1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2012 Intel Corporation. All rights reserved. 4 */ 5 6 #define pr_fmt(fmt) "hci: %s: " fmt, __func__ 7 8 #include <linux/init.h> 9 #include <linux/kernel.h> 10 #include <linux/module.h> 11 #include <linux/nfc.h> 12 13 #include <net/nfc/nfc.h> 14 #include <net/nfc/hci.h> 15 #include <net/nfc/llc.h> 16 17 #include "hci.h" 18 19 /* Largest headroom needed for outgoing HCI commands */ 20 #define HCI_CMDS_HEADROOM 1 21 22 int nfc_hci_result_to_errno(u8 result) 23 { 24 switch (result) { 25 case NFC_HCI_ANY_OK: 26 return 0; 27 case NFC_HCI_ANY_E_REG_PAR_UNKNOWN: 28 return -EOPNOTSUPP; 29 case NFC_HCI_ANY_E_TIMEOUT: 30 return -ETIME; 31 default: 32 return -1; 33 } 34 } 35 EXPORT_SYMBOL(nfc_hci_result_to_errno); 36 37 void nfc_hci_reset_pipes(struct nfc_hci_dev *hdev) 38 { 39 int i = 0; 40 41 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 42 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 43 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 44 } 45 memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe)); 46 } 47 EXPORT_SYMBOL(nfc_hci_reset_pipes); 48 49 void nfc_hci_reset_pipes_per_host(struct nfc_hci_dev *hdev, u8 host) 50 { 51 int i = 0; 52 53 for (i = 0; i < NFC_HCI_MAX_PIPES; i++) { 54 if (hdev->pipes[i].dest_host != host) 55 continue; 56 57 hdev->pipes[i].gate = NFC_HCI_INVALID_GATE; 58 hdev->pipes[i].dest_host = NFC_HCI_INVALID_HOST; 59 } 60 } 61 EXPORT_SYMBOL(nfc_hci_reset_pipes_per_host); 62 63 static void nfc_hci_msg_tx_work(struct work_struct *work) 64 { 65 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 66 msg_tx_work); 67 struct hci_msg *msg; 68 struct sk_buff *skb; 69 int r = 0; 70 71 mutex_lock(&hdev->msg_tx_mutex); 72 if (hdev->shutting_down) 73 goto exit; 74 75 if (hdev->cmd_pending_msg) { 76 if (timer_pending(&hdev->cmd_timer) == 0) { 77 if (hdev->cmd_pending_msg->cb) 78 hdev->cmd_pending_msg->cb(hdev-> 79 cmd_pending_msg-> 80 cb_context, 81 NULL, 82 -ETIME); 83 kfree(hdev->cmd_pending_msg); 84 hdev->cmd_pending_msg = NULL; 85 } else { 86 goto exit; 87 } 88 } 89 90 next_msg: 91 if (list_empty(&hdev->msg_tx_queue)) 92 goto exit; 93 94 msg = list_first_entry(&hdev->msg_tx_queue, struct hci_msg, msg_l); 95 list_del(&msg->msg_l); 96 97 pr_debug("msg_tx_queue has a cmd to send\n"); 98 while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) { 99 r = nfc_llc_xmit_from_hci(hdev->llc, skb); 100 if (r < 0) { 101 kfree_skb(skb); 102 skb_queue_purge(&msg->msg_frags); 103 if (msg->cb) 104 msg->cb(msg->cb_context, NULL, r); 105 kfree(msg); 106 break; 107 } 108 } 109 110 if (r) 111 goto next_msg; 112 113 if (msg->wait_response == false) { 114 kfree(msg); 115 goto next_msg; 116 } 117 118 hdev->cmd_pending_msg = msg; 119 mod_timer(&hdev->cmd_timer, jiffies + 120 msecs_to_jiffies(hdev->cmd_pending_msg->completion_delay)); 121 122 exit: 123 mutex_unlock(&hdev->msg_tx_mutex); 124 } 125 126 static void nfc_hci_msg_rx_work(struct work_struct *work) 127 { 128 struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev, 129 msg_rx_work); 130 struct sk_buff *skb; 131 struct hcp_message *message; 132 u8 pipe; 133 u8 type; 134 u8 instruction; 135 136 while ((skb = skb_dequeue(&hdev->msg_rx_queue)) != NULL) { 137 pipe = skb->data[0]; 138 skb_pull(skb, NFC_HCI_HCP_PACKET_HEADER_LEN); 139 message = (struct hcp_message *)skb->data; 140 type = HCP_MSG_GET_TYPE(message->header); 141 instruction = HCP_MSG_GET_CMD(message->header); 142 