1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Driver for NXP PN533 NFC Chip - core functions 4 * 5 * Copyright (C) 2011 Instituto Nokia de Tecnologia 6 * Copyright (C) 2012-2013 Tieto Poland 7 */ 8 9#include <linux/device.h> 10#include <linux/kernel.h> 11#include <linux/module.h> 12#include <linux/slab.h> 13#include <linux/nfc.h> 14#include <linux/netdevice.h> 15#include <net/nfc/nfc.h> 16#include "pn533.h" 17 18#define VERSION "0.3" 19 20/* How much time we spend listening for initiators */ 21#define PN533_LISTEN_TIME 2 22/* Delay between each poll frame (ms) */ 23#define PN533_POLL_INTERVAL 10 24 25/* structs for pn533 commands */ 26 27/* PN533_CMD_GET_FIRMWARE_VERSION */ 28struct pn533_fw_version { 29 u8 ic; 30 u8 ver; 31 u8 rev; 32 u8 support; 33}; 34 35/* PN533_CMD_RF_CONFIGURATION */ 36#define PN533_CFGITEM_RF_FIELD 0x01 37#define PN533_CFGITEM_TIMING 0x02 38#define PN533_CFGITEM_MAX_RETRIES 0x05 39#define PN533_CFGITEM_PASORI 0x82 40 41#define PN533_CFGITEM_RF_FIELD_AUTO_RFCA 0x2 42#define PN533_CFGITEM_RF_FIELD_ON 0x1 43#define PN533_CFGITEM_RF_FIELD_OFF 0x0 44 45#define PN533_CONFIG_TIMING_102 0xb 46#define PN533_CONFIG_TIMING_204 0xc 47#define PN533_CONFIG_TIMING_409 0xd 48#define PN533_CONFIG_TIMING_819 0xe 49 50#define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00 51#define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF 52 53struct pn533_config_max_retries { 54 u8 mx_rty_atr; 55 u8 mx_rty_psl; 56 u8 mx_rty_passive_act; 57} __packed; 58 59struct pn533_config_timing { 60 u8 rfu; 61 u8 atr_res_timeout; 62 u8 dep_timeout; 63} __packed; 64 65/* PN533_CMD_IN_LIST_PASSIVE_TARGET */ 66 67/* felica commands opcode */ 68#define PN533_FELICA_OPC_SENSF_REQ 0 69#define PN533_FELICA_OPC_SENSF_RES 1 70/* felica SENSF_REQ parameters */ 71#define PN533_FELICA_SENSF_SC_ALL 0xFFFF 72#define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0 73#define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1 74#define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2 75 76/* type B initiator_data values */ 77#define PN533_TYPE_B_AFI_ALL_FAMILIES 0 78#define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0 79#define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1 80 81union pn533_cmd_poll_initdata { 82 struct { 83 u8 afi; 84 u8 polling_method; 85 } __packed type_b; 86 struct { 87 u8 opcode; 88 __be16 sc; 89 u8 rc; 90 u8 tsn; 91 } __packed felica; 92}; 93 94struct pn533_poll_modulations { 95 struct { 96 u8 maxtg; 97 u8 brty; 98 union pn533_cmd_poll_initdata initiator_data; 99 } __packed data; 100 u8 len; 101}; 102 103static const struct pn533_poll_modulations poll_mod[] = { 104 [PN533_POLL_MOD_106KBPS_A] = { 105 .data = { 106 .maxtg = 1, 107 .brty = 0, 108 }, 109 .len = 2, 110 }, 111 [PN533_POLL_MOD_212KBPS_FELICA] = { 112 .data = { 113 .maxtg = 1, 114 .brty = 1, 115 .initiator_data.felica = { 116 .opcode = PN533_FELICA_OPC_SENSF_REQ, 117 .sc = PN533_FELICA_SENSF_SC_ALL, 118 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 119 .tsn = 0x03, 120 }, 121 }, 122 .len = 7, 123 }, 124 [PN533_POLL_MOD_424KBPS_FELICA] = { 125 .data = { 126 .maxtg = 1, 127 .brty = 2, 128 .initiator_data.felica = { 129 .opcode = PN533_FELICA_OPC_SENSF_REQ, 130 .sc = PN533_FELICA_SENSF_SC_ALL, 131 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 132 .tsn = 0x03, 133 }, 134 }, 135 .len = 7, 136 }, 137 [PN533_POLL_MOD_106KBPS_JEWEL] = { 138 .data = { 139 .maxtg = 1, 140 .brty = 4, 141 }, 142 .len = 2, 143 }, 144 [PN533_POLL_MOD_847KBPS_B] = { 145 .data = { 146 .maxtg = 1, 147 .brty = 8, 148 .initiator_data.type_b = { 149 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES, 150 .polling_method = 151 PN533_TYPE_B_POLL_METHOD_TIMESLOT, 152 }, 153 }, 154 .len = 3, 155 }, 156 [PN533_LISTEN_MOD] = { 157 .len = 0, 158 }, 159}; 160 161/* PN533_CMD_IN_ATR */ 162 163struct pn533_cmd_activate_response { 164 u8 status; 165 u8 nfcid3t[10]; 166 u8 didt; 167 u8 bst; 168 u8 brt; 169 u8 to; 170 u8 ppt; 171 /* optional */ 172 u8 gt[]; 173} __packed; 174 175struct pn533_cmd_jump_dep_response { 176 u8 status; 177 u8 tg; 178 u8 nfcid3t[10]; 179 u8 didt; 180 u8 bst; 181 u8 brt; 182 u8 to; 183 u8 ppt; 184 /* optional */ 185 u8 gt[]; 186} __packed; 187 188struct pn532_autopoll_resp { 189 u8 type; 190 u8 ln; 191 u8 tg; 192 u8 tgdata[]; 193}; 194 195/* PN532_CMD_IN_AUTOPOLL */ 196#define PN532_AUTOPOLL_POLLNR_INFINITE 0xff 197#define PN532_AUTOPOLL_PERIOD 0x03 /* in units of 150 ms */ 198 199#define PN532_AUTOPOLL_TYPE_GENERIC_106 0x00 200#define PN532_AUTOPOLL_TYPE_GENERIC_212 0x01 201#define PN532_AUTOPOLL_TYPE_GENERIC_424 0x02 202#define PN532_AUTOPOLL_TYPE_JEWEL 0x04 203#define PN532_AUTOPOLL_TYPE_MIFARE 0x10 204#define PN532_AUTOPOLL_TYPE_FELICA212 0x11 205#define PN532_AUTOPOLL_TYPE_FELICA424 0x12 206#define PN532_AUTOPOLL_TYPE_ISOA 0x20 207#define PN532_AUTOPOLL_TYPE_ISOB 0x23 208#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106 0x40 209#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212 0x41 210#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424 0x42 211#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106 0x80 212#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_212 0x81 213#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_424 0x82 214 215/* PN533_TG_INIT_AS_TARGET */ 216#define PN533_INIT_TARGET_PASSIVE 0x1 217#define PN533_INIT_TARGET_DEP 0x2 218 219#define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3 220#define PN533_INIT_TARGET_RESP_ACTIVE 0x1 221#define PN533_INIT_TARGET_RESP_DEP 0x4 222 223/* The rule: value(high byte) + value(low byte) + checksum = 0 */ 224static inline u8 pn533_ext_checksum(u16 value) 225{ 226 return ~(u8)(((value & 0xFF00) >> 8) + (u8)(value & 0xFF)) + 1; 227} 228 229/* The rule: value + checksum = 0 */ 230static inline u8 pn533_std_checksum(u8 value) 231{ 232 return ~value + 1; 233} 234 235/* The rule: sum(data elements) + checksum = 0 */ 236static u8 pn533_std_data_checksum(u8 *data, int datalen) 237{ 238 u8 sum = 0; 239 int i; 240 241 for (i = 0; i < datalen; i++) 242 sum += data[i]; 243 244 return pn533_std_checksum(sum); 245} 246 247static void pn533_std_tx_frame_init(void *_frame, u8 cmd_code) 248{ 249 struct pn533_std_frame *frame = _frame; 250 251 frame->preamble = 0; 252 frame->start_frame = cpu_to_be16(PN533_STD_FRAME_SOF); 253 PN533_STD_FRAME_IDENTIFIER(frame) = PN533_STD_FRAME_DIR_OUT; 254 PN533_FRAME_CMD(frame) = cmd_code; 255 frame->datalen = 2; 256} 257 258static void pn533_std_tx_frame_finish(void *_frame) 259{ 260 struct pn533_std_frame *frame = _frame; 261 262 frame->datalen_checksum = pn533_std_checksum(frame->datalen); 263 264 PN533_STD_FRAME_CHECKSUM(frame) = 265 pn533_std_data_checksum(frame->data, frame->datalen); 266 267 PN533_STD_FRAME_POSTAMBLE(frame) = 0; 268} 269 270static void pn533_std_tx_update_payload_len(void *_frame, int len) 271{ 272 struct pn533_std_frame *frame = _frame; 273 274 frame->datalen += len; 275} 276 277static bool pn533_std_rx_frame_is_valid(void *_frame, struct pn533 *dev) 278{ 279 u8 checksum; 280 struct pn533_std_frame *stdf = _frame; 281 282 if (stdf->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 283 return false; 284 285 if (likely(!PN533_STD_IS_EXTENDED(stdf))) { 286 /* Standard frame code */ 287 dev->ops->rx_header_len = PN533_STD_FRAME_HEADER_LEN; 288 289 checksum = pn533_std_checksum(stdf->datalen); 290 if (checksum != stdf->datalen_checksum) 291 return false; 292 293 checksum = pn533_std_data_checksum(stdf->data, stdf->datalen); 294 if (checksum != PN533_STD_FRAME_CHECKSUM(stdf)) 295 return false; 296 } else { 297 /* Extended */ 298 struct pn533_ext_frame *eif = _frame; 299 300 dev->ops->rx_header_len = PN533_EXT_FRAME_HEADER_LEN; 301 302 checksum = pn533_ext_checksum(be16_to_cpu(eif->datalen)); 303 if (checksum != eif->datalen_checksum) 304 return false; 305 306 /* check data checksum */ 307 checksum = pn533_std_data_checksum(eif->data, 308 be16_to_cpu(eif->datalen)); 309 if (checksum != PN533_EXT_FRAME_CHECKSUM(eif)) 310 return false; 311 } 312 313 return true; 314} 315 316bool pn533_rx_frame_is_ack(void *_frame) 317{ 318 struct pn533_std_frame *frame = _frame; 319 320 if (frame->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 321 return false; 322 323 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF) 324 return false; 325 326 return true; 327} 328EXPORT_SYMBOL_GPL(pn533_rx_frame_is_ack); 329 330static inline int pn533_std_rx_frame_size(void *frame) 331{ 332 struct pn533_std_frame *f = frame; 333 334 /* check for Extended Information frame */ 335 if (PN533_STD_IS_EXTENDED(f)) { 336 struct pn533_ext_frame *eif = frame; 337 338 return sizeof(struct pn533_ext_frame) 339 + be16_to_cpu(eif->datalen) + PN533_STD_FRAME_TAIL_LEN; 340 } 341 342 return sizeof(struct pn533_std_frame) + f->datalen + 343 PN533_STD_FRAME_TAIL_LEN; 344} 345 346static u8 pn533_std_get_cmd_code(void *frame) 347{ 348 struct pn533_std_frame *f = frame; 349 struct pn533_ext_frame *eif = frame; 350 351 if (PN533_STD_IS_EXTENDED(f)) 352 return PN533_FRAME_CMD(eif); 353 else 354 return PN533_FRAME_CMD(f); 355} 356 357bool pn533_rx_frame_is_cmd_response(struct pn533 *dev, void *frame) 358{ 359 return (dev->ops->get_cmd_code(frame) == 360 PN533_CMD_RESPONSE(dev->cmd->code)); 361} 362EXPORT_SYMBOL_GPL(pn533_rx_frame_is_cmd_response); 363 364 365static struct pn533_frame_ops pn533_std_frame_ops = { 366 .tx_frame_init = pn533_std_tx_frame_init, 