1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
9 #define pr_fmt(fmt) "[elmcan] " fmt
11 #include <linux/init.h>
12 #include <linux/module.h>
13 #include <linux/moduleparam.h>
15 #include <linux/atomic.h>
16 #include <linux/bitops.h>
17 #include <linux/ctype.h>
18 #include <linux/delay.h>
19 #include <linux/errno.h>
20 #include <linux/if_ether.h>
21 #include <linux/kernel.h>
22 #include <linux/list.h>
23 #include <linux/netdevice.h>
24 #include <linux/skbuff.h>
25 #include <linux/spinlock.h>
26 #include <linux/string.h>
27 #include <linux/tty.h>
28 #include <linux/tty_ldisc.h>
29 #include <linux/version.h>
30 #include <linux/workqueue.h>
32 #include <uapi/linux/tty.h>
34 #include <linux/can.h>
35 #include <linux/can/dev.h>
36 #include <linux/can/error.h>
37 #include <linux/can/led.h>
38 #include <linux/can/rx-offload.h>
40 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
41 MODULE_DESCRIPTION("ELM327 based CAN interface");
42 MODULE_LICENSE("GPL");
43 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
45 /* Line discipline ID number.
46 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
47 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
50 #define N_DEVELOPMENT 29
53 #define ELM327_NAPI_WEIGHT 4
55 #define ELM327_SIZE_RXBUF 256
56 #define ELM327_SIZE_TXBUF 32
58 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
59 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
60 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
61 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
63 #define ELM327_DUMMY_CHAR 'y'
64 #define ELM327_DUMMY_STRING "y"
65 #define ELM327_READY_CHAR '>'
67 /* Bits in elm->cmds_todo */
68 enum ELM327_TX_DO_BITS {
69 ELM327_TX_DO_CAN_DATA = 0,
70 ELM327_TX_DO_CANID_11BIT,
71 ELM327_TX_DO_CANID_29BIT_LOW,
72 ELM327_TX_DO_CANID_29BIT_HIGH,
73 ELM327_TX_DO_CAN_CONFIG_PART2,
74 ELM327_TX_DO_CAN_CONFIG,
75 ELM327_TX_DO_RESPONSES,
76 ELM327_TX_DO_SILENT_MONITOR,
81 /* This must be the first member when using alloc_candev() */
84 struct can_rx_offload offload;
86 /* TTY and netdev devices that we're bridging */
87 struct tty_struct *tty;
88 struct net_device *dev;
90 /* Per-channel lock */
93 /* Keep track of how many things are using this struct.
94 * Once it reaches 0, we are in the process of cleaning up,
95 * and new operations will be cancelled immediately.
96 * Use atomic_t rather than refcount_t because we deliberately
97 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
102 /* Stop the channel on hardware failure.
103 * Once this is true, nothing will be sent to the TTY.
108 struct work_struct tx_work; /* Flushes TTY TX buffer */
109 unsigned char *txbuf;
110 unsigned char *txhead; /* Pointer to next TX byte */
111 int txleft; /* Bytes left to TX */
114 unsigned char rxbuf[ELM327_SIZE_RXBUF];
127 /* The CAN frame and config the ELM327 is sending/using,
128 * or will send/use after finishing all cmds_todo
130 struct can_frame can_frame_to_send;
131 unsigned short can_config;
132 unsigned long can_bitrate;
133 unsigned char can_bitrate_divisor;
134 int silent_monitoring;
136 /* Things we have yet to send */
137 char **next_init_cmd;
138 unsigned long cmds_todo;
141 /* A lock for all tty->disc_data handled by this ldisc.
142 * This is to prevent a case where tty->disc_data is set to NULL,
143 * yet someone is still trying to dereference it.
144 * Without this, we cannot do a clean shutdown.
146 static DEFINE_SPINLOCK(elmcan_discdata_lock);
148 static inline void elm327_hw_failure(struct elmcan *elm);
150 /* Assumes elm->lock taken. */
151 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
158 memcpy(elm->txbuf, buf, len);
160 /* Order of next two lines is *very* important.
161 * When we are sending a little amount of data,
162 * the transfer may be completed inside the ops->write()
163 * routine, because it's running with interrupts enabled.
