1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration.
7 * elmcan.c Author : Max Staudt <max-linux@enpas.org>
8 * slcan.c Author : Oliver Hartkopp <socketcan@hartkopp.net>
9 * slip.c Authors : Laurence Culhane <loz@holmes.demon.co.uk>
10 * Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>
13 #define pr_fmt(fmt) "elmcan: " fmt
15 #include <linux/init.h>
16 #include <linux/module.h>
17 #include <linux/moduleparam.h>
19 #include <linux/atomic.h>
20 #include <linux/bitops.h>
21 #include <linux/ctype.h>
22 #include <linux/delay.h>
23 #include <linux/errno.h>
24 #include <linux/if_ether.h>
25 #include <linux/kernel.h>
26 #include <linux/list.h>
27 #include <linux/lockdep.h>
28 #include <linux/netdevice.h>
29 #include <linux/skbuff.h>
30 #include <linux/spinlock.h>
31 #include <linux/string.h>
32 #include <linux/tty.h>
33 #include <linux/tty_ldisc.h>
34 #include <linux/version.h>
35 #include <linux/workqueue.h>
37 #include <uapi/linux/tty.h>
39 #include <linux/can.h>
40 #include <linux/can/dev.h>
41 #include <linux/can/error.h>
42 #include <linux/can/led.h>
43 #include <linux/can/rx-offload.h>
45 /* Line discipline ID number.
46 * Starting with Linux v5.18-rc1, N_DEVELOPMENT is defined as 29:
47 * https://github.com/torvalds/linux/commit/c2faf737abfb10f88f2d2612d573e9edc3c42c37
50 #define N_DEVELOPMENT 29
53 /* Compatibility for Linux < 5.11 */
54 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,11,0)
58 #define ELM327_NAPI_WEIGHT 4
60 #define ELM327_SIZE_RXBUF 224
61 #define ELM327_SIZE_TXBUF 32
63 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
64 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
65 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
66 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
68 #define ELM327_DUMMY_CHAR 'y'
69 #define ELM327_DUMMY_STRING "y"
70 #define ELM327_READY_CHAR '>'
72 /* Bits in elm->cmds_todo */
73 enum elm327_to_to_do_bits {
74 ELM327_TX_DO_CAN_DATA = 0,
75 ELM327_TX_DO_CANID_11BIT,
76 ELM327_TX_DO_CANID_29BIT_LOW,
77 ELM327_TX_DO_CANID_29BIT_HIGH,
78 ELM327_TX_DO_CAN_CONFIG_PART2,
79 ELM327_TX_DO_CAN_CONFIG,
80 ELM327_TX_DO_RESPONSES,
81 ELM327_TX_DO_SILENT_MONITOR,
86 /* This must be the first member when using alloc_candev() */
89 struct can_rx_offload offload;
92 u8 rxbuf[ELM327_SIZE_RXBUF];
93 u8 txbuf[ELM327_SIZE_TXBUF] ____cacheline_aligned;
95 /* TTY buffer accounting */
96 struct work_struct tx_work; /* Flushes TTY TX buffer */
97 u8 *txhead; /* Next TX byte */
98 unsigned txleft; /* Bytes left to TX */
99 int rxfill; /* Bytes already RX'd in buffer */
101 /* TTY and netdev devices that we're bridging */
102 struct tty_struct *tty;
103 struct net_device *dev;
105 /* Per-channel lock */
110 ELM327_STATE_NOTINIT = 0,
111 ELM327_STATE_GETDUMMYCHAR,
112 ELM327_STATE_GETPROMPT,
113 ELM327_STATE_RECEIVING,
116 /* Things we have yet to send */
117 char **next_init_cmd;
118 unsigned long cmds_todo;
120 /* The CAN frame and config the ELM327 is sending/using,
121 * or will send/use after finishing all cmds_todo
123 struct can_frame can_frame_to_send;
125 u8 can_bitrate_divisor;
130 /* Stop the channel on UART side hardware failure, e.g. stray
131 * characters or neverending lines. This may be caused by bad
132 * UART wiring, a bad ELM327, a bad UART bridge...
133 * Once this is true, nothing will be sent to the TTY.
