[ALSA] Fix use after free in opl3_seq and opl3_oss
[linux-2.6] / net / irda / irlap.c
1 /*********************************************************************
2  *
3  * Filename:      irlap.c
4  * Version:       1.0
5  * Description:   IrLAP implementation for Linux
6  * Status:        Stable
7  * Author:        Dag Brattli <dagb@cs.uit.no>
8  * Created at:    Mon Aug  4 20:40:53 1997
9  * Modified at:   Tue Dec 14 09:26:44 1999
10  * Modified by:   Dag Brattli <dagb@cs.uit.no>
11  *
12  *     Copyright (c) 1998-1999 Dag Brattli, All Rights Reserved.
13  *     Copyright (c) 2000-2003 Jean Tourrilhes <jt@hpl.hp.com>
14  *
15  *     This program is free software; you can redistribute it and/or
16  *     modify it under the terms of the GNU General Public License as
17  *     published by the Free Software Foundation; either version 2 of
18  *     the License, or (at your option) any later version.
19  *
20  *     This program is distributed in the hope that it will be useful,
21  *     but WITHOUT ANY WARRANTY; without even the implied warranty of
22  *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23  *     GNU General Public License for more details.
24  *
25  *     You should have received a copy of the GNU General Public License
26  *     along with this program; if not, write to the Free Software
27  *     Foundation, Inc., 59 Temple Place, Suite 330, Boston,
28  *     MA 02111-1307 USA
29  *
30  ********************************************************************/
31
32 #include <linux/config.h>
33 #include <linux/slab.h>
34 #include <linux/string.h>
35 #include <linux/skbuff.h>
36 #include <linux/delay.h>
37 #include <linux/proc_fs.h>
38 #include <linux/init.h>
39 #include <linux/random.h>
40 #include <linux/module.h>
41 #include <linux/seq_file.h>
42
43 #include <net/irda/irda.h>
44 #include <net/irda/irda_device.h>
45 #include <net/irda/irqueue.h>
46 #include <net/irda/irlmp.h>
47 #include <net/irda/irlmp_frame.h>
48 #include <net/irda/irlap_frame.h>
49 #include <net/irda/irlap.h>
50 #include <net/irda/timer.h>
51 #include <net/irda/qos.h>
52
53 static hashbin_t *irlap = NULL;
54 int sysctl_slot_timeout = SLOT_TIMEOUT * 1000 / HZ;
55
56 /* This is the delay of missed pf period before generating an event
57  * to the application. The spec mandate 3 seconds, but in some cases
58  * it's way too long. - Jean II */
59 int sysctl_warn_noreply_time = 3;
60
61 extern void irlap_queue_xmit(struct irlap_cb *self, struct sk_buff *skb);
62 static void __irlap_close(struct irlap_cb *self);
63 static void irlap_init_qos_capabilities(struct irlap_cb *self,
64                                         struct qos_info *qos_user);
65
66 #ifdef CONFIG_IRDA_DEBUG
67 static char *lap_reasons[] = {
68         "ERROR, NOT USED",
69         "LAP_DISC_INDICATION",
70         "LAP_NO_RESPONSE",
71         "LAP_RESET_INDICATION",
72         "LAP_FOUND_NONE",
73         "LAP_MEDIA_BUSY",
74         "LAP_PRIMARY_CONFLICT",
75         "ERROR, NOT USED",
76 };
77 #endif  /* CONFIG_IRDA_DEBUG */
78
79 int __init irlap_init(void)
80 {
81         /* Check if the compiler did its job properly.
82          * May happen on some ARM configuration, check with Russell King. */
83         IRDA_ASSERT(sizeof(struct xid_frame) == 14, ;);
84         IRDA_ASSERT(sizeof(struct test_frame) == 10, ;);
85         IRDA_ASSERT(sizeof(struct ua_frame) == 10, ;);
86         IRDA_ASSERT(sizeof(struct snrm_frame) == 11, ;);
87
88         /* Allocate master array */
89         irlap = hashbin_new(HB_LOCK);
90         if (irlap == NULL) {
91                 IRDA_ERROR("%s: can't allocate irlap hashbin!\n",
92                            __FUNCTION__);
93                 return -ENOMEM;
94         }
95
96         return 0;
97 }
98
99 void __exit irlap_cleanup(void)
100 {
101         IRDA_ASSERT(irlap != NULL, return;);
102
103         hashbin_delete(irlap, (FREE_FUNC) __irlap_close);
104 }
105
106 /*
107  * Function irlap_open (driver)
108  *
109  *    Initialize IrLAP layer
110  *
111  */
112 struct irlap_cb *irlap_open(struct net_device *dev, struct qos_info *qos,
113                             const char *hw_name)
114 {
115         struct irlap_cb *self;
116
117         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
118
119         /* Initialize the irlap structure. */
120         self = kmalloc(sizeof(struct irlap_cb), GFP_KERNEL);
121         if (self == NULL)
122                 return NULL;
123
124         memset(self, 0, sizeof(struct irlap_cb));
125         self->magic = LAP_MAGIC;
126
127         /* Make a binding between the layers */
128         self->netdev = dev;
129         self->qos_dev = qos;
130         /* Copy hardware name */
131         if(hw_name != NULL) {
132                 strlcpy(self->hw_name, hw_name, sizeof(self->hw_name));
133         } else {
134                 self->hw_name[0] = '\0';
135         }
136
137         /* FIXME: should we get our own field? */
138         dev->atalk_ptr = self;
139
140         self->state = LAP_OFFLINE;
141
142         /* Initialize transmit queue */
143         skb_queue_head_init(&self->txq);
144         skb_queue_head_init(&self->txq_ultra);
145         skb_queue_head_init(&self->wx_list);
146
147         /* My unique IrLAP device address! */
148         /* We don't want the broadcast address, neither the NULL address
149          * (most often used to signify "invalid"), and we don't want an
150          * address already in use (otherwise connect won't be able
151          * to select the proper link). - Jean II */
152         do {
153                 get_random_bytes(&self->saddr, sizeof(self->saddr));
154         } while ((self->saddr == 0x0) || (self->saddr == BROADCAST) ||
155                  (hashbin_lock_find(irlap, self->saddr, NULL)) );
156         /* Copy to the driver */
157         memcpy(dev->dev_addr, &self->saddr, 4);
158
159         init_timer(&self->slot_timer);
160         init_timer(&self->query_timer);
161         init_timer(&self->discovery_timer);
162         init_timer(&self->final_timer);
163         init_timer(&self->poll_timer);
164         init_timer(&self->wd_timer);
165         init_timer(&self->backoff_timer);
166         init_timer(&self->media_busy_timer);
167
168         irlap_apply_default_connection_parameters(self);
169
170         self->N3 = 3; /* # connections attemts to try before giving up */
171
172         self->state = LAP_NDM;
173
174         hashbin_insert(irlap, (irda_queue_t *) self, self->saddr, NULL);
175
176         irlmp_register_link(self, self->saddr, &self->notify);
177
178         return self;
179 }
180 EXPORT_SYMBOL(irlap_open);
181
182 /*
183  * Function __irlap_close (self)
184  *
185  *    Remove IrLAP and all allocated memory. Stop any pending timers.
