1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * 6pack.c This module implements the 6pack protocol for kernel-based
4 * devices like TTY. It interfaces between a raw TTY and the
5 * kernel's AX.25 protocol layers.
6 *
7 * Authors: Andreas Könsgen <ajk@comnets.uni-bremen.de>
8 * Ralf Baechle DL5RB <ralf@linux-mips.org>
9 *
10 * Quite a lot of stuff "stolen" by Joerg Reuter from slip.c, written by
11 *
12 * Laurence Culhane, <loz@holmes.demon.co.uk>
13 * Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
14 */
15
16 #include <linux/module.h>
17 #include <linux/uaccess.h>
18 #include <linux/bitops.h>
19 #include <linux/string.h>
20 #include <linux/mm.h>
21 #include <linux/interrupt.h>
22 #include <linux/in.h>
23 #include <linux/tty.h>
24 #include <linux/errno.h>
25 #include <linux/netdevice.h>
26 #include <linux/timer.h>
27 #include <linux/slab.h>
28 #include <net/ax25.h>
29 #include <linux/etherdevice.h>
30 #include <linux/skbuff.h>
31 #include <linux/rtnetlink.h>
32 #include <linux/spinlock.h>
33 #include <linux/if_arp.h>
34 #include <linux/init.h>
35 #include <linux/ip.h>
36 #include <linux/tcp.h>
37 #include <linux/semaphore.h>
38 #include <linux/refcount.h>
39
40 #define SIXPACK_VERSION "Revision: 0.3.0"
41
42 /* sixpack priority commands */
43 #define SIXP_SEOF 0x40 /* start and end of a 6pack frame */
44 #define SIXP_TX_URUN 0x48 /* transmit overrun */
45 #define SIXP_RX_ORUN 0x50 /* receive overrun */
46 #define SIXP_RX_BUF_OVL 0x58 /* receive buffer overflow */
47
48 #define SIXP_CHKSUM 0xFF /* valid checksum of a 6pack frame */
49
50 /* masks to get certain bits out of the status bytes sent by the TNC */
51
52 #define SIXP_CMD_MASK 0xC0
53 #define SIXP_CHN_MASK 0x07
54 #define SIXP_PRIO_CMD_MASK 0x80
55 #define SIXP_STD_CMD_MASK 0x40
56 #define SIXP_PRIO_DATA_MASK 0x38
57 #define SIXP_TX_MASK 0x20
58 #define SIXP_RX_MASK 0x10
59 #define SIXP_RX_DCD_MASK 0x18
60 #define SIXP_LEDS_ON 0x78
61 #define SIXP_LEDS_OFF 0x60
62 #define SIXP_CON 0x08
63 #define SIXP_STA 0x10
64
65 #define SIXP_FOUND_TNC 0xe9
66 #define SIXP_CON_ON 0x68
67 #define SIXP_DCD_MASK 0x08
68 #define SIXP_DAMA_OFF 0
69
70 /* default level 2 parameters */
71 #define SIXP_TXDELAY (HZ/4) /* in 1 s */
72 #define SIXP_PERSIST 50 /* in 256ths */
73 #define SIXP_SLOTTIME (HZ/10) /* in 1 s */
74 #define SIXP_INIT_RESYNC_TIMEOUT (3*HZ/2) /* in 1 s */
75 #define SIXP_RESYNC_TIMEOUT 5*HZ /* in 1 s */
76
77 /* 6pack configuration. */
78 #define SIXP_NRUNIT 31 /* MAX number of 6pack channels */
79 #define SIXP_MTU 256 /* Default MTU */
80
81 enum sixpack_flags {
82 SIXPF_ERROR, /* Parity, etc. error */
83 };
84
85 struct sixpack {
86 /* Various fields. */
87 struct tty_struct *tty; /* ptr to TTY structure */
88 struct net_device *dev; /* easy for intr handling */
89
90 /* These are pointers to the malloc()ed frame buffers. */
91 unsigned char *rbuff; /* receiver buffer */
92 int rcount; /* received chars counter */
93 unsigned char *xbuff; /* transmitter buffer */
94 unsigned char *xhead; /* next byte to XMIT */
95 int xleft; /* bytes left in XMIT queue */
96
97 unsigned char raw_buf[4];
98 unsigned char cooked_buf[400];
99
100 unsigned int rx_count;
101 unsigned int rx_count_cooked;
102
103 int mtu; /* Our mtu (to spot changes!) */
104 int buffsize; /* Max buffers sizes */
105
106 unsigned long flags; /* Flag values/ mode etc */
107 unsigned char mode; /* 6pack mode */
108
109 /* 6pack stuff */
110 unsigned char tx_delay;
111 unsigned char persistence;
112 unsigned char slottime;
113 unsigned char duplex;
114 unsigned char led_state;
115 unsigned char status;
116 unsigned char status1;
117 unsigned char status2;
118 unsigned char tx_enable;
119 unsigned char tnc_state;
120
121 struct timer_list tx_t;
122 struct timer_list resync_t;
123 refcount_t refcnt;
124 struct completion dead;
125 spinlock_t lock;
126 };
127
128 #define AX25_6PACK_HEADER_LEN 0
129
130 static void sixpack_decode(struct sixpack *, const unsigned char[], int);
131 static int encode_sixpack(unsigned char *, unsigned char *, int, unsigned char);
132
133 /*
134 * Perform the persistence/slottime algorithm for CSMA access. If the
135 * persistence check was successful, write the data to the serial driver.
