1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
9 #define pr_fmt(fmt) "[elmcan] " fmt
11 #include <linux/init.h>
12 #include <linux/module.h>
13 #include <linux/moduleparam.h>
15 #include <linux/atomic.h>
16 #include <linux/bitops.h>
17 #include <linux/ctype.h>
18 #include <linux/delay.h>
19 #include <linux/errno.h>
20 #include <linux/if_ether.h>
21 #include <linux/kernel.h>
22 #include <linux/list.h>
23 #include <linux/netdevice.h>
24 #include <linux/skbuff.h>
25 #include <linux/spinlock.h>
26 #include <linux/string.h>
27 #include <linux/tty.h>
28 #include <linux/tty_ldisc.h>
29 #include <linux/version.h>
30 #include <linux/workqueue.h>
32 #include <uapi/linux/tty.h>
34 #include <linux/can.h>
35 #include <linux/can/dev.h>
36 #include <linux/can/error.h>
37 #include <linux/can/led.h>
38 #include <linux/can/rx-offload.h>
40 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
41 MODULE_DESCRIPTION("ELM327 based CAN interface");
42 MODULE_LICENSE("GPL");
43 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
45 /* Line discipline ID number.
46 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
47 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
50 #define N_DEVELOPMENT 29
53 #define ELM327_NAPI_WEIGHT 4
55 #define ELM327_SIZE_RXBUF 256
56 #define ELM327_SIZE_TXBUF 32
58 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
59 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
60 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
61 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
63 #define ELM327_DUMMY_CHAR 'y'
64 #define ELM327_DUMMY_STRING "y"
65 #define ELM327_READY_CHAR '>'
67 /* Bits in elm->cmds_todo */
68 enum ELM327_TX_DO_BITS {
69 ELM327_TX_DO_CAN_DATA = 0,
70 ELM327_TX_DO_CANID_11BIT,
71 ELM327_TX_DO_CANID_29BIT_LOW,
72 ELM327_TX_DO_CANID_29BIT_HIGH,
73 ELM327_TX_DO_CAN_CONFIG_PART2,
74 ELM327_TX_DO_CAN_CONFIG,
75 ELM327_TX_DO_RESPONSES,
76 ELM327_TX_DO_SILENT_MONITOR,
81 /* This must be the first member when using alloc_candev() */
84 struct can_rx_offload offload;
86 /* TTY and netdev devices that we're bridging */
87 struct tty_struct *tty;
88 struct net_device *dev;
90 /* Per-channel lock */
93 /* Keep track of how many things are using this struct.
94 * Once it reaches 0, we are in the process of cleaning up,
95 * and new operations will be cancelled immediately.
96 * Use atomic_t rather than refcount_t because we deliberately
97 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
102 /* Stop the channel on hardware failure.
103 * Once this is true, nothing will be sent to the TTY.
108 struct work_struct tx_work; /* Flushes TTY TX buffer */
109 unsigned char *txbuf;
110 unsigned char *txhead; /* Pointer to next TX byte */
111 int txleft; /* Bytes left to TX */
114 unsigned char rxbuf[ELM327_SIZE_RXBUF];
127 /* The CAN frame and config the ELM327 is sending/using,
128 * or will send/use after finishing all cmds_todo
130 struct can_frame can_frame_to_send;
131 unsigned short can_config;
132 unsigned long can_bitrate;
133 unsigned char can_bitrate_divisor;
134 int silent_monitoring;
136 /* Things we have yet to send */
137 char **next_init_cmd;
138 unsigned long cmds_todo;
141 /* A lock for all tty->disc_data handled by this ldisc.
142 * This is to prevent a case where tty->disc_data is set to NULL,
143 * yet someone is still trying to dereference it.
144 * Without this, we cannot do a clean shutdown.
146 static DEFINE_SPINLOCK(elmcan_discdata_lock);
148 static inline void elm327_hw_failure(struct elmcan *elm);
150 /* Assumes elm->lock taken. */
151 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
158 memcpy(elm->txbuf, buf, len);
160 /* Order of next two lines is *very* important.
161 * When we are sending a little amount of data,
162 * the transfer may be completed inside the ops->write()
163 * routine, because it's running with interrupts enabled.
164 * In this case we *never* got WRITE_WAKEUP event,
165 * if we did not request it before write operation.