186  *
187  */
188 static void __irlap_close(struct irlap_cb *self)
189 {
190         IRDA_ASSERT(self != NULL, return;);
191         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
192
193         /* Stop timers */
194         del_timer(&self->slot_timer);
195         del_timer(&self->query_timer);
196         del_timer(&self->discovery_timer);
197         del_timer(&self->final_timer);
198         del_timer(&self->poll_timer);
199         del_timer(&self->wd_timer);
200         del_timer(&self->backoff_timer);
201         del_timer(&self->media_busy_timer);
202
203         irlap_flush_all_queues(self);
204
205         self->magic = 0;
206
207         kfree(self);
208 }
209
210 /*
211  * Function irlap_close (self)
212  *
213  *    Remove IrLAP instance
214  *
215  */
216 void irlap_close(struct irlap_cb *self)
217 {
218         struct irlap_cb *lap;
219
220         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
221
222         IRDA_ASSERT(self != NULL, return;);
223         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
224
225         /* We used to send a LAP_DISC_INDICATION here, but this was
226          * racy. This has been move within irlmp_unregister_link()
227          * itself. Jean II */
228
229         /* Kill the LAP and all LSAPs on top of it */
230         irlmp_unregister_link(self->saddr);
231         self->notify.instance = NULL;
232
233         /* Be sure that we manage to remove ourself from the hash */
234         lap = hashbin_remove(irlap, self->saddr, NULL);
235         if (!lap) {
236                 IRDA_DEBUG(1, "%s(), Didn't find myself!\n", __FUNCTION__);
237                 return;
238         }
239         __irlap_close(lap);
240 }
241 EXPORT_SYMBOL(irlap_close);
242
243 /*
244  * Function irlap_connect_indication (self, skb)
245  *
246  *    Another device is attempting to make a connection
247  *
248  */
249 void irlap_connect_indication(struct irlap_cb *self, struct sk_buff *skb)
250 {
251         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
252
253         IRDA_ASSERT(self != NULL, return;);
254         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
255
256         irlap_init_qos_capabilities(self, NULL); /* No user QoS! */
257
258         irlmp_link_connect_indication(self->notify.instance, self->saddr,
259                                       self->daddr, &self->qos_tx, skb);
260 }
261
262 /*
263  * Function irlap_connect_response (self, skb)
264  *
265  *    Service user has accepted incoming connection
266  *
267  */
268 void irlap_connect_response(struct irlap_cb *self, struct sk_buff *userdata)
269 {
270         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
271
272         irlap_do_event(self, CONNECT_RESPONSE, userdata, NULL);
273 }
274
275 /*
276  * Function irlap_connect_request (self, daddr, qos_user, sniff)
277  *
278  *    Request connection with another device, sniffing is not implemented
279  *    yet.
280  *
281  */
282 void irlap_connect_request(struct irlap_cb *self, __u32 daddr,
283                            struct qos_info *qos_user, int sniff)
284 {
285         IRDA_DEBUG(3, "%s(), daddr=0x%08x\n", __FUNCTION__, daddr);
286
287         IRDA_ASSERT(self != NULL, return;);
288         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
289
290         self->daddr = daddr;
291
292         /*
293          *  If the service user specifies QoS values for this connection,
294          *  then use them
295          */
296         irlap_init_qos_capabilities(self, qos_user);
297
298         if ((self->state == LAP_NDM) && !self->media_busy)
299                 irlap_do_event(self, CONNECT_REQUEST, NULL, NULL);
300         else
301                 self->connect_pending = TRUE;
302 }
303
304 /*
305  * Function irlap_connect_confirm (self, skb)
306  *
307  *    Connection request has been accepted
308  *
309  */
310 void irlap_connect_confirm(struct irlap_cb *self, struct sk_buff *skb)
311 {
312         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
313
314         IRDA_ASSERT(self != NULL, return;);
315         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
316
317         irlmp_link_connect_confirm(self->notify.instance, &self->qos_tx, skb);
318 }
319
320 /*
321  * Function irlap_data_indication (self, skb)
322  *
323  *    Received data frames from IR-port, so we just pass them up to
324  *    IrLMP for further processing
325  *
326  */
327 void irlap_data_indication(struct irlap_cb *self, struct sk_buff *skb,
328                            int unreliable)
329 {
330         /* Hide LAP header from IrLMP layer */
331         skb_pull(skb, LAP_ADDR_HEADER+LAP_CTRL_HEADER);
332
333         irlmp_link_data_indication(self->notify.instance, skb, unreliable);
334 }
335
336
337 /*
338  * Function irlap_data_request (self, skb)
339  *
340  *    Queue data for transmission, must wait until XMIT state
341  *
342  */
343 void irlap_data_request(struct irlap_cb *self, struct sk_buff *skb,
344                         int unreliable)
345 {
346         IRDA_ASSERT(self != NULL, return;);
347         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
348
349         IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
350
351         IRDA_ASSERT(skb_headroom(skb) >= (LAP_ADDR_HEADER+LAP_CTRL_HEADER),
352                     return;);
353         skb_push(skb, LAP_ADDR_HEADER+LAP_CTRL_HEADER);
354
355         /*
356          *  Must set frame format now so that the rest of the code knows
357          *  if its dealing with an I or an UI frame
358          */
359         if (unreliable)
360                 skb->data[1] = UI_FRAME;
361         else
362                 skb->data[1] = I_FRAME;
363
364         /* Don't forget to refcount it - see irlmp_connect_request(). */
365         skb_get(skb);
366
367         /* Add at the end of the queue (keep ordering) - Jean II */
368         skb_queue_tail(&self->txq, skb);
369
370         /*
371          *  Send event if this frame only if we are in the right state
372          *  FIXME: udata should be sent first! (skb_queue_head?)
