1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
9 #define pr_fmt(fmt) "[elmcan] " fmt
11 #include <linux/init.h>
12 #include <linux/module.h>
13 #include <linux/moduleparam.h>
15 #include <linux/atomic.h>
16 #include <linux/bitops.h>
17 #include <linux/ctype.h>
18 #include <linux/delay.h>
19 #include <linux/errno.h>
20 #include <linux/if_ether.h>
21 #include <linux/kernel.h>
22 #include <linux/list.h>
23 #include <linux/netdevice.h>
24 #include <linux/skbuff.h>
25 #include <linux/spinlock.h>
26 #include <linux/string.h>
27 #include <linux/tty.h>
28 #include <linux/tty_ldisc.h>
29 #include <linux/version.h>
30 #include <linux/workqueue.h>
32 #include <uapi/linux/tty.h>
34 #include <linux/can.h>
35 #include <linux/can/dev.h>
36 #include <linux/can/error.h>
37 #include <linux/can/led.h>
38 #include <linux/can/rx-offload.h>
40 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
41 MODULE_DESCRIPTION("ELM327 based CAN interface");
42 MODULE_LICENSE("GPL");
43 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
45 /* Line discipline ID number.
46 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
47 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
50 #define N_DEVELOPMENT 29
53 /* Compatibility for Linux < 5.11 */
54 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,11,0)
58 #define ELM327_NAPI_WEIGHT 4
60 #define ELM327_SIZE_RXBUF 256
61 #define ELM327_SIZE_TXBUF 32
63 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
64 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
65 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
66 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
68 #define ELM327_DUMMY_CHAR 'y'
69 #define ELM327_DUMMY_STRING "y"
70 #define ELM327_READY_CHAR '>'
72 /* Bits in elm->cmds_todo */
73 enum ELM327_TX_DO_BITS {
74 ELM327_TX_DO_CAN_DATA = 0,
75 ELM327_TX_DO_CANID_11BIT,
76 ELM327_TX_DO_CANID_29BIT_LOW,
77 ELM327_TX_DO_CANID_29BIT_HIGH,
78 ELM327_TX_DO_CAN_CONFIG_PART2,
79 ELM327_TX_DO_CAN_CONFIG,
80 ELM327_TX_DO_RESPONSES,
81 ELM327_TX_DO_SILENT_MONITOR,
86 /* This must be the first member when using alloc_candev() */
89 struct can_rx_offload offload;
91 /* TTY and netdev devices that we're bridging */
92 struct tty_struct *tty;
93 struct net_device *dev;
95 /* Per-channel lock */
98 /* Keep track of how many things are using this struct.
99 * Once it reaches 0, we are in the process of cleaning up,
100 * and new operations will be cancelled immediately.
101 * Use atomic_t rather than refcount_t because we deliberately
102 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
107 /* Stop the channel on hardware failure.
108 * Once this is true, nothing will be sent to the TTY.
113 struct work_struct tx_work; /* Flushes TTY TX buffer */
114 unsigned char *txbuf;
115 unsigned char *txhead; /* Pointer to next TX byte */
116 int txleft; /* Bytes left to TX */
119 unsigned char rxbuf[ELM327_SIZE_RXBUF];
132 /* The CAN frame and config the ELM327 is sending/using,
133 * or will send/use after finishing all cmds_todo
135 struct can_frame can_frame_to_send;
136 unsigned short can_config;
137 unsigned long can_bitrate;
138 unsigned char can_bitrate_divisor;
139 int silent_monitoring;
141 /* Things we have yet to send */
142 char **next_init_cmd;
143 unsigned long cmds_todo;
146 /* A lock for all tty->disc_data handled by this ldisc.
147 * This is to prevent a case where tty->disc_data is set to NULL,
148 * yet someone is still trying to dereference it.
149 * Without this, we cannot do a clean shutdown.
151 static DEFINE_SPINLOCK(elmcan_discdata_lock);
153 static inline void elm327_hw_failure(struct elmcan *elm);
155 /* Assumes elm->lock taken. */
156 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
163 memcpy(elm->txbuf, buf, len);
165 /* Order of next two lines is *very* important.
166 * When we are sending a little amount of data,
167 * the transfer may be completed inside the ops->write()
168 * routine, because it's running with interrupts enabled.
