Loading...
1/*
2 * The NFC Controller Interface is the communication protocol between an
3 * NFC Controller (NFCC) and a Device Host (DH).
4 *
5 * Copyright (C) 2011 Texas Instruments, Inc.
6 * Copyright (C) 2014 Marvell International Ltd.
7 *
8 * Written by Ilan Elias <ilane@ti.com>
9 *
10 * Acknowledgements:
11 * This file is based on hci_core.c, which was written
12 * by Maxim Krasnyansky.
13 *
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License version 2
16 * as published by the Free Software Foundation
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, see <http://www.gnu.org/licenses/>.
25 *
26 */
27
28#define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
29
30#include <linux/module.h>
31#include <linux/kernel.h>
32#include <linux/types.h>
33#include <linux/workqueue.h>
34#include <linux/completion.h>
35#include <linux/export.h>
36#include <linux/sched.h>
37#include <linux/bitops.h>
38#include <linux/skbuff.h>
39
40#include "../nfc.h"
41#include <net/nfc/nci.h>
42#include <net/nfc/nci_core.h>
43#include <linux/nfc.h>
44
45struct core_conn_create_data {
46 int length;
47 struct nci_core_conn_create_cmd *cmd;
48};
49
50static void nci_cmd_work(struct work_struct *work);
51static void nci_rx_work(struct work_struct *work);
52static void nci_tx_work(struct work_struct *work);
53
54struct nci_conn_info *nci_get_conn_info_by_conn_id(struct nci_dev *ndev,
55 int conn_id)
56{
57 struct nci_conn_info *conn_info;
58
59 list_for_each_entry(conn_info, &ndev->conn_info_list, list) {
60 if (conn_info->conn_id == conn_id)
61 return conn_info;
62 }
63
64 return NULL;
65}
66
67int nci_get_conn_info_by_dest_type_params(struct nci_dev *ndev, u8 dest_type,
68 struct dest_spec_params *params)
69{
70 struct nci_conn_info *conn_info;
71
72 list_for_each_entry(conn_info, &ndev->conn_info_list, list) {
73 if (conn_info->dest_type == dest_type) {
74 if (!params)
75 return conn_info->conn_id;
76 if (conn_info) {
77 if (params->id == conn_info->dest_params->id &&
78 params->protocol == conn_info->dest_params->protocol)
79 return conn_info->conn_id;
80 }
81 }
82 }
83
84 return -EINVAL;
85}
86EXPORT_SYMBOL(nci_get_conn_info_by_dest_type_params);
87
88/* ---- NCI requests ---- */
89
90void nci_req_complete(struct nci_dev *ndev, int result)
91{
92 if (ndev->req_status == NCI_REQ_PEND) {
93 ndev->req_result = result;
94 ndev->req_status = NCI_REQ_DONE;
95 complete(&ndev->req_completion);
96 }
97}
98EXPORT_SYMBOL(nci_req_complete);
99
100static void nci_req_cancel(struct nci_dev *ndev, int err)
101{
102 if (ndev->req_status == NCI_REQ_PEND) {
103 ndev->req_result = err;
104 ndev->req_status = NCI_REQ_CANCELED;
105 complete(&ndev->req_completion);
106 }
107}
108
109/* Execute request and wait for completion. */
110static int __nci_request(struct nci_dev *ndev,
111 void (*req)(struct nci_dev *ndev, unsigned long opt),
112 unsigned long opt, __u32 timeout)
113{
114 int rc = 0;
115 long completion_rc;
116
117 ndev->req_status = NCI_REQ_PEND;
118
119 reinit_completion(&ndev->req_completion);
120 req(ndev, opt);
121 completion_rc =
122 wait_for_completion_interruptible_timeout(&ndev->req_completion,
123 timeout);
124
125 pr_debug("wait_for_completion return %ld\n", completion_rc);
126
127 if (completion_rc > 0) {
128 switch (ndev->req_status) {
129 case NCI_REQ_DONE:
130 rc = nci_to_errno(ndev->req_result);
131 break;
132
133 case NCI_REQ_CANCELED:
134 rc = -ndev->req_result;
135 break;
136
137 default:
138 rc = -ETIMEDOUT;
139 break;
140 }
141 } else {
142 pr_err("wait_for_completion_interruptible_timeout failed %ld\n",
143 completion_rc);
144
145 rc = ((completion_rc == 0) ? (-ETIMEDOUT) : (completion_rc));
146 }
147
148 ndev->req_status = ndev->req_result = 0;
149
150 return rc;
151}
152
153inline int nci_request(struct nci_dev *ndev,
154 void (*req)(struct nci_dev *ndev,
155 unsigned long opt),
156 unsigned long opt, __u32 timeout)
157{
158 int rc;
159
160 if (!test_bit(NCI_UP, &ndev->flags))
161 return -ENETDOWN;
162
163 /* Serialize all requests */
164 mutex_lock(&ndev->req_lock);
165 rc = __nci_request(ndev, req, opt, timeout);
166 mutex_unlock(&ndev->req_lock);
167
168 return rc;
169}
170
171static void nci_reset_req(struct nci_dev *ndev, unsigned long opt)
172{
173 struct nci_core_reset_cmd cmd;
174
175 cmd.reset_type = NCI_RESET_TYPE_RESET_CONFIG;
176 nci_send_cmd(ndev, NCI_OP_CORE_RESET_CMD, 1, &cmd);
177}
178
179static void nci_init_req(struct nci_dev *ndev, unsigned long opt)
180{
181 nci_send_cmd(ndev, NCI_OP_CORE_INIT_CMD, 0, NULL);
182}
183
184static void nci_init_complete_req(struct nci_dev *ndev, unsigned long opt)
185{
186 struct nci_rf_disc_map_cmd cmd;
187 struct disc_map_config *cfg = cmd.mapping_configs;
188 __u8 *num = &cmd.num_mapping_configs;
189 int i;
190
191 /* set rf mapping configurations */
192 *num = 0;
193
194 /* by default mapping is set to NCI_RF_INTERFACE_FRAME */
195 for (i = 0; i < ndev->num_supported_rf_interfaces; i++) {
196 if (ndev->supported_rf_interfaces[i] ==
197 NCI_RF_INTERFACE_ISO_DEP) {
198 cfg[*num].rf_protocol = NCI_RF_PROTOCOL_ISO_DEP;
199 cfg[*num].mode = NCI_DISC_MAP_MODE_POLL |
200 NCI_DISC_MAP_MODE_LISTEN;
201 cfg[*num].rf_interface = NCI_RF_INTERFACE_ISO_DEP;
202 (*num)++;
203 } else if (ndev->supported_rf_interfaces[i] ==
204 NCI_RF_INTERFACE_NFC_DEP) {
205 cfg[*num].rf_protocol = NCI_RF_PROTOCOL_NFC_DEP;
206 cfg[*num].mode = NCI_DISC_MAP_MODE_POLL |
207 NCI_DISC_MAP_MODE_LISTEN;
208 cfg[*num].rf_interface = NCI_RF_INTERFACE_NFC_DEP;
209 (*num)++;
210 }
211
212 if (*num == NCI_MAX_NUM_MAPPING_CONFIGS)
213 break;
214 }
215
216 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_MAP_CMD,
217 (1 + ((*num) * sizeof(struct disc_map_config))), &cmd);
218}
219
220struct nci_set_config_param {
221 __u8 id;
222 size_t len;
223 __u8 *val;
224};
225
226static void nci_set_config_req(struct nci_dev *ndev, unsigned long opt)
227{
228 struct nci_set_config_param *param = (struct nci_set_config_param *)opt;
229 struct nci_core_set_config_cmd cmd;
230
231 BUG_ON(param->len > NCI_MAX_PARAM_LEN);
232
233 cmd.num_params = 1;
234 cmd.param.id = param->id;
235 cmd.param.len = param->len;
236 memcpy(cmd.param.val, param->val, param->len);
237
238 nci_send_cmd(ndev, NCI_OP_CORE_SET_CONFIG_CMD, (3 + param->len), &cmd);
239}
240
241struct nci_rf_discover_param {
242 __u32 im_protocols;
243 __u32 tm_protocols;
244};
245
246static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
247{
248 struct nci_rf_discover_param *param =
249 (struct nci_rf_discover_param *)opt;
250 struct nci_rf_disc_cmd cmd;
251
252 cmd.num_disc_configs = 0;
253
254 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
255 (param->im_protocols & NFC_PROTO_JEWEL_MASK ||
256 param->im_protocols & NFC_PROTO_MIFARE_MASK ||
257 param->im_protocols & NFC_PROTO_ISO14443_MASK ||
258 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
259 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
260 NCI_NFC_A_PASSIVE_POLL_MODE;
261 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
262 cmd.num_disc_configs++;
263 }
264
265 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
266 (param->im_protocols & NFC_PROTO_ISO14443_B_MASK)) {
267 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
268 NCI_NFC_B_PASSIVE_POLL_MODE;
269 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
270 cmd.num_disc_configs++;
271 }
272
273 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
274 (param->im_protocols & NFC_PROTO_FELICA_MASK ||
275 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
276 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
277 NCI_NFC_F_PASSIVE_POLL_MODE;
278 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
279 cmd.num_disc_configs++;
280 }
281
282 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
283 (param->im_protocols & NFC_PROTO_ISO15693_MASK)) {
284 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
285 NCI_NFC_V_PASSIVE_POLL_MODE;
286 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
287 cmd.num_disc_configs++;
288 }
289
290 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS - 1) &&
291 (param->tm_protocols & NFC_PROTO_NFC_DEP_MASK)) {
292 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
293 NCI_NFC_A_PASSIVE_LISTEN_MODE;
294 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
295 cmd.num_disc_configs++;
296 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
297 NCI_NFC_F_PASSIVE_LISTEN_MODE;
298 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
299 cmd.num_disc_configs++;
300 }
301
302 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_CMD,
303 (1 + (cmd.num_disc_configs * sizeof(struct disc_config))),
304 &cmd);
305}
306
307struct nci_rf_discover_select_param {
308 __u8 rf_discovery_id;
309 __u8 rf_protocol;
310};
311
312static void nci_rf_discover_select_req(struct nci_dev *ndev, unsigned long opt)
313{
314 struct nci_rf_discover_select_param *param =
315 (struct nci_rf_discover_select_param *)opt;
316 struct nci_rf_discover_select_cmd cmd;
317
318 cmd.rf_discovery_id = param->rf_discovery_id;
319 cmd.rf_protocol = param->rf_protocol;
320
321 switch (cmd.rf_protocol) {
322 case NCI_RF_PROTOCOL_ISO_DEP:
323 cmd.rf_interface = NCI_RF_INTERFACE_ISO_DEP;
324 break;
325
326 case NCI_RF_PROTOCOL_NFC_DEP:
327 cmd.rf_interface = NCI_RF_INTERFACE_NFC_DEP;
328 break;
329
330 default:
331 cmd.rf_interface = NCI_RF_INTERFACE_FRAME;
332 break;
333 }
334
335 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_SELECT_CMD,
336 sizeof(struct nci_rf_discover_select_cmd), &cmd);
337}
338
339static void nci_rf_deactivate_req(struct nci_dev *ndev, unsigned long opt)
340{
341 struct nci_rf_deactivate_cmd cmd;
342
343 cmd.type = opt;
344
345 nci_send_cmd(ndev, NCI_OP_RF_DEACTIVATE_CMD,
346 sizeof(struct nci_rf_deactivate_cmd), &cmd);
347}
348
349struct nci_cmd_param {
350 __u16 opcode;
351 size_t len;
352 __u8 *payload;
353};
354
355static void nci_generic_req(struct nci_dev *ndev, unsigned long opt)
356{
357 struct nci_cmd_param *param =
358 (struct nci_cmd_param *)opt;
359
360 nci_send_cmd(ndev, param->opcode, param->len, param->payload);
361}
362
363int nci_prop_cmd(struct nci_dev *ndev, __u8 oid, size_t len, __u8 *payload)
364{
365 struct nci_cmd_param param;
366
367 param.opcode = nci_opcode_pack(NCI_GID_PROPRIETARY, oid);
368 param.len = len;
369 param.payload = payload;
370
371 return __nci_request(ndev, nci_generic_req, (unsigned long)¶m,
372 msecs_to_jiffies(NCI_CMD_TIMEOUT));
373}
374EXPORT_SYMBOL(nci_prop_cmd);
375
376int nci_core_cmd(struct nci_dev *ndev, __u16 opcode, size_t len, __u8 *payload)
377{
378 struct nci_cmd_param param;
379
380 param.opcode = opcode;
381 param.len = len;
382 param.payload = payload;
383
384 return __nci_request(ndev, nci_generic_req, (unsigned long)¶m,
385 msecs_to_jiffies(NCI_CMD_TIMEOUT));
386}
387EXPORT_SYMBOL(nci_core_cmd);
388
389int nci_core_reset(struct nci_dev *ndev)
390{
391 return __nci_request(ndev, nci_reset_req, 0,
392 msecs_to_jiffies(NCI_RESET_TIMEOUT));
393}
394EXPORT_SYMBOL(nci_core_reset);
395
396int nci_core_init(struct nci_dev *ndev)
397{
398 return __nci_request(ndev, nci_init_req, 0,
399 msecs_to_jiffies(NCI_INIT_TIMEOUT));
400}
401EXPORT_SYMBOL(nci_core_init);
402
403struct nci_loopback_data {
404 u8 conn_id;
405 struct sk_buff *data;
406};
407
408static void nci_send_data_req(struct nci_dev *ndev, unsigned long opt)
409{
410 struct nci_loopback_data *data = (struct nci_loopback_data *)opt;
411
412 nci_send_data(ndev, data->conn_id, data->data);
413}
414
415static void nci_nfcc_loopback_cb(void *context, struct sk_buff *skb, int err)
416{
417 struct nci_dev *ndev = (struct nci_dev *)context;
418 struct nci_conn_info *conn_info;
419
420 conn_info = nci_get_conn_info_by_conn_id(ndev, ndev->cur_conn_id);
421 if (!conn_info) {
422 nci_req_complete(ndev, NCI_STATUS_REJECTED);
423 return;
424 }
425
426 conn_info->rx_skb = skb;
427
428 nci_req_complete(ndev, NCI_STATUS_OK);
429}
430
431int nci_nfcc_loopback(struct nci_dev *ndev, void *data, size_t data_len,
432 struct sk_buff **resp)
433{
434 int r;
435 struct nci_loopback_data loopback_data;
436 struct nci_conn_info *conn_info;
437 struct sk_buff *skb;
438 int conn_id = nci_get_conn_info_by_dest_type_params(ndev,
439 NCI_DESTINATION_NFCC_LOOPBACK, NULL);
440
441 if (conn_id < 0) {
442 r = nci_core_conn_create(ndev, NCI_DESTINATION_NFCC_LOOPBACK,
443 0, 0, NULL);
444 if (r != NCI_STATUS_OK)
445 return r;
446
447 conn_id = nci_get_conn_info_by_dest_type_params(ndev,
448 NCI_DESTINATION_NFCC_LOOPBACK,
449 NULL);
450 }
451
452 conn_info = nci_get_conn_info_by_conn_id(ndev, conn_id);
453 if (!conn_info)
454 return -EPROTO;
455
456 /* store cb and context to be used on receiving data */
457 conn_info->data_exchange_cb = nci_nfcc_loopback_cb;
458 conn_info->data_exchange_cb_context = ndev;
459
460 skb = nci_skb_alloc(ndev, NCI_DATA_HDR_SIZE + data_len, GFP_KERNEL);
461 if (!skb)
462 return -ENOMEM;
463
464 skb_reserve(skb, NCI_DATA_HDR_SIZE);
465 memcpy(skb_put(skb, data_len), data, data_len);
466
467 loopback_data.conn_id = conn_id;
468 loopback_data.data = skb;
469
470 ndev->cur_conn_id = conn_id;
471 r = nci_request(ndev, nci_send_data_req, (unsigned long)&loopback_data,
472 msecs_to_jiffies(NCI_DATA_TIMEOUT));
473 if (r == NCI_STATUS_OK && resp)
474 *resp = conn_info->rx_skb;
475
476 return r;
477}
478EXPORT_SYMBOL(nci_nfcc_loopback);
479
480static int nci_open_device(struct nci_dev *ndev)
481{
482 int rc = 0;
483
484 mutex_lock(&ndev->req_lock);
485
486 if (test_bit(NCI_UP, &ndev->flags)) {
487 rc = -EALREADY;
488 goto done;
489 }
490
491 if (ndev->ops->open(ndev)) {
492 rc = -EIO;
493 goto done;
494 }
495
496 atomic_set(&ndev->cmd_cnt, 1);
497
498 set_bit(NCI_INIT, &ndev->flags);
499
500 if (ndev->ops->init)
501 rc = ndev->ops->init(ndev);
502
503 if (!rc) {
504 rc = __nci_request(ndev, nci_reset_req, 0,
505 msecs_to_jiffies(NCI_RESET_TIMEOUT));
506 }
507
508 if (!rc && ndev->ops->setup) {
509 rc = ndev->ops->setup(ndev);
510 }
511
512 if (!rc) {
513 rc = __nci_request(ndev, nci_init_req, 0,
514 msecs_to_jiffies(NCI_INIT_TIMEOUT));
515 }
516
517 if (!rc && ndev->ops->post_setup)
518 rc = ndev->ops->post_setup(ndev);
519
520 if (!rc) {
521 rc = __nci_request(ndev, nci_init_complete_req, 0,
522 msecs_to_jiffies(NCI_INIT_TIMEOUT));
523 }
524
525 clear_bit(NCI_INIT, &ndev->flags);
526
527 if (!rc) {
528 set_bit(NCI_UP, &ndev->flags);
529 nci_clear_target_list(ndev);
530 atomic_set(&ndev->state, NCI_IDLE);
531 } else {
532 /* Init failed, cleanup */
533 skb_queue_purge(&ndev->cmd_q);
534 skb_queue_purge(&ndev->rx_q);
535 skb_queue_purge(&ndev->tx_q);
536
537 ndev->ops->close(ndev);
538 ndev->flags = 0;
539 }
540
541done:
542 mutex_unlock(&ndev->req_lock);
543 return rc;
544}
545
546static int nci_close_device(struct nci_dev *ndev)
547{
548 nci_req_cancel(ndev, ENODEV);
549 mutex_lock(&ndev->req_lock);
550
551 if (!test_and_clear_bit(NCI_UP, &ndev->flags)) {
552 del_timer_sync(&ndev->cmd_timer);
553 del_timer_sync(&ndev->data_timer);
554 mutex_unlock(&ndev->req_lock);
555 return 0;
556 }
557
558 /* Drop RX and TX queues */
559 skb_queue_purge(&ndev->rx_q);
560 skb_queue_purge(&ndev->tx_q);
561
562 /* Flush RX and TX wq */
563 flush_workqueue(ndev->rx_wq);
564 flush_workqueue(ndev->tx_wq);
565
566 /* Reset device */
567 skb_queue_purge(&ndev->cmd_q);
568 atomic_set(&ndev->cmd_cnt, 1);
569
570 set_bit(NCI_INIT, &ndev->flags);
571 __nci_request(ndev, nci_reset_req, 0,
572 msecs_to_jiffies(NCI_RESET_TIMEOUT));
573
574 /* After this point our queues are empty
575 * and no works are scheduled.
576 */
577 ndev->ops->close(ndev);
578
579 clear_bit(NCI_INIT, &ndev->flags);
580
581 del_timer_sync(&ndev->cmd_timer);
582
583 /* Flush cmd wq */
584 flush_workqueue(ndev->cmd_wq);
585
586 /* Clear flags */
587 ndev->flags = 0;
588
589 mutex_unlock(&ndev->req_lock);
590
591 return 0;
592}
593
594/* NCI command timer function */
595static void nci_cmd_timer(unsigned long arg)
596{
597 struct nci_dev *ndev = (void *) arg;
598
599 atomic_set(&ndev->cmd_cnt, 1);
600 queue_work(ndev->cmd_wq, &ndev->cmd_work);
601}
602
603/* NCI data exchange timer function */
604static void nci_data_timer(unsigned long arg)
605{
606 struct nci_dev *ndev = (void *) arg;
607
608 set_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags);
609 queue_work(ndev->rx_wq, &ndev->rx_work);
610}
611
612static int nci_dev_up(struct nfc_dev *nfc_dev)
613{
614 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
615
616 return nci_open_device(ndev);
617}
618
619static int nci_dev_down(struct nfc_dev *nfc_dev)
620{
621 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
622
623 return nci_close_device(ndev);
624}
625
626int nci_set_config(struct nci_dev *ndev, __u8 id, size_t len, __u8 *val)
627{
628 struct nci_set_config_param param;
629
630 if (!val || !len)
631 return 0;
632
633 param.id = id;
634 param.len = len;
635 param.val = val;
636
637 return __nci_request(ndev, nci_set_config_req, (unsigned long)¶m,
638 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
639}
640EXPORT_SYMBOL(nci_set_config);
641
642static void nci_nfcee_discover_req(struct nci_dev *ndev, unsigned long opt)
643{
644 struct nci_nfcee_discover_cmd cmd;
645 __u8 action = opt;
646
647 cmd.discovery_action = action;
648
649 nci_send_cmd(ndev, NCI_OP_NFCEE_DISCOVER_CMD, 1, &cmd);
650}
651
652int nci_nfcee_discover(struct nci_dev *ndev, u8 action)
653{
654 return __nci_request(ndev, nci_nfcee_discover_req, action,
655 msecs_to_jiffies(NCI_CMD_TIMEOUT));
656}
657EXPORT_SYMBOL(nci_nfcee_discover);
658
659static void nci_nfcee_mode_set_req(struct nci_dev *ndev, unsigned long opt)
660{
661 struct nci_nfcee_mode_set_cmd *cmd =
662 (struct nci_nfcee_mode_set_cmd *)opt;
663
664 nci_send_cmd(ndev, NCI_OP_NFCEE_MODE_SET_CMD,
665 sizeof(struct nci_nfcee_mode_set_cmd), cmd);
666}
667
668int nci_nfcee_mode_set(struct nci_dev *ndev, u8 nfcee_id, u8 nfcee_mode)
669{
670 struct nci_nfcee_mode_set_cmd cmd;
671
672 cmd.nfcee_id = nfcee_id;
673 cmd.nfcee_mode = nfcee_mode;
674
675 return __nci_request(ndev, nci_nfcee_mode_set_req,
676 (unsigned long)&cmd,
677 msecs_to_jiffies(NCI_CMD_TIMEOUT));
678}
679EXPORT_SYMBOL(nci_nfcee_mode_set);
680
681static void nci_core_conn_create_req(struct nci_dev *ndev, unsigned long opt)
682{
683 struct core_conn_create_data *data =