373          */
374         if ((self->state == LAP_XMIT_P) || (self->state == LAP_XMIT_S)) {
375                 /* If we are not already processing the Tx queue, trigger
376                  * transmission immediately - Jean II */
377                 if((skb_queue_len(&self->txq) <= 1) && (!self->local_busy))
378                         irlap_do_event(self, DATA_REQUEST, skb, NULL);
379                 /* Otherwise, the packets will be sent normally at the
380                  * next pf-poll - Jean II */
381         }
382 }
383
384 /*
385  * Function irlap_unitdata_request (self, skb)
386  *
387  *    Send Ultra data. This is data that must be sent outside any connection
388  *
389  */
390 #ifdef CONFIG_IRDA_ULTRA
391 void irlap_unitdata_request(struct irlap_cb *self, struct sk_buff *skb)
392 {
393         IRDA_ASSERT(self != NULL, return;);
394         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
395
396         IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
397
398         IRDA_ASSERT(skb_headroom(skb) >= (LAP_ADDR_HEADER+LAP_CTRL_HEADER),
399                return;);
400         skb_push(skb, LAP_ADDR_HEADER+LAP_CTRL_HEADER);
401
402         skb->data[0] = CBROADCAST;
403         skb->data[1] = UI_FRAME;
404
405         /* Don't need to refcount, see irlmp_connless_data_request() */
406
407         skb_queue_tail(&self->txq_ultra, skb);
408
409         irlap_do_event(self, SEND_UI_FRAME, NULL, NULL);
410 }
411 #endif /*CONFIG_IRDA_ULTRA */
412
413 /*
414  * Function irlap_udata_indication (self, skb)
415  *
416  *    Receive Ultra data. This is data that is received outside any connection
417  *
418  */
419 #ifdef CONFIG_IRDA_ULTRA
420 void irlap_unitdata_indication(struct irlap_cb *self, struct sk_buff *skb)
421 {
422         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
423
424         IRDA_ASSERT(self != NULL, return;);
425         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
426         IRDA_ASSERT(skb != NULL, return;);
427
428         /* Hide LAP header from IrLMP layer */
429         skb_pull(skb, LAP_ADDR_HEADER+LAP_CTRL_HEADER);
430
431         irlmp_link_unitdata_indication(self->notify.instance, skb);
432 }
433 #endif /* CONFIG_IRDA_ULTRA */
434
435 /*
436  * Function irlap_disconnect_request (void)
437  *
438  *    Request to disconnect connection by service user
439  */
440 void irlap_disconnect_request(struct irlap_cb *self)
441 {
442         IRDA_DEBUG(3, "%s()\n", __FUNCTION__);
443
444         IRDA_ASSERT(self != NULL, return;);
445         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
446
447         /* Don't disconnect until all data frames are successfully sent */
448         if (!skb_queue_empty(&self->txq)) {
449                 self->disconnect_pending = TRUE;
450                 return;
451         }
452
453         /* Check if we are in the right state for disconnecting */
454         switch (self->state) {
455         case LAP_XMIT_P:        /* FALLTROUGH */
456         case LAP_XMIT_S:        /* FALLTROUGH */
457         case LAP_CONN:          /* FALLTROUGH */
458         case LAP_RESET_WAIT:    /* FALLTROUGH */
459         case LAP_RESET_CHECK:
460                 irlap_do_event(self, DISCONNECT_REQUEST, NULL, NULL);
461                 break;
462         default:
463                 IRDA_DEBUG(2, "%s(), disconnect pending!\n", __FUNCTION__);
464                 self->disconnect_pending = TRUE;
465                 break;
466         }
467 }
468
469 /*
470  * Function irlap_disconnect_indication (void)
471  *
472  *    Disconnect request from other device
473  *
474  */
475 void irlap_disconnect_indication(struct irlap_cb *self, LAP_REASON reason)
476 {
477         IRDA_DEBUG(1, "%s(), reason=%s\n", __FUNCTION__, lap_reasons[reason]);
478
479         IRDA_ASSERT(self != NULL, return;);
480         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
481
482         /* Flush queues */
483         irlap_flush_all_queues(self);
484
485         switch (reason) {
486         case LAP_RESET_INDICATION:
487                 IRDA_DEBUG(1, "%s(), Sending reset request!\n", __FUNCTION__);
488                 irlap_do_event(self, RESET_REQUEST, NULL, NULL);
489                 break;
490         case LAP_NO_RESPONSE:      /* FALLTROUGH */
491         case LAP_DISC_INDICATION:  /* FALLTROUGH */
492         case LAP_FOUND_NONE:       /* FALLTROUGH */
493         case LAP_MEDIA_BUSY:
494                 irlmp_link_disconnect_indication(self->notify.instance, self,
495                                                  reason, NULL);
496                 break;
497         default:
498                 IRDA_ERROR("%s: Unknown reason %d\n", __FUNCTION__, reason);
499         }
500 }
501
502 /*
503  * Function irlap_discovery_request (gen_addr_bit)
504  *
505  *    Start one single discovery operation.
