usb_serial: Fix remaining ref count/lock bugs
[linux-2.6] / drivers / usb / serial / oti6858.c
1 /*
2  * Ours Technology Inc. OTi-6858 USB to serial adapter driver.
3  *
4  * Copyleft  (C) 2007 Kees Lemmens (adapted for kernel 2.6.20)
5  * Copyright (C) 2006 Tomasz Michal Lukaszewski (FIXME: add e-mail)
6  * Copyright (C) 2001-2004 Greg Kroah-Hartman (greg@kroah.com)
7  * Copyright (C) 2003 IBM Corp.
8  *
9  * Many thanks to the authors of pl2303 driver: all functions in this file
10  * are heavily based on pl2303 code, buffering code is a 1-to-1 copy.
11  *
12  * Warning! You use this driver on your own risk! The only official
13  * description of this device I have is datasheet from manufacturer,
14  * and it doesn't contain almost any information needed to write a driver.
15  * Almost all knowlegde used while writing this driver was gathered by:
16  *  - analyzing traffic between device and the M$ Windows 2000 driver,
17  *  - trying different bit combinations and checking pin states
18  *    with a voltmeter,
19  *  - receiving malformed frames and producing buffer overflows
20  *    to learn how errors are reported,
21  * So, THIS CODE CAN DESTROY OTi-6858 AND ANY OTHER DEVICES, THAT ARE
22  * CONNECTED TO IT!
23  *
24  * This program is free software; you can redistribute it and/or modify
25  * it under the terms of the GNU General Public License as published by
26  * the Free Software Foundation; either version 2 of the License.
27  *
28  * See Documentation/usb/usb-serial.txt for more information on using this
29  * driver
30  *
31  * TODO:
32  *  - implement correct flushing for ioctls and oti6858_close()
33  *  - check how errors (rx overflow, parity error, framing error) are reported
34  *  - implement oti6858_break_ctl()
35  *  - implement more ioctls
36  *  - test/implement flow control
37  *  - allow setting custom baud rates
38  */
39
40 #include <linux/kernel.h>
41 #include <linux/errno.h>
42 #include <linux/init.h>
43 #include <linux/slab.h>
44 #include <linux/tty.h>
45 #include <linux/tty_driver.h>
46 #include <linux/tty_flip.h>
47 #include <linux/serial.h>
48 #include <linux/module.h>
49 #include <linux/moduleparam.h>
50 #include <linux/spinlock.h>
51 #include <linux/usb.h>
52 #include <linux/usb/serial.h>
53 #include <linux/uaccess.h>
54 #include "oti6858.h"
55
56 #define OTI6858_DESCRIPTION \
57         "Ours Technology Inc. OTi-6858 USB to serial adapter driver"
58 #define OTI6858_AUTHOR "Tomasz Michal Lukaszewski <FIXME@FIXME>"
59 #define OTI6858_VERSION "0.1"
60
61 static struct usb_device_id id_table [] = {
62         { USB_DEVICE(OTI6858_VENDOR_ID, OTI6858_PRODUCT_ID) },
63         { }
64 };
65
66 MODULE_DEVICE_TABLE(usb, id_table);
67
68 static struct usb_driver oti6858_driver = {
69         .name =         "oti6858",
70         .probe =        usb_serial_probe,
71         .disconnect =   usb_serial_disconnect,
72         .id_table =     id_table,
73         .no_dynamic_id =        1,
74 };
75
76 static int debug;
77
78
79 /* buffering code, copied from pl2303 driver */
80 #define PL2303_BUF_SIZE         1024
81 #define PL2303_TMP_BUF_SIZE     1024
82
83 struct oti6858_buf {
84         unsigned int    buf_size;
85         char            *buf_buf;
86         char            *buf_get;
87         char            *buf_put;
88 };
89
90 /* requests */
91 #define OTI6858_REQ_GET_STATUS          (USB_DIR_IN | USB_TYPE_VENDOR | 0x00)
92 #define OTI6858_REQ_T_GET_STATUS        0x01
93
94 #define OTI6858_REQ_SET_LINE            (USB_DIR_OUT | USB_TYPE_VENDOR | 0x00)
95 #define OTI6858_REQ_T_SET_LINE          0x00
96
97 #define OTI6858_REQ_CHECK_TXBUFF        (USB_DIR_IN | USB_TYPE_VENDOR | 0x01)
98 #define OTI6858_REQ_T_CHECK_TXBUFF      0x00
99
100 /* format of the control packet */
101 struct oti6858_control_pkt {
102         __le16  divisor;        /* baud rate = 96000000 / (16 * divisor), LE */
103 #define OTI6858_MAX_BAUD_RATE   3000000
104         u8      frame_fmt;
105 #define FMT_STOP_BITS_MASK      0xc0
106 #define FMT_STOP_BITS_1         0x00
107 #define FMT_STOP_BITS_2         0x40    /* 1.5 stop bits if FMT_DATA_BITS_5 */
108 #define FMT_PARITY_MASK         0x38
109 #define FMT_PARITY_NONE         0x00
110 #define FMT_PARITY_ODD          0x08
111 #define FMT_PARITY_EVEN         0x18
112 #define FMT_PARITY_MARK         0x28
113 #define FMT_PARITY_SPACE        0x38
114 #define FMT_DATA_BITS_MASK      0x03
115 #define FMT_DATA_BITS_5         0x00
116 #define FMT_DATA_BITS_6         0x01
117 #define FMT_DATA_BITS_7         0x02
118 #define FMT_DATA_BITS_8         0x03
119         u8      something;      /* always equals 0x43 */
120         u8      control;        /* settings of flow control lines */
121 #define CONTROL_MASK            0x0c
122 #define CONTROL_DTR_HIGH        0x08
123 #define CONTROL_RTS_HIGH        0x04
124         u8      tx_status;
125 #define TX_BUFFER_EMPTIED       0x09
126         u8      pin_state;
127 #define PIN_MASK                0x3f
128 #define PIN_RTS                 0x20    /* output pin */
129 #define PIN_CTS                 0x10    /* input pin, active low */
130 #define PIN_DSR                 0x08    /* input pin, active low */
131 #define PIN_DTR                 0x04    /* output pin */
132 #define PIN_RI                  0x02    /* input pin, active low */
133 #define PIN_DCD                 0x01    /* input pin, active low */
134         u8      rx_bytes_avail;         /* number of bytes in rx buffer */;
135 };
136
137 #define OTI6858_CTRL_PKT_SIZE   sizeof(struct oti6858_control_pkt)
138 #define OTI6858_CTRL_EQUALS_PENDING(a, priv) \
139         (((a)->divisor == (priv)->pending_setup.divisor) \
140           && ((a)->control == (priv)->pending_setup.control) \
141           && ((a)->frame_fmt == (priv)->pending_setup.frame_fmt))
142
143 /* function prototypes */
144 static int oti6858_open(struct tty_struct *tty,
145                         struct usb_serial_port *port, struct file *filp);
146 static void oti6858_close(struct usb_serial_port *port);
147 static void oti6858_set_termios(struct tty_struct *tty,
