1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2012 Intel Corporation. All rights reserved. 4 */ 5 6 #define pr_fmt(fmt) "hci: %s: " fmt, __func__ 7 8 #include <linux/init.h> 9 #include <linux/kernel.h> 10 #include <linux/module.h> 11 #include <linux/nfc.h> 12 13 #include <net/nfc/nfc.h> 14 #include <net/nfc/hci.h> 15 #include <net/nfc/llc.h> 16 17 #include "hci.h" 18 19 /* Largest headroom needed for outgoing HCI commands */ 20 #define HCI_CMDS_HEADROOM 1 21 22 int nfc_hci_result_to_errno(u8 result) 23 { 24 switch (result) { 25 case NFC_HCI_ANY_OK: 26 return 0; 27 case NFC_HCI_ANY_E_REG_PAR_UNKNOWN: 28 return -EOPNOTSUPP; 29 case NFC_HCI_ANY_E_TIMEOUT: 30 return -ETIME; 31 default: 32 return -1; 33 } 34 } 35 EXPORT_SYMBOL(nfc_hci_result_to_errno); 36 37 void nfc_hci_reset_pipes(struct nfc_hci_dev *hdev) 38 { 39 int i = 0; 40 41 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 42 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 43 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 44 } 45 memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe)); 46 } 47 EXPORT_SYMBOL(nfc_hci_reset_pipes); 48 49 void nfc_hci_reset_pipes_per_host(struct nfc_hci_dev *hdev, u8 host) 50 { 51 int i = 0; 52 53 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 54 if (hdev->pipes[i].dest_host != host) 55 continue; 56 57 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 58 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 59 } 60 } 61 EXPORT_SYMBOL(nfc_hci_reset_pipes_per_host); 62 63 static void nfc_hci_msg_tx_work(struct work_struct *work) 64 { 65 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 66 msg_tx_work); 67 struct hci_msg *msg; 68 struct sk_buff *skb; 69 int r = 0; 70 71 mutex_lock(&hdev->msg_tx_mutex); 72 if (hdev->shutting_down) 73 goto exit; 74 75 if (hdev->cmd_pending_msg) { 76 if (timer_pending(&hdev->cmd_timer) == 0) { 77 if (hdev->cmd_pending_msg->cb) 78 hdev->cmd_pending_msg->cb(hdev-> 79 cmd_pending_msg-> 80 cb_context, 81 NULL, 82 -ETIME); 83 kfree(hdev->cmd_pending_msg); 84 hdev->cmd_pending_msg = NULL; 85 } else { 86 goto exit; 87 } 88 } 89 90 next_msg: 91 if (list_empty(&hdev->msg_tx_queue)) 92 goto exit; 93 94 msg = list_first_entry(&hdev->msg_tx_queue, struct hci_msg, msg_l); 95 list_del(&msg->msg_l); 96 97 pr_debug("msg_tx_queue has a cmd to send\n"); 98 while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) { 99 r = nfc_llc_xmit_from_hci(hdev->llc, skb); 100 if (r < 0) { 101 kfree_skb(skb); 102 skb_queue_purge(&msg->msg_frags); 103 if (msg->cb) 104 msg->cb(msg->cb_context, NULL, r); 105 kfree(msg); 106 break; 107 } 108 } 109 110 if (r) 111 goto next_msg; 112 113 if (msg->wait_response == false) { 114 kfree(msg); 115 goto next_msg; 116 } 117 118 hdev->cmd_pending_msg = msg; 119 mod_timer(&hdev->cmd_timer, jiffies + 120 msecs_to_jiffies(hdev->cmd_pending_msg->completion_delay)); 121 122 exit: 123 mutex_unlock(&hdev->msg_tx_mutex); 124 } 125 126 static void nfc_hci_msg_rx_work(struct work_struct *work) 127 { 128 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 129 msg_rx_work); 130 struct sk_buff *skb; 131 const struct hcp_message *message; 132 u8 pipe; 133 u8 type; 134 u8 instruction; 135 136 while ((skb = skb_dequeue(&hdev->msg_rx_queue)) != NULL) { 137 pipe = skb->data[0]; 138 skb_pull(skb, NFC_HCI_HCP_PACKET_HEADER_LEN); 139 message = (struct hcp_message *)skb->data; 140 type = HCP_MSG_GET_TYPE(message->header); 141 instruction = HCP_MSG_GET_CMD(message->header); 142 skb_pull(skb, NFC_HCI_HCP_MESSAGE_HEADER_LEN); 