136 * Note that in case of DAMA operation, the data is not sent here.
137 */
138
sp_xmit_on_air(struct timer_list * t)139 static void sp_xmit_on_air(struct timer_list *t)
140 {
141 struct sixpack *sp = from_timer(sp, t, tx_t);
142 int actual, when = sp->slottime;
143 static unsigned char random;
144
145 random = random * 17 + 41;
146
147 if (((sp->status1 & SIXP_DCD_MASK) == 0) && (random < sp->persistence)) {
148 sp->led_state = 0x70;
149 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
150 sp->tx_enable = 1;
151 actual = sp->tty->ops->write(sp->tty, sp->xbuff, sp->status2);
152 sp->xleft -= actual;
153 sp->xhead += actual;
154 sp->led_state = 0x60;
155 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
156 sp->status2 = 0;
157 } else
158 mod_timer(&sp->tx_t, jiffies + ((when + 1) * HZ) / 100);
159 }
160
161 /* ----> 6pack timer interrupt handler and friends. <---- */
162
163 /* Encapsulate one AX.25 frame and stuff into a TTY queue. */
sp_encaps(struct sixpack * sp,unsigned char * icp,int len)164 static void sp_encaps(struct sixpack *sp, unsigned char *icp, int len)
165 {
166 unsigned char *msg, *p = icp;
167 int actual, count;
168
169 if (len > sp->mtu) { /* sp->mtu = AX25_MTU = max. PACLEN = 256 */
170 msg = "oversized transmit packet!";
171 goto out_drop;
172 }
173
174 if (len > sp->mtu) { /* sp->mtu = AX25_MTU = max. PACLEN = 256 */
175 msg = "oversized transmit packet!";
176 goto out_drop;
177 }
178
179 if (p[0] > 5) {
180 msg = "invalid KISS command";
181 goto out_drop;
182 }
183
184 if ((p[0] != 0) && (len > 2)) {
185 msg = "KISS control packet too long";
186 goto out_drop;
187 }
188
189 if ((p[0] == 0) && (len < 15)) {
190 msg = "bad AX.25 packet to transmit";
191 goto out_drop;
192 }
193
194 count = encode_sixpack(p, sp->xbuff, len, sp->tx_delay);
195 set_bit(TTY_DO_WRITE_WAKEUP, &sp->tty->flags);
196
197 switch (p[0]) {
198 case 1: sp->tx_delay = p[1];
199 return;
200 case 2: sp->persistence = p[1];
201 return;
202 case 3: sp->slottime = p[1];
203 return;
204 case 4: /* ignored */
205 return;
206 case 5: sp->duplex = p[1];
207 return;
208 }
209
210 if (p[0] != 0)
211 return;
212
213 /*
214 * In case of fullduplex or DAMA operation, we don't take care about the
215 * state of the DCD or of any timers, as the determination of the
216 * correct time to send is the job of the AX.25 layer. We send
217 * immediately after data has arrived.