135 bool uart_side_failure;
138 static inline void elm327_uart_side_failure(struct elmcan *elm);
140 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
144 lockdep_assert_held(elm->lock);
146 if (elm->uart_side_failure)
149 memcpy(elm->txbuf, buf, len);
151 written = elm->tty->ops->write(elm->tty, elm->txbuf, len);
154 "Failed to write to tty %s.\n",
156 elm327_uart_side_failure(elm);
160 elm->txleft = len - written;
161 elm->txhead = elm->txbuf + written;
164 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
167 /* Take the ELM327 out of almost any state and back into command mode.
168 * We send ELM327_DUMMY_CHAR which will either abort any running
169 * operation, or be echoed back to us in case we're already in command
172 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
174 lockdep_assert_held(elm->lock);
176 if (elm->state != ELM327_STATE_GETDUMMYCHAR &&
177 elm->state != ELM327_STATE_GETPROMPT) {
178 elm327_send(elm, ELM327_DUMMY_STRING, 1);
180 elm->state = ELM327_STATE_GETDUMMYCHAR;
184 /* Schedule a CAN frame and necessary config changes to be sent to the TTY. */
185 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
187 lockdep_assert_held(elm->lock);
189 /* Schedule any necessary changes in ELM327's CAN configuration */
190 if (elm->can_frame_to_send.can_id != frame->can_id) {
191 /* Set the new CAN ID for transmission. */
192 if ((frame->can_id & CAN_EFF_FLAG) ^
193 (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
194 elm->can_config = (frame->can_id & CAN_EFF_FLAG
196 : ELM327_CAN_CONFIG_SEND_SFF)
197 | ELM327_CAN_CONFIG_VARIABLE_DLC
198 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
199 | elm->can_bitrate_divisor;
201 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
204 if (frame->can_id & CAN_EFF_FLAG) {
205 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
206 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
207 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
209 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
210 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
211 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
215 /* Schedule the CAN frame itself. */
216 elm->can_frame_to_send = *frame;
217 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
219 elm327_kick_into_cmd_mode(elm);
222 /* ELM327 initialisation sequence.
223 * The line length is limited by the buffer in elm327_handle_prompt().
225 static char *elm327_init_script[] = {
226 "AT WS\r", /* v1.0: Warm Start */
227 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
228 "AT M0\r", /* v1.0: Memory Off */
229 "AT AL\r", /* v1.0: Allow Long messages */
230 "AT BI\r", /* v1.0: Bypass Initialisation */
231 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
232 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
233 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
234 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
235 "AT E1\r", /* v1.0: Echo On */
236 "AT H1\r", /* v1.0: Headers On */
237 "AT L0\r", /* v1.0: Linefeeds Off */
238 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
239 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
240 "AT AT0\r", /* v1.2: Adaptive Timing Off */
241 "AT D1\r", /* v1.3: Print DLC On */
242 "AT S1\r", /* v1.3: Spaces On */
243 "AT TP B\r", /* v1.0: Try Protocol B */
247 static void elm327_init(struct elmcan *elm)
249 lockdep_assert_held(elm->lock);
251 elm->state = ELM327_STATE_NOTINIT;
252 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
254 elm->drop_next_line = 0;
256 /* We can only set the bitrate as a fraction of 500000.
257 * The bit timing constants in elmcan_bittiming_const will
258 * limit the user to the right values.
260 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
261 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
262 | ELM327_CAN_CONFIG_VARIABLE_DLC
263 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
264 | elm->can_bitrate_divisor;
266 /* Configure ELM327 and then start monitoring */
267 elm->next_init_cmd = &elm327_init_script[0];
268 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
269 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
270 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
271 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
273 elm327_kick_into_cmd_mode(elm);
276 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
279 lockdep_assert_held(elm->lock);
281 if (!netif_running(elm->dev))
284 /* Queue for NAPI pickup.
285 * rx-offload will update stats and LEDs for us.
