1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
8 * elmcan.c Author : Max Staudt <max-linux@enpas.org>
9 * slcan.c Author : Oliver Hartkopp <socketcan@hartkopp.net>
10 * slip.c Authors : Laurence Culhane <loz@holmes.demon.co.uk>
11 * Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>
14 #define pr_fmt(fmt) "elmcan: " fmt
16 #include <linux/init.h>
17 #include <linux/module.h>
18 #include <linux/moduleparam.h>
20 #include <linux/atomic.h>
21 #include <linux/bitops.h>
22 #include <linux/ctype.h>
23 #include <linux/delay.h>
24 #include <linux/errno.h>
25 #include <linux/if_ether.h>
26 #include <linux/kernel.h>
27 #include <linux/list.h>
28 #include <linux/netdevice.h>
29 #include <linux/skbuff.h>
30 #include <linux/spinlock.h>
31 #include <linux/string.h>
32 #include <linux/tty.h>
33 #include <linux/tty_ldisc.h>
34 #include <linux/version.h>
35 #include <linux/workqueue.h>
37 #include <uapi/linux/tty.h>
39 #include <linux/can.h>
40 #include <linux/can/dev.h>
41 #include <linux/can/error.h>
42 #include <linux/can/led.h>
43 #include <linux/can/rx-offload.h>
45 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
46 MODULE_DESCRIPTION("ELM327 based CAN interface");
47 MODULE_LICENSE("GPL");
48 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
50 /* Line discipline ID number.
51 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
52 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
55 #define N_DEVELOPMENT 29
58 /* Compatibility for Linux < 5.11 */
59 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,11,0)
63 #define ELM327_NAPI_WEIGHT 4
65 #define ELM327_SIZE_RXBUF 256
66 #define ELM327_SIZE_TXBUF 32
68 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
69 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
70 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
71 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
73 #define ELM327_DUMMY_CHAR 'y'
74 #define ELM327_DUMMY_STRING "y"
75 #define ELM327_READY_CHAR '>'
77 /* Bits in elm->cmds_todo */
78 enum ELM327_TX_DO_BITS {
79 ELM327_TX_DO_CAN_DATA = 0,
80 ELM327_TX_DO_CANID_11BIT,
81 ELM327_TX_DO_CANID_29BIT_LOW,
82 ELM327_TX_DO_CANID_29BIT_HIGH,
83 ELM327_TX_DO_CAN_CONFIG_PART2,
84 ELM327_TX_DO_CAN_CONFIG,
85 ELM327_TX_DO_RESPONSES,
86 ELM327_TX_DO_SILENT_MONITOR,
91 /* This must be the first member when using alloc_candev() */
94 struct can_rx_offload offload;
96 /* TTY and netdev devices that we're bridging */
97 struct tty_struct *tty;
98 struct net_device *dev;
100 /* Per-channel lock */
103 /* Keep track of how many things are using this struct.
104 * Once it reaches 0, we are in the process of cleaning up,
105 * and new operations will be cancelled immediately.
106 * Use atomic_t rather than refcount_t because we deliberately
107 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
112 /* Stop the channel on hardware failure.
113 * Once this is true, nothing will be sent to the TTY.
118 struct work_struct tx_work; /* Flushes TTY TX buffer */
119 unsigned char *txbuf;
120 unsigned char *txhead; /* Pointer to next TX byte */
121 int txleft; /* Bytes left to TX */
124 unsigned char rxbuf[ELM327_SIZE_RXBUF];
137 /* The CAN frame and config the ELM327 is sending/using,
138 * or will send/use after finishing all cmds_todo
140 struct can_frame can_frame_to_send;
141 unsigned short can_config;
142 unsigned long can_bitrate;
143 unsigned char can_bitrate_divisor;
144 int silent_monitoring;
146 /* Things we have yet to send */
147 char **next_init_cmd;
148 unsigned long cmds_todo;
151 /* A lock for all tty->disc_data handled by this ldisc.
152 * This is to prevent a case where tty->disc_data is set to NULL,
153 * yet someone is still trying to dereference it.
154 * Without this, we cannot do a clean shutdown.
156 static DEFINE_SPINLOCK(elmcan_discdata_lock);
158 static inline void elm327_hw_failure(struct elmcan *elm);
160 /* Assumes elm->lock taken. */
161 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
168 memcpy(elm->txbuf, buf, len);
170 /* Order of next two lines is *very* important.
