Merge branch 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/linvil...
[linux-2.6] / net / irda / irttp.c
1 /*********************************************************************
2  *
3  * Filename:      irttp.c
4  * Version:       1.2
5  * Description:   Tiny Transport Protocol (TTP) implementation
6  * Status:        Stable
7  * Author:        Dag Brattli <dagb@cs.uit.no>
8  * Created at:    Sun Aug 31 20:14:31 1997
9  * Modified at:   Wed Jan  5 11:31:27 2000
10  * Modified by:   Dag Brattli <dagb@cs.uit.no>
11  *
12  *     Copyright (c) 1998-2000 Dag Brattli <dagb@cs.uit.no>,
13  *     All Rights Reserved.
14  *     Copyright (c) 2000-2003 Jean Tourrilhes <jt@hpl.hp.com>
15  *
16  *     This program is free software; you can redistribute it and/or
17  *     modify it under the terms of the GNU General Public License as
18  *     published by the Free Software Foundation; either version 2 of
19  *     the License, or (at your option) any later version.
20  *
21  *     Neither Dag Brattli nor University of Tromsø admit liability nor
22  *     provide warranty for any of this software. This material is
23  *     provided "AS-IS" and at no charge.
24  *
25  ********************************************************************/
26
27 #include <linux/skbuff.h>
28 #include <linux/init.h>
29 #include <linux/fs.h>
30 #include <linux/seq_file.h>
31
32 #include <asm/byteorder.h>
33 #include <asm/unaligned.h>
34
35 #include <net/irda/irda.h>
36 #include <net/irda/irlap.h>
37 #include <net/irda/irlmp.h>
38 #include <net/irda/parameters.h>
39 #include <net/irda/irttp.h>
40
41 static struct irttp_cb *irttp;
42
43 static void __irttp_close_tsap(struct tsap_cb *self);
44
45 static int irttp_data_indication(void *instance, void *sap,
46                                  struct sk_buff *skb);
47 static int irttp_udata_indication(void *instance, void *sap,
48                                   struct sk_buff *skb);
49 static void irttp_disconnect_indication(void *instance, void *sap,
50                                         LM_REASON reason, struct sk_buff *);
51 static void irttp_connect_indication(void *instance, void *sap,
52                                      struct qos_info *qos, __u32 max_sdu_size,
53                                      __u8 header_size, struct sk_buff *skb);
54 static void irttp_connect_confirm(void *instance, void *sap,
55                                   struct qos_info *qos, __u32 max_sdu_size,
56                                   __u8 header_size, struct sk_buff *skb);
57 static void irttp_run_tx_queue(struct tsap_cb *self);
58 static void irttp_run_rx_queue(struct tsap_cb *self);
59
60 static void irttp_flush_queues(struct tsap_cb *self);
61 static void irttp_fragment_skb(struct tsap_cb *self, struct sk_buff *skb);
62 static struct sk_buff *irttp_reassemble_skb(struct tsap_cb *self);
63 static void irttp_todo_expired(unsigned long data);
64 static int irttp_param_max_sdu_size(void *instance, irda_param_t *param,
65                                     int get);
66
67 static void irttp_flow_indication(void *instance, void *sap, LOCAL_FLOW flow);
68 static void irttp_status_indication(void *instance,
69                                     LINK_STATUS link, LOCK_STATUS lock);
70
71 /* Information for parsing parameters in IrTTP */
72 static pi_minor_info_t pi_minor_call_table[] = {
73         { NULL, 0 },                                             /* 0x00 */
74         { irttp_param_max_sdu_size, PV_INTEGER | PV_BIG_ENDIAN } /* 0x01 */
75 };
76 static pi_major_info_t pi_major_call_table[] = {{ pi_minor_call_table, 2 }};
77 static pi_param_info_t param_info = { pi_major_call_table, 1, 0x0f, 4 };
78
79 /************************ GLOBAL PROCEDURES ************************/
80
81 /*
82  * Function irttp_init (void)
83  *
84  *    Initialize the IrTTP layer. Called by module initialization code
85  *
86  */
87 int __init irttp_init(void)
88 {
89         irttp = kzalloc(sizeof(struct irttp_cb), GFP_KERNEL);
90         if (irttp == NULL)
91                 return -ENOMEM;
92
93         irttp->magic = TTP_MAGIC;
94
95         irttp->tsaps = hashbin_new(HB_LOCK);
96         if (!irttp->tsaps) {
97                 IRDA_ERROR("%s: can't allocate IrTTP hashbin!\n",
98                            __FUNCTION__);
99                 kfree(irttp);
100                 return -ENOMEM;
101         }
102
103         return 0;
104 }
105
106 /*
107  * Function irttp_cleanup (void)
108  *
109  *    Called by module destruction/cleanup code
110  *
111  */
112 void __exit irttp_cleanup(void)
113 {
114         /* Check for main structure */
115         IRDA_ASSERT(irttp->magic == TTP_MAGIC, return;);
116
117         /*
118          *  Delete hashbin and close all TSAP instances in it
119          */
120         hashbin_delete(irttp->tsaps, (FREE_FUNC) __irttp_close_tsap);
121
122         irttp->magic = 0;
123
124         /* De-allocate main structure */
125         kfree(irttp);
126
127         irttp = NULL;
128 }
129
130 /*************************** SUBROUTINES ***************************/
131
132 /*
133  * Function irttp_start_todo_timer (self, timeout)
134  *
135  *    Start todo timer.
136  *
137  * Made it more effient and unsensitive to race conditions - Jean II
138  */
139 static inline void irttp_start_todo_timer(struct tsap_cb *self, int timeout)
140 {
141         /* Set new value for timer */
142         mod_timer(&self->todo_timer, jiffies + timeout);
143 }
144
145 /*
146  * Function irttp_todo_expired (data)
147  *
148  *    Todo timer has expired!
149  *
150  * One of the restriction of the timer is that it is run only on the timer
151  * interrupt which run every 10ms. This mean that even if you set the timer
152  * with a delay of 0, it may take up to 10ms before it's run.
153  * So, to minimise latency and keep cache fresh, we try to avoid using
154  * it as much as possible.
155  * Note : we can't use tasklets, because they can't be asynchronously
156  * killed (need user context), and we can't guarantee that here...
157  * Jean II
158  */
159 static void irttp_todo_expired(unsigned long data)
160 {
161         struct tsap_cb *self = (struct tsap_cb *) data;
162
163         /* Check that we still exist */
164         if (!self || self->magic != TTP_TSAP_MAGIC)
165                 return;
166
167         IRDA_DEBUG(4, "%s(instance=%p)\n", __FUNCTION__, self);
168
169         /* Try to make some progress, especially on Tx side - Jean II */
170         irttp_run_rx_queue(self);
171         irttp_run_tx_queue(self);
172
173         /* Check if time for disconnect */
174         if (test_bit(0, &self->disconnect_pend)) {
175                 /* Check if it's possible to disconnect yet */
176                 if (skb_queue_empty(&self->tx_queue)) {
177                         /* Make sure disconnect is not pending anymore */
178                         clear_bit(0, &self->disconnect_pend);   /* FALSE */
179
180                         /* Note : self->disconnect_skb may be NULL */
181                         irttp_disconnect_request(self, self->disconnect_skb,
182                                                  P_NORMAL);
183                         self->disconnect_skb = NULL;
184                 } else {
185                         /* Try again later */
186                         irttp_start_todo_timer(self, HZ/10);
187
188                         /* No reason to try and close now */
189                         return;
190                 }
191         }
192
193         /* Check if it's closing time */
194         if (self->close_pend)
195                 /* Finish cleanup */
196                 irttp_close_tsap(self);
197 }
198
199 /*
200  * Function irttp_flush_queues (self)
201  *
202  *     Flushes (removes all frames) in transitt-buffer (tx_list)
203  */
204 void irttp_flush_queues(struct tsap_cb *self)
205 {
206         struct sk_buff* skb;
207
208         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
209
210         IRDA_ASSERT(self != NULL, return;);
211         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
212
213         /* Deallocate frames waiting to be sent */
214         while ((skb = skb_dequeue(&self->tx_queue)) != NULL)
215                 dev_kfree_skb(skb);
216
217         /* Deallocate received frames */
218         while ((skb = skb_dequeue(&self->rx_queue)) != NULL)
219                 dev_kfree_skb(skb);
220
221         /* Deallocate received fragments */
222         while ((skb = skb_dequeue(&self->rx_fragments)) != NULL)
223                 dev_kfree_skb(skb);
224 }
225
226 /*
227  * Function irttp_reassemble (self)
228  *
229  *    Makes a new (continuous) skb of all the fragments in the fragment
230  *    queue
231  *
232  */
233 static struct sk_buff *irttp_reassemble_skb(struct tsap_cb *self)
234 {
235         struct sk_buff *skb, *frag;
236         int n = 0;  /* Fragment index */
237
238         IRDA_ASSERT(self != NULL, return NULL;);
239         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return NULL;);
240
241         IRDA_DEBUG(2, "%s(), self->rx_sdu_size=%d\n", __FUNCTION__,
242                    self->rx_sdu_size);
243
244         skb = dev_alloc_skb(TTP_HEADER + self->rx_sdu_size);
245         if (!skb)
246                 return NULL;
247
248         /*
249          * Need to reserve space for TTP header in case this skb needs to
250          * be requeued in case delivery failes
251          */
252         skb_reserve(skb, TTP_HEADER);
253         skb_put(skb, self->rx_sdu_size);
254
255         /*
256          *  Copy all fragments to a new buffer
257          */
258         while ((frag = skb_dequeue(&self->rx_fragments)) != NULL) {
259                 memcpy(skb->data+n, frag->data, frag->len);
260                 n += frag->len;
261
262                 dev_kfree_skb(frag);
263         }
264
265         IRDA_DEBUG(2,
266                    "%s(), frame len=%d, rx_sdu_size=%d, rx_max_sdu_size=%d\n",
267                    __FUNCTION__, n, self->rx_sdu_size, self->rx_max_sdu_size);
268         /* Note : irttp_run_rx_queue() calculate self->rx_sdu_size
269          * by summing the size of all fragments, so we should always
270          * have n == self->rx_sdu_size, except in cases where we
271          * droped the last fragment (when self->rx_sdu_size exceed
272          * self->rx_max_sdu_size), where n < self->rx_sdu_size.