218 */
219 if (sp->duplex == 1) {
220 sp->led_state = 0x70;
221 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
222 sp->tx_enable = 1;
223 actual = sp->tty->ops->write(sp->tty, sp->xbuff, count);
224 sp->xleft = count - actual;
225 sp->xhead = sp->xbuff + actual;
226 sp->led_state = 0x60;
227 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
228 } else {
229 sp->xleft = count;
230 sp->xhead = sp->xbuff;
231 sp->status2 = count;
232 sp_xmit_on_air(&sp->tx_t);
233 }
234
235 return;
236
237 out_drop:
238 sp->dev->stats.tx_dropped++;
239 netif_start_queue(sp->dev);
240 if (net_ratelimit())
241 printk(KERN_DEBUG "%s: %s - dropped.\n", sp->dev->name, msg);
242 }
243
244 /* Encapsulate an IP datagram and kick it into a TTY queue. */
245
sp_xmit(struct sk_buff * skb,struct net_device * dev)246 static netdev_tx_t sp_xmit(struct sk_buff *skb, struct net_device *dev)
247 {
248 struct sixpack *sp = netdev_priv(dev);
249
250 if (skb->protocol == htons(ETH_P_IP))
251 return ax25_ip_xmit(skb);
252
253 spin_lock_bh(&sp->lock);
254 /* We were not busy, so we are now... :-) */
255 netif_stop_queue(dev);
256 dev->stats.tx_bytes += skb->len;
257 sp_encaps(sp, skb->data, skb->len);
258 spin_unlock_bh(&sp->lock);
259
260 dev_kfree_skb(skb);
261
262 return NETDEV_TX_OK;
263 }
264
sp_open_dev(struct net_device * dev)265 static int sp_open_dev(struct net_device *dev)
266 {
267 struct sixpack *sp = netdev_priv(dev);
268
269 if (sp->tty == NULL)
270 return -ENODEV;
271 return 0;
272 }
273
274 /* Close the low-level part of the 6pack channel. */
sp_close(struct net_device * dev)275 static int sp_close(struct net_device *dev)
276 {
277 struct sixpack *sp = netdev_priv(dev);
278
279 spin_lock_bh(&sp->lock);
280 if (sp->tty) {
281 /* TTY discipline is running. */
282 clear_bit(TTY_DO_WRITE_WAKEUP, &sp->tty->flags);
283 }
284 netif_stop_queue(dev);
285 spin_unlock_bh(&sp->lock);
286
287 return 0;
288 }
289
sp_set_mac_address(struct net_device * dev,void * addr)290 static int sp_set_mac_address(struct net_device *dev, void *addr)
291 {
292 struct sockaddr_ax25 *sa = addr;
293
294 netif_tx_lock_bh(dev);
295 netif_addr_lock(dev);
296 memcpy(dev->dev_addr, &sa->sax25_call, AX25_ADDR_LEN);
297 netif_addr_unlock(dev);
298 netif_tx_unlock_bh(dev);
299
300 return 0;
301 }
302
303 static const struct net_device_ops sp_netdev_ops = {
304 .ndo_open = sp_open_dev,
305 .ndo_stop = sp_close,
306 .ndo_start_xmit = sp_xmit,
307 .ndo_set_mac_address = sp_set_mac_address,
308 };
309
sp_setup(struct net_device * dev)310 static void sp_setup(struct net_device *dev)
311 {
312 /* Finish setting up the DEVICE info. */
313 dev->netdev_ops = &sp_netdev_ops;
314 dev->needs_free_netdev = true;
315 dev->mtu = SIXP_MTU;
316 dev->hard_header_len = AX25_MAX_HEADER_LEN;
317 dev->header_ops = &ax25_header_ops;
318
319 dev->addr_len = AX25_ADDR_LEN;
320 dev->type = ARPHRD_AX25;
321 dev->tx_queue_len = 10;
322
323 /* Only activated in AX.25 mode */
324 memcpy(dev->broadcast, &ax25_bcast, AX25_ADDR_LEN);
325 memcpy(dev->dev_addr, &ax25_defaddr, AX25_ADDR_LEN);
326
327 dev->flags = 0;
328 }
329
330 /* Send one completely decapsulated IP datagram to the IP layer. */
331
332 /*
333 * This is the routine that sends the received data to the kernel AX.25.
334 * 'cmd' is the KISS command. For AX.25 data, it is zero.