684 (struct core_conn_create_data *)opt;
685
686 nci_send_cmd(ndev, NCI_OP_CORE_CONN_CREATE_CMD, data->length, data->cmd);
687}
688
689int nci_core_conn_create(struct nci_dev *ndev, u8 destination_type,
690 u8 number_destination_params,
691 size_t params_len,
692 struct core_conn_create_dest_spec_params *params)
693{
694 int r;
695 struct nci_core_conn_create_cmd *cmd;
696 struct core_conn_create_data data;
697
698 data.length = params_len + sizeof(struct nci_core_conn_create_cmd);
699 cmd = kzalloc(data.length, GFP_KERNEL);
700 if (!cmd)
701 return -ENOMEM;
702
703 cmd->destination_type = destination_type;
704 cmd->number_destination_params = number_destination_params;
705
706 data.cmd = cmd;
707
708 if (params) {
709 memcpy(cmd->params, params, params_len);
710 if (params->length > 0)
711 memcpy(&ndev->cur_params,
712 ¶ms->value[DEST_SPEC_PARAMS_ID_INDEX],
713 sizeof(struct dest_spec_params));
714 else
715 ndev->cur_params.id = 0;
716 } else {
717 ndev->cur_params.id = 0;
718 }
719 ndev->cur_dest_type = destination_type;
720
721 r = __nci_request(ndev, nci_core_conn_create_req, (unsigned long)&data,
722 msecs_to_jiffies(NCI_CMD_TIMEOUT));
723 kfree(cmd);
724 return r;
725}
726EXPORT_SYMBOL(nci_core_conn_create);
727
728static void nci_core_conn_close_req(struct nci_dev *ndev, unsigned long opt)
729{
730 __u8 conn_id = opt;
731
732 nci_send_cmd(ndev, NCI_OP_CORE_CONN_CLOSE_CMD, 1, &conn_id);
733}
734
735int nci_core_conn_close(struct nci_dev *ndev, u8 conn_id)
736{
737 ndev->cur_conn_id = conn_id;
738 return __nci_request(ndev, nci_core_conn_close_req, conn_id,
739 msecs_to_jiffies(NCI_CMD_TIMEOUT));
740}
741EXPORT_SYMBOL(nci_core_conn_close);
742
743static int nci_set_local_general_bytes(struct nfc_dev *nfc_dev)
744{
745 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
746 struct nci_set_config_param param;
747 int rc;
748
749 param.val = nfc_get_local_general_bytes(nfc_dev, ¶m.len);
750 if ((param.val == NULL) || (param.len == 0))
751 return 0;
752
753 if (param.len > NFC_MAX_GT_LEN)
754 return -EINVAL;
755
756 param.id = NCI_PN_ATR_REQ_GEN_BYTES;
757
758 rc = nci_request(ndev, nci_set_config_req, (unsigned long)¶m,
759 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
760 if (rc)
761 return rc;
762
763 param.id = NCI_LN_ATR_RES_GEN_BYTES;
764
765 return nci_request(ndev, nci_set_config_req, (unsigned long)¶m,
766 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
767}
768
769static int nci_set_listen_parameters(struct nfc_dev *nfc_dev)
770{
771 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
772 int rc;
773 __u8 val;
774
775 val = NCI_LA_SEL_INFO_NFC_DEP_MASK;
776
777 rc = nci_set_config(ndev, NCI_LA_SEL_INFO, 1, &val);
778 if (rc)
779 return rc;
780
781 val = NCI_LF_PROTOCOL_TYPE_NFC_DEP_MASK;
782
783 rc = nci_set_config(ndev, NCI_LF_PROTOCOL_TYPE, 1, &val);
784 if (rc)
785 return rc;
786
787 val = NCI_LF_CON_BITR_F_212 | NCI_LF_CON_BITR_F_424;
788
789 return nci_set_config(ndev, NCI_LF_CON_BITR_F, 1, &val);
790}
791
792static int nci_start_poll(struct nfc_dev *nfc_dev,
793 __u32 im_protocols, __u32 tm_protocols)
794{
795 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
796 struct nci_rf_discover_param param;
797 int rc;
798
799 if ((atomic_read(&ndev->state) == NCI_DISCOVERY) ||
800 (atomic_read(&ndev->state) == NCI_W4_ALL_DISCOVERIES)) {
801 pr_err("unable to start poll, since poll is already active\n");
802 return -EBUSY;
803 }
804
805 if (ndev->target_active_prot) {
806 pr_err("there is an active target\n");
807 return -EBUSY;
808 }
809
810 if ((atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) ||
811 (atomic_read(&ndev->state) == NCI_POLL_ACTIVE)) {
812 pr_debug("target active or w4 select, implicitly deactivate\n");
813
814 rc = nci_request(ndev, nci_rf_deactivate_req,
815 NCI_DEACTIVATE_TYPE_IDLE_MODE,
816 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
817 if (rc)
818 return -EBUSY;
819 }
820
821 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
822 rc = nci_set_local_general_bytes(nfc_dev);
823 if (rc) {
824 pr_err("failed to set local general bytes\n");
825 return rc;
826 }
827 }
828
829 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
830 rc = nci_set_listen_parameters(nfc_dev);
831 if (rc)
832 pr_err("failed to set listen parameters\n");
833 }
834
835 param.im_protocols = im_protocols;
836 param.tm_protocols = tm_protocols;
837 rc = nci_request(ndev, nci_rf_discover_req, (unsigned long)¶m,
838 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT));
839
840 if (!rc)
841 ndev->poll_prots = im_protocols;
842
843 return rc;
844}
845
846static void nci_stop_poll(struct nfc_dev *nfc_dev)
847{
848 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
849
850 if ((atomic_read(&ndev->state) != NCI_DISCOVERY) &&
851 (atomic_read(&ndev->state) != NCI_W4_ALL_DISCOVERIES)) {
852 pr_err("unable to stop poll, since poll is not active\n");
853 return;
854 }
855
856 nci_request(ndev, nci_rf_deactivate_req, NCI_DEACTIVATE_TYPE_IDLE_MODE,
857 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
858}
859
860static int nci_activate_target(struct nfc_dev *nfc_dev,
861 struct nfc_target *target, __u32 protocol)
862{
863 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
864 struct nci_rf_discover_select_param param;
865 struct nfc_target *nci_target = NULL;
866 int i;
867 int rc = 0;
868
869 pr_debug("target_idx %d, protocol 0x%x\n", target->idx, protocol);
870
871 if ((atomic_read(&ndev->state) != NCI_W4_HOST_SELECT) &&
872 (atomic_read(&ndev->state) != NCI_POLL_ACTIVE)) {
873 pr_err("there is no available target to activate\n");
874 return -EINVAL;
875 }
876
877 if (ndev->target_active_prot) {
878 pr_err("there is already an active target\n");
879 return -EBUSY;
880 }
881
882 for (i = 0; i < ndev->n_targets; i++) {
883 if (ndev->targets[i].idx == target->idx) {
884 nci_target = &ndev->targets[i];
885 break;
886 }
887 }
888
889 if (!nci_target) {
890 pr_err("unable to find the selected target\n");
891 return -EINVAL;
892 }
893
894 if (!(nci_target->supported_protocols & (1 << protocol))) {
895 pr_err("target does not support the requested protocol 0x%x\n",
896 protocol);
897 return -EINVAL;
898 }
899
900 if (atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) {
901 param.rf_discovery_id = nci_target->logical_idx;
902
903 if (protocol == NFC_PROTO_JEWEL)
904 param.rf_protocol = NCI_RF_PROTOCOL_T1T;
905 else if (protocol == NFC_PROTO_MIFARE)
906 param.rf_protocol = NCI_RF_PROTOCOL_T2T;
907 else if (protocol == NFC_PROTO_FELICA)
908 param.rf_protocol = NCI_RF_PROTOCOL_T3T;
909 else if (protocol == NFC_PROTO_ISO14443 ||
910 protocol == NFC_PROTO_ISO14443_B)
911 param.rf_protocol = NCI_RF_PROTOCOL_ISO_DEP;
912 else
913 param.rf_protocol = NCI_RF_PROTOCOL_NFC_DEP;
914
915 rc = nci_request(ndev, nci_rf_discover_select_req,
916 (unsigned long)¶m,
917 msecs_to_jiffies(NCI_RF_DISC_SELECT_TIMEOUT));
918 }
919
920 if (!rc)
921 ndev->target_active_prot = protocol;
922
923 return rc;
924}
925
926static void nci_deactivate_target(struct nfc_dev *nfc_dev,
927 struct nfc_target *target,
928 __u8 mode)
929{
930 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
931 u8 nci_mode = NCI_DEACTIVATE_TYPE_IDLE_MODE;
932
933 pr_debug("entry\n");
934
935 if (!ndev->target_active_prot) {
936 pr_err("unable to deactivate target, no active target\n");
937 return;
938 }
939
940 ndev->target_active_prot = 0;
941
942 switch (mode) {
943 case NFC_TARGET_MODE_SLEEP:
944 nci_mode = NCI_DEACTIVATE_TYPE_SLEEP_MODE;
945 break;
946 }
947
948 if (atomic_read(&ndev->state) == NCI_POLL_ACTIVE) {
949 nci_request(ndev, nci_rf_deactivate_req, nci_mode,
950 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
951 }
952}
953
954static int nci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
955 __u8 comm_mode, __u8 *gb, size_t gb_len)
956{
957 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
958 int rc;
959
960 pr_debug("target_idx %d, comm_mode %d\n", target->idx, comm_mode);
961
962 rc = nci_activate_target(nfc_dev, target, NFC_PROTO_NFC_DEP);
963 if (rc)
964 return rc;
965
966 rc = nfc_set_remote_general_bytes(nfc_dev, ndev->remote_gb,
967 ndev->remote_gb_len);
968 if (!rc)
969 rc = nfc_dep_link_is_up(nfc_dev, target->idx, NFC_COMM_PASSIVE,
970 NFC_RF_INITIATOR);
971
972 return rc;
973}
974
975static int nci_dep_link_down(struct nfc_dev *nfc_dev)
976{
977 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
978 int rc;
979
980 pr_debug("entry\n");
981
982 if (nfc_dev->rf_mode == NFC_RF_INITIATOR) {
983 nci_deactivate_target(nfc_dev, NULL, NCI_DEACTIVATE_TYPE_IDLE_MODE);
984 } else {
985 if (atomic_read(&ndev->state) == NCI_LISTEN_ACTIVE ||
986 atomic_read(&ndev->state) == NCI_DISCOVERY) {
987 nci_request(ndev, nci_rf_deactivate_req, 0,
988 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
989 }
990
991 rc = nfc_tm_deactivated(nfc_dev);
992 if (rc)
993 pr_err("error when signaling tm deactivation\n");
994 }
995
996 return 0;
997}
998
999
1000static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
1001 struct sk_buff *skb,
1002 data_exchange_cb_t cb, void *cb_context)
1003{
1004 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1005 int rc;