367 .tx_frame_finish = pn533_std_tx_frame_finish, 368 .tx_update_payload_len = pn533_std_tx_update_payload_len, 369 .tx_header_len = PN533_STD_FRAME_HEADER_LEN, 370 .tx_tail_len = PN533_STD_FRAME_TAIL_LEN, 371 372 .rx_is_frame_valid = pn533_std_rx_frame_is_valid, 373 .rx_frame_size = pn533_std_rx_frame_size, 374 .rx_header_len = PN533_STD_FRAME_HEADER_LEN, 375 .rx_tail_len = PN533_STD_FRAME_TAIL_LEN, 376 377 .max_payload_len = PN533_STD_FRAME_MAX_PAYLOAD_LEN, 378 .get_cmd_code = pn533_std_get_cmd_code, 379}; 380 381static void pn533_build_cmd_frame(struct pn533 *dev, u8 cmd_code, 382 struct sk_buff *skb) 383{ 384 /* payload is already there, just update datalen */ 385 int payload_len = skb->len; 386 struct pn533_frame_ops *ops = dev->ops; 387 388 389 skb_push(skb, ops->tx_header_len); 390 skb_put(skb, ops->tx_tail_len); 391 392 ops->tx_frame_init(skb->data, cmd_code); 393 ops->tx_update_payload_len(skb->data, payload_len); 394 ops->tx_frame_finish(skb->data); 395} 396 397static int pn533_send_async_complete(struct pn533 *dev) 398{ 399 struct pn533_cmd *cmd = dev->cmd; 400 struct sk_buff *resp; 401 int status, rc = 0; 402 403 if (!cmd) { 404 dev_dbg(dev->dev, "%s: cmd not set\n", __func__); 405 goto done; 406 } 407 408 dev_kfree_skb(cmd->req); 409 410 status = cmd->status; 411 resp = cmd->resp; 412 413 if (status < 0) { 414 rc = cmd->complete_cb(dev, cmd->complete_cb_context, 415 ERR_PTR(status)); 416 dev_kfree_skb(resp); 417 goto done; 418 } 419 420 /* when no response is set we got interrupted */ 421 if (!resp) 422 resp = ERR_PTR(-EINTR); 423 424 if (!IS_ERR(resp)) { 425 skb_pull(resp, dev->ops->rx_header_len); 426 skb_trim(resp, resp->len - dev->ops->rx_tail_len); 427 } 428 429 rc = cmd->complete_cb(dev, cmd->complete_cb_context, resp); 430 431done: 432 kfree(cmd); 433 dev->cmd = NULL; 434 return rc; 435} 436 437static int __pn533_send_async(struct pn533 *dev, u8 cmd_code, 438 struct sk_buff *req, 439 pn533_send_async_complete_t complete_cb, 440 void *complete_cb_context) 441{ 442 struct pn533_cmd *cmd; 443 int rc = 0; 444 445 dev_dbg(dev->dev, "Sending command 0x%x\n", cmd_code); 446 447 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 448 if (!cmd) 449 return -ENOMEM; 450 451 cmd->code = cmd_code; 452 cmd->req = req; 453 cmd->complete_cb = complete_cb; 454 cmd->complete_cb_context = complete_cb_context; 455 456 pn533_build_cmd_frame(dev, cmd_code, req); 457 458 mutex_lock(&dev->cmd_lock); 459 460 if (!dev->cmd_pending) { 461 dev->cmd = cmd; 462 rc = dev->phy_ops->send_frame(dev, req); 463 if (rc) { 464 dev->cmd = NULL; 465 goto error; 466 } 467 468 dev->cmd_pending = 1; 469 goto unlock; 470 } 471 472 dev_dbg(dev->dev, "%s Queueing command 0x%x\n", 473 __func__, cmd_code); 474 475 INIT_LIST_HEAD(&cmd->queue); 476 list_add_tail(&cmd->queue, &dev->cmd_queue); 477 478 goto unlock; 479 480error: 481 kfree(cmd); 482unlock: 483 mutex_unlock(&dev->cmd_lock); 484 return rc; 485} 486 487static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code, 488 struct sk_buff *req, 489 pn533_send_async_complete_t complete_cb, 490 void *complete_cb_context) 491{ 492 int rc; 493 494 rc = __pn533_send_async(dev, cmd_code, req, complete_cb, 495 complete_cb_context); 496 497 return rc; 498} 499 500static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code, 501 struct sk_buff *req, 502 pn533_send_async_complete_t complete_cb, 503 void *complete_cb_context) 504{ 505 int rc; 506 507 rc = __pn533_send_async(dev, cmd_code, req, complete_cb, 508 complete_cb_context); 509 510 return rc; 511} 512 513/* 514 * pn533_send_cmd_direct_async 515 * 516 * The function sends a piority cmd directly to the chip omitting the cmd 517 * queue. It's intended to be used by chaining mechanism of received responses 518 * where the host has to request every single chunk of data before scheduling 519 * next cmd from the queue. 520 */ 521static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code, 522 struct sk_buff *req, 523 pn533_send_async_complete_t complete_cb, 524 void *complete_cb_context) 525{ 526 struct pn533_cmd *cmd; 527 int rc; 528 529 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 530 if (!cmd) 531 return -ENOMEM; 532 533 cmd->code = cmd_code; 534 cmd->req = req; 535 cmd->complete_cb = complete_cb; 536 cmd->complete_cb_context = complete_cb_context; 537 538 pn533_build_cmd_frame(dev, cmd_code, req); 539 540 dev->cmd = cmd; 541 rc = dev->phy_ops->send_frame(dev, req); 542 if (rc < 0) { 543 dev->cmd = NULL; 544 kfree(cmd); 545 } 546 547 return rc; 548} 549 550static void pn533_wq_cmd_complete(struct work_struct *work) 551{ 552 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work); 553 int rc; 554 555 rc = pn533_send_async_complete(dev); 556 if (rc != -EINPROGRESS) 557 queue_work(dev->wq, &dev->cmd_work); 558} 559 560static void pn533_wq_cmd(struct work_struct *work) 561{ 562 struct pn533 *dev = container_of(work, struct pn533, cmd_work); 563 struct pn533_cmd *cmd; 564 int rc; 565 566 mutex_lock(&dev->cmd_lock); 567 568 if (list_empty(&dev->cmd_queue)) { 569 dev->cmd_pending = 0; 570 mutex_unlock(&dev->cmd_lock); 571 return; 572 } 573 574 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue); 575 576 list_del(&cmd->queue); 577 578 mutex_unlock(&dev->cmd_lock); 579 580 dev->cmd = cmd; 581 rc = dev->phy_ops->send_frame(dev, cmd->req); 582 if (rc < 0) { 583 dev->cmd = NULL; 584 dev_kfree_skb(cmd->req); 585 kfree(cmd); 586 return; 587 } 588 589} 590 591struct pn533_sync_cmd_response { 592 struct sk_buff *resp; 593 struct completion done; 594}; 595 596static int pn533_send_sync_complete(struct pn533 *dev, void *_arg, 597 struct sk_buff *resp) 598{ 599 struct pn533_sync_cmd_response *arg = _arg; 600 601 arg->resp = resp; 602 complete(&arg->done); 603 604 return 0; 605} 606 607/* pn533_send_cmd_sync 608 * 609 * Please note the req parameter is freed inside the function to 610 * limit a number of return value interpretations by the caller. 611 * 612 * 1. negative in case of error during TX path -> req should be freed 613 * 614 * 2. negative in case of error during RX path -> req should not be freed 615 * as it's been already freed at the beginning of RX path by 616 * async_complete_cb. 617 * 618 * 3. valid pointer in case of succesfult RX path 619 * 620 * A caller has to check a return value with IS_ERR macro. If the test pass, 621 * the returned pointer is valid. 622 * 623 */ 624static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code, 625 struct sk_buff *req) 626{ 627 int rc; 628 struct pn533_sync_cmd_response arg; 629 630 init_completion(&arg.done); 631 632 rc = pn533_send_cmd_async(dev, cmd_code, req, 633 pn533_send_sync_complete, &arg); 634 if (rc) { 635 dev_kfree_skb(req); 636 return ERR_PTR(rc); 637 } 638 639 wait_for_completion(&arg.done); 640 641 return arg.resp; 642} 643 644static struct sk_buff *pn533_alloc_skb(struct pn533 *dev, unsigned int size) 645{ 646 struct sk_buff *skb; 647 648 skb = alloc_skb(dev->ops->tx_header_len + 649 size + 650 dev->ops->tx_tail_len, GFP_KERNEL); 651 652 if (skb) 653 skb_reserve(skb, dev->ops->tx_header_len); 654 655 return skb; 656} 657 658struct pn533_target_type_a { 659 __be16 sens_res; 660 u8 sel_res; 661 u8 nfcid_len; 662 u8 nfcid_data[]; 663} __packed; 664 665 666#define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6)) 667#define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0)) 668#define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8)) 669 670#define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00 671#define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C 672 673#define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5) 674#define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2) 675 676#define PN533_TYPE_A_SEL_PROT_MIFARE 0 677#define PN533_TYPE_A_SEL_PROT_ISO14443 1 678#define PN533_TYPE_A_SEL_PROT_DEP 2 679#define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3 680 681static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a, 682 int target_data_len) 683{ 684 u8 ssd; 685 u8 platconf; 686 687 if (target_data_len < sizeof(struct pn533_target_type_a)) 688 return false; 689 690 /* 691 * The length check of nfcid[] and ats[] are not being performed because 692 * the values are not being used 693 */ 694 695 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 696 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res); 697 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res); 698 699 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 700 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 701 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 702 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 703 return false; 704 705 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */ 706 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0) 707 return false; 708 709 if (type_a->nfcid_len > NFC_NFCID1_MAXSIZE) 710 return false; 711 712 return true; 713} 714 715static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data, 716 int tgt_data_len) 717{ 718 struct pn533_target_type_a *tgt_type_a; 719 720 tgt_type_a = (struct pn533_target_type_a *)tgt_data; 721 722 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len)) 723 return -EPROTO; 724 725 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) { 726 case PN533_TYPE_A_SEL_PROT_MIFARE: 727 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK; 728 break; 729 case