1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
8 * elmcan.c Author : Max Staudt <max-linux@enpas.org>
9 * slcan.c Author : Oliver Hartkopp <socketcan@hartkopp.net>
10 * slip.c Authors : Laurence Culhane <loz@holmes.demon.co.uk>
11 * Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>
14 #define pr_fmt(fmt) "elmcan: " fmt
16 #include <linux/init.h>
17 #include <linux/module.h>
18 #include <linux/moduleparam.h>
20 #include <linux/atomic.h>
21 #include <linux/bitops.h>
22 #include <linux/ctype.h>
23 #include <linux/delay.h>
24 #include <linux/errno.h>
25 #include <linux/if_ether.h>
26 #include <linux/kernel.h>
27 #include <linux/list.h>
28 #include <linux/lockdep.h>
29 #include <linux/netdevice.h>
30 #include <linux/skbuff.h>
31 #include <linux/spinlock.h>
32 #include <linux/string.h>
33 #include <linux/tty.h>
34 #include <linux/tty_ldisc.h>
35 #include <linux/version.h>
36 #include <linux/workqueue.h>
38 #include <uapi/linux/tty.h>
40 #include <linux/can.h>
41 #include <linux/can/dev.h>
42 #include <linux/can/error.h>
43 #include <linux/can/led.h>
44 #include <linux/can/rx-offload.h>
46 /* Line discipline ID number.
47 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
48 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
51 #define N_DEVELOPMENT 29
54 /* Compatibility for Linux < 5.11 */
55 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,11,0)
59 #define ELM327_NAPI_WEIGHT 4
61 #define ELM327_SIZE_RXBUF 224
62 #define ELM327_SIZE_TXBUF 32
64 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
65 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
66 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
67 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
69 #define ELM327_DUMMY_CHAR 'y'
70 #define ELM327_DUMMY_STRING "y"
71 #define ELM327_READY_CHAR '>'
73 /* Bits in elm->cmds_todo */
74 enum elm327_to_to_do_bits {
75 ELM327_TX_DO_CAN_DATA = 0,
76 ELM327_TX_DO_CANID_11BIT,
77 ELM327_TX_DO_CANID_29BIT_LOW,
78 ELM327_TX_DO_CANID_29BIT_HIGH,
79 ELM327_TX_DO_CAN_CONFIG_PART2,
80 ELM327_TX_DO_CAN_CONFIG,
81 ELM327_TX_DO_RESPONSES,
82 ELM327_TX_DO_SILENT_MONITOR,
87 /* This must be the first member when using alloc_candev() */
90 struct can_rx_offload offload;
93 u8 rxbuf[ELM327_SIZE_RXBUF];
94 u8 txbuf[ELM327_SIZE_TXBUF] ____cacheline_aligned;
96 /* TTY buffer accounting */
97 struct work_struct tx_work; /* Flushes TTY TX buffer */
98 u8 *txhead; /* Next TX byte */
99 unsigned txleft; /* Bytes left to TX */
100 int rxfill; /* Bytes already RX'd in buffer */
102 /* TTY and netdev devices that we're bridging */
103 struct tty_struct *tty;
104 struct net_device *dev;
106 /* Per-channel lock */
111 ELM327_STATE_NOTINIT = 0,
112 ELM327_STATE_GETDUMMYCHAR,
113 ELM327_STATE_GETPROMPT,
114 ELM327_STATE_RECEIVING,
117 /* Things we have yet to send */
118 char **next_init_cmd;
119 unsigned long cmds_todo;
121 /* The CAN frame and config the ELM327 is sending/using,
122 * or will send/use after finishing all cmds_todo
124 struct can_frame can_frame_to_send;
126 u8 can_bitrate_divisor;
131 /* Stop the channel on UART side hardware failure, e.g. stray
132 * characters or neverending lines. This may be caused by bad
133 * UART wiring, a bad ELM327, a bad UART bridge...
134 * Once this is true, nothing will be sent to the TTY.
