1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Driver for NXP PN533 NFC Chip - core functions 4 * 5 * Copyright (C) 2011 Instituto Nokia de Tecnologia 6 * Copyright (C) 2012-2013 Tieto Poland 7 */ 8 9 #include <linux/device.h> 10 #include <linux/kernel.h> 11 #include <linux/module.h> 12 #include <linux/slab.h> 13 #include <linux/nfc.h> 14 #include <linux/netdevice.h> 15 #include <net/nfc/nfc.h> 16 #include "pn533.h" 17 18 #define VERSION "0.3" 19 20 /* How much time we spend listening for initiators */ 21 #define PN533_LISTEN_TIME 2 22 /* Delay between each poll frame (ms) */ 23 #define PN533_POLL_INTERVAL 10 24 25 /* structs for pn533 commands */ 26 27 /* PN533_CMD_GET_FIRMWARE_VERSION */ 28 struct pn533_fw_version { 29 u8 ic; 30 u8 ver; 31 u8 rev; 32 u8 support; 33 }; 34 35 /* PN533_CMD_RF_CONFIGURATION */ 36 #define PN533_CFGITEM_RF_FIELD 0x01 37 #define PN533_CFGITEM_TIMING 0x02 38 #define PN533_CFGITEM_MAX_RETRIES 0x05 39 #define PN533_CFGITEM_PASORI 0x82 40 41 #define PN533_CFGITEM_RF_FIELD_AUTO_RFCA 0x2 42 #define PN533_CFGITEM_RF_FIELD_ON 0x1 43 #define PN533_CFGITEM_RF_FIELD_OFF 0x0 44 45 #define PN533_CONFIG_TIMING_102 0xb 46 #define PN533_CONFIG_TIMING_204 0xc 47 #define PN533_CONFIG_TIMING_409 0xd 48 #define PN533_CONFIG_TIMING_819 0xe 49 50 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00 51 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF 52 53 struct pn533_config_max_retries { 54 u8 mx_rty_atr; 55 u8 mx_rty_psl; 56 u8 mx_rty_passive_act; 57 } __packed; 58 59 struct pn533_config_timing { 60 u8 rfu; 61 u8 atr_res_timeout; 62 u8 dep_timeout; 63 } __packed; 64 65 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */ 66 67 /* felica commands opcode */ 68 #define PN533_FELICA_OPC_SENSF_REQ 0 69 #define PN533_FELICA_OPC_SENSF_RES 1 70 /* felica SENSF_REQ parameters */ 71 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF 72 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0 73 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1 74 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2 75 76 /* type B initiator_data values */ 77 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0 78 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0 79 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1 80 81 union pn533_cmd_poll_initdata { 82 struct { 83 u8 afi; 84 u8 polling_method; 85 } __packed type_b; 86 struct { 87 u8 opcode; 88 __be16 sc; 89 u8 rc; 90 u8 tsn; 91 } __packed felica; 92 }; 93 94 struct pn533_poll_modulations { 95 struct { 96 u8 maxtg; 97 u8 brty; 98 union pn533_cmd_poll_initdata initiator_data; 99 } __packed data; 100 u8 len; 101 }; 102 103 static const struct pn533_poll_modulations poll_mod[] = { 104 [PN533_POLL_MOD_106KBPS_A] = { 105 .data = { 106 .maxtg = 1, 107 .brty = 0, 108 }, 109 .len = 2, 110 }, 111 [PN533_POLL_MOD_212KBPS_FELICA] = { 112 .data = { 113 .maxtg = 1, 114 .brty = 1, 115 .initiator_data.felica = { 116 .opcode = PN533_FELICA_OPC_SENSF_REQ, 117 .sc = PN533_FELICA_SENSF_SC_ALL, 118 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 119 .tsn = 0x03, 120 }, 121 }, 122 .len = 7, 123 }, 124 [PN533_POLL_MOD_424KBPS_FELICA] = { 125 .data = { 126 .maxtg = 1, 127 .brty = 2, 128 .initiator_data.felica = { 129 .opcode = PN533_FELICA_OPC_SENSF_REQ, 130 .sc = PN533_FELICA_SENSF_SC_ALL, 131 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 132 .tsn = 0x03, 133 }, 134 }, 135 .len = 7, 136 }, 137 [PN533_POLL_MOD_106KBPS_JEWEL] = { 138 .data = { 139 .maxtg = 1, 140 .brty = 4, 141 }, 142 .len = 2, 143 }, 144 [PN533_POLL_MOD_847KBPS_B] = { 145 .data = { 146 .maxtg = 1, 147 .brty = 8, 148 .initiator_data.type_b = { 149 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES, 150 .polling_method = 151 PN533_TYPE_B_POLL_METHOD_TIMESLOT, 152 }, 153 }, 154 .len = 3, 155 }, 156 [PN533_LISTEN_MOD] = { 157 .len = 0, 158 }, 159 }; 160 161 /* PN533_CMD_IN_ATR */ 162 163 struct pn533_cmd_activate_response { 164 u8 status; 165 u8 nfcid3t[10]; 166 u8 didt; 167 u8 bst; 168 u8 brt; 169 u8 to; 170 u8 ppt; 171 /* optional */ 172 u8 gt[]; 173 } __packed; 174 175 struct pn533_cmd_jump_dep_response { 176 u8 status; 177 u8 tg; 178 u8 nfcid3t[10]; 179 u8 didt; 180 u8 bst; 181 u8 brt; 182 u8 to; 183 u8 ppt; 184 /* optional */ 185 u8 gt[]; 186 } __packed; 187 188 struct pn532_autopoll_resp { 189 u8 type; 190 u8 ln; 191 u8 tg; 192 u8 tgdata[]; 193 }; 194 195 /* PN532_CMD_IN_AUTOPOLL */ 196 #define PN532_AUTOPOLL_POLLNR_INFINITE 0xff 197 #define PN532_AUTOPOLL_PERIOD 0x03 /* in units of 150 ms */ 198 199 #define PN532_AUTOPOLL_TYPE_GENERIC_106 0x00 200 #define PN532_AUTOPOLL_TYPE_GENERIC_212 0x01 201 #define PN532_AUTOPOLL_TYPE_GENERIC_424 0x02 202 #define PN532_AUTOPOLL_TYPE_JEWEL 0x04 203 #define PN532_AUTOPOLL_TYPE_MIFARE 0x10 204 #define PN532_AUTOPOLL_TYPE_FELICA212 0x11 205 #define PN532_AUTOPOLL_TYPE_FELICA424 0x12 206 #define PN532_AUTOPOLL_TYPE_ISOA 0x20 207 #define PN532_AUTOPOLL_TYPE_ISOB 0x23 208 #define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106 0x40 209 #define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212 0x41 210 #define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424 0x42 211 #define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106 0x80 212 #define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_212 0x81 213 #define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_424 0x82 214 215 /* PN533_TG_INIT_AS_TARGET */ 216 #define PN533_INIT_TARGET_PASSIVE 0x1 217 #define PN533_INIT_TARGET_DEP 0x2 218 219 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3 220 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1 221 #define PN533_INIT_TARGET_RESP_DEP 0x4 222 223 /* The rule: value(high byte) + value(low byte) + checksum = 0 */ 224 static inline u8 pn533_ext_checksum(u16 value) 225 { 226 return ~(u8)(((value & 0xFF00) >> 8) + (u8)(value & 0xFF)) + 1; 227 } 228 229 /* The rule: value + checksum = 0 */ 230 static inline u8 pn533_std_checksum(u8 value) 231 { 232 return ~value + 1; 233 } 234 235 /* The rule: sum(data elements) + checksum = 0 */ 236 static u8 pn533_std_data_checksum(u8 *data, int datalen) 237 { 238 u8 sum = 0; 239 int i; 240 241 for (i = 0; i < datalen; i++) 242 sum += data[i]; 243 244 return pn533_std_checksum(sum); 245 } 246 247 static void pn533_std_tx_frame_init(void *_frame, u8 cmd_code) 248 { 249 struct pn533_std_frame *frame = _frame; 250 251 frame->preamble = 0; 252 frame->start_frame = cpu_to_be16(PN533_STD_FRAME_SOF); 253 PN533_STD_FRAME_IDENTIFIER(frame) = PN533_STD_FRAME_DIR_OUT; 254 PN533_FRAME_CMD(frame) = cmd_code; 255 frame->datalen = 2; 256 } 257 258 static void pn533_std_tx_frame_finish(void *_frame) 259 { 260 struct pn533_std_frame *frame = _frame; 261 262 frame->datalen_checksum = pn533_std_checksum(frame->datalen); 263 264 PN533_STD_FRAME_CHECKSUM(frame) = 265 pn533_std_data_checksum(frame->data, frame->datalen); 266 267 PN533_STD_FRAME_POSTAMBLE(frame) = 0; 268 } 269 270 static void pn533_std_tx_update_payload_len(void *_frame, int len) 271 { 272 struct pn533_std_frame *frame = _frame; 273 274 frame->datalen += len; 275 } 276 277 static bool pn533_std_rx_frame_is_valid(void *_frame, struct pn533 *dev) 278 { 279 u8 checksum; 280 struct pn533_std_frame *stdf = _frame; 281 282 if (stdf->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 283 return false; 284 285 if (likely(!PN533_STD_IS_EXTENDED(stdf))) { 286 /* Standard frame code */ 287 dev->ops->rx_header_len = PN533_STD_FRAME_HEADER_LEN; 288 289 checksum = pn533_std_checksum(stdf->datalen); 290 if (checksum != stdf->datalen_checksum) 291 return false; 292 293 checksum = pn533_std_data_checksum(stdf->data, stdf->datalen); 294 if (checksum != PN533_STD_FRAME_CHECKSUM(stdf)) 295 return false; 296 } else { 297 /* Extended */ 298 struct pn533_ext_frame *eif = _frame; 299 300 dev->ops->rx_header_len = PN533_EXT_FRAME_HEADER_LEN; 301 302 checksum = pn533_ext_checksum(be16_to_cpu(eif->datalen)); 303 if (checksum != eif->datalen_checksum) 304 return false; 305 306 /* check data checksum */ 307 checksum = pn533_std_data_checksum(eif->data, 308 be16_to_cpu(eif->datalen)); 309 if (checksum != PN533_EXT_FRAME_CHECKSUM(eif)) 310 return false; 311 } 312 313 return true; 314 } 315 316 bool pn533_rx_frame_is_ack(void *_frame) 317 { 318 struct pn533_std_frame *frame = _frame; 319 320 if (frame->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 321 return false; 322 323 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF) 324 return false; 325 326 return true; 327 } 328 EXPORT_SYMBOL_GPL(pn533_rx_frame_is_ack); 329 330 static inline int pn533_std_rx_frame_size(void *frame) 331 { 332 struct pn533_std_frame *f = frame; 333 334 /* check for Extended Information frame */ 335 if (PN533_STD_IS_EXTENDED(f)) { 336 struct pn533_ext_frame *eif = frame; 337 338 return sizeof(struct pn533_ext_frame) 339 + be16_to_cpu(eif->datalen) + PN533_STD_FRAME_TAIL_LEN; 340 } 341 342 return sizeof(struct pn533_std_frame) + f->datalen + 343 PN533_STD_FRAME_TAIL_LEN; 344 } 345 346 static u8 pn533_std_get_cmd_code(void *frame) 347 { 348 struct pn533_std_frame *f = frame; 349 struct pn533_ext_frame *eif = frame; 350 351 if (PN533_STD_IS_EXTENDED(f)) 352 return PN533_FRAME_CMD(eif); 353 else 354 return PN533_FRAME_CMD(f); 355 } 356 357 bool pn533_rx_frame_is_cmd_response(struct pn533 *dev, void *frame) 358 { 359 return (dev->ops->get_cmd_code(frame) == 360 PN533_CMD_RESPONSE(dev->cmd->code)); 361 } 