164 * In this case we *never* got WRITE_WAKEUP event,
165 * if we did not request it before write operation.
166 * 14 Oct 1994 Dmitry Gorodchanin.
168 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
169 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
172 "Failed to write to tty %s.\n",
174 elm327_hw_failure(elm);
178 elm->txleft = len - actual;
179 elm->txhead = elm->txbuf + actual;
182 /* Take the ELM327 out of almost any state and back into command mode.
183 * We send ELM327_DUMMY_CHAR which will either abort any running
184 * operation, or be echoed back to us in case we're already in command
187 * Assumes elm->lock taken.
189 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
191 if (elm->state != ELM_GETDUMMYCHAR && elm->state != ELM_GETPROMPT) {
192 elm327_send(elm, ELM327_DUMMY_STRING, 1);
194 elm->state = ELM_GETDUMMYCHAR;
198 /* Schedule a CAN frame and necessary config changes to be sent to the TTY.
200 * Assumes elm->lock taken.
202 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
204 /* Schedule any necessary changes in ELM327's CAN configuration */
205 if (elm->can_frame_to_send.can_id != frame->can_id) {
206 /* Set the new CAN ID for transmission. */
207 if ((frame->can_id & CAN_EFF_FLAG)
208 ^ (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
209 elm->can_config = (frame->can_id & CAN_EFF_FLAG
211 : ELM327_CAN_CONFIG_SEND_SFF)
212 | ELM327_CAN_CONFIG_VARIABLE_DLC
213 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
214 | elm->can_bitrate_divisor;
216 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
219 if (frame->can_id & CAN_EFF_FLAG) {
220 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
221 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
222 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
224 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
225 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
226 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
230 /* Schedule the CAN frame itself. */
231 elm->can_frame_to_send = *frame;
232 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
234 elm327_kick_into_cmd_mode(elm);
237 /* ELM327 initialization sequence.
239 * Assumes elm->lock taken.
241 static char *elm327_init_script[] = {
242 "AT WS\r", /* v1.0: Warm Start */
243 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
244 "AT M0\r", /* v1.0: Memory Off */
245 "AT AL\r", /* v1.0: Allow Long messages */
246 "AT BI\r", /* v1.0: Bypass Initialization */
247 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
248 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
249 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
250 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
251 "AT E1\r", /* v1.0: Echo On */
252 "AT H1\r", /* v1.0: Headers On */
253 "AT L0\r", /* v1.0: Linefeeds Off */
254 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
255 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
256 "AT AT0\r", /* v1.2: Adaptive Timing Off */
257 "AT D1\r", /* v1.3: Print DLC On */
258 "AT S1\r", /* v1.3: Spaces On */
259 "AT TP B\r", /* v1.0: Try Protocol B */
263 static void elm327_init(struct elmcan *elm)
265 elm->state = ELM_NOTINIT;
266 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
268 elm->drop_next_line = 0;
270 /* We can only set the bitrate as a fraction of 500000.
271 * The bit timing constants in elmcan_bittiming_const will
272 * limit the user to the right values.
274 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
275 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
276 | ELM327_CAN_CONFIG_VARIABLE_DLC
277 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
278 | elm->can_bitrate_divisor;
280 /* Configure ELM327 and then start monitoring */
281 elm->next_init_cmd = &elm327_init_script[0];
282 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
283 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
284 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
285 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
287 elm327_kick_into_cmd_mode(elm);
290 /* Assumes elm->lock taken. */
291 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
294 if (!netif_running(elm->dev))
297 /* Queue for NAPI pickup.
298 * rx-offload will update stats and LEDs for us.
300 if (can_rx_offload_queue_tail(&elm->offload, skb))
301 elm->dev->stats.rx_fifo_errors++;
303 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
305 can_rx_offload_irq_finish(&elm->offload);
309 /* Called when we're out of ideas and just want it all to end.
310 * Assumes elm->lock taken.
312 static inline void elm327_hw_failure(struct elmcan *elm)
314 struct can_frame *frame;
317 skb = alloc_can_err_skb(elm->dev, &frame);
321 frame->data[5] = 'R';
322 frame->data[6] = 'I';
323 frame->data[7] = 'P';
325 elm327_feed_frame_to_netdev(elm, skb);
327 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
329 elm->hw_failure = true;
330 can_bus_off(elm->dev);
333 /* Compare a buffer to a fixed string */
334 static inline int _memstrcmp(const u8 *mem, const char *str)
336 return memcmp(mem, str, strlen(str));
339 /* Compare buffer to string length, then compare buffer to fixed string.
