ACPICA: Fixes for parameter validation.
[linux-2.6] / drivers / char / n_r3964.c
1 /* r3964 linediscipline for linux
2  *
3  * -----------------------------------------------------------
4  * Copyright by 
5  * Philips Automation Projects
6  * Kassel (Germany)
7  * http://www.pap-philips.de
8  * -----------------------------------------------------------
9  * This software may be used and distributed according to the terms of
10  * the GNU General Public License, incorporated herein by reference.
11  *
12  * Author:
13  * L. Haag
14  *
15  * $Log: n_r3964.c,v $
16  * Revision 1.10  2001/03/18 13:02:24  dwmw2
17  * Fix timer usage, use spinlocks properly.
18  *
19  * Revision 1.9  2001/03/18 12:52:14  dwmw2
20  * Merge changes in 2.4.2
21  *
22  * Revision 1.8  2000/03/23 14:14:54  dwmw2
23  * Fix race in sleeping in r3964_read()
24  *
25  * Revision 1.7  1999/28/08 11:41:50  dwmw2
26  * Port to 2.3 kernel
27  *
28  * Revision 1.6  1998/09/30 00:40:40  dwmw2
29  * Fixed compilation on 2.0.x kernels
30  * Updated to newly registered tty-ldisc number 9
31  *
32  * Revision 1.5  1998/09/04 21:57:36  dwmw2
33  * Signal handling bug fixes, port to 2.1.x.
34  *
35  * Revision 1.4  1998/04/02 20:26:59  lhaag
36  * select, blocking, ...
37  *
38  * Revision 1.3  1998/02/12 18:58:43  root
39  * fixed some memory leaks
40  * calculation of checksum characters
41  *
42  * Revision 1.2  1998/02/07 13:03:34  root
43  * ioctl read_telegram
44  *
45  * Revision 1.1  1998/02/06 19:21:03  root
46  * Initial revision
47  *
48  *
49  */
50
51 #include <linux/module.h>
52 #include <linux/kernel.h>
53 #include <linux/sched.h>
54 #include <linux/types.h>
55 #include <linux/fcntl.h>
56 #include <linux/interrupt.h>
57 #include <linux/ptrace.h>
58 #include <linux/ioport.h>
59 #include <linux/in.h>
60 #include <linux/slab.h>
61 #include <linux/tty.h>
62 #include <linux/errno.h>
63 #include <linux/string.h>   /* used in new tty drivers */
64 #include <linux/signal.h>   /* used in new tty drivers */
65 #include <linux/ioctl.h>
66 #include <linux/n_r3964.h>
67 #include <linux/poll.h>
68 #include <linux/init.h>
69 #include <asm/uaccess.h>
70
71
72 //#define DEBUG_QUEUE
73
74 /* Log successful handshake and protocol operations  */
75 //#define DEBUG_PROTO_S
76
77 /* Log handshake and protocol errors: */
78 //#define DEBUG_PROTO_E
79
80 /* Log Linediscipline operations (open, close, read, write...): */
81 //#define DEBUG_LDISC
82
83 /* Log module and memory operations (init, cleanup; kmalloc, kfree): */
84 //#define DEBUG_MODUL
85
86 /* Macro helpers for debug output: */
87 #define TRACE(format, args...) printk("r3964: " format "\n" , ## args);
88
89 #ifdef DEBUG_MODUL
90 #define TRACE_M(format, args...) printk("r3964: " format "\n" , ## args);
91 #else
92 #define TRACE_M(fmt, arg...) /**/
93 #endif
94
95 #ifdef DEBUG_PROTO_S
96 #define TRACE_PS(format, args...) printk("r3964: " format "\n" , ## args);
97 #else
98 #define TRACE_PS(fmt, arg...) /**/
99 #endif
100
101 #ifdef DEBUG_PROTO_E
102 #define TRACE_PE(format, args...) printk("r3964: " format "\n" , ## args);
103 #else
104 #define TRACE_PE(fmt, arg...) /**/
105 #endif
106
107 #ifdef DEBUG_LDISC
108 #define TRACE_L(format, args...) printk("r3964: " format "\n" , ## args);
109 #else
110 #define TRACE_L(fmt, arg...) /**/
111 #endif
112
113 #ifdef DEBUG_QUEUE
114 #define TRACE_Q(format, args...) printk("r3964: " format "\n" , ## args);
115 #else
116 #define TRACE_Q(fmt, arg...) /**/
117 #endif
118
119 static void add_tx_queue(struct r3964_info *, struct r3964_block_header *);
120 static void remove_from_tx_queue(struct r3964_info *pInfo, int error_code);
121 static void put_char(struct r3964_info *pInfo, unsigned char ch);
122 static void trigger_transmit(struct r3964_info *pInfo);
123 static void retry_transmit(struct r3964_info *pInfo);
124 static void transmit_block(struct r3964_info *pInfo);
125 static void receive_char(struct r3964_info *pInfo, const unsigned char c);
126 static void receive_error(struct r3964_info *pInfo, const char flag);
127 static void on_timeout(unsigned long priv);
128 static int enable_signals(struct r3964_info *pInfo, struct pid *pid, int arg);
129 static int read_telegram(struct r3964_info *pInfo, struct pid *pid, unsigned char __user *buf);
130 static void add_msg(struct r3964_client_info *pClient, int msg_id, int arg,
131              int error_code, struct r3964_block_header *pBlock);
132 static struct r3964_message* remove_msg(struct r3964_info *pInfo, 
133              struct r3964_client_info *pClient);
134 static void remove_client_block(struct r3964_info *pInfo, 
135                 struct r3964_client_info *pClient);
136
137 static int  r3964_open(struct tty_struct *tty);
138 static void r3964_close(struct tty_struct *tty);
139 static ssize_t r3964_read(struct tty_struct *tty, struct file *file,
140                      unsigned char __user *buf, size_t nr);
141 static ssize_t r3964_write(struct tty_struct * tty, struct file * file,
142                       const unsigned char * buf, size_t nr);
143 static int r3964_ioctl(struct tty_struct * tty, struct file * file,
144                        unsigned int cmd, unsigned long arg);
145 static void r3964_set_termios(struct tty_struct *tty, struct ktermios * old);
146 static unsigned int r3964_poll(struct tty_struct * tty, struct file * file,
147                       struct poll_table_struct  *wait);
148 static void r3964_receive_buf(struct tty_struct *tty, const unsigned char *cp,
