1 // SPDX-License-Identifier: GPL-2.0
3 * elmcan.c - ELM327 based CAN interface driver
4 * (tty line discipline)
6 * This file is derived from linux/drivers/net/can/slcan.c
8 * elmcan.c Author : Max Staudt <max-linux@enpas.org>
9 * slcan.c Author : Oliver Hartkopp <socketcan@hartkopp.net>
10 * slip.c Authors : Laurence Culhane <loz@holmes.demon.co.uk>
11 * Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>
15 #define pr_fmt(fmt) "[elmcan] " fmt
18 #include <linux/init.h>
19 #include <linux/module.h>
20 #include <linux/moduleparam.h>
22 #include <linux/atomic.h>
23 #include <linux/bitops.h>
24 #include <linux/ctype.h>
25 #include <linux/delay.h>
26 #include <linux/errno.h>
27 #include <linux/if_ether.h>
28 #include <linux/kernel.h>
29 #include <linux/list.h>
30 #include <linux/netdevice.h>
31 #include <linux/skbuff.h>
32 #include <linux/spinlock.h>
33 #include <linux/string.h>
34 #include <linux/tty.h>
35 #include <linux/workqueue.h>
37 #include <linux/can.h>
38 #include <linux/can/dev.h>
39 #include <linux/can/error.h>
40 #include <linux/can/led.h>
43 MODULE_ALIAS_LDISC(N_ELMCAN);
44 MODULE_DESCRIPTION("ELM327 based CAN interface");
45 MODULE_LICENSE("GPL");
46 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
48 /* If this is enabled, we'll try to make the best of the situation
49 * even if we receive unexpected characters on the line.
51 * Handle with care, it's likely your hardware is unreliable!
53 static bool accept_flaky_uart;
54 module_param_named(accept_flaky_uart, accept_flaky_uart, bool, 0444);
55 MODULE_PARM_DESC(accept_flaky_uart, "Don't bail at the first invalid character. Behavior undefined.");
58 /* Line discipline ID number */
63 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
64 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
65 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
66 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
68 #define ELM327_MAGIC_CHAR 'y'
69 #define ELM327_MAGIC_STRING "y"
70 #define ELM327_READY_CHAR '>'
73 /* Bits in elm->cmds_todo */
75 ELM_TODO_CAN_DATA = 0,
77 ELM_TODO_CANID_29BIT_LOW,
78 ELM_TODO_CANID_29BIT_HIGH,
79 ELM_TODO_CAN_CONFIG_PART2,
82 ELM_TODO_SILENT_MONITOR,
88 /* This must be the first member when using alloc_candev() */
91 /* TTY and netdev devices that we're bridging */
92 struct tty_struct *tty;
93 struct net_device *dev;
95 /* Per-channel lock */
98 /* Keep track of how many things are using this struct.
99 * Once it reaches 0, we are in the process of cleaning up,
100 * and new operations will be cancelled immediately.
101 * Use atomic_t rather than refcount_t because we deliberately
102 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
107 /* Stop the channel on hardware failure.
108 * Once this is true, nothing will be sent to the TTY.
113 struct work_struct tx_work; /* Flushes TTY TX buffer */
114 unsigned char txbuf[32];
115 unsigned char *txhead; /* Pointer to next TX byte */
116 int txleft; /* Bytes left to TX */
119 unsigned char rxbuf[256];
132 /* The CAN frame and config the ELM327 is sending/using,
133 * or will send/use after finishing all cmds_todo
135 struct can_frame can_frame;
136 unsigned short can_config;
137 unsigned long can_bitrate;
138 unsigned char can_bitrate_divisor;
139 int silent_monitoring;
141 /* Things we have yet to send */
142 char **next_init_cmd;
143 unsigned long cmds_todo;
147 /* A lock for all tty->disc_data handled by this ldisc.
148 * This is to prevent a case where tty->disc_data is set to NULL,
149 * yet someone is still trying to dereference it.
150 * Without this, we cannot do a clean shutdown.
