1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * HCI based Driver for Inside Secure microread NFC Chip
4  *
5  * Copyright (C) 2013  Intel Corporation. All rights reserved.
6  */
7 
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9 
10 #include <linux/module.h>
11 #include <linux/delay.h>
12 #include <linux/slab.h>
13 #include <linux/crc-ccitt.h>
14 
15 #include <linux/nfc.h>
16 #include <net/nfc/nfc.h>
17 #include <net/nfc/hci.h>
18 
19 #include "microread.h"
20 
21 /* Proprietary gates, events, commands and registers */
22 /* Admin */
23 #define MICROREAD_GATE_ID_ADM NFC_HCI_ADMIN_GATE
24 #define MICROREAD_GATE_ID_MGT 0x01
25 #define MICROREAD_GATE_ID_OS 0x02
26 #define MICROREAD_GATE_ID_TESTRF 0x03
27 #define MICROREAD_GATE_ID_LOOPBACK NFC_HCI_LOOPBACK_GATE
28 #define MICROREAD_GATE_ID_IDT NFC_HCI_ID_MGMT_GATE
29 #define MICROREAD_GATE_ID_LMS NFC_HCI_LINK_MGMT_GATE
30 
31 /* Reader */
32 #define MICROREAD_GATE_ID_MREAD_GEN 0x10
33 #define MICROREAD_GATE_ID_MREAD_ISO_B NFC_HCI_RF_READER_B_GATE
34 #define MICROREAD_GATE_ID_MREAD_NFC_T1 0x12
35 #define MICROREAD_GATE_ID_MREAD_ISO_A NFC_HCI_RF_READER_A_GATE
36 #define MICROREAD_GATE_ID_MREAD_NFC_T3 0x14
37 #define MICROREAD_GATE_ID_MREAD_ISO_15_3 0x15
38 #define MICROREAD_GATE_ID_MREAD_ISO_15_2 0x16
39 #define MICROREAD_GATE_ID_MREAD_ISO_B_3 0x17
40 #define MICROREAD_GATE_ID_MREAD_BPRIME 0x18
41 #define MICROREAD_GATE_ID_MREAD_ISO_A_3 0x19
42 
43 /* Card */
44 #define MICROREAD_GATE_ID_MCARD_GEN 0x20
45 #define MICROREAD_GATE_ID_MCARD_ISO_B 0x21
46 #define MICROREAD_GATE_ID_MCARD_BPRIME 0x22
47 #define MICROREAD_GATE_ID_MCARD_ISO_A 0x23
48 #define MICROREAD_GATE_ID_MCARD_NFC_T3 0x24
49 #define MICROREAD_GATE_ID_MCARD_ISO_15_3 0x25
50 #define MICROREAD_GATE_ID_MCARD_ISO_15_2 0x26
51 #define MICROREAD_GATE_ID_MCARD_ISO_B_2 0x27
52 #define MICROREAD_GATE_ID_MCARD_ISO_CUSTOM 0x28
53 #define MICROREAD_GATE_ID_SECURE_ELEMENT 0x2F
54 
55 /* P2P */
56 #define MICROREAD_GATE_ID_P2P_GEN 0x30
57 #define MICROREAD_GATE_ID_P2P_TARGET 0x31
58 #define MICROREAD_PAR_P2P_TARGET_MODE 0x01
59 #define MICROREAD_PAR_P2P_TARGET_GT 0x04
60 #define MICROREAD_GATE_ID_P2P_INITIATOR 0x32
61 #define MICROREAD_PAR_P2P_INITIATOR_GI 0x01
62 #define MICROREAD_PAR_P2P_INITIATOR_GT 0x03
63 
64 /* Those pipes are created/opened by default in the chip */
65 #define MICROREAD_PIPE_ID_LMS 0x00
66 #define MICROREAD_PIPE_ID_ADMIN 0x01
67 #define MICROREAD_PIPE_ID_MGT 0x02
68 #define MICROREAD_PIPE_ID_OS 0x03
69 #define MICROREAD_PIPE_ID_HDS_LOOPBACK 0x04
70 #define MICROREAD_PIPE_ID_HDS_IDT 0x05
71 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_B 0x08
72 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_BPRIME 0x09
73 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_A 0x0A
74 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_15_3 0x0B
75 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_15_2 0x0C
76 #define MICROREAD_PIPE_ID_HDS_MCARD_NFC_T3 0x0D
77 #define MICROREAD_PIPE_ID_HDS_MCARD_ISO_B_2 0x0E