169 * In this case we *never* got WRITE_WAKEUP event,
170 * if we did not request it before write operation.
171 * 14 Oct 1994 Dmitry Gorodchanin.
173 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
174 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
177 "Failed to write to tty %s.\n",
179 elm327_hw_failure(elm);
183 elm->txleft = len - actual;
184 elm->txhead = elm->txbuf + actual;
187 /* Take the ELM327 out of almost any state and back into command mode.
188 * We send ELM327_DUMMY_CHAR which will either abort any running
189 * operation, or be echoed back to us in case we're already in command
192 * Assumes elm->lock taken.
194 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
196 if (elm->state != ELM_GETDUMMYCHAR && elm->state != ELM_GETPROMPT) {
197 elm327_send(elm, ELM327_DUMMY_STRING, 1);
199 elm->state = ELM_GETDUMMYCHAR;
203 /* Schedule a CAN frame and necessary config changes to be sent to the TTY.
205 * Assumes elm->lock taken.
207 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
209 /* Schedule any necessary changes in ELM327's CAN configuration */
210 if (elm->can_frame_to_send.can_id != frame->can_id) {
211 /* Set the new CAN ID for transmission. */
212 if ((frame->can_id & CAN_EFF_FLAG)
213 ^ (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
214 elm->can_config = (frame->can_id & CAN_EFF_FLAG
216 : ELM327_CAN_CONFIG_SEND_SFF)
217 | ELM327_CAN_CONFIG_VARIABLE_DLC
218 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
219 | elm->can_bitrate_divisor;
221 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
224 if (frame->can_id & CAN_EFF_FLAG) {
225 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
226 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
227 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
229 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
230 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
231 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
235 /* Schedule the CAN frame itself. */
236 elm->can_frame_to_send = *frame;
237 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
239 elm327_kick_into_cmd_mode(elm);
242 /* ELM327 initialization sequence.
244 * Assumes elm->lock taken.
246 static char *elm327_init_script[] = {
247 "AT WS\r", /* v1.0: Warm Start */
248 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
249 "AT M0\r", /* v1.0: Memory Off */
250 "AT AL\r", /* v1.0: Allow Long messages */
251 "AT BI\r", /* v1.0: Bypass Initialization */
252 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
253 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
254 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
255 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
256 "AT E1\r", /* v1.0: Echo On */
257 "AT H1\r", /* v1.0: Headers On */
258 "AT L0\r", /* v1.0: Linefeeds Off */
259 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
260 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
261 "AT AT0\r", /* v1.2: Adaptive Timing Off */
262 "AT D1\r", /* v1.3: Print DLC On */
263 "AT S1\r", /* v1.3: Spaces On */
264 "AT TP B\r", /* v1.0: Try Protocol B */
268 static void elm327_init(struct elmcan *elm)
270 elm->state = ELM_NOTINIT;
271 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
273 elm->drop_next_line = 0;
275 /* We can only set the bitrate as a fraction of 500000.
276 * The bit timing constants in elmcan_bittiming_const will
277 * limit the user to the right values.
279 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
280 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
281 | ELM327_CAN_CONFIG_VARIABLE_DLC
282 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
283 | elm->can_bitrate_divisor;
285 /* Configure ELM327 and then start monitoring */
286 elm->next_init_cmd = &elm327_init_script[0];
287 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
288 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
289 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
290 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
292 elm327_kick_into_cmd_mode(elm);
295 /* Assumes elm->lock taken. */
296 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
299 if (!netif_running(elm->dev))
302 /* Queue for NAPI pickup.
303 * rx-offload will update stats and LEDs for us.
305 if (can_rx_offload_queue_tail(&elm->offload, skb))
306 elm->dev->stats.rx_fifo_errors++;
308 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
310 can_rx_offload_irq_finish(&elm->offload);
314 /* Called when we're out of ideas and just want it all to end.
315 * Assumes elm->lock taken.
