1 /* 2 * Copyright (C) 2012 Intel Corporation. All rights reserved. 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation; either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, see <http://www.gnu.org/licenses/>. 16 */ 17 18 #define pr_fmt(fmt) "hci: %s: " fmt, __func__ 19 20 #include <linux/init.h> 21 #include <linux/kernel.h> 22 #include <linux/module.h> 23 #include <linux/nfc.h> 24 25 #include <net/nfc/nfc.h> 26 #include <net/nfc/hci.h> 27 #include <net/nfc/llc.h> 28 29 #include "hci.h" 30 31 /* Largest headroom needed for outgoing HCI commands */ 32 #define HCI_CMDS_HEADROOM 1 33 34 int nfc_hci_result_to_errno(u8 result) 35 { 36 switch (result) { 37 case NFC_HCI_ANY_OK: 38 return 0; 39 case NFC_HCI_ANY_E_REG_PAR_UNKNOWN: 40 return -EOPNOTSUPP; 41 case NFC_HCI_ANY_E_TIMEOUT: 42 return -ETIME; 43 default: 44 return -1; 45 } 46 } 47 EXPORT_SYMBOL(nfc_hci_result_to_errno); 48 49 void nfc_hci_reset_pipes(struct nfc_hci_dev *hdev) 50 { 51 int i = 0; 52 53 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 54 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 55 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 56 } 57 memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe)); 58 } 59 EXPORT_SYMBOL(nfc_hci_reset_pipes); 60 61 void nfc_hci_reset_pipes_per_host(struct nfc_hci_dev *hdev, u8 host) 62 { 63 int i = 0; 64 65 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 66 if (hdev->pipes[i].dest_host != host) 67 continue; 68 69 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 70 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 71 } 72 } 73 EXPORT_SYMBOL(nfc_hci_reset_pipes_per_host); 74 75 static void nfc_hci_msg_tx_work(struct work_struct *work) 76 { 77 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 78 msg_tx_work); 79 struct hci_msg *msg; 80 struct sk_buff *skb; 81 int r = 0; 82 83 mutex_lock(&hdev->msg_tx_mutex); 84 if (hdev->shutting_down) 85 goto exit; 86 87 if (hdev->cmd_pending_msg) { 88 if (timer_pending(&hdev->cmd_timer) == 0) { 89 if (hdev->cmd_pending_msg->cb) 90 hdev->cmd_pending_msg->cb(hdev-> 91 cmd_pending_msg-> 92 cb_context, 93 NULL, 94 -ETIME); 95 kfree(hdev->cmd_pending_msg); 96 hdev->cmd_pending_msg = NULL; 97 } else { 98 goto exit; 99 } 100 } 101 102 next_msg: 103 if (list_empty(&hdev->msg_tx_queue)) 104 goto exit; 105 106 msg = list_first_entry(&hdev->msg_tx_queue, struct hci_msg, msg_l); 107 list_del(&msg->msg_l); 108 109 pr_debug("msg_tx_queue has a cmd to send\n"); 110 while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) { 111 r = nfc_llc_xmit_from_hci(hdev->llc, skb); 112 if (r < 0) { 113 kfree_skb(skb); 114 skb_queue_purge(&msg->msg_frags); 115 if (msg->cb) 116 msg->cb(msg->cb_context, NULL, r); 117 kfree(msg); 118 break; 119 } 120 } 121 122 if (r) 123 goto next_msg; 124 125 if (msg->wait_response == false) { 126 kfree(msg); 127 goto next_msg; 128 } 129 130 hdev->cmd_pending_msg = msg; 131 mod_timer(&hdev->cmd_timer, jiffies + 132 msecs_to_jiffies(hdev->cmd_pending_msg->completion_delay)); 133 134 exit: 135 mutex_unlock(&hdev->msg_tx_mutex); 136 } 137 138 static void nfc_hci_msg_rx_work(struct work_struct *work) 139 { 140 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 141 msg_rx_work); 142 struct sk_buff *skb; 143 struct hcp_message *message; 144 u8 pipe; 145 u8 type; 146 u8 instruction; 147 148 while ((skb = skb_dequeue(&hdev->msg_rx_queue)) != NULL) { 149 pipe = skb->data[0]; 150 skb_pull(skb, NFC_HCI_HCP_PACKET_HEADER_LEN); 151 message = (struct