[ALSA] Fix use after free in opl3_seq and opl3_oss
[linux-2.6] / net / irda / irlap_event.c
1 /*********************************************************************
2  *
3  * Filename:      irlap_event.c
4  * Version:       0.9
5  * Description:   IrLAP state machine implementation
6  * Status:        Experimental.
7  * Author:        Dag Brattli <dag@brattli.net>
8  * Created at:    Sat Aug 16 00:59:29 1997
9  * Modified at:   Sat Dec 25 21:07:57 1999
10  * Modified by:   Dag Brattli <dag@brattli.net>
11  *
12  *     Copyright (c) 1998-2000 Dag Brattli <dag@brattli.net>,
13  *     Copyright (c) 1998      Thomas Davis <ratbert@radiks.net>
14  *     All Rights Reserved.
15  *     Copyright (c) 2000-2003 Jean Tourrilhes <jt@hpl.hp.com>
16  *
17  *     This program is free software; you can redistribute it and/or
18  *     modify it under the terms of the GNU General Public License as
19  *     published by the Free Software Foundation; either version 2 of
20  *     the License, or (at your option) any later version.
21  *
22  *     Neither Dag Brattli nor University of Tromsø admit liability nor
23  *     provide warranty for any of this software. This material is
24  *     provided "AS-IS" and at no charge.
25  *
26  ********************************************************************/
27
28 #include <linux/config.h>
29 #include <linux/string.h>
30 #include <linux/kernel.h>
31 #include <linux/delay.h>
32 #include <linux/skbuff.h>
33
34 #include <net/irda/irda.h>
35 #include <net/irda/irlap_event.h>
36
37 #include <net/irda/timer.h>
38 #include <net/irda/irlap.h>
39 #include <net/irda/irlap_frame.h>
40 #include <net/irda/qos.h>
41 #include <net/irda/parameters.h>
42 #include <net/irda/irlmp.h>             /* irlmp_flow_indication(), ... */
43
44 #include <net/irda/irda_device.h>
45
46 #ifdef CONFIG_IRDA_FAST_RR
47 int sysctl_fast_poll_increase = 50;
48 #endif
49
50 static int irlap_state_ndm    (struct irlap_cb *self, IRLAP_EVENT event,
51                                struct sk_buff *skb, struct irlap_info *info);
52 static int irlap_state_query  (struct irlap_cb *self, IRLAP_EVENT event,
53                                struct sk_buff *skb, struct irlap_info *info);
54 static int irlap_state_reply  (struct irlap_cb *self, IRLAP_EVENT event,
55                                struct sk_buff *skb, struct irlap_info *info);
56 static int irlap_state_conn   (struct irlap_cb *self, IRLAP_EVENT event,
57                                struct sk_buff *skb, struct irlap_info *info);
58 static int irlap_state_setup  (struct irlap_cb *self, IRLAP_EVENT event,
59                                struct sk_buff *skb, struct irlap_info *info);
60 static int irlap_state_offline(struct irlap_cb *self, IRLAP_EVENT event,
61                                struct sk_buff *skb, struct irlap_info *info);
62 static int irlap_state_xmit_p (struct irlap_cb *self, IRLAP_EVENT event,
63                                struct sk_buff *skb, struct irlap_info *info);
64 static int irlap_state_pclose (struct irlap_cb *self, IRLAP_EVENT event,
65                                struct sk_buff *skb, struct irlap_info *info);
66 static int irlap_state_nrm_p  (struct irlap_cb *self, IRLAP_EVENT event,
67                                struct sk_buff *skb, struct irlap_info *info);
68 static int irlap_state_reset_wait(struct irlap_cb *self, IRLAP_EVENT event,
69                                   struct sk_buff *skb, struct irlap_info *info);
70 static int irlap_state_reset  (struct irlap_cb *self, IRLAP_EVENT event,
71                                struct sk_buff *skb, struct irlap_info *info);
72 static int irlap_state_nrm_s  (struct irlap_cb *self, IRLAP_EVENT event,
73                                struct sk_buff *skb, struct irlap_info *info);
74 static int irlap_state_xmit_s (struct irlap_cb *self, IRLAP_EVENT event,
75                                struct sk_buff *skb, struct irlap_info *info);
76 static int irlap_state_sclose (struct irlap_cb *self, IRLAP_EVENT event,
77                                struct sk_buff *skb, struct irlap_info *info);
78 static int irlap_state_reset_check(struct irlap_cb *, IRLAP_EVENT event,
79                                    struct sk_buff *, struct irlap_info *);
80
81 #ifdef CONFIG_IRDA_DEBUG
82 static const char *irlap_event[] = {
83         "DISCOVERY_REQUEST",
84         "CONNECT_REQUEST",
85         "CONNECT_RESPONSE",
86         "DISCONNECT_REQUEST",
87         "DATA_REQUEST",
88         "RESET_REQUEST",
89         "RESET_RESPONSE",
90         "SEND_I_CMD",
91         "SEND_UI_FRAME",
92         "RECV_DISCOVERY_XID_CMD",
93         "RECV_DISCOVERY_XID_RSP",
94         "RECV_SNRM_CMD",
95         "RECV_TEST_CMD",
96         "RECV_TEST_RSP",
97         "RECV_UA_RSP",
98         "RECV_DM_RSP",
99         "RECV_RD_RSP",
100         "RECV_I_CMD",
101         "RECV_I_RSP",
102         "RECV_UI_FRAME",
103         "RECV_FRMR_RSP",
104         "RECV_RR_CMD",
105         "RECV_RR_RSP",
106         "RECV_RNR_CMD",
107         "RECV_RNR_RSP",
108         "RECV_REJ_CMD",
109         "RECV_REJ_RSP",
110         "RECV_SREJ_CMD",
111         "RECV_SREJ_RSP",
112         "RECV_DISC_CMD",
113         "SLOT_TIMER_EXPIRED",
114         "QUERY_TIMER_EXPIRED",
115         "FINAL_TIMER_EXPIRED",
116         "POLL_TIMER_EXPIRED",
117         "DISCOVERY_TIMER_EXPIRED",
118         "WD_TIMER_EXPIRED",
119         "BACKOFF_TIMER_EXPIRED",
120         "MEDIA_BUSY_TIMER_EXPIRED",
121 };
122 #endif  /* CONFIG_IRDA_DEBUG */
123
124 const char *irlap_state[] = {
125         "LAP_NDM",
126         "LAP_QUERY",
127         "LAP_REPLY",
128         "LAP_CONN",
129         "LAP_SETUP",
130         "LAP_OFFLINE",
131         "LAP_XMIT_P",
132         "LAP_PCLOSE",
133         "LAP_NRM_P",
134         "LAP_RESET_WAIT",
135         "LAP_RESET",
136         "LAP_NRM_S",
137         "LAP_XMIT_S",
138         "LAP_SCLOSE",
139         "LAP_RESET_CHECK",
140 };
141
142 static int (*state[])(struct irlap_cb *self, IRLAP_EVENT event,
143                       struct sk_buff *skb, struct irlap_info *info) =
144 {
145         irlap_state_ndm,
146         irlap_state_query,
147         irlap_state_reply,
148         irlap_state_conn,
149         irlap_state_setup,
150         irlap_state_offline,
151         irlap_state_xmit_p,
152         irlap_state_pclose,
153         irlap_state_nrm_p,
154         irlap_state_reset_wait,
155         irlap_state_reset,
156         irlap_state_nrm_s,
157         irlap_state_xmit_s,
158         irlap_state_sclose,
159         irlap_state_reset_check,
160 };
161
162 /*
163  * Function irda_poll_timer_expired (data)
164  *
165  *    Poll timer has expired. Normally we must now send a RR frame to the
166  *    remote device
167  */
168 static void irlap_poll_timer_expired(void *data)
169 {
170         struct irlap_cb *self = (struct irlap_cb *) data;
171
172         IRDA_ASSERT(self != NULL, return;);
173         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
174
175         irlap_do_event(self, POLL_TIMER_EXPIRED, NULL, NULL);
176 }
177
178 /*
179  * Calculate and set time before we will have to send back the pf bit
180  * to the peer. Use in primary.
181  * Make sure that state is XMIT_P/XMIT_S when calling this function
182  * (and that nobody messed up with the state). - Jean II
183  */
184 static void irlap_start_poll_timer(struct irlap_cb *self, int timeout)
185 {
186         IRDA_ASSERT(self != NULL, return;);
187         IRDA_ASSERT(self->magic == LAP_MAGIC, return;);
188
189 #ifdef CONFIG_IRDA_FAST_RR
190         /*
191          * Send out the RR frames faster if our own transmit queue is empty, or
192          * if the peer is busy. The effect is a much faster conversation
193          */
194         if (skb_queue_empty(&self->txq) || self->remote_busy) {
195                 if (self->fast_RR == TRUE) {
196                         /*
197                          *  Assert that the fast poll timer has not reached the
198                          *  normal poll timer yet
199                          */
200                         if (self->fast_RR_timeout < timeout) {
201                                 /*
202                                  *  FIXME: this should be a more configurable
203                                  *         function
204                                  */
205                                 self->fast_RR_timeout +=
206                                         (sysctl_fast_poll_increase * HZ/1000);
207
208                                 /* Use this fast(er) timeout instead */
209                                 timeout = self->fast_RR_timeout;
210                         }
211                 } else {
212                         self->fast_RR = TRUE;
213
214                         /* Start with just 0 ms */
215                         self->fast_RR_timeout = 0;
216                         timeout = 0;
217                 }
218         } else
219                 self->fast_RR = FALSE;
220
221         IRDA_DEBUG(3, "%s(), timeout=%d (%ld)\n", __FUNCTION__, timeout, jiffies);
222 #endif /* CONFIG_IRDA_FAST_RR */
223
224         if (timeout == 0)
225                 irlap_do_event(self, POLL_TIMER_EXPIRED, NULL, NULL);
226         else
227                 irda_start_timer(&self->poll_timer, timeout, self,
228                                  irlap_poll_timer_expired);
229 }
230
231 /*
232  * Function irlap_do_event (event, skb, info)
233  *
234  *    Rushes through the state machine without any delay. If state == XMIT
235  *    then send queued data frames.
236  */
237 void irlap_do_event(struct irlap_cb *self, IRLAP_EVENT event,
238                     struct sk_buff *skb, struct irlap_info *info)
239 {
240         int ret;
241
242         if (!self || self->magic != LAP_MAGIC)
243                 return;
244
245         IRDA_DEBUG(3, "%s(), event = %s, state = %s\n", __FUNCTION__,
246                    irlap_event[event], irlap_state[self->state]);
247
248         ret = (*state[self->state])(self, event, skb, info);
249
250         /*
251          *  Check if there are any pending events that needs to be executed
252          */
253         switch (self->state) {
254         case LAP_XMIT_P: /* FALLTHROUGH */
255         case LAP_XMIT_S:
256                 /*
257                  * We just received the pf bit and are at the beginning
258                  * of a new LAP transmit window.
259                  * Check if there are any queued data frames, and do not
260                  * try to disconnect link if we send any data frames, since
261                  * that will change the state away form XMIT
262                  */
263                 IRDA_DEBUG(2, "%s() : queue len = %d\n", __FUNCTION__,
264                            skb_queue_len(&self->txq));
265
266                 if (!skb_queue_empty(&self->txq)) {
267                         /* Prevent race conditions with irlap_data_request() */
268                         self->local_busy = TRUE;
269
270                         /* Theory of operation.
