1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
9 #define pr_fmt(fmt) "[elmcan] " fmt
11 #include <linux/init.h>
12 #include <linux/module.h>
13 #include <linux/moduleparam.h>
15 #include <linux/atomic.h>
16 #include <linux/bitops.h>
17 #include <linux/ctype.h>
18 #include <linux/delay.h>
19 #include <linux/errno.h>
20 #include <linux/if_ether.h>
21 #include <linux/kernel.h>
22 #include <linux/list.h>
23 #include <linux/netdevice.h>
24 #include <linux/skbuff.h>
25 #include <linux/spinlock.h>
26 #include <linux/string.h>
27 #include <linux/tty.h>
28 #include <linux/tty_ldisc.h>
29 #include <linux/version.h>
30 #include <linux/workqueue.h>
32 #include <uapi/linux/tty.h>
34 #include <linux/can.h>
35 #include <linux/can/dev.h>
36 #include <linux/can/error.h>
37 #include <linux/can/led.h>
38 #include <linux/can/rx-offload.h>
40 MODULE_ALIAS_LDISC(N_ELMCAN);
41 MODULE_DESCRIPTION("ELM327 based CAN interface");
42 MODULE_LICENSE("GPL");
43 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
45 /* Line discipline ID number */
50 #define ELM327_NAPI_WEIGHT 4
52 #define ELM327_SIZE_RXBUF 256
53 #define ELM327_SIZE_TXBUF 32
55 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
56 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
57 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
58 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
60 #define ELM327_MAGIC_CHAR 'y'
61 #define ELM327_MAGIC_STRING "y"
62 #define ELM327_READY_CHAR '>'
64 /* Bits in elm->cmds_todo */
69 TODO_CANID_29BIT_HIGH,
70 TODO_CAN_CONFIG_PART2,
78 /* This must be the first member when using alloc_candev() */
81 struct can_rx_offload offload;
83 /* TTY and netdev devices that we're bridging */
84 struct tty_struct *tty;
85 struct net_device *dev;
87 /* Per-channel lock */
90 /* Keep track of how many things are using this struct.
91 * Once it reaches 0, we are in the process of cleaning up,
92 * and new operations will be cancelled immediately.
93 * Use atomic_t rather than refcount_t because we deliberately
94 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
99 /* Stop the channel on hardware failure.
100 * Once this is true, nothing will be sent to the TTY.
105 struct work_struct tx_work; /* Flushes TTY TX buffer */
106 unsigned char *txbuf;
107 unsigned char *txhead; /* Pointer to next TX byte */
108 int txleft; /* Bytes left to TX */
111 unsigned char rxbuf[ELM327_SIZE_RXBUF];
124 /* The CAN frame and config the ELM327 is sending/using,
125 * or will send/use after finishing all cmds_todo
127 struct can_frame can_frame;
128 unsigned short can_config;
129 unsigned long can_bitrate;
130 unsigned char can_bitrate_divisor;
131 int silent_monitoring;
133 /* Things we have yet to send */
134 char **next_init_cmd;
135 unsigned long cmds_todo;
138 /* A lock for all tty->disc_data handled by this ldisc.
139 * This is to prevent a case where tty->disc_data is set to NULL,
140 * yet someone is still trying to dereference it.
141 * Without this, we cannot do a clean shutdown.
143 static DEFINE_SPINLOCK(elmcan_discdata_lock);
145 static inline void elm327_hw_failure(struct elmcan *elm);
147 /* Assumes elm->lock taken. */
148 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
155 memcpy(elm->txbuf, buf, len);
157 /* Order of next two lines is *very* important.
158 * When we are sending a little amount of data,
159 * the transfer may be completed inside the ops->write()
160 * routine, because it's running with interrupts enabled.
161 * In this case we *never* got WRITE_WAKEUP event,
162 * if we did not request it before write operation.
163 * 14 Oct 1994 Dmitry Gorodchanin.
