xen-netfront: Avoid deref'ing skbafter it is potentially freed.
[linux-2.6] / drivers / net / irda / irtty-sir.c
1 /*********************************************************************
2  *                
3  * Filename:      irtty-sir.c
4  * Version:       2.0
5  * Description:   IrDA line discipline implementation
6  * Status:        Experimental.
7  * Author:        Dag Brattli <dagb@cs.uit.no>
8  * Created at:    Tue Dec  9 21:18:38 1997
9  * Modified at:   Sun Oct 27 22:13:30 2002
10  * Modified by:   Martin Diehl <mad@mdiehl.de>
11  * Sources:       slip.c by Laurence Culhane,   <loz@holmes.demon.co.uk>
12  *                          Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
13  * 
14  *     Copyright (c) 1998-2000 Dag Brattli,
15  *     Copyright (c) 2002 Martin Diehl,
16  *     All Rights Reserved.
17  *      
18  *     This program is free software; you can redistribute it and/or 
19  *     modify it under the terms of the GNU General Public License as 
20  *     published by the Free Software Foundation; either version 2 of 
21  *     the License, or (at your option) any later version.
22  *  
23  *     Neither Dag Brattli nor University of Tromsø admit liability nor
24  *     provide warranty for any of this software. This material is 
25  *     provided "AS-IS" and at no charge.
26  *     
27  ********************************************************************/    
28
29 #include <linux/module.h>
30 #include <linux/kernel.h>
31 #include <linux/tty.h>
32 #include <linux/init.h>
33 #include <asm/uaccess.h>
34 #include <linux/smp_lock.h>
35 #include <linux/delay.h>
36 #include <linux/mutex.h>
37
38 #include <net/irda/irda.h>
39 #include <net/irda/irda_device.h>
40
41 #include "sir-dev.h"
42 #include "irtty-sir.h"
43
44 static int qos_mtt_bits = 0x03;      /* 5 ms or more */
45
46 module_param(qos_mtt_bits, int, 0);
47 MODULE_PARM_DESC(qos_mtt_bits, "Minimum Turn Time");
48
49 /* ------------------------------------------------------- */
50
51 /* device configuration callbacks always invoked with irda-thread context */
52
53 /* find out, how many chars we have in buffers below us
54  * this is allowed to lie, i.e. return less chars than we
55  * actually have. The returned value is used to determine
56  * how long the irdathread should wait before doing the
57  * real blocking wait_until_sent()
58  */
59
60 static int irtty_chars_in_buffer(struct sir_dev *dev)
61 {
62         struct sirtty_cb *priv = dev->priv;
63
64         IRDA_ASSERT(priv != NULL, return -1;);
65         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return -1;);
66
67         return priv->tty->driver->chars_in_buffer(priv->tty);
68 }
69
70 /* Wait (sleep) until underlaying hardware finished transmission
71  * i.e. hardware buffers are drained
72  * this must block and not return before all characters are really sent
73  *
74  * If the tty sits on top of a 16550A-like uart, there are typically
75  * up to 16 bytes in the fifo - f.e. 9600 bps 8N1 needs 16.7 msec
76  *
77  * With usbserial the uart-fifo is basically replaced by the converter's
78  * outgoing endpoint buffer, which can usually hold 64 bytes (at least).
79  * With pl2303 it appears we are safe with 60msec here.
80  *
81  * I really wish all serial drivers would provide
82  * correct implementation of wait_until_sent()
83  */
84
85 #define USBSERIAL_TX_DONE_DELAY 60
86
87 static void irtty_wait_until_sent(struct sir_dev *dev)
88 {
89         struct sirtty_cb *priv = dev->priv;
90         struct tty_struct *tty;
91
92         IRDA_ASSERT(priv != NULL, return;);
93         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return;);
94
95         tty = priv->tty;
96         if (tty->driver->wait_until_sent) {
97                 lock_kernel();
98                 tty->driver->wait_until_sent(tty, msecs_to_jiffies(100));
99                 unlock_kernel();
100         }
101         else {
102                 msleep(USBSERIAL_TX_DONE_DELAY);
103         }
104 }
105
106 /* 
107  *  Function irtty_change_speed (dev, speed)
108  *
109  *    Change the speed of the serial port.