271                          * We send frames up to when we fill the window or
272                          * reach line capacity. Those frames will queue up
273                          * in the device queue, and the driver will slowly
274                          * send them.
275                          * After each frame that we send, we poll the higher
276                          * layer for more data. It's the right time to do
277                          * that because the link layer need to perform the mtt
278                          * and then send the first frame, so we can afford
279                          * to send a bit of time in kernel space.
280                          * The explicit flow indication allow to minimise
281                          * buffers (== lower latency), to avoid higher layer
282                          * polling via timers (== less context switches) and
283                          * to implement a crude scheduler - Jean II */
284
285                         /* Try to send away all queued data frames */
286                         while ((skb = skb_dequeue(&self->txq)) != NULL) {
287                                 /* Send one frame */
288                                 ret = (*state[self->state])(self, SEND_I_CMD,
289                                                             skb, NULL);
290                                 /* Drop reference count.
291                                  * It will be increase as needed in
292                                  * irlap_send_data_xxx() */
293                                 kfree_skb(skb);
294
295                                 /* Poll the higher layers for one more frame */
296                                 irlmp_flow_indication(self->notify.instance,
297                                                       FLOW_START);
298
299                                 if (ret == -EPROTO)
300                                         break; /* Try again later! */
301                         }
302                         /* Finished transmitting */
303                         self->local_busy = FALSE;
304                 } else if (self->disconnect_pending) {
305                         self->disconnect_pending = FALSE;
306
307                         ret = (*state[self->state])(self, DISCONNECT_REQUEST,
308                                                     NULL, NULL);
309                 }
310                 break;
311 /*      case LAP_NDM: */
312 /*      case LAP_CONN: */
313 /*      case LAP_RESET_WAIT: */
314 /*      case LAP_RESET_CHECK: */
315         default:
316                 break;
317         }
318 }
319
320 /*
321  * Function irlap_next_state (self, state)
322  *
323  *    Switches state and provides debug information
324  *
325  */
326 static inline void irlap_next_state(struct irlap_cb *self, IRLAP_STATE state)
327 {
328         /*
329         if (!self || self->magic != LAP_MAGIC)
330                 return;
331
332         IRDA_DEBUG(4, "next LAP state = %s\n", irlap_state[state]);
333         */
334         self->state = state;
335 }
336
337 /*
338  * Function irlap_state_ndm (event, skb, frame)
339  *
340  *    NDM (Normal Disconnected Mode) state
341  *
342  */
343 static int irlap_state_ndm(struct irlap_cb *self, IRLAP_EVENT event,
344                            struct sk_buff *skb, struct irlap_info *info)
345 {
346         discovery_t *discovery_rsp;
347         int ret = 0;
348
349         IRDA_ASSERT(self != NULL, return -1;);
350         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
351
352         switch (event) {
353         case CONNECT_REQUEST:
354                 IRDA_ASSERT(self->netdev != NULL, return -1;);
355
356                 if (self->media_busy) {
357                         /* Note : this will never happen, because we test
358                          * media busy in irlap_connect_request() and
359                          * postpone the event... - Jean II */
360                         IRDA_DEBUG(0, "%s(), CONNECT_REQUEST: media busy!\n",
361                                    __FUNCTION__);
362
363                         /* Always switch state before calling upper layers */
364                         irlap_next_state(self, LAP_NDM);
365
366                         irlap_disconnect_indication(self, LAP_MEDIA_BUSY);
367                 } else {
368                         irlap_send_snrm_frame(self, &self->qos_rx);
369
370                         /* Start Final-bit timer */
371                         irlap_start_final_timer(self, self->final_timeout);
372
373                         self->retry_count = 0;
374                         irlap_next_state(self, LAP_SETUP);
375                 }
376                 break;
377         case RECV_SNRM_CMD:
378                 /* Check if the frame contains and I field */
379                 if (info) {
380                         self->daddr = info->daddr;
381                         self->caddr = info->caddr;
382
383                         irlap_next_state(self, LAP_CONN);
384
385                         irlap_connect_indication(self, skb);
386                 } else {
387                         IRDA_DEBUG(0, "%s(), SNRM frame does not "
388                                    "contain an I field!\n", __FUNCTION__);
389                 }
390                 break;
391         case DISCOVERY_REQUEST:
392                 IRDA_ASSERT(info != NULL, return -1;);
393
394                 if (self->media_busy) {
395                         IRDA_DEBUG(1, "%s(), DISCOVERY_REQUEST: media busy!\n",
396                                    __FUNCTION__);
397                         /* irlap->log.condition = MEDIA_BUSY; */
398
399                         /* This will make IrLMP try again */
400                         irlap_discovery_confirm(self, NULL);
401                         /* Note : the discovery log is not cleaned up here,
402                          * it will be done in irlap_discovery_request()
403                          * Jean II */
404                         return 0;
405                 }
406
407                 self->S = info->S;
408                 self->s = info->s;
409                 irlap_send_discovery_xid_frame(self, info->S, info->s, TRUE,
410                                                info->discovery);
411                 self->frame_sent = FALSE;
412                 self->s++;
413
414                 irlap_start_slot_timer(self, self->slot_timeout);
415                 irlap_next_state(self, LAP_QUERY);
416                 break;
417         case RECV_DISCOVERY_XID_CMD:
418                 IRDA_ASSERT(info != NULL, return -1;);
419
420                 /* Assert that this is not the final slot */
421                 if (info->s <= info->S) {
422                         self->slot = irlap_generate_rand_time_slot(info->S,
423                                                                    info->s);
424                         if (self->slot == info->s) {
425                                 discovery_rsp = irlmp_get_discovery_response();
426                                 discovery_rsp->data.daddr = info->daddr;
427
428                                 irlap_send_discovery_xid_frame(self, info->S,
429                                                                self->slot,
430                                                                FALSE,
431                                                                discovery_rsp);
432                                 self->frame_sent = TRUE;
433                         } else
434                                 self->frame_sent = FALSE;
435
436                         /*
437                          * Go to reply state until end of discovery to
438                          * inhibit our own transmissions. Set the timer
439                          * to not stay forever there... Jean II
440                          */
441                         irlap_start_query_timer(self, info->S, info->s);
442                         irlap_next_state(self, LAP_REPLY);
443                 } else {
444                 /* This is the final slot. How is it possible ?
445                  * This would happen is both discoveries are just slightly
446                  * offset (if they are in sync, all packets are lost).
447                  * Most often, all the discovery requests will be received
448                  * in QUERY state (see my comment there), except for the
449                  * last frame that will come here.
450                  * The big trouble when it happen is that active discovery
451                  * doesn't happen, because nobody answer the discoveries
452                  * frame of the other guy, so the log shows up empty.
453                  * What should we do ?
454                  * Not much. It's too late to answer those discovery frames,
455                  * so we just pass the info to IrLMP who will put it in the
456                  * log (and post an event).
457                  * Another cause would be devices that do discovery much
458                  * slower than us, however the latest fixes should minimise
459                  * those cases...
460                  * Jean II
461                  */
462                         IRDA_DEBUG(1, "%s(), Receiving final discovery request, missed the discovery slots :-(\n", __FUNCTION__);
463
464                         /* Last discovery request -> in the log */
465                         irlap_discovery_indication(self, info->discovery);
466                 }
467                 break;
468         case MEDIA_BUSY_TIMER_EXPIRED:
469                 /* A bunch of events may be postponed because the media is
470                  * busy (usually immediately after we close a connection),
471                  * or while we are doing discovery (state query/reply).
472                  * In all those cases, the media busy flag will be cleared
473                  * when it's OK for us to process those postponed events.
474                  * This event is not mentioned in the state machines in the
475                  * IrLAP spec. It's because they didn't consider Ultra and
476                  * postponing connection request is optional.
477                  * Jean II */
478 #ifdef CONFIG_IRDA_ULTRA
479                 /* Send any pending Ultra frames if any */
480                 if (!skb_queue_empty(&self->txq_ultra)) {
481                         /* We don't send the frame, just post an event.
482                          * Also, previously this code was in timer.c...
483                          * Jean II */
484                         ret = (*state[self->state])(self, SEND_UI_FRAME,
485                                                     NULL, NULL);
486                 }
487 #endif /* CONFIG_IRDA_ULTRA */
488                 /* Check if we should try to connect.
489                  * This code was previously in irlap_do_event() */
490                 if (self->connect_pending) {
491                         self->connect_pending = FALSE;
492
493                         /* This one *should* not pend in this state, except
494                          * if a socket try to connect and immediately
495                          * disconnect. - clear - Jean II */
496                         if (self->disconnect_pending)
497                                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
498                         else
499                                 ret = (*state[self->state])(self,
500                                                             CONNECT_REQUEST,
501                                                             NULL, NULL);
502                         self->disconnect_pending = FALSE;
503                 }
504                 /* Note : one way to test if this code works well (including
505                  * media busy and small busy) is to create a user space
506                  * application generating an Ultra packet every 3.05 sec (or
507                  * 2.95 sec) and to see how it interact with discovery.
508                  * It's fairly easy to check that no packet is lost, that the
509                  * packets are postponed during discovery and that after
510                  * discovery indication you have a 100ms "gap".
511                  * As connection request and Ultra are now processed the same
512                  * way, this avoid the tedious job of trying IrLAP connection
513                  * in all those cases...
514                  * Jean II */
515                 break;
516 #ifdef CONFIG_IRDA_ULTRA
517         case SEND_UI_FRAME:
518         {
519                 int i;
520                 /* Only allowed to repeat an operation twice */
521                 for (i=0; ((i<2) && (self->media_busy == FALSE)); i++) {
522                         skb = skb_dequeue(&self->txq_ultra);
523                         if (skb)
524                                 irlap_send_ui_frame(self, skb, CBROADCAST,
525                                                     CMD_FRAME);
526                         else
527                                 break;
528                         /* irlap_send_ui_frame() won't increase skb reference
529                          * count, so no dev_kfree_skb() - Jean II */
530                 }
531                 if (i == 2) {
532                         /* Force us to listen 500 ms again */
533                         irda_device_set_media_busy(self->netdev, TRUE);
534                 }
535                 break;
536         }
537         case RECV_UI_FRAME:
538                 /* Only accept broadcast frames in NDM mode */
539                 if (info->caddr != CBROADCAST) {
540                         IRDA_DEBUG(0, "%s(), not a broadcast frame!\n",
541                                    __FUNCTION__);
542                 } else
543                         irlap_unitdata_indication(self, skb);
544                 break;
545 #endif /* CONFIG_IRDA_ULTRA */
546         case RECV_TEST_CMD:
547                 /* Remove test frame header */
548                 skb_pull(skb, sizeof(struct test_frame));
549
550                 /*
551                  * Send response. This skb will not be sent out again, and
552                  * will only be used to send out the same info as the cmd
553                  */
554                 irlap_send_test_frame(self, CBROADCAST, info->daddr, skb);
555                 break;
556         case RECV_TEST_RSP:
557                 IRDA_DEBUG(0, "%s() not implemented!\n", __FUNCTION__);
558                 break;
559         default:
560                 IRDA_DEBUG(2, "%s(), Unknown event %s\n", __FUNCTION__,
561                            irlap_event[event]);
562
563                 ret = -1;
564                 break;
565         }
566         return ret;
567 }
568
569 /*
570  * Function irlap_state_query (event, skb, info)
571  *
572  *    QUERY state
573  *
574  */
575 static int irlap_state_query(struct irlap_cb *self, IRLAP_EVENT event,
576                              struct sk_buff *skb, struct irlap_info *info)
577 {
578         int ret = 0;
579
580         IRDA_ASSERT(self != NULL, return -1;);
581         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
582
583         switch (event) {
584         case RECV_DISCOVERY_XID_RSP:
585                 IRDA_ASSERT(info != NULL, return -1;);
586                 IRDA_ASSERT(info->discovery != NULL, return -1;);
587
588                 IRDA_DEBUG(4, "%s(), daddr=%08x\n", __FUNCTION__,
589                            info->discovery->data.daddr);
590
591                 if (!self->discovery_log) {
592                         IRDA_WARNING("%s: discovery log is gone! "
593                                      "maybe the discovery timeout has been set"
594                                      " to short?\n", __FUNCTION__);
595                         break;
596                 }
597                 hashbin_insert(self->discovery_log,
598                                (irda_queue_t *) info->discovery,
599                                info->discovery->data.daddr, NULL);
600
601                 /* Keep state */
602                 /* irlap_next_state(self, LAP_QUERY);  */
603
604                 break;
605         case RECV_DISCOVERY_XID_CMD:
606                 /* Yes, it is possible to receive those frames in this mode.