136 bool uart_side_failure;
139 static inline void elm327_uart_side_failure(struct elmcan *elm);
141 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
145 lockdep_assert_held(elm->lock);
147 if (elm->uart_side_failure)
150 memcpy(elm->txbuf, buf, len);
152 written = elm->tty->ops->write(elm->tty, elm->txbuf, len);
155 "Failed to write to tty %s.\n",
157 elm327_uart_side_failure(elm);
161 elm->txleft = len - written;
162 elm->txhead = elm->txbuf + written;
165 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
168 /* Take the ELM327 out of almost any state and back into command mode.
169 * We send ELM327_DUMMY_CHAR which will either abort any running
170 * operation, or be echoed back to us in case we're already in command
173 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
175 lockdep_assert_held(elm->lock);
177 if (elm->state != ELM327_STATE_GETDUMMYCHAR &&
178 elm->state != ELM327_STATE_GETPROMPT) {
179 elm327_send(elm, ELM327_DUMMY_STRING, 1);
181 elm->state = ELM327_STATE_GETDUMMYCHAR;
185 /* Schedule a CAN frame and necessary config changes to be sent to the TTY. */
186 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
188 lockdep_assert_held(elm->lock);
190 /* Schedule any necessary changes in ELM327's CAN configuration */
191 if (elm->can_frame_to_send.can_id != frame->can_id) {
192 /* Set the new CAN ID for transmission. */
193 if ((frame->can_id & CAN_EFF_FLAG) ^
194 (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
195 elm->can_config = (frame->can_id & CAN_EFF_FLAG
197 : ELM327_CAN_CONFIG_SEND_SFF)
198 | ELM327_CAN_CONFIG_VARIABLE_DLC
199 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
200 | elm->can_bitrate_divisor;
202 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
205 if (frame->can_id & CAN_EFF_FLAG) {
206 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
207 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
208 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
210 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
211 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
212 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
216 /* Schedule the CAN frame itself. */
217 elm->can_frame_to_send = *frame;
218 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
220 elm327_kick_into_cmd_mode(elm);
223 /* ELM327 initialisation sequence.
224 * The line length is limited by the buffer in elm327_handle_prompt().
226 static char *elm327_init_script[] = {
227 "AT WS\r", /* v1.0: Warm Start */
228 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
229 "AT M0\r", /* v1.0: Memory Off */
230 "AT AL\r", /* v1.0: Allow Long messages */
231 "AT BI\r", /* v1.0: Bypass Initialisation */
232 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
233 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
234 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
235 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
236 "AT E1\r", /* v1.0: Echo On */
237 "AT H1\r", /* v1.0: Headers On */
238 "AT L0\r", /* v1.0: Linefeeds Off */
239 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
240 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
241 "AT AT0\r", /* v1.2: Adaptive Timing Off */
242 "AT D1\r", /* v1.3: Print DLC On */
243 "AT S1\r", /* v1.3: Spaces On */
244 "AT TP B\r", /* v1.0: Try Protocol B */
248 static void elm327_init(struct elmcan *elm)
250 lockdep_assert_held(elm->lock);
252 elm->state = ELM327_STATE_NOTINIT;
253 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
255 elm->drop_next_line = 0;
257 /* We can only set the bitrate as a fraction of 500000.
258 * The bit timing constants in elmcan_bittiming_const will
259 * limit the user to the right values.
261 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
262 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
263 | ELM327_CAN_CONFIG_VARIABLE_DLC
264 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
265 | elm->can_bitrate_divisor;
267 /* Configure ELM327 and then start monitoring */
268 elm->next_init_cmd = &elm327_init_script[0];
269 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
270 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
271 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
272 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
274 elm327_kick_into_cmd_mode(elm);
277 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
280 lockdep_assert_held(elm->lock);
282 if (!netif_running(elm->dev))
285 /* Queue for NAPI pickup.
286 * rx-offload will update stats and LEDs for us.
288 if (can_rx_offload_queue_tail(&elm->offload, skb))
289 elm->dev->stats.rx_fifo_errors++;
291 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
293 can_rx_offload_irq_finish(&elm->offload);
297 /* Called when we're out of ideas and just want it all to end. */
298 static inline void elm327_uart_side_failure(struct elmcan *elm)
300 struct can_frame *frame;
303 lockdep_assert_held(elm->lock);
305 elm->uart_side_failure = true;
307 elm->can.can_stats.bus_off++;
308 netif_stop_queue(elm->dev);
309 elm->can.state = CAN_STATE_BUS_OFF;
310 can_bus_off(elm->dev);
312 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
314 skb = alloc_can_err_skb(elm->dev, &frame);
318 frame->can_id |= CAN_ERR_BUSOFF;
319 elm327_feed_frame_to_netdev(elm, skb);
322 /* Compare buffer to string length, then compare buffer to fixed string.