1006 struct nci_conn_info *conn_info;
1007
1008 conn_info = ndev->rf_conn_info;
1009 if (!conn_info)
1010 return -EPROTO;
1011
1012 pr_debug("target_idx %d, len %d\n", target->idx, skb->len);
1013
1014 if (!ndev->target_active_prot) {
1015 pr_err("unable to exchange data, no active target\n");
1016 return -EINVAL;
1017 }
1018
1019 if (test_and_set_bit(NCI_DATA_EXCHANGE, &ndev->flags))
1020 return -EBUSY;
1021
1022 /* store cb and context to be used on receiving data */
1023 conn_info->data_exchange_cb = cb;
1024 conn_info->data_exchange_cb_context = cb_context;
1025
1026 rc = nci_send_data(ndev, NCI_STATIC_RF_CONN_ID, skb);
1027 if (rc)
1028 clear_bit(NCI_DATA_EXCHANGE, &ndev->flags);
1029
1030 return rc;
1031}
1032
1033static int nci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
1034{
1035 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1036 int rc;
1037
1038 rc = nci_send_data(ndev, NCI_STATIC_RF_CONN_ID, skb);
1039 if (rc)
1040 pr_err("unable to send data\n");
1041
1042 return rc;
1043}
1044
1045static int nci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx)
1046{
1047 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1048
1049 if (ndev->ops->enable_se)
1050 return ndev->ops->enable_se(ndev, se_idx);
1051
1052 return 0;
1053}
1054
1055static int nci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx)
1056{
1057 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1058
1059 if (ndev->ops->disable_se)
1060 return ndev->ops->disable_se(ndev, se_idx);
1061
1062 return 0;
1063}
1064
1065static int nci_discover_se(struct nfc_dev *nfc_dev)
1066{
1067 int r;
1068 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1069
1070 if (ndev->ops->discover_se) {
1071 r = nci_nfcee_discover(ndev, NCI_NFCEE_DISCOVERY_ACTION_ENABLE);
1072 if (r != NCI_STATUS_OK)
1073 return -EPROTO;
1074
1075 return ndev->ops->discover_se(ndev);
1076 }
1077
1078 return 0;
1079}
1080
1081static int nci_se_io(struct nfc_dev *nfc_dev, u32 se_idx,
1082 u8 *apdu, size_t apdu_length,
1083 se_io_cb_t cb, void *cb_context)
1084{
1085 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1086
1087 if (ndev->ops->se_io)
1088 return ndev->ops->se_io(ndev, se_idx, apdu,
1089 apdu_length, cb, cb_context);
1090
1091 return 0;
1092}
1093
1094static int nci_fw_download(struct nfc_dev *nfc_dev, const char *firmware_name)
1095{
1096 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1097
1098 if (!ndev->ops->fw_download)
1099 return -ENOTSUPP;
1100
1101 return ndev->ops->fw_download(ndev, firmware_name);
1102}
1103
1104static struct nfc_ops nci_nfc_ops = {
1105 .dev_up = nci_dev_up,
1106 .dev_down = nci_dev_down,
1107 .start_poll = nci_start_poll,
1108 .stop_poll = nci_stop_poll,
1109 .dep_link_up = nci_dep_link_up,
1110 .dep_link_down = nci_dep_link_down,
1111 .activate_target = nci_activate_target,
1112 .deactivate_target = nci_deactivate_target,
1113 .im_transceive = nci_transceive,
1114 .tm_send = nci_tm_send,
1115 .enable_se = nci_enable_se,
1116 .disable_se = nci_disable_se,
1117 .discover_se = nci_discover_se,
1118 .se_io = nci_se_io,
1119 .fw_download = nci_fw_download,
1120};
1121
1122/* ---- Interface to NCI drivers ---- */
1123/**
1124 * nci_allocate_device - allocate a new nci device
1125 *
1126 * @ops: device operations
1127 * @supported_protocols: NFC protocols supported by the device
1128 */
1129struct nci_dev *nci_allocate_device(struct nci_ops *ops,
1130 __u32 supported_protocols,
1131 int tx_headroom, int tx_tailroom)
1132{
1133 struct nci_dev *ndev;
1134
1135 pr_debug("supported_protocols 0x%x\n", supported_protocols);
1136
1137 if (!ops->open || !ops->close || !ops->send)
1138 return NULL;
1139
1140 if (!supported_protocols)
1141 return NULL;
1142
1143 ndev = kzalloc(sizeof(struct nci_dev), GFP_KERNEL);
1144 if (!ndev)
1145 return NULL;
1146
1147 ndev->ops = ops;
1148
1149 if (ops->n_prop_ops > NCI_MAX_PROPRIETARY_CMD) {
1150 pr_err("Too many proprietary commands: %zd\n",
1151 ops->n_prop_ops);
1152 ops->prop_ops = NULL;
1153 ops->n_prop_ops = 0;
1154 }
1155
1156 ndev->tx_headroom = tx_headroom;
1157 ndev->tx_tailroom = tx_tailroom;
1158 init_completion(&ndev->req_completion);
1159
1160 ndev->nfc_dev = nfc_allocate_device(&nci_nfc_ops,
1161 supported_protocols,
1162 tx_headroom + NCI_DATA_HDR_SIZE,
1163 tx_tailroom);
1164 if (!ndev->nfc_dev)
1165 goto free_nci;
1166
1167 ndev->hci_dev = nci_hci_allocate(ndev);
1168 if (!ndev->hci_dev)
1169 goto free_nfc;
1170
1171 nfc_set_drvdata(ndev->nfc_dev, ndev);
1172
1173 return ndev;
1174
1175free_nfc:
1176 kfree(ndev->nfc_dev);
1177
1178free_nci:
1179 kfree(ndev);
1180 return NULL;
1181}
1182EXPORT_SYMBOL(nci_allocate_device);
1183
1184/**
1185 * nci_free_device - deallocate nci device
1186 *
1187 * @ndev: The nci device to deallocate
1188 */
1189void nci_free_device(struct nci_dev *ndev)
1190{
1191 nfc_free_device(ndev->nfc_dev);
1192 kfree(ndev);
1193}
1194EXPORT_SYMBOL(nci_free_device);
1195
1196/**
1197 * nci_register_device - register a nci device in the nfc subsystem
1198 *
1199 * @dev: The nci device to register
1200 */
1201int nci_register_device(struct nci_dev *ndev)
1202{
1203 int rc;
1204 struct device *dev = &ndev->nfc_dev->dev;
1205 char name[32];
1206
1207 ndev->flags = 0;
1208
1209 INIT_WORK(&ndev->cmd_work, nci_cmd_work);
1210 snprintf(name, sizeof(name), "%s_nci_cmd_wq", dev_name(dev));
1211 ndev->cmd_wq = create_singlethread_workqueue(name);
1212 if (!ndev->cmd_wq) {
1213 rc = -ENOMEM;
1214 goto exit;
1215 }
1216
1217 INIT_WORK(&ndev->rx_work, nci_rx_work);
1218 snprintf(name, sizeof(name), "%s_nci_rx_wq", dev_name(dev));
1219 ndev->rx_wq = create_singlethread_workqueue(name);
1220 if (!ndev->rx_wq) {
1221 rc = -ENOMEM;
1222 goto destroy_cmd_wq_exit;
1223 }
1224
1225 INIT_WORK(&ndev->tx_work, nci_tx_work);
1226 snprintf(name, sizeof(name), "%s_nci_tx_wq", dev_name(dev));
1227 ndev->tx_wq = create_singlethread_workqueue(name);
1228 if (!ndev->tx_wq) {
1229 rc = -ENOMEM;
1230 goto destroy_rx_wq_exit;
1231 }
1232
1233 skb_queue_head_init(&ndev->cmd_q);
1234 skb_queue_head_init(&ndev->rx_q);
1235 skb_queue_head_init(&ndev->tx_q);
1236
1237 setup_timer(&ndev->cmd_timer, nci_cmd_timer,
1238 (unsigned long) ndev);
1239 setup_timer(&ndev->data_timer, nci_data_timer,
1240 (unsigned long) ndev);
1241
1242 mutex_init(&ndev->req_lock);
1243 INIT_LIST_HEAD(&ndev->conn_info_list);
1244
1245 rc = nfc_register_device(ndev->nfc_dev);
1246 if (rc)
1247 goto destroy_rx_wq_exit;
1248
1249 goto exit;
1250
1251destroy_rx_wq_exit:
1252 destroy_workqueue(ndev->rx_wq);
1253
1254destroy_cmd_wq_exit:
1255 destroy_workqueue(ndev->cmd_wq);
1256
1257exit:
1258 return rc;
1259}
1260EXPORT_SYMBOL(nci_register_device);
1261
1262/**
1263 * nci_unregister_device - unregister a nci device in the nfc subsystem
1264 *
1265 * @dev: The nci device to unregister
1266 */
1267void nci_unregister_device(struct nci_dev *ndev)
1268{
1269 struct nci_conn_info *conn_info, *n;
1270
1271 nci_close_device(ndev);
1272
1273 destroy_workqueue(ndev->cmd_wq);
1274 destroy_workqueue(ndev->rx_wq);
1275 destroy_workqueue(ndev->tx_wq);
1276
1277 list_for_each_entry_safe(conn_info, n, &ndev->conn_info_list, list) {
1278 list_del(&conn_info->list);
1279 /* conn_info is allocated with devm_kzalloc */
1280 }
1281
1282 nfc_unregister_device(ndev->nfc_dev);
1283}
1284EXPORT_SYMBOL(nci_unregister_device);
1285
1286/**
1287 * nci_recv_frame - receive frame from NCI drivers
1288 *
1289 * @ndev: The nci device
1290 * @skb: The sk_buff to receive
1291 */
1292int nci_recv_frame(struct nci_dev *ndev, struct sk_buff *skb)
1293{
1294 pr_debug("len %d\n", skb->len);
1295
1296 if (!ndev || (!test_bit(NCI_UP, &ndev->flags) &&
1297 !test_bit(NCI_INIT, &ndev->flags))) {
1298 kfree_skb(skb);
1299 return -ENXIO;
1300 }
1301
1302 /* Queue frame for rx worker thread */
1303 skb_queue_tail(&ndev->rx_q, skb);
1304 queue_work(ndev->rx_wq, &ndev->rx_work);
1305
1306 return 0;
1307}
1308EXPORT_SYMBOL(nci_recv_frame);
1309
1310int nci_send_frame(struct nci_dev *ndev, struct sk_buff *skb)
1311{
1312 pr_debug("len %d\n", skb->len);
1313
1314 if (!ndev) {
1315 kfree_skb(skb);
1316 return -ENODEV;
1317 }
1318
1319 /* Get rid of skb owner, prior to sending to the driver. */
1320 skb_orphan(skb);
1321
1322 /* Send copy to sniffer */
1323 nfc_send_to_raw_sock(ndev->nfc_dev, skb,
1324 RAW_PAYLOAD_NCI, NFC_DIRECTION_TX);
1325
1326 return ndev->ops->send(ndev, skb);
1327}
1328EXPORT_SYMBOL(nci_send_frame);
1329
1330/* Send NCI command */
1331int nci_send_cmd(struct nci_dev *ndev, __u16 opcode, __u8 plen, void *payload)
1332{
1333 struct nci_ctrl_hdr *hdr;
1334 struct sk_buff *skb;
1335
1336 pr_debug("opcode 0x%x, plen %d\n", opcode, plen);
1337
1338 skb = nci_skb_alloc(ndev, (NCI_CTRL_HDR_SIZE + plen), GFP_KERNEL);
1339 if (!skb) {
1340 pr_err("no memory for command\n");
1341 return -ENOMEM;
1342 }
1343
1344 hdr = (struct nci_ctrl_hdr *) skb_put(skb, NCI_CTRL_HDR_SIZE);
1345 hdr->gid = nci_opcode_gid(opcode);
1346 hdr->oid = nci_opcode_oid(opcode);
1347 hdr->plen = plen;
1348
1349 nci_mt_set((__u8 *)hdr, NCI_MT_CMD_PKT);
1350 nci_pbf_set((__u8 *)hdr, NCI_PBF_LAST);
1351
1352 if (plen)
1353 memcpy(skb_put(skb, plen), payload, plen);