273          * Jean II */
274         IRDA_ASSERT(n <= self->rx_sdu_size, n = self->rx_sdu_size;);
275
276         /* Set the new length */
277         skb_trim(skb, n);
278
279         self->rx_sdu_size = 0;
280
281         return skb;
282 }
283
284 /*
285  * Function irttp_fragment_skb (skb)
286  *
287  *    Fragments a frame and queues all the fragments for transmission
288  *
289  */
290 static inline void irttp_fragment_skb(struct tsap_cb *self,
291                                       struct sk_buff *skb)
292 {
293         struct sk_buff *frag;
294         __u8 *frame;
295
296         IRDA_DEBUG(2, "%s()\n", __FUNCTION__);
297
298         IRDA_ASSERT(self != NULL, return;);
299         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
300         IRDA_ASSERT(skb != NULL, return;);
301
302         /*
303          *  Split frame into a number of segments
304          */
305         while (skb->len > self->max_seg_size) {
306                 IRDA_DEBUG(2, "%s(), fragmenting ...\n", __FUNCTION__);
307
308                 /* Make new segment */
309                 frag = alloc_skb(self->max_seg_size+self->max_header_size,
310                                  GFP_ATOMIC);
311                 if (!frag)
312                         return;
313
314                 skb_reserve(frag, self->max_header_size);
315
316                 /* Copy data from the original skb into this fragment. */
317                 memcpy(skb_put(frag, self->max_seg_size), skb->data,
318                        self->max_seg_size);
319
320                 /* Insert TTP header, with the more bit set */
321                 frame = skb_push(frag, TTP_HEADER);
322                 frame[0] = TTP_MORE;
323
324                 /* Hide the copied data from the original skb */
325                 skb_pull(skb, self->max_seg_size);
326
327                 /* Queue fragment */
328                 skb_queue_tail(&self->tx_queue, frag);
329         }
330         /* Queue what is left of the original skb */
331         IRDA_DEBUG(2, "%s(), queuing last segment\n", __FUNCTION__);
332
333         frame = skb_push(skb, TTP_HEADER);
334         frame[0] = 0x00; /* Clear more bit */
335
336         /* Queue fragment */
337         skb_queue_tail(&self->tx_queue, skb);
338 }
339
340 /*
341  * Function irttp_param_max_sdu_size (self, param)
342  *
343  *    Handle the MaxSduSize parameter in the connect frames, this function
344  *    will be called both when this parameter needs to be inserted into, and
345  *    extracted from the connect frames
346  */
347 static int irttp_param_max_sdu_size(void *instance, irda_param_t *param,
348                                     int get)
349 {
350         struct tsap_cb *self;
351
352         self = (struct tsap_cb *) instance;
353
354         IRDA_ASSERT(self != NULL, return -1;);
355         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
356
357         if (get)
358                 param->pv.i = self->tx_max_sdu_size;
359         else
360                 self->tx_max_sdu_size = param->pv.i;
361
362         IRDA_DEBUG(1, "%s(), MaxSduSize=%d\n", __FUNCTION__, param->pv.i);
363
364         return 0;
365 }
366
367 /*************************** CLIENT CALLS ***************************/
368 /************************** LMP CALLBACKS **************************/
369 /* Everything is happily mixed up. Waiting for next clean up - Jean II */
370
371 /*
372  * Function irttp_open_tsap (stsap, notify)
373  *
374  *    Create TSAP connection endpoint,
375  */
376 struct tsap_cb *irttp_open_tsap(__u8 stsap_sel, int credit, notify_t *notify)
377 {
378         struct tsap_cb *self;
379         struct lsap_cb *lsap;
380         notify_t ttp_notify;
381
382         IRDA_ASSERT(irttp->magic == TTP_MAGIC, return NULL;);
383
384         /* The IrLMP spec (IrLMP 1.1 p10) says that we have the right to
385          * use only 0x01-0x6F. Of course, we can use LSAP_ANY as well.
386          * JeanII */
387         if((stsap_sel != LSAP_ANY) &&
388            ((stsap_sel < 0x01) || (stsap_sel >= 0x70))) {
389                 IRDA_DEBUG(0, "%s(), invalid tsap!\n", __FUNCTION__);
390                 return NULL;
391         }
392
393         self = kzalloc(sizeof(struct tsap_cb), GFP_ATOMIC);
394         if (self == NULL) {
395                 IRDA_DEBUG(0, "%s(), unable to kmalloc!\n", __FUNCTION__);
396                 return NULL;
397         }
398         spin_lock_init(&self->lock);
399
400         /* Initialise todo timer */
401         init_timer(&self->todo_timer);
402         self->todo_timer.data     = (unsigned long) self;
403         self->todo_timer.function = &irttp_todo_expired;
404
405         /* Initialize callbacks for IrLMP to use */
406         irda_notify_init(&ttp_notify);
407         ttp_notify.connect_confirm = irttp_connect_confirm;
408         ttp_notify.connect_indication = irttp_connect_indication;
409         ttp_notify.disconnect_indication = irttp_disconnect_indication;
410         ttp_notify.data_indication = irttp_data_indication;
411         ttp_notify.udata_indication = irttp_udata_indication;
412         ttp_notify.flow_indication = irttp_flow_indication;
413         if(notify->status_indication != NULL)
414                 ttp_notify.status_indication = irttp_status_indication;
415         ttp_notify.instance = self;
416         strncpy(ttp_notify.name, notify->name, NOTIFY_MAX_NAME);
417
418         self->magic = TTP_TSAP_MAGIC;
419         self->connected = FALSE;
420
421         skb_queue_head_init(&self->rx_queue);
422         skb_queue_head_init(&self->tx_queue);
423         skb_queue_head_init(&self->rx_fragments);
424         /*
425          *  Create LSAP at IrLMP layer
426          */
427         lsap = irlmp_open_lsap(stsap_sel, &ttp_notify, 0);
428         if (lsap == NULL) {
429                 IRDA_WARNING("%s: unable to allocate LSAP!!\n", __FUNCTION__);
430                 return NULL;
431         }
432
433         /*
434          *  If user specified LSAP_ANY as source TSAP selector, then IrLMP
435          *  will replace it with whatever source selector which is free, so
436          *  the stsap_sel we have might not be valid anymore
437          */
438         self->stsap_sel = lsap->slsap_sel;
439         IRDA_DEBUG(4, "%s(), stsap_sel=%02x\n", __FUNCTION__, self->stsap_sel);
440
441         self->notify = *notify;
442         self->lsap = lsap;
443
444         hashbin_insert(irttp->tsaps, (irda_queue_t *) self, (long) self, NULL);
445
446         if (credit > TTP_RX_MAX_CREDIT)
447                 self->initial_credit = TTP_RX_MAX_CREDIT;
448         else
449                 self->initial_credit = credit;
450
451         return self;
452 }
453 EXPORT_SYMBOL(irttp_open_tsap);
454
455 /*
456  * Function irttp_close (handle)
457  *
458  *    Remove an instance of a TSAP. This function should only deal with the
459  *    deallocation of the TSAP, and resetting of the TSAPs values;
460  *
461  */
462 static void __irttp_close_tsap(struct tsap_cb *self)
463 {
464         /* First make sure we're connected. */
465         IRDA_ASSERT(self != NULL, return;);
466         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
467
468         irttp_flush_queues(self);
469
470         del_timer(&self->todo_timer);
471
472         /* This one won't be cleaned up if we are disconnect_pend + close_pend
473          * and we receive a disconnect_indication */
474         if (self->disconnect_skb)
475                 dev_kfree_skb(self->disconnect_skb);
476
477         self->connected = FALSE;
478         self->magic = ~TTP_TSAP_MAGIC;
479
480         kfree(self);
481 }
482
483 /*
484  * Function irttp_close (self)
485  *
486  *    Remove TSAP from list of all TSAPs and then deallocate all resources
487  *    associated with this TSAP
488  *
489  * Note : because we *free* the tsap structure, it is the responsibility
490  * of the caller to make sure we are called only once and to deal with
491  * possible race conditions. - Jean II
492  */
493 int irttp_close_tsap(struct tsap_cb *self)
494 {
495         struct tsap_cb *tsap;
496