287 if (can_rx_offload_queue_tail(&elm->offload, skb))
288 elm->dev->stats.rx_fifo_errors++;
290 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
292 can_rx_offload_irq_finish(&elm->offload);
296 /* Called when we're out of ideas and just want it all to end. */
297 static inline void elm327_uart_side_failure(struct elmcan *elm)
299 struct can_frame *frame;
302 lockdep_assert_held(elm->lock);
304 elm->uart_side_failure = true;
306 elm->can.can_stats.bus_off++;
307 netif_stop_queue(elm->dev);
308 elm->can.state = CAN_STATE_BUS_OFF;
309 can_bus_off(elm->dev);
311 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
313 skb = alloc_can_err_skb(elm->dev, &frame);
317 frame->can_id |= CAN_ERR_BUSOFF;
318 elm327_feed_frame_to_netdev(elm, skb);
321 /* Compare buffer to string length, then compare buffer to fixed string.
322 * This ensures two things:
323 * - It flags cases where the fixed string is only the start of the
324 * buffer, rather than exactly all of it.
325 * - It avoids byte comparisons in case the length doesn't match.
327 * strncmp() cannot be used here because it accepts the following wrong case:
328 * strncmp("CAN ER", "CAN ERROR", 6);
329 * This must fail, hence this helper function.
331 static inline int check_len_then_cmp(const u8 *mem, size_t mem_len, const char *str)
333 size_t str_len = strlen(str);
335 return (mem_len == str_len) && !memcmp(mem, str, str_len);
338 static void elm327_parse_error(struct elmcan *elm, size_t len)
340 struct can_frame *frame;
343 lockdep_assert_held(elm->lock);
345 skb = alloc_can_err_skb(elm->dev, &frame);
347 /* It's okay to return here:
348 * The outer parsing loop will drop this UART buffer.
352 /* Filter possible error messages based on length of RX'd line */
353 if (check_len_then_cmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
355 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
356 } else if (check_len_then_cmp(elm->rxbuf, len, "BUFFER FULL")) {
357 /* This will only happen if the last data line was complete.
358 * Otherwise, elm327_parse_frame() will heuristically
359 * emit this kind of error frame instead.
361 frame->can_id |= CAN_ERR_CRTL;
362 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
363 } else if (check_len_then_cmp(elm->rxbuf, len, "BUS ERROR")) {
364 frame->can_id |= CAN_ERR_BUSERROR;
365 } else if (check_len_then_cmp(elm->rxbuf, len, "CAN ERROR")) {
366 frame->can_id |= CAN_ERR_PROT;
367 } else if (check_len_then_cmp(elm->rxbuf, len, "<RX ERROR")) {
368 frame->can_id |= CAN_ERR_PROT;
369 } else if (check_len_then_cmp(elm->rxbuf, len, "BUS BUSY")) {
370 frame->can_id |= CAN_ERR_PROT;
371 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
372 } else if (check_len_then_cmp(elm->rxbuf, len, "FB ERROR")) {
373 frame->can_id |= CAN_ERR_PROT;
374 frame->data[2] = CAN_ERR_PROT_TX;
375 } else if (len == 5 && !memcmp(elm->rxbuf, "ERR", 3)) {
376 /* ERR is followed by two digits, hence line length 5 */
377 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
378 elm->rxbuf[3], elm->rxbuf[4]);
379 frame->can_id |= CAN_ERR_CRTL;
381 /* Something else has happened.
382 * Maybe garbage on the UART line.
383 * Emit a generic error frame.
387 elm327_feed_frame_to_netdev(elm, skb);
390 /* Parse CAN frames coming as ASCII from ELM327.
391 * They can be of various formats:
393 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
394 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
396 * where D = DLC, PL = payload byte
398 * Instead of a payload, RTR indicates a remote request.
400 * We will use the spaces and line length to guess the format.
402 static int elm327_parse_frame(struct elmcan *elm, size_t len)
404 struct can_frame *frame;
410 lockdep_assert_held(elm->lock);
412 skb = alloc_can_skb(elm->dev, &frame);
416 /* Find first non-hex and non-space character:
417 * - In the simplest case, there is none.
418 * - For RTR frames, 'R' is the first non-hex character.
419 * - An error message may replace the end of the data line.
421 for (hexlen = 0; hexlen <= len; hexlen++) {
422 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
423 elm->rxbuf[hexlen] != ' ') {
428 /* Sanity check whether the line is really a clean hexdump,
429 * or terminated by an error message, or contains garbage.
432 !isdigit(elm->rxbuf[hexlen]) &&
433 !isupper(elm->rxbuf[hexlen]) &&
434 '<' != elm->rxbuf[hexlen] &&
435 ' ' != elm->rxbuf[hexlen]) {
436 /* The line is likely garbled anyway, so bail.
