xref: /openbmc/linux/net/nfc/digital_technology.c (revision b34e08d5)
1 /*
2  * NFC Digital Protocol stack
3  * Copyright (c) 2013, Intel Corporation.
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms and conditions of the GNU General Public License,
7  * version 2, as published by the Free Software Foundation.
8  *
9  * This program is distributed in the hope it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
12  * more details.
13  *
14  */
15 
16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
17 
18 #include "digital.h"
19 
20 #define DIGITAL_CMD_SENS_REQ    0x26
21 #define DIGITAL_CMD_ALL_REQ     0x52
22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
25 
26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
27 
28 #define DIGITAL_SDD_RES_CT  0x88
29 #define DIGITAL_SDD_RES_LEN 5
30 
31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
33 #define DIGITAL_SEL_RES_IS_T4T(sel_res) ((sel_res) & 0x20)
34 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
35 
36 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x0C00) == 0x0C00)
37 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
38 	((!((sens_res) & 0x001F) && (((sens_res) & 0x0C00) == 0x0C00)) || \
39 	(((sens_res) & 0x001F) && ((sens_res) & 0x0C00) != 0x0C00))
40 
41 #define DIGITAL_MIFARE_READ_RES_LEN 16
42 #define DIGITAL_MIFARE_ACK_RES	0x0A
43 
44 #define DIGITAL_CMD_SENSF_REQ	0x00
45 #define DIGITAL_CMD_SENSF_RES	0x01
46 
47 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
48 #define DIGITAL_SENSF_RES_RD_AP_B1   0x00
49 #define DIGITAL_SENSF_RES_RD_AP_B2   0x8F
50 
51 #define DIGITAL_SENSF_REQ_RC_NONE 0
52 #define DIGITAL_SENSF_REQ_RC_SC   1
53 #define DIGITAL_SENSF_REQ_RC_AP   2
54 
55 #define DIGITAL_CMD_ISO15693_INVENTORY_REQ	0x01
56 
57 #define DIGITAL_ISO15693_REQ_FLAG_DATA_RATE	BIT(1)
58 #define DIGITAL_ISO15693_REQ_FLAG_INVENTORY	BIT(2)
59 #define DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS	BIT(5)
60 #define DIGITAL_ISO15693_RES_FLAG_ERROR		BIT(0)
61 #define DIGITAL_ISO15693_RES_IS_VALID(flags) \
62 	(!((flags) & DIGITAL_ISO15693_RES_FLAG_ERROR))
63 
64 #define DIGITAL_ISO_DEP_I_PCB	 0x02
65 #define DIGITAL_ISO_DEP_PNI(pni) ((pni) & 0x01)
66 
67 #define DIGITAL_ISO_DEP_PCB_TYPE(pcb) ((pcb) & 0xC0)
68 
69 #define DIGITAL_ISO_DEP_I_BLOCK 0x00
70 
71 #define DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb) ((pcb) & 0x08)
72 
73 static const u8 digital_ats_fsc[] = {
74 	 16,  24,  32,  40,  48,  64,  96, 128,
75 };
76 
77 #define DIGITAL_ATS_FSCI(t0) ((t0) & 0x0F)
78 #define DIGITAL_ATS_MAX_FSC  256
79 
80 #define DIGITAL_RATS_BYTE1 0xE0
81 #define DIGITAL_RATS_PARAM 0x80
82 
83 struct digital_sdd_res {
84 	u8 nfcid1[4];
85 	u8 bcc;
86 } __packed;
87 
88 struct digital_sel_req {
89 	u8 sel_cmd;
90 	u8 b2;
91 	u8 nfcid1[4];
92 	u8 bcc;
93 } __packed;
94 
95 struct digital_sensf_req {
96 	u8 cmd;
97 	u8 sc1;
98 	u8 sc2;
99 	u8 rc;
100 	u8 tsn;
101 } __packed;
102 
103 struct digital_sensf_res {
104 	u8 cmd;
105 	u8 nfcid2[8];
106 	u8 pad0[2];
107 	u8 pad1[3];
108 	u8 mrti_check;
109 	u8 mrti_update;
110 	u8 pad2;
111 	u8 rd[2];
112 } __packed;
113 
114 struct digital_iso15693_inv_req {
115 	u8 flags;
116 	u8 cmd;