skb_pull(skb, NFC_HCI_HCP_MESSAGE_HEADER_LEN); 143 144 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, skb); 145 } 146 } 147 148 static void __nfc_hci_cmd_completion(struct nfc_hci_dev *hdev, int err, 149 struct sk_buff *skb) 150 { 151 del_timer_sync(&hdev->cmd_timer); 152 153 if (hdev->cmd_pending_msg->cb) 154 hdev->cmd_pending_msg->cb(hdev->cmd_pending_msg->cb_context, 155 skb, err); 156 else 157 kfree_skb(skb); 158 159 kfree(hdev->cmd_pending_msg); 160 hdev->cmd_pending_msg = NULL; 161 162 schedule_work(&hdev->msg_tx_work); 163 } 164 165 void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result, 166 struct sk_buff *skb) 167 { 168 mutex_lock(&hdev->msg_tx_mutex); 169 170 if (hdev->cmd_pending_msg == NULL) { 171 kfree_skb(skb); 172 goto exit; 173 } 174 175 __nfc_hci_cmd_completion(hdev, nfc_hci_result_to_errno(result), skb); 176 177 exit: 178 mutex_unlock(&hdev->msg_tx_mutex); 179 } 180 181 void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd, 182 struct sk_buff *skb) 183 { 184 u8 gate = hdev->pipes[pipe].gate; 185 u8 status = NFC_HCI_ANY_OK; 186 struct hci_create_pipe_resp *create_info; 187 struct hci_delete_pipe_noti *delete_info; 188 struct hci_all_pipe_cleared_noti *cleared_info; 189 190 pr_debug("from gate %x pipe %x cmd %x\n", gate, pipe, cmd); 191 192 switch (cmd) { 193 case NFC_HCI_ADM_NOTIFY_PIPE_CREATED: 194 if (skb->len != 5) { 195 status = NFC_HCI_ANY_E_NOK; 196 goto exit; 197 } 198 create_info = (struct hci_create_pipe_resp *)skb->data; 199 200 if (create_info->pipe >= NFC_HCI_MAX_PIPES) { 201 status = NFC_HCI_ANY_E_NOK; 202 goto exit; 203 } 204 205 /* Save the new created pipe and bind with local gate, 206 * the description for skb->data[3] is destination gate id 207 * but since we received this cmd from host controller, we 208 * are the destination and it is our local gate 209 */ 210 hdev->gate2pipe[create_info->dest_gate] = create_info->pipe; 211 hdev->pipes[create_info->pipe].gate = create_info->dest_gate; 212 hdev->pipes[create_info->pipe].dest_host = 213 create_info->src_host; 214 break; 215 case NFC_HCI_ANY_OPEN_PIPE: 216 if (gate == NFC_HCI_INVALID_GATE) { 217 status = NFC_HCI_ANY_E_NOK; 218 goto exit; 219 } 220 break; 221 case NFC_HCI_ADM_NOTIFY_PIPE_DELETED: 222 if (skb->len != 1) { 223 status = NFC_HCI_ANY_E_NOK; 224 goto exit; 225 } 226 delete_info = (struct hci_delete_pipe_noti *)skb->data; 227 228 if (delete_info->pipe >= NFC_HCI_MAX_PIPES) { 229 status = NFC_HCI_ANY_E_NOK; 230 goto exit; 231 } 232 233 hdev->pipes[delete_info->pipe].gate = NFC_HCI_INVALID_GATE; 234 hdev->pipes[delete_info->pipe].dest_host = NFC_HCI_INVALID_HOST; 235 break; 236 case NFC_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED: 237 if (skb->len != 1) { 238 status = NFC_HCI_ANY_E_NOK; 239 goto exit; 240 } 241 cleared_info = (struct hci_all_pipe_cleared_noti *)skb->data; 242 243 nfc_hci_reset_pipes_per_host(hdev, cleared_info->host); 244 break; 245 default: 246 pr_info("Discarded unknown cmd %x to gate %x\n", cmd, gate); 247 break; 248 } 249 250 if (hdev->ops->cmd_received) 251 hdev->ops->cmd_received(hdev, pipe, cmd, skb); 252 253 exit: 254 nfc_hci_hcp_message_tx(hdev, pipe, NFC_HCI_HCP_RESPONSE, 255 status, NULL, 0, NULL, NULL, 0); 256 257 kfree_skb(skb); 258 } 259 260 u32 nfc_hci_sak_to_protocol(u8 sak) 261 { 262 switch (NFC_HCI_TYPE_A_SEL_PROT(sak)) { 263 case NFC_HCI_TYPE_A_SEL_PROT_MIFARE: 264 return NFC_PROTO_MIFARE_MASK; 265 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443: 266 return