152 static DEFINE_SPINLOCK(elmcan_discdata_lock);
155 static inline void elm327_hw_failure(struct elmcan *elm);
159 /************************************************************************
160 * ELM327: Transmission *
162 * (all functions assume elm->lock taken) *
163 ************************************************************************/
165 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
172 memcpy(elm->txbuf, buf, len);
174 /* Order of next two lines is *very* important.
175 * When we are sending a little amount of data,
176 * the transfer may be completed inside the ops->write()
177 * routine, because it's running with interrupts enabled.
178 * In this case we *never* got WRITE_WAKEUP event,
179 * if we did not request it before write operation.
180 * 14 Oct 1994 Dmitry Gorodchanin.
182 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
183 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
186 "Failed to write to tty %s.\n",
188 elm327_hw_failure(elm);
192 elm->txleft = len - actual;
193 elm->txhead = elm->txbuf + actual;
197 /* Take the ELM327 out of almost any state and back into command mode. */
198 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
200 if (elm->state != ELM_GETMAGICCHAR && elm->state != ELM_GETPROMPT) {
201 elm327_send(elm, ELM327_MAGIC_STRING, 1);
203 elm->state = ELM_GETMAGICCHAR;
208 /* Schedule a CAN frame and necessary config changes to be sent to the TTY. */
209 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
211 /* Schedule any necessary changes in ELM327's CAN configuration */
212 if (elm->can_frame.can_id != frame->can_id) {
213 /* Set the new CAN ID for transmission. */
214 if ((frame->can_id & CAN_EFF_FLAG)
215 ^ (elm->can_frame.can_id & CAN_EFF_FLAG)) {
216 elm->can_config = (frame->can_id & CAN_EFF_FLAG
218 : ELM327_CAN_CONFIG_SEND_SFF)
219 | ELM327_CAN_CONFIG_VARIABLE_DLC
220 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
221 | elm->can_bitrate_divisor;
223 set_bit(ELM_TODO_CAN_CONFIG, &elm->cmds_todo);
226 if (frame->can_id & CAN_EFF_FLAG) {
227 clear_bit(ELM_TODO_CANID_11BIT, &elm->cmds_todo);
228 set_bit(ELM_TODO_CANID_29BIT_LOW, &elm->cmds_todo);
229 set_bit(ELM_TODO_CANID_29BIT_HIGH, &elm->cmds_todo);
231 set_bit(ELM_TODO_CANID_11BIT, &elm->cmds_todo);
232 clear_bit(ELM_TODO_CANID_29BIT_LOW, &elm->cmds_todo);
233 clear_bit(ELM_TODO_CANID_29BIT_HIGH, &elm->cmds_todo);
237 /* Schedule the CAN frame itself. */
238 elm->can_frame = *frame;
239 set_bit(ELM_TODO_CAN_DATA, &elm->cmds_todo);
241 elm327_kick_into_cmd_mode(elm);
246 /************************************************************************
247 * ELM327: Initialization sequence *
249 * (assumes elm->lock taken) *
250 ************************************************************************/
252 static char *elm327_init_script[] = {
253 "AT WS\r", /* v1.0: Warm Start */
254 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
255 "AT M0\r", /* v1.0: Memory Off */
256 "AT AL\r", /* v1.0: Allow Long messages */
257 "AT BI\r", /* v1.0: Bypass Initialization */
258 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
259 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
260 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
261 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
262 "AT E1\r", /* v1.0: Echo On */
263 "AT H1\r", /* v1.0: Headers On */
264 "AT L0\r", /* v1.0: Linefeeds Off */
265 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
266 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
267 "AT AT0\r", /* v1.2: Adaptive Timing Off */
268 "AT D1\r", /* v1.3: Print DLC On */
269 "AT S1\r", /* v1.3: Spaces On */
270 "AT TP B\r", /* v1.0: Try Protocol B */
275 static void elm327_init(struct elmcan *elm)
277 elm->state = ELM_NOTINIT;
278 elm->can_frame.can_id = 0x7df;
280 elm->drop_next_line = 0;
282 /* We can only set the bitrate as a fraction of 500000.