1354
1355 skb_queue_tail(&ndev->cmd_q, skb);
1356 queue_work(ndev->cmd_wq, &ndev->cmd_work);
1357
1358 return 0;
1359}
1360EXPORT_SYMBOL(nci_send_cmd);
1361
1362/* Proprietary commands API */
1363static struct nci_driver_ops *ops_cmd_lookup(struct nci_driver_ops *ops,
1364 size_t n_ops,
1365 __u16 opcode)
1366{
1367 size_t i;
1368 struct nci_driver_ops *op;
1369
1370 if (!ops || !n_ops)
1371 return NULL;
1372
1373 for (i = 0; i < n_ops; i++) {
1374 op = &ops[i];
1375 if (op->opcode == opcode)
1376 return op;
1377 }
1378
1379 return NULL;
1380}
1381
1382static int nci_op_rsp_packet(struct nci_dev *ndev, __u16 rsp_opcode,
1383 struct sk_buff *skb, struct nci_driver_ops *ops,
1384 size_t n_ops)
1385{
1386 struct nci_driver_ops *op;
1387
1388 op = ops_cmd_lookup(ops, n_ops, rsp_opcode);
1389 if (!op || !op->rsp)
1390 return -ENOTSUPP;
1391
1392 return op->rsp(ndev, skb);
1393}
1394
1395static int nci_op_ntf_packet(struct nci_dev *ndev, __u16 ntf_opcode,
1396 struct sk_buff *skb, struct nci_driver_ops *ops,
1397 size_t n_ops)
1398{
1399 struct nci_driver_ops *op;
1400
1401 op = ops_cmd_lookup(ops, n_ops, ntf_opcode);
1402 if (!op || !op->ntf)
1403 return -ENOTSUPP;
1404
1405 return op->ntf(ndev, skb);
1406}
1407
1408int nci_prop_rsp_packet(struct nci_dev *ndev, __u16 opcode,
1409 struct sk_buff *skb)
1410{
1411 return nci_op_rsp_packet(ndev, opcode, skb, ndev->ops->prop_ops,
1412 ndev->ops->n_prop_ops);
1413}
1414
1415int nci_prop_ntf_packet(struct nci_dev *ndev, __u16 opcode,
1416 struct sk_buff *skb)
1417{
1418 return nci_op_ntf_packet(ndev, opcode, skb, ndev->ops->prop_ops,
1419 ndev->ops->n_prop_ops);
1420}
1421
1422int nci_core_rsp_packet(struct nci_dev *ndev, __u16 opcode,
1423 struct sk_buff *skb)
1424{
1425 return nci_op_rsp_packet(ndev, opcode, skb, ndev->ops->core_ops,
1426 ndev->ops->n_core_ops);
1427}
1428
1429int nci_core_ntf_packet(struct nci_dev *ndev, __u16 opcode,
1430 struct sk_buff *skb)
1431{
1432 return nci_op_ntf_packet(ndev, opcode, skb, ndev->ops->core_ops,
1433 ndev->ops->n_core_ops);
1434}
1435
1436/* ---- NCI TX Data worker thread ---- */
1437
1438static void nci_tx_work(struct work_struct *work)
1439{
1440 struct nci_dev *ndev = container_of(work, struct nci_dev, tx_work);
1441 struct nci_conn_info *conn_info;
1442 struct sk_buff *skb;
1443
1444 conn_info = nci_get_conn_info_by_conn_id(ndev, ndev->cur_conn_id);
1445 if (!conn_info)
1446 return;
1447
1448 pr_debug("credits_cnt %d\n", atomic_read(&conn_info->credits_cnt));
1449
1450 /* Send queued tx data */
1451 while (atomic_read(&conn_info->credits_cnt)) {
1452 skb = skb_dequeue(&ndev->tx_q);
1453 if (!skb)
1454 return;
1455
1456 /* Check if data flow control is used */
1457 if (atomic_read(&conn_info->credits_cnt) !=
1458 NCI_DATA_FLOW_CONTROL_NOT_USED)
1459 atomic_dec(&conn_info->credits_cnt);
1460
1461 pr_debug("NCI TX: MT=data, PBF=%d, conn_id=%d, plen=%d\n",
1462 nci_pbf(skb->data),
1463 nci_conn_id(skb->data),
1464 nci_plen(skb->data));
1465
1466 nci_send_frame(ndev, skb);
1467
1468 mod_timer(&ndev->data_timer,
1469 jiffies + msecs_to_jiffies(NCI_DATA_TIMEOUT));
1470 }
1471}
1472
1473/* ----- NCI RX worker thread (data & control) ----- */
1474
1475static void nci_rx_work(struct work_struct *work)
1476{
1477 struct nci_dev *ndev = container_of(work, struct nci_dev, rx_work);
1478 struct sk_buff *skb;
1479
1480 while ((skb = skb_dequeue(&ndev->rx_q))) {
1481
1482 /* Send copy to sniffer */
1483 nfc_send_to_raw_sock(ndev->nfc_dev, skb,
1484 RAW_PAYLOAD_NCI, NFC_DIRECTION_RX);
1485
1486 /* Process frame */
1487 switch (nci_mt(skb->data)) {
1488 case NCI_MT_RSP_PKT:
1489 nci_rsp_packet(ndev, skb);
1490 break;
1491
1492 case NCI_MT_NTF_PKT:
1493 nci_ntf_packet(ndev, skb);
1494 break;
1495
1496 case NCI_MT_DATA_PKT:
1497 nci_rx_data_packet(ndev, skb);
1498 break;
1499
1500 default:
1501 pr_err("unknown MT 0x%x\n", nci_mt(skb->data));
1502 kfree_skb(skb);
1503 break;
1504 }
1505 }
1506
1507 /* check if a data exchange timout has occurred */
1508 if (test_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags)) {
1509 /* complete the data exchange transaction, if exists */
1510 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
1511 nci_data_exchange_complete(ndev, NULL,
1512 ndev->cur_conn_id,
1513 -ETIMEDOUT);
1514
1515 clear_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags);
1516 }
1517}
1518
1519/* ----- NCI TX CMD worker thread ----- */
1520
1521static void nci_cmd_work(struct work_struct *work)
1522{
1523 struct nci_dev *ndev = container_of(work, struct nci_dev, cmd_work);
1524 struct sk_buff *skb;
1525
1526 pr_debug("cmd_cnt %d\n", atomic_read(&ndev->cmd_cnt));
1527
1528 /* Send queued command */
1529 if (atomic_read(&ndev->cmd_cnt)) {
1530 skb = skb_dequeue(&ndev->cmd_q);
1531 if (!skb)
1532 return;
1533
1534 atomic_dec(&ndev->cmd_cnt);
1535
1536 pr_debug("NCI TX: MT=cmd, PBF=%d, GID=0x%x, OID=0x%x, plen=%d\n",
1537 nci_pbf(skb->data),
1538 nci_opcode_gid(nci_opcode(skb->data)),
1539 nci_opcode_oid(nci_opcode(skb->data)),
1540 nci_plen(skb->data));
1541
1542 nci_send_frame(ndev, skb);
1543
1544 mod_timer(&ndev->cmd_timer,
1545 jiffies + msecs_to_jiffies(NCI_CMD_TIMEOUT));
1546 }
1547}
1548
1549MODULE_LICENSE("GPL");
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * The NFC Controller Interface is the communication protocol between an
4 * NFC Controller (NFCC) and a Device Host (DH).
5 *
6 * Copyright (C) 2011 Texas Instruments, Inc.
7 * Copyright (C) 2014 Marvell International Ltd.
8 *
9 * Written by Ilan Elias <ilane@ti.com>
10 *
11 * Acknowledgements:
12 * This file is based on hci_core.c, which was written
13 * by Maxim Krasnyansky.
14 */
15
16#define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
17
18#include <linux/module.h>
19#include <linux/kernel.h>
20#include <linux/types.h>
21#include <linux/workqueue.h>
22#include <linux/completion.h>
23#include <linux/export.h>
24#include <linux/sched.h>
25#include <linux/bitops.h>
26#include <linux/skbuff.h>
27#include <linux/kcov.h>
28
29#include "../nfc.h"
30#include <net/nfc/nci.h>
31#include <net/nfc/nci_core.h>
32#include <linux/nfc.h>
33
34struct core_conn_create_data {
35 int length;
36 struct nci_core_conn_create_cmd *cmd;
37};
38
39static void nci_cmd_work(struct work_struct *work);
40static void nci_rx_work(struct work_struct *work);
41static void nci_tx_work(struct work_struct *work);
42
43struct nci_conn_info *nci_get_conn_info_by_conn_id(struct nci_dev *ndev,
44 int conn_id)
45{
46 struct nci_conn_info *conn_info;
47
48 list_for_each_entry(conn_info, &ndev->conn_info_list, list) {
49 if (conn_info->conn_id == conn_id)
50 return conn_info;
51 }
52
53 return NULL;
54}
55
56int nci_get_conn_info_by_dest_type_params(struct nci_dev *ndev, u8 dest_type,
57 const struct dest_spec_params *params)
58{
59 const struct nci_conn_info *conn_info;
60
61 list_for_each_entry(conn_info, &ndev->conn_info_list, list) {
62 if (conn_info->dest_type == dest_type) {
63 if (!params)
64 return conn_info->conn_id;
65
66 if (params->id == conn_info->dest_params->id &&
67 params->protocol == conn_info->dest_params->protocol)
68 return conn_info->conn_id;
69 }
70 }
71
72 return -EINVAL;
73}
74EXPORT_SYMBOL(nci_get_conn_info_by_dest_type_params);
75
76/* ---- NCI requests ---- */
77
78void nci_req_complete(struct nci_dev *ndev, int result)
79{
80 if (ndev->req_status == NCI_REQ_PEND) {
81 ndev->req_result = result;
82 ndev->req_status = NCI_REQ_DONE;
83 complete(&ndev->req_completion);
84 }
85}
86EXPORT_SYMBOL(nci_req_complete);
87
88static void nci_req_cancel(struct nci_dev *ndev, int err)
89{
90 if (ndev->req_status == NCI_REQ_PEND) {
91 ndev->req_result = err;
92 ndev->req_status = NCI_REQ_CANCELED;
93 complete(&ndev->req_completion);
94 }
95}
96
97/* Execute request and wait for completion. */
98static int __nci_request(struct nci_dev *ndev,
99 void (*req)(struct nci_dev *ndev, const void *opt),
100 const void *opt, __u32 timeout)
101{
102 int rc = 0;
103 long completion_rc;
104
105 ndev->req_status = NCI_REQ_PEND;
106
107 reinit_completion(&ndev->req_completion);
108 req(ndev, opt);
109 completion_rc =
110 wait_for_completion_interruptible_timeout(&ndev->req_completion,
111 timeout);
112
113 pr_debug("wait_for_completion return %ld\n", completion_rc);
114
115 if (completion_rc > 0) {
116 switch (ndev->req_status) {
117 case NCI_REQ_DONE:
118 rc = nci_to_errno(ndev->req_result);
119 break;
120
121 case NCI_REQ_CANCELED:
122 rc = -ndev->req_result;
123 break;
124
125 default:
126 rc = -ETIMEDOUT;
127 break;
128 }
129 } else {
130 pr_err("wait_for_completion_interruptible_timeout failed %ld\n",
131 completion_rc);
132
133 rc = ((completion_rc == 0) ? (-ETIMEDOUT) : (completion_rc));
134 }
135
136 ndev->req_status = ndev->req_result = 0;
137
138 return rc;
139}
140
141inline int nci_request(struct nci_dev *ndev,
142 void (*req)(struct nci_dev *ndev,
143 const void *opt),
144 const void *opt, __u32 timeout)
145{
146 int rc;
147
148 /* Serialize all requests */
149 mutex_lock(&ndev->req_lock);
150 /* check the state after obtaing the lock against any races
151 * from nci_close_device when the device gets removed.
