. }
  616. }
  617. /**
  618. * gsm_print_packet - display a frame for debug
  619. * @hdr: header to print before decode
  620. * @addr: address EA from the frame
  621. * @cr: C/R bit seen as initiator
  622. * @control: control including PF bit
  623. * @data: following data bytes
  624. * @dlen: length of data
  625. *
  626. * Displays a packet in human readable format for debugging purposes. The
  627. * style is based on amateur radio LAP-B dump display.
  628. */
  629. static void gsm_print_packet(const char *hdr, int addr, int cr,
  630. u8 control, const u8 *data, int dlen)
  631. {
  632. if (!(debug & DBG_DUMP))
  633. return;
  634. /* Only show user payload frames if debug & DBG_PAYLOAD */
  635. if (!(debug & DBG_PAYLOAD) && addr != 0)
  636. if ((control & ~PF) == UI || (control & ~PF) == UIH)
  637. return;
  638. pr_info("%s %d) %c: ", hdr, addr, "RC"[cr]);
  639. switch (control & ~PF) {
  640. case SABM:
  641. pr_cont("SABM");
  642. break;
  643. case UA:
  644. pr_cont("UA");
  645. break;
  646. case DISC:
  647. pr_cont("DISC");
  648. break;
  649. case DM:
  650. pr_cont("DM");
  651. break;
  652. case UI:
  653. pr_cont("UI");
  654. break;
  655. case UIH:
  656. pr_cont("UIH");
  657. break;
  658. default:
  659. if (!(control & 0x01)) {
  660. pr_cont("I N(S)%d N(R)%d",
  661. (control & 0x0E) >> 1, (control & 0xE0) >> 5);
  662. } else switch (control & 0x0F) {
  663. case RR:
  664. pr_cont("RR(%d)", (control & 0xE0) >> 5);
  665. break;
  666. case RNR:
  667. pr_cont("RNR(%d)", (control & 0xE0) >> 5);
  668. break;
  669. case REJ:
  670. pr_cont("REJ(%d)", (control & 0xE0) >> 5);
  671. break;
  672. default:
  673. pr_cont("[%02X]", control);
  674. }
  675. }
  676. if (control & PF)
  677. pr_cont("(P)");
  678. else
  679. pr_cont("(F)");
  680. gsm_hex_dump_bytes(NULL, data, dlen);
  681. }
  682. /*
  683. * Link level transmission side
  684. */
  685. /**
  686. * gsm_stuff_frame - bytestuff a packet
  687. * @input: input buffer
  688. * @output: output buffer
  689. * @len: length of input
  690. *
  691. * Expand a buffer by bytestuffing it. The worst case size change
  692. * is doubling and the caller is responsible for handing out
  693. * suitable sized buffers.
  694. */
  695. static int gsm_stuff_frame(const u8 *input, u8 *output, int len)
  696. {
  697. int olen = 0;
  698. while (len--) {
  699. if (*input == GSM1_SOF || *input == GSM1_ESCAPE
  700. || (*input & ISO_IEC_646_MASK) == XON
  701. || (*input & ISO_IEC_646_MASK) == XOFF) {
  702. *output++ = GSM1_ESCAPE;
  703. *output++ = *input++ ^ GSM1_ESCAPE_BITS;
  704. olen++;
  705. } else
  706. *output++ = *input++;
  707. olen++;
  708. }
  709. return olen;
  710. }
  711. /**
  712. * gsm_send - send a control frame
  713. * @gsm: our GSM mux
  714. * @addr: address for control frame
  715. * @cr: command/response bit seen as initiator
  716. * @control: control byte including PF bit
  717. *
  718. * Format up and transmit a control frame. These should be transmitted
  719. * ahead of data when they are needed.
  720. */
  721. static int gsm_send(struct gsm_mux *gsm, int addr, int cr, int control)
  722. {
  723. struct gsm_msg *msg;
  724. u8 *dp;
  725. int ocr;
  726. unsigned long flags;
  727. msg = gsm_data_alloc(gsm, addr, 0, control);
  728. if (!msg)
  729. return -ENOMEM;
  730. /* toggle C/R coding if not initiator */
  731. ocr = cr ^ (gsm->initiator ? 0 : 1);
  732. msg->data -= 3;
  733. dp = msg->data;
  734. *dp++ = (addr << 2) | (ocr << 1) | EA;
  735. *dp++ = control;
  736. if (gsm->encoding == GSM_BASIC_OPT)
  737. *dp++ = EA; /* Length of data = 0 */
  738. *dp = 0xFF - gsm_fcs_add_block(INIT_FCS, msg->data, dp - msg->data);
  739. msg->len = (dp - msg->data) + 1;
  740. gsm_print_packet("Q->", addr, cr, control, NULL, 0);
  741. spin_lock_irqsave(&gsm->tx_lock, flags);
  742. list_add_tail(&msg->list, &gsm->tx_ctrl_list);
  743. gsm->tx_bytes += msg->len;
  744. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  745. gsmld_write_trigger(gsm);
  746. return 0;
  747. }
  748. /**
  749. * gsm_dlci_clear_queues - remove outstanding data for a DLCI
  750. * @gsm: mux
  751. * @dlci: clear for this DLCI
  752. *
  753. * Clears the data queues for a given DLCI.
  754. */
  755. static void gsm_dlci_clear_queues(struct gsm_mux *gsm, struct gsm_dlci *dlci)
  756. {
  757. struct gsm_msg *msg, *nmsg;
  758. int addr = dlci->addr;
  759. unsigned long flags;
  760. /* Clear DLCI write fifo first */
  761. spin_lock_irqsave(&dlci->lock, flags);
  762. kfifo_reset(&dlci->fifo);
  763. spin_unlock_irqrestore(&dlci->lock, flags);
  764. /* Clear data packets in MUX write queue */
  765. spin_lock_irqsave(&gsm->tx_lock, flags);
  766. list_for_each_entry_safe(msg, nmsg, &gsm->tx_data_list, list) {
  767. if (msg->addr != addr)
  768. continue;
  769. gsm->tx_bytes -= msg->len;
  770. list_del(&msg->list);
  771. kfree(msg);
  772. }
  773. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  774. }
  775. /**
  776. * gsm_response - send a control response
  777. * @gsm: our GSM mux
  778. * @addr: address for control frame
  779. * @control: control byte including PF bit
  780. *
  781. * Format up and transmit a link level response frame.
  782. */
  783. static inline void gsm_response(struct gsm_mux *gsm, int addr, int control)
  784. {
  785. gsm_send(gsm, addr, 0, control);
  786. }
  787. /**
  788. * gsm_command - send a control command
  789. * @gsm: our GSM mux
  790. * @addr: address for control frame
  791. * @control: control byte including PF bit
  792. *
  793. * Format up and transmit a link level command frame.
  794. */
  795. static inline void gsm_command(struct gsm_mux *gsm, int addr, int control)
  796. {
  797. gsm_send(gsm, addr, 1, control);
  798. }
  799. /* Data transmission */
  800. #define HDR_LEN 6 /* ADDR CTRL [LEN.2] DATA FCS */
  801. /**
  802. * gsm_data_alloc - allocate data frame
  803. * @gsm: GSM mux
  804. * @addr: DLCI address
  805. * @len: length excluding header and FCS
  806. * @ctrl: control byte
  807. *
  808. * Allocate a new data buffer for sending frames with data. Space is left
  809. * at the front for header bytes but that is treated as an implementation
  810. * detail and not for the high level code to use
  811. */
  812. static struct gsm_msg *gsm_data_alloc(struct gsm_mux *gsm, u8 addr, int len,
  813. u8 ctrl)
  814. {
  815. struct gsm_msg *m = kmalloc(sizeof(struct gsm_msg) + len + HDR_LEN,
  816. GFP_ATOMIC);
  817. if (m == NULL)
  818. return NULL;
  819. m->data = m->buffer + HDR_LEN - 1; /* Allow for FCS */
  820. m->len = len;
  821. m->addr = addr;
  822. m->ctrl = ctrl;
  823. INIT_LIST_HEAD(&m->list);
  824. return m;
  825. }
  826. /**
  827. * gsm_send_packet - sends a single packet
  828. * @gsm: GSM Mux
  829. * @msg: packet to send
  830. *
  831. * The given packet is encoded and sent out. No memory is freed.
  832. * The caller must hold the gsm tx lock.
  833. */
  834. static int gsm_send_packet(struct gsm_mux *gsm, struct gsm_msg *msg)
  835. {
  836. int len, ret;
  837. if (gsm->encoding == GSM_BASIC_OPT) {
  838. gsm->txframe[0] = GSM0_SOF;
  839. memcpy(gsm->txframe + 1, msg->data, msg->len);
  840. gsm->txframe[msg->len + 1] = GSM0_SOF;
  841. len = msg->len + 2;
  842. } else {
  843. gsm->txframe[0] = GSM1_SOF;
  844. len = gsm_stuff_frame(msg->data, gsm->txframe + 1, msg->len);
  845. gsm->txframe[len + 1] = GSM1_SOF;
  846. len += 2;
  847. }
  848. if (debug & DBG_DATA)
  849. gsm_hex_dump_bytes(__func__, gsm->txframe, len);
  850. gsm_print_packet("-->", msg->addr, gsm->initiator, msg->ctrl, msg->data,
  851. msg->len);
  852. ret = gsmld_output(gsm, gsm->txframe, len);
  853. if (ret <= 0)
  854. return ret;
  855. /* FIXME: Can eliminate one SOF in many more cases */
  856. gsm->tx_bytes -= msg->len;
  857. return 0;
  858. }
  859. /**
  860. * gsm_is_flow_ctrl_msg - checks if flow control message
  861. * @msg: message to check
  862. *
  863. * Returns true if the given message is a flow control command of the
  864. * control channel. False is returned in any other case.
  865. */
  866. static bool gsm_is_flow_ctrl_msg(struct gsm_msg *msg)
  867. {
  868. unsigned int cmd;
  869. if (msg->addr > 0)
  870. return false;
  871. switch (msg->ctrl & ~PF) {
  872. case UI:
  873. case UIH:
  874. cmd = 0;
  875. if (gsm_read_ea_val(&cmd, msg->data + 2, msg->len - 2) < 1)
  876. break;
  877. switch (cmd & ~PF) {
  878. case CMD_FCOFF:
  879. case CMD_FCON:
  880. return true;
  881. }
  882. break;
  883. }
  884. return false;
  885. }
  886. /**
  887. * gsm_data_kick - poke the queue
  888. * @gsm: GSM Mux
  889. *
  890. * The tty device has called us to indicate that room has appeared in
  891. * the transmit queue. Ram more data into the pipe if we have any.
  892. * If we have been flow-stopped by a CMD_FCOFF, then we can only
  893. * send messages on DLCI0 until CMD_FCON. The caller must hold
  894. * the gsm tx lock.
  895. */
  896. static int gsm_data_kick(struct gsm_mux *gsm)
  897. {
  898. struct gsm_msg *msg, *nmsg;
  899. struct gsm_dlci *dlci;
  900. int ret;
  901. clear_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
  902. /* Serialize control messages and control channel messages first */
  903. list_for_each_entry_safe(msg, nmsg, &gsm->tx_ctrl_list, list) {
  904. if (gsm->constipated && !gsm_is_flow_ctrl_msg(msg))
  905. continue;
  906. ret = gsm_send_packet(gsm, msg);
  907. switch (ret) {
  908. case -ENOSPC:
  909. return -ENOSPC;
  910. case -ENODEV:
  911. /* ldisc not open */
  912. gsm->tx_bytes -= msg->len;
  913. list_del(&msg->list);
  914. kfree(msg);
  915. continue;
  916. default:
  917. if (ret >= 0) {
  918. list_del(&msg->list);
  919. kfree(msg);
  920. }
  921. break;
  922. }
  923. }
  924. if (gsm->constipated)
  925. return -EAGAIN;
  926. /* Serialize other channels */
  927. if (list_empty(&gsm->tx_data_list))
  928. return 0;
  929. list_for_each_entry_safe(msg, nmsg, &gsm->tx_data_list, list) {
  930. dlci = gsm->dlci[msg->addr];
  931. /* Send only messages for DLCIs with valid state */
  932. if (dlci->state != DLCI_OPEN) {
  933. gsm->tx_bytes -= msg->len;
  934. list_del(&msg->list);
  935. kfree(msg);
  936. continue;
  937. }
  938. ret = gsm_send_packet(gsm, msg);
  939. switch (ret) {
  940. case -ENOSPC:
  941. return -ENOSPC;
  942. case -ENODEV:
  943. /* ldisc not open */
  944. gsm->tx_bytes -= msg->len;
  945. list_del(&msg->list);
  946. kfree(msg);
  947. continue;
  948. default:
  949. if (ret >= 0) {
  950. list_del(&msg->list);
  951. kfree(msg);
  952. }
  953. break;
  954. }
  955. }
  956. return 1;
  957. }
  958. /**
  959. * __gsm_data_queue - queue a UI or UIH frame
  960. * @dlci: DLCI sending the data
  961. * @msg: message queued
  962. *
  963. * Add data to the transmit queue and try and get stuff moving
  964. * out of the mux tty if not already doing so. The Caller must hold
  965. * the gsm tx lock.
  966. */
  967. static void __gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
  968. {
  969. struct gsm_mux *gsm = dlci->gsm;
  970. u8 *dp = msg->data;
  971. u8 *fcs = dp + msg->len;
  972. /* Fill in the header */
  973. if (gsm->encoding == GSM_BASIC_OPT) {
  974. if (msg->len < 128)
  975. *--dp = (msg->len << 1) | EA;
  976. else {
  977. *--dp = (msg->len >> 7); /* bits 7 - 15 */
  978. *--dp = (msg->len & 127) << 1; /* bits 0 - 6 */
  979. }
  980. }
  981. *--dp = msg->ctrl;
  982. if (gsm->initiator)
  983. *--dp = (msg->addr << 2) | CR | EA;
  984. else
  985. *--dp = (msg->addr << 2) | EA;
  986. *fcs = gsm_fcs_add_block(INIT_FCS, dp , msg->data - dp);
  987. /* Ugly protocol layering violation */
  988. if (msg->ctrl == UI || msg->ctrl == (UI|PF))
  989. *fcs = gsm_fcs_add_block(*fcs, msg->data, msg->len);
  990. *fcs = 0xFF - *fcs;
  991. gsm_print_packet("Q> ", msg->addr, gsm->initiator, msg->ctrl,
  992. msg->data, msg->len);
  993. /* Move the header back and adjust the length, also allow for the FCS
  994. now tacked on the end */
  995. msg->len += (msg->data - dp) + 1;
  996. msg->data = dp;
  997. /* Add to the actual output queue */
  998. switch (msg->ctrl & ~PF) {
  999. case UI:
  1000. case UIH:
  1001. if (msg->addr > 0) {
  1002. list_add_tail(&msg->list, &gsm->tx_data_list);
  1003. break;
  1004. }
  1005. fallthrough;
  1006. default:
  1007. list_add_tail(&msg->list, &gsm->tx_ctrl_list);
  1008. break;
  1009. }
  1010. gsm->tx_bytes += msg->len;
  1011. gsmld_write_trigger(gsm);
  1012. mod_timer(&gsm->kick_timer, jiffies + 10 * gsm->t1 * HZ / 100);
  1013. }
  1014. /**
  1015. * gsm_data_queue - queue a UI or UIH frame
  1016. * @dlci: DLCI sending the data
  1017. * @msg: message queued
  1018. *
  1019. * Add data to the transmit queue and try and get stuff moving
  1020. * out of the mux tty if not already doing so. Take the
  1021. * the gsm tx lock and dlci lock.
  1022. */
  1023. static void gsm_data_queue(struct gsm_dlci *dlci, struct gsm_msg *msg)
  1024. {
  1025. unsigned long flags;
  1026. spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
  1027. __gsm_data_queue(dlci, msg);
  1028. spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
  1029. }
  1030. /**
  1031. * gsm_dlci_data_output - try and push data out of a DLCI
  1032. * @gsm: mux
  1033. * @dlci: the DLCI to pull data from
  1034. *
  1035. * Pull data from a DLCI and send it into the transmit queue if there
  1036. * is data. Keep to the MRU of the mux. This path handles the usual tty
  1037. * interface which is a byte stream with optional modem data.
  1038. *
  1039. * Caller must hold the tx_lock of the mux.
  1040. */
  1041. static int gsm_dlci_data_output(struct gsm_mux *gsm, struct gsm_dlci *dlci)
  1042. {
  1043. struct gsm_msg *msg;
  1044. u8 *dp;
  1045. int h, len, size;
  1046. /* for modem bits without break data */
  1047. h = ((dlci->adaption == 1) ? 0 : 1);
  1048. len = kfifo_len(&dlci->fifo);
  1049. if (len == 0)
  1050. return 0;
  1051. /* MTU/MRU count only the data bits but watch adaption mode */
  1052. if ((len + h) > dlci->mtu)
  1053. len = dlci->mtu - h;
  1054. size = len + h;
  1055. msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
  1056. if (!msg)
  1057. return -ENOMEM;
  1058. dp = msg->data;
  1059. switch (dlci->adaption) {
  1060. case 1: /* Unstructured */
  1061. break;
  1062. case 2: /* Unstructured with modem bits.
  1063. * Always one byte as we never send inline break data
  1064. */
  1065. *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
  1066. break;
  1067. default:
  1068. pr_err("%s: unsupported adaption %d\n", __func__,
  1069. dlci->adaption);
  1070. break;
  1071. }
  1072. WARN_ON(len != kfifo_out_locked(&dlci->fifo, dp, len,
  1073. &dlci->lock));
  1074. /* Notify upper layer about available send space. */
  1075. tty_port_tty_wakeup(&dlci->port);
  1076. __gsm_data_queue(dlci, msg);
  1077. /* Bytes of data we used up */
  1078. return size;
  1079. }
  1080. /**
  1081. * gsm_dlci_data_output_framed - try and push data out of a DLCI
  1082. * @gsm: mux
  1083. * @dlci: the DLCI to pull data from
  1084. *
  1085. * Pull data from a DLCI and send it into the transmit queue if there
  1086. * is data. Keep to the MRU of the mux. This path handles framed data
  1087. * queued as skbuffs to the DLCI.
  1088. *
  1089. * Caller must hold the tx_lock of the mux.