148                         struct usb_serial_port *port, struct ktermios *old);
149 static int oti6858_ioctl(struct tty_struct *tty, struct file *file,
150                         unsigned int cmd, unsigned long arg);
151 static void oti6858_read_int_callback(struct urb *urb);
152 static void oti6858_read_bulk_callback(struct urb *urb);
153 static void oti6858_write_bulk_callback(struct urb *urb);
154 static int oti6858_write(struct tty_struct *tty, struct usb_serial_port *port,
155                         const unsigned char *buf, int count);
156 static int oti6858_write_room(struct tty_struct *tty);
157 static int oti6858_chars_in_buffer(struct tty_struct *tty);
158 static int oti6858_tiocmget(struct tty_struct *tty, struct file *file);
159 static int oti6858_tiocmset(struct tty_struct *tty, struct file *file,
160                                 unsigned int set, unsigned int clear);
161 static int oti6858_startup(struct usb_serial *serial);
162 static void oti6858_release(struct usb_serial *serial);
163
164 /* functions operating on buffers */
165 static struct oti6858_buf *oti6858_buf_alloc(unsigned int size);
166 static void oti6858_buf_free(struct oti6858_buf *pb);
167 static void oti6858_buf_clear(struct oti6858_buf *pb);
168 static unsigned int oti6858_buf_data_avail(struct oti6858_buf *pb);
169 static unsigned int oti6858_buf_space_avail(struct oti6858_buf *pb);
170 static unsigned int oti6858_buf_put(struct oti6858_buf *pb, const char *buf,
171                                         unsigned int count);
172 static unsigned int oti6858_buf_get(struct oti6858_buf *pb, char *buf,
173                                         unsigned int count);
174
175
176 /* device info */
177 static struct usb_serial_driver oti6858_device = {
178         .driver = {
179                 .owner =        THIS_MODULE,
180                 .name =         "oti6858",
181         },
182         .id_table =             id_table,
183         .num_ports =            1,
184         .open =                 oti6858_open,
185         .close =                oti6858_close,
186         .write =                oti6858_write,
187         .ioctl =                oti6858_ioctl,
188         .set_termios =          oti6858_set_termios,
189         .tiocmget =             oti6858_tiocmget,
190         .tiocmset =             oti6858_tiocmset,
191         .read_bulk_callback =   oti6858_read_bulk_callback,
192         .read_int_callback =    oti6858_read_int_callback,
193         .write_bulk_callback =  oti6858_write_bulk_callback,
194         .write_room =           oti6858_write_room,
195         .chars_in_buffer =      oti6858_chars_in_buffer,
196         .attach =               oti6858_startup,
197         .release =              oti6858_release,
198 };
199
200 struct oti6858_private {
201         spinlock_t lock;
202
203         struct oti6858_buf *buf;
204         struct oti6858_control_pkt status;
205
206         struct {
207                 u8 read_urb_in_use;
208                 u8 write_urb_in_use;
209                 u8 termios_initialized;
210         } flags;
211         struct delayed_work delayed_write_work;
212
213         struct {
214                 __le16 divisor;
215                 u8 frame_fmt;
216                 u8 control;
217         } pending_setup;
218         u8 transient;
219         u8 setup_done;
220         struct delayed_work delayed_setup_work;
221
222         wait_queue_head_t intr_wait;
223         struct usb_serial_port *port;   /* USB port with which associated */
224 };
225
226 static void setup_line(struct work_struct *work)
227 {
228         struct oti6858_private *priv = container_of(work,
229                         struct oti6858_private, delayed_setup_work.work);
230         struct usb_serial_port *port = priv->port;
231         struct oti6858_control_pkt *new_setup;
232         unsigned long flags;
233         int result;
234
235         dbg("%s(port = %d)", __func__, port->number);
236
237         new_setup = kmalloc(OTI6858_CTRL_PKT_SIZE, GFP_KERNEL);
238         if (new_setup == NULL) {
239                 dev_err(&port->dev, "%s(): out of memory!\n", __func__);
240                 /* we will try again */
241                 schedule_delayed_work(&priv->delayed_setup_work,
242                                                 msecs_to_jiffies(2));
243                 return;
244         }
245
246         result = usb_control_msg(port->serial->dev,
247                                 usb_rcvctrlpipe(port->serial->dev, 0),
248                                 OTI6858_REQ_T_GET_STATUS,
249                                 OTI6858_REQ_GET_STATUS,
250                                 0, 0,
251                                 new_setup, OTI6858_CTRL_PKT_SIZE,
252                                 100);
253
254         if (result != OTI6858_CTRL_PKT_SIZE) {
255                 dev_err(&port->dev, "%s(): error reading status\n", __func__);
256                 kfree(new_setup);
257                 /* we will try again */
258                 schedule_delayed_work(&priv->delayed_setup_work,
259                                                         msecs_to_jiffies(2));
260                 return;
261         }
262
263         spin_lock_irqsave(&priv->lock, flags);
264         if (!OTI6858_CTRL_EQUALS_PENDING(new_setup, priv)) {
265                 new_setup->divisor = priv->pending_setup.divisor;
266                 new_setup->control = priv->pending_setup.control;
267                 new_setup->frame_fmt = priv->pending_setup.frame_fmt;
268
269                 spin_unlock_irqrestore(&priv->lock, flags);
270                 result = usb_control_msg(port->serial->dev,
271                                         usb_sndctrlpipe(port->serial->dev, 0),
272                                         OTI6858_REQ_T_SET_LINE,
273                                         OTI6858_REQ_SET_LINE,
274                                         0, 0,
275                                         new_setup, OTI6858_CTRL_PKT_SIZE,