340 * This ensures two things:
341 * - It flags cases where the fixed string is only the start of the
342 * buffer, rather than exactly all of it.
343 * - It avoids byte comparisons in case the length doesn't match.
345 static inline int _len_memstrcmp(const u8 *mem, size_t mem_len, const char *str)
347 size_t str_len = strlen(str);
349 return (mem_len != str_len) || memcmp(mem, str, str_len);
352 /* Assumes elm->lock taken. */
353 static void elm327_parse_error(struct elmcan *elm, size_t len)
355 struct can_frame *frame;
358 skb = alloc_can_err_skb(elm->dev, &frame);
360 /* It's okay to return here:
361 * The outer parsing loop will drop this UART buffer.
365 /* Filter possible error messages based on length of RX'd line */
366 if (!_len_memstrcmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
368 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
369 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUFFER FULL")) {
370 /* This will only happen if the last data line was complete.
371 * Otherwise, elm327_parse_frame() will heuristically
372 * emit this kind of error frame instead.
374 frame->can_id |= CAN_ERR_CRTL;
375 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
376 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS ERROR")) {
377 frame->can_id |= CAN_ERR_BUSERROR;
378 } else if (!_len_memstrcmp(elm->rxbuf, len, "CAN ERROR")) {
379 frame->can_id |= CAN_ERR_PROT;
380 } else if (!_len_memstrcmp(elm->rxbuf, len, "<RX ERROR")) {
381 frame->can_id |= CAN_ERR_PROT;
382 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS BUSY")) {
383 frame->can_id |= CAN_ERR_PROT;
384 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
385 } else if (!_len_memstrcmp(elm->rxbuf, len, "FB ERROR")) {
386 frame->can_id |= CAN_ERR_PROT;
387 frame->data[2] = CAN_ERR_PROT_TX;
388 } else if (len == 5 && !_memstrcmp(elm->rxbuf, "ERR")) {
389 /* ERR is followed by two digits, hence line length 5 */
390 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
391 elm->rxbuf[3], elm->rxbuf[4]);
392 frame->can_id |= CAN_ERR_CRTL;
394 /* Something else has happened.
395 * Maybe garbage on the UART line.
396 * Emit a generic error frame.
400 elm327_feed_frame_to_netdev(elm, skb);
403 /* Parse CAN frames coming as ASCII from ELM327.
404 * They can be of various formats:
406 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
407 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
409 * where D = DLC, PL = payload byte
411 * Instead of a payload, RTR indicates a remote request.
413 * We will use the spaces and line length to guess the format.
415 * Assumes elm->lock taken.
417 static int elm327_parse_frame(struct elmcan *elm, size_t len)
419 struct can_frame *frame;
425 skb = alloc_can_skb(elm->dev, &frame);
429 /* Find first non-hex and non-space character:
430 * - In the simplest case, there is none.
431 * - For RTR frames, 'R' is the first non-hex character.
432 * - An error message may replace the end of the data line.
434 for (hexlen = 0; hexlen <= len; hexlen++) {
435 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
436 elm->rxbuf[hexlen] != ' ') {
441 /* Sanity check whether the line is really a clean hexdump,
442 * or terminated by an error message, or contains garbage.
445 !isdigit(elm->rxbuf[hexlen]) &&
446 !isupper(elm->rxbuf[hexlen]) &&
447 '<' != elm->rxbuf[hexlen] &&
448 ' ' != elm->rxbuf[hexlen]) {
449 /* The line is likely garbled anyway, so bail.
450 * The main code will restart listening.
455 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
456 * No out-of-bounds access:
457 * We use the fact that we can always read from elm->rxbuf.
459 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
460 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
461 elm->rxbuf[13] == ' ') {
462 frame->can_id = CAN_EFF_FLAG;
464 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
468 /* This is not a well-formatted data line.
469 * Assume it's an error message.
474 if (hexlen < datastart) {
475 /* The line is too short to be a valid frame hex dump.
