xref: /openbmc/linux/net/nfc/nci/ntf.c (revision 3d3337de)
1 /*
2  *  The NFC Controller Interface is the communication protocol between an
3  *  NFC Controller (NFCC) and a Device Host (DH).
4  *
5  *  Copyright (C) 2014 Marvell International Ltd.
6  *  Copyright (C) 2011 Texas Instruments, Inc.
7  *
8  *  Written by Ilan Elias <ilane@ti.com>
9  *
10  *  Acknowledgements:
11  *  This file is based on hci_event.c, which was written
12  *  by Maxim Krasnyansky.
13  *
14  *  This program is free software; you can redistribute it and/or modify
15  *  it under the terms of the GNU General Public License version 2
16  *  as published by the Free Software Foundation
17  *
18  *  This program is distributed in the hope that it will be useful,
19  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
20  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21  *  GNU General Public License for more details.
22  *
23  *  You should have received a copy of the GNU General Public License
24  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
25  *
26  */
27 
28 #define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
29 
30 #include <linux/types.h>
31 #include <linux/interrupt.h>
32 #include <linux/bitops.h>
33 #include <linux/skbuff.h>
34 
35 #include "../nfc.h"
36 #include <net/nfc/nci.h>
37 #include <net/nfc/nci_core.h>
38 #include <linux/nfc.h>
39 
40 /* Handle NCI Notification packets */
41 
42 static void nci_core_conn_credits_ntf_packet(struct nci_dev *ndev,
43 					     struct sk_buff *skb)
44 {
45 	struct nci_core_conn_credit_ntf *ntf = (void *) skb->data;
46 	struct nci_conn_info	*conn_info;
47 	int i;
48 
49 	pr_debug("num_entries %d\n", ntf->num_entries);
50 
51 	if (ntf->num_entries > NCI_MAX_NUM_CONN)
52 		ntf->num_entries = NCI_MAX_NUM_CONN;
53 
54 	/* update the credits */
55 	for (i = 0; i < ntf->num_entries; i++) {
56 		ntf->conn_entries[i].conn_id =
57 			nci_conn_id(&ntf->conn_entries[i].conn_id);
58 
59 		pr_debug("entry[%d]: conn_id %d, credits %d\n",
60 			 i, ntf->conn_entries[i].conn_id,
61 			 ntf->conn_entries[i].credits);
62 
63 		conn_info = nci_get_conn_info_by_conn_id(ndev,
64 							 ntf->conn_entries[i].conn_id);
65 		if (!conn_info)
66 			return;
67 
68 		atomic_add(ntf->conn_entries[i].credits,
69 			   &conn_info->credits_cnt);
70 	}
71 
72 	/* trigger the next tx */
73 	if (!skb_queue_empty(&ndev->tx_q))
74 		queue_work(ndev->tx_wq, &ndev->tx_work);
75 }
76 
77 static void nci_core_generic_error_ntf_packet(struct nci_dev *ndev,
78 					      struct sk_buff *skb)
79 {
80 	__u8 status = skb->data[0];
81 
82 	pr_debug("status 0x%x\n", status);
83 
84 	if (atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) {
85 		/* Activation failed, so complete the request
86 		   (the state remains the same) */
87 		nci_req_complete(ndev, status);
88 	}
89 }
90 
91 static void nci_core_conn_intf_error_ntf_packet(struct nci_dev *ndev,
92 						struct sk_buff *skb)
93 {
94 	struct nci_core_intf_error_ntf *ntf = (void *) skb->data;
95 
96 	ntf->conn_id = nci_conn_id(&ntf->conn_id);
97 
98 	pr_debug("status 0x%x, conn_id %d\n", ntf->status, ntf->conn_id);
99 
100 	/* complete the data exchange transaction, if exists */
101 	if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