171 * When we are sending a little amount of data,
172 * the transfer may be completed inside the ops->write()
173 * routine, because it's running with interrupts enabled.
174 * In this case we *never* got WRITE_WAKEUP event,
175 * if we did not request it before write operation.
176 * 14 Oct 1994 Dmitry Gorodchanin.
178 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
179 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
182 "Failed to write to tty %s.\n",
184 elm327_hw_failure(elm);
188 elm->txleft = len - actual;
189 elm->txhead = elm->txbuf + actual;
192 /* Take the ELM327 out of almost any state and back into command mode.
193 * We send ELM327_DUMMY_CHAR which will either abort any running
194 * operation, or be echoed back to us in case we're already in command
197 * Assumes elm->lock taken.
199 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
201 if (elm->state != ELM_GETDUMMYCHAR && elm->state != ELM_GETPROMPT) {
202 elm327_send(elm, ELM327_DUMMY_STRING, 1);
204 elm->state = ELM_GETDUMMYCHAR;
208 /* Schedule a CAN frame and necessary config changes to be sent to the TTY.
210 * Assumes elm->lock taken.
212 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
214 /* Schedule any necessary changes in ELM327's CAN configuration */
215 if (elm->can_frame_to_send.can_id != frame->can_id) {
216 /* Set the new CAN ID for transmission. */
217 if ((frame->can_id & CAN_EFF_FLAG)
218 ^ (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
219 elm->can_config = (frame->can_id & CAN_EFF_FLAG
221 : ELM327_CAN_CONFIG_SEND_SFF)
222 | ELM327_CAN_CONFIG_VARIABLE_DLC
223 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
224 | elm->can_bitrate_divisor;
226 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
229 if (frame->can_id & CAN_EFF_FLAG) {
230 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
231 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
232 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
234 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
235 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
236 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
240 /* Schedule the CAN frame itself. */
241 elm->can_frame_to_send = *frame;
242 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
244 elm327_kick_into_cmd_mode(elm);
247 /* ELM327 initialization sequence.
249 * Assumes elm->lock taken.
251 static char *elm327_init_script[] = {
252 "AT WS\r", /* v1.0: Warm Start */
253 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
254 "AT M0\r", /* v1.0: Memory Off */
255 "AT AL\r", /* v1.0: Allow Long messages */
256 "AT BI\r", /* v1.0: Bypass Initialization */
257 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
258 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
259 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
260 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
261 "AT E1\r", /* v1.0: Echo On */
262 "AT H1\r", /* v1.0: Headers On */
263 "AT L0\r", /* v1.0: Linefeeds Off */
264 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
265 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
266 "AT AT0\r", /* v1.2: Adaptive Timing Off */
267 "AT D1\r", /* v1.3: Print DLC On */
268 "AT S1\r", /* v1.3: Spaces On */
269 "AT TP B\r", /* v1.0: Try Protocol B */
273 static void elm327_init(struct elmcan *elm)
275 elm->state = ELM_NOTINIT;
276 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
278 elm->drop_next_line = 0;
280 /* We can only set the bitrate as a fraction of 500000.
281 * The bit timing constants in elmcan_bittiming_const will
282 * limit the user to the right values.
284 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
285 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
286 | ELM327_CAN_CONFIG_VARIABLE_DLC
287 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
288 | elm->can_bitrate_divisor;
290 /* Configure ELM327 and then start monitoring */
291 elm->next_init_cmd = &elm327_init_script[0];
292 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
293 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
294 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
295 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
297 elm327_kick_into_cmd_mode(elm);
300 /* Assumes elm->lock taken. */
301 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
304 if (!netif_running(elm->dev))
307 /* Queue for NAPI pickup.
308 * rx-offload will update stats and LEDs for us.
310 if (can_rx_offload_queue_tail(&elm->offload, skb))
311 elm->dev->stats.rx_fifo_errors++;
313 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
315 can_rx_offload_irq_finish(&elm->offload);
319 /* Called when we're out of ideas and just want it all to end.
320 * Assumes elm->lock taken.