497         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
498
499         IRDA_ASSERT(self != NULL, return -1;);
500         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
501
502         /* Make sure tsap has been disconnected */
503         if (self->connected) {
504                 /* Check if disconnect is not pending */
505                 if (!test_bit(0, &self->disconnect_pend)) {
506                         IRDA_WARNING("%s: TSAP still connected!\n",
507                                      __FUNCTION__);
508                         irttp_disconnect_request(self, NULL, P_NORMAL);
509                 }
510                 self->close_pend = TRUE;
511                 irttp_start_todo_timer(self, HZ/10);
512
513                 return 0; /* Will be back! */
514         }
515
516         tsap = hashbin_remove(irttp->tsaps, (long) self, NULL);
517
518         IRDA_ASSERT(tsap == self, return -1;);
519
520         /* Close corresponding LSAP */
521         if (self->lsap) {
522                 irlmp_close_lsap(self->lsap);
523                 self->lsap = NULL;
524         }
525
526         __irttp_close_tsap(self);
527
528         return 0;
529 }
530 EXPORT_SYMBOL(irttp_close_tsap);
531
532 /*
533  * Function irttp_udata_request (self, skb)
534  *
535  *    Send unreliable data on this TSAP
536  *
537  */
538 int irttp_udata_request(struct tsap_cb *self, struct sk_buff *skb)
539 {
540         IRDA_ASSERT(self != NULL, return -1;);
541         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
542         IRDA_ASSERT(skb != NULL, return -1;);
543
544         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
545
546         /* Check that nothing bad happens */
547         if ((skb->len == 0) || (!self->connected)) {
548                 IRDA_DEBUG(1, "%s(), No data, or not connected\n",
549                            __FUNCTION__);
550                 goto err;
551         }
552
553         if (skb->len > self->max_seg_size) {
554                 IRDA_DEBUG(1, "%s(), UData is to large for IrLAP!\n",
555                            __FUNCTION__);
556                 goto err;
557         }
558
559         irlmp_udata_request(self->lsap, skb);
560         self->stats.tx_packets++;
561
562         return 0;
563
564 err:
565         dev_kfree_skb(skb);
566         return -1;
567 }
568 EXPORT_SYMBOL(irttp_udata_request);
569
570
571 /*
572  * Function irttp_data_request (handle, skb)
573  *
574  *    Queue frame for transmission. If SAR is enabled, fragement the frame
575  *    and queue the fragments for transmission
576  */
577 int irttp_data_request(struct tsap_cb *self, struct sk_buff *skb)
578 {
579         __u8 *frame;
580         int ret;
581
582         IRDA_ASSERT(self != NULL, return -1;);
583         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
584         IRDA_ASSERT(skb != NULL, return -1;);
585
586         IRDA_DEBUG(2, "%s() : queue len = %d\n", __FUNCTION__,
587                    skb_queue_len(&self->tx_queue));
588
589         /* Check that nothing bad happens */
590         if ((skb->len == 0) || (!self->connected)) {
591                 IRDA_WARNING("%s: No data, or not connected\n", __FUNCTION__);
592                 ret = -ENOTCONN;
593                 goto err;
594         }
595
596         /*
597          *  Check if SAR is disabled, and the frame is larger than what fits
598          *  inside an IrLAP frame
599          */
600         if ((self->tx_max_sdu_size == 0) && (skb->len > self->max_seg_size)) {
601                 IRDA_ERROR("%s: SAR disabled, and data is to large for IrLAP!\n",
602                            __FUNCTION__);
603                 ret = -EMSGSIZE;
604                 goto err;
605         }
606
607         /*
608          *  Check if SAR is enabled, and the frame is larger than the
609          *  TxMaxSduSize
610          */
611         if ((self->tx_max_sdu_size != 0) &&
612             (self->tx_max_sdu_size != TTP_SAR_UNBOUND) &&
613             (skb->len > self->tx_max_sdu_size))
614         {
615                 IRDA_ERROR("%s: SAR enabled, but data is larger than TxMaxSduSize!\n",
616                            __FUNCTION__);
617                 ret = -EMSGSIZE;
618                 goto err;
619         }
620         /*
621          *  Check if transmit queue is full
622          */
623         if (skb_queue_len(&self->tx_queue) >= TTP_TX_MAX_QUEUE) {
624                 /*
625                  *  Give it a chance to empty itself
626                  */
627                 irttp_run_tx_queue(self);
628
629                 /* Drop packet. This error code should trigger the caller
630                  * to resend the data in the client code - Jean II */
631                 ret = -ENOBUFS;
632                 goto err;
633         }
634
635         /* Queue frame, or queue frame segments */
636         if ((self->tx_max_sdu_size == 0) || (skb->len < self->max_seg_size)) {
637                 /* Queue frame */
638                 IRDA_ASSERT(skb_headroom(skb) >= TTP_HEADER, return -1;);
639                 frame = skb_push(skb, TTP_HEADER);
640                 frame[0] = 0x00; /* Clear more bit */
641
642                 skb_queue_tail(&self->tx_queue, skb);
643         } else {
644                 /*
645                  *  Fragment the frame, this function will also queue the
646                  *  fragments, we don't care about the fact the transmit
647                  *  queue may be overfilled by all the segments for a little
648                  *  while
649                  */
650                 irttp_fragment_skb(self, skb);
651         }
652
653         /* Check if we can accept more data from client */
654         if ((!self->tx_sdu_busy) &&
655             (skb_queue_len(&self->tx_queue) > TTP_TX_HIGH_THRESHOLD)) {
656                 /* Tx queue filling up, so stop client. */
657                 if (self->notify.flow_indication) {
658                         self->notify.flow_indication(self->notify.instance,
659                                                      self, FLOW_STOP);
660                 }
661                 /* self->tx_sdu_busy is the state of the client.
662                  * Update state after notifying client to avoid
663                  * race condition with irttp_flow_indication().
664                  * If the queue empty itself after our test but before
665                  * we set the flag, we will fix ourselves below in
666                  * irttp_run_tx_queue().
667                  * Jean II */
668                 self->tx_sdu_busy = TRUE;
669         }
670
671         /* Try to make some progress */
672         irttp_run_tx_queue(self);
673
674         return 0;
675
676 err:
677         dev_kfree_skb(skb);
678         return ret;
679 }
680 EXPORT_SYMBOL(irttp_data_request);
681
682 /*
683  * Function irttp_run_tx_queue (self)
684  *
685  *    Transmit packets queued for transmission (if possible)
686  *
687  */
688 static void irttp_run_tx_queue(struct tsap_cb *self)
689 {
690         struct sk_buff *skb;
691         unsigned long flags;
692         int n;
693
694         IRDA_DEBUG(2, "%s() : send_credit = %d, queue_len = %d\n",
695                    __FUNCTION__,
696                    self->send_credit, skb_queue_len(&self->tx_queue));
697
698         /* Get exclusive access to the tx queue, otherwise don't touch it */
699         if (irda_lock(&self->tx_queue_lock) == FALSE)
700                 return;
701
702         /* Try to send out frames as long as we have credits
703          * and as long as LAP is not full. If LAP is full, it will
704          * poll us through irttp_flow_indication() - Jean II */
705         while ((self->send_credit > 0) &&
706                (!irlmp_lap_tx_queue_full(self->lsap)) &&
707                (skb = skb_dequeue(&self->tx_queue)))
708         {
709                 /*
710                  *  Since we can transmit and receive frames concurrently,
711                  *  the code below is a critical region and we must assure that
712                  *  nobody messes with the credits while we update them.