362 EXPORT_SYMBOL_GPL(pn533_rx_frame_is_cmd_response); 363 364 365 static struct pn533_frame_ops pn533_std_frame_ops = { 366 .tx_frame_init = pn533_std_tx_frame_init, 367 .tx_frame_finish = pn533_std_tx_frame_finish, 368 .tx_update_payload_len = pn533_std_tx_update_payload_len, 369 .tx_header_len = PN533_STD_FRAME_HEADER_LEN, 370 .tx_tail_len = PN533_STD_FRAME_TAIL_LEN, 371 372 .rx_is_frame_valid = pn533_std_rx_frame_is_valid, 373 .rx_frame_size = pn533_std_rx_frame_size, 374 .rx_header_len = PN533_STD_FRAME_HEADER_LEN, 375 .rx_tail_len = PN533_STD_FRAME_TAIL_LEN, 376 377 .max_payload_len = PN533_STD_FRAME_MAX_PAYLOAD_LEN, 378 .get_cmd_code = pn533_std_get_cmd_code, 379 }; 380 381 static void pn533_build_cmd_frame(struct pn533 *dev, u8 cmd_code, 382 struct sk_buff *skb) 383 { 384 /* payload is already there, just update datalen */ 385 int payload_len = skb->len; 386 struct pn533_frame_ops *ops = dev->ops; 387 388 389 skb_push(skb, ops->tx_header_len); 390 skb_put(skb, ops->tx_tail_len); 391 392 ops->tx_frame_init(skb->data, cmd_code); 393 ops->tx_update_payload_len(skb->data, payload_len); 394 ops->tx_frame_finish(skb->data); 395 } 396 397 static int pn533_send_async_complete(struct pn533 *dev) 398 { 399 struct pn533_cmd *cmd = dev->cmd; 400 struct sk_buff *resp; 401 int status, rc = 0; 402 403 if (!cmd) { 404 dev_dbg(dev->dev, "%s: cmd not set\n", __func__); 405 goto done; 406 } 407 408 dev_kfree_skb(cmd->req); 409 410 status = cmd->status; 411 resp = cmd->resp; 412 413 if (status < 0) { 414 rc = cmd->complete_cb(dev, cmd->complete_cb_context, 415 ERR_PTR(status)); 416 dev_kfree_skb(resp); 417 goto done; 418 } 419 420 /* when no response is set we got interrupted */ 421 if (!resp) 422 resp = ERR_PTR(-EINTR); 423 424 if (!IS_ERR(resp)) { 425 skb_pull(resp, dev->ops->rx_header_len); 426 skb_trim(resp, resp->len - dev->ops->rx_tail_len); 427 } 428 429 rc = cmd->complete_cb(dev, cmd->complete_cb_context, resp); 430 431 done: 432 kfree(cmd); 433 dev->cmd = NULL; 434 return rc; 435 } 436 437 static int __pn533_send_async(struct pn533 *dev, u8 cmd_code, 438 struct sk_buff *req, 439 pn533_send_async_complete_t complete_cb, 440 void *complete_cb_context) 441 { 442 struct pn533_cmd *cmd; 443 int rc = 0; 444 445 dev_dbg(dev->dev, "Sending command 0x%x\n", cmd_code); 446 447 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 448 if (!cmd) 449 return -ENOMEM; 450 451 cmd->code = cmd_code; 452 cmd->req = req; 453 cmd->complete_cb = complete_cb; 454 cmd->complete_cb_context = complete_cb_context; 455 456 pn533_build_cmd_frame(dev, cmd_code, req); 457 458 mutex_lock(&dev->cmd_lock); 459 460 if (!dev->cmd_pending) { 461 dev->cmd = cmd; 462 rc = dev->phy_ops->send_frame(dev, req); 463 if (rc) { 464 dev->cmd = NULL; 465 goto error; 466 } 467 468 dev->cmd_pending = 1; 469 goto unlock; 470 } 471 472 dev_dbg(dev->dev, "%s Queueing command 0x%x\n", 473 __func__, cmd_code); 474 475 INIT_LIST_HEAD(&cmd->queue); 476 list_add_tail(&cmd->queue, &dev->cmd_queue); 477 478 goto unlock; 479 480 error: 481 kfree(cmd); 482 unlock: 483 mutex_unlock(&dev->cmd_lock); 484 return rc; 485 } 486 487 static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code, 488 struct sk_buff *req, 489 pn533_send_async_complete_t complete_cb, 490 void *complete_cb_context) 491 { 492 int rc; 493 494 rc = __pn533_send_async(dev, cmd_code, req, complete_cb, 495 complete_cb_context); 496 497 return rc; 498 } 499 500 static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code, 501 struct sk_buff *req, 502 pn533_send_async_complete_t complete_cb, 503 void *complete_cb_context) 504 { 505 int rc; 506 507 rc = __pn533_send_async(dev, cmd_code, req, complete_cb, 508 complete_cb_context); 509 510 return rc; 511 } 512 513 /* 514 * pn533_send_cmd_direct_async 515 * 516 * The function sends a priority cmd directly to the chip omitting the cmd 517 * queue. It's intended to be used by chaining mechanism of received responses 518 * where the host has to request every single chunk of data before scheduling 519 * next cmd from the queue. 520 */ 521 static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code, 522 struct sk_buff *req, 523 pn533_send_async_complete_t complete_cb, 524 void *complete_cb_context) 525 { 526 struct pn533_cmd *cmd; 527 int rc; 528 529 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 530 if (!cmd) 531 return -ENOMEM; 532 533 cmd->code = cmd_code; 534 cmd->req = req; 535 cmd->complete_cb = complete_cb; 536 cmd->complete_cb_context = complete_cb_context; 537 538 pn533_build_cmd_frame(dev, cmd_code, req); 539 540 dev->cmd = cmd; 541 rc = dev->phy_ops->send_frame(dev, req); 542 if (rc < 0) { 543 dev->cmd = NULL; 544 kfree(cmd); 545 } 546 547 return rc; 548 } 549 550 static void pn533_wq_cmd_complete(struct work_struct *work) 551 { 552 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work); 553 int rc; 554 555 rc = pn533_send_async_complete(dev); 556 if (rc != -EINPROGRESS) 557 queue_work(dev->wq, &dev->cmd_work); 558 } 559 560 static void pn533_wq_cmd(struct work_struct *work) 561 { 562 struct pn533 *dev = container_of(work, struct pn533, cmd_work); 563 struct pn533_cmd *cmd; 564 int rc; 565 566 mutex_lock(&dev->cmd_lock); 567 568 if (list_empty(&dev->cmd_queue)) { 569 dev->cmd_pending = 0; 570 mutex_unlock(&dev->cmd_lock); 571 return; 572 } 573 574 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue); 575 576 list_del(&cmd->queue); 577 578 mutex_unlock(&dev->cmd_lock); 579 580 dev->cmd = cmd; 581 rc = dev->phy_ops->send_frame(dev, cmd->req); 582 if (rc < 0) { 583 dev->cmd = NULL; 584 dev_kfree_skb(cmd->req); 585 kfree(cmd); 586 return; 587 } 588 589 } 590 591 struct pn533_sync_cmd_response { 592 struct sk_buff *resp; 593 struct completion done; 594 }; 595 596 static int pn533_send_sync_complete(struct pn533 *dev, void *_arg, 597 struct sk_buff *resp) 598 { 599 struct pn533_sync_cmd_response *arg = _arg; 600 601 arg->resp = resp; 602 complete(&arg->done); 603 604 return 0; 605 } 606 607 /* pn533_send_cmd_sync 608 * 609 * Please note the req parameter is freed inside the function to 610 * limit a number of return value interpretations by the caller. 611 * 612 * 1. negative in case of error during TX path -> req should be freed 613 * 614 * 2. negative in case of error during RX path -> req should not be freed 615 * as it's been already freed at the beginning of RX path by 616 * async_complete_cb. 617 * 618 * 3. valid pointer in case of successful RX path 619 * 620 * A caller has to check a return value with IS_ERR macro. If the test pass, 621 * the returned pointer is valid. 622 * 623 */ 624 static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code, 625 struct sk_buff *req) 626 { 627 int rc; 628 struct pn533_sync_cmd_response arg; 629 630 init_completion(&arg.done); 631 632 rc = pn533_send_cmd_async(dev, cmd_code, req, 633 pn533_send_sync_complete, &arg); 634 if (rc) { 635 dev_kfree_skb(req); 636 return ERR_PTR(rc); 637 } 638 639 wait_for_completion(&arg.done); 640 641 return arg.resp; 642 } 643 644 static struct sk_buff *pn533_alloc_skb(struct pn533 *dev, unsigned int size) 645 { 646 struct sk_buff *skb; 647 648 skb = alloc_skb(dev->ops->tx_header_len + 649 size + 650 dev->ops->tx_tail_len, GFP_KERNEL); 651 652 if (skb) 653 skb_reserve(skb, dev->ops->tx_header_len); 654 655 return skb; 656 } 657 658 struct pn533_target_type_a { 659 __be16 sens_res; 660 u8 sel_res; 661 u8 nfcid_len; 662 u8 nfcid_data[]; 663 } __packed; 664 665 666 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6)) 667 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0)) 668 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8)) 669 670 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00 671 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C 672 673 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5) 674 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2) 675 676 #define PN533_TYPE_A_SEL_PROT_MIFARE 0 677 #define PN533_TYPE_A_SEL_PROT_ISO14443 1 678 #define PN533_TYPE_A_SEL_PROT_DEP 2 679 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3 680 681 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a, 682 int target_data_len) 683 { 684 u8 ssd; 685 u8 platconf; 686 687 if (target_data_len < sizeof(struct pn533_target_type_a)) 688 return false; 689 690 /* 691 * The length check of nfcid[] and ats[] are not being performed because 692 * the values are not being used 693 */ 694 695 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 696 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res); 697 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res); 698 699 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 700 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 701 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 702 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 703 return false; 704 705 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */ 706 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0) 707 return false; 708 709 return true; 710 } 711 712 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data, 713 int tgt_data_len) 714 { 715 struct pn533_target_type_a *tgt_type_a; 716 717 tgt_type_a = (struct pn533_target_type_a *)tgt_data; 718 719 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len)) 720 return -EPROTO; 721 722 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) { 723 case PN533_TYPE_A_SEL_PROT_MIFARE: 724 