437 * The main code will restart listening.
442 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
443 * No out-of-bounds access:
444 * We use the fact that we can always read from elm->rxbuf.
446 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
447 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
448 elm->rxbuf[13] == ' ') {
449 frame->can_id = CAN_EFF_FLAG;
451 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
454 /* This is not a well-formatted data line.
455 * Assume it's an error message.
460 if (hexlen < datastart) {
461 /* The line is too short to be a valid frame hex dump.
462 * Something interrupted the hex dump or it is invalid.
467 /* From here on all chars up to buf[hexlen] are hex or spaces,
468 * at well-defined offsets.
471 /* Read CAN data length */
472 frame->len = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
475 if (frame->can_id & CAN_EFF_FLAG) {
476 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
477 | (hex_to_bin(elm->rxbuf[1]) << 24)
478 | (hex_to_bin(elm->rxbuf[3]) << 20)
479 | (hex_to_bin(elm->rxbuf[4]) << 16)
480 | (hex_to_bin(elm->rxbuf[6]) << 12)
481 | (hex_to_bin(elm->rxbuf[7]) << 8)
482 | (hex_to_bin(elm->rxbuf[9]) << 4)
483 | (hex_to_bin(elm->rxbuf[10]) << 0);
485 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
486 | (hex_to_bin(elm->rxbuf[1]) << 4)
487 | (hex_to_bin(elm->rxbuf[2]) << 0);
490 /* Check for RTR frame */
491 if (elm->rxfill >= hexlen + 3 &&
492 !memcmp(&elm->rxbuf[hexlen], "RTR", 3)) {
493 frame->can_id |= CAN_RTR_FLAG;
496 /* Is the line long enough to hold the advertised payload?
497 * Note: RTR frames have a DLC, but no actual payload.
499 if (!(frame->can_id & CAN_RTR_FLAG) &&
500 (hexlen < frame->len * 3 + datastart)) {
502 * Probably the ELM327's RS232 TX buffer was full.
503 * Emit an error frame and exit.
505 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
506 frame->len = CAN_ERR_DLC;
507 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
508 elm327_feed_frame_to_netdev(elm, skb);
510 /* Signal failure to parse.
511 * The line will be re-parsed as an error line, which will fail.
512 * However, this will correctly drop the state machine back into
518 /* Parse the data nibbles. */
519 for (i = 0; i < frame->len; i++) {
520 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
521 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
524 /* Feed the frame to the network layer. */
525 elm327_feed_frame_to_netdev(elm, skb);
530 static void elm327_parse_line(struct elmcan *elm, size_t len)
532 lockdep_assert_held(elm->lock);
534 /* Skip empty lines */
538 /* Skip echo lines */
539 if (elm->drop_next_line) {
540 elm->drop_next_line = 0;
542 } else if (!memcmp(elm->rxbuf, "AT", 2)) {
546 /* Regular parsing */
547 if (elm->state == ELM327_STATE_RECEIVING
548 && elm327_parse_frame(elm, len)) {
549 /* Parse an error line. */
550 elm327_parse_error(elm, len);
553 elm327_kick_into_cmd_mode(elm);
557 static void elm327_handle_prompt(struct elmcan *elm)
559 struct can_frame *frame = &elm->can_frame_to_send;
560 /* Size this buffer for the largest ELM327 line we may generate,
561 * which is currently an 8 byte CAN frame's payload hexdump.
562 * Items in elm327_init_script must fit here, too!
564 char local_txbuf[sizeof("0102030405060708\r")];
566 lockdep_assert_held(elm->lock);
568 if (!elm->cmds_todo) {
569 /* Enter CAN monitor mode */
570 elm327_send(elm, "ATMA\r", 5);
571 elm->state = ELM327_STATE_RECEIVING;
573 /* We will be in the default state once this command is
574 * send, so enable the TX packet queue.