607                  * Note that most often the last discovery request won't
608                  * occur here but in NDM state (see my comment there).
609                  * What should we do ?
610                  * Not much. We are currently performing our own discovery,
611                  * therefore we can't answer those frames. We don't want
612                  * to change state either. We just pass the info to
613                  * IrLMP who will put it in the log (and post an event).
614                  * Jean II
615                  */
616
617                 IRDA_ASSERT(info != NULL, return -1;);
618
619                 IRDA_DEBUG(1, "%s(), Receiving discovery request (s = %d) while performing discovery :-(\n", __FUNCTION__, info->s);
620
621                 /* Last discovery request ? */
622                 if (info->s == 0xff)
623                         irlap_discovery_indication(self, info->discovery);
624                 break;
625         case SLOT_TIMER_EXPIRED:
626                 /*
627                  * Wait a little longer if we detect an incoming frame. This
628                  * is not mentioned in the spec, but is a good thing to do,
629                  * since we want to work even with devices that violate the
630                  * timing requirements.
631                  */
632                 if (irda_device_is_receiving(self->netdev) && !self->add_wait) {
633                         IRDA_DEBUG(2, "%s(), device is slow to answer, "
634                                    "waiting some more!\n", __FUNCTION__);
635                         irlap_start_slot_timer(self, msecs_to_jiffies(10));
636                         self->add_wait = TRUE;
637                         return ret;
638                 }
639                 self->add_wait = FALSE;
640
641                 if (self->s < self->S) {
642                         irlap_send_discovery_xid_frame(self, self->S,
643                                                        self->s, TRUE,
644                                                        self->discovery_cmd);
645                         self->s++;
646                         irlap_start_slot_timer(self, self->slot_timeout);
647
648                         /* Keep state */
649                         irlap_next_state(self, LAP_QUERY);
650                 } else {
651                         /* This is the final slot! */
652                         irlap_send_discovery_xid_frame(self, self->S, 0xff,
653                                                        TRUE,
654                                                        self->discovery_cmd);
655
656                         /* Always switch state before calling upper layers */
657                         irlap_next_state(self, LAP_NDM);
658
659                         /*
660                          *  We are now finished with the discovery procedure,
661                          *  so now we must return the results
662                          */
663                         irlap_discovery_confirm(self, self->discovery_log);
664
665                         /* IrLMP should now have taken care of the log */
666                         self->discovery_log = NULL;
667                 }
668                 break;
669         default:
670                 IRDA_DEBUG(2, "%s(), Unknown event %s\n", __FUNCTION__,
671                            irlap_event[event]);
672
673                 ret = -1;
674                 break;
675         }
676         return ret;
677 }
678
679 /*
680  * Function irlap_state_reply (self, event, skb, info)
681  *
682  *    REPLY, we have received a XID discovery frame from a device and we
683  *    are waiting for the right time slot to send a response XID frame
684  *
685  */
686 static int irlap_state_reply(struct irlap_cb *self, IRLAP_EVENT event,
687                              struct sk_buff *skb, struct irlap_info *info)
688 {
689         discovery_t *discovery_rsp;
690         int ret=0;
691
692         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
693
694         IRDA_ASSERT(self != NULL, return -1;);
695         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
696
697         switch (event) {
698         case QUERY_TIMER_EXPIRED:
699                 IRDA_DEBUG(0, "%s(), QUERY_TIMER_EXPIRED <%ld>\n",
700                            __FUNCTION__, jiffies);
701                 irlap_next_state(self, LAP_NDM);
702                 break;
703         case RECV_DISCOVERY_XID_CMD:
704                 IRDA_ASSERT(info != NULL, return -1;);
705                 /* Last frame? */
706                 if (info->s == 0xff) {
707                         del_timer(&self->query_timer);
708
709                         /* info->log.condition = REMOTE; */
710
711                         /* Always switch state before calling upper layers */
712                         irlap_next_state(self, LAP_NDM);
713
714                         irlap_discovery_indication(self, info->discovery);
715                 } else {
716                         /* If it's our slot, send our reply */
717                         if ((info->s >= self->slot) && (!self->frame_sent)) {
718                                 discovery_rsp = irlmp_get_discovery_response();
719                                 discovery_rsp->data.daddr = info->daddr;
720
721                                 irlap_send_discovery_xid_frame(self, info->S,
722                                                                self->slot,
723                                                                FALSE,
724                                                                discovery_rsp);
725
726                                 self->frame_sent = TRUE;
727                         }
728                         /* Readjust our timer to accomodate devices
729                          * doing faster or slower discovery than us...
730                          * Jean II */
731                         irlap_start_query_timer(self, info->S, info->s);
732
733                         /* Keep state */
734                         //irlap_next_state(self, LAP_REPLY);
735                 }
736                 break;
737         default:
738                 IRDA_DEBUG(1, "%s(), Unknown event %d, %s\n", __FUNCTION__,
739                            event, irlap_event[event]);
740
741                 ret = -1;
742                 break;
743         }
744         return ret;
745 }
746
747 /*
748  * Function irlap_state_conn (event, skb, info)
749  *
750  *    CONN, we have received a SNRM command and is waiting for the upper
751  *    layer to accept or refuse connection
752  *
753  */
754 static int irlap_state_conn(struct irlap_cb *self, IRLAP_EVENT event,
755                             struct sk_buff *skb, struct irlap_info *info)
756 {
757         int ret = 0;
758
759         IRDA_DEBUG(4, "%s(), event=%s\n", __FUNCTION__, irlap_event[ event]);
760
761         IRDA_ASSERT(self != NULL, return -1;);
762         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
763
764         switch (event) {
765         case CONNECT_RESPONSE:
766                 skb_pull(skb, sizeof(struct snrm_frame));
767
768                 IRDA_ASSERT(self->netdev != NULL, return -1;);
769
770                 irlap_qos_negotiate(self, skb);
771
772                 irlap_initiate_connection_state(self);
773
774                 /*
775                  * Applying the parameters now will make sure we change speed
776                  * *after* we have sent the next frame
777                  */
778                 irlap_apply_connection_parameters(self, FALSE);
779
780                 /*
781                  * Sending this frame will force a speed change after it has
782                  * been sent (i.e. the frame will be sent at 9600).
783                  */
784                 irlap_send_ua_response_frame(self, &self->qos_rx);
785
786 #if 0
787                 /*
788                  * We are allowed to send two frames, but this may increase
789                  * the connect latency, so lets not do it for now.
790                  */
791                 /* This is full of good intentions, but doesn't work in
792                  * practice.
793                  * After sending the first UA response, we switch the
794                  * dongle to the negotiated speed, which is usually
795                  * different than 9600 kb/s.
796                  * From there, there is two solutions :
797                  * 1) The other end has received the first UA response :
798                  * it will set up the connection, move to state LAP_NRM_P,
799                  * and will ignore and drop the second UA response.
800                  * Actually, it's even worse : the other side will almost
801                  * immediately send a RR that will likely collide with the
802                  * UA response (depending on negotiated turnaround).
803                  * 2) The other end has not received the first UA response,
804                  * will stay at 9600 and will never see the second UA response.
805                  * Jean II */
806                 irlap_send_ua_response_frame(self, &self->qos_rx);
807 #endif
808
809                 /*
810                  *  The WD-timer could be set to the duration of the P-timer
811                  *  for this case, but it is recommended to use twice the
812                  *  value (note 3 IrLAP p. 60).
813                  */
814                 irlap_start_wd_timer(self, self->wd_timeout);
815                 irlap_next_state(self, LAP_NRM_S);
816
817                 break;
818         case RECV_DISCOVERY_XID_CMD:
819                 IRDA_DEBUG(3, "%s(), event RECV_DISCOVER_XID_CMD!\n",
820                            __FUNCTION__);
821                 irlap_next_state(self, LAP_NDM);
822
823                 break;
824         case DISCONNECT_REQUEST:
825                 IRDA_DEBUG(0, "%s(), Disconnect request!\n", __FUNCTION__);
826                 irlap_send_dm_frame(self);
827                 irlap_next_state( self, LAP_NDM);
828                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
829                 break;
830         default:
831                 IRDA_DEBUG(1, "%s(), Unknown event %d, %s\n", __FUNCTION__, 
832                            event, irlap_event[event]);
833
834                 ret = -1;
835                 break;
836         }
837
838         return ret;
839 }
840
841 /*
842  * Function irlap_state_setup (event, skb, frame)
843  *
844  *    SETUP state, The local layer has transmitted a SNRM command frame to
845  *    a remote peer layer and is awaiting a reply .
846  *
847  */
848 static int irlap_state_setup(struct irlap_cb *self, IRLAP_EVENT event,
849                              struct sk_buff *skb, struct irlap_info *info)
850 {
851         int ret = 0;
852
853         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
854
855         IRDA_ASSERT(self != NULL, return -1;);
856         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
857
858         switch (event) {
859         case FINAL_TIMER_EXPIRED:
860                 if (self->retry_count < self->N3) {
861 /*
862  *  Perform random backoff, Wait a random number of time units, minimum
863  *  duration half the time taken to transmitt a SNRM frame, maximum duration
864  *  1.5 times the time taken to transmit a SNRM frame. So this time should
865  *  between 15 msecs and 45 msecs.
866  */
867                         irlap_start_backoff_timer(self, msecs_to_jiffies(20 +
868                                                         (jiffies % 30)));
869                 } else {
870                         /* Always switch state before calling upper layers */
871                         irlap_next_state(self, LAP_NDM);
872
873                         irlap_disconnect_indication(self, LAP_FOUND_NONE);
874                 }
875                 break;
876         case BACKOFF_TIMER_EXPIRED:
877                 irlap_send_snrm_frame(self, &self->qos_rx);
878                 irlap_start_final_timer(self, self->final_timeout);
879                 self->retry_count++;
880                 break;
881         case RECV_SNRM_CMD:
882                 IRDA_DEBUG(4, "%s(), SNRM battle!\n", __FUNCTION__);
883
884                 IRDA_ASSERT(skb != NULL, return 0;);
885                 IRDA_ASSERT(info != NULL, return 0;);
886
887                 /*
888                  *  The device with the largest device address wins the battle
889                  *  (both have sent a SNRM command!)