PN533_TYPE_A_SEL_PROT_ISO14443: 730 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK; 731 break; 732 case PN533_TYPE_A_SEL_PROT_DEP: 733 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 734 break; 735 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP: 736 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK | 737 NFC_PROTO_NFC_DEP_MASK; 738 break; 739 } 740 741 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res); 742 nfc_tgt->sel_res = tgt_type_a->sel_res; 743 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len; 744 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len); 745 746 return 0; 747} 748 749struct pn533_target_felica { 750 u8 pol_res; 751 u8 opcode; 752 u8 nfcid2[NFC_NFCID2_MAXSIZE]; 753 u8 pad[8]; 754 /* optional */ 755 u8 syst_code[]; 756} __packed; 757 758#define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01 759#define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE 760 761static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica, 762 int target_data_len) 763{ 764 if (target_data_len < sizeof(struct pn533_target_felica)) 765 return false; 766 767 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES) 768 return false; 769 770 return true; 771} 772 773static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data, 774 int tgt_data_len) 775{ 776 struct pn533_target_felica *tgt_felica; 777 778 tgt_felica = (struct pn533_target_felica *)tgt_data; 779 780 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len)) 781 return -EPROTO; 782 783 if ((tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1) && 784 (tgt_felica->nfcid2[1] == PN533_FELICA_SENSF_NFCID2_DEP_B2)) 785 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 786 else 787 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK; 788 789 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9); 790 nfc_tgt->sensf_res_len = 9; 791 792 memcpy(nfc_tgt->nfcid2, tgt_felica->nfcid2, NFC_NFCID2_MAXSIZE); 793 nfc_tgt->nfcid2_len = NFC_NFCID2_MAXSIZE; 794 795 return 0; 796} 797 798struct pn533_target_jewel { 799 __be16 sens_res; 800 u8 jewelid[4]; 801} __packed; 802 803static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel, 804 int target_data_len) 805{ 806 u8 ssd; 807 u8 platconf; 808 809 if (target_data_len < sizeof(struct pn533_target_jewel)) 810 return false; 811 812 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 813 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res); 814 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res); 815 816 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 817 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 818 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 819 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 820 return false; 821 822 return true; 823} 824 825static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data, 826 int tgt_data_len) 827{ 828 struct pn533_target_jewel *tgt_jewel; 829 830 tgt_jewel = (struct pn533_target_jewel *)tgt_data; 831 832 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len)) 833 return -EPROTO; 834 835 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK; 836 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res); 837 nfc_tgt->nfcid1_len = 4; 838 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len); 839 840 return 0; 841} 842 843struct pn533_type_b_prot_info { 844 u8 bitrate; 845 u8 fsci_type; 846 u8 fwi_adc_fo; 847} __packed; 848 849#define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4) 850#define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0) 851#define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8 852 853struct pn533_type_b_sens_res { 854 u8 opcode; 855 u8 nfcid[4]; 856 u8 appdata[4]; 857 struct pn533_type_b_prot_info prot_info; 858} __packed; 859 860#define PN533_TYPE_B_OPC_SENSB_RES 0x50 861 862struct pn533_target_type_b { 863 struct pn533_type_b_sens_res sensb_res; 864 u8 attrib_res_len; 865 u8 attrib_res[]; 866} __packed; 867 868static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b, 869 int target_data_len) 870{ 871 if (target_data_len < sizeof(struct pn533_target_type_b)) 872 return false; 873 874 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES) 875 return false; 876 877 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) & 878 PN533_TYPE_B_PROT_TYPE_RFU_MASK) 879 return false; 880 881 return true; 882} 883 884static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data, 885 int tgt_data_len) 886{ 887 struct pn533_target_type_b *tgt_type_b; 888 889 tgt_type_b = (struct pn533_target_type_b *)tgt_data; 890 891 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len)) 892 return -EPROTO; 893 894 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 895 896 return 0; 897} 898 899static void pn533_poll_reset_mod_list(struct pn533 *dev); 900static int pn533_target_found(struct pn533 *dev, u8 tg, u8 *tgdata, 901 int tgdata_len) 902{ 903 struct nfc_target nfc_tgt; 904 int rc; 905 906 dev_dbg(dev->dev, "%s: modulation=%d\n", 907 __func__, dev->poll_mod_curr); 908 909 if (tg != 1) 910 return -EPROTO; 911 912 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 913 914 switch (dev->poll_mod_curr) { 915 case PN533_POLL_MOD_106KBPS_A: 916 rc = pn533_target_found_type_a(&nfc_tgt, tgdata, tgdata_len); 917 break; 918 case PN533_POLL_MOD_212KBPS_FELICA: 919 case PN533_POLL_MOD_424KBPS_FELICA: 920 rc = pn533_target_found_felica(&nfc_tgt, tgdata, tgdata_len); 921 break; 922 case PN533_POLL_MOD_106KBPS_JEWEL: 923 rc = pn533_target_found_jewel(&nfc_tgt, tgdata, tgdata_len); 924 break; 925 case PN533_POLL_MOD_847KBPS_B: 926 rc = pn533_target_found_type_b(&nfc_tgt, tgdata, tgdata_len); 927 break; 928 default: 929 nfc_err(dev->dev, 930 "Unknown current poll modulation\n"); 931 return -EPROTO; 932 } 933 934 if (rc) 935 return rc; 936 937 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 938 dev_dbg(dev->dev, 939 "The Tg found doesn't have the desired protocol\n"); 940 return -EAGAIN; 941 } 942 943 dev_dbg(dev->dev, 944 "Target found - supported protocols: 0x%x\n", 945 nfc_tgt.supported_protocols); 946 947 dev->tgt_available_prots = nfc_tgt.supported_protocols; 948 949 pn533_poll_reset_mod_list(dev); 950 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 951 952 return 0; 953} 954 955static inline void pn533_poll_next_mod(struct pn533 *dev) 956{ 957 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count; 958} 959 960static void pn533_poll_reset_mod_list(struct pn533 *dev) 961{ 962 dev->poll_mod_count = 0; 963} 964 965static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index) 966{ 967 dev->poll_mod_active[dev->poll_mod_count] = 968 (struct pn533_poll_modulations *)&poll_mod[mod_index]; 969 dev->poll_mod_count++; 970} 971 972static void pn533_poll_create_mod_list(struct pn533 *dev, 973 u32 im_protocols, u32 tm_protocols) 974{ 975 pn533_poll_reset_mod_list(dev); 976 977 if ((im_protocols & NFC_PROTO_MIFARE_MASK) || 978 (im_protocols & NFC_PROTO_ISO14443_MASK) || 979 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 980 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A); 981 982 if (im_protocols & NFC_PROTO_FELICA_MASK || 983 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 984 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA); 985 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA); 986 } 987 988 if (im_protocols & NFC_PROTO_JEWEL_MASK) 989 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL); 990 991 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 992 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B); 993 994 if (tm_protocols) 995 pn533_poll_add_mod(dev, PN533_LISTEN_MOD); 996} 997 998static int pn533_start_poll_complete(struct pn533 *dev, struct sk_buff *resp) 999{ 1000 u8 nbtg, tg, *tgdata; 1001 int rc, tgdata_len; 1002 1003 /* Toggle the DEP polling */ 1004 if (dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) 1005 dev->poll_dep = 1; 1006 1007 nbtg = resp->data[0]; 1008 tg = resp->data[1]; 1009 tgdata = &resp->data[2]; 1010 tgdata_len = resp->len - 2; /* nbtg + tg */ 1011 1012 if (nbtg) { 1013 rc = pn533_target_found(dev, tg, tgdata, tgdata_len); 1014 1015 /* We must stop the poll after a valid target found */ 1016 if (rc == 0) 1017 return 0; 1018 } 1019 1020 return -EAGAIN; 1021} 1022 1023static struct sk_buff *pn533_alloc_poll_tg_frame(struct pn533 *dev) 1024{ 1025 struct sk_buff *skb; 1026 u8 *felica, *nfcid3; 1027 1028 u8 *gbytes = dev->gb; 1029 size_t gbytes_len = dev->gb_len; 1030 1031 u8 felica_params[18] = {0x1, 0xfe, /* DEP */ 1032 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */ 1033 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 1034 0xff, 0xff}; /* System code */ 1035 1036 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */ 1037 0x0, 0x0, 0x0, 1038 0x40}; /* SEL_RES for DEP */ 1039 1040 unsigned int skb_len = 36 + /* 1041 * mode (1), mifare (6), 1042 * felica (18), nfcid3 (10), gb_len (1) 1043 */ 1044 gbytes_len + 1045 1; /* len Tk*/ 1046 1047 skb = pn533_alloc_skb(dev, skb_len); 1048 if (!skb) 1049 return NULL; 1050 1051 /* DEP support only */ 1052 skb_put_u8(skb, PN533_INIT_TARGET_DEP); 1053 1054 /* MIFARE params */ 1055 skb_put_data(skb, mifare_params, 6); 1056 1057 /* Felica params */ 1058 felica = skb_put_data(skb, felica_params, 18); 1059 get_random_bytes(felica + 2, 6); 1060 1061 /* NFCID3 */ 1062 nfcid3 = skb_put_zero(skb, 10); 1063 memcpy(nfcid3, felica, 8); 1064 1065 /* General