165 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
166 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
169 "Failed to write to tty %s.\n",
171 elm327_hw_failure(elm);
175 elm->txleft = len - actual;
176 elm->txhead = elm->txbuf + actual;
179 /* Take the ELM327 out of almost any state and back into command mode.
180 * We send ELM327_MAGIC_CHAR which will either abort any running
181 * operation, or be echoed back to us in case we're already in command
184 * Assumes elm->lock taken.
186 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
188 if (elm->state != ELM_GETMAGICCHAR && elm->state != ELM_GETPROMPT) {
189 elm327_send(elm, ELM327_MAGIC_STRING, 1);
191 elm->state = ELM_GETMAGICCHAR;
195 /* Schedule a CAN frame and necessary config changes to be sent to the TTY.
197 * Assumes elm->lock taken.
199 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
201 /* Schedule any necessary changes in ELM327's CAN configuration */
202 if (elm->can_frame.can_id != frame->can_id) {
203 /* Set the new CAN ID for transmission. */
204 if ((frame->can_id & CAN_EFF_FLAG)
205 ^ (elm->can_frame.can_id & CAN_EFF_FLAG)) {
206 elm->can_config = (frame->can_id & CAN_EFF_FLAG
208 : ELM327_CAN_CONFIG_SEND_SFF)
209 | ELM327_CAN_CONFIG_VARIABLE_DLC
210 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
211 | elm->can_bitrate_divisor;
213 set_bit(TODO_CAN_CONFIG, &elm->cmds_todo);
216 if (frame->can_id & CAN_EFF_FLAG) {
217 clear_bit(TODO_CANID_11BIT, &elm->cmds_todo);
218 set_bit(TODO_CANID_29BIT_LOW, &elm->cmds_todo);
219 set_bit(TODO_CANID_29BIT_HIGH, &elm->cmds_todo);
221 set_bit(TODO_CANID_11BIT, &elm->cmds_todo);
222 clear_bit(TODO_CANID_29BIT_LOW, &elm->cmds_todo);
223 clear_bit(TODO_CANID_29BIT_HIGH, &elm->cmds_todo);
227 /* Schedule the CAN frame itself. */
228 elm->can_frame = *frame;
229 set_bit(TODO_CAN_DATA, &elm->cmds_todo);
231 elm327_kick_into_cmd_mode(elm);
234 /* ELM327 initialization sequence.
236 * Assumes elm->lock taken.
238 static char *elm327_init_script[] = {
239 "AT WS\r", /* v1.0: Warm Start */
240 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
241 "AT M0\r", /* v1.0: Memory Off */
242 "AT AL\r", /* v1.0: Allow Long messages */
243 "AT BI\r", /* v1.0: Bypass Initialization */
244 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
245 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
246 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
247 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
248 "AT E1\r", /* v1.0: Echo On */
249 "AT H1\r", /* v1.0: Headers On */
250 "AT L0\r", /* v1.0: Linefeeds Off */
251 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
252 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
253 "AT AT0\r", /* v1.2: Adaptive Timing Off */
254 "AT D1\r", /* v1.3: Print DLC On */
255 "AT S1\r", /* v1.3: Spaces On */
256 "AT TP B\r", /* v1.0: Try Protocol B */
260 static void elm327_init(struct elmcan *elm)
262 elm->state = ELM_NOTINIT;
263 elm->can_frame.can_id = 0x7df;
265 elm->drop_next_line = 0;
267 /* We can only set the bitrate as a fraction of 500000.
268 * The bit timing constants in elmcan_bittiming_const will
269 * limit the user to the right values.