276                                         100);
277         } else {
278                 spin_unlock_irqrestore(&priv->lock, flags);
279                 result = 0;
280         }
281         kfree(new_setup);
282
283         spin_lock_irqsave(&priv->lock, flags);
284         if (result != OTI6858_CTRL_PKT_SIZE)
285                 priv->transient = 0;
286         priv->setup_done = 1;
287         spin_unlock_irqrestore(&priv->lock, flags);
288
289         dbg("%s(): submitting interrupt urb", __func__);
290         port->interrupt_in_urb->dev = port->serial->dev;
291         result = usb_submit_urb(port->interrupt_in_urb, GFP_ATOMIC);
292         if (result != 0) {
293                 dev_err(&port->dev, "%s(): usb_submit_urb() failed"
294                                 " with error %d\n", __func__, result);
295         }
296 }
297
298 void send_data(struct work_struct *work)
299 {
300         struct oti6858_private *priv = container_of(work,
301                         struct oti6858_private, delayed_write_work.work);
302         struct usb_serial_port *port = priv->port;
303         int count = 0, result;
304         unsigned long flags;
305         unsigned char allow;
306
307         dbg("%s(port = %d)", __func__, port->number);
308
309         spin_lock_irqsave(&priv->lock, flags);
310         if (priv->flags.write_urb_in_use) {
311                 spin_unlock_irqrestore(&priv->lock, flags);
312                 schedule_delayed_work(&priv->delayed_write_work,
313                                                 msecs_to_jiffies(2));
314                 return;
315         }
316         priv->flags.write_urb_in_use = 1;
317
318         count = oti6858_buf_data_avail(priv->buf);
319         spin_unlock_irqrestore(&priv->lock, flags);
320         if (count > port->bulk_out_size)
321                 count = port->bulk_out_size;
322
323         if (count != 0) {
324                 result = usb_control_msg(port->serial->dev,
325                                 usb_rcvctrlpipe(port->serial->dev, 0),
326                                 OTI6858_REQ_T_CHECK_TXBUFF,
327                                 OTI6858_REQ_CHECK_TXBUFF,
328                                 count, 0, &allow, 1, 100);
329                 if (result != 1 || allow != 0)
330                         count = 0;
331         }
332
333         if (count == 0) {
334                 priv->flags.write_urb_in_use = 0;
335
336                 dbg("%s(): submitting interrupt urb", __func__);
337                 port->interrupt_in_urb->dev = port->serial->dev;
338                 result = usb_submit_urb(port->interrupt_in_urb, GFP_ATOMIC);
339                 if (result != 0) {
340                         dev_err(&port->dev, "%s(): usb_submit_urb() failed"
341                                 " with error %d\n", __func__, result);
342                 }
343                 return;
344         }
345
346         spin_lock_irqsave(&priv->lock, flags);
347         oti6858_buf_get(priv->buf, port->write_urb->transfer_buffer, count);
348         spin_unlock_irqrestore(&priv->lock, flags);
349
350         port->write_urb->transfer_buffer_length = count;
351         port->write_urb->dev = port->serial->dev;
352         result = usb_submit_urb(port->write_urb, GFP_ATOMIC);
353         if (result != 0) {
354                 dev_err(&port->dev, "%s(): usb_submit_urb() failed"
355                                " with error %d\n", __func__, result);
356                 priv->flags.write_urb_in_use = 0;
357         }
358
359         usb_serial_port_softint(port);
360 }
361
362 static int oti6858_startup(struct usb_serial *serial)
363 {
364         struct usb_serial_port *port = serial->port[0];
365         struct oti6858_private *priv;
366         int i;
367
368         for (i = 0; i < serial->num_ports; ++i) {
369                 priv = kzalloc(sizeof(struct oti6858_private), GFP_KERNEL);
370                 if (!priv)
371                         break;
372                 priv->buf = oti6858_buf_alloc(PL2303_BUF_SIZE);
373                 if (priv->buf == NULL) {
374                         kfree(priv);
375                         break;
376                 }
377
378                 spin_lock_init(&priv->lock);
379                 init_waitqueue_head(&priv->intr_wait);
380 /*              INIT_WORK(&priv->setup_work, setup_line, serial->port[i]); */
381 /*              INIT_WORK(&priv->write_work, send_data, serial->port[i]); */
382                 priv->port = port;
383                 INIT_DELAYED_WORK(&priv->delayed_setup_work, setup_line);
384                 INIT_DELAYED_WORK(&priv->delayed_write_work, send_data);
385
386                 usb_set_serial_port_data(serial->port[i], priv);
387         }
388         if (i == serial->num_ports)
389                 return 0;
390
391         for (--i; i >= 0; --i) {
392                 priv = usb_get_serial_port_data(serial->port[i]);
393                 oti6858_buf_free(priv->buf);
394                 kfree(priv);
395                 usb_set_serial_port_data(serial->port[i], NULL);
396         }
397         return -ENOMEM;
398 }
399
400 static int oti6858_write(struct tty_struct *tty, struct usb_serial_port *port,
401                         const unsigned char *buf, int count)
402 {
403         struct oti6858_private *priv = usb_get_serial_port_data(port);
404         unsigned long flags;
405
406         dbg("%s(port = %d, count = %d)", __func__, port->number, count);
407
408         if (!count)
409                 return count;
410
411         spin_lock_irqsave(&priv->lock, flags);
412         count = oti6858_buf_put(priv->buf, buf, count);
413         spin_unlock_irqrestore(&priv->lock, flags);
414
415         return count;
416 }
417
418 static int oti6858_write_room(struct tty_struct *tty)
419 {
420         struct usb_serial_port *port = tty->driver_data;
421         struct oti6858_private *priv = usb_get_serial_port_data(port);
422         int room = 0;
423         unsigned long flags;
424
425         dbg("%s(port = %d)", __func__, port->number);
426
427         spin_lock_irqsave(&priv->lock, flags);
