1 /* 2 * HCI based Driver for NXP PN544 NFC Chip 3 * 4 * Copyright (C) 2012 Intel Corporation. All rights reserved. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms and conditions of the GNU General Public License, 8 * version 2, as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the 17 * Free Software Foundation, Inc., 18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 19 */ 20 21 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 22 23 #include <linux/delay.h> 24 #include <linux/slab.h> 25 #include <linux/module.h> 26 27 #include <linux/nfc.h> 28 #include <net/nfc/hci.h> 29 #include <net/nfc/llc.h> 30 31 #include "pn544.h" 32 33 /* Timing restrictions (ms) */ 34 #define PN544_HCI_RESETVEN_TIME 30 35 36 enum pn544_state { 37 PN544_ST_COLD, 38 PN544_ST_FW_READY, 39 PN544_ST_READY, 40 }; 41 42 #define FULL_VERSION_LEN 11 43 44 /* Proprietary commands */ 45 #define PN544_WRITE 0x3f 46 #define PN544_TEST_SWP 0x21 47 48 /* Proprietary gates, events, commands and registers */ 49 50 /* NFC_HCI_RF_READER_A_GATE additional registers and commands */ 51 #define PN544_RF_READER_A_AUTO_ACTIVATION 0x10 52 #define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12 53 #define PN544_MIFARE_CMD 0x21 54 55 /* Commands that apply to all RF readers */ 56 #define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30 57 #define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32 58 59 /* NFC_HCI_ID_MGMT_GATE additional registers */ 60 #define PN544_ID_MGMT_FULL_VERSION_SW 0x10 61 62 #define PN544_RF_READER_ISO15693_GATE 0x12 63 64 #define PN544_RF_READER_F_GATE 0x14 65 #define PN544_FELICA_ID 0x04 66 #define PN544_FELICA_RAW 0x20 67 68 #define PN544_RF_READER_JEWEL_GATE 0x15 69 #define PN544_JEWEL_RAW_CMD 0x23 70 71 #define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30 72 #define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31 73 74 #define PN544_SYS_MGMT_GATE 0x90 75 #define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02 76 77 #define PN544_POLLING_LOOP_MGMT_GATE 0x94 78 #define PN544_DEP_MODE 0x01 79 #define PN544_DEP_ATR_REQ 0x02 80 #define PN544_DEP_ATR_RES 0x03 81 #define PN544_DEP_MERGE 0x0D 82 #define PN544_PL_RDPHASES 0x06 83 #define PN544_PL_EMULATION 0x07 84 #define PN544_PL_NFCT_DEACTIVATED 0x09 85 86 #define PN544_SWP_MGMT_GATE 0xA0 87 #define PN544_SWP_DEFAULT_MODE 0x01 88 89 #define PN544_NFC_WI_MGMT_GATE 0xA1 90 #define PN544_NFC_ESE_DEFAULT_MODE 0x01 91 92 #define PN544_HCI_EVT_SND_DATA 0x01 93 #define PN544_HCI_EVT_ACTIVATED 0x02 94 #define PN544_HCI_EVT_DEACTIVATED 0x03 95 #define PN544_HCI_EVT_RCV_DATA 0x04 96 #define PN544_HCI_EVT_CONTINUE_MI 0x05 97 #define PN544_HCI_EVT_SWITCH_MODE 0x03 98 99 #define PN544_HCI_CMD_ATTREQUEST 0x12 100 #define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13 101 102 static struct nfc_hci_gate pn544_gates[] = { 103 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE}, 104 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE}, 105 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 106 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 107 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE}, 108 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE}, 109 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 110 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 111 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 112 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 113 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE}, 114 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE}, 115 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE}, 116 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE}, 117 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE} 118 }; 119 120 /* Largest