78 #define MICROREAD_PIPE_ID_HDS_MCARD_CUSTOM 0x0F
79 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_B 0x10
80 #define MICROREAD_PIPE_ID_HDS_MREAD_NFC_T1 0x11
81 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_A 0x12
82 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_15_3 0x13
83 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_15_2 0x14
84 #define MICROREAD_PIPE_ID_HDS_MREAD_NFC_T3 0x15
85 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_B_3 0x16
86 #define MICROREAD_PIPE_ID_HDS_MREAD_BPRIME 0x17
87 #define MICROREAD_PIPE_ID_HDS_MREAD_ISO_A_3 0x18
88 #define MICROREAD_PIPE_ID_HDS_MREAD_GEN 0x1B
89 #define MICROREAD_PIPE_ID_HDS_STACKED_ELEMENT 0x1C
90 #define MICROREAD_PIPE_ID_HDS_INSTANCES 0x1D
91 #define MICROREAD_PIPE_ID_HDS_TESTRF 0x1E
92 #define MICROREAD_PIPE_ID_HDS_P2P_TARGET 0x1F
93 #define MICROREAD_PIPE_ID_HDS_P2P_INITIATOR 0x20
94 
95 /* Events */
96 #define MICROREAD_EVT_MREAD_DISCOVERY_OCCURED NFC_HCI_EVT_TARGET_DISCOVERED
97 #define MICROREAD_EVT_MREAD_CARD_FOUND 0x3D
98 #define MICROREAD_EMCF_A_ATQA 0
99 #define MICROREAD_EMCF_A_SAK 2
100 #define MICROREAD_EMCF_A_LEN 3
101 #define MICROREAD_EMCF_A_UID 4
102 #define MICROREAD_EMCF_A3_ATQA 0
103 #define MICROREAD_EMCF_A3_SAK 2
104 #define MICROREAD_EMCF_A3_LEN 3
105 #define MICROREAD_EMCF_A3_UID 4
106 #define MICROREAD_EMCF_B_UID 0
107 #define MICROREAD_EMCF_T1_ATQA 0
108 #define MICROREAD_EMCF_T1_UID 4
109 #define MICROREAD_EMCF_T3_UID 0
110 #define MICROREAD_EVT_MREAD_DISCOVERY_START NFC_HCI_EVT_READER_REQUESTED
111 #define MICROREAD_EVT_MREAD_DISCOVERY_START_SOME 0x3E
112 #define MICROREAD_EVT_MREAD_DISCOVERY_STOP NFC_HCI_EVT_END_OPERATION
113 #define MICROREAD_EVT_MREAD_SIM_REQUESTS 0x3F
114 #define MICROREAD_EVT_MCARD_EXCHANGE NFC_HCI_EVT_TARGET_DISCOVERED
115 #define MICROREAD_EVT_P2P_INITIATOR_EXCHANGE_TO_RF 0x20
116 #define MICROREAD_EVT_P2P_INITIATOR_EXCHANGE_FROM_RF 0x21
117 #define MICROREAD_EVT_MCARD_FIELD_ON 0x11
118 #define MICROREAD_EVT_P2P_TARGET_ACTIVATED 0x13
119 #define MICROREAD_EVT_P2P_TARGET_DEACTIVATED 0x12
120 #define MICROREAD_EVT_MCARD_FIELD_OFF 0x14
121 
122 /* Commands */
123 #define MICROREAD_CMD_MREAD_EXCHANGE 0x10
124 #define MICROREAD_CMD_MREAD_SUBSCRIBE 0x3F
125 
126 /* Hosts IDs */
127 #define MICROREAD_ELT_ID_HDS NFC_HCI_TERMINAL_HOST_ID
128 #define MICROREAD_ELT_ID_SIM NFC_HCI_UICC_HOST_ID
129 #define MICROREAD_ELT_ID_SE1 0x03
130 #define MICROREAD_ELT_ID_SE2 0x04
131 #define MICROREAD_ELT_ID_SE3 0x05
132 
133 static const struct nfc_hci_gate microread_gates[] = {
134 	{MICROREAD_GATE_ID_ADM, MICROREAD_PIPE_ID_ADMIN},
135 	{MICROREAD_GATE_ID_LOOPBACK, MICROREAD_PIPE_ID_HDS_LOOPBACK},
136 	{MICROREAD_GATE_ID_IDT, MICROREAD_PIPE_ID_HDS_IDT},
137 	{MICROREAD_GATE_ID_LMS, MICROREAD_PIPE_ID_LMS},
138 	{MICROREAD_GATE_ID_MREAD_ISO_B, MICROREAD_PIPE_ID_HDS_MREAD_ISO_B},
139 	{MICROREAD_GATE_ID_MREAD_ISO_A, MICROREAD_PIPE_ID_HDS_MREAD_ISO_A},