428         room = oti6858_buf_space_avail(priv->buf);
429         spin_unlock_irqrestore(&priv->lock, flags);
430
431         return room;
432 }
433
434 static int oti6858_chars_in_buffer(struct tty_struct *tty)
435 {
436         struct usb_serial_port *port = tty->driver_data;
437         struct oti6858_private *priv = usb_get_serial_port_data(port);
438         int chars = 0;
439         unsigned long flags;
440
441         dbg("%s(port = %d)", __func__, port->number);
442
443         spin_lock_irqsave(&priv->lock, flags);
444         chars = oti6858_buf_data_avail(priv->buf);
445         spin_unlock_irqrestore(&priv->lock, flags);
446
447         return chars;
448 }
449
450 static void oti6858_set_termios(struct tty_struct *tty,
451                 struct usb_serial_port *port, struct ktermios *old_termios)
452 {
453         struct oti6858_private *priv = usb_get_serial_port_data(port);
454         unsigned long flags;
455         unsigned int cflag;
456         u8 frame_fmt, control;
457         __le16 divisor;
458         int br;
459
460         dbg("%s(port = %d)", __func__, port->number);
461
462         if (!tty) {
463                 dbg("%s(): no tty structures", __func__);
464                 return;
465         }
466
467         spin_lock_irqsave(&priv->lock, flags);
468         if (!priv->flags.termios_initialized) {
469                 *(tty->termios) = tty_std_termios;
470                 tty->termios->c_cflag = B38400 | CS8 | CREAD | HUPCL | CLOCAL;
471                 tty->termios->c_ispeed = 38400;
472                 tty->termios->c_ospeed = 38400;
473                 priv->flags.termios_initialized = 1;
474         }
475         spin_unlock_irqrestore(&priv->lock, flags);
476
477         cflag = tty->termios->c_cflag;
478
479         spin_lock_irqsave(&priv->lock, flags);
480         divisor = priv->pending_setup.divisor;
481         frame_fmt = priv->pending_setup.frame_fmt;
482         control = priv->pending_setup.control;
483         spin_unlock_irqrestore(&priv->lock, flags);
484
485         frame_fmt &= ~FMT_DATA_BITS_MASK;
486         switch (cflag & CSIZE) {
487         case CS5:
488                 frame_fmt |= FMT_DATA_BITS_5;
489                 break;
490         case CS6:
491                 frame_fmt |= FMT_DATA_BITS_6;
492                 break;
493         case CS7:
494                 frame_fmt |= FMT_DATA_BITS_7;
495                 break;
496         default:
497         case CS8:
498                 frame_fmt |= FMT_DATA_BITS_8;
499                 break;
500         }
501
502         /* manufacturer claims that this device can work with baud rates
503          * up to 3 Mbps; I've tested it only on 115200 bps, so I can't
504          * guarantee that any other baud rate will work (especially
505          * the higher ones)
506          */
507         br = tty_get_baud_rate(tty);
508         if (br == 0) {
509                 divisor = 0;
510         } else {
511                 int real_br;
512                 int new_divisor;
513                 br = min(br, OTI6858_MAX_BAUD_RATE);
514
515                 new_divisor = (96000000 + 8 * br) / (16 * br);
516                 real_br = 96000000 / (16 * new_divisor);
517                 divisor = cpu_to_le16(new_divisor);
518                 tty_encode_baud_rate(tty, real_br, real_br);
519         }
520
521         frame_fmt &= ~FMT_STOP_BITS_MASK;
522         if ((cflag & CSTOPB) != 0)
523                 frame_fmt |= FMT_STOP_BITS_2;
524         else
525                 frame_fmt |= FMT_STOP_BITS_1;
526
527         frame_fmt &= ~FMT_PARITY_MASK;
528         if ((cflag & PARENB) != 0) {
529                 if ((cflag & PARODD) != 0)
530                         frame_fmt |= FMT_PARITY_ODD;
531                 else
532                         frame_fmt |= FMT_PARITY_EVEN;
533         } else {
534                 frame_fmt |= FMT_PARITY_NONE;
535         }
536
537         control &= ~CONTROL_MASK;
538         if ((cflag & CRTSCTS) != 0)
539                 control |= (CONTROL_DTR_HIGH | CONTROL_RTS_HIGH);
540
541         /* change control lines if we are switching to or from B0 */
542         /* FIXME:
543         spin_lock_irqsave(&priv->lock, flags);
544         control = priv->line_control;
545         if ((cflag & CBAUD) == B0)
546                 priv->line_control &= ~(CONTROL_DTR | CONTROL_RTS);
547         else
548                 priv->line_control |= (CONTROL_DTR | CONTROL_RTS);
549         if (control != priv->line_control) {
550                 control = priv->line_control;
551                 spin_unlock_irqrestore(&priv->lock, flags);
552                 set_control_lines(serial->dev, control);
553         } else {
554                 spin_unlock_irqrestore(&priv->lock, flags);
555         }
556         */
557
558         spin_lock_irqsave(&priv->lock, flags);
559         if (divisor != priv->pending_setup.divisor
560                         || control != priv->pending_setup.control
561                         || frame_fmt != priv->pending_setup.frame_fmt) {
562                 priv->pending_setup.divisor = divisor;
563                 priv->pending_setup.control = control;
564                 priv->pending_setup.frame_fmt = frame_fmt;
565         }
566         spin_unlock_irqrestore(&priv->lock, flags);
567 }
568
569 static int oti6858_open(struct tty_struct *tty,
570                         struct usb_serial_port *port, struct file *filp)
571 {
572         struct oti6858_private *priv = usb_get_serial_port_data(port);
573         struct ktermios tmp_termios;
574         struct usb_serial *serial = port->serial;
575         struct oti6858_control_pkt *buf;
576         unsigned long flags;
577         int result;
578
579         dbg("%s(port = %d)", __func__, port->number);
580
581         usb_clear_halt(serial->dev, port->write_urb->pipe);
582         usb_clear_halt(serial->dev, port->read_urb->pipe);
583
584         if (port->port.count != 1)
585                 return 0;
586
587         buf = kmalloc(OTI6858_CTRL_PKT_SIZE, GFP_KERNEL);