headroom needed for outgoing custom commands */ 121 #define PN544_CMDS_HEADROOM 2 122 123 struct pn544_hci_info { 124 struct nfc_phy_ops *phy_ops; 125 void *phy_id; 126 127 struct nfc_hci_dev *hdev; 128 129 enum pn544_state state; 130 131 struct mutex info_lock; 132 133 int async_cb_type; 134 data_exchange_cb_t async_cb; 135 void *async_cb_context; 136 137 fw_download_t fw_download; 138 }; 139 140 static int pn544_hci_open(struct nfc_hci_dev *hdev) 141 { 142 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 143 int r = 0; 144 145 mutex_lock(&info->info_lock); 146 147 if (info->state != PN544_ST_COLD) { 148 r = -EBUSY; 149 goto out; 150 } 151 152 r = info->phy_ops->enable(info->phy_id); 153 154 if (r == 0) 155 info->state = PN544_ST_READY; 156 157 out: 158 mutex_unlock(&info->info_lock); 159 return r; 160 } 161 162 static void pn544_hci_close(struct nfc_hci_dev *hdev) 163 { 164 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 165 166 mutex_lock(&info->info_lock); 167 168 if (info->state == PN544_ST_COLD) 169 goto out; 170 171 info->phy_ops->disable(info->phy_id); 172 173 info->state = PN544_ST_COLD; 174 175 out: 176 mutex_unlock(&info->info_lock); 177 } 178 179 static int pn544_hci_ready(struct nfc_hci_dev *hdev) 180 { 181 struct sk_buff *skb; 182 static struct hw_config { 183 u8 adr[2]; 184 u8 value; 185 } hw_config[] = { 186 {{0x9f, 0x9a}, 0x00}, 187 188 {{0x98, 0x10}, 0xbc}, 189 190 {{0x9e, 0x71}, 0x00}, 191 192 {{0x98, 0x09}, 0x00}, 193 194 {{0x9e, 0xb4}, 0x00}, 195 196 {{0x9c, 0x01}, 0x08}, 197 198 {{0x9e, 0xaa}, 0x01}, 199 200 {{0x9b, 0xd1}, 0x0d}, 201 {{0x9b, 0xd2}, 0x24}, 202 {{0x9b, 0xd3}, 0x0a}, 203 {{0x9b, 0xd4}, 0x22}, 204 {{0x9b, 0xd5}, 0x08}, 205 {{0x9b, 0xd6}, 0x1e}, 206 {{0x9b, 0xdd}, 0x1c}, 207 208 {{0x9b, 0x84}, 0x13}, 209 {{0x99, 0x81}, 0x7f}, 210 {{0x99, 0x31}, 0x70}, 211 212 {{0x98, 0x00}, 0x3f}, 213 214 {{0x9f, 0x09}, 0x00}, 215 216 {{0x9f, 0x0a}, 0x05}, 217 218 {{0x9e, 0xd1}, 0xa1}, 219 {{0x99, 0x23}, 0x00}, 220 221 {{0x9e, 0x74}, 0x80}, 222 223 {{0x9f, 0x28}, 0x10}, 224 225 {{0x9f, 0x35}, 0x14}, 226 227 {{0x9f, 0x36}, 0x60}, 228 229 {{0x9c, 0x31}, 0x00}, 230 231 {{0x9c, 0x32}, 0xc8}, 232 233 {{0x9c, 0x19}, 0x40}, 234 235 {{0x9c, 0x1a}, 0x40}, 236 237 {{0x9c, 0x0c}, 0x00}, 238 239 {{0x9c, 0x0d}, 0x00}, 240 241 {{0x9c, 0x12}, 0x00}, 242 243 {{0x9c, 0x13}, 0x00}, 244 245 {{0x98, 0xa2}, 0x0e}, 246 247 {{0x98, 0x93}, 0x40}, 248 249 {{0x98, 0x7d}, 0x02}, 250 {{0x98, 0x7e}, 0x00}, 251 {{0x9f, 0xc8}, 0x01}, 252 }; 253 struct hw_config *p = hw_config; 254 int count = ARRAY_SIZE(hw_config); 255 struct sk_buff *res_skb; 256 u8 param[4]; 257 int r; 258 259 param[0] = 0; 260 while (count--) { 261 param[1] = p->adr[0]; 262 param[2] = p->adr[1]; 263 param[3] = p->value; 264 265 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE, 266 param, 4, &res_skb); 267 if (r < 0) 268 return r; 269 270 if (res_skb->len != 1) { 271 kfree_skb(res_skb); 272 return -EPROTO; 273 } 274 275 if (res_skb->data[0] != p->value) { 276 kfree_skb(res_skb); 277 return -EIO; 278 } 279 280 kfree_skb(res_skb); 281 282 p++; 283 } 284 285 param[0] = NFC_HCI_UICC_HOST_ID; 286 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 287 NFC_HCI_ADMIN_WHITELIST, param, 1); 288 if (r < 0) 289 return r; 290 291 param[0] = 0x3d; 292 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE, 293 PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1); 294 if (r < 0) 295 return r; 296 297 param[0] = 0x0; 298 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE, 299 PN544_RF_READER_A_AUTO_ACTIVATION, param, 1); 300 if (r < 0) 301 return r; 302 303 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 304 NFC_HCI_EVT_END_OPERATION, NULL, 0); 305 if (r < 0) 306 return r; 307 308 param[0] = 0x1; 309 