576 netif_wake_queue(elm->dev);
581 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
582 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
583 snprintf(local_txbuf, sizeof(local_txbuf),
585 *elm->next_init_cmd);
587 elm->next_init_cmd++;
588 if (!(*elm->next_init_cmd)) {
589 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
593 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
594 snprintf(local_txbuf, sizeof(local_txbuf),
596 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
598 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
599 snprintf(local_txbuf, sizeof(local_txbuf),
601 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
603 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
604 snprintf(local_txbuf, sizeof(local_txbuf),
606 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
608 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
609 snprintf(local_txbuf, sizeof(local_txbuf),
613 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
614 snprintf(local_txbuf, sizeof(local_txbuf),
616 (frame->can_id & CAN_EFF_MASK) >> 24);
618 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
619 snprintf(local_txbuf, sizeof(local_txbuf),
621 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
623 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
624 snprintf(local_txbuf, sizeof(local_txbuf),
626 frame->can_id & CAN_SFF_MASK);
628 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
629 if (frame->can_id & CAN_RTR_FLAG) {
630 /* Send an RTR frame. Their DLC is fixed.
631 * Some chips don't send them at all.
633 snprintf(local_txbuf, sizeof(local_txbuf),
636 /* Send a regular CAN data frame */
639 for (i = 0; i < frame->len; i++) {
640 snprintf(&local_txbuf[2 * i], sizeof(local_txbuf),
645 snprintf(&local_txbuf[2 * i], sizeof(local_txbuf),
649 elm->drop_next_line = 1;
650 elm->state = ELM327_STATE_RECEIVING;
652 /* We will be in the default state once this command is
653 * send, so enable the TX packet queue.
655 netif_wake_queue(elm->dev);
658 elm327_send(elm, local_txbuf, strlen(local_txbuf));
661 static bool elm327_is_ready_char(char c)
663 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
664 * Probably bad hardware.
666 return (c & 0x3f) == ELM327_READY_CHAR;
669 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
671 lockdep_assert_held(elm->lock);
673 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
677 static void elm327_parse_rxbuf(struct elmcan *elm)
682 lockdep_assert_held(elm->lock);
684 switch (elm->state) {
685 case ELM327_STATE_NOTINIT:
689 case ELM327_STATE_GETDUMMYCHAR:
691 /* Wait for 'y' or '>' */
692 for (i = 0; i < elm->rxfill; i++) {
693 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
694 elm327_send(elm, "\r", 1);
695 elm->state = ELM327_STATE_GETPROMPT;
698 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
699 elm327_send(elm, ELM327_DUMMY_STRING, 1);
705 elm327_drop_bytes(elm, i);
710 case ELM327_STATE_GETPROMPT:
712 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
713 elm327_handle_prompt(elm);
718 case ELM327_STATE_RECEIVING:
719 /* Find <CR> delimiting feedback lines. */
721 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
726 if (len == ELM327_SIZE_RXBUF) {
727 /* Line exceeds buffer. It's probably all garbage.
728 * Did we even connect at the right baud rate?
731 "RX buffer overflow. Faulty ELM327 or UART?\n");
732 elm327_uart_side_failure(elm);
734 } else if (len == elm->rxfill) {
735 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
736 /* The ELM327's AT ST response timeout ran out,
737 * so we got a prompt.
738 * Clear RX buffer and restart listening.
742 elm327_handle_prompt(elm);
746 /* No <CR> found - we haven't received a full line yet.
747 * Wait for more data.