143 144 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, skb); 145 } 146 } 147 148 static void __nfc_hci_cmd_completion(struct nfc_hci_dev *hdev, int err, 149 struct sk_buff *skb) 150 { 151 del_timer_sync(&hdev->cmd_timer); 152 153 if (hdev->cmd_pending_msg->cb) 154 hdev->cmd_pending_msg->cb(hdev->cmd_pending_msg->cb_context, 155 skb, err); 156 else 157 kfree_skb(skb); 158 159 kfree(hdev->cmd_pending_msg); 160 hdev->cmd_pending_msg = NULL; 161 162 schedule_work(&hdev->msg_tx_work); 163 } 164 165 void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result, 166 struct sk_buff *skb) 167 { 168 mutex_lock(&hdev->msg_tx_mutex); 169 170 if (hdev->cmd_pending_msg == NULL) { 171 kfree_skb(skb); 172 goto exit; 173 } 174 175 __nfc_hci_cmd_completion(hdev, nfc_hci_result_to_errno(result), skb); 176 177 exit: 178 mutex_unlock(&hdev->msg_tx_mutex); 179 } 180 181 void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd, 182 struct sk_buff *skb) 183 { 184 u8 status = NFC_HCI_ANY_OK; 185 const struct hci_create_pipe_resp *create_info; 186 const struct hci_delete_pipe_noti *delete_info; 187 const struct hci_all_pipe_cleared_noti *cleared_info; 188 u8 gate; 189 190 pr_debug("from pipe %x cmd %x\n", pipe, cmd); 191 192 if (pipe >= NFC_HCI_MAX_PIPES) { 193 status = NFC_HCI_ANY_E_NOK; 194 goto exit; 195 } 196 197 gate = hdev->pipes[pipe].gate; 198 199 switch (cmd) { 200 case NFC_HCI_ADM_NOTIFY_PIPE_CREATED: 201 if (skb->len != 5) { 202 status = NFC_HCI_ANY_E_NOK; 203 goto exit; 204 } 205 create_info = (struct hci_create_pipe_resp *)skb->data; 206 207 if (create_info->pipe >= NFC_HCI_MAX_PIPES) { 208 status = NFC_HCI_ANY_E_NOK; 209 goto exit; 210 } 211 212 /* Save the new created pipe and bind with local gate, 213 * the description for skb->data[3] is destination gate id 214 * but since we received this cmd from host controller, we 215 * are the destination and it is our local gate 216 */ 217 hdev->gate2pipe[create_info->dest_gate] = create_info->pipe; 218 hdev->pipes[create_info->pipe].gate = create_info->dest_gate; 219 hdev->pipes[create_info->pipe].dest_host = 220 create_info->src_host; 221 break; 222 case NFC_HCI_ANY_OPEN_PIPE: 223 if (gate == NFC_HCI_INVALID_GATE) { 224 status = NFC_HCI_ANY_E_NOK; 225 goto exit; 226 } 227 break; 228 case NFC_HCI_ADM_NOTIFY_PIPE_DELETED: 229 if (skb->len != 1) { 230 status = NFC_HCI_ANY_E_NOK; 231 goto exit; 232 } 233 delete_info = (struct hci_delete_pipe_noti *)skb->data; 234 235 if (delete_info->pipe >= NFC_HCI_MAX_PIPES) { 236 status = NFC_HCI_ANY_E_NOK; 237 goto exit; 238 } 239 240 hdev->pipes[delete_info->pipe].gate = NFC_HCI_INVALID_GATE; 241 hdev->pipes[delete_info->pipe].dest_host = NFC_HCI_INVALID_HOST; 242 break; 243 case NFC_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED: 244 if (skb->len != 1) { 245 status = NFC_HCI_ANY_E_NOK; 246 goto exit; 247 } 248 cleared_info = (struct hci_all_pipe_cleared_noti *)skb->data; 249 250 nfc_hci_reset_pipes_per_host(hdev, cleared_info->host); 251 break; 252 default: 253 pr_info("Discarded unknown cmd %x to gate %x\n", cmd, gate); 254 break; 255 } 256 257 if (hdev->ops->cmd_received) 258 hdev->ops->cmd_received(hdev, pipe, cmd, skb); 259 260 exit: 261 nfc_hci_hcp_message_tx(hdev, pipe, NFC_HCI_HCP_RESPONSE, 262 status, NULL, 0, NULL, NULL, 0); 263 264 kfree_skb(skb); 265 } 266 267 u32 nfc_hci_sak_to_protocol(u8 sak) 268 { 269 switch (NFC_HCI_TYPE_A_SEL_PROT(sak)) { 270 case NFC_HCI_TYPE_A_SEL_PROT_MIFARE: 271 return NFC_PROTO_MIFARE_MASK; 272 