NFC_PROTO_ISO14443_MASK; 267 case NFC_HCI_TYPE_A_SEL_PROT_DEP: 268 return NFC_PROTO_NFC_DEP_MASK; 269 case NFC_HCI_TYPE_A_SEL_PROT_ISO14443_DEP: 270 return NFC_PROTO_ISO14443_MASK | NFC_PROTO_NFC_DEP_MASK; 271 default: 272 return 0xffffffff; 273 } 274 } 275 EXPORT_SYMBOL(nfc_hci_sak_to_protocol); 276 277 int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate) 278 { 279 struct nfc_target *targets; 280 struct sk_buff *atqa_skb = NULL; 281 struct sk_buff *sak_skb = NULL; 282 struct sk_buff *uid_skb = NULL; 283 int r; 284 285 pr_debug("from gate %d\n", gate); 286 287 targets = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 288 if (targets == NULL) 289 return -ENOMEM; 290 291 switch (gate) { 292 case NFC_HCI_RF_READER_A_GATE: 293 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 294 NFC_HCI_RF_READER_A_ATQA, &atqa_skb); 295 if (r < 0) 296 goto exit; 297 298 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 299 NFC_HCI_RF_READER_A_SAK, &sak_skb); 300 if (r < 0) 301 goto exit; 302 303 if (atqa_skb->len != 2 || sak_skb->len != 1) { 304 r = -EPROTO; 305 goto exit; 306 } 307 308 targets->supported_protocols = 309 nfc_hci_sak_to_protocol(sak_skb->data[0]); 310 if (targets->supported_protocols == 0xffffffff) { 311 r = -EPROTO; 312 goto exit; 313 } 314 315 targets->sens_res = be16_to_cpu(*(__be16 *)atqa_skb->data); 316 targets->sel_res = sak_skb->data[0]; 317 318 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE, 319 NFC_HCI_RF_READER_A_UID, &uid_skb); 320 if (r < 0) 321 goto exit; 322 323 if (uid_skb->len == 0 || uid_skb->len > NFC_NFCID1_MAXSIZE) { 324 r = -EPROTO; 325 goto exit; 326 } 327 328 memcpy(targets->nfcid1, uid_skb->data, uid_skb->len); 329 targets->nfcid1_len = uid_skb->len; 330 331 if (hdev->ops->complete_target_discovered) { 332 r = hdev->ops->complete_target_discovered(hdev, gate, 333 targets); 334 if (r < 0) 335 goto exit; 336 } 337 break; 338 case NFC_HCI_RF_READER_B_GATE: 339 targets->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 340 break; 341 default: 342 if (hdev->ops->target_from_gate) 343 r = hdev->ops->target_from_gate(hdev, gate, targets); 344 else 345 r = -EPROTO; 346 if (r < 0) 347 goto exit; 348 349 if (hdev->ops->complete_target_discovered) { 350 r = hdev->ops->complete_target_discovered(hdev, gate, 351 targets); 352 if (r < 0) 353 goto exit; 354 } 355 break; 356 } 357 358 /* if driver set the new gate, we will skip the old one */ 359 if (targets->hci_reader_gate == 0x00) 360 targets->hci_reader_gate = gate; 361 362 r = nfc_targets_found(hdev->ndev, targets, 1); 363 364 exit: 365 kfree(targets); 366 kfree_skb(atqa_skb); 367 kfree_skb(sak_skb); 368 kfree_skb(uid_skb); 369 370 return r; 371 } 372 EXPORT_SYMBOL(nfc_hci_target_discovered); 373 374 void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 375 struct sk_buff *skb) 376 { 377 int r = 0; 378 u8 gate = hdev->pipes[pipe].gate; 379 380 if (gate == NFC_HCI_INVALID_GATE) { 381 pr_err("Discarded event %x to unopened pipe %x\n", event, pipe); 382 goto exit; 383 } 384 385 if (hdev->ops->event_received) { 386 r = hdev->ops->event_received(hdev, pipe, event, skb); 387 if (r <= 0) 388 goto exit_noskb; 389 } 390 391 switch (event) { 392 case NFC_HCI_EVT_TARGET_DISCOVERED: 393 if (skb->len < 1) { /* no status data? */ 394 r = -EPROTO; 395 goto exit; 396 } 397 398 if (skb->data[0] == 3) { 399 /* TODO: Multiple targets in field, none activated 400 * poll is supposedly stopped, but there is no 401 * single target to activate, so