271 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
272 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
273 | ELM327_CAN_CONFIG_VARIABLE_DLC
274 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
275 | elm->can_bitrate_divisor;
277 /* Configure ELM327 and then start monitoring */
278 elm->next_init_cmd = &elm327_init_script[0];
279 set_bit(TODO_INIT, &elm->cmds_todo);
280 set_bit(TODO_SILENT_MONITOR, &elm->cmds_todo);
281 set_bit(TODO_RESPONSES, &elm->cmds_todo);
282 set_bit(TODO_CAN_CONFIG, &elm->cmds_todo);
284 elm327_kick_into_cmd_mode(elm);
287 /* Assumes elm->lock taken. */
288 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
289 const struct can_frame *frame)
291 struct can_frame *cf;
294 if (!netif_running(elm->dev))
297 skb = alloc_can_skb(elm->dev, &cf);
302 memcpy(cf, frame, sizeof(struct can_frame));
304 /* Queue for NAPI pickup.
305 * rx-offload will update stats and LEDs for us.
307 if (can_rx_offload_queue_tail(&elm->offload, skb))
308 elm->dev->stats.rx_fifo_errors++;
310 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
312 can_rx_offload_irq_finish(&elm->offload);
316 /* Called when we're out of ideas and just want it all to end.
317 * Assumes elm->lock taken.
319 static inline void elm327_hw_failure(struct elmcan *elm)
321 struct can_frame frame;
323 memset(&frame, 0, sizeof(frame));
324 frame.can_id = CAN_ERR_FLAG;
325 frame.can_dlc = CAN_ERR_DLC;
329 elm327_feed_frame_to_netdev(elm, &frame);
331 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
333 elm->hw_failure = true;
334 can_bus_off(elm->dev);
337 /* Compare a buffer to a fixed string */
338 static int _memstrcmp(const u8 *mem, const char *str)
340 return memcmp(mem, str, strlen(str));
343 /* Assumes elm->lock taken. */
344 static void elm327_parse_error(struct elmcan *elm, int len)
346 struct can_frame frame;
348 memset(&frame, 0, sizeof(frame));
349 frame.can_id = CAN_ERR_FLAG;
350 frame.can_dlc = CAN_ERR_DLC;
352 /* Filter possible error messages based on length of RX'd line */
355 if (!_memstrcmp(elm->rxbuf, "UNABLE TO CONNECT")) {
357 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
361 if (!_memstrcmp(elm->rxbuf, "BUFFER FULL")) {
362 /* This case will only happen if the last data
364 * Otherwise, elm327_parse_frame() will heuristically
365 * emit this error frame instead.
367 frame.can_id |= CAN_ERR_CRTL;
368 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
372 if (!_memstrcmp(elm->rxbuf, "BUS ERROR"))
373 frame.can_id |= CAN_ERR_BUSERROR;
374 if (!_memstrcmp(elm->rxbuf, "CAN ERROR"))
375 frame.can_id |= CAN_ERR_PROT;
376 if (!_memstrcmp(elm->rxbuf, "<RX ERROR"))
377 frame.can_id |= CAN_ERR_PROT;
380 if (!_memstrcmp(elm->rxbuf, "BUS BUSY")) {
381 frame.can_id |= CAN_ERR_PROT;
382 frame.data[2] = CAN_ERR_PROT_OVERLOAD;
384 if (!_memstrcmp(elm->rxbuf, "FB ERROR")) {
385 frame.can_id |= CAN_ERR_PROT;
386 frame.data[2] = CAN_ERR_PROT_TX;
389 case 5: /* ERR is followed by two digits, hence line length 5 */
390 if (!_memstrcmp(elm->rxbuf, "ERR")) {
391 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
392 elm->rxbuf[3], elm->rxbuf[4]);
393 frame.can_id |= CAN_ERR_CRTL;
397 /* Something else has happened.
398 * Maybe garbage on the UART line.
399 * Emit a generic error frame.
404 elm327_feed_frame_to_netdev(elm, &frame);
407 /* Parse CAN frames coming as ASCII from ELM327.
408 * They can be of various formats:
410 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
411 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
413 * where D = DLC, PL = payload byte
415 * Instead of a payload, RTR indicates a remote request.
417 * We will use the spaces and line length to guess the format.