166 * 14 Oct 1994 Dmitry Gorodchanin.
168 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
169 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
172 "Failed to write to tty %s.\n",
174 elm327_hw_failure(elm);
178 elm->txleft = len - actual;
179 elm->txhead = elm->txbuf + actual;
182 /* Take the ELM327 out of almost any state and back into command mode.
183 * We send ELM327_DUMMY_CHAR which will either abort any running
184 * operation, or be echoed back to us in case we're already in command
187 * Assumes elm->lock taken.
189 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
191 if (elm->state != ELM_GETDUMMYCHAR && elm->state != ELM_GETPROMPT) {
192 elm327_send(elm, ELM327_DUMMY_STRING, 1);
194 elm->state = ELM_GETDUMMYCHAR;
198 /* Schedule a CAN frame and necessary config changes to be sent to the TTY.
200 * Assumes elm->lock taken.
202 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
204 /* Schedule any necessary changes in ELM327's CAN configuration */
205 if (elm->can_frame_to_send.can_id != frame->can_id) {
206 /* Set the new CAN ID for transmission. */
207 if ((frame->can_id & CAN_EFF_FLAG)
208 ^ (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
209 elm->can_config = (frame->can_id & CAN_EFF_FLAG
211 : ELM327_CAN_CONFIG_SEND_SFF)
212 | ELM327_CAN_CONFIG_VARIABLE_DLC
213 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
214 | elm->can_bitrate_divisor;
216 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
219 if (frame->can_id & CAN_EFF_FLAG) {
220 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
221 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
222 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
224 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
225 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
226 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
230 /* Schedule the CAN frame itself. */
231 elm->can_frame_to_send = *frame;
232 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
234 elm327_kick_into_cmd_mode(elm);
237 /* ELM327 initialization sequence.
239 * Assumes elm->lock taken.
241 static char *elm327_init_script[] = {
242 "AT WS\r", /* v1.0: Warm Start */
243 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
244 "AT M0\r", /* v1.0: Memory Off */
245 "AT AL\r", /* v1.0: Allow Long messages */
246 "AT BI\r", /* v1.0: Bypass Initialization */
247 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
248 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
249 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
250 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
251 "AT E1\r", /* v1.0: Echo On */
252 "AT H1\r", /* v1.0: Headers On */
253 "AT L0\r", /* v1.0: Linefeeds Off */
254 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
255 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
256 "AT AT0\r", /* v1.2: Adaptive Timing Off */
257 "AT D1\r", /* v1.3: Print DLC On */
258 "AT S1\r", /* v1.3: Spaces On */
259 "AT TP B\r", /* v1.0: Try Protocol B */
263 static void elm327_init(struct elmcan *elm)
265 elm->state = ELM_NOTINIT;
266 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
268 elm->drop_next_line = 0;
270 /* We can only set the bitrate as a fraction of 500000.
271 * The bit timing constants in elmcan_bittiming_const will
272 * limit the user to the right values.
274 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
275 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
276 | ELM327_CAN_CONFIG_VARIABLE_DLC
277 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
278 | elm->can_bitrate_divisor;
280 /* Configure ELM327 and then start monitoring */
281 elm->next_init_cmd = &elm327_init_script[0];
282 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
283 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
284 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
285 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
287 elm327_kick_into_cmd_mode(elm);
290 /* Assumes elm->lock taken. */
291 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
292 const struct can_frame *frame)
294 struct can_frame *cf;
297 if (!netif_running(elm->dev))
300 skb = alloc_can_skb(elm->dev, &cf);
305 memcpy(cf, frame, sizeof(struct can_frame));
307 /* Queue for NAPI pickup.
308 * rx-offload will update stats and LEDs for us.
310 if (can_rx_offload_queue_tail(&elm->offload, skb))
311 elm->dev->stats.rx_fifo_errors++;
313 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
315 can_rx_offload_irq_finish(&elm->offload);
319 /* Called when we're out of ideas and just want it all to end.
320 * Assumes elm->lock taken.