588         if (buf == NULL) {
589                 dev_err(&port->dev, "%s(): out of memory!\n", __func__);
590                 return -ENOMEM;
591         }
592
593         result = usb_control_msg(serial->dev, usb_rcvctrlpipe(serial->dev, 0),
594                                 OTI6858_REQ_T_GET_STATUS,
595                                 OTI6858_REQ_GET_STATUS,
596                                 0, 0,
597                                 buf, OTI6858_CTRL_PKT_SIZE,
598                                 100);
599         if (result != OTI6858_CTRL_PKT_SIZE) {
600                 /* assume default (after power-on reset) values */
601                 buf->divisor = cpu_to_le16(0x009c);     /* 38400 bps */
602                 buf->frame_fmt = 0x03;  /* 8N1 */
603                 buf->something = 0x43;
604                 buf->control = 0x4c;    /* DTR, RTS */
605                 buf->tx_status = 0x00;
606                 buf->pin_state = 0x5b;  /* RTS, CTS, DSR, DTR, RI, DCD */
607                 buf->rx_bytes_avail = 0x00;
608         }
609
610         spin_lock_irqsave(&priv->lock, flags);
611         memcpy(&priv->status, buf, OTI6858_CTRL_PKT_SIZE);
612         priv->pending_setup.divisor = buf->divisor;
613         priv->pending_setup.frame_fmt = buf->frame_fmt;
614         priv->pending_setup.control = buf->control;
615         spin_unlock_irqrestore(&priv->lock, flags);
616         kfree(buf);
617
618         dbg("%s(): submitting interrupt urb", __func__);
619         port->interrupt_in_urb->dev = serial->dev;
620         result = usb_submit_urb(port->interrupt_in_urb, GFP_KERNEL);
621         if (result != 0) {
622                 dev_err(&port->dev, "%s(): usb_submit_urb() failed"
623                                " with error %d\n", __func__, result);
624                 oti6858_close(port);
625                 return -EPROTO;
626         }
627
628         /* setup termios */
629         if (tty)
630                 oti6858_set_termios(tty, port, &tmp_termios);
631         port->port.drain_delay = 256;   /* FIXME: check the FIFO length */
632         return 0;
633 }
634
635 static void oti6858_close(struct usb_serial_port *port)
636 {
637         struct oti6858_private *priv = usb_get_serial_port_data(port);
638         unsigned long flags;
639
640         dbg("%s(port = %d)", __func__, port->number);
641
642         spin_lock_irqsave(&priv->lock, flags);
643         /* clear out any remaining data in the buffer */
644         oti6858_buf_clear(priv->buf);
645         spin_unlock_irqrestore(&priv->lock, flags);
646
647         dbg("%s(): after buf_clear()", __func__);
648
649         /* cancel scheduled setup */
650         cancel_delayed_work(&priv->delayed_setup_work);
651         cancel_delayed_work(&priv->delayed_write_work);
652         flush_scheduled_work();
653
654         /* shutdown our urbs */
655         dbg("%s(): shutting down urbs", __func__);
656         usb_kill_urb(port->write_urb);
657         usb_kill_urb(port->read_urb);
658         usb_kill_urb(port->interrupt_in_urb);
659 }
660
661 static int oti6858_tiocmset(struct tty_struct *tty, struct file *file,
662                                 unsigned int set, unsigned int clear)
663 {
664         struct usb_serial_port *port = tty->driver_data;
665         struct oti6858_private *priv = usb_get_serial_port_data(port);
666         unsigned long flags;
667         u8 control;
668
669         dbg("%s(port = %d, set = 0x%08x, clear = 0x%08x)",
670                                 __func__, port->number, set, clear);
671
672         if (!usb_get_intfdata(port->serial->interface))
673                 return -ENODEV;
674
675         /* FIXME: check if this is correct (active high/low) */
676         spin_lock_irqsave(&priv->lock, flags);
677         control = priv->pending_setup.control;
678         if ((set & TIOCM_RTS) != 0)
679                 control |= CONTROL_RTS_HIGH;
680         if ((set & TIOCM_DTR) != 0)
681                 control |= CONTROL_DTR_HIGH;
682         if ((clear & TIOCM_RTS) != 0)
683                 control &= ~CONTROL_RTS_HIGH;
684         if ((clear & TIOCM_DTR) != 0)
685                 control &= ~CONTROL_DTR_HIGH;
686
687         if (control != priv->pending_setup.control)
688                 priv->pending_setup.control = control;
689
690         spin_unlock_irqrestore(&priv->lock, flags);
691         return 0;
692 }
693
694 static int oti6858_tiocmget(struct tty_struct *tty, struct file *file)
695 {
696         struct usb_serial_port *port = tty->driver_data;
697         struct oti6858_private *priv = usb_get_serial_port_data(port);
698         unsigned long flags;
699         unsigned pin_state;
700         unsigned result = 0;
701
702         dbg("%s(port = %d)", __func__, port->number);
703
704         if (!usb_get_intfdata(port->serial->interface))
705                 return -ENODEV;
706
707         spin_lock_irqsave(&priv->lock, flags);
708         pin_state = priv->status.pin_state & PIN_MASK;
709         spin_unlock_irqrestore(&priv->lock, flags);
710
711         /* FIXME: check if this is correct (active high/low) */
712         if ((pin_state & PIN_RTS) != 0)
713                 result |= TIOCM_RTS;
714         if ((pin_state & PIN_CTS) != 0)
715                 result |= TIOCM_CTS;
716         if ((pin_state & PIN_DSR) != 0)
717                 result |= TIOCM_DSR;
718         if ((pin_state & PIN_DTR) != 0)
719                 result |= TIOCM_DTR;
720         if ((pin_state & PIN_RI) != 0)
721                 result |= TIOCM_RI;
722         if ((pin_state & PIN_DCD) != 0)
723                 result |= TIOCM_CD;
724
725         dbg("%s() = 0x%08x", __func__, result);
726
727         return result;
728 }
729
730 static int wait_modem_info(struct usb_serial_port *port, unsigned int arg)
731 {
732         struct oti6858_private *priv = usb_get_serial_port_data(port);
733         unsigned long flags;
734         unsigned int prev, status;
735         unsigned int changed;
736
737         spin_lock_irqsave(&priv->lock, flags);