117 	u8 mask_len;
118 	u64 mask;
119 } __packed;
120 
121 struct digital_iso15693_inv_res {
122 	u8 flags;
123 	u8 dsfid;
124 	u64 uid;
125 } __packed;
126 
127 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
128 				   struct nfc_target *target);
129 
130 int digital_in_iso_dep_pull_sod(struct nfc_digital_dev *ddev,
131 				struct sk_buff *skb)
132 {
133 	u8 pcb;
134 	u8 block_type;
135 
136 	if (skb->len < 1)
137 		return -EIO;
138 
139 	pcb = *skb->data;
140 	block_type = DIGITAL_ISO_DEP_PCB_TYPE(pcb);
141 
142 	/* No support fo R-block nor S-block */
143 	if (block_type != DIGITAL_ISO_DEP_I_BLOCK) {
144 		pr_err("ISO_DEP R-block and S-block not supported\n");
145 		return -EIO;
146 	}
147 
148 	if (DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb)) {
149 		pr_err("DID field in ISO_DEP PCB not supported\n");
150 		return -EIO;
151 	}
152 
153 	skb_pull(skb, 1);
154 
155 	return 0;
156 }
157 
158 int digital_in_iso_dep_push_sod(struct nfc_digital_dev *ddev,
159 				struct sk_buff *skb)
160 {
161 	/*
162 	 * Chaining not supported so skb->len + 1 PCB byte + 2 CRC bytes must
163 	 * not be greater than remote FSC
164 	 */
165 	if (skb->len + 3 > ddev->target_fsc)
166 		return -EIO;
167 
168 	skb_push(skb, 1);
169 
170 	*skb->data = DIGITAL_ISO_DEP_I_PCB | ddev->curr_nfc_dep_pni;
171 
172 	ddev->curr_nfc_dep_pni =
173 		DIGITAL_ISO_DEP_PNI(ddev->curr_nfc_dep_pni + 1);
174 
175 	return 0;
176 }
177 
178 static void digital_in_recv_ats(struct nfc_digital_dev *ddev, void *arg,
179 				struct sk_buff *resp)
180 {
181 	struct nfc_target *target = arg;
182 	u8 fsdi;
183 	int rc;
184 
185 	if (IS_ERR(resp)) {
186 		rc = PTR_ERR(resp);
187 		resp = NULL;
188 		goto exit;
189 	}
190 
191 	if (resp->len < 2) {
192 		rc = -EIO;
193 		goto exit;
194 	}
195 
196 	fsdi = DIGITAL_ATS_FSCI(resp->data[1]);
197 	if (fsdi >= 8)
198 		ddev->target_fsc = DIGITAL_ATS_MAX_FSC;
199 	else
200 		ddev->target_fsc = digital_ats_fsc[fsdi];
201 
202 	ddev->curr_nfc_dep_pni = 0;
203 
204 	rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443);
205 
206 exit:
207 	dev_kfree_skb(resp);
208 	kfree(target);
209 
210 	if (rc)
211 		digital_poll_next_tech(ddev);
212 }
213 
214 static int digital_in_send_rats(struct nfc_digital_dev *ddev,
215 				struct nfc_target *target)
216 {
217 	int rc;
218 	struct sk_buff *skb;
219 
220 	skb = digital_skb_alloc(ddev, 2);
221 	if (!skb)
222 		return -ENOMEM;
223 
224 	*skb_put(skb, 1) = DIGITAL_RATS_BYTE1;
225 	*skb_put(skb, 1) = DIGITAL_RATS_PARAM;
226 
227 	rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_ats,
228 				 target);
229 	if (rc)
230 		kfree_skb(skb);
231 
232 	return rc;
233 }
234 
235 static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg,
236 				    struct sk_buff *resp)
237 {
238 	struct nfc_target *target = arg;
239 	int rc;
240 	u8 sel_res;
241 	u8 nfc_proto;
242 
243 	if (IS_ERR(resp)) {
244 		rc = PTR_ERR(resp);
245 		resp = NULL;
246 		goto exit;
247 	}
248 
249 	if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
250 		rc = digital_skb_check_crc_a(resp);
251 		if (rc) {
252 			PROTOCOL_ERR("4.4.1.3");
253 			goto exit;
254 		}
255 	}
256 
257 	if (!resp->len) {
258 		rc = -EIO;
259 		goto exit;