  1090. */
  1091. static int gsm_dlci_data_output_framed(struct gsm_mux *gsm,
  1092. struct gsm_dlci *dlci)
  1093. {
  1094. struct gsm_msg *msg;
  1095. u8 *dp;
  1096. int len, size;
  1097. int last = 0, first = 0;
  1098. int overhead = 0;
  1099. /* One byte per frame is used for B/F flags */
  1100. if (dlci->adaption == 4)
  1101. overhead = 1;
  1102. /* dlci->skb is locked by tx_lock */
  1103. if (dlci->skb == NULL) {
  1104. dlci->skb = skb_dequeue_tail(&dlci->skb_list);
  1105. if (dlci->skb == NULL)
  1106. return 0;
  1107. first = 1;
  1108. }
  1109. len = dlci->skb->len + overhead;
  1110. /* MTU/MRU count only the data bits */
  1111. if (len > dlci->mtu) {
  1112. if (dlci->adaption == 3) {
  1113. /* Over long frame, bin it */
  1114. dev_kfree_skb_any(dlci->skb);
  1115. dlci->skb = NULL;
  1116. return 0;
  1117. }
  1118. len = dlci->mtu;
  1119. } else
  1120. last = 1;
  1121. size = len + overhead;
  1122. msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
  1123. if (msg == NULL) {
  1124. skb_queue_tail(&dlci->skb_list, dlci->skb);
  1125. dlci->skb = NULL;
  1126. return -ENOMEM;
  1127. }
  1128. dp = msg->data;
  1129. if (dlci->adaption == 4) { /* Interruptible framed (Packetised Data) */
  1130. /* Flag byte to carry the start/end info */
  1131. *dp++ = last << 7 | first << 6 | 1; /* EA */
  1132. len--;
  1133. }
  1134. memcpy(dp, dlci->skb->data, len);
  1135. skb_pull(dlci->skb, len);
  1136. __gsm_data_queue(dlci, msg);
  1137. if (last) {
  1138. dev_kfree_skb_any(dlci->skb);
  1139. dlci->skb = NULL;
  1140. }
  1141. return size;
  1142. }
  1143. /**
  1144. * gsm_dlci_modem_output - try and push modem status out of a DLCI
  1145. * @gsm: mux
  1146. * @dlci: the DLCI to pull modem status from
  1147. * @brk: break signal
  1148. *
  1149. * Push an empty frame in to the transmit queue to update the modem status
  1150. * bits and to transmit an optional break.
  1151. *
  1152. * Caller must hold the tx_lock of the mux.
  1153. */
  1154. static int gsm_dlci_modem_output(struct gsm_mux *gsm, struct gsm_dlci *dlci,
  1155. u8 brk)
  1156. {
  1157. u8 *dp = NULL;
  1158. struct gsm_msg *msg;
  1159. int size = 0;
  1160. /* for modem bits without break data */
  1161. switch (dlci->adaption) {
  1162. case 1: /* Unstructured */
  1163. break;
  1164. case 2: /* Unstructured with modem bits. */
  1165. size++;
  1166. if (brk > 0)
  1167. size++;
  1168. break;
  1169. default:
  1170. pr_err("%s: unsupported adaption %d\n", __func__,
  1171. dlci->adaption);
  1172. return -EINVAL;
  1173. }
  1174. msg = gsm_data_alloc(gsm, dlci->addr, size, dlci->ftype);
  1175. if (!msg) {
  1176. pr_err("%s: gsm_data_alloc error", __func__);
  1177. return -ENOMEM;
  1178. }
  1179. dp = msg->data;
  1180. switch (dlci->adaption) {
  1181. case 1: /* Unstructured */
  1182. break;
  1183. case 2: /* Unstructured with modem bits. */
  1184. if (brk == 0) {
  1185. *dp++ = (gsm_encode_modem(dlci) << 1) | EA;
  1186. } else {
  1187. *dp++ = gsm_encode_modem(dlci) << 1;
  1188. *dp++ = (brk << 4) | 2 | EA; /* Length, Break, EA */
  1189. }
  1190. break;
  1191. default:
  1192. /* Handled above */
  1193. break;
  1194. }
  1195. __gsm_data_queue(dlci, msg);
  1196. return size;
  1197. }
  1198. /**
  1199. * gsm_dlci_data_sweep - look for data to send
  1200. * @gsm: the GSM mux
  1201. *
  1202. * Sweep the GSM mux channels in priority order looking for ones with
  1203. * data to send. We could do with optimising this scan a bit. We aim
  1204. * to fill the queue totally or up to TX_THRESH_HI bytes. Once we hit
  1205. * TX_THRESH_LO we get called again
  1206. *
  1207. * FIXME: We should round robin between groups and in theory you can
  1208. * renegotiate DLCI priorities with optional stuff. Needs optimising.
  1209. */
  1210. static int gsm_dlci_data_sweep(struct gsm_mux *gsm)
  1211. {
  1212. /* Priority ordering: We should do priority with RR of the groups */
  1213. int i, len, ret = 0;
  1214. bool sent;
  1215. struct gsm_dlci *dlci;
  1216. while (gsm->tx_bytes < TX_THRESH_HI) {
  1217. for (sent = false, i = 1; i < NUM_DLCI; i++) {
  1218. dlci = gsm->dlci[i];
  1219. /* skip unused or blocked channel */
  1220. if (!dlci || dlci->constipated)
  1221. continue;
  1222. /* skip channels with invalid state */
  1223. if (dlci->state != DLCI_OPEN)
  1224. continue;
  1225. /* count the sent data per adaption */
  1226. if (dlci->adaption < 3 && !dlci->net)
  1227. len = gsm_dlci_data_output(gsm, dlci);
  1228. else
  1229. len = gsm_dlci_data_output_framed(gsm, dlci);
  1230. /* on error exit */
  1231. if (len < 0)
  1232. return ret;
  1233. if (len > 0) {
  1234. ret++;
  1235. sent = true;
  1236. /* The lower DLCs can starve the higher DLCs! */
  1237. break;
  1238. }
  1239. /* try next */
  1240. }
  1241. if (!sent)
  1242. break;
  1243. }
  1244. return ret;
  1245. }
  1246. /**
  1247. * gsm_dlci_data_kick - transmit if possible
  1248. * @dlci: DLCI to kick
  1249. *
  1250. * Transmit data from this DLCI if the queue is empty. We can't rely on
  1251. * a tty wakeup except when we filled the pipe so we need to fire off
  1252. * new data ourselves in other cases.
  1253. */
  1254. static void gsm_dlci_data_kick(struct gsm_dlci *dlci)
  1255. {
  1256. unsigned long flags;
  1257. int sweep;
  1258. if (dlci->constipated)
  1259. return;
  1260. spin_lock_irqsave(&dlci->gsm->tx_lock, flags);
  1261. /* If we have nothing running then we need to fire up */
  1262. sweep = (dlci->gsm->tx_bytes < TX_THRESH_LO);
  1263. if (dlci->gsm->tx_bytes == 0) {
  1264. if (dlci->net)
  1265. gsm_dlci_data_output_framed(dlci->gsm, dlci);
  1266. else
  1267. gsm_dlci_data_output(dlci->gsm, dlci);
  1268. }
  1269. if (sweep)
  1270. gsm_dlci_data_sweep(dlci->gsm);
  1271. spin_unlock_irqrestore(&dlci->gsm->tx_lock, flags);
  1272. }
  1273. /*
  1274. * Control message processing
  1275. */
  1276. /**
  1277. * gsm_control_command - send a command frame to a control
  1278. * @gsm: gsm channel
  1279. * @cmd: the command to use
  1280. * @data: data to follow encoded info
  1281. * @dlen: length of data
  1282. *
  1283. * Encode up and queue a UI/UIH frame containing our command.
  1284. */
  1285. static int gsm_control_command(struct gsm_mux *gsm, int cmd, const u8 *data,
  1286. int dlen)
  1287. {
  1288. struct gsm_msg *msg;
  1289. struct gsm_dlci *dlci = gsm->dlci[0];
  1290. msg = gsm_data_alloc(gsm, 0, dlen + 2, dlci->ftype);
  1291. if (msg == NULL)
  1292. return -ENOMEM;
  1293. msg->data[0] = (cmd << 1) | CR | EA; /* Set C/R */
  1294. msg->data[1] = (dlen << 1) | EA;
  1295. memcpy(msg->data + 2, data, dlen);
  1296. gsm_data_queue(dlci, msg);
  1297. return 0;
  1298. }
  1299. /**
  1300. * gsm_control_reply - send a response frame to a control
  1301. * @gsm: gsm channel
  1302. * @cmd: the command to use
  1303. * @data: data to follow encoded info
  1304. * @dlen: length of data
  1305. *
  1306. * Encode up and queue a UI/UIH frame containing our response.
  1307. */
  1308. static void gsm_control_reply(struct gsm_mux *gsm, int cmd, const u8 *data,
  1309. int dlen)
  1310. {
  1311. struct gsm_msg *msg;
  1312. struct gsm_dlci *dlci = gsm->dlci[0];
  1313. msg = gsm_data_alloc(gsm, 0, dlen + 2, dlci->ftype);
  1314. if (msg == NULL)
  1315. return;
  1316. msg->data[0] = (cmd & 0xFE) << 1 | EA; /* Clear C/R */
  1317. msg->data[1] = (dlen << 1) | EA;
  1318. memcpy(msg->data + 2, data, dlen);
  1319. gsm_data_queue(dlci, msg);
  1320. }
  1321. /**
  1322. * gsm_process_modem - process received modem status
  1323. * @tty: virtual tty bound to the DLCI
  1324. * @dlci: DLCI to affect
  1325. * @modem: modem bits (full EA)
  1326. * @slen: number of signal octets
  1327. *
  1328. * Used when a modem control message or line state inline in adaption
  1329. * layer 2 is processed. Sort out the local modem state and throttles
  1330. */
  1331. static void gsm_process_modem(struct tty_struct *tty, struct gsm_dlci *dlci,
  1332. u32 modem, int slen)
  1333. {
  1334. int mlines = 0;
  1335. u8 brk = 0;
  1336. int fc;
  1337. /* The modem status command can either contain one octet (V.24 signals)
  1338. * or two octets (V.24 signals + break signals). This is specified in
  1339. * section 5.4.6.3.7 of the 07.10 mux spec.
  1340. */
  1341. if (slen == 1)
  1342. modem = modem & 0x7f;
  1343. else {
  1344. brk = modem & 0x7f;
  1345. modem = (modem >> 7) & 0x7f;
  1346. }
  1347. /* Flow control/ready to communicate */
  1348. fc = (modem & MDM_FC) || !(modem & MDM_RTR);
  1349. if (fc && !dlci->constipated) {
  1350. /* Need to throttle our output on this device */
  1351. dlci->constipated = true;
  1352. } else if (!fc && dlci->constipated) {
  1353. dlci->constipated = false;
  1354. gsm_dlci_data_kick(dlci);
  1355. }
  1356. /* Map modem bits */
  1357. if (modem & MDM_RTC)
  1358. mlines |= TIOCM_DSR | TIOCM_DTR;
  1359. if (modem & MDM_RTR)
  1360. mlines |= TIOCM_RTS | TIOCM_CTS;
  1361. if (modem & MDM_IC)
  1362. mlines |= TIOCM_RI;
  1363. if (modem & MDM_DV)
  1364. mlines |= TIOCM_CD;
  1365. /* Carrier drop -> hangup */
  1366. if (tty) {
  1367. if ((mlines & TIOCM_CD) == 0 && (dlci->modem_rx & TIOCM_CD))
  1368. if (!C_CLOCAL(tty))
  1369. tty_hangup(tty);
  1370. }
  1371. if (brk & 0x01)
  1372. tty_insert_flip_char(&dlci->port, 0, TTY_BREAK);
  1373. dlci->modem_rx = mlines;
  1374. wake_up_interruptible(&dlci->gsm->event);
  1375. }
  1376. /**
  1377. * gsm_process_negotiation - process received parameters
  1378. * @gsm: GSM channel
  1379. * @addr: DLCI address
  1380. * @cr: command/response
  1381. * @params: encoded parameters from the parameter negotiation message
  1382. *
  1383. * Used when the response for our parameter negotiation command was
  1384. * received.
  1385. */
  1386. static int gsm_process_negotiation(struct gsm_mux *gsm, unsigned int addr,
  1387. unsigned int cr,
  1388. const struct gsm_dlci_param_bits *params)
  1389. {
  1390. struct gsm_dlci *dlci = gsm->dlci[addr];
  1391. unsigned int ftype, i, adaption, prio, n1, k;
  1392. i = FIELD_GET(PN_I_CL_FIELD_FTYPE, params->i_cl_bits);
  1393. adaption = FIELD_GET(PN_I_CL_FIELD_ADAPTION, params->i_cl_bits) + 1;
  1394. prio = FIELD_GET(PN_P_FIELD_PRIO, params->p_bits);
  1395. n1 = FIELD_GET(PN_N_FIELD_N1, get_unaligned_le16(&params->n_bits));
  1396. k = FIELD_GET(PN_K_FIELD_K, params->k_bits);
  1397. if (n1 < MIN_MTU) {
  1398. if (debug & DBG_ERRORS)
  1399. pr_info("%s N1 out of range in PN\n", __func__);
  1400. return -EINVAL;
  1401. }
  1402. switch (i) {
  1403. case 0x00:
  1404. ftype = UIH;
  1405. break;
  1406. case 0x01:
  1407. ftype = UI;
  1408. break;
  1409. case 0x02: /* I frames are not supported */
  1410. if (debug & DBG_ERRORS)
  1411. pr_info("%s unsupported I frame request in PN\n",
  1412. __func__);
  1413. gsm->unsupported++;
  1414. return -EINVAL;
  1415. default:
  1416. if (debug & DBG_ERRORS)
  1417. pr_info("%s i out of range in PN\n", __func__);
  1418. return -EINVAL;
  1419. }
  1420. if (!cr && gsm->initiator) {
  1421. if (adaption != dlci->adaption) {
  1422. if (debug & DBG_ERRORS)
  1423. pr_info("%s invalid adaption %d in PN\n",
  1424. __func__, adaption);
  1425. return -EINVAL;
  1426. }
  1427. if (prio != dlci->prio) {
  1428. if (debug & DBG_ERRORS)
  1429. pr_info("%s invalid priority %d in PN",
  1430. __func__, prio);
  1431. return -EINVAL;
  1432. }
  1433. if (n1 > gsm->mru || n1 > dlci->mtu) {
  1434. /* We requested a frame size but the other party wants
  1435. * to send larger frames. The standard allows only a
  1436. * smaller response value than requested (5.4.6.3.1).
  1437. */
  1438. if (debug & DBG_ERRORS)
  1439. pr_info("%s invalid N1 %d in PN\n", __func__,
  1440. n1);
  1441. return -EINVAL;
  1442. }
  1443. dlci->mtu = n1;
  1444. if (ftype != dlci->ftype) {
  1445. if (debug & DBG_ERRORS)
  1446. pr_info("%s invalid i %d in PN\n", __func__, i);
  1447. return -EINVAL;
  1448. }
  1449. if (ftype != UI && ftype != UIH && k > dlci->k) {
  1450. if (debug & DBG_ERRORS)
  1451. pr_info("%s invalid k %d in PN\n", __func__, k);
  1452. return -EINVAL;
  1453. }
  1454. dlci->k = k;
  1455. } else if (cr && !gsm->initiator) {
  1456. /* Only convergence layer type 1 and 2 are supported. */
  1457. if (adaption != 1 && adaption != 2) {
  1458. if (debug & DBG_ERRORS)
  1459. pr_info("%s invalid adaption %d in PN\n",
  1460. __func__, adaption);
  1461. return -EINVAL;
  1462. }
  1463. dlci->adaption = adaption;
  1464. if (n1 > gsm->mru) {
  1465. /* Propose a smaller value */
  1466. dlci->mtu = gsm->mru;
  1467. } else if (n1 > MAX_MTU) {
  1468. /* Propose a smaller value */
  1469. dlci->mtu = MAX_MTU;
  1470. } else {
  1471. dlci->mtu = n1;
  1472. }
  1473. dlci->prio = prio;
  1474. dlci->ftype = ftype;
  1475. dlci->k = k;
  1476. } else {
  1477. return -EINVAL;
  1478. }
  1479. return 0;
  1480. }
  1481. /**
  1482. * gsm_control_modem - modem status received
  1483. * @gsm: GSM channel
  1484. * @data: data following command
  1485. * @clen: command length
  1486. *
  1487. * We have received a modem status control message. This is used by
  1488. * the GSM mux protocol to pass virtual modem line status and optionally
  1489. * to indicate break signals. Unpack it, convert to Linux representation
  1490. * and if need be stuff a break message down the tty.
  1491. */
  1492. static void gsm_control_modem(struct gsm_mux *gsm, const u8 *data, int clen)
  1493. {
  1494. unsigned int addr = 0;
  1495. unsigned int modem = 0;
  1496. struct gsm_dlci *dlci;
  1497. int len = clen;
  1498. int cl = clen;
  1499. const u8 *dp = data;
  1500. struct tty_struct *tty;
  1501. len = gsm_read_ea_val(&addr, data, cl);
  1502. if (len < 1)
  1503. return;
  1504. addr >>= 1;
  1505. /* Closed port, or invalid ? */
  1506. if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
  1507. return;
  1508. dlci = gsm->dlci[addr];
  1509. /* Must be at least one byte following the EA */
  1510. if ((cl - len) < 1)
  1511. return;
  1512. dp += len;
  1513. cl -= len;
  1514. /* get the modem status */
  1515. len = gsm_read_ea_val(&modem, dp, cl);
  1516. if (len < 1)
  1517. return;
  1518. tty = tty_port_tty_get(&dlci->port);
  1519. gsm_process_modem(tty, dlci, modem, cl);
  1520. if (tty) {
  1521. tty_wakeup(tty);
  1522. tty_kref_put(tty);
  1523. }
  1524. gsm_control_reply(gsm, CMD_MSC, data, clen);
  1525. }
  1526. /**
  1527. * gsm_control_negotiation - parameter negotiation received
  1528. * @gsm: GSM channel
  1529. * @cr: command/response flag
  1530. * @data: data following command
  1531. * @dlen: data length
  1532. *
  1533. * We have received a parameter negotiation message. This is used by
  1534. * the GSM mux protocol to configure protocol parameters for a new DLCI.