317 static inline void elm327_hw_failure(struct elmcan *elm)
319 struct can_frame *frame;
322 skb = alloc_can_err_skb(elm->dev, &frame);
326 frame->data[5] = 'R';
327 frame->data[6] = 'I';
328 frame->data[7] = 'P';
330 elm327_feed_frame_to_netdev(elm, skb);
332 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
334 elm->hw_failure = true;
335 can_bus_off(elm->dev);
338 /* Compare a buffer to a fixed string */
339 static inline int _memstrcmp(const u8 *mem, const char *str)
341 return memcmp(mem, str, strlen(str));
344 /* Compare buffer to string length, then compare buffer to fixed string.
345 * This ensures two things:
346 * - It flags cases where the fixed string is only the start of the
347 * buffer, rather than exactly all of it.
348 * - It avoids byte comparisons in case the length doesn't match.
350 static inline int _len_memstrcmp(const u8 *mem, size_t mem_len, const char *str)
352 size_t str_len = strlen(str);
354 return (mem_len != str_len) || memcmp(mem, str, str_len);
357 /* Assumes elm->lock taken. */
358 static void elm327_parse_error(struct elmcan *elm, size_t len)
360 struct can_frame *frame;
363 skb = alloc_can_err_skb(elm->dev, &frame);
365 /* It's okay to return here:
366 * The outer parsing loop will drop this UART buffer.
370 /* Filter possible error messages based on length of RX'd line */
371 if (!_len_memstrcmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
373 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
374 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUFFER FULL")) {
375 /* This will only happen if the last data line was complete.
376 * Otherwise, elm327_parse_frame() will heuristically
377 * emit this kind of error frame instead.
379 frame->can_id |= CAN_ERR_CRTL;
380 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
381 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS ERROR")) {
382 frame->can_id |= CAN_ERR_BUSERROR;
383 } else if (!_len_memstrcmp(elm->rxbuf, len, "CAN ERROR")) {
384 frame->can_id |= CAN_ERR_PROT;
385 } else if (!_len_memstrcmp(elm->rxbuf, len, "<RX ERROR")) {
386 frame->can_id |= CAN_ERR_PROT;
387 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS BUSY")) {
388 frame->can_id |= CAN_ERR_PROT;
389 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
390 } else if (!_len_memstrcmp(elm->rxbuf, len, "FB ERROR")) {
391 frame->can_id |= CAN_ERR_PROT;
392 frame->data[2] = CAN_ERR_PROT_TX;
393 } else if (len == 5 && !_memstrcmp(elm->rxbuf, "ERR")) {
394 /* ERR is followed by two digits, hence line length 5 */
395 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
396 elm->rxbuf[3], elm->rxbuf[4]);
397 frame->can_id |= CAN_ERR_CRTL;
399 /* Something else has happened.
400 * Maybe garbage on the UART line.
401 * Emit a generic error frame.
405 elm327_feed_frame_to_netdev(elm, skb);
408 /* Parse CAN frames coming as ASCII from ELM327.
409 * They can be of various formats:
411 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
412 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
414 * where D = DLC, PL = payload byte
416 * Instead of a payload, RTR indicates a remote request.
418 * We will use the spaces and line length to guess the format.
420 * Assumes elm->lock taken.
422 static int elm327_parse_frame(struct elmcan *elm, size_t len)
424 struct can_frame *frame;
430 skb = alloc_can_skb(elm->dev, &frame);
434 /* Find first non-hex and non-space character:
435 * - In the simplest case, there is none.
436 * - For RTR frames, 'R' is the first non-hex character.
437 * - An error message may replace the end of the data line.
439 for (hexlen = 0; hexlen <= len; hexlen++) {
440 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
441 elm->rxbuf[hexlen] != ' ') {
446 /* Sanity check whether the line is really a clean hexdump,
447 * or terminated by an error message, or contains garbage.
450 !isdigit(elm->rxbuf[hexlen]) &&
451 !isupper(elm->rxbuf[hexlen]) &&
452 '<' != elm->rxbuf[hexlen] &&
453 ' ' != elm->rxbuf[hexlen]) {
454 /* The line is likely garbled anyway, so bail.
455 * The main code will restart listening.
460 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
461 * No out-of-bounds access:
462 * We use the fact that we can always read from elm->rxbuf.
464 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
465 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
466 elm->rxbuf[13] == ' ') {
467 frame->can_id = CAN_EFF_FLAG;
469 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
473 /* This is not a well-formatted data line.