nothing to report 402 * up. 403 * if we need to restart poll, we must save the 404 * protocols from the initial poll and reuse here. 405 */ 406 } 407 408 if (skb->data[0] != 0) { 409 r = -EPROTO; 410 goto exit; 411 } 412 413 r = nfc_hci_target_discovered(hdev, gate); 414 break; 415 default: 416 pr_info("Discarded unknown event %x to gate %x\n", event, gate); 417 r = -EINVAL; 418 break; 419 } 420 421 exit: 422 kfree_skb(skb); 423 424 exit_noskb: 425 if (r) 426 nfc_hci_driver_failure(hdev, r); 427 } 428 429 static void nfc_hci_cmd_timeout(struct timer_list *t) 430 { 431 struct nfc_hci_dev *hdev = from_timer(hdev, t, cmd_timer); 432 433 schedule_work(&hdev->msg_tx_work); 434 } 435 436 static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count, 437 struct nfc_hci_gate *gates) 438 { 439 int r; 440 while (gate_count--) { 441 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 442 gates->gate, gates->pipe); 443 if (r < 0) 444 return r; 445 gates++; 446 } 447 448 return 0; 449 } 450 451 static int hci_dev_session_init(struct nfc_hci_dev *hdev) 452 { 453 struct sk_buff *skb = NULL; 454 int r; 455 456 if (hdev->init_data.gates[0].gate != NFC_HCI_ADMIN_GATE) 457 return -EPROTO; 458 459 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID, 460 hdev->init_data.gates[0].gate, 461 hdev->init_data.gates[0].pipe); 462 if (r < 0) 463 goto exit; 464 465 r = nfc_hci_get_param(hdev, NFC_HCI_ADMIN_GATE, 466 NFC_HCI_ADMIN_SESSION_IDENTITY, &skb); 467 if (r < 0) 468 goto disconnect_all; 469 470 if (skb->len && skb->len == strlen(hdev->init_data.session_id) && 471 (memcmp(hdev->init_data.session_id, skb->data, 472 skb->len) == 0) && hdev->ops->load_session) { 473 /* Restore gate<->pipe table from some proprietary location. */ 474 475 r = hdev->ops->load_session(hdev); 476 477 if (r < 0) 478 goto disconnect_all; 479 } else { 480 481 r = nfc_hci_disconnect_all_gates(hdev); 482 if (r < 0) 483 goto exit; 484 485 r = hci_dev_connect_gates(hdev, hdev->init_data.gate_count, 486 hdev->init_data.gates); 487 if (r < 0) 488 goto disconnect_all; 489 490 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 491 NFC_HCI_ADMIN_SESSION_IDENTITY, 492 hdev->init_data.session_id, 493 strlen(hdev->init_data.session_id)); 494 } 495 if (r == 0) 496 goto exit; 497 498 disconnect_all: 499 nfc_hci_disconnect_all_gates(hdev); 500 501 exit: 502 kfree_skb(skb); 503 504 return r; 505 } 506 507 static int hci_dev_version(struct nfc_hci_dev *hdev) 508 { 509 int r; 510 struct sk_buff *skb; 511 512 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 513 NFC_HCI_ID_MGMT_VERSION_SW, &skb); 514 if (r == -EOPNOTSUPP) { 515 pr_info("Software/Hardware info not available\n"); 516 return 0; 517 } 518 if (r < 0) 519 return r; 520 521 if (skb->len != 3) { 522 kfree_skb(skb); 523 return -EINVAL; 524 } 525 526 hdev->sw_romlib = (skb->data[0] & 0xf0) >> 4; 527 hdev->sw_patch = skb->data[0] & 0x0f; 528 hdev->sw_flashlib_major = skb->data[1]; 529 hdev->sw_flashlib_minor = skb->data[2]; 530 531 kfree_skb(skb); 532 533 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 534 NFC_HCI_ID_MGMT_VERSION_HW, &skb); 535 if (r < 0) 536 return r; 537 538 if (skb->len != 3) { 539 kfree_skb(skb); 540 return -EINVAL; 541 } 542 543 hdev->hw_derivative = (skb->data[0] & 0xe0) >> 5; 544 hdev->hw_version = skb->data[0] & 0x1f; 545 hdev->hw_mpw = (skb->data[1] & 0xc0) >> 6; 546 hdev->hw_software = skb->data[1] & 0x3f; 547 hdev->hw_bsid = skb->data[2]; 548 549 kfree_skb(skb); 550 551 