713                  */
714                 spin_lock_irqsave(&self->lock, flags);
715
716                 n = self->avail_credit;
717                 self->avail_credit = 0;
718
719                 /* Only room for 127 credits in frame */
720                 if (n > 127) {
721                         self->avail_credit = n-127;
722                         n = 127;
723                 }
724                 self->remote_credit += n;
725                 self->send_credit--;
726
727                 spin_unlock_irqrestore(&self->lock, flags);
728
729                 /*
730                  *  More bit must be set by the data_request() or fragment()
731                  *  functions
732                  */
733                 skb->data[0] |= (n & 0x7f);
734
735                 /* Detach from socket.
736                  * The current skb has a reference to the socket that sent
737                  * it (skb->sk). When we pass it to IrLMP, the skb will be
738                  * stored in in IrLAP (self->wx_list). When we are within
739                  * IrLAP, we lose the notion of socket, so we should not
740                  * have a reference to a socket. So, we drop it here.
741                  *
742                  * Why does it matter ?
743                  * When the skb is freed (kfree_skb), if it is associated
744                  * with a socket, it release buffer space on the socket
745                  * (through sock_wfree() and sock_def_write_space()).
746                  * If the socket no longer exist, we may crash. Hard.
747                  * When we close a socket, we make sure that associated packets
748                  * in IrTTP are freed. However, we have no way to cancel
749                  * the packet that we have passed to IrLAP. So, if a packet
750                  * remains in IrLAP (retry on the link or else) after we
751                  * close the socket, we are dead !
752                  * Jean II */
753                 if (skb->sk != NULL) {
754                         /* IrSOCK application, IrOBEX, ... */
755                         skb_orphan(skb);
756                 }
757                         /* IrCOMM over IrTTP, IrLAN, ... */
758
759                 /* Pass the skb to IrLMP - done */
760                 irlmp_data_request(self->lsap, skb);
761                 self->stats.tx_packets++;
762         }
763
764         /* Check if we can accept more frames from client.
765          * We don't want to wait until the todo timer to do that, and we
766          * can't use tasklets (grr...), so we are obliged to give control
767          * to client. That's ok, this test will be true not too often
768          * (max once per LAP window) and we are called from places
769          * where we can spend a bit of time doing stuff. - Jean II */
770         if ((self->tx_sdu_busy) &&
771             (skb_queue_len(&self->tx_queue) < TTP_TX_LOW_THRESHOLD) &&
772             (!self->close_pend))
773         {
774                 if (self->notify.flow_indication)
775                         self->notify.flow_indication(self->notify.instance,
776                                                      self, FLOW_START);
777
778                 /* self->tx_sdu_busy is the state of the client.
779                  * We don't really have a race here, but it's always safer
780                  * to update our state after the client - Jean II */
781                 self->tx_sdu_busy = FALSE;
782         }
783
784         /* Reset lock */
785         self->tx_queue_lock = 0;
786 }
787
788 /*
789  * Function irttp_give_credit (self)
790  *
791  *    Send a dataless flowdata TTP-PDU and give available credit to peer
792  *    TSAP
793  */
794 static inline void irttp_give_credit(struct tsap_cb *self)
795 {
796         struct sk_buff *tx_skb = NULL;
797         unsigned long flags;
798         int n;
799
800         IRDA_ASSERT(self != NULL, return;);
801         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
802
803         IRDA_DEBUG(4, "%s() send=%d,avail=%d,remote=%d\n",
804                    __FUNCTION__,
805                    self->send_credit, self->avail_credit, self->remote_credit);
806
807         /* Give credit to peer */
808         tx_skb = alloc_skb(TTP_MAX_HEADER, GFP_ATOMIC);
809         if (!tx_skb)
810                 return;
811
812         /* Reserve space for LMP, and LAP header */
813         skb_reserve(tx_skb, LMP_MAX_HEADER);
814
815         /*
816          *  Since we can transmit and receive frames concurrently,
817          *  the code below is a critical region and we must assure that
818          *  nobody messes with the credits while we update them.
819          */
820         spin_lock_irqsave(&self->lock, flags);
821
822         n = self->avail_credit;
823         self->avail_credit = 0;
824
825         /* Only space for 127 credits in frame */
826         if (n > 127) {
827                 self->avail_credit = n - 127;
828                 n = 127;
829         }
830         self->remote_credit += n;
831
832         spin_unlock_irqrestore(&self->lock, flags);
833
834         skb_put(tx_skb, 1);
835         tx_skb->data[0] = (__u8) (n & 0x7f);
836
837         irlmp_data_request(self->lsap, tx_skb);
838         self->stats.tx_packets++;
839 }
840
841 /*
842  * Function irttp_udata_indication (instance, sap, skb)
843  *
844  *    Received some unit-data (unreliable)
845  *
846  */
847 static int irttp_udata_indication(void *instance, void *sap,
848                                   struct sk_buff *skb)
849 {
850         struct tsap_cb *self;
851         int err;
852
853         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
854
855         self = (struct tsap_cb *) instance;
856
857         IRDA_ASSERT(self != NULL, return -1;);
858         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
859         IRDA_ASSERT(skb != NULL, return -1;);
860
861         self->stats.rx_packets++;
862
863         /* Just pass data to layer above */
864         if (self->notify.udata_indication) {
865                 err = self->notify.udata_indication(self->notify.instance,
866                                                     self,skb);
867                 /* Same comment as in irttp_do_data_indication() */
868                 if (!err)
869                         return 0;
870         }
871         /* Either no handler, or handler returns an error */
872         dev_kfree_skb(skb);
873
874         return 0;
875 }
876
877 /*
878  * Function irttp_data_indication (instance, sap, skb)
879  *
880  *    Receive segment from IrLMP.
881  *
882  */
883 static int irttp_data_indication(void *instance, void *sap,
884                                  struct sk_buff *skb)
885 {
886         struct tsap_cb *self;
887         unsigned long flags;
888         int n;
889
890         self = (struct tsap_cb *) instance;
891
892         n = skb->data[0] & 0x7f;     /* Extract the credits */
893
894         self->stats.rx_packets++;
895
896         /*  Deal with inbound credit
897          *  Since we can transmit and receive frames concurrently,
898          *  the code below is a critical region and we must assure that
899          *  nobody messes with the credits while we update them.
900          */
901         spin_lock_irqsave(&self->lock, flags);
902         self->send_credit += n;
903         if (skb->len > 1)
904                 self->remote_credit--;
905         spin_unlock_irqrestore(&self->lock, flags);
906
907         /*
908          *  Data or dataless packet? Dataless frames contains only the
909          *  TTP_HEADER.
910          */
911         if (skb->len > 1) {
912                 /*
913                  *  We don't remove the TTP header, since we must preserve the
914                  *  more bit, so the defragment routing knows what to do
915                  */
916                 skb_queue_tail(&self->rx_queue, skb);
917         } else {
918                 /* Dataless flowdata TTP-PDU */
919                 dev_kfree_skb(skb);
920         }
921
922
923         /* Push data to the higher layer.
924          * We do it synchronously because running the todo timer for each
925          * receive packet would be too much overhead and latency.
926          * By passing control to the higher layer, we run the risk that
927          * it may take time or grab a lock. Most often, the higher layer
928          * will only put packet in a queue.
929          * Anyway, packets are only dripping through the IrDA, so we can
930          * have time before the next packet.
931          * Further, we are run from NET_BH, so the worse that can happen is
932          * us missing the optimal time to send back the PF bit in LAP.
933          * Jean II */
934         irttp_run_rx_queue(self);
935
936         /* We now give credits to peer in irttp_run_rx_queue().
937          * We need to send credit *NOW*, otherwise we are going
938          * to miss the next Tx window. The todo timer may take
939          * a while before it's run... - Jean II */
940
941         /*
942          * If the peer device has given us some credits and we didn't have
943          * anyone from before, then we need to shedule the tx queue.
944          * We need to do that because our Tx have stopped (so we may not
945          * get any LAP flow indication) and the user may be stopped as
946          * well. - Jean II
947          */
948         if (self->send_credit == n) {
949                 /* Restart pushing stuff to LAP */
950                 irttp_run_tx_queue(self);
951                 /* Note : we don't want to schedule the todo timer
952                  * because it has horrible latency. No tasklets
953                  * because the tasklet API is broken. - Jean II */
954         }
955
956         return 0;
957 }
958
959 /*
960  * Function irttp_status_indication (self, reason)
961  *
962  *    Status_indication, just pass to the higher layer...
963  *
964  */
965 static void irttp_status_indication(void *instance,
966                                     LINK_STATUS link, LOCK_STATUS lock)
967 {
968         struct tsap_cb *self;
969
970         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
971
972         self = (struct tsap_cb *) instance;
973
974         IRDA_ASSERT(self != NULL, return;);
975         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
976
977         /* Check if client has already closed the TSAP and gone away */
978         if (self->close_pend)
979                 return;
980
981         /*
982          *  Inform service user if he has requested it
983          */
984         if (self->notify.status_indication != NULL)
985                 self->notify.status_indication(self->notify.instance,
986                                                link, lock);
987         else
988                 IRDA_DEBUG(2, "%s(), no handler\n", __FUNCTION__);
989 }
990
991 /*
992  * Function irttp_flow_indication (self, reason)
993  *
994  *    Flow_indication : IrLAP tells us to send more data.
