1 // SPDX-License-Identifier: GPL-2.0
2 /* ELM327 based CAN interface driver (tty line discipline)
4 * This driver started as a derivative of linux/drivers/net/can/slcan.c
5 * and my thanks go to the original authors for their inspiration, even
6 * after almost none of their code is left.
8 * elmcan.c Author : Max Staudt <max-linux@enpas.org>
9 * slcan.c Author : Oliver Hartkopp <socketcan@hartkopp.net>
10 * slip.c Authors : Laurence Culhane <loz@holmes.demon.co.uk>
11 * Fred N. van Kempen <waltje@uwalt.nl.mugnet.org>
14 #define pr_fmt(fmt) "elmcan: " fmt
16 #include <linux/init.h>
17 #include <linux/module.h>
18 #include <linux/moduleparam.h>
20 #include <linux/atomic.h>
21 #include <linux/bitops.h>
22 #include <linux/ctype.h>
23 #include <linux/delay.h>
24 #include <linux/errno.h>
25 #include <linux/if_ether.h>
26 #include <linux/kernel.h>
27 #include <linux/list.h>
28 #include <linux/lockdep.h>
29 #include <linux/netdevice.h>
30 #include <linux/skbuff.h>
31 #include <linux/spinlock.h>
32 #include <linux/string.h>
33 #include <linux/tty.h>
34 #include <linux/tty_ldisc.h>
35 #include <linux/version.h>
36 #include <linux/workqueue.h>
38 #include <uapi/linux/tty.h>
40 #include <linux/can.h>
41 #include <linux/can/dev.h>
42 #include <linux/can/error.h>
43 #include <linux/can/led.h>
44 #include <linux/can/rx-offload.h>
46 /* Line discipline ID number.
47 * N_DEVELOPMENT will likely be defined from Linux 5.18 onwards:
48 * https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next&id=c2faf737abfb10f88f2d2612d573e9edc3c42c37
51 #define N_DEVELOPMENT 29
54 /* Compatibility for Linux < 5.11 */
55 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,11,0)
59 #define ELM327_NAPI_WEIGHT 4
61 #define ELM327_SIZE_RXBUF 256
62 #define ELM327_SIZE_TXBUF 32
64 #define ELM327_CAN_CONFIG_SEND_SFF 0x8000
65 #define ELM327_CAN_CONFIG_VARIABLE_DLC 0x4000
66 #define ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF 0x2000
67 #define ELM327_CAN_CONFIG_BAUDRATE_MULT_8_7 0x1000
69 #define ELM327_DUMMY_CHAR 'y'
70 #define ELM327_DUMMY_STRING "y"
71 #define ELM327_READY_CHAR '>'
73 /* Bits in elm->cmds_todo */
74 enum ELM327_TX_DO_BITS {
75 ELM327_TX_DO_CAN_DATA = 0,
76 ELM327_TX_DO_CANID_11BIT,
77 ELM327_TX_DO_CANID_29BIT_LOW,
78 ELM327_TX_DO_CANID_29BIT_HIGH,
79 ELM327_TX_DO_CAN_CONFIG_PART2,
80 ELM327_TX_DO_CAN_CONFIG,
81 ELM327_TX_DO_RESPONSES,
82 ELM327_TX_DO_SILENT_MONITOR,
87 /* This must be the first member when using alloc_candev() */
90 struct can_rx_offload offload;
92 /* TTY and netdev devices that we're bridging */
93 struct tty_struct *tty;
94 struct net_device *dev;
96 /* Per-channel lock */
99 /* Keep track of how many things are using this struct.
100 * Once it reaches 0, we are in the process of cleaning up,
101 * and new operations will be cancelled immediately.
102 * Use atomic_t rather than refcount_t because we deliberately
103 * decrement to 0, and refcount_dec() spills a WARN_ONCE in
108 /* Stop the channel on hardware failure.
109 * Once this is true, nothing will be sent to the TTY.
114 struct work_struct tx_work; /* Flushes TTY TX buffer */
115 unsigned char *txbuf;
116 unsigned char *txhead; /* Pointer to next TX byte */
117 int txleft; /* Bytes left to TX */
120 unsigned char rxbuf[ELM327_SIZE_RXBUF];
125 ELM327_STATE_NOTINIT = 0,
126 ELM327_STATE_GETDUMMYCHAR,
127 ELM327_STATE_GETPROMPT,
128 ELM327_STATE_RECEIVING,
133 /* The CAN frame and config the ELM327 is sending/using,
134 * or will send/use after finishing all cmds_todo
136 struct can_frame can_frame_to_send;
138 u8 can_bitrate_divisor;
140 /* Things we have yet to send */
141 char **next_init_cmd;
142 unsigned long cmds_todo;
145 /* A lock for all tty->disc_data handled by this ldisc.
146 * This is to prevent a case where tty->disc_data is set to NULL,
147 * yet someone is still trying to dereference it.