hcp_message *)skb->data; 152 type = HCP_MSG_GET_TYPE(message->header); 153 instruction = HCP_MSG_GET_CMD(message->header); 154 skb_pull(skb, NFC_HCI_HCP_MESSAGE_HEADER_LEN); 155 156 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, skb); 157 } 158 } 159 160 static void __nfc_hci_cmd_completion(struct nfc_hci_dev *hdev, int err, 161 struct sk_buff *skb) 162 { 163 del_timer_sync(&hdev->cmd_timer); 164 165 if (hdev->cmd_pending_msg->cb) 166 hdev->cmd_pending_msg->cb(hdev->cmd_pending_msg->cb_context, 167 skb, err); 168 else 169 kfree_skb(skb); 170 171 kfree(hdev->cmd_pending_msg); 172 hdev->cmd_pending_msg = NULL; 173 174 schedule_work(&hdev->msg_tx_work); 175 } 176 177 void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result, 178 struct sk_buff *skb) 179 { 180 mutex_lock(&hdev->msg_tx_mutex); 181 182 if (hdev->cmd_pending_msg == NULL) { 183 kfree_skb(skb); 184 goto exit; 185 } 186 187 __nfc_hci_cmd_completion(hdev, nfc_hci_result_to_errno(result), skb); 188 189 exit: 190 mutex_unlock(&hdev->msg_tx_mutex); 191 } 192 193 void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd, 194 struct sk_buff *skb) 195 { 196 u8 gate = hdev->pipes[pipe].gate; 197 u8 status = NFC_HCI_ANY_OK; 198 struct hci_create_pipe_resp *create_info; 199 struct hci_delete_pipe_noti *delete_info; 200 struct hci_all_pipe_cleared_noti *cleared_info; 201 202 pr_debug("from gate %x pipe %x cmd %x\n", gate, pipe, cmd); 203 204 switch (cmd) { 205 case NFC_HCI_ADM_NOTIFY_PIPE_CREATED: 206 if (skb->len != 5) { 207 status = NFC_HCI_ANY_E_NOK; 208 goto exit; 209 } 210 create_info = (struct hci_create_pipe_resp *)skb->data; 211 212 if (create_info->pipe >= NFC_HCI_MAX_PIPES) { 213 status = NFC_HCI_ANY_E_NOK; 214 goto exit; 215 } 216 217 /* Save the new created pipe and bind with local gate, 218 * the description for skb->data[3] is destination gate id 219 * but since we received this cmd from host controller, we 220 * are the destination and it is our local gate 221 */ 222 hdev->gate2pipe[create_info->dest_gate] = create_info->pipe; 223 hdev->pipes[create_info->pipe].gate = create_info->dest_gate; 224 hdev->pipes[create_info->pipe].dest_host = 225 create_info->src_host; 226 break; 227 case NFC_HCI_ANY_OPEN_PIPE: 228 if (gate == NFC_HCI_INVALID_GATE) { 229 status = NFC_HCI_ANY_E_NOK; 230 goto exit; 231 } 232 break; 233 case NFC_HCI_ADM_NOTIFY_PIPE_DELETED: 234 if (skb->len != 1) { 235 status = NFC_HCI_ANY_E_NOK; 236 goto exit; 237 } 238 delete_info = (struct hci_delete_pipe_noti *)skb->data; 239 240 if (delete_info->pipe >= NFC_HCI_MAX_PIPES) { 241 status = NFC_HCI_ANY_E_NOK; 242 goto exit; 243 } 244 245 hdev->pipes[delete_info->pipe].gate = NFC_HCI_INVALID_GATE; 246 hdev->pipes[delete_info->pipe].dest_host = NFC_HCI_INVALID_HOST; 247 break; 248 case NFC_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED: 249 if (skb->len != 1) { 250 status = NFC_HCI_ANY_E_NOK; 251 goto exit; 252 } 253 cleared_info = (struct hci_all_pipe_cleared_noti *)skb->data; 254 255 nfc_hci_reset_pipes_per_host(hdev, cleared_info->host); 256 break; 257 default: 258 pr_info("Discarded unknown cmd %x to gate %x\n", cmd, gate); 259 break; 260 } 261 262 if (hdev->ops->cmd_received) 263 hdev->ops->cmd_received(hdev, pipe, cmd, skb); 264 265 exit: 266 nfc_hci_hcp_message_tx(hdev, pipe, NFC_HCI_HCP_RESPONSE, 267 status, NULL, 0, NULL, NULL, 0); 268 269 kfree_skb(skb); 270 } 271 272 u32 nfc_hci_sak_to_protocol(u8 sak) 273 { 274 switch (NFC_HCI_TYPE_A_SEL_PROT(sak)) { 275 case NFC_HCI_TYPE_A_SEL_PROT_MIFARE: 