149                               char *fp, int count);
150
151 static struct tty_ldisc tty_ldisc_N_R3964 = {
152         .owner   = THIS_MODULE,
153         .magic  = TTY_LDISC_MAGIC, 
154         .name   = "R3964",
155         .open   = r3964_open,
156         .close  = r3964_close,
157         .read   = r3964_read,
158         .write  = r3964_write,
159         .ioctl  = r3964_ioctl,
160         .set_termios = r3964_set_termios,
161         .poll   = r3964_poll,            
162         .receive_buf = r3964_receive_buf,
163 };
164
165
166
167 static void dump_block(const unsigned char *block, unsigned int length)
168 {
169    unsigned int i,j;
170    char linebuf[16*3+1];
171    
172    for(i=0;i<length;i+=16)
173    {
174       for(j=0;(j<16) && (j+i<length);j++)
175       {
176          sprintf(linebuf+3*j,"%02x ",block[i+j]);
177       }
178       linebuf[3*j]='\0';
179       TRACE_PS("%s",linebuf);
180    }
181 }
182
183          
184
185
186 /*************************************************************
187  * Driver initialisation
188  *************************************************************/
189
190
191 /*************************************************************
192  * Module support routines
193  *************************************************************/
194
195 static void __exit r3964_exit(void)
196 {
197    int status;
198    
199    TRACE_M ("cleanup_module()");
200
201    status=tty_unregister_ldisc(N_R3964);
202    
203    if(status!=0)
204    {
205       printk(KERN_ERR "r3964: error unregistering linediscipline: %d\n", status);
206    }
207    else
208    {
209       TRACE_L("linediscipline successfully unregistered");
210    }
211    
212 }
213
214 static int __init r3964_init(void)
215 {
216    int status;
217    
218    printk ("r3964: Philips r3964 Driver $Revision: 1.10 $\n");
219
220    /*
221     * Register the tty line discipline
222     */
223    
224    status = tty_register_ldisc (N_R3964, &tty_ldisc_N_R3964);
225    if (status == 0)
226      {
227        TRACE_L("line discipline %d registered", N_R3964);
228        TRACE_L("flags=%x num=%x", tty_ldisc_N_R3964.flags, 
229                tty_ldisc_N_R3964.num);
230        TRACE_L("open=%p", tty_ldisc_N_R3964.open);
231        TRACE_L("tty_ldisc_N_R3964 = %p", &tty_ldisc_N_R3964);
232      }
233    else
234      {
235        printk (KERN_ERR "r3964: error registering line discipline: %d\n", status);
236      }
237    return status;
238 }
239
240 module_init(r3964_init);
241 module_exit(r3964_exit);
242
243
244 /*************************************************************
245  * Protocol implementation routines
246  *************************************************************/
247
248 static void add_tx_queue(struct r3964_info *pInfo, struct r3964_block_header *pHeader)
249 {
250    unsigned long flags;
251    
252    spin_lock_irqsave(&pInfo->lock, flags);
253
254    pHeader->next = NULL;
255
256    if(pInfo->tx_last == NULL)
257    {
258       pInfo->tx_first = pInfo->tx_last = pHeader;
259    }
260    else
261    {
262       pInfo->tx_last->next = pHeader;
263       pInfo->tx_last = pHeader;
264    }
265    
266    spin_unlock_irqrestore(&pInfo->lock, flags);
267
268    TRACE_Q("add_tx_queue %p, length %d, tx_first = %p", 
269           pHeader, pHeader->length, pInfo->tx_first );
270 }
271
272 static void remove_from_tx_queue(struct r3964_info *pInfo, int error_code)
273 {
274    struct r3964_block_header *pHeader;
275    unsigned long flags;
276 #ifdef DEBUG_QUEUE
277    struct r3964_block_header *pDump;
278 #endif
279    
280    pHeader = pInfo->tx_first;
281
282    if(pHeader==NULL)
283       return;
284
285 #ifdef DEBUG_QUEUE
286    printk("r3964: remove_from_tx_queue: %p, length %u - ",
287           pHeader, pHeader->length );
288    for(pDump=pHeader;pDump;pDump=pDump->next)
289          printk("%p ", pDump);
290    printk("\n");
291 #endif
292
293
294    if(pHeader->owner)
295    {
296       if(error_code)
297       {
298           add_msg(pHeader->owner, R3964_MSG_ACK, 0, 
299                   error_code, NULL);
300       }
301       else
302       {
303           add_msg(pHeader->owner, R3964_MSG_ACK, pHeader->length, 
304                   error_code, NULL);
305       }
306       wake_up_interruptible (&pInfo->read_wait);
307    }
308
309    spin_lock_irqsave(&pInfo->lock, flags);
310
311    pInfo->tx_first = pHeader->next;
312    if(pInfo->tx_first==NULL)
313    {
314       pInfo->tx_last = NULL;
315    }
316
317    spin_unlock_irqrestore(&pInfo->lock, flags);
318
319    kfree(pHeader);
320    TRACE_M("remove_from_tx_queue - kfree %p",pHeader);
321
322    TRACE_Q("remove_from_tx_queue: tx_first = %p, tx_last = %p",
323           pInfo->tx_first, pInfo->tx_last );
324 }
325
326 static void add_rx_queue(struct r3964_info *pInfo, struct r3964_block_header *pHeader)
327 {
328    unsigned long flags;
329    
330    spin_lock_irqsave(&pInfo->lock, flags);
331
332    pHeader->next = NULL;
333
334    if(pInfo->rx_last == NULL)
335    {
336       pInfo->rx_first = pInfo->rx_last = pHeader;
337    }
338    else
339    {
340       pInfo->rx_last->next = pHeader;
341       pInfo->rx_last = pHeader;
342    }
343    pInfo->blocks_in_rx_queue++;
344    
345    spin_unlock_irqrestore(&pInfo->lock, flags);
346
347    TRACE_Q("add_rx_queue: %p, length = %d, rx_first = %p, count = %d",
348           pHeader, pHeader->length,