890                  */
891                 if (info &&(info->daddr > self->saddr)) {
892                         del_timer(&self->final_timer);
893                         irlap_initiate_connection_state(self);
894
895                         IRDA_ASSERT(self->netdev != NULL, return -1;);
896
897                         skb_pull(skb, sizeof(struct snrm_frame));
898
899                         irlap_qos_negotiate(self, skb);
900
901                         /* Send UA frame and then change link settings */
902                         irlap_apply_connection_parameters(self, FALSE);
903                         irlap_send_ua_response_frame(self, &self->qos_rx);
904
905                         irlap_next_state(self, LAP_NRM_S);
906                         irlap_connect_confirm(self, skb);
907
908                         /*
909                          *  The WD-timer could be set to the duration of the
910                          *  P-timer for this case, but it is recommended
911                          *  to use twice the value (note 3 IrLAP p. 60).
912                          */
913                         irlap_start_wd_timer(self, self->wd_timeout);
914                 } else {
915                         /* We just ignore the other device! */
916                         irlap_next_state(self, LAP_SETUP);
917                 }
918                 break;
919         case RECV_UA_RSP:
920                 /* Stop F-timer */
921                 del_timer(&self->final_timer);
922
923                 /* Initiate connection state */
924                 irlap_initiate_connection_state(self);
925
926                 /* Negotiate connection parameters */
927                 IRDA_ASSERT(skb->len > 10, return -1;);
928
929                 skb_pull(skb, sizeof(struct ua_frame));
930
931                 IRDA_ASSERT(self->netdev != NULL, return -1;);
932
933                 irlap_qos_negotiate(self, skb);
934
935                 /* Set the new link setting *now* (before the rr frame) */
936                 irlap_apply_connection_parameters(self, TRUE);
937                 self->retry_count = 0;
938
939                 /* Wait for turnaround time to give a chance to the other
940                  * device to be ready to receive us.
941                  * Note : the time to switch speed is typically larger
942                  * than the turnaround time, but as we don't have the other
943                  * side speed switch time, that's our best guess...
944                  * Jean II */
945                 irlap_wait_min_turn_around(self, &self->qos_tx);
946
947                 /* This frame will actually be sent at the new speed */
948                 irlap_send_rr_frame(self, CMD_FRAME);
949
950                 /* The timer is set to half the normal timer to quickly
951                  * detect a failure to negociate the new connection
952                  * parameters. IrLAP 6.11.3.2, note 3.
953                  * Note that currently we don't process this failure
954                  * properly, as we should do a quick disconnect.
955                  * Jean II */
956                 irlap_start_final_timer(self, self->final_timeout/2);
957                 irlap_next_state(self, LAP_NRM_P);
958
959                 irlap_connect_confirm(self, skb);
960                 break;
961         case RECV_DM_RSP:     /* FALLTHROUGH */
962         case RECV_DISC_CMD:
963                 del_timer(&self->final_timer);
964                 irlap_next_state(self, LAP_NDM);
965
966                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
967                 break;
968         default:
969                 IRDA_DEBUG(1, "%s(), Unknown event %d, %s\n", __FUNCTION__,
970                            event, irlap_event[event]);
971
972                 ret = -1;
973                 break;
974         }
975         return ret;
976 }
977
978 /*
979  * Function irlap_state_offline (self, event, skb, info)
980  *
981  *    OFFLINE state, not used for now!
982  *
983  */
984 static int irlap_state_offline(struct irlap_cb *self, IRLAP_EVENT event,
985                                struct sk_buff *skb, struct irlap_info *info)
986 {
987         IRDA_DEBUG( 0, "%s(), Unknown event\n", __FUNCTION__);
988
989         return -1;
990 }
991
992 /*
993  * Function irlap_state_xmit_p (self, event, skb, info)
994  *
995  *    XMIT, Only the primary station has right to transmit, and we
996  *    therefore do not expect to receive any transmissions from other
997  *    stations.
998  *
999  */
1000 static int irlap_state_xmit_p(struct irlap_cb *self, IRLAP_EVENT event,
1001                               struct sk_buff *skb, struct irlap_info *info)
1002 {
1003         int ret = 0;
1004
1005         switch (event) {
1006         case SEND_I_CMD:
1007                 /*
1008                  *  Only send frame if send-window > 0.
1009                  */
1010                 if ((self->window > 0) && (!self->remote_busy)) {
1011                         int nextfit;
1012 #ifdef CONFIG_IRDA_DYNAMIC_WINDOW
1013                         struct sk_buff *skb_next;
1014
1015                         /* With DYNAMIC_WINDOW, we keep the window size
1016                          * maximum, and adapt on the packets we are sending.
1017                          * At 115k, we can send only 2 packets of 2048 bytes
1018                          * in a 500 ms turnaround. Without this option, we
1019                          * would always limit the window to 2. With this
1020                          * option, if we send smaller packets, we can send
1021                          * up to 7 of them (always depending on QoS).
1022                          * Jean II */
1023
1024                         /* Look at the next skb. This is safe, as we are
1025                          * the only consumer of the Tx queue (if we are not,
1026                          * we have other problems) - Jean II */
1027                         skb_next = skb_peek(&self->txq);
1028
1029                         /* Check if a subsequent skb exist and would fit in
1030                          * the current window (with respect to turnaround
1031                          * time).
1032                          * This allow us to properly mark the current packet
1033                          * with the pf bit, to avoid falling back on the
1034                          * second test below, and avoid waiting the
1035                          * end of the window and sending a extra RR.
1036                          * Note : (skb_next != NULL) <=> (skb_queue_len() > 0)
1037                          * Jean II */
1038                         nextfit = ((skb_next != NULL) &&
1039                                    ((skb_next->len + skb->len) <=
1040                                     self->bytes_left));
1041
1042                         /*
1043                          * The current packet may not fit ! Because of test
1044                          * above, this should not happen any more !!!
1045                          *  Test if we have transmitted more bytes over the
1046                          *  link than its possible to do with the current
1047                          *  speed and turn-around-time.
1048                          */
1049                         if((!nextfit) && (skb->len > self->bytes_left)) {
1050                                 IRDA_DEBUG(0, "%s(), Not allowed to transmit"
1051                                            " more bytes!\n", __FUNCTION__);
1052                                 /* Requeue the skb */
1053                                 skb_queue_head(&self->txq, skb_get(skb));
1054                                 /*
1055                                  *  We should switch state to LAP_NRM_P, but
1056                                  *  that is not possible since we must be sure
1057                                  *  that we poll the other side. Since we have
1058                                  *  used up our time, the poll timer should
1059                                  *  trigger anyway now, so we just wait for it
1060                                  *  DB
1061                                  */
1062                                 /*
1063                                  * Sorry, but that's not totally true. If
1064                                  * we send 2000B packets, we may wait another
1065                                  * 1000B until our turnaround expire. That's
1066                                  * why we need to be proactive in avoiding
1067                                  * coming here. - Jean II
1068                                  */
1069                                 return -EPROTO;
1070                         }
1071
1072                         /* Substract space used by this skb */
1073                         self->bytes_left -= skb->len;
1074 #else   /* CONFIG_IRDA_DYNAMIC_WINDOW */
1075                         /* Window has been adjusted for the max packet
1076                          * size, so much simpler... - Jean II */
1077                         nextfit = !skb_queue_empty(&self->txq);
1078 #endif  /* CONFIG_IRDA_DYNAMIC_WINDOW */
1079                         /*
1080                          *  Send data with poll bit cleared only if window > 1
1081                          *  and there is more frames after this one to be sent
1082                          */
1083                         if ((self->window > 1) && (nextfit)) {
1084                                 /* More packet to send in current window */
1085                                 irlap_send_data_primary(self, skb);
1086                                 irlap_next_state(self, LAP_XMIT_P);
1087                         } else {
1088                                 /* Final packet of window */
1089                                 irlap_send_data_primary_poll(self, skb);
1090                                 irlap_next_state(self, LAP_NRM_P);
1091
1092                                 /*
1093                                  * Make sure state machine does not try to send
1094                                  * any more frames
1095                                  */
1096                                 ret = -EPROTO;
1097                         }
1098 #ifdef CONFIG_IRDA_FAST_RR
1099                         /* Peer may want to reply immediately */
1100                         self->fast_RR = FALSE;
1101 #endif /* CONFIG_IRDA_FAST_RR */
1102                 } else {
1103                         IRDA_DEBUG(4, "%s(), Unable to send! remote busy?\n",
1104                                    __FUNCTION__);
1105                         skb_queue_head(&self->txq, skb_get(skb));
1106
1107                         /*
1108                          *  The next ret is important, because it tells
1109                          *  irlap_next_state _not_ to deliver more frames
1110                          */
1111                         ret = -EPROTO;
1112                 }
1113                 break;
1114         case POLL_TIMER_EXPIRED:
1115                 IRDA_DEBUG(3, "%s(), POLL_TIMER_EXPIRED <%ld>\n",
1116                             __FUNCTION__, jiffies);
1117                 irlap_send_rr_frame(self, CMD_FRAME);
1118                 /* Return to NRM properly - Jean II  */
1119                 self->window = self->window_size;
1120 #ifdef CONFIG_IRDA_DYNAMIC_WINDOW
1121                 /* Allowed to transmit a maximum number of bytes again. */
1122                 self->bytes_left = self->line_capacity;
1123 #endif /* CONFIG_IRDA_DYNAMIC_WINDOW */
1124                 irlap_start_final_timer(self, self->final_timeout);
1125                 irlap_next_state(self, LAP_NRM_P);
1126                 break;
1127         case DISCONNECT_REQUEST:
1128                 del_timer(&self->poll_timer);
1129                 irlap_wait_min_turn_around(self, &self->qos_tx);
1130                 irlap_send_disc_frame(self);
1131                 irlap_flush_all_queues(self);
1132                 irlap_start_final_timer(self, self->final_timeout);
1133                 self->retry_count = 0;
1134                 irlap_next_state(self, LAP_PCLOSE);
1135                 break;
1136         case DATA_REQUEST:
1137                 /* Nothing to do, irlap_do_event() will send the packet
1138                  * when we return... - Jean II */
1139                 break;
1140         default:
1141                 IRDA_DEBUG(0, "%s(), Unknown event %s\n",
1142                            __FUNCTION__, irlap_event[event]);
1143
1144                 ret = -EINVAL;
1145                 break;
1146         }
1147         return ret;
1148 }
1149
1150 /*
1151  * Function irlap_state_pclose (event, skb, info)
1152  *
1153  *    PCLOSE state
1154  */
1155 static int irlap_state_pclose(struct irlap_cb *self, IRLAP_EVENT event,
1156                               struct sk_buff *skb, struct irlap_info *info)
1157 {
1158         int ret = 0;
1159
1160         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
1161
1162         IRDA_ASSERT(self != NULL, return -1;);
1163         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
1164
1165         switch (event) {
1166         case RECV_UA_RSP: /* FALLTHROUGH */
1167         case RECV_DM_RSP:
1168                 del_timer(&self->final_timer);
1169
1170                 /* Set new link parameters */
1171                 irlap_apply_default_connection_parameters(self);
1172
1173                 /* Always switch state before calling upper layers */
1174                 irlap_next_state(self, LAP_NDM);
1175
1176                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
1177                 break;
1178         case FINAL_TIMER_EXPIRED:
1179                 if (self->retry_count < self->N3) {
1180                         irlap_wait_min_turn_around(self, &self->qos_tx);
1181                         irlap_send_disc_frame(self);
1182                         irlap_start_final_timer(self, self->final_timeout);
1183                         self->retry_count++;
1184                         /* Keep state */
1185                 } else {
1186                         irlap_apply_default_connection_parameters(self);
1187
1188                         /*  Always switch state before calling upper layers */
1189                         irlap_next_state(self, LAP_NDM);
1190
1191                         irlap_disconnect_indication(self, LAP_NO_RESPONSE);
1192                 }
1193                 break;
1194         default:
1195                 IRDA_DEBUG(1, "%s(), Unknown event %d\n", __FUNCTION__, event);
1196
1197                 ret = -1;
1198                 break;
1199         }
1200         return ret;
1201 }
1202
1203 /*
1204  * Function irlap_state_nrm_p (self, event, skb, info)
1205  *
1206  *   NRM_P (Normal Response Mode as Primary), The primary station has given
1207  *   permissions to a secondary station to transmit IrLAP resonse frames
1208  *   (by sending a frame with the P bit set). The primary station will not
1209  *   transmit any frames and is expecting to receive frames only from the
1210  *   secondary to which transmission permissions has been given.