322 static inline void elm327_hw_failure(struct elmcan *elm)
324 struct can_frame *frame;
327 elm->hw_failure = true;
329 elm->can.can_stats.bus_off++;
330 netif_stop_queue(elm->dev);
331 elm->can.state = CAN_STATE_BUS_OFF;
332 can_bus_off(elm->dev);
334 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
336 skb = alloc_can_err_skb(elm->dev, &frame);
340 frame->can_id |= CAN_ERR_BUSOFF;
341 elm327_feed_frame_to_netdev(elm, skb);
344 /* Compare a buffer to a fixed string */
345 static inline int _memstrcmp(const u8 *mem, const char *str)
347 return memcmp(mem, str, strlen(str));
350 /* Compare buffer to string length, then compare buffer to fixed string.
351 * This ensures two things:
352 * - It flags cases where the fixed string is only the start of the
353 * buffer, rather than exactly all of it.
354 * - It avoids byte comparisons in case the length doesn't match.
356 static inline int _len_memstrcmp(const u8 *mem, size_t mem_len, const char *str)
358 size_t str_len = strlen(str);
360 return (mem_len != str_len) || memcmp(mem, str, str_len);
363 /* Assumes elm->lock taken. */
364 static void elm327_parse_error(struct elmcan *elm, size_t len)
366 struct can_frame *frame;
369 skb = alloc_can_err_skb(elm->dev, &frame);
371 /* It's okay to return here:
372 * The outer parsing loop will drop this UART buffer.
376 /* Filter possible error messages based on length of RX'd line */
377 if (!_len_memstrcmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
379 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
380 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUFFER FULL")) {
381 /* This will only happen if the last data line was complete.
382 * Otherwise, elm327_parse_frame() will heuristically
383 * emit this kind of error frame instead.
385 frame->can_id |= CAN_ERR_CRTL;
386 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
387 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS ERROR")) {
388 frame->can_id |= CAN_ERR_BUSERROR;
389 } else if (!_len_memstrcmp(elm->rxbuf, len, "CAN ERROR")) {
390 frame->can_id |= CAN_ERR_PROT;
391 } else if (!_len_memstrcmp(elm->rxbuf, len, "<RX ERROR")) {
392 frame->can_id |= CAN_ERR_PROT;
393 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS BUSY")) {
394 frame->can_id |= CAN_ERR_PROT;
395 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
396 } else if (!_len_memstrcmp(elm->rxbuf, len, "FB ERROR")) {
397 frame->can_id |= CAN_ERR_PROT;
398 frame->data[2] = CAN_ERR_PROT_TX;
399 } else if (len == 5 && !_memstrcmp(elm->rxbuf, "ERR")) {
400 /* ERR is followed by two digits, hence line length 5 */
401 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
402 elm->rxbuf[3], elm->rxbuf[4]);
403 frame->can_id |= CAN_ERR_CRTL;
405 /* Something else has happened.
406 * Maybe garbage on the UART line.
407 * Emit a generic error frame.
411 elm327_feed_frame_to_netdev(elm, skb);
414 /* Parse CAN frames coming as ASCII from ELM327.
415 * They can be of various formats:
417 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
418 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
420 * where D = DLC, PL = payload byte
422 * Instead of a payload, RTR indicates a remote request.
424 * We will use the spaces and line length to guess the format.
426 * Assumes elm->lock taken.
428 static int elm327_parse_frame(struct elmcan *elm, size_t len)
430 struct can_frame *frame;
436 skb = alloc_can_skb(elm->dev, &frame);
440 /* Find first non-hex and non-space character:
441 * - In the simplest case, there is none.
442 * - For RTR frames, 'R' is the first non-hex character.
443 * - An error message may replace the end of the data line.
445 for (hexlen = 0; hexlen <= len; hexlen++) {
446 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
447 elm->rxbuf[hexlen] != ' ') {
452 /* Sanity check whether the line is really a clean hexdump,
453 * or terminated by an error message, or contains garbage.
456 !isdigit(elm->rxbuf[hexlen]) &&
457 !isupper(elm->rxbuf[hexlen]) &&
458 '<' != elm->rxbuf[hexlen] &&
459 ' ' != elm->rxbuf[hexlen]) {
460 /* The line is likely garbled anyway, so bail.
461 * The main code will restart listening.
466 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
467 * No out-of-bounds access:
468 * We use the fact that we can always read from elm->rxbuf.