322 static inline void elm327_hw_failure(struct elmcan *elm)
324 struct can_frame frame;
326 memset(&frame, 0, sizeof(frame));
327 frame.can_id = CAN_ERR_FLAG;
328 frame.can_dlc = CAN_ERR_DLC;
332 elm327_feed_frame_to_netdev(elm, &frame);
334 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
336 elm->hw_failure = true;
337 can_bus_off(elm->dev);
340 /* Compare a buffer to a fixed string */
341 static inline int _memstrcmp(const u8 *mem, const char *str)
343 return memcmp(mem, str, strlen(str));
346 /* Compare buffer to string length, then compare buffer to fixed string.
347 * This ensures two things:
348 * - It flags cases where the fixed string is only the start of the
349 * buffer, rather than exactly all of it.
350 * - It avoids byte comparisons in case the length doesn't match.
352 static inline int _len_memstrcmp(const u8 *mem, size_t mem_len, const char *str)
354 size_t str_len = strlen(str);
356 return (mem_len != str_len) || memcmp(mem, str, str_len);
359 /* Assumes elm->lock taken. */
360 static void elm327_parse_error(struct elmcan *elm, size_t len)
362 struct can_frame frame;
364 memset(&frame, 0, sizeof(frame));
365 frame.can_id = CAN_ERR_FLAG;
366 frame.can_dlc = CAN_ERR_DLC;
368 /* Filter possible error messages based on length of RX'd line */
369 if (!_len_memstrcmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
371 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
372 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUFFER FULL")) {
373 /* This will only happen if the last data line was complete.
374 * Otherwise, elm327_parse_frame() will heuristically
375 * emit this kind of error frame instead.
377 frame.can_id |= CAN_ERR_CRTL;
378 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
379 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS ERROR")) {
380 frame.can_id |= CAN_ERR_BUSERROR;
381 } else if (!_len_memstrcmp(elm->rxbuf, len, "CAN ERROR")) {
382 frame.can_id |= CAN_ERR_PROT;
383 } else if (!_len_memstrcmp(elm->rxbuf, len, "<RX ERROR")) {
384 frame.can_id |= CAN_ERR_PROT;
385 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS BUSY")) {
386 frame.can_id |= CAN_ERR_PROT;
387 frame.data[2] = CAN_ERR_PROT_OVERLOAD;
388 } else if (!_len_memstrcmp(elm->rxbuf, len, "FB ERROR")) {
389 frame.can_id |= CAN_ERR_PROT;
390 frame.data[2] = CAN_ERR_PROT_TX;
391 } else if (len == 5 && !_memstrcmp(elm->rxbuf, "ERR")) {
392 /* ERR is followed by two digits, hence line length 5 */
393 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
394 elm->rxbuf[3], elm->rxbuf[4]);
395 frame.can_id |= CAN_ERR_CRTL;
397 /* Something else has happened.
398 * Maybe garbage on the UART line.
399 * Emit a generic error frame.
403 elm327_feed_frame_to_netdev(elm, &frame);
406 /* Parse CAN frames coming as ASCII from ELM327.
407 * They can be of various formats:
409 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
410 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
412 * where D = DLC, PL = payload byte
414 * Instead of a payload, RTR indicates a remote request.
416 * We will use the spaces and line length to guess the format.
418 * Assumes elm->lock taken.
420 static int elm327_parse_frame(struct elmcan *elm, size_t len)
422 struct can_frame frame;
427 memset(&frame, 0, sizeof(frame));
429 /* Find first non-hex and non-space character:
430 * - In the simplest case, there is none.
431 * - For RTR frames, 'R' is the first non-hex character.
432 * - An error message may replace the end of the data line.
434 for (hexlen = 0; hexlen <= len; hexlen++) {
435 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
436 elm->rxbuf[hexlen] != ' ') {
441 /* Sanity check whether the line is really a clean hexdump,
442 * or terminated by an error message, or contains garbage.
445 !isdigit(elm->rxbuf[hexlen]) &&
446 !isupper(elm->rxbuf[hexlen]) &&
447 '<' != elm->rxbuf[hexlen] &&
448 ' ' != elm->rxbuf[hexlen]) {
449 /* The line is likely garbled anyway, so bail.
450 * The main code will restart listening.
455 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
456 * No out-of-bounds access:
457 * We use the fact that we can always read from elm->rxbuf.
459 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
460 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
461 elm->rxbuf[13] == ' ') {
462 frame.can_id = CAN_EFF_FLAG;
464 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
468 /* This is not a well-formatted data line.
469 * Assume it's an error message.