148 * Without this, we cannot do a clean shutdown.
150 static DEFINE_SPINLOCK(elmcan_discdata_lock);
152 static inline void elm327_hw_failure(struct elmcan *elm);
154 static void elm327_send(struct elmcan *elm, const void *buf, size_t len)
158 lockdep_assert_held(elm->lock);
163 memcpy(elm->txbuf, buf, len);
165 /* Order of next two lines is *very* important.
166 * When we are sending a little amount of data,
167 * the transfer may be completed inside the ops->write()
168 * routine, because it's running with interrupts enabled.
169 * In this case we *never* got WRITE_WAKEUP event,
170 * if we did not request it before write operation.
171 * 14 Oct 1994 Dmitry Gorodchanin.
173 set_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
174 actual = elm->tty->ops->write(elm->tty, elm->txbuf, len);
177 "Failed to write to tty %s.\n",
179 elm327_hw_failure(elm);
183 elm->txleft = len - actual;
184 elm->txhead = elm->txbuf + actual;
187 /* Take the ELM327 out of almost any state and back into command mode.
188 * We send ELM327_DUMMY_CHAR which will either abort any running
189 * operation, or be echoed back to us in case we're already in command
192 static void elm327_kick_into_cmd_mode(struct elmcan *elm)
194 lockdep_assert_held(elm->lock);
196 if (elm->state != ELM327_STATE_GETDUMMYCHAR &&
197 elm->state != ELM327_STATE_GETPROMPT) {
198 elm327_send(elm, ELM327_DUMMY_STRING, 1);
200 elm->state = ELM327_STATE_GETDUMMYCHAR;
204 /* Schedule a CAN frame and necessary config changes to be sent to the TTY. */
205 static void elm327_send_frame(struct elmcan *elm, struct can_frame *frame)
207 lockdep_assert_held(elm->lock);
209 /* Schedule any necessary changes in ELM327's CAN configuration */
210 if (elm->can_frame_to_send.can_id != frame->can_id) {
211 /* Set the new CAN ID for transmission. */
212 if ((frame->can_id & CAN_EFF_FLAG) ^
213 (elm->can_frame_to_send.can_id & CAN_EFF_FLAG)) {
214 elm->can_config = (frame->can_id & CAN_EFF_FLAG
216 : ELM327_CAN_CONFIG_SEND_SFF)
217 | ELM327_CAN_CONFIG_VARIABLE_DLC
218 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
219 | elm->can_bitrate_divisor;
221 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
224 if (frame->can_id & CAN_EFF_FLAG) {
225 clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
226 set_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
227 set_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
229 set_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo);
230 clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo);
231 clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo);
235 /* Schedule the CAN frame itself. */
236 elm->can_frame_to_send = *frame;
237 set_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo);
239 elm327_kick_into_cmd_mode(elm);
242 /* ELM327 initialisation sequence. */
243 static char *elm327_init_script[] = {
244 "AT WS\r", /* v1.0: Warm Start */
245 "AT PP FF OFF\r", /* v1.0: All Programmable Parameters Off */
246 "AT M0\r", /* v1.0: Memory Off */
247 "AT AL\r", /* v1.0: Allow Long messages */
248 "AT BI\r", /* v1.0: Bypass Initialisation */
249 "AT CAF0\r", /* v1.0: CAN Auto Formatting Off */
250 "AT CFC0\r", /* v1.0: CAN Flow Control Off */
251 "AT CF 000\r", /* v1.0: Reset CAN ID Filter */
252 "AT CM 000\r", /* v1.0: Reset CAN ID Mask */
253 "AT E1\r", /* v1.0: Echo On */
254 "AT H1\r", /* v1.0: Headers On */
255 "AT L0\r", /* v1.0: Linefeeds Off */
256 "AT SH 7DF\r", /* v1.0: Set CAN sending ID to 0x7df */
257 "AT ST FF\r", /* v1.0: Set maximum Timeout for response after TX */
258 "AT AT0\r", /* v1.2: Adaptive Timing Off */
259 "AT D1\r", /* v1.3: Print DLC On */
260 "AT S1\r", /* v1.3: Spaces On */
261 "AT TP B\r", /* v1.0: Try Protocol B */
265 static void elm327_init(struct elmcan *elm)
267 lockdep_assert_held(elm->lock);
269 elm->state = ELM327_STATE_NOTINIT;
270 elm->can_frame_to_send.can_id = 0x7df; /* ELM327 HW default */
272 elm->drop_next_line = 0;
274 /* We can only set the bitrate as a fraction of 500000.
275 * The bit timing constants in elmcan_bittiming_const will
276 * limit the user to the right values.