102 		nci_data_exchange_complete(ndev, NULL, ntf->conn_id, -EIO);
103 }
104 
105 static __u8 *nci_extract_rf_params_nfca_passive_poll(struct nci_dev *ndev,
106 			struct rf_tech_specific_params_nfca_poll *nfca_poll,
107 						     __u8 *data)
108 {
109 	nfca_poll->sens_res = __le16_to_cpu(*((__le16 *)data));
110 	data += 2;
111 
112 	nfca_poll->nfcid1_len = min_t(__u8, *data++, NFC_NFCID1_MAXSIZE);
113 
114 	pr_debug("sens_res 0x%x, nfcid1_len %d\n",
115 		 nfca_poll->sens_res, nfca_poll->nfcid1_len);
116 
117 	memcpy(nfca_poll->nfcid1, data, nfca_poll->nfcid1_len);
118 	data += nfca_poll->nfcid1_len;
119 
120 	nfca_poll->sel_res_len = *data++;
121 
122 	if (nfca_poll->sel_res_len != 0)
123 		nfca_poll->sel_res = *data++;
124 
125 	pr_debug("sel_res_len %d, sel_res 0x%x\n",
126 		 nfca_poll->sel_res_len,
127 		 nfca_poll->sel_res);
128 
129 	return data;
130 }
131 
132 static __u8 *nci_extract_rf_params_nfcb_passive_poll(struct nci_dev *ndev,
133 			struct rf_tech_specific_params_nfcb_poll *nfcb_poll,
134 						     __u8 *data)
135 {
136 	nfcb_poll->sensb_res_len = min_t(__u8, *data++, NFC_SENSB_RES_MAXSIZE);
137 
138 	pr_debug("sensb_res_len %d\n", nfcb_poll->sensb_res_len);
139 
140 	memcpy(nfcb_poll->sensb_res, data, nfcb_poll->sensb_res_len);
141 	data += nfcb_poll->sensb_res_len;
142 
143 	return data;
144 }
145 
146 static __u8 *nci_extract_rf_params_nfcf_passive_poll(struct nci_dev *ndev,
147 			struct rf_tech_specific_params_nfcf_poll *nfcf_poll,
148 						     __u8 *data)
149 {
150 	nfcf_poll->bit_rate = *data++;
151 	nfcf_poll->sensf_res_len = min_t(__u8, *data++, NFC_SENSF_RES_MAXSIZE);
152 
153 	pr_debug("bit_rate %d, sensf_res_len %d\n",
154 		 nfcf_poll->bit_rate, nfcf_poll->sensf_res_len);
155 
156 	memcpy(nfcf_poll->sensf_res, data, nfcf_poll->sensf_res_len);
157 	data += nfcf_poll->sensf_res_len;
158 
159 	return data;
160 }
161 
162 static __u8 *nci_extract_rf_params_nfcv_passive_poll(struct nci_dev *ndev,
163 			struct rf_tech_specific_params_nfcv_poll *nfcv_poll,
164 						     __u8 *data)
165 {
166 	++data;
167 	nfcv_poll->dsfid = *data++;
168 	memcpy(nfcv_poll->uid, data, NFC_ISO15693_UID_MAXSIZE);
169 	data += NFC_ISO15693_UID_MAXSIZE;
170 	return data;
171 }
172 
173 static __u8 *nci_extract_rf_params_nfcf_passive_listen(struct nci_dev *ndev,
174 			struct rf_tech_specific_params_nfcf_listen *nfcf_listen,
175 						     __u8 *data)
176 {
177 	nfcf_listen->local_nfcid2_len = min_t(__u8, *data++,
178 					      NFC_NFCID2_MAXSIZE);
179 	memcpy(nfcf_listen->local_nfcid2, data, nfcf_listen->local_nfcid2_len);
180 	data += nfcf_listen->local_nfcid2_len;
181 
182 	return data;
183 }
184 
185 static __u32 nci_get_prop_rf_protocol(struct nci_dev *ndev, __u8 rf_protocol)
186 {
187 	if (ndev->ops->get_rfprotocol)
188 		return ndev->ops->get_rfprotocol(ndev, rf_protocol);
189 	return 0;
190 }
191 
192 static int nci_add_new_protocol(struct nci_dev *ndev,
193 				struct nfc_target *target,
194 				__u8 rf_protocol,
195 				__u8 rf_tech_and_mode,
196 				void *params)
197 {
198 	struct rf_tech_specific_params_nfca_poll *nfca_poll;
199 	struct rf_tech_specific_params_nfcb_poll *nfcb_poll;
200 	struct rf_tech_specific_params_nfcf_poll *nfcf_poll;
201 	struct rf_tech_specific_params_nfcv_poll *nfcv_poll;