110  *
111  * This may sleep in set_termios (usbserial driver f.e.) and must
112  * not be called from interrupt/timer/tasklet therefore.
113  * All such invocations are deferred to kIrDAd now so we can sleep there.
114  */
115
116 static int irtty_change_speed(struct sir_dev *dev, unsigned speed)
117 {
118         struct sirtty_cb *priv = dev->priv;
119         struct tty_struct *tty;
120         struct ktermios old_termios;
121         int cflag;
122
123         IRDA_ASSERT(priv != NULL, return -1;);
124         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return -1;);
125
126         tty = priv->tty;
127
128         lock_kernel();
129         old_termios = *(tty->termios);
130         cflag = tty->termios->c_cflag;
131
132         cflag &= ~CBAUD;
133
134         IRDA_DEBUG(2, "%s(), Setting speed to %d\n", __FUNCTION__, speed);
135
136         switch (speed) {
137         case 1200:
138                 cflag |= B1200;
139                 break;
140         case 2400:
141                 cflag |= B2400;
142                 break;
143         case 4800:
144                 cflag |= B4800;
145                 break;
146         case 19200:
147                 cflag |= B19200;
148                 break;
149         case 38400:
150                 cflag |= B38400;
151                 break;
152         case 57600:
153                 cflag |= B57600;
154                 break;
155         case 115200:
156                 cflag |= B115200;
157                 break;
158         case 9600:
159         default:
160                 cflag |= B9600;
161                 break;
162         }       
163
164         tty->termios->c_cflag = cflag;
165         if (tty->driver->set_termios)
166                 tty->driver->set_termios(tty, &old_termios);
167         unlock_kernel();
168
169         priv->io.speed = speed;
170
171         return 0;
172 }
173
174 /*
175  * Function irtty_set_dtr_rts (dev, dtr, rts)
176  *
177  *    This function can be used by dongles etc. to set or reset the status
178  *    of the dtr and rts lines
179  */
180
181 static int irtty_set_dtr_rts(struct sir_dev *dev, int dtr, int rts)
182 {
183         struct sirtty_cb *priv = dev->priv;
184         int set = 0;
185         int clear = 0;
186
187         IRDA_ASSERT(priv != NULL, return -1;);
188         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return -1;);
189
190         if (rts)
191                 set |= TIOCM_RTS;
192         else
193                 clear |= TIOCM_RTS;
194         if (dtr)
195                 set |= TIOCM_DTR;
196         else
197                 clear |= TIOCM_DTR;
198
199         /*
200          * We can't use ioctl() because it expects a non-null file structure,
201          * and we don't have that here.
202          * This function is not yet defined for all tty driver, so
203          * let's be careful... Jean II
204          */
205         IRDA_ASSERT(priv->tty->driver->tiocmset != NULL, return -1;);
206         priv->tty->driver->tiocmset(priv->tty, NULL, set, clear);
207
208         return 0;
209 }
210
211 /* ------------------------------------------------------- */
212
213 /* called from sir_dev when there is more data to send
214  * context is either netdev->hard_xmit or some transmit-completion bh
215  * i.e. we are under spinlock here and must not sleep.
216  */
217
218 static int irtty_do_write(struct sir_dev *dev, const unsigned char *ptr, size_t len)
219 {
220         struct sirtty_cb *priv = dev->priv;
221         struct tty_struct *tty;
222         int writelen;
223
224         IRDA_ASSERT(priv != NULL, return -1;);
225         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return -1;);
226
227         tty = priv->tty;
228         if (!tty->driver->write)
229                 return 0;
230         tty->flags |= (1 << TTY_DO_WRITE_WAKEUP);
231         if (tty->driver->write_room) {
232                 writelen = tty->driver->write_room(tty);
233                 if (writelen > len)
234                         writelen = len;
235         }
236         else
237                 writelen = len;
238         return tty->driver->write(tty, ptr, writelen);
239 }
240
241 /* ------------------------------------------------------- */
242
243 /* irda line discipline callbacks */
244
245 /* 
246  *  Function irtty_receive_buf( tty, cp, count)
247  *
248  *    Handle the 'receiver data ready' interrupt.  This function is called
249  *    by the 'tty_io' module in the kernel when a block of IrDA data has
250  *    been received, which can now be decapsulated and delivered for
251  *    further processing 
252  *
253  * calling context depends on underlying driver and tty->low_latency!