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK; 725 break; 726 case PN533_TYPE_A_SEL_PROT_ISO14443: 727 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK; 728 break; 729 case PN533_TYPE_A_SEL_PROT_DEP: 730 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 731 break; 732 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP: 733 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK | 734 NFC_PROTO_NFC_DEP_MASK; 735 break; 736 } 737 738 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res); 739 nfc_tgt->sel_res = tgt_type_a->sel_res; 740 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len; 741 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len); 742 743 return 0; 744 } 745 746 struct pn533_target_felica { 747 u8 pol_res; 748 u8 opcode; 749 u8 nfcid2[NFC_NFCID2_MAXSIZE]; 750 u8 pad[8]; 751 /* optional */ 752 u8 syst_code[]; 753 } __packed; 754 755 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01 756 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE 757 758 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica, 759 int target_data_len) 760 { 761 if (target_data_len < sizeof(struct pn533_target_felica)) 762 return false; 763 764 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES) 765 return false; 766 767 return true; 768 } 769 770 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data, 771 int tgt_data_len) 772 { 773 struct pn533_target_felica *tgt_felica; 774 775 tgt_felica = (struct pn533_target_felica *)tgt_data; 776 777 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len)) 778 return -EPROTO; 779 780 if ((tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1) && 781 (tgt_felica->nfcid2[1] == PN533_FELICA_SENSF_NFCID2_DEP_B2)) 782 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 783 else 784 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK; 785 786 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9); 787 nfc_tgt->sensf_res_len = 9; 788 789 memcpy(nfc_tgt->nfcid2, tgt_felica->nfcid2, NFC_NFCID2_MAXSIZE); 790 nfc_tgt->nfcid2_len = NFC_NFCID2_MAXSIZE; 791 792 return 0; 793 } 794 795 struct pn533_target_jewel { 796 __be16 sens_res; 797 u8 jewelid[4]; 798 } __packed; 799 800 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel, 801 int target_data_len) 802 { 803 u8 ssd; 804 u8 platconf; 805 806 if (target_data_len < sizeof(struct pn533_target_jewel)) 807 return false; 808 809 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 810 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res); 811 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res); 812 813 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 814 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 815 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 816 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 817 return false; 818 819 return true; 820 } 821 822 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data, 823 int tgt_data_len) 824 { 825 struct pn533_target_jewel *tgt_jewel; 826 827 tgt_jewel = (struct pn533_target_jewel *)tgt_data; 828 829 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len)) 830 return -EPROTO; 831 832 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK; 833 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res); 834 nfc_tgt->nfcid1_len = 4; 835 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len); 836 837 return 0; 838 } 839 840 struct pn533_type_b_prot_info { 841 u8 bitrate; 842 u8 fsci_type; 843 u8 fwi_adc_fo; 844 } __packed; 845 846 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4) 847 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0) 848 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8 849 850 struct pn533_type_b_sens_res { 851 u8 opcode; 852 u8 nfcid[4]; 853 u8 appdata[4]; 854 struct pn533_type_b_prot_info prot_info; 855 } __packed; 856 857 #define PN533_TYPE_B_OPC_SENSB_RES 0x50 858 859 struct pn533_target_type_b { 860 struct pn533_type_b_sens_res sensb_res; 861 u8 attrib_res_len; 862 u8 attrib_res[]; 863 } __packed; 864 865 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b, 866 int target_data_len) 867 { 868 if (target_data_len < sizeof(struct pn533_target_type_b)) 869 return false; 870 871 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES) 872 return false; 873 874 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) & 875 PN533_TYPE_B_PROT_TYPE_RFU_MASK) 876 return false; 877 878 return true; 879 } 880 881 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data, 882 int tgt_data_len) 883 { 884 struct pn533_target_type_b *tgt_type_b; 885 886 tgt_type_b = (struct pn533_target_type_b *)tgt_data; 887 888 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len)) 889 return -EPROTO; 890 891 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 892 893 return 0; 894 } 895 896 static void pn533_poll_reset_mod_list(struct pn533 *dev); 897 static int pn533_target_found(struct pn533 *dev, u8 tg, u8 *tgdata, 898 int tgdata_len) 899 { 900 struct nfc_target nfc_tgt; 901 int rc; 902 903 dev_dbg(dev->dev, "%s: modulation=%d\n", 904 __func__, dev->poll_mod_curr); 905 906 if (tg != 1) 907 return -EPROTO; 908 909 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 910 911 switch (dev->poll_mod_curr) { 912 case PN533_POLL_MOD_106KBPS_A: 913 rc = pn533_target_found_type_a(&nfc_tgt, tgdata, tgdata_len); 914 break; 915 case PN533_POLL_MOD_212KBPS_FELICA: 916 case PN533_POLL_MOD_424KBPS_FELICA: 917 rc = pn533_target_found_felica(&nfc_tgt, tgdata, tgdata_len); 918 break; 919 case PN533_POLL_MOD_106KBPS_JEWEL: 920 rc = pn533_target_found_jewel(&nfc_tgt, tgdata, tgdata_len); 921 break; 922 case PN533_POLL_MOD_847KBPS_B: 923 rc = pn533_target_found_type_b(&nfc_tgt, tgdata, tgdata_len); 924 break; 925 default: 926 nfc_err(dev->dev, 927 "Unknown current poll modulation\n"); 928 return -EPROTO; 929 } 930 931 if (rc) 932 return rc; 933 934 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 935 dev_dbg(dev->dev, 936 "The Tg found doesn't have the desired protocol\n"); 937 return -EAGAIN; 938 } 939 940 dev_dbg(dev->dev, 941 "Target found - supported protocols: 0x%x\n", 942 nfc_tgt.supported_protocols); 943 944 dev->tgt_available_prots = nfc_tgt.supported_protocols; 945 946 pn533_poll_reset_mod_list(dev); 947 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 948 949 return 0; 950 } 951 952 static inline void pn533_poll_next_mod(struct pn533 *dev) 953 { 954 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count; 955 } 956 957 static void pn533_poll_reset_mod_list(struct pn533 *dev) 958 { 959 dev->poll_mod_count = 0; 960 } 961 962 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index) 963 { 964 dev->poll_mod_active[dev->poll_mod_count] = 965 (struct pn533_poll_modulations *)&poll_mod[mod_index]; 966 dev->poll_mod_count++; 967 } 968 969 static void pn533_poll_create_mod_list(struct pn533 *dev, 970 u32 im_protocols, u32 tm_protocols) 971 { 972 pn533_poll_reset_mod_list(dev); 973 974 if ((im_protocols & NFC_PROTO_MIFARE_MASK) || 975 (im_protocols & NFC_PROTO_ISO14443_MASK) || 976 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 977 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A); 978 979 if (im_protocols & NFC_PROTO_FELICA_MASK || 980 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 981 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA); 982 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA); 983 } 984 985 if (im_protocols & NFC_PROTO_JEWEL_MASK) 986 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL); 987 988 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 989 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B); 990 991 if (tm_protocols) 992 pn533_poll_add_mod(dev, PN533_LISTEN_MOD); 993 } 994 995 static int pn533_start_poll_complete(struct pn533 *dev, struct sk_buff *resp) 996 { 997 u8 nbtg, tg, *tgdata; 998 int rc, tgdata_len; 999 1000 /* Toggle the DEP polling */ 1001 if (dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) 1002 dev->poll_dep = 1; 1003 1004 nbtg = resp->data[0]; 1005 tg = resp->data[1]; 1006 tgdata = &resp->data[2]; 1007 tgdata_len = resp->len - 2; /* nbtg + tg */ 1008 1009 if (nbtg) { 1010 rc = pn533_target_found(dev, tg, tgdata, tgdata_len); 1011 1012 /* We must stop the poll after a valid target found */ 1013 if (rc == 0) 1014 return 0; 1015 } 1016 1017 return -EAGAIN; 1018 } 1019 1020 static struct sk_buff *pn533_alloc_poll_tg_frame(struct pn533 *dev) 1021 { 1022 struct sk_buff *skb; 1023 u8 *felica, *nfcid3; 1024 1025 u8 *gbytes = dev->gb; 1026 size_t gbytes_len = dev->gb_len; 1027 1028 u8 felica_params[18] = {0x1, 0xfe, /* DEP */ 1029 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */ 1030 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 1031 0xff, 0xff}; /* System code */ 1032 1033 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */ 1034 0x0, 0x0, 0x0, 1035 0x40}; /* SEL_RES for DEP */ 1036 1037 unsigned int skb_len = 36 + /* 1038 * mode (1), mifare (6), 1039 * felica (18), nfcid3 (10), gb_len (1) 1040 */ 1041 gbytes_len + 1042 1; /* len Tk*/ 1043 1044 skb = pn533_alloc_skb(dev, skb_len); 1045 if (!skb) 1046 return NULL; 1047 1048 /* DEP support only */ 1049 skb_put_u8(skb, PN533_INIT_TARGET_DEP); 1050 1051 /* MIFARE params */ 1052 skb_put_data(skb, mifare_params, 6); 1053 1054 /* Felica params */ 1055 felica = skb_put_data(skb, felica_params, 18); 1056 get_random_bytes(felica + 2, 6); 1057 1058 /* NFCID3 */ 1059 nfcid3 = skb_put_zero(skb, 