474 * Assume it's an error message.
479 if (hexlen < datastart) {
480 /* The line is too short to be a valid frame hex dump.
481 * Something interrupted the hex dump or it is invalid.
486 /* From here on all chars up to buf[hexlen] are hex or spaces,
487 * at well-defined offsets.
490 /* Read CAN data length */
491 frame->len = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
494 if (frame->can_id & CAN_EFF_FLAG) {
495 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
496 | (hex_to_bin(elm->rxbuf[1]) << 24)
497 | (hex_to_bin(elm->rxbuf[3]) << 20)
498 | (hex_to_bin(elm->rxbuf[4]) << 16)
499 | (hex_to_bin(elm->rxbuf[6]) << 12)
500 | (hex_to_bin(elm->rxbuf[7]) << 8)
501 | (hex_to_bin(elm->rxbuf[9]) << 4)
502 | (hex_to_bin(elm->rxbuf[10]) << 0);
504 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
505 | (hex_to_bin(elm->rxbuf[1]) << 4)
506 | (hex_to_bin(elm->rxbuf[2]) << 0);
509 /* Check for RTR frame */
510 if (elm->rxfill >= hexlen + 3 &&
511 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
512 frame->can_id |= CAN_RTR_FLAG;
515 /* Is the line long enough to hold the advertised payload?
516 * Note: RTR frames have a DLC, but no actual payload.
518 if (!(frame->can_id & CAN_RTR_FLAG) &&
519 (hexlen < frame->len * 3 + datastart)) {
521 * Probably the ELM327's RS232 TX buffer was full.
522 * Emit an error frame and exit.
524 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
525 frame->len = CAN_ERR_DLC;
526 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
527 elm327_feed_frame_to_netdev(elm, skb);
529 /* Signal failure to parse.
530 * The line will be re-parsed as an error line, which will fail.
531 * However, this will correctly drop the state machine back into
537 /* Parse the data nibbles. */
538 for (i = 0; i < frame->len; i++) {
539 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
540 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
543 /* Feed the frame to the network layer. */
544 elm327_feed_frame_to_netdev(elm, skb);
549 /* Assumes elm->lock taken. */
550 static void elm327_parse_line(struct elmcan *elm, size_t len)
552 /* Skip empty lines */
556 /* Skip echo lines */
557 if (elm->drop_next_line) {
558 elm->drop_next_line = 0;
560 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
564 /* Regular parsing */
565 if (elm->state == ELM_RECEIVING
566 && elm327_parse_frame(elm, len)) {
567 /* Parse an error line. */
568 elm327_parse_error(elm, len);
571 elm327_kick_into_cmd_mode(elm);
575 /* Assumes elm->lock taken. */
576 static void elm327_handle_prompt(struct elmcan *elm)
578 struct can_frame *frame = &elm->can_frame_to_send;
579 char local_txbuf[20];
581 if (!elm->cmds_todo) {
582 /* Enter CAN monitor mode */
583 elm327_send(elm, "ATMA\r", 5);
584 elm->state = ELM_RECEIVING;
589 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
590 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
591 strcpy(local_txbuf, *elm->next_init_cmd);
593 elm->next_init_cmd++;
594 if (!(*elm->next_init_cmd)) {
595 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
599 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
600 sprintf(local_txbuf, "ATCSM%i\r",
601 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
603 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
604 sprintf(local_txbuf, "ATR%i\r",
605 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
607 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
608 sprintf(local_txbuf, "ATPC\r");
609 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
611 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
612 sprintf(local_txbuf, "ATPB%04X\r",
615 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
616 sprintf(local_txbuf, "ATCP%02X\r",
617 (frame->can_id & CAN_EFF_MASK) >> 24);
619 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
620 sprintf(local_txbuf, "ATSH%06X\r",
621 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
623 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
624 sprintf(local_txbuf, "ATSH%03X\r",
625 frame->can_id & CAN_SFF_MASK);
627 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
628 if (frame->can_id & CAN_RTR_FLAG) {
629 /* Send an RTR frame. Their DLC is fixed.
630 * Some chips don't send them at all.