506  *
507  */
508 void irlap_discovery_request(struct irlap_cb *self, discovery_t *discovery)
509 {
510         struct irlap_info info;
511
512         IRDA_ASSERT(self != NULL, return;);
513         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
514         IRDA_ASSERT(discovery != NULL, return;);
515
516         IRDA_DEBUG(4, "%s(), nslots = %d\n", __FUNCTION__, discovery->nslots);
517
518         IRDA_ASSERT((discovery->nslots == 1) || (discovery->nslots == 6) ||
519                     (discovery->nslots == 8) || (discovery->nslots == 16),
520                     return;);
521
522         /* Discovery is only possible in NDM mode */
523         if (self->state != LAP_NDM) {
524                 IRDA_DEBUG(4, "%s(), discovery only possible in NDM mode\n",
525                            __FUNCTION__);
526                 irlap_discovery_confirm(self, NULL);
527                 /* Note : in theory, if we are not in NDM, we could postpone
528                  * the discovery like we do for connection request.
529                  * In practice, it's not worth it. If the media was busy,
530                  * it's likely next time around it won't be busy. If we are
531                  * in REPLY state, we will get passive discovery info & event.
532                  * Jean II */
533                 return;
534         }
535
536         /* Check if last discovery request finished in time, or if
537          * it was aborted due to the media busy flag. */
538         if (self->discovery_log != NULL) {
539                 hashbin_delete(self->discovery_log, (FREE_FUNC) kfree);
540                 self->discovery_log = NULL;
541         }
542
543         /* All operations will occur at predictable time, no need to lock */
544         self->discovery_log = hashbin_new(HB_NOLOCK);
545
546         if (self->discovery_log == NULL) {
547                 IRDA_WARNING("%s(), Unable to allocate discovery log!\n",
548                              __FUNCTION__);
549                 return;
550         }
551
552         info.S = discovery->nslots; /* Number of slots */
553         info.s = 0; /* Current slot */
554
555         self->discovery_cmd = discovery;
556         info.discovery = discovery;
557
558         /* sysctl_slot_timeout bounds are checked in irsysctl.c - Jean II */
559         self->slot_timeout = sysctl_slot_timeout * HZ / 1000;
560
561         irlap_do_event(self, DISCOVERY_REQUEST, NULL, &info);
562 }
563
564 /*
565  * Function irlap_discovery_confirm (log)
566  *
567  *    A device has been discovered in front of this station, we
568  *    report directly to LMP.
569  */
570 void irlap_discovery_confirm(struct irlap_cb *self, hashbin_t *discovery_log)
571 {
572         IRDA_ASSERT(self != NULL, return;);
573         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
574
575         IRDA_ASSERT(self->notify.instance != NULL, return;);
576
577         /*
578          * Check for successful discovery, since we are then allowed to clear
579          * the media busy condition (IrLAP 6.13.4 - p.94). This should allow
580          * us to make connection attempts much faster and easier (i.e. no
581          * collisions).
582          * Setting media busy to false will also generate an event allowing
583          * to process pending events in NDM state machine.
584          * Note : the spec doesn't define what's a successful discovery is.
585          * If we want Ultra to work, it's successful even if there is
586          * nobody discovered - Jean II
587          */
588         if (discovery_log)
589                 irda_device_set_media_busy(self->netdev, FALSE);
590
591         /* Inform IrLMP */
592         irlmp_link_discovery_confirm(self->notify.instance, discovery_log);
593 }
594
595 /*
596  * Function irlap_discovery_indication (log)
597  *
598  *    Somebody is trying to discover us!
599  *
600  */
601 void irlap_discovery_indication(struct irlap_cb *self, discovery_t *discovery)
602 {
603         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
604
605         IRDA_ASSERT(self != NULL, return;);
606         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
607         IRDA_ASSERT(discovery != NULL, return;);
608
609         IRDA_ASSERT(self->notify.instance != NULL, return;);
610
611         /* A device is very likely to connect immediately after it performs
612          * a successful discovery. This means that in our case, we are much
613          * more likely to receive a connection request over the medium.
614          * So, we backoff to avoid collisions.
615          * IrLAP spec 6.13.4 suggest 100ms...
616          * Note : this little trick actually make a *BIG* difference. If I set
617          * my Linux box with discovery enabled and one Ultra frame sent every
618          * second, my Palm has no trouble connecting to it every time !