323 * This ensures two things:
324 * - It flags cases where the fixed string is only the start of the
325 * buffer, rather than exactly all of it.
326 * - It avoids byte comparisons in case the length doesn't match.
328 * strncmp() cannot be used here because it accepts the following wrong case:
329 * strncmp("CAN ER", "CAN ERROR", 6);
330 * This must fail, hence this helper function.
332 static inline int check_len_then_cmp(const u8 *mem, size_t mem_len, const char *str)
334 size_t str_len = strlen(str);
336 return (mem_len == str_len) && !memcmp(mem, str, str_len);
339 static void elm327_parse_error(struct elmcan *elm, size_t len)
341 struct can_frame *frame;
344 lockdep_assert_held(elm->lock);
346 skb = alloc_can_err_skb(elm->dev, &frame);
348 /* It's okay to return here:
349 * The outer parsing loop will drop this UART buffer.
353 /* Filter possible error messages based on length of RX'd line */
354 if (check_len_then_cmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
356 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
357 } else if (check_len_then_cmp(elm->rxbuf, len, "BUFFER FULL")) {
358 /* This will only happen if the last data line was complete.
359 * Otherwise, elm327_parse_frame() will heuristically
360 * emit this kind of error frame instead.
362 frame->can_id |= CAN_ERR_CRTL;
363 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
364 } else if (check_len_then_cmp(elm->rxbuf, len, "BUS ERROR")) {
365 frame->can_id |= CAN_ERR_BUSERROR;
366 } else if (check_len_then_cmp(elm->rxbuf, len, "CAN ERROR")) {
367 frame->can_id |= CAN_ERR_PROT;
368 } else if (check_len_then_cmp(elm->rxbuf, len, "<RX ERROR")) {
369 frame->can_id |= CAN_ERR_PROT;
370 } else if (check_len_then_cmp(elm->rxbuf, len, "BUS BUSY")) {
371 frame->can_id |= CAN_ERR_PROT;
372 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
373 } else if (check_len_then_cmp(elm->rxbuf, len, "FB ERROR")) {
374 frame->can_id |= CAN_ERR_PROT;
375 frame->data[2] = CAN_ERR_PROT_TX;
376 } else if (len == 5 && !memcmp(elm->rxbuf, "ERR", 3)) {
377 /* ERR is followed by two digits, hence line length 5 */
378 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
379 elm->rxbuf[3], elm->rxbuf[4]);
380 frame->can_id |= CAN_ERR_CRTL;
382 /* Something else has happened.
383 * Maybe garbage on the UART line.
384 * Emit a generic error frame.
388 elm327_feed_frame_to_netdev(elm, skb);
391 /* Parse CAN frames coming as ASCII from ELM327.
392 * They can be of various formats:
394 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
395 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
397 * where D = DLC, PL = payload byte
399 * Instead of a payload, RTR indicates a remote request.
401 * We will use the spaces and line length to guess the format.
403 static int elm327_parse_frame(struct elmcan *elm, size_t len)
405 struct can_frame *frame;
411 lockdep_assert_held(elm->lock);
413 skb = alloc_can_skb(elm->dev, &frame);
417 /* Find first non-hex and non-space character:
418 * - In the simplest case, there is none.
419 * - For RTR frames, 'R' is the first non-hex character.
420 * - An error message may replace the end of the data line.
422 for (hexlen = 0; hexlen <= len; hexlen++) {
423 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
424 elm->rxbuf[hexlen] != ' ') {
429 /* Sanity check whether the line is really a clean hexdump,
430 * or terminated by an error message, or contains garbage.
433 !isdigit(elm->rxbuf[hexlen]) &&
434 !isupper(elm->rxbuf[hexlen]) &&
435 '<' != elm->rxbuf[hexlen] &&
436 ' ' != elm->rxbuf[hexlen]) {
437 /* The line is likely garbled anyway, so bail.