476 * Something interrupted the hex dump or it is invalid.
481 /* From here on all chars up to buf[hexlen] are hex or spaces,
482 * at well-defined offsets.
485 /* Read CAN data length */
486 frame->can_dlc = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
489 if (frame->can_id & CAN_EFF_FLAG) {
490 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
491 | (hex_to_bin(elm->rxbuf[1]) << 24)
492 | (hex_to_bin(elm->rxbuf[3]) << 20)
493 | (hex_to_bin(elm->rxbuf[4]) << 16)
494 | (hex_to_bin(elm->rxbuf[6]) << 12)
495 | (hex_to_bin(elm->rxbuf[7]) << 8)
496 | (hex_to_bin(elm->rxbuf[9]) << 4)
497 | (hex_to_bin(elm->rxbuf[10]) << 0);
499 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
500 | (hex_to_bin(elm->rxbuf[1]) << 4)
501 | (hex_to_bin(elm->rxbuf[2]) << 0);
504 /* Check for RTR frame */
505 if (elm->rxfill >= hexlen + 3 &&
506 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
507 frame->can_id |= CAN_RTR_FLAG;
510 /* Is the line long enough to hold the advertised payload?
511 * Note: RTR frames have a DLC, but no actual payload.
513 if (!(frame->can_id & CAN_RTR_FLAG) &&
514 (hexlen < frame->can_dlc * 3 + datastart)) {
516 * Probably the ELM327's RS232 TX buffer was full.
517 * Emit an error frame and exit.
519 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
520 frame->can_dlc = CAN_ERR_DLC;
521 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
522 elm327_feed_frame_to_netdev(elm, skb);
524 /* Signal failure to parse.
525 * The line will be re-parsed as an error line, which will fail.
526 * However, this will correctly drop the state machine back into
532 /* Parse the data nibbles. */
533 for (i = 0; i < frame->can_dlc; i++) {
534 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
535 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
538 /* Feed the frame to the network layer. */
539 elm327_feed_frame_to_netdev(elm, skb);
544 /* Assumes elm->lock taken. */
545 static void elm327_parse_line(struct elmcan *elm, size_t len)
547 /* Skip empty lines */
551 /* Skip echo lines */
552 if (elm->drop_next_line) {
553 elm->drop_next_line = 0;
555 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
559 /* Regular parsing */
560 switch (elm->state) {
562 if (elm327_parse_frame(elm, len)) {
563 /* Parse an error line. */
564 elm327_parse_error(elm, len);
567 elm327_kick_into_cmd_mode(elm);
575 /* Assumes elm->lock taken. */
576 static void elm327_handle_prompt(struct elmcan *elm)
578 struct can_frame *frame = &elm->can_frame_to_send;
579 char local_txbuf[20];
581 if (!elm->cmds_todo) {
582 /* Enter CAN monitor mode */
583 elm327_send(elm, "ATMA\r", 5);
584 elm->state = ELM_RECEIVING;
589 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
590 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
591 strcpy(local_txbuf, *elm->next_init_cmd);
593 elm->next_init_cmd++;
594 if (!(*elm->next_init_cmd)) {
595 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
599 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
600 sprintf(local_txbuf, "ATCSM%i\r",
601 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
603 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
604 sprintf(local_txbuf, "ATR%i\r",
605 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
607 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
608 sprintf(local_txbuf, "ATPC\r");
609 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
611 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
612 sprintf(local_txbuf, "ATPB%04X\r",
615 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
616 sprintf(local_txbuf, "ATCP%02X\r",
617 (frame->can_id & CAN_EFF_MASK) >> 24);
619 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
620 sprintf(local_txbuf, "ATSH%06X\r",
621 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
623 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
624 sprintf(local_txbuf, "ATSH%03X\r",
625 frame->can_id & CAN_SFF_MASK);
627 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
628 if (frame->can_id & CAN_RTR_FLAG) {
629 /* Send an RTR frame. Their DLC is fixed.
630 * Some chips don't send them at all.