419 * Assumes elm->lock taken.
421 static int elm327_parse_frame(struct elmcan *elm, int len)
423 struct can_frame frame;
428 memset(&frame, 0, sizeof(frame));
430 /* Find first non-hex and non-space character:
431 * - In the simplest case, there is none.
432 * - For RTR frames, 'R' is the first non-hex character.
433 * - An error message may replace the end of the data line.
435 for (hexlen = 0; hexlen <= len; hexlen++) {
436 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
437 elm->rxbuf[hexlen] != ' ') {
442 /* Sanity check whether the line is really a clean hexdump,
443 * or terminated by an error message, or contains garbage.
446 !isdigit(elm->rxbuf[hexlen]) &&
447 !isupper(elm->rxbuf[hexlen]) &&
448 '<' != elm->rxbuf[hexlen] &&
449 ' ' != elm->rxbuf[hexlen]) {
450 /* The line is likely garbled anyway, so bail.
451 * The main code will restart listening.
456 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
457 * No out-of-bounds access:
458 * We use the fact that we can always read from elm->rxbuf.
460 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
461 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
462 elm->rxbuf[13] == ' ') {
463 frame.can_id = CAN_EFF_FLAG;
465 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
469 /* This is not a well-formatted data line.
470 * Assume it's an error message.
475 if (hexlen < datastart) {
476 /* The line is too short to be a valid frame hex dump.
477 * Something interrupted the hex dump or it is invalid.
482 /* From here on all chars up to buf[hexlen] are hex or spaces,
483 * at well-defined offsets.
486 /* Read CAN data length */
487 frame.can_dlc = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
490 if (frame.can_id & CAN_EFF_FLAG) {
491 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
492 | (hex_to_bin(elm->rxbuf[1]) << 24)
493 | (hex_to_bin(elm->rxbuf[3]) << 20)
494 | (hex_to_bin(elm->rxbuf[4]) << 16)
495 | (hex_to_bin(elm->rxbuf[6]) << 12)
496 | (hex_to_bin(elm->rxbuf[7]) << 8)
497 | (hex_to_bin(elm->rxbuf[9]) << 4)
498 | (hex_to_bin(elm->rxbuf[10]) << 0);
500 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
501 | (hex_to_bin(elm->rxbuf[1]) << 4)
502 | (hex_to_bin(elm->rxbuf[2]) << 0);
505 /* Check for RTR frame */
506 if (elm->rxfill >= hexlen + 3 &&
507 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
508 frame.can_id |= CAN_RTR_FLAG;
511 /* Is the line long enough to hold the advertised payload?
512 * Note: RTR frames have a DLC, but no actual payload.
514 if (!(frame.can_id & CAN_RTR_FLAG) &&
515 (hexlen < frame.can_dlc * 3 + datastart)) {
516 /* Incomplete frame. */
518 /* Probably the ELM327's RS232 TX buffer was full.
519 * Emit an error frame and exit.
521 frame.can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
522 frame.can_dlc = CAN_ERR_DLC;
523 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
524 elm327_feed_frame_to_netdev(elm, &frame);
526 /* Signal failure to parse.
527 * The line will be re-parsed as an error line, which will fail.