438 * The main code will restart listening.
443 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
444 * No out-of-bounds access:
445 * We use the fact that we can always read from elm->rxbuf.
447 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
448 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
449 elm->rxbuf[13] == ' ') {
450 frame->can_id = CAN_EFF_FLAG;
452 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
455 /* This is not a well-formatted data line.
456 * Assume it's an error message.
461 if (hexlen < datastart) {
462 /* The line is too short to be a valid frame hex dump.
463 * Something interrupted the hex dump or it is invalid.
468 /* From here on all chars up to buf[hexlen] are hex or spaces,
469 * at well-defined offsets.
472 /* Read CAN data length */
473 frame->len = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
476 if (frame->can_id & CAN_EFF_FLAG) {
477 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
478 | (hex_to_bin(elm->rxbuf[1]) << 24)
479 | (hex_to_bin(elm->rxbuf[3]) << 20)
480 | (hex_to_bin(elm->rxbuf[4]) << 16)
481 | (hex_to_bin(elm->rxbuf[6]) << 12)
482 | (hex_to_bin(elm->rxbuf[7]) << 8)
483 | (hex_to_bin(elm->rxbuf[9]) << 4)
484 | (hex_to_bin(elm->rxbuf[10]) << 0);
486 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
487 | (hex_to_bin(elm->rxbuf[1]) << 4)
488 | (hex_to_bin(elm->rxbuf[2]) << 0);
491 /* Check for RTR frame */
492 if (elm->rxfill >= hexlen + 3 &&
493 !memcmp(&elm->rxbuf[hexlen], "RTR", 3)) {
494 frame->can_id |= CAN_RTR_FLAG;
497 /* Is the line long enough to hold the advertised payload?
498 * Note: RTR frames have a DLC, but no actual payload.
500 if (!(frame->can_id & CAN_RTR_FLAG) &&
501 (hexlen < frame->len * 3 + datastart)) {
503 * Probably the ELM327's RS232 TX buffer was full.
504 * Emit an error frame and exit.
506 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
507 frame->len = CAN_ERR_DLC;
508 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
509 elm327_feed_frame_to_netdev(elm, skb);
511 /* Signal failure to parse.
512 * The line will be re-parsed as an error line, which will fail.
513 * However, this will correctly drop the state machine back into
519 /* Parse the data nibbles. */
520 for (i = 0; i < frame->len; i++) {
521 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
522 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
525 /* Feed the frame to the network layer. */
526 elm327_feed_frame_to_netdev(elm, skb);
531 static void elm327_parse_line(struct elmcan *elm, size_t len)
533 lockdep_assert_held(elm->lock);
535 /* Skip empty lines */
539 /* Skip echo lines */
540 if (elm->drop_next_line) {
541 elm->drop_next_line = 0;
543 } else if (!memcmp(elm->rxbuf, "AT", 2)) {
547 /* Regular parsing */
548 if (elm->state == ELM327_STATE_RECEIVING
549 && elm327_parse_frame(elm, len)) {
550 /* Parse an error line. */
551 elm327_parse_error(elm, len);
554 elm327_kick_into_cmd_mode(elm);
558 static void elm327_handle_prompt(struct elmcan *elm)
560 struct can_frame *frame = &elm->can_frame_to_send;
561 /* Size this buffer for the largest ELM327 line we may generate,
562 * which is currently an 8 byte CAN frame's payload hexdump.
563 * Items in elm327_init_script must fit here, too!
565 char local_txbuf[sizeof("0102030405060708\r")];
567 lockdep_assert_held(elm->lock);
569 if (!elm->cmds_todo) {
570 /* Enter CAN monitor mode */
571 elm327_send(elm, "ATMA\r", 5);
572 elm->state = ELM327_STATE_RECEIVING;
574 /* We will be in the default state once this command is
575 * send, so enable the TX packet queue.