470 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
471 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
472 elm->rxbuf[13] == ' ') {
473 frame->can_id = CAN_EFF_FLAG;
475 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
479 /* This is not a well-formatted data line.
480 * Assume it's an error message.
485 if (hexlen < datastart) {
486 /* The line is too short to be a valid frame hex dump.
487 * Something interrupted the hex dump or it is invalid.
492 /* From here on all chars up to buf[hexlen] are hex or spaces,
493 * at well-defined offsets.
496 /* Read CAN data length */
497 frame->len = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
500 if (frame->can_id & CAN_EFF_FLAG) {
501 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
502 | (hex_to_bin(elm->rxbuf[1]) << 24)
503 | (hex_to_bin(elm->rxbuf[3]) << 20)
504 | (hex_to_bin(elm->rxbuf[4]) << 16)
505 | (hex_to_bin(elm->rxbuf[6]) << 12)
506 | (hex_to_bin(elm->rxbuf[7]) << 8)
507 | (hex_to_bin(elm->rxbuf[9]) << 4)
508 | (hex_to_bin(elm->rxbuf[10]) << 0);
510 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
511 | (hex_to_bin(elm->rxbuf[1]) << 4)
512 | (hex_to_bin(elm->rxbuf[2]) << 0);
515 /* Check for RTR frame */
516 if (elm->rxfill >= hexlen + 3 &&
517 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
518 frame->can_id |= CAN_RTR_FLAG;
521 /* Is the line long enough to hold the advertised payload?
522 * Note: RTR frames have a DLC, but no actual payload.
524 if (!(frame->can_id & CAN_RTR_FLAG) &&
525 (hexlen < frame->len * 3 + datastart)) {
527 * Probably the ELM327's RS232 TX buffer was full.
528 * Emit an error frame and exit.
530 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
531 frame->len = CAN_ERR_DLC;
532 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
533 elm327_feed_frame_to_netdev(elm, skb);
535 /* Signal failure to parse.
536 * The line will be re-parsed as an error line, which will fail.
537 * However, this will correctly drop the state machine back into
543 /* Parse the data nibbles. */
544 for (i = 0; i < frame->len; i++) {
545 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
546 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
549 /* Feed the frame to the network layer. */
550 elm327_feed_frame_to_netdev(elm, skb);
555 /* Assumes elm->lock taken. */
556 static void elm327_parse_line(struct elmcan *elm, size_t len)
558 /* Skip empty lines */
562 /* Skip echo lines */
563 if (elm->drop_next_line) {
564 elm->drop_next_line = 0;
566 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
570 /* Regular parsing */
571 if (elm->state == ELM_RECEIVING
572 && elm327_parse_frame(elm, len)) {
573 /* Parse an error line. */
574 elm327_parse_error(elm, len);
577 elm327_kick_into_cmd_mode(elm);
581 /* Assumes elm->lock taken. */
582 static void elm327_handle_prompt(struct elmcan *elm)
584 struct can_frame *frame = &elm->can_frame_to_send;
585 char local_txbuf[20];
587 if (!elm->cmds_todo) {
588 /* Enter CAN monitor mode */
589 elm327_send(elm, "ATMA\r", 5);
590 elm->state = ELM_RECEIVING;
595 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
596 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
597 strcpy(local_txbuf, *elm->next_init_cmd);
599 elm->next_init_cmd++;
600 if (!(*elm->next_init_cmd)) {
601 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
605 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
606 sprintf(local_txbuf, "ATCSM%i\r",
607 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
609 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
610 sprintf(local_txbuf, "ATR%i\r",
611 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
613 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
614 sprintf(local_txbuf, "ATPC\r");
615 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
617 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
618 sprintf(local_txbuf, "ATPB%04X\r",
621 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
622 sprintf(local_txbuf, "ATCP%02X\r",
623 (frame->can_id & CAN_EFF_MASK) >> 24);
625 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
626 sprintf(local_txbuf, "ATSH%06X\r",
627 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
629 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
630 sprintf(local_txbuf, "ATSH%03X\r",
631 frame->can_id & CAN_SFF_MASK);
633 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
634 if (frame->can_id & CAN_RTR_FLAG) {
635 /* Send an RTR frame. Their DLC is fixed.