283 * The bit timing constants in elmcan_bittiming_const will
284 * limit the user to the right values.
286 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
287 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
288 | ELM327_CAN_CONFIG_VARIABLE_DLC
289 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
290 | elm->can_bitrate_divisor;
292 /* Configure ELM327 and then start monitoring */
293 elm->next_init_cmd = &elm327_init_script[0];
294 set_bit(ELM_TODO_INIT, &elm->cmds_todo);
295 set_bit(ELM_TODO_SILENT_MONITOR, &elm->cmds_todo);
296 set_bit(ELM_TODO_RESPONSES, &elm->cmds_todo);
297 set_bit(ELM_TODO_CAN_CONFIG, &elm->cmds_todo);
299 elm327_kick_into_cmd_mode(elm);
304 /************************************************************************
305 * ELM327: Reception -> netdev glue *
307 * (assumes elm->lock taken) *
308 ************************************************************************/
310 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
311 const struct can_frame *frame)
313 struct can_frame *cf;
316 if (!netif_running(elm->dev))
319 skb = alloc_can_skb(elm->dev, &cf);
324 memcpy(cf, frame, sizeof(struct can_frame));
326 elm->dev->stats.rx_packets++;
327 elm->dev->stats.rx_bytes += frame->can_dlc;
330 can_led_event(elm->dev, CAN_LED_EVENT_RX);
335 /************************************************************************
336 * ELM327: "Panic" handler *
338 * (assumes elm->lock taken) *
339 ************************************************************************/
341 /* Called when we're out of ideas and just want it all to end. */
342 static inline void elm327_hw_failure(struct elmcan *elm)
344 struct can_frame frame;
346 memset(&frame, 0, sizeof(frame));
347 frame.can_id = CAN_ERR_FLAG;
348 frame.can_dlc = CAN_ERR_DLC;
352 elm327_feed_frame_to_netdev(elm, &frame);
354 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
356 elm->hw_failure = true;
357 can_bus_off(elm->dev);
362 /************************************************************************
363 * ELM327: Reception parser *
365 * (assumes elm->lock taken) *
366 ************************************************************************/
368 static void elm327_parse_error(struct elmcan *elm, int len)
370 struct can_frame frame;
372 memset(&frame, 0, sizeof(frame));
373 frame.can_id = CAN_ERR_FLAG;
374 frame.can_dlc = CAN_ERR_DLC;
378 if (!memcmp(elm->rxbuf, "UNABLE TO CONNECT", 17)) {
380 "The ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
384 if (!memcmp(elm->rxbuf, "BUFFER FULL", 11)) {
385 /* This case will only happen if the last data
387 * Otherwise, elm327_parse_frame() will heuristically
388 * emit this error frame instead.
390 frame.can_id |= CAN_ERR_CRTL;
391 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
395 if (!memcmp(elm->rxbuf, "BUS ERROR", 9))
396 frame.can_id |= CAN_ERR_BUSERROR;
397 if (!memcmp(elm->rxbuf, "CAN ERROR", 9))
398 frame.can_id |= CAN_ERR_PROT;
399 if (!memcmp(elm->rxbuf, "<RX ERROR", 9))
400 frame.can_id |= CAN_ERR_PROT;
403 if (!memcmp(elm->rxbuf, "BUS BUSY", 8)) {
404 frame.can_id |= CAN_ERR_PROT;
405 frame.data[2] = CAN_ERR_PROT_OVERLOAD;
407 if (!memcmp(elm->rxbuf, "FB ERROR", 8)) {
408 frame.can_id |= CAN_ERR_PROT;
409 frame.data[2] = CAN_ERR_PROT_TX;
413 if (!memcmp(elm->rxbuf, "ERR", 3)) {
414 netdev_err(elm->dev, "The ELM327 reported an ERR%c%c. Please power it off and on again.\n",
415 elm->rxbuf[3], elm->rxbuf[4]);
416 frame.can_id |= CAN_ERR_CRTL;
420 /* Don't emit an error frame if we're unsure */
424 elm327_feed_frame_to_netdev(elm, &frame);
428 /* Parse CAN frames coming as ASCII from ELM327.