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443: 273 return NFC_PROTO_ISO14443_MASK; 274 case NFC_HCI_TYPE_A_SEL_PROT_DEP: 275 return NFC_PROTO_NFC_DEP_MASK; 276 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443_DEP: 277 return NFC_PROTO_ISO14443_MASK | NFC_PROTO_NFC_DEP_MASK; 278 default: 279 return 0xffffffff; 280 } 281 } 282 EXPORT_SYMBOL(nfc_hci_sak_to_protocol); 283 284 int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate) 285 { 286 struct nfc_target *targets; 287 struct sk_buff *atqa_skb = NULL; 288 struct sk_buff *sak_skb = NULL; 289 struct sk_buff *uid_skb = NULL; 290 int r; 291 292 pr_debug("from gate %d\n", gate); 293 294 targets = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 295 if (targets == NULL) 296 return -ENOMEM; 297 298 switch (gate) { 299 case NFC_HCI_RF_READER_A_GATE: 300 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 301 NFC_HCI_RF_READER_A_ATQA, &atqa_skb); 302 if (r < 0) 303 goto exit; 304 305 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 306 NFC_HCI_RF_READER_A_SAK, &sak_skb); 307 if (r < 0) 308 goto exit; 309 310 if (atqa_skb->len != 2 || sak_skb->len != 1) { 311 r = -EPROTO; 312 goto exit; 313 } 314 315 targets->supported_protocols = 316 nfc_hci_sak_to_protocol(sak_skb->data[0]); 317 if (targets->supported_protocols == 0xffffffff) { 318 r = -EPROTO; 319 goto exit; 320 } 321 322 targets->sens_res = be16_to_cpu(*(__be16 *)atqa_skb->data); 323 targets->sel_res = sak_skb->data[0]; 324 325 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 326 NFC_HCI_RF_READER_A_UID, &uid_skb); 327 if (r < 0) 328 goto exit; 329 330 if (uid_skb->len == 0 || uid_skb->len > NFC_NFCID1_MAXSIZE) { 331 r = -EPROTO; 332 goto exit; 333 } 334 335 memcpy(targets->nfcid1, uid_skb->data, uid_skb->len); 336 targets->nfcid1_len = uid_skb->len; 337 338 if (hdev->ops->complete_target_discovered) { 339 r = hdev->ops->complete_target_discovered(hdev, gate, 340 targets); 341 if (r < 0) 342 goto exit; 343 } 344 break; 345 case NFC_HCI_RF_READER_B_GATE: 346 targets->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 347 break; 348 default: 349 if (hdev->ops->target_from_gate) 350 r = hdev->ops->target_from_gate(hdev, gate, targets); 351 else 352 r = -EPROTO; 353 if (r < 0) 354 goto exit; 355 356 if (hdev->ops->complete_target_discovered) { 357 r = hdev->ops->complete_target_discovered(hdev, gate, 358 targets); 359 if (r < 0) 360 goto exit; 361 } 362 break; 363 } 364 365 /* if driver set the new gate, we will skip the old one */ 366 if (targets->hci_reader_gate == 0x00) 367 targets->hci_reader_gate = gate; 368 369 r = nfc_targets_found(hdev->ndev, targets, 1); 370 371 exit: 372 kfree(targets); 373 kfree_skb(atqa_skb); 374 kfree_skb(sak_skb); 375 kfree_skb(uid_skb); 376 377 return r; 378 } 379 EXPORT_SYMBOL(nfc_hci_target_discovered); 380 381 void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 382 struct sk_buff *skb) 383 { 384 int r = 0; 385 u8 gate; 386 387 if (pipe >= NFC_HCI_MAX_PIPES) { 388 pr_err("Discarded event %x to invalid pipe %x\n", event, pipe); 389 goto exit; 390 } 391 392 gate = hdev->pipes[pipe].gate; 393 if (gate == NFC_HCI_INVALID_GATE) { 394 pr_err("Discarded event %x to unopened pipe %x\n", event, pipe); 395 goto exit; 396 } 397 398 if (hdev->ops->event_received) { 399 r = hdev->ops->event_received(hdev, pipe, event, skb); 400 if (r <= 0) 401 goto exit_noskb; 402 } 403 404 switch (event) { 405 case NFC_HCI_EVT_TARGET_DISCOVERED: 406 if (skb->len < 1) { /* no status data? */ 407 r = -EPROTO; 408 goto exit; 409 } 410 411 if (skb->data[0] == 3) { 412 /* TODO: Multiple targets in field, none activated 413 * poll is supposedly stopped, but there is no 414 * single target to activate, so nothing to report 415 * up. 416 * if we need to restart poll, we must save the 417 * protocols from the initial poll and reuse here. 418 */ 419 } 420 421 if (skb->data[0] != 0) { 422 r = -EPROTO; 423 goto exit; 424 } 425 426 r = nfc_hci_target_discovered(hdev, gate); 427 break; 428 default: 429 pr_info("Discarded unknown event %x to gate %x\n", event, gate); 430 r = -EINVAL; 431 break; 432 } 433 434 exit: 435 kfree_skb(skb); 436 437 exit_noskb: 438 if (r) 439 nfc_hci_driver_failure(hdev, r); 440 } 441 442 static void nfc_hci_cmd_timeout(struct timer_list *t) 443 { 444 struct nfc_hci_dev *hdev = from_timer(hdev, t, cmd_timer); 445 446 schedule_work(&hdev->msg_tx_work); 447 } 448 449 static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count, 450 const struct nfc_hci_gate *gates) 451 { 452 int r; 453 while (gate_count--) { 454 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 455 gates->gate, gates->pipe); 456 if (r < 0) 457 return r; 458 gates++; 459 } 460 461 return 0; 462 } 463 464 static int hci_dev_session_init(struct nfc_hci_dev *hdev) 465 { 466 struct sk_buff *skb = NULL; 467 int r; 468 469 if (hdev->init_data.gates[0].gate != NFC_HCI_ADMIN_GATE) 470 return -EPROTO; 471 472 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 473 hdev->init_data.gates[0].gate, 474 hdev->init_data.gates[0].pipe); 475 if (r < 0) 476 goto exit; 477 478 r = nfc_hci_get_param(hdev, NFC_HCI_ADMIN_GATE, 479 NFC_HCI_ADMIN_SESSION_IDENTITY, &skb); 480 if (r < 0) 481 goto disconnect_all; 482 483 if (skb->len && skb->len == strlen(hdev->init_data.session_id) && 484 (memcmp(hdev->init_data.session_id, skb->data, 485 skb->len) == 0) && hdev->ops->load_session) { 486 /* Restore gate<->pipe table from some proprietary location. */ 487 488 r = hdev->ops->load_session(hdev); 489 490 if (r < 0) 491 goto disconnect_all; 492 } else { 493 494 r = nfc_hci_disconnect_all_gates(hdev); 495 if (r < 0) 496 goto exit; 497 498 r = hci_dev_connect_gates(hdev, hdev->init_data.gate_count, 499 hdev->init_data.gates); 500 if (r < 0) 501 goto disconnect_all; 502 503 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 504 NFC_HCI_ADMIN_SESSION_IDENTITY, 505 hdev->init_data.session_id, 506 strlen(hdev->init_data.session_id)); 507 } 508 if (r == 0) 509 goto exit; 510 511 disconnect_all: 512 nfc_hci_disconnect_all_gates(hdev); 513 514 exit: 515 kfree_skb(skb); 516 517 return r; 518 } 519 520 static int hci_dev_version(struct nfc_hci_dev *hdev) 521 { 522 int r; 523 struct sk_buff *skb; 524 525 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 526 NFC_HCI_ID_MGMT_VERSION_SW, &skb); 527 if (r == -EOPNOTSUPP) { 528 pr_info("Software/Hardware info not available\n"); 529 return 0; 530 } 531 if (r < 0) 532 return r; 533 534 if (skb->len != 3) { 535 kfree_skb(skb); 536 return -EINVAL; 537 } 538 539 hdev->sw_romlib = (skb->data[0] & 0xf0) >> 4; 540 hdev->sw_patch = skb->data[0] & 0x0f; 541 hdev->sw_flashlib_major = skb->data[1]; 542 hdev->sw_flashlib_minor = skb->data[2]; 543 544 kfree_skb(skb); 545 546 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 547 NFC_HCI_ID_MGMT_VERSION_HW, &skb); 548 if (r < 0) 549 return r; 550 551 if (skb->len != 3) { 552 kfree_skb(skb); 553 return -EINVAL; 554 } 555 556 hdev->hw_derivative = (skb->data[0] & 0xe0) >> 5; 557 hdev->hw_version = skb->data[0] & 0x1f; 558 hdev->hw_mpw = (skb->data[1] & 0xc0) >> 6; 559 hdev->hw_software = skb->data[1] & 0x3f; 560 hdev->hw_bsid = skb->data[2]; 561 562 kfree_skb(skb); 563 564 pr_info("SOFTWARE INFO:\n"); 565 pr_info("RomLib : %d\n", hdev->sw_romlib); 566 pr_info("Patch : %d\n", hdev->sw_patch); 567 pr_info("FlashLib Major : %d\n", hdev->sw_flashlib_major); 568 pr_info("FlashLib Minor : %d\n", hdev->sw_flashlib_minor); 569 pr_info("HARDWARE INFO:\n"); 570 pr_info("Derivative : %d\n", hdev->hw_derivative); 571 pr_info("HW Version : %d\n", hdev->hw_version); 572 pr_info("#MPW : %d\n", hdev->hw_mpw); 573 pr_info("Software : %d\n", hdev->hw_software); 574 pr_info("BSID Version : %d\n", hdev->hw_bsid); 575 576 return 0; 577 } 578 579 static int hci_dev_up(struct nfc_dev *nfc_dev) 580 { 581 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 582 int r = 0; 583 584 if (hdev->ops->open) { 585 r = hdev->ops->open(hdev); 586 if (r < 0) 587 return r; 588 } 589 590 r = nfc_llc_start(hdev->llc); 591 if (r < 0) 592 goto exit_close; 593 594 r = hci_dev_session_init(hdev); 595 if (r < 0) 596 goto exit_llc; 597 598 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 599 NFC_HCI_EVT_END_OPERATION, NULL, 0); 600 if (r < 0) 601 goto exit_llc; 602 603 if (hdev->ops->hci_ready) { 604 r = hdev->ops->hci_ready(hdev); 605 if (r < 0) 606 goto exit_llc; 607 } 608 609 r = hci_dev_version(hdev); 610 if (r < 0) 611 goto exit_llc; 612 613 return 0; 614 615 exit_llc: 616 nfc_llc_stop(hdev->llc); 617 618 exit_close: 619 if (hdev->ops->close) 620 hdev->ops->close(hdev); 621 622 return r; 623 } 624 625 static int hci_dev_down(struct nfc_dev *nfc_dev) 626 { 627 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 628 629 nfc_llc_stop(hdev->llc); 630 631 if (hdev->ops->close) 632 hdev->ops->close(hdev); 633 634 nfc_hci_reset_pipes(hdev); 635 636 return 0; 637 } 638 639 static int hci_start_poll(struct nfc_dev *nfc_dev, 640 u32 im_protocols, u32 tm_protocols) 641 { 642 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 643 644 if (hdev->ops->start_poll) 645 return hdev->ops->start_poll(hdev, im_protocols, tm_protocols); 646 else 647 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 648 NFC_HCI_EVT_READER_REQUESTED, 649 NULL, 0); 650 } 651 652 static void hci_stop_poll(struct nfc_dev *nfc_dev) 653 { 654 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 655 656 if (hdev->ops->stop_poll) 657 hdev->ops->stop_poll(hdev); 658 else 659 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 660 NFC_HCI_EVT_END_OPERATION, NULL, 0); 661 } 662 663 static int hci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 664 __u8 comm_mode, __u8 *gb, size_t gb_len) 665 { 666 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 667 668 if (!hdev->ops->dep_link_up) 669 return 0; 670 671 return hdev->ops->dep_link_up(hdev, target, comm_mode, 672 gb, gb_len); 673 } 674 675 static int hci_dep_link_down(struct nfc_dev *nfc_dev) 676 { 677 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 678 679 if (!hdev->ops->dep_link_down) 680 return 0; 681 682 return hdev->ops->dep_link_down(hdev); 683 } 684 685 static int hci_activate_target(struct nfc_dev *nfc_dev, 686 struct nfc_target *target, u32 protocol) 687 { 688 return 0; 689 } 690 691 static void hci_deactivate_target(struct nfc_dev *nfc_dev, 692 struct nfc_target *target, 693 u8 mode) 694 { 695 } 696 697 #define HCI_CB_TYPE_TRANSCEIVE 1 698 699 static void hci_transceive_cb(void *context, struct sk_buff *skb, int err) 700 { 701 struct nfc_hci_dev *hdev = context; 702 703 switch (hdev->async_cb_type) { 704 case HCI_CB_TYPE_TRANSCEIVE: 705 /* 706 * TODO: Check RF Error indicator to make sure data is valid. 