1211  */
1212 static int irlap_state_nrm_p(struct irlap_cb *self, IRLAP_EVENT event,
1213                              struct sk_buff *skb, struct irlap_info *info)
1214 {
1215         int ret = 0;
1216         int ns_status;
1217         int nr_status;
1218
1219         switch (event) {
1220         case RECV_I_RSP: /* Optimize for the common case */
1221                 /* FIXME: must check for remote_busy below */
1222 #ifdef CONFIG_IRDA_FAST_RR
1223                 /*
1224                  *  Reset the fast_RR so we can use the fast RR code with
1225                  *  full speed the next time since peer may have more frames
1226                  *  to transmitt
1227                  */
1228                 self->fast_RR = FALSE;
1229 #endif /* CONFIG_IRDA_FAST_RR */
1230                 IRDA_ASSERT( info != NULL, return -1;);
1231
1232                 ns_status = irlap_validate_ns_received(self, info->ns);
1233                 nr_status = irlap_validate_nr_received(self, info->nr);
1234
1235                 /*
1236                  *  Check for expected I(nformation) frame
1237                  */
1238                 if ((ns_status == NS_EXPECTED) && (nr_status == NR_EXPECTED)) {
1239
1240                         /* Update Vr (next frame for us to receive) */
1241                         self->vr = (self->vr + 1) % 8;
1242
1243                         /* Update Nr received, cleanup our retry queue */
1244                         irlap_update_nr_received(self, info->nr);
1245
1246                         /*
1247                          *  Got expected NR, so reset the
1248                          *  retry_count. This is not done by IrLAP spec,
1249                          *  which is strange!
1250                          */
1251                         self->retry_count = 0;
1252                         self->ack_required = TRUE;
1253
1254                         /*  poll bit cleared?  */
1255                         if (!info->pf) {
1256                                 /* Keep state, do not move this line */
1257                                 irlap_next_state(self, LAP_NRM_P);
1258
1259                                 irlap_data_indication(self, skb, FALSE);
1260                         } else {
1261                                 /* No longer waiting for pf */
1262                                 del_timer(&self->final_timer);
1263
1264                                 irlap_wait_min_turn_around(self, &self->qos_tx);
1265
1266                                 /* Call higher layer *before* changing state
1267                                  * to give them a chance to send data in the
1268                                  * next LAP frame.
1269                                  * Jean II */
1270                                 irlap_data_indication(self, skb, FALSE);
1271
1272                                 /* XMIT states are the most dangerous state
1273                                  * to be in, because user requests are
1274                                  * processed directly and may change state.
1275                                  * On the other hand, in NDM_P, those
1276                                  * requests are queued and we will process
1277                                  * them when we return to irlap_do_event().
1278                                  * Jean II
1279                                  */
1280                                 irlap_next_state(self, LAP_XMIT_P);
1281
1282                                 /* This is the last frame.
1283                                  * Make sure it's always called in XMIT state.
1284                                  * - Jean II */
1285                                 irlap_start_poll_timer(self, self->poll_timeout);
1286                         }
1287                         break;
1288
1289                 }
1290                 /* Unexpected next to send (Ns) */
1291                 if ((ns_status == NS_UNEXPECTED) && (nr_status == NR_EXPECTED))
1292                 {
1293                         if (!info->pf) {
1294                                 irlap_update_nr_received(self, info->nr);
1295
1296                                 /*
1297                                  *  Wait until the last frame before doing
1298                                  *  anything
1299                                  */
1300
1301                                 /* Keep state */
1302                                 irlap_next_state(self, LAP_NRM_P);
1303                         } else {
1304                                 IRDA_DEBUG(4,
1305                                        "%s(), missing or duplicate frame!\n",
1306                                            __FUNCTION__);
1307
1308                                 /* Update Nr received */
1309                                 irlap_update_nr_received(self, info->nr);
1310
1311                                 irlap_wait_min_turn_around(self, &self->qos_tx);
1312                                 irlap_send_rr_frame(self, CMD_FRAME);
1313
1314                                 self->ack_required = FALSE;
1315
1316                                 irlap_start_final_timer(self, self->final_timeout);
1317                                 irlap_next_state(self, LAP_NRM_P);
1318                         }
1319                         break;
1320                 }
1321                 /*
1322                  *  Unexpected next to receive (Nr)
1323                  */
1324                 if ((ns_status == NS_EXPECTED) && (nr_status == NR_UNEXPECTED))
1325                 {
1326                         if (info->pf) {
1327                                 self->vr = (self->vr + 1) % 8;
1328
1329                                 /* Update Nr received */
1330                                 irlap_update_nr_received(self, info->nr);
1331
1332                                 /* Resend rejected frames */
1333                                 irlap_resend_rejected_frames(self, CMD_FRAME);
1334
1335                                 self->ack_required = FALSE;
1336
1337                                 /* Make sure we account for the time
1338                                  * to transmit our frames. See comemnts
1339                                  * in irlap_send_data_primary_poll().
1340                                  * Jean II */
1341                                 irlap_start_final_timer(self, 2 * self->final_timeout);
1342
1343                                 /* Keep state, do not move this line */
1344                                 irlap_next_state(self, LAP_NRM_P);
1345
1346                                 irlap_data_indication(self, skb, FALSE);
1347                         } else {
1348                                 /*
1349                                  *  Do not resend frames until the last
1350                                  *  frame has arrived from the other
1351                                  *  device. This is not documented in
1352                                  *  IrLAP!!
1353                                  */
1354                                 self->vr = (self->vr + 1) % 8;
1355
1356                                 /* Update Nr received */
1357                                 irlap_update_nr_received(self, info->nr);
1358
1359                                 self->ack_required = FALSE;
1360
1361                                 /* Keep state, do not move this line!*/
1362                                 irlap_next_state(self, LAP_NRM_P);
1363
1364                                 irlap_data_indication(self, skb, FALSE);
1365                         }
1366                         break;
1367                 }
1368                 /*
1369                  *  Unexpected next to send (Ns) and next to receive (Nr)
1370                  *  Not documented by IrLAP!
1371                  */
1372                 if ((ns_status == NS_UNEXPECTED) &&
1373                     (nr_status == NR_UNEXPECTED))
1374                 {
1375                         IRDA_DEBUG(4, "%s(), unexpected nr and ns!\n",
1376                                    __FUNCTION__);
1377                         if (info->pf) {
1378                                 /* Resend rejected frames */
1379                                 irlap_resend_rejected_frames(self, CMD_FRAME);
1380
1381                                 /* Give peer some time to retransmit! 
1382                                  * But account for our own Tx. */
1383                                 irlap_start_final_timer(self, 2 * self->final_timeout);
1384
1385                                 /* Keep state, do not move this line */
1386                                 irlap_next_state(self, LAP_NRM_P);
1387                         } else {
1388                                 /* Update Nr received */
1389                                 /* irlap_update_nr_received( info->nr); */
1390
1391                                 self->ack_required = FALSE;
1392                         }
1393                         break;
1394                 }
1395
1396                 /*
1397                  *  Invalid NR or NS
1398                  */
1399                 if ((nr_status == NR_INVALID) || (ns_status == NS_INVALID)) {
1400                         if (info->pf) {
1401                                 del_timer(&self->final_timer);
1402
1403                                 irlap_next_state(self, LAP_RESET_WAIT);
1404
1405                                 irlap_disconnect_indication(self, LAP_RESET_INDICATION);
1406                                 self->xmitflag = TRUE;
1407                         } else {
1408                                 del_timer(&self->final_timer);
1409
1410                                 irlap_disconnect_indication(self, LAP_RESET_INDICATION);
1411
1412                                 self->xmitflag = FALSE;
1413                         }
1414                         break;
1415                 }
1416                 IRDA_DEBUG(1, "%s(), Not implemented!\n", __FUNCTION__);
1417                 IRDA_DEBUG(1, "%s(), event=%s, ns_status=%d, nr_status=%d\n",
1418                        __FUNCTION__, irlap_event[event], ns_status, nr_status);
1419                 break;
1420         case RECV_UI_FRAME:
1421                 /* Poll bit cleared? */
1422                 if (!info->pf) {
1423                         irlap_data_indication(self, skb, TRUE);
1424                         irlap_next_state(self, LAP_NRM_P);
1425                 } else {
1426                         del_timer(&self->final_timer);
1427                         irlap_data_indication(self, skb, TRUE);
1428                         irlap_next_state(self, LAP_XMIT_P);
1429                         IRDA_DEBUG(1, "%s: RECV_UI_FRAME: next state %s\n", __FUNCTION__, irlap_state[self->state]);
1430                         irlap_start_poll_timer(self, self->poll_timeout);
1431                 }
1432                 break;
1433         case RECV_RR_RSP:
1434                 /*
1435                  *  If you get a RR, the remote isn't busy anymore,
1436                  *  no matter what the NR
1437                  */
1438                 self->remote_busy = FALSE;
1439
1440                 /*
1441                  *  Nr as expected?
1442                  */
1443                 ret = irlap_validate_nr_received(self, info->nr);
1444                 if (ret == NR_EXPECTED) {
1445                         /* Stop final timer */
1446                         del_timer(&self->final_timer);
1447
1448                         /* Update Nr received */
1449                         irlap_update_nr_received(self, info->nr);
1450
1451                         /*
1452                          *  Got expected NR, so reset the retry_count. This
1453                          *  is not done by the IrLAP standard , which is
1454                          *  strange! DB.
1455                          */
1456                         self->retry_count = 0;
1457                         irlap_wait_min_turn_around(self, &self->qos_tx);
1458
1459                         irlap_next_state(self, LAP_XMIT_P);
1460
1461                         /* Start poll timer */
1462                         irlap_start_poll_timer(self, self->poll_timeout);
1463                 } else if (ret == NR_UNEXPECTED) {
1464                         IRDA_ASSERT(info != NULL, return -1;);
1465                         /*
1466                          *  Unexpected nr!