474 if (hexlen < datastart) {
475 /* The line is too short to be a valid frame hex dump.
476 * Something interrupted the hex dump or it is invalid.
481 /* From here on all chars up to buf[hexlen] are hex or spaces,
482 * at well-defined offsets.
485 /* Read CAN data length */
486 frame.can_dlc = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
489 if (frame.can_id & CAN_EFF_FLAG) {
490 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
491 | (hex_to_bin(elm->rxbuf[1]) << 24)
492 | (hex_to_bin(elm->rxbuf[3]) << 20)
493 | (hex_to_bin(elm->rxbuf[4]) << 16)
494 | (hex_to_bin(elm->rxbuf[6]) << 12)
495 | (hex_to_bin(elm->rxbuf[7]) << 8)
496 | (hex_to_bin(elm->rxbuf[9]) << 4)
497 | (hex_to_bin(elm->rxbuf[10]) << 0);
499 frame.can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
500 | (hex_to_bin(elm->rxbuf[1]) << 4)
501 | (hex_to_bin(elm->rxbuf[2]) << 0);
504 /* Check for RTR frame */
505 if (elm->rxfill >= hexlen + 3 &&
506 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
507 frame.can_id |= CAN_RTR_FLAG;
510 /* Is the line long enough to hold the advertised payload?
511 * Note: RTR frames have a DLC, but no actual payload.
513 if (!(frame.can_id & CAN_RTR_FLAG) &&
514 (hexlen < frame.can_dlc * 3 + datastart)) {
515 /* Incomplete frame. */
517 /* Probably the ELM327's RS232 TX buffer was full.
518 * Emit an error frame and exit.
520 frame.can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
521 frame.can_dlc = CAN_ERR_DLC;
522 frame.data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
523 elm327_feed_frame_to_netdev(elm, &frame);
525 /* Signal failure to parse.
526 * The line will be re-parsed as an error line, which will fail.
527 * However, this will correctly drop the state machine back into
533 /* Parse the data nibbles. */
534 for (i = 0; i < frame.can_dlc; i++) {
535 frame.data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
536 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
539 /* Feed the frame to the network layer. */
540 elm327_feed_frame_to_netdev(elm, &frame);
545 /* Assumes elm->lock taken. */
546 static void elm327_parse_line(struct elmcan *elm, size_t len)
548 /* Skip empty lines */
552 /* Skip echo lines */
553 if (elm->drop_next_line) {
554 elm->drop_next_line = 0;
556 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
560 /* Regular parsing */
561 switch (elm->state) {
563 if (elm327_parse_frame(elm, len)) {
564 /* Parse an error line. */
565 elm327_parse_error(elm, len);
568 elm327_kick_into_cmd_mode(elm);
576 /* Assumes elm->lock taken. */
577 static void elm327_handle_prompt(struct elmcan *elm)
579 struct can_frame *frame = &elm->can_frame_to_send;
580 char local_txbuf[20];
582 if (!elm->cmds_todo) {
583 /* Enter CAN monitor mode */
584 elm327_send(elm, "ATMA\r", 5);
585 elm->state = ELM_RECEIVING;
590 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
591 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
592 strcpy(local_txbuf, *elm->next_init_cmd);
594 elm->next_init_cmd++;
595 if (!(*elm->next_init_cmd)) {
596 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
600 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
601 sprintf(local_txbuf, "ATCSM%i\r",
602 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
604 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
605 sprintf(local_txbuf, "ATR%i\r",
606 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
608 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
609 sprintf(local_txbuf, "ATPC\r");
610 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
612 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
613 sprintf(local_txbuf, "ATPB%04X\r",
616 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
617 sprintf(local_txbuf, "ATCP%02X\r",
618 (frame->can_id & CAN_EFF_MASK) >> 24);
620 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
621 sprintf(local_txbuf, "ATSH%06X\r",
622 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
624 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
625 sprintf(local_txbuf, "ATSH%03X\r",
626 frame->can_id & CAN_SFF_MASK);
628 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
629 if (frame->can_id & CAN_RTR_FLAG) {
630 /* Send an RTR frame. Their DLC is fixed.
631 * Some chips don't send them at all.