202 	__u32 protocol;
203 
204 	if (rf_protocol == NCI_RF_PROTOCOL_T1T)
205 		protocol = NFC_PROTO_JEWEL_MASK;
206 	else if (rf_protocol == NCI_RF_PROTOCOL_T2T)
207 		protocol = NFC_PROTO_MIFARE_MASK;
208 	else if (rf_protocol == NCI_RF_PROTOCOL_ISO_DEP)
209 		if (rf_tech_and_mode == NCI_NFC_A_PASSIVE_POLL_MODE)
210 			protocol = NFC_PROTO_ISO14443_MASK;
211 		else
212 			protocol = NFC_PROTO_ISO14443_B_MASK;
213 	else if (rf_protocol == NCI_RF_PROTOCOL_T3T)
214 		protocol = NFC_PROTO_FELICA_MASK;
215 	else if (rf_protocol == NCI_RF_PROTOCOL_NFC_DEP)
216 		protocol = NFC_PROTO_NFC_DEP_MASK;
217 	else if (rf_protocol == NCI_RF_PROTOCOL_T5T)
218 		protocol = NFC_PROTO_ISO15693_MASK;
219 	else
220 		protocol = nci_get_prop_rf_protocol(ndev, rf_protocol);
221 
222 	if (!(protocol & ndev->poll_prots)) {
223 		pr_err("the target found does not have the desired protocol\n");
224 		return -EPROTO;
225 	}
226 
227 	if (rf_tech_and_mode == NCI_NFC_A_PASSIVE_POLL_MODE) {
228 		nfca_poll = (struct rf_tech_specific_params_nfca_poll *)params;
229 
230 		target->sens_res = nfca_poll->sens_res;
231 		target->sel_res = nfca_poll->sel_res;
232 		target->nfcid1_len = nfca_poll->nfcid1_len;
233 		if (target->nfcid1_len > 0) {
234 			memcpy(target->nfcid1, nfca_poll->nfcid1,
235 			       target->nfcid1_len);
236 		}
237 	} else if (rf_tech_and_mode == NCI_NFC_B_PASSIVE_POLL_MODE) {
238 		nfcb_poll = (struct rf_tech_specific_params_nfcb_poll *)params;
239 
240 		target->sensb_res_len = nfcb_poll->sensb_res_len;
241 		if (target->sensb_res_len > 0) {
242 			memcpy(target->sensb_res, nfcb_poll->sensb_res,
243 			       target->sensb_res_len);
244 		}
245 	} else if (rf_tech_and_mode == NCI_NFC_F_PASSIVE_POLL_MODE) {
246 		nfcf_poll = (struct rf_tech_specific_params_nfcf_poll *)params;
247 
248 		target->sensf_res_len = nfcf_poll->sensf_res_len;
249 		if (target->sensf_res_len > 0) {
250 			memcpy(target->sensf_res, nfcf_poll->sensf_res,
251 			       target->sensf_res_len);
252 		}
253 	} else if (rf_tech_and_mode == NCI_NFC_V_PASSIVE_POLL_MODE) {
254 		nfcv_poll = (struct rf_tech_specific_params_nfcv_poll *)params;
255 
256 		target->is_iso15693 = 1;
257 		target->iso15693_dsfid = nfcv_poll->dsfid;
258 		memcpy(target->iso15693_uid, nfcv_poll->uid, NFC_ISO15693_UID_MAXSIZE);
259 	} else {
260 		pr_err("unsupported rf_tech_and_mode 0x%x\n", rf_tech_and_mode);
261 		return -EPROTO;
262 	}
263 
264 	target->supported_protocols |= protocol;
265 
266 	pr_debug("protocol 0x%x\n", protocol);
267 
268 	return 0;
269 }
270 
271 static void nci_add_new_target(struct nci_dev *ndev,
272 			       struct nci_rf_discover_ntf *ntf)
273 {
274 	struct nfc_target *target;
275 	int i, rc;
276 
277 	for (i = 0; i < ndev->n_targets; i++) {
278 		target = &ndev->targets[i];
279 		if (target->logical_idx == ntf->rf_discovery_id) {
280 			/* This target already exists, add the new protocol */
281 			nci_add_new_protocol(ndev, target, ntf->rf_protocol,
282 					     ntf->rf_tech_and_mode,
283 					     &ntf->rf_tech_specific_params);
284 			return;
285 		}
286 	}
287 
288 	/* This is a new target, check if we've enough room */
289 	if (ndev->n_targets == NCI_MAX_DISCOVERED_TARGETS) {
290 		pr_debug("not enough room, ignoring new target...\n");
291 		return;