995  *
996  */
997 static void irttp_flow_indication(void *instance, void *sap, LOCAL_FLOW flow)
998 {
999         struct tsap_cb *self;
1000
1001         self = (struct tsap_cb *) instance;
1002
1003         IRDA_ASSERT(self != NULL, return;);
1004         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1005
1006         IRDA_DEBUG(4, "%s(instance=%p)\n", __FUNCTION__, self);
1007
1008         /* We are "polled" directly from LAP, and the LAP want to fill
1009          * its Tx window. We want to do our best to send it data, so that
1010          * we maximise the window. On the other hand, we want to limit the
1011          * amount of work here so that LAP doesn't hang forever waiting
1012          * for packets. - Jean II */
1013
1014         /* Try to send some packets. Currently, LAP calls us every time
1015          * there is one free slot, so we will send only one packet.
1016          * This allow the scheduler to do its round robin - Jean II */
1017         irttp_run_tx_queue(self);
1018
1019         /* Note regarding the interraction with higher layer.
1020          * irttp_run_tx_queue() may call the client when its queue
1021          * start to empty, via notify.flow_indication(). Initially.
1022          * I wanted this to happen in a tasklet, to avoid client
1023          * grabbing the CPU, but we can't use tasklets safely. And timer
1024          * is definitely too slow.
1025          * This will happen only once per LAP window, and usually at
1026          * the third packet (unless window is smaller). LAP is still
1027          * doing mtt and sending first packet so it's sort of OK
1028          * to do that. Jean II */
1029
1030         /* If we need to send disconnect. try to do it now */
1031         if(self->disconnect_pend)
1032                 irttp_start_todo_timer(self, 0);
1033 }
1034
1035 /*
1036  * Function irttp_flow_request (self, command)
1037  *
1038  *    This function could be used by the upper layers to tell IrTTP to stop
1039  *    delivering frames if the receive queues are starting to get full, or
1040  *    to tell IrTTP to start delivering frames again.
1041  */
1042 void irttp_flow_request(struct tsap_cb *self, LOCAL_FLOW flow)
1043 {
1044         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
1045
1046         IRDA_ASSERT(self != NULL, return;);
1047         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1048
1049         switch (flow) {
1050         case FLOW_STOP:
1051                 IRDA_DEBUG(1, "%s(), flow stop\n", __FUNCTION__);
1052                 self->rx_sdu_busy = TRUE;
1053                 break;
1054         case FLOW_START:
1055                 IRDA_DEBUG(1, "%s(), flow start\n", __FUNCTION__);
1056                 self->rx_sdu_busy = FALSE;
1057
1058                 /* Client say he can accept more data, try to free our
1059                  * queues ASAP - Jean II */
1060                 irttp_run_rx_queue(self);
1061
1062                 break;
1063         default:
1064                 IRDA_DEBUG(1, "%s(), Unknown flow command!\n", __FUNCTION__);
1065         }
1066 }
1067 EXPORT_SYMBOL(irttp_flow_request);
1068
1069 /*
1070  * Function irttp_connect_request (self, dtsap_sel, daddr, qos)
1071  *
1072  *    Try to connect to remote destination TSAP selector
1073  *
1074  */
1075 int irttp_connect_request(struct tsap_cb *self, __u8 dtsap_sel,
1076                           __u32 saddr, __u32 daddr,
1077                           struct qos_info *qos, __u32 max_sdu_size,
1078                           struct sk_buff *userdata)
1079 {
1080         struct sk_buff *tx_skb;
1081         __u8 *frame;
1082         __u8 n;
1083
1084         IRDA_DEBUG(4, "%s(), max_sdu_size=%d\n", __FUNCTION__, max_sdu_size);
1085
1086         IRDA_ASSERT(self != NULL, return -EBADR;);
1087         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -EBADR;);
1088
1089         if (self->connected) {
1090                 if(userdata)
1091                         dev_kfree_skb(userdata);
1092                 return -EISCONN;
1093         }
1094
1095         /* Any userdata supplied? */
1096         if (userdata == NULL) {
1097                 tx_skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
1098                                    GFP_ATOMIC);
1099                 if (!tx_skb)
1100                         return -ENOMEM;
1101
1102                 /* Reserve space for MUX_CONTROL and LAP header */
1103                 skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER);
1104         } else {
1105                 tx_skb = userdata;
1106                 /*
1107                  *  Check that the client has reserved enough space for
1108                  *  headers
1109                  */
1110                 IRDA_ASSERT(skb_headroom(userdata) >= TTP_MAX_HEADER,
1111                         { dev_kfree_skb(userdata); return -1; } );
1112         }
1113
1114         /* Initialize connection parameters */
1115         self->connected = FALSE;
1116         self->avail_credit = 0;
1117         self->rx_max_sdu_size = max_sdu_size;
1118         self->rx_sdu_size = 0;
1119         self->rx_sdu_busy = FALSE;
1120         self->dtsap_sel = dtsap_sel;
1121
1122         n = self->initial_credit;
1123
1124         self->remote_credit = 0;
1125         self->send_credit = 0;
1126
1127         /*
1128          *  Give away max 127 credits for now
1129          */
1130         if (n > 127) {
1131                 self->avail_credit=n-127;
1132                 n = 127;
1133         }
1134
1135         self->remote_credit = n;
1136
1137         /* SAR enabled? */
1138         if (max_sdu_size > 0) {
1139                 IRDA_ASSERT(skb_headroom(tx_skb) >= (TTP_MAX_HEADER + TTP_SAR_HEADER),
1140                         { dev_kfree_skb(tx_skb); return -1; } );
1141
1142                 /* Insert SAR parameters */
1143                 frame = skb_push(tx_skb, TTP_HEADER+TTP_SAR_HEADER);
1144
1145                 frame[0] = TTP_PARAMETERS | n;
1146                 frame[1] = 0x04; /* Length */
1147                 frame[2] = 0x01; /* MaxSduSize */
1148                 frame[3] = 0x02; /* Value length */
1149
1150                 put_unaligned(cpu_to_be16((__u16) max_sdu_size),
1151                               (__be16 *)(frame+4));
1152         } else {
1153                 /* Insert plain TTP header */
1154                 frame = skb_push(tx_skb, TTP_HEADER);
1155
1156                 /* Insert initial credit in frame */
1157                 frame[0] = n & 0x7f;
1158         }
1159
1160         /* Connect with IrLMP. No QoS parameters for now */
1161         return irlmp_connect_request(self->lsap, dtsap_sel, saddr, daddr, qos,
1162                                      tx_skb);
1163 }
1164 EXPORT_SYMBOL(irttp_connect_request);
1165
1166 /*
1167  * Function irttp_connect_confirm (handle, qos, skb)
1168  *
1169  *    Sevice user confirms TSAP connection with peer.
1170  *
1171  */
1172 static void irttp_connect_confirm(void *instance, void *sap,
1173                                   struct qos_info *qos, __u32 max_seg_size,
1174                                   __u8 max_header_size, struct sk_buff *skb)
1175 {
1176         struct tsap_cb *self;
1177         int parameters;
1178         int ret;
1179         __u8 plen;
1180         __u8 n;
1181
1182         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1183
1184         self = (struct tsap_cb *) instance;
1185
1186         IRDA_ASSERT(self != NULL, return;);
1187         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1188         IRDA_ASSERT(skb != NULL, return;);
1189
1190         self->max_seg_size = max_seg_size - TTP_HEADER;
1191         self->max_header_size = max_header_size + TTP_HEADER;
1192
1193         /*
1194          *  Check if we have got some QoS parameters back! This should be the
1195          *  negotiated QoS for the link.