636 * Some chips don't send them at all.
638 sprintf(local_txbuf, "ATRTR\r");
640 /* Send a regular CAN data frame */
643 for (i = 0; i < frame->len; i++) {
644 sprintf(&local_txbuf[2 * i], "%02X",
648 sprintf(&local_txbuf[2 * i], "\r");
651 elm->drop_next_line = 1;
652 elm->state = ELM_RECEIVING;
655 elm327_send(elm, local_txbuf, strlen(local_txbuf));
658 static bool elm327_is_ready_char(char c)
660 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
661 * Probably bad hardware.
663 return (c & 0x3f) == ELM327_READY_CHAR;
666 /* Assumes elm->lock taken. */
667 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
669 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
673 /* Assumes elm->lock taken. */
674 static void elm327_parse_rxbuf(struct elmcan *elm)
679 switch (elm->state) {
684 case ELM_GETDUMMYCHAR:
686 /* Wait for 'y' or '>' */
687 for (i = 0; i < elm->rxfill; i++) {
688 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
689 elm327_send(elm, "\r", 1);
690 elm->state = ELM_GETPROMPT;
693 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
694 elm327_send(elm, ELM327_DUMMY_STRING, 1);
700 elm327_drop_bytes(elm, i);
707 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
708 elm327_handle_prompt(elm);
714 /* Find <CR> delimiting feedback lines. */
716 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
721 if (len == ELM327_SIZE_RXBUF) {
722 /* Line exceeds buffer. It's probably all garbage.
723 * Did we even connect at the right baud rate?
726 "RX buffer overflow. Faulty ELM327 or UART?\n");
727 elm327_hw_failure(elm);
729 } else if (len == elm->rxfill) {
730 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
731 /* The ELM327's AT ST response timeout ran out,
732 * so we got a prompt.
733 * Clear RX buffer and restart listening.
737 elm327_handle_prompt(elm);
741 /* No <CR> found - we haven't received a full line yet.
742 * Wait for more data.
747 /* We have a full line to parse. */
748 elm327_parse_line(elm, len);
750 /* Remove parsed data from RX buffer. */
751 elm327_drop_bytes(elm, len + 1);
753 /* More data to parse? */
755 elm327_parse_rxbuf(elm);
759 /* Dummy needed to use can_rx_offload */
760 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
761 unsigned int n, u32 *timestamp,
764 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
766 return ERR_PTR(-ENOBUFS);
769 static int elmcan_netdev_open(struct net_device *dev)
771 struct elmcan *elm = netdev_priv(dev);
774 spin_lock_bh(&elm->lock);
775 if (elm->hw_failure) {
776 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
777 spin_unlock_bh(&elm->lock);
782 spin_unlock_bh(&elm->lock);
786 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
787 err = open_candev(dev);
789 spin_unlock_bh(&elm->lock);
794 spin_unlock_bh(&elm->lock);
796 elm->offload.mailbox_read = elmcan_mailbox_read;
797 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
803 can_rx_offload_enable(&elm->offload);
805 can_led_event(dev, CAN_LED_EVENT_OPEN);
806 elm->can.state = CAN_STATE_ERROR_ACTIVE;
807 netif_start_queue(dev);
812 static int elmcan_netdev_close(struct net_device *dev)
814 struct elmcan *elm = netdev_priv(dev);
816 netif_stop_queue(dev);
818 spin_lock_bh(&elm->lock);
820 /* Interrupt whatever we're doing right now */
821 elm327_send(elm, ELM327_DUMMY_STRING, 1);
823 /* Clear the wakeup bit, as the netdev will be down and thus
824 * the wakeup handler won't clear it
826 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
828 spin_unlock_bh(&elm->lock);
830 flush_work(&elm->tx_work);
832 spin_unlock_bh(&elm->lock);
835 can_rx_offload_disable(&elm->offload);
836 elm->can.state = CAN_STATE_STOPPED;
837 can_rx_offload_del(&elm->offload);
839 can_led_event(dev, CAN_LED_EVENT_STOP);
844 /* Send a can_frame to a TTY. */
845 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
846 struct net_device *dev)
848 struct elmcan *elm = netdev_priv(dev);
849 struct can_frame *frame = (struct can_frame *)skb->data;
851 /* BHs are already disabled, so no spin_lock_bh().