152 */
153 if (test_bit(NCI_UP, &ndev->flags))
154 rc = __nci_request(ndev, req, opt, timeout);
155 else
156 rc = -ENETDOWN;
157 mutex_unlock(&ndev->req_lock);
158
159 return rc;
160}
161
162static void nci_reset_req(struct nci_dev *ndev, const void *opt)
163{
164 struct nci_core_reset_cmd cmd;
165
166 cmd.reset_type = NCI_RESET_TYPE_RESET_CONFIG;
167 nci_send_cmd(ndev, NCI_OP_CORE_RESET_CMD, 1, &cmd);
168}
169
170static void nci_init_req(struct nci_dev *ndev, const void *opt)
171{
172 u8 plen = 0;
173
174 if (opt)
175 plen = sizeof(struct nci_core_init_v2_cmd);
176
177 nci_send_cmd(ndev, NCI_OP_CORE_INIT_CMD, plen, opt);
178}
179
180static void nci_init_complete_req(struct nci_dev *ndev, const void *opt)
181{
182 struct nci_rf_disc_map_cmd cmd;
183 struct disc_map_config *cfg = cmd.mapping_configs;
184 __u8 *num = &cmd.num_mapping_configs;
185 int i;
186
187 /* set rf mapping configurations */
188 *num = 0;
189
190 /* by default mapping is set to NCI_RF_INTERFACE_FRAME */
191 for (i = 0; i < ndev->num_supported_rf_interfaces; i++) {
192 if (ndev->supported_rf_interfaces[i] ==
193 NCI_RF_INTERFACE_ISO_DEP) {
194 cfg[*num].rf_protocol = NCI_RF_PROTOCOL_ISO_DEP;
195 cfg[*num].mode = NCI_DISC_MAP_MODE_POLL |
196 NCI_DISC_MAP_MODE_LISTEN;
197 cfg[*num].rf_interface = NCI_RF_INTERFACE_ISO_DEP;
198 (*num)++;
199 } else if (ndev->supported_rf_interfaces[i] ==
200 NCI_RF_INTERFACE_NFC_DEP) {
201 cfg[*num].rf_protocol = NCI_RF_PROTOCOL_NFC_DEP;
202 cfg[*num].mode = NCI_DISC_MAP_MODE_POLL |
203 NCI_DISC_MAP_MODE_LISTEN;
204 cfg[*num].rf_interface = NCI_RF_INTERFACE_NFC_DEP;
205 (*num)++;
206 }
207
208 if (*num == NCI_MAX_NUM_MAPPING_CONFIGS)
209 break;
210 }
211
212 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_MAP_CMD,
213 (1 + ((*num) * sizeof(struct disc_map_config))), &cmd);
214}
215
216struct nci_set_config_param {
217 __u8 id;
218 size_t len;
219 const __u8 *val;
220};
221
222static void nci_set_config_req(struct nci_dev *ndev, const void *opt)
223{
224 const struct nci_set_config_param *param = opt;
225 struct nci_core_set_config_cmd cmd;
226
227 BUG_ON(param->len > NCI_MAX_PARAM_LEN);
228
229 cmd.num_params = 1;
230 cmd.param.id = param->id;
231 cmd.param.len = param->len;
232 memcpy(cmd.param.val, param->val, param->len);
233
234 nci_send_cmd(ndev, NCI_OP_CORE_SET_CONFIG_CMD, (3 + param->len), &cmd);
235}
236
237struct nci_rf_discover_param {
238 __u32 im_protocols;
239 __u32 tm_protocols;
240};
241
242static void nci_rf_discover_req(struct nci_dev *ndev, const void *opt)
243{
244 const struct nci_rf_discover_param *param = opt;
245 struct nci_rf_disc_cmd cmd;
246
247 cmd.num_disc_configs = 0;
248
249 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
250 (param->im_protocols & NFC_PROTO_JEWEL_MASK ||
251 param->im_protocols & NFC_PROTO_MIFARE_MASK ||
252 param->im_protocols & NFC_PROTO_ISO14443_MASK ||
253 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
254 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
255 NCI_NFC_A_PASSIVE_POLL_MODE;
256 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
257 cmd.num_disc_configs++;
258 }
259
260 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
261 (param->im_protocols & NFC_PROTO_ISO14443_B_MASK)) {
262 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
263 NCI_NFC_B_PASSIVE_POLL_MODE;
264 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
265 cmd.num_disc_configs++;
266 }
267
268 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
269 (param->im_protocols & NFC_PROTO_FELICA_MASK ||
270 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
271 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
272 NCI_NFC_F_PASSIVE_POLL_MODE;
273 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
274 cmd.num_disc_configs++;
275 }
276
277 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
278 (param->im_protocols & NFC_PROTO_ISO15693_MASK)) {
279 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
280 NCI_NFC_V_PASSIVE_POLL_MODE;
281 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
282 cmd.num_disc_configs++;
283 }
284
285 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS - 1) &&
286 (param->tm_protocols & NFC_PROTO_NFC_DEP_MASK)) {
287 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
288 NCI_NFC_A_PASSIVE_LISTEN_MODE;
289 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
290 cmd.num_disc_configs++;
291 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
292 NCI_NFC_F_PASSIVE_LISTEN_MODE;
293 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
294 cmd.num_disc_configs++;
295 }
296
297 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_CMD,
298 (1 + (cmd.num_disc_configs * sizeof(struct disc_config))),
299 &cmd);
300}
301
302struct nci_rf_discover_select_param {
303 __u8 rf_discovery_id;
304 __u8 rf_protocol;
305};
306
307static void nci_rf_discover_select_req(struct nci_dev *ndev, const void *opt)
308{
309 const struct nci_rf_discover_select_param *param = opt;
310 struct nci_rf_discover_select_cmd cmd;
311
312 cmd.rf_discovery_id = param->rf_discovery_id;
313 cmd.rf_protocol = param->rf_protocol;
314
315 switch (cmd.rf_protocol) {
316 case NCI_RF_PROTOCOL_ISO_DEP:
317 cmd.rf_interface = NCI_RF_INTERFACE_ISO_DEP;
318 break;
319
320 case NCI_RF_PROTOCOL_NFC_DEP:
321 cmd.rf_interface = NCI_RF_INTERFACE_NFC_DEP;
322 break;
323
324 default:
325 cmd.rf_interface = NCI_RF_INTERFACE_FRAME;
326 break;
327 }
328
329 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_SELECT_CMD,
330 sizeof(struct nci_rf_discover_select_cmd), &cmd);
331}
332
333static void nci_rf_deactivate_req(struct nci_dev *ndev, const void *opt)
334{
335 struct nci_rf_deactivate_cmd cmd;
336
337 cmd.type = (unsigned long)opt;
338
339 nci_send_cmd(ndev, NCI_OP_RF_DEACTIVATE_CMD,
340 sizeof(struct nci_rf_deactivate_cmd), &cmd);
341}
342
343struct nci_cmd_param {
344 __u16 opcode;
345 size_t len;
346 const __u8 *payload;
347};
348
349static void nci_generic_req(struct nci_dev *ndev, const void *opt)
350{
351 const struct nci_cmd_param *param = opt;
352
353 nci_send_cmd(ndev, param->opcode, param->len, param->payload);
354}
355
356int nci_prop_cmd(struct nci_dev *ndev, __u8 oid, size_t len, const __u8 *payload)
357{
358 struct nci_cmd_param param;
359
360 param.opcode = nci_opcode_pack(NCI_GID_PROPRIETARY, oid);
361 param.len = len;
362 param.payload = payload;
363
364 return __nci_request(ndev, nci_generic_req, ¶m,
365 msecs_to_jiffies(NCI_CMD_TIMEOUT));
366}
367EXPORT_SYMBOL(nci_prop_cmd);
368
369int nci_core_cmd(struct nci_dev *ndev, __u16 opcode, size_t len,
370 const __u8 *payload)
371{
372 struct nci_cmd_param param;
373
374 param.opcode = opcode;
375 param.len = len;
376 param.payload = payload;
377
378 return __nci_request(ndev, nci_generic_req, ¶m,
379 msecs_to_jiffies(NCI_CMD_TIMEOUT));
380}
381EXPORT_SYMBOL(nci_core_cmd);
382
383int nci_core_reset(struct nci_dev *ndev)
384{
385 return __nci_request(ndev, nci_reset_req, (void *)0,
386 msecs_to_jiffies(NCI_RESET_TIMEOUT));
387}
388EXPORT_SYMBOL(nci_core_reset);
389
390int nci_core_init(struct nci_dev *ndev)
391{
392 return __nci_request(ndev, nci_init_req, (void *)0,
393 msecs_to_jiffies(NCI_INIT_TIMEOUT));
394}
395EXPORT_SYMBOL(nci_core_init);
396
397struct nci_loopback_data {
398 u8 conn_id;
399 struct sk_buff *data;
400};
401
402static void nci_send_data_req(struct nci_dev *ndev, const void *opt)
403{
404 const struct nci_loopback_data *data = opt;
405
406 nci_send_data(ndev, data->conn_id, data->data);
407}
408
409static void nci_nfcc_loopback_cb(void *context, struct sk_buff *skb, int err)
410{
411 struct nci_dev *ndev = (struct nci_dev *)context;
412 struct nci_conn_info *conn_info;
413
414 conn_info = nci_get_conn_info_by_conn_id(ndev, ndev->cur_conn_id);
415 if (!conn_info) {
416 nci_req_complete(ndev, NCI_STATUS_REJECTED);
417 return;
418 }
419
420 conn_info->rx_skb = skb;
421
422 nci_req_complete(ndev, NCI_STATUS_OK);
423}
424
425int nci_nfcc_loopback(struct nci_dev *ndev, const void *data, size_t data_len,
426 struct sk_buff **resp)
427{
428 int r;
429 struct nci_loopback_data loopback_data;
430 struct nci_conn_info *conn_info;
431 struct sk_buff *skb;
432 int conn_id = nci_get_conn_info_by_dest_type_params(ndev,
433 NCI_DESTINATION_NFCC_LOOPBACK, NULL);
434
435 if (conn_id < 0) {
436 r = nci_core_conn_create(ndev, NCI_DESTINATION_NFCC_LOOPBACK,
437 0, 0, NULL);
438 if (r != NCI_STATUS_OK)
439 return r;
440
441 conn_id = nci_get_conn_info_by_dest_type_params(ndev,
442 NCI_DESTINATION_NFCC_LOOPBACK,
443 NULL);
444 }
445
446 conn_info = nci_get_conn_info_by_conn_id(ndev, conn_id);
447 if (!conn_info)
448 return -EPROTO;
449
450 /* store cb and context to be used on receiving data */
451 conn_info->data_exchange_cb = nci_nfcc_loopback_cb;
452 conn_info->data_exchange_cb_context = ndev;
453
454 skb = nci_skb_alloc(ndev, NCI_DATA_HDR_SIZE + data_len, GFP_KERNEL);
455 if (!skb)
456 return -ENOMEM;
457
458 skb_reserve(skb, NCI_DATA_HDR_SIZE);
459 skb_put_data(skb, data, data_len);
460
461 loopback_data.conn_id = conn_id;
462 loopback_data.data = skb;
463
464 ndev->cur_conn_id = conn_id;
465 r = nci_request(ndev, nci_send_data_req, &loopback_data,
466 msecs_to_jiffies(NCI_DATA_TIMEOUT));
467 if (r == NCI_STATUS_OK && resp)
468 *resp = conn_info->rx_skb;
469
470 return r;
471}
472EXPORT_SYMBOL(nci_nfcc_loopback);
473
474static int nci_open_device(struct nci_dev *ndev)
475{
476 int rc = 0;
477
478 mutex_lock(&ndev->req_lock);
479
480 if (test_bit(NCI_UNREG, &ndev->flags)) {
481 rc = -ENODEV;
482 goto done;
483 }
484
485 if (test_bit(NCI_UP, &ndev->flags)) {
486 rc = -EALREADY;
487 goto done;
488 }
489
490 if (ndev->ops->open(ndev)) {
491 rc = -EIO;
492 goto done;
493 }
494
495 atomic_set(&ndev->cmd_cnt, 1);
496
497 set_bit(NCI_INIT, &ndev->flags);
498
499 if (ndev->ops->init)
500 rc = ndev->ops->init(ndev);
501
502 if (!rc) {
503 rc = __nci_request(ndev, nci_reset_req, (void *)0,
504 msecs_to_jiffies(NCI_RESET_TIMEOUT));
505 }
506
507 if (!rc && ndev->ops->setup) {
508 rc = ndev->ops->setup(ndev);
509 }
510
511 if (!rc) {
512 struct nci_core_init_v2_cmd nci_init_v2_cmd = {
513 .feature1 = NCI_FEATURE_DISABLE,
514 .feature2 = NCI_FEATURE_DISABLE
515 };
516 const void *opt = NULL;
517
518 if (ndev->nci_ver & NCI_VER_2_MASK)
519 opt = &nci_init_v2_cmd;
520
521 rc = __nci_request(ndev, nci_init_req, opt,
522 msecs_to_jiffies(NCI_INIT_TIMEOUT));
523 }
524
525 if (!rc && ndev->ops->post_setup)
526 rc = ndev->ops->post_setup(ndev);
527
528 if (!rc) {
529 rc = __nci_request(ndev, nci_init_complete_req, (void *)0,
530 msecs_to_jiffies(NCI_INIT_TIMEOUT));
531 }
532
533 clear_bit(NCI_INIT, &ndev->flags);
534
535 if (!rc) {
536 set_bit(NCI_UP, &ndev->flags);
537 nci_clear_target_list(ndev);
538 atomic_set(&ndev->state, NCI_IDLE);
539 } else {
540 /* Init failed, cleanup */
541 skb_queue_purge(&ndev->cmd_q);
542 skb_queue_purge(&ndev->rx_q);
543 skb_queue_purge(&ndev->tx_q);
544
545 ndev->ops->close(ndev);
546 ndev->flags &= BIT(NCI_UNREG);
547 }
548
549done:
550 mutex_unlock(&ndev->req_lock);
551 return rc;
552}
553
554static int nci_close_device(struct nci_dev *ndev)
555{
556 nci_req_cancel(ndev, ENODEV);
557
558 /* This mutex needs to be held as a barrier for
559 * caller nci_unregister_device
560 */
561 mutex_lock(&ndev->req_lock);
562
563 if (!test_and_clear_bit(NCI_UP, &ndev->flags)) {
564 /* Need to flush the cmd wq in case
565 * there is a queued/running cmd_work
566 */
567 flush_workqueue(ndev->cmd_wq);
568 del_timer_sync(&ndev->cmd_timer);
569 del_timer_sync(&ndev->data_timer);
570 mutex_unlock(&ndev->req_lock);
571 return 0;
572 }
573
574 /* Drop RX and TX queues */
575 skb_queue_purge(&ndev->rx_q);
576 skb_queue_purge(&ndev->tx_q);
577
578 /* Flush RX and TX wq */
579 flush_workqueue(ndev->rx_wq);
580 flush_workqueue(ndev->tx_wq);
581
582 /* Reset device */
583 skb_queue_purge(&ndev->cmd_q);
584 atomic_set(&ndev->cmd_cnt, 1);
585
586 set_bit(NCI_INIT, &ndev->flags);
587 __nci_request(ndev, nci_reset_req, (void *)0,
588 msecs_to_jiffies(NCI_RESET_TIMEOUT));
589
590 /* After this point our queues are empty
591 * and no works are scheduled.