10); 1060 memcpy(nfcid3, felica, 8); 1061 1062 /* General bytes */ 1063 skb_put_u8(skb, gbytes_len); 1064 1065 skb_put_data(skb, gbytes, gbytes_len); 1066 1067 /* Len Tk */ 1068 skb_put_u8(skb, 0); 1069 1070 return skb; 1071 } 1072 1073 static void pn533_wq_tm_mi_recv(struct work_struct *work); 1074 static struct sk_buff *pn533_build_response(struct pn533 *dev); 1075 1076 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg, 1077 struct sk_buff *resp) 1078 { 1079 struct sk_buff *skb; 1080 u8 status, ret, mi; 1081 int rc; 1082 1083 dev_dbg(dev->dev, "%s\n", __func__); 1084 1085 if (IS_ERR(resp)) { 1086 skb_queue_purge(&dev->resp_q); 1087 return PTR_ERR(resp); 1088 } 1089 1090 status = resp->data[0]; 1091 1092 ret = status & PN533_CMD_RET_MASK; 1093 mi = status & PN533_CMD_MI_MASK; 1094 1095 skb_pull(resp, sizeof(status)); 1096 1097 if (ret != PN533_CMD_RET_SUCCESS) { 1098 rc = -EIO; 1099 goto error; 1100 } 1101 1102 skb_queue_tail(&dev->resp_q, resp); 1103 1104 if (mi) { 1105 queue_work(dev->wq, &dev->mi_tm_rx_work); 1106 return -EINPROGRESS; 1107 } 1108 1109 skb = pn533_build_response(dev); 1110 if (!skb) { 1111 rc = -EIO; 1112 goto error; 1113 } 1114 1115 return nfc_tm_data_received(dev->nfc_dev, skb); 1116 1117 error: 1118 nfc_tm_deactivated(dev->nfc_dev); 1119 dev->tgt_mode = 0; 1120 skb_queue_purge(&dev->resp_q); 1121 dev_kfree_skb(resp); 1122 1123 return rc; 1124 } 1125 1126 static void pn533_wq_tm_mi_recv(struct work_struct *work) 1127 { 1128 struct pn533 *dev = container_of(work, struct pn533, mi_tm_rx_work); 1129 struct sk_buff *skb; 1130 int rc; 1131 1132 dev_dbg(dev->dev, "%s\n", __func__); 1133 1134 skb = pn533_alloc_skb(dev, 0); 1135 if (!skb) 1136 return; 1137 1138 rc = pn533_send_cmd_direct_async(dev, 1139 PN533_CMD_TG_GET_DATA, 1140 skb, 1141 pn533_tm_get_data_complete, 1142 NULL); 1143 1144 if (rc < 0) 1145 dev_kfree_skb(skb); 1146 } 1147 1148 static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 1149 struct sk_buff *resp); 1150 static void pn533_wq_tm_mi_send(struct work_struct *work) 1151 { 1152 struct pn533 *dev = container_of(work, struct pn533, mi_tm_tx_work); 1153 struct sk_buff *skb; 1154 int rc; 1155 1156 dev_dbg(dev->dev, "%s\n", __func__); 1157 1158 /* Grab the first skb in the queue */ 1159 skb = skb_dequeue(&dev->fragment_skb); 1160 if (skb == NULL) { /* No more data */ 1161 /* Reset the queue for future use */ 1162 skb_queue_head_init(&dev->fragment_skb); 1163 goto error; 1164 } 1165 1166 /* last entry - remove MI bit */ 1167 if (skb_queue_len(&dev->fragment_skb) == 0) { 1168 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_TG_SET_DATA, 1169 skb, pn533_tm_send_complete, NULL); 1170 } else 1171 rc = pn533_send_cmd_direct_async(dev, 1172 PN533_CMD_TG_SET_META_DATA, 1173 skb, pn533_tm_send_complete, NULL); 1174 1175 if (rc == 0) /* success */ 1176 return; 1177 1178 dev_err(dev->dev, 1179 "Error %d when trying to perform set meta data_exchange", rc); 1180 1181 dev_kfree_skb(skb); 1182 1183 error: 1184 dev->phy_ops->send_ack(dev, GFP_KERNEL); 1185 queue_work(dev->wq, &dev->cmd_work); 1186 } 1187 1188 static void pn533_wq_tg_get_data(struct work_struct *work) 1189 { 1190 struct pn533 *dev = container_of(work, struct pn533, tg_work); 1191 struct sk_buff *skb; 1192 int rc; 1193 1194 dev_dbg(dev->dev, "%s\n", __func__); 1195 1196 skb = pn533_alloc_skb(dev, 0); 1197 if (!skb) 1198 return; 1199 1200 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb, 1201 pn533_tm_get_data_complete, NULL); 1202 1203 if (rc < 0) 1204 dev_kfree_skb(skb); 1205 } 1206 1207 #define ATR_REQ_GB_OFFSET 17 1208 static int pn533_init_target_complete(struct pn533 *dev, struct sk_buff *resp) 1209 { 1210 u8 mode, *cmd, comm_mode = NFC_COMM_PASSIVE, *gb; 1211 size_t gb_len; 1212 int rc; 1213 1214 dev_dbg(dev->dev, "%s\n", __func__); 1215 1216 if (resp->len < ATR_REQ_GB_OFFSET + 1) 1217 return -EINVAL; 1218 1219 mode = resp->data[0]; 1220 cmd = &resp->data[1]; 1221 1222 dev_dbg(dev->dev, "Target mode 0x%x len %d\n", 1223 mode, resp->len); 1224 1225 if ((mode & PN533_INIT_TARGET_RESP_FRAME_MASK) == 1226 PN533_INIT_TARGET_RESP_ACTIVE) 1227 comm_mode = NFC_COMM_ACTIVE; 1228 1229 if ((mode & PN533_INIT_TARGET_RESP_DEP) == 0) /* Only DEP supported */ 1230 return -EOPNOTSUPP; 1231 1232 gb = cmd + ATR_REQ_GB_OFFSET; 1233 gb_len = resp->len - (ATR_REQ_GB_OFFSET + 1); 1234 1235 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK, 1236 comm_mode, gb, gb_len); 1237 if (rc < 0) { 1238 nfc_err(dev->dev, 1239 "Error when signaling target activation\n"); 1240 return rc; 1241 } 1242 1243 dev->tgt_mode = 1; 1244 queue_work(dev->wq, &dev->tg_work); 1245 1246 return 0; 1247 } 1248 1249 static void pn533_listen_mode_timer(struct timer_list *t) 1250 { 1251 struct pn533 *dev = from_timer(dev, t, listen_timer); 1252 1253 dev_dbg(dev->dev, "Listen mode timeout\n"); 1254 1255 dev->cancel_listen = 1; 1256 1257 pn533_poll_next_mod(dev); 1258 1259 queue_delayed_work(dev->wq, &dev->poll_work, 1260 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1261 } 1262 1263 static int pn533_rf_complete(struct pn533 *dev, void *arg, 1264 struct sk_buff *resp) 1265 { 1266 int rc = 0; 1267 1268 dev_dbg(dev->dev, "%s\n", __func__); 1269 1270 if (IS_ERR(resp)) { 1271 rc = PTR_ERR(resp); 1272 1273 nfc_err(dev->dev, "RF setting error %d\n", rc); 1274 1275 return rc; 1276 } 1277 1278 queue_delayed_work(dev->wq, &dev->poll_work, 1279 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1280 1281 dev_kfree_skb(resp); 1282 return rc; 1283 } 1284 1285 static void pn533_wq_rf(struct work_struct *work) 1286 { 1287 struct pn533 *dev = container_of(work, struct pn533, rf_work); 1288 struct sk_buff *skb; 1289 int rc; 1290 1291 dev_dbg(dev->dev, "%s\n", __func__); 1292 1293 skb = pn533_alloc_skb(dev, 2); 1294 if (!skb) 1295 return; 1296 1297 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD); 1298 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD_AUTO_RFCA); 1299 1300 rc = pn533_send_cmd_async(dev, PN533_CMD_RF_CONFIGURATION, skb, 1301 pn533_rf_complete, NULL); 1302 if (rc < 0) { 1303 dev_kfree_skb(skb); 1304 nfc_err(dev->dev, "RF setting error %d\n", rc); 1305 } 1306 } 1307 1308 static int pn533_poll_dep_complete(struct pn533 *dev, void *arg, 1309 struct sk_buff *resp) 1310 { 1311 struct pn533_cmd_jump_dep_response *rsp; 1312 struct nfc_target nfc_target; 1313 u8 target_gt_len; 1314 int rc; 1315 1316 if (IS_ERR(resp)) 1317 return PTR_ERR(resp); 1318 1319 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1320 1321 rc = rsp->status & PN533_CMD_RET_MASK; 1322 if (rc != PN533_CMD_RET_SUCCESS) { 1323 /* Not target found, turn radio off */ 1324 queue_work(dev->wq, &dev->rf_work); 1325 1326 dev_kfree_skb(resp); 1327 return 0; 1328 } 1329 1330 dev_dbg(dev->dev, "Creating new target"); 1331 1332 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1333 nfc_target.nfcid1_len = 10; 1334 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1335 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1336 if (rc) 1337 goto error; 1338 1339 dev->tgt_available_prots = 0; 1340 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1341 1342 /* ATR_RES general bytes are located at offset 17 */ 1343 target_gt_len = resp->len - 17; 1344 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1345 rsp->gt, target_gt_len); 1346 if (!rc) { 1347 rc = nfc_dep_link_is_up(dev->nfc_dev, 1348 dev->nfc_dev->targets[0].idx, 1349 0, NFC_RF_INITIATOR); 1350 1351 if (!rc) 1352 pn533_poll_reset_mod_list(dev); 1353 } 1354 error: 1355 dev_kfree_skb(resp); 1356 return rc; 1357 } 1358 1359 #define PASSIVE_DATA_LEN 5 1360 static int pn533_poll_dep(struct nfc_dev *nfc_dev) 1361 { 1362 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1363 struct sk_buff *skb; 1364 int rc, skb_len; 1365 u8 *next, nfcid3[NFC_NFCID3_MAXSIZE]; 1366 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1367 1368 dev_dbg(dev->dev, "%s", __func__); 1369 1370 if (!dev->gb) { 1371 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1372 1373 if (!dev->gb || !dev->gb_len) { 1374 dev->poll_dep = 0; 1375 queue_work(dev->wq, &dev->rf_work); 1376 } 1377 } 1378 1379 skb_len = 3 + dev->gb_len; /* ActPass + BR + Next */ 1380 skb_len += PASSIVE_DATA_LEN; 1381 1382 /* NFCID3 */ 1383 skb_len += NFC_NFCID3_MAXSIZE; 1384 nfcid3[0] = 0x1; 1385 nfcid3[1] = 0xfe; 1386 get_random_bytes(nfcid3 + 2, 6); 1387 1388 skb = pn533_alloc_skb(dev, skb_len); 1389 if (!skb) 1390 return -ENOMEM; 1391 1392 skb_put_u8(skb, 0x01); /* Active */ 1393 skb_put_u8(skb, 0x02); /* 424 kbps */ 1394 1395 next = skb_put(skb, 1); /* Next */ 1396 *next = 0; 1397 1398 /* Copy passive data */ 1399 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 1400 *next |= 1; 1401 1402 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 1403 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 1404 *next |= 2; 1405 1406 skb_put_data(skb, dev->gb, dev->gb_len); 1407 *next |= 4; /* We have some Gi */ 1408 1409 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 1410 pn533_poll_dep_complete, NULL); 1411 1412 if (rc < 0) 1413 dev_kfree_skb(skb); 1414 1415 return rc; 1416 } 1417 1418 static int pn533_autopoll_complete(struct pn533 *dev, void *arg, 1419 struct sk_buff *resp) 1420 { 1421 struct pn532_autopoll_resp *apr; 1422 struct nfc_target nfc_tgt; 1423 u8 nbtg; 1424 int rc; 1425 1426 if (IS_ERR(resp)) { 1427 rc = PTR_ERR(resp); 1428 1429 nfc_err(dev->dev, "%s autopoll complete error %d\n", 1430 __func__, rc); 1431 1432 if (rc == -ENOENT) { 1433 if (dev->poll_mod_count != 0) 1434 return rc; 1435 goto stop_poll; 1436 } else if (rc < 0) { 1437 nfc_err(dev->dev, 1438 "Error %d when running autopoll\n", rc); 1439 goto stop_poll; 1440 } 1441 } 1442 1443 nbtg = resp->data[0]; 1444 if ((nbtg > 2) || (nbtg <= 0)) 1445 return -EAGAIN; 1446 1447 apr = (struct pn532_autopoll_resp *)&resp->data[1]; 1448 while (nbtg--) { 1449 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 1450 switch (apr->type) { 1451 case PN532_AUTOPOLL_TYPE_ISOA: 1452 dev_dbg(dev->dev, "ISOA\n"); 1453 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1454 apr->ln - 1); 1455 break; 1456 case PN532_AUTOPOLL_TYPE_FELICA212: 1457 case PN532_AUTOPOLL_TYPE_FELICA424: 1458 dev_dbg(dev->dev, "FELICA\n"); 1459 rc = pn533_target_found_felica(&nfc_tgt, apr->tgdata, 1460 apr->ln - 1); 1461 break; 1462 case PN532_AUTOPOLL_TYPE_JEWEL: 1463 dev_dbg(dev->dev, "JEWEL\n"); 1464 rc = pn533_target_found_jewel(&nfc_tgt, apr->tgdata, 1465 apr->ln - 1); 1466 break; 1467 case PN532_AUTOPOLL_TYPE_ISOB: 1468 dev_dbg(dev->dev, "ISOB\n"); 1469 rc = pn533_target_found_type_b(&nfc_tgt, apr->tgdata, 1470 apr->ln - 1); 1471 break; 1472 case PN532_AUTOPOLL_TYPE_MIFARE: 1473 dev_dbg(dev->dev, "Mifare\n"); 1474 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1475 apr->ln - 1); 1476 break; 1477 default: 1478 nfc_err(dev->dev, 1479 "Unknown current poll modulation\n"); 1480 rc = -EPROTO; 1481 } 1482 1483 if (rc) 1484 goto done; 1485 1486 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 1487 nfc_err(dev->dev, 1488 "The Tg found doesn't have the desired protocol\n"); 1489 rc = -EAGAIN; 1490 goto done; 1491 } 1492 1493 dev->tgt_available_prots = nfc_tgt.supported_protocols; 1494 apr = (struct pn532_autopoll_resp *) 1495 (apr->tgdata + (apr->ln - 1)); 1496 } 1497 1498 pn533_poll_reset_mod_list(dev); 1499 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 1500 1501 done: 1502 dev_kfree_skb(resp); 1503 return rc; 1504 1505 stop_poll: 1506 nfc_err(dev->dev, "autopoll operation has been stopped\n"); 1507 1508 pn533_poll_reset_mod_list(dev); 1509 dev->poll_protocols = 0; 1510 return rc; 1511 } 1512 1513 static int pn533_poll_complete(struct pn533 *dev, void *arg, 1514 struct sk_buff *resp) 1515 { 1516 struct pn533_poll_modulations *cur_mod; 1517 int rc; 1518 1519 dev_dbg(dev->dev, "%s\n", __func__); 1520 1521 if (IS_ERR(resp)) { 1522 rc = PTR_ERR(resp); 1523 1524 nfc_err(dev->dev, "%s Poll complete error %d\n", 1525 __func__, rc); 1526 1527 if (rc == -ENOENT) { 1528 if (dev->poll_mod_count != 0) 1529 return rc; 1530 goto stop_poll; 1531 } else if (rc < 0) { 1532 nfc_err(dev->dev, 1533 "Error %d when running poll\n", rc); 1534 goto stop_poll; 1535 } 1536 } 1537 1538 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1539 1540 if (cur_mod->len == 0) { /* Target mode */ 1541 del_timer(&dev->listen_timer); 1542 rc = pn533_init_target_complete(dev, resp); 1543 goto done; 1544 } 1545 1546 /* Initiator mode */ 1547 rc = pn533_start_poll_complete(dev, resp); 1548 if (!rc) 1549 goto done; 1550 1551 if (!dev->poll_mod_count) { 1552 dev_dbg(dev->dev, "Polling has been stopped\n"); 1553 goto done; 1554 } 1555 1556 pn533_poll_next_mod(dev); 1557 /* Not target found, turn radio off */ 1558 queue_work(dev->wq, &dev->rf_work); 1559 1560 done: 1561 dev_kfree_skb(resp); 1562 return rc; 1563 1564 stop_poll: 1565 nfc_err(dev->dev, "Polling operation has been stopped\n"); 1566 1567 pn533_poll_reset_mod_list(dev); 1568 dev->poll_protocols = 0; 1569 return rc; 1570 } 1571 1572 static struct sk_buff *pn533_alloc_poll_in_frame(struct pn533 *dev, 1573 struct pn533_poll_modulations *mod) 1574 { 1575 struct sk_buff *skb; 1576 1577 skb = pn533_alloc_skb(dev, mod->len); 1578 if (!skb) 1579 return NULL; 1580 1581 skb_put_data(skb, &mod->data, mod->len); 1582 1583 return skb; 1584 } 1585 1586 static int pn533_send_poll_frame(struct pn533 *dev) 1587 { 1588 struct pn533_poll_modulations *mod; 1589 struct sk_buff *skb; 1590 int rc; 1591 u8 cmd_code; 1592 1593 mod = dev->poll_mod_active[dev->poll_mod_curr]; 1594 1595 dev_dbg(dev->dev, "%s mod len %d\n", 1596 __func__, mod->len); 1597 1598 if ((dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) && dev->poll_dep) { 1599 dev->poll_dep = 0; 1600 return pn533_poll_dep(dev->nfc_dev); 1601 } 1602 1603 if (mod->len == 0) { /* Listen mode */ 1604 cmd_code = PN533_CMD_TG_INIT_AS_TARGET; 1605 skb = pn533_alloc_poll_tg_frame(dev); 1606 } else { /* Polling mode */ 1607 cmd_code = PN533_CMD_IN_LIST_PASSIVE_TARGET; 1608 skb = pn533_alloc_poll_in_frame(dev, mod); 1609 } 1610 1611 if (!skb) { 1612 nfc_err(dev->dev, "Failed to allocate skb\n"); 1613 return -ENOMEM; 1614 } 1615 1616 rc = pn533_send_cmd_async(dev, cmd_code, skb, pn533_poll_complete, 1617 NULL); 1618 if (rc < 0) { 1619 dev_kfree_skb(skb); 1620 nfc_err(dev->dev, "Polling loop error %d\n", rc); 1621 } 1622 1623 return rc; 1624 } 1625 1626 static void pn533_wq_poll(struct work_struct *work) 1627 { 1628 struct pn533 *dev = container_of(work, struct pn533, poll_work.work); 1629 struct pn533_poll_modulations *cur_mod; 1630 int rc; 1631 1632 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1633 1634 dev_dbg(dev->dev, 1635 "%s cancel_listen %d modulation len %d\n", 1636 __func__, dev->cancel_listen, cur_mod->len); 1637 1638 if (dev->cancel_listen == 1) { 1639 dev->cancel_listen = 0; 1640 dev->phy_ops->abort_cmd(dev, GFP_ATOMIC); 1641 } 1642 1643 rc = pn533_send_poll_frame(dev); 1644 if (rc) 1645 return; 1646 1647 if (cur_mod->len == 0 && dev->poll_mod_count > 1) 1648 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1649 } 1650 1651 static int pn533_start_poll(struct nfc_dev *nfc_dev, 1652 u32 im_protocols, u32 tm_protocols) 1653 { 1654 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1655 struct pn533_poll_modulations *cur_mod; 1656 struct sk_buff *skb; 1657 u8 rand_mod; 1658 int rc; 1659 1660 dev_dbg(dev->dev, 1661 "%s: im protocols 0x%x tm protocols 0x%x\n", 1662 __func__, im_protocols, tm_protocols); 1663 1664 if (dev->tgt_active_prot) { 1665 nfc_err(dev->dev, 1666 "Cannot poll with a target already activated\n"); 1667 return -EBUSY; 1668 } 1669 1670 if (dev->tgt_mode) { 1671 nfc_err(dev->dev, 1672 "Cannot poll while already being activated\n"); 1673 return -EBUSY; 1674 } 1675 1676 if (tm_protocols) { 1677 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1678 if (dev->gb == NULL) 1679 tm_protocols = 0; 1680 } 1681 1682 dev->poll_protocols = im_protocols; 1683 dev->listen_protocols = tm_protocols; 1684 if (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL) { 1685 skb = pn533_alloc_skb(dev, 4 + 6); 1686 if (!skb) 1687 return -ENOMEM; 1688 1689 *((u8 *)skb_put(skb, sizeof(u8))) = 1690 PN532_AUTOPOLL_POLLNR_INFINITE; 1691 *((u8 *)skb_put(skb, sizeof(u8))) = PN532_AUTOPOLL_PERIOD; 1692 1693 if ((im_protocols & NFC_PROTO_MIFARE_MASK) && 1694 (im_protocols & NFC_PROTO_ISO14443_MASK) && 1695 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 1696 *((u8 *)skb_put(skb, sizeof(u8))) = 1697 PN532_AUTOPOLL_TYPE_GENERIC_106; 1698 else { 1699 if (im_protocols & NFC_PROTO_MIFARE_MASK) 1700 *((u8 *)skb_put(skb, sizeof(u8))) = 1701 PN532_AUTOPOLL_TYPE_MIFARE; 1702 1703 if (im_protocols & NFC_PROTO_ISO14443_MASK) 1704 *((u8 *)skb_put(skb, sizeof(u8))) = 1705 PN532_AUTOPOLL_TYPE_ISOA; 1706 1707 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1708 *((u8 *)skb_put(skb, sizeof(u8))) = 1709 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106; 1710 *((u8 *)skb_put(skb, sizeof(u8))) = 1711 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212; 1712 *((u8 *)skb_put(skb, sizeof(u8))) = 1713 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424; 1714 } 1715 } 1716 1717 if (im_protocols & NFC_PROTO_FELICA_MASK || 1718 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1719 *((u8 *)skb_put(skb, sizeof(u8))) = 1720 PN532_AUTOPOLL_TYPE_FELICA212; 1721 *((u8 *)skb_put(skb, sizeof(u8))) = 1722 PN532_AUTOPOLL_TYPE_FELICA424; 1723 } 1724 1725 if (im_protocols & NFC_PROTO_JEWEL_MASK) 1726 *((u8 *)skb_put(skb, sizeof(u8))) = 1727 PN532_AUTOPOLL_TYPE_JEWEL; 1728 1729 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 1730 *((u8 *)skb_put(skb, sizeof(u8))) = 1731 PN532_AUTOPOLL_TYPE_ISOB; 1732 1733 if (tm_protocols) 1734 *((u8 *)skb_put(skb, sizeof(u8))) = 1735 PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106; 1736 1737 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_AUTOPOLL, skb, 1738 pn533_autopoll_complete, NULL); 1739 1740 if (rc < 0) 1741 dev_kfree_skb(skb); 1742 else 1743 dev->poll_mod_count++; 1744 1745 return rc; 1746 } 1747 1748 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols); 1749 1750 /* Do not always start polling from the same modulation */ 1751 get_random_bytes(&rand_mod, sizeof(rand_mod)); 1752 rand_mod %= dev->poll_mod_count; 1753 dev->poll_mod_curr = rand_mod; 1754 1755 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1756 1757 rc = pn533_send_poll_frame(dev); 1758 1759 /* Start listen timer */ 1760 if (!rc && cur_mod->len == 0 && dev->poll_mod_count > 1) 1761 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1762 1763 return rc; 1764 } 1765 1766 static void pn533_stop_poll(struct nfc_dev *nfc_dev) 1767 { 1768 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1769 1770 del_timer(&dev->listen_timer); 1771 1772 if (!dev->poll_mod_count) { 1773 dev_dbg(dev->dev, 1774 "Polling