335 */
336
sp_bump(struct sixpack * sp,char cmd)337 static void sp_bump(struct sixpack *sp, char cmd)
338 {
339 struct sk_buff *skb;
340 int count;
341 unsigned char *ptr;
342
343 count = sp->rcount + 1;
344
345 sp->dev->stats.rx_bytes += count;
346
347 if ((skb = dev_alloc_skb(count + 1)) == NULL)
348 goto out_mem;
349
350 ptr = skb_put(skb, count + 1);
351 *ptr++ = cmd; /* KISS command */
352
353 memcpy(ptr, sp->cooked_buf + 1, count);
354 skb->protocol = ax25_type_trans(skb, sp->dev);
355 netif_rx(skb);
356 sp->dev->stats.rx_packets++;
357
358 return;
359
360 out_mem:
361 sp->dev->stats.rx_dropped++;
362 }
363
364
365 /* ----------------------------------------------------------------------- */
366
367 /*
368 * We have a potential race on dereferencing tty->disc_data, because the tty
369 * layer provides no locking at all - thus one cpu could be running
370 * sixpack_receive_buf while another calls sixpack_close, which zeroes
371 * tty->disc_data and frees the memory that sixpack_receive_buf is using. The
372 * best way to fix this is to use a rwlock in the tty struct, but for now we
373 * use a single global rwlock for all ttys in ppp line discipline.
374 */
375 static DEFINE_RWLOCK(disc_data_lock);
376
sp_get(struct tty_struct * tty)377 static struct sixpack *sp_get(struct tty_struct *tty)
378 {
379 struct sixpack *sp;
380
381 read_lock(&disc_data_lock);
382 sp = tty->disc_data;
383 if (sp)
384 refcount_inc(&sp->refcnt);
385 read_unlock(&disc_data_lock);
386
387 return sp;
388 }
389
sp_put(struct sixpack * sp)390 static void sp_put(struct sixpack *sp)
391 {
392 if (refcount_dec_and_test(&sp->refcnt))
393 complete(&sp->dead);
394 }
395
396 /*
397 * Called by the TTY driver when there's room for more data. If we have
398 * more packets to send, we send them here.
399 */
sixpack_write_wakeup(struct tty_struct * tty)400 static void sixpack_write_wakeup(struct tty_struct *tty)
401 {
402 struct sixpack *sp = sp_get(tty);
403 int actual;
404
405 if (!sp)
406 return;
407 if (sp->xleft <= 0) {
408 /* Now serial buffer is almost free & we can start
409 * transmission of another packet */
410 sp->dev->stats.tx_packets++;
411 clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
412 sp->tx_enable = 0;
413 netif_wake_queue(sp->dev);
414 goto out;
415 }
416
417 if (sp->tx_enable) {
418 actual = tty->ops->write(tty, sp->xhead, sp->xleft);
419 sp->xleft -= actual;
420 sp->xhead += actual;
421 }
422
423 out:
424 sp_put(sp);
425 }
426
427 /* ----------------------------------------------------------------------- */
428
429 /*
430 * Handle the 'receiver data ready' interrupt.
431 * This function is called by the tty module in the kernel when
432 * a block of 6pack data has been received, which can now be decapsulated
433 * and sent on to some IP layer for further processing.
434 */
sixpack_receive_buf(struct tty_struct * tty,const unsigned char * cp,char * fp,int count)435 static void sixpack_receive_buf(struct tty_struct *tty,
436 const unsigned char *cp, char *fp, int count)
437 {
438 struct sixpack *sp;
439 int count1;
440
441 if (!count)
442 return;
443
444 sp = sp_get(tty);
445 if (!sp)
446 return;
447
448 /* Read the characters out of the buffer */
449 count1 = count;
450 while (count) {
451 count--;
452 if (fp && *fp++) {
453 if (!test_and_set_bit(SIXPF_ERROR, &sp->flags))
454 sp->dev->stats.rx_errors++;
455 continue;
456 }
457 }
458 sixpack_decode(sp, cp, count1);
459
460 sp_put(sp);
461 tty_unthrottle(tty);
462 }
463
464 /*
465 * Try to resync the TNC. Called by the resync timer defined in
466 * decode_prio_command
467 */
468
469 #define TNC_UNINITIALIZED 0
470 #define TNC_UNSYNC_STARTUP 1
471 #define TNC_UNSYNCED 2
472 #define TNC_IN_SYNC 3
473
__tnc_set_sync_state(struct sixpack * sp,int new_tnc_state)474 static void __tnc_set_sync_state(struct sixpack *sp, int new_tnc_state)
475 {
476 char *msg;
477
478 switch (new_tnc_state) {
479 default: /* gcc oh piece-o-crap ... */