429 * They can be of various formats:
431 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
432 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
434 * where D = DLC, PL = payload byte
436 * Instead of a payload, RTR indicates a remote request.
438 * We will use the spaces and line length to guess the format.
440 static int elm327_parse_frame(struct elmcan *elm, int len)
442 struct can_frame frame;
447 memset(&frame, 0, sizeof(frame));
449 /* Find first non-hex and non-space character:
450 * - In the simplest case, there is none.
451 * - For RTR frames, 'R' is the first non-hex character.
452 * - An error message may replace the end of the data line.
454 for (hexlen = 0; hexlen <= len; hexlen++) {
455 if (hex_to_bin(elm->rxbuf[hexlen]) < 0
456 && elm->rxbuf[hexlen] != ' ') {
461 /* If we accept stray characters coming in:
462 * Check for stray characters on a payload line.
463 * No idea what causes this.
465 if (accept_flaky_uart
467 && !isdigit(elm->rxbuf[hexlen])
468 && !isupper(elm->rxbuf[hexlen])
469 && '<' != elm->rxbuf[hexlen]
470 && ' ' != elm->rxbuf[hexlen]) {
471 /* The line is likely garbled anyway, so bail.
472 * The main code will restart listening.
474 elm327_kick_into_cmd_mode(elm);
478 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
479 * No out-of-bounds access:
480 * We use the fact that we can always read from elm->rxbuf.
482 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' '
483 && elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' '
484 && elm->rxbuf[13] == ' ') {
485 frame.can_id = CAN_EFF_FLAG;
487 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
491 /* This is not a well-formatted data line.
492 * Assume it's an error message.
497 if (hexlen < datastart) {
498 /* The line is too short to be a valid frame hex dump.
499 * Something interrupted the hex dump or it is invalid.
504 /* From here on all chars up to buf[hexlen] are hex or spaces,
505 * at well-defined offsets.
508 /* Read CAN data length */
509 frame.can_dlc = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
512 if (frame.can_id & CAN_EFF_FLAG) {
513 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
514 | (hex_to_bin(elm->rxbuf[1]) << 24)
515 | (hex_to_bin(elm->rxbuf[3]) << 20)
516 | (hex_to_bin(elm->rxbuf[4]) << 16)
517 | (hex_to_bin(elm->rxbuf[6]) << 12)
518 | (hex_to_bin(elm->rxbuf[7]) << 8)
519 | (hex_to_bin(elm->rxbuf[9]) << 4)
520 | (hex_to_bin(elm->rxbuf[10]) << 0);
522 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
523 | (hex_to_bin(elm->rxbuf[1]) << 4)
524 | (hex_to_bin(elm->rxbuf[2]) << 0);
527 /* Check for RTR frame */
528 if (elm->rxfill >= hexlen + 3
529 && !memcmp(&elm->rxbuf[hexlen], "RTR", 3)) {
530 frame.can_id |= CAN_RTR_FLAG;
533 /* Is the line long enough to hold the advertised payload?
534 * Note: RTR frames have a DLC, but no actual payload.
536 if (!(frame.can_id & CAN_RTR_FLAG)
537 && (hexlen < frame.can_dlc * 3 + datastart)) {
538 /* Incomplete frame. */
540 /* Probably the ELM327's RS232 TX buffer was full.
541 * Emit an error frame and exit.
543 frame.can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
544 frame.can_dlc = CAN_ERR_DLC;
545 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
546 elm327_feed_frame_to_netdev(elm, &frame);
548 /* Signal failure to parse.
549 * The line will be re-parsed as an error line, which will fail.