operation was not running\n"); 1775 return; 1776 } 1777 1778 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 1779 flush_delayed_work(&dev->poll_work); 1780 pn533_poll_reset_mod_list(dev); 1781 } 1782 1783 static int pn533_activate_target_nfcdep(struct pn533 *dev) 1784 { 1785 struct pn533_cmd_activate_response *rsp; 1786 u16 gt_len; 1787 int rc; 1788 struct sk_buff *skb; 1789 struct sk_buff *resp; 1790 1791 dev_dbg(dev->dev, "%s\n", __func__); 1792 1793 skb = pn533_alloc_skb(dev, sizeof(u8) * 2); /*TG + Next*/ 1794 if (!skb) 1795 return -ENOMEM; 1796 1797 skb_put_u8(skb, 1); /* TG */ 1798 skb_put_u8(skb, 0); /* Next */ 1799 1800 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb); 1801 if (IS_ERR(resp)) 1802 return PTR_ERR(resp); 1803 1804 rsp = (struct pn533_cmd_activate_response *)resp->data; 1805 rc = rsp->status & PN533_CMD_RET_MASK; 1806 if (rc != PN533_CMD_RET_SUCCESS) { 1807 nfc_err(dev->dev, 1808 "Target activation failed (error 0x%x)\n", rc); 1809 dev_kfree_skb(resp); 1810 return -EIO; 1811 } 1812 1813 /* ATR_RES general bytes are located at offset 16 */ 1814 gt_len = resp->len - 16; 1815 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len); 1816 1817 dev_kfree_skb(resp); 1818 return rc; 1819 } 1820 1821 static int pn533_activate_target(struct nfc_dev *nfc_dev, 1822 struct nfc_target *target, u32 protocol) 1823 { 1824 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1825 int rc; 1826 1827 dev_dbg(dev->dev, "%s: protocol=%u\n", __func__, protocol); 1828 1829 if (dev->poll_mod_count) { 1830 nfc_err(dev->dev, 1831 "Cannot activate while polling\n"); 1832 return -EBUSY; 1833 } 1834 1835 if (dev->tgt_active_prot) { 1836 nfc_err(dev->dev, 1837 "There is already an active target\n"); 1838 return -EBUSY; 1839 } 1840 1841 if (!dev->tgt_available_prots) { 1842 nfc_err(dev->dev, 1843 "There is no available target to activate\n"); 1844 return -EINVAL; 1845 } 1846 1847 if (!(dev->tgt_available_prots & (1 << protocol))) { 1848 nfc_err(dev->dev, 1849 "Target doesn't support requested proto %u\n", 1850 protocol); 1851 return -EINVAL; 1852 } 1853 1854 if (protocol == NFC_PROTO_NFC_DEP) { 1855 rc = pn533_activate_target_nfcdep(dev); 1856 if (rc) { 1857 nfc_err(dev->dev, 1858 "Activating target with DEP failed %d\n", rc); 1859 return rc; 1860 } 1861 } 1862 1863 dev->tgt_active_prot = protocol; 1864 dev->tgt_available_prots = 0; 1865 1866 return 0; 1867 } 1868 1869 static int pn533_deactivate_target_complete(struct pn533 *dev, void *arg, 1870 struct sk_buff *resp) 1871 { 1872 int rc = 0; 1873 1874 dev_dbg(dev->dev, "%s\n", __func__); 1875 1876 if (IS_ERR(resp)) { 1877 rc = PTR_ERR(resp); 1878 1879 nfc_err(dev->dev, "Target release error %d\n", rc); 1880 1881 return rc; 1882 } 1883 1884 rc = resp->data[0] & PN533_CMD_RET_MASK; 1885 if (rc != PN533_CMD_RET_SUCCESS) 1886 nfc_err(dev->dev, 1887 "Error 0x%x when releasing the target\n", rc); 1888 1889 dev_kfree_skb(resp); 1890 return rc; 1891 } 1892 1893 static void pn533_deactivate_target(struct nfc_dev *nfc_dev, 1894 struct nfc_target *target, u8 mode) 1895 { 1896 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1897 struct sk_buff *skb; 1898 int rc; 1899 1900 dev_dbg(dev->dev, "%s\n", __func__); 1901 1902 if (!dev->tgt_active_prot) { 1903 nfc_err(dev->dev, "There is no active target\n"); 1904 return; 1905 } 1906 1907 dev->tgt_active_prot = 0; 1908 skb_queue_purge(&dev->resp_q); 1909 1910 skb = pn533_alloc_skb(dev, sizeof(u8)); 1911 if (!skb) 1912 return; 1913 1914 skb_put_u8(skb, 1); /* TG*/ 1915 1916 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_RELEASE, skb, 1917 pn533_deactivate_target_complete, NULL); 1918 if (rc < 0) { 1919 dev_kfree_skb(skb); 1920 nfc_err(dev->dev, "Target release error %d\n", rc); 1921 } 1922 } 1923 1924 1925 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg, 1926 struct sk_buff *resp) 1927 { 1928 struct pn533_cmd_jump_dep_response *rsp; 1929 u8 target_gt_len; 1930 int rc; 1931 u8 active = *(u8 *)arg; 1932 1933 kfree(arg); 1934 1935 if (IS_ERR(resp)) 1936 return PTR_ERR(resp); 1937 1938 if (dev->tgt_available_prots && 1939 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) { 1940 nfc_err(dev->dev, 1941 "The target does not support DEP\n"); 1942 rc = -EINVAL; 1943 goto error; 1944 } 1945 1946 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1947 1948 rc = rsp->status & PN533_CMD_RET_MASK; 1949 if (rc != PN533_CMD_RET_SUCCESS) { 1950 nfc_err(dev->dev, 1951 "Bringing DEP link up failed (error 0x%x)\n", rc); 1952 goto error; 1953 } 1954 1955 if (!dev->tgt_available_prots) { 1956 struct nfc_target nfc_target; 1957 1958 dev_dbg(dev->dev, "Creating new target\n"); 1959 1960 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1961 nfc_target.nfcid1_len = 10; 1962 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1963 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1964 if (rc) 1965 goto error; 1966 1967 dev->tgt_available_prots = 0; 1968 } 1969 1970 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1971 1972 /* ATR_RES general bytes are located at offset 17 */ 1973 target_gt_len = resp->len - 17; 1974 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1975 rsp->gt, target_gt_len); 1976 if (rc == 0) 1977 rc = nfc_dep_link_is_up(dev->nfc_dev, 1978 dev->nfc_dev->targets[0].idx, 1979 !active, NFC_RF_INITIATOR); 1980 1981 error: 1982 dev_kfree_skb(resp); 1983 return rc; 1984 } 1985 1986 static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf); 1987 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 1988 u8 comm_mode, u8 *gb, size_t gb_len) 1989 { 1990 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1991 struct sk_buff *skb; 1992 int rc, skb_len; 1993 u8 *next, *arg, nfcid3[NFC_NFCID3_MAXSIZE]; 1994 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1995 1996 dev_dbg(dev->dev, "%s\n", __func__); 1997 1998 if (dev->poll_mod_count) { 1999 nfc_err(dev->dev, 2000 "Cannot bring the DEP link up while polling\n"); 2001 return -EBUSY; 2002 } 2003 2004 if (dev->tgt_active_prot) { 2005 nfc_err(dev->dev, 2006 "There is already an active target\n"); 2007 return -EBUSY; 2008 } 2009 2010 skb_len = 3 + gb_len; /* ActPass + BR + Next */ 2011 skb_len += PASSIVE_DATA_LEN; 2012 2013 /* NFCID3 */ 2014 skb_len += NFC_NFCID3_MAXSIZE; 2015 if (target && !target->nfcid2_len) { 2016 nfcid3[0] = 0x1; 2017 nfcid3[1] = 0xfe; 2018 get_random_bytes(nfcid3 + 2, 6); 2019 } 2020 2021 skb = pn533_alloc_skb(dev, skb_len); 2022 if (!skb) 2023 return -ENOMEM; 2024 2025 skb_put_u8(skb, !comm_mode); /* ActPass */ 2026 skb_put_u8(skb, 0x02); /* 424 kbps */ 2027 2028 next = skb_put(skb, 1); /* Next */ 2029 *next = 0; 2030 2031 /* Copy passive data */ 2032 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 2033 *next |= 1; 2034 2035 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 2036 if (target && target->nfcid2_len) 2037 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), target->nfcid2, 2038 target->nfcid2_len); 2039 else 2040 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 2041 *next |= 2; 2042 2043 if (gb != NULL && gb_len > 0) { 2044 skb_put_data(skb, gb, gb_len); 2045 *next |= 4; /* We have some Gi */ 2046 } else { 2047 *next = 0; 2048 } 2049 2050 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2051 if (!arg) { 2052 dev_kfree_skb(skb); 2053 return -ENOMEM; 2054 } 2055 2056 *arg = !comm_mode; 2057 2058 pn533_rf_field(dev->nfc_dev, 0); 2059 2060 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 2061 pn533_in_dep_link_up_complete, arg); 2062 2063 if (rc < 0) { 2064 dev_kfree_skb(skb); 2065 kfree(arg); 2066 } 2067 2068 return rc; 2069 } 2070 2071 static int pn533_dep_link_down(struct nfc_dev *nfc_dev) 2072 { 2073 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2074 2075 dev_dbg(dev->dev, "%s\n", __func__); 2076 2077 pn533_poll_reset_mod_list(dev); 2078 2079 if (dev->tgt_mode || dev->tgt_active_prot) 2080 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 2081 2082 dev->tgt_active_prot = 0; 2083 dev->tgt_mode = 0; 2084 2085 skb_queue_purge(&dev->resp_q); 2086 2087 return 0; 2088 } 2089 2090 struct pn533_data_exchange_arg { 2091 data_exchange_cb_t cb; 2092 void *cb_context; 2093 }; 2094 2095 static struct sk_buff *pn533_build_response(struct pn533 *dev) 2096 { 2097 struct sk_buff *skb, *tmp, *t; 2098 unsigned int skb_len = 0, tmp_len = 0; 2099 2100 dev_dbg(dev->dev, "%s\n", __func__); 2101 2102 if (skb_queue_empty(&dev->resp_q)) 2103 return NULL; 2104 2105 if (skb_queue_len(&dev->resp_q) == 1) { 2106 skb = skb_dequeue(&dev->resp_q); 2107 goto out; 2108 } 2109 2110 skb_queue_walk_safe(&dev->resp_q, tmp, t) 2111 skb_len += tmp->len; 2112 2113 dev_dbg(dev->dev, "%s total length %d\n", 2114 __func__, skb_len); 2115 2116 skb = alloc_skb(skb_len, GFP_KERNEL); 2117 if (skb == NULL) 2118 goto out; 2119 2120 skb_put(skb, skb_len); 2121 2122 skb_queue_walk_safe(&dev->resp_q, tmp, t) { 2123 memcpy(skb->data + tmp_len, tmp->data, tmp->len); 2124 tmp_len += tmp->len; 2125 } 2126 2127 out: 2128 skb_queue_purge(&dev->resp_q); 2129 2130 return skb; 2131 } 2132 2133 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg, 2134 struct sk_buff *resp) 2135 { 2136 struct pn533_data_exchange_arg *arg = _arg; 2137 struct sk_buff *skb; 2138 int rc = 0; 2139 u8 status, ret, mi; 2140 2141 dev_dbg(dev->dev, "%s\n", __func__); 2142 2143 if (IS_ERR(resp)) { 2144 rc = PTR_ERR(resp); 2145 goto _error; 2146 } 2147 2148 status = resp->data[0]; 2149 ret = status & PN533_CMD_RET_MASK; 2150 mi = status & PN533_CMD_MI_MASK; 2151 2152 skb_pull(resp, sizeof(status)); 2153 2154 if (ret != PN533_CMD_RET_SUCCESS) { 2155 nfc_err(dev->dev, 2156 "Exchanging data failed (error 0x%x)\n", ret); 2157 rc = -EIO; 2158 goto error; 2159 } 2160 2161 skb_queue_tail(&dev->resp_q, resp); 2162 2163 if (mi) { 2164 dev->cmd_complete_mi_arg = arg; 2165 queue_work(dev->wq, &dev->mi_rx_work); 2166 return -EINPROGRESS; 2167 } 2168 2169 /* Prepare for the next round */ 2170 if (skb_queue_len(&dev->fragment_skb) > 0) { 2171 dev->cmd_complete_dep_arg = arg; 2172 queue_work(dev->wq, &dev->mi_tx_work); 2173 2174 return -EINPROGRESS; 2175 } 2176 2177 skb = pn533_build_response(dev); 2178 if (!skb) { 2179 rc = -ENOMEM; 2180 goto error; 2181 } 2182 2183 arg->cb(arg->cb_context, skb, 0); 2184 kfree(arg); 2185 return 0; 2186 2187 error: 2188 dev_kfree_skb(resp); 2189 _error: 2190 skb_queue_purge(&dev->resp_q); 2191 arg->cb(arg->cb_context, NULL, rc); 2192 kfree(arg); 2193 return rc; 2194 } 2195 2196 /* 2197 * Receive an incoming pn533 frame. skb contains only header and payload. 