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 310 PN544_PL_NFCT_DEACTIVATED, param, 1); 311 if (r < 0) 312 return r; 313 314 param[0] = 0x0; 315 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 316 PN544_PL_RDPHASES, param, 1); 317 if (r < 0) 318 return r; 319 320 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 321 PN544_ID_MGMT_FULL_VERSION_SW, &skb); 322 if (r < 0) 323 return r; 324 325 if (skb->len != FULL_VERSION_LEN) { 326 kfree_skb(skb); 327 return -EINVAL; 328 } 329 330 print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ", 331 DUMP_PREFIX_NONE, 16, 1, 332 skb->data, FULL_VERSION_LEN, false); 333 334 kfree_skb(skb); 335 336 return 0; 337 } 338 339 static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb) 340 { 341 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 342 343 return info->phy_ops->write(info->phy_id, skb); 344 } 345 346 static int pn544_hci_start_poll(struct nfc_hci_dev *hdev, 347 u32 im_protocols, u32 tm_protocols) 348 { 349 u8 phases = 0; 350 int r; 351 u8 duration[2]; 352 u8 activated; 353 u8 i_mode = 0x3f; /* Enable all supported modes */ 354 u8 t_mode = 0x0f; 355 u8 t_merge = 0x01; /* Enable merge by default */ 356 357 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n", 358 __func__, im_protocols, tm_protocols); 359 360 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 361 NFC_HCI_EVT_END_OPERATION, NULL, 0); 362 if (r < 0) 363 return r; 364 365 duration[0] = 0x18; 366 duration[1] = 0x6a; 367 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 368 PN544_PL_EMULATION, duration, 2); 369 if (r < 0) 370 return r; 371 372 activated = 0; 373 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 374 PN544_PL_NFCT_DEACTIVATED, &activated, 1); 375 if (r < 0) 376 return r; 377 378 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 379 NFC_PROTO_JEWEL_MASK)) 380 phases |= 1; /* Type A */ 381 if (im_protocols & NFC_PROTO_FELICA_MASK) { 382 phases |= (1 << 2); /* Type F 212 */ 383 phases |= (1 << 3); /* Type F 424 */ 384 } 385 386 phases |= (1 << 5); /* NFC active */ 387 388 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 389 PN544_PL_RDPHASES, &phases, 1); 390 if (r < 0) 391 return r; 392 393 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) { 394 hdev->gb = nfc_get_local_general_bytes(hdev->ndev, 395 &hdev->gb_len); 396 pr_debug("generate local bytes %p\n", hdev->gb); 397 if (hdev->gb == NULL || hdev->gb_len == 0) { 398 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 399 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 400 } 401 } 402 403 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 404 r = nfc_hci_send_event(hdev, 405 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 406 NFC_HCI_EVT_END_OPERATION, NULL, 0); 407 if (r < 0) 408 return r; 409 410 r = nfc_hci_set_param(hdev, 411 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 412 PN544_DEP_MODE, &i_mode, 1); 413 if (r < 0) 414 return r; 415 416 r = nfc_hci_set_param(hdev, 417 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 418 PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len); 419 if (r < 0) 420 return r; 421 422 r = nfc_hci_send_event(hdev, 423 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 424 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 425 if (r < 0) 426 nfc_hci_send_event(hdev, 427 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 428 NFC_HCI_EVT_END_OPERATION, NULL, 0); 429 } 430 431 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) { 432 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 433 PN544_DEP_MODE, &t_mode, 1); 434 if (r < 0) 435 return r; 436 437 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 438 PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len); 439 if (r < 0) 440 return r; 441 442 