480 case TNC_UNSYNC_STARTUP:
481 msg = "Synchronizing with TNC";
482 break;
483 case TNC_UNSYNCED:
484 msg = "Lost synchronization with TNC\n";
485 break;
486 case TNC_IN_SYNC:
487 msg = "Found TNC";
488 break;
489 }
490
491 sp->tnc_state = new_tnc_state;
492 printk(KERN_INFO "%s: %s\n", sp->dev->name, msg);
493 }
494
tnc_set_sync_state(struct sixpack * sp,int new_tnc_state)495 static inline void tnc_set_sync_state(struct sixpack *sp, int new_tnc_state)
496 {
497 int old_tnc_state = sp->tnc_state;
498
499 if (old_tnc_state != new_tnc_state)
500 __tnc_set_sync_state(sp, new_tnc_state);
501 }
502
resync_tnc(struct timer_list * t)503 static void resync_tnc(struct timer_list *t)
504 {
505 struct sixpack *sp = from_timer(sp, t, resync_t);
506 static char resync_cmd = 0xe8;
507
508 /* clear any data that might have been received */
509
510 sp->rx_count = 0;
511 sp->rx_count_cooked = 0;
512
513 /* reset state machine */
514
515 sp->status = 1;
516 sp->status1 = 1;
517 sp->status2 = 0;
518
519 /* resync the TNC */
520
521 sp->led_state = 0x60;
522 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
523 sp->tty->ops->write(sp->tty, &resync_cmd, 1);
524
525
526 /* Start resync timer again -- the TNC might be still absent */
527 mod_timer(&sp->resync_t, jiffies + SIXP_RESYNC_TIMEOUT);
528 }
529
tnc_init(struct sixpack * sp)530 static inline int tnc_init(struct sixpack *sp)
531 {
532 unsigned char inbyte = 0xe8;
533
534 tnc_set_sync_state(sp, TNC_UNSYNC_STARTUP);
535
536 sp->tty->ops->write(sp->tty, &inbyte, 1);
537
538 mod_timer(&sp->resync_t, jiffies + SIXP_RESYNC_TIMEOUT);
539
540 return 0;
541 }
542
543 /*
544 * Open the high-level part of the 6pack channel.
545 * This function is called by the TTY module when the
546 * 6pack line discipline is called for. Because we are
547 * sure the tty line exists, we only have to link it to
548 * a free 6pcack channel...
549 */
sixpack_open(struct tty_struct * tty)550 static int sixpack_open(struct tty_struct *tty)
551 {
552 char *rbuff = NULL, *xbuff = NULL;
553 struct net_device *dev;
554 struct sixpack *sp;
555 unsigned long len;
556 int err = 0;
557
558 if (!capable(CAP_NET_ADMIN))
559 return -EPERM;
560 if (tty->ops->write == NULL)
561 return -EOPNOTSUPP;
562
563 dev = alloc_netdev(sizeof(struct sixpack), "sp%d", NET_NAME_UNKNOWN,
564 sp_setup);
565 if (!dev) {
566 err = -ENOMEM;
567 goto out;
568 }
569
570 sp = netdev_priv(dev);
571 sp->dev = dev;
572
573 spin_lock_init(&sp->lock);
574 refcount_set(&sp->refcnt, 1);
575 init_completion(&sp->dead);
576
577 /* !!! length of the buffers. MTU is IP MTU, not PACLEN! */
578
579 len = dev->mtu * 2;
580
581 rbuff = kmalloc(len + 4, GFP_KERNEL);
582 xbuff = kmalloc(len + 4, GFP_KERNEL);
583
584 if (rbuff == NULL || xbuff == NULL) {
585 err = -ENOBUFS;
586 goto out_free;
587 }
588
589 spin_lock_bh(&sp->lock);
590
591 sp->tty = tty;
592
593 sp->rbuff = rbuff;
594 sp->xbuff = xbuff;
595
596 sp->mtu = AX25_MTU + 73;
597 sp->buffsize = len;
598 sp->rcount = 0;
599 sp->rx_count = 0;
600 sp->rx_count_cooked = 0;
601 sp->xleft = 0;
602
603 sp->flags = 0; /* Clear ESCAPE & ERROR flags */
604
605 sp->duplex = 0;
606 sp->tx_delay = SIXP_TXDELAY;
607 sp->persistence = SIXP_PERSIST;
608 sp->slottime = SIXP_SLOTTIME;
609 sp->led_state = 0x60;
610 sp->status = 1;
611 sp->status1 = 1;
612 sp->status2 = 0;
613 sp->tx_enable = 0;
614
615 netif_start_queue(dev);
616
617 timer_setup(&sp->tx_t, sp_xmit_on_air, 0);
618
619 timer_setup(&sp->resync_t, resync_tnc, 0);
620
621 spin_unlock_bh(&sp->lock);
622
623 /* Done. We have linked the TTY line to a channel. */
624 tty->disc_data = sp;
625 tty->receive_room = 65536;
626
627 /* Now we're ready to register. */
628 err = register_netdev(dev);
629 if (err)
630 goto out_free;
631
632 tnc_init(sp);
633
634 return 0;
635
636 out_free:
637 kfree(xbuff);
638 kfree(rbuff);
639
640 free_netdev(dev);
641
642 out:
643 return err;
644 }
645
646
647 /*
648 * Close down a 6pack channel.