577 netif_wake_queue(elm->dev);
582 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
583 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
584 snprintf(local_txbuf, sizeof(local_txbuf),
586 *elm->next_init_cmd);
588 elm->next_init_cmd++;
589 if (!(*elm->next_init_cmd)) {
590 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
594 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
595 snprintf(local_txbuf, sizeof(local_txbuf),
597 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
599 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
600 snprintf(local_txbuf, sizeof(local_txbuf),
602 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
604 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
605 snprintf(local_txbuf, sizeof(local_txbuf),
607 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
609 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
610 snprintf(local_txbuf, sizeof(local_txbuf),
614 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
615 snprintf(local_txbuf, sizeof(local_txbuf),
617 (frame->can_id & CAN_EFF_MASK) >> 24);
619 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
620 snprintf(local_txbuf, sizeof(local_txbuf),
622 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
624 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
625 snprintf(local_txbuf, sizeof(local_txbuf),
627 frame->can_id & CAN_SFF_MASK);
629 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
630 if (frame->can_id & CAN_RTR_FLAG) {
631 /* Send an RTR frame. Their DLC is fixed.
632 * Some chips don't send them at all.
634 snprintf(local_txbuf, sizeof(local_txbuf),
637 /* Send a regular CAN data frame */
640 for (i = 0; i < frame->len; i++) {
641 snprintf(&local_txbuf[2 * i], sizeof(local_txbuf),
646 snprintf(&local_txbuf[2 * i], sizeof(local_txbuf),
650 elm->drop_next_line = 1;
651 elm->state = ELM327_STATE_RECEIVING;
653 /* We will be in the default state once this command is
654 * send, so enable the TX packet queue.
656 netif_wake_queue(elm->dev);
659 elm327_send(elm, local_txbuf, strlen(local_txbuf));
662 static bool elm327_is_ready_char(char c)
664 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
665 * Probably bad hardware.
667 return (c & 0x3f) == ELM327_READY_CHAR;
670 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
672 lockdep_assert_held(elm->lock);
674 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
678 static void elm327_parse_rxbuf(struct elmcan *elm)
683 lockdep_assert_held(elm->lock);
685 switch (elm->state) {
686 case ELM327_STATE_NOTINIT:
690 case ELM327_STATE_GETDUMMYCHAR:
692 /* Wait for 'y' or '>' */
693 for (i = 0; i < elm->rxfill; i++) {
694 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
695 elm327_send(elm, "\r", 1);
696 elm->state = ELM327_STATE_GETPROMPT;
699 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
700 elm327_send(elm, ELM327_DUMMY_STRING, 1);
706 elm327_drop_bytes(elm, i);
711 case ELM327_STATE_GETPROMPT:
713 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
714 elm327_handle_prompt(elm);
719 case ELM327_STATE_RECEIVING:
720 /* Find <CR> delimiting feedback lines. */
722 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
727 if (len == ELM327_SIZE_RXBUF) {
728 /* Line exceeds buffer. It's probably all garbage.
729 * Did we even connect at the right baud rate?
732 "RX buffer overflow. Faulty ELM327 or UART?\n");
733 elm327_uart_side_failure(elm);
735 } else if (len == elm->rxfill) {
736 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
737 /* The ELM327's AT ST response timeout ran out,
738 * so we got a prompt.
739 * Clear RX buffer and restart listening.
743 elm327_handle_prompt(elm);
747 /* No <CR> found - we haven't received a full line yet.
748 * Wait for more data.