140 	{MICROREAD_GATE_ID_MREAD_ISO_A_3, MICROREAD_PIPE_ID_HDS_MREAD_ISO_A_3},
141 	{MICROREAD_GATE_ID_MGT, MICROREAD_PIPE_ID_MGT},
142 	{MICROREAD_GATE_ID_OS, MICROREAD_PIPE_ID_OS},
143 	{MICROREAD_GATE_ID_MREAD_NFC_T1, MICROREAD_PIPE_ID_HDS_MREAD_NFC_T1},
144 	{MICROREAD_GATE_ID_MREAD_NFC_T3, MICROREAD_PIPE_ID_HDS_MREAD_NFC_T3},
145 	{MICROREAD_GATE_ID_P2P_TARGET, MICROREAD_PIPE_ID_HDS_P2P_TARGET},
146 	{MICROREAD_GATE_ID_P2P_INITIATOR, MICROREAD_PIPE_ID_HDS_P2P_INITIATOR}
147 };
148 
149 /* Largest headroom needed for outgoing custom commands */
150 #define MICROREAD_CMDS_HEADROOM	2
151 #define MICROREAD_CMD_TAILROOM	2
152 
153 struct microread_info {
154 	const struct nfc_phy_ops *phy_ops;
155 	void *phy_id;
156 
157 	struct nfc_hci_dev *hdev;
158 
159 	int async_cb_type;
160 	data_exchange_cb_t async_cb;
161 	void *async_cb_context;
162 };
163 
microread_open(struct nfc_hci_dev * hdev)164 static int microread_open(struct nfc_hci_dev *hdev)
165 {
166 	struct microread_info *info = nfc_hci_get_clientdata(hdev);
167 
168 	return info->phy_ops->enable(info->phy_id);
169 }
170 
microread_close(struct nfc_hci_dev * hdev)171 static void microread_close(struct nfc_hci_dev *hdev)
172 {
173 	struct microread_info *info = nfc_hci_get_clientdata(hdev);
174 
175 	info->phy_ops->disable(info->phy_id);
176 }
177 
microread_hci_ready(struct nfc_hci_dev * hdev)178 static int microread_hci_ready(struct nfc_hci_dev *hdev)
179 {
180 	int r;
181 	u8 param[4];
182 
183 	param[0] = 0x03;
184 	r = nfc_hci_send_cmd(hdev, MICROREAD_GATE_ID_MREAD_ISO_A,
185 			     MICROREAD_CMD_MREAD_SUBSCRIBE, param, 1, NULL);
186 	if (r)
187 		return r;
188 
189 	r = nfc_hci_send_cmd(hdev, MICROREAD_GATE_ID_MREAD_ISO_A_3,
190 			     MICROREAD_CMD_MREAD_SUBSCRIBE, NULL, 0, NULL);
191 	if (r)
192 		return r;
193 
194 	param[0] = 0x00;
195 	param[1] = 0x03;
196 	param[2] = 0x00;
197 	r = nfc_hci_send_cmd(hdev, MICROREAD_GATE_ID_MREAD_ISO_B,
198 			     MICROREAD_CMD_MREAD_SUBSCRIBE, param, 3, NULL);
199 	if (r)
200 		return r;
201 
202 	r = nfc_hci_send_cmd(hdev, MICROREAD_GATE_ID_MREAD_NFC_T1,
203 			     MICROREAD_CMD_MREAD_SUBSCRIBE, NULL, 0, NULL);
204 	if (r)
205 		return r;
206 
207 	param[0] = 0xFF;
208 	param[1] = 0xFF;
209 	param[2] = 0x00;
210 	param[3] = 0x00;
211 	r = nfc_hci_send_cmd(hdev, MICROREAD_GATE_ID_MREAD_NFC_T3,
212 			     MICROREAD_CMD_MREAD_SUBSCRIBE, param, 4, NULL);
213 
214 	return r;
215 }
216 
microread_xmit(struct nfc_hci_dev * hdev,struct sk_buff * skb)217 static int microread_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
218 {
219 	struct microread_info *info = nfc_hci_get_clientdata(hdev);
220 
221 	return info->phy_ops->write(info->phy_id, skb);
222 }
223 
microread_start_poll(struct nfc_hci_dev * hdev,u32 im_protocols,u32 tm_protocols)224 static int microread_start_poll(struct nfc_hci_dev *hdev,
225 				u32 im_protocols, u32 tm_protocols)
226 {
227 	int r;
228 
229 	u8 param[2];
230 	u8 mode;
231 
232 	param[0] = 0x00;
233 	param[1] = 0x00;
234 