619          * Jean II */
620         irda_device_set_media_busy(self->netdev, SMALL);
621
622         irlmp_link_discovery_indication(self->notify.instance, discovery);
623 }
624
625 /*
626  * Function irlap_status_indication (quality_of_link)
627  */
628 void irlap_status_indication(struct irlap_cb *self, int quality_of_link)
629 {
630         switch (quality_of_link) {
631         case STATUS_NO_ACTIVITY:
632                 IRDA_MESSAGE("IrLAP, no activity on link!\n");
633                 break;
634         case STATUS_NOISY:
635                 IRDA_MESSAGE("IrLAP, noisy link!\n");
636                 break;
637         default:
638                 break;
639         }
640         irlmp_status_indication(self->notify.instance,
641                                 quality_of_link, LOCK_NO_CHANGE);
642 }
643
644 /*
645  * Function irlap_reset_indication (void)
646  */
647 void irlap_reset_indication(struct irlap_cb *self)
648 {
649         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
650
651         IRDA_ASSERT(self != NULL, return;);
652         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
653
654         if (self->state == LAP_RESET_WAIT)
655                 irlap_do_event(self, RESET_REQUEST, NULL, NULL);
656         else
657                 irlap_do_event(self, RESET_RESPONSE, NULL, NULL);
658 }
659
660 /*
661  * Function irlap_reset_confirm (void)
662  */
663 void irlap_reset_confirm(void)
664 {
665         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
666 }
667
668 /*
669  * Function irlap_generate_rand_time_slot (S, s)
670  *
671  *    Generate a random time slot between s and S-1 where
672  *    S = Number of slots (0 -> S-1)
673  *    s = Current slot
674  */
675 int irlap_generate_rand_time_slot(int S, int s)
676 {
677         static int rand;
678         int slot;
679
680         IRDA_ASSERT((S - s) > 0, return 0;);
681
682         rand += jiffies;
683         rand ^= (rand << 12);
684         rand ^= (rand >> 20);
685
686         slot = s + rand % (S-s);
687
688         IRDA_ASSERT((slot >= s) || (slot < S), return 0;);
689
690         return slot;
691 }
692
693 /*
694  * Function irlap_update_nr_received (nr)
695  *
696  *    Remove all acknowledged frames in current window queue. This code is
697  *    not intuitive and you should not try to change it. If you think it
698  *    contains bugs, please mail a patch to the author instead.
699  */
700 void irlap_update_nr_received(struct irlap_cb *self, int nr)
701 {
702         struct sk_buff *skb = NULL;
703         int count = 0;
704
705         /*
706          * Remove all the ack-ed frames from the window queue.
707          */
708
709         /*
710          *  Optimize for the common case. It is most likely that the receiver
711          *  will acknowledge all the frames we have sent! So in that case we
712          *  delete all frames stored in window.
713          */
714         if (nr == self->vs) {
715                 while ((skb = skb_dequeue(&self->wx_list)) != NULL) {
716                         dev_kfree_skb(skb);
717                 }
718                 /* The last acked frame is the next to send minus one */
719                 self->va = nr - 1;
720         } else {
721                 /* Remove all acknowledged frames in current window */
722                 while ((skb_peek(&self->wx_list) != NULL) &&
723                        (((self->va+1) % 8) != nr))
724                 {
725                         skb = skb_dequeue(&self->wx_list);
726                         dev_kfree_skb(skb);
727
728                         self->va = (self->va + 1) % 8;
729                         count++;
730                 }
731         }
732
733         /* Advance window */
734         self->window = self->window_size - skb_queue_len(&self->wx_list);
735 }
736
737 /*
738  * Function irlap_validate_ns_received (ns)
739  *
740  *    Validate the next to send (ns) field from received frame.
741  */
742 int irlap_validate_ns_received(struct irlap_cb *self, int ns)
743 {
744         /*  ns as expected?  */
745         if (ns == self->vr)
746                 return NS_EXPECTED;
747         /*
748          *  Stations are allowed to treat invalid NS as unexpected NS
749          *  IrLAP, Recv ... with-invalid-Ns. p. 84
750          */
751         return NS_UNEXPECTED;
752
753         /* return NR_INVALID; */
754 }
755 /*
756  * Function irlap_validate_nr_received (nr)
757  *
758  *    Validate the next to receive (nr) field from received frame.
759  *
760  */
761 int irlap_validate_nr_received(struct irlap_cb *self, int nr)
762 {
763         /*  nr as expected?  */
764         if (nr == self->vs) {
765                 IRDA_DEBUG(4, "%s(), expected!\n", __FUNCTION__);
766                 return NR_EXPECTED;
767         }
768
769         /*
770          *  unexpected nr? (but within current window), first we check if the
771          *  ns numbers of the frames in the current window wrap.
772          */
773         if (self->va < self->vs) {
774                 if ((nr >= self->va) && (nr <= self->vs))
775                         return NR_UNEXPECTED;
776         } else {
777                 if ((nr >= self->va) || (nr <= self->vs))
778                         return NR_UNEXPECTED;
779         }
780
781         /* Invalid nr!  */
782         return NR_INVALID;
783 }
784
785 /*
786  * Function irlap_initiate_connection_state ()
787  *
788  *    Initialize the connection state parameters
789  *
790  */
791 void irlap_initiate_connection_state(struct irlap_cb *self)
792 {
793         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
794
795         IRDA_ASSERT(self != NULL, return;);
796         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
797
798         /* Next to send and next to receive */
799         self->vs = self->vr = 0;
800
801         /* Last frame which got acked (0 - 1) % 8 */
802         self->va = 7;
803
804         self->window = 1;
805
806         self->remote_busy = FALSE;
807         self->retry_count = 0;
808 }
809
810 /*
811  * Function irlap_wait_min_turn_around (self, qos)
812  *
813  *    Wait negotiated minimum turn around time, this function actually sets
814  *    the number of BOS's that must be sent before the next transmitted
815  *    frame in order to delay for the specified amount of time. This is
816  *    done to avoid using timers, and the forbidden udelay!