550 * However, this will correctly drop the state machine back into
556 /* Parse the data nibbles. */
557 for (i = 0; i < frame.can_dlc; i++) {
558 frame.data[i] = (hex_to_bin(elm->rxbuf[datastart+3*i]) << 4)
559 | (hex_to_bin(elm->rxbuf[datastart+3*i+1]) << 0);
562 /* Feed the frame to the network layer. */
563 elm327_feed_frame_to_netdev(elm, &frame);
569 static void elm327_parse_line(struct elmcan *elm, int len)
571 /* Skip empty lines */
575 /* Skip echo lines */
576 if (elm->drop_next_line) {
577 elm->drop_next_line = 0;
579 } else if (elm->rxbuf[0] == 'A' && elm->rxbuf[1] == 'T') {
583 /* Regular parsing */
584 switch (elm->state) {
586 if (elm327_parse_frame(elm, len)) {
587 /* Parse an error line. */
588 elm327_parse_error(elm, len);
591 elm327_kick_into_cmd_mode(elm);
599 static void elm327_handle_prompt(struct elmcan *elm)
601 struct can_frame *frame = &elm->can_frame;
602 char local_txbuf[20];
604 if (!elm->cmds_todo) {
605 /* Enter CAN monitor mode */
606 elm327_send(elm, "ATMA\r", 5);
607 elm->state = ELM_RECEIVING;
612 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
613 if (test_bit(ELM_TODO_INIT, &elm->cmds_todo)) {
614 strcpy(local_txbuf, *elm->next_init_cmd);
616 elm->next_init_cmd++;
617 if (!(*elm->next_init_cmd)) {
618 clear_bit(ELM_TODO_INIT, &elm->cmds_todo);
619 netdev_info(elm->dev, "Initialization finished.\n");
622 } else if (test_and_clear_bit(ELM_TODO_SILENT_MONITOR, &elm->cmds_todo)) {
623 sprintf(local_txbuf, "ATCSM%i\r",
624 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
626 } else if (test_and_clear_bit(ELM_TODO_RESPONSES, &elm->cmds_todo)) {
627 sprintf(local_txbuf, "ATR%i\r",
628 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
630 } else if (test_and_clear_bit(ELM_TODO_CAN_CONFIG, &elm->cmds_todo)) {
631 sprintf(local_txbuf, "ATPC\r");
632 set_bit(ELM_TODO_CAN_CONFIG_PART2, &elm->cmds_todo);
634 } else if (test_and_clear_bit(ELM_TODO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
635 sprintf(local_txbuf, "ATPB%04X\r",
638 } else if (test_and_clear_bit(ELM_TODO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
639 sprintf(local_txbuf, "ATCP%02X\r",
640 (frame->can_id & CAN_EFF_MASK) >> 24);
642 } else if (test_and_clear_bit(ELM_TODO_CANID_29BIT_LOW, &elm->cmds_todo)) {
643 sprintf(local_txbuf, "ATSH%06X\r",
644 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
646 } else if (test_and_clear_bit(ELM_TODO_CANID_11BIT, &elm->cmds_todo)) {
647 sprintf(local_txbuf, "ATSH%03X\r",
648 frame->can_id & CAN_SFF_MASK);
650 } else if (test_and_clear_bit(ELM_TODO_CAN_DATA, &elm->cmds_todo)) {
651 if (frame->can_id & CAN_RTR_FLAG) {
652 /* Send an RTR frame. Their DLC is fixed.
653 * Some chips don't send them at all.
655 sprintf(local_txbuf, "ATRTR\r");
657 /* Send a regular CAN data frame */
660 for (i = 0; i < frame->can_dlc; i++) {
661 sprintf(&local_txbuf[2*i], "%02X",
665 sprintf(&local_txbuf[2*i], "\r");
668 elm->drop_next_line = 1;
669 elm->state = ELM_RECEIVING;
672 elm327_send(elm, local_txbuf, strlen(local_txbuf));
676 static bool elm327_is_ready_char(char c)
678 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
679 * Probably bad hardware.