pr_info("SOFTWARE INFO:\n"); 552 pr_info("RomLib : %d\n", hdev->sw_romlib); 553 pr_info("Patch : %d\n", hdev->sw_patch); 554 pr_info("FlashLib Major : %d\n", hdev->sw_flashlib_major); 555 pr_info("FlashLib Minor : %d\n", hdev->sw_flashlib_minor); 556 pr_info("HARDWARE INFO:\n"); 557 pr_info("Derivative : %d\n", hdev->hw_derivative); 558 pr_info("HW Version : %d\n", hdev->hw_version); 559 pr_info("#MPW : %d\n", hdev->hw_mpw); 560 pr_info("Software : %d\n", hdev->hw_software); 561 pr_info("BSID Version : %d\n", hdev->hw_bsid); 562 563 return 0; 564 } 565 566 static int hci_dev_up(struct nfc_dev *nfc_dev) 567 { 568 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 569 int r = 0; 570 571 if (hdev->ops->open) { 572 r = hdev->ops->open(hdev); 573 if (r < 0) 574 return r; 575 } 576 577 r = nfc_llc_start(hdev->llc); 578 if (r < 0) 579 goto exit_close; 580 581 r = hci_dev_session_init(hdev); 582 if (r < 0) 583 goto exit_llc; 584 585 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 586 NFC_HCI_EVT_END_OPERATION, NULL, 0); 587 if (r < 0) 588 goto exit_llc; 589 590 if (hdev->ops->hci_ready) { 591 r = hdev->ops->hci_ready(hdev); 592 if (r < 0) 593 goto exit_llc; 594 } 595 596 r = hci_dev_version(hdev); 597 if (r < 0) 598 goto exit_llc; 599 600 return 0; 601 602 exit_llc: 603 nfc_llc_stop(hdev->llc); 604 605 exit_close: 606 if (hdev->ops->close) 607 hdev->ops->close(hdev); 608 609 return r; 610 } 611 612 static int hci_dev_down(struct nfc_dev *nfc_dev) 613 { 614 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 615 616 nfc_llc_stop(hdev->llc); 617 618 if (hdev->ops->close) 619 hdev->ops->close(hdev); 620 621 nfc_hci_reset_pipes(hdev); 622 623 return 0; 624 } 625 626 static int hci_start_poll(struct nfc_dev *nfc_dev, 627 u32 im_protocols, u32 tm_protocols) 628 { 629 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 630 631 if (hdev->ops->start_poll) 632 return hdev->ops->start_poll(hdev, im_protocols, tm_protocols); 633 else 634 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 635 NFC_HCI_EVT_READER_REQUESTED, 636 NULL, 0); 637 } 638 639 static void hci_stop_poll(struct nfc_dev *nfc_dev) 640 { 641 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 642 643 if (hdev->ops->stop_poll) 644 hdev->ops->stop_poll(hdev); 645 else 646 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 647 NFC_HCI_EVT_END_OPERATION, NULL, 0); 648 } 649 650 static int hci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 651 __u8 comm_mode, __u8 *gb, size_t gb_len) 652 { 653 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 654 655 if (!hdev->ops->dep_link_up) 656 return 0; 657 658 return hdev->ops->dep_link_up(hdev, target, comm_mode, 659 gb, gb_len); 660 } 661 662 static int hci_dep_link_down(struct nfc_dev *nfc_dev) 663 { 664 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 665 666 if (!hdev->ops->dep_link_down) 667 return 0; 668 669 return hdev->ops->dep_link_down(hdev); 670 } 671 672 static int hci_activate_target(struct nfc_dev *nfc_dev, 673 struct nfc_target *target, u32 protocol) 674 { 675 return 0; 676 } 677 678 static void hci_deactivate_target(struct nfc_dev *nfc_dev, 679 struct nfc_target *target, 680 u8 mode) 681 { 682 } 683 684 #define HCI_CB_TYPE_TRANSCEIVE 1 685 686 static void hci_transceive_cb(void *context, struct sk_buff *skb, int err) 687 { 688 struct nfc_hci_dev *hdev = context; 689 690 switch (hdev->async_cb_type) { 691 case HCI_CB_TYPE_TRANSCEIVE: 692 /* 693 * TODO: Check RF Error indicator to make sure data is valid. 