  1535. */
  1536. static void gsm_control_negotiation(struct gsm_mux *gsm, unsigned int cr,
  1537. const u8 *data, unsigned int dlen)
  1538. {
  1539. unsigned int addr;
  1540. struct gsm_dlci_param_bits pn_reply;
  1541. struct gsm_dlci *dlci;
  1542. struct gsm_dlci_param_bits *params;
  1543. if (dlen < sizeof(struct gsm_dlci_param_bits)) {
  1544. gsm->open_error++;
  1545. return;
  1546. }
  1547. /* Invalid DLCI? */
  1548. params = (struct gsm_dlci_param_bits *)data;
  1549. addr = FIELD_GET(PN_D_FIELD_DLCI, params->d_bits);
  1550. if (addr == 0 || addr >= NUM_DLCI || !gsm->dlci[addr]) {
  1551. gsm->open_error++;
  1552. return;
  1553. }
  1554. dlci = gsm->dlci[addr];
  1555. /* Too late for parameter negotiation? */
  1556. if ((!cr && dlci->state == DLCI_OPENING) || dlci->state == DLCI_OPEN) {
  1557. gsm->open_error++;
  1558. return;
  1559. }
  1560. /* Process the received parameters */
  1561. if (gsm_process_negotiation(gsm, addr, cr, params) != 0) {
  1562. /* Negotiation failed. Close the link. */
  1563. if (debug & DBG_ERRORS)
  1564. pr_info("%s PN failed\n", __func__);
  1565. gsm->open_error++;
  1566. gsm_dlci_close(dlci);
  1567. return;
  1568. }
  1569. if (cr) {
  1570. /* Reply command with accepted parameters. */
  1571. if (gsm_encode_params(dlci, &pn_reply) == 0)
  1572. gsm_control_reply(gsm, CMD_PN, (const u8 *)&pn_reply,
  1573. sizeof(pn_reply));
  1574. else if (debug & DBG_ERRORS)
  1575. pr_info("%s PN invalid\n", __func__);
  1576. } else if (dlci->state == DLCI_CONFIGURE) {
  1577. /* Proceed with link setup by sending SABM before UA */
  1578. dlci->state = DLCI_OPENING;
  1579. gsm_command(gsm, dlci->addr, SABM|PF);
  1580. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  1581. } else {
  1582. if (debug & DBG_ERRORS)
  1583. pr_info("%s PN in invalid state\n", __func__);
  1584. gsm->open_error++;
  1585. }
  1586. }
  1587. /**
  1588. * gsm_control_rls - remote line status
  1589. * @gsm: GSM channel
  1590. * @data: data bytes
  1591. * @clen: data length
  1592. *
  1593. * The modem sends us a two byte message on the control channel whenever
  1594. * it wishes to send us an error state from the virtual link. Stuff
  1595. * this into the uplink tty if present
  1596. */
  1597. static void gsm_control_rls(struct gsm_mux *gsm, const u8 *data, int clen)
  1598. {
  1599. struct tty_port *port;
  1600. unsigned int addr = 0;
  1601. u8 bits;
  1602. int len = clen;
  1603. const u8 *dp = data;
  1604. while (gsm_read_ea(&addr, *dp++) == 0) {
  1605. len--;
  1606. if (len == 0)
  1607. return;
  1608. }
  1609. /* Must be at least one byte following ea */
  1610. len--;
  1611. if (len <= 0)
  1612. return;
  1613. addr >>= 1;
  1614. /* Closed port, or invalid ? */
  1615. if (addr == 0 || addr >= NUM_DLCI || gsm->dlci[addr] == NULL)
  1616. return;
  1617. /* No error ? */
  1618. bits = *dp;
  1619. if ((bits & 1) == 0)
  1620. return;
  1621. port = &gsm->dlci[addr]->port;
  1622. if (bits & 2)
  1623. tty_insert_flip_char(port, 0, TTY_OVERRUN);
  1624. if (bits & 4)
  1625. tty_insert_flip_char(port, 0, TTY_PARITY);
  1626. if (bits & 8)
  1627. tty_insert_flip_char(port, 0, TTY_FRAME);
  1628. tty_flip_buffer_push(port);
  1629. gsm_control_reply(gsm, CMD_RLS, data, clen);
  1630. }
  1631. static void gsm_dlci_begin_close(struct gsm_dlci *dlci);
  1632. /**
  1633. * gsm_control_message - DLCI 0 control processing
  1634. * @gsm: our GSM mux
  1635. * @command: the command EA
  1636. * @data: data beyond the command/length EAs
  1637. * @clen: length
  1638. *
  1639. * Input processor for control messages from the other end of the link.
  1640. * Processes the incoming request and queues a response frame or an
  1641. * NSC response if not supported
  1642. */
  1643. static void gsm_control_message(struct gsm_mux *gsm, unsigned int command,
  1644. const u8 *data, int clen)
  1645. {
  1646. u8 buf[1];
  1647. switch (command) {
  1648. case CMD_CLD: {
  1649. struct gsm_dlci *dlci = gsm->dlci[0];
  1650. /* Modem wishes to close down */
  1651. if (dlci) {
  1652. dlci->dead = true;
  1653. gsm->dead = true;
  1654. gsm_dlci_begin_close(dlci);
  1655. }
  1656. }
  1657. break;
  1658. case CMD_TEST:
  1659. /* Modem wishes to test, reply with the data */
  1660. gsm_control_reply(gsm, CMD_TEST, data, clen);
  1661. break;
  1662. case CMD_FCON:
  1663. /* Modem can accept data again */
  1664. gsm->constipated = false;
  1665. gsm_control_reply(gsm, CMD_FCON, NULL, 0);
  1666. /* Kick the link in case it is idling */
  1667. gsmld_write_trigger(gsm);
  1668. break;
  1669. case CMD_FCOFF:
  1670. /* Modem wants us to STFU */
  1671. gsm->constipated = true;
  1672. gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
  1673. break;
  1674. case CMD_MSC:
  1675. /* Out of band modem line change indicator for a DLCI */
  1676. gsm_control_modem(gsm, data, clen);
  1677. break;
  1678. case CMD_RLS:
  1679. /* Out of band error reception for a DLCI */
  1680. gsm_control_rls(gsm, data, clen);
  1681. break;
  1682. case CMD_PSC:
  1683. /* Modem wishes to enter power saving state */
  1684. gsm_control_reply(gsm, CMD_PSC, NULL, 0);
  1685. break;
  1686. /* Optional commands */
  1687. case CMD_PN:
  1688. /* Modem sends a parameter negotiation command */
  1689. gsm_control_negotiation(gsm, 1, data, clen);
  1690. break;
  1691. /* Optional unsupported commands */
  1692. case CMD_RPN: /* Remote port negotiation */
  1693. case CMD_SNC: /* Service negotiation command */
  1694. gsm->unsupported++;
  1695. fallthrough;
  1696. default:
  1697. /* Reply to bad commands with an NSC */
  1698. buf[0] = command;
  1699. gsm_control_reply(gsm, CMD_NSC, buf, 1);
  1700. break;
  1701. }
  1702. }
  1703. /**
  1704. * gsm_control_response - process a response to our control
  1705. * @gsm: our GSM mux
  1706. * @command: the command (response) EA
  1707. * @data: data beyond the command/length EA
  1708. * @clen: length
  1709. *
  1710. * Process a response to an outstanding command. We only allow a single
  1711. * control message in flight so this is fairly easy. All the clean up
  1712. * is done by the caller, we just update the fields, flag it as done
  1713. * and return
  1714. */
  1715. static void gsm_control_response(struct gsm_mux *gsm, unsigned int command,
  1716. const u8 *data, int clen)
  1717. {
  1718. struct gsm_control *ctrl;
  1719. struct gsm_dlci *dlci;
  1720. unsigned long flags;
  1721. spin_lock_irqsave(&gsm->control_lock, flags);
  1722. ctrl = gsm->pending_cmd;
  1723. dlci = gsm->dlci[0];
  1724. command |= 1;
  1725. /* Does the reply match our command */
  1726. if (ctrl != NULL && (command == ctrl->cmd || command == CMD_NSC)) {
  1727. /* Our command was replied to, kill the retry timer */
  1728. timer_delete(&gsm->t2_timer);
  1729. gsm->pending_cmd = NULL;
  1730. /* Rejected by the other end */
  1731. if (command == CMD_NSC)
  1732. ctrl->error = -EOPNOTSUPP;
  1733. ctrl->done = 1;
  1734. wake_up(&gsm->event);
  1735. /* Or did we receive the PN response to our PN command */
  1736. } else if (command == CMD_PN) {
  1737. gsm_control_negotiation(gsm, 0, data, clen);
  1738. /* Or did we receive the TEST response to our TEST command */
  1739. } else if (command == CMD_TEST && clen == 1 && *data == gsm->ka_num) {
  1740. gsm->ka_retries = -1; /* trigger new keep-alive message */
  1741. if (dlci && !dlci->dead)
  1742. mod_timer(&gsm->ka_timer, jiffies + gsm->keep_alive * HZ / 100);
  1743. }
  1744. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1745. }
  1746. /**
  1747. * gsm_control_keep_alive - check timeout or start keep-alive
  1748. * @t: timer contained in our gsm object
  1749. *
  1750. * Called off the keep-alive timer expiry signaling that our link
  1751. * partner is not responding anymore. Link will be closed.
  1752. * This is also called to startup our timer.
  1753. */
  1754. static void gsm_control_keep_alive(struct timer_list *t)
  1755. {
  1756. struct gsm_mux *gsm = timer_container_of(gsm, t, ka_timer);
  1757. unsigned long flags;
  1758. spin_lock_irqsave(&gsm->control_lock, flags);
  1759. if (gsm->ka_num && gsm->ka_retries == 0) {
  1760. /* Keep-alive expired -> close the link */
  1761. if (debug & DBG_ERRORS)
  1762. pr_debug("%s keep-alive timed out\n", __func__);
  1763. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1764. if (gsm->dlci[0])
  1765. gsm_dlci_begin_close(gsm->dlci[0]);
  1766. return;
  1767. } else if (gsm->keep_alive && gsm->dlci[0] && !gsm->dlci[0]->dead) {
  1768. if (gsm->ka_retries > 0) {
  1769. /* T2 expired for keep-alive -> resend */
  1770. gsm->ka_retries--;
  1771. } else {
  1772. /* Start keep-alive timer */
  1773. gsm->ka_num++;
  1774. if (!gsm->ka_num)
  1775. gsm->ka_num++;
  1776. gsm->ka_retries = (signed int)gsm->n2;
  1777. }
  1778. gsm_control_command(gsm, CMD_TEST, &gsm->ka_num,
  1779. sizeof(gsm->ka_num));
  1780. mod_timer(&gsm->ka_timer,
  1781. jiffies + gsm->t2 * HZ / 100);
  1782. }
  1783. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1784. }
  1785. /**
  1786. * gsm_control_transmit - send control packet
  1787. * @gsm: gsm mux
  1788. * @ctrl: frame to send
  1789. *
  1790. * Send out a pending control command (called under control lock)
  1791. */
  1792. static void gsm_control_transmit(struct gsm_mux *gsm, struct gsm_control *ctrl)
  1793. {
  1794. gsm_control_command(gsm, ctrl->cmd, ctrl->data, ctrl->len);
  1795. }
  1796. /**
  1797. * gsm_control_retransmit - retransmit a control frame
  1798. * @t: timer contained in our gsm object
  1799. *
  1800. * Called off the T2 timer expiry in order to retransmit control frames
  1801. * that have been lost in the system somewhere. The control_lock protects
  1802. * us from colliding with another sender or a receive completion event.
  1803. * In that situation the timer may still occur in a small window but
  1804. * gsm->pending_cmd will be NULL and we just let the timer expire.
  1805. */
  1806. static void gsm_control_retransmit(struct timer_list *t)
  1807. {
  1808. struct gsm_mux *gsm = timer_container_of(gsm, t, t2_timer);
  1809. struct gsm_control *ctrl;
  1810. unsigned long flags;
  1811. spin_lock_irqsave(&gsm->control_lock, flags);
  1812. ctrl = gsm->pending_cmd;
  1813. if (ctrl) {
  1814. if (gsm->cretries == 0 || !gsm->dlci[0] || gsm->dlci[0]->dead) {
  1815. gsm->pending_cmd = NULL;
  1816. ctrl->error = -ETIMEDOUT;
  1817. ctrl->done = 1;
  1818. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1819. wake_up(&gsm->event);
  1820. return;
  1821. }
  1822. gsm->cretries--;
  1823. gsm_control_transmit(gsm, ctrl);
  1824. mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
  1825. }
  1826. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1827. }
  1828. /**
  1829. * gsm_control_send - send a control frame on DLCI 0
  1830. * @gsm: the GSM channel
  1831. * @command: command to send including CR bit
  1832. * @data: bytes of data (must be kmalloced)
  1833. * @clen: length of the block to send
  1834. *
  1835. * Queue and dispatch a control command. Only one command can be
  1836. * active at a time. In theory more can be outstanding but the matching
  1837. * gets really complicated so for now stick to one outstanding.
  1838. */
  1839. static struct gsm_control *gsm_control_send(struct gsm_mux *gsm,
  1840. unsigned int command, u8 *data, int clen)
  1841. {
  1842. struct gsm_control *ctrl = kzalloc_obj(struct gsm_control, GFP_ATOMIC);
  1843. unsigned long flags;
  1844. if (ctrl == NULL)
  1845. return NULL;
  1846. retry:
  1847. wait_event(gsm->event, gsm->pending_cmd == NULL);
  1848. spin_lock_irqsave(&gsm->control_lock, flags);
  1849. if (gsm->pending_cmd != NULL) {
  1850. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1851. goto retry;
  1852. }
  1853. ctrl->cmd = command;
  1854. ctrl->data = data;
  1855. ctrl->len = clen;
  1856. gsm->pending_cmd = ctrl;
  1857. /* If DLCI0 is in ADM mode skip retries, it won't respond */
  1858. if (gsm->dlci[0]->mode == DLCI_MODE_ADM)
  1859. gsm->cretries = 0;
  1860. else
  1861. gsm->cretries = gsm->n2;
  1862. mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100);
  1863. gsm_control_transmit(gsm, ctrl);
  1864. spin_unlock_irqrestore(&gsm->control_lock, flags);
  1865. return ctrl;
  1866. }
  1867. /**
  1868. * gsm_control_wait - wait for a control to finish
  1869. * @gsm: GSM mux
  1870. * @control: control we are waiting on
  1871. *
  1872. * Waits for the control to complete or time out. Frees any used
  1873. * resources and returns 0 for success, or an error if the remote
  1874. * rejected or ignored the request.
  1875. */
  1876. static int gsm_control_wait(struct gsm_mux *gsm, struct gsm_control *control)
  1877. {
  1878. int err;
  1879. wait_event(gsm->event, control->done == 1);
  1880. err = control->error;
  1881. kfree(control);
  1882. return err;
  1883. }
  1884. /*
  1885. * DLCI level handling: Needs krefs
  1886. */
  1887. /*
  1888. * State transitions and timers
  1889. */
  1890. /**
  1891. * gsm_dlci_close - a DLCI has closed
  1892. * @dlci: DLCI that closed
  1893. *
  1894. * Perform processing when moving a DLCI into closed state. If there
  1895. * is an attached tty this is hung up
  1896. */
  1897. static void gsm_dlci_close(struct gsm_dlci *dlci)
  1898. {
  1899. timer_delete(&dlci->t1);
  1900. if (debug & DBG_ERRORS)
  1901. pr_debug("DLCI %d goes closed.\n", dlci->addr);
  1902. dlci->state = DLCI_CLOSED;
  1903. /* Prevent us from sending data before the link is up again */
  1904. dlci->constipated = true;
  1905. if (dlci->addr != 0) {
  1906. tty_port_tty_hangup(&dlci->port, false);
  1907. gsm_dlci_clear_queues(dlci->gsm, dlci);
  1908. /* Ensure that gsmtty_open() can return. */
  1909. tty_port_set_initialized(&dlci->port, false);
  1910. wake_up_interruptible(&dlci->port.open_wait);
  1911. } else {
  1912. timer_delete(&dlci->gsm->ka_timer);
  1913. dlci->gsm->dead = true;
  1914. }
  1915. /* A DLCI 0 close is a MUX termination so we need to kick that
  1916. back to userspace somehow */
  1917. gsm_dlci_data_kick(dlci);
  1918. wake_up_all(&dlci->gsm->event);
  1919. }
  1920. /**
  1921. * gsm_dlci_open - a DLCI has opened
  1922. * @dlci: DLCI that opened
  1923. *
  1924. * Perform processing when moving a DLCI into open state.
  1925. */
  1926. static void gsm_dlci_open(struct gsm_dlci *dlci)
  1927. {
  1928. struct gsm_mux *gsm = dlci->gsm;
  1929. /* Note that SABM UA .. SABM UA first UA lost can mean that we go
  1930. open -> open */
  1931. timer_delete(&dlci->t1);
  1932. /* This will let a tty open continue */
  1933. dlci->state = DLCI_OPEN;
  1934. dlci->constipated = false;
  1935. if (debug & DBG_ERRORS)
  1936. pr_debug("DLCI %d goes open.\n", dlci->addr);
  1937. /* Send current modem state */
  1938. if (dlci->addr) {
  1939. gsm_modem_send_initial_msc(dlci);
  1940. } else {
  1941. /* Start keep-alive control */
  1942. gsm->ka_num = 0;
  1943. gsm->ka_retries = -1;
  1944. mod_timer(&gsm->ka_timer,
  1945. jiffies + gsm->keep_alive * HZ / 100);
  1946. }
  1947. gsm_dlci_data_kick(dlci);
  1948. wake_up(&dlci->gsm->event);
  1949. }
  1950. /**
  1951. * gsm_dlci_negotiate - start parameter negotiation
  1952. * @dlci: DLCI to open
  1953. *
  1954. * Starts the parameter negotiation for the new DLCI. This needs to be done
  1955. * before the DLCI initialized the channel via SABM.
  1956. */
  1957. static int gsm_dlci_negotiate(struct gsm_dlci *dlci)
  1958. {
  1959. struct gsm_mux *gsm = dlci->gsm;
  1960. struct gsm_dlci_param_bits params;
  1961. int ret;
  1962. ret = gsm_encode_params(dlci, &params);
  1963. if (ret != 0)
  1964. return ret;
  1965. /* We cannot asynchronous wait for the command response with
  1966. * gsm_command() and gsm_control_wait() at this point.