235 	if (im_protocols & NFC_PROTO_ISO14443_MASK)
236 		param[0] |= (1 << 2);
237 
238 	if (im_protocols & NFC_PROTO_ISO14443_B_MASK)
239 		param[0] |= 1;
240 
241 	if (im_protocols & NFC_PROTO_MIFARE_MASK)
242 		param[1] |= 1;
243 
244 	if (im_protocols & NFC_PROTO_JEWEL_MASK)
245 		param[0] |= (1 << 1);
246 
247 	if (im_protocols & NFC_PROTO_FELICA_MASK)
248 		param[0] |= (1 << 5);
249 
250 	if (im_protocols & NFC_PROTO_NFC_DEP_MASK)
251 		param[1] |= (1 << 1);
252 
253 	if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
254 		hdev->gb = nfc_get_local_general_bytes(hdev->ndev,
255 						       &hdev->gb_len);
256 		if (hdev->gb == NULL || hdev->gb_len == 0) {
257 			im_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
258 			tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
259 		}
260 	}
261 
262 	r = nfc_hci_send_event(hdev, MICROREAD_GATE_ID_MREAD_ISO_A,
263 			       MICROREAD_EVT_MREAD_DISCOVERY_STOP, NULL, 0);
264 	if (r)
265 		return r;
266 
267 	mode = 0xff;
268 	r = nfc_hci_set_param(hdev, MICROREAD_GATE_ID_P2P_TARGET,
269 			      MICROREAD_PAR_P2P_TARGET_MODE, &mode, 1);
270 	if (r)
271 		return r;
272 
273 	if (im_protocols & NFC_PROTO_NFC_DEP_MASK) {
274 		r = nfc_hci_set_param(hdev, MICROREAD_GATE_ID_P2P_INITIATOR,
275 				      MICROREAD_PAR_P2P_INITIATOR_GI,
276 				      hdev->gb, hdev->gb_len);
277 		if (r)
278 			return r;
279 	}
280 
281 	if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
282 		r = nfc_hci_set_param(hdev, MICROREAD_GATE_ID_P2P_TARGET,
283 				      MICROREAD_PAR_P2P_TARGET_GT,
284 				      hdev->gb, hdev->gb_len);
285 		if (r)
286 			return r;
287 
288 		mode = 0x02;
289 		r = nfc_hci_set_param(hdev, MICROREAD_GATE_ID_P2P_TARGET,
290 				      MICROREAD_PAR_P2P_TARGET_MODE, &mode, 1);
291 		if (r)
292 			return r;
293 	}
294 
295 	return nfc_hci_send_event(hdev, MICROREAD_GATE_ID_MREAD_ISO_A,
296 				  MICROREAD_EVT_MREAD_DISCOVERY_START_SOME,
297 				  param, 2);
298 }
299 
microread_dep_link_up(struct nfc_hci_dev * hdev,struct nfc_target * target,u8 comm_mode,u8 * gb,size_t gb_len)300 static int microread_dep_link_up(struct nfc_hci_dev *hdev,
301 				struct nfc_target *target, u8 comm_mode,
302 				u8 *gb, size_t gb_len)
303 {
304 	struct sk_buff *rgb_skb = NULL;
305 	int r;
306 
307 	r = nfc_hci_get_param(hdev, target->hci_reader_gate,
308 			      MICROREAD_PAR_P2P_INITIATOR_GT, &rgb_skb);
309 	if (r < 0)
310 		return r;
311 
312 	if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) {
313 		r = -EPROTO;
314 		goto exit;
315 	}
316 
317 	r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data,
318 					 rgb_skb->len);
319 	if (r == 0)
320 		r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode,
321 				       NFC_RF_INITIATOR);
322 exit:
323 	kfree_skb(rgb_skb);
324 
325 	return r;
326 }
327 
microread_dep_link_down(struct nfc_hci_dev * hdev)328 static int microread_dep_link_down(struct nfc_hci_dev *hdev)
329 {
330 	return nfc_hci_send_event(hdev, MICROREAD_GATE_ID_P2P_INITIATOR,