1196          */
1197         if (qos) {
1198                 IRDA_DEBUG(4, "IrTTP, Negotiated BAUD_RATE: %02x\n",
1199                        qos->baud_rate.bits);
1200                 IRDA_DEBUG(4, "IrTTP, Negotiated BAUD_RATE: %d bps.\n",
1201                        qos->baud_rate.value);
1202         }
1203
1204         n = skb->data[0] & 0x7f;
1205
1206         IRDA_DEBUG(4, "%s(), Initial send_credit=%d\n", __FUNCTION__, n);
1207
1208         self->send_credit = n;
1209         self->tx_max_sdu_size = 0;
1210         self->connected = TRUE;
1211
1212         parameters = skb->data[0] & 0x80;
1213
1214         IRDA_ASSERT(skb->len >= TTP_HEADER, return;);
1215         skb_pull(skb, TTP_HEADER);
1216
1217         if (parameters) {
1218                 plen = skb->data[0];
1219
1220                 ret = irda_param_extract_all(self, skb->data+1,
1221                                              IRDA_MIN(skb->len-1, plen),
1222                                              &param_info);
1223
1224                 /* Any errors in the parameter list? */
1225                 if (ret < 0) {
1226                         IRDA_WARNING("%s: error extracting parameters\n",
1227                                      __FUNCTION__);
1228                         dev_kfree_skb(skb);
1229
1230                         /* Do not accept this connection attempt */
1231                         return;
1232                 }
1233                 /* Remove parameters */
1234                 skb_pull(skb, IRDA_MIN(skb->len, plen+1));
1235         }
1236
1237         IRDA_DEBUG(4, "%s() send=%d,avail=%d,remote=%d\n", __FUNCTION__,
1238               self->send_credit, self->avail_credit, self->remote_credit);
1239
1240         IRDA_DEBUG(2, "%s(), MaxSduSize=%d\n", __FUNCTION__,
1241                    self->tx_max_sdu_size);
1242
1243         if (self->notify.connect_confirm) {
1244                 self->notify.connect_confirm(self->notify.instance, self, qos,
1245                                              self->tx_max_sdu_size,
1246                                              self->max_header_size, skb);
1247         } else
1248                 dev_kfree_skb(skb);
1249 }
1250
1251 /*
1252  * Function irttp_connect_indication (handle, skb)
1253  *
1254  *    Some other device is connecting to this TSAP
1255  *
1256  */
1257 void irttp_connect_indication(void *instance, void *sap, struct qos_info *qos,
1258                               __u32 max_seg_size, __u8 max_header_size,
1259                               struct sk_buff *skb)
1260 {
1261         struct tsap_cb *self;
1262         struct lsap_cb *lsap;
1263         int parameters;
1264         int ret;
1265         __u8 plen;
1266         __u8 n;
1267
1268         self = (struct tsap_cb *) instance;
1269
1270         IRDA_ASSERT(self != NULL, return;);
1271         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1272         IRDA_ASSERT(skb != NULL, return;);
1273
1274         lsap = (struct lsap_cb *) sap;
1275
1276         self->max_seg_size = max_seg_size - TTP_HEADER;
1277         self->max_header_size = max_header_size+TTP_HEADER;
1278
1279         IRDA_DEBUG(4, "%s(), TSAP sel=%02x\n", __FUNCTION__, self->stsap_sel);
1280
1281         /* Need to update dtsap_sel if its equal to LSAP_ANY */
1282         self->dtsap_sel = lsap->dlsap_sel;
1283
1284         n = skb->data[0] & 0x7f;
1285
1286         self->send_credit = n;
1287         self->tx_max_sdu_size = 0;
1288
1289         parameters = skb->data[0] & 0x80;
1290
1291         IRDA_ASSERT(skb->len >= TTP_HEADER, return;);
1292         skb_pull(skb, TTP_HEADER);
1293
1294         if (parameters) {
1295                 plen = skb->data[0];
1296
1297                 ret = irda_param_extract_all(self, skb->data+1,
1298                                              IRDA_MIN(skb->len-1, plen),
1299                                              &param_info);
1300
1301                 /* Any errors in the parameter list? */
1302                 if (ret < 0) {
1303                         IRDA_WARNING("%s: error extracting parameters\n",
1304                                      __FUNCTION__);
1305                         dev_kfree_skb(skb);
1306
1307                         /* Do not accept this connection attempt */
1308                         return;
1309                 }
1310
1311                 /* Remove parameters */
1312                 skb_pull(skb, IRDA_MIN(skb->len, plen+1));
1313         }
1314
1315         if (self->notify.connect_indication) {
1316                 self->notify.connect_indication(self->notify.instance, self,
1317                                                 qos, self->tx_max_sdu_size,
1318                                                 self->max_header_size, skb);
1319         } else
1320                 dev_kfree_skb(skb);
1321 }
1322
1323 /*
1324  * Function irttp_connect_response (handle, userdata)
1325  *
1326  *    Service user is accepting the connection, just pass it down to
1327  *    IrLMP!
1328  *
1329  */
1330 int irttp_connect_response(struct tsap_cb *self, __u32 max_sdu_size,
1331                            struct sk_buff *userdata)
1332 {
1333         struct sk_buff *tx_skb;
1334         __u8 *frame;
1335         int ret;
1336         __u8 n;
1337
1338         IRDA_ASSERT(self != NULL, return -1;);
1339         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
1340
1341         IRDA_DEBUG(4, "%s(), Source TSAP selector=%02x\n", __FUNCTION__,
1342                    self->stsap_sel);
1343
1344         /* Any userdata supplied? */
1345         if (userdata == NULL) {
1346                 tx_skb = alloc_skb(TTP_MAX_HEADER + TTP_SAR_HEADER,
1347                                    GFP_ATOMIC);
1348                 if (!tx_skb)
1349                         return -ENOMEM;
1350
1351                 /* Reserve space for MUX_CONTROL and LAP header */
1352                 skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER);
1353         } else {
1354                 tx_skb = userdata;
1355                 /*
1356                  *  Check that the client has reserved enough space for
1357                  *  headers
1358                  */
1359                 IRDA_ASSERT(skb_headroom(userdata) >= TTP_MAX_HEADER,
1360                         { dev_kfree_skb(userdata); return -1; } );
1361         }
1362
1363         self->avail_credit = 0;
1364         self->remote_credit = 0;
1365         self->rx_max_sdu_size = max_sdu_size;
1366         self->rx_sdu_size = 0;
1367         self->rx_sdu_busy = FALSE;
1368
1369         n = self->initial_credit;
1370
1371         /* Frame has only space for max 127 credits (7 bits) */
1372         if (n > 127) {
1373                 self->avail_credit = n - 127;
1374                 n = 127;
1375         }
1376
1377         self->remote_credit = n;
1378         self->connected = TRUE;
1379
1380         /* SAR enabled? */
1381         if (max_sdu_size > 0) {
1382                 IRDA_ASSERT(skb_headroom(tx_skb) >= (TTP_MAX_HEADER + TTP_SAR_HEADER),
1383                         { dev_kfree_skb(tx_skb); return -1; } );
1384
1385                 /* Insert TTP header with SAR parameters */
1386                 frame = skb_push(tx_skb, TTP_HEADER+TTP_SAR_HEADER);
1387
1388                 frame[0] = TTP_PARAMETERS | n;
1389                 frame[1] = 0x04; /* Length */
1390
1391                 /* irda_param_insert(self, IRTTP_MAX_SDU_SIZE, frame+1,  */
1392 /*                                TTP_SAR_HEADER, &param_info) */
1393
1394                 frame[2] = 0x01; /* MaxSduSize */
1395                 frame[3] = 0x02; /* Value length */
1396
1397                 put_unaligned(cpu_to_be16((__u16) max_sdu_size),
1398                               (__be16 *)(frame+4));
1399         } else {
1400                 /* Insert TTP header */
1401                 frame = skb_push(tx_skb, TTP_HEADER);
1402
1403                 frame[0] = n & 0x7f;
1404         }
1405
1406         ret = irlmp_connect_response(self->lsap, tx_skb);
1407
1408         return ret;
1409 }
1410 EXPORT_SYMBOL(irttp_connect_response);
1411
1412 /*
1413  * Function irttp_dup (self, instance)
1414  *
1415  *    Duplicate TSAP, can be used by servers to confirm a connection on a
1416  *    new TSAP so it can keep listening on the old one.