260 	}
261 
262 	sel_res = resp->data[0];
263 
264 	if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) {
265 		rc = digital_in_send_sdd_req(ddev, target);
266 		if (rc)
267 			goto exit;
268 
269 		goto exit_free_skb;
270 	}
271 
272 	target->sel_res = sel_res;
273 
274 	if (DIGITAL_SEL_RES_IS_T2T(sel_res)) {
275 		nfc_proto = NFC_PROTO_MIFARE;
276 	} else if (DIGITAL_SEL_RES_IS_T4T(sel_res)) {
277 		rc = digital_in_send_rats(ddev, target);
278 		if (rc)
279 			goto exit;
280 		/*
281 		 * Skip target_found and don't free it for now. This will be
282 		 * done when receiving the ATS
283 		 */
284 		goto exit_free_skb;
285 	} else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) {
286 		nfc_proto = NFC_PROTO_NFC_DEP;
287 	} else {
288 		rc = -EOPNOTSUPP;
289 		goto exit;
290 	}
291 
292 	rc = digital_target_found(ddev, target, nfc_proto);
293 
294 exit:
295 	kfree(target);
296 
297 exit_free_skb:
298 	dev_kfree_skb(resp);
299 
300 	if (rc)
301 		digital_poll_next_tech(ddev);
302 }
303 
304 static int digital_in_send_sel_req(struct nfc_digital_dev *ddev,
305 				   struct nfc_target *target,
306 				   struct digital_sdd_res *sdd_res)
307 {
308 	struct sk_buff *skb;
309 	struct digital_sel_req *sel_req;
310 	u8 sel_cmd;
311 	int rc;
312 
313 	skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req));
314 	if (!skb)
315 		return -ENOMEM;
316 
317 	skb_put(skb, sizeof(struct digital_sel_req));
318 	sel_req = (struct digital_sel_req *)skb->data;
319 
320 	if (target->nfcid1_len <= 4)
321 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
322 	else if (target->nfcid1_len < 10)
323 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
324 	else
325 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
326 
327 	sel_req->sel_cmd = sel_cmd;
328 	sel_req->b2 = 0x70;
329 	memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4);
330 	sel_req->bcc = sdd_res->bcc;
331 
332 	if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
333 		rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
334 				NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
335 		if (rc)
336 			goto exit;
337 	} else {
338 		digital_skb_add_crc_a(skb);
339 	}
340 
341 	rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res,
342 				 target);
343 exit:
344 	if (rc)
345 		kfree_skb(skb);
346 
347 	return rc;
348 }
349 
350 static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg,
351 				    struct sk_buff *resp)
352 {
353 	struct nfc_target *target = arg;
354 	struct digital_sdd_res *sdd_res;
355 	int rc;
356 	u8 offset, size;
357 	u8 i, bcc;
358 
359 	if (IS_ERR(resp)) {
360 		rc = PTR_ERR(resp);
361 		resp = NULL;
362 		goto exit;
363 	}
364 
365 	if (resp->len < DIGITAL_SDD_RES_LEN) {
366 		PROTOCOL_ERR("4.7.2.8");
367 		rc = -EINVAL;
368 		goto exit;
369 	}
370 
371 	sdd_res = (struct digital_sdd_res *)resp->data;
372 
373 	for (i = 0, bcc = 0; i < 4; i++)
374 		bcc ^= sdd_res->nfcid1[i];
375 
376 	if (bcc != sdd_res->bcc) {
377 		PROTOCOL_ERR("4.7.2.6");
378 		rc = -EINVAL;
379 		goto exit;
380 	}
381 
382 	if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) {
383 		offset = 1;
384 		size = 3;
385 	} else {
386 		offset = 0;