707 * It seems that HCI cmd can complete without error, but data 708 * can be invalid if an RF error occurred? Ignore for now. 709 */ 710 if (err == 0) 711 skb_trim(skb, skb->len - 1); /* RF Err ind */ 712 713 hdev->async_cb(hdev->async_cb_context, skb, err); 714 break; 715 default: 716 if (err == 0) 717 kfree_skb(skb); 718 break; 719 } 720 } 721 722 static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target, 723 struct sk_buff *skb, data_exchange_cb_t cb, 724 void *cb_context) 725 { 726 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 727 int r; 728 729 pr_debug("target_idx=%d\n", target->idx); 730 731 switch (target->hci_reader_gate) { 732 case NFC_HCI_RF_READER_A_GATE: 733 case NFC_HCI_RF_READER_B_GATE: 734 if (hdev->ops->im_transceive) { 735 r = hdev->ops->im_transceive(hdev, target, skb, cb, 736 cb_context); 737 if (r <= 0) /* handled */ 738 break; 739 } 740 741 *(u8 *)skb_push(skb, 1) = 0; /* CTR, see spec:10.2.2.1 */ 742 743 hdev->async_cb_type = HCI_CB_TYPE_TRANSCEIVE; 744 hdev->async_cb = cb; 745 hdev->async_cb_context = cb_context; 746 747 r = nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 748 NFC_HCI_WR_XCHG_DATA, skb->data, 749 skb->len, hci_transceive_cb, hdev); 750 break; 751 default: 752 if (hdev->ops->im_transceive) { 753 r = hdev->ops->im_transceive(hdev, target, skb, cb, 754 cb_context); 755 if (r == 1) 756 r = -ENOTSUPP; 757 } else { 758 r = -ENOTSUPP; 759 } 760 break; 761 } 762 763 kfree_skb(skb); 764 765 return r; 766 } 767 768 static int hci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 769 { 770 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 771 772 if (!hdev->ops->tm_send) { 773 kfree_skb(skb); 774 return -ENOTSUPP; 775 } 776 777 return hdev->ops->tm_send(hdev, skb); 778 } 779 780 static int hci_check_presence(struct nfc_dev *nfc_dev, 781 struct nfc_target *target) 782 { 783 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 784 785 if (!hdev->ops->check_presence) 786 return 0; 787 788 return hdev->ops->check_presence(hdev, target); 789 } 790 791 static int hci_discover_se(struct nfc_dev *nfc_dev) 792 { 793 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 794 795 if (hdev->ops->discover_se) 796 return hdev->ops->discover_se(hdev); 797 798 return 0; 799 } 800 801 static int hci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx) 802 { 803 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 804 805 if (hdev->ops->enable_se) 806 return hdev->ops->enable_se(hdev, se_idx); 807 808 return 0; 809 } 810 811 static int hci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx) 812 { 813 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 814 815 if (hdev->ops->disable_se) 816 return hdev->ops->disable_se(hdev, se_idx); 817 818 return 0; 819 } 820 821 static int hci_se_io(struct nfc_dev *nfc_dev, u32 se_idx, 822 u8 *apdu, size_t apdu_length, 823 se_io_cb_t cb, void *cb_context) 824 { 825 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 826 827 if (hdev->ops->se_io) 828 return hdev->ops->se_io(hdev, se_idx, apdu, 829 apdu_length, cb, cb_context); 830 831 return 0; 832 } 833 834 static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err) 835 { 836 mutex_lock(&hdev->msg_tx_mutex); 837 838 if (hdev->cmd_pending_msg == NULL) { 839 nfc_driver_failure(hdev->ndev, err); 840 goto exit; 841 } 842 843 __nfc_hci_cmd_completion(hdev, err, NULL); 844 845 exit: 846 