1417  */
1418 struct tsap_cb *irttp_dup(struct tsap_cb *orig, void *instance)
1419 {
1420         struct tsap_cb *new;
1421         unsigned long flags;
1422
1423         IRDA_DEBUG(1, "%s()\n", __FUNCTION__);
1424
1425         /* Protect our access to the old tsap instance */
1426         spin_lock_irqsave(&irttp->tsaps->hb_spinlock, flags);
1427
1428         /* Find the old instance */
1429         if (!hashbin_find(irttp->tsaps, (long) orig, NULL)) {
1430                 IRDA_DEBUG(0, "%s(), unable to find TSAP\n", __FUNCTION__);
1431                 spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1432                 return NULL;
1433         }
1434
1435         /* Allocate a new instance */
1436         new = kmalloc(sizeof(struct tsap_cb), GFP_ATOMIC);
1437         if (!new) {
1438                 IRDA_DEBUG(0, "%s(), unable to kmalloc\n", __FUNCTION__);
1439                 spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1440                 return NULL;
1441         }
1442         /* Dup */
1443         memcpy(new, orig, sizeof(struct tsap_cb));
1444
1445         /* We don't need the old instance any more */
1446         spin_unlock_irqrestore(&irttp->tsaps->hb_spinlock, flags);
1447
1448         /* Try to dup the LSAP (may fail if we were too slow) */
1449         new->lsap = irlmp_dup(orig->lsap, new);
1450         if (!new->lsap) {
1451                 IRDA_DEBUG(0, "%s(), dup failed!\n", __FUNCTION__);
1452                 kfree(new);
1453                 return NULL;
1454         }
1455
1456         /* Not everything should be copied */
1457         new->notify.instance = instance;
1458         init_timer(&new->todo_timer);
1459
1460         skb_queue_head_init(&new->rx_queue);
1461         skb_queue_head_init(&new->tx_queue);
1462         skb_queue_head_init(&new->rx_fragments);
1463
1464         /* This is locked */
1465         hashbin_insert(irttp->tsaps, (irda_queue_t *) new, (long) new, NULL);
1466
1467         return new;
1468 }
1469 EXPORT_SYMBOL(irttp_dup);
1470
1471 /*
1472  * Function irttp_disconnect_request (self)
1473  *
1474  *    Close this connection please! If priority is high, the queued data
1475  *    segments, if any, will be deallocated first
1476  *
1477  */
1478 int irttp_disconnect_request(struct tsap_cb *self, struct sk_buff *userdata,
1479                              int priority)
1480 {
1481         int ret;
1482
1483         IRDA_ASSERT(self != NULL, return -1;);
1484         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return -1;);
1485
1486         /* Already disconnected? */
1487         if (!self->connected) {
1488                 IRDA_DEBUG(4, "%s(), already disconnected!\n", __FUNCTION__);
1489                 if (userdata)
1490                         dev_kfree_skb(userdata);
1491                 return -1;
1492         }
1493
1494         /* Disconnect already pending ?
1495          * We need to use an atomic operation to prevent reentry. This
1496          * function may be called from various context, like user, timer
1497          * for following a disconnect_indication() (i.e. net_bh).
1498          * Jean II */
1499         if(test_and_set_bit(0, &self->disconnect_pend)) {
1500                 IRDA_DEBUG(0, "%s(), disconnect already pending\n",
1501                            __FUNCTION__);
1502                 if (userdata)
1503                         dev_kfree_skb(userdata);
1504
1505                 /* Try to make some progress */
1506                 irttp_run_tx_queue(self);
1507                 return -1;
1508         }
1509
1510         /*
1511          *  Check if there is still data segments in the transmit queue
1512          */
1513         if (!skb_queue_empty(&self->tx_queue)) {
1514                 if (priority == P_HIGH) {
1515                         /*
1516                          *  No need to send the queued data, if we are
1517                          *  disconnecting right now since the data will
1518                          *  not have any usable connection to be sent on
1519                          */
1520                         IRDA_DEBUG(1, "%s(): High priority!!()\n", __FUNCTION__);
1521                         irttp_flush_queues(self);
1522                 } else if (priority == P_NORMAL) {
1523                         /*
1524                          *  Must delay disconnect until after all data segments
1525                          *  have been sent and the tx_queue is empty
1526                          */
1527                         /* We'll reuse this one later for the disconnect */
1528                         self->disconnect_skb = userdata;  /* May be NULL */
1529
1530                         irttp_run_tx_queue(self);
1531
1532                         irttp_start_todo_timer(self, HZ/10);
1533                         return -1;
1534                 }
1535         }
1536         /* Note : we don't need to check if self->rx_queue is full and the
1537          * state of self->rx_sdu_busy because the disconnect response will
1538          * be sent at the LMP level (so even if the peer has its Tx queue
1539          * full of data). - Jean II */
1540
1541         IRDA_DEBUG(1, "%s(), Disconnecting ...\n", __FUNCTION__);
1542         self->connected = FALSE;
1543
1544         if (!userdata) {
1545                 struct sk_buff *tx_skb;
1546                 tx_skb = alloc_skb(LMP_MAX_HEADER, GFP_ATOMIC);
1547                 if (!tx_skb)
1548                         return -ENOMEM;
1549
1550                 /*
1551                  *  Reserve space for MUX and LAP header
1552                  */
1553                 skb_reserve(tx_skb, LMP_MAX_HEADER);
1554
1555                 userdata = tx_skb;
1556         }
1557         ret = irlmp_disconnect_request(self->lsap, userdata);
1558
1559         /* The disconnect is no longer pending */
1560         clear_bit(0, &self->disconnect_pend);   /* FALSE */
1561
1562         return ret;
1563 }
1564 EXPORT_SYMBOL(irttp_disconnect_request);
1565
1566 /*
1567  * Function irttp_disconnect_indication (self, reason)
1568  *
1569  *    Disconnect indication, TSAP disconnected by peer?
1570  *
1571  */
1572 void irttp_disconnect_indication(void *instance, void *sap, LM_REASON reason,
1573                                  struct sk_buff *skb)
1574 {
1575         struct tsap_cb *self;
1576
1577         IRDA_DEBUG(4, "%s()\n", __FUNCTION__);
1578
1579         self = (struct tsap_cb *) instance;
1580
1581         IRDA_ASSERT(self != NULL, return;);
1582         IRDA_ASSERT(self->magic == TTP_TSAP_MAGIC, return;);
1583
1584         /* Prevent higher layer to send more data */
1585         self->connected = FALSE;
1586
1587         /* Check if client has already tried to close the TSAP */
1588         if (self->close_pend) {
1589                 /* In this case, the higher layer is probably gone. Don't
1590                  * bother it and clean up the remains - Jean II */
1591                 if (skb)
1592                         dev_kfree_skb(skb);
1593                 irttp_close_tsap(self);
1594                 return;
1595         }
1596
1597         /* If we are here, we assume that is the higher layer is still
1598          * waiting for the disconnect notification and able to process it,
1599          * even if he tried to disconnect. Otherwise, it would have already
1600          * attempted to close the tsap and self->close_pend would be TRUE.
1601          * Jean II */
1602
1603         /* No need to notify the client if has already tried to disconnect */
1604         if(self->notify.disconnect_indication)
1605                 self->notify.disconnect_indication(self->notify.instance, self,
1606                                                    reason, skb);
1607         else
1608                 if (skb)
1609                         dev_kfree_skb(skb);
1610 }
1611
1612 /*
1613  * Function irttp_do_data_indication (self, skb)
1614  *
1615  *    Try to deliver reassembled skb to layer above, and requeue it if that
1616  *    for some reason should fail. We mark rx sdu as busy to apply back
1617  *    pressure is necessary.
1618  */
1619 static void irttp_do_data_indication(struct tsap_cb *self, struct sk_buff *skb)
1620 {
1621         int err;
1622
1623         /* Check if client has already closed the TSAP and gone away */
1624         if (self->close_pend) {
1625                 dev_kfree_skb(skb);
1626                 return;
1627         }
1628
1629         err = self->notify.data_indication(self->notify.instance, self, skb);
1630
1631         /* Usually the layer above will notify that it's input queue is
1632          * starting to get filled by using the flow request, but this may
1633          * be difficult, so it can instead just refuse to eat it and just
1634          * give an error back
1635          */
1636         if (err) {
1637                 IRDA_DEBUG(0, "%s() requeueing skb!\n", __FUNCTION__);
1638
1639                 /* Make sure we take a break */
1640                 self->rx_sdu_busy = TRUE;
1641
1642                 /* Need to push the header in again */
1643                 skb_push(skb, TTP_HEADER);
1644                 skb->data[0] = 0x00; /* Make sure MORE bit is cleared */
1645
1646                 /* Put skb back on queue */
1647                 skb_queue_head(&self->rx_queue, skb);
1648         }
1649 }
1650
1651 /*
1652  * Function irttp_run_rx_queue (self)
1653  *
1654  *     Check if we have any frames to be transmitted, or if we have any
1655  *     available credit to give away.