349           pInfo->rx_first, pInfo->blocks_in_rx_queue);
350 }
351
352 static void remove_from_rx_queue(struct r3964_info *pInfo,
353                  struct r3964_block_header *pHeader)
354 {
355    unsigned long flags;
356    struct r3964_block_header *pFind;
357    
358    if(pHeader==NULL)
359       return;
360
361    TRACE_Q("remove_from_rx_queue: rx_first = %p, rx_last = %p, count = %d",
362           pInfo->rx_first, pInfo->rx_last, pInfo->blocks_in_rx_queue );
363    TRACE_Q("remove_from_rx_queue: %p, length %u",
364           pHeader, pHeader->length );
365
366    spin_lock_irqsave(&pInfo->lock, flags);
367
368    if(pInfo->rx_first == pHeader)
369    {
370       /* Remove the first block in the linked list: */
371       pInfo->rx_first = pHeader->next;
372       
373       if(pInfo->rx_first==NULL)
374       {
375          pInfo->rx_last = NULL;
376       }
377       pInfo->blocks_in_rx_queue--;
378    }
379    else 
380    {
381       /* Find block to remove: */
382       for(pFind=pInfo->rx_first; pFind; pFind=pFind->next)
383       {
384          if(pFind->next == pHeader) 
385          {
386             /* Got it. */
387             pFind->next = pHeader->next;
388             pInfo->blocks_in_rx_queue--;
389             if(pFind->next==NULL)
390             {
391                /* Oh, removed the last one! */
392                pInfo->rx_last = pFind;
393             }
394             break;
395          }
396       }
397    }
398
399    spin_unlock_irqrestore(&pInfo->lock, flags);
400
401    kfree(pHeader);
402    TRACE_M("remove_from_rx_queue - kfree %p",pHeader);
403
404    TRACE_Q("remove_from_rx_queue: rx_first = %p, rx_last = %p, count = %d",
405           pInfo->rx_first, pInfo->rx_last, pInfo->blocks_in_rx_queue );
406 }
407
408 static void put_char(struct r3964_info *pInfo, unsigned char ch)
409 {
410    struct tty_struct *tty = pInfo->tty;
411
412    if(tty==NULL)
413       return;
414
415    if(tty->driver->put_char)
416    {
417       tty->driver->put_char(tty, ch);
418    }
419    pInfo->bcc ^= ch;
420 }
421
422 static void flush(struct r3964_info *pInfo)
423 {
424    struct tty_struct *tty = pInfo->tty;
425
426    if(tty==NULL)
427       return;
428
429    if(tty->driver->flush_chars)
430    {
431       tty->driver->flush_chars(tty);
432    }
433 }
434
435 static void trigger_transmit(struct r3964_info *pInfo)
436 {
437    unsigned long flags;
438    
439
440    spin_lock_irqsave(&pInfo->lock, flags);
441
442    if((pInfo->state == R3964_IDLE) && (pInfo->tx_first!=NULL))
443    {
444       pInfo->state = R3964_TX_REQUEST;
445       pInfo->nRetry=0;
446       pInfo->flags &= ~R3964_ERROR;
447       mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
448
449       spin_unlock_irqrestore(&pInfo->lock, flags);
450
451       TRACE_PS("trigger_transmit - sent STX");
452
453       put_char(pInfo, STX);
454       flush(pInfo);
455
456       pInfo->bcc = 0;
457    }
458    else
459    {
460       spin_unlock_irqrestore(&pInfo->lock, flags);
461    }
462 }
463
464 static void retry_transmit(struct r3964_info *pInfo)
465 {
466    if(pInfo->nRetry<R3964_MAX_RETRIES)
467    {
468       TRACE_PE("transmission failed. Retry #%d", 
469              pInfo->nRetry);
470       pInfo->bcc = 0;
471       put_char(pInfo, STX);
472       flush(pInfo);
473       pInfo->state = R3964_TX_REQUEST;
474       pInfo->nRetry++;
475       mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
476    }
477    else
478    {
479       TRACE_PE("transmission failed after %d retries", 
480              R3964_MAX_RETRIES);
481
482       remove_from_tx_queue(pInfo, R3964_TX_FAIL);
483       
484       put_char(pInfo, NAK);
485       flush(pInfo);
486       pInfo->state = R3964_IDLE;
487
488       trigger_transmit(pInfo);
489    }
490 }
491
492
493 static void transmit_block(struct r3964_info *pInfo)
494 {
495    struct tty_struct *tty = pInfo->tty;
496    struct r3964_block_header *pBlock = pInfo->tx_first;
497    int room=0;
498
499    if((tty==NULL) || (pBlock==NULL))
500    {
501       return;
502    }
503
504    if(tty->driver->write_room)
505       room=tty->driver->write_room(tty);
506
507    TRACE_PS("transmit_block %p, room %d, length %d", 
508           pBlock, room, pBlock->length);
509    
510    while(pInfo->tx_position < pBlock->length)
511    {
512       if(room<2)
513          break;
514  
515       if(pBlock->data[pInfo->tx_position]==DLE)
516       {
517          /* send additional DLE char: */
518          put_char(pInfo, DLE);
519       }
520       put_char(pInfo, pBlock->data[pInfo->tx_position++]);
521       
522       room--;
523    }
524
525    if((pInfo->tx_position == pBlock->length) && (room>=3))
526    {
527       put_char(pInfo, DLE);
528       put_char(pInfo, ETX);
529       if(pInfo->flags & R3964_BCC)
530       {
531          put_char(pInfo, pInfo->bcc);
532       }
533       pInfo->state = R3964_WAIT_FOR_TX_ACK;
534       mod_timer(&pInfo->tmr, jiffies + R3964_TO_QVZ);
535    }
536    flush(pInfo);
537 }
538
539 static void on_receive_block(struct r3964_info *pInfo)
540 {
541    unsigned int length;
542    struct r3964_client_info *pClient;
543    struct r3964_block_header *pBlock;
544    
545    length=pInfo->rx_position;
546
547    /* compare byte checksum characters: */
548    if(pInfo->flags & R3964_BCC)
549    {
550       if(pInfo->bcc!=pInfo->last_rx)
551       {
552          TRACE_PE("checksum error - got %x but expected %x",