649 * This means flushing out any pending queues, and then restoring the
650 * TTY line discipline to what it was before it got hooked to 6pack
651 * (which usually is TTY again).
652 */
sixpack_close(struct tty_struct * tty)653 static void sixpack_close(struct tty_struct *tty)
654 {
655 struct sixpack *sp;
656
657 write_lock_bh(&disc_data_lock);
658 sp = tty->disc_data;
659 tty->disc_data = NULL;
660 write_unlock_bh(&disc_data_lock);
661 if (!sp)
662 return;
663
664 /*
665 * We have now ensured that nobody can start using ap from now on, but
666 * we have to wait for all existing users to finish.
667 */
668 if (!refcount_dec_and_test(&sp->refcnt))
669 wait_for_completion(&sp->dead);
670
671 /* We must stop the queue to avoid potentially scribbling
672 * on the free buffers. The sp->dead completion is not sufficient
673 * to protect us from sp->xbuff access.
674 */
675 netif_stop_queue(sp->dev);
676
677 del_timer_sync(&sp->tx_t);
678 del_timer_sync(&sp->resync_t);
679
680 /* Free all 6pack frame buffers. */
681 kfree(sp->rbuff);
682 kfree(sp->xbuff);
683
684 unregister_netdev(sp->dev);
685 }
686
687 /* Perform I/O control on an active 6pack channel. */
sixpack_ioctl(struct tty_struct * tty,struct file * file,unsigned int cmd,unsigned long arg)688 static int sixpack_ioctl(struct tty_struct *tty, struct file *file,
689 unsigned int cmd, unsigned long arg)
690 {
691 struct sixpack *sp = sp_get(tty);
692 struct net_device *dev;
693 unsigned int tmp, err;
694
695 if (!sp)
696 return -ENXIO;
697 dev = sp->dev;
698
699 switch(cmd) {
700 case SIOCGIFNAME:
701 err = copy_to_user((void __user *) arg, dev->name,
702 strlen(dev->name) + 1) ? -EFAULT : 0;
703 break;
704
705 case SIOCGIFENCAP:
706 err = put_user(0, (int __user *) arg);
707 break;
708
709 case SIOCSIFENCAP:
710 if (get_user(tmp, (int __user *) arg)) {
711 err = -EFAULT;
712 break;
713 }
714
715 sp->mode = tmp;
716 dev->addr_len = AX25_ADDR_LEN;
717 dev->hard_header_len = AX25_KISS_HEADER_LEN +
718 AX25_MAX_HEADER_LEN + 3;
719 dev->type = ARPHRD_AX25;
720
721 err = 0;
722 break;
723
724 case SIOCSIFHWADDR: {
725 char addr[AX25_ADDR_LEN];
726
727 if (copy_from_user(&addr,
728 (void __user *) arg, AX25_ADDR_LEN)) {
729 err = -EFAULT;
730 break;
731 }
732
733 netif_tx_lock_bh(dev);
734 memcpy(dev->dev_addr, &addr, AX25_ADDR_LEN);
735 netif_tx_unlock_bh(dev);
736
737 err = 0;
738 break;
739 }
740
741 default:
742 err = tty_mode_ioctl(tty, file, cmd, arg);
743 }
744
745 sp_put(sp);
746
747 return err;
748 }
749
750 static struct tty_ldisc_ops sp_ldisc = {
751 .owner = THIS_MODULE,
752 .magic = TTY_LDISC_MAGIC,
753 .name = "6pack",
754 .open = sixpack_open,
755 .close = sixpack_close,
756 .ioctl = sixpack_ioctl,
757 .receive_buf = sixpack_receive_buf,
758 .write_wakeup = sixpack_write_wakeup,
759 };
760
761 /* Initialize 6pack control device -- register 6pack line discipline */
762
763 static const char msg_banner[] __initconst = KERN_INFO \
764 "AX.25: 6pack driver, " SIXPACK_VERSION "\n";
765 static const char msg_regfail[] __initconst = KERN_ERR \
766 "6pack: can't register line discipline (err = %d)\n";
767
sixpack_init_driver(void)768 static int __init sixpack_init_driver(void)
769 {
770 int status;
771
772 printk(msg_banner);
773