292 	}
293 
294 	target = &ndev->targets[ndev->n_targets];
295 
296 	rc = nci_add_new_protocol(ndev, target, ntf->rf_protocol,
297 				  ntf->rf_tech_and_mode,
298 				  &ntf->rf_tech_specific_params);
299 	if (!rc) {
300 		target->logical_idx = ntf->rf_discovery_id;
301 		ndev->n_targets++;
302 
303 		pr_debug("logical idx %d, n_targets %d\n", target->logical_idx,
304 			 ndev->n_targets);
305 	}
306 }
307 
308 void nci_clear_target_list(struct nci_dev *ndev)
309 {
310 	memset(ndev->targets, 0,
311 	       (sizeof(struct nfc_target)*NCI_MAX_DISCOVERED_TARGETS));
312 
313 	ndev->n_targets = 0;
314 }
315 
316 static void nci_rf_discover_ntf_packet(struct nci_dev *ndev,
317 				       struct sk_buff *skb)
318 {
319 	struct nci_rf_discover_ntf ntf;
320 	__u8 *data = skb->data;
321 	bool add_target = true;
322 
323 	ntf.rf_discovery_id = *data++;
324 	ntf.rf_protocol = *data++;
325 	ntf.rf_tech_and_mode = *data++;
326 	ntf.rf_tech_specific_params_len = *data++;
327 
328 	pr_debug("rf_discovery_id %d\n", ntf.rf_discovery_id);
329 	pr_debug("rf_protocol 0x%x\n", ntf.rf_protocol);
330 	pr_debug("rf_tech_and_mode 0x%x\n", ntf.rf_tech_and_mode);
331 	pr_debug("rf_tech_specific_params_len %d\n",
332 		 ntf.rf_tech_specific_params_len);
333 
334 	if (ntf.rf_tech_specific_params_len > 0) {
335 		switch (ntf.rf_tech_and_mode) {
336 		case NCI_NFC_A_PASSIVE_POLL_MODE:
337 			data = nci_extract_rf_params_nfca_passive_poll(ndev,
338 				&(ntf.rf_tech_specific_params.nfca_poll), data);
339 			break;
340 
341 		case NCI_NFC_B_PASSIVE_POLL_MODE:
342 			data = nci_extract_rf_params_nfcb_passive_poll(ndev,
343 				&(ntf.rf_tech_specific_params.nfcb_poll), data);
344 			break;
345 
346 		case NCI_NFC_F_PASSIVE_POLL_MODE:
347 			data = nci_extract_rf_params_nfcf_passive_poll(ndev,
348 				&(ntf.rf_tech_specific_params.nfcf_poll), data);
349 			break;
350 
351 		case NCI_NFC_V_PASSIVE_POLL_MODE:
352 			data = nci_extract_rf_params_nfcv_passive_poll(ndev,
353 				&(ntf.rf_tech_specific_params.nfcv_poll), data);
354 			break;
355 
356 		default:
357 			pr_err("unsupported rf_tech_and_mode 0x%x\n",
358 			       ntf.rf_tech_and_mode);
359 			data += ntf.rf_tech_specific_params_len;
360 			add_target = false;
361 		}
362 	}
363 
364 	ntf.ntf_type = *data++;
365 	pr_debug("ntf_type %d\n", ntf.ntf_type);
366 
367 	if (add_target == true)
368 		nci_add_new_target(ndev, &ntf);
369 
370 	if (ntf.ntf_type == NCI_DISCOVER_NTF_TYPE_MORE) {
371 		atomic_set(&ndev->state, NCI_W4_ALL_DISCOVERIES);
372 	} else {
373 		atomic_set(&ndev->state, NCI_W4_HOST_SELECT);
374 		nfc_targets_found(ndev->nfc_dev, ndev->targets,
375 				  ndev->n_targets);
376 	}
377 }
378 
379 static int nci_extract_activation_params_iso_dep(struct nci_dev *ndev,
380 			struct nci_rf_intf_activated_ntf *ntf, __u8 *data)
381 {
382 	struct activation_params_nfca_poll_iso_dep *nfca_poll;
383 	struct activation_params_nfcb_poll_iso_dep *nfcb_poll;
384 
385 	switch (ntf->activation_rf_tech_and_mode) {
386 	case NCI_NFC_A_PASSIVE_POLL_MODE:
387 		nfca_poll = &ntf->activation_params.nfca_poll_iso_dep;
388 		nfca_poll->rats_res_len = min_t(__u8, *data++, 20);
389 		pr_debug("rats_res_len %d\n", nfca_poll->rats_res_len);
390 		if (nfca_poll->rats_res_len > 0) {
391 			memcpy(nfca_poll->rats_res,