553                 pInfo->last_rx, pInfo->bcc);
554          pInfo->flags |= R3964_CHECKSUM;
555       }
556    }
557
558    /* check for errors (parity, overrun,...): */
559    if(pInfo->flags & R3964_ERROR)
560    {
561       TRACE_PE("on_receive_block - transmission failed error %x",
562              pInfo->flags & R3964_ERROR);
563       
564       put_char(pInfo, NAK);
565       flush(pInfo);
566       if(pInfo->nRetry<R3964_MAX_RETRIES)
567       {
568          pInfo->state=R3964_WAIT_FOR_RX_REPEAT;
569          pInfo->nRetry++;
570          mod_timer(&pInfo->tmr, jiffies + R3964_TO_RX_PANIC);
571       }
572       else
573       {
574          TRACE_PE("on_receive_block - failed after max retries");
575          pInfo->state=R3964_IDLE;
576       }
577       return;
578    }
579
580    
581    /* received block; submit DLE: */
582    put_char(pInfo, DLE);
583    flush(pInfo);
584    del_timer_sync(&pInfo->tmr);
585    TRACE_PS(" rx success: got %d chars", length);
586
587    /* prepare struct r3964_block_header: */
588    pBlock = kmalloc(length+sizeof(struct r3964_block_header), GFP_KERNEL);
589    TRACE_M("on_receive_block - kmalloc %p",pBlock);
590
591    if(pBlock==NULL)
592       return;
593
594    pBlock->length = length;
595    pBlock->data   = ((unsigned char*)pBlock)+sizeof(struct r3964_block_header);
596    pBlock->locks  = 0;
597    pBlock->next   = NULL;
598    pBlock->owner  = NULL;
599
600    memcpy(pBlock->data, pInfo->rx_buf, length);
601
602    /* queue block into rx_queue: */
603    add_rx_queue(pInfo, pBlock);
604
605    /* notify attached client processes: */
606    for(pClient=pInfo->firstClient; pClient; pClient=pClient->next)
607    {
608       if(pClient->sig_flags & R3964_SIG_DATA)
609       {
610          add_msg(pClient, R3964_MSG_DATA, length, R3964_OK, pBlock);
611       }
612    }
613    wake_up_interruptible (&pInfo->read_wait);
614    
615    pInfo->state = R3964_IDLE;
616
617    trigger_transmit(pInfo);
618 }
619
620
621 static void receive_char(struct r3964_info *pInfo, const unsigned char c)
622 {
623    switch(pInfo->state)
624    {
625       case R3964_TX_REQUEST:
626          if(c==DLE)
627          {
628             TRACE_PS("TX_REQUEST - got DLE");
629
630             pInfo->state = R3964_TRANSMITTING;
631             pInfo->tx_position = 0;
632             
633             transmit_block(pInfo);
634          }
635          else if(c==STX)
636          {
637             if(pInfo->nRetry==0)
638             {
639                TRACE_PE("TX_REQUEST - init conflict");
640                if(pInfo->priority == R3964_SLAVE)
641                {
642                   goto start_receiving;
643                }
644             } 
645             else 
646             {
647                TRACE_PE("TX_REQUEST - secondary init conflict!?"
648                         " Switching to SLAVE mode for next rx.");
649                goto start_receiving;
650             }
651          }
652          else
653          {
654             TRACE_PE("TX_REQUEST - char != DLE: %x", c);
655             retry_transmit(pInfo);
656          }
657          break;
658       case R3964_TRANSMITTING:
659          if(c==NAK)
660          {
661             TRACE_PE("TRANSMITTING - got NAK");
662             retry_transmit(pInfo);
663          }
664          else
665          {
666             TRACE_PE("TRANSMITTING - got invalid char");
667  
668             pInfo->state = R3964_WAIT_ZVZ_BEFORE_TX_RETRY;
669             mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
670          }
671          break;
672       case R3964_WAIT_FOR_TX_ACK:
673          if(c==DLE)
674          {
675             TRACE_PS("WAIT_FOR_TX_ACK - got DLE");
676             remove_from_tx_queue(pInfo, R3964_OK);
677             
678             pInfo->state = R3964_IDLE;
679             trigger_transmit(pInfo);
680          }
681          else
682          {
683             retry_transmit(pInfo);
684          }
685          break;
686       case R3964_WAIT_FOR_RX_REPEAT:
687          /* FALLTROUGH */
688       case R3964_IDLE:
689          if(c==STX)
690          {
691             /* Prevent rx_queue from overflow: */
692             if(pInfo->blocks_in_rx_queue >= R3964_MAX_BLOCKS_IN_RX_QUEUE)
693             {
694                TRACE_PE("IDLE - got STX but no space in rx_queue!");
695                pInfo->state=R3964_WAIT_FOR_RX_BUF;
696                mod_timer(&pInfo->tmr, jiffies + R3964_TO_NO_BUF);
697                break;
698             }
699 start_receiving:
700             /* Ok, start receiving: */
701             TRACE_PS("IDLE - got STX");
702             pInfo->rx_position = 0;
703             pInfo->last_rx = 0;
704             pInfo->flags &= ~R3964_ERROR;
705             pInfo->state=R3964_RECEIVING;
706             mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
707             pInfo->nRetry = 0;
708             put_char(pInfo, DLE);
709             flush(pInfo);
710             pInfo->bcc = 0;
711          }
712          break;
713       case R3964_RECEIVING:
714          if(pInfo->rx_position < RX_BUF_SIZE)
715          {
716             pInfo->bcc ^= c;
717             
718             if(c==DLE)
719             {
720                if(pInfo->last_rx==DLE)
721                {
722                   pInfo->last_rx = 0;
723                   goto char_to_buf;
724                }
725                pInfo->last_rx = DLE;