mutex_unlock(&hdev->msg_tx_mutex); 847 } 848 849 static void nfc_hci_llc_failure(struct nfc_hci_dev *hdev, int err) 850 { 851 nfc_hci_failure(hdev, err); 852 } 853 854 static void nfc_hci_recv_from_llc(struct nfc_hci_dev *hdev, struct sk_buff *skb) 855 { 856 struct hcp_packet *packet; 857 u8 type; 858 u8 instruction; 859 struct sk_buff *hcp_skb; 860 u8 pipe; 861 struct sk_buff *frag_skb; 862 int msg_len; 863 864 packet = (struct hcp_packet *)skb->data; 865 if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) { 866 skb_queue_tail(&hdev->rx_hcp_frags, skb); 867 return; 868 } 869 870 /* it's the last fragment. Does it need re-aggregation? */ 871 if (skb_queue_len(&hdev->rx_hcp_frags)) { 872 pipe = packet->header & NFC_HCI_FRAGMENT; 873 skb_queue_tail(&hdev->rx_hcp_frags, skb); 874 875 msg_len = 0; 876 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 877 msg_len += (frag_skb->len - 878 NFC_HCI_HCP_PACKET_HEADER_LEN); 879 } 880 881 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN + 882 msg_len, GFP_KERNEL); 883 if (hcp_skb == NULL) { 884 nfc_hci_failure(hdev, -ENOMEM); 885 return; 886 } 887 888 skb_put_u8(hcp_skb, pipe); 889 890 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 891 msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN; 892 skb_put_data(hcp_skb, 893 frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN, 894 msg_len); 895 } 896 897 skb_queue_purge(&hdev->rx_hcp_frags); 898 } else { 899 packet->header &= NFC_HCI_FRAGMENT; 900 hcp_skb = skb; 901 } 902 903 /* if this is a response, dispatch immediately to 904 * unblock waiting cmd context. Otherwise, enqueue to dispatch 905 * in separate context where handler can also execute command. 906 */ 907 packet = (struct hcp_packet *)hcp_skb->data; 908 type = HCP_MSG_GET_TYPE(packet->message.header); 909 if (type == NFC_HCI_HCP_RESPONSE) { 910 pipe = packet->header; 911 instruction = HCP_MSG_GET_CMD(packet->message.header); 912 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN + 913 NFC_HCI_HCP_MESSAGE_HEADER_LEN); 914 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb); 915 } else { 916 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb); 917 schedule_work(&hdev->msg_rx_work); 918 } 919 } 920 921 static int hci_fw_download(struct nfc_dev *nfc_dev, const char *firmware_name) 922 { 923 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 924 925 if (!hdev->ops->fw_download) 926 return -ENOTSUPP; 927 928 return hdev->ops->fw_download(hdev, firmware_name); 929 } 930 931 static const struct nfc_ops hci_nfc_ops = { 932 .dev_up = hci_dev_up, 933 .dev_down = hci_dev_down, 934 .start_poll = hci_start_poll, 935 .stop_poll = hci_stop_poll, 936 .dep_link_up = hci_dep_link_up, 937 .dep_link_down = hci_dep_link_down, 938 .activate_target = hci_activate_target, 939 .deactivate_target = hci_deactivate_target, 940 .im_transceive = hci_transceive, 941 .tm_send = hci_tm_send, 942 .check_presence = hci_check_presence, 943 .fw_download = hci_fw_download, 944 .discover_se = hci_discover_se, 945 .enable_se = hci_enable_se, 946 .disable_se = hci_disable_se, 947 .se_io = hci_se_io, 948 }; 949 950 struct nfc_hci_dev *nfc_hci_allocate_device(const struct nfc_hci_ops *ops, 951 struct nfc_hci_init_data *init_data, 952 unsigned long quirks, 953 u32 protocols, 954 const char *llc_name, 955 int tx_headroom, 956 int tx_tailroom, 957 int max_link_payload) 958 { 959 struct nfc_hci_dev *hdev; 960 961 if (ops->xmit == NULL) 962 return NULL; 963 964 if (protocols == 0) 965 return NULL; 966 967 hdev = kzalloc(sizeof(struct