  1967. */
  1968. ret = gsm_control_command(gsm, CMD_PN, (const u8 *)&params,
  1969. sizeof(params));
  1970. return ret;
  1971. }
  1972. /**
  1973. * gsm_dlci_t1 - T1 timer expiry
  1974. * @t: timer contained in the DLCI that opened
  1975. *
  1976. * The T1 timer handles retransmits of control frames (essentially of
  1977. * SABM and DISC). We resend the command until the retry count runs out
  1978. * in which case an opening port goes back to closed and a closing port
  1979. * is simply put into closed state (any further frames from the other
  1980. * end will get a DM response)
  1981. *
  1982. * Some control dlci can stay in ADM mode with other dlci working just
  1983. * fine. In that case we can just keep the control dlci open after the
  1984. * DLCI_OPENING receives DM.
  1985. */
  1986. static void gsm_dlci_t1(struct timer_list *t)
  1987. {
  1988. struct gsm_dlci *dlci = timer_container_of(dlci, t, t1);
  1989. struct gsm_mux *gsm = dlci->gsm;
  1990. switch (dlci->state) {
  1991. case DLCI_CONFIGURE:
  1992. if (dlci->retries && gsm_dlci_negotiate(dlci) == 0) {
  1993. dlci->retries--;
  1994. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  1995. } else {
  1996. gsm->open_error++;
  1997. gsm_dlci_begin_close(dlci); /* prevent half open link */
  1998. }
  1999. break;
  2000. case DLCI_OPENING:
  2001. if (!dlci->addr && gsm->control == (DM | PF)) {
  2002. if (debug & DBG_ERRORS)
  2003. pr_info("DLCI 0 opening in ADM mode.\n");
  2004. dlci->mode = DLCI_MODE_ADM;
  2005. gsm_dlci_open(dlci);
  2006. } else if (dlci->retries) {
  2007. if (!dlci->addr || !gsm->dlci[0] ||
  2008. gsm->dlci[0]->state != DLCI_OPENING) {
  2009. dlci->retries--;
  2010. gsm_command(dlci->gsm, dlci->addr, SABM|PF);
  2011. }
  2012. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  2013. } else {
  2014. gsm->open_error++;
  2015. gsm_dlci_begin_close(dlci); /* prevent half open link */
  2016. }
  2017. break;
  2018. case DLCI_CLOSING:
  2019. if (dlci->retries) {
  2020. dlci->retries--;
  2021. gsm_command(dlci->gsm, dlci->addr, DISC|PF);
  2022. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  2023. } else
  2024. gsm_dlci_close(dlci);
  2025. break;
  2026. default:
  2027. pr_debug("%s: unhandled state: %d\n", __func__, dlci->state);
  2028. break;
  2029. }
  2030. }
  2031. /**
  2032. * gsm_dlci_begin_open - start channel open procedure
  2033. * @dlci: DLCI to open
  2034. *
  2035. * Commence opening a DLCI from the Linux side. We issue SABM messages
  2036. * to the modem which should then reply with a UA or ADM, at which point
  2037. * we will move into open state. Opening is done asynchronously with retry
  2038. * running off timers and the responses.
  2039. * Parameter negotiation is performed before SABM if required.
  2040. */
  2041. static void gsm_dlci_begin_open(struct gsm_dlci *dlci)
  2042. {
  2043. struct gsm_mux *gsm = dlci ? dlci->gsm : NULL;
  2044. bool need_pn = false;
  2045. if (!gsm)
  2046. return;
  2047. if (dlci->addr != 0) {
  2048. if (gsm->adaption != 1 || gsm->adaption != dlci->adaption)
  2049. need_pn = true;
  2050. if (dlci->prio != (roundup(dlci->addr + 1, 8) - 1))
  2051. need_pn = true;
  2052. if (gsm->ftype != dlci->ftype)
  2053. need_pn = true;
  2054. }
  2055. switch (dlci->state) {
  2056. case DLCI_CLOSED:
  2057. case DLCI_WAITING_CONFIG:
  2058. case DLCI_CLOSING:
  2059. dlci->retries = gsm->n2;
  2060. if (!need_pn) {
  2061. dlci->state = DLCI_OPENING;
  2062. if (!dlci->addr || !gsm->dlci[0] ||
  2063. gsm->dlci[0]->state != DLCI_OPENING)
  2064. gsm_command(gsm, dlci->addr, SABM|PF);
  2065. } else {
  2066. /* Configure DLCI before setup */
  2067. dlci->state = DLCI_CONFIGURE;
  2068. if (gsm_dlci_negotiate(dlci) != 0) {
  2069. gsm_dlci_close(dlci);
  2070. return;
  2071. }
  2072. }
  2073. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  2074. break;
  2075. default:
  2076. break;
  2077. }
  2078. }
  2079. /**
  2080. * gsm_dlci_set_opening - change state to opening
  2081. * @dlci: DLCI to open
  2082. *
  2083. * Change internal state to wait for DLCI open from initiator side.
  2084. * We set off timers and responses upon reception of an SABM.
  2085. */
  2086. static void gsm_dlci_set_opening(struct gsm_dlci *dlci)
  2087. {
  2088. switch (dlci->state) {
  2089. case DLCI_CLOSED:
  2090. case DLCI_WAITING_CONFIG:
  2091. case DLCI_CLOSING:
  2092. dlci->state = DLCI_OPENING;
  2093. break;
  2094. default:
  2095. break;
  2096. }
  2097. }
  2098. /**
  2099. * gsm_dlci_set_wait_config - wait for channel configuration
  2100. * @dlci: DLCI to configure
  2101. *
  2102. * Wait for a DLCI configuration from the application.
  2103. */
  2104. static void gsm_dlci_set_wait_config(struct gsm_dlci *dlci)
  2105. {
  2106. switch (dlci->state) {
  2107. case DLCI_CLOSED:
  2108. case DLCI_CLOSING:
  2109. dlci->state = DLCI_WAITING_CONFIG;
  2110. break;
  2111. default:
  2112. break;
  2113. }
  2114. }
  2115. /**
  2116. * gsm_dlci_begin_close - start channel open procedure
  2117. * @dlci: DLCI to open
  2118. *
  2119. * Commence closing a DLCI from the Linux side. We issue DISC messages
  2120. * to the modem which should then reply with a UA, at which point we
  2121. * will move into closed state. Closing is done asynchronously with retry
  2122. * off timers. We may also receive a DM reply from the other end which
  2123. * indicates the channel was already closed.
  2124. */
  2125. static void gsm_dlci_begin_close(struct gsm_dlci *dlci)
  2126. {
  2127. struct gsm_mux *gsm = dlci->gsm;
  2128. if (dlci->state == DLCI_CLOSED || dlci->state == DLCI_CLOSING)
  2129. return;
  2130. dlci->retries = gsm->n2;
  2131. dlci->state = DLCI_CLOSING;
  2132. gsm_command(dlci->gsm, dlci->addr, DISC|PF);
  2133. mod_timer(&dlci->t1, jiffies + gsm->t1 * HZ / 100);
  2134. wake_up_interruptible(&gsm->event);
  2135. }
  2136. /**
  2137. * gsm_dlci_data - data arrived
  2138. * @dlci: channel
  2139. * @data: block of bytes received
  2140. * @clen: length of received block
  2141. *
  2142. * A UI or UIH frame has arrived which contains data for a channel
  2143. * other than the control channel. If the relevant virtual tty is
  2144. * open we shovel the bits down it, if not we drop them.
  2145. */
  2146. static void gsm_dlci_data(struct gsm_dlci *dlci, const u8 *data, int clen)
  2147. {
  2148. /* krefs .. */
  2149. struct tty_port *port = &dlci->port;
  2150. struct tty_struct *tty;
  2151. unsigned int modem = 0;
  2152. int len;
  2153. if (debug & DBG_TTY)
  2154. pr_debug("%d bytes for tty\n", clen);
  2155. switch (dlci->adaption) {
  2156. /* Unsupported types */
  2157. case 4: /* Packetised interruptible data */
  2158. break;
  2159. case 3: /* Packetised uininterruptible voice/data */
  2160. break;
  2161. case 2: /* Asynchronous serial with line state in each frame */
  2162. len = gsm_read_ea_val(&modem, data, clen);
  2163. if (len < 1)
  2164. return;
  2165. tty = tty_port_tty_get(port);
  2166. if (tty) {
  2167. gsm_process_modem(tty, dlci, modem, len);
  2168. tty_wakeup(tty);
  2169. tty_kref_put(tty);
  2170. }
  2171. /* Skip processed modem data */
  2172. data += len;
  2173. clen -= len;
  2174. fallthrough;
  2175. case 1: /* Line state will go via DLCI 0 controls only */
  2176. default:
  2177. tty_insert_flip_string(port, data, clen);
  2178. tty_flip_buffer_push(port);
  2179. }
  2180. }
  2181. /**
  2182. * gsm_dlci_command - data arrived on control channel
  2183. * @dlci: channel
  2184. * @data: block of bytes received
  2185. * @len: length of received block
  2186. *
  2187. * A UI or UIH frame has arrived which contains data for DLCI 0 the
  2188. * control channel. This should contain a command EA followed by
  2189. * control data bytes. The command EA contains a command/response bit
  2190. * and we divide up the work accordingly.
  2191. */
  2192. static void gsm_dlci_command(struct gsm_dlci *dlci, const u8 *data, int len)
  2193. {
  2194. /* See what command is involved */
  2195. unsigned int command = 0;
  2196. unsigned int clen = 0;
  2197. unsigned int dlen;
  2198. /* read the command */
  2199. dlen = gsm_read_ea_val(&command, data, len);
  2200. len -= dlen;
  2201. data += dlen;
  2202. /* read any control data */
  2203. dlen = gsm_read_ea_val(&clen, data, len);
  2204. len -= dlen;
  2205. data += dlen;
  2206. /* Malformed command? */
  2207. if (clen > len) {
  2208. dlci->gsm->malformed++;
  2209. return;
  2210. }
  2211. if (command & 1)
  2212. gsm_control_message(dlci->gsm, command, data, clen);
  2213. else
  2214. gsm_control_response(dlci->gsm, command, data, clen);
  2215. }
  2216. /**
  2217. * gsm_kick_timer - transmit if possible
  2218. * @t: timer contained in our gsm object
  2219. *
  2220. * Transmit data from DLCIs if the queue is empty. We can't rely on
  2221. * a tty wakeup except when we filled the pipe so we need to fire off
  2222. * new data ourselves in other cases.
  2223. */
  2224. static void gsm_kick_timer(struct timer_list *t)
  2225. {
  2226. struct gsm_mux *gsm = timer_container_of(gsm, t, kick_timer);
  2227. unsigned long flags;
  2228. int sent = 0;
  2229. spin_lock_irqsave(&gsm->tx_lock, flags);
  2230. /* If we have nothing running then we need to fire up */
  2231. if (gsm->tx_bytes < TX_THRESH_LO)
  2232. sent = gsm_dlci_data_sweep(gsm);
  2233. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  2234. if (sent && debug & DBG_DATA)
  2235. pr_info("%s TX queue stalled\n", __func__);
  2236. }
  2237. /**
  2238. * gsm_dlci_copy_config_values - copy DLCI configuration
  2239. * @dlci: source DLCI
  2240. * @dc: configuration structure to fill
  2241. */
  2242. static void gsm_dlci_copy_config_values(struct gsm_dlci *dlci, struct gsm_dlci_config *dc)
  2243. {
  2244. memset(dc, 0, sizeof(*dc));
  2245. dc->channel = (u32)dlci->addr;
  2246. dc->adaption = (u32)dlci->adaption;
  2247. dc->mtu = (u32)dlci->mtu;
  2248. dc->priority = (u32)dlci->prio;
  2249. if (dlci->ftype == UIH)
  2250. dc->i = 1;
  2251. else
  2252. dc->i = 2;
  2253. dc->k = (u32)dlci->k;
  2254. }
  2255. /**
  2256. * gsm_dlci_config - configure DLCI from configuration
  2257. * @dlci: DLCI to configure
  2258. * @dc: DLCI configuration
  2259. * @open: open DLCI after configuration?
  2260. */
  2261. static int gsm_dlci_config(struct gsm_dlci *dlci, struct gsm_dlci_config *dc, int open)
  2262. {
  2263. struct gsm_mux *gsm;
  2264. bool need_restart = false;
  2265. bool need_open = false;
  2266. unsigned int i;
  2267. /*
  2268. * Check that userspace doesn't put stuff in here to prevent breakages
  2269. * in the future.
  2270. */
  2271. for (i = 0; i < ARRAY_SIZE(dc->reserved); i++)
  2272. if (dc->reserved[i])
  2273. return -EINVAL;
  2274. if (!dlci)
  2275. return -EINVAL;
  2276. gsm = dlci->gsm;
  2277. /* Stuff we don't support yet - I frame transport */
  2278. if (dc->adaption != 1 && dc->adaption != 2)
  2279. return -EOPNOTSUPP;
  2280. if (dc->mtu > MAX_MTU || dc->mtu < MIN_MTU || dc->mtu > gsm->mru)
  2281. return -EINVAL;
  2282. if (dc->priority >= 64)
  2283. return -EINVAL;
  2284. if (dc->i == 0 || dc->i > 2) /* UIH and UI only */
  2285. return -EINVAL;
  2286. if (dc->k > 7)
  2287. return -EINVAL;
  2288. if (dc->flags & ~GSM_FL_RESTART) /* allow future extensions */
  2289. return -EINVAL;
  2290. /*
  2291. * See what is needed for reconfiguration
  2292. */
  2293. /* Framing fields */
  2294. if (dc->adaption != dlci->adaption)
  2295. need_restart = true;
  2296. if (dc->mtu != dlci->mtu)
  2297. need_restart = true;
  2298. if (dc->i != dlci->ftype)
  2299. need_restart = true;
  2300. /* Requires care */
  2301. if (dc->priority != dlci->prio)
  2302. need_restart = true;
  2303. if (dc->flags & GSM_FL_RESTART)
  2304. need_restart = true;
  2305. if ((open && gsm->wait_config) || need_restart)
  2306. need_open = true;
  2307. if (dlci->state == DLCI_WAITING_CONFIG) {
  2308. need_restart = false;
  2309. need_open = true;
  2310. }
  2311. /*
  2312. * Close down what is needed, restart and initiate the new
  2313. * configuration.
  2314. */
  2315. if (need_restart) {
  2316. gsm_dlci_begin_close(dlci);
  2317. wait_event_interruptible(gsm->event, dlci->state == DLCI_CLOSED);
  2318. if (signal_pending(current))
  2319. return -EINTR;
  2320. }
  2321. /*
  2322. * Setup the new configuration values
  2323. */
  2324. dlci->adaption = (int)dc->adaption;
  2325. if (dc->mtu)
  2326. dlci->mtu = (unsigned int)dc->mtu;
  2327. else
  2328. dlci->mtu = gsm->mtu;
  2329. if (dc->priority)
  2330. dlci->prio = (u8)dc->priority;
  2331. else
  2332. dlci->prio = roundup(dlci->addr + 1, 8) - 1;
  2333. if (dc->i == 1)
  2334. dlci->ftype = UIH;
  2335. else if (dc->i == 2)
  2336. dlci->ftype = UI;
  2337. if (dc->k)
  2338. dlci->k = (u8)dc->k;
  2339. else
  2340. dlci->k = gsm->k;
  2341. if (need_open) {
  2342. if (gsm->initiator)
  2343. gsm_dlci_begin_open(dlci);
  2344. else
  2345. gsm_dlci_set_opening(dlci);
  2346. }
  2347. return 0;
  2348. }
  2349. /*
  2350. * Allocate/Free DLCI channels
  2351. */
  2352. /**
  2353. * gsm_dlci_alloc - allocate a DLCI
  2354. * @gsm: GSM mux
  2355. * @addr: address of the DLCI
  2356. *
  2357. * Allocate and install a new DLCI object into the GSM mux.
  2358. *
  2359. * FIXME: review locking races
  2360. */
  2361. static struct gsm_dlci *gsm_dlci_alloc(struct gsm_mux *gsm, int addr)
  2362. {
  2363. struct gsm_dlci *dlci = kzalloc_obj(struct gsm_dlci, GFP_ATOMIC);
  2364. if (dlci == NULL)
  2365. return NULL;
  2366. spin_lock_init(&dlci->lock);
  2367. mutex_init(&dlci->mutex);
  2368. if (kfifo_alloc(&dlci->fifo, TX_SIZE, GFP_KERNEL) < 0) {
  2369. kfree(dlci);
  2370. return NULL;
  2371. }
  2372. skb_queue_head_init(&dlci->skb_list);
  2373. timer_setup(&dlci->t1, gsm_dlci_t1, 0);
  2374. tty_port_init(&dlci->port);
  2375. dlci->port.ops = &gsm_port_ops;
  2376. dlci->gsm = gsm;
  2377. dlci->addr = addr;
  2378. dlci->adaption = gsm->adaption;
  2379. dlci->mtu = gsm->mtu;
  2380. if (addr == 0)
  2381. dlci->prio = 0;
  2382. else
  2383. dlci->prio = roundup(addr + 1, 8) - 1;
  2384. dlci->ftype = gsm->ftype;
  2385. dlci->k = gsm->k;
  2386. dlci->state = DLCI_CLOSED;
  2387. if (addr) {
  2388. dlci->data = gsm_dlci_data;
  2389. /* Prevent us from sending data before the link is up */
  2390. dlci->constipated = true;
  2391. } else {
  2392. dlci->data = gsm_dlci_command;
  2393. }
  2394. gsm->dlci[addr] = dlci;
  2395. return dlci;
  2396. }
  2397. /**
  2398. * gsm_dlci_free - free DLCI
  2399. * @port: tty port for DLCI to free
  2400. *
  2401. * Free up a DLCI.
  2402. *
  2403. * Can sleep.
  2404. */
  2405. static void gsm_dlci_free(struct tty_port *port)
  2406. {
  2407. struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
  2408. timer_shutdown_sync(&dlci->t1);
  2409. dlci->gsm->dlci[dlci->addr] = NULL;
  2410. kfifo_free(&dlci->fifo);
  2411. while ((dlci->skb = skb_dequeue(&dlci->skb_list)))
  2412. dev_kfree_skb(dlci->skb);
  2413. kfree(dlci);
  2414. }
  2415. static inline void dlci_get(struct gsm_dlci *dlci)
  2416. {
  2417. tty_port_get(&dlci->port);
  2418. }
  2419. static inline void dlci_put(struct gsm_dlci *dlci)
  2420. {
  2421. tty_port_put(&dlci->port);
  2422. }
  2423. static void gsm_destroy_network(struct gsm_dlci *dlci);
  2424. /**
  2425. * gsm_dlci_release - release DLCI
  2426. * @dlci: DLCI to destroy
  2427. *
  2428. * Release a DLCI. Actual free is deferred until either
  2429. * mux is closed or tty is closed - whichever is last.