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 443 PN544_DEP_MERGE, &t_merge, 1); 444 if (r < 0) 445 return r; 446 } 447 448 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 449 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 450 if (r < 0) 451 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 452 NFC_HCI_EVT_END_OPERATION, NULL, 0); 453 454 return r; 455 } 456 457 static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev, 458 struct nfc_target *target, u8 comm_mode, 459 u8 *gb, size_t gb_len) 460 { 461 struct sk_buff *rgb_skb = NULL; 462 int r; 463 464 r = nfc_hci_get_param(hdev, target->hci_reader_gate, 465 PN544_DEP_ATR_RES, &rgb_skb); 466 if (r < 0) 467 return r; 468 469 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) { 470 r = -EPROTO; 471 goto exit; 472 } 473 print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET, 474 16, 1, rgb_skb->data, rgb_skb->len, true); 475 476 r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data, 477 rgb_skb->len); 478 479 if (r == 0) 480 r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode, 481 NFC_RF_INITIATOR); 482 exit: 483 kfree_skb(rgb_skb); 484 return r; 485 } 486 487 static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev) 488 { 489 490 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE, 491 NFC_HCI_EVT_END_OPERATION, NULL, 0); 492 } 493 494 static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate, 495 struct nfc_target *target) 496 { 497 switch (gate) { 498 case PN544_RF_READER_F_GATE: 499 target->supported_protocols = NFC_PROTO_FELICA_MASK; 500 break; 501 case PN544_RF_READER_JEWEL_GATE: 502 target->supported_protocols = NFC_PROTO_JEWEL_MASK; 503 target->sens_res = 0x0c00; 504 break; 505 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 506 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 507 break; 508 default: 509 return -EPROTO; 510 } 511 512 return 0; 513 } 514 515 static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev, 516 u8 gate, 517 struct nfc_target *target) 518 { 519 struct sk_buff *uid_skb; 520 int r = 0; 521 522 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 523 return r; 524 525 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 526 r = nfc_hci_send_cmd(hdev, 527 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 528 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL); 529 if (r < 0) 530 return r; 531 532 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE; 533 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 534 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 535 target->nfcid1_len != 10) 536 return -EPROTO; 537 538 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 539 PN544_RF_READER_CMD_ACTIVATE_NEXT, 540 target->nfcid1, target->nfcid1_len, NULL); 541 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) { 542 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE, 543 PN544_FELICA_ID, &uid_skb); 544 if (r < 0) 545 return r; 546 547 if (uid_skb->len != 8) { 548 kfree_skb(uid_skb); 549 return -EPROTO; 550 } 551 552 /* Type F NFC-DEP IDm has prefix 0x01FE */ 553 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) { 554 kfree_skb(uid_skb); 555 r = nfc_hci_send_cmd(hdev, 556 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 557 PN544_HCI_CMD_CONTINUE_ACTIVATION, 558 NULL, 0, NULL); 559 if (r < 0) 560 return r; 561 562 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 563 target->hci_reader_gate = 564 PN544_RF_READER_NFCIP1_INITIATOR_GATE; 565 } else { 566 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE, 567 PN544_RF_READER_CMD_ACTIVATE_NEXT, 568 uid_skb->data, uid_skb->len, NULL); 569 kfree_skb(uid_skb); 570 } 571 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) { 572 /* 573 * TODO: maybe other ISO 14443 require some kind of continue 574 * activation, but for now we've seen only this one below. 