774 /* Register the provided line protocol discipline */
775 if ((status = tty_register_ldisc(N_6PACK, &sp_ldisc)) != 0)
776 printk(msg_regfail, status);
777
778 return status;
779 }
780
781 static const char msg_unregfail[] = KERN_ERR \
782 "6pack: can't unregister line discipline (err = %d)\n";
783
sixpack_exit_driver(void)784 static void __exit sixpack_exit_driver(void)
785 {
786 int ret;
787
788 if ((ret = tty_unregister_ldisc(N_6PACK)))
789 printk(msg_unregfail, ret);
790 }
791
792 /* encode an AX.25 packet into 6pack */
793
encode_sixpack(unsigned char * tx_buf,unsigned char * tx_buf_raw,int length,unsigned char tx_delay)794 static int encode_sixpack(unsigned char *tx_buf, unsigned char *tx_buf_raw,
795 int length, unsigned char tx_delay)
796 {
797 int count = 0;
798 unsigned char checksum = 0, buf[400];
799 int raw_count = 0;
800
801 tx_buf_raw[raw_count++] = SIXP_PRIO_CMD_MASK | SIXP_TX_MASK;
802 tx_buf_raw[raw_count++] = SIXP_SEOF;
803
804 buf[0] = tx_delay;
805 for (count = 1; count < length; count++)
806 buf[count] = tx_buf[count];
807
808 for (count = 0; count < length; count++)
809 checksum += buf[count];
810 buf[length] = (unsigned char) 0xff - checksum;
811
812 for (count = 0; count <= length; count++) {
813 if ((count % 3) == 0) {
814 tx_buf_raw[raw_count++] = (buf[count] & 0x3f);
815 tx_buf_raw[raw_count] = ((buf[count] >> 2) & 0x30);
816 } else if ((count % 3) == 1) {
817 tx_buf_raw[raw_count++] |= (buf[count] & 0x0f);
818 tx_buf_raw[raw_count] = ((buf[count] >> 2) & 0x3c);
819 } else {
820 tx_buf_raw[raw_count++] |= (buf[count] & 0x03);
821 tx_buf_raw[raw_count++] = (buf[count] >> 2);
822 }
823 }
824 if ((length % 3) != 2)
825 raw_count++;
826 tx_buf_raw[raw_count++] = SIXP_SEOF;
827 return raw_count;
828 }
829
830 /* decode 4 sixpack-encoded bytes into 3 data bytes */
831
decode_data(struct sixpack * sp,unsigned char inbyte)832 static void decode_data(struct sixpack *sp, unsigned char inbyte)
833 {
834 unsigned char *buf;
835
836 if (sp->rx_count != 3) {
837 sp->raw_buf[sp->rx_count++] = inbyte;
838
839 return;
840 }
841
842 buf = sp->raw_buf;
843 sp->cooked_buf[sp->rx_count_cooked++] =
844 buf[0] | ((buf[1] << 2) & 0xc0);
845 sp->cooked_buf[sp->rx_count_cooked++] =
846 (buf[1] & 0x0f) | ((buf[2] << 2) & 0xf0);
847 sp->cooked_buf[sp->rx_count_cooked++] =
848 (buf[2] & 0x03) | (inbyte << 2);
849 sp->rx_count = 0;
850 }
851
852 /* identify and execute a 6pack priority command byte */
853
decode_prio_command(struct sixpack * sp,unsigned char cmd)854 static void decode_prio_command(struct sixpack *sp, unsigned char cmd)
855 {
856 int actual;
857
858 if ((cmd & SIXP_PRIO_DATA_MASK) != 0) { /* idle ? */
859
860 /* RX and DCD flags can only be set in the same prio command,
861 if the DCD flag has been set without the RX flag in the previous
862 prio command. If DCD has not been set before, something in the
863 transmission has gone wrong. In this case, RX and DCD are
864 cleared in order to prevent the decode_data routine from
865 reading further data that might be corrupt. */
866
867 if (((sp->status & SIXP_DCD_MASK) == 0) &&
868 ((cmd & SIXP_RX_DCD_MASK) == SIXP_RX_DCD_MASK)) {
869 if (sp->status != 1)
870 printk(KERN_DEBUG "6pack: protocol violation\n");
871 else
872 sp->status = 0;
873 cmd &= ~SIXP_RX_DCD_MASK;