726                break;
727             } 
728             else if((c==ETX) && (pInfo->last_rx==DLE))
729             {
730                if(pInfo->flags & R3964_BCC)
731                {
732                   pInfo->state = R3964_WAIT_FOR_BCC;
733                   mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
734                }
735                else 
736                {
737                   on_receive_block(pInfo);
738                }
739             }
740             else
741             {
742                pInfo->last_rx = c;
743 char_to_buf:
744                pInfo->rx_buf[pInfo->rx_position++] = c;
745                mod_timer(&pInfo->tmr, jiffies + R3964_TO_ZVZ);
746             }
747          }
748         /* else: overflow-msg? BUF_SIZE>MTU; should not happen? */ 
749          break;
750       case R3964_WAIT_FOR_BCC:
751          pInfo->last_rx = c;
752          on_receive_block(pInfo);
753          break;
754    }
755 }
756
757 static void receive_error(struct r3964_info *pInfo, const char flag)
758 {
759     switch (flag) 
760     {
761     case TTY_NORMAL:
762         break;
763     case TTY_BREAK:
764         TRACE_PE("received break")
765         pInfo->flags |= R3964_BREAK;
766         break;
767     case TTY_PARITY:
768         TRACE_PE("parity error")
769         pInfo->flags |= R3964_PARITY;
770         break;
771     case TTY_FRAME:
772         TRACE_PE("frame error")
773         pInfo->flags |= R3964_FRAME;
774         break;
775     case TTY_OVERRUN:
776         TRACE_PE("frame overrun")
777         pInfo->flags |= R3964_OVERRUN;
778         break;
779     default:
780         TRACE_PE("receive_error - unknown flag %d", flag);
781         pInfo->flags |= R3964_UNKNOWN;
782         break;
783     }
784 }
785
786 static void on_timeout(unsigned long priv)
787 {
788    struct r3964_info *pInfo = (void *)priv;
789
790    switch(pInfo->state)
791    {
792       case R3964_TX_REQUEST:
793          TRACE_PE("TX_REQUEST - timeout");
794          retry_transmit(pInfo);
795          break;
796       case R3964_WAIT_ZVZ_BEFORE_TX_RETRY:
797          put_char(pInfo, NAK);
798          flush(pInfo);
799          retry_transmit(pInfo);
800          break;
801       case R3964_WAIT_FOR_TX_ACK:
802          TRACE_PE("WAIT_FOR_TX_ACK - timeout");
803          retry_transmit(pInfo);
804          break;
805       case R3964_WAIT_FOR_RX_BUF:
806          TRACE_PE("WAIT_FOR_RX_BUF - timeout");
807          put_char(pInfo, NAK);
808          flush(pInfo);
809          pInfo->state=R3964_IDLE;
810          break;
811       case R3964_RECEIVING:
812          TRACE_PE("RECEIVING - timeout after %d chars", 
813                   pInfo->rx_position);
814          put_char(pInfo, NAK);
815          flush(pInfo);
816          pInfo->state=R3964_IDLE;
817          break;
818       case R3964_WAIT_FOR_RX_REPEAT:
819          TRACE_PE("WAIT_FOR_RX_REPEAT - timeout");
820          pInfo->state=R3964_IDLE;
821          break;
822       case R3964_WAIT_FOR_BCC:
823          TRACE_PE("WAIT_FOR_BCC - timeout");
824          put_char(pInfo, NAK);
825          flush(pInfo);
826          pInfo->state=R3964_IDLE;
827          break;
828    }
829 }
830
831 static struct r3964_client_info *findClient(
832   struct r3964_info *pInfo, struct pid *pid)
833 {
834    struct r3964_client_info *pClient;
835    
836    for(pClient=pInfo->firstClient; pClient; pClient=pClient->next)
837    {
838       if(pClient->pid == pid)
839       {
840          return pClient;
841       }
842    }
843    return NULL;
844 }
845
846 static int enable_signals(struct r3964_info *pInfo, struct pid *pid, int arg)
847 {
848    struct r3964_client_info *pClient;
849    struct r3964_client_info **ppClient;
850    struct r3964_message *pMsg;
851    
852    if((arg & R3964_SIG_ALL)==0)
853    {
854       /* Remove client from client list */
855       for(ppClient=&pInfo->firstClient; *ppClient; ppClient=&(*ppClient)->next)
856       {
857          pClient = *ppClient;
858          
859          if(pClient->pid == pid)
860          {
861             TRACE_PS("removing client %d from client list", pid_nr(pid));
862             *ppClient = pClient->next;
863             while(pClient->msg_count)
864             {
865                pMsg=remove_msg(pInfo, pClient);
866                if(pMsg)
867                {
868                   kfree(pMsg);
869                   TRACE_M("enable_signals - msg kfree %p",pMsg);
870                }
871             }
872             put_pid(pClient->pid);
873             kfree(pClient);
874             TRACE_M("enable_signals - kfree %p",pClient);
875             return 0;
876          }
877       }
878       return -EINVAL;
879    }
880    else
881    {
882       pClient=findClient(pInfo, pid);
883       if(pClient)
884       {
885          /* update signal options */
886          pClient->sig_flags=arg;
887       } 
888       else 
889       {
890          /* add client to client list */
891          pClient=kmalloc(sizeof(struct r3964_client_info), GFP_KERNEL);
892          TRACE_M("enable_signals - kmalloc %p",pClient);
893          if(pClient==NULL)
894             return -ENOMEM;
895
896          TRACE_PS("add client %d to client list", pid_nr(pid));
897          spin_lock_init(&pClient->lock);
898          pClient->sig_flags=arg;
899          pClient->pid = get_pid(pid);
900          pClient->next=pInfo->firstClient;
901          pClient->first_msg = NULL;