387 		size = 4;
388 	}
389 
390 	memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset,
391 	       size);
392 	target->nfcid1_len += size;
393 
394 	rc = digital_in_send_sel_req(ddev, target, sdd_res);
395 
396 exit:
397 	dev_kfree_skb(resp);
398 
399 	if (rc) {
400 		kfree(target);
401 		digital_poll_next_tech(ddev);
402 	}
403 }
404 
405 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
406 				   struct nfc_target *target)
407 {
408 	int rc;
409 	struct sk_buff *skb;
410 	u8 sel_cmd;
411 
412 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
413 				     NFC_DIGITAL_FRAMING_NFCA_STANDARD);
414 	if (rc)
415 		return rc;
416 
417 	skb = digital_skb_alloc(ddev, 2);
418 	if (!skb)
419 		return -ENOMEM;
420 
421 	if (target->nfcid1_len == 0)
422 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
423 	else if (target->nfcid1_len == 3)
424 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
425 	else
426 		sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
427 
428 	*skb_put(skb, sizeof(u8)) = sel_cmd;
429 	*skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR;
430 
431 	return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res,
432 				   target);
433 }
434 
435 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg,
436 				     struct sk_buff *resp)
437 {
438 	struct nfc_target *target = NULL;
439 	int rc;
440 
441 	if (IS_ERR(resp)) {
442 		rc = PTR_ERR(resp);
443 		resp = NULL;
444 		goto exit;
445 	}
446 
447 	if (resp->len < sizeof(u16)) {
448 		rc = -EIO;
449 		goto exit;
450 	}
451 
452 	target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
453 	if (!target) {
454 		rc = -ENOMEM;
455 		goto exit;
456 	}
457 
458 	target->sens_res = __le16_to_cpu(*(__le16 *)resp->data);
459 
460 	if (!DIGITAL_SENS_RES_IS_VALID(target->sens_res)) {
461 		PROTOCOL_ERR("4.6.3.3");
462 		rc = -EINVAL;
463 		goto exit;
464 	}
465 
466 	if (DIGITAL_SENS_RES_IS_T1T(target->sens_res))
467 		rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL);
468 	else
469 		rc = digital_in_send_sdd_req(ddev, target);
470 
471 exit:
472 	dev_kfree_skb(resp);
473 
474 	if (rc) {
475 		kfree(target);
476 		digital_poll_next_tech(ddev);
477 	}
478 }
479 
480 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
481 {
482 	struct sk_buff *skb;
483 	int rc;
484 
485 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
486 				     NFC_DIGITAL_RF_TECH_106A);
487 	if (rc)
488 		return rc;
489 
490 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
491 				     NFC_DIGITAL_FRAMING_NFCA_SHORT);
492 	if (rc)
493 		return rc;
494 
495 	skb = digital_skb_alloc(ddev, 1);
496 	if (!skb)
497 		return -ENOMEM;
498 
499 	*skb_put(skb, sizeof(u8)) = DIGITAL_CMD_SENS_REQ;
500 
501 	rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL);
502 	if (rc)
503 		kfree_skb(skb);
504 
505 	return rc;
506 }
507 
508 int digital_in_recv_mifare_res(struct sk_buff *resp)
509 {
510 	/* Successful READ command response is 16 data bytes + 2 CRC bytes long.
511 	 * Since the driver can't differentiate a ACK/NACK response from a valid
512 	 * READ response, the CRC calculation must be handled at digital level
513 	 * even if the driver supports it for this technology.