331 				  MICROREAD_EVT_MREAD_DISCOVERY_STOP, NULL, 0);
332 }
333 
microread_target_from_gate(struct nfc_hci_dev * hdev,u8 gate,struct nfc_target * target)334 static int microread_target_from_gate(struct nfc_hci_dev *hdev, u8 gate,
335 				      struct nfc_target *target)
336 {
337 	switch (gate) {
338 	case MICROREAD_GATE_ID_P2P_INITIATOR:
339 		target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
340 		break;
341 	default:
342 		return -EPROTO;
343 	}
344 
345 	return 0;
346 }
347 
microread_complete_target_discovered(struct nfc_hci_dev * hdev,u8 gate,struct nfc_target * target)348 static int microread_complete_target_discovered(struct nfc_hci_dev *hdev,
349 						u8 gate,
350 						struct nfc_target *target)
351 {
352 	return 0;
353 }
354 
355 #define MICROREAD_CB_TYPE_READER_ALL 1
356 
microread_im_transceive_cb(void * context,struct sk_buff * skb,int err)357 static void microread_im_transceive_cb(void *context, struct sk_buff *skb,
358 				       int err)
359 {
360 	const struct microread_info *info = context;
361 
362 	switch (info->async_cb_type) {
363 	case MICROREAD_CB_TYPE_READER_ALL:
364 		if (err == 0) {
365 			if (skb->len == 0) {
366 				kfree_skb(skb);
367 				info->async_cb(info->async_cb_context, NULL,
368 					       -EPROTO);
369 				return;
370 			}
371 
372 			if (skb->data[skb->len - 1] != 0) {
373 				err = nfc_hci_result_to_errno(
374 						       skb->data[skb->len - 1]);
375 				kfree_skb(skb);
376 				info->async_cb(info->async_cb_context, NULL,
377 					       err);
378 				return;
379 			}
380 
381 			skb_trim(skb, skb->len - 1);	/* RF Error ind. */
382 		}
383 		info->async_cb(info->async_cb_context, skb, err);
384 		break;
385 	default:
386 		if (err == 0)
387 			kfree_skb(skb);
388 		break;
389 	}
390 }
391 
392 /*
393  * Returns:
394  * <= 0: driver handled the data exchange
395  *    1: driver doesn't especially handle, please do standard processing
396  */
microread_im_transceive(struct nfc_hci_dev * hdev,struct nfc_target * target,struct sk_buff * skb,data_exchange_cb_t cb,void * cb_context)397 static int microread_im_transceive(struct nfc_hci_dev *hdev,
398 				   struct nfc_target *target,
399 				   struct sk_buff *skb, data_exchange_cb_t cb,
400 				   void *cb_context)
401 {
402 	struct microread_info *info = nfc_hci_get_clientdata(hdev);
403 	u8 control_bits;
404 	u16 crc;
405 
406 	pr_info("data exchange to gate 0x%x\n", target->hci_reader_gate);
407 
408 	if (target->hci_reader_gate == MICROREAD_GATE_ID_P2P_INITIATOR) {
409 		*(u8 *)skb_push(skb, 1) = 0;
410 
411 		return nfc_hci_send_event(hdev, target->hci_reader_gate,
412 				     MICROREAD_EVT_P2P_INITIATOR_EXCHANGE_TO_RF,
413 				     skb->data, skb->len);
414 	}
415 
416 	switch (target->hci_reader_gate) {
417 	case MICROREAD_GATE_ID_MREAD_ISO_A:
418 		control_bits = 0xCB;
419 		break;
420 	case MICROREAD_GATE_ID_MREAD_ISO_A_3:
421 		control_bits = 0xCB;
422 		break;