592 */
593 ndev->ops->close(ndev);
594
595 clear_bit(NCI_INIT, &ndev->flags);
596
597 /* Flush cmd wq */
598 flush_workqueue(ndev->cmd_wq);
599
600 del_timer_sync(&ndev->cmd_timer);
601
602 /* Clear flags except NCI_UNREG */
603 ndev->flags &= BIT(NCI_UNREG);
604
605 mutex_unlock(&ndev->req_lock);
606
607 return 0;
608}
609
610/* NCI command timer function */
611static void nci_cmd_timer(struct timer_list *t)
612{
613 struct nci_dev *ndev = from_timer(ndev, t, cmd_timer);
614
615 atomic_set(&ndev->cmd_cnt, 1);
616 queue_work(ndev->cmd_wq, &ndev->cmd_work);
617}
618
619/* NCI data exchange timer function */
620static void nci_data_timer(struct timer_list *t)
621{
622 struct nci_dev *ndev = from_timer(ndev, t, data_timer);
623
624 set_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags);
625 queue_work(ndev->rx_wq, &ndev->rx_work);
626}
627
628static int nci_dev_up(struct nfc_dev *nfc_dev)
629{
630 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
631
632 return nci_open_device(ndev);
633}
634
635static int nci_dev_down(struct nfc_dev *nfc_dev)
636{
637 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
638
639 return nci_close_device(ndev);
640}
641
642int nci_set_config(struct nci_dev *ndev, __u8 id, size_t len, const __u8 *val)
643{
644 struct nci_set_config_param param;
645
646 if (!val || !len)
647 return 0;
648
649 param.id = id;
650 param.len = len;
651 param.val = val;
652
653 return __nci_request(ndev, nci_set_config_req, ¶m,
654 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
655}
656EXPORT_SYMBOL(nci_set_config);
657
658static void nci_nfcee_discover_req(struct nci_dev *ndev, const void *opt)
659{
660 struct nci_nfcee_discover_cmd cmd;
661 __u8 action = (unsigned long)opt;
662
663 cmd.discovery_action = action;
664
665 nci_send_cmd(ndev, NCI_OP_NFCEE_DISCOVER_CMD, 1, &cmd);
666}
667
668int nci_nfcee_discover(struct nci_dev *ndev, u8 action)
669{
670 unsigned long opt = action;
671
672 return __nci_request(ndev, nci_nfcee_discover_req, (void *)opt,
673 msecs_to_jiffies(NCI_CMD_TIMEOUT));
674}
675EXPORT_SYMBOL(nci_nfcee_discover);
676
677static void nci_nfcee_mode_set_req(struct nci_dev *ndev, const void *opt)
678{
679 const struct nci_nfcee_mode_set_cmd *cmd = opt;
680
681 nci_send_cmd(ndev, NCI_OP_NFCEE_MODE_SET_CMD,
682 sizeof(struct nci_nfcee_mode_set_cmd), cmd);
683}
684
685int nci_nfcee_mode_set(struct nci_dev *ndev, u8 nfcee_id, u8 nfcee_mode)
686{
687 struct nci_nfcee_mode_set_cmd cmd;
688
689 cmd.nfcee_id = nfcee_id;
690 cmd.nfcee_mode = nfcee_mode;
691
692 return __nci_request(ndev, nci_nfcee_mode_set_req, &cmd,
693 msecs_to_jiffies(NCI_CMD_TIMEOUT));
694}
695EXPORT_SYMBOL(nci_nfcee_mode_set);
696
697static void nci_core_conn_create_req(struct nci_dev *ndev, const void *opt)
698{
699 const struct core_conn_create_data *data = opt;
700
701 nci_send_cmd(ndev, NCI_OP_CORE_CONN_CREATE_CMD, data->length, data->cmd);
702}
703
704int nci_core_conn_create(struct nci_dev *ndev, u8 destination_type,
705 u8 number_destination_params,
706 size_t params_len,
707 const struct core_conn_create_dest_spec_params *params)
708{
709 int r;
710 struct nci_core_conn_create_cmd *cmd;
711 struct core_conn_create_data data;
712
713 data.length = params_len + sizeof(struct nci_core_conn_create_cmd);
714 cmd = kzalloc(data.length, GFP_KERNEL);
715 if (!cmd)
716 return -ENOMEM;
717
718 cmd->destination_type = destination_type;
719 cmd->number_destination_params = number_destination_params;
720
721 data.cmd = cmd;
722
723 if (params) {
724 memcpy(cmd->params, params, params_len);
725 if (params->length > 0)
726 memcpy(&ndev->cur_params,
727 ¶ms->value[DEST_SPEC_PARAMS_ID_INDEX],
728 sizeof(struct dest_spec_params));
729 else
730 ndev->cur_params.id = 0;
731 } else {
732 ndev->cur_params.id = 0;
733 }
734 ndev->cur_dest_type = destination_type;
735
736 r = __nci_request(ndev, nci_core_conn_create_req, &data,
737 msecs_to_jiffies(NCI_CMD_TIMEOUT));
738 kfree(cmd);
739 return r;
740}
741EXPORT_SYMBOL(nci_core_conn_create);
742
743static void nci_core_conn_close_req(struct nci_dev *ndev, const void *opt)
744{
745 __u8 conn_id = (unsigned long)opt;
746
747 nci_send_cmd(ndev, NCI_OP_CORE_CONN_CLOSE_CMD, 1, &conn_id);
748}
749
750int nci_core_conn_close(struct nci_dev *ndev, u8 conn_id)
751{
752 unsigned long opt = conn_id;
753
754 ndev->cur_conn_id = conn_id;
755 return __nci_request(ndev, nci_core_conn_close_req, (void *)opt,
756 msecs_to_jiffies(NCI_CMD_TIMEOUT));
757}
758EXPORT_SYMBOL(nci_core_conn_close);
759
760static void nci_set_target_ats(struct nfc_target *target, struct nci_dev *ndev)
761{
762 if (ndev->target_ats_len > 0) {
763 target->ats_len = ndev->target_ats_len;
764 memcpy(target->ats, ndev->target_ats, target->ats_len);
765 }
766}
767
768static int nci_set_local_general_bytes(struct nfc_dev *nfc_dev)
769{
770 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
771 struct nci_set_config_param param;
772 int rc;
773
774 param.val = nfc_get_local_general_bytes(nfc_dev, ¶m.len);
775 if ((param.val == NULL) || (param.len == 0))
776 return 0;
777
778 if (param.len > NFC_MAX_GT_LEN)
779 return -EINVAL;
780
781 param.id = NCI_PN_ATR_REQ_GEN_BYTES;
782
783 rc = nci_request(ndev, nci_set_config_req, ¶m,
784 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
785 if (rc)
786 return rc;
787
788 param.id = NCI_LN_ATR_RES_GEN_BYTES;
789
790 return nci_request(ndev, nci_set_config_req, ¶m,
791 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
792}
793
794static int nci_set_listen_parameters(struct nfc_dev *nfc_dev)
795{
796 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
797 int rc;
798 __u8 val;
799
800 val = NCI_LA_SEL_INFO_NFC_DEP_MASK;
801
802 rc = nci_set_config(ndev, NCI_LA_SEL_INFO, 1, &val);
803 if (rc)
804 return rc;
805
806 val = NCI_LF_PROTOCOL_TYPE_NFC_DEP_MASK;
807
808 rc = nci_set_config(ndev, NCI_LF_PROTOCOL_TYPE, 1, &val);
809 if (rc)
810 return rc;
811
812 val = NCI_LF_CON_BITR_F_212 | NCI_LF_CON_BITR_F_424;
813
814 return nci_set_config(ndev, NCI_LF_CON_BITR_F, 1, &val);
815}
816
817static int nci_start_poll(struct nfc_dev *nfc_dev,
818 __u32 im_protocols, __u32 tm_protocols)
819{
820 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
821 struct nci_rf_discover_param param;
822 int rc;
823
824 if ((atomic_read(&ndev->state) == NCI_DISCOVERY) ||
825 (atomic_read(&ndev->state) == NCI_W4_ALL_DISCOVERIES)) {
826 pr_err("unable to start poll, since poll is already active\n");
827 return -EBUSY;
828 }
829
830 if (ndev->target_active_prot) {
831 pr_err("there is an active target\n");
832 return -EBUSY;
833 }
834
835 if ((atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) ||
836 (atomic_read(&ndev->state) == NCI_POLL_ACTIVE)) {
837 pr_debug("target active or w4 select, implicitly deactivate\n");
838
839 rc = nci_request(ndev, nci_rf_deactivate_req,
840 (void *)NCI_DEACTIVATE_TYPE_IDLE_MODE,
841 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
842 if (rc)
843 return -EBUSY;
844 }
845
846 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
847 rc = nci_set_local_general_bytes(nfc_dev);
848 if (rc) {
849 pr_err("failed to set local general bytes\n");
850 return rc;
851 }
852 }
853
854 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
855 rc = nci_set_listen_parameters(nfc_dev);
856 if (rc)
857 pr_err("failed to set listen parameters\n");
858 }
859
860 param.im_protocols = im_protocols;
861 param.tm_protocols = tm_protocols;
862 rc = nci_request(ndev, nci_rf_discover_req, ¶m,
863 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT));
864
865 if (!rc)
866 ndev->poll_prots = im_protocols;
867
868 return rc;
869}
870
871static void nci_stop_poll(struct nfc_dev *nfc_dev)
872{
873 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
874
875 if ((atomic_read(&ndev->state) != NCI_DISCOVERY) &&
876 (atomic_read(&ndev->state) != NCI_W4_ALL_DISCOVERIES)) {
877 pr_err("unable to stop poll, since poll is not active\n");
878 return;
879 }
880
881 nci_request(ndev, nci_rf_deactivate_req,
882 (void *)NCI_DEACTIVATE_TYPE_IDLE_MODE,
883 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
884}
885
886static int nci_activate_target(struct nfc_dev *nfc_dev,
887 struct nfc_target *target, __u32 protocol)
888{
889 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
890 struct nci_rf_discover_select_param param;
891 const struct nfc_target *nci_target = NULL;
892 int i;
893 int rc = 0;
894
895 pr_debug("target_idx %d, protocol 0x%x\n", target->idx, protocol);
896
897 if ((atomic_read(&ndev->state) != NCI_W4_HOST_SELECT) &&
898 (atomic_read(&ndev->state) != NCI_POLL_ACTIVE)) {
899 pr_err("there is no available target to activate\n");
900 return -EINVAL;
901 }
902
903 if (ndev->target_active_prot) {
904 pr_err("there is already an active target\n");
905 return -EBUSY;
906 }
907
908 for (i = 0; i < ndev->n_targets; i++) {
909 if (ndev->targets[i].idx == target->idx) {
910 nci_target = &ndev->targets[i];
911 break;
912 }
913 }
914
915 if (!nci_target) {
916 pr_err("unable to find the selected target\n");
917 return -EINVAL;
918 }
919
920 if (protocol >= NFC_PROTO_MAX) {
921 pr_err("the requested nfc protocol is invalid\n");
922 return -EINVAL;
923 }
924
925 if (!(nci_target->supported_protocols & (1 << protocol))) {
926 pr_err("target does not support the requested protocol 0x%x\n",
927 protocol);
928 return -EINVAL;
929 }
930
931 if (atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) {
932 param.rf_discovery_id = nci_target->logical_idx;
933
934 if (protocol == NFC_PROTO_JEWEL)
935 param.rf_protocol = NCI_RF_PROTOCOL_T1T;
936 else if (protocol == NFC_PROTO_MIFARE)
937 param.rf_protocol = NCI_RF_PROTOCOL_T2T;
938 else if (protocol == NFC_PROTO_FELICA)
939 param.rf_protocol = NCI_RF_PROTOCOL_T3T;
940 else if (protocol == NFC_PROTO_ISO14443 ||
941 protocol == NFC_PROTO_ISO14443_B)
942 param.rf_protocol = NCI_RF_PROTOCOL_ISO_DEP;
943 else
944 param.rf_protocol = NCI_RF_PROTOCOL_NFC_DEP;
945
946 rc = nci_request(ndev, nci_rf_discover_select_req, ¶m,
947 msecs_to_jiffies(NCI_RF_DISC_SELECT_TIMEOUT));