nfc_hci_dev), GFP_KERNEL); 968 if (hdev == NULL) 969 return NULL; 970 971 hdev->llc = nfc_llc_allocate(llc_name, hdev, ops->xmit, 972 nfc_hci_recv_from_llc, tx_headroom, 973 tx_tailroom, nfc_hci_llc_failure); 974 if (hdev->llc == NULL) { 975 kfree(hdev); 976 return NULL; 977 } 978 979 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, 980 tx_headroom + HCI_CMDS_HEADROOM, 981 tx_tailroom); 982 if (!hdev->ndev) { 983 nfc_llc_free(hdev->llc); 984 kfree(hdev); 985 return NULL; 986 } 987 988 hdev->ops = ops; 989 hdev->max_data_link_payload = max_link_payload; 990 hdev->init_data = *init_data; 991 992 nfc_set_drvdata(hdev->ndev, hdev); 993 994 nfc_hci_reset_pipes(hdev); 995 996 hdev->quirks = quirks; 997 998 return hdev; 999 } 1000 EXPORT_SYMBOL(nfc_hci_allocate_device); 1001 1002 void nfc_hci_free_device(struct nfc_hci_dev *hdev) 1003 { 1004 nfc_free_device(hdev->ndev); 1005 nfc_llc_free(hdev->llc); 1006 kfree(hdev); 1007 } 1008 EXPORT_SYMBOL(nfc_hci_free_device); 1009 1010 int nfc_hci_register_device(struct nfc_hci_dev *hdev) 1011 { 1012 mutex_init(&hdev->msg_tx_mutex); 1013 1014 INIT_LIST_HEAD(&hdev->msg_tx_queue); 1015 1016 INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work); 1017 1018 timer_setup(&hdev->cmd_timer, nfc_hci_cmd_timeout, 0); 1019 1020 skb_queue_head_init(&hdev->rx_hcp_frags); 1021 1022 INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work); 1023 1024 skb_queue_head_init(&hdev->msg_rx_queue); 1025 1026 return nfc_register_device(hdev->ndev); 1027 } 1028 EXPORT_SYMBOL(nfc_hci_register_device); 1029 1030 void nfc_hci_unregister_device(struct nfc_hci_dev *hdev) 1031 { 1032 struct hci_msg *msg, *n; 1033 1034 mutex_lock(&hdev->msg_tx_mutex); 1035 1036 if (hdev->cmd_pending_msg) { 1037 if (hdev->cmd_pending_msg->cb) 1038 hdev->cmd_pending_msg->cb( 1039 hdev->cmd_pending_msg->cb_context, 1040 NULL, -ESHUTDOWN); 1041 kfree(hdev->cmd_pending_msg); 1042 hdev->cmd_pending_msg = NULL; 1043 } 1044 1045 hdev->shutting_down = true; 1046 1047 mutex_unlock(&hdev->msg_tx_mutex); 1048 1049 del_timer_sync(&hdev->cmd_timer); 1050 cancel_work_sync(&hdev->msg_tx_work); 1051 1052 cancel_work_sync(&hdev->msg_rx_work); 1053 1054 nfc_unregister_device(hdev->ndev); 1055 1056 skb_queue_purge(&hdev->rx_hcp_frags); 1057 skb_queue_purge(&hdev->msg_rx_queue); 1058 1059 list_for_each_entry_safe(msg, n, &hdev->msg_tx_queue, msg_l) { 1060 list_del(&msg->msg_l); 1061 skb_queue_purge(&msg->msg_frags); 1062 kfree(msg); 1063 } 1064 } 1065 EXPORT_SYMBOL(nfc_hci_unregister_device); 1066 1067 void nfc_hci_set_clientdata(struct nfc_hci_dev *hdev, void *clientdata) 1068 { 1069 hdev->clientdata = clientdata; 1070 } 1071 EXPORT_SYMBOL(nfc_hci_set_clientdata); 1072 1073 void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev) 1074 { 1075 return hdev->clientdata; 1076 } 1077 EXPORT_SYMBOL(nfc_hci_get_clientdata); 1078 1079 void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err) 1080 { 1081 nfc_hci_failure(hdev, err); 1082 } 1083 EXPORT_SYMBOL(nfc_hci_driver_failure); 1084 1085 void nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb) 1086 { 1087 nfc_llc_rcv_from_drv(hdev->llc, skb); 1088 } 1089 EXPORT_SYMBOL(nfc_hci_recv_frame); 1090 1091 static int __init nfc_hci_init(void) 1092 { 1093 return nfc_llc_init(); 1094 } 1095 1096 static void __exit nfc_hci_exit(void) 1097 { 1098 nfc_llc_exit(); 1099 } 1100 1101 subsys_initcall(nfc_hci_init); 1102 module_exit(nfc_hci_exit); 1103 1104 MODULE_LICENSE("GPL"); 1105 MODULE_DESCRIPTION("NFC HCI Core"); 1106