632 sprintf(local_txbuf, "ATRTR\r");
634 /* Send a regular CAN data frame */
637 for (i = 0; i < frame->can_dlc; i++) {
638 sprintf(&local_txbuf[2 * i], "%02X",
642 sprintf(&local_txbuf[2 * i], "\r");
645 elm->drop_next_line = 1;
646 elm->state = ELM_RECEIVING;
649 elm327_send(elm, local_txbuf, strlen(local_txbuf));
652 static bool elm327_is_ready_char(char c)
654 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
655 * Probably bad hardware.
657 return (c & 0x3f) == ELM327_READY_CHAR;
660 /* Assumes elm->lock taken. */
661 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
663 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
667 /* Assumes elm->lock taken. */
668 static void elm327_parse_rxbuf(struct elmcan *elm)
672 switch (elm->state) {
677 case ELM_GETDUMMYCHAR:
679 /* Wait for 'y' or '>' */
682 for (i = 0; i < elm->rxfill; i++) {
683 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
684 elm327_send(elm, "\r", 1);
685 elm->state = ELM_GETPROMPT;
688 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
689 elm327_send(elm, ELM327_DUMMY_STRING, 1);
695 elm327_drop_bytes(elm, i);
702 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
703 elm327_handle_prompt(elm);
709 /* Find <CR> delimiting feedback lines. */
711 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
716 if (len == ELM327_SIZE_RXBUF) {
717 /* Line exceeds buffer. It's probably all garbage.
718 * Did we even connect at the right baud rate?
721 "RX buffer overflow. Faulty ELM327 or UART?\n");
722 elm327_hw_failure(elm);
724 } else if (len == elm->rxfill) {
725 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
726 /* The ELM327's AT ST response timeout ran out,
727 * so we got a prompt.
728 * Clear RX buffer and restart listening.
732 elm327_handle_prompt(elm);
736 /* No <CR> found - we haven't received a full line yet.
737 * Wait for more data.
742 /* We have a full line to parse. */
743 elm327_parse_line(elm, len);
745 /* Remove parsed data from RX buffer. */
746 elm327_drop_bytes(elm, len + 1);
748 /* More data to parse? */
750 elm327_parse_rxbuf(elm);
754 /* Dummy needed to use can_rx_offload */
755 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
756 unsigned int n, u32 *timestamp,
759 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
761 return ERR_PTR(-ENOBUFS);
764 static int elmcan_netdev_open(struct net_device *dev)
766 struct elmcan *elm = netdev_priv(dev);
769 spin_lock_bh(&elm->lock);
770 if (elm->hw_failure) {
771 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
772 spin_unlock_bh(&elm->lock);
777 spin_unlock_bh(&elm->lock);
781 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
782 err = open_candev(dev);
784 spin_unlock_bh(&elm->lock);
789 spin_unlock_bh(&elm->lock);
791 elm->offload.mailbox_read = elmcan_mailbox_read;
792 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
798 can_rx_offload_enable(&elm->offload);
800 can_led_event(dev, CAN_LED_EVENT_OPEN);
801 elm->can.state = CAN_STATE_ERROR_ACTIVE;
802 netif_start_queue(dev);
807 static int elmcan_netdev_close(struct net_device *dev)
809 struct elmcan *elm = netdev_priv(dev);
811 netif_stop_queue(dev);
813 spin_lock_bh(&elm->lock);
815 /* Interrupt whatever we're doing right now */
816 elm327_send(elm, ELM327_DUMMY_STRING, 1);
818 /* Clear the wakeup bit, as the netdev will be down and thus
819 * the wakeup handler won't clear it
821 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
823 spin_unlock_bh(&elm->lock);
825 flush_work(&elm->tx_work);
827 spin_unlock_bh(&elm->lock);
830 can_rx_offload_disable(&elm->offload);
831 elm->can.state = CAN_STATE_STOPPED;
832 can_rx_offload_del(&elm->offload);
834 can_led_event(dev, CAN_LED_EVENT_STOP);
839 /* Send a can_frame to a TTY. */
840 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
841 struct net_device *dev)
843 struct elmcan *elm = netdev_priv(dev);
844 struct can_frame *frame = (struct can_frame *)skb->data;
846 if (skb->len != sizeof(struct can_frame))
849 if (!netif_running(dev)) {
850 netdev_warn(elm->dev, "xmit: iface is down.\n");
854 /* BHs are already disabled, so no spin_lock_bh().