392 			       data, nfca_poll->rats_res_len);
393 		}
394 		break;
395 
396 	case NCI_NFC_B_PASSIVE_POLL_MODE:
397 		nfcb_poll = &ntf->activation_params.nfcb_poll_iso_dep;
398 		nfcb_poll->attrib_res_len = min_t(__u8, *data++, 50);
399 		pr_debug("attrib_res_len %d\n", nfcb_poll->attrib_res_len);
400 		if (nfcb_poll->attrib_res_len > 0) {
401 			memcpy(nfcb_poll->attrib_res,
402 			       data, nfcb_poll->attrib_res_len);
403 		}
404 		break;
405 
406 	default:
407 		pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
408 		       ntf->activation_rf_tech_and_mode);
409 		return NCI_STATUS_RF_PROTOCOL_ERROR;
410 	}
411 
412 	return NCI_STATUS_OK;
413 }
414 
415 static int nci_extract_activation_params_nfc_dep(struct nci_dev *ndev,
416 			struct nci_rf_intf_activated_ntf *ntf, __u8 *data)
417 {
418 	struct activation_params_poll_nfc_dep *poll;
419 	struct activation_params_listen_nfc_dep *listen;
420 
421 	switch (ntf->activation_rf_tech_and_mode) {
422 	case NCI_NFC_A_PASSIVE_POLL_MODE:
423 	case NCI_NFC_F_PASSIVE_POLL_MODE:
424 		poll = &ntf->activation_params.poll_nfc_dep;
425 		poll->atr_res_len = min_t(__u8, *data++,
426 					  NFC_ATR_RES_MAXSIZE - 2);
427 		pr_debug("atr_res_len %d\n", poll->atr_res_len);
428 		if (poll->atr_res_len > 0)
429 			memcpy(poll->atr_res, data, poll->atr_res_len);
430 		break;
431 
432 	case NCI_NFC_A_PASSIVE_LISTEN_MODE:
433 	case NCI_NFC_F_PASSIVE_LISTEN_MODE:
434 		listen = &ntf->activation_params.listen_nfc_dep;
435 		listen->atr_req_len = min_t(__u8, *data++,
436 					    NFC_ATR_REQ_MAXSIZE - 2);
437 		pr_debug("atr_req_len %d\n", listen->atr_req_len);
438 		if (listen->atr_req_len > 0)
439 			memcpy(listen->atr_req, data, listen->atr_req_len);
440 		break;
441 
442 	default:
443 		pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
444 		       ntf->activation_rf_tech_and_mode);
445 		return NCI_STATUS_RF_PROTOCOL_ERROR;
446 	}
447 
448 	return NCI_STATUS_OK;
449 }
450 
451 static void nci_target_auto_activated(struct nci_dev *ndev,
452 				      struct nci_rf_intf_activated_ntf *ntf)
453 {
454 	struct nfc_target *target;
455 	int rc;
456 
457 	target = &ndev->targets[ndev->n_targets];
458 
459 	rc = nci_add_new_protocol(ndev, target, ntf->rf_protocol,
460 				  ntf->activation_rf_tech_and_mode,
461 				  &ntf->rf_tech_specific_params);
462 	if (rc)
463 		return;
464 
465 	target->logical_idx = ntf->rf_discovery_id;
466 	ndev->n_targets++;
467 
468 	pr_debug("logical idx %d, n_targets %d\n",
469 		 target->logical_idx, ndev->n_targets);
470 
471 	nfc_targets_found(ndev->nfc_dev, ndev->targets, ndev->n_targets);
472 }
473 
474 static int nci_store_general_bytes_nfc_dep(struct nci_dev *ndev,
475 		struct nci_rf_intf_activated_ntf *ntf)
476 {
477 	ndev->remote_gb_len = 0;
478 
479 	if (ntf->activation_params_len <= 0)
480 		return NCI_STATUS_OK;
481 
482 	switch (ntf->activation_rf_tech_and_mode) {
483 	case NCI_NFC_A_PASSIVE_POLL_MODE:
484 	case NCI_NFC_F_PASSIVE_POLL_MODE:
485 		ndev->remote_gb_len = min_t(__u8,
486 			(ntf->activation_params.poll_nfc_dep.atr_res_len
487 						- NFC_ATR_RES_GT_OFFSET),
488 			NFC_ATR_RES_GB_MAXSIZE);
489 		memcpy(ndev->remote_gb,
490 		       (ntf->activation_params.poll_nfc_dep.atr_res
491 						+ NFC_ATR_RES_GT_OFFSET),