752 /* We have a full line to parse. */
753 elm327_parse_line(elm, len);
755 /* Remove parsed data from RX buffer. */
756 elm327_drop_bytes(elm, len + 1);
758 /* More data to parse? */
760 elm327_parse_rxbuf(elm);
764 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,10,0)
765 /* Dummy needed to use can_rx_offload */
766 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
767 unsigned int n, u32 *timestamp,
770 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
772 return ERR_PTR(-ENOBUFS);
776 static int elmcan_netdev_open(struct net_device *dev)
778 struct elmcan *elm = netdev_priv(dev);
781 spin_lock_bh(&elm->lock);
784 spin_unlock_bh(&elm->lock);
788 if (elm->uart_side_failure)
789 netdev_warn(elm->dev, "Reopening netdev after a UART side fault has been detected.\n");
791 /* Clear TTY buffers */
795 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
796 err = open_candev(dev);
798 spin_unlock_bh(&elm->lock);
803 spin_unlock_bh(&elm->lock);
805 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,10,0)
806 elm->offload.mailbox_read = elmcan_mailbox_read;
807 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
809 err = can_rx_offload_add_manual(dev, &elm->offload, ELM327_NAPI_WEIGHT);
816 can_rx_offload_enable(&elm->offload);
818 can_led_event(dev, CAN_LED_EVENT_OPEN);
819 elm->can.state = CAN_STATE_ERROR_ACTIVE;
820 netif_start_queue(dev);
825 static int elmcan_netdev_close(struct net_device *dev)
827 struct elmcan *elm = netdev_priv(dev);
829 /* Interrupt whatever the ELM327 is doing right now */
830 spin_lock_bh(&elm->lock);
831 elm327_send(elm, ELM327_DUMMY_STRING, 1);
832 spin_unlock_bh(&elm->lock);
834 netif_stop_queue(dev);
836 /* Give UART one final chance to flush. */
837 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
838 flush_work(&elm->tx_work);
840 can_rx_offload_disable(&elm->offload);
841 elm->can.state = CAN_STATE_STOPPED;
842 can_rx_offload_del(&elm->offload);
844 can_led_event(dev, CAN_LED_EVENT_STOP);
849 /* Send a can_frame to a TTY. */
850 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
851 struct net_device *dev)
853 struct elmcan *elm = netdev_priv(dev);
854 struct can_frame *frame = (struct can_frame *)skb->data;
856 if (can_dropped_invalid_skb(dev, skb))
859 /* BHs are already disabled, so no spin_lock_bh().
860 * See Documentation/networking/netdevices.txt
862 spin_lock(&elm->lock);
864 /* We shouldn't get here after a hardware fault:
865 * can_bus_off() calls netif_carrier_off()
867 WARN_ON_ONCE(elm->uart_side_failure);
870 elm->uart_side_failure ||
871 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
872 spin_unlock(&elm->lock);
876 netif_stop_queue(dev);
878 elm327_send_frame(elm, frame);
879 spin_unlock(&elm->lock);
881 dev->stats.tx_packets++;
882 dev->stats.tx_bytes += frame->len;
884 can_led_event(dev, CAN_LED_EVENT_TX);
891 static const struct net_device_ops elmcan_netdev_ops = {
892 .ndo_open = elmcan_netdev_open,
893 .ndo_stop = elmcan_netdev_close,
894 .ndo_start_xmit = elmcan_netdev_start_xmit,
895 .ndo_change_mtu = can_change_mtu,
898 static bool elmcan_is_valid_rx_char(char c)
900 return (isdigit(c) ||
902 c == ELM327_DUMMY_CHAR ||
903 c == ELM327_READY_CHAR ||
914 /* Handle incoming ELM327 ASCII data.
915 * This will not be re-entered while running, but other ldisc
916 * functions may be called in parallel.
918 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
919 static void elmcan_ldisc_rx(struct tty_struct *tty,
920 const unsigned char *cp, char *fp, int count)
922 static void elmcan_ldisc_rx(struct tty_struct *tty,
923 const unsigned char *cp, const char *fp, int count)
926 struct elmcan *elm = (struct elmcan *)tty->disc_data;
928 spin_lock_bh(&elm->lock);
930 if (elm->uart_side_failure)
933 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
935 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
937 elm327_uart_side_failure(elm);
942 /* Ignore NUL characters, which the PIC microcontroller may
943 * inadvertently insert due to a known hardware bug.
944 * See ELM327 documentation, which refers to a Microchip PIC
948 /* Check for stray characters on the UART line.
949 * Likely caused by bad hardware.
951 if (!elmcan_is_valid_rx_char(*cp)) {
953 "Received illegal character %02x.\n",
955 elm327_uart_side_failure(elm);
960 elm->rxbuf[elm->rxfill++] = *cp;
967 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
969 elm327_uart_side_failure(elm);
974 elm327_parse_rxbuf(elm);
977 spin_unlock_bh(&elm->lock);
980 /* Write out remaining transmit buffer.
981 * Scheduled when TTY is writable.