514 	 */
515 	if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) {
516 		if (digital_skb_check_crc_a(resp)) {
517 			PROTOCOL_ERR("9.4.1.2");
518 			return -EIO;
519 		}
520 
521 		return 0;
522 	}
523 
524 	/* ACK response (i.e. successful WRITE). */
525 	if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) {
526 		resp->data[0] = 0;
527 		return 0;
528 	}
529 
530 	/* NACK and any other responses are treated as error. */
531 	return -EIO;
532 }
533 
534 static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg,
535 				   struct sk_buff *resp)
536 {
537 	int rc;
538 	u8 proto;
539 	struct nfc_target target;
540 	struct digital_sensf_res *sensf_res;
541 
542 	if (IS_ERR(resp)) {
543 		rc = PTR_ERR(resp);
544 		resp = NULL;
545 		goto exit;
546 	}
547 
548 	if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) {
549 		rc = -EIO;
550 		goto exit;
551 	}
552 
553 	if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
554 		rc = digital_skb_check_crc_f(resp);
555 		if (rc) {
556 			PROTOCOL_ERR("6.4.1.8");
557 			goto exit;
558 		}
559 	}
560 
561 	skb_pull(resp, 1);
562 
563 	memset(&target, 0, sizeof(struct nfc_target));
564 
565 	sensf_res = (struct digital_sensf_res *)resp->data;
566 
567 	memcpy(target.sensf_res, sensf_res, resp->len);
568 	target.sensf_res_len = resp->len;
569 
570 	memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE);
571 	target.nfcid2_len = NFC_NFCID2_MAXSIZE;
572 
573 	if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 &&
574 	    target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2)
575 		proto = NFC_PROTO_NFC_DEP;
576 	else
577 		proto = NFC_PROTO_FELICA;
578 
579 	rc = digital_target_found(ddev, &target, proto);
580 
581 exit:
582 	dev_kfree_skb(resp);
583 
584 	if (rc)
585 		digital_poll_next_tech(ddev);
586 }
587 
588 int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech)
589 {
590 	struct digital_sensf_req *sensf_req;
591 	struct sk_buff *skb;
592 	int rc;
593 	u8 size;
594 
595 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
596 	if (rc)
597 		return rc;
598 
599 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
600 				     NFC_DIGITAL_FRAMING_NFCF);
601 	if (rc)
602 		return rc;
603 
604 	size = sizeof(struct digital_sensf_req);
605 
606 	skb = digital_skb_alloc(ddev, size);
607 	if (!skb)
608 		return -ENOMEM;
609 
610 	skb_put(skb, size);
611 
612 	sensf_req = (struct digital_sensf_req *)skb->data;
613 	sensf_req->cmd = DIGITAL_CMD_SENSF_REQ;
614 	sensf_req->sc1 = 0xFF;
615 	sensf_req->sc2 = 0xFF;
616 	sensf_req->rc = 0;
617 	sensf_req->tsn = 0;
618 
619 	*skb_push(skb, 1) = size + 1;
620 
621 	if (!DIGITAL_DRV_CAPS_IN_CRC(ddev))
622 		digital_skb_add_crc_f(skb);
623 
624 	rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res,
625 				 NULL);
626 	if (rc)
627 		kfree_skb(skb);
628 
629 	return rc;
630 }
631 
632 static void digital_in_recv_iso15693_inv_res(struct nfc_digital_dev *ddev,
633 		void *arg, struct sk_buff *resp)
634 {
635 	struct digital_iso15693_inv_res *res;
636 	struct nfc_target *target = NULL;
637 	int rc;
638 
639 	if (IS_ERR(resp)) {
640 		rc = PTR_ERR(resp);
641 		resp = NULL;
642 		goto out_free_skb;
643 	}
644 
645 	if (resp->len != sizeof(*res)) {
646 		rc = -EIO;
647 		goto out_free_skb;
648 	}
649 
650 	res = (struct digital_iso15693_inv_res *)resp->data;
651 
652 	if (!DIGITAL_ISO15693_RES_IS_VALID(res->flags)) {
653 		PROTOCOL_ERR("ISO15693 - 10.3.1");
654 		rc = -EINVAL;
655 		goto out_free_skb;
656 	}
657 
658 	target = kzalloc(sizeof(*target), GFP_KERNEL);
659 	if (!target) {
660 		rc = -ENOMEM;
661 		goto out_free_skb;
662 	}
663 
664 	target->is_iso15693 = 1;
665 	target->iso15693_dsfid = res->dsfid;
666 	memcpy(target->iso15693_uid, &res->uid, sizeof(target->iso15693_uid));
667 
668 	rc = digital_target_found(ddev, target, NFC_PROTO_ISO15693);
669 
670 	kfree(target);
671 
672 out_free_skb:
673 	dev_kfree_skb(resp);
674 
675 	if (rc)
676 		digital_poll_next_tech(ddev);
677 }
678 
679 int digital_in_send_iso15693_inv_req(struct nfc_digital_dev *ddev, u8 rf_tech)
680 {
681 	struct digital_iso15693_inv_req *req;