  2430. *
  2431. * Can sleep.
  2432. */
  2433. static void gsm_dlci_release(struct gsm_dlci *dlci)
  2434. {
  2435. struct tty_struct *tty = tty_port_tty_get(&dlci->port);
  2436. if (tty) {
  2437. mutex_lock(&dlci->mutex);
  2438. gsm_destroy_network(dlci);
  2439. mutex_unlock(&dlci->mutex);
  2440. /* We cannot use tty_hangup() because in tty_kref_put() the tty
  2441. * driver assumes that the hangup queue is free and reuses it to
  2442. * queue release_one_tty() -> NULL pointer panic in
  2443. * process_one_work().
  2444. */
  2445. tty_vhangup(tty);
  2446. tty_port_tty_set(&dlci->port, NULL);
  2447. tty_kref_put(tty);
  2448. }
  2449. dlci->state = DLCI_CLOSED;
  2450. dlci_put(dlci);
  2451. }
  2452. /*
  2453. * LAPBish link layer logic
  2454. */
  2455. /**
  2456. * gsm_queue - a GSM frame is ready to process
  2457. * @gsm: pointer to our gsm mux
  2458. *
  2459. * At this point in time a frame has arrived and been demangled from
  2460. * the line encoding. All the differences between the encodings have
  2461. * been handled below us and the frame is unpacked into the structures.
  2462. * The fcs holds the header FCS but any data FCS must be added here.
  2463. */
  2464. static void gsm_queue(struct gsm_mux *gsm)
  2465. {
  2466. struct gsm_dlci *dlci;
  2467. u8 cr;
  2468. int address;
  2469. if (gsm->fcs != GOOD_FCS) {
  2470. gsm->bad_fcs++;
  2471. if (debug & DBG_DATA)
  2472. pr_debug("BAD FCS %02x\n", gsm->fcs);
  2473. return;
  2474. }
  2475. address = gsm->address >> 1;
  2476. if (address >= NUM_DLCI)
  2477. goto invalid;
  2478. cr = gsm->address & 1; /* C/R bit */
  2479. cr ^= gsm->initiator ? 0 : 1; /* Flip so 1 always means command */
  2480. gsm_print_packet("<--", address, cr, gsm->control, gsm->buf, gsm->len);
  2481. dlci = gsm->dlci[address];
  2482. switch (gsm->control) {
  2483. case SABM|PF:
  2484. if (cr == 1) {
  2485. gsm->open_error++;
  2486. goto invalid;
  2487. }
  2488. if (dlci == NULL)
  2489. dlci = gsm_dlci_alloc(gsm, address);
  2490. if (dlci == NULL) {
  2491. gsm->open_error++;
  2492. return;
  2493. }
  2494. if (dlci->dead)
  2495. gsm_response(gsm, address, DM|PF);
  2496. else {
  2497. gsm_response(gsm, address, UA|PF);
  2498. gsm_dlci_open(dlci);
  2499. }
  2500. break;
  2501. case DISC|PF:
  2502. if (cr == 1)
  2503. goto invalid;
  2504. if (dlci == NULL || dlci->state == DLCI_CLOSED) {
  2505. gsm_response(gsm, address, DM|PF);
  2506. return;
  2507. }
  2508. /* Real close complete */
  2509. gsm_response(gsm, address, UA|PF);
  2510. gsm_dlci_close(dlci);
  2511. break;
  2512. case UA|PF:
  2513. if (cr == 0 || dlci == NULL)
  2514. break;
  2515. switch (dlci->state) {
  2516. case DLCI_CLOSING:
  2517. gsm_dlci_close(dlci);
  2518. break;
  2519. case DLCI_OPENING:
  2520. gsm_dlci_open(dlci);
  2521. break;
  2522. default:
  2523. pr_debug("%s: unhandled state: %d\n", __func__,
  2524. dlci->state);
  2525. break;
  2526. }
  2527. break;
  2528. case DM: /* DM can be valid unsolicited */
  2529. case DM|PF:
  2530. if (cr)
  2531. goto invalid;
  2532. if (dlci == NULL)
  2533. return;
  2534. gsm_dlci_close(dlci);
  2535. break;
  2536. case UI:
  2537. case UI|PF:
  2538. case UIH:
  2539. case UIH|PF:
  2540. if (dlci == NULL || dlci->state != DLCI_OPEN) {
  2541. gsm_response(gsm, address, DM|PF);
  2542. return;
  2543. }
  2544. dlci->data(dlci, gsm->buf, gsm->len);
  2545. break;
  2546. default:
  2547. goto invalid;
  2548. }
  2549. return;
  2550. invalid:
  2551. gsm->malformed++;
  2552. return;
  2553. }
  2554. /**
  2555. * gsm0_receive_state_check_and_fix - check and correct receive state
  2556. * @gsm: gsm data for this ldisc instance
  2557. *
  2558. * Ensures that the current receive state is valid for basic option mode.
  2559. */
  2560. static void gsm0_receive_state_check_and_fix(struct gsm_mux *gsm)
  2561. {
  2562. switch (gsm->state) {
  2563. case GSM_SEARCH:
  2564. case GSM0_ADDRESS:
  2565. case GSM0_CONTROL:
  2566. case GSM0_LEN0:
  2567. case GSM0_LEN1:
  2568. case GSM0_DATA:
  2569. case GSM0_FCS:
  2570. case GSM0_SSOF:
  2571. break;
  2572. default:
  2573. gsm->state = GSM_SEARCH;
  2574. break;
  2575. }
  2576. }
  2577. /**
  2578. * gsm0_receive - perform processing for non-transparency
  2579. * @gsm: gsm data for this ldisc instance
  2580. * @c: character
  2581. *
  2582. * Receive bytes in gsm mode 0
  2583. */
  2584. static void gsm0_receive(struct gsm_mux *gsm, u8 c)
  2585. {
  2586. unsigned int len;
  2587. gsm0_receive_state_check_and_fix(gsm);
  2588. switch (gsm->state) {
  2589. case GSM_SEARCH: /* SOF marker */
  2590. if (c == GSM0_SOF) {
  2591. gsm->state = GSM0_ADDRESS;
  2592. gsm->address = 0;
  2593. gsm->len = 0;
  2594. gsm->fcs = INIT_FCS;
  2595. }
  2596. break;
  2597. case GSM0_ADDRESS: /* Address EA */
  2598. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2599. if (gsm_read_ea(&gsm->address, c))
  2600. gsm->state = GSM0_CONTROL;
  2601. break;
  2602. case GSM0_CONTROL: /* Control Byte */
  2603. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2604. gsm->control = c;
  2605. gsm->state = GSM0_LEN0;
  2606. break;
  2607. case GSM0_LEN0: /* Length EA */
  2608. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2609. if (gsm_read_ea(&gsm->len, c)) {
  2610. if (gsm->len > gsm->mru) {
  2611. gsm->bad_size++;
  2612. gsm->state = GSM_SEARCH;
  2613. break;
  2614. }
  2615. gsm->count = 0;
  2616. if (!gsm->len)
  2617. gsm->state = GSM0_FCS;
  2618. else
  2619. gsm->state = GSM0_DATA;
  2620. break;
  2621. }
  2622. gsm->state = GSM0_LEN1;
  2623. break;
  2624. case GSM0_LEN1:
  2625. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2626. len = c;
  2627. gsm->len |= len << 7;
  2628. if (gsm->len > gsm->mru) {
  2629. gsm->bad_size++;
  2630. gsm->state = GSM_SEARCH;
  2631. break;
  2632. }
  2633. gsm->count = 0;
  2634. if (!gsm->len)
  2635. gsm->state = GSM0_FCS;
  2636. else
  2637. gsm->state = GSM0_DATA;
  2638. break;
  2639. case GSM0_DATA: /* Data */
  2640. gsm->buf[gsm->count++] = c;
  2641. if (gsm->count >= MAX_MRU) {
  2642. gsm->bad_size++;
  2643. gsm->state = GSM_SEARCH;
  2644. } else if (gsm->count >= gsm->len) {
  2645. /* Calculate final FCS for UI frames over all data */
  2646. if ((gsm->control & ~PF) != UIH) {
  2647. gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
  2648. gsm->count);
  2649. }
  2650. gsm->state = GSM0_FCS;
  2651. }
  2652. break;
  2653. case GSM0_FCS: /* FCS follows the packet */
  2654. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2655. gsm->state = GSM0_SSOF;
  2656. break;
  2657. case GSM0_SSOF:
  2658. gsm->state = GSM_SEARCH;
  2659. if (c == GSM0_SOF)
  2660. gsm_queue(gsm);
  2661. else
  2662. gsm->bad_size++;
  2663. break;
  2664. default:
  2665. pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
  2666. break;
  2667. }
  2668. }
  2669. /**
  2670. * gsm1_receive_state_check_and_fix - check and correct receive state
  2671. * @gsm: gsm data for this ldisc instance
  2672. *
  2673. * Ensures that the current receive state is valid for advanced option mode.
  2674. */
  2675. static void gsm1_receive_state_check_and_fix(struct gsm_mux *gsm)
  2676. {
  2677. switch (gsm->state) {
  2678. case GSM_SEARCH:
  2679. case GSM1_START:
  2680. case GSM1_ADDRESS:
  2681. case GSM1_CONTROL:
  2682. case GSM1_DATA:
  2683. case GSM1_OVERRUN:
  2684. break;
  2685. default:
  2686. gsm->state = GSM_SEARCH;
  2687. break;
  2688. }
  2689. }
  2690. /**
  2691. * gsm1_receive - perform processing for non-transparency
  2692. * @gsm: gsm data for this ldisc instance
  2693. * @c: character
  2694. *
  2695. * Receive bytes in mode 1 (Advanced option)
  2696. */
  2697. static void gsm1_receive(struct gsm_mux *gsm, u8 c)
  2698. {
  2699. gsm1_receive_state_check_and_fix(gsm);
  2700. /* handle XON/XOFF */
  2701. if ((c & ISO_IEC_646_MASK) == XON) {
  2702. gsm->constipated = true;
  2703. return;
  2704. } else if ((c & ISO_IEC_646_MASK) == XOFF) {
  2705. gsm->constipated = false;
  2706. /* Kick the link in case it is idling */
  2707. gsmld_write_trigger(gsm);
  2708. return;
  2709. }
  2710. if (c == GSM1_SOF) {
  2711. /* EOF is only valid in frame if we have got to the data state */
  2712. if (gsm->state == GSM1_DATA) {
  2713. if (gsm->count < 1) {
  2714. /* Missing FSC */
  2715. gsm->malformed++;
  2716. gsm->state = GSM1_START;
  2717. return;
  2718. }
  2719. /* Remove the FCS from data */
  2720. gsm->count--;
  2721. if ((gsm->control & ~PF) != UIH) {
  2722. /* Calculate final FCS for UI frames over all
  2723. * data but FCS
  2724. */
  2725. gsm->fcs = gsm_fcs_add_block(gsm->fcs, gsm->buf,
  2726. gsm->count);
  2727. }
  2728. /* Add the FCS itself to test against GOOD_FCS */
  2729. gsm->fcs = gsm_fcs_add(gsm->fcs, gsm->buf[gsm->count]);
  2730. gsm->len = gsm->count;
  2731. gsm_queue(gsm);
  2732. gsm->state = GSM1_START;
  2733. return;
  2734. }
  2735. /* Any partial frame was a runt so go back to start */
  2736. if (gsm->state != GSM1_START) {
  2737. if (gsm->state != GSM_SEARCH)
  2738. gsm->malformed++;
  2739. gsm->state = GSM1_START;
  2740. }
  2741. /* A SOF in GSM_START means we are still reading idling or
  2742. framing bytes */
  2743. return;
  2744. }
  2745. if (c == GSM1_ESCAPE) {
  2746. gsm->escape = true;
  2747. return;
  2748. }
  2749. /* Only an unescaped SOF gets us out of GSM search */
  2750. if (gsm->state == GSM_SEARCH)
  2751. return;
  2752. if (gsm->escape) {
  2753. c ^= GSM1_ESCAPE_BITS;
  2754. gsm->escape = false;
  2755. }
  2756. switch (gsm->state) {
  2757. case GSM1_START: /* First byte after SOF */
  2758. gsm->address = 0;
  2759. gsm->state = GSM1_ADDRESS;
  2760. gsm->fcs = INIT_FCS;
  2761. fallthrough;
  2762. case GSM1_ADDRESS: /* Address continuation */
  2763. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2764. if (gsm_read_ea(&gsm->address, c))
  2765. gsm->state = GSM1_CONTROL;
  2766. break;
  2767. case GSM1_CONTROL: /* Control Byte */
  2768. gsm->fcs = gsm_fcs_add(gsm->fcs, c);
  2769. gsm->control = c;
  2770. gsm->count = 0;
  2771. gsm->state = GSM1_DATA;
  2772. break;
  2773. case GSM1_DATA: /* Data */
  2774. if (gsm->count > gsm->mru || gsm->count > MAX_MRU) { /* Allow one for the FCS */
  2775. gsm->state = GSM1_OVERRUN;
  2776. gsm->bad_size++;
  2777. } else
  2778. gsm->buf[gsm->count++] = c;
  2779. break;
  2780. case GSM1_OVERRUN: /* Over-long - eg a dropped SOF */
  2781. break;
  2782. default:
  2783. pr_debug("%s: unhandled state: %d\n", __func__, gsm->state);
  2784. break;
  2785. }
  2786. }
  2787. /**
  2788. * gsm_error - handle tty error
  2789. * @gsm: ldisc data
  2790. *
  2791. * Handle an error in the receipt of data for a frame. Currently we just
  2792. * go back to hunting for a SOF.
  2793. *
  2794. * FIXME: better diagnostics ?
  2795. */
  2796. static void gsm_error(struct gsm_mux *gsm)
  2797. {
  2798. gsm->state = GSM_SEARCH;
  2799. gsm->io_error++;
  2800. }
  2801. /**
  2802. * gsm_cleanup_mux - generic GSM protocol cleanup
  2803. * @gsm: our mux
  2804. * @disc: disconnect link?
  2805. *
  2806. * Clean up the bits of the mux which are the same for all framing
  2807. * protocols. Remove the mux from the mux table, stop all the timers
  2808. * and then shut down each device hanging up the channels as we go.
  2809. */
  2810. static void gsm_cleanup_mux(struct gsm_mux *gsm, bool disc)
  2811. {
  2812. int i;
  2813. struct gsm_dlci *dlci;
  2814. struct gsm_msg *txq, *ntxq;
  2815. gsm->dead = true;
  2816. mutex_lock(&gsm->mutex);
  2817. dlci = gsm->dlci[0];
  2818. if (dlci) {
  2819. if (disc && dlci->state != DLCI_CLOSED) {
  2820. gsm_dlci_begin_close(dlci);
  2821. wait_event(gsm->event, dlci->state == DLCI_CLOSED);
  2822. }
  2823. dlci->dead = true;
  2824. }
  2825. /* Finish outstanding timers, making sure they are done */
  2826. timer_delete_sync(&gsm->kick_timer);
  2827. timer_delete_sync(&gsm->t2_timer);
  2828. timer_delete_sync(&gsm->ka_timer);
  2829. /* Finish writing to ldisc */
  2830. flush_work(&gsm->tx_work);
  2831. /* Free up any link layer users and finally the control channel */
  2832. if (gsm->has_devices) {
  2833. gsm_unregister_devices(gsm_tty_driver, gsm->num);
  2834. gsm->has_devices = false;
  2835. }
  2836. for (i = NUM_DLCI - 1; i >= 0; i--)
  2837. if (gsm->dlci[i])
  2838. gsm_dlci_release(gsm->dlci[i]);
  2839. mutex_unlock(&gsm->mutex);
  2840. /* Now wipe the queues */
  2841. tty_ldisc_flush(gsm->tty);
  2842. guard(spinlock_irqsave)(&gsm->tx_lock);
  2843. list_for_each_entry_safe(txq, ntxq, &gsm->tx_ctrl_list, list)
  2844. kfree(txq);
  2845. INIT_LIST_HEAD(&gsm->tx_ctrl_list);
  2846. list_for_each_entry_safe(txq, ntxq, &gsm->tx_data_list, list)
  2847. kfree(txq);
  2848. INIT_LIST_HEAD(&gsm->tx_data_list);
  2849. }
  2850. /**
  2851. * gsm_activate_mux - generic GSM setup
  2852. * @gsm: our mux
  2853. *
  2854. * Set up the bits of the mux which are the same for all framing
  2855. * protocols. Add the mux to the mux table so it can be opened and
  2856. * finally kick off connecting to DLCI 0 on the modem.
  2857. */
  2858. static int gsm_activate_mux(struct gsm_mux *gsm)
  2859. {
  2860. struct gsm_dlci *dlci;
  2861. int ret;
  2862. dlci = gsm_dlci_alloc(gsm, 0);
  2863. if (dlci == NULL)
  2864. return -ENOMEM;
  2865. if (gsm->encoding == GSM_BASIC_OPT)
  2866. gsm->receive = gsm0_receive;
  2867. else
  2868. gsm->receive = gsm1_receive;
  2869. ret = gsm_register_devices(gsm_tty_driver, gsm->num);
  2870. if (ret)
  2871. return ret;
  2872. gsm->has_devices = true;
  2873. gsm->dead = false; /* Tty opens are now permissible */
  2874. return 0;
  2875. }
  2876. /**
  2877. * gsm_free_mux - free up a mux
  2878. * @gsm: mux to free
  2879. *
  2880. * Dispose of allocated resources for a dead mux
  2881. */
  2882. static void gsm_free_mux(struct gsm_mux *gsm)
  2883. {
  2884. int i;
  2885. for (i = 0; i < MAX_MUX; i++) {
  2886. if (gsm == gsm_mux[i]) {
  2887. gsm_mux[i] = NULL;
  2888. break;
  2889. }
  2890. }
  2891. mutex_destroy(&gsm->mutex);
  2892. kfree(gsm->txframe);
  2893. kfree(gsm->buf);
  2894. kfree(gsm);
  2895. }
  2896. /**
  2897. * gsm_free_muxr - free up a mux
  2898. * @ref: kreference to the mux to free
  2899. *
  2900. * Dispose of allocated resources for a dead mux
  2901. */
  2902. static void gsm_free_muxr(struct kref *ref)
  2903. {
  2904. struct gsm_mux *gsm = container_of(ref, struct gsm_mux, ref);
  2905. gsm_free_mux(gsm);
  2906. }
  2907. static inline void mux_get(struct gsm_mux *gsm)
  2908. {
  2909. unsigned long flags;
  2910. spin_lock_irqsave(&gsm_mux_lock, flags);
  2911. kref_get(&gsm->ref);
  2912. spin_unlock_irqrestore(&gsm_mux_lock, flags);
  2913. }
  2914. static inline void mux_put(struct gsm_mux *gsm)
  2915. {
  2916. unsigned long flags;
  2917. spin_lock_irqsave(&gsm_mux_lock, flags);
  2918. kref_put(&gsm->ref, gsm_free_muxr);
  2919. spin_unlock_irqrestore(&gsm_mux_lock, flags);
  2920. }
  2921. static inline unsigned int mux_num_to_base(struct gsm_mux *gsm)
  2922. {
  2923. return gsm->num * NUM_DLCI;
  2924. }
  2925. static inline unsigned int mux_line_to_num(unsigned int line)
  2926. {
  2927. return line / NUM_DLCI;
  2928. }
  2929. /**
  2930. * gsm_alloc_mux - allocate a mux
  2931. *
  2932. * Creates a new mux ready for activation.