817  */
818 void irlap_wait_min_turn_around(struct irlap_cb *self, struct qos_info *qos)
819 {
820         __u32 min_turn_time;
821         __u32 speed;
822
823         /* Get QoS values.  */
824         speed = qos->baud_rate.value;
825         min_turn_time = qos->min_turn_time.value;
826
827         /* No need to calculate XBOFs for speeds over 115200 bps */
828         if (speed > 115200) {
829                 self->mtt_required = min_turn_time;
830                 return;
831         }
832
833         /*
834          *  Send additional BOF's for the next frame for the requested
835          *  min turn time, so now we must calculate how many chars (XBOF's) we
836          *  must send for the requested time period (min turn time)
837          */
838         self->xbofs_delay = irlap_min_turn_time_in_bytes(speed, min_turn_time);
839 }
840
841 /*
842  * Function irlap_flush_all_queues (void)
843  *
844  *    Flush all queues
845  *
846  */
847 void irlap_flush_all_queues(struct irlap_cb *self)
848 {
849         struct sk_buff* skb;
850
851         IRDA_ASSERT(self != NULL, return;);
852         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
853
854         /* Free transmission queue */
855         while ((skb = skb_dequeue(&self->txq)) != NULL)
856                 dev_kfree_skb(skb);
857
858         while ((skb = skb_dequeue(&self->txq_ultra)) != NULL)
859                 dev_kfree_skb(skb);
860
861         /* Free sliding window buffered packets */
862         while ((skb = skb_dequeue(&self->wx_list)) != NULL)
863                 dev_kfree_skb(skb);
864 }
865
866 /*
867  * Function irlap_setspeed (self, speed)
868  *
869  *    Change the speed of the IrDA port
870  *
871  */
872 static void irlap_change_speed(struct irlap_cb *self, __u32 speed, int now)
873 {
874         struct sk_buff *skb;
875
876         IRDA_DEBUG(0, "%s(), setting speed to %d\n", __FUNCTION__, speed);
877
878         IRDA_ASSERT(self != NULL, return;);
879         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
880
881         self->speed = speed;
882
883         /* Change speed now, or just piggyback speed on frames */
884         if (now) {
885                 /* Send down empty frame to trigger speed change */
886                 skb = dev_alloc_skb(0);
887                 irlap_queue_xmit(self, skb);
888         }
889 }
890
891 /*
892  * Function irlap_init_qos_capabilities (self, qos)
893  *
894  *    Initialize QoS for this IrLAP session, What we do is to compute the
895  *    intersection of the QoS capabilities for the user, driver and for
896  *    IrLAP itself. Normally, IrLAP will not specify any values, but it can
897  *    be used to restrict certain values.
898  */
899 static void irlap_init_qos_capabilities(struct irlap_cb *self,
900                                         struct qos_info *qos_user)
901 {
902         IRDA_ASSERT(self != NULL, return;);
903         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
904         IRDA_ASSERT(self->netdev != NULL, return;);
905
906         /* Start out with the maximum QoS support possible */
907         irda_init_max_qos_capabilies(&self->qos_rx);
908
909         /* Apply drivers QoS capabilities */
910         irda_qos_compute_intersection(&self->qos_rx, self->qos_dev);
911
912         /*
913          *  Check for user supplied QoS parameters. The service user is only
914          *  allowed to supply these values. We check each parameter since the
915          *  user may not have set all of them.
916          */
917         if (qos_user) {
918                 IRDA_DEBUG(1, "%s(), Found user specified QoS!\n", __FUNCTION__);
919
920                 if (qos_user->baud_rate.bits)
921                         self->qos_rx.baud_rate.bits &= qos_user->baud_rate.bits;
922
923                 if (qos_user->max_turn_time.bits)
924                         self->qos_rx.max_turn_time.bits &= qos_user->max_turn_time.bits;
925                 if (qos_user->data_size.bits)
926                         self->qos_rx.data_size.bits &= qos_user->data_size.bits;
927
928                 if (qos_user->link_disc_time.bits)
929                         self->qos_rx.link_disc_time.bits &= qos_user->link_disc_time.bits;
930         }
931
932         /* Use 500ms in IrLAP for now */
933         self->qos_rx.max_turn_time.bits &= 0x01;
934
935         /* Set data size */
936         /*self->qos_rx.data_size.bits &= 0x03;*/
937
938         irda_qos_bits_to_value(&self->qos_rx);
939 }
940
941 /*
942  * Function irlap_apply_default_connection_parameters (void, now)
943  *
944  *    Use the default connection and transmission parameters
945  */
946 void irlap_apply_default_connection_parameters(struct irlap_cb *self)
947 {
948         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
949
950         IRDA_ASSERT(self != NULL, return;);
951         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
952
953         /* xbofs : Default value in NDM */
954         self->next_bofs   = 12;
955         self->bofs_count  = 12;
956
957         /* NDM Speed is 9600 */
958         irlap_change_speed(self, 9600, TRUE);
959
960         /* Set mbusy when going to NDM state */
961         irda_device_set_media_busy(self->netdev, TRUE);
962
963         /*
964          * Generate random connection address for this session, which must
965          * be 7 bits wide and different from 0x00 and 0xfe
966          */
967         while ((self->caddr == 0x00) || (self->caddr == 0xfe)) {
968                 get_random_bytes(&self->caddr, sizeof(self->caddr));
969                 self->caddr &= 0xfe;
970         }
971
972         /* Use default values until connection has been negitiated */
973         self->slot_timeout = sysctl_slot_timeout;
974         self->final_timeout = FINAL_TIMEOUT;
975         self->poll_timeout = POLL_TIMEOUT;
976         self->wd_timeout = WD_TIMEOUT;
977
978         /* Set some default values */
979         self->qos_tx.baud_rate.value = 9600;
980         self->qos_rx.baud_rate.value = 9600;
981         self->qos_tx.max_turn_time.value = 0;
982         self->qos_rx.max_turn_time.value = 0;
983         self->qos_tx.min_turn_time.value = 0;
984         self->qos_rx.min_turn_time.value = 0;
985         self->qos_tx.data_size.value = 64;
986         self->qos_rx.data_size.value = 64;
987         self->qos_tx.window_size.value = 1;
988         self->qos_rx.window_size.value = 1;
989         self->qos_tx.additional_bofs.value = 12;
990         self->qos_rx.additional_bofs.value = 12;
991         self->qos_tx.link_disc_time.value = 0;
992         self->qos_rx.link_disc_time.value = 0;
993
994         irlap_flush_all_queues(self);
995
996         self->disconnect_pending = FALSE;
997         self->connect_pending = FALSE;
998 }
999
1000 /*
1001  * Function irlap_apply_connection_parameters (qos, now)
1002  *
1003  *    Initialize IrLAP with the negotiated QoS values
1004  *
1005  * If 'now' is false, the speed and xbofs will be changed after the next
1006  * frame is sent.