1656  */
1657 void irttp_run_rx_queue(struct tsap_cb *self)
1658 {
1659         struct sk_buff *skb;
1660         int more = 0;
1661
1662         IRDA_DEBUG(2, "%s() send=%d,avail=%d,remote=%d\n", __FUNCTION__,
1663                    self->send_credit, self->avail_credit, self->remote_credit);
1664
1665         /* Get exclusive access to the rx queue, otherwise don't touch it */
1666         if (irda_lock(&self->rx_queue_lock) == FALSE)
1667                 return;
1668
1669         /*
1670          *  Reassemble all frames in receive queue and deliver them
1671          */
1672         while (!self->rx_sdu_busy && (skb = skb_dequeue(&self->rx_queue))) {
1673                 /* This bit will tell us if it's the last fragment or not */
1674                 more = skb->data[0] & 0x80;
1675
1676                 /* Remove TTP header */
1677                 skb_pull(skb, TTP_HEADER);
1678
1679                 /* Add the length of the remaining data */
1680                 self->rx_sdu_size += skb->len;
1681
1682                 /*
1683                  * If SAR is disabled, or user has requested no reassembly
1684                  * of received fragments then we just deliver them
1685                  * immediately. This can be requested by clients that
1686                  * implements byte streams without any message boundaries
1687                  */
1688                 if (self->rx_max_sdu_size == TTP_SAR_DISABLE) {
1689                         irttp_do_data_indication(self, skb);
1690                         self->rx_sdu_size = 0;
1691
1692                         continue;
1693                 }
1694
1695                 /* Check if this is a fragment, and not the last fragment */
1696                 if (more) {
1697                         /*
1698                          *  Queue the fragment if we still are within the
1699                          *  limits of the maximum size of the rx_sdu
1700                          */
1701                         if (self->rx_sdu_size <= self->rx_max_sdu_size) {
1702                                 IRDA_DEBUG(4, "%s(), queueing frag\n",
1703                                            __FUNCTION__);
1704                                 skb_queue_tail(&self->rx_fragments, skb);
1705                         } else {
1706                                 /* Free the part of the SDU that is too big */
1707                                 dev_kfree_skb(skb);
1708                         }
1709                         continue;
1710                 }
1711                 /*
1712                  *  This is the last fragment, so time to reassemble!
1713                  */
1714                 if ((self->rx_sdu_size <= self->rx_max_sdu_size) ||
1715                     (self->rx_max_sdu_size == TTP_SAR_UNBOUND))
1716                 {
1717                         /*
1718                          * A little optimizing. Only queue the fragment if
1719                          * there are other fragments. Since if this is the
1720                          * last and only fragment, there is no need to
1721                          * reassemble :-)
1722                          */
1723                         if (!skb_queue_empty(&self->rx_fragments)) {
1724                                 skb_queue_tail(&self->rx_fragments,
1725                                                skb);
1726
1727                                 skb = irttp_reassemble_skb(self);
1728                         }
1729
1730                         /* Now we can deliver the reassembled skb */
1731                         irttp_do_data_indication(self, skb);
1732                 } else {
1733                         IRDA_DEBUG(1, "%s(), Truncated frame\n", __FUNCTION__);
1734
1735                         /* Free the part of the SDU that is too big */
1736                         dev_kfree_skb(skb);
1737
1738                         /* Deliver only the valid but truncated part of SDU */
1739                         skb = irttp_reassemble_skb(self);
1740
1741                         irttp_do_data_indication(self, skb);
1742                 }
1743                 self->rx_sdu_size = 0;
1744         }
1745
1746         /*
1747          * It's not trivial to keep track of how many credits are available
1748          * by incrementing at each packet, because delivery may fail
1749          * (irttp_do_data_indication() may requeue the frame) and because
1750          * we need to take care of fragmentation.
1751          * We want the other side to send up to initial_credit packets.
1752          * We have some frames in our queues, and we have already allowed it
1753          * to send remote_credit.
1754          * No need to spinlock, write is atomic and self correcting...
1755          * Jean II
1756          */
1757         self->avail_credit = (self->initial_credit -
1758                               (self->remote_credit +
1759                                skb_queue_len(&self->rx_queue) +
1760                                skb_queue_len(&self->rx_fragments)));
1761
1762         /* Do we have too much credits to send to peer ? */
1763         if ((self->remote_credit <= TTP_RX_MIN_CREDIT) &&
1764             (self->avail_credit > 0)) {
1765                 /* Send explicit credit frame */
1766                 irttp_give_credit(self);
1767                 /* Note : do *NOT* check if tx_queue is non-empty, that
1768                  * will produce deadlocks. I repeat : send a credit frame
1769                  * even if we have something to send in our Tx queue.
1770                  * If we have credits, it means that our Tx queue is blocked.
1771                  *
1772                  * Let's suppose the peer can't keep up with our Tx. He will
1773                  * flow control us by not sending us any credits, and we
1774                  * will stop Tx and start accumulating credits here.
1775                  * Up to the point where the peer will stop its Tx queue,
1776                  * for lack of credits.
1777                  * Let's assume the peer application is single threaded.
1778                  * It will block on Tx and never consume any Rx buffer.
1779                  * Deadlock. Guaranteed. - Jean II
1780                  */
1781         }
1782
1783         /* Reset lock */
1784         self->rx_queue_lock = 0;
1785 }
1786
1787 #ifdef CONFIG_PROC_FS
1788 struct irttp_iter_state {
1789         int id;
1790 };
1791
1792 static void *irttp_seq_start(struct seq_file *seq, loff_t *pos)
1793 {
1794         struct irttp_iter_state *iter = seq->private;
1795         struct tsap_cb *self;
1796
1797         /* Protect our access to the tsap list */
1798         spin_lock_irq(&irttp->tsaps->hb_spinlock);
1799         iter->id = 0;
1800
1801         for (self = (struct tsap_cb *) hashbin_get_first(irttp->tsaps);
1802              self != NULL;
1803              self = (struct tsap_cb *) hashbin_get_next(irttp->tsaps)) {
1804                 if (iter->id == *pos)
1805                         break;
1806                 ++iter->id;
1807         }
1808
1809         return self;
1810 }
1811
1812 static void *irttp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
1813 {
1814         struct irttp_iter_state *iter = seq->private;
1815
1816         ++*pos;
1817         ++iter->id;
1818         return (void *) hashbin_get_next(irttp->tsaps);
1819 }
1820
1821 static void irttp_seq_stop(struct seq_file *seq, void *v)
1822 {
1823         spin_unlock_irq(&irttp->tsaps->hb_spinlock);
1824 }
1825
1826 static int irttp_seq_show(struct seq_file *seq, void *v)
1827 {
1828         const struct irttp_iter_state *iter = seq->private;
1829         const struct tsap_cb *self = v;
1830
1831         seq_printf(seq, "TSAP %d, ", iter->id);
1832         seq_printf(seq, "stsap_sel: %02x, ",
1833                    self->stsap_sel);
1834         seq_printf(seq, "dtsap_sel: %02x\n",
1835                    self->dtsap_sel);
1836         seq_printf(seq, "  connected: %s, ",
1837                    self->connected? "TRUE":"FALSE");
1838         seq_printf(seq, "avail credit: %d, ",
1839                    self->avail_credit);
1840         seq_printf(seq, "remote credit: %d, ",
1841                    self->remote_credit);
1842         seq_printf(seq, "send credit: %d\n",
1843                    self->send_credit);
1844         seq_printf(seq, "  tx packets: %ld, ",
1845                    self->stats.tx_packets);
1846         seq_printf(seq, "rx packets: %ld, ",
1847                    self->stats.rx_packets);
1848         seq_printf(seq, "tx_queue len: %d ",
1849                    skb_queue_len(&self->tx_queue));
1850         seq_printf(seq, "rx_queue len: %d\n",
1851                    skb_queue_len(&self->rx_queue));
1852         seq_printf(seq, "  tx_sdu_busy: %s, ",
1853                    self->tx_sdu_busy? "TRUE":"FALSE");
1854         seq_printf(seq, "rx_sdu_busy: %s\n",
1855                    self->rx_sdu_busy? "TRUE":"FALSE");
1856         seq_printf(seq, "  max_seg_size: %d, ",
1857                    self->max_seg_size);
1858         seq_printf(seq, "tx_max_sdu_size: %d, ",
1859                    self->tx_max_sdu_size);
1860         seq_printf(seq, "rx_max_sdu_size: %d\n",
1861                    self->rx_max_sdu_size);
1862
1863         seq_printf(seq, "  Used by (%s)\n\n",
1864                    self->notify.name);
1865         return 0;
1866 }
1867
1868 static struct seq_operations irttp_seq_ops = {
1869         .start  = irttp_seq_start,
1870         .next   = irttp_seq_next,
1871         .stop   = irttp_seq_stop,
1872         .show   = irttp_seq_show,
1873 };
1874
1875 static int irttp_seq_open(struct inode *inode, struct file *file)
1876 {
1877         struct seq_file *seq;
1878         int rc = -ENOMEM;
1879         struct irttp_iter_state *s;
1880
1881         s = kzalloc(sizeof(*s), GFP_KERNEL);
1882         if (!s)
1883                 goto out;
1884
1885         rc = seq_open(file, &irttp_seq_ops);
1886         if (rc)
1887                 goto out_kfree;
1888
1889         seq          = file->private_data;
1890         seq->private = s;
1891 out:
1892         return rc;
1893 out_kfree:
1894         kfree(s);
1895         goto out;
1896 }
1897
1898 const struct file_operations irttp_seq_fops = {
1899         .owner          = THIS_MODULE,
1900         .open           = irttp_seq_open,
1901         .read           = seq_read,
1902         .llseek         = seq_lseek,
1903         .release        = seq_release_private,
1904 };
1905
1906 #endif /* PROC_FS */