633 sprintf(local_txbuf, "ATRTR\r");
635 /* Send a regular CAN data frame */
638 for (i = 0; i < frame->can_dlc; i++) {
639 sprintf(&local_txbuf[2 * i], "%02X",
643 sprintf(&local_txbuf[2 * i], "\r");
646 elm->drop_next_line = 1;
647 elm->state = ELM_RECEIVING;
650 elm327_send(elm, local_txbuf, strlen(local_txbuf));
653 static bool elm327_is_ready_char(char c)
655 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
656 * Probably bad hardware.
658 return (c & 0x3f) == ELM327_READY_CHAR;
661 /* Assumes elm->lock taken. */
662 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
664 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
668 /* Assumes elm->lock taken. */
669 static void elm327_parse_rxbuf(struct elmcan *elm)
673 switch (elm->state) {
678 case ELM_GETDUMMYCHAR:
680 /* Wait for 'y' or '>' */
683 for (i = 0; i < elm->rxfill; i++) {
684 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
685 elm327_send(elm, "\r", 1);
686 elm->state = ELM_GETPROMPT;
689 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
690 elm327_send(elm, ELM327_DUMMY_STRING, 1);
696 elm327_drop_bytes(elm, i);
703 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
704 elm327_handle_prompt(elm);
710 /* Find <CR> delimiting feedback lines. */
712 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
717 if (len == ELM327_SIZE_RXBUF) {
718 /* Line exceeds buffer. It's probably all garbage.
719 * Did we even connect at the right baud rate?
722 "RX buffer overflow. Faulty ELM327 or UART?\n");
723 elm327_hw_failure(elm);
725 } else if (len == elm->rxfill) {
726 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
727 /* The ELM327's AT ST response timeout ran out,
728 * so we got a prompt.
729 * Clear RX buffer and restart listening.
733 elm327_handle_prompt(elm);
737 /* No <CR> found - we haven't received a full line yet.
738 * Wait for more data.
743 /* We have a full line to parse. */
744 elm327_parse_line(elm, len);
746 /* Remove parsed data from RX buffer. */
747 elm327_drop_bytes(elm, len + 1);
749 /* More data to parse? */
751 elm327_parse_rxbuf(elm);
755 /* Dummy needed to use can_rx_offload */
756 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
757 unsigned int n, u32 *timestamp,
760 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
762 return ERR_PTR(-ENOBUFS);
765 static int elmcan_netdev_open(struct net_device *dev)
767 struct elmcan *elm = netdev_priv(dev);
770 spin_lock_bh(&elm->lock);
771 if (elm->hw_failure) {
772 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
773 spin_unlock_bh(&elm->lock);
778 spin_unlock_bh(&elm->lock);
782 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
783 err = open_candev(dev);
785 spin_unlock_bh(&elm->lock);
790 spin_unlock_bh(&elm->lock);
792 elm->offload.mailbox_read = elmcan_mailbox_read;
793 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
799 can_rx_offload_enable(&elm->offload);
801 can_led_event(dev, CAN_LED_EVENT_OPEN);
802 elm->can.state = CAN_STATE_ERROR_ACTIVE;
803 netif_start_queue(dev);
808 static int elmcan_netdev_close(struct net_device *dev)
810 struct elmcan *elm = netdev_priv(dev);
812 netif_stop_queue(dev);
814 spin_lock_bh(&elm->lock);
816 /* Interrupt whatever we're doing right now */
817 elm327_send(elm, ELM327_DUMMY_STRING, 1);
819 /* Clear the wakeup bit, as the netdev will be down and thus
820 * the wakeup handler won't clear it
822 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
824 spin_unlock_bh(&elm->lock);
826 flush_work(&elm->tx_work);
828 spin_unlock_bh(&elm->lock);
831 can_rx_offload_disable(&elm->offload);
832 elm->can.state = CAN_STATE_STOPPED;
833 can_rx_offload_del(&elm->offload);
835 can_led_event(dev, CAN_LED_EVENT_STOP);
840 /* Send a can_frame to a TTY. */
841 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
842 struct net_device *dev)
844 struct elmcan *elm = netdev_priv(dev);
845 struct can_frame *frame = (struct can_frame *)skb->data;
847 if (skb->len != sizeof(struct can_frame))
850 if (!netif_running(dev)) {
851 netdev_warn(elm->dev, "xmit: iface is down.\n");
855 /* BHs are already disabled, so no spin_lock_bh().