423 	case MICROREAD_GATE_ID_MREAD_ISO_B:
424 		control_bits = 0xCB;
425 		break;
426 	case MICROREAD_GATE_ID_MREAD_NFC_T1:
427 		control_bits = 0x1B;
428 
429 		crc = crc_ccitt(0xffff, skb->data, skb->len);
430 		crc = ~crc;
431 		skb_put_u8(skb, crc & 0xff);
432 		skb_put_u8(skb, crc >> 8);
433 		break;
434 	case MICROREAD_GATE_ID_MREAD_NFC_T3:
435 		control_bits = 0xDB;
436 		break;
437 	default:
438 		pr_info("Abort im_transceive to invalid gate 0x%x\n",
439 			target->hci_reader_gate);
440 		return 1;
441 	}
442 
443 	*(u8 *)skb_push(skb, 1) = control_bits;
444 
445 	info->async_cb_type = MICROREAD_CB_TYPE_READER_ALL;
446 	info->async_cb = cb;
447 	info->async_cb_context = cb_context;
448 
449 	return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
450 				      MICROREAD_CMD_MREAD_EXCHANGE,
451 				      skb->data, skb->len,
452 				      microread_im_transceive_cb, info);
453 }
454 
microread_tm_send(struct nfc_hci_dev * hdev,struct sk_buff * skb)455 static int microread_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb)
456 {
457 	int r;
458 
459 	r = nfc_hci_send_event(hdev, MICROREAD_GATE_ID_P2P_TARGET,
460 			       MICROREAD_EVT_MCARD_EXCHANGE,
461 			       skb->data, skb->len);
462 
463 	kfree_skb(skb);
464 
465 	return r;
466 }
467 
microread_target_discovered(struct nfc_hci_dev * hdev,u8 gate,struct sk_buff * skb)468 static void microread_target_discovered(struct nfc_hci_dev *hdev, u8 gate,
469 					struct sk_buff *skb)
470 {
471 	struct nfc_target *targets;
472 	int r = 0;
473 
474 	pr_info("target discovered to gate 0x%x\n", gate);
475 
476 	targets = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
477 	if (targets == NULL) {
478 		r = -ENOMEM;
479 		goto exit;
480 	}
481 
482 	targets->hci_reader_gate = gate;
483 
484 	switch (gate) {
485 	case MICROREAD_GATE_ID_MREAD_ISO_A:
486 		targets->supported_protocols =
487 		      nfc_hci_sak_to_protocol(skb->data[MICROREAD_EMCF_A_SAK]);
488 		targets->sens_res =
489 			 be16_to_cpu(*(u16 *)&skb->data[MICROREAD_EMCF_A_ATQA]);
490 		targets->sel_res = skb->data[MICROREAD_EMCF_A_SAK];
491 		targets->nfcid1_len = skb->data[MICROREAD_EMCF_A_LEN];
492 		if (targets->nfcid1_len > sizeof(targets->nfcid1)) {
493 			r = -EINVAL;
494 			goto exit_free;
495 		}
496 		memcpy(targets->nfcid1, &skb->data[MICROREAD_EMCF_A_UID],
497 		       targets->nfcid1_len);
498 		break;
499 	case MICROREAD_GATE_ID_MREAD_ISO_A_3:
500 		targets->supported_protocols =
501 		      nfc_hci_sak_to_protocol(skb->data[MICROREAD_EMCF_A3_SAK]);
502 		targets->sens_res =
503 			 be16_to_cpu(*(u16 *)&skb->data[MICROREAD_EMCF_A3_ATQA]);
504 		targets->sel_res = skb->data[MICROREAD_EMCF_A3_SAK];
505 		targets->nfcid1_len = skb->data[MICROREAD_EMCF_A3_LEN];
506 		if (targets->nfcid1_len > sizeof(targets->nfcid1)) {
507 			r = -EINVAL;
508 			goto exit_free;
509 		}
510 		memcpy(targets->nfcid1, &skb->data[MICROREAD_EMCF_A3_UID],
511 		       targets->nfcid1_len);
512 		break;
513 	case MICROREAD_GATE_ID_MREAD_ISO_B:
514 		targets->supported_protocols = NFC_PROTO_ISO14443_B_MASK;
515 		memcpy(targets->nfcid1, &skb->data[MICROREAD_EMCF_B_UID], 4);
516 		targets->nfcid1_len = 4;
517 		break;
518 	case MICROREAD_GATE_ID_MREAD_NFC_T1:
519 		targets->supported_protocols = NFC_PROTO_JEWEL_MASK;
520 		targets->sens_res =
521 			le16_to_cpu(*(u16 *)&skb->data[MICROREAD_EMCF_T1_ATQA]);
522 		memcpy(targets->nfcid1, &skb->data[MICROREAD_EMCF_T1_UID], 4);
523 		targets->nfcid1_len = 4;
524 		break;
525 	case MICROREAD_GATE_ID_MREAD_NFC_T3:
526 		targets->supported_protocols = NFC_PROTO_FELICA_MASK;
527 		memcpy(targets->nfcid1, &skb->data[MICROREAD_EMCF_T3_UID], 8);
528 		targets->nfcid1_len = 8;
529 		break;
530 	default:
531 		pr_info("discard target discovered to gate 0x%x\n", gate);
532 		goto exit_free;
533 	}
534 
535 	r = nfc_targets_found(hdev->ndev, targets, 1);
536 
537 exit_free:
538 	kfree(targets);
539 
540 exit:
541 	kfree_skb(skb);
542 
543 	if (r)
544 		pr_err("Failed to handle discovered target err=%d\n", r);
545 }
546 
microread_event_received(struct nfc_hci_dev * hdev,u8 pipe,u8 event,struct sk_buff * skb)547 static int microread_event_received(struct nfc_hci_dev *hdev, u8 pipe,
548 				     u8 event, struct sk_buff *skb)
549 {
550 	int r;
551 	u8 gate = hdev->pipes[pipe].gate;
552 	u8 mode;
553 
554 	pr_info("Microread received event 0x%x to gate 0x%x\n", event, gate);
555 
556 	switch (event) {
557 	case MICROREAD_EVT_MREAD_CARD_FOUND:
558 		microread_target_discovered(hdev, gate, skb);
559 		return 0;
560 
561 	case MICROREAD_EVT_P2P_INITIATOR_EXCHANGE_FROM_RF:
562 		if (skb->len < 1) {
563 			kfree_skb(skb);
564 			return -EPROTO;
565 		}
566 
567 		if (skb->data[skb->len - 1]) {
568 			kfree_skb(skb);
569 			return -EIO;
570 		}
571 
572 		skb_trim(skb, skb->len - 1);
573 
574 		r = nfc_tm_data_received(hdev->ndev, skb);
575 		break;
576 
577 	case MICROREAD_EVT_MCARD_FIELD_ON:
578 	case MICROREAD_EVT_MCARD_FIELD_OFF:
579 		kfree_skb(skb);
580 		return 0;
581 
582 	case MICROREAD_EVT_P2P_TARGET_ACTIVATED:
583 		r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK,
584 				     NFC_COMM_PASSIVE, skb->data,
585 				     skb->len);
586 
587 		kfree_skb(skb);
588 		break;
589 
590 	case MICROREAD_EVT_MCARD_EXCHANGE:
591 		if (skb->len < 1) {
592 			kfree_skb(skb);
593 			return -EPROTO;
594 		}
595 
596 		if (skb->data[skb->len-1]) {
597 			kfree_skb(skb);
598 			return -EIO;
599 		}
600 
601 		skb_trim(skb, skb->len - 1);
602 
603 		r = nfc_tm_data_received(hdev->ndev, skb);
604 		break;
605 
606 	case MICROREAD_EVT_P2P_TARGET_DEACTIVATED:
607 		kfree_skb(skb);
608 
609 		mode = 0xff;
610 		r = nfc_hci_set_param(hdev, MICROREAD_GATE_ID_P2P_TARGET,
611 				      MICROREAD_PAR_P2P_TARGET_MODE, &mode, 1);
612 		if (r)
613 			break;
614 
615 		r = nfc_hci_send_event(hdev, gate,
616 				       MICROREAD_EVT_MREAD_DISCOVERY_STOP, NULL,
617 				       0);
618 		break;
619 
620 	default:
621 		return 1;
622 	}