276 return NFC_PROTO_MIFARE_MASK; 277 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443: 278 return NFC_PROTO_ISO14443_MASK; 279 case NFC_HCI_TYPE_A_SEL_PROT_DEP: 280 return NFC_PROTO_NFC_DEP_MASK; 281 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443_DEP: 282 return NFC_PROTO_ISO14443_MASK | NFC_PROTO_NFC_DEP_MASK; 283 default: 284 return 0xffffffff; 285 } 286 } 287 EXPORT_SYMBOL(nfc_hci_sak_to_protocol); 288 289 int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate) 290 { 291 struct nfc_target *targets; 292 struct sk_buff *atqa_skb = NULL; 293 struct sk_buff *sak_skb = NULL; 294 struct sk_buff *uid_skb = NULL; 295 int r; 296 297 pr_debug("from gate %d\n", gate); 298 299 targets = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 300 if (targets == NULL) 301 return -ENOMEM; 302 303 switch (gate) { 304 case NFC_HCI_RF_READER_A_GATE: 305 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 306 NFC_HCI_RF_READER_A_ATQA, &atqa_skb); 307 if (r < 0) 308 goto exit; 309 310 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 311 NFC_HCI_RF_READER_A_SAK, &sak_skb); 312 if (r < 0) 313 goto exit; 314 315 if (atqa_skb->len != 2 || sak_skb->len != 1) { 316 r = -EPROTO; 317 goto exit; 318 } 319 320 targets->supported_protocols = 321 nfc_hci_sak_to_protocol(sak_skb->data[0]); 322 if (targets->supported_protocols == 0xffffffff) { 323 r = -EPROTO; 324 goto exit; 325 } 326 327 targets->sens_res = be16_to_cpu(*(__be16 *)atqa_skb->data); 328 targets->sel_res = sak_skb->data[0]; 329 330 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 331 NFC_HCI_RF_READER_A_UID, &uid_skb); 332 if (r < 0) 333 goto exit; 334 335 if (uid_skb->len == 0 || uid_skb->len > NFC_NFCID1_MAXSIZE) { 336 r = -EPROTO; 337 goto exit; 338 } 339 340 memcpy(targets->nfcid1, uid_skb->data, uid_skb->len); 341 targets->nfcid1_len = uid_skb->len; 342 343 if (hdev->ops->complete_target_discovered) { 344 r = hdev->ops->complete_target_discovered(hdev, gate, 345 targets); 346 if (r < 0) 347 goto exit; 348 } 349 break; 350 case NFC_HCI_RF_READER_B_GATE: 351 targets->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 352 break; 353 default: 354 if (hdev->ops->target_from_gate) 355 r = hdev->ops->target_from_gate(hdev, gate, targets); 356 else 357 r = -EPROTO; 358 if (r < 0) 359 goto exit; 360 361 if (hdev->ops->complete_target_discovered) { 362 r = hdev->ops->complete_target_discovered(hdev, gate, 363 targets); 364 if (r < 0) 365 goto exit; 366 } 367 break; 368 } 369 370 /* if driver set the new gate, we will skip the old one */ 371 if (targets->hci_reader_gate == 0x00) 372 targets->hci_reader_gate = gate; 373 374 r = nfc_targets_found(hdev->ndev, targets, 1); 375 376 exit: 377 kfree(targets); 378 kfree_skb(atqa_skb); 379 kfree_skb(sak_skb); 380 kfree_skb(uid_skb); 381 382 return r; 383 } 384 EXPORT_SYMBOL(nfc_hci_target_discovered); 385 386 void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 387 struct sk_buff *skb) 388 { 389 int r = 0; 390 u8 gate = hdev->pipes[pipe].gate; 391 392 if (gate == NFC_HCI_INVALID_GATE) { 393 pr_err("Discarded event %x to unopened pipe %x\n", event, pipe); 394 goto exit; 395 } 396 397 if (hdev->ops->event_received) { 398 r = hdev->ops->event_received(hdev, pipe, event, skb); 399 if (r <= 0) 400 goto exit_noskb; 401 } 402 403 switch (event) { 404 case NFC_HCI_EVT_TARGET_DISCOVERED: 405 if (skb->len < 1) { /* no status data? */ 406 r = -EPROTO; 407 goto exit; 408 } 409 410 if (skb->data[0] == 3) { 411 /* TODO: Multiple