694 * It seems that HCI cmd can complete without error, but data 695 * can be invalid if an RF error occured? Ignore for now. 696 */ 697 if (err == 0) 698 skb_trim(skb, skb->len - 1); /* RF Err ind */ 699 700 hdev->async_cb(hdev->async_cb_context, skb, err); 701 break; 702 default: 703 if (err == 0) 704 kfree_skb(skb); 705 break; 706 } 707 } 708 709 static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target, 710 struct sk_buff *skb, data_exchange_cb_t cb, 711 void *cb_context) 712 { 713 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 714 int r; 715 716 pr_debug("target_idx=%d\n", target->idx); 717 718 switch (target->hci_reader_gate) { 719 case NFC_HCI_RF_READER_A_GATE: 720 case NFC_HCI_RF_READER_B_GATE: 721 if (hdev->ops->im_transceive) { 722 r = hdev->ops->im_transceive(hdev, target, skb, cb, 723 cb_context); 724 if (r <= 0) /* handled */ 725 break; 726 } 727 728 *(u8 *)skb_push(skb, 1) = 0; /* CTR, see spec:10.2.2.1 */ 729 730 hdev->async_cb_type = HCI_CB_TYPE_TRANSCEIVE; 731 hdev->async_cb = cb; 732 hdev->async_cb_context = cb_context; 733 734 r = nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 735 NFC_HCI_WR_XCHG_DATA, skb->data, 736 skb->len, hci_transceive_cb, hdev); 737 break; 738 default: 739 if (hdev->ops->im_transceive) { 740 r = hdev->ops->im_transceive(hdev, target, skb, cb, 741 cb_context); 742 if (r == 1) 743 r = -ENOTSUPP; 744 } else { 745 r = -ENOTSUPP; 746 } 747 break; 748 } 749 750 kfree_skb(skb); 751 752 return r; 753 } 754 755 static int hci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 756 { 757 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 758 759 if (!hdev->ops->tm_send) { 760 kfree_skb(skb); 761 return -ENOTSUPP; 762 } 763 764 return hdev->ops->tm_send(hdev, skb); 765 } 766 767 static int hci_check_presence(struct nfc_dev *nfc_dev, 768 struct nfc_target *target) 769 { 770 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 771 772 if (!hdev->ops->check_presence) 773 return 0; 774 775 return hdev->ops->check_presence(hdev, target); 776 } 777 778 static int hci_discover_se(struct nfc_dev *nfc_dev) 779 { 780 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 781 782 if (hdev->ops->discover_se) 783 return hdev->ops->discover_se(hdev); 784 785 return 0; 786 } 787 788 static int hci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx) 789 { 790 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 791 792 if (hdev->ops->enable_se) 793 return hdev->ops->enable_se(hdev, se_idx); 794 795 return 0; 796 } 797 798 static int hci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx) 799 { 800 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 801 802 if (hdev->ops->disable_se) 803 return hdev->ops->disable_se(hdev, se_idx); 804 805 return 0; 806 } 807 808 static int hci_se_io(struct nfc_dev *nfc_dev, u32 se_idx, 809 u8 *apdu, size_t apdu_length, 810 se_io_cb_t cb, void *cb_context) 811 { 812 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 813 814 if (hdev->ops->se_io) 815 return hdev->ops->se_io(hdev, se_idx, apdu, 816 apdu_length, cb, cb_context); 817 818 return 0; 819 } 820 821 static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err) 822 { 823 mutex_lock(&hdev->msg_tx_mutex); 824 825 if (hdev->cmd_pending_msg == NULL) { 826 nfc_driver_failure(hdev->ndev, err); 827 goto exit; 828 } 829 830 __nfc_hci_cmd_completion(hdev, err, NULL); 831 832 exit: 833 mutex_unlock(&hdev->msg_tx_mutex); 834 } 835 836 static void