2198 * If skb == NULL, it is a notification that the link below is dead. 2199 */ 2200 void pn533_recv_frame(struct pn533 *dev, struct sk_buff *skb, int status) 2201 { 2202 if (!dev->cmd) 2203 goto sched_wq; 2204 2205 dev->cmd->status = status; 2206 2207 if (status != 0) { 2208 dev_dbg(dev->dev, "%s: Error received: %d\n", __func__, status); 2209 goto sched_wq; 2210 } 2211 2212 if (skb == NULL) { 2213 pr_err("NULL Frame -> link is dead\n"); 2214 goto sched_wq; 2215 } 2216 2217 if (pn533_rx_frame_is_ack(skb->data)) { 2218 dev_dbg(dev->dev, "%s: Received ACK frame\n", __func__); 2219 dev_kfree_skb(skb); 2220 return; 2221 } 2222 2223 print_hex_dump_debug("PN533 RX: ", DUMP_PREFIX_NONE, 16, 1, skb->data, 2224 dev->ops->rx_frame_size(skb->data), false); 2225 2226 if (!dev->ops->rx_is_frame_valid(skb->data, dev)) { 2227 nfc_err(dev->dev, "Received an invalid frame\n"); 2228 dev->cmd->status = -EIO; 2229 } else if (!pn533_rx_frame_is_cmd_response(dev, skb->data)) { 2230 nfc_err(dev->dev, "It it not the response to the last command\n"); 2231 dev->cmd->status = -EIO; 2232 } 2233 2234 dev->cmd->resp = skb; 2235 2236 sched_wq: 2237 queue_work(dev->wq, &dev->cmd_complete_work); 2238 } 2239 EXPORT_SYMBOL(pn533_recv_frame); 2240 2241 /* Split the Tx skb into small chunks */ 2242 static int pn533_fill_fragment_skbs(struct pn533 *dev, struct sk_buff *skb) 2243 { 2244 struct sk_buff *frag; 2245 int frag_size; 2246 2247 do { 2248 /* Remaining size */ 2249 if (skb->len > PN533_CMD_DATAFRAME_MAXLEN) 2250 frag_size = PN533_CMD_DATAFRAME_MAXLEN; 2251 else 2252 frag_size = skb->len; 2253 2254 /* Allocate and reserve */ 2255 frag = pn533_alloc_skb(dev, frag_size); 2256 if (!frag) { 2257 skb_queue_purge(&dev->fragment_skb); 2258 break; 2259 } 2260 2261 if (!dev->tgt_mode) { 2262 /* Reserve the TG/MI byte */ 2263 skb_reserve(frag, 1); 2264 2265 /* MI + TG */ 2266 if (frag_size == PN533_CMD_DATAFRAME_MAXLEN) 2267 *(u8 *)skb_push(frag, sizeof(u8)) = 2268 (PN533_CMD_MI_MASK | 1); 2269 else 2270 *(u8 *)skb_push(frag, sizeof(u8)) = 1; /* TG */ 2271 } 2272 2273 skb_put_data(frag, skb->data, frag_size); 2274 2275 /* Reduce the size of incoming buffer */ 2276 skb_pull(skb, frag_size); 2277 2278 /* Add this to skb_queue */ 2279 skb_queue_tail(&dev->fragment_skb, frag); 2280 2281 } while (skb->len > 0); 2282 2283 dev_kfree_skb(skb); 2284 2285 return skb_queue_len(&dev->fragment_skb); 2286 } 2287 2288 static int pn533_transceive(struct nfc_dev *nfc_dev, 2289 struct nfc_target *target, struct sk_buff *skb, 2290 data_exchange_cb_t cb, void *cb_context) 2291 { 2292 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2293 struct pn533_data_exchange_arg *arg = NULL; 2294 int rc; 2295 2296 dev_dbg(dev->dev, "%s\n", __func__); 2297 2298 if (!dev->tgt_active_prot) { 2299 nfc_err(dev->dev, 2300 "Can't exchange data if there is no active target\n"); 2301 rc = -EINVAL; 2302 goto error; 2303 } 2304 2305 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2306 if (!arg) { 2307 rc = -ENOMEM; 2308 goto error; 2309 } 2310 2311 arg->cb = cb; 2312 arg->cb_context = cb_context; 2313 2314 switch (dev->device_type) { 2315 case PN533_DEVICE_PASORI: 2316 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2317 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU, 2318 skb, 2319 pn533_data_exchange_complete, 2320 arg); 2321 2322 break; 2323 } 2324 fallthrough; 2325 default: 2326 /* jumbo frame ? */ 2327 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2328 rc = pn533_fill_fragment_skbs(dev, skb); 2329 if (rc <= 0) 2330 goto error; 2331 2332 skb = skb_dequeue(&dev->fragment_skb); 2333 if (!skb) { 2334 rc = -EIO; 2335 goto error; 2336 } 2337 } else { 2338 *(u8 *)skb_push(skb, sizeof(u8)) = 1; /* TG */ 2339 } 2340 2341 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE, 2342 skb, pn533_data_exchange_complete, 2343 arg); 2344 2345 break; 2346 } 2347 2348 if (rc < 0) /* rc from send_async */ 2349 goto error; 2350 2351 return 0; 2352 2353 error: 2354 kfree(arg); 2355 dev_kfree_skb(skb); 2356 return rc; 2357 } 2358 2359 static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 2360 struct sk_buff *resp) 2361 { 2362 u8 status; 2363 2364 dev_dbg(dev->dev, "%s\n", __func__); 2365 2366 if (IS_ERR(resp)) 2367 return PTR_ERR(resp); 2368 2369 status = resp->data[0]; 2370 2371 /* Prepare for the next round */ 2372 if (skb_queue_len(&dev->fragment_skb) > 0) { 2373 queue_work(dev->wq, &dev->mi_tm_tx_work); 2374 return -EINPROGRESS; 2375 } 2376 dev_kfree_skb(resp); 2377 2378 if (status != 0) { 2379 nfc_tm_deactivated(dev->nfc_dev); 2380 2381 dev->tgt_mode = 0; 2382 2383 return 0; 2384 } 2385 2386 queue_work(dev->wq, &dev->tg_work); 2387 2388 return 0; 2389 } 2390 2391 static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 2392 { 2393 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2394 int rc; 2395 2396 dev_dbg(dev->dev, "%s\n", __func__); 2397 2398 /* let's split in multiple chunks if size's too big */ 2399 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2400 rc = pn533_fill_fragment_skbs(dev, skb); 2401 if (rc <= 0) 2402 goto error; 2403 2404 /* get the first skb */ 2405 skb = skb_dequeue(&dev->fragment_skb); 2406 if (!skb) { 2407 rc = -EIO; 2408 goto error; 2409 } 2410 2411 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_META_DATA, skb, 2412 pn533_tm_send_complete, NULL); 2413 } else { 2414 /* Send th skb */ 2415 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb, 2416 pn533_tm_send_complete, NULL); 2417 } 2418 2419 error: 2420 if (rc < 0) { 2421 dev_kfree_skb(skb); 2422 skb_queue_purge(&dev->fragment_skb); 2423 } 2424 2425 return rc; 2426 } 2427 2428 static void pn533_wq_mi_recv(struct work_struct *work) 2429 { 2430 struct pn533 *dev = container_of(work, struct pn533, mi_rx_work); 2431 struct sk_buff *skb; 2432 int rc; 2433 2434 dev_dbg(dev->dev, "%s\n", __func__); 2435 2436 skb = pn533_alloc_skb(dev, PN533_CMD_DATAEXCH_HEAD_LEN); 2437 if (!skb) 2438 goto error; 2439 2440 switch (dev->device_type) { 2441 case PN533_DEVICE_PASORI: 2442 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2443 rc = pn533_send_cmd_direct_async(dev, 2444 PN533_CMD_IN_COMM_THRU, 2445 skb, 2446 pn533_data_exchange_complete, 2447 dev->cmd_complete_mi_arg); 2448 2449 break; 2450 } 2451 fallthrough; 2452 default: 2453 skb_put_u8(skb, 1); /*TG*/ 2454 2455 rc = pn533_send_cmd_direct_async(dev, 2456 PN533_CMD_IN_DATA_EXCHANGE, 2457 skb, 2458 pn533_data_exchange_complete, 2459 dev->cmd_complete_mi_arg); 2460 2461 break; 2462 } 2463 2464 if (rc == 0) /* success */ 2465 return; 2466 2467 nfc_err(dev->dev, 2468 "Error %d when trying to perform data_exchange\n", rc); 2469 2470 dev_kfree_skb(skb); 2471 kfree(dev->cmd_complete_mi_arg); 2472 2473 error: 2474 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2475 queue_work(dev->wq, &dev->cmd_work); 2476 } 2477 2478 static void pn533_wq_mi_send(struct work_struct *work) 2479 { 2480 struct pn533 *dev = container_of(work, struct pn533, mi_tx_work); 2481 struct sk_buff *skb; 2482 int rc; 2483 2484 dev_dbg(dev->dev, "%s\n", __func__); 2485 2486 /* Grab the first skb in the queue */ 2487 skb = skb_dequeue(&dev->fragment_skb); 2488 2489 if (skb == NULL) { /* No more data */ 2490 /* Reset the queue for future use */ 2491 skb_queue_head_init(&dev->fragment_skb); 2492 goto error; 2493 } 2494 2495 switch (dev->device_type) { 2496 case PN533_DEVICE_PASORI: 2497 if (dev->tgt_active_prot != NFC_PROTO_FELICA) { 2498 rc = -EIO; 2499 break; 2500 } 2501 2502 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_IN_COMM_THRU, 2503 skb, 2504 pn533_data_exchange_complete, 2505 dev->cmd_complete_dep_arg); 2506 2507 break; 2508 2509 default: 2510 /* Still some fragments? */ 2511 rc = pn533_send_cmd_direct_async(dev, 2512 PN533_CMD_IN_DATA_EXCHANGE, 2513 skb, 2514 pn533_data_exchange_complete, 2515 dev->cmd_complete_dep_arg); 2516 2517 break; 2518 } 2519 2520 if (rc == 0) /* success */ 2521 return; 2522 2523 nfc_err(dev->dev, 2524 "Error %d when trying to perform data_exchange\n", rc); 2525 2526 dev_kfree_skb(skb); 2527 kfree(dev->cmd_complete_dep_arg); 2528 2529 error: 2530 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2531 queue_work(dev->wq, &dev->cmd_work); 2532 } 2533 2534 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata, 2535 u8 cfgdata_len) 2536 { 2537 struct sk_buff *skb; 2538 