bytes */ 1066 skb_put_u8(skb, gbytes_len); 1067 1068 skb_put_data(skb, gbytes, gbytes_len); 1069 1070 /* Len Tk */ 1071 skb_put_u8(skb, 0); 1072 1073 return skb; 1074} 1075 1076static void pn533_wq_tm_mi_recv(struct work_struct *work); 1077static struct sk_buff *pn533_build_response(struct pn533 *dev); 1078 1079static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg, 1080 struct sk_buff *resp) 1081{ 1082 struct sk_buff *skb; 1083 u8 status, ret, mi; 1084 int rc; 1085 1086 dev_dbg(dev->dev, "%s\n", __func__); 1087 1088 if (IS_ERR(resp)) { 1089 skb_queue_purge(&dev->resp_q); 1090 return PTR_ERR(resp); 1091 } 1092 1093 status = resp->data[0]; 1094 1095 ret = status & PN533_CMD_RET_MASK; 1096 mi = status & PN533_CMD_MI_MASK; 1097 1098 skb_pull(resp, sizeof(status)); 1099 1100 if (ret != PN533_CMD_RET_SUCCESS) { 1101 rc = -EIO; 1102 goto error; 1103 } 1104 1105 skb_queue_tail(&dev->resp_q, resp); 1106 1107 if (mi) { 1108 queue_work(dev->wq, &dev->mi_tm_rx_work); 1109 return -EINPROGRESS; 1110 } 1111 1112 skb = pn533_build_response(dev); 1113 if (!skb) { 1114 rc = -EIO; 1115 goto error; 1116 } 1117 1118 return nfc_tm_data_received(dev->nfc_dev, skb); 1119 1120error: 1121 nfc_tm_deactivated(dev->nfc_dev); 1122 dev->tgt_mode = 0; 1123 skb_queue_purge(&dev->resp_q); 1124 dev_kfree_skb(resp); 1125 1126 return rc; 1127} 1128 1129static void pn533_wq_tm_mi_recv(struct work_struct *work) 1130{ 1131 struct pn533 *dev = container_of(work, struct pn533, mi_tm_rx_work); 1132 struct sk_buff *skb; 1133 int rc; 1134 1135 dev_dbg(dev->dev, "%s\n", __func__); 1136 1137 skb = pn533_alloc_skb(dev, 0); 1138 if (!skb) 1139 return; 1140 1141 rc = pn533_send_cmd_direct_async(dev, 1142 PN533_CMD_TG_GET_DATA, 1143 skb, 1144 pn533_tm_get_data_complete, 1145 NULL); 1146 1147 if (rc < 0) 1148 dev_kfree_skb(skb); 1149} 1150 1151static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 1152 struct sk_buff *resp); 1153static void pn533_wq_tm_mi_send(struct work_struct *work) 1154{ 1155 struct pn533 *dev = container_of(work, struct pn533, mi_tm_tx_work); 1156 struct sk_buff *skb; 1157 int rc; 1158 1159 dev_dbg(dev->dev, "%s\n", __func__); 1160 1161 /* Grab the first skb in the queue */ 1162 skb = skb_dequeue(&dev->fragment_skb); 1163 if (skb == NULL) { /* No more data */ 1164 /* Reset the queue for future use */ 1165 skb_queue_head_init(&dev->fragment_skb); 1166 goto error; 1167 } 1168 1169 /* last entry - remove MI bit */ 1170 if (skb_queue_len(&dev->fragment_skb) == 0) { 1171 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_TG_SET_DATA, 1172 skb, pn533_tm_send_complete, NULL); 1173 } else 1174 rc = pn533_send_cmd_direct_async(dev, 1175 PN533_CMD_TG_SET_META_DATA, 1176 skb, pn533_tm_send_complete, NULL); 1177 1178 if (rc == 0) /* success */ 1179 return; 1180 1181 dev_err(dev->dev, 1182 "Error %d when trying to perform set meta data_exchange", rc); 1183 1184 dev_kfree_skb(skb); 1185 1186error: 1187 dev->phy_ops->send_ack(dev, GFP_KERNEL); 1188 queue_work(dev->wq, &dev->cmd_work); 1189} 1190 1191static void pn533_wq_tg_get_data(struct work_struct *work) 1192{ 1193 struct pn533 *dev = container_of(work, struct pn533, tg_work); 1194 struct sk_buff *skb; 1195 int rc; 1196 1197 dev_dbg(dev->dev, "%s\n", __func__); 1198 1199 skb = pn533_alloc_skb(dev, 0); 1200 if (!skb) 1201 return; 1202 1203 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb, 1204 pn533_tm_get_data_complete, NULL); 1205 1206 if (rc < 0) 1207 dev_kfree_skb(skb); 1208} 1209 1210#define ATR_REQ_GB_OFFSET 17 1211static int pn533_init_target_complete(struct pn533 *dev, struct sk_buff *resp) 1212{ 1213 u8 mode, *cmd, comm_mode = NFC_COMM_PASSIVE, *gb; 1214 size_t gb_len; 1215 int rc; 1216 1217 dev_dbg(dev->dev, "%s\n", __func__); 1218 1219 if (resp->len < ATR_REQ_GB_OFFSET + 1) 1220 return -EINVAL; 1221 1222 mode = resp->data[0]; 1223 cmd = &resp->data[1]; 1224 1225 dev_dbg(dev->dev, "Target mode 0x%x len %d\n", 1226 mode, resp->len); 1227 1228 if ((mode & PN533_INIT_TARGET_RESP_FRAME_MASK) == 1229 PN533_INIT_TARGET_RESP_ACTIVE) 1230 comm_mode = NFC_COMM_ACTIVE; 1231 1232 if ((mode & PN533_INIT_TARGET_RESP_DEP) == 0) /* Only DEP supported */ 1233 return -EOPNOTSUPP; 1234 1235 gb = cmd + ATR_REQ_GB_OFFSET; 1236 gb_len = resp->len - (ATR_REQ_GB_OFFSET + 1); 1237 1238 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK, 1239 comm_mode, gb, gb_len); 1240 if (rc < 0) { 1241 nfc_err(dev->dev, 1242 "Error when signaling target activation\n"); 1243 return rc; 1244 } 1245 1246 dev->tgt_mode = 1; 1247 queue_work(dev->wq, &dev->tg_work); 1248 1249 return 0; 1250} 1251 1252static void pn533_listen_mode_timer(struct timer_list *t) 1253{ 1254 struct pn533 *dev = from_timer(dev, t, listen_timer); 1255 1256 dev_dbg(dev->dev, "Listen mode timeout\n"); 1257 1258 dev->cancel_listen = 1; 1259 1260 pn533_poll_next_mod(dev); 1261 1262 queue_delayed_work(dev->wq, &dev->poll_work, 1263 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1264} 1265 1266static int pn533_rf_complete(struct pn533 *dev, void *arg, 1267 struct sk_buff *resp) 1268{ 1269 int rc = 0; 1270 1271 dev_dbg(dev->dev, "%s\n", __func__); 1272 1273 if (IS_ERR(resp)) { 1274 rc = PTR_ERR(resp); 1275 1276 nfc_err(dev->dev, "RF setting error %d\n", rc); 1277 1278 return rc; 1279 } 1280 1281 queue_delayed_work(dev->wq, &dev->poll_work, 1282 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1283 1284 dev_kfree_skb(resp); 1285 return rc; 1286} 1287 1288static void pn533_wq_rf(struct work_struct *work) 1289{ 1290 struct pn533 *dev = container_of(work, struct pn533, rf_work); 1291 struct sk_buff *skb; 1292 int rc; 1293 1294 dev_dbg(dev->dev, "%s\n", __func__); 1295 1296 skb = pn533_alloc_skb(dev, 2); 1297 if (!skb) 1298 return; 1299 1300 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD); 1301 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD_AUTO_RFCA); 1302 1303 rc = pn533_send_cmd_async(dev, PN533_CMD_RF_CONFIGURATION, skb, 1304 pn533_rf_complete, NULL); 1305 if (rc < 0) { 1306 dev_kfree_skb(skb); 1307 nfc_err(dev->dev, "RF setting error %d\n", rc); 1308 } 1309} 1310 1311static int pn533_poll_dep_complete(struct pn533 *dev, void *arg, 1312 struct sk_buff *resp) 1313{ 1314 struct pn533_cmd_jump_dep_response *rsp; 1315 struct nfc_target nfc_target; 1316 u8 target_gt_len; 1317 int rc; 1318 1319 if (IS_ERR(resp)) 1320 return PTR_ERR(resp); 1321 1322 memset(&nfc_target, 0, sizeof(struct nfc_target)); 1323 1324 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1325 1326 rc = rsp->status & PN533_CMD_RET_MASK; 1327 if (rc != PN533_CMD_RET_SUCCESS) { 1328 /* Not target found, turn radio off */ 1329 queue_work(dev->wq, &dev->rf_work); 1330 1331 dev_kfree_skb(resp); 1332 return 0; 1333 } 1334 1335 dev_dbg(dev->dev, "Creating new target"); 1336 1337 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1338 nfc_target.nfcid1_len = 10; 1339 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1340 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1341 if (rc) 1342 goto error; 1343 1344 dev->tgt_available_prots = 0; 1345 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1346 1347 /* ATR_RES general bytes are located at offset 17 */ 1348 target_gt_len = resp->len - 17; 1349 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1350 rsp->gt, target_gt_len); 1351 if (!rc) { 1352 rc = nfc_dep_link_is_up(dev->nfc_dev, 1353 dev->nfc_dev->targets[0].idx, 1354 0, NFC_RF_INITIATOR); 1355 1356 if (!rc) 1357 pn533_poll_reset_mod_list(dev); 1358 } 1359error: 1360 dev_kfree_skb(resp); 1361 return rc; 1362} 1363 1364#define PASSIVE_DATA_LEN 5 1365static int pn533_poll_dep(struct nfc_dev *nfc_dev) 1366{ 1367 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1368 struct sk_buff *skb; 1369 int rc, skb_len; 1370 u8 *next, nfcid3[NFC_NFCID3_MAXSIZE]; 1371 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1372 1373 dev_dbg(dev->dev, "%s", __func__); 1374 1375 if (!dev->gb) { 1376 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1377 1378 if (!dev->gb || !dev->gb_len) { 1379 dev->poll_dep = 0; 1380 queue_work(dev->wq, &dev->rf_work); 1381 } 1382 } 1383 1384 skb_len = 3 + dev->gb_len; /* ActPass + BR + Next */ 1385 skb_len += PASSIVE_DATA_LEN; 1386 1387 /* NFCID3 */ 1388 skb_len += NFC_NFCID3_MAXSIZE; 1389 nfcid3[0] = 0x1; 1390 nfcid3[1] = 0xfe; 1391 get_random_bytes(nfcid3 + 2, 6); 1392 1393 skb = pn533_alloc_skb(dev, skb_len); 1394 if (!skb) 1395 return -ENOMEM; 1396 1397 skb_put_u8(skb, 0x01); /* Active */ 1398 skb_put_u8(skb, 0x02); /* 424 kbps */ 1399 1400 next = skb_put(skb, 1); /* Next */ 1401 *next = 0; 1402 1403 /* Copy passive data */ 1404 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 1405 *next |= 1; 1406 1407 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 1408 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 1409 *next |= 2; 1410 1411 skb_put_data(skb, dev->gb, dev->gb_len); 1412 *next |= 4; /* We have some Gi */ 1413 1414 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 1415 pn533_poll_dep_complete, NULL); 1416 1417 if (rc < 0) 1418 dev_kfree_skb(skb); 1419 1420 return rc; 1421} 1422 1423static int pn533_autopoll_complete(struct pn533 *dev, void *arg, 1424 struct sk_buff *resp) 1425{ 1426 struct pn532_autopoll_resp *apr; 1427 struct nfc_target nfc_tgt; 1428 u8 nbtg; 1429 int rc; 1430 1431 if (IS_ERR(resp)) { 1432 rc = PTR_ERR(resp); 1433 1434 nfc_err(dev->dev, "%s autopoll complete error %d\n", 1435 __func__, rc); 1436 1437 