targets in field, none activated 412 * poll is supposedly stopped, but there is no 413 * single target to activate, so nothing to report 414 * up. 415 * if we need to restart poll, we must save the 416 * protocols from the initial poll and reuse here. 417 */ 418 } 419 420 if (skb->data[0] != 0) { 421 r = -EPROTO; 422 goto exit; 423 } 424 425 r = nfc_hci_target_discovered(hdev, gate); 426 break; 427 default: 428 pr_info("Discarded unknown event %x to gate %x\n", event, gate); 429 r = -EINVAL; 430 break; 431 } 432 433 exit: 434 kfree_skb(skb); 435 436 exit_noskb: 437 if (r) 438 nfc_hci_driver_failure(hdev, r); 439 } 440 441 static void nfc_hci_cmd_timeout(struct timer_list *t) 442 { 443 struct nfc_hci_dev *hdev = from_timer(hdev, t, cmd_timer); 444 445 schedule_work(&hdev->msg_tx_work); 446 } 447 448 static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count, 449 struct nfc_hci_gate *gates) 450 { 451 int r; 452 while (gate_count--) { 453 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 454 gates->gate, gates->pipe); 455 if (r < 0) 456 return r; 457 gates++; 458 } 459 460 return 0; 461 } 462 463 static int hci_dev_session_init(struct nfc_hci_dev *hdev) 464 { 465 struct sk_buff *skb = NULL; 466 int r; 467 468 if (hdev->init_data.gates[0].gate != NFC_HCI_ADMIN_GATE) 469 return -EPROTO; 470 471 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 472 hdev->init_data.gates[0].gate, 473 hdev->init_data.gates[0].pipe); 474 if (r < 0) 475 goto exit; 476 477 r = nfc_hci_get_param(hdev, NFC_HCI_ADMIN_GATE, 478 NFC_HCI_ADMIN_SESSION_IDENTITY, &skb); 479 if (r < 0) 480 goto disconnect_all; 481 482 if (skb->len && skb->len == strlen(hdev->init_data.session_id) && 483 (memcmp(hdev->init_data.session_id, skb->data, 484 skb->len) == 0) && hdev->ops->load_session) { 485 /* Restore gate<->pipe table from some proprietary location. */ 486 487 r = hdev->ops->load_session(hdev); 488 489 if (r < 0) 490 goto disconnect_all; 491 } else { 492 493 r = nfc_hci_disconnect_all_gates(hdev); 494 if (r < 0) 495 goto exit; 496 497 r = hci_dev_connect_gates(hdev, hdev->init_data.gate_count, 498 hdev->init_data.gates); 499 if (r < 0) 500 goto disconnect_all; 501 502 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 503 NFC_HCI_ADMIN_SESSION_IDENTITY, 504 hdev->init_data.session_id, 505 strlen(hdev->init_data.session_id)); 506 } 507 if (r == 0) 508 goto exit; 509 510 disconnect_all: 511 nfc_hci_disconnect_all_gates(hdev); 512 513 exit: 514 kfree_skb(skb); 515 516 return r; 517 } 518 519 static int hci_dev_version(struct nfc_hci_dev *hdev) 520 { 521 int r; 522 struct sk_buff *skb; 523 524 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 525 NFC_HCI_ID_MGMT_VERSION_SW, &skb); 526 if (r == -EOPNOTSUPP) { 527 pr_info("Software/Hardware info not available\n"); 528 return 0; 529 } 530 if (r < 0) 531 return r; 532 533 if (skb->len != 3) { 534 kfree_skb(skb); 535 return -EINVAL; 536 } 537 538 hdev->sw_romlib = (skb->data[0] & 0xf0) >> 4; 539 hdev->sw_patch = skb->data[0] & 0x0f; 540 hdev->sw_flashlib_major = skb->data[1]; 541 hdev->sw_flashlib_minor = skb->data[2]; 542 543 kfree_skb(skb); 544 545 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 546 NFC_HCI_ID_MGMT_VERSION_HW, &skb); 547 if (r < 0) 548 return r; 549 550 if (skb->len != 3) { 551 kfree_skb(skb); 552 return -EINVAL; 553 } 554 555 hdev->hw_derivative = (skb->data[0] & 0xe0) >> 5; 556 hdev->hw_version = skb->data[0] & 0x1f; 557 hdev->hw_mpw = (skb->data[1] & 0xc0) >> 6; 558 hdev->hw_software = skb->data[1] & 0x3f; 559 hdev->hw_bsid = skb->data[2]; 560 561 kfree_skb(skb); 562 563 pr_info("SOFTWARE INFO:\n"); 564 pr_info("RomLib : %d\n", hdev->sw_romlib); 565 pr_info("Patch : %d\n", hdev->sw_patch); 566 pr_info("FlashLib Major : %d\n", hdev->sw_flashlib_major); 567 pr_info("FlashLib Minor : %d\n", hdev->sw_flashlib_minor); 568 pr_info("HARDWARE INFO:\n"); 569 pr_info("Derivative : %d\n", hdev->hw_derivative); 570 pr_info("HW Version : %d\n", hdev->hw_version); 571 pr_info("#MPW : %d\n", hdev->hw_mpw); 572 pr_info("Software : %d\n", hdev->hw_software); 573 pr_info("BSID Version : %d\n", hdev->hw_bsid); 574 575 return 0; 576 } 577 578 static int hci_dev_up(struct nfc_dev *nfc_dev) 579 { 580 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 581 int r = 0; 582 583 if (hdev->ops->open) { 584 r = hdev->ops->open(hdev); 585 if (r < 0) 586 return r; 587 } 588 589 r = nfc_llc_start(hdev->llc); 590 if (r < 0) 591 goto exit_close; 592 593 r = hci_dev_session_init(hdev); 594 if (r < 0) 595 goto exit_llc; 596 597 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 598 NFC_HCI_EVT_END_OPERATION, NULL, 0); 599 if (r < 0) 600 goto exit_llc; 601 602 if (hdev->ops->hci_ready) { 603 r = hdev->ops->hci_ready(hdev); 604 if (r < 0) 605 goto exit_llc; 606 } 607 608 r = hci_dev_version(hdev); 609 if (r < 0) 610 goto exit_llc; 611 612 return 0; 613 614 exit_llc: 615 nfc_llc_stop(hdev->llc); 616 617 exit_close: 618 if (hdev->ops->close) 619 hdev->ops->close(hdev); 620 621 return r; 622 } 623 624 static int hci_dev_down(struct nfc_dev *nfc_dev) 625 { 626 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 627 628 nfc_llc_stop(hdev->llc); 629 630 if (hdev->ops->close) 631 hdev->ops->close(hdev); 632 633 nfc_hci_reset_pipes(hdev); 634 635 return 0; 636 } 637 638 static int hci_start_poll(struct nfc_dev *nfc_dev, 639 u32 im_protocols, u32 tm_protocols) 640 { 641 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 642 643 if (hdev->ops->start_poll) 644 return hdev->ops->start_poll(hdev, im_protocols, tm_protocols); 645 else 646 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 647 NFC_HCI_EVT_READER_REQUESTED, 648 NULL, 0); 649 } 650 651 static void hci_stop_poll(struct nfc_dev *nfc_dev) 652 { 653 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 654 655 if (hdev->ops->stop_poll) 656 hdev->ops->stop_poll(hdev); 657 else 658 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 659 NFC_HCI_EVT_END_OPERATION, NULL, 0); 660 } 661 662 static int hci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 663 __u8 comm_mode, __u8 *gb, size_t gb_len) 664 { 665 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 666 667 if (!hdev->ops->dep_link_up) 668 return 0; 669 670 return hdev->ops->dep_link_up(hdev, target, comm_mode, 671 gb, gb_len); 672 } 673 674 static int hci_dep_link_down(struct nfc_dev *nfc_dev) 675 { 676 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 677 678 if (!hdev->ops->dep_link_down) 679 return 0; 680 681 return hdev->ops->dep_link_down(hdev); 682 } 683 684 static int hci_activate_target(struct nfc_dev *nfc_dev, 685 struct nfc_target *target, u32 protocol) 686 { 687 return 0; 688 } 689 690 static void hci_deactivate_target(struct nfc_dev *nfc_dev, 691 struct nfc_target *target, 692 u8 mode) 693 { 694 } 695 696 #define HCI_CB_TYPE_TRANSCEIVE 1 697 698 static void hci_transceive_cb(void *context, struct sk_buff *skb, int err) 699 { 700 struct nfc_hci_dev *hdev = context; 701 702 switch (hdev->async_cb_type) { 703 case HCI_CB_TYPE_TRANSCEIVE: 704 /* 705 * TODO: Check RF Error indicator to make sure data is valid. 