1467                          */
1468
1469                         /* Update Nr received */
1470                         irlap_update_nr_received(self, info->nr);
1471
1472                         IRDA_DEBUG(4, "RECV_RR_FRAME: Retrans:%d, nr=%d, va=%d, "
1473                               "vs=%d, vr=%d\n",
1474                               self->retry_count, info->nr, self->va,
1475                               self->vs, self->vr);
1476
1477                         /* Resend rejected frames */
1478                         irlap_resend_rejected_frames(self, CMD_FRAME);
1479
1480                         /* Final timer ??? Jean II */
1481
1482                         irlap_next_state(self, LAP_NRM_P);
1483                 } else if (ret == NR_INVALID) {
1484                         IRDA_DEBUG(1, "%s(), Received RR with "
1485                                    "invalid nr !\n", __FUNCTION__);
1486                         del_timer(&self->final_timer);
1487
1488                         irlap_next_state(self, LAP_RESET_WAIT);
1489
1490                         irlap_disconnect_indication(self, LAP_RESET_INDICATION);
1491                         self->xmitflag = TRUE;
1492                 }
1493                 break;
1494         case RECV_RNR_RSP:
1495                 IRDA_ASSERT(info != NULL, return -1;);
1496
1497                 /* Stop final timer */
1498                 del_timer(&self->final_timer);
1499                 self->remote_busy = TRUE;
1500
1501                 /* Update Nr received */
1502                 irlap_update_nr_received(self, info->nr);
1503                 irlap_next_state(self, LAP_XMIT_P);
1504
1505                 /* Start poll timer */
1506                 irlap_start_poll_timer(self, self->poll_timeout);
1507                 break;
1508         case RECV_FRMR_RSP:
1509                 del_timer(&self->final_timer);
1510                 self->xmitflag = TRUE;
1511                 irlap_next_state(self, LAP_RESET_WAIT);
1512                 irlap_reset_indication(self);
1513                 break;
1514         case FINAL_TIMER_EXPIRED:
1515                 /*
1516                  *  We are allowed to wait for additional 300 ms if
1517                  *  final timer expires when we are in the middle
1518                  *  of receiving a frame (page 45, IrLAP). Check that
1519                  *  we only do this once for each frame.
1520                  */
1521                 if (irda_device_is_receiving(self->netdev) && !self->add_wait) {
1522                         IRDA_DEBUG(1, "FINAL_TIMER_EXPIRED when receiving a "
1523                               "frame! Waiting a little bit more!\n");
1524                         irlap_start_final_timer(self, msecs_to_jiffies(300));
1525
1526                         /*
1527                          *  Don't allow this to happen one more time in a row,
1528                          *  or else we can get a pretty tight loop here if
1529                          *  if we only receive half a frame. DB.
1530                          */
1531                         self->add_wait = TRUE;
1532                         break;
1533                 }
1534                 self->add_wait = FALSE;
1535
1536                 /* N2 is the disconnect timer. Until we reach it, we retry */
1537                 if (self->retry_count < self->N2) {
1538                         /* Retry sending the pf bit to the secondary */
1539                         irlap_wait_min_turn_around(self, &self->qos_tx);
1540                         irlap_send_rr_frame(self, CMD_FRAME);
1541
1542                         irlap_start_final_timer(self, self->final_timeout);
1543                         self->retry_count++;
1544                         IRDA_DEBUG(4, "irlap_state_nrm_p: FINAL_TIMER_EXPIRED:"
1545                                    " retry_count=%d\n", self->retry_count);
1546
1547                         /* Early warning event. I'm using a pretty liberal
1548                          * interpretation of the spec and generate an event
1549                          * every time the timer is multiple of N1 (and not
1550                          * only the first time). This allow application
1551                          * to know precisely if connectivity restart...
1552                          * Jean II */
1553                         if((self->retry_count % self->N1) == 0)
1554                                 irlap_status_indication(self,
1555                                                         STATUS_NO_ACTIVITY);
1556
1557                         /* Keep state */
1558                 } else {
1559                         irlap_apply_default_connection_parameters(self);
1560
1561                         /* Always switch state before calling upper layers */
1562                         irlap_next_state(self, LAP_NDM);
1563                         irlap_disconnect_indication(self, LAP_NO_RESPONSE);
1564                 }
1565                 break;
1566         case RECV_REJ_RSP:
1567                 irlap_update_nr_received(self, info->nr);
1568                 if (self->remote_busy) {
1569                         irlap_wait_min_turn_around(self, &self->qos_tx);
1570                         irlap_send_rr_frame(self, CMD_FRAME);
1571                 } else
1572                         irlap_resend_rejected_frames(self, CMD_FRAME);
1573                 irlap_start_final_timer(self, 2 * self->final_timeout);
1574                 break;
1575         case RECV_SREJ_RSP:
1576                 irlap_update_nr_received(self, info->nr);
1577                 if (self->remote_busy) {
1578                         irlap_wait_min_turn_around(self, &self->qos_tx);
1579                         irlap_send_rr_frame(self, CMD_FRAME);
1580                 } else
1581                         irlap_resend_rejected_frame(self, CMD_FRAME);
1582                 irlap_start_final_timer(self, 2 * self->final_timeout);
1583                 break;
1584         case RECV_RD_RSP:
1585                 IRDA_DEBUG(1, "%s(), RECV_RD_RSP\n", __FUNCTION__);
1586
1587                 irlap_flush_all_queues(self);
1588                 irlap_next_state(self, LAP_XMIT_P);
1589                 /* Call back the LAP state machine to do a proper disconnect */
1590                 irlap_disconnect_request(self);
1591                 break;
1592         default:
1593                 IRDA_DEBUG(1, "%s(), Unknown event %s\n",
1594                             __FUNCTION__, irlap_event[event]);
1595
1596                 ret = -1;
1597                 break;
1598         }
1599         return ret;
1600 }
1601
1602 /*
1603  * Function irlap_state_reset_wait (event, skb, info)
1604  *
1605  *    We have informed the service user of a reset condition, and is
1606  *    awaiting reset of disconnect request.
1607  *
1608  */
1609 static int irlap_state_reset_wait(struct irlap_cb *self, IRLAP_EVENT event,
1610                                   struct sk_buff *skb, struct irlap_info *info)
1611 {
1612         int ret = 0;
1613
1614         IRDA_DEBUG(3, "%s(), event = %s\n", __FUNCTION__, irlap_event[event]);
1615
1616         IRDA_ASSERT(self != NULL, return -1;);
1617         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
1618
1619         switch (event) {
1620         case RESET_REQUEST:
1621                 if (self->xmitflag) {
1622                         irlap_wait_min_turn_around(self, &self->qos_tx);
1623                         irlap_send_snrm_frame(self, NULL);
1624                         irlap_start_final_timer(self, self->final_timeout);
1625                         irlap_next_state(self, LAP_RESET);
1626                 } else {
1627                         irlap_start_final_timer(self, self->final_timeout);
1628                         irlap_next_state(self, LAP_RESET);
1629                 }
1630                 break;
1631         case DISCONNECT_REQUEST:
1632                 irlap_wait_min_turn_around( self, &self->qos_tx);
1633                 irlap_send_disc_frame( self);
1634                 irlap_flush_all_queues( self);
1635                 irlap_start_final_timer( self, self->final_timeout);
1636                 self->retry_count = 0;
1637                 irlap_next_state( self, LAP_PCLOSE);
1638                 break;
1639         default:
1640                 IRDA_DEBUG(2, "%s(), Unknown event %s\n", __FUNCTION__,
1641                            irlap_event[event]);
1642
1643                 ret = -1;
1644                 break;
1645         }
1646         return ret;
1647 }
1648
1649 /*
1650  * Function irlap_state_reset (self, event, skb, info)
1651  *
1652  *    We have sent a SNRM reset command to the peer layer, and is awaiting
1653  *    reply.
1654  *
1655  */
1656 static int irlap_state_reset(struct irlap_cb *self, IRLAP_EVENT event,
1657                              struct sk_buff *skb, struct irlap_info *info)
1658 {
1659         int ret = 0;
1660
1661         IRDA_DEBUG(3, "%s(), event = %s\n", __FUNCTION__, irlap_event[event]);
1662
1663         IRDA_ASSERT(self != NULL, return -1;);
1664         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
1665
1666         switch (event) {
1667         case RECV_DISC_CMD:
1668                 del_timer(&self->final_timer);
1669
1670                 irlap_apply_default_connection_parameters(self);
1671
1672                 /* Always switch state before calling upper layers */
1673                 irlap_next_state(self, LAP_NDM);
1674
1675                 irlap_disconnect_indication(self, LAP_NO_RESPONSE);
1676
1677                 break;
1678         case RECV_UA_RSP:
1679                 del_timer(&self->final_timer);
1680
1681                 /* Initiate connection state */
1682                 irlap_initiate_connection_state(self);
1683
1684                 irlap_reset_confirm();
1685
1686                 self->remote_busy = FALSE;
1687
1688                 irlap_next_state(self, LAP_XMIT_P);
1689
1690                 irlap_start_poll_timer(self, self->poll_timeout);
1691
1692                 break;
1693         case FINAL_TIMER_EXPIRED:
1694                 if (self->retry_count < 3) {
1695                         irlap_wait_min_turn_around(self, &self->qos_tx);
1696
1697                         IRDA_ASSERT(self->netdev != NULL, return -1;);
1698                         irlap_send_snrm_frame(self, self->qos_dev);
1699
1700                         self->retry_count++; /* Experimental!! */
1701
1702                         irlap_start_final_timer(self, self->final_timeout);
1703                         irlap_next_state(self, LAP_RESET);
1704                 } else if (self->retry_count >= self->N3) {
1705                         irlap_apply_default_connection_parameters(self);
1706
1707                         /* Always switch state before calling upper layers */
1708                         irlap_next_state(self, LAP_NDM);
1709
1710                         irlap_disconnect_indication(self, LAP_NO_RESPONSE);
1711                 }
1712                 break;
1713         case RECV_SNRM_CMD:
1714                 /*
1715                  * SNRM frame is not allowed to contain an I-field in this
1716                  * state
1717                  */
1718                 if (!info) {
1719                         IRDA_DEBUG(3, "%s(), RECV_SNRM_CMD\n", __FUNCTION__);
1720                         irlap_initiate_connection_state(self);
1721                         irlap_wait_min_turn_around(self, &self->qos_tx);
1722                         irlap_send_ua_response_frame(self, &self->qos_rx);
1723                         irlap_reset_confirm();
1724                         irlap_start_wd_timer(self, self->wd_timeout);
1725                         irlap_next_state(self, LAP_NDM);
1726                 } else {
1727                         IRDA_DEBUG(0,
1728                                    "%s(), SNRM frame contained an I field!\n",
1729                                    __FUNCTION__);
1730                 }
1731                 break;
1732         default:
1733                 IRDA_DEBUG(1, "%s(), Unknown event %s\n",
1734                            __FUNCTION__, irlap_event[event]);
1735
1736                 ret = -1;
1737                 break;
1738         }
1739         return ret;
1740 }
1741
1742 /*
1743  * Function irlap_state_xmit_s (event, skb, info)
1744  *
1745  *   XMIT_S, The secondary station has been given the right to transmit,
1746  *   and we therefor do not expect to receive any transmissions from other
1747  *   stations.
1748  */
1749 static int irlap_state_xmit_s(struct irlap_cb *self, IRLAP_EVENT event,
1750                               struct sk_buff *skb, struct irlap_info *info)
1751 {
1752         int ret = 0;
1753
1754         IRDA_DEBUG(4, "%s(), event=%s\n", __FUNCTION__, irlap_event[event]);
1755
1756         IRDA_ASSERT(self != NULL, return -ENODEV;);
1757         IRDA_ASSERT(self->magic == LAP_MAGIC, return -EBADR;);
1758
1759         switch (event) {
1760         case SEND_I_CMD:
1761                 /*
1762                  *  Send frame only if send window > 0
1763                  */
1764                 if ((self->window > 0) && (!self->remote_busy)) {
1765                         int nextfit;
1766 #ifdef CONFIG_IRDA_DYNAMIC_WINDOW
1767                         struct sk_buff *skb_next;
1768
1769                         /*
1770                          * Same deal as in irlap_state_xmit_p(), so see
1771                          * the comments at that point.