254  * for example (low_latency: 1 / 0):
255  * serial.c:    uart-interrupt / softint
256  * usbserial:   urb-complete-interrupt / softint
257  */
258
259 static void irtty_receive_buf(struct tty_struct *tty, const unsigned char *cp,
260                               char *fp, int count) 
261 {
262         struct sir_dev *dev;
263         struct sirtty_cb *priv = tty->disc_data;
264         int     i;
265
266         IRDA_ASSERT(priv != NULL, return;);
267         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return;);
268
269         if (unlikely(count==0))         /* yes, this happens */
270                 return;
271
272         dev = priv->dev;
273         if (!dev) {
274                 IRDA_WARNING("%s(), not ready yet!\n", __FUNCTION__);
275                 return;
276         }
277
278         for (i = 0; i < count; i++) {
279                 /* 
280                  *  Characters received with a parity error, etc?
281                  */
282                 if (fp && *fp++) { 
283                         IRDA_DEBUG(0, "Framing or parity error!\n");
284                         sirdev_receive(dev, NULL, 0);   /* notify sir_dev (updating stats) */
285                         return;
286                 }
287         }
288
289         sirdev_receive(dev, cp, count);
290 }
291
292 /*
293  * Function irtty_write_wakeup (tty)
294  *
295  *    Called by the driver when there's room for more data.  If we have
296  *    more packets to send, we send them here.
297  *
298  */
299 static void irtty_write_wakeup(struct tty_struct *tty) 
300 {
301         struct sirtty_cb *priv = tty->disc_data;
302
303         IRDA_ASSERT(priv != NULL, return;);
304         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return;);
305
306         tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
307
308         if (priv->dev)
309                 sirdev_write_complete(priv->dev);
310 }
311
312 /* ------------------------------------------------------- */
313
314 /*
315  * Function irtty_stop_receiver (tty, stop)
316  *
317  */
318
319 static inline void irtty_stop_receiver(struct tty_struct *tty, int stop)
320 {
321         struct ktermios old_termios;
322         int cflag;
323
324         lock_kernel();
325         old_termios = *(tty->termios);
326         cflag = tty->termios->c_cflag;
327         
328         if (stop)
329                 cflag &= ~CREAD;
330         else
331                 cflag |= CREAD;
332
333         tty->termios->c_cflag = cflag;
334         if (tty->driver->set_termios)
335                 tty->driver->set_termios(tty, &old_termios);
336         unlock_kernel();
337 }
338
339 /*****************************************************************/
340
341 /* serialize ldisc open/close with sir_dev */
342 static DEFINE_MUTEX(irtty_mutex);
343
344 /* notifier from sir_dev when irda% device gets opened (ifup) */
345
346 static int irtty_start_dev(struct sir_dev *dev)
347 {
348         struct sirtty_cb *priv;
349         struct tty_struct *tty;
350
351         /* serialize with ldisc open/close */
352         mutex_lock(&irtty_mutex);
353
354         priv = dev->priv;
355         if (unlikely(!priv || priv->magic!=IRTTY_MAGIC)) {
356                 mutex_unlock(&irtty_mutex);
357                 return -ESTALE;
358         }
359
360         tty = priv->tty;
361
362         if (tty->driver->start)
363                 tty->driver->start(tty);
364         /* Make sure we can receive more data */
365         irtty_stop_receiver(tty, FALSE);
366
367         mutex_unlock(&irtty_mutex);
368         return 0;
369 }
370
371 /* notifier from sir_dev when irda% device gets closed (ifdown) */
372
373 static int irtty_stop_dev(struct sir_dev *dev)
374 {
375         struct sirtty_cb *priv;
376         struct tty_struct *tty;
377
378         /* serialize with ldisc open/close */
379         mutex_lock(&irtty_mutex);
380
381         priv = dev->priv;
382         if (unlikely(!priv || priv->magic!=IRTTY_MAGIC)) {
383                 mutex_unlock(&irtty_mutex);
384                 return -ESTALE;
385         }
386
387         tty = priv->tty;
388
389         /* Make sure we don't receive more data */
390         irtty_stop_receiver(tty, TRUE);
391         if (tty->driver->stop)
392                 tty->driver->stop(tty);
393
394         mutex_unlock(&irtty_mutex);
395
396         return 0;
397 }
398
399 /* ------------------------------------------------------- */
400
401 static struct sir_driver sir_tty_drv = {
402         .owner                  = THIS_MODULE,
403         .driver_name            = "sir_tty",