706 * It seems that HCI cmd can complete without error, but data 707 * can be invalid if an RF error occured? Ignore for now. 708 */ 709 if (err == 0) 710 skb_trim(skb, skb->len - 1); /* RF Err ind */ 711 712 hdev->async_cb(hdev->async_cb_context, skb, err); 713 break; 714 default: 715 if (err == 0) 716 kfree_skb(skb); 717 break; 718 } 719 } 720 721 static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target, 722 struct sk_buff *skb, data_exchange_cb_t cb, 723 void *cb_context) 724 { 725 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 726 int r; 727 728 pr_debug("target_idx=%d\n", target->idx); 729 730 switch (target->hci_reader_gate) { 731 case NFC_HCI_RF_READER_A_GATE: 732 case NFC_HCI_RF_READER_B_GATE: 733 if (hdev->ops->im_transceive) { 734 r = hdev->ops->im_transceive(hdev, target, skb, cb, 735 cb_context); 736 if (r <= 0) /* handled */ 737 break; 738 } 739 740 *(u8 *)skb_push(skb, 1) = 0; /* CTR, see spec:10.2.2.1 */ 741 742 hdev->async_cb_type = HCI_CB_TYPE_TRANSCEIVE; 743 hdev->async_cb = cb; 744 hdev->async_cb_context = cb_context; 745 746 r = nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 747 NFC_HCI_WR_XCHG_DATA, skb->data, 748 skb->len, hci_transceive_cb, hdev); 749 break; 750 default: 751 if (hdev->ops->im_transceive) { 752 r = hdev->ops->im_transceive(hdev, target, skb, cb, 753 cb_context); 754 if (r == 1) 755 r = -ENOTSUPP; 756 } else { 757 r = -ENOTSUPP; 758 } 759 break; 760 } 761 762 kfree_skb(skb); 763 764 return r; 765 } 766 767 static int hci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 768 { 769 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 770 771 if (!hdev->ops->tm_send) { 772 kfree_skb(skb); 773 return -ENOTSUPP; 774 } 775 776 return hdev->ops->tm_send(hdev, skb); 777 } 778 779 static int hci_check_presence(struct nfc_dev *nfc_dev, 780 struct nfc_target *target) 781 { 782 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 783 784 if (!hdev->ops->check_presence) 785 return 0; 786 787 return hdev->ops->check_presence(hdev, target); 788 } 789 790 static int hci_discover_se(struct nfc_dev *nfc_dev) 791 { 792 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 793 794 if (hdev->ops->discover_se) 795 return hdev->ops->discover_se(hdev); 796 797 return 0; 798 } 799 800 static int hci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx) 801 { 802 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 803 804 if (hdev->ops->enable_se) 805 return hdev->ops->enable_se(hdev, se_idx); 806 807 return 0; 808 } 809 810 static int hci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx) 811 { 812 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 813 814 if (hdev->ops->disable_se) 815 return hdev->ops->disable_se(hdev, se_idx); 816 817 return 0; 818 } 819 820 static int hci_se_io(struct nfc_dev *nfc_dev, u32 se_idx, 821 u8 *apdu, size_t apdu_length, 822 se_io_cb_t cb, void *cb_context) 823 { 824 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 825 826 if (hdev->ops->se_io) 827 return hdev->ops->se_io(hdev, se_idx, apdu, 828 apdu_length, cb, cb_context); 829 830 return 0; 831 } 832 833 static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err) 834 { 835 mutex_lock(&hdev->msg_tx_mutex); 836 837 if (hdev->cmd_pending_msg == NULL) { 838 nfc_driver_failure(hdev->ndev, err); 839 goto exit; 840 } 841 842 __nfc_hci_cmd_completion(hdev, err, NULL); 843 844 exit: 845 mutex_unlock(&hdev->msg_tx_mutex); 