983 static void elmcan_ldisc_tx_worker(struct work_struct *work)
985 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
988 if (elm->uart_side_failure)
991 spin_lock_bh(&elm->lock);
994 written = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
997 "Failed to write to tty %s.\n",
999 elm327_uart_side_failure(elm);
1000 spin_unlock_bh(&elm->lock);
1003 elm->txleft -= written;
1004 elm->txhead += written;
1009 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1010 spin_unlock_bh(&elm->lock);
1012 spin_unlock_bh(&elm->lock);
1016 /* Called by the driver when there's room for more data. */
1017 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1019 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1021 schedule_work(&elm->tx_work);
1024 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1025 * or 7/8 of that. Divisors are 1 to 64.
1026 * Currently we don't implement support for 7/8 rates.
1028 static const u32 elmcan_bitrate_const[64] = {
1029 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1030 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1031 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1032 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1033 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1034 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1035 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1036 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1039 /* Dummy needed to use bitrate_const */
1040 static int elmcan_do_set_bittiming(struct net_device *netdev)
1045 static int elmcan_ldisc_open(struct tty_struct *tty)
1047 struct net_device *dev;
1051 if (!capable(CAP_NET_ADMIN))
1054 if (!tty->ops->write)
1057 dev = alloc_candev(sizeof(struct elmcan), 0);
1060 elm = netdev_priv(dev);
1062 /* Configure TTY interface */
1063 tty->receive_room = 65536; /* We don't flow control */
1064 spin_lock_init(&elm->lock);
1065 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1067 /* Configure CAN metadata */
1068 elm->can.bitrate_const = elmcan_bitrate_const;
1069 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1070 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1071 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1073 /* Configure netdev interface */
1075 dev->netdev_ops = &elmcan_netdev_ops;
1077 /* Mark ldisc channel as alive */
1079 tty->disc_data = elm;
1081 devm_can_led_init(elm->dev);
1084 err = register_candev(elm->dev);
1088 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1093 free_candev(elm->dev);
1097 /* Close down an elmcan channel.
1098 * This means flushing out any pending queues, and then returning.
1099 * This call is serialized against other ldisc functions:
1100 * Once this is called, no other ldisc function of ours is entered.
1102 * We also use this function for a hangup event.
1104 static void elmcan_ldisc_close(struct tty_struct *tty)
1106 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1108 /* unregister_netdev() calls .ndo_stop() so we don't have to.
1109 * Our .ndo_stop() also flushes the TTY write wakeup handler,
1110 * so we can safely set elm->tty = NULL after this.
1112 unregister_candev(elm->dev);
1114 /* Mark channel as dead */
1115 spin_lock_bh(&elm->lock);
1116 tty->disc_data = NULL;
1118 spin_unlock_bh(&elm->lock);
1120 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1122 free_candev(elm->dev);
1125 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1126 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1129 unsigned int cmd, unsigned long arg)
1131 struct elmcan *elm = (struct elmcan *)tty->disc_data;
1136 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1137 if (copy_to_user((void __user *)arg, elm->dev->name, tmp))
1145 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1146 return tty_mode_ioctl(tty, file, cmd, arg);
1148 return tty_mode_ioctl(tty, cmd, arg);
1153 static struct tty_ldisc_ops elmcan_ldisc = {
1154 .owner = THIS_MODULE,
1156 .num = N_DEVELOPMENT,
1157 .receive_buf = elmcan_ldisc_rx,
1158 .write_wakeup = elmcan_ldisc_tx_wakeup,
1159 .open = elmcan_ldisc_open,
1160 .close = elmcan_ldisc_close,
1161 .ioctl = elmcan_ldisc_ioctl,
1164 static int __init elmcan_init(void)
1168 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1169 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1171 status = tty_register_ldisc(&elmcan_ldisc);
1174 pr_err("Can't register line discipline\n");
1179 static void __exit elmcan_exit(void)
1181 /* This will only be called when all channels have been closed by
1182 * userspace - tty_ldisc.c takes care of the module's refcount.
1184 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1187 status = tty_unregister_ldisc(N_DEVELOPMENT);
1189 pr_err("Can't unregister line discipline (error: %d)\n",
1192 tty_unregister_ldisc(&elmcan_ldisc);
1196 module_init(elmcan_init);
1197 module_exit(elmcan_exit);
1199 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
1200 MODULE_DESCRIPTION("ELM327 based CAN interface");
1201 MODULE_LICENSE("GPL");
1202 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
projects / elmcan.git / blob