856 * See Documentation/networking/netdevices.txt
858 spin_lock(&elm->lock);
860 /* We shouldn't get here after a hardware fault:
861 * can_bus_off() calls netif_carrier_off()
863 WARN_ON_ONCE(elm->hw_failure);
867 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
868 spin_unlock(&elm->lock);
872 netif_stop_queue(dev);
874 elm327_send_frame(elm, frame);
875 spin_unlock(&elm->lock);
877 dev->stats.tx_packets++;
878 dev->stats.tx_bytes += frame->can_dlc;
880 can_led_event(dev, CAN_LED_EVENT_TX);
887 static const struct net_device_ops elmcan_netdev_ops = {
888 .ndo_open = elmcan_netdev_open,
889 .ndo_stop = elmcan_netdev_close,
890 .ndo_start_xmit = elmcan_netdev_start_xmit,
891 .ndo_change_mtu = can_change_mtu,
894 /* Get a reference to our struct, taking into account locks/refcounts.
895 * This is to ensure ordering in case we are shutting down, and to ensure
896 * there is a refcount at all (otherwise tty->disc_data may be freed and
897 * before we increment the refcount).
898 * Use this for anything that can race against elmcan_ldisc_close().
900 static struct elmcan *get_elm(struct tty_struct *tty)
905 spin_lock_bh(&elmcan_discdata_lock);
906 elm = (struct elmcan *)tty->disc_data;
909 spin_unlock_bh(&elmcan_discdata_lock);
913 got_ref = atomic_inc_not_zero(&elm->refcount);
914 spin_unlock_bh(&elmcan_discdata_lock);
922 static void put_elm(struct elmcan *elm)
924 atomic_dec(&elm->refcount);
927 static bool elmcan_is_valid_rx_char(char c)
929 return (isdigit(c) ||
931 c == ELM327_DUMMY_CHAR ||
932 c == ELM327_READY_CHAR ||
943 /* Handle incoming ELM327 ASCII data.
944 * This will not be re-entered while running, but other ldisc
945 * functions may be called in parallel.
947 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
948 static void elmcan_ldisc_rx(struct tty_struct *tty,
949 const unsigned char *cp, char *fp, int count)
951 static void elmcan_ldisc_rx(struct tty_struct *tty,
952 const unsigned char *cp, const char *fp, int count)
955 struct elmcan *elm = get_elm(tty);
960 spin_lock_bh(&elm->lock);
965 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
967 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
969 elm327_hw_failure(elm);
974 /* Ignore NUL characters, which the PIC microcontroller may
975 * inadvertently insert due to a known hardware bug.
976 * See ELM327 documentation, which refers to a Microchip PIC
980 /* Check for stray characters on the UART line.
981 * Likely caused by bad hardware.
983 if (!elmcan_is_valid_rx_char(*cp)) {
985 "Received illegal character %02x.\n",
987 elm327_hw_failure(elm);
992 elm->rxbuf[elm->rxfill++] = *cp;
999 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
1001 elm327_hw_failure(elm);
1006 elm327_parse_rxbuf(elm);
1009 spin_unlock_bh(&elm->lock);
1013 /* Write out remaining transmit buffer.
1014 * Scheduled when TTY is writable.
1016 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1018 /* No need to use get_elm() here, as we'll always flush workers
1019 * before destroying the elmcan object.
1021 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1024 spin_lock_bh(&elm->lock);
1025 if (elm->hw_failure) {
1026 spin_unlock_bh(&elm->lock);
1030 if (!elm->tty || !netif_running(elm->dev)) {
1031 spin_unlock_bh(&elm->lock);
1035 if (elm->txleft <= 0) {
1036 /* Our TTY write buffer is empty:
1037 * Allow netdev to hand us another packet
1039 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1040 spin_unlock_bh(&elm->lock);
1041 netif_wake_queue(elm->dev);
1045 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1047 netdev_err(elm->dev,
1048 "Failed to write to tty %s.\n",
1050 elm327_hw_failure(elm);
1051 spin_unlock_bh(&elm->lock);
1055 elm->txleft -= actual;
1056 elm->txhead += actual;
1057 spin_unlock_bh(&elm->lock);
1060 /* Called by the driver when there's room for more data. */
1061 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1063 struct elmcan *elm = get_elm(tty);
1068 schedule_work(&elm->tx_work);
1073 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1074 * or 7/8 of that. Divisors are 1 to 64.