632 sprintf(local_txbuf, "ATRTR\r");
634 /* Send a regular CAN data frame */
637 for (i = 0; i < frame->len; i++) {
638 sprintf(&local_txbuf[2 * i], "%02X",
642 sprintf(&local_txbuf[2 * i], "\r");
645 elm->drop_next_line = 1;
646 elm->state = ELM_RECEIVING;
649 elm327_send(elm, local_txbuf, strlen(local_txbuf));
652 static bool elm327_is_ready_char(char c)
654 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
655 * Probably bad hardware.
657 return (c & 0x3f) == ELM327_READY_CHAR;
660 /* Assumes elm->lock taken. */
661 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
663 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
667 /* Assumes elm->lock taken. */
668 static void elm327_parse_rxbuf(struct elmcan *elm)
673 switch (elm->state) {
678 case ELM_GETDUMMYCHAR:
680 /* Wait for 'y' or '>' */
681 for (i = 0; i < elm->rxfill; i++) {
682 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
683 elm327_send(elm, "\r", 1);
684 elm->state = ELM_GETPROMPT;
687 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
688 elm327_send(elm, ELM327_DUMMY_STRING, 1);
694 elm327_drop_bytes(elm, i);
701 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
702 elm327_handle_prompt(elm);
708 /* Find <CR> delimiting feedback lines. */
710 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
715 if (len == ELM327_SIZE_RXBUF) {
716 /* Line exceeds buffer. It's probably all garbage.
717 * Did we even connect at the right baud rate?
720 "RX buffer overflow. Faulty ELM327 or UART?\n");
721 elm327_hw_failure(elm);
723 } else if (len == elm->rxfill) {
724 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
725 /* The ELM327's AT ST response timeout ran out,
726 * so we got a prompt.
727 * Clear RX buffer and restart listening.
731 elm327_handle_prompt(elm);
735 /* No <CR> found - we haven't received a full line yet.
736 * Wait for more data.
741 /* We have a full line to parse. */
742 elm327_parse_line(elm, len);
744 /* Remove parsed data from RX buffer. */
745 elm327_drop_bytes(elm, len + 1);
747 /* More data to parse? */
749 elm327_parse_rxbuf(elm);
753 /* Dummy needed to use can_rx_offload */
754 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
755 unsigned int n, u32 *timestamp,
758 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
760 return ERR_PTR(-ENOBUFS);
763 static int elmcan_netdev_open(struct net_device *dev)
765 struct elmcan *elm = netdev_priv(dev);
768 spin_lock_bh(&elm->lock);
769 if (elm->hw_failure) {
770 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
771 spin_unlock_bh(&elm->lock);
776 spin_unlock_bh(&elm->lock);
780 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
781 err = open_candev(dev);
783 spin_unlock_bh(&elm->lock);
788 spin_unlock_bh(&elm->lock);
790 elm->offload.mailbox_read = elmcan_mailbox_read;
791 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
797 can_rx_offload_enable(&elm->offload);
799 can_led_event(dev, CAN_LED_EVENT_OPEN);
800 elm->can.state = CAN_STATE_ERROR_ACTIVE;
801 netif_start_queue(dev);
806 static int elmcan_netdev_close(struct net_device *dev)
808 struct elmcan *elm = netdev_priv(dev);
810 netif_stop_queue(dev);
812 spin_lock_bh(&elm->lock);
814 /* Interrupt whatever we're doing right now */
815 elm327_send(elm, ELM327_DUMMY_STRING, 1);
817 /* Clear the wakeup bit, as the netdev will be down and thus
818 * the wakeup handler won't clear it
820 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
822 spin_unlock_bh(&elm->lock);
824 flush_work(&elm->tx_work);
826 spin_unlock_bh(&elm->lock);
829 can_rx_offload_disable(&elm->offload);
830 elm->can.state = CAN_STATE_STOPPED;
831 can_rx_offload_del(&elm->offload);
833 can_led_event(dev, CAN_LED_EVENT_STOP);
838 /* Send a can_frame to a TTY. */
839 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
840 struct net_device *dev)
842 struct elmcan *elm = netdev_priv(dev);
843 struct can_frame *frame = (struct can_frame *)skb->data;
845 /* BHs are already disabled, so no spin_lock_bh().