404         .start_dev              = irtty_start_dev,
405         .stop_dev               = irtty_stop_dev,
406         .do_write               = irtty_do_write,
407         .chars_in_buffer        = irtty_chars_in_buffer,
408         .wait_until_sent        = irtty_wait_until_sent,
409         .set_speed              = irtty_change_speed,
410         .set_dtr_rts            = irtty_set_dtr_rts,
411 };
412
413 /* ------------------------------------------------------- */
414
415 /*
416  * Function irtty_ioctl (tty, file, cmd, arg)
417  *
418  *     The Swiss army knife of system calls :-)
419  *
420  */
421 static int irtty_ioctl(struct tty_struct *tty, struct file *file, unsigned int cmd, unsigned long arg)
422 {
423         struct irtty_info { char name[6]; } info;
424         struct sir_dev *dev;
425         struct sirtty_cb *priv = tty->disc_data;
426         int err = 0;
427
428         IRDA_ASSERT(priv != NULL, return -ENODEV;);
429         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return -EBADR;);
430
431         IRDA_DEBUG(3, "%s(cmd=0x%X)\n", __FUNCTION__, cmd);
432
433         dev = priv->dev;
434         IRDA_ASSERT(dev != NULL, return -1;);
435
436         switch (cmd) {
437         case TCGETS:
438         case TCGETA:
439                 err = n_tty_ioctl(tty, file, cmd, arg);
440                 break;
441
442         case IRTTY_IOCTDONGLE:
443                 /* this call blocks for completion */
444                 err = sirdev_set_dongle(dev, (IRDA_DONGLE) arg);
445                 break;
446
447         case IRTTY_IOCGET:
448                 IRDA_ASSERT(dev->netdev != NULL, return -1;);
449
450                 memset(&info, 0, sizeof(info)); 
451                 strncpy(info.name, dev->netdev->name, sizeof(info.name)-1);
452
453                 if (copy_to_user((void __user *)arg, &info, sizeof(info)))
454                         err = -EFAULT;
455                 break;
456         default:
457                 err = -ENOIOCTLCMD;
458                 break;
459         }
460         return err;
461 }
462
463
464 /* 
465  *  Function irtty_open(tty)
466  *
467  *    This function is called by the TTY module when the IrDA line
468  *    discipline is called for.  Because we are sure the tty line exists,
469  *    we only have to link it to a free IrDA channel.  
470  */
471 static int irtty_open(struct tty_struct *tty) 
472 {
473         struct sir_dev *dev;
474         struct sirtty_cb *priv;
475         int ret = 0;
476
477         /* Module stuff handled via irda_ldisc.owner - Jean II */
478
479         /* First make sure we're not already connected. */
480         if (tty->disc_data != NULL) {
481                 priv = tty->disc_data;
482                 if (priv && priv->magic == IRTTY_MAGIC) {
483                         ret = -EEXIST;
484                         goto out;
485                 }
486                 tty->disc_data = NULL;          /* ### */
487         }
488
489         /* stop the underlying  driver */
490         irtty_stop_receiver(tty, TRUE);
491         if (tty->driver->stop)
492                 tty->driver->stop(tty);
493
494         if (tty->driver->flush_buffer)
495                 tty->driver->flush_buffer(tty);
496         
497         /* apply mtt override */
498         sir_tty_drv.qos_mtt_bits = qos_mtt_bits;
499
500         /* get a sir device instance for this driver */
501         dev = sirdev_get_instance(&sir_tty_drv, tty->name);
502         if (!dev) {
503                 ret = -ENODEV;
504                 goto out;
505         }
506
507         /* allocate private device info block */
508         priv = kzalloc(sizeof(*priv), GFP_KERNEL);
509         if (!priv)
510                 goto out_put;
511
512         priv->magic = IRTTY_MAGIC;
513         priv->tty = tty;
514         priv->dev = dev;
515
516         /* serialize with start_dev - in case we were racing with ifup */
517         mutex_lock(&irtty_mutex);
518
519         dev->priv = priv;
520         tty->disc_data = priv;
521         tty->receive_room = 65536;
522
523         mutex_unlock(&irtty_mutex);
524
525         IRDA_DEBUG(0, "%s - %s: irda line discipline opened\n", __FUNCTION__, tty->name);
526
527         return 0;
528
529 out_put:
530         sirdev_put_instance(dev);
531 out:
532         return ret;
533 }
534
535 /* 
536  *  Function irtty_close (tty)
537  *
538  *    Close down a IrDA channel. This means flushing out any pending queues,
539  *    and then restoring the TTY line discipline to what it was before it got
540  *    hooked to IrDA (which usually is TTY again).  