nfc_hci_llc_failure(struct nfc_hci_dev *hdev, int err) 837 { 838 nfc_hci_failure(hdev, err); 839 } 840 841 static void nfc_hci_recv_from_llc(struct nfc_hci_dev *hdev, struct sk_buff *skb) 842 { 843 struct hcp_packet *packet; 844 u8 type; 845 u8 instruction; 846 struct sk_buff *hcp_skb; 847 u8 pipe; 848 struct sk_buff *frag_skb; 849 int msg_len; 850 851 packet = (struct hcp_packet *)skb->data; 852 if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) { 853 skb_queue_tail(&hdev->rx_hcp_frags, skb); 854 return; 855 } 856 857 /* it's the last fragment. Does it need re-aggregation? */ 858 if (skb_queue_len(&hdev->rx_hcp_frags)) { 859 pipe = packet->header & NFC_HCI_FRAGMENT; 860 skb_queue_tail(&hdev->rx_hcp_frags, skb); 861 862 msg_len = 0; 863 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 864 msg_len += (frag_skb->len - 865 NFC_HCI_HCP_PACKET_HEADER_LEN); 866 } 867 868 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN + 869 msg_len, GFP_KERNEL); 870 if (hcp_skb == NULL) { 871 nfc_hci_failure(hdev, -ENOMEM); 872 return; 873 } 874 875 skb_put_u8(hcp_skb, pipe); 876 877 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) { 878 msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN; 879 skb_put_data(hcp_skb, 880 frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN, 881 msg_len); 882 } 883 884 skb_queue_purge(&hdev->rx_hcp_frags); 885 } else { 886 packet->header &= NFC_HCI_FRAGMENT; 887 hcp_skb = skb; 888 } 889 890 /* if this is a response, dispatch immediately to 891 * unblock waiting cmd context. Otherwise, enqueue to dispatch 892 * in separate context where handler can also execute command. 893 */ 894 packet = (struct hcp_packet *)hcp_skb->data; 895 type = HCP_MSG_GET_TYPE(packet->message.header); 896 if (type == NFC_HCI_HCP_RESPONSE) { 897 pipe = packet->header; 898 instruction = HCP_MSG_GET_CMD(packet->message.header); 899 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN + 900 NFC_HCI_HCP_MESSAGE_HEADER_LEN); 901 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb); 902 } else { 903 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb); 904 schedule_work(&hdev->msg_rx_work); 905 } 906 } 907 908 static int hci_fw_download(struct nfc_dev *nfc_dev, const char *firmware_name) 909 { 910 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 911 912 if (!hdev->ops->fw_download) 913 return -ENOTSUPP; 914 915 return hdev->ops->fw_download(hdev, firmware_name); 916 } 917 918 static struct nfc_ops hci_nfc_ops = { 919 .dev_up = hci_dev_up, 920 .dev_down = hci_dev_down, 921 .start_poll = hci_start_poll, 922 .stop_poll = hci_stop_poll, 923 .dep_link_up = hci_dep_link_up, 924 .dep_link_down = hci_dep_link_down, 925 .activate_target = hci_activate_target, 926 .deactivate_target = hci_deactivate_target, 927 .im_transceive = hci_transceive, 928 .tm_send = hci_tm_send, 929 .check_presence = hci_check_presence, 930 .fw_download = hci_fw_download, 931 .discover_se = hci_discover_se, 932 .enable_se = hci_enable_se, 933 .disable_se = hci_disable_se, 934 .se_io = hci_se_io, 935 }; 936 937 struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 938 struct nfc_hci_init_data *init_data, 939 unsigned long quirks, 940 u32 protocols, 941 const char *llc_name, 942 int tx_headroom, 943 int tx_tailroom, 944 int max_link_payload) 945 { 946 struct nfc_hci_dev *hdev; 947 948 if (ops->xmit == NULL) 949 return NULL; 950 951 if (protocols == 0) 952 return NULL; 953 954 hdev = kzalloc(sizeof(struct nfc_hci_dev), GFP_KERNEL); 