753 /* We have a full line to parse. */
754 elm327_parse_line(elm, len);
756 /* Remove parsed data from RX buffer. */
757 elm327_drop_bytes(elm, len + 1);
759 /* More data to parse? */
761 elm327_parse_rxbuf(elm);
765 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,10,0)
766 /* Dummy needed to use can_rx_offload */
767 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
768 unsigned int n, u32 *timestamp,
771 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
773 return ERR_PTR(-ENOBUFS);
777 static int elmcan_netdev_open(struct net_device *dev)
779 struct elmcan *elm = netdev_priv(dev);
782 spin_lock_bh(&elm->lock);
785 spin_unlock_bh(&elm->lock);
789 if (elm->uart_side_failure)
790 netdev_warn(elm->dev, "Reopening netdev after a UART side fault has been detected.\n");
792 /* Clear TTY buffers */
796 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
797 err = open_candev(dev);
799 spin_unlock_bh(&elm->lock);
804 spin_unlock_bh(&elm->lock);
806 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,10,0)
807 elm->offload.mailbox_read = elmcan_mailbox_read;
808 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
810 err = can_rx_offload_add_manual(dev, &elm->offload, ELM327_NAPI_WEIGHT);
817 can_rx_offload_enable(&elm->offload);
819 can_led_event(dev, CAN_LED_EVENT_OPEN);
820 elm->can.state = CAN_STATE_ERROR_ACTIVE;
821 netif_start_queue(dev);
826 static int elmcan_netdev_close(struct net_device *dev)
828 struct elmcan *elm = netdev_priv(dev);
830 /* Interrupt whatever the ELM327 is doing right now */
831 spin_lock_bh(&elm->lock);
832 elm327_send(elm, ELM327_DUMMY_STRING, 1);
833 spin_unlock_bh(&elm->lock);
835 netif_stop_queue(dev);
837 /* Give UART one final chance to flush. */
838 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
839 flush_work(&elm->tx_work);
841 can_rx_offload_disable(&elm->offload);
842 elm->can.state = CAN_STATE_STOPPED;
843 can_rx_offload_del(&elm->offload);
845 can_led_event(dev, CAN_LED_EVENT_STOP);
850 /* Send a can_frame to a TTY. */
851 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
852 struct net_device *dev)
854 struct elmcan *elm = netdev_priv(dev);
855 struct can_frame *frame = (struct can_frame *)skb->data;
857 if (can_dropped_invalid_skb(dev, skb))
860 /* BHs are already disabled, so no spin_lock_bh().
861 * See Documentation/networking/netdevices.txt
863 spin_lock(&elm->lock);
865 /* We shouldn't get here after a hardware fault:
866 * can_bus_off() calls netif_carrier_off()
868 WARN_ON_ONCE(elm->uart_side_failure);
871 elm->uart_side_failure ||
872 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
873 spin_unlock(&elm->lock);
877 netif_stop_queue(dev);
879 elm327_send_frame(elm, frame);
880 spin_unlock(&elm->lock);
882 dev->stats.tx_packets++;
883 dev->stats.tx_bytes += frame->len;
885 can_led_event(dev, CAN_LED_EVENT_TX);
892 static const struct net_device_ops elmcan_netdev_ops = {
893 .ndo_open = elmcan_netdev_open,
894 .ndo_stop = elmcan_netdev_close,
895 .ndo_start_xmit = elmcan_netdev_start_xmit,
896 .ndo_change_mtu = can_change_mtu,
899 static bool elmcan_is_valid_rx_char(char c)
901 return (isdigit(c) ||
903 c == ELM327_DUMMY_CHAR ||
904 c == ELM327_READY_CHAR ||
915 /* Handle incoming ELM327 ASCII data.
916 * This will not be re-entered while running, but other ldisc
917 * functions may be called in parallel.
919 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
920 static void elmcan_ldisc_rx(struct tty_struct *tty,
921 const unsigned char *cp, char *fp, int count)
923 static void elmcan_ldisc_rx(struct tty_struct *tty,
924 const unsigned char *cp, const char *fp, int count)
927 struct elmcan *elm = (struct elmcan *)tty->disc_data;
929 spin_lock_bh(&elm->lock);
931 if (elm->uart_side_failure)
934 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
936 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
938 elm327_uart_side_failure(elm);
943 /* Ignore NUL characters, which the PIC microcontroller may
944 * inadvertently insert due to a known hardware bug.
945 * See ELM327 documentation, which refers to a Microchip PIC
949 /* Check for stray characters on the UART line.
950 * Likely caused by bad hardware.
952 if (!elmcan_is_valid_rx_char(*cp)) {
954 "Received illegal character %02x.\n",
956 elm327_uart_side_failure(elm);
961 elm->rxbuf[elm->rxfill++] = *cp;
968 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
970 elm327_uart_side_failure(elm);
975 elm327_parse_rxbuf(elm);
978 spin_unlock_bh(&elm->lock);
981 /* Write out remaining transmit buffer.
982 * Scheduled when TTY is writable.