846 } 847 848 static void nfc_hci_llc_failure(struct nfc_hci_dev *hdev, int err) 849 { 850 nfc_hci_failure(hdev, err); 851 } 852 853 static void nfc_hci_recv_from_llc(struct nfc_hci_dev *hdev, struct sk_buff *skb) 854 { 855 struct hcp_packet *packet; 856 u8 type; 857 u8 instruction; 858 struct sk_buff *hcp_skb; 859 u8 pipe; 860 struct sk_buff *frag_skb; 861 int msg_len; 862 863 packet = (struct hcp_packet *)skb->data; 864 if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) { 865 skb_queue_tail(&hdev->rx_hcp_frags, skb); 866 return; 867 } 868 869 /* it's the last fragment. Does it need re-aggregation? */ 870 if (skb_queue_len(&hdev->rx_hcp_frags)) { 871 pipe = packet->header & NFC_HCI_FRAGMENT; 872 skb_queue_tail(&hdev->rx_hcp_frags, skb); 873 874 msg_len = 0; 875 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 876 msg_len += (frag_skb->len - 877 NFC_HCI_HCP_PACKET_HEADER_LEN); 878 } 879 880 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN + 881 msg_len, GFP_KERNEL); 882 if (hcp_skb == NULL) { 883 nfc_hci_failure(hdev, -ENOMEM); 884 return; 885 } 886 887 skb_put_u8(hcp_skb, pipe); 888 889 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 890 msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN; 891 skb_put_data(hcp_skb, 892 frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN, 893 msg_len); 894 } 895 896 skb_queue_purge(&hdev->rx_hcp_frags); 897 } else { 898 packet->header &= NFC_HCI_FRAGMENT; 899 hcp_skb = skb; 900 } 901 902 /* if this is a response, dispatch immediately to 903 * unblock waiting cmd context. Otherwise, enqueue to dispatch 904 * in separate context where handler can also execute command. 905 */ 906 packet = (struct hcp_packet *)hcp_skb->data; 907 type = HCP_MSG_GET_TYPE(packet->message.header); 908 if (type == NFC_HCI_HCP_RESPONSE) { 909 pipe = packet->header; 910 instruction = HCP_MSG_GET_CMD(packet->message.header); 911 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN + 912 NFC_HCI_HCP_MESSAGE_HEADER_LEN); 913 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb); 914 } else { 915 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb); 916 schedule_work(&hdev->msg_rx_work); 917 } 918 } 919 920 static int hci_fw_download(struct nfc_dev *nfc_dev, const char *firmware_name) 921 { 922 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 923 924 if (!hdev->ops->fw_download) 925 return -ENOTSUPP; 926 927 return hdev->ops->fw_download(hdev, firmware_name); 928 } 929 930 static struct nfc_ops hci_nfc_ops = { 931 .dev_up = hci_dev_up, 932 .dev_down = hci_dev_down, 933 .start_poll = hci_start_poll, 934 .stop_poll = hci_stop_poll, 935 .dep_link_up = hci_dep_link_up, 936 .dep_link_down = hci_dep_link_down, 937 .activate_target = hci_activate_target, 938 .deactivate_target = hci_deactivate_target, 939 .im_transceive = hci_transceive, 940 .tm_send = hci_tm_send, 941 .check_presence = hci_check_presence, 942 .fw_download = hci_fw_download, 943 .discover_se = hci_discover_se, 944 .enable_se = hci_enable_se, 945 .disable_se = hci_disable_se, 946 .se_io = hci_se_io, 947 }; 948 949 struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 950 struct nfc_hci_init_data *init_data, 951 unsigned long quirks, 952 u32 protocols, 953 const char *llc_name, 954 int tx_headroom, 955 int tx_tailroom, 956 int max_link_payload) 957 { 958 struct nfc_hci_dev *hdev; 959 960 if (ops->xmit == NULL) 961 return NULL; 962 963 if (protocols == 0) 964 return NULL; 965 966 hdev = kzalloc(sizeof(struct