528 * However, this will correctly drop the state machine back into
534 /* Parse the data nibbles. */
535 for (i = 0; i < frame.can_dlc; i++) {
536 frame.data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
537 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
540 /* Feed the frame to the network layer. */
541 elm327_feed_frame_to_netdev(elm, &frame);
546 /* Assumes elm->lock taken. */
547 static void elm327_parse_line(struct elmcan *elm, int len)
549 /* Skip empty lines */
553 /* Skip echo lines */
554 if (elm->drop_next_line) {
555 elm->drop_next_line = 0;
557 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
561 /* Regular parsing */
562 switch (elm->state) {
564 if (elm327_parse_frame(elm, len)) {
565 /* Parse an error line. */
566 elm327_parse_error(elm, len);
569 elm327_kick_into_cmd_mode(elm);
577 /* Assumes elm->lock taken. */
578 static void elm327_handle_prompt(struct elmcan *elm)
580 struct can_frame *frame = &elm->can_frame;
581 char local_txbuf[20];
583 if (!elm->cmds_todo) {
584 /* Enter CAN monitor mode */
585 elm327_send(elm, "ATMA\r", 5);
586 elm->state = ELM_RECEIVING;
591 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
592 if (test_bit(TODO_INIT, &elm->cmds_todo)) {
593 strcpy(local_txbuf, *elm->next_init_cmd);
595 elm->next_init_cmd++;
596 if (!(*elm->next_init_cmd)) {
597 clear_bit(TODO_INIT, &elm->cmds_todo);
598 netdev_info(elm->dev, "Initialization finished.\n");
601 } else if (test_and_clear_bit(TODO_SILENT_MONITOR, &elm->cmds_todo)) {
602 sprintf(local_txbuf, "ATCSM%i\r",
603 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
605 } else if (test_and_clear_bit(TODO_RESPONSES, &elm->cmds_todo)) {
606 sprintf(local_txbuf, "ATR%i\r",
607 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
609 } else if (test_and_clear_bit(TODO_CAN_CONFIG, &elm->cmds_todo)) {
610 sprintf(local_txbuf, "ATPC\r");
611 set_bit(TODO_CAN_CONFIG_PART2, &elm->cmds_todo);
613 } else if (test_and_clear_bit(TODO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
614 sprintf(local_txbuf, "ATPB%04X\r",
617 } else if (test_and_clear_bit(TODO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
618 sprintf(local_txbuf, "ATCP%02X\r",
619 (frame->can_id & CAN_EFF_MASK) >> 24);
621 } else if (test_and_clear_bit(TODO_CANID_29BIT_LOW, &elm->cmds_todo)) {
622 sprintf(local_txbuf, "ATSH%06X\r",
623 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
625 } else if (test_and_clear_bit(TODO_CANID_11BIT, &elm->cmds_todo)) {
626 sprintf(local_txbuf, "ATSH%03X\r",
627 frame->can_id & CAN_SFF_MASK);
629 } else if (test_and_clear_bit(TODO_CAN_DATA, &elm->cmds_todo)) {
630 if (frame->can_id & CAN_RTR_FLAG) {
631 /* Send an RTR frame. Their DLC is fixed.
632 * Some chips don't send them at all.
634 sprintf(local_txbuf, "ATRTR\r");
636 /* Send a regular CAN data frame */
639 for (i = 0; i < frame->can_dlc; i++) {
640 sprintf(&local_txbuf[2 * i], "%02X",
644 sprintf(&local_txbuf[2 * i], "\r");
647 elm->drop_next_line = 1;
648 elm->state = ELM_RECEIVING;
651 elm327_send(elm, local_txbuf, strlen(local_txbuf));
654 static bool elm327_is_ready_char(char c)
656 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
657 * Probably bad hardware.
659 return (c & 0x3f) == ELM327_READY_CHAR;
662 /* Assumes elm->lock taken. */
663 static void elm327_drop_bytes(struct elmcan *elm, int i)
665 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
669 /* Assumes elm->lock taken. */
670 static void elm327_parse_rxbuf(struct elmcan *elm)
674 switch (elm->state) {
679 case ELM_GETMAGICCHAR:
681 /* Wait for 'y' or '>' */
684 for (i = 0; i < elm->rxfill; i++) {
685 if (elm->rxbuf[i] == ELM327_MAGIC_CHAR) {
686 elm327_send(elm, "\r", 1);
687 elm->state = ELM_GETPROMPT;
690 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
691 elm327_send(elm, ELM327_MAGIC_STRING, 1);
697 elm327_drop_bytes(elm, i);
704 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
705 elm327_handle_prompt(elm);
711 /* Find <CR> delimiting feedback lines. */
713 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
718 if (len == ELM327_SIZE_RXBUF) {
719 /* Line exceeds buffer. It's probably all garbage.