492 		       ndev->remote_gb_len);
493 		break;
494 
495 	case NCI_NFC_A_PASSIVE_LISTEN_MODE:
496 	case NCI_NFC_F_PASSIVE_LISTEN_MODE:
497 		ndev->remote_gb_len = min_t(__u8,
498 			(ntf->activation_params.listen_nfc_dep.atr_req_len
499 						- NFC_ATR_REQ_GT_OFFSET),
500 			NFC_ATR_REQ_GB_MAXSIZE);
501 		memcpy(ndev->remote_gb,
502 		       (ntf->activation_params.listen_nfc_dep.atr_req
503 						+ NFC_ATR_REQ_GT_OFFSET),
504 		       ndev->remote_gb_len);
505 		break;
506 
507 	default:
508 		pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
509 		       ntf->activation_rf_tech_and_mode);
510 		return NCI_STATUS_RF_PROTOCOL_ERROR;
511 	}
512 
513 	return NCI_STATUS_OK;
514 }
515 
516 static void nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev,
517 					     struct sk_buff *skb)
518 {
519 	struct nci_conn_info    *conn_info;
520 	struct nci_rf_intf_activated_ntf ntf;
521 	__u8 *data = skb->data;
522 	int err = NCI_STATUS_OK;
523 
524 	ntf.rf_discovery_id = *data++;
525 	ntf.rf_interface = *data++;
526 	ntf.rf_protocol = *data++;
527 	ntf.activation_rf_tech_and_mode = *data++;
528 	ntf.max_data_pkt_payload_size = *data++;
529 	ntf.initial_num_credits = *data++;
530 	ntf.rf_tech_specific_params_len = *data++;
531 
532 	pr_debug("rf_discovery_id %d\n", ntf.rf_discovery_id);
533 	pr_debug("rf_interface 0x%x\n", ntf.rf_interface);
534 	pr_debug("rf_protocol 0x%x\n", ntf.rf_protocol);
535 	pr_debug("activation_rf_tech_and_mode 0x%x\n",
536 		 ntf.activation_rf_tech_and_mode);
537 	pr_debug("max_data_pkt_payload_size 0x%x\n",
538 		 ntf.max_data_pkt_payload_size);
539 	pr_debug("initial_num_credits 0x%x\n",
540 		 ntf.initial_num_credits);
541 	pr_debug("rf_tech_specific_params_len %d\n",
542 		 ntf.rf_tech_specific_params_len);
543 
544 	/* If this contains a value of 0x00 (NFCEE Direct RF
545 	 * Interface) then all following parameters SHALL contain a
546 	 * value of 0 and SHALL be ignored.
547 	 */
548 	if (ntf.rf_interface == NCI_RF_INTERFACE_NFCEE_DIRECT)
549 		goto listen;
550 
551 	if (ntf.rf_tech_specific_params_len > 0) {
552 		switch (ntf.activation_rf_tech_and_mode) {
553 		case NCI_NFC_A_PASSIVE_POLL_MODE:
554 			data = nci_extract_rf_params_nfca_passive_poll(ndev,
555 				&(ntf.rf_tech_specific_params.nfca_poll), data);
556 			break;
557 
558 		case NCI_NFC_B_PASSIVE_POLL_MODE:
559 			data = nci_extract_rf_params_nfcb_passive_poll(ndev,
560 				&(ntf.rf_tech_specific_params.nfcb_poll), data);
561 			break;
562 
563 		case NCI_NFC_F_PASSIVE_POLL_MODE:
564 			data = nci_extract_rf_params_nfcf_passive_poll(ndev,
565 				&(ntf.rf_tech_specific_params.nfcf_poll), data);
566 			break;
567 
568 		case NCI_NFC_V_PASSIVE_POLL_MODE:
569 			data = nci_extract_rf_params_nfcv_passive_poll(ndev,
570 				&(ntf.rf_tech_specific_params.nfcv_poll), data);
571 			break;
572 
573 		case NCI_NFC_A_PASSIVE_LISTEN_MODE:
574 			/* no RF technology specific parameters */
575 			break;
576 
577 		case NCI_NFC_F_PASSIVE_LISTEN_MODE:
578 			data = nci_extract_rf_params_nfcf_passive_listen(ndev,
579 				&(ntf.rf_tech_specific_params.nfcf_listen),
580 				data);
581 			break;
582 
583 		default:
584 			pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
585 			       ntf.activation_rf_tech_and_mode);