  2933. */
  2934. static struct gsm_mux *gsm_alloc_mux(void)
  2935. {
  2936. int i;
  2937. struct gsm_mux *gsm = kzalloc_obj(struct gsm_mux);
  2938. if (gsm == NULL)
  2939. return NULL;
  2940. gsm->buf = kmalloc(MAX_MRU + 1, GFP_KERNEL);
  2941. if (gsm->buf == NULL) {
  2942. kfree(gsm);
  2943. return NULL;
  2944. }
  2945. gsm->txframe = kmalloc(2 * (MAX_MTU + PROT_OVERHEAD - 1), GFP_KERNEL);
  2946. if (gsm->txframe == NULL) {
  2947. kfree(gsm->buf);
  2948. kfree(gsm);
  2949. return NULL;
  2950. }
  2951. spin_lock_init(&gsm->lock);
  2952. mutex_init(&gsm->mutex);
  2953. kref_init(&gsm->ref);
  2954. INIT_LIST_HEAD(&gsm->tx_ctrl_list);
  2955. INIT_LIST_HEAD(&gsm->tx_data_list);
  2956. timer_setup(&gsm->kick_timer, gsm_kick_timer, 0);
  2957. timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
  2958. timer_setup(&gsm->ka_timer, gsm_control_keep_alive, 0);
  2959. INIT_WORK(&gsm->tx_work, gsmld_write_task);
  2960. init_waitqueue_head(&gsm->event);
  2961. spin_lock_init(&gsm->control_lock);
  2962. spin_lock_init(&gsm->tx_lock);
  2963. gsm->t1 = T1;
  2964. gsm->t2 = T2;
  2965. gsm->t3 = T3;
  2966. gsm->n2 = N2;
  2967. gsm->k = K;
  2968. gsm->ftype = UIH;
  2969. gsm->adaption = 1;
  2970. gsm->encoding = GSM_ADV_OPT;
  2971. gsm->mru = 64; /* Default to encoding 1 so these should be 64 */
  2972. gsm->mtu = 64;
  2973. gsm->dead = true; /* Avoid early tty opens */
  2974. gsm->wait_config = false; /* Disabled */
  2975. gsm->keep_alive = 0; /* Disabled */
  2976. /* Store the instance to the mux array or abort if no space is
  2977. * available.
  2978. */
  2979. spin_lock(&gsm_mux_lock);
  2980. for (i = 0; i < MAX_MUX; i++) {
  2981. if (!gsm_mux[i]) {
  2982. gsm_mux[i] = gsm;
  2983. gsm->num = i;
  2984. break;
  2985. }
  2986. }
  2987. spin_unlock(&gsm_mux_lock);
  2988. if (i == MAX_MUX) {
  2989. mutex_destroy(&gsm->mutex);
  2990. kfree(gsm->txframe);
  2991. kfree(gsm->buf);
  2992. kfree(gsm);
  2993. return NULL;
  2994. }
  2995. return gsm;
  2996. }
  2997. static void gsm_copy_config_values(struct gsm_mux *gsm,
  2998. struct gsm_config *c)
  2999. {
  3000. memset(c, 0, sizeof(*c));
  3001. c->adaption = gsm->adaption;
  3002. c->encapsulation = gsm->encoding;
  3003. c->initiator = gsm->initiator;
  3004. c->t1 = gsm->t1;
  3005. c->t2 = gsm->t2;
  3006. c->t3 = gsm->t3;
  3007. c->n2 = gsm->n2;
  3008. if (gsm->ftype == UIH)
  3009. c->i = 1;
  3010. else
  3011. c->i = 2;
  3012. pr_debug("Ftype %d i %d\n", gsm->ftype, c->i);
  3013. c->mru = gsm->mru;
  3014. c->mtu = gsm->mtu;
  3015. c->k = gsm->k;
  3016. }
  3017. static int gsm_config(struct gsm_mux *gsm, struct gsm_config *c)
  3018. {
  3019. int need_close = 0;
  3020. int need_restart = 0;
  3021. /* Stuff we don't support yet - UI or I frame transport */
  3022. if (c->adaption != 1 && c->adaption != 2)
  3023. return -EOPNOTSUPP;
  3024. /* Check the MRU/MTU range looks sane */
  3025. if (c->mru < MIN_MTU || c->mtu < MIN_MTU)
  3026. return -EINVAL;
  3027. if (c->mru > MAX_MRU || c->mtu > MAX_MTU)
  3028. return -EINVAL;
  3029. if (c->t3 > MAX_T3)
  3030. return -EINVAL;
  3031. if (c->n2 > 255)
  3032. return -EINVAL;
  3033. if (c->encapsulation > 1) /* Basic, advanced, no I */
  3034. return -EINVAL;
  3035. if (c->initiator > 1)
  3036. return -EINVAL;
  3037. if (c->k > MAX_WINDOW_SIZE)
  3038. return -EINVAL;
  3039. if (c->i == 0 || c->i > 2) /* UIH and UI only */
  3040. return -EINVAL;
  3041. /*
  3042. * See what is needed for reconfiguration
  3043. */
  3044. /* Timing fields */
  3045. if (c->t1 != 0 && c->t1 != gsm->t1)
  3046. need_restart = 1;
  3047. if (c->t2 != 0 && c->t2 != gsm->t2)
  3048. need_restart = 1;
  3049. if (c->encapsulation != gsm->encoding)
  3050. need_restart = 1;
  3051. if (c->adaption != gsm->adaption)
  3052. need_restart = 1;
  3053. /* Requires care */
  3054. if (c->initiator != gsm->initiator)
  3055. need_close = 1;
  3056. if (c->mru != gsm->mru)
  3057. need_restart = 1;
  3058. if (c->mtu != gsm->mtu)
  3059. need_restart = 1;
  3060. /*
  3061. * Close down what is needed, restart and initiate the new
  3062. * configuration. On the first time there is no DLCI[0]
  3063. * and closing or cleaning up is not necessary.
  3064. */
  3065. if (need_close || need_restart)
  3066. gsm_cleanup_mux(gsm, true);
  3067. gsm->initiator = c->initiator;
  3068. gsm->mru = c->mru;
  3069. gsm->mtu = c->mtu;
  3070. gsm->encoding = c->encapsulation ? GSM_ADV_OPT : GSM_BASIC_OPT;
  3071. gsm->adaption = c->adaption;
  3072. gsm->n2 = c->n2;
  3073. if (c->i == 1)
  3074. gsm->ftype = UIH;
  3075. else if (c->i == 2)
  3076. gsm->ftype = UI;
  3077. if (c->t1)
  3078. gsm->t1 = c->t1;
  3079. if (c->t2)
  3080. gsm->t2 = c->t2;
  3081. if (c->t3)
  3082. gsm->t3 = c->t3;
  3083. if (c->k)
  3084. gsm->k = c->k;
  3085. /*
  3086. * FIXME: We need to separate activation/deactivation from adding
  3087. * and removing from the mux array
  3088. */
  3089. if (gsm->dead) {
  3090. int ret = gsm_activate_mux(gsm);
  3091. if (ret)
  3092. return ret;
  3093. if (gsm->initiator)
  3094. gsm_dlci_begin_open(gsm->dlci[0]);
  3095. }
  3096. return 0;
  3097. }
  3098. static void gsm_copy_config_ext_values(struct gsm_mux *gsm,
  3099. struct gsm_config_ext *ce)
  3100. {
  3101. memset(ce, 0, sizeof(*ce));
  3102. ce->wait_config = gsm->wait_config ? 1 : 0;
  3103. ce->keep_alive = gsm->keep_alive;
  3104. }
  3105. static int gsm_config_ext(struct gsm_mux *gsm, struct gsm_config_ext *ce)
  3106. {
  3107. bool need_restart = false;
  3108. unsigned int i;
  3109. /*
  3110. * Check that userspace doesn't put stuff in here to prevent breakages
  3111. * in the future.
  3112. */
  3113. for (i = 0; i < ARRAY_SIZE(ce->reserved); i++)
  3114. if (ce->reserved[i])
  3115. return -EINVAL;
  3116. if (ce->flags & ~GSM_FL_RESTART)
  3117. return -EINVAL;
  3118. /* Requires care */
  3119. if (ce->flags & GSM_FL_RESTART)
  3120. need_restart = true;
  3121. /*
  3122. * Close down what is needed, restart and initiate the new
  3123. * configuration. On the first time there is no DLCI[0]
  3124. * and closing or cleaning up is not necessary.
  3125. */
  3126. if (need_restart)
  3127. gsm_cleanup_mux(gsm, true);
  3128. /*
  3129. * Setup the new configuration values
  3130. */
  3131. gsm->wait_config = ce->wait_config ? true : false;
  3132. gsm->keep_alive = ce->keep_alive;
  3133. if (gsm->dead) {
  3134. int ret = gsm_activate_mux(gsm);
  3135. if (ret)
  3136. return ret;
  3137. if (gsm->initiator)
  3138. gsm_dlci_begin_open(gsm->dlci[0]);
  3139. }
  3140. return 0;
  3141. }
  3142. /**
  3143. * gsmld_output - write to link
  3144. * @gsm: our mux
  3145. * @data: bytes to output
  3146. * @len: size
  3147. *
  3148. * Write a block of data from the GSM mux to the data channel. This
  3149. * will eventually be serialized from above but at the moment isn't.
  3150. */
  3151. static int gsmld_output(struct gsm_mux *gsm, u8 *data, int len)
  3152. {
  3153. if (tty_write_room(gsm->tty) < len) {
  3154. set_bit(TTY_DO_WRITE_WAKEUP, &gsm->tty->flags);
  3155. return -ENOSPC;
  3156. }
  3157. if (debug & DBG_DATA)
  3158. gsm_hex_dump_bytes(__func__, data, len);
  3159. return gsm->tty->ops->write(gsm->tty, data, len);
  3160. }
  3161. /**
  3162. * gsmld_write_trigger - schedule ldisc write task
  3163. * @gsm: our mux
  3164. */
  3165. static void gsmld_write_trigger(struct gsm_mux *gsm)
  3166. {
  3167. if (!gsm || !gsm->dlci[0] || gsm->dlci[0]->dead)
  3168. return;
  3169. schedule_work(&gsm->tx_work);
  3170. }
  3171. /**
  3172. * gsmld_write_task - ldisc write task
  3173. * @work: our tx write work
  3174. *
  3175. * Writes out data to the ldisc if possible. We are doing this here to
  3176. * avoid dead-locking. This returns if no space or data is left for output.
  3177. */
  3178. static void gsmld_write_task(struct work_struct *work)
  3179. {
  3180. struct gsm_mux *gsm = container_of(work, struct gsm_mux, tx_work);
  3181. unsigned long flags;
  3182. int i, ret;
  3183. /* All outstanding control channel and control messages and one data
  3184. * frame is sent.
  3185. */
  3186. ret = -ENODEV;
  3187. spin_lock_irqsave(&gsm->tx_lock, flags);
  3188. if (gsm->tty)
  3189. ret = gsm_data_kick(gsm);
  3190. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  3191. if (ret >= 0)
  3192. for (i = 0; i < NUM_DLCI; i++)
  3193. if (gsm->dlci[i])
  3194. tty_port_tty_wakeup(&gsm->dlci[i]->port);
  3195. }
  3196. /**
  3197. * gsmld_attach_gsm - mode set up
  3198. * @tty: our tty structure
  3199. * @gsm: our mux
  3200. *
  3201. * Set up the MUX for basic mode and commence connecting to the
  3202. * modem. Currently called from the line discipline set up but
  3203. * will need moving to an ioctl path.
  3204. */
  3205. static void gsmld_attach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
  3206. {
  3207. gsm->tty = tty_kref_get(tty);
  3208. /* Turn off tty XON/XOFF handling to handle it explicitly. */
  3209. gsm->old_c_iflag = tty->termios.c_iflag;
  3210. tty->termios.c_iflag &= (IXON | IXOFF);
  3211. }
  3212. /**
  3213. * gsmld_detach_gsm - stop doing 0710 mux
  3214. * @tty: tty attached to the mux
  3215. * @gsm: mux
  3216. *
  3217. * Shutdown and then clean up the resources used by the line discipline
  3218. */
  3219. static void gsmld_detach_gsm(struct tty_struct *tty, struct gsm_mux *gsm)
  3220. {
  3221. WARN_ON(tty != gsm->tty);
  3222. /* Restore tty XON/XOFF handling. */
  3223. gsm->tty->termios.c_iflag = gsm->old_c_iflag;
  3224. tty_kref_put(gsm->tty);
  3225. gsm->tty = NULL;
  3226. }
  3227. static void gsmld_receive_buf(struct tty_struct *tty, const u8 *cp,
  3228. const u8 *fp, size_t count)
  3229. {
  3230. struct gsm_mux *gsm = tty->disc_data;
  3231. u8 flags = TTY_NORMAL;
  3232. if (debug & DBG_DATA)
  3233. gsm_hex_dump_bytes(__func__, cp, count);
  3234. for (; count; count--, cp++) {
  3235. if (fp)
  3236. flags = *fp++;
  3237. switch (flags) {
  3238. case TTY_NORMAL:
  3239. if (gsm->receive)
  3240. gsm->receive(gsm, *cp);
  3241. break;
  3242. case TTY_OVERRUN:
  3243. case TTY_BREAK:
  3244. case TTY_PARITY:
  3245. case TTY_FRAME:
  3246. gsm_error(gsm);
  3247. break;
  3248. default:
  3249. WARN_ONCE(1, "%s: unknown flag %d\n",
  3250. tty_name(tty), flags);
  3251. break;
  3252. }
  3253. }
  3254. /* FASYNC if needed ? */
  3255. /* If clogged call tty_throttle(tty); */
  3256. }
  3257. /**
  3258. * gsmld_flush_buffer - clean input queue
  3259. * @tty: terminal device
  3260. *
  3261. * Flush the input buffer. Called when the line discipline is
  3262. * being closed, when the tty layer wants the buffer flushed (eg
  3263. * at hangup).
  3264. */
  3265. static void gsmld_flush_buffer(struct tty_struct *tty)
  3266. {
  3267. }
  3268. /**
  3269. * gsmld_close - close the ldisc for this tty
  3270. * @tty: device
  3271. *
  3272. * Called from the terminal layer when this line discipline is
  3273. * being shut down, either because of a close or becsuse of a
  3274. * discipline change. The function will not be called while other
  3275. * ldisc methods are in progress.
  3276. */
  3277. static void gsmld_close(struct tty_struct *tty)
  3278. {
  3279. struct gsm_mux *gsm = tty->disc_data;
  3280. /* The ldisc locks and closes the port before calling our close. This
  3281. * means we have no way to do a proper disconnect. We will not bother
  3282. * to do one.
  3283. */
  3284. gsm_cleanup_mux(gsm, false);
  3285. gsmld_detach_gsm(tty, gsm);
  3286. gsmld_flush_buffer(tty);
  3287. /* Do other clean up here */
  3288. mux_put(gsm);
  3289. }
  3290. /**
  3291. * gsmld_open - open an ldisc
  3292. * @tty: terminal to open
  3293. *
  3294. * Called when this line discipline is being attached to the
  3295. * terminal device. Can sleep. Called serialized so that no
  3296. * other events will occur in parallel. No further open will occur
  3297. * until a close.
  3298. */
  3299. static int gsmld_open(struct tty_struct *tty)
  3300. {
  3301. struct gsm_mux *gsm;
  3302. if (!capable(CAP_NET_ADMIN))
  3303. return -EPERM;
  3304. if (tty->ops->write == NULL)
  3305. return -EINVAL;
  3306. /* Attach our ldisc data */
  3307. gsm = gsm_alloc_mux();
  3308. if (gsm == NULL)
  3309. return -ENOMEM;
  3310. tty->disc_data = gsm;
  3311. tty->receive_room = 65536;
  3312. /* Attach the initial passive connection */
  3313. gsmld_attach_gsm(tty, gsm);
  3314. /* The mux will not be activated yet, we wait for correct
  3315. * configuration first.
  3316. */
  3317. if (gsm->encoding == GSM_BASIC_OPT)
  3318. gsm->receive = gsm0_receive;
  3319. else
  3320. gsm->receive = gsm1_receive;
  3321. return 0;
  3322. }
  3323. /**
  3324. * gsmld_write_wakeup - asynchronous I/O notifier
  3325. * @tty: tty device
  3326. *
  3327. * Required for the ptys, serial driver etc. since processes
  3328. * that attach themselves to the master and rely on ASYNC
  3329. * IO must be woken up
  3330. */
  3331. static void gsmld_write_wakeup(struct tty_struct *tty)
  3332. {
  3333. struct gsm_mux *gsm = tty->disc_data;
  3334. /* Queue poll */
  3335. gsmld_write_trigger(gsm);
  3336. }
  3337. /**
  3338. * gsmld_read - read function for tty
  3339. * @tty: tty device
  3340. * @file: file object
  3341. * @buf: userspace buffer pointer
  3342. * @nr: size of I/O
  3343. * @cookie: unused
  3344. * @offset: unused
  3345. *
  3346. * Perform reads for the line discipline. We are guaranteed that the
  3347. * line discipline will not be closed under us but we may get multiple
  3348. * parallel readers and must handle this ourselves. We may also get
  3349. * a hangup. Always called in user context, may sleep.