720 * Did we even connect at the right baud rate?
723 "RX buffer overflow. Faulty ELM327 or UART?\n");
724 elm327_hw_failure(elm);
726 } else if (len == elm->rxfill) {
727 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
728 /* The ELM327's AT ST response timeout ran out,
729 * so we got a prompt.
730 * Clear RX buffer and restart listening.
734 elm327_handle_prompt(elm);
738 /* No <CR> found - we haven't received a full line yet.
739 * Wait for more data.
744 /* We have a full line to parse. */
745 elm327_parse_line(elm, len);
747 /* Remove parsed data from RX buffer. */
748 elm327_drop_bytes(elm, len + 1);
750 /* More data to parse? */
752 elm327_parse_rxbuf(elm);
756 /* Dummy needed to use can_rx_offload */
757 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
758 unsigned int n, u32 *timestamp,
761 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
763 return ERR_PTR(-ENOBUFS);
766 static int elmcan_netdev_open(struct net_device *dev)
768 struct elmcan *elm = netdev_priv(dev);
771 spin_lock_bh(&elm->lock);
772 if (elm->hw_failure) {
773 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
774 spin_unlock_bh(&elm->lock);
779 spin_unlock_bh(&elm->lock);
783 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
784 err = open_candev(dev);
786 spin_unlock_bh(&elm->lock);
791 spin_unlock_bh(&elm->lock);
793 elm->offload.mailbox_read = elmcan_mailbox_read;
794 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
800 can_rx_offload_enable(&elm->offload);
802 can_led_event(dev, CAN_LED_EVENT_OPEN);
803 elm->can.state = CAN_STATE_ERROR_ACTIVE;
804 netif_start_queue(dev);
809 static int elmcan_netdev_close(struct net_device *dev)
811 struct elmcan *elm = netdev_priv(dev);
813 netif_stop_queue(dev);
815 spin_lock_bh(&elm->lock);
817 /* Interrupt whatever we're doing right now */
818 elm327_send(elm, ELM327_MAGIC_STRING, 1);
820 /* Clear the wakeup bit, as the netdev will be down and thus
821 * the wakeup handler won't clear it
823 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
825 spin_unlock_bh(&elm->lock);
827 flush_work(&elm->tx_work);
829 spin_unlock_bh(&elm->lock);
832 can_rx_offload_disable(&elm->offload);
833 elm->can.state = CAN_STATE_STOPPED;
834 can_rx_offload_del(&elm->offload);
836 can_led_event(dev, CAN_LED_EVENT_STOP);
841 /* Send a can_frame to a TTY. */
842 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
843 struct net_device *dev)
845 struct elmcan *elm = netdev_priv(dev);
846 struct can_frame *frame = (struct can_frame *)skb->data;
848 if (skb->len != sizeof(struct can_frame))
851 if (!netif_running(dev)) {
852 netdev_warn(elm->dev, "xmit: iface is down.\n");
856 /* BHs are already disabled, so no spin_lock_bh().
857 * See Documentation/networking/netdevices.txt
859 spin_lock(&elm->lock);
861 /* We shouldn't get here after a hardware fault:
862 * can_bus_off() calls netif_carrier_off()
864 WARN_ON_ONCE(elm->hw_failure);
868 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
869 spin_unlock(&elm->lock);
873 netif_stop_queue(dev);
875 elm327_send_frame(elm, frame);
876 spin_unlock(&elm->lock);
878 dev->stats.tx_packets++;
879 dev->stats.tx_bytes += frame->can_dlc;
881 can_led_event(dev, CAN_LED_EVENT_TX);
888 static const struct net_device_ops elmcan_netdev_ops = {
889 .ndo_open = elmcan_netdev_open,
890 .ndo_stop = elmcan_netdev_close,
891 .ndo_start_xmit = elmcan_netdev_start_xmit,
892 .ndo_change_mtu = can_change_mtu,
895 /* Get a reference to our struct, taking into account locks/refcounts.