681 return (c & 0x3f) == ELM327_READY_CHAR;
684 static void elm327_drop_bytes(struct elmcan *elm, int i)
686 memmove(&elm->rxbuf[0], &elm->rxbuf[i], sizeof(elm->rxbuf) - i);
690 static void elm327_parse_rxbuf(struct elmcan *elm)
694 switch (elm->state) {
699 case ELM_GETMAGICCHAR:
701 /* Wait for 'y' or '>' */
704 for (i = 0; i < elm->rxfill; i++) {
705 if (elm->rxbuf[i] == ELM327_MAGIC_CHAR) {
706 elm327_send(elm, "\r", 1);
707 elm->state = ELM_GETPROMPT;
710 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
711 elm327_send(elm, ELM327_MAGIC_STRING, 1);
717 elm327_drop_bytes(elm, i);
724 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
725 elm327_handle_prompt(elm);
731 /* Find <CR> delimiting feedback lines. */
733 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
738 if (len == sizeof(elm->rxbuf)) {
739 /* Line exceeds buffer. It's probably all garbage.
740 * Did we even connect at the right baud rate?
743 "RX buffer overflow. Faulty ELM327 or UART?\n");
744 elm327_hw_failure(elm);
746 } else if (len == elm->rxfill) {
747 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
748 /* The ELM327's AT ST response timeout ran out,
749 * so we got a prompt.
750 * Clear RX buffer and restart listening.
754 elm327_handle_prompt(elm);
758 /* No <CR> found - we haven't received a full line yet.
759 * Wait for more data.
764 /* We have a full line to parse. */
765 elm327_parse_line(elm, len);
767 /* Remove parsed data from RX buffer. */
768 elm327_drop_bytes(elm, len+1);
770 /* More data to parse? */
772 elm327_parse_rxbuf(elm);
780 /************************************************************************
783 * (takes elm->lock) *
784 ************************************************************************/
786 static int elmcan_netdev_open(struct net_device *dev)
788 struct elmcan *elm = netdev_priv(dev);
791 spin_lock_bh(&elm->lock);
792 if (elm->hw_failure) {
793 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
794 spin_unlock_bh(&elm->lock);
798 if (elm->tty == NULL) {
799 spin_unlock_bh(&elm->lock);
803 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
804 err = open_candev(dev);
806 spin_unlock_bh(&elm->lock);
811 spin_unlock_bh(&elm->lock);
813 can_led_event(dev, CAN_LED_EVENT_OPEN);
814 elm->can.state = CAN_STATE_ERROR_ACTIVE;
815 netif_start_queue(dev);
820 static int elmcan_netdev_close(struct net_device *dev)
822 struct elmcan *elm = netdev_priv(dev);
824 spin_lock_bh(&elm->lock);
826 /* Interrupt whatever we're doing right now */
827 elm327_send(elm, ELM327_MAGIC_STRING, 1);
829 /* Clear the wakeup bit, as the netdev will be down and thus
830 * the wakeup handler won't clear it
832 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
834 spin_unlock_bh(&elm->lock);
836 flush_work(&elm->tx_work);
838 spin_unlock_bh(&elm->lock);
841 elm->can.state = CAN_STATE_STOPPED;
842 netif_stop_queue(dev);
844 can_led_event(dev, CAN_LED_EVENT_STOP);
849 /* Send a can_frame to a TTY. */
850 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
851 struct net_device *dev)
853 struct elmcan *elm = netdev_priv(dev);
854 struct can_frame *frame = (struct can_frame *) skb->data;
856 if (skb->len != sizeof(struct can_frame))
859 if (!netif_running(dev)) {
860 netdev_warn(elm->dev, "xmit: iface is down.\n");
864 /* BHs are already disabled, so no spin_lock_bh().
865 * See Documentation/networking/netdevices.txt
867 spin_lock(&elm->lock);
869 /* We shouldn't get here after a hardware fault:
870 * can_bus_off() calls netif_carrier_off()
872 WARN_ON(elm->hw_failure);
876 || elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
877 spin_unlock(&elm->lock);
881 netif_stop_queue(dev);
883 elm327_send_frame(elm, frame);
884 spin_unlock(&elm->lock);
886 dev->stats.tx_packets++;
887 dev->stats.tx_bytes += frame->can_dlc;
889 can_led_event(dev, CAN_LED_EVENT_TX);
897 static const struct net_device_ops elmcan_netdev_ops = {
898 .ndo_open = elmcan_netdev_open,
899 .ndo_stop = elmcan_netdev_close,
900 .ndo_start_xmit = elmcan_netdev_start_xmit,
901 .ndo_change_mtu = can_change_mtu,
908 /************************************************************************
911 * (takes elm->lock) *
912 ************************************************************************/
914 /* Get a reference to our struct, taking into account locks/refcounts.