if (rc == -ENOENT) { 1438 if (dev->poll_mod_count != 0) 1439 return rc; 1440 goto stop_poll; 1441 } else if (rc < 0) { 1442 nfc_err(dev->dev, 1443 "Error %d when running autopoll\n", rc); 1444 goto stop_poll; 1445 } 1446 } 1447 1448 nbtg = resp->data[0]; 1449 if ((nbtg > 2) || (nbtg <= 0)) 1450 return -EAGAIN; 1451 1452 apr = (struct pn532_autopoll_resp *)&resp->data[1]; 1453 while (nbtg--) { 1454 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 1455 switch (apr->type) { 1456 case PN532_AUTOPOLL_TYPE_ISOA: 1457 dev_dbg(dev->dev, "ISOA\n"); 1458 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1459 apr->ln - 1); 1460 break; 1461 case PN532_AUTOPOLL_TYPE_FELICA212: 1462 case PN532_AUTOPOLL_TYPE_FELICA424: 1463 dev_dbg(dev->dev, "FELICA\n"); 1464 rc = pn533_target_found_felica(&nfc_tgt, apr->tgdata, 1465 apr->ln - 1); 1466 break; 1467 case PN532_AUTOPOLL_TYPE_JEWEL: 1468 dev_dbg(dev->dev, "JEWEL\n"); 1469 rc = pn533_target_found_jewel(&nfc_tgt, apr->tgdata, 1470 apr->ln - 1); 1471 break; 1472 case PN532_AUTOPOLL_TYPE_ISOB: 1473 dev_dbg(dev->dev, "ISOB\n"); 1474 rc = pn533_target_found_type_b(&nfc_tgt, apr->tgdata, 1475 apr->ln - 1); 1476 break; 1477 case PN532_AUTOPOLL_TYPE_MIFARE: 1478 dev_dbg(dev->dev, "Mifare\n"); 1479 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1480 apr->ln - 1); 1481 break; 1482 default: 1483 nfc_err(dev->dev, 1484 "Unknown current poll modulation\n"); 1485 rc = -EPROTO; 1486 } 1487 1488 if (rc) 1489 goto done; 1490 1491 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 1492 nfc_err(dev->dev, 1493 "The Tg found doesn't have the desired protocol\n"); 1494 rc = -EAGAIN; 1495 goto done; 1496 } 1497 1498 dev->tgt_available_prots = nfc_tgt.supported_protocols; 1499 apr = (struct pn532_autopoll_resp *) 1500 (apr->tgdata + (apr->ln - 1)); 1501 } 1502 1503 pn533_poll_reset_mod_list(dev); 1504 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 1505 1506done: 1507 dev_kfree_skb(resp); 1508 return rc; 1509 1510stop_poll: 1511 nfc_err(dev->dev, "autopoll operation has been stopped\n"); 1512 1513 pn533_poll_reset_mod_list(dev); 1514 dev->poll_protocols = 0; 1515 return rc; 1516} 1517 1518static int pn533_poll_complete(struct pn533 *dev, void *arg, 1519 struct sk_buff *resp) 1520{ 1521 struct pn533_poll_modulations *cur_mod; 1522 int rc; 1523 1524 dev_dbg(dev->dev, "%s\n", __func__); 1525 1526 if (IS_ERR(resp)) { 1527 rc = PTR_ERR(resp); 1528 1529 nfc_err(dev->dev, "%s Poll complete error %d\n", 1530 __func__, rc); 1531 1532 if (rc == -ENOENT) { 1533 if (dev->poll_mod_count != 0) 1534 return rc; 1535 goto stop_poll; 1536 } else if (rc < 0) { 1537 nfc_err(dev->dev, 1538 "Error %d when running poll\n", rc); 1539 goto stop_poll; 1540 } 1541 } 1542 1543 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1544 1545 if (cur_mod->len == 0) { /* Target mode */ 1546 del_timer(&dev->listen_timer); 1547 rc = pn533_init_target_complete(dev, resp); 1548 goto done; 1549 } 1550 1551 /* Initiator mode */ 1552 rc = pn533_start_poll_complete(dev, resp); 1553 if (!rc) 1554 goto done; 1555 1556 if (!dev->poll_mod_count) { 1557 dev_dbg(dev->dev, "Polling has been stopped\n"); 1558 goto done; 1559 } 1560 1561 pn533_poll_next_mod(dev); 1562 /* Not target found, turn radio off */ 1563 queue_work(dev->wq, &dev->rf_work); 1564 1565done: 1566 dev_kfree_skb(resp); 1567 return rc; 1568 1569stop_poll: 1570 nfc_err(dev->dev, "Polling operation has been stopped\n"); 1571 1572 pn533_poll_reset_mod_list(dev); 1573 dev->poll_protocols = 0; 1574 return rc; 1575} 1576 1577static struct sk_buff *pn533_alloc_poll_in_frame(struct pn533 *dev, 1578 struct pn533_poll_modulations *mod) 1579{ 1580 struct sk_buff *skb; 1581 1582 skb = pn533_alloc_skb(dev, mod->len); 1583 if (!skb) 1584 return NULL; 1585 1586 skb_put_data(skb, &mod->data, mod->len); 1587 1588 return skb; 1589} 1590 1591static int pn533_send_poll_frame(struct pn533 *dev) 1592{ 1593 struct pn533_poll_modulations *mod; 1594 struct sk_buff *skb; 1595 int rc; 1596 u8 cmd_code; 1597 1598 mod = dev->poll_mod_active[dev->poll_mod_curr]; 1599 1600 dev_dbg(dev->dev, "%s mod len %d\n", 1601 __func__, mod->len); 1602 1603 if ((dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) && dev->poll_dep) { 1604 dev->poll_dep = 0; 1605 return pn533_poll_dep(dev->nfc_dev); 1606 } 1607 1608 if (mod->len == 0) { /* Listen mode */ 1609 cmd_code = PN533_CMD_TG_INIT_AS_TARGET; 1610 skb = pn533_alloc_poll_tg_frame(dev); 1611 } else { /* Polling mode */ 1612 cmd_code = PN533_CMD_IN_LIST_PASSIVE_TARGET; 1613 skb = pn533_alloc_poll_in_frame(dev, mod); 1614 } 1615 1616 if (!skb) { 1617 nfc_err(dev->dev, "Failed to allocate skb\n"); 1618 return -ENOMEM; 1619 } 1620 1621 rc = pn533_send_cmd_async(dev, cmd_code, skb, pn533_poll_complete, 1622 NULL); 1623 if (rc < 0) { 1624 dev_kfree_skb(skb); 1625 nfc_err(dev->dev, "Polling loop error %d\n", rc); 1626 } 1627 1628 return rc; 1629} 1630 1631static void pn533_wq_poll(struct work_struct *work) 1632{ 1633 struct pn533 *dev = container_of(work, struct pn533, poll_work.work); 1634 struct pn533_poll_modulations *cur_mod; 1635 int rc; 1636 1637 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1638 1639 dev_dbg(dev->dev, 1640 "%s cancel_listen %d modulation len %d\n", 1641 __func__, dev->cancel_listen, cur_mod->len); 1642 1643 if (dev->cancel_listen == 1) { 1644 dev->cancel_listen = 0; 1645 dev->phy_ops->abort_cmd(dev, GFP_ATOMIC); 1646 } 1647 1648 rc = pn533_send_poll_frame(dev); 1649 if (rc) 1650 return; 1651 1652 if (cur_mod->len == 0 && dev->poll_mod_count > 1) 1653 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1654} 1655 1656static int pn533_start_poll(struct nfc_dev *nfc_dev, 1657 u32 im_protocols, u32 tm_protocols) 1658{ 1659 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1660 struct pn533_poll_modulations *cur_mod; 1661 struct sk_buff *skb; 1662 u8 rand_mod; 1663 int rc; 1664 1665 dev_dbg(dev->dev, 1666 "%s: im protocols 0x%x tm protocols 0x%x\n", 1667 __func__, im_protocols, tm_protocols); 1668 1669 if (dev->tgt_active_prot) { 1670 nfc_err(dev->dev, 1671 "Cannot poll with a target already activated\n"); 1672 return -EBUSY; 1673 } 1674 1675 if (dev->tgt_mode) { 1676 nfc_err(dev->dev, 1677 "Cannot poll while already being activated\n"); 1678 return -EBUSY; 1679 } 1680 1681 if (tm_protocols) { 1682 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1683 if (dev->gb == NULL) 1684 tm_protocols = 0; 1685 } 1686 1687 dev->poll_protocols = im_protocols; 1688 dev->listen_protocols = tm_protocols; 1689 if (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL) { 1690 skb = pn533_alloc_skb(dev, 4 + 6); 1691 if (!skb) 1692 return -ENOMEM; 1693 1694 *((u8 *)skb_put(skb, sizeof(u8))) = 1695 PN532_AUTOPOLL_POLLNR_INFINITE; 1696 *((u8 *)skb_put(skb, sizeof(u8))) = PN532_AUTOPOLL_PERIOD; 1697 1698 if ((im_protocols & NFC_PROTO_MIFARE_MASK) && 1699 (im_protocols & NFC_PROTO_ISO14443_MASK) && 1700 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 1701 *((u8 *)skb_put(skb, sizeof(u8))) = 1702 PN532_AUTOPOLL_TYPE_GENERIC_106; 1703 else { 1704 if (im_protocols & NFC_PROTO_MIFARE_MASK) 1705 *((u8 *)skb_put(skb, sizeof(u8))) = 1706 PN532_AUTOPOLL_TYPE_MIFARE; 1707 1708 if (im_protocols & NFC_PROTO_ISO14443_MASK) 1709 *((u8 *)skb_put(skb, sizeof(u8))) = 1710 PN532_AUTOPOLL_TYPE_ISOA; 1711 1712 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1713 *((u8 *)skb_put(skb, sizeof(u8))) = 1714 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106; 1715 *((u8 *)skb_put(skb, sizeof(u8))) = 1716 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212; 1717 *((u8 *)skb_put(skb, sizeof(u8))) = 1718 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424; 1719 } 1720 } 1721 1722 if (im_protocols & NFC_PROTO_FELICA_MASK || 1723 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1724 *((u8 *)skb_put(skb, sizeof(u8))) = 1725 PN532_AUTOPOLL_TYPE_FELICA212; 1726 *((u8 *)skb_put(skb, sizeof(u8))) = 1727 PN532_AUTOPOLL_TYPE_FELICA424; 1728 } 1729 1730 if (im_protocols & NFC_PROTO_JEWEL_MASK) 1731 *((u8 *)skb_put(skb, sizeof(u8))) = 1732 PN532_AUTOPOLL_TYPE_JEWEL; 1733 1734 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 1735 *((u8 *)skb_put(skb, sizeof(u8))) = 1736 PN532_AUTOPOLL_TYPE_ISOB; 1737 1738 if (tm_protocols) 1739 *((u8 *)skb_put(skb, sizeof(u8))) = 1740 PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106; 1741 1742 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_AUTOPOLL, skb, 1743 pn533_autopoll_complete, NULL); 1744 1745 if (rc < 0) 1746 dev_kfree_skb(skb); 1747 else 1748 dev->poll_mod_count++; 1749 1750 return rc; 1751 } 1752 1753 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols); 1754 1755 /* Do not always start polling from the same modulation */ 1756 get_random_bytes(&rand_mod, sizeof(rand_mod)); 1757 rand_mod %= dev->poll_mod_count; 1758 dev->poll_mod_curr = rand_mod; 1759 1760 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1761 1762 rc = pn533_send_poll_frame(dev); 1763 1764 /* Start listen timer */ 1765 if (!rc && cur_mod->len == 0 && dev->poll_mod_count > 1) 1766 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1767 1768 return rc; 1769} 1770 1771static void pn533_stop_poll(struct nfc_dev *nfc_dev) 1772{ 1773 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1774 1775 del_timer(&dev->listen_timer); 1776 1777 if (!dev->poll_mod_count) { 1778 dev_dbg(dev->dev, 1779 "Polling operation was not running\n"); 1780 return; 