682 	struct sk_buff *skb;
683 	int rc;
684 
685 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
686 				     NFC_DIGITAL_RF_TECH_ISO15693);
687 	if (rc)
688 		return rc;
689 
690 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
691 				     NFC_DIGITAL_FRAMING_ISO15693_INVENTORY);
692 	if (rc)
693 		return rc;
694 
695 	skb = digital_skb_alloc(ddev, sizeof(*req));
696 	if (!skb)
697 		return -ENOMEM;
698 
699 	skb_put(skb, sizeof(*req) - sizeof(req->mask)); /* No mask */
700 	req = (struct digital_iso15693_inv_req *)skb->data;
701 
702 	/* Single sub-carrier, high data rate, no AFI, single slot
703 	 * Inventory command
704 	 */
705 	req->flags = DIGITAL_ISO15693_REQ_FLAG_DATA_RATE |
706 		     DIGITAL_ISO15693_REQ_FLAG_INVENTORY |
707 		     DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS;
708 	req->cmd = DIGITAL_CMD_ISO15693_INVENTORY_REQ;
709 	req->mask_len = 0;
710 
711 	rc = digital_in_send_cmd(ddev, skb, 30,
712 				 digital_in_recv_iso15693_inv_res, NULL);
713 	if (rc)
714 		kfree_skb(skb);
715 
716 	return rc;
717 }
718 
719 static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev)
720 {
721 	struct sk_buff *skb;
722 	int rc;
723 
724 	skb = digital_skb_alloc(ddev, 1);
725 	if (!skb)
726 		return -ENOMEM;
727 
728 	*skb_put(skb, 1) = DIGITAL_SEL_RES_NFC_DEP;
729 
730 	if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
731 		digital_skb_add_crc_a(skb);
732 
733 	rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req,
734 				 NULL);
735 	if (rc)
736 		kfree_skb(skb);
737 
738 	return rc;
739 }
740 
741 static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg,
742 				    struct sk_buff *resp)
743 {
744 	int rc;
745 
746 	if (IS_ERR(resp)) {
747 		rc = PTR_ERR(resp);
748 		resp = NULL;
749 		goto exit;
750 	}
751 
752 	if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
753 		rc = digital_skb_check_crc_a(resp);
754 		if (rc) {
755 			PROTOCOL_ERR("4.4.1.3");
756 			goto exit;
757 		}
758 	}
759 
760 	/* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
761 
762 	rc = digital_tg_send_sel_res(ddev);
763 
764 exit:
765 	if (rc)
766 		digital_poll_next_tech(ddev);
767 
768 	dev_kfree_skb(resp);
769 }
770 
771 static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev)
772 {
773 	struct sk_buff *skb;
774 	struct digital_sdd_res *sdd_res;
775 	int rc, i;
776 
777 	skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res));
778 	if (!skb)
779 		return -ENOMEM;
780 
781 	skb_put(skb, sizeof(struct digital_sdd_res));
782 	sdd_res = (struct digital_sdd_res *)skb->data;
783 
784 	sdd_res->nfcid1[0] = 0x08;
785 	get_random_bytes(sdd_res->nfcid1 + 1, 3);
786 
787 	sdd_res->bcc = 0;
788 	for (i = 0; i < 4; i++)
789 		sdd_res->bcc ^= sdd_res->nfcid1[i];
790 
791 	rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req,
792 				 NULL);
793 	if (rc)
794 		kfree_skb(skb);
795 
796 	return rc;
797 }
798 
799 static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg,
800 				    struct sk_buff *resp)
801 {
802 	u8 *sdd_req;
803 	int rc;
804 
805 	if (IS_ERR(resp)) {
806 		rc = PTR_ERR(resp);
807 		resp = NULL;
808 		goto exit;
809 	}
810 
811 	sdd_req = resp->data;
812 
813 	if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 ||
814 	    sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) {
815 		rc = -EINVAL;
816 		goto exit;
817 	}
818 
819 	rc = digital_tg_send_sdd_res(ddev);
820 
821 exit:
822 	if (rc)
823 		digital_poll_next_tech(ddev);
824 
825 	dev_kfree_skb(resp);
826 }
827 
828 static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev)
829 {
830 	struct sk_buff *skb;
831 	u8 *sens_res;
832 	int rc;
833 
834 	skb = digital_skb_alloc(ddev, 2);
835 	if (!skb)
836 		return -ENOMEM;
837 
838 	sens_res = skb_put(skb, 2);
839 
840 	sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF;
841 	sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF;
842 
843 	rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req,
844 				 NULL);
845 	if (rc)
846 		kfree_skb(skb);
847 
848 	return rc;
849 }
850 
851 void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg,