586 			err = NCI_STATUS_RF_PROTOCOL_ERROR;
587 			goto exit;
588 		}
589 	}
590 
591 	ntf.data_exch_rf_tech_and_mode = *data++;
592 	ntf.data_exch_tx_bit_rate = *data++;
593 	ntf.data_exch_rx_bit_rate = *data++;
594 	ntf.activation_params_len = *data++;
595 
596 	pr_debug("data_exch_rf_tech_and_mode 0x%x\n",
597 		 ntf.data_exch_rf_tech_and_mode);
598 	pr_debug("data_exch_tx_bit_rate 0x%x\n", ntf.data_exch_tx_bit_rate);
599 	pr_debug("data_exch_rx_bit_rate 0x%x\n", ntf.data_exch_rx_bit_rate);
600 	pr_debug("activation_params_len %d\n", ntf.activation_params_len);
601 
602 	if (ntf.activation_params_len > 0) {
603 		switch (ntf.rf_interface) {
604 		case NCI_RF_INTERFACE_ISO_DEP:
605 			err = nci_extract_activation_params_iso_dep(ndev,
606 								    &ntf, data);
607 			break;
608 
609 		case NCI_RF_INTERFACE_NFC_DEP:
610 			err = nci_extract_activation_params_nfc_dep(ndev,
611 								    &ntf, data);
612 			break;
613 
614 		case NCI_RF_INTERFACE_FRAME:
615 			/* no activation params */
616 			break;
617 
618 		default:
619 			pr_err("unsupported rf_interface 0x%x\n",
620 			       ntf.rf_interface);
621 			err = NCI_STATUS_RF_PROTOCOL_ERROR;
622 			break;
623 		}
624 	}
625 
626 exit:
627 	if (err == NCI_STATUS_OK) {
628 		conn_info = ndev->rf_conn_info;
629 		if (!conn_info)
630 			return;
631 
632 		conn_info->max_pkt_payload_len = ntf.max_data_pkt_payload_size;
633 		conn_info->initial_num_credits = ntf.initial_num_credits;
634 
635 		/* set the available credits to initial value */
636 		atomic_set(&conn_info->credits_cnt,
637 			   conn_info->initial_num_credits);
638 
639 		/* store general bytes to be reported later in dep_link_up */
640 		if (ntf.rf_interface == NCI_RF_INTERFACE_NFC_DEP) {
641 			err = nci_store_general_bytes_nfc_dep(ndev, &ntf);
642 			if (err != NCI_STATUS_OK)
643 				pr_err("unable to store general bytes\n");
644 		}
645 	}
646 
647 	if (!(ntf.activation_rf_tech_and_mode & NCI_RF_TECH_MODE_LISTEN_MASK)) {
648 		/* Poll mode */
649 		if (atomic_read(&ndev->state) == NCI_DISCOVERY) {
650 			/* A single target was found and activated
651 			 * automatically */
652 			atomic_set(&ndev->state, NCI_POLL_ACTIVE);
653 			if (err == NCI_STATUS_OK)
654 				nci_target_auto_activated(ndev, &ntf);
655 		} else {	/* ndev->state == NCI_W4_HOST_SELECT */
656 			/* A selected target was activated, so complete the
657 			 * request */
658 			atomic_set(&ndev->state, NCI_POLL_ACTIVE);
659 			nci_req_complete(ndev, err);
660 		}
661 	} else {
662 listen:
663 		/* Listen mode */
664 		atomic_set(&ndev->state, NCI_LISTEN_ACTIVE);
665 		if (err == NCI_STATUS_OK &&
666 		    ntf.rf_protocol == NCI_RF_PROTOCOL_NFC_DEP) {
667 			err = nfc_tm_activated(ndev->nfc_dev,
668 					       NFC_PROTO_NFC_DEP_MASK,
669 					       NFC_COMM_PASSIVE,
670 					       ndev->remote_gb,
671 					       ndev->remote_gb_len);
672 			if (err != NCI_STATUS_OK)
673 				pr_err("error when signaling tm activation\n");
674 		}
675 	}
676 }
677 
678 static void nci_rf_deactivate_ntf_packet(struct nci_dev *ndev,
679 					 struct sk_buff *skb)
680 {
681 	struct nci_conn_info    *conn_info;
682 	struct nci_rf_deactivate_ntf *ntf = (void *) skb->data;
683 
684 	pr_debug("entry, type 0x%x, reason 0x%x\n", ntf->type, ntf->reason);
685 