1007  * If 'now' is true, the speed and xbofs is changed immediately
1008  */
1009 void irlap_apply_connection_parameters(struct irlap_cb *self, int now)
1010 {
1011         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1012
1013         IRDA_ASSERT(self != NULL, return;);
1014         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
1015
1016         /* Set the negotiated xbofs value */
1017         self->next_bofs   = self->qos_tx.additional_bofs.value;
1018         if (now)
1019                 self->bofs_count = self->next_bofs;
1020
1021         /* Set the negotiated link speed (may need the new xbofs value) */
1022         irlap_change_speed(self, self->qos_tx.baud_rate.value, now);
1023
1024         self->window_size = self->qos_tx.window_size.value;
1025         self->window      = self->qos_tx.window_size.value;
1026
1027 #ifdef CONFIG_IRDA_DYNAMIC_WINDOW
1028         /*
1029          *  Calculate how many bytes it is possible to transmit before the
1030          *  link must be turned around
1031          */
1032         self->line_capacity =
1033                 irlap_max_line_capacity(self->qos_tx.baud_rate.value,
1034                                         self->qos_tx.max_turn_time.value);
1035         self->bytes_left = self->line_capacity;
1036 #endif /* CONFIG_IRDA_DYNAMIC_WINDOW */
1037
1038
1039         /*
1040          *  Initialize timeout values, some of the rules are listed on
1041          *  page 92 in IrLAP.
1042          */
1043         IRDA_ASSERT(self->qos_tx.max_turn_time.value != 0, return;);
1044         IRDA_ASSERT(self->qos_rx.max_turn_time.value != 0, return;);
1045         /* The poll timeout applies only to the primary station.
1046          * It defines the maximum time the primary stay in XMIT mode
1047          * before timeout and turning the link around (sending a RR).
1048          * Or, this is how much we can keep the pf bit in primary mode.
1049          * Therefore, it must be lower or equal than our *OWN* max turn around.
1050          * Jean II */
1051         self->poll_timeout = self->qos_tx.max_turn_time.value * HZ / 1000;
1052         /* The Final timeout applies only to the primary station.
1053          * It defines the maximum time the primary wait (mostly in RECV mode)
1054          * for an answer from the secondary station before polling it again.
1055          * Therefore, it must be greater or equal than our *PARTNER*
1056          * max turn around time - Jean II */
1057         self->final_timeout = self->qos_rx.max_turn_time.value * HZ / 1000;
1058         /* The Watchdog Bit timeout applies only to the secondary station.
1059          * It defines the maximum time the secondary wait (mostly in RECV mode)
1060          * for poll from the primary station before getting annoyed.
1061          * Therefore, it must be greater or equal than our *PARTNER*
1062          * max turn around time - Jean II */
1063         self->wd_timeout = self->final_timeout * 2;
1064
1065         /*
1066          * N1 and N2 are maximum retry count for *both* the final timer
1067          * and the wd timer (with a factor 2) as defined above.
1068          * After N1 retry of a timer, we give a warning to the user.
1069          * After N2 retry, we consider the link dead and disconnect it.
1070          * Jean II
1071          */
1072
1073         /*
1074          *  Set N1 to 0 if Link Disconnect/Threshold Time = 3 and set it to
1075          *  3 seconds otherwise. See page 71 in IrLAP for more details.
1076          *  Actually, it's not always 3 seconds, as we allow to set
1077          *  it via sysctl... Max maxtt is 500ms, and N1 need to be multiple
1078          *  of 2, so 1 second is minimum we can allow. - Jean II
1079          */
1080         if (self->qos_tx.link_disc_time.value == sysctl_warn_noreply_time)
1081                 /*
1082                  * If we set N1 to 0, it will trigger immediately, which is
1083                  * not what we want. What we really want is to disable it,
1084                  * Jean II
1085                  */
1086                 self->N1 = -2; /* Disable - Need to be multiple of 2*/
1087         else
1088                 self->N1 = sysctl_warn_noreply_time * 1000 /
1089                   self->qos_rx.max_turn_time.value;
1090
1091         IRDA_DEBUG(4, "Setting N1 = %d\n", self->N1);
1092
1093         /* Set N2 to match our own disconnect time */
1094         self->N2 = self->qos_tx.link_disc_time.value * 1000 /
1095                 self->qos_rx.max_turn_time.value;
1096         IRDA_DEBUG(4, "Setting N2 = %d\n", self->N2);
1097 }
1098
1099 #ifdef CONFIG_PROC_FS
1100 struct irlap_iter_state {
1101         int id;
1102 };
1103
1104 static void *irlap_seq_start(struct seq_file *seq, loff_t *pos)
1105 {
1106         struct irlap_iter_state *iter = seq->private;
1107         struct irlap_cb *self;
1108
1109         /* Protect our access to the tsap list */
1110         spin_lock_irq(&irlap->hb_spinlock);
1111         iter->id = 0;
1112
1113         for (self = (struct irlap_cb *) hashbin_get_first(irlap); 
1114              self; self = (struct irlap_cb *) hashbin_get_next(irlap)) {
1115                 if (iter->id == *pos)