852 * See Documentation/networking/netdevices.txt
854 spin_lock(&elm->lock);
856 /* We shouldn't get here after a hardware fault:
857 * can_bus_off() calls netif_carrier_off()
859 WARN_ON_ONCE(elm->hw_failure);
863 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
864 spin_unlock(&elm->lock);
868 netif_stop_queue(dev);
870 elm327_send_frame(elm, frame);
871 spin_unlock(&elm->lock);
873 dev->stats.tx_packets++;
874 dev->stats.tx_bytes += frame->len;
876 can_led_event(dev, CAN_LED_EVENT_TX);
883 static const struct net_device_ops elmcan_netdev_ops = {
884 .ndo_open = elmcan_netdev_open,
885 .ndo_stop = elmcan_netdev_close,
886 .ndo_start_xmit = elmcan_netdev_start_xmit,
887 .ndo_change_mtu = can_change_mtu,
890 /* Get a reference to our struct, taking into account locks/refcounts.
891 * This is to ensure ordering in case we are shutting down, and to ensure
892 * there is a refcount at all (otherwise tty->disc_data may be freed and
893 * before we increment the refcount).
894 * Use this for anything that can race against elmcan_ldisc_close().
896 static struct elmcan *get_elm(struct tty_struct *tty)
901 spin_lock_bh(&elmcan_discdata_lock);
902 elm = (struct elmcan *)tty->disc_data;
905 spin_unlock_bh(&elmcan_discdata_lock);
909 got_ref = atomic_inc_not_zero(&elm->refcount);
910 spin_unlock_bh(&elmcan_discdata_lock);
918 static void put_elm(struct elmcan *elm)
920 atomic_dec(&elm->refcount);
923 static bool elmcan_is_valid_rx_char(char c)
925 return (isdigit(c) ||
927 c == ELM327_DUMMY_CHAR ||
928 c == ELM327_READY_CHAR ||
939 /* Handle incoming ELM327 ASCII data.
940 * This will not be re-entered while running, but other ldisc
941 * functions may be called in parallel.
943 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
944 static void elmcan_ldisc_rx(struct tty_struct *tty,
945 const unsigned char *cp, char *fp, int count)
947 static void elmcan_ldisc_rx(struct tty_struct *tty,
948 const unsigned char *cp, const char *fp, int count)
951 struct elmcan *elm = get_elm(tty);
956 spin_lock_bh(&elm->lock);
961 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
963 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
965 elm327_hw_failure(elm);
970 /* Ignore NUL characters, which the PIC microcontroller may
971 * inadvertently insert due to a known hardware bug.
972 * See ELM327 documentation, which refers to a Microchip PIC
976 /* Check for stray characters on the UART line.
977 * Likely caused by bad hardware.
979 if (!elmcan_is_valid_rx_char(*cp)) {
981 "Received illegal character %02x.\n",
983 elm327_hw_failure(elm);
988 elm->rxbuf[elm->rxfill++] = *cp;
995 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
997 elm327_hw_failure(elm);
1002 elm327_parse_rxbuf(elm);
1005 spin_unlock_bh(&elm->lock);
1009 /* Write out remaining transmit buffer.
1010 * Scheduled when TTY is writable.
1012 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1014 /* No need to use get_elm() here, as we'll always flush workers
1015 * before destroying the elmcan object.
1017 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1020 spin_lock_bh(&elm->lock);
1021 if (elm->hw_failure) {
1022 spin_unlock_bh(&elm->lock);
1026 if (!elm->tty || !netif_running(elm->dev)) {
1027 spin_unlock_bh(&elm->lock);
1031 if (elm->txleft <= 0) {
1032 /* Our TTY write buffer is empty:
1033 * Allow netdev to hand us another packet
1035 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1036 spin_unlock_bh(&elm->lock);
1037 netif_wake_queue(elm->dev);
1041 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1043 netdev_err(elm->dev,
1044 "Failed to write to tty %s.\n",
1046 elm327_hw_failure(elm);
1047 spin_unlock_bh(&elm->lock);
1051 elm->txleft -= actual;
1052 elm->txhead += actual;
1053 spin_unlock_bh(&elm->lock);
1056 /* Called by the driver when there's room for more data. */
1057 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1059 struct elmcan *elm = get_elm(tty);
1064 schedule_work(&elm->tx_work);
1069 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1070 * or 7/8 of that. Divisors are 1 to 64.