1772                          * We are the secondary, so there are only subtle
1773                          * differences. - Jean II
1774                          */
1775
1776                         /* Check if a subsequent skb exist and would fit in
1777                          * the current window (with respect to turnaround
1778                          * time). - Jean II */
1779                         skb_next = skb_peek(&self->txq);
1780                         nextfit = ((skb_next != NULL) &&
1781                                    ((skb_next->len + skb->len) <=
1782                                     self->bytes_left));
1783
1784                         /*
1785                          *  Test if we have transmitted more bytes over the
1786                          *  link than its possible to do with the current
1787                          *  speed and turn-around-time.
1788                          */
1789                         if((!nextfit) && (skb->len > self->bytes_left)) {
1790                                 IRDA_DEBUG(0, "%s(), Not allowed to transmit"
1791                                            " more bytes!\n", __FUNCTION__);
1792                                 /* Requeue the skb */
1793                                 skb_queue_head(&self->txq, skb_get(skb));
1794
1795                                 /*
1796                                  *  Switch to NRM_S, this is only possible
1797                                  *  when we are in secondary mode, since we
1798                                  *  must be sure that we don't miss any RR
1799                                  *  frames
1800                                  */
1801                                 self->window = self->window_size;
1802                                 self->bytes_left = self->line_capacity;
1803                                 irlap_start_wd_timer(self, self->wd_timeout);
1804
1805                                 irlap_next_state(self, LAP_NRM_S);
1806                                 /* Slight difference with primary :
1807                                  * here we would wait for the other side to
1808                                  * expire the turnaround. - Jean II */
1809
1810                                 return -EPROTO; /* Try again later */
1811                         }
1812                         /* Substract space used by this skb */
1813                         self->bytes_left -= skb->len;
1814 #else   /* CONFIG_IRDA_DYNAMIC_WINDOW */
1815                         /* Window has been adjusted for the max packet
1816                          * size, so much simpler... - Jean II */
1817                         nextfit = !skb_queue_empty(&self->txq);
1818 #endif /* CONFIG_IRDA_DYNAMIC_WINDOW */
1819                         /*
1820                          *  Send data with final bit cleared only if window > 1
1821                          *  and there is more frames to be sent
1822                          */
1823                         if ((self->window > 1) && (nextfit)) {
1824                                 irlap_send_data_secondary(self, skb);
1825                                 irlap_next_state(self, LAP_XMIT_S);
1826                         } else {
1827                                 irlap_send_data_secondary_final(self, skb);
1828                                 irlap_next_state(self, LAP_NRM_S);
1829
1830                                 /*
1831                                  * Make sure state machine does not try to send
1832                                  * any more frames
1833                                  */
1834                                 ret = -EPROTO;
1835                         }
1836                 } else {
1837                         IRDA_DEBUG(2, "%s(), Unable to send!\n", __FUNCTION__);
1838                         skb_queue_head(&self->txq, skb_get(skb));
1839                         ret = -EPROTO;
1840                 }
1841                 break;
1842         case DISCONNECT_REQUEST:
1843                 irlap_send_rd_frame(self);
1844                 irlap_flush_all_queues(self);
1845                 irlap_start_wd_timer(self, self->wd_timeout);
1846                 irlap_next_state(self, LAP_SCLOSE);
1847                 break;
1848         case DATA_REQUEST:
1849                 /* Nothing to do, irlap_do_event() will send the packet
1850                  * when we return... - Jean II */
1851                 break;
1852         default:
1853                 IRDA_DEBUG(2, "%s(), Unknown event %s\n", __FUNCTION__,
1854                            irlap_event[event]);
1855
1856                 ret = -EINVAL;
1857                 break;
1858         }
1859         return ret;
1860 }
1861
1862 /*
1863  * Function irlap_state_nrm_s (event, skb, info)
1864  *
1865  *    NRM_S (Normal Response Mode as Secondary) state, in this state we are
1866  *    expecting to receive frames from the primary station
1867  *
1868  */
1869 static int irlap_state_nrm_s(struct irlap_cb *self, IRLAP_EVENT event,
1870                              struct sk_buff *skb, struct irlap_info *info)
1871 {
1872         int ns_status;
1873         int nr_status;
1874         int ret = 0;
1875
1876         IRDA_DEBUG(4, "%s(), event=%s\n", __FUNCTION__, irlap_event[ event]);
1877
1878         IRDA_ASSERT(self != NULL, return -1;);
1879         IRDA_ASSERT(self->magic == LAP_MAGIC, return -1;);
1880
1881         switch (event) {
1882         case RECV_I_CMD: /* Optimize for the common case */
1883                 /* FIXME: must check for remote_busy below */
1884                 IRDA_DEBUG(4, "%s(), event=%s nr=%d, vs=%d, ns=%d, "
1885                            "vr=%d, pf=%d\n", __FUNCTION__,
1886                            irlap_event[event], info->nr,
1887                            self->vs, info->ns, self->vr, info->pf);
1888
1889                 self->retry_count = 0;
1890
1891                 ns_status = irlap_validate_ns_received(self, info->ns);
1892                 nr_status = irlap_validate_nr_received(self, info->nr);
1893                 /*
1894                  *  Check for expected I(nformation) frame
1895                  */
1896                 if ((ns_status == NS_EXPECTED) && (nr_status == NR_EXPECTED)) {
1897
1898                         /* Update Vr (next frame for us to receive) */
1899                         self->vr = (self->vr + 1) % 8;
1900
1901                         /* Update Nr received */
1902                         irlap_update_nr_received(self, info->nr);
1903
1904                         /*
1905                          *  poll bit cleared?
1906                          */
1907                         if (!info->pf) {
1908
1909                                 self->ack_required = TRUE;
1910
1911                                 /*
1912                                  *  Starting WD-timer here is optional, but
1913                                  *  not recommended. Note 6 IrLAP p. 83
1914                                  */
1915 #if 0
1916                                 irda_start_timer(WD_TIMER, self->wd_timeout);
1917 #endif
1918                                 /* Keep state, do not move this line */
1919                                 irlap_next_state(self, LAP_NRM_S);
1920
1921                                 irlap_data_indication(self, skb, FALSE);
1922                                 break;
1923                         } else {
1924                                 /*
1925                                  *  We should wait before sending RR, and
1926                                  *  also before changing to XMIT_S
1927                                  *  state. (note 1, IrLAP p. 82)
1928                                  */
1929                                 irlap_wait_min_turn_around(self, &self->qos_tx);
1930
1931                                 /*
1932                                  * Give higher layers a chance to
1933                                  * immediately reply with some data before
1934                                  * we decide if we should send a RR frame
1935                                  * or not
1936                                  */
1937                                 irlap_data_indication(self, skb, FALSE);
1938
1939                                 /* Any pending data requests?  */
1940                                 if (!skb_queue_empty(&self->txq) &&
1941                                     (self->window > 0))
1942                                 {
1943                                         self->ack_required = TRUE;
1944
1945                                         del_timer(&self->wd_timer);
1946
1947                                         irlap_next_state(self, LAP_XMIT_S);
1948                                 } else {
1949                                         irlap_send_rr_frame(self, RSP_FRAME);
1950                                         irlap_start_wd_timer(self,
1951                                                              self->wd_timeout);
1952
1953                                         /* Keep the state */
1954                                         irlap_next_state(self, LAP_NRM_S);
1955                                 }
1956                                 break;
1957                         }
1958                 }
1959                 /*
1960                  *  Check for Unexpected next to send (Ns)
1961                  */
1962                 if ((ns_status == NS_UNEXPECTED) && (nr_status == NR_EXPECTED))
1963                 {
1964                         /* Unexpected next to send, with final bit cleared */
1965                         if (!info->pf) {
1966                                 irlap_update_nr_received(self, info->nr);
1967
1968                                 irlap_start_wd_timer(self, self->wd_timeout);
1969                         } else {
1970                                 /* Update Nr received */
1971                                 irlap_update_nr_received(self, info->nr);
1972
1973                                 irlap_wait_min_turn_around(self, &self->qos_tx);
1974                                 irlap_send_rr_frame(self, RSP_FRAME);
1975
1976                                 irlap_start_wd_timer(self, self->wd_timeout);
1977                         }
1978                         break;
1979                 }
1980
1981                 /*
1982                  *  Unexpected Next to Receive(NR) ?
1983                  */
1984                 if ((ns_status == NS_EXPECTED) && (nr_status == NR_UNEXPECTED))
1985                 {
1986                         if (info->pf) {
1987                                 IRDA_DEBUG(4, "RECV_I_RSP: frame(s) lost\n");
1988
1989                                 self->vr = (self->vr + 1) % 8;
1990
1991                                 /* Update Nr received */
1992                                 irlap_update_nr_received(self, info->nr);
1993
1994                                 /* Resend rejected frames */
1995                                 irlap_resend_rejected_frames(self, RSP_FRAME);
1996
1997                                 /* Keep state, do not move this line */
1998                                 irlap_next_state(self, LAP_NRM_S);
1999
2000                                 irlap_data_indication(self, skb, FALSE);
2001                                 irlap_start_wd_timer(self, self->wd_timeout);
2002                                 break;
2003                         }
2004                         /*
2005                          *  This is not documented in IrLAP!! Unexpected NR
2006                          *  with poll bit cleared
2007                          */
2008                         if (!info->pf) {
2009                                 self->vr = (self->vr + 1) % 8;
2010
2011                                 /* Update Nr received */
2012                                 irlap_update_nr_received(self, info->nr);
2013
2014                                 /* Keep state, do not move this line */
2015                                 irlap_next_state(self, LAP_NRM_S);
2016
2017                                 irlap_data_indication(self, skb, FALSE);
2018                                 irlap_start_wd_timer(self, self->wd_timeout);
2019                         }
2020                         break;
2021                 }
2022
2023                 if (ret == NR_INVALID) {
2024                         IRDA_DEBUG(0, "NRM_S, NR_INVALID not implemented!\n");
2025                 }
2026                 if (ret == NS_INVALID) {
2027                         IRDA_DEBUG(0, "NRM_S, NS_INVALID not implemented!\n");
2028                 }
2029                 break;
2030         case RECV_UI_FRAME:
2031                 /*
2032                  *  poll bit cleared?
2033                  */
2034                 if (!info->pf) {
2035                         irlap_data_indication(self, skb, TRUE);
2036                         irlap_next_state(self, LAP_NRM_S); /* Keep state */
2037                 } else {
2038                         /*
2039                          *  Any pending data requests?
2040                          */
2041                         if (!skb_queue_empty(&self->txq) &&
2042                             (self->window > 0) && !self->remote_busy)
2043                         {
2044                                 irlap_data_indication(self, skb, TRUE);
2045
2046                                 del_timer(&self->wd_timer);
2047
2048                                 irlap_next_state(self, LAP_XMIT_S);
2049                         } else {
2050                                 irlap_data_indication(self, skb, TRUE);
2051
2052                                 irlap_wait_min_turn_around(self, &self->qos_tx);
2053
2054                                 irlap_send_rr_frame(self, RSP_FRAME);
2055                                 self->ack_required = FALSE;
2056
2057                                 irlap_start_wd_timer(self, self->wd_timeout);
2058
2059                                 /* Keep the state */
2060                                 irlap_next_state(self, LAP_NRM_S);
2061                         }
2062                 }
2063                 break;
2064         case RECV_RR_CMD:
2065                 self->retry_count = 0;
2066
2067                 /*
2068                  *  Nr as expected?