623 
624 	return r;
625 }
626 
627 static const struct nfc_hci_ops microread_hci_ops = {
628 	.open = microread_open,
629 	.close = microread_close,
630 	.hci_ready = microread_hci_ready,
631 	.xmit = microread_xmit,
632 	.start_poll = microread_start_poll,
633 	.dep_link_up = microread_dep_link_up,
634 	.dep_link_down = microread_dep_link_down,
635 	.target_from_gate = microread_target_from_gate,
636 	.complete_target_discovered = microread_complete_target_discovered,
637 	.im_transceive = microread_im_transceive,
638 	.tm_send = microread_tm_send,
639 	.check_presence = NULL,
640 	.event_received = microread_event_received,
641 };
642 
microread_probe(void * phy_id,const struct nfc_phy_ops * phy_ops,const char * llc_name,int phy_headroom,int phy_tailroom,int phy_payload,struct nfc_hci_dev ** hdev)643 int microread_probe(void *phy_id, const struct nfc_phy_ops *phy_ops,
644 		    const char *llc_name, int phy_headroom, int phy_tailroom,
645 		    int phy_payload, struct nfc_hci_dev **hdev)
646 {
647 	struct microread_info *info;
648 	unsigned long quirks = 0;
649 	u32 protocols;
650 	struct nfc_hci_init_data init_data;
651 	int r;
652 
653 	info = kzalloc(sizeof(struct microread_info), GFP_KERNEL);
654 	if (!info) {
655 		r = -ENOMEM;
656 		goto err_info_alloc;
657 	}
658 
659 	info->phy_ops = phy_ops;
660 	info->phy_id = phy_id;
661 
662 	init_data.gate_count = ARRAY_SIZE(microread_gates);
663 	memcpy(init_data.gates, microread_gates, sizeof(microread_gates));
664 
665 	strcpy(init_data.session_id, "MICROREA");
666 
667 	set_bit(NFC_HCI_QUIRK_SHORT_CLEAR, &quirks);
668 
669 	protocols = NFC_PROTO_JEWEL_MASK |
670 		    NFC_PROTO_MIFARE_MASK |
671 		    NFC_PROTO_FELICA_MASK |
672 		    NFC_PROTO_ISO14443_MASK |
673 		    NFC_PROTO_ISO14443_B_MASK |
674 		    NFC_PROTO_NFC_DEP_MASK;
675 
676 	info->hdev = nfc_hci_allocate_device(&microread_hci_ops, &init_data,
677 					     quirks, protocols, llc_name,
678 					     phy_headroom +
679 					     MICROREAD_CMDS_HEADROOM,
680 					     phy_tailroom +
681 					     MICROREAD_CMD_TAILROOM,
682 					     phy_payload);
683 	if (!info->hdev) {
684 		pr_err("Cannot allocate nfc hdev\n");
685 		r = -ENOMEM;
686 		goto err_alloc_hdev;
687 	}
688 
689 	nfc_hci_set_clientdata(info->hdev, info);
690 
691 	r = nfc_hci_register_device(info->hdev);
692 	if (r)
693 		goto err_regdev;
694 
695 	*hdev = info->hdev;
696 
697 	return 0;
698 
699 err_regdev:
700 	nfc_hci_free_device(info->hdev);
701 
702 err_alloc_hdev:
703 	kfree(info);
704 
705 err_info_alloc:
706 	return r;
707 }
708 EXPORT_SYMBOL(microread_probe);
709 
microread_remove(struct nfc_hci_dev * hdev)710 void microread_remove(struct nfc_hci_dev *hdev)
711 {
712 	struct microread_info *info = nfc_hci_get_clientdata(hdev);
713 
714 	nfc_hci_unregister_device(hdev);
715 	nfc_hci_free_device(hdev);
716 	kfree(info);
717 }
718 EXPORT_SYMBOL(microread_remove);
719 
720 MODULE_LICENSE("GPL");
721 MODULE_DESCRIPTION(DRIVER_DESC);
722