984 static void elmcan_ldisc_tx_worker(struct work_struct *work)
986 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
989 if (elm->uart_side_failure)
992 spin_lock_bh(&elm->lock);
995 written = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
998 "Failed to write to tty %s.\n",
1000 elm327_uart_side_failure(elm);
1001 spin_unlock_bh(&elm->lock);
1004 elm->txleft -= written;
1005 elm->txhead += written;
1010 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1011 spin_unlock_bh(&elm->lock);
1013 spin_unlock_bh(&elm->lock);
1017 /* Called by the driver when there's room for more data. */
1018 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1020 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1022 schedule_work(&elm->tx_work);
1025 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1026 * or 7/8 of that. Divisors are 1 to 64.
1027 * Currently we don't implement support for 7/8 rates.
1029 static const u32 elmcan_bitrate_const[64] = {
1030 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1031 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1032 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1033 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1034 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1035 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1036 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1037 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1040 /* Dummy needed to use bitrate_const */
1041 static int elmcan_do_set_bittiming(struct net_device *netdev)
1046 static int elmcan_ldisc_open(struct tty_struct *tty)
1048 struct net_device *dev;
1052 if (!capable(CAP_NET_ADMIN))
1055 if (!tty->ops->write)
1058 dev = alloc_candev(sizeof(struct elmcan), 0);
1061 elm = netdev_priv(dev);
1063 /* Configure TTY interface */
1064 tty->receive_room = 65536; /* We don't flow control */
1065 spin_lock_init(&elm->lock);
1066 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1068 /* Configure CAN metadata */
1069 elm->can.bitrate_const = elmcan_bitrate_const;
1070 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1071 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1072 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1074 /* Configure netdev interface */
1076 dev->netdev_ops = &elmcan_netdev_ops;
1078 /* Mark ldisc channel as alive */
1080 tty->disc_data = elm;
1082 devm_can_led_init(elm->dev);
1085 err = register_candev(elm->dev);
1089 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1094 free_candev(elm->dev);
1098 /* Close down an elmcan channel.
1099 * This means flushing out any pending queues, and then returning.
1100 * This call is serialized against other ldisc functions:
1101 * Once this is called, no other ldisc function of ours is entered.
1103 * We also use this function for a hangup event.
1105 static void elmcan_ldisc_close(struct tty_struct *tty)
1107 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1109 /* unregister_netdev() calls .ndo_stop() so we don't have to.
1110 * Our .ndo_stop() also flushes the TTY write wakeup handler,
1111 * so we can safely set elm->tty = NULL after this.
1113 unregister_candev(elm->dev);
1115 /* Mark channel as dead */
1116 spin_lock_bh(&elm->lock);
1117 tty->disc_data = NULL;
1119 spin_unlock_bh(&elm->lock);
1121 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1123 free_candev(elm->dev);
1126 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1127 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1130 unsigned int cmd, unsigned long arg)
1132 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1137 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1138 if (copy_to_user((void __user *)arg, elm->dev->name, tmp))
1146 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1147 return tty_mode_ioctl(tty, file, cmd, arg);
1149 return tty_mode_ioctl(tty, cmd, arg);
1154 static struct tty_ldisc_ops elmcan_ldisc = {
1155 .owner = THIS_MODULE,
1157 .num = N_DEVELOPMENT,
1158 .receive_buf = elmcan_ldisc_rx,
1159 .write_wakeup = elmcan_ldisc_tx_wakeup,
1160 .open = elmcan_ldisc_open,
1161 .close = elmcan_ldisc_close,
1162 .ioctl = elmcan_ldisc_ioctl,
1165 static int __init elmcan_init(void)
1169 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1170 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1172 status = tty_register_ldisc(&elmcan_ldisc);
1175 pr_err("Can't register line discipline\n");
1180 static void __exit elmcan_exit(void)
1182 /* This will only be called when all channels have been closed by
1183 * userspace - tty_ldisc.c takes care of the module's refcount.
1185 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1188 status = tty_unregister_ldisc(N_DEVELOPMENT);
1190 pr_err("Can't unregister line discipline (error: %d)\n",
1193 tty_unregister_ldisc(&elmcan_ldisc);
1197 module_init(elmcan_init);
1198 module_exit(elmcan_exit);
1200 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
1201 MODULE_DESCRIPTION("ELM327 based CAN interface");
1202 MODULE_LICENSE("GPL");
1203 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
projects / elmcan.git / blob