915 * This is to ensure ordering in case we are shutting down, and to ensure
916 * there is a refcount at all (otherwise tty->disc_data may be freed and
917 * before we increment the refcount).
918 * Use this for anything that can race against elmcan_ldisc_close().
920 static struct elmcan *get_elm(struct tty_struct *tty)
925 spin_lock_bh(&elmcan_discdata_lock);
926 elm = (struct elmcan *) tty->disc_data;
929 spin_unlock_bh(&elmcan_discdata_lock);
933 got_ref = atomic_inc_not_zero(&elm->refcount);
934 spin_unlock_bh(&elmcan_discdata_lock);
942 static void put_elm(struct elmcan *elm)
944 atomic_dec(&elm->refcount);
948 /* Handle incoming ELM327 ASCII data.
949 * This will not be re-entered while running, but other ldisc
950 * functions may be called in parallel.
952 static void elmcan_ldisc_rx(struct tty_struct *tty,
953 const unsigned char *cp, char *fp, int count)
955 struct elmcan *elm = get_elm(tty);
960 spin_lock_bh(&elm->lock);
962 if (elm->hw_failure) {
966 while (count-- && elm->rxfill < sizeof(elm->rxbuf)) {
968 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
970 elm327_hw_failure(elm);
975 /* Ignore NUL characters, which the PIC microcontroller may
976 * inadvertently insert due to a known hardware bug.
977 * See ELM327 documentation, which refers to a Microchip PIC
981 /* Check for stray characters on the UART line.
982 * Likely caused by bad hardware.
984 if (!accept_flaky_uart
987 && ELM327_MAGIC_CHAR != *cp
988 && ELM327_READY_CHAR != *cp
998 "Received illegal character %02x.\n",
1000 elm327_hw_failure(elm);
1005 elm->rxbuf[elm->rxfill++] = *cp;
1012 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
1014 elm327_hw_failure(elm);
1019 elm327_parse_rxbuf(elm);
1022 spin_unlock_bh(&elm->lock);
1027 /* Write out remaining transmit buffer.
1028 * Scheduled when TTY is writable.
1030 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1032 /* No need to use get_elm() here, as we'll always flush workers
1033 * before destroying the elmcan object.
1035 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1038 spin_lock_bh(&elm->lock);
1039 if (elm->hw_failure) {
1040 spin_unlock_bh(&elm->lock);
1044 if (!elm->tty || !netif_running(elm->dev)) {
1045 spin_unlock_bh(&elm->lock);
1049 if (elm->txleft <= 0) {
1050 /* Our TTY write buffer is empty:
1051 * Allow netdev to hand us another packet
1053 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1054 spin_unlock_bh(&elm->lock);
1055 netif_wake_queue(elm->dev);
1059 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1061 netdev_err(elm->dev,
1062 "Failed to write to tty %s.\n",
1064 elm327_hw_failure(elm);
1065 spin_unlock_bh(&elm->lock);
1069 elm->txleft -= actual;
1070 elm->txhead += actual;
1071 spin_unlock_bh(&elm->lock);
1074 /* Called by the driver when there's room for more data. */
1075 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1077 struct elmcan *elm = get_elm(tty);
1082 schedule_work(&elm->tx_work);
1088 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1089 * or 7/8 of that. Divisors are 1 to 64.
1090 * Currently we don't implement support for 7/8 rates.