575 */ 576 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */ 577 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 578 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION, 579 NULL, 0, NULL); 580 } 581 582 return r; 583 } 584 585 #define PN544_CB_TYPE_READER_F 1 586 587 static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb, 588 int err) 589 { 590 struct pn544_hci_info *info = context; 591 592 switch (info->async_cb_type) { 593 case PN544_CB_TYPE_READER_F: 594 if (err == 0) 595 skb_pull(skb, 1); 596 info->async_cb(info->async_cb_context, skb, err); 597 break; 598 default: 599 if (err == 0) 600 kfree_skb(skb); 601 break; 602 } 603 } 604 605 #define MIFARE_CMD_AUTH_KEY_A 0x60 606 #define MIFARE_CMD_AUTH_KEY_B 0x61 607 #define MIFARE_CMD_HEADER 2 608 #define MIFARE_UID_LEN 4 609 #define MIFARE_KEY_LEN 6 610 #define MIFARE_CMD_LEN 12 611 /* 612 * Returns: 613 * <= 0: driver handled the data exchange 614 * 1: driver doesn't especially handle, please do standard processing 615 */ 616 static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev, 617 struct nfc_target *target, 618 struct sk_buff *skb, data_exchange_cb_t cb, 619 void *cb_context) 620 { 621 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 622 623 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__, 624 target->hci_reader_gate); 625 626 switch (target->hci_reader_gate) { 627 case NFC_HCI_RF_READER_A_GATE: 628 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 629 /* 630 * It seems that pn544 is inverting key and UID for 631 * MIFARE authentication commands. 632 */ 633 if (skb->len == MIFARE_CMD_LEN && 634 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A || 635 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) { 636 u8 uid[MIFARE_UID_LEN]; 637 u8 *data = skb->data + MIFARE_CMD_HEADER; 638 639 memcpy(uid, data + MIFARE_KEY_LEN, 640 MIFARE_UID_LEN); 641 memmove(data + MIFARE_UID_LEN, data, 642 MIFARE_KEY_LEN); 643 memcpy(data, uid, MIFARE_UID_LEN); 644 } 645 646 return nfc_hci_send_cmd_async(hdev, 647 target->hci_reader_gate, 648 PN544_MIFARE_CMD, 649 skb->data, skb->len, 650 cb, cb_context); 651 } else 652 return 1; 653 case PN544_RF_READER_F_GATE: 654 *skb_push(skb, 1) = 0; 655 *skb_push(skb, 1) = 0; 656 657 info->async_cb_type = PN544_CB_TYPE_READER_F; 658 info->async_cb = cb; 659 info->async_cb_context = cb_context; 660 661 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 662 PN544_FELICA_RAW, skb->data, 663 skb->len, 664 pn544_hci_data_exchange_cb, info); 665 case PN544_RF_READER_JEWEL_GATE: 666 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 667 PN544_JEWEL_RAW_CMD, skb->data, 668 skb->len, cb, cb_context); 669 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 670 *skb_push(skb, 1) = 0; 671 672 return nfc_hci_send_event(hdev, target->hci_reader_gate, 673 PN544_HCI_EVT_SND_DATA, skb->data, 674 skb->len); 675 default: 676 return 1; 677 } 678 } 679 680 static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 681 { 682 int r; 683 684 /* Set default false for multiple information chaining */ 685 *skb_push(skb, 1) = 0; 686 687 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 688 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 689 690 kfree_skb(skb); 691 692 return r; 693 } 694 695 static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 696 struct nfc_target *target) 697 { 698 pr_debug("supported protocol %d\b", target->supported_protocols); 699 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK | 700 NFC_PROTO_ISO14443_B_MASK)) { 701 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 702 PN544_RF_READER_CMD_PRESENCE_CHECK, 703 NULL, 0, NULL); 704 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 