902          pClient->last_msg = NULL;
903          pClient->next_block_to_read = NULL;
904          pClient->msg_count = 0;
905          pInfo->firstClient=pClient;
906       }
907    }
908
909    return 0;
910 }
911
912 static int read_telegram(struct r3964_info *pInfo, struct pid *pid, unsigned char __user *buf)
913 {
914     struct r3964_client_info *pClient;
915     struct r3964_block_header *block;
916
917     if(!buf)
918     {
919         return -EINVAL;
920     }
921
922     pClient=findClient(pInfo,pid);
923     if(pClient==NULL)
924     {
925        return -EINVAL;
926     }
927     
928     block=pClient->next_block_to_read;
929     if(!block)
930     {
931        return 0;
932     }
933     else
934     {
935       if (copy_to_user (buf, block->data, block->length))
936         return -EFAULT;
937
938        remove_client_block(pInfo, pClient);
939        return block->length;
940     }
941
942     return -EINVAL;
943 }
944
945 static void add_msg(struct r3964_client_info *pClient, int msg_id, int arg,
946              int error_code, struct r3964_block_header *pBlock)
947 {
948    struct r3964_message *pMsg;
949    unsigned long flags;
950    
951    if(pClient->msg_count<R3964_MAX_MSG_COUNT-1)
952    {
953 queue_the_message:
954
955       pMsg = kmalloc(sizeof(struct r3964_message),
956                      error_code?GFP_ATOMIC:GFP_KERNEL);
957       TRACE_M("add_msg - kmalloc %p",pMsg);
958       if(pMsg==NULL) {
959          return;
960       }
961
962       spin_lock_irqsave(&pClient->lock, flags);
963
964       pMsg->msg_id = msg_id;
965       pMsg->arg    = arg;
966       pMsg->error_code = error_code;
967       pMsg->block  = pBlock;
968       pMsg->next   = NULL;
969       
970       if(pClient->last_msg==NULL)
971       {
972          pClient->first_msg=pClient->last_msg=pMsg;
973       }
974       else
975       {
976          pClient->last_msg->next = pMsg;
977          pClient->last_msg=pMsg;
978       }
979
980       pClient->msg_count++;
981
982       if(pBlock!=NULL)
983       {
984          pBlock->locks++;
985       }
986       spin_unlock_irqrestore(&pClient->lock, flags);
987    }
988    else
989    {
990       if((pClient->last_msg->msg_id == R3964_MSG_ACK)
991                  && (pClient->last_msg->error_code==R3964_OVERFLOW))
992       {
993          pClient->last_msg->arg++;
994                  TRACE_PE("add_msg - inc prev OVERFLOW-msg");
995       }
996       else
997       {
998          msg_id = R3964_MSG_ACK;
999          arg = 0;
1000                  error_code = R3964_OVERFLOW;
1001          pBlock = NULL;
1002                  TRACE_PE("add_msg - queue OVERFLOW-msg");
1003          goto queue_the_message;
1004       }
1005    }
1006    /* Send SIGIO signal to client process: */
1007    if(pClient->sig_flags & R3964_USE_SIGIO)
1008    {
1009       kill_pid(pClient->pid, SIGIO, 1);
1010    }
1011 }
1012
1013 static struct r3964_message *remove_msg(struct r3964_info *pInfo,
1014                        struct r3964_client_info *pClient)
1015 {
1016    struct r3964_message *pMsg=NULL;
1017    unsigned long flags;
1018
1019    if(pClient->first_msg)
1020    {
1021       spin_lock_irqsave(&pClient->lock, flags);
1022
1023       pMsg = pClient->first_msg;
1024       pClient->first_msg = pMsg->next;
1025       if(pClient->first_msg==NULL)
1026       {
1027          pClient->last_msg = NULL;
1028       }
1029       
1030       pClient->msg_count--;
1031       if(pMsg->block)
1032       {
1033         remove_client_block(pInfo, pClient);
1034         pClient->next_block_to_read = pMsg->block;
1035       }
1036       spin_unlock_irqrestore(&pClient->lock, flags);
1037    }
1038    return pMsg;
1039 }
1040
1041 static void remove_client_block(struct r3964_info *pInfo, 
1042                 struct r3964_client_info *pClient)
1043 {
1044     struct r3964_block_header *block;
1045
1046     TRACE_PS("remove_client_block PID %d", pid_nr(pClient->pid));
1047
1048     block=pClient->next_block_to_read;
1049     if(block)
1050     {
1051         block->locks--;
1052         if(block->locks==0)
1053         {
1054             remove_from_rx_queue(pInfo, block);
1055         }
1056     }
1057     pClient->next_block_to_read = NULL;
1058 }
1059
1060
1061 /*************************************************************
1062  * Line discipline routines
1063  *************************************************************/
1064
1065 static int r3964_open(struct tty_struct *tty)
1066 {
1067    struct r3964_info *pInfo;
1068    
1069    TRACE_L("open");
1070    TRACE_L("tty=%p, PID=%d, disc_data=%p", 
1071           tty, current->pid, tty->disc_data);
1072    
1073    pInfo=kmalloc(sizeof(struct r3964_info), GFP_KERNEL); 
1074    TRACE_M("r3964_open - info kmalloc %p",pInfo);
1075
1076    if(!pInfo)
1077    {
1078       printk(KERN_ERR "r3964: failed to alloc info structure\n");
1079       return -ENOMEM;
1080    }
1081
1082    pInfo->rx_buf = kmalloc(RX_BUF_SIZE, GFP_KERNEL);
1083    TRACE_M("r3964_open - rx_buf kmalloc %p",pInfo->rx_buf);
1084
1085    if(!pInfo->rx_buf)
1086    {
1087       printk(KERN_ERR "r3964: failed to alloc receive buffer\n");
1088       kfree(pInfo);
1089       TRACE_M("r3964_open - info kfree %p",pInfo);
1090       return -ENOMEM;
1091    }
1092    
1093    pInfo->tx_buf = kmalloc(TX_BUF_SIZE, GFP_KERNEL);
1094    TRACE_M("r3964_open - tx_buf kmalloc %p",pInfo->tx_buf);
1095
1096    if(!pInfo->tx_buf)
1097    {