955 if (hdev == NULL) 956 return NULL; 957 958 hdev->llc = nfc_llc_allocate(llc_name, hdev, ops->xmit, 959 nfc_hci_recv_from_llc, tx_headroom, 960 tx_tailroom, nfc_hci_llc_failure); 961 if (hdev->llc == NULL) { 962 kfree(hdev); 963 return NULL; 964 } 965 966 hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols, 967 tx_headroom + HCI_CMDS_HEADROOM, 968 tx_tailroom); 969 if (!hdev->ndev) { 970 nfc_llc_free(hdev->llc); 971 kfree(hdev); 972 return NULL; 973 } 974 975 hdev->ops = ops; 976 hdev->max_data_link_payload = max_link_payload; 977 hdev->init_data = *init_data; 978 979 nfc_set_drvdata(hdev->ndev, hdev); 980 981 nfc_hci_reset_pipes(hdev); 982 983 hdev->quirks = quirks; 984 985 return hdev; 986 } 987 EXPORT_SYMBOL(nfc_hci_allocate_device); 988 989 void nfc_hci_free_device(struct nfc_hci_dev *hdev) 990 { 991 nfc_free_device(hdev->ndev); 992 nfc_llc_free(hdev->llc); 993 kfree(hdev); 994 } 995 EXPORT_SYMBOL(nfc_hci_free_device); 996 997 int nfc_hci_register_device(struct nfc_hci_dev *hdev) 998 { 999 mutex_init(&hdev->msg_tx_mutex); 1000 1001 INIT_LIST_HEAD(&hdev->msg_tx_queue); 1002 1003 INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work); 1004 1005 timer_setup(&hdev->cmd_timer, nfc_hci_cmd_timeout, 0); 1006 1007 skb_queue_head_init(&hdev->rx_hcp_frags); 1008 1009 INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work); 1010 1011 skb_queue_head_init(&hdev->msg_rx_queue); 1012 1013 return nfc_register_device(hdev->ndev); 1014 } 1015 EXPORT_SYMBOL(nfc_hci_register_device); 1016 1017 void nfc_hci_unregister_device(struct nfc_hci_dev *hdev) 1018 { 1019 struct hci_msg *msg, *n; 1020 1021 mutex_lock(&hdev->msg_tx_mutex); 1022 1023 if (hdev->cmd_pending_msg) { 1024 if (hdev->cmd_pending_msg->cb) 1025 hdev->cmd_pending_msg->cb( 1026 hdev->cmd_pending_msg->cb_context, 1027 NULL, -ESHUTDOWN); 1028 kfree(hdev->cmd_pending_msg); 1029 hdev->cmd_pending_msg = NULL; 1030 } 1031 1032 hdev->shutting_down = true; 1033 1034 mutex_unlock(&hdev->msg_tx_mutex); 1035 1036 del_timer_sync(&hdev->cmd_timer); 1037 cancel_work_sync(&hdev->msg_tx_work); 1038 1039 cancel_work_sync(&hdev->msg_rx_work); 1040 1041 nfc_unregister_device(hdev->ndev); 1042 1043 skb_queue_purge(&hdev->rx_hcp_frags); 1044 skb_queue_purge(&hdev->msg_rx_queue); 1045 1046 list_for_each_entry_safe(msg, n, &hdev->msg_tx_queue, msg_l) { 1047 list_del(&msg->msg_l); 1048 skb_queue_purge(&msg->msg_frags); 1049 kfree(msg); 1050 } 1051 } 1052 EXPORT_SYMBOL(nfc_hci_unregister_device); 1053 1054 void nfc_hci_set_clientdata(struct nfc_hci_dev *hdev, void *clientdata) 1055 { 1056 hdev->clientdata = clientdata; 1057 } 1058 EXPORT_SYMBOL(nfc_hci_set_clientdata); 1059 1060 void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev) 1061 { 1062 return hdev->clientdata; 1063 } 1064 EXPORT_SYMBOL(nfc_hci_get_clientdata); 1065 1066 void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err) 1067 { 1068 nfc_hci_failure(hdev, err); 1069 } 1070 EXPORT_SYMBOL(nfc_hci_driver_failure); 1071 1072 void nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb) 1073 { 1074 nfc_llc_rcv_from_drv(hdev->llc, skb); 1075 } 1076 EXPORT_SYMBOL(nfc_hci_recv_frame); 1077 1078 static int __init nfc_hci_init(void) 1079 { 1080 return nfc_llc_init(); 1081 } 1082 1083 static void __exit nfc_hci_exit(void) 1084 { 1085 nfc_llc_exit(); 1086 } 1087 1088 subsys_initcall(nfc_hci_init); 1089 module_exit(nfc_hci_exit); 1090 1091 MODULE_LICENSE("GPL"); 1092 MODULE_DESCRIPTION("NFC HCI Core"); 1093