1116                         break;
1117                 ++iter->id;
1118         }
1119                 
1120         return self;
1121 }
1122
1123 static void *irlap_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1124 {
1125         struct irlap_iter_state *iter = seq->private;
1126
1127         ++*pos;
1128         ++iter->id;
1129         return (void *) hashbin_get_next(irlap);
1130 }
1131
1132 static void irlap_seq_stop(struct seq_file *seq, void *v)
1133 {
1134         spin_unlock_irq(&irlap->hb_spinlock);
1135 }
1136
1137 static int irlap_seq_show(struct seq_file *seq, void *v)
1138 {
1139         const struct irlap_iter_state *iter = seq->private;
1140         const struct irlap_cb *self = v;
1141         
1142         IRDA_ASSERT(self->magic == LAP_MAGIC, return -EINVAL;);
1143
1144         seq_printf(seq, "irlap%d ", iter->id);
1145         seq_printf(seq, "state: %s\n",
1146                    irlap_state[self->state]);
1147
1148         seq_printf(seq, "  device name: %s, ",
1149                    (self->netdev) ? self->netdev->name : "bug");
1150         seq_printf(seq, "hardware name: %s\n", self->hw_name);
1151
1152         seq_printf(seq, "  caddr: %#02x, ", self->caddr);
1153         seq_printf(seq, "saddr: %#08x, ", self->saddr);
1154         seq_printf(seq, "daddr: %#08x\n", self->daddr);
1155
1156         seq_printf(seq, "  win size: %d, ",
1157                    self->window_size);
1158         seq_printf(seq, "win: %d, ", self->window);
1159 #ifdef CONFIG_IRDA_DYNAMIC_WINDOW
1160         seq_printf(seq, "line capacity: %d, ",
1161                    self->line_capacity);
1162         seq_printf(seq, "bytes left: %d\n", self->bytes_left);
1163 #endif /* CONFIG_IRDA_DYNAMIC_WINDOW */
1164         seq_printf(seq, "  tx queue len: %d ",
1165                    skb_queue_len(&self->txq));
1166         seq_printf(seq, "win queue len: %d ",
1167                    skb_queue_len(&self->wx_list));
1168         seq_printf(seq, "rbusy: %s", self->remote_busy ?
1169                    "TRUE" : "FALSE");
1170         seq_printf(seq, " mbusy: %s\n", self->media_busy ?
1171                    "TRUE" : "FALSE");
1172
1173         seq_printf(seq, "  retrans: %d ", self->retry_count);
1174         seq_printf(seq, "vs: %d ", self->vs);
1175         seq_printf(seq, "vr: %d ", self->vr);
1176         seq_printf(seq, "va: %d\n", self->va);
1177
1178         seq_printf(seq, "  qos\tbps\tmaxtt\tdsize\twinsize\taddbofs\tmintt\tldisc\tcomp\n");
1179
1180         seq_printf(seq, "  tx\t%d\t",
1181                    self->qos_tx.baud_rate.value);
1182         seq_printf(seq, "%d\t",
1183                    self->qos_tx.max_turn_time.value);
1184         seq_printf(seq, "%d\t",
1185                    self->qos_tx.data_size.value);
1186         seq_printf(seq, "%d\t",
1187                    self->qos_tx.window_size.value);
1188         seq_printf(seq, "%d\t",
1189                    self->qos_tx.additional_bofs.value);
1190         seq_printf(seq, "%d\t",
1191                    self->qos_tx.min_turn_time.value);
1192         seq_printf(seq, "%d\t",
1193                    self->qos_tx.link_disc_time.value);
1194         seq_printf(seq, "\n");
1195
1196         seq_printf(seq, "  rx\t%d\t",
1197                    self->qos_rx.baud_rate.value);
1198         seq_printf(seq, "%d\t",
1199                    self->qos_rx.max_turn_time.value);
1200         seq_printf(seq, "%d\t",
1201                    self->qos_rx.data_size.value);
1202         seq_printf(seq, "%d\t",
1203                    self->qos_rx.window_size.value);
1204         seq_printf(seq, "%d\t",
1205                    self->qos_rx.additional_bofs.value);
1206         seq_printf(seq, "%d\t",
1207                    self->qos_rx.min_turn_time.value);
1208         seq_printf(seq, "%d\n",
1209                    self->qos_rx.link_disc_time.value);
1210
1211         return 0;
1212 }
1213
1214 static struct seq_operations irlap_seq_ops = {
1215         .start  = irlap_seq_start,
1216         .next   = irlap_seq_next,
1217         .stop   = irlap_seq_stop,
1218         .show   = irlap_seq_show,
1219 };
1220
1221 static int irlap_seq_open(struct inode *inode, struct file *file)
1222 {
1223         struct seq_file *seq;
1224         int rc = -ENOMEM;
1225         struct irlap_iter_state *s = kmalloc(sizeof(*s), GFP_KERNEL);
1226        
1227         if (!s)
1228                 goto out;
1229
1230         if (irlap == NULL) {
1231                 rc = -EINVAL;
1232                 goto out_kfree;
1233         }
1234
1235         rc = seq_open(file, &irlap_seq_ops);
1236         if (rc)
1237                 goto out_kfree;
1238
1239         seq          = file->private_data;
1240         seq->private = s;
1241         memset(s, 0, sizeof(*s));
1242 out:
1243         return rc;
1244 out_kfree:
1245         kfree(s);
1246         goto out;
1247 }
1248
1249 struct file_operations irlap_seq_fops = {
1250         .owner          = THIS_MODULE,
1251         .open           = irlap_seq_open,
1252         .read           = seq_read,
1253         .llseek         = seq_lseek,
1254         .release        = seq_release_private,
1255 };
1256
1257 #endif /* CONFIG_PROC_FS */