struct sk_buff *resp; 2539 int skb_len; 2540 2541 dev_dbg(dev->dev, "%s\n", __func__); 2542 2543 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */ 2544 2545 skb = pn533_alloc_skb(dev, skb_len); 2546 if (!skb) 2547 return -ENOMEM; 2548 2549 skb_put_u8(skb, cfgitem); 2550 skb_put_data(skb, cfgdata, cfgdata_len); 2551 2552 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb); 2553 if (IS_ERR(resp)) 2554 return PTR_ERR(resp); 2555 2556 dev_kfree_skb(resp); 2557 return 0; 2558 } 2559 2560 static int pn533_get_firmware_version(struct pn533 *dev, 2561 struct pn533_fw_version *fv) 2562 { 2563 struct sk_buff *skb; 2564 struct sk_buff *resp; 2565 2566 skb = pn533_alloc_skb(dev, 0); 2567 if (!skb) 2568 return -ENOMEM; 2569 2570 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb); 2571 if (IS_ERR(resp)) 2572 return PTR_ERR(resp); 2573 2574 fv->ic = resp->data[0]; 2575 fv->ver = resp->data[1]; 2576 fv->rev = resp->data[2]; 2577 fv->support = resp->data[3]; 2578 2579 dev_kfree_skb(resp); 2580 return 0; 2581 } 2582 2583 static int pn533_pasori_fw_reset(struct pn533 *dev) 2584 { 2585 struct sk_buff *skb; 2586 struct sk_buff *resp; 2587 2588 dev_dbg(dev->dev, "%s\n", __func__); 2589 2590 skb = pn533_alloc_skb(dev, sizeof(u8)); 2591 if (!skb) 2592 return -ENOMEM; 2593 2594 skb_put_u8(skb, 0x1); 2595 2596 resp = pn533_send_cmd_sync(dev, 0x18, skb); 2597 if (IS_ERR(resp)) 2598 return PTR_ERR(resp); 2599 2600 dev_kfree_skb(resp); 2601 2602 return 0; 2603 } 2604 2605 static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf) 2606 { 2607 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2608 u8 rf_field = !!rf; 2609 int rc; 2610 2611 rf_field |= PN533_CFGITEM_RF_FIELD_AUTO_RFCA; 2612 2613 rc = pn533_set_configuration(dev, PN533_CFGITEM_RF_FIELD, 2614 (u8 *)&rf_field, 1); 2615 if (rc) { 2616 nfc_err(dev->dev, "Error on setting RF field\n"); 2617 return rc; 2618 } 2619 2620 return rc; 2621 } 2622 2623 static int pn532_sam_configuration(struct nfc_dev *nfc_dev) 2624 { 2625 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2626 struct sk_buff *skb; 2627 struct sk_buff *resp; 2628 2629 skb = pn533_alloc_skb(dev, 1); 2630 if (!skb) 2631 return -ENOMEM; 2632 2633 skb_put_u8(skb, 0x01); 2634 2635 resp = pn533_send_cmd_sync(dev, PN533_CMD_SAM_CONFIGURATION, skb); 2636 if (IS_ERR(resp)) 2637 return PTR_ERR(resp); 2638 2639 dev_kfree_skb(resp); 2640 return 0; 2641 } 2642 2643 static int pn533_dev_up(struct nfc_dev *nfc_dev) 2644 { 2645 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2646 int rc; 2647 2648 if (dev->phy_ops->dev_up) { 2649 rc = dev->phy_ops->dev_up(dev); 2650 if (rc) 2651 return rc; 2652 } 2653 2654 if ((dev->device_type == PN533_DEVICE_PN532) || 2655 (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL)) { 2656 rc = pn532_sam_configuration(nfc_dev); 2657 2658 if (rc) 2659 return rc; 2660 } 2661 2662 return pn533_rf_field(nfc_dev, 1); 2663 } 2664 2665 static int pn533_dev_down(struct nfc_dev *nfc_dev) 2666 { 2667 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2668 int ret; 2669 2670 ret = pn533_rf_field(nfc_dev, 0); 2671 if (dev->phy_ops->dev_down && !ret) 2672 ret = dev->phy_ops->dev_down(dev); 2673 2674 return ret; 2675 } 2676 2677 static struct nfc_ops pn533_nfc_ops = { 2678 .dev_up = pn533_dev_up, 2679 .dev_down = pn533_dev_down, 2680 .dep_link_up = pn533_dep_link_up, 2681 .dep_link_down = pn533_dep_link_down, 2682 .start_poll = pn533_start_poll, 2683 .stop_poll = pn533_stop_poll, 2684 .activate_target = pn533_activate_target, 2685 .deactivate_target = pn533_deactivate_target, 2686 .im_transceive = pn533_transceive, 2687 .tm_send = pn533_tm_send, 2688 }; 2689 2690 static int pn533_setup(struct pn533 *dev) 2691 { 2692 struct pn533_config_max_retries max_retries; 2693 struct pn533_config_timing timing; 2694 u8 pasori_cfg[3] = {0x08, 0x01, 0x08}; 2695 int rc; 2696 2697 switch (dev->device_type) { 2698 case PN533_DEVICE_STD: 2699 case PN533_DEVICE_PASORI: 2700 case PN533_DEVICE_ACR122U: 2701 case PN533_DEVICE_PN532: 2702 case PN533_DEVICE_PN532_AUTOPOLL: 2703 max_retries.mx_rty_atr = 0x2; 2704 max_retries.mx_rty_psl = 0x1; 2705 max_retries.mx_rty_passive_act = 2706 PN533_CONFIG_MAX_RETRIES_NO_RETRY; 2707 2708 timing.rfu = PN533_CONFIG_TIMING_102; 2709 timing.atr_res_timeout = PN533_CONFIG_TIMING_102; 2710 timing.dep_timeout = PN533_CONFIG_TIMING_204; 2711 2712 break; 2713 2714 default: 2715 nfc_err(dev->dev, "Unknown device type %d\n", 2716 dev->device_type); 2717 return -EINVAL; 2718 } 2719 2720 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES, 2721 (u8 *)&max_retries, sizeof(max_retries)); 2722 if (rc) { 2723 nfc_err(dev->dev, 2724 "Error on setting MAX_RETRIES config\n"); 2725 return rc; 2726 } 2727 2728 2729 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING, 2730 (u8 *)&timing, sizeof(timing)); 2731 if (rc) { 2732 nfc_err(dev->dev, "Error on setting RF timings\n"); 2733 return rc; 2734 } 2735 2736 switch (dev->device_type) { 2737 case PN533_DEVICE_STD: 2738 case PN533_DEVICE_PN532: 2739 case PN533_DEVICE_PN532_AUTOPOLL: 2740 break; 2741 2742 case PN533_DEVICE_PASORI: 2743 pn533_pasori_fw_reset(dev); 2744 2745 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI, 2746 pasori_cfg, 3); 2747 if (rc) { 2748 nfc_err(dev->dev, 2749 "Error while settings PASORI config\n"); 2750 return rc; 2751 } 2752 2753 pn533_pasori_fw_reset(dev); 2754 2755 break; 2756 } 2757 2758 return 0; 2759 } 2760 2761 int pn533_finalize_setup(struct pn533 *dev) 2762 { 2763 2764 struct pn533_fw_version fw_ver; 2765 int rc; 2766 2767 memset(&fw_ver, 0, sizeof(fw_ver)); 2768 2769 rc = pn533_get_firmware_version(dev, &fw_ver); 2770 if (rc) { 2771 nfc_err(dev->dev, "Unable to get FW version\n"); 2772 return rc; 2773 } 2774 2775 nfc_info(dev->dev, "NXP PN5%02X firmware ver %d.%d now attached\n", 2776 fw_ver.ic, fw_ver.ver, fw_ver.rev); 2777 2778 rc = pn533_setup(dev); 2779 if (rc) 2780 return rc; 2781 2782 return 0; 2783 } 2784 EXPORT_SYMBOL_GPL(pn533_finalize_setup); 2785 2786 struct pn533 *pn53x_common_init(u32 device_type, 2787 enum pn533_protocol_type protocol_type, 2788 void *phy, 2789 struct pn533_phy_ops *phy_ops, 2790 struct pn533_frame_ops *fops, 2791 struct device *dev) 2792 { 2793 struct pn533 *priv; 2794 int rc = -ENOMEM; 2795 2796 priv = kzalloc(sizeof(*priv), GFP_KERNEL); 2797 if (!priv) 2798 return ERR_PTR(-ENOMEM); 2799 2800 priv->phy = phy; 2801 priv->phy_ops = phy_ops; 2802 priv->dev = dev; 2803 if (fops != NULL) 2804 priv->ops = fops; 2805 else 2806 priv->ops = &pn533_std_frame_ops; 2807 2808 priv->protocol_type = protocol_type; 2809 priv->device_type = device_type; 2810 2811 mutex_init(&priv->cmd_lock); 2812 2813 INIT_WORK(&priv->cmd_work, pn533_wq_cmd); 2814 INIT_WORK(&priv->cmd_complete_work, pn533_wq_cmd_complete); 2815 INIT_WORK(&priv->mi_rx_work, pn533_wq_mi_recv); 2816 INIT_WORK(&priv->mi_tx_work, pn533_wq_mi_send); 2817 INIT_WORK(&priv->tg_work, pn533_wq_tg_get_data); 2818 INIT_WORK(&priv->mi_tm_rx_work, pn533_wq_tm_mi_recv); 2819 INIT_WORK(&priv->mi_tm_tx_work, pn533_wq_tm_mi_send); 2820 INIT_DELAYED_WORK(&priv->poll_work, pn533_wq_poll); 2821 INIT_WORK(&priv->rf_work, pn533_wq_rf); 2822 priv->wq = alloc_ordered_workqueue("pn533", 0); 2823 if (priv->wq == NULL) 2824 goto error; 2825 2826 timer_setup(&priv->listen_timer, pn533_listen_mode_timer, 0); 2827 2828 skb_queue_head_init(&priv->resp_q); 2829 skb_queue_head_init(&priv->fragment_skb); 2830 2831 INIT_LIST_HEAD(&priv->cmd_queue); 2832 return priv; 2833 2834 error: 2835 kfree(priv); 2836 return ERR_PTR(rc); 2837 } 2838 EXPORT_SYMBOL_GPL(pn53x_common_init); 2839 2840 void pn53x_common_clean(struct pn533 *priv) 2841 { 2842 struct pn533_cmd *cmd, *n; 2843 2844 flush_delayed_work(&priv->poll_work); 2845 destroy_workqueue(priv->wq); 2846 2847 skb_queue_purge(&priv->resp_q); 2848 2849 del_timer(&priv->listen_timer); 2850 2851 list_for_each_entry_safe(cmd, n, &priv->cmd_queue, queue) { 2852 list_del(&cmd->queue); 2853 kfree(cmd); 2854 } 2855 2856 kfree(priv); 2857 } 2858 EXPORT_SYMBOL_GPL(pn53x_common_clean); 2859 2860 int pn532_i2c_nfc_alloc(struct pn533 *priv, u32 protocols, 2861 struct device *parent) 2862 { 2863 priv->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols, 2864 priv->ops->tx_header_len + 2865 PN533_CMD_DATAEXCH_HEAD_LEN, 2866 priv->ops->tx_tail_len); 2867 if (!priv->nfc_dev) 2868 return -ENOMEM; 2869 2870 nfc_set_parent_dev(priv->nfc_dev, parent); 2871 nfc_set_drvdata(priv->nfc_dev, priv); 2872 return 0; 2873 } 2874 EXPORT_SYMBOL_GPL(pn532_i2c_nfc_alloc); 2875 2876 int pn53x_register_nfc(struct pn533 *priv, u32 protocols, 2877 struct device *parent) 2878 { 2879 int rc; 2880 2881 rc = pn532_i2c_nfc_alloc(priv, protocols, parent); 2882 if (rc) 2883 return rc; 2884 2885 rc = nfc_register_device(priv->nfc_dev); 2886 if (rc) 2887 nfc_free_device(priv->nfc_dev); 2888 2889 return rc; 2890 } 2891 EXPORT_SYMBOL_GPL(pn53x_register_nfc); 2892 2893 void pn53x_unregister_nfc(struct pn533 *priv) 2894 { 2895 nfc_unregister_device(priv->nfc_dev); 2896 nfc_free_device(priv->nfc_dev); 2897 } 2898 EXPORT_SYMBOL_GPL(pn53x_unregister_nfc); 2899 2900 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>"); 2901 MODULE_AUTHOR("Aloisio Almeida Jr <aloisio.almeida@openbossa.org>"); 2902 MODULE_AUTHOR("Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>"); 2903 MODULE_DESCRIPTION("PN533 driver ver " VERSION); 2904 MODULE_VERSION(VERSION); 2905 MODULE_LICENSE("GPL"); 2906