705 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 706 target->nfcid1_len != 10) 707 return -EOPNOTSUPP; 708 709 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 710 PN544_RF_READER_CMD_ACTIVATE_NEXT, 711 target->nfcid1, target->nfcid1_len, NULL); 712 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK | 713 NFC_PROTO_FELICA_MASK)) { 714 return -EOPNOTSUPP; 715 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 716 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 717 PN544_HCI_CMD_ATTREQUEST, 718 NULL, 0, NULL); 719 } 720 721 return 0; 722 } 723 724 /* 725 * Returns: 726 * <= 0: driver handled the event, skb consumed 727 * 1: driver does not handle the event, please do standard processing 728 */ 729 static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 gate, u8 event, 730 struct sk_buff *skb) 731 { 732 struct sk_buff *rgb_skb = NULL; 733 int r; 734 735 pr_debug("hci event %d\n", event); 736 switch (event) { 737 case PN544_HCI_EVT_ACTIVATED: 738 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) { 739 r = nfc_hci_target_discovered(hdev, gate); 740 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 741 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 742 &rgb_skb); 743 if (r < 0) 744 goto exit; 745 746 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 747 NFC_COMM_PASSIVE, rgb_skb->data, 748 rgb_skb->len); 749 750 kfree_skb(rgb_skb); 751 } else { 752 r = -EINVAL; 753 } 754 break; 755 case PN544_HCI_EVT_DEACTIVATED: 756 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION, 757 NULL, 0); 758 break; 759 case PN544_HCI_EVT_RCV_DATA: 760 if (skb->len < 2) { 761 r = -EPROTO; 762 goto exit; 763 } 764 765 if (skb->data[0] != 0) { 766 pr_debug("data0 %d\n", skb->data[0]); 767 r = -EPROTO; 768 goto exit; 769 } 770 771 skb_pull(skb, 2); 772 return nfc_tm_data_received(hdev->ndev, skb); 773 default: 774 return 1; 775 } 776 777 exit: 778 kfree_skb(skb); 779 780 return r; 781 } 782 783 static int pn544_hci_fw_download(struct nfc_hci_dev *hdev, 784 const char *firmware_name) 785 { 786 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 787 788 if (info->fw_download == NULL) 789 return -ENOTSUPP; 790 791 return info->fw_download(info->phy_id, firmware_name); 792 } 793 794 static int pn544_hci_discover_se(struct nfc_hci_dev *hdev) 795 { 796 u32 se_idx = 0; 797 u8 ese_mode = 0x01; /* Default mode */ 798 struct sk_buff *res_skb; 799 int r; 800 801 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP, 802 NULL, 0, &res_skb); 803 804 if (r == 0) { 805 if (res_skb->len == 2 && res_skb->data[0] == 0x00) 806 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC); 807 808 kfree_skb(res_skb); 809 } 810 811 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE, 812 PN544_HCI_EVT_SWITCH_MODE, 813 &ese_mode, 1); 814 if (r == 0) 815 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED); 816 817 return !se_idx; 818 } 819 820 #define PN544_SE_MODE_OFF 0x00 821 #define PN544_SE_MODE_ON 0x01 822 static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx) 823 { 824 struct nfc_se *se; 825 u8 enable = PN544_SE_MODE_ON; 826 static struct uicc_gatelist { 827 u8 head; 828 u8 adr[2]; 829 u8 value; 830 } uicc_gatelist[] = { 831 {0x00, {0x9e, 0xd9}, 0x23}, 832 {0x00, {0x9e, 0xda}, 0x21}, 833 {0x00, {0x9e, 0xdb}, 0x22}, 834 {0x00, {0x9e, 0xdc}, 0x24}, 835 }; 836 struct uicc_gatelist *p = uicc_gatelist; 837 int count = ARRAY_SIZE(uicc_gatelist); 838 struct sk_buff *res_skb; 839 int r; 840 841 se = nfc_find_se(hdev->ndev, se_idx); 842 843 switch (se->type) { 844 case NFC_SE_UICC: 845 while (count--) { 846 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, 847 PN544_WRITE, (u8 *)p, 4, &res_skb); 848 if (r < 0) 849 return r; 850 851 if (res_skb->len != 1) { 852 kfree_skb(res_skb); 