1781 } 1782 1783 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 1784 flush_delayed_work(&dev->poll_work); 1785 pn533_poll_reset_mod_list(dev); 1786} 1787 1788static int pn533_activate_target_nfcdep(struct pn533 *dev) 1789{ 1790 struct pn533_cmd_activate_response *rsp; 1791 u16 gt_len; 1792 int rc; 1793 struct sk_buff *skb; 1794 struct sk_buff *resp; 1795 1796 dev_dbg(dev->dev, "%s\n", __func__); 1797 1798 skb = pn533_alloc_skb(dev, sizeof(u8) * 2); /*TG + Next*/ 1799 if (!skb) 1800 return -ENOMEM; 1801 1802 skb_put_u8(skb, 1); /* TG */ 1803 skb_put_u8(skb, 0); /* Next */ 1804 1805 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb); 1806 if (IS_ERR(resp)) 1807 return PTR_ERR(resp); 1808 1809 rsp = (struct pn533_cmd_activate_response *)resp->data; 1810 rc = rsp->status & PN533_CMD_RET_MASK; 1811 if (rc != PN533_CMD_RET_SUCCESS) { 1812 nfc_err(dev->dev, 1813 "Target activation failed (error 0x%x)\n", rc); 1814 dev_kfree_skb(resp); 1815 return -EIO; 1816 } 1817 1818 /* ATR_RES general bytes are located at offset 16 */ 1819 gt_len = resp->len - 16; 1820 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len); 1821 1822 dev_kfree_skb(resp); 1823 return rc; 1824} 1825 1826static int pn533_activate_target(struct nfc_dev *nfc_dev, 1827 struct nfc_target *target, u32 protocol) 1828{ 1829 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1830 int rc; 1831 1832 dev_dbg(dev->dev, "%s: protocol=%u\n", __func__, protocol); 1833 1834 if (dev->poll_mod_count) { 1835 nfc_err(dev->dev, 1836 "Cannot activate while polling\n"); 1837 return -EBUSY; 1838 } 1839 1840 if (dev->tgt_active_prot) { 1841 nfc_err(dev->dev, 1842 "There is already an active target\n"); 1843 return -EBUSY; 1844 } 1845 1846 if (!dev->tgt_available_prots) { 1847 nfc_err(dev->dev, 1848 "There is no available target to activate\n"); 1849 return -EINVAL; 1850 } 1851 1852 if (!(dev->tgt_available_prots & (1 << protocol))) { 1853 nfc_err(dev->dev, 1854 "Target doesn't support requested proto %u\n", 1855 protocol); 1856 return -EINVAL; 1857 } 1858 1859 if (protocol == NFC_PROTO_NFC_DEP) { 1860 rc = pn533_activate_target_nfcdep(dev); 1861 if (rc) { 1862 nfc_err(dev->dev, 1863 "Activating target with DEP failed %d\n", rc); 1864 return rc; 1865 } 1866 } 1867 1868 dev->tgt_active_prot = protocol; 1869 dev->tgt_available_prots = 0; 1870 1871 return 0; 1872} 1873 1874static int pn533_deactivate_target_complete(struct pn533 *dev, void *arg, 1875 struct sk_buff *resp) 1876{ 1877 int rc = 0; 1878 1879 dev_dbg(dev->dev, "%s\n", __func__); 1880 1881 if (IS_ERR(resp)) { 1882 rc = PTR_ERR(resp); 1883 1884 nfc_err(dev->dev, "Target release error %d\n", rc); 1885 1886 return rc; 1887 } 1888 1889 rc = resp->data[0] & PN533_CMD_RET_MASK; 1890 if (rc != PN533_CMD_RET_SUCCESS) 1891 nfc_err(dev->dev, 1892 "Error 0x%x when releasing the target\n", rc); 1893 1894 dev_kfree_skb(resp); 1895 return rc; 1896} 1897 1898static void pn533_deactivate_target(struct nfc_dev *nfc_dev, 1899 struct nfc_target *target, u8 mode) 1900{ 1901 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1902 struct sk_buff *skb; 1903 int rc; 1904 1905 dev_dbg(dev->dev, "%s\n", __func__); 1906 1907 if (!dev->tgt_active_prot) { 1908 nfc_err(dev->dev, "There is no active target\n"); 1909 return; 1910 } 1911 1912 dev->tgt_active_prot = 0; 1913 skb_queue_purge(&dev->resp_q); 1914 1915 skb = pn533_alloc_skb(dev, sizeof(u8)); 1916 if (!skb) 1917 return; 1918 1919 skb_put_u8(skb, 1); /* TG*/ 1920 1921 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_RELEASE, skb, 1922 pn533_deactivate_target_complete, NULL); 1923 if (rc < 0) { 1924 dev_kfree_skb(skb); 1925 nfc_err(dev->dev, "Target release error %d\n", rc); 1926 } 1927} 1928 1929 1930static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg, 1931 struct sk_buff *resp) 1932{ 1933 struct pn533_cmd_jump_dep_response *rsp; 1934 u8 target_gt_len; 1935 int rc; 1936 u8 active = *(u8 *)arg; 1937 1938 kfree(arg); 1939 1940 if (IS_ERR(resp)) 1941 return PTR_ERR(resp); 1942 1943 if (dev->tgt_available_prots && 1944 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) { 1945 nfc_err(dev->dev, 1946 "The target does not support DEP\n"); 1947 rc = -EINVAL; 1948 goto error; 1949 } 1950 1951 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1952 1953 rc = rsp->status & PN533_CMD_RET_MASK; 1954 if (rc != PN533_CMD_RET_SUCCESS) { 1955 nfc_err(dev->dev, 1956 "Bringing DEP link up failed (error 0x%x)\n", rc); 1957 goto error; 1958 } 1959 1960 if (!dev->tgt_available_prots) { 1961 struct nfc_target nfc_target; 1962 1963 dev_dbg(dev->dev, "Creating new target\n"); 1964 1965 memset(&nfc_target, 0, sizeof(struct nfc_target)); 1966 1967 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1968 nfc_target.nfcid1_len = 10; 1969 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1970 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1971 if (rc) 1972 goto error; 1973 1974 dev->tgt_available_prots = 0; 1975 } 1976 1977 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1978 1979 /* ATR_RES general bytes are located at offset 17 */ 1980 target_gt_len = resp->len - 17; 1981 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1982 rsp->gt, target_gt_len); 1983 if (rc == 0) 1984 rc = nfc_dep_link_is_up(dev->nfc_dev, 1985 dev->nfc_dev->targets[0].idx, 1986 !active, NFC_RF_INITIATOR); 1987 1988error: 1989 dev_kfree_skb(resp); 1990 return rc; 1991} 1992 1993static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf); 1994static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 1995 u8 comm_mode, u8 *gb, size_t gb_len) 1996{ 1997 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1998 struct sk_buff *skb; 1999 int rc, skb_len; 2000 u8 *next, *arg, nfcid3[NFC_NFCID3_MAXSIZE]; 2001 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 2002 2003 dev_dbg(dev->dev, "%s\n", __func__); 2004 2005 if (dev->poll_mod_count) { 2006 nfc_err(dev->dev, 2007 "Cannot bring the DEP link up while polling\n"); 2008 return -EBUSY; 2009 } 2010 2011 if (dev->tgt_active_prot) { 2012 nfc_err(dev->dev, 2013 "There is already an active target\n"); 2014 return -EBUSY; 2015 } 2016 2017 skb_len = 3 + gb_len; /* ActPass + BR + Next */ 2018 skb_len += PASSIVE_DATA_LEN; 2019 2020 /* NFCID3 */ 2021 skb_len += NFC_NFCID3_MAXSIZE; 2022 if (target && !target->nfcid2_len) { 2023 nfcid3[0] = 0x1; 2024 nfcid3[1] = 0xfe; 2025 get_random_bytes(nfcid3 + 2, 6); 2026 } 2027 2028 skb = pn533_alloc_skb(dev, skb_len); 2029 if (!skb) 2030 return -ENOMEM; 2031 2032 skb_put_u8(skb, !comm_mode); /* ActPass */ 2033 skb_put_u8(skb, 0x02); /* 424 kbps */ 2034 2035 next = skb_put(skb, 1); /* Next */ 2036 *next = 0; 2037 2038 /* Copy passive data */ 2039 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 2040 *next |= 1; 2041 2042 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 2043 if (target && target->nfcid2_len) 2044 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), target->nfcid2, 2045 target->nfcid2_len); 2046 else 2047 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 2048 *next |= 2; 2049 2050 if (gb != NULL && gb_len > 0) { 2051 skb_put_data(skb, gb, gb_len); 2052 *next |= 4; /* We have some Gi */ 2053 } else { 2054 *next = 0; 2055 } 2056 2057 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2058 if (!arg) { 2059 dev_kfree_skb(skb); 2060 return -ENOMEM; 2061 } 2062 2063 *arg = !comm_mode; 2064 2065 pn533_rf_field(dev->nfc_dev, 0); 2066 2067 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 2068 pn533_in_dep_link_up_complete, arg); 2069 2070 if (rc < 0) { 2071 dev_kfree_skb(skb); 2072 kfree(arg); 2073 } 2074 2075 return rc; 2076} 2077 2078static int pn533_dep_link_down(struct nfc_dev *nfc_dev) 2079{ 2080 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2081 2082 dev_dbg(dev->dev, "%s\n", __func__); 2083 2084 pn533_poll_reset_mod_list(dev); 2085 2086 if (dev->tgt_mode || dev->tgt_active_prot) 2087 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 2088 2089 dev->tgt_active_prot = 0; 2090 dev->tgt_mode = 0; 2091 2092 skb_queue_purge(&dev->resp_q); 2093 2094 return 0; 2095} 2096 2097struct pn533_data_exchange_arg { 2098 data_exchange_cb_t cb; 2099 void *cb_context; 2100}; 2101 2102static struct sk_buff *pn533_build_response(struct pn533 *dev) 2103{ 2104 struct sk_buff *skb, *tmp, *t; 2105 unsigned int skb_len = 0, tmp_len = 0; 2106 2107 dev_dbg(dev->dev, "%s\n", __func__); 2108 2109 if (skb_queue_empty(&dev->resp_q)) 2110 return NULL; 2111 2112 if (skb_queue_len(&dev->resp_q) == 1) { 2113 skb = skb_dequeue(&dev->resp_q); 2114 goto out; 2115 } 2116 2117 skb_queue_walk_safe(&dev->resp_q, tmp, t) 2118 skb_len += tmp->len; 2119 2120 dev_dbg(dev->dev, "%s total length %d\n", 2121 __func__, skb_len); 2122 2123 skb = alloc_skb(skb_len, GFP_KERNEL); 2124 if (skb == NULL) 2125 goto out; 2126 2127 skb_put(skb, skb_len); 2128 2129 skb_queue_walk_safe(&dev->resp_q, tmp, t) { 2130 memcpy(skb->data + tmp_len, tmp->data, tmp->len); 2131 tmp_len += tmp->len; 2132 } 2133 2134out: 2135 skb_queue_purge(&dev->resp_q); 2136 2137 return skb; 2138} 2139 2140static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg, 2141 struct sk_buff *resp) 2142{ 2143 struct pn533_data_exchange_arg *arg = _arg; 2144 struct sk_buff *skb; 2145 int rc = 0; 2146 u8 status, ret, mi; 2147 2148 dev_dbg(dev->dev, "%s\n", __func__); 2149 2150 if (IS_ERR(resp)) { 2151 rc = PTR_ERR(resp); 2152 goto _error; 2153 } 2154 2155 status = resp->data[0]; 2156 ret = status & PN533_CMD_RET_MASK; 2157 mi = status & PN533_CMD_MI_MASK; 2158 2159 skb_pull(resp, sizeof(status)); 2160 2161 if (ret != PN533_CMD_RET_SUCCESS) { 2162 nfc_err(dev->dev, 2163 "Exchanging data failed (error 0x%x)\n", ret); 2164 rc = -EIO; 2165 goto error; 2166 } 2167 2168 skb_queue_tail(&dev->resp_q, resp); 2169 2170 if (mi) { 2171 dev->cmd_complete_mi_arg = arg; 2172 queue_work(dev->wq, &dev->mi_rx_work); 2173 return -EINPROGRESS; 2174 } 2175 2176 /* Prepare for the next round */ 2177 if (skb_queue_len(&dev->fragment_skb) > 0) { 2178 dev->cmd_complete_dep_arg = arg; 2179 queue_work(dev->wq, &dev->mi_tx_work); 2180 2181 return -EINPROGRESS; 2182 } 2183 2184 skb = pn533_build_response(dev); 2185 if (!skb) { 2186 rc = -ENOMEM; 2187 goto error; 2188 } 2189 2190 arg->cb(arg->cb_context, skb, 0); 2191 kfree(arg); 2192 return 0; 2193 2194error: 2195 dev_kfree_skb(resp); 2196_error: 2197 skb_queue_purge(&dev->resp_q); 2198 arg->cb(arg->cb_context, NULL, rc); 2199 kfree(arg); 2200 return rc; 2201} 2202 2203/* 2204 * Receive an incoming pn533 frame. skb contains only header and payload. 