738         prev = priv->status.pin_state;
739         spin_unlock_irqrestore(&priv->lock, flags);
740
741         while (1) {
742                 wait_event_interruptible(priv->intr_wait,
743                                         priv->status.pin_state != prev);
744                 if (signal_pending(current))
745                         return -ERESTARTSYS;
746
747                 spin_lock_irqsave(&priv->lock, flags);
748                 status = priv->status.pin_state & PIN_MASK;
749                 spin_unlock_irqrestore(&priv->lock, flags);
750
751                 changed = prev ^ status;
752                 /* FIXME: check if this is correct (active high/low) */
753                 if (((arg & TIOCM_RNG) && (changed & PIN_RI)) ||
754                     ((arg & TIOCM_DSR) && (changed & PIN_DSR)) ||
755                     ((arg & TIOCM_CD)  && (changed & PIN_DCD)) ||
756                     ((arg & TIOCM_CTS) && (changed & PIN_CTS)))
757                         return 0;
758                 prev = status;
759         }
760
761         /* NOTREACHED */
762         return 0;
763 }
764
765 static int oti6858_ioctl(struct tty_struct *tty, struct file *file,
766                         unsigned int cmd, unsigned long arg)
767 {
768         struct usb_serial_port *port = tty->driver_data;
769
770         dbg("%s(port = %d, cmd = 0x%04x, arg = 0x%08lx)",
771                                 __func__, port->number, cmd, arg);
772
773         switch (cmd) {
774         case TIOCMIWAIT:
775                 dbg("%s(): TIOCMIWAIT", __func__);
776                 return wait_modem_info(port, arg);
777         default:
778                 dbg("%s(): 0x%04x not supported", __func__, cmd);
779                 break;
780         }
781         return -ENOIOCTLCMD;
782 }
783
784
785 static void oti6858_release(struct usb_serial *serial)
786 {
787         struct oti6858_private *priv;
788         int i;
789
790         dbg("%s()", __func__);
791
792         for (i = 0; i < serial->num_ports; ++i) {
793                 priv = usb_get_serial_port_data(serial->port[i]);
794                 if (priv) {
795                         oti6858_buf_free(priv->buf);
796                         kfree(priv);
797                 }
798         }
799 }
800
801 static void oti6858_read_int_callback(struct urb *urb)
802 {
803         struct usb_serial_port *port =  urb->context;
804         struct oti6858_private *priv = usb_get_serial_port_data(port);
805         int transient = 0, can_recv = 0, resubmit = 1;
806         int status = urb->status;
807
808         dbg("%s(port = %d, status = %d)",
809                                 __func__, port->number, status);
810
811         switch (status) {
812         case 0:
813                 /* success */
814                 break;
815         case -ECONNRESET:
816         case -ENOENT:
817         case -ESHUTDOWN:
818                 /* this urb is terminated, clean up */
819                 dbg("%s(): urb shutting down with status: %d",
820                                         __func__, status);
821                 return;
822         default:
823                 dbg("%s(): nonzero urb status received: %d",
824                                         __func__, status);
825                 break;
826         }
827
828         if (status == 0 && urb->actual_length == OTI6858_CTRL_PKT_SIZE) {
829                 struct oti6858_control_pkt *xs = urb->transfer_buffer;
830                 unsigned long flags;
831
832                 spin_lock_irqsave(&priv->lock, flags);
833
834                 if (!priv->transient) {
835                         if (!OTI6858_CTRL_EQUALS_PENDING(xs, priv)) {
836                                 if (xs->rx_bytes_avail == 0) {
837                                         priv->transient = 4;
838                                         priv->setup_done = 0;
839                                         resubmit = 0;
840                                         dbg("%s(): scheduling setup_line()",
841                                             __func__);
842                                         schedule_delayed_work(&priv->delayed_setup_work, 0);
843                                 }
844                         }
845                 } else {
846                         if (OTI6858_CTRL_EQUALS_PENDING(xs, priv)) {
847                                 priv->transient = 0;
848                         } else if (!priv->setup_done) {
849                                 resubmit = 0;
850                         } else if (--priv->transient == 0) {
851                                 if (xs->rx_bytes_avail == 0) {
852                                         priv->transient = 4;
853                                         priv->setup_done = 0;
854                                         resubmit = 0;
855                                         dbg("%s(): scheduling setup_line()",
856                                             __func__);
857                                         schedule_delayed_work(&priv->delayed_setup_work, 0);
858                                 }
859                         }
860                 }
861
862                 if (!priv->transient) {
863                         if (xs->pin_state != priv->status.pin_state)
864                                 wake_up_interruptible(&priv->intr_wait);
865                         memcpy(&priv->status, xs, OTI6858_CTRL_PKT_SIZE);
866                 }
867
868                 if (!priv->transient && xs->rx_bytes_avail != 0) {
869                         can_recv = xs->rx_bytes_avail;
870                         priv->flags.read_urb_in_use = 1;
871                 }
872
873                 transient = priv->transient;
874                 spin_unlock_irqrestore(&priv->lock, flags);
875         }
876
877         if (can_recv) {
878                 int result;
879
880                 port->read_urb->dev = port->serial->dev;
881                 result = usb_submit_urb(port->read_urb, GFP_ATOMIC);
882                 if (result != 0) {
883                         priv->flags.read_urb_in_use = 0;