nfc_hci_dev), GFP_KERNEL); 967 if (hdev == NULL) 968 return NULL; 969 970 hdev->llc = nfc_llc_allocate(llc_name, hdev, ops->xmit, 971 nfc_hci_recv_from_llc, tx_headroom, 972 tx_tailroom, nfc_hci_llc_failure); 973 if (hdev->llc == NULL) { 974 kfree(hdev); 975 return NULL; 976 } 977 978 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, 979 tx_headroom + HCI_CMDS_HEADROOM, 980 tx_tailroom); 981 if (!hdev->ndev) { 982 nfc_llc_free(hdev->llc); 983 kfree(hdev); 984 return NULL; 985 } 986 987 hdev->ops = ops; 988 hdev->max_data_link_payload = max_link_payload; 989 hdev->init_data = *init_data; 990 991 nfc_set_drvdata(hdev->ndev, hdev); 992 993 nfc_hci_reset_pipes(hdev); 994 995 hdev->quirks = quirks; 996 997 return hdev; 998 } 999 EXPORT_SYMBOL(nfc_hci_allocate_device); 1000 1001 void nfc_hci_free_device(struct nfc_hci_dev *hdev) 1002 { 1003 nfc_free_device(hdev->ndev); 1004 nfc_llc_free(hdev->llc); 1005 kfree(hdev); 1006 } 1007 EXPORT_SYMBOL(nfc_hci_free_device); 1008 1009 int nfc_hci_register_device(struct nfc_hci_dev *hdev) 1010 { 1011 mutex_init(&hdev->msg_tx_mutex); 1012 1013 INIT_LIST_HEAD(&hdev->msg_tx_queue); 1014 1015 INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work); 1016 1017 timer_setup(&hdev->cmd_timer, nfc_hci_cmd_timeout, 0); 1018 1019 skb_queue_head_init(&hdev->rx_hcp_frags); 1020 1021 INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work); 1022 1023 skb_queue_head_init(&hdev->msg_rx_queue); 1024 1025 return nfc_register_device(hdev->ndev); 1026 } 1027 EXPORT_SYMBOL(nfc_hci_register_device); 1028 1029 void nfc_hci_unregister_device(struct nfc_hci_dev *hdev) 1030 { 1031 struct hci_msg *msg, *n; 1032 1033 mutex_lock(&hdev->msg_tx_mutex); 1034 1035 if (hdev->cmd_pending_msg) { 1036 if (hdev->cmd_pending_msg->cb) 1037 hdev->cmd_pending_msg->cb( 1038 hdev->cmd_pending_msg->cb_context, 1039 NULL, -ESHUTDOWN); 1040 kfree(hdev->cmd_pending_msg); 1041 hdev->cmd_pending_msg = NULL; 1042 } 1043 1044 hdev->shutting_down = true; 1045 1046 mutex_unlock(&hdev->msg_tx_mutex); 1047 1048 del_timer_sync(&hdev->cmd_timer); 1049 cancel_work_sync(&hdev->msg_tx_work); 1050 1051 cancel_work_sync(&hdev->msg_rx_work); 1052 1053 nfc_unregister_device(hdev->ndev); 1054 1055 skb_queue_purge(&hdev->rx_hcp_frags); 1056 skb_queue_purge(&hdev->msg_rx_queue); 1057 1058 list_for_each_entry_safe(msg, n, &hdev->msg_tx_queue, msg_l) { 1059 list_del(&msg->msg_l); 1060 skb_queue_purge(&msg->msg_frags); 1061 kfree(msg); 1062 } 1063 } 1064 EXPORT_SYMBOL(nfc_hci_unregister_device); 1065 1066 void nfc_hci_set_clientdata(struct nfc_hci_dev *hdev, void *clientdata) 1067 { 1068 hdev->clientdata = clientdata; 1069 } 1070 EXPORT_SYMBOL(nfc_hci_set_clientdata); 1071 1072 void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev) 1073 { 1074 return hdev->clientdata; 1075 } 1076 EXPORT_SYMBOL(nfc_hci_get_clientdata); 1077 1078 void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err) 1079 { 1080 nfc_hci_failure(hdev, err); 1081 } 1082 EXPORT_SYMBOL(nfc_hci_driver_failure); 1083 1084 void nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb) 1085 { 1086 nfc_llc_rcv_from_drv(hdev->llc, skb); 1087 } 1088 EXPORT_SYMBOL(nfc_hci_recv_frame); 1089 1090 static int __init nfc_hci_init(void) 1091 { 1092 return nfc_llc_init(); 1093 } 1094 1095 static void __exit nfc_hci_exit(void) 1096 { 1097 nfc_llc_exit(); 1098 } 1099 1100 subsys_initcall(nfc_hci_init); 1101 module_exit(nfc_hci_exit); 1102 1103 MODULE_LICENSE("GPL"); 1104 MODULE_DESCRIPTION("NFC HCI Core"); 1105