855 * See Documentation/networking/netdevices.txt
857 spin_lock(&elm->lock);
859 /* We shouldn't get here after a hardware fault:
860 * can_bus_off() calls netif_carrier_off()
862 WARN_ON_ONCE(elm->hw_failure);
866 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
867 spin_unlock(&elm->lock);
871 netif_stop_queue(dev);
873 elm327_send_frame(elm, frame);
874 spin_unlock(&elm->lock);
876 dev->stats.tx_packets++;
877 dev->stats.tx_bytes += frame->can_dlc;
879 can_led_event(dev, CAN_LED_EVENT_TX);
886 static const struct net_device_ops elmcan_netdev_ops = {
887 .ndo_open = elmcan_netdev_open,
888 .ndo_stop = elmcan_netdev_close,
889 .ndo_start_xmit = elmcan_netdev_start_xmit,
890 .ndo_change_mtu = can_change_mtu,
893 /* Get a reference to our struct, taking into account locks/refcounts.
894 * This is to ensure ordering in case we are shutting down, and to ensure
895 * there is a refcount at all (otherwise tty->disc_data may be freed and
896 * before we increment the refcount).
897 * Use this for anything that can race against elmcan_ldisc_close().
899 static struct elmcan *get_elm(struct tty_struct *tty)
904 spin_lock_bh(&elmcan_discdata_lock);
905 elm = (struct elmcan *)tty->disc_data;
908 spin_unlock_bh(&elmcan_discdata_lock);
912 got_ref = atomic_inc_not_zero(&elm->refcount);
913 spin_unlock_bh(&elmcan_discdata_lock);
921 static void put_elm(struct elmcan *elm)
923 atomic_dec(&elm->refcount);
926 static bool elmcan_is_valid_rx_char(char c)
928 return (isdigit(c) ||
930 c == ELM327_DUMMY_CHAR ||
931 c == ELM327_READY_CHAR ||
942 /* Handle incoming ELM327 ASCII data.
943 * This will not be re-entered while running, but other ldisc
944 * functions may be called in parallel.
946 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
947 static void elmcan_ldisc_rx(struct tty_struct *tty,
948 const unsigned char *cp, char *fp, int count)
950 static void elmcan_ldisc_rx(struct tty_struct *tty,
951 const unsigned char *cp, const char *fp, int count)
954 struct elmcan *elm = get_elm(tty);
959 spin_lock_bh(&elm->lock);
964 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
966 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
968 elm327_hw_failure(elm);
973 /* Ignore NUL characters, which the PIC microcontroller may
974 * inadvertently insert due to a known hardware bug.
975 * See ELM327 documentation, which refers to a Microchip PIC
979 /* Check for stray characters on the UART line.
980 * Likely caused by bad hardware.
982 if (!elmcan_is_valid_rx_char(*cp)) {
984 "Received illegal character %02x.\n",
986 elm327_hw_failure(elm);
991 elm->rxbuf[elm->rxfill++] = *cp;
998 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
1000 elm327_hw_failure(elm);
1005 elm327_parse_rxbuf(elm);
1008 spin_unlock_bh(&elm->lock);
1012 /* Write out remaining transmit buffer.
1013 * Scheduled when TTY is writable.
1015 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1017 /* No need to use get_elm() here, as we'll always flush workers
1018 * before destroying the elmcan object.
1020 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1023 spin_lock_bh(&elm->lock);
1024 if (elm->hw_failure) {
1025 spin_unlock_bh(&elm->lock);
1029 if (!elm->tty || !netif_running(elm->dev)) {
1030 spin_unlock_bh(&elm->lock);
1034 if (elm->txleft <= 0) {
1035 /* Our TTY write buffer is empty:
1036 * Allow netdev to hand us another packet
1038 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1039 spin_unlock_bh(&elm->lock);
1040 netif_wake_queue(elm->dev);
1044 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1046 netdev_err(elm->dev,
1047 "Failed to write to tty %s.\n",
1049 elm327_hw_failure(elm);
1050 spin_unlock_bh(&elm->lock);
1054 elm->txleft -= actual;
1055 elm->txhead += actual;
1056 spin_unlock_bh(&elm->lock);
1059 /* Called by the driver when there's room for more data. */
1060 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1062 struct elmcan *elm = get_elm(tty);
1067 schedule_work(&elm->tx_work);
1072 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1073 * or 7/8 of that. Divisors are 1 to 64.