846 * See Documentation/networking/netdevices.txt
848 spin_lock(&elm->lock);
850 /* We shouldn't get here after a hardware fault:
851 * can_bus_off() calls netif_carrier_off()
853 WARN_ON_ONCE(elm->hw_failure);
857 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
858 spin_unlock(&elm->lock);
862 netif_stop_queue(dev);
864 elm327_send_frame(elm, frame);
865 spin_unlock(&elm->lock);
867 dev->stats.tx_packets++;
868 dev->stats.tx_bytes += frame->len;
870 can_led_event(dev, CAN_LED_EVENT_TX);
877 static const struct net_device_ops elmcan_netdev_ops = {
878 .ndo_open = elmcan_netdev_open,
879 .ndo_stop = elmcan_netdev_close,
880 .ndo_start_xmit = elmcan_netdev_start_xmit,
881 .ndo_change_mtu = can_change_mtu,
884 /* Get a reference to our struct, taking into account locks/refcounts.
885 * This is to ensure ordering in case we are shutting down, and to ensure
886 * there is a refcount at all (otherwise tty->disc_data may be freed and
887 * before we increment the refcount).
888 * Use this for anything that can race against elmcan_ldisc_close().
890 static struct elmcan *get_elm(struct tty_struct *tty)
895 spin_lock_bh(&elmcan_discdata_lock);
896 elm = (struct elmcan *)tty->disc_data;
899 spin_unlock_bh(&elmcan_discdata_lock);
903 got_ref = atomic_inc_not_zero(&elm->refcount);
904 spin_unlock_bh(&elmcan_discdata_lock);
912 static void put_elm(struct elmcan *elm)
914 atomic_dec(&elm->refcount);
917 static bool elmcan_is_valid_rx_char(char c)
919 return (isdigit(c) ||
921 c == ELM327_DUMMY_CHAR ||
922 c == ELM327_READY_CHAR ||
933 /* Handle incoming ELM327 ASCII data.
934 * This will not be re-entered while running, but other ldisc
935 * functions may be called in parallel.
937 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
938 static void elmcan_ldisc_rx(struct tty_struct *tty,
939 const unsigned char *cp, char *fp, int count)
941 static void elmcan_ldisc_rx(struct tty_struct *tty,
942 const unsigned char *cp, const char *fp, int count)
945 struct elmcan *elm = get_elm(tty);
950 spin_lock_bh(&elm->lock);
955 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
957 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
959 elm327_hw_failure(elm);
964 /* Ignore NUL characters, which the PIC microcontroller may
965 * inadvertently insert due to a known hardware bug.
966 * See ELM327 documentation, which refers to a Microchip PIC
970 /* Check for stray characters on the UART line.
971 * Likely caused by bad hardware.
973 if (!elmcan_is_valid_rx_char(*cp)) {
975 "Received illegal character %02x.\n",
977 elm327_hw_failure(elm);
982 elm->rxbuf[elm->rxfill++] = *cp;
989 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
991 elm327_hw_failure(elm);
996 elm327_parse_rxbuf(elm);
999 spin_unlock_bh(&elm->lock);
1003 /* Write out remaining transmit buffer.
1004 * Scheduled when TTY is writable.
1006 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1008 /* No need to use get_elm() here, as we'll always flush workers
1009 * before destroying the elmcan object.
1011 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1014 spin_lock_bh(&elm->lock);
1015 if (elm->hw_failure) {
1016 spin_unlock_bh(&elm->lock);
1020 if (!elm->tty || !netif_running(elm->dev)) {
1021 spin_unlock_bh(&elm->lock);
1025 if (elm->txleft <= 0) {
1026 /* Our TTY write buffer is empty:
1027 * Allow netdev to hand us another packet
1029 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1030 spin_unlock_bh(&elm->lock);
1031 netif_wake_queue(elm->dev);
1035 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1037 netdev_err(elm->dev,
1038 "Failed to write to tty %s.\n",
1040 elm327_hw_failure(elm);
1041 spin_unlock_bh(&elm->lock);
1045 elm->txleft -= actual;
1046 elm->txhead += actual;
1047 spin_unlock_bh(&elm->lock);
1050 /* Called by the driver when there's room for more data. */
1051 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1053 struct elmcan *elm = get_elm(tty);
1058 schedule_work(&elm->tx_work);
1063 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1064 * or 7/8 of that. Divisors are 1 to 64.