1071 * Currently we don't implement support for 7/8 rates.
1073 static const u32 elmcan_bitrate_const[64] = {
1074 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1075 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1076 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1077 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1078 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1079 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1080 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1081 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1084 /* Dummy needed to use bitrate_const */
1085 static int elmcan_do_set_bittiming(struct net_device *netdev)
1090 static int elmcan_ldisc_open(struct tty_struct *tty)
1092 struct net_device *dev;
1096 if (!capable(CAP_NET_ADMIN))
1099 if (!tty->ops->write)
1102 dev = alloc_candev(sizeof(struct elmcan), 0);
1105 elm = netdev_priv(dev);
1107 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1113 /* Configure TTY interface */
1114 tty->receive_room = 65536; /* We don't flow control */
1115 elm->txleft = 0; /* Clear TTY TX buffer */
1116 spin_lock_init(&elm->lock);
1117 atomic_set(&elm->refcount, 1);
1118 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1120 /* Configure CAN metadata */
1121 elm->can.state = CAN_STATE_STOPPED;
1122 elm->can.bitrate_const = elmcan_bitrate_const;
1123 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1124 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1125 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1127 /* Configure netdev interface */
1129 dev->netdev_ops = &elmcan_netdev_ops;
1131 /* Mark ldisc channel as alive */
1133 tty->disc_data = elm;
1135 devm_can_led_init(elm->dev);
1138 err = register_candev(elm->dev);
1142 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1148 free_candev(elm->dev);
1152 /* Close down an elmcan channel.
1153 * This means flushing out any pending queues, and then returning.
1154 * This call is serialized against other ldisc functions:
1155 * Once this is called, no other ldisc function of ours is entered.
1157 * We also use this function for a hangup event.
1159 static void elmcan_ldisc_close(struct tty_struct *tty)
1161 struct elmcan *elm = get_elm(tty);
1166 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1167 unregister_candev(elm->dev);
1169 /* Decrease the refcount twice, once for our own get_elm(),
1170 * and once to remove the count of 1 that we set in _open().
1171 * Once it reaches 0, we can safely destroy it.
1176 while (atomic_read(&elm->refcount) > 0)
1177 msleep_interruptible(10);
1179 /* At this point, all ldisc calls to us have become no-ops. */
1181 flush_work(&elm->tx_work);
1183 /* Mark channel as dead */
1184 spin_lock_bh(&elm->lock);
1185 tty->disc_data = NULL;
1187 spin_unlock_bh(&elm->lock);
1189 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1192 free_candev(elm->dev);
1195 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1196 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1198 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1201 elmcan_ldisc_close(tty);
1202 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1207 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1208 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1211 unsigned int cmd, unsigned long arg)
1213 struct elmcan *elm = get_elm(tty);
1221 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1222 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1236 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1237 return tty_mode_ioctl(tty, file, cmd, arg);
1239 return tty_mode_ioctl(tty, cmd, arg);
1244 static struct tty_ldisc_ops elmcan_ldisc = {
1245 .owner = THIS_MODULE,
1247 .num = N_DEVELOPMENT,
1248 .receive_buf = elmcan_ldisc_rx,
1249 .write_wakeup = elmcan_ldisc_tx_wakeup,
1250 .open = elmcan_ldisc_open,
1251 .close = elmcan_ldisc_close,
1252 .hangup = elmcan_ldisc_hangup,
1253 .ioctl = elmcan_ldisc_ioctl,
1256 static int __init elmcan_init(void)
1260 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1261 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1263 status = tty_register_ldisc(&elmcan_ldisc);
1266 pr_err("Can't register line discipline\n");
1271 static void __exit elmcan_exit(void)
1273 /* This will only be called when all channels have been closed by
1274 * userspace - tty_ldisc.c takes care of the module's refcount.
1276 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1279 status = tty_unregister_ldisc(N_DEVELOPMENT);
1281 pr_err("Can't unregister line discipline (error: %d)\n",
1284 tty_unregister_ldisc(&elmcan_ldisc);
1288 module_init(elmcan_init);
1289 module_exit(elmcan_exit);
projects / elmcan.git / blob