686 	conn_info = ndev->rf_conn_info;
687 	if (!conn_info)
688 		return;
689 
690 	/* drop tx data queue */
691 	skb_queue_purge(&ndev->tx_q);
692 
693 	/* drop partial rx data packet */
694 	if (ndev->rx_data_reassembly) {
695 		kfree_skb(ndev->rx_data_reassembly);
696 		ndev->rx_data_reassembly = NULL;
697 	}
698 
699 	/* complete the data exchange transaction, if exists */
700 	if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
701 		nci_data_exchange_complete(ndev, NULL, NCI_STATIC_RF_CONN_ID,
702 					   -EIO);
703 
704 	switch (ntf->type) {
705 	case NCI_DEACTIVATE_TYPE_IDLE_MODE:
706 		nci_clear_target_list(ndev);
707 		atomic_set(&ndev->state, NCI_IDLE);
708 		break;
709 	case NCI_DEACTIVATE_TYPE_SLEEP_MODE:
710 	case NCI_DEACTIVATE_TYPE_SLEEP_AF_MODE:
711 		atomic_set(&ndev->state, NCI_W4_HOST_SELECT);
712 		break;
713 	case NCI_DEACTIVATE_TYPE_DISCOVERY:
714 		nci_clear_target_list(ndev);
715 		atomic_set(&ndev->state, NCI_DISCOVERY);
716 		break;
717 	}
718 
719 	nci_req_complete(ndev, NCI_STATUS_OK);
720 }
721 
722 static void nci_nfcee_discover_ntf_packet(struct nci_dev *ndev,
723 					  struct sk_buff *skb)
724 {
725 	u8 status = NCI_STATUS_OK;
726 	struct nci_nfcee_discover_ntf   *nfcee_ntf =
727 				(struct nci_nfcee_discover_ntf *)skb->data;
728 
729 	pr_debug("\n");
730 
731 	/* NFCForum NCI 9.2.1 HCI Network Specific Handling
732 	 * If the NFCC supports the HCI Network, it SHALL return one,
733 	 * and only one, NFCEE_DISCOVER_NTF with a Protocol type of
734 	 * “HCI Access”, even if the HCI Network contains multiple NFCEEs.
735 	 */
736 	ndev->hci_dev->nfcee_id = nfcee_ntf->nfcee_id;
737 	ndev->cur_id = nfcee_ntf->nfcee_id;
738 
739 	nci_req_complete(ndev, status);
740 }
741 
742 static void nci_nfcee_action_ntf_packet(struct nci_dev *ndev,
743 					struct sk_buff *skb)
744 {
745 	pr_debug("\n");
746 }
747 
748 void nci_ntf_packet(struct nci_dev *ndev, struct sk_buff *skb)
749 {
750 	__u16 ntf_opcode = nci_opcode(skb->data);
751 
752 	pr_debug("NCI RX: MT=ntf, PBF=%d, GID=0x%x, OID=0x%x, plen=%d\n",
753 		 nci_pbf(skb->data),
754 		 nci_opcode_gid(ntf_opcode),
755 		 nci_opcode_oid(ntf_opcode),
756 		 nci_plen(skb->data));
757 
758 	/* strip the nci control header */
759 	skb_pull(skb, NCI_CTRL_HDR_SIZE);
760 
761 	switch (ntf_opcode) {
762 	case NCI_OP_CORE_CONN_CREDITS_NTF:
763 		nci_core_conn_credits_ntf_packet(ndev, skb);
764 		break;
765 
766 	case NCI_OP_CORE_GENERIC_ERROR_NTF:
767 		nci_core_generic_error_ntf_packet(ndev, skb);
768 		break;
769 
770 	case NCI_OP_CORE_INTF_ERROR_NTF:
771 		nci_core_conn_intf_error_ntf_packet(ndev, skb);
772 		break;
773 
774 	case NCI_OP_RF_DISCOVER_NTF:
775 		nci_rf_discover_ntf_packet(ndev, skb);
776 		break;
777 
778 	case NCI_OP_RF_INTF_ACTIVATED_NTF:
779 		nci_rf_intf_activated_ntf_packet(ndev, skb);
780 		break;
781 
782 	case NCI_OP_RF_DEACTIVATE_NTF:
783 		nci_rf_deactivate_ntf_packet(ndev, skb);
784 		break;
785 
786 	case NCI_OP_NFCEE_DISCOVER_NTF:
787 		nci_nfcee_discover_ntf_packet(ndev, skb);
788 		break;
789 
790 	case NCI_OP_RF_NFCEE_ACTION_NTF:
791 		nci_nfcee_action_ntf_packet(ndev, skb);
792 		break;
793 
794 	default:
795 		pr_err("unknown ntf opcode 0x%x\n", ntf_opcode);
796 		break;
797 	}
798 
799 	kfree_skb(skb);
800 }
801