278 elm->can_bitrate_divisor = 500000 / elm->can.bittiming.bitrate;
279 elm->can_config = ELM327_CAN_CONFIG_SEND_SFF
280 | ELM327_CAN_CONFIG_VARIABLE_DLC
281 | ELM327_CAN_CONFIG_RECV_BOTH_SFF_EFF
282 | elm->can_bitrate_divisor;
284 /* Configure ELM327 and then start monitoring */
285 elm->next_init_cmd = &elm327_init_script[0];
286 set_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
287 set_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo);
288 set_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo);
289 set_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo);
291 elm327_kick_into_cmd_mode(elm);
294 static void elm327_feed_frame_to_netdev(struct elmcan *elm,
297 lockdep_assert_held(elm->lock);
299 if (!netif_running(elm->dev))
302 /* Queue for NAPI pickup.
303 * rx-offload will update stats and LEDs for us.
305 if (can_rx_offload_queue_tail(&elm->offload, skb))
306 elm->dev->stats.rx_fifo_errors++;
308 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,15,0)
310 can_rx_offload_irq_finish(&elm->offload);
314 /* Called when we're out of ideas and just want it all to end. */
315 static inline void elm327_hw_failure(struct elmcan *elm)
317 struct can_frame *frame;
320 lockdep_assert_held(elm->lock);
322 elm->hw_failure = true;
324 elm->can.can_stats.bus_off++;
325 netif_stop_queue(elm->dev);
326 elm->can.state = CAN_STATE_BUS_OFF;
327 can_bus_off(elm->dev);
329 netdev_err(elm->dev, "ELM327 misbehaved. Blocking further communication.\n");
331 skb = alloc_can_err_skb(elm->dev, &frame);
335 frame->can_id |= CAN_ERR_BUSOFF;
336 elm327_feed_frame_to_netdev(elm, skb);
339 /* Compare a buffer to a fixed string */
340 static inline int _memstrcmp(const u8 *mem, const char *str)
342 return memcmp(mem, str, strlen(str));
345 /* Compare buffer to string length, then compare buffer to fixed string.
346 * This ensures two things:
347 * - It flags cases where the fixed string is only the start of the
348 * buffer, rather than exactly all of it.
349 * - It avoids byte comparisons in case the length doesn't match.
351 static inline int _len_memstrcmp(const u8 *mem, size_t mem_len, const char *str)
353 size_t str_len = strlen(str);
355 return (mem_len != str_len) || memcmp(mem, str, str_len);
358 static void elm327_parse_error(struct elmcan *elm, size_t len)
360 struct can_frame *frame;
363 lockdep_assert_held(elm->lock);
365 skb = alloc_can_err_skb(elm->dev, &frame);
367 /* It's okay to return here:
368 * The outer parsing loop will drop this UART buffer.
372 /* Filter possible error messages based on length of RX'd line */
373 if (!_len_memstrcmp(elm->rxbuf, len, "UNABLE TO CONNECT")) {
375 "ELM327 reported UNABLE TO CONNECT. Please check your setup.\n");
376 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUFFER FULL")) {
377 /* This will only happen if the last data line was complete.
378 * Otherwise, elm327_parse_frame() will heuristically
379 * emit this kind of error frame instead.
381 frame->can_id |= CAN_ERR_CRTL;
382 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
383 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS ERROR")) {
384 frame->can_id |= CAN_ERR_BUSERROR;
385 } else if (!_len_memstrcmp(elm->rxbuf, len, "CAN ERROR")) {
386 frame->can_id |= CAN_ERR_PROT;
387 } else if (!_len_memstrcmp(elm->rxbuf, len, "<RX ERROR")) {
388 frame->can_id |= CAN_ERR_PROT;
389 } else if (!_len_memstrcmp(elm->rxbuf, len, "BUS BUSY")) {
390 frame->can_id |= CAN_ERR_PROT;
391 frame->data[2] = CAN_ERR_PROT_OVERLOAD;
392 } else if (!_len_memstrcmp(elm->rxbuf, len, "FB ERROR")) {
393 frame->can_id |= CAN_ERR_PROT;
394 frame->data[2] = CAN_ERR_PROT_TX;
395 } else if (len == 5 && !_memstrcmp(elm->rxbuf, "ERR")) {
396 /* ERR is followed by two digits, hence line length 5 */
397 netdev_err(elm->dev, "ELM327 reported an ERR%c%c. Please power it off and on again.\n",
398 elm->rxbuf[3], elm->rxbuf[4]);
399 frame->can_id |= CAN_ERR_CRTL;
401 /* Something else has happened.
402 * Maybe garbage on the UART line.
403 * Emit a generic error frame.
407 elm327_feed_frame_to_netdev(elm, skb);
410 /* Parse CAN frames coming as ASCII from ELM327.
411 * They can be of various formats:
413 * 29-bit ID (EFF): 12 34 56 78 D PL PL PL PL PL PL PL PL
414 * 11-bit ID (!EFF): 123 D PL PL PL PL PL PL PL PL
416 * where D = DLC, PL = payload byte
418 * Instead of a payload, RTR indicates a remote request.