853 return -EPROTO; 854 } 855 856 if (res_skb->data[0] != p->value) { 857 kfree_skb(res_skb); 858 return -EIO; 859 } 860 861 kfree_skb(res_skb); 862 863 p++; 864 } 865 866 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 867 PN544_SWP_DEFAULT_MODE, &enable, 1); 868 case NFC_SE_EMBEDDED: 869 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 870 PN544_NFC_ESE_DEFAULT_MODE, &enable, 1); 871 872 default: 873 return -EINVAL; 874 } 875 } 876 877 static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx) 878 { 879 struct nfc_se *se; 880 u8 disable = PN544_SE_MODE_OFF; 881 882 se = nfc_find_se(hdev->ndev, se_idx); 883 884 switch (se->type) { 885 case NFC_SE_UICC: 886 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 887 PN544_SWP_DEFAULT_MODE, &disable, 1); 888 case NFC_SE_EMBEDDED: 889 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 890 PN544_NFC_ESE_DEFAULT_MODE, &disable, 1); 891 default: 892 return -EINVAL; 893 } 894 } 895 896 static struct nfc_hci_ops pn544_hci_ops = { 897 .open = pn544_hci_open, 898 .close = pn544_hci_close, 899 .hci_ready = pn544_hci_ready, 900 .xmit = pn544_hci_xmit, 901 .start_poll = pn544_hci_start_poll, 902 .dep_link_up = pn544_hci_dep_link_up, 903 .dep_link_down = pn544_hci_dep_link_down, 904 .target_from_gate = pn544_hci_target_from_gate, 905 .complete_target_discovered = pn544_hci_complete_target_discovered, 906 .im_transceive = pn544_hci_im_transceive, 907 .tm_send = pn544_hci_tm_send, 908 .check_presence = pn544_hci_check_presence, 909 .event_received = pn544_hci_event_received, 910 .fw_download = pn544_hci_fw_download, 911 .discover_se = pn544_hci_discover_se, 912 .enable_se = pn544_hci_enable_se, 913 .disable_se = pn544_hci_disable_se, 914 }; 915 916 int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name, 917 int phy_headroom, int phy_tailroom, int phy_payload, 918 fw_download_t fw_download, struct nfc_hci_dev **hdev) 919 { 920 struct pn544_hci_info *info; 921 u32 protocols; 922 struct nfc_hci_init_data init_data; 923 int r; 924 925 info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL); 926 if (!info) { 927 r = -ENOMEM; 928 goto err_info_alloc; 929 } 930 931 info->phy_ops = phy_ops; 932 info->phy_id = phy_id; 933 info->fw_download = fw_download; 934 info->state = PN544_ST_COLD; 935 mutex_init(&info->info_lock); 936 937 init_data.gate_count = ARRAY_SIZE(pn544_gates); 938 939 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates)); 940 941 /* 942 * TODO: Session id must include the driver name + some bus addr 943 * persistent info to discriminate 2 identical chips 944 */ 945 strcpy(init_data.session_id, "ID544HCI"); 946 947 protocols = NFC_PROTO_JEWEL_MASK | 948 NFC_PROTO_MIFARE_MASK | 949 NFC_PROTO_FELICA_MASK | 950 NFC_PROTO_ISO14443_MASK | 951 NFC_PROTO_ISO14443_B_MASK | 952 NFC_PROTO_NFC_DEP_MASK; 953 954 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0, 955 protocols, llc_name, 956 phy_headroom + PN544_CMDS_HEADROOM, 957 phy_tailroom, phy_payload); 958 if (!info->hdev) { 959 pr_err("Cannot allocate nfc hdev\n"); 960 r = -ENOMEM; 961 goto err_alloc_hdev; 962 } 963 964 nfc_hci_set_clientdata(info->hdev, info); 965 966 r = nfc_hci_register_device(info->hdev); 967 if (r) 968 goto err_regdev; 969 970 *hdev = info->hdev; 971 972 return 0; 973 974 err_regdev: 975 nfc_hci_free_device(info->hdev); 976 977 err_alloc_hdev: 978 kfree(info); 979 980 err_info_alloc: 981 return r; 982 } 983 EXPORT_SYMBOL(pn544_hci_probe); 984 985 void pn544_hci_remove(struct nfc_hci_dev *hdev) 986 { 987 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 988 989 nfc_hci_unregister_device(hdev); 990 nfc_hci_free_device(hdev); 991 kfree(info); 992 } 993 EXPORT_SYMBOL(pn544_hci_remove); 994 995 MODULE_LICENSE("GPL"); 996 MODULE_DESCRIPTION(DRIVER_DESC); 997