884                         dev_err(&port->dev, "%s(): usb_submit_urb() failed,"
885                                         " error %d\n", __func__, result);
886                 } else {
887                         resubmit = 0;
888                 }
889         } else if (!transient) {
890                 unsigned long flags;
891
892                 spin_lock_irqsave(&priv->lock, flags);
893                 if (priv->flags.write_urb_in_use == 0
894                                 && oti6858_buf_data_avail(priv->buf) != 0) {
895                         schedule_delayed_work(&priv->delayed_write_work, 0);
896                         resubmit = 0;
897                 }
898                 spin_unlock_irqrestore(&priv->lock, flags);
899         }
900
901         if (resubmit) {
902                 int result;
903
904 /*              dbg("%s(): submitting interrupt urb", __func__); */
905                 urb->dev = port->serial->dev;
906                 result = usb_submit_urb(urb, GFP_ATOMIC);
907                 if (result != 0) {
908                         dev_err(&urb->dev->dev,
909                                         "%s(): usb_submit_urb() failed with"
910                                         " error %d\n", __func__, result);
911                 }
912         }
913 }
914
915 static void oti6858_read_bulk_callback(struct urb *urb)
916 {
917         struct usb_serial_port *port =  urb->context;
918         struct oti6858_private *priv = usb_get_serial_port_data(port);
919         struct tty_struct *tty;
920         unsigned char *data = urb->transfer_buffer;
921         unsigned long flags;
922         int status = urb->status;
923         int result;
924
925         dbg("%s(port = %d, status = %d)",
926                                 __func__, port->number, status);
927
928         spin_lock_irqsave(&priv->lock, flags);
929         priv->flags.read_urb_in_use = 0;
930         spin_unlock_irqrestore(&priv->lock, flags);
931
932         if (status != 0) {
933                 if (!port->port.count) {
934                         dbg("%s(): port is closed, exiting", __func__);
935                         return;
936                 }
937                 /*
938                 if (status == -EPROTO) {
939                         * PL2303 mysteriously fails with -EPROTO reschedule
940                            the read *
941                         dbg("%s - caught -EPROTO, resubmitting the urb",
942                                                                 __func__);
943                         result = usb_submit_urb(urb, GFP_ATOMIC);
944                         if (result)
945                                 dev_err(&urb->dev->dev, "%s - failed resubmitting read urb, error %d\n", __func__, result);
946                         return;
947                 }
948                 */
949                 dbg("%s(): unable to handle the error, exiting", __func__);
950                 return;
951         }
952
953         tty = tty_port_tty_get(&port->port);
954         if (tty != NULL && urb->actual_length > 0) {
955                 tty_insert_flip_string(tty, data, urb->actual_length);
956                 tty_flip_buffer_push(tty);
957         }
958         tty_kref_put(tty);
959
960         /* schedule the interrupt urb if we are still open */
961         if (port->port.count != 0) {
962                 port->interrupt_in_urb->dev = port->serial->dev;
963                 result = usb_submit_urb(port->interrupt_in_urb, GFP_ATOMIC);
964                 if (result != 0) {
965                         dev_err(&port->dev, "%s(): usb_submit_urb() failed,"
966                                         " error %d\n", __func__, result);
967                 }
968         }
969 }
970
971 static void oti6858_write_bulk_callback(struct urb *urb)
972 {
973         struct usb_serial_port *port =  urb->context;
974         struct oti6858_private *priv = usb_get_serial_port_data(port);
975         int status = urb->status;
976         int result;
977
978         dbg("%s(port = %d, status = %d)",
979                                 __func__, port->number, status);
980
981         switch (status) {
982         case 0:
983                 /* success */
984                 break;
985         case -ECONNRESET:
986         case -ENOENT:
987         case -ESHUTDOWN:
988                 /* this urb is terminated, clean up */
989                 dbg("%s(): urb shutting down with status: %d",
990                                         __func__, status);
991                 priv->flags.write_urb_in_use = 0;
992                 return;
993         default:
994                 /* error in the urb, so we have to resubmit it */
995                 dbg("%s(): nonzero write bulk status received: %d",
996                                         __func__, status);
997                 dbg("%s(): overflow in write", __func__);
998
999                 port->write_urb->transfer_buffer_length = 1;
1000                 port->write_urb->dev = port->serial->dev;
1001                 result = usb_submit_urb(port->write_urb, GFP_ATOMIC);
1002                 if (result) {
1003                         dev_err(&port->dev, "%s(): usb_submit_urb() failed,"
1004                                         " error %d\n", __func__, result);
1005                 } else {
1006                         return;
1007                 }
1008         }
1009
1010         priv->flags.write_urb_in_use = 0;
1011
1012         /* schedule the interrupt urb if we are still open */
1013         port->interrupt_in_urb->dev = port->serial->dev;
1014         dbg("%s(): submitting interrupt urb", __func__);
1015         result = usb_submit_urb(port->interrupt_in_urb, GFP_ATOMIC);
1016         if (result != 0) {
1017                 dev_err(&port->dev, "%s(): failed submitting int urb,"
1018                                         " error %d\n", __func__, result);
1019         }
1020 }
1021
1022
1023 /*
1024  * oti6858_buf_alloc
1025  *
1026  * Allocate a circular buffer and all associated memory.