420 * We will use the spaces and line length to guess the format.
422 static int elm327_parse_frame(struct elmcan *elm, size_t len)
424 struct can_frame *frame;
430 lockdep_assert_held(elm->lock);
432 skb = alloc_can_skb(elm->dev, &frame);
436 /* Find first non-hex and non-space character:
437 * - In the simplest case, there is none.
438 * - For RTR frames, 'R' is the first non-hex character.
439 * - An error message may replace the end of the data line.
441 for (hexlen = 0; hexlen <= len; hexlen++) {
442 if (hex_to_bin(elm->rxbuf[hexlen]) < 0 &&
443 elm->rxbuf[hexlen] != ' ') {
448 /* Sanity check whether the line is really a clean hexdump,
449 * or terminated by an error message, or contains garbage.
452 !isdigit(elm->rxbuf[hexlen]) &&
453 !isupper(elm->rxbuf[hexlen]) &&
454 '<' != elm->rxbuf[hexlen] &&
455 ' ' != elm->rxbuf[hexlen]) {
456 /* The line is likely garbled anyway, so bail.
457 * The main code will restart listening.
462 /* Use spaces in CAN ID to distinguish 29 or 11 bit address length.
463 * No out-of-bounds access:
464 * We use the fact that we can always read from elm->rxbuf.
466 if (elm->rxbuf[2] == ' ' && elm->rxbuf[5] == ' ' &&
467 elm->rxbuf[8] == ' ' && elm->rxbuf[11] == ' ' &&
468 elm->rxbuf[13] == ' ') {
469 frame->can_id = CAN_EFF_FLAG;
471 } else if (elm->rxbuf[3] == ' ' && elm->rxbuf[5] == ' ') {
474 /* This is not a well-formatted data line.
475 * Assume it's an error message.
480 if (hexlen < datastart) {
481 /* The line is too short to be a valid frame hex dump.
482 * Something interrupted the hex dump or it is invalid.
487 /* From here on all chars up to buf[hexlen] are hex or spaces,
488 * at well-defined offsets.
491 /* Read CAN data length */
492 frame->len = (hex_to_bin(elm->rxbuf[datastart - 2]) << 0);
495 if (frame->can_id & CAN_EFF_FLAG) {
496 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 28)
497 | (hex_to_bin(elm->rxbuf[1]) << 24)
498 | (hex_to_bin(elm->rxbuf[3]) << 20)
499 | (hex_to_bin(elm->rxbuf[4]) << 16)
500 | (hex_to_bin(elm->rxbuf[6]) << 12)
501 | (hex_to_bin(elm->rxbuf[7]) << 8)
502 | (hex_to_bin(elm->rxbuf[9]) << 4)
503 | (hex_to_bin(elm->rxbuf[10]) << 0);
505 frame->can_id |= (hex_to_bin(elm->rxbuf[0]) << 8)
506 | (hex_to_bin(elm->rxbuf[1]) << 4)
507 | (hex_to_bin(elm->rxbuf[2]) << 0);
510 /* Check for RTR frame */
511 if (elm->rxfill >= hexlen + 3 &&
512 !_memstrcmp(&elm->rxbuf[hexlen], "RTR")) {
513 frame->can_id |= CAN_RTR_FLAG;
516 /* Is the line long enough to hold the advertised payload?
517 * Note: RTR frames have a DLC, but no actual payload.
519 if (!(frame->can_id & CAN_RTR_FLAG) &&
520 (hexlen < frame->len * 3 + datastart)) {
522 * Probably the ELM327's RS232 TX buffer was full.
523 * Emit an error frame and exit.
525 frame->can_id = CAN_ERR_FLAG | CAN_ERR_CRTL;
526 frame->len = CAN_ERR_DLC;
527 frame->data[1] = CAN_ERR_CRTL_RX_OVERFLOW;
528 elm327_feed_frame_to_netdev(elm, skb);
530 /* Signal failure to parse.
531 * The line will be re-parsed as an error line, which will fail.