1098       printk(KERN_ERR "r3964: failed to alloc transmit buffer\n");
1099       kfree(pInfo->rx_buf);
1100       TRACE_M("r3964_open - rx_buf kfree %p",pInfo->rx_buf);
1101       kfree(pInfo);
1102       TRACE_M("r3964_open - info kfree %p",pInfo);
1103       return -ENOMEM;
1104    }
1105
1106    spin_lock_init(&pInfo->lock);
1107    pInfo->tty = tty;
1108    init_waitqueue_head (&pInfo->read_wait);
1109    pInfo->priority = R3964_MASTER;
1110    pInfo->rx_first = pInfo->rx_last = NULL;
1111    pInfo->tx_first = pInfo->tx_last = NULL;
1112    pInfo->rx_position = 0;
1113    pInfo->tx_position = 0;
1114    pInfo->last_rx = 0;
1115    pInfo->blocks_in_rx_queue = 0;
1116    pInfo->firstClient=NULL;
1117    pInfo->state=R3964_IDLE;
1118    pInfo->flags = R3964_DEBUG;
1119    pInfo->nRetry = 0;
1120    
1121    tty->disc_data = pInfo;
1122    tty->receive_room = 65536;
1123
1124    init_timer(&pInfo->tmr);
1125    pInfo->tmr.data = (unsigned long)pInfo;
1126    pInfo->tmr.function = on_timeout;
1127
1128    return 0;
1129 }
1130
1131 static void r3964_close(struct tty_struct *tty)
1132 {
1133    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1134    struct r3964_client_info *pClient, *pNext;
1135    struct r3964_message *pMsg;
1136    struct r3964_block_header *pHeader, *pNextHeader;
1137    unsigned long flags;
1138
1139    TRACE_L("close");
1140
1141     /*
1142      * Make sure that our task queue isn't activated.  If it
1143      * is, take it out of the linked list.
1144      */
1145     del_timer_sync(&pInfo->tmr);
1146
1147    /* Remove client-structs and message queues: */
1148     pClient=pInfo->firstClient;
1149     while(pClient)
1150     {
1151        pNext=pClient->next;
1152        while(pClient->msg_count)
1153        {
1154           pMsg=remove_msg(pInfo, pClient);
1155           if(pMsg)
1156           {
1157              kfree(pMsg);
1158              TRACE_M("r3964_close - msg kfree %p",pMsg);
1159           }
1160        }
1161        put_pid(pClient->pid);
1162        kfree(pClient);
1163        TRACE_M("r3964_close - client kfree %p",pClient);
1164        pClient=pNext;
1165     }
1166     /* Remove jobs from tx_queue: */
1167         spin_lock_irqsave(&pInfo->lock, flags);
1168         pHeader=pInfo->tx_first;
1169         pInfo->tx_first=pInfo->tx_last=NULL;
1170         spin_unlock_irqrestore(&pInfo->lock, flags);
1171         
1172     while(pHeader)
1173         {
1174            pNextHeader=pHeader->next;
1175            kfree(pHeader);
1176            pHeader=pNextHeader;
1177         }
1178
1179     /* Free buffers: */
1180     wake_up_interruptible(&pInfo->read_wait);
1181     kfree(pInfo->rx_buf);
1182     TRACE_M("r3964_close - rx_buf kfree %p",pInfo->rx_buf);
1183     kfree(pInfo->tx_buf);
1184     TRACE_M("r3964_close - tx_buf kfree %p",pInfo->tx_buf);
1185     kfree(pInfo);
1186     TRACE_M("r3964_close - info kfree %p",pInfo);
1187 }
1188
1189 static ssize_t r3964_read(struct tty_struct *tty, struct file *file,
1190                           unsigned char __user *buf, size_t nr)
1191 {
1192    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1193    struct r3964_client_info *pClient;
1194    struct r3964_message *pMsg;
1195    struct r3964_client_message theMsg;
1196    DECLARE_WAITQUEUE (wait, current);
1197    
1198    int count;
1199    
1200    TRACE_L("read()");
1201  
1202    pClient=findClient(pInfo, task_pid(current));
1203    if(pClient)
1204    {
1205       pMsg = remove_msg(pInfo, pClient);
1206       if(pMsg==NULL)
1207       {
1208                  /* no messages available. */
1209          if (file->f_flags & O_NONBLOCK)
1210                  {
1211             return -EAGAIN;
1212                  }
1213          /* block until there is a message: */
1214          add_wait_queue(&pInfo->read_wait, &wait);
1215 repeat:
1216          current->state = TASK_INTERRUPTIBLE;
1217          pMsg = remove_msg(pInfo, pClient);
1218          if (!pMsg && !signal_pending(current))
1219                  {
1220             schedule();
1221             goto repeat;
1222          }
1223          current->state = TASK_RUNNING;
1224          remove_wait_queue(&pInfo->read_wait, &wait);
1225       }
1226       
1227       /* If we still haven't got a message, we must have been signalled */
1228
1229       if (!pMsg) return -EINTR;
1230
1231       /* deliver msg to client process: */
1232       theMsg.msg_id = pMsg->msg_id;
1233       theMsg.arg    = pMsg->arg;
1234       theMsg.error_code = pMsg->error_code;
1235       count = sizeof(struct r3964_client_message);
1236
1237       kfree(pMsg);
1238       TRACE_M("r3964_read - msg kfree %p",pMsg);
1239
1240       if (copy_to_user(buf,&theMsg, count))
1241         return -EFAULT;
1242
1243       TRACE_PS("read - return %d", count);
1244       return count;
1245    }
1246    return -EPERM;
1247 }
1248
1249 static ssize_t r3964_write(struct tty_struct * tty, struct file * file,
1250                            const unsigned char *data, size_t count)
1251 {
1252    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1253    struct r3964_block_header *pHeader;
1254    struct r3964_client_info *pClient;
1255    unsigned char *new_data;
1256    
1257    TRACE_L("write request, %d characters", count);
1258 /* 
1259  * Verify the pointers 
1260  */
1261
1262    if(!pInfo)
1263       return -EIO;
1264
1265 /*
1266  * Ensure that the caller does not wish to send too much.