541  */
542 static void irtty_close(struct tty_struct *tty) 
543 {
544         struct sirtty_cb *priv = tty->disc_data;
545
546         IRDA_ASSERT(priv != NULL, return;);
547         IRDA_ASSERT(priv->magic == IRTTY_MAGIC, return;);
548
549         /* Hm, with a dongle attached the dongle driver wants
550          * to close the dongle - which requires the use of
551          * some tty write and/or termios or ioctl operations.
552          * Are we allowed to call those when already requested
553          * to shutdown the ldisc?
554          * If not, we should somehow mark the dev being staled.
555          * Question remains, how to close the dongle in this case...
556          * For now let's assume we are granted to issue tty driver calls
557          * until we return here from the ldisc close. I'm just wondering
558          * how this behaves with hotpluggable serial hardware like
559          * rs232-pcmcia card or usb-serial...
560          *
561          * priv->tty = NULL?;
562          */
563
564         /* we are dead now */
565         tty->disc_data = NULL;
566
567         sirdev_put_instance(priv->dev);
568
569         /* Stop tty */
570         irtty_stop_receiver(tty, TRUE);
571         tty->flags &= ~(1 << TTY_DO_WRITE_WAKEUP);
572         if (tty->driver->stop)
573                 tty->driver->stop(tty);
574
575         kfree(priv);
576
577         IRDA_DEBUG(0, "%s - %s: irda line discipline closed\n", __FUNCTION__, tty->name);
578 }
579
580 /* ------------------------------------------------------- */
581
582 static struct tty_ldisc irda_ldisc = {
583         .magic          = TTY_LDISC_MAGIC,
584         .name           = "irda",
585         .flags          = 0,
586         .open           = irtty_open,
587         .close          = irtty_close,
588         .read           = NULL,
589         .write          = NULL,
590         .ioctl          = irtty_ioctl,
591         .poll           = NULL,
592         .receive_buf    = irtty_receive_buf,
593         .write_wakeup   = irtty_write_wakeup,
594         .owner          = THIS_MODULE,
595 };
596
597 /* ------------------------------------------------------- */
598
599 static int __init irtty_sir_init(void)
600 {
601         int err;
602
603         if ((err = tty_register_ldisc(N_IRDA, &irda_ldisc)) != 0)
604                 IRDA_ERROR("IrDA: can't register line discipline (err = %d)\n",
605                            err);
606         return err;
607 }
608
609 static void __exit irtty_sir_cleanup(void) 
610 {
611         int err;
612
613         if ((err = tty_unregister_ldisc(N_IRDA))) {
614                 IRDA_ERROR("%s(), can't unregister line discipline (err = %d)\n",
615                            __FUNCTION__, err);
616         }
617 }
618
619 module_init(irtty_sir_init);
620 module_exit(irtty_sir_cleanup);
621
622 MODULE_AUTHOR("Dag Brattli <dagb@cs.uit.no>");
623 MODULE_DESCRIPTION("IrDA TTY device driver");
624 MODULE_ALIAS_LDISC(N_IRDA);
625 MODULE_LICENSE("GPL");
626