532 * However, this will correctly drop the state machine back into
538 /* Parse the data nibbles. */
539 for (i = 0; i < frame->len; i++) {
540 frame->data[i] = (hex_to_bin(elm->rxbuf[datastart + 3*i]) << 4)
541 | (hex_to_bin(elm->rxbuf[datastart + 3*i + 1]));
544 /* Feed the frame to the network layer. */
545 elm327_feed_frame_to_netdev(elm, skb);
550 static void elm327_parse_line(struct elmcan *elm, size_t len)
552 lockdep_assert_held(elm->lock);
554 /* Skip empty lines */
558 /* Skip echo lines */
559 if (elm->drop_next_line) {
560 elm->drop_next_line = 0;
562 } else if (!_memstrcmp(elm->rxbuf, "AT")) {
566 /* Regular parsing */
567 if (elm->state == ELM327_STATE_RECEIVING
568 && elm327_parse_frame(elm, len)) {
569 /* Parse an error line. */
570 elm327_parse_error(elm, len);
573 elm327_kick_into_cmd_mode(elm);
577 static void elm327_handle_prompt(struct elmcan *elm)
579 struct can_frame *frame = &elm->can_frame_to_send;
580 char local_txbuf[20];
582 lockdep_assert_held(elm->lock);
584 if (!elm->cmds_todo) {
585 /* Enter CAN monitor mode */
586 elm327_send(elm, "ATMA\r", 5);
587 elm->state = ELM327_STATE_RECEIVING;
592 /* Reconfigure ELM327 step by step as indicated by elm->cmds_todo */
593 if (test_bit(ELM327_TX_DO_INIT, &elm->cmds_todo)) {
594 strcpy(local_txbuf, *elm->next_init_cmd);
596 elm->next_init_cmd++;
597 if (!(*elm->next_init_cmd)) {
598 clear_bit(ELM327_TX_DO_INIT, &elm->cmds_todo);
602 } else if (test_and_clear_bit(ELM327_TX_DO_SILENT_MONITOR, &elm->cmds_todo)) {
603 sprintf(local_txbuf, "ATCSM%i\r",
604 !(!(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY)));
606 } else if (test_and_clear_bit(ELM327_TX_DO_RESPONSES, &elm->cmds_todo)) {
607 sprintf(local_txbuf, "ATR%i\r",
608 !(elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY));
610 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG, &elm->cmds_todo)) {
611 sprintf(local_txbuf, "ATPC\r");
612 set_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo);
614 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_CONFIG_PART2, &elm->cmds_todo)) {
615 sprintf(local_txbuf, "ATPB%04X\r",
618 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_HIGH, &elm->cmds_todo)) {
619 sprintf(local_txbuf, "ATCP%02X\r",
620 (frame->can_id & CAN_EFF_MASK) >> 24);
622 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_29BIT_LOW, &elm->cmds_todo)) {
623 sprintf(local_txbuf, "ATSH%06X\r",
624 frame->can_id & CAN_EFF_MASK & ((1 << 24) - 1));
626 } else if (test_and_clear_bit(ELM327_TX_DO_CANID_11BIT, &elm->cmds_todo)) {
627 sprintf(local_txbuf, "ATSH%03X\r",
628 frame->can_id & CAN_SFF_MASK);
630 } else if (test_and_clear_bit(ELM327_TX_DO_CAN_DATA, &elm->cmds_todo)) {
631 if (frame->can_id & CAN_RTR_FLAG) {
632 /* Send an RTR frame. Their DLC is fixed.
633 * Some chips don't send them at all.
635 sprintf(local_txbuf, "ATRTR\r");
637 /* Send a regular CAN data frame */
640 for (i = 0; i < frame->len; i++) {
641 sprintf(&local_txbuf[2 * i], "%02X",
645 sprintf(&local_txbuf[2 * i], "\r");
648 elm->drop_next_line = 1;
649 elm->state = ELM327_STATE_RECEIVING;
652 elm327_send(elm, local_txbuf, strlen(local_txbuf));
655 static bool elm327_is_ready_char(char c)
657 /* Bits 0xc0 are sometimes set (randomly), hence the mask.
658 * Probably bad hardware.
660 return (c & 0x3f) == ELM327_READY_CHAR;
663 static void elm327_drop_bytes(struct elmcan *elm, size_t i)
665 lockdep_assert_held(elm->lock);
667 memmove(&elm->rxbuf[0], &elm->rxbuf[i], ELM327_SIZE_RXBUF - i);
671 static void elm327_parse_rxbuf(struct elmcan *elm)
676 lockdep_assert_held(elm->lock);
678 switch (elm->state) {
679 case ELM327_STATE_NOTINIT:
683 case ELM327_STATE_GETDUMMYCHAR:
685 /* Wait for 'y' or '>' */
686 for (i = 0; i < elm->rxfill; i++) {
687 if (elm->rxbuf[i] == ELM327_DUMMY_CHAR) {
688 elm327_send(elm, "\r", 1);
689 elm->state = ELM327_STATE_GETPROMPT;
692 } else if (elm327_is_ready_char(elm->rxbuf[i])) {
693 elm327_send(elm, ELM327_DUMMY_STRING, 1);
699 elm327_drop_bytes(elm, i);
704 case ELM327_STATE_GETPROMPT:
706 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1]))
707 elm327_handle_prompt(elm);
712 case ELM327_STATE_RECEIVING:
713 /* Find <CR> delimiting feedback lines. */
715 (len < elm->rxfill) && (elm->rxbuf[len] != '\r');
720 if (len == ELM327_SIZE_RXBUF) {
721 /* Line exceeds buffer. It's probably all garbage.
722 * Did we even connect at the right baud rate?