1267  */
1268    if (count > R3964_MTU) 
1269    {
1270       if (pInfo->flags & R3964_DEBUG)
1271       {
1272          TRACE_L (KERN_WARNING
1273                  "r3964_write: truncating user packet "
1274                  "from %u to mtu %d", count, R3964_MTU);
1275       }
1276       count = R3964_MTU;
1277    }
1278 /*
1279  * Allocate a buffer for the data and copy it from the buffer with header prepended
1280  */
1281    new_data = kmalloc (count+sizeof(struct r3964_block_header), GFP_KERNEL);
1282    TRACE_M("r3964_write - kmalloc %p",new_data);
1283    if (new_data == NULL) {
1284       if (pInfo->flags & R3964_DEBUG)
1285       {
1286          printk (KERN_ERR
1287                "r3964_write: no memory\n");
1288       }
1289       return -ENOSPC;
1290    }
1291    
1292    pHeader = (struct r3964_block_header *)new_data;
1293    pHeader->data = new_data + sizeof(struct r3964_block_header);
1294    pHeader->length = count;
1295    pHeader->locks = 0;
1296    pHeader->owner = NULL;
1297    
1298    pClient=findClient(pInfo, task_pid(current));
1299    if(pClient)
1300    {
1301       pHeader->owner = pClient;
1302    }
1303
1304    memcpy(pHeader->data, data, count); /* We already verified this */
1305
1306    if(pInfo->flags & R3964_DEBUG)
1307    {
1308       dump_block(pHeader->data, count);
1309    }
1310
1311 /*
1312  * Add buffer to transmit-queue:
1313  */
1314    add_tx_queue(pInfo, pHeader);
1315    trigger_transmit(pInfo);
1316    
1317    return 0;
1318 }
1319
1320 static int r3964_ioctl(struct tty_struct * tty, struct file * file,
1321                unsigned int cmd, unsigned long arg)
1322 {
1323    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1324    if(pInfo==NULL)
1325       return -EINVAL;
1326    switch(cmd)
1327    {
1328       case R3964_ENABLE_SIGNALS:
1329          return enable_signals(pInfo, task_pid(current), arg);
1330       case R3964_SETPRIORITY:
1331          if(arg<R3964_MASTER || arg>R3964_SLAVE)
1332             return -EINVAL;
1333          pInfo->priority = arg & 0xff;
1334          return 0;
1335       case R3964_USE_BCC:
1336              if(arg)
1337             pInfo->flags |= R3964_BCC;
1338          else
1339             pInfo->flags &= ~R3964_BCC;
1340          return 0;
1341       case R3964_READ_TELEGRAM:
1342          return read_telegram(pInfo, task_pid(current), (unsigned char __user *)arg);
1343       default:
1344          return -ENOIOCTLCMD;
1345    }
1346 }
1347
1348 static void r3964_set_termios(struct tty_struct *tty, struct ktermios * old)
1349 {
1350    TRACE_L("set_termios");
1351 }
1352
1353 /* Called without the kernel lock held - fine */
1354 static unsigned int r3964_poll(struct tty_struct * tty, struct file * file,
1355                       struct poll_table_struct *wait)
1356 {
1357    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1358    struct r3964_client_info *pClient;
1359    struct r3964_message *pMsg=NULL;
1360    unsigned long flags;
1361    int result = POLLOUT;
1362
1363    TRACE_L("POLL");
1364
1365    pClient=findClient(pInfo, task_pid(current));
1366    if(pClient)
1367      {
1368        poll_wait(file, &pInfo->read_wait, wait);
1369        spin_lock_irqsave(&pInfo->lock, flags);
1370        pMsg=pClient->first_msg;
1371        spin_unlock_irqrestore(&pInfo->lock, flags);
1372        if(pMsg)
1373            result |= POLLIN | POLLRDNORM;
1374      }
1375    else
1376      {
1377        result = -EINVAL;
1378      }
1379    return result;
1380 }
1381
1382 static void r3964_receive_buf(struct tty_struct *tty, const unsigned char *cp,
1383                               char *fp, int count)
1384 {
1385    struct r3964_info *pInfo=(struct r3964_info*)tty->disc_data;
1386     const unsigned char *p;
1387     char *f, flags = 0;
1388     int i;
1389
1390     for (i=count, p = cp, f = fp; i; i--, p++) {
1391         if (f)
1392             flags = *f++;
1393         if(flags==TTY_NORMAL)
1394         {
1395             receive_char(pInfo, *p);
1396         }
1397         else
1398         {
1399             receive_error(pInfo, flags);
1400         }
1401         
1402     }
1403 }
1404
1405 MODULE_LICENSE("GPL");
1406 MODULE_ALIAS_LDISC(N_R3964);