2205 * If skb == NULL, it is a notification that the link below is dead. 2206 */ 2207void pn533_recv_frame(struct pn533 *dev, struct sk_buff *skb, int status) 2208{ 2209 if (!dev->cmd) 2210 goto sched_wq; 2211 2212 dev->cmd->status = status; 2213 2214 if (status != 0) { 2215 dev_dbg(dev->dev, "%s: Error received: %d\n", __func__, status); 2216 goto sched_wq; 2217 } 2218 2219 if (skb == NULL) { 2220 pr_err("NULL Frame -> link is dead\n"); 2221 goto sched_wq; 2222 } 2223 2224 if (pn533_rx_frame_is_ack(skb->data)) { 2225 dev_dbg(dev->dev, "%s: Received ACK frame\n", __func__); 2226 dev_kfree_skb(skb); 2227 return; 2228 } 2229 2230 print_hex_dump_debug("PN533 RX: ", DUMP_PREFIX_NONE, 16, 1, skb->data, 2231 dev->ops->rx_frame_size(skb->data), false); 2232 2233 if (!dev->ops->rx_is_frame_valid(skb->data, dev)) { 2234 nfc_err(dev->dev, "Received an invalid frame\n"); 2235 dev->cmd->status = -EIO; 2236 } else if (!pn533_rx_frame_is_cmd_response(dev, skb->data)) { 2237 nfc_err(dev->dev, "It it not the response to the last command\n"); 2238 dev->cmd->status = -EIO; 2239 } 2240 2241 dev->cmd->resp = skb; 2242 2243sched_wq: 2244 queue_work(dev->wq, &dev->cmd_complete_work); 2245} 2246EXPORT_SYMBOL(pn533_recv_frame); 2247 2248/* Split the Tx skb into small chunks */ 2249static int pn533_fill_fragment_skbs(struct pn533 *dev, struct sk_buff *skb) 2250{ 2251 struct sk_buff *frag; 2252 int frag_size; 2253 2254 do { 2255 /* Remaining size */ 2256 if (skb->len > PN533_CMD_DATAFRAME_MAXLEN) 2257 frag_size = PN533_CMD_DATAFRAME_MAXLEN; 2258 else 2259 frag_size = skb->len; 2260 2261 /* Allocate and reserve */ 2262 frag = pn533_alloc_skb(dev, frag_size); 2263 if (!frag) { 2264 skb_queue_purge(&dev->fragment_skb); 2265 return -ENOMEM; 2266 } 2267 2268 if (!dev->tgt_mode) { 2269 /* Reserve the TG/MI byte */ 2270 skb_reserve(frag, 1); 2271 2272 /* MI + TG */ 2273 if (frag_size == PN533_CMD_DATAFRAME_MAXLEN) 2274 *(u8 *)skb_push(frag, sizeof(u8)) = 2275 (PN533_CMD_MI_MASK | 1); 2276 else 2277 *(u8 *)skb_push(frag, sizeof(u8)) = 1; /* TG */ 2278 } 2279 2280 skb_put_data(frag, skb->data, frag_size); 2281 2282 /* Reduce the size of incoming buffer */ 2283 skb_pull(skb, frag_size); 2284 2285 /* Add this to skb_queue */ 2286 skb_queue_tail(&dev->fragment_skb, frag); 2287 2288 } while (skb->len > 0); 2289 2290 dev_kfree_skb(skb); 2291 2292 return skb_queue_len(&dev->fragment_skb); 2293} 2294 2295static int pn533_transceive(struct nfc_dev *nfc_dev, 2296 struct nfc_target *target, struct sk_buff *skb, 2297 data_exchange_cb_t cb, void *cb_context) 2298{ 2299 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2300 struct pn533_data_exchange_arg *arg = NULL; 2301 int rc; 2302 2303 dev_dbg(dev->dev, "%s\n", __func__); 2304 2305 if (!dev->tgt_active_prot) { 2306 nfc_err(dev->dev, 2307 "Can't exchange data if there is no active target\n"); 2308 rc = -EINVAL; 2309 goto error; 2310 } 2311 2312 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2313 if (!arg) { 2314 rc = -ENOMEM; 2315 goto error; 2316 } 2317 2318 arg->cb = cb; 2319 arg->cb_context = cb_context; 2320 2321 switch (dev->device_type) { 2322 case PN533_DEVICE_PASORI: 2323 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2324 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU, 2325 skb, 2326 pn533_data_exchange_complete, 2327 arg); 2328 2329 break; 2330 } 2331 fallthrough; 2332 default: 2333 /* jumbo frame ? */ 2334 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2335 rc = pn533_fill_fragment_skbs(dev, skb); 2336 if (rc < 0) 2337 goto error; 2338 2339 skb = skb_dequeue(&dev->fragment_skb); 2340 if (!skb) { 2341 rc = -EIO; 2342 goto error; 2343 } 2344 } else { 2345 *(u8 *)skb_push(skb, sizeof(u8)) = 1; /* TG */ 2346 } 2347 2348 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE, 2349 skb, pn533_data_exchange_complete, 2350 arg); 2351 2352 break; 2353 } 2354 2355 if (rc < 0) /* rc from send_async */ 2356 goto error; 2357 2358 return 0; 2359 2360error: 2361 kfree(arg); 2362 dev_kfree_skb(skb); 2363 return rc; 2364} 2365 2366static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 2367 struct sk_buff *resp) 2368{ 2369 u8 status; 2370 2371 dev_dbg(dev->dev, "%s\n", __func__); 2372 2373 if (IS_ERR(resp)) 2374 return PTR_ERR(resp); 2375 2376 status = resp->data[0]; 2377 2378 /* Prepare for the next round */ 2379 if (skb_queue_len(&dev->fragment_skb) > 0) { 2380 queue_work(dev->wq, &dev->mi_tm_tx_work); 2381 return -EINPROGRESS; 2382 } 2383 dev_kfree_skb(resp); 2384 2385 if (status != 0) { 2386 nfc_tm_deactivated(dev->nfc_dev); 2387 2388 dev->tgt_mode = 0; 2389 2390 return 0; 2391 } 2392 2393 queue_work(dev->wq, &dev->tg_work); 2394 2395 return 0; 2396} 2397 2398static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 2399{ 2400 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2401 int rc; 2402 2403 dev_dbg(dev->dev, "%s\n", __func__); 2404 2405 /* let's split in multiple chunks if size's too big */ 2406 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2407 rc = pn533_fill_fragment_skbs(dev, skb); 2408 if (rc < 0) 2409 goto error; 2410 2411 /* get the first skb */ 2412 skb = skb_dequeue(&dev->fragment_skb); 2413 if (!skb) { 2414 rc = -EIO; 2415 goto error; 2416 } 2417 2418 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_META_DATA, skb, 2419 pn533_tm_send_complete, NULL); 2420 } else { 2421 /* Send th skb */ 2422 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb, 2423 pn533_tm_send_complete, NULL); 2424 } 2425 2426error: 2427 if (rc < 0) { 2428 dev_kfree_skb(skb); 2429 skb_queue_purge(&dev->fragment_skb); 2430 } 2431 2432 return rc; 2433} 2434 2435static void pn533_wq_mi_recv(struct work_struct *work) 2436{ 2437 struct pn533 *dev = container_of(work, struct pn533, mi_rx_work); 2438 struct sk_buff *skb; 2439 int rc; 2440 2441 dev_dbg(dev->dev, "%s\n", __func__); 2442 2443 skb = pn533_alloc_skb(dev, PN533_CMD_DATAEXCH_HEAD_LEN); 2444 if (!skb) 2445 goto error; 2446 2447 switch (dev->device_type) { 2448 case PN533_DEVICE_PASORI: 2449 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2450 rc = pn533_send_cmd_direct_async(dev, 2451 PN533_CMD_IN_COMM_THRU, 2452 skb, 2453 pn533_data_exchange_complete, 2454 dev->cmd_complete_mi_arg); 2455 2456 break; 2457 } 2458 fallthrough; 2459 default: 2460 skb_put_u8(skb, 1); /*TG*/ 2461 2462 rc = pn533_send_cmd_direct_async(dev, 2463 PN533_CMD_IN_DATA_EXCHANGE, 2464 skb, 2465 pn533_data_exchange_complete, 2466 dev->cmd_complete_mi_arg); 2467 2468 break; 2469 } 2470 2471 if (rc == 0) /* success */ 2472 return; 2473 2474 nfc_err(dev->dev, 2475 "Error %d when trying to perform data_exchange\n", rc); 2476 2477 dev_kfree_skb(skb); 2478 kfree(dev->cmd_complete_mi_arg); 2479 2480error: 2481 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2482 queue_work(dev->wq, &dev->cmd_work); 2483} 2484 2485static void pn533_wq_mi_send(struct work_struct *work) 2486{ 2487 struct pn533 *dev = container_of(work, struct pn533, mi_tx_work); 2488 struct sk_buff *skb; 2489 int rc; 2490 2491 dev_dbg(dev->dev, "%s\n", __func__); 2492 2493 /* Grab the first skb in the queue */ 2494 skb = skb_dequeue(&dev->fragment_skb); 2495 2496 if (skb == NULL) { /* No more data */ 2497 /* Reset the queue for future use */ 2498 skb_queue_head_init(&dev->fragment_skb); 2499 goto error; 2500 } 2501 2502 switch (dev->device_type) { 2503 case PN533_DEVICE_PASORI: 2504 if (dev->tgt_active_prot != NFC_PROTO_FELICA) { 2505 rc = -EIO; 2506 break; 2507 } 2508 2509 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_IN_COMM_THRU, 2510 skb, 2511 pn533_data_exchange_complete, 2512 dev->cmd_complete_dep_arg); 2513 2514 break; 2515 2516 default: 2517 /* Still some fragments? */ 2518 rc = pn533_send_cmd_direct_async(dev, 2519 PN533_CMD_IN_DATA_EXCHANGE, 2520 skb, 2521 pn533_data_exchange_complete, 2522 dev->cmd_complete_dep_arg); 2523 2524 break; 2525 } 2526 2527 if (rc == 0) /* success */ 2528 return; 2529 2530 nfc_err(dev->dev, 2531 "Error %d when trying to perform data_exchange\n", rc); 2532 2533 dev_kfree_skb(skb); 2534 kfree(dev->cmd_complete_dep_arg); 2535 2536error: 2537 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2538 queue_work(dev->wq, &dev->cmd_work); 2539} 2540 2541static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata, 2542 u8 cfgdata_len) 2543{ 2544 struct sk_buff *skb; 2545 struct sk_buff *resp; 2546 int skb_len; 2547 2548 dev_dbg(dev->dev, "%s\n", __func__); 2549 2550 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */ 2551 2552 skb = pn533_alloc_skb(dev, skb_len); 2553 if (!skb) 2554 return -ENOMEM; 2555 2556 skb_put_u8(skb, cfgitem); 2557 skb_put_data(skb, cfgdata, cfgdata_len); 2558 2559 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb); 2560 if (IS_ERR(resp)) 2561 return PTR_ERR(resp); 2562 2563 dev_kfree_skb(resp); 2564 return 0; 2565} 2566 2567static int pn533_get_firmware_version(struct pn533 *dev, 2568 struct pn533_fw_version *fv) 2569{ 2570 struct sk_buff *skb; 2571 struct sk_buff *resp; 2572 2573 skb = pn533_alloc_skb(dev, 0); 2574 if (!skb) 2575 return -ENOMEM; 2576 2577 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb); 2578 if (IS_ERR(resp)) 2579 return PTR_ERR(resp); 2580 2581 fv->ic = resp->data[0]; 2582 fv->ver = resp->data[1]; 2583 fv->rev = resp->data[2]; 2584 fv->support = resp->data[3]; 2585 2586 dev_kfree_skb(resp); 2587 return 0; 2588} 2589 2590static int pn533_pasori_fw_reset(struct pn533 *dev) 2591{ 2592 struct sk_buff *skb; 2593 struct sk_buff *resp; 2594 2595 dev_dbg(dev->dev, "%s\n", __func__); 2596 2597 skb = pn533_alloc_skb(dev, sizeof(u8)); 2598 if (!skb) 2599 return -ENOMEM; 2600 2601 skb_put_u8(skb, 0x1); 2602 2603 resp = pn533_send_cmd_sync(dev, 0x18, skb); 2604 if (IS_ERR(resp)) 2605 return PTR_ERR(resp); 2606 2607 dev_kfree_skb(resp); 2608 2609 return 0; 2610} 2611 2612static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf) 2613{ 2614 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2615 u8 rf_field = !!rf; 2616 int rc; 2617 2618 rf_field |= PN533_CFGITEM_RF_FIELD_AUTO_RFCA; 2619 2620 rc = pn533_set_configuration(dev, PN533_CFGITEM_RF_FIELD, 2621 (u8 *)&rf_field, 1); 2622 if (rc) { 2623 nfc_err(dev->dev, "Error on setting RF field\n"); 2624 return rc; 2625 } 2626 2627 return rc; 2628} 2629 2630static int pn532_sam_configuration(struct nfc_dev *nfc_dev) 2631{ 2632 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2633 struct sk_buff *skb; 2634 struct sk_buff *resp; 2635 2636 skb = pn533_alloc_skb(dev, 1); 2637 if (!skb) 2638 return -ENOMEM; 2639 2640 skb_put_u8(skb, 0x01); 2641 2642 resp = pn533_send_cmd_sync(dev, PN533_CMD_SAM_CONFIGURATION, skb); 2643 if (IS_ERR(resp)) 2644 return PTR_ERR(resp); 2645 2646 dev_kfree_skb(resp); 2647 return 0; 2648} 2649 2650static int pn533_dev_up(struct nfc_dev *nfc_dev) 2651{ 2652 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2653 int rc; 2654 2655 if (dev->phy_ops->dev_up) { 2656 rc = dev->phy_ops->dev_up(dev); 2657 if (rc) 2658 return rc; 2659 } 2660 2661 if ((dev->device_type == PN533_DEVICE_PN532) || 2662 (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL)) { 2663 rc = pn532_sam_configuration(nfc_dev); 2664 2665 if (rc) 2666 return rc; 2667 } 2668 2669 return pn533_rf_field(nfc_dev, 1); 2670} 2671 2672static int pn533_dev_down(struct nfc_dev *nfc_dev) 2673{ 2674 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2675 int ret; 2676 2677 ret = pn533_rf_field(nfc_dev, 0); 2678 if (dev->phy_ops->dev_down && !ret) 2679 ret = dev->phy_ops->dev_down(dev); 2680 2681 return ret; 2682} 2683 2684static struct nfc_ops pn533_nfc_ops = { 2685 .dev_up = pn533_dev_up, 2686 .dev_down = pn533_dev_down, 2687 .dep_link_up = pn533_dep_link_up, 2688 .dep_link_down = pn533_dep_link_down, 2689 .start_poll = pn533_start_poll, 2690 .stop_poll = pn533_stop_poll, 2691 .activate_target = pn533_activate_target, 2692 .deactivate_target = pn533_deactivate_target, 2693 .im_transceive = pn533_transceive, 2694 .tm_send = pn533_tm_send, 2695}; 2696 2697static int pn533_setup(struct pn533 *dev) 2698{ 2699 struct pn533_config_max_retries max_retries; 2700 struct pn533_config_timing timing; 2701 u8 pasori_cfg[3] = {0x08, 0x01, 0x08}; 2702 int rc; 2703 2704 switch (dev->device_type) { 2705 case PN533_DEVICE_STD: 2706 case PN533_DEVICE_PASORI: 2707 case PN533_DEVICE_ACR122U: 2708 case PN533_DEVICE_PN532: 2709 case PN533_DEVICE_PN532_AUTOPOLL: 2710 max_retries.mx_rty_atr = 0x2; 2711 max_retries.mx_rty_psl = 0x1; 2712 max_retries.mx_rty_passive_act = 2713 PN533_CONFIG_MAX_RETRIES_NO_RETRY; 2714 2715 timing.rfu = PN533_CONFIG_TIMING_102; 2716 timing.atr_res_timeout = PN533_CONFIG_TIMING_102; 2717 timing.dep_timeout = PN533_CONFIG_TIMING_204; 2718 2719 break; 2720 2721 default: 2722 nfc_err(dev->dev, "Unknown device type %d\n", 2723 dev->device_type); 2724 return -EINVAL; 2725 } 2726 2727 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES, 2728 (u8 *)&max_retries, sizeof(max_retries)); 2729 if (rc) { 2730 nfc_err(dev->dev, 2731 "Error on setting MAX_RETRIES config\n"); 2732 return rc; 2733 } 2734 2735 2736 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING, 2737 (u8 *)&timing, sizeof(timing)); 2738 if (rc) { 2739 nfc_err(dev->dev, "Error on setting RF timings\n"); 2740 return rc; 2741 } 2742 2743 switch (dev->device_type) { 2744 case PN533_DEVICE_STD: 2745 case PN533_DEVICE_PN532: 2746 case PN533_DEVICE_PN532_AUTOPOLL: 2747 break; 2748 2749 case PN533_DEVICE_PASORI: 2750 pn533_pasori_fw_reset(dev); 2751 2752 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI, 2753 pasori_cfg, 3); 2754 if (rc) { 2755 nfc_err(dev->dev, 2756 "Error while settings PASORI config\n"); 2757 return rc; 2758 } 2759 2760 pn533_pasori_fw_reset(dev); 2761 2762 break; 2763 } 2764 2765 return 0; 2766} 2767 2768int pn533_finalize_setup(struct pn533 *dev) 2769{ 2770 2771 struct pn533_fw_version fw_ver; 2772 int rc; 2773 2774 memset(&fw_ver, 0, sizeof(fw_ver)); 2775 2776 rc = pn533_get_firmware_version(dev, &fw_ver); 2777 if (rc) { 2778 nfc_err(dev->dev, "Unable to get FW version\n"); 2779 return rc; 2780 } 2781 2782 nfc_info(dev->dev, "NXP PN5%02X firmware ver %d.%d now attached\n", 2783 fw_ver.ic, fw_ver.ver, fw_ver.rev); 2784 2785 rc = pn533_setup(dev); 2786 if (rc) 2787 return rc; 2788 2789 return 0; 2790} 2791EXPORT_SYMBOL_GPL(pn533_finalize_setup); 2792 2793struct pn533 *pn53x_common_init(u32 device_type, 2794 enum pn533_protocol_type protocol_type, 2795 void *phy, 2796 struct pn533_phy_ops *phy_ops, 2797 struct pn533_frame_ops *fops, 2798 struct device *dev) 2799{ 2800 struct pn533 *priv; 2801 int rc = -ENOMEM; 2802 2803 priv = kzalloc(sizeof(*priv), GFP_KERNEL); 2804 if (!priv) 2805 return ERR_PTR(-ENOMEM); 2806 2807 priv->phy = phy; 2808 priv->phy_ops = phy_ops; 2809 priv->dev = dev; 2810 if (fops != NULL) 2811 priv->ops = fops; 2812 else 2813 priv->ops = &pn533_std_frame_ops; 2814 2815 priv->protocol_type = protocol_type; 2816 priv->device_type = device_type; 2817 2818 mutex_init(&priv->cmd_lock); 2819 2820 INIT_WORK(&priv->cmd_work, pn533_wq_cmd); 2821 INIT_WORK(&priv->cmd_complete_work, pn533_wq_cmd_complete); 2822 INIT_WORK(&priv->mi_rx_work, pn533_wq_mi_recv); 2823 INIT_WORK(&priv->mi_tx_work, pn533_wq_mi_send); 2824 INIT_WORK(&priv->tg_work, pn533_wq_tg_get_data); 2825 INIT_WORK(&priv->mi_tm_rx_work, pn533_wq_tm_mi_recv); 2826 INIT_WORK(&priv->mi_tm_tx_work, pn533_wq_tm_mi_send); 2827 INIT_DELAYED_WORK(&priv->poll_work, pn533_wq_poll); 2828 INIT_WORK(&priv->rf_work, pn533_wq_rf); 2829 priv->wq = alloc_ordered_workqueue("pn533", 0); 2830 if (priv->wq == NULL) 2831 goto error; 2832 2833 timer_setup(&priv->listen_timer, pn533_listen_mode_timer, 0); 2834 2835 skb_queue_head_init(&priv->resp_q); 2836 skb_queue_head_init(&priv->fragment_skb); 2837 2838 INIT_LIST_HEAD(&priv->cmd_queue); 2839 return priv; 2840 2841error: 2842 kfree(priv); 2843 return ERR_PTR(rc); 2844} 2845EXPORT_SYMBOL_GPL(pn53x_common_init); 2846 2847void pn53x_common_clean(struct pn533 *priv) 2848{ 2849 struct pn533_cmd *cmd, *n; 2850 2851 /* delete the timer before cleanup the worker */ 2852 del_timer_sync(&priv->listen_timer); 2853 2854 flush_delayed_work(&priv->poll_work); 2855 destroy_workqueue(priv->wq); 2856 2857 skb_queue_purge(&priv->resp_q); 2858 2859 list_for_each_entry_safe(cmd, n, &priv->cmd_queue, queue) { 2860 list_del(&cmd->queue); 2861 kfree(cmd); 2862 } 2863 2864 kfree(priv); 2865} 2866EXPORT_SYMBOL_GPL(pn53x_common_clean); 2867 2868int pn532_i2c_nfc_alloc(struct pn533 *priv, u32 protocols, 2869 struct device *parent) 2870{ 2871 priv->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols, 2872 priv->ops->tx_header_len + 2873 PN533_CMD_DATAEXCH_HEAD_LEN, 2874 priv->ops->tx_tail_len); 2875 if (!priv->nfc_dev) 2876 return -ENOMEM; 2877 2878 nfc_set_parent_dev(priv->nfc_dev, parent); 2879 nfc_set_drvdata(priv->nfc_dev, priv); 2880 return 0; 2881} 2882EXPORT_SYMBOL_GPL(pn532_i2c_nfc_alloc); 2883 2884int pn53x_register_nfc(struct pn533 *priv, u32 protocols, 2885 struct device *parent) 2886{ 2887 int rc; 2888 2889 rc = pn532_i2c_nfc_alloc(priv, protocols, parent); 2890 if (rc) 2891 return rc; 2892 2893 rc = nfc_register_device(priv->nfc_dev); 2894 if (rc) 2895 nfc_free_device(priv->nfc_dev); 2896 2897 return rc; 2898} 2899EXPORT_SYMBOL_GPL(pn53x_register_nfc); 2900 2901void pn53x_unregister_nfc(struct pn533 *priv) 2902{ 2903 nfc_unregister_device(priv->nfc_dev); 2904 nfc_free_device(priv->nfc_dev); 2905} 2906EXPORT_SYMBOL_GPL(pn53x_unregister_nfc); 2907 2908MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>"); 2909MODULE_AUTHOR("Aloisio Almeida Jr <aloisio.almeida@openbossa.org>"); 2910MODULE_AUTHOR("Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>"); 2911MODULE_DESCRIPTION("PN533 driver ver " VERSION); 2912MODULE_VERSION(VERSION); 2913MODULE_LICENSE("GPL"); 2914