896 * This is to ensure ordering in case we are shutting down, and to ensure
897 * there is a refcount at all (otherwise tty->disc_data may be freed and
898 * before we increment the refcount).
899 * Use this for anything that can race against elmcan_ldisc_close().
901 static struct elmcan *get_elm(struct tty_struct *tty)
906 spin_lock_bh(&elmcan_discdata_lock);
907 elm = (struct elmcan *)tty->disc_data;
910 spin_unlock_bh(&elmcan_discdata_lock);
914 got_ref = atomic_inc_not_zero(&elm->refcount);
915 spin_unlock_bh(&elmcan_discdata_lock);
923 static void put_elm(struct elmcan *elm)
925 atomic_dec(&elm->refcount);
928 static bool elmcan_is_valid_rx_char(char c)
930 return (isdigit(c) ||
932 c == ELM327_MAGIC_CHAR ||
933 c == ELM327_READY_CHAR ||
944 /* Handle incoming ELM327 ASCII data.
945 * This will not be re-entered while running, but other ldisc
946 * functions may be called in parallel.
948 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
949 static void elmcan_ldisc_rx(struct tty_struct *tty,
950 const unsigned char *cp, char *fp, int count)
952 static void elmcan_ldisc_rx(struct tty_struct *tty,
953 const unsigned char *cp, const char *fp, int count)
956 struct elmcan *elm = get_elm(tty);
961 spin_lock_bh(&elm->lock);
966 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
968 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
970 elm327_hw_failure(elm);
975 /* Ignore NUL characters, which the PIC microcontroller may
976 * inadvertently insert due to a known hardware bug.
977 * See ELM327 documentation, which refers to a Microchip PIC
981 /* Check for stray characters on the UART line.
982 * Likely caused by bad hardware.
984 if (!elmcan_is_valid_rx_char(*cp)) {
986 "Received illegal character %02x.\n",
988 elm327_hw_failure(elm);
993 elm->rxbuf[elm->rxfill++] = *cp;
1000 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
1002 elm327_hw_failure(elm);
1007 elm327_parse_rxbuf(elm);
1010 spin_unlock_bh(&elm->lock);
1014 /* Write out remaining transmit buffer.
1015 * Scheduled when TTY is writable.
1017 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1019 /* No need to use get_elm() here, as we'll always flush workers
1020 * before destroying the elmcan object.
1022 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1025 spin_lock_bh(&elm->lock);
1026 if (elm->hw_failure) {
1027 spin_unlock_bh(&elm->lock);
1031 if (!elm->tty || !netif_running(elm->dev)) {
1032 spin_unlock_bh(&elm->lock);
1036 if (elm->txleft <= 0) {
1037 /* Our TTY write buffer is empty:
1038 * Allow netdev to hand us another packet
1040 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1041 spin_unlock_bh(&elm->lock);
1042 netif_wake_queue(elm->dev);
1046 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1048 netdev_err(elm->dev,
1049 "Failed to write to tty %s.\n",
1051 elm327_hw_failure(elm);
1052 spin_unlock_bh(&elm->lock);
1056 elm->txleft -= actual;
1057 elm->txhead += actual;
1058 spin_unlock_bh(&elm->lock);
1061 /* Called by the driver when there's room for more data. */
1062 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1064 struct elmcan *elm = get_elm(tty);
1069 schedule_work(&elm->tx_work);
1074 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1075 * or 7/8 of that. Divisors are 1 to 64.
1076 * Currently we don't implement support for 7/8 rates.