1027  */
1028 static struct oti6858_buf *oti6858_buf_alloc(unsigned int size)
1029 {
1030         struct oti6858_buf *pb;
1031
1032         if (size == 0)
1033                 return NULL;
1034
1035         pb = kmalloc(sizeof(struct oti6858_buf), GFP_KERNEL);
1036         if (pb == NULL)
1037                 return NULL;
1038
1039         pb->buf_buf = kmalloc(size, GFP_KERNEL);
1040         if (pb->buf_buf == NULL) {
1041                 kfree(pb);
1042                 return NULL;
1043         }
1044
1045         pb->buf_size = size;
1046         pb->buf_get = pb->buf_put = pb->buf_buf;
1047
1048         return pb;
1049 }
1050
1051 /*
1052  * oti6858_buf_free
1053  *
1054  * Free the buffer and all associated memory.
1055  */
1056 static void oti6858_buf_free(struct oti6858_buf *pb)
1057 {
1058         if (pb) {
1059                 kfree(pb->buf_buf);
1060                 kfree(pb);
1061         }
1062 }
1063
1064 /*
1065  * oti6858_buf_clear
1066  *
1067  * Clear out all data in the circular buffer.
1068  */
1069 static void oti6858_buf_clear(struct oti6858_buf *pb)
1070 {
1071         if (pb != NULL) {
1072                 /* equivalent to a get of all data available */
1073                 pb->buf_get = pb->buf_put;
1074         }
1075 }
1076
1077 /*
1078  * oti6858_buf_data_avail
1079  *
1080  * Return the number of bytes of data available in the circular
1081  * buffer.
1082  */
1083 static unsigned int oti6858_buf_data_avail(struct oti6858_buf *pb)
1084 {
1085         if (pb == NULL)
1086                 return 0;
1087         return (pb->buf_size + pb->buf_put - pb->buf_get) % pb->buf_size;
1088 }
1089
1090 /*
1091  * oti6858_buf_space_avail
1092  *
1093  * Return the number of bytes of space available in the circular
1094  * buffer.
1095  */
1096 static unsigned int oti6858_buf_space_avail(struct oti6858_buf *pb)
1097 {
1098         if (pb == NULL)
1099                 return 0;
1100         return (pb->buf_size + pb->buf_get - pb->buf_put - 1) % pb->buf_size;
1101 }
1102
1103 /*
1104  * oti6858_buf_put
1105  *
1106  * Copy data data from a user buffer and put it into the circular buffer.
1107  * Restrict to the amount of space available.
1108  *
1109  * Return the number of bytes copied.
1110  */
1111 static unsigned int oti6858_buf_put(struct oti6858_buf *pb, const char *buf,
1112                                         unsigned int count)
1113 {
1114         unsigned int len;
1115
1116         if (pb == NULL)
1117                 return 0;
1118
1119         len  = oti6858_buf_space_avail(pb);
1120         if (count > len)
1121                 count = len;
1122
1123         if (count == 0)
1124                 return 0;
1125
1126         len = pb->buf_buf + pb->buf_size - pb->buf_put;
1127         if (count > len) {
1128                 memcpy(pb->buf_put, buf, len);
1129                 memcpy(pb->buf_buf, buf+len, count - len);
1130                 pb->buf_put = pb->buf_buf + count - len;
1131         } else {
1132                 memcpy(pb->buf_put, buf, count);
1133                 if (count < len)
1134                         pb->buf_put += count;
1135                 else /* count == len */
1136                         pb->buf_put = pb->buf_buf;
1137         }
1138
1139         return count;
1140 }
1141
1142 /*
1143  * oti6858_buf_get
1144  *
1145  * Get data from the circular buffer and copy to the given buffer.
1146  * Restrict to the amount of data available.
1147  *
1148  * Return the number of bytes copied.
1149  */
1150 static unsigned int oti6858_buf_get(struct oti6858_buf *pb, char *buf,
1151                                         unsigned int count)
1152 {
1153         unsigned int len;
1154
1155         if (pb == NULL)
1156                 return 0;
1157
1158         len = oti6858_buf_data_avail(pb);
1159         if (count > len)
1160                 count = len;
1161
1162         if (count == 0)
1163                 return 0;
1164
1165         len = pb->buf_buf + pb->buf_size - pb->buf_get;
1166         if (count > len) {
1167                 memcpy(buf, pb->buf_get, len);
1168                 memcpy(buf+len, pb->buf_buf, count - len);
1169                 pb->buf_get = pb->buf_buf + count - len;
1170         } else {
1171                 memcpy(buf, pb->buf_get, count);
1172                 if (count < len)
1173                         pb->buf_get += count;
1174                 else /* count == len */
1175                         pb->buf_get = pb->buf_buf;
1176         }
1177
1178         return count;
1179 }
1180
1181 /* module description and (de)initialization */
1182
1183 static int __init oti6858_init(void)
1184 {
1185         int retval;
1186
1187         retval = usb_serial_register(&oti6858_device);
1188         if (retval == 0) {
1189                 retval = usb_register(&oti6858_driver);
1190                 if (retval)
1191                         usb_serial_deregister(&oti6858_device);
1192         }
1193         return retval;
1194 }
1195
1196 static void __exit oti6858_exit(void)
1197 {
1198         usb_deregister(&oti6858_driver);
1199         usb_serial_deregister(&oti6858_device);
1200 }
1201
1202 module_init(oti6858_init);
1203 module_exit(oti6858_exit);
1204
1205 MODULE_DESCRIPTION(OTI6858_DESCRIPTION);
1206 MODULE_AUTHOR(OTI6858_AUTHOR);
1207 MODULE_VERSION(OTI6858_VERSION);
1208 MODULE_LICENSE("GPL");
1209
1210 module_param(debug, bool, S_IRUGO | S_IWUSR);
1211 MODULE_PARM_DESC(debug, "enable debug output");
1212