852 			      struct sk_buff *resp)
853 {
854 	u8 sens_req;
855 	int rc;
856 
857 	if (IS_ERR(resp)) {
858 		rc = PTR_ERR(resp);
859 		resp = NULL;
860 		goto exit;
861 	}
862 
863 	sens_req = resp->data[0];
864 
865 	if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ &&
866 	    sens_req != DIGITAL_CMD_ALL_REQ)) {
867 		rc = -EINVAL;
868 		goto exit;
869 	}
870 
871 	rc = digital_tg_send_sens_res(ddev);
872 
873 exit:
874 	if (rc)
875 		digital_poll_next_tech(ddev);
876 
877 	dev_kfree_skb(resp);
878 }
879 
880 static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev,
881 			      struct digital_sensf_req *sensf_req)
882 {
883 	struct sk_buff *skb;
884 	u8 size;
885 	int rc;
886 	struct digital_sensf_res *sensf_res;
887 
888 	size = sizeof(struct digital_sensf_res);
889 
890 	if (sensf_req->rc != DIGITAL_SENSF_REQ_RC_NONE)
891 		size -= sizeof(sensf_res->rd);
892 
893 	skb = digital_skb_alloc(ddev, size);
894 	if (!skb)
895 		return -ENOMEM;
896 
897 	skb_put(skb, size);
898 
899 	sensf_res = (struct digital_sensf_res *)skb->data;
900 
901 	memset(sensf_res, 0, size);
902 
903 	sensf_res->cmd = DIGITAL_CMD_SENSF_RES;
904 	sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
905 	sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
906 	get_random_bytes(&sensf_res->nfcid2[2], 6);
907 
908 	switch (sensf_req->rc) {
909 	case DIGITAL_SENSF_REQ_RC_SC:
910 		sensf_res->rd[0] = sensf_req->sc1;
911 		sensf_res->rd[1] = sensf_req->sc2;
912 		break;
913 	case DIGITAL_SENSF_REQ_RC_AP:
914 		sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1;
915 		sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2;
916 		break;
917 	}
918 
919 	*skb_push(skb, sizeof(u8)) = size + 1;
920 
921 	if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
922 		digital_skb_add_crc_f(skb);
923 
924 	rc = digital_tg_send_cmd(ddev, skb, 300,
925 				 digital_tg_recv_atr_req, NULL);
926 	if (rc)
927 		kfree_skb(skb);
928 
929 	return rc;
930 }
931 
932 void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg,
933 			       struct sk_buff *resp)
934 {
935 	struct digital_sensf_req *sensf_req;
936 	int rc;
937 
938 	if (IS_ERR(resp)) {
939 		rc = PTR_ERR(resp);
940 		resp = NULL;
941 		goto exit;
942 	}
943 
944 	if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
945 		rc = digital_skb_check_crc_f(resp);
946 		if (rc) {
947 			PROTOCOL_ERR("6.4.1.8");
948 			goto exit;
949 		}
950 	}
951 
952 	if (resp->len != sizeof(struct digital_sensf_req) + 1) {
953 		rc = -EINVAL;
954 		goto exit;
955 	}
956 
957 	skb_pull(resp, 1);
958 	sensf_req = (struct digital_sensf_req *)resp->data;
959 
960 	if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) {
961 		rc = -EINVAL;
962 		goto exit;
963 	}
964 
965 	rc = digital_tg_send_sensf_res(ddev, sensf_req);
966 
967 exit:
968 	if (rc)
969 		digital_poll_next_tech(ddev);
970 
971 	dev_kfree_skb(resp);
972 }
973 
974 int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech)
975 {
976 	int rc;
977 
978 	rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
979 	if (rc)
980 		return rc;
981 
982 	rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
983 				     NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
984 	if (rc)
985 		return rc;
986 
987 	return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL);
988 }
989 
990 int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech)
991 {
992 	int rc;
993 	u8 *nfcid2;
994 
995 	rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
996 	if (rc)
997 		return rc;
998 
999 	rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1000 				     NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
1001 	if (rc)
1002 		return rc;
1003 
1004 	nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL);
1005 	if (!nfcid2)
1006 		return -ENOMEM;
1007 
1008 	nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
1009 	nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
1010 	get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2);
1011 
1012 	return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2);
1013 }
1014