1078 static const u32 elmcan_bitrate_const[64] = {
1079 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1080 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1081 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1082 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1083 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1084 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1085 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1086 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1089 /* Dummy needed to use bitrate_const */
1090 static int elmcan_do_set_bittiming(struct net_device *netdev)
1095 static int elmcan_ldisc_open(struct tty_struct *tty)
1097 struct net_device *dev;
1101 if (!capable(CAP_NET_ADMIN))
1104 if (!tty->ops->write)
1107 dev = alloc_candev(sizeof(struct elmcan), 0);
1110 elm = netdev_priv(dev);
1112 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1118 /* Configure TTY interface */
1119 tty->receive_room = 65536; /* We don't flow control */
1120 elm->txleft = 0; /* Clear TTY TX buffer */
1121 spin_lock_init(&elm->lock);
1122 atomic_set(&elm->refcount, 1);
1123 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1125 /* Configure CAN metadata */
1126 elm->can.state = CAN_STATE_STOPPED;
1127 elm->can.bitrate_const = elmcan_bitrate_const;
1128 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1129 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1130 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1132 /* Configure netdev interface */
1134 dev->netdev_ops = &elmcan_netdev_ops;
1136 /* Mark ldisc channel as alive */
1138 tty->disc_data = elm;
1140 devm_can_led_init(elm->dev);
1143 err = register_candev(elm->dev);
1147 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1153 free_candev(elm->dev);
1157 /* Close down an elmcan channel.
1158 * This means flushing out any pending queues, and then returning.
1159 * This call is serialized against other ldisc functions:
1160 * Once this is called, no other ldisc function of ours is entered.
1162 * We also use this function for a hangup event.
1164 static void elmcan_ldisc_close(struct tty_struct *tty)
1166 struct elmcan *elm = get_elm(tty);
1171 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1172 unregister_candev(elm->dev);
1174 /* Decrease the refcount twice, once for our own get_elm(),
1175 * and once to remove the count of 1 that we set in _open().
1176 * Once it reaches 0, we can safely destroy it.
1181 while (atomic_read(&elm->refcount) > 0)
1182 msleep_interruptible(10);
1184 /* At this point, all ldisc calls to us have become no-ops. */
1186 flush_work(&elm->tx_work);
1188 /* Mark channel as dead */
1189 spin_lock_bh(&elm->lock);
1190 tty->disc_data = NULL;
1192 spin_unlock_bh(&elm->lock);
1194 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1197 free_candev(elm->dev);
1200 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1201 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1203 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1206 elmcan_ldisc_close(tty);
1207 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1212 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1213 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1216 unsigned int cmd, unsigned long arg)
1218 struct elmcan *elm = get_elm(tty);
1226 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1227 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1241 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1242 return tty_mode_ioctl(tty, file, cmd, arg);
1244 return tty_mode_ioctl(tty, cmd, arg);
1249 static struct tty_ldisc_ops elmcan_ldisc = {
1250 .owner = THIS_MODULE,
1253 .receive_buf = elmcan_ldisc_rx,
1254 .write_wakeup = elmcan_ldisc_tx_wakeup,
1255 .open = elmcan_ldisc_open,
1256 .close = elmcan_ldisc_close,
1257 .hangup = elmcan_ldisc_hangup,
1258 .ioctl = elmcan_ldisc_ioctl,
1261 static int __init elmcan_init(void)
1265 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1266 status = tty_register_ldisc(N_ELMCAN, &elmcan_ldisc);
1268 status = tty_register_ldisc(&elmcan_ldisc);
1271 pr_err("Can't register line discipline\n");
1276 static void __exit elmcan_exit(void)
1278 /* This will only be called when all channels have been closed by
1279 * userspace - tty_ldisc.c takes care of the module's refcount.
1281 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1284 status = tty_unregister_ldisc(N_ELMCAN);
1286 pr_err("Can't unregister line discipline (error: %d)\n",
1289 tty_unregister_ldisc(&elmcan_ldisc);
1293 module_init(elmcan_init);
1294 module_exit(elmcan_exit);
projects / elmcan.git / blob