874 }
875 sp->status = cmd & SIXP_PRIO_DATA_MASK;
876 } else { /* output watchdog char if idle */
877 if ((sp->status2 != 0) && (sp->duplex == 1)) {
878 sp->led_state = 0x70;
879 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
880 sp->tx_enable = 1;
881 actual = sp->tty->ops->write(sp->tty, sp->xbuff, sp->status2);
882 sp->xleft -= actual;
883 sp->xhead += actual;
884 sp->led_state = 0x60;
885 sp->status2 = 0;
886
887 }
888 }
889
890 /* needed to trigger the TNC watchdog */
891 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
892
893 /* if the state byte has been received, the TNC is present,
894 so the resync timer can be reset. */
895
896 if (sp->tnc_state == TNC_IN_SYNC)
897 mod_timer(&sp->resync_t, jiffies + SIXP_INIT_RESYNC_TIMEOUT);
898
899 sp->status1 = cmd & SIXP_PRIO_DATA_MASK;
900 }
901
902 /* identify and execute a standard 6pack command byte */
903
decode_std_command(struct sixpack * sp,unsigned char cmd)904 static void decode_std_command(struct sixpack *sp, unsigned char cmd)
905 {
906 unsigned char checksum = 0, rest = 0;
907 short i;
908
909 switch (cmd & SIXP_CMD_MASK) { /* normal command */
910 case SIXP_SEOF:
911 if ((sp->rx_count == 0) && (sp->rx_count_cooked == 0)) {
912 if ((sp->status & SIXP_RX_DCD_MASK) ==
913 SIXP_RX_DCD_MASK) {
914 sp->led_state = 0x68;
915 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
916 }
917 } else {
918 sp->led_state = 0x60;
919 /* fill trailing bytes with zeroes */
920 sp->tty->ops->write(sp->tty, &sp->led_state, 1);
921 rest = sp->rx_count;
922 if (rest != 0)
923 for (i = rest; i <= 3; i++)
924 decode_data(sp, 0);
925 if (rest == 2)
926 sp->rx_count_cooked -= 2;
927 else if (rest == 3)
928 sp->rx_count_cooked -= 1;
929 for (i = 0; i < sp->rx_count_cooked; i++)
930 checksum += sp->cooked_buf[i];
931 if (checksum != SIXP_CHKSUM) {
932 printk(KERN_DEBUG "6pack: bad checksum %2.2x\n", checksum);
933 } else {
934 sp->rcount = sp->rx_count_cooked-2;
935 sp_bump(sp, 0);
936 }
937 sp->rx_count_cooked = 0;
938 }
939 break;
940 case SIXP_TX_URUN: printk(KERN_DEBUG "6pack: TX underrun\n");
941 break;
942 case SIXP_RX_ORUN: printk(KERN_DEBUG "6pack: RX overrun\n");
943 break;
944 case SIXP_RX_BUF_OVL:
945 printk(KERN_DEBUG "6pack: RX buffer overflow\n");
946 }
947 }
948
949 /* decode a 6pack packet */
950
951 static void
sixpack_decode(struct sixpack * sp,const unsigned char * pre_rbuff,int count)952 sixpack_decode(struct sixpack *sp, const unsigned char *pre_rbuff, int count)
953 {
954 unsigned char inbyte;
955 int count1;
956
957 for (count1 = 0; count1 < count; count1++) {
958 inbyte = pre_rbuff[count1];
959 if (inbyte == SIXP_FOUND_TNC) {
960 tnc_set_sync_state(sp, TNC_IN_SYNC);
961 del_timer(&sp->resync_t);
962 }
963 if ((inbyte & SIXP_PRIO_CMD_MASK) != 0)
964 decode_prio_command(sp, inbyte);
965 else if ((inbyte & SIXP_STD_CMD_MASK) != 0)
966 decode_std_command(sp, inbyte);
967 else if ((sp->status & SIXP_RX_DCD_MASK) == SIXP_RX_DCD_MASK)
968 decode_data(sp, inbyte);
969 }
970 }
971
972 MODULE_AUTHOR("Ralf Baechle DO1GRB <ralf@linux-mips.org>");
973 MODULE_DESCRIPTION("6pack driver for AX.25");
974 MODULE_LICENSE("GPL");
975 MODULE_ALIAS_LDISC(N_6PACK);
976
977 module_init(sixpack_init_driver);
978 module_exit(sixpack_exit_driver);
979