  3350. *
  3351. * This code must be sure never to sleep through a hangup.
  3352. */
  3353. static ssize_t gsmld_read(struct tty_struct *tty, struct file *file, u8 *buf,
  3354. size_t nr, void **cookie, unsigned long offset)
  3355. {
  3356. return -EOPNOTSUPP;
  3357. }
  3358. /**
  3359. * gsmld_write - write function for tty
  3360. * @tty: tty device
  3361. * @file: file object
  3362. * @buf: userspace buffer pointer
  3363. * @nr: size of I/O
  3364. *
  3365. * Called when the owner of the device wants to send a frame
  3366. * itself (or some other control data). The data is transferred
  3367. * as-is and must be properly framed and checksummed as appropriate
  3368. * by userspace. Frames are either sent whole or not at all as this
  3369. * avoids pain user side.
  3370. */
  3371. static ssize_t gsmld_write(struct tty_struct *tty, struct file *file,
  3372. const u8 *buf, size_t nr)
  3373. {
  3374. struct gsm_mux *gsm = tty->disc_data;
  3375. unsigned long flags;
  3376. size_t space;
  3377. int ret;
  3378. if (!gsm)
  3379. return -ENODEV;
  3380. ret = -ENOBUFS;
  3381. spin_lock_irqsave(&gsm->tx_lock, flags);
  3382. space = tty_write_room(tty);
  3383. if (space >= nr)
  3384. ret = tty->ops->write(tty, buf, nr);
  3385. else
  3386. set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
  3387. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  3388. return ret;
  3389. }
  3390. /**
  3391. * gsmld_poll - poll method for N_GSM0710
  3392. * @tty: terminal device
  3393. * @file: file accessing it
  3394. * @wait: poll table
  3395. *
  3396. * Called when the line discipline is asked to poll() for data or
  3397. * for special events. This code is not serialized with respect to
  3398. * other events save open/close.
  3399. *
  3400. * This code must be sure never to sleep through a hangup.
  3401. * Called without the kernel lock held - fine
  3402. */
  3403. static __poll_t gsmld_poll(struct tty_struct *tty, struct file *file,
  3404. poll_table *wait)
  3405. {
  3406. __poll_t mask = 0;
  3407. struct gsm_mux *gsm = tty->disc_data;
  3408. poll_wait(file, &tty->read_wait, wait);
  3409. poll_wait(file, &tty->write_wait, wait);
  3410. if (gsm->dead)
  3411. mask |= EPOLLHUP;
  3412. if (tty_hung_up_p(file))
  3413. mask |= EPOLLHUP;
  3414. if (test_bit(TTY_OTHER_CLOSED, &tty->flags))
  3415. mask |= EPOLLHUP;
  3416. if (!tty_is_writelocked(tty) && tty_write_room(tty) > 0)
  3417. mask |= EPOLLOUT | EPOLLWRNORM;
  3418. return mask;
  3419. }
  3420. static int gsmld_ioctl(struct tty_struct *tty, unsigned int cmd,
  3421. unsigned long arg)
  3422. {
  3423. struct gsm_config c;
  3424. struct gsm_config_ext ce;
  3425. struct gsm_dlci_config dc;
  3426. struct gsm_mux *gsm = tty->disc_data;
  3427. unsigned int base, addr;
  3428. struct gsm_dlci *dlci;
  3429. switch (cmd) {
  3430. case GSMIOC_GETCONF:
  3431. gsm_copy_config_values(gsm, &c);
  3432. if (copy_to_user((void __user *)arg, &c, sizeof(c)))
  3433. return -EFAULT;
  3434. return 0;
  3435. case GSMIOC_SETCONF:
  3436. if (copy_from_user(&c, (void __user *)arg, sizeof(c)))
  3437. return -EFAULT;
  3438. return gsm_config(gsm, &c);
  3439. case GSMIOC_GETFIRST:
  3440. base = mux_num_to_base(gsm);
  3441. return put_user(base + 1, (__u32 __user *)arg);
  3442. case GSMIOC_GETCONF_EXT:
  3443. gsm_copy_config_ext_values(gsm, &ce);
  3444. if (copy_to_user((void __user *)arg, &ce, sizeof(ce)))
  3445. return -EFAULT;
  3446. return 0;
  3447. case GSMIOC_SETCONF_EXT:
  3448. if (copy_from_user(&ce, (void __user *)arg, sizeof(ce)))
  3449. return -EFAULT;
  3450. return gsm_config_ext(gsm, &ce);
  3451. case GSMIOC_GETCONF_DLCI:
  3452. if (copy_from_user(&dc, (void __user *)arg, sizeof(dc)))
  3453. return -EFAULT;
  3454. if (dc.channel == 0 || dc.channel >= NUM_DLCI)
  3455. return -EINVAL;
  3456. addr = array_index_nospec(dc.channel, NUM_DLCI);
  3457. dlci = gsm->dlci[addr];
  3458. if (!dlci) {
  3459. dlci = gsm_dlci_alloc(gsm, addr);
  3460. if (!dlci)
  3461. return -ENOMEM;
  3462. }
  3463. gsm_dlci_copy_config_values(dlci, &dc);
  3464. if (copy_to_user((void __user *)arg, &dc, sizeof(dc)))
  3465. return -EFAULT;
  3466. return 0;
  3467. case GSMIOC_SETCONF_DLCI:
  3468. if (copy_from_user(&dc, (void __user *)arg, sizeof(dc)))
  3469. return -EFAULT;
  3470. if (dc.channel == 0 || dc.channel >= NUM_DLCI)
  3471. return -EINVAL;
  3472. addr = array_index_nospec(dc.channel, NUM_DLCI);
  3473. dlci = gsm->dlci[addr];
  3474. if (!dlci) {
  3475. dlci = gsm_dlci_alloc(gsm, addr);
  3476. if (!dlci)
  3477. return -ENOMEM;
  3478. }
  3479. return gsm_dlci_config(dlci, &dc, 0);
  3480. default:
  3481. return n_tty_ioctl_helper(tty, cmd, arg);
  3482. }
  3483. }
  3484. /*
  3485. * Network interface
  3486. *
  3487. */
  3488. static int gsm_mux_net_open(struct net_device *net)
  3489. {
  3490. pr_debug("%s called\n", __func__);
  3491. netif_start_queue(net);
  3492. return 0;
  3493. }
  3494. static int gsm_mux_net_close(struct net_device *net)
  3495. {
  3496. netif_stop_queue(net);
  3497. return 0;
  3498. }
  3499. static void dlci_net_free(struct gsm_dlci *dlci)
  3500. {
  3501. if (!dlci->net) {
  3502. WARN_ON(1);
  3503. return;
  3504. }
  3505. dlci->adaption = dlci->prev_adaption;
  3506. dlci->data = dlci->prev_data;
  3507. free_netdev(dlci->net);
  3508. dlci->net = NULL;
  3509. }
  3510. static void net_free(struct kref *ref)
  3511. {
  3512. struct gsm_mux_net *mux_net;
  3513. struct gsm_dlci *dlci;
  3514. mux_net = container_of(ref, struct gsm_mux_net, ref);
  3515. dlci = mux_net->dlci;
  3516. if (dlci->net) {
  3517. unregister_netdev(dlci->net);
  3518. dlci_net_free(dlci);
  3519. }
  3520. }
  3521. static inline void muxnet_get(struct gsm_mux_net *mux_net)
  3522. {
  3523. kref_get(&mux_net->ref);
  3524. }
  3525. static inline void muxnet_put(struct gsm_mux_net *mux_net)
  3526. {
  3527. kref_put(&mux_net->ref, net_free);
  3528. }
  3529. static netdev_tx_t gsm_mux_net_start_xmit(struct sk_buff *skb,
  3530. struct net_device *net)
  3531. {
  3532. struct gsm_mux_net *mux_net = netdev_priv(net);
  3533. struct gsm_dlci *dlci = mux_net->dlci;
  3534. muxnet_get(mux_net);
  3535. skb_queue_head(&dlci->skb_list, skb);
  3536. net->stats.tx_packets++;
  3537. net->stats.tx_bytes += skb->len;
  3538. gsm_dlci_data_kick(dlci);
  3539. /* And tell the kernel when the last transmit started. */
  3540. netif_trans_update(net);
  3541. muxnet_put(mux_net);
  3542. return NETDEV_TX_OK;
  3543. }
  3544. /* called when a packet did not ack after watchdogtimeout */
  3545. static void gsm_mux_net_tx_timeout(struct net_device *net, unsigned int txqueue)
  3546. {
  3547. /* Tell syslog we are hosed. */
  3548. dev_dbg(&net->dev, "Tx timed out.\n");
  3549. /* Update statistics */
  3550. net->stats.tx_errors++;
  3551. }
  3552. static void gsm_mux_rx_netchar(struct gsm_dlci *dlci, const u8 *in_buf, int size)
  3553. {
  3554. struct net_device *net = dlci->net;
  3555. struct sk_buff *skb;
  3556. struct gsm_mux_net *mux_net = netdev_priv(net);
  3557. muxnet_get(mux_net);
  3558. /* Allocate an sk_buff */
  3559. skb = dev_alloc_skb(size + NET_IP_ALIGN);
  3560. if (!skb) {
  3561. /* We got no receive buffer. */
  3562. net->stats.rx_dropped++;
  3563. muxnet_put(mux_net);
  3564. return;
  3565. }
  3566. skb_reserve(skb, NET_IP_ALIGN);
  3567. skb_put_data(skb, in_buf, size);
  3568. skb->dev = net;
  3569. skb->protocol = htons(ETH_P_IP);
  3570. /* Ship it off to the kernel */
  3571. netif_rx(skb);
  3572. /* update out statistics */
  3573. net->stats.rx_packets++;
  3574. net->stats.rx_bytes += size;
  3575. muxnet_put(mux_net);
  3576. return;
  3577. }
  3578. static void gsm_mux_net_init(struct net_device *net)
  3579. {
  3580. static const struct net_device_ops gsm_netdev_ops = {
  3581. .ndo_open = gsm_mux_net_open,
  3582. .ndo_stop = gsm_mux_net_close,
  3583. .ndo_start_xmit = gsm_mux_net_start_xmit,
  3584. .ndo_tx_timeout = gsm_mux_net_tx_timeout,
  3585. };
  3586. net->netdev_ops = &gsm_netdev_ops;
  3587. /* fill in the other fields */
  3588. net->watchdog_timeo = GSM_NET_TX_TIMEOUT;
  3589. net->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST;
  3590. net->type = ARPHRD_NONE;
  3591. net->tx_queue_len = 10;
  3592. }
  3593. /* caller holds the dlci mutex */
  3594. static void gsm_destroy_network(struct gsm_dlci *dlci)
  3595. {
  3596. struct gsm_mux_net *mux_net;
  3597. pr_debug("destroy network interface\n");
  3598. if (!dlci->net)
  3599. return;
  3600. mux_net = netdev_priv(dlci->net);
  3601. muxnet_put(mux_net);
  3602. }
  3603. /* caller holds the dlci mutex */
  3604. static int gsm_create_network(struct gsm_dlci *dlci, struct gsm_netconfig *nc)
  3605. {
  3606. char *netname;
  3607. int retval = 0;
  3608. struct net_device *net;
  3609. struct gsm_mux_net *mux_net;
  3610. if (!capable(CAP_NET_ADMIN))
  3611. return -EPERM;
  3612. /* Already in a non tty mode */
  3613. if (dlci->adaption > 2)
  3614. return -EBUSY;
  3615. if (nc->protocol != htons(ETH_P_IP))
  3616. return -EPROTONOSUPPORT;
  3617. if (nc->adaption != 3 && nc->adaption != 4)
  3618. return -EPROTONOSUPPORT;
  3619. pr_debug("create network interface\n");
  3620. netname = "gsm%d";
  3621. if (nc->if_name[0] != '\0')
  3622. netname = nc->if_name;
  3623. net = alloc_netdev(sizeof(struct gsm_mux_net), netname,
  3624. NET_NAME_UNKNOWN, gsm_mux_net_init);
  3625. if (!net) {
  3626. pr_err("alloc_netdev failed\n");
  3627. return -ENOMEM;
  3628. }
  3629. net->mtu = dlci->mtu;
  3630. net->min_mtu = MIN_MTU;
  3631. net->max_mtu = dlci->mtu;
  3632. mux_net = netdev_priv(net);
  3633. mux_net->dlci = dlci;
  3634. kref_init(&mux_net->ref);
  3635. strscpy(nc->if_name, net->name); /* return net name */
  3636. /* reconfigure dlci for network */
  3637. dlci->prev_adaption = dlci->adaption;
  3638. dlci->prev_data = dlci->data;
  3639. dlci->adaption = nc->adaption;
  3640. dlci->data = gsm_mux_rx_netchar;
  3641. dlci->net = net;
  3642. pr_debug("register netdev\n");
  3643. retval = register_netdev(net);
  3644. if (retval) {
  3645. pr_err("network register fail %d\n", retval);
  3646. dlci_net_free(dlci);
  3647. return retval;
  3648. }
  3649. return net->ifindex; /* return network index */
  3650. }
  3651. /* Line discipline for real tty */
  3652. static struct tty_ldisc_ops tty_ldisc_packet = {
  3653. .owner = THIS_MODULE,
  3654. .num = N_GSM0710,
  3655. .name = "n_gsm",
  3656. .open = gsmld_open,
  3657. .close = gsmld_close,
  3658. .flush_buffer = gsmld_flush_buffer,
  3659. .read = gsmld_read,
  3660. .write = gsmld_write,
  3661. .ioctl = gsmld_ioctl,
  3662. .poll = gsmld_poll,
  3663. .receive_buf = gsmld_receive_buf,
  3664. .write_wakeup = gsmld_write_wakeup
  3665. };
  3666. /*
  3667. * Virtual tty side
  3668. */
  3669. /**
  3670. * gsm_modem_upd_via_data - send modem bits via convergence layer
  3671. * @dlci: channel
  3672. * @brk: break signal
  3673. *
  3674. * Send an empty frame to signal mobile state changes and to transmit the
  3675. * break signal for adaption 2.
  3676. */
  3677. static void gsm_modem_upd_via_data(struct gsm_dlci *dlci, u8 brk)
  3678. {
  3679. struct gsm_mux *gsm = dlci->gsm;
  3680. unsigned long flags;
  3681. if (dlci->state != DLCI_OPEN || dlci->adaption != 2)
  3682. return;
  3683. spin_lock_irqsave(&gsm->tx_lock, flags);
  3684. gsm_dlci_modem_output(gsm, dlci, brk);
  3685. spin_unlock_irqrestore(&gsm->tx_lock, flags);
  3686. }
  3687. /**
  3688. * gsm_modem_upd_via_msc - send modem bits via control frame
  3689. * @dlci: channel
  3690. * @brk: break signal
  3691. */
  3692. static int gsm_modem_upd_via_msc(struct gsm_dlci *dlci, u8 brk)
  3693. {
  3694. u8 modembits[3];
  3695. struct gsm_control *ctrl;
  3696. int len = 2;
  3697. if (dlci->gsm->encoding != GSM_BASIC_OPT)
  3698. return 0;
  3699. modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
  3700. if (!brk) {
  3701. modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
  3702. } else {
  3703. modembits[1] = gsm_encode_modem(dlci) << 1;
  3704. modembits[2] = (brk << 4) | 2 | EA; /* Length, Break, EA */
  3705. len++;
  3706. }
  3707. ctrl = gsm_control_send(dlci->gsm, CMD_MSC, modembits, len);
  3708. if (ctrl == NULL)
  3709. return -ENOMEM;
  3710. return gsm_control_wait(dlci->gsm, ctrl);
  3711. }
  3712. /**
  3713. * gsm_modem_send_initial_msc - Send initial modem status message
  3714. *
  3715. * @dlci: channel
  3716. *
  3717. * Send an initial MSC message after DLCI open to set the initial
  3718. * modem status lines. This is only done for basic mode.
  3719. * Does not wait for a response as we cannot block the input queue
  3720. * processing.
  3721. */
  3722. static int gsm_modem_send_initial_msc(struct gsm_dlci *dlci)
  3723. {
  3724. u8 modembits[2];
  3725. if (dlci->adaption != 1 || dlci->gsm->encoding != GSM_BASIC_OPT)
  3726. return 0;
  3727. modembits[0] = (dlci->addr << 2) | 2 | EA; /* DLCI, Valid, EA */
  3728. modembits[1] = (gsm_encode_modem(dlci) << 1) | EA;
  3729. return gsm_control_command(dlci->gsm, CMD_MSC, (const u8 *)&modembits, 2);
  3730. }
  3731. /**
  3732. * gsm_modem_update - send modem status line state
  3733. * @dlci: channel
  3734. * @brk: break signal
  3735. */
  3736. static int gsm_modem_update(struct gsm_dlci *dlci, u8 brk)
  3737. {
  3738. if (dlci->gsm->dead)
  3739. return -EL2HLT;
  3740. if (dlci->adaption == 2) {
  3741. /* Send convergence layer type 2 empty data frame. */
  3742. gsm_modem_upd_via_data(dlci, brk);
  3743. return 0;
  3744. } else if (dlci->gsm->encoding == GSM_BASIC_OPT) {
  3745. /* Send as MSC control message. */
  3746. return gsm_modem_upd_via_msc(dlci, brk);
  3747. }
  3748. /* Modem status lines are not supported. */
  3749. return -EPROTONOSUPPORT;
  3750. }
  3751. /**
  3752. * gsm_wait_modem_change - wait for modem status line change
  3753. * @dlci: channel
  3754. * @mask: modem status line bits
  3755. *
  3756. * The function returns if:
  3757. * - any given modem status line bit changed
  3758. * - the wait event function got interrupted (e.g. by a signal)
  3759. * - the underlying DLCI was closed
  3760. * - the underlying ldisc device was removed
  3761. */
  3762. static int gsm_wait_modem_change(struct gsm_dlci *dlci, u32 mask)
  3763. {
  3764. struct gsm_mux *gsm = dlci->gsm;
  3765. u32 old = dlci->modem_rx;
  3766. int ret;
  3767. ret = wait_event_interruptible(gsm->event, gsm->dead ||
  3768. dlci->state != DLCI_OPEN ||
  3769. (old ^ dlci->modem_rx) & mask);
  3770. if (gsm->dead)
  3771. return -ENODEV;
  3772. if (dlci->state != DLCI_OPEN)
  3773. return -EL2NSYNC;
  3774. return ret;
  3775. }
  3776. static bool gsm_carrier_raised(struct tty_port *port)
  3777. {
  3778. struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
  3779. struct gsm_mux *gsm = dlci->gsm;
  3780. /* Not yet open so no carrier info */
  3781. if (dlci->state != DLCI_OPEN)
  3782. return false;
  3783. if (debug & DBG_CD_ON)
  3784. return true;
  3785. /*
  3786. * Basic mode with control channel in ADM mode may not respond
  3787. * to CMD_MSC at all and modem_rx is empty.