1075 * Currently we don't implement support for 7/8 rates.
1077 static const u32 elmcan_bitrate_const[64] = {
1078 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1079 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1080 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1081 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1082 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1083 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1084 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1085 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1088 /* Dummy needed to use bitrate_const */
1089 static int elmcan_do_set_bittiming(struct net_device *netdev)
1094 static int elmcan_ldisc_open(struct tty_struct *tty)
1096 struct net_device *dev;
1100 if (!capable(CAP_NET_ADMIN))
1103 if (!tty->ops->write)
1106 dev = alloc_candev(sizeof(struct elmcan), 0);
1109 elm = netdev_priv(dev);
1111 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1117 /* Configure TTY interface */
1118 tty->receive_room = 65536; /* We don't flow control */
1119 elm->txleft = 0; /* Clear TTY TX buffer */
1120 spin_lock_init(&elm->lock);
1121 atomic_set(&elm->refcount, 1);
1122 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1124 /* Configure CAN metadata */
1125 elm->can.state = CAN_STATE_STOPPED;
1126 elm->can.bitrate_const = elmcan_bitrate_const;
1127 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1128 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1129 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1131 /* Configure netdev interface */
1133 dev->netdev_ops = &elmcan_netdev_ops;
1135 /* Mark ldisc channel as alive */
1137 tty->disc_data = elm;
1139 devm_can_led_init(elm->dev);
1142 err = register_candev(elm->dev);
1146 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1152 free_candev(elm->dev);
1156 /* Close down an elmcan channel.
1157 * This means flushing out any pending queues, and then returning.
1158 * This call is serialized against other ldisc functions:
1159 * Once this is called, no other ldisc function of ours is entered.
1161 * We also use this function for a hangup event.
1163 static void elmcan_ldisc_close(struct tty_struct *tty)
1165 struct elmcan *elm = get_elm(tty);
1170 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1171 unregister_candev(elm->dev);
1173 /* Decrease the refcount twice, once for our own get_elm(),
1174 * and once to remove the count of 1 that we set in _open().
1175 * Once it reaches 0, we can safely destroy it.
1180 while (atomic_read(&elm->refcount) > 0)
1181 msleep_interruptible(10);
1183 /* At this point, all ldisc calls to us have become no-ops. */
1185 flush_work(&elm->tx_work);
1187 /* Mark channel as dead */
1188 spin_lock_bh(&elm->lock);
1189 tty->disc_data = NULL;
1191 spin_unlock_bh(&elm->lock);
1193 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1196 free_candev(elm->dev);
1199 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1200 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1202 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1205 elmcan_ldisc_close(tty);
1206 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1211 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1212 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1215 unsigned int cmd, unsigned long arg)
1217 struct elmcan *elm = get_elm(tty);
1225 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1226 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1240 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1241 return tty_mode_ioctl(tty, file, cmd, arg);
1243 return tty_mode_ioctl(tty, cmd, arg);
1248 static struct tty_ldisc_ops elmcan_ldisc = {
1249 .owner = THIS_MODULE,
1251 .num = N_DEVELOPMENT,
1252 .receive_buf = elmcan_ldisc_rx,
1253 .write_wakeup = elmcan_ldisc_tx_wakeup,
1254 .open = elmcan_ldisc_open,
1255 .close = elmcan_ldisc_close,
1256 .hangup = elmcan_ldisc_hangup,
1257 .ioctl = elmcan_ldisc_ioctl,
1260 static int __init elmcan_init(void)
1264 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1265 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1267 status = tty_register_ldisc(&elmcan_ldisc);
1270 pr_err("Can't register line discipline\n");
1275 static void __exit elmcan_exit(void)
1277 /* This will only be called when all channels have been closed by
1278 * userspace - tty_ldisc.c takes care of the module's refcount.
1280 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1283 status = tty_unregister_ldisc(N_DEVELOPMENT);
1285 pr_err("Can't unregister line discipline (error: %d)\n",
1288 tty_unregister_ldisc(&elmcan_ldisc);
1292 module_init(elmcan_init);
1293 module_exit(elmcan_exit);
projects / elmcan.git / blob