1092 static const u32 elmcan_bitrate_const[64] = {
1093 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1094 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1095 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1096 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1097 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1098 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1099 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1100 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1104 /* Dummy needed to use bitrate_const */
1105 static int elmcan_do_set_bittiming(struct net_device *netdev)
1111 static int elmcan_ldisc_open(struct tty_struct *tty)
1113 struct net_device *dev;
1117 if (!capable(CAP_NET_ADMIN))
1120 if (!tty->ops->write)
1124 dev = alloc_candev(sizeof(struct elmcan), 0);
1127 elm = netdev_priv(dev);
1129 /* Configure TTY interface */
1130 tty->receive_room = 65536; /* We don't flow control */
1131 elm->txleft = 0; /* Clear TTY TX buffer */
1132 spin_lock_init(&elm->lock);
1133 atomic_set(&elm->refcount, 1);
1134 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1136 /* Configure CAN metadata */
1137 elm->can.state = CAN_STATE_STOPPED;
1138 elm->can.bitrate_const = elmcan_bitrate_const;
1139 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1140 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1141 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1143 /* Configure netlink interface */
1145 dev->netdev_ops = &elmcan_netdev_ops;
1147 /* Mark ldisc channel as alive */
1149 tty->disc_data = elm;
1151 devm_can_led_init(elm->dev);
1154 err = register_candev(elm->dev);
1156 free_candev(elm->dev);
1160 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1165 /* Close down an elmcan channel.
1166 * This means flushing out any pending queues, and then returning.
1167 * This call is serialized against other ldisc functions:
1168 * Once this is called, no other ldisc function of ours is entered.
1170 * We also use this function for a hangup event.
1172 static void elmcan_ldisc_close(struct tty_struct *tty)
1174 struct elmcan *elm = get_elm(tty);
1179 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1180 unregister_candev(elm->dev);
1182 /* Decrease the refcount twice, once for our own get_elm(),
1183 * and once to remove the count of 1 that we set in _open().
1184 * Once it reaches 0, we can safely destroy it.
1189 while (atomic_read(&elm->refcount) > 0)
1190 msleep_interruptible(10);
1192 /* At this point, all ldisc calls to us have become no-ops. */
1194 /* Mark channel as dead */
1195 spin_lock_bh(&elm->lock);
1196 tty->disc_data = NULL;
1198 spin_unlock_bh(&elm->lock);
1200 flush_work(&elm->tx_work);
1202 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1204 free_candev(elm->dev);
1207 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1209 elmcan_ldisc_close(tty);
1213 static int elmcan_ldisc_ioctl(struct tty_struct *tty, struct file *file,
1214 unsigned int cmd, unsigned long arg)
1216 struct elmcan *elm = get_elm(tty);
1224 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1225 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1239 return tty_mode_ioctl(tty, file, cmd, arg);
1243 static struct tty_ldisc_ops elmcan_ldisc = {
1244 .owner = THIS_MODULE,
1245 .magic = TTY_LDISC_MAGIC,
1247 .receive_buf = elmcan_ldisc_rx,
1248 .write_wakeup = elmcan_ldisc_tx_wakeup,
1249 .open = elmcan_ldisc_open,
1250 .close = elmcan_ldisc_close,
1251 .hangup = elmcan_ldisc_hangup,
1252 .ioctl = elmcan_ldisc_ioctl,
1259 /************************************************************************
1260 * Module init/exit *
1261 ************************************************************************/
1263 static int __init elmcan_init(void)
1267 pr_info("ELM327 based best-effort CAN interface driver\n");
1268 pr_info("This device is severely limited as a CAN interface, see documentation.\n");
1270 status = tty_register_ldisc(N_ELMCAN, &elmcan_ldisc);
1272 pr_err("can't register line discipline\n");
1277 static void __exit elmcan_exit(void)
1279 /* This will only be called when all channels have been closed by
1280 * userspace - tty_ldisc.c takes care of the module's refcount.
1284 status = tty_unregister_ldisc(N_ELMCAN);
1286 pr_err("Can't unregister line discipline (error: %d)\n",
1290 module_init(elmcan_init);
1291 module_exit(elmcan_exit);
projects / elmcan.git / blob