  3788. */
  3789. if (gsm->encoding == GSM_BASIC_OPT &&
  3790. gsm->dlci[0]->mode == DLCI_MODE_ADM && !dlci->modem_rx)
  3791. return true;
  3792. return dlci->modem_rx & TIOCM_CD;
  3793. }
  3794. static void gsm_dtr_rts(struct tty_port *port, bool active)
  3795. {
  3796. struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port);
  3797. unsigned int modem_tx = dlci->modem_tx;
  3798. if (active)
  3799. modem_tx |= TIOCM_DTR | TIOCM_RTS;
  3800. else
  3801. modem_tx &= ~(TIOCM_DTR | TIOCM_RTS);
  3802. if (modem_tx != dlci->modem_tx) {
  3803. dlci->modem_tx = modem_tx;
  3804. gsm_modem_update(dlci, 0);
  3805. }
  3806. }
  3807. static const struct tty_port_operations gsm_port_ops = {
  3808. .carrier_raised = gsm_carrier_raised,
  3809. .dtr_rts = gsm_dtr_rts,
  3810. .destruct = gsm_dlci_free,
  3811. };
  3812. static int gsmtty_install(struct tty_driver *driver, struct tty_struct *tty)
  3813. {
  3814. struct gsm_mux *gsm;
  3815. struct gsm_dlci *dlci, *dlci0;
  3816. unsigned int line = tty->index;
  3817. unsigned int mux = mux_line_to_num(line);
  3818. bool alloc = false;
  3819. int ret;
  3820. line = line & 0x3F;
  3821. if (mux >= MAX_MUX)
  3822. return -ENXIO;
  3823. /* FIXME: we need to lock gsm_mux for lifetimes of ttys eventually */
  3824. if (gsm_mux[mux] == NULL)
  3825. return -EUNATCH;
  3826. if (line == 0 || line > 61) /* 62/63 reserved */
  3827. return -ECHRNG;
  3828. gsm = gsm_mux[mux];
  3829. if (gsm->dead)
  3830. return -EL2HLT;
  3831. /* If DLCI 0 is not yet fully open return an error.
  3832. This is ok from a locking
  3833. perspective as we don't have to worry about this
  3834. if DLCI0 is lost */
  3835. mutex_lock(&gsm->mutex);
  3836. dlci0 = gsm->dlci[0];
  3837. if (dlci0 && dlci0->state != DLCI_OPEN) {
  3838. mutex_unlock(&gsm->mutex);
  3839. if (dlci0->state == DLCI_OPENING)
  3840. wait_event(gsm->event, dlci0->state != DLCI_OPENING);
  3841. if (dlci0->state != DLCI_OPEN)
  3842. return -EL2NSYNC;
  3843. mutex_lock(&gsm->mutex);
  3844. }
  3845. dlci = gsm->dlci[line];
  3846. if (dlci == NULL) {
  3847. alloc = true;
  3848. dlci = gsm_dlci_alloc(gsm, line);
  3849. }
  3850. if (dlci == NULL) {
  3851. mutex_unlock(&gsm->mutex);
  3852. return -ENOMEM;
  3853. }
  3854. ret = tty_port_install(&dlci->port, driver, tty);
  3855. if (ret) {
  3856. if (alloc)
  3857. dlci_put(dlci);
  3858. mutex_unlock(&gsm->mutex);
  3859. return ret;
  3860. }
  3861. dlci_get(dlci);
  3862. dlci_get(gsm->dlci[0]);
  3863. mux_get(gsm);
  3864. tty->driver_data = dlci;
  3865. mutex_unlock(&gsm->mutex);
  3866. return 0;
  3867. }
  3868. static int gsmtty_open(struct tty_struct *tty, struct file *filp)
  3869. {
  3870. struct gsm_dlci *dlci = tty->driver_data;
  3871. struct tty_port *port = &dlci->port;
  3872. port->count++;
  3873. tty_port_tty_set(port, tty);
  3874. dlci->modem_rx = 0;
  3875. /* We could in theory open and close before we wait - eg if we get
  3876. a DM straight back. This is ok as that will have caused a hangup */
  3877. tty_port_set_initialized(port, true);
  3878. /* Start sending off SABM messages */
  3879. if (!dlci->gsm->wait_config) {
  3880. /* Start sending off SABM messages */
  3881. if (dlci->gsm->initiator)
  3882. gsm_dlci_begin_open(dlci);
  3883. else
  3884. gsm_dlci_set_opening(dlci);
  3885. } else {
  3886. gsm_dlci_set_wait_config(dlci);
  3887. }
  3888. /* And wait for virtual carrier */
  3889. return tty_port_block_til_ready(port, tty, filp);
  3890. }
  3891. static void gsmtty_close(struct tty_struct *tty, struct file *filp)
  3892. {
  3893. struct gsm_dlci *dlci = tty->driver_data;
  3894. if (dlci == NULL)
  3895. return;
  3896. if (dlci->state == DLCI_CLOSED)
  3897. return;
  3898. mutex_lock(&dlci->mutex);
  3899. gsm_destroy_network(dlci);
  3900. mutex_unlock(&dlci->mutex);
  3901. if (tty_port_close_start(&dlci->port, tty, filp) == 0)
  3902. return;
  3903. gsm_dlci_begin_close(dlci);
  3904. if (tty_port_initialized(&dlci->port) && C_HUPCL(tty))
  3905. tty_port_lower_dtr_rts(&dlci->port);
  3906. tty_port_close_end(&dlci->port, tty);
  3907. tty_port_tty_set(&dlci->port, NULL);
  3908. return;
  3909. }
  3910. static void gsmtty_hangup(struct tty_struct *tty)
  3911. {
  3912. struct gsm_dlci *dlci = tty->driver_data;
  3913. if (dlci->state == DLCI_CLOSED)
  3914. return;
  3915. tty_port_hangup(&dlci->port);
  3916. gsm_dlci_begin_close(dlci);
  3917. }
  3918. static ssize_t gsmtty_write(struct tty_struct *tty, const u8 *buf, size_t len)
  3919. {
  3920. int sent;
  3921. struct gsm_dlci *dlci = tty->driver_data;
  3922. if (dlci->state == DLCI_CLOSED)
  3923. return -EINVAL;
  3924. /* Stuff the bytes into the fifo queue */
  3925. sent = kfifo_in_locked(&dlci->fifo, buf, len, &dlci->lock);
  3926. /* Need to kick the channel */
  3927. gsm_dlci_data_kick(dlci);
  3928. return sent;
  3929. }
  3930. static unsigned int gsmtty_write_room(struct tty_struct *tty)
  3931. {
  3932. struct gsm_dlci *dlci = tty->driver_data;
  3933. if (dlci->state == DLCI_CLOSED)
  3934. return 0;
  3935. return kfifo_avail(&dlci->fifo);
  3936. }
  3937. static unsigned int gsmtty_chars_in_buffer(struct tty_struct *tty)
  3938. {
  3939. struct gsm_dlci *dlci = tty->driver_data;
  3940. if (dlci->state == DLCI_CLOSED)
  3941. return 0;
  3942. return kfifo_len(&dlci->fifo);
  3943. }
  3944. static void gsmtty_flush_buffer(struct tty_struct *tty)
  3945. {
  3946. struct gsm_dlci *dlci = tty->driver_data;
  3947. unsigned long flags;
  3948. if (dlci->state == DLCI_CLOSED)
  3949. return;
  3950. /* Caution needed: If we implement reliable transport classes
  3951. then the data being transmitted can't simply be junked once
  3952. it has first hit the stack. Until then we can just blow it
  3953. away */
  3954. spin_lock_irqsave(&dlci->lock, flags);
  3955. kfifo_reset(&dlci->fifo);
  3956. spin_unlock_irqrestore(&dlci->lock, flags);
  3957. /* Need to unhook this DLCI from the transmit queue logic */
  3958. }
  3959. static void gsmtty_wait_until_sent(struct tty_struct *tty, int timeout)
  3960. {
  3961. /* The FIFO handles the queue so the kernel will do the right
  3962. thing waiting on chars_in_buffer before calling us. No work
  3963. to do here */
  3964. }
  3965. static int gsmtty_tiocmget(struct tty_struct *tty)
  3966. {
  3967. struct gsm_dlci *dlci = tty->driver_data;
  3968. if (dlci->state == DLCI_CLOSED)
  3969. return -EINVAL;
  3970. return dlci->modem_rx;
  3971. }
  3972. static int gsmtty_tiocmset(struct tty_struct *tty,
  3973. unsigned int set, unsigned int clear)
  3974. {
  3975. struct gsm_dlci *dlci = tty->driver_data;
  3976. unsigned int modem_tx = dlci->modem_tx;
  3977. if (dlci->state == DLCI_CLOSED)
  3978. return -EINVAL;
  3979. modem_tx &= ~clear;
  3980. modem_tx |= set;
  3981. if (modem_tx != dlci->modem_tx) {
  3982. dlci->modem_tx = modem_tx;
  3983. return gsm_modem_update(dlci, 0);
  3984. }
  3985. return 0;
  3986. }
  3987. static int gsmtty_ioctl(struct tty_struct *tty,
  3988. unsigned int cmd, unsigned long arg)
  3989. {
  3990. struct gsm_dlci *dlci = tty->driver_data;
  3991. struct gsm_netconfig nc;
  3992. struct gsm_dlci_config dc;
  3993. int index;
  3994. if (dlci->state == DLCI_CLOSED)
  3995. return -EINVAL;
  3996. switch (cmd) {
  3997. case GSMIOC_ENABLE_NET:
  3998. if (copy_from_user(&nc, (void __user *)arg, sizeof(nc)))
  3999. return -EFAULT;
  4000. nc.if_name[IFNAMSIZ-1] = '\0';
  4001. /* return net interface index or error code */
  4002. mutex_lock(&dlci->mutex);
  4003. index = gsm_create_network(dlci, &nc);
  4004. mutex_unlock(&dlci->mutex);
  4005. if (copy_to_user((void __user *)arg, &nc, sizeof(nc)))
  4006. return -EFAULT;
  4007. return index;
  4008. case GSMIOC_DISABLE_NET:
  4009. if (!capable(CAP_NET_ADMIN))
  4010. return -EPERM;
  4011. mutex_lock(&dlci->mutex);
  4012. gsm_destroy_network(dlci);
  4013. mutex_unlock(&dlci->mutex);
  4014. return 0;
  4015. case GSMIOC_GETCONF_DLCI:
  4016. if (copy_from_user(&dc, (void __user *)arg, sizeof(dc)))
  4017. return -EFAULT;
  4018. if (dc.channel != dlci->addr)
  4019. return -EPERM;
  4020. gsm_dlci_copy_config_values(dlci, &dc);
  4021. if (copy_to_user((void __user *)arg, &dc, sizeof(dc)))
  4022. return -EFAULT;
  4023. return 0;
  4024. case GSMIOC_SETCONF_DLCI:
  4025. if (copy_from_user(&dc, (void __user *)arg, sizeof(dc)))
  4026. return -EFAULT;
  4027. if (dc.channel >= NUM_DLCI)
  4028. return -EINVAL;
  4029. if (dc.channel != 0 && dc.channel != dlci->addr)
  4030. return -EPERM;
  4031. return gsm_dlci_config(dlci, &dc, 1);
  4032. case TIOCMIWAIT:
  4033. return gsm_wait_modem_change(dlci, (u32)arg);
  4034. default:
  4035. return -ENOIOCTLCMD;
  4036. }
  4037. }
  4038. static void gsmtty_set_termios(struct tty_struct *tty,
  4039. const struct ktermios *old)
  4040. {
  4041. struct gsm_dlci *dlci = tty->driver_data;
  4042. if (dlci->state == DLCI_CLOSED)
  4043. return;
  4044. /* For the moment its fixed. In actual fact the speed information
  4045. for the virtual channel can be propogated in both directions by
  4046. the RPN control message. This however rapidly gets nasty as we
  4047. then have to remap modem signals each way according to whether
  4048. our virtual cable is null modem etc .. */
  4049. tty_termios_copy_hw(&tty->termios, old);
  4050. }
  4051. static void gsmtty_throttle(struct tty_struct *tty)
  4052. {
  4053. struct gsm_dlci *dlci = tty->driver_data;
  4054. if (dlci->state == DLCI_CLOSED)
  4055. return;
  4056. if (C_CRTSCTS(tty))
  4057. dlci->modem_tx &= ~TIOCM_RTS;
  4058. dlci->throttled = true;
  4059. /* Send an MSC with RTS cleared */
  4060. gsm_modem_update(dlci, 0);
  4061. }
  4062. static void gsmtty_unthrottle(struct tty_struct *tty)
  4063. {
  4064. struct gsm_dlci *dlci = tty->driver_data;
  4065. if (dlci->state == DLCI_CLOSED)
  4066. return;
  4067. if (C_CRTSCTS(tty))
  4068. dlci->modem_tx |= TIOCM_RTS;
  4069. dlci->throttled = false;
  4070. /* Send an MSC with RTS set */
  4071. gsm_modem_update(dlci, 0);
  4072. }
  4073. static int gsmtty_break_ctl(struct tty_struct *tty, int state)
  4074. {
  4075. struct gsm_dlci *dlci = tty->driver_data;
  4076. int encode = 0; /* Off */
  4077. if (dlci->state == DLCI_CLOSED)
  4078. return -EINVAL;
  4079. if (state == -1) /* "On indefinitely" - we can't encode this
  4080. properly */
  4081. encode = 0x0F;
  4082. else if (state > 0) {
  4083. encode = state / 200; /* mS to encoding */
  4084. if (encode > 0x0F)
  4085. encode = 0x0F; /* Best effort */
  4086. }
  4087. return gsm_modem_update(dlci, encode);
  4088. }
  4089. static void gsmtty_cleanup(struct tty_struct *tty)
  4090. {
  4091. struct gsm_dlci *dlci = tty->driver_data;
  4092. struct gsm_mux *gsm = dlci->gsm;
  4093. dlci_put(dlci);
  4094. dlci_put(gsm->dlci[0]);
  4095. mux_put(gsm);
  4096. }
  4097. /* Virtual ttys for the demux */
  4098. static const struct tty_operations gsmtty_ops = {
  4099. .install = gsmtty_install,
  4100. .open = gsmtty_open,
  4101. .close = gsmtty_close,
  4102. .write = gsmtty_write,
  4103. .write_room = gsmtty_write_room,
  4104. .chars_in_buffer = gsmtty_chars_in_buffer,
  4105. .flush_buffer = gsmtty_flush_buffer,
  4106. .ioctl = gsmtty_ioctl,
  4107. .throttle = gsmtty_throttle,
  4108. .unthrottle = gsmtty_unthrottle,
  4109. .set_termios = gsmtty_set_termios,
  4110. .hangup = gsmtty_hangup,
  4111. .wait_until_sent = gsmtty_wait_until_sent,
  4112. .tiocmget = gsmtty_tiocmget,
  4113. .tiocmset = gsmtty_tiocmset,
  4114. .break_ctl = gsmtty_break_ctl,
  4115. .cleanup = gsmtty_cleanup,
  4116. };
  4117. static int __init gsm_init(void)
  4118. {
  4119. /* Fill in our line protocol discipline, and register it */
  4120. int status = tty_register_ldisc(&tty_ldisc_packet);
  4121. if (status != 0) {
  4122. pr_err("n_gsm: can't register line discipline (err = %d)\n",
  4123. status);
  4124. return status;
  4125. }
  4126. gsm_tty_driver = tty_alloc_driver(GSM_TTY_MINORS, TTY_DRIVER_REAL_RAW |
  4127. TTY_DRIVER_DYNAMIC_DEV | TTY_DRIVER_HARDWARE_BREAK);
  4128. if (IS_ERR(gsm_tty_driver)) {
  4129. pr_err("gsm_init: tty allocation failed.\n");
  4130. status = PTR_ERR(gsm_tty_driver);
  4131. goto err_unreg_ldisc;
  4132. }
  4133. gsm_tty_driver->driver_name = "gsmtty";
  4134. gsm_tty_driver->name = "gsmtty";
  4135. gsm_tty_driver->major = 0; /* Dynamic */
  4136. gsm_tty_driver->minor_start = 0;
  4137. gsm_tty_driver->type = TTY_DRIVER_TYPE_SERIAL;
  4138. gsm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
  4139. gsm_tty_driver->init_termios = tty_std_termios;
  4140. /* Fixme */
  4141. gsm_tty_driver->init_termios.c_lflag &= ~ECHO;
  4142. tty_set_operations(gsm_tty_driver, &gsmtty_ops);
  4143. if (tty_register_driver(gsm_tty_driver)) {
  4144. pr_err("gsm_init: tty registration failed.\n");
  4145. status = -EBUSY;
  4146. goto err_put_driver;
  4147. }
  4148. pr_debug("gsm_init: loaded as %d,%d.\n",
  4149. gsm_tty_driver->major, gsm_tty_driver->minor_start);
  4150. return 0;
  4151. err_put_driver:
  4152. tty_driver_kref_put(gsm_tty_driver);
  4153. err_unreg_ldisc:
  4154. tty_unregister_ldisc(&tty_ldisc_packet);
  4155. return status;
  4156. }
  4157. static void __exit gsm_exit(void)
  4158. {
  4159. tty_unregister_ldisc(&tty_ldisc_packet);
  4160. tty_unregister_driver(gsm_tty_driver);
  4161. tty_driver_kref_put(gsm_tty_driver);
  4162. }
  4163. module_init(gsm_init);
  4164. module_exit(gsm_exit);
  4165. MODULE_DESCRIPTION("GSM 0710 tty multiplexor");
  4166. MODULE_LICENSE("GPL");
  4167. MODULE_ALIAS_LDISC(N_GSM0710);