2069                  */
2070                 nr_status = irlap_validate_nr_received(self, info->nr);
2071                 if (nr_status == NR_EXPECTED) {
2072                         if (!skb_queue_empty(&self->txq) &&
2073                             (self->window > 0)) {
2074                                 self->remote_busy = FALSE;
2075
2076                                 /* Update Nr received */
2077                                 irlap_update_nr_received(self, info->nr);
2078                                 del_timer(&self->wd_timer);
2079
2080                                 irlap_wait_min_turn_around(self, &self->qos_tx);
2081                                 irlap_next_state(self, LAP_XMIT_S);
2082                         } else {
2083                                 self->remote_busy = FALSE;
2084                                 /* Update Nr received */
2085                                 irlap_update_nr_received(self, info->nr);
2086                                 irlap_wait_min_turn_around(self, &self->qos_tx);
2087                                 irlap_start_wd_timer(self, self->wd_timeout);
2088
2089                                 /* Note : if the link is idle (this case),
2090                                  * we never go in XMIT_S, so we never get a
2091                                  * chance to process any DISCONNECT_REQUEST.
2092                                  * Do it now ! - Jean II */
2093                                 if (self->disconnect_pending) {
2094                                         /* Disconnect */
2095                                         irlap_send_rd_frame(self);
2096                                         irlap_flush_all_queues(self);
2097
2098                                         irlap_next_state(self, LAP_SCLOSE);
2099                                 } else {
2100                                         /* Just send back pf bit */
2101                                         irlap_send_rr_frame(self, RSP_FRAME);
2102
2103                                         irlap_next_state(self, LAP_NRM_S);
2104                                 }
2105                         }
2106                 } else if (nr_status == NR_UNEXPECTED) {
2107                         self->remote_busy = FALSE;
2108                         irlap_update_nr_received(self, info->nr);
2109                         irlap_resend_rejected_frames(self, RSP_FRAME);
2110
2111                         irlap_start_wd_timer(self, self->wd_timeout);
2112
2113                         /* Keep state */
2114                         irlap_next_state(self, LAP_NRM_S);
2115                 } else {
2116                         IRDA_DEBUG(1, "%s(), invalid nr not implemented!\n",
2117                                    __FUNCTION__);
2118                 }
2119                 break;
2120         case RECV_SNRM_CMD:
2121                 /* SNRM frame is not allowed to contain an I-field */
2122                 if (!info) {
2123                         del_timer(&self->wd_timer);
2124                         IRDA_DEBUG(1, "%s(), received SNRM cmd\n", __FUNCTION__);
2125                         irlap_next_state(self, LAP_RESET_CHECK);
2126
2127                         irlap_reset_indication(self);
2128                 } else {
2129                         IRDA_DEBUG(0,
2130                                    "%s(), SNRM frame contained an I-field!\n",
2131                                    __FUNCTION__);
2132
2133                 }
2134                 break;
2135         case RECV_REJ_CMD:
2136                 irlap_update_nr_received(self, info->nr);
2137                 if (self->remote_busy) {
2138                         irlap_wait_min_turn_around(self, &self->qos_tx);
2139                         irlap_send_rr_frame(self, RSP_FRAME);
2140                 } else
2141                         irlap_resend_rejected_frames(self, RSP_FRAME);
2142                 irlap_start_wd_timer(self, self->wd_timeout);
2143                 break;
2144         case RECV_SREJ_CMD:
2145                 irlap_update_nr_received(self, info->nr);
2146                 if (self->remote_busy) {
2147                         irlap_wait_min_turn_around(self, &self->qos_tx);
2148                         irlap_send_rr_frame(self, RSP_FRAME);
2149                 } else
2150                         irlap_resend_rejected_frame(self, RSP_FRAME);
2151                 irlap_start_wd_timer(self, self->wd_timeout);
2152                 break;
2153         case WD_TIMER_EXPIRED:
2154                 /*
2155                  *  Wait until retry_count * n matches negotiated threshold/
2156                  *  disconnect time (note 2 in IrLAP p. 82)
2157                  *
2158                  * Similar to irlap_state_nrm_p() -> FINAL_TIMER_EXPIRED
2159                  * Note : self->wd_timeout = (self->final_timeout * 2),
2160                  *   which explain why we use (self->N2 / 2) here !!!
2161                  * Jean II
2162                  */
2163                 IRDA_DEBUG(1, "%s(), retry_count = %d\n", __FUNCTION__,
2164                            self->retry_count);
2165
2166                 if (self->retry_count < (self->N2 / 2)) {
2167                         /* No retry, just wait for primary */
2168                         irlap_start_wd_timer(self, self->wd_timeout);
2169                         self->retry_count++;
2170
2171                         if((self->retry_count % (self->N1 / 2)) == 0)
2172                                 irlap_status_indication(self,
2173                                                         STATUS_NO_ACTIVITY);
2174                 } else {
2175                         irlap_apply_default_connection_parameters(self);
2176
2177                         /* Always switch state before calling upper layers */
2178                         irlap_next_state(self, LAP_NDM);
2179                         irlap_disconnect_indication(self, LAP_NO_RESPONSE);
2180                 }
2181                 break;
2182         case RECV_DISC_CMD:
2183                 /* Always switch state before calling upper layers */
2184                 irlap_next_state(self, LAP_NDM);
2185
2186                 /* Send disconnect response */
2187                 irlap_wait_min_turn_around(self, &self->qos_tx);
2188                 irlap_send_ua_response_frame(self, NULL);
2189
2190                 del_timer(&self->wd_timer);
2191                 irlap_flush_all_queues(self);
2192                 /* Set default link parameters */
2193                 irlap_apply_default_connection_parameters(self);
2194
2195                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
2196                 break;
2197         case RECV_DISCOVERY_XID_CMD:
2198                 irlap_wait_min_turn_around(self, &self->qos_tx);
2199                 irlap_send_rr_frame(self, RSP_FRAME);
2200                 self->ack_required = TRUE;
2201                 irlap_start_wd_timer(self, self->wd_timeout);
2202                 irlap_next_state(self, LAP_NRM_S);
2203
2204                 break;
2205         case RECV_TEST_CMD:
2206                 /* Remove test frame header (only LAP header in NRM) */
2207                 skb_pull(skb, LAP_ADDR_HEADER + LAP_CTRL_HEADER);
2208
2209                 irlap_wait_min_turn_around(self, &self->qos_tx);
2210                 irlap_start_wd_timer(self, self->wd_timeout);
2211
2212                 /* Send response (info will be copied) */
2213                 irlap_send_test_frame(self, self->caddr, info->daddr, skb);
2214                 break;
2215         default:
2216                 IRDA_DEBUG(1, "%s(), Unknown event %d, (%s)\n", __FUNCTION__,
2217                            event, irlap_event[event]);
2218
2219                 ret = -EINVAL;
2220                 break;
2221         }
2222         return ret;
2223 }
2224
2225 /*
2226  * Function irlap_state_sclose (self, event, skb, info)
2227  */
2228 static int irlap_state_sclose(struct irlap_cb *self, IRLAP_EVENT event,
2229                               struct sk_buff *skb, struct irlap_info *info)
2230 {
2231         int ret = 0;
2232
2233         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
2234
2235         IRDA_ASSERT(self != NULL, return -ENODEV;);
2236         IRDA_ASSERT(self->magic == LAP_MAGIC, return -EBADR;);
2237
2238         switch (event) {
2239         case RECV_DISC_CMD:
2240                 /* Always switch state before calling upper layers */
2241                 irlap_next_state(self, LAP_NDM);
2242
2243                 /* Send disconnect response */
2244                 irlap_wait_min_turn_around(self, &self->qos_tx);
2245                 irlap_send_ua_response_frame(self, NULL);
2246
2247                 del_timer(&self->wd_timer);
2248                 /* Set default link parameters */
2249                 irlap_apply_default_connection_parameters(self);
2250
2251                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
2252                 break;
2253         case RECV_DM_RSP:
2254                 /* IrLAP-1.1 p.82: in SCLOSE, S and I type RSP frames
2255                  * shall take us down into default NDM state, like DM_RSP
2256                  */
2257         case RECV_RR_RSP:
2258         case RECV_RNR_RSP:
2259         case RECV_REJ_RSP:
2260         case RECV_SREJ_RSP:
2261         case RECV_I_RSP:
2262                 /* Always switch state before calling upper layers */
2263                 irlap_next_state(self, LAP_NDM);
2264
2265                 del_timer(&self->wd_timer);
2266                 irlap_apply_default_connection_parameters(self);
2267
2268                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
2269                 break;
2270         case WD_TIMER_EXPIRED:
2271                 /* Always switch state before calling upper layers */
2272                 irlap_next_state(self, LAP_NDM);
2273
2274                 irlap_apply_default_connection_parameters(self);
2275
2276                 irlap_disconnect_indication(self, LAP_DISC_INDICATION);
2277                 break;
2278         default:
2279                 /* IrLAP-1.1 p.82: in SCLOSE, basically any received frame
2280                  * with pf=1 shall restart the wd-timer and resend the rd:rsp
2281                  */
2282                 if (info != NULL  &&  info->pf) {
2283                         del_timer(&self->wd_timer);
2284                         irlap_wait_min_turn_around(self, &self->qos_tx);
2285                         irlap_send_rd_frame(self);
2286                         irlap_start_wd_timer(self, self->wd_timeout);
2287                         break;          /* stay in SCLOSE */
2288                 }
2289
2290                 IRDA_DEBUG(1, "%s(), Unknown event %d, (%s)\n", __FUNCTION__,
2291                            event, irlap_event[event]);
2292
2293                 ret = -EINVAL;
2294                 break;
2295         }
2296
2297         return -1;
2298 }
2299
2300 static int irlap_state_reset_check( struct irlap_cb *self, IRLAP_EVENT event,
2301                                    struct sk_buff *skb,
2302                                    struct irlap_info *info)
2303 {
2304         int ret = 0;
2305
2306         IRDA_DEBUG(1, "%s(), event=%s\n", __FUNCTION__, irlap_event[event]);
2307
2308         IRDA_ASSERT(self != NULL, return -ENODEV;);
2309         IRDA_ASSERT(self->magic == LAP_MAGIC, return -EBADR;);
2310
2311         switch (event) {
2312         case RESET_RESPONSE:
2313                 irlap_send_ua_response_frame(self, &self->qos_rx);
2314                 irlap_initiate_connection_state(self);
2315                 irlap_start_wd_timer(self, WD_TIMEOUT);
2316                 irlap_flush_all_queues(self);
2317
2318                 irlap_next_state(self, LAP_NRM_S);
2319                 break;
2320         case DISCONNECT_REQUEST:
2321                 irlap_wait_min_turn_around(self, &self->qos_tx);
2322                 irlap_send_rd_frame(self);
2323                 irlap_start_wd_timer(self, WD_TIMEOUT);
2324                 irlap_next_state(self, LAP_SCLOSE);
2325                 break;
2326         default:
2327                 IRDA_DEBUG(1, "%s(), Unknown event %d, (%s)\n", __FUNCTION__,
2328                            event, irlap_event[event]);
2329
2330                 ret = -EINVAL;
2331                 break;
2332         }
2333         return ret;
2334 }