1074 * Currently we don't implement support for 7/8 rates.
1076 static const u32 elmcan_bitrate_const[64] = {
1077 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1078 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1079 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1080 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1081 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1082 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1083 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1084 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1087 /* Dummy needed to use bitrate_const */
1088 static int elmcan_do_set_bittiming(struct net_device *netdev)
1093 static int elmcan_ldisc_open(struct tty_struct *tty)
1095 struct net_device *dev;
1099 if (!capable(CAP_NET_ADMIN))
1102 if (!tty->ops->write)
1105 dev = alloc_candev(sizeof(struct elmcan), 0);
1108 elm = netdev_priv(dev);
1110 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1116 /* Configure TTY interface */
1117 tty->receive_room = 65536; /* We don't flow control */
1118 elm->txleft = 0; /* Clear TTY TX buffer */
1119 spin_lock_init(&elm->lock);
1120 atomic_set(&elm->refcount, 1);
1121 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1123 /* Configure CAN metadata */
1124 elm->can.state = CAN_STATE_STOPPED;
1125 elm->can.bitrate_const = elmcan_bitrate_const;
1126 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1127 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1128 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1130 /* Configure netdev interface */
1132 dev->netdev_ops = &elmcan_netdev_ops;
1134 /* Mark ldisc channel as alive */
1136 tty->disc_data = elm;
1138 devm_can_led_init(elm->dev);
1141 err = register_candev(elm->dev);
1145 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1151 free_candev(elm->dev);
1155 /* Close down an elmcan channel.
1156 * This means flushing out any pending queues, and then returning.
1157 * This call is serialized against other ldisc functions:
1158 * Once this is called, no other ldisc function of ours is entered.
1160 * We also use this function for a hangup event.
1162 static void elmcan_ldisc_close(struct tty_struct *tty)
1164 struct elmcan *elm = get_elm(tty);
1169 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1170 unregister_candev(elm->dev);
1172 /* Decrease the refcount twice, once for our own get_elm(),
1173 * and once to remove the count of 1 that we set in _open().
1174 * Once it reaches 0, we can safely destroy it.
1179 while (atomic_read(&elm->refcount) > 0)
1180 msleep_interruptible(10);
1182 /* At this point, all ldisc calls to us have become no-ops. */
1184 flush_work(&elm->tx_work);
1186 /* Mark channel as dead */
1187 spin_lock_bh(&elm->lock);
1188 tty->disc_data = NULL;
1190 spin_unlock_bh(&elm->lock);
1192 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1195 free_candev(elm->dev);
1198 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1199 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1201 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1204 elmcan_ldisc_close(tty);
1205 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1210 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1211 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1214 unsigned int cmd, unsigned long arg)
1216 struct elmcan *elm = get_elm(tty);
1224 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1225 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1239 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1240 return tty_mode_ioctl(tty, file, cmd, arg);
1242 return tty_mode_ioctl(tty, cmd, arg);
1247 static struct tty_ldisc_ops elmcan_ldisc = {
1248 .owner = THIS_MODULE,
1250 .num = N_DEVELOPMENT,
1251 .receive_buf = elmcan_ldisc_rx,
1252 .write_wakeup = elmcan_ldisc_tx_wakeup,
1253 .open = elmcan_ldisc_open,
1254 .close = elmcan_ldisc_close,
1255 .hangup = elmcan_ldisc_hangup,
1256 .ioctl = elmcan_ldisc_ioctl,
1259 static int __init elmcan_init(void)
1263 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1264 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1266 status = tty_register_ldisc(&elmcan_ldisc);
1269 pr_err("Can't register line discipline\n");
1274 static void __exit elmcan_exit(void)
1276 /* This will only be called when all channels have been closed by
1277 * userspace - tty_ldisc.c takes care of the module's refcount.
1279 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1282 status = tty_unregister_ldisc(N_DEVELOPMENT);
1284 pr_err("Can't unregister line discipline (error: %d)\n",
1287 tty_unregister_ldisc(&elmcan_ldisc);
1291 module_init(elmcan_init);
1292 module_exit(elmcan_exit);
projects / elmcan.git / blob