725 "RX buffer overflow. Faulty ELM327 or UART?\n");
726 elm327_hw_failure(elm);
728 } else if (len == elm->rxfill) {
729 if (elm327_is_ready_char(elm->rxbuf[elm->rxfill - 1])) {
730 /* The ELM327's AT ST response timeout ran out,
731 * so we got a prompt.
732 * Clear RX buffer and restart listening.
736 elm327_handle_prompt(elm);
740 /* No <CR> found - we haven't received a full line yet.
741 * Wait for more data.
746 /* We have a full line to parse. */
747 elm327_parse_line(elm, len);
749 /* Remove parsed data from RX buffer. */
750 elm327_drop_bytes(elm, len + 1);
752 /* More data to parse? */
754 elm327_parse_rxbuf(elm);
758 /* Dummy needed to use can_rx_offload */
759 static struct sk_buff *elmcan_mailbox_read(struct can_rx_offload *offload,
760 unsigned int n, u32 *timestamp,
763 WARN_ON_ONCE(1); /* This function is a dummy, so don't call it! */
765 return ERR_PTR(-ENOBUFS);
768 static int elmcan_netdev_open(struct net_device *dev)
770 struct elmcan *elm = netdev_priv(dev);
773 spin_lock_bh(&elm->lock);
774 if (elm->hw_failure) {
775 netdev_err(elm->dev, "Refusing to open interface after a hardware fault has been detected.\n");
776 spin_unlock_bh(&elm->lock);
781 spin_unlock_bh(&elm->lock);
785 /* open_candev() checks for elm->can.bittiming.bitrate != 0 */
786 err = open_candev(dev);
788 spin_unlock_bh(&elm->lock);
793 spin_unlock_bh(&elm->lock);
795 elm->offload.mailbox_read = elmcan_mailbox_read;
796 err = can_rx_offload_add_fifo(dev, &elm->offload, ELM327_NAPI_WEIGHT);
802 can_rx_offload_enable(&elm->offload);
804 can_led_event(dev, CAN_LED_EVENT_OPEN);
805 elm->can.state = CAN_STATE_ERROR_ACTIVE;
806 netif_start_queue(dev);
811 static int elmcan_netdev_close(struct net_device *dev)
813 struct elmcan *elm = netdev_priv(dev);
815 netif_stop_queue(dev);
817 spin_lock_bh(&elm->lock);
819 /* Interrupt whatever we're doing right now */
820 elm327_send(elm, ELM327_DUMMY_STRING, 1);
822 /* Clear the wakeup bit, as the netdev will be down and thus
823 * the wakeup handler won't clear it
825 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
827 spin_unlock_bh(&elm->lock);
829 flush_work(&elm->tx_work);
831 spin_unlock_bh(&elm->lock);
834 can_rx_offload_disable(&elm->offload);
835 elm->can.state = CAN_STATE_STOPPED;
836 can_rx_offload_del(&elm->offload);
838 can_led_event(dev, CAN_LED_EVENT_STOP);
843 /* Send a can_frame to a TTY. */
844 static netdev_tx_t elmcan_netdev_start_xmit(struct sk_buff *skb,
845 struct net_device *dev)
847 struct elmcan *elm = netdev_priv(dev);
848 struct can_frame *frame = (struct can_frame *)skb->data;
850 /* BHs are already disabled, so no spin_lock_bh().
851 * See Documentation/networking/netdevices.txt
853 spin_lock(&elm->lock);
855 /* We shouldn't get here after a hardware fault:
856 * can_bus_off() calls netif_carrier_off()
858 WARN_ON_ONCE(elm->hw_failure);
862 elm->can.ctrlmode & CAN_CTRLMODE_LISTENONLY) {
863 spin_unlock(&elm->lock);
867 netif_stop_queue(dev);
869 elm327_send_frame(elm, frame);
870 spin_unlock(&elm->lock);
872 dev->stats.tx_packets++;
873 dev->stats.tx_bytes += frame->len;
875 can_led_event(dev, CAN_LED_EVENT_TX);
882 static const struct net_device_ops elmcan_netdev_ops = {
883 .ndo_open = elmcan_netdev_open,
884 .ndo_stop = elmcan_netdev_close,
885 .ndo_start_xmit = elmcan_netdev_start_xmit,
886 .ndo_change_mtu = can_change_mtu,
889 /* Get a reference to our struct, taking into account locks/refcounts.
890 * This is to ensure ordering in case we are shutting down, and to ensure
891 * there is a refcount at all (otherwise tty->disc_data may be freed and
892 * before we increment the refcount).
893 * Use this for anything that can race against elmcan_ldisc_close().