1065 * Currently we don't implement support for 7/8 rates.
1067 static const u32 elmcan_bitrate_const[64] = {
1068 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1069 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1070 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1071 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1072 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1073 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1074 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1075 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1078 /* Dummy needed to use bitrate_const */
1079 static int elmcan_do_set_bittiming(struct net_device *netdev)
1084 static int elmcan_ldisc_open(struct tty_struct *tty)
1086 struct net_device *dev;
1090 if (!capable(CAP_NET_ADMIN))
1093 if (!tty->ops->write)
1096 dev = alloc_candev(sizeof(struct elmcan), 0);
1099 elm = netdev_priv(dev);
1101 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1107 /* Configure TTY interface */
1108 tty->receive_room = 65536; /* We don't flow control */
1109 elm->txleft = 0; /* Clear TTY TX buffer */
1110 spin_lock_init(&elm->lock);
1111 atomic_set(&elm->refcount, 1);
1112 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1114 /* Configure CAN metadata */
1115 elm->can.state = CAN_STATE_STOPPED;
1116 elm->can.bitrate_const = elmcan_bitrate_const;
1117 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1118 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1119 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1121 /* Configure netdev interface */
1123 dev->netdev_ops = &elmcan_netdev_ops;
1125 /* Mark ldisc channel as alive */
1127 tty->disc_data = elm;
1129 devm_can_led_init(elm->dev);
1132 err = register_candev(elm->dev);
1136 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1142 free_candev(elm->dev);
1146 /* Close down an elmcan channel.
1147 * This means flushing out any pending queues, and then returning.
1148 * This call is serialized against other ldisc functions:
1149 * Once this is called, no other ldisc function of ours is entered.
1151 * We also use this function for a hangup event.
1153 static void elmcan_ldisc_close(struct tty_struct *tty)
1155 struct elmcan *elm = get_elm(tty);
1160 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1161 unregister_candev(elm->dev);
1163 /* Decrease the refcount twice, once for our own get_elm(),
1164 * and once to remove the count of 1 that we set in _open().
1165 * Once it reaches 0, we can safely destroy it.
1170 while (atomic_read(&elm->refcount) > 0)
1171 msleep_interruptible(10);
1173 /* At this point, all ldisc calls to us have become no-ops. */
1175 flush_work(&elm->tx_work);
1177 /* Mark channel as dead */
1178 spin_lock_bh(&elm->lock);
1179 tty->disc_data = NULL;
1181 spin_unlock_bh(&elm->lock);
1183 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1186 free_candev(elm->dev);
1189 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1190 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1192 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1195 elmcan_ldisc_close(tty);
1196 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1201 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1202 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1205 unsigned int cmd, unsigned long arg)
1207 struct elmcan *elm = get_elm(tty);
1215 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1216 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1230 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1231 return tty_mode_ioctl(tty, file, cmd, arg);
1233 return tty_mode_ioctl(tty, cmd, arg);
1238 static struct tty_ldisc_ops elmcan_ldisc = {
1239 .owner = THIS_MODULE,
1241 .num = N_DEVELOPMENT,
1242 .receive_buf = elmcan_ldisc_rx,
1243 .write_wakeup = elmcan_ldisc_tx_wakeup,
1244 .open = elmcan_ldisc_open,
1245 .close = elmcan_ldisc_close,
1246 .hangup = elmcan_ldisc_hangup,
1247 .ioctl = elmcan_ldisc_ioctl,
1250 static int __init elmcan_init(void)
1254 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1255 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1257 status = tty_register_ldisc(&elmcan_ldisc);
1260 pr_err("Can't register line discipline\n");
1265 static void __exit elmcan_exit(void)
1267 /* This will only be called when all channels have been closed by
1268 * userspace - tty_ldisc.c takes care of the module's refcount.
1270 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1273 status = tty_unregister_ldisc(N_DEVELOPMENT);
1275 pr_err("Can't unregister line discipline (error: %d)\n",
1278 tty_unregister_ldisc(&elmcan_ldisc);
1282 module_init(elmcan_init);
1283 module_exit(elmcan_exit);
projects / elmcan.git / blob