895 static struct elmcan *get_elm(struct tty_struct *tty)
900 spin_lock_bh(&elmcan_discdata_lock);
901 elm = (struct elmcan *)tty->disc_data;
904 spin_unlock_bh(&elmcan_discdata_lock);
908 got_ref = atomic_inc_not_zero(&elm->refcount);
909 spin_unlock_bh(&elmcan_discdata_lock);
917 static void put_elm(struct elmcan *elm)
919 atomic_dec(&elm->refcount);
922 static bool elmcan_is_valid_rx_char(char c)
924 return (isdigit(c) ||
926 c == ELM327_DUMMY_CHAR ||
927 c == ELM327_READY_CHAR ||
938 /* Handle incoming ELM327 ASCII data.
939 * This will not be re-entered while running, but other ldisc
940 * functions may be called in parallel.
942 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
943 static void elmcan_ldisc_rx(struct tty_struct *tty,
944 const unsigned char *cp, char *fp, int count)
946 static void elmcan_ldisc_rx(struct tty_struct *tty,
947 const unsigned char *cp, const char *fp, int count)
950 struct elmcan *elm = get_elm(tty);
955 spin_lock_bh(&elm->lock);
960 while (count-- && elm->rxfill < ELM327_SIZE_RXBUF) {
962 netdev_err(elm->dev, "Error in received character stream. Check your wiring.");
964 elm327_hw_failure(elm);
969 /* Ignore NUL characters, which the PIC microcontroller may
970 * inadvertently insert due to a known hardware bug.
971 * See ELM327 documentation, which refers to a Microchip PIC
975 /* Check for stray characters on the UART line.
976 * Likely caused by bad hardware.
978 if (!elmcan_is_valid_rx_char(*cp)) {
980 "Received illegal character %02x.\n",
982 elm327_hw_failure(elm);
987 elm->rxbuf[elm->rxfill++] = *cp;
994 netdev_err(elm->dev, "Receive buffer overflowed. Bad chip or wiring?");
996 elm327_hw_failure(elm);
1001 elm327_parse_rxbuf(elm);
1004 spin_unlock_bh(&elm->lock);
1008 /* Write out remaining transmit buffer.
1009 * Scheduled when TTY is writable.
1011 static void elmcan_ldisc_tx_worker(struct work_struct *work)
1013 /* No need to use get_elm() here, as we'll always flush workers
1014 * before destroying the elmcan object.
1016 struct elmcan *elm = container_of(work, struct elmcan, tx_work);
1019 spin_lock_bh(&elm->lock);
1020 if (elm->hw_failure) {
1021 spin_unlock_bh(&elm->lock);
1025 if (!elm->tty || !netif_running(elm->dev)) {
1026 spin_unlock_bh(&elm->lock);
1030 if (elm->txleft <= 0) {
1031 /* Our TTY write buffer is empty:
1032 * Allow netdev to hand us another packet
1034 clear_bit(TTY_DO_WRITE_WAKEUP, &elm->tty->flags);
1035 spin_unlock_bh(&elm->lock);
1036 netif_wake_queue(elm->dev);
1040 actual = elm->tty->ops->write(elm->tty, elm->txhead, elm->txleft);
1042 netdev_err(elm->dev,
1043 "Failed to write to tty %s.\n",
1045 elm327_hw_failure(elm);
1046 spin_unlock_bh(&elm->lock);
1050 elm->txleft -= actual;
1051 elm->txhead += actual;
1052 spin_unlock_bh(&elm->lock);
1055 /* Called by the driver when there's room for more data. */
1056 static void elmcan_ldisc_tx_wakeup(struct tty_struct *tty)
1058 struct elmcan *elm = get_elm(tty);
1063 schedule_work(&elm->tx_work);
1068 /* ELM327 can only handle bitrates that are integer divisors of 500 kHz,
1069 * or 7/8 of that. Divisors are 1 to 64.
1070 * Currently we don't implement support for 7/8 rates.
1072 static const u32 elmcan_bitrate_const[64] = {
1073 7812, 7936, 8064, 8196, 8333, 8474, 8620, 8771,
1074 8928, 9090, 9259, 9433, 9615, 9803, 10000, 10204,
1075 10416, 10638, 10869, 11111, 11363, 11627, 11904, 12195,
1076 12500, 12820, 13157, 13513, 13888, 14285, 14705, 15151,
1077 15625, 16129, 16666, 17241, 17857, 18518, 19230, 20000,
1078 20833, 21739, 22727, 23809, 25000, 26315, 27777, 29411,
1079 31250, 33333, 35714, 38461, 41666, 45454, 50000, 55555,
1080 62500, 71428, 83333, 100000, 125000, 166666, 250000, 500000
1083 /* Dummy needed to use bitrate_const */
1084 static int elmcan_do_set_bittiming(struct net_device *netdev)
1089 static int elmcan_ldisc_open(struct tty_struct *tty)
1091 struct net_device *dev;
1095 if (!capable(CAP_NET_ADMIN))
1098 if (!tty->ops->write)
1101 dev = alloc_candev(sizeof(struct elmcan), 0);
1104 elm = netdev_priv(dev);
1106 elm->txbuf = kmalloc(ELM327_SIZE_TXBUF, GFP_KERNEL);
1112 /* Configure TTY interface */
1113 tty->receive_room = 65536; /* We don't flow control */
1114 elm->txleft = 0; /* Clear TTY TX buffer */
1115 spin_lock_init(&elm->lock);
1116 atomic_set(&elm->refcount, 1);
1117 INIT_WORK(&elm->tx_work, elmcan_ldisc_tx_worker);
1119 /* Configure CAN metadata */
1120 elm->can.state = CAN_STATE_STOPPED;
1121 elm->can.bitrate_const = elmcan_bitrate_const;
1122 elm->can.bitrate_const_cnt = ARRAY_SIZE(elmcan_bitrate_const);
1123 elm->can.do_set_bittiming = elmcan_do_set_bittiming;
1124 elm->can.ctrlmode_supported = CAN_CTRLMODE_LISTENONLY;
1126 /* Configure netdev interface */
1128 dev->netdev_ops = &elmcan_netdev_ops;
1130 /* Mark ldisc channel as alive */
1132 tty->disc_data = elm;
1134 devm_can_led_init(elm->dev);
1137 err = register_candev(elm->dev);
1141 netdev_info(elm->dev, "elmcan on %s.\n", tty->name);
1147 free_candev(elm->dev);
1151 /* Close down an elmcan channel.
1152 * This means flushing out any pending queues, and then returning.
1153 * This call is serialized against other ldisc functions:
1154 * Once this is called, no other ldisc function of ours is entered.
1156 * We also use this function for a hangup event.
1158 static void elmcan_ldisc_close(struct tty_struct *tty)
1160 struct elmcan *elm = get_elm(tty);
1165 /* unregister_netdev() calls .ndo_stop() so we don't have to. */
1166 unregister_candev(elm->dev);
1168 /* Decrease the refcount twice, once for our own get_elm(),
1169 * and once to remove the count of 1 that we set in _open().
1170 * Once it reaches 0, we can safely destroy it.
1175 while (atomic_read(&elm->refcount) > 0)
1176 msleep_interruptible(10);
1178 /* At this point, all ldisc calls to us have become no-ops. */
1180 flush_work(&elm->tx_work);
1182 /* Mark channel as dead */
1183 spin_lock_bh(&elm->lock);
1184 tty->disc_data = NULL;
1186 spin_unlock_bh(&elm->lock);
1188 netdev_info(elm->dev, "elmcan off %s.\n", tty->name);
1191 free_candev(elm->dev);
1194 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1195 static int elmcan_ldisc_hangup(struct tty_struct *tty)
1197 static void elmcan_ldisc_hangup(struct tty_struct *tty)
1200 elmcan_ldisc_close(tty);
1201 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1206 static int elmcan_ldisc_ioctl(struct tty_struct *tty,
1207 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,17,0)
1210 unsigned int cmd, unsigned long arg)
1212 struct elmcan *elm = get_elm(tty);
1220 tmp = strnlen(elm->dev->name, IFNAMSIZ - 1) + 1;
1221 if (copy_to_user((void __user *)arg, elm->dev->name, tmp)) {
1235 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,16,0)
1236 return tty_mode_ioctl(tty, file, cmd, arg);
1238 return tty_mode_ioctl(tty, cmd, arg);
1243 static struct tty_ldisc_ops elmcan_ldisc = {
1244 .owner = THIS_MODULE,
1246 .num = N_DEVELOPMENT,
1247 .receive_buf = elmcan_ldisc_rx,
1248 .write_wakeup = elmcan_ldisc_tx_wakeup,
1249 .open = elmcan_ldisc_open,
1250 .close = elmcan_ldisc_close,
1251 .hangup = elmcan_ldisc_hangup,
1252 .ioctl = elmcan_ldisc_ioctl,
1255 static int __init elmcan_init(void)
1259 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1260 status = tty_register_ldisc(N_DEVELOPMENT, &elmcan_ldisc);
1262 status = tty_register_ldisc(&elmcan_ldisc);
1265 pr_err("Can't register line discipline\n");
1270 static void __exit elmcan_exit(void)
1272 /* This will only be called when all channels have been closed by
1273 * userspace - tty_ldisc.c takes care of the module's refcount.
1275 #if LINUX_VERSION_CODE < KERNEL_VERSION(5,14,0)
1278 status = tty_unregister_ldisc(N_DEVELOPMENT);
1280 pr_err("Can't unregister line discipline (error: %d)\n",
1283 tty_unregister_ldisc(&elmcan_ldisc);
1287 module_init(elmcan_init);
1288 module_exit(elmcan_exit);
1290 MODULE_ALIAS_LDISC(N_DEVELOPMENT);
1291 MODULE_DESCRIPTION("ELM327 based CAN interface");
1292 MODULE_LICENSE("GPL");
1293 MODULE_AUTHOR("Max Staudt <max-linux@enpas.org>");
projects / elmcan.git / blob