948 }
949
950 if (!rc) {
951 ndev->target_active_prot = protocol;
952 if (protocol == NFC_PROTO_ISO14443)
953 nci_set_target_ats(target, ndev);
954 }
955
956 return rc;
957}
958
959static void nci_deactivate_target(struct nfc_dev *nfc_dev,
960 struct nfc_target *target,
961 __u8 mode)
962{
963 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
964 unsigned long nci_mode = NCI_DEACTIVATE_TYPE_IDLE_MODE;
965
966 if (!ndev->target_active_prot) {
967 pr_err("unable to deactivate target, no active target\n");
968 return;
969 }
970
971 ndev->target_active_prot = 0;
972
973 switch (mode) {
974 case NFC_TARGET_MODE_SLEEP:
975 nci_mode = NCI_DEACTIVATE_TYPE_SLEEP_MODE;
976 break;
977 }
978
979 if (atomic_read(&ndev->state) == NCI_POLL_ACTIVE) {
980 nci_request(ndev, nci_rf_deactivate_req, (void *)nci_mode,
981 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
982 }
983}
984
985static int nci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
986 __u8 comm_mode, __u8 *gb, size_t gb_len)
987{
988 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
989 int rc;
990
991 pr_debug("target_idx %d, comm_mode %d\n", target->idx, comm_mode);
992
993 rc = nci_activate_target(nfc_dev, target, NFC_PROTO_NFC_DEP);
994 if (rc)
995 return rc;
996
997 rc = nfc_set_remote_general_bytes(nfc_dev, ndev->remote_gb,
998 ndev->remote_gb_len);
999 if (!rc)
1000 rc = nfc_dep_link_is_up(nfc_dev, target->idx, NFC_COMM_PASSIVE,
1001 NFC_RF_INITIATOR);
1002
1003 return rc;
1004}
1005
1006static int nci_dep_link_down(struct nfc_dev *nfc_dev)
1007{
1008 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1009 int rc;
1010
1011 if (nfc_dev->rf_mode == NFC_RF_INITIATOR) {
1012 nci_deactivate_target(nfc_dev, NULL, NCI_DEACTIVATE_TYPE_IDLE_MODE);
1013 } else {
1014 if (atomic_read(&ndev->state) == NCI_LISTEN_ACTIVE ||
1015 atomic_read(&ndev->state) == NCI_DISCOVERY) {
1016 nci_request(ndev, nci_rf_deactivate_req, (void *)0,
1017 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
1018 }
1019
1020 rc = nfc_tm_deactivated(nfc_dev);
1021 if (rc)
1022 pr_err("error when signaling tm deactivation\n");
1023 }
1024
1025 return 0;
1026}
1027
1028
1029static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
1030 struct sk_buff *skb,
1031 data_exchange_cb_t cb, void *cb_context)
1032{
1033 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1034 int rc;
1035 struct nci_conn_info *conn_info;
1036
1037 conn_info = ndev->rf_conn_info;
1038 if (!conn_info)
1039 return -EPROTO;
1040
1041 pr_debug("target_idx %d, len %d\n", target->idx, skb->len);
1042
1043 if (!ndev->target_active_prot) {
1044 pr_err("unable to exchange data, no active target\n");
1045 return -EINVAL;
1046 }
1047
1048 if (test_and_set_bit(NCI_DATA_EXCHANGE, &ndev->flags))
1049 return -EBUSY;
1050
1051 /* store cb and context to be used on receiving data */
1052 conn_info->data_exchange_cb = cb;
1053 conn_info->data_exchange_cb_context = cb_context;
1054
1055 rc = nci_send_data(ndev, NCI_STATIC_RF_CONN_ID, skb);
1056 if (rc)
1057 clear_bit(NCI_DATA_EXCHANGE, &ndev->flags);
1058
1059 return rc;
1060}
1061
1062static int nci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
1063{
1064 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1065 int rc;
1066
1067 rc = nci_send_data(ndev, NCI_STATIC_RF_CONN_ID, skb);
1068 if (rc)
1069 pr_err("unable to send data\n");
1070
1071 return rc;
1072}
1073
1074static int nci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx)
1075{
1076 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1077
1078 if (ndev->ops->enable_se)
1079 return ndev->ops->enable_se(ndev, se_idx);
1080
1081 return 0;
1082}
1083
1084static int nci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx)
1085{
1086 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1087
1088 if (ndev->ops->disable_se)
1089 return ndev->ops->disable_se(ndev, se_idx);
1090
1091 return 0;
1092}
1093
1094static int nci_discover_se(struct nfc_dev *nfc_dev)
1095{
1096 int r;
1097 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1098
1099 if (ndev->ops->discover_se) {
1100 r = nci_nfcee_discover(ndev, NCI_NFCEE_DISCOVERY_ACTION_ENABLE);
1101 if (r != NCI_STATUS_OK)
1102 return -EPROTO;
1103
1104 return ndev->ops->discover_se(ndev);
1105 }
1106
1107 return 0;
1108}
1109
1110static int nci_se_io(struct nfc_dev *nfc_dev, u32 se_idx,
1111 u8 *apdu, size_t apdu_length,
1112 se_io_cb_t cb, void *cb_context)
1113{
1114 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1115
1116 if (ndev->ops->se_io)
1117 return ndev->ops->se_io(ndev, se_idx, apdu,
1118 apdu_length, cb, cb_context);
1119
1120 return 0;
1121}
1122
1123static int nci_fw_download(struct nfc_dev *nfc_dev, const char *firmware_name)
1124{
1125 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
1126
1127 if (!ndev->ops->fw_download)
1128 return -ENOTSUPP;
1129
1130 return ndev->ops->fw_download(ndev, firmware_name);
1131}
1132
1133static const struct nfc_ops nci_nfc_ops = {
1134 .dev_up = nci_dev_up,
1135 .dev_down = nci_dev_down,
1136 .start_poll = nci_start_poll,
1137 .stop_poll = nci_stop_poll,
1138 .dep_link_up = nci_dep_link_up,
1139 .dep_link_down = nci_dep_link_down,
1140 .activate_target = nci_activate_target,
1141 .deactivate_target = nci_deactivate_target,
1142 .im_transceive = nci_transceive,
1143 .tm_send = nci_tm_send,
1144 .enable_se = nci_enable_se,
1145 .disable_se = nci_disable_se,
1146 .discover_se = nci_discover_se,
1147 .se_io = nci_se_io,
1148 .fw_download = nci_fw_download,
1149};
1150
1151/* ---- Interface to NCI drivers ---- */
1152/**
1153 * nci_allocate_device - allocate a new nci device
1154 *
1155 * @ops: device operations
1156 * @supported_protocols: NFC protocols supported by the device
1157 * @tx_headroom: Reserved space at beginning of skb
1158 * @tx_tailroom: Reserved space at end of skb
1159 */
1160struct nci_dev *nci_allocate_device(const struct nci_ops *ops,
1161 __u32 supported_protocols,
1162 int tx_headroom, int tx_tailroom)
1163{
1164 struct nci_dev *ndev;
1165
1166 pr_debug("supported_protocols 0x%x\n", supported_protocols);
1167
1168 if (!ops->open || !ops->close || !ops->send)
1169 return NULL;
1170
1171 if (!supported_protocols)
1172 return NULL;
1173
1174 ndev = kzalloc(sizeof(struct nci_dev), GFP_KERNEL);
1175 if (!ndev)
1176 return NULL;
1177
1178 ndev->ops = ops;
1179
1180 if (ops->n_prop_ops > NCI_MAX_PROPRIETARY_CMD) {
1181 pr_err("Too many proprietary commands: %zd\n",
1182 ops->n_prop_ops);
1183 goto free_nci;
1184 }
1185
1186 ndev->tx_headroom = tx_headroom;
1187 ndev->tx_tailroom = tx_tailroom;
1188 init_completion(&ndev->req_completion);
1189
1190 ndev->nfc_dev = nfc_allocate_device(&nci_nfc_ops,
1191 supported_protocols,
1192 tx_headroom + NCI_DATA_HDR_SIZE,
1193 tx_tailroom);
1194 if (!ndev->nfc_dev)
1195 goto free_nci;
1196
1197 ndev->hci_dev = nci_hci_allocate(ndev);
1198 if (!ndev->hci_dev)
1199 goto free_nfc;
1200
1201 nfc_set_drvdata(ndev->nfc_dev, ndev);
1202
1203 return ndev;
1204
1205free_nfc:
1206 nfc_free_device(ndev->nfc_dev);
1207free_nci:
1208 kfree(ndev);
1209 return NULL;
1210}
1211EXPORT_SYMBOL(nci_allocate_device);
1212
1213/**
1214 * nci_free_device - deallocate nci device
1215 *
1216 * @ndev: The nci device to deallocate
1217 */
1218void nci_free_device(struct nci_dev *ndev)
1219{
1220 nfc_free_device(ndev->nfc_dev);
1221 nci_hci_deallocate(ndev);
1222
1223 /* drop partial rx data packet if present */
1224 if (ndev->rx_data_reassembly)
1225 kfree_skb(ndev->rx_data_reassembly);
1226 kfree(ndev);
1227}
1228EXPORT_SYMBOL(nci_free_device);
1229
1230/**
1231 * nci_register_device - register a nci device in the nfc subsystem
1232 *
1233 * @ndev: The nci device to register
1234 */
1235int nci_register_device(struct nci_dev *ndev)
1236{
1237 int rc;
1238 struct device *dev = &ndev->nfc_dev->dev;
1239 char name[32];
1240
1241 ndev->flags = 0;
1242
1243 INIT_WORK(&ndev->cmd_work, nci_cmd_work);
1244 snprintf(name, sizeof(name), "%s_nci_cmd_wq", dev_name(dev));
1245 ndev->cmd_wq = create_singlethread_workqueue(name);
1246 if (!ndev->cmd_wq) {
1247 rc = -ENOMEM;
1248 goto exit;
1249 }
1250
1251 INIT_WORK(&ndev->rx_work, nci_rx_work);
1252 snprintf(name, sizeof(name), "%s_nci_rx_wq", dev_name(dev));
1253 ndev->rx_wq = create_singlethread_workqueue(name);
1254 if (!ndev->rx_wq) {
1255 rc = -ENOMEM;
1256 goto destroy_cmd_wq_exit;
1257 }
1258
1259 INIT_WORK(&ndev->tx_work, nci_tx_work);
1260 snprintf(name, sizeof(name), "%s_nci_tx_wq", dev_name(dev));
1261 ndev->tx_wq = create_singlethread_workqueue(name);
1262 if (!ndev->tx_wq) {
1263 rc = -ENOMEM;
1264 goto destroy_rx_wq_exit;
1265 }
1266
1267 skb_queue_head_init(&ndev->cmd_q);
1268 skb_queue_head_init(&ndev->rx_q);
1269 skb_queue_head_init(&ndev->tx_q);
1270
1271 timer_setup(&ndev->cmd_timer, nci_cmd_timer, 0);
1272 timer_setup(&ndev->data_timer, nci_data_timer, 0);
1273
1274 mutex_init(&ndev->req_lock);
1275 INIT_LIST_HEAD(&ndev->conn_info_list);
1276
1277 rc = nfc_register_device(ndev->nfc_dev);
1278 if (rc)
1279 goto destroy_tx_wq_exit;
1280
1281 goto exit;
1282
1283destroy_tx_wq_exit:
1284 destroy_workqueue(ndev->tx_wq);
1285
1286destroy_rx_wq_exit:
1287 destroy_workqueue(ndev->rx_wq);
1288
1289destroy_cmd_wq_exit:
1290 destroy_workqueue(ndev->cmd_wq);
1291
1292exit:
1293 return rc;
1294}
1295EXPORT_SYMBOL(nci_register_device);
1296
1297/**
1298 * nci_unregister_device - unregister a nci device in the nfc subsystem
1299 *
1300 * @ndev: The nci device to unregister
1301 */
1302void nci_unregister_device(struct nci_dev *ndev)
1303{
1304 struct nci_conn_info *conn_info, *n;
1305
1306 /* This set_bit is not protected with specialized barrier,
1307 * However, it is fine because the mutex_lock(&ndev->req_lock);
1308 * in nci_close_device() will help to emit one.
1309 */
1310 set_bit(NCI_UNREG, &ndev->flags);
1311
1312 nci_close_device(ndev);
1313
1314 destroy_workqueue(ndev->cmd_wq);
1315 destroy_workqueue(ndev->rx_wq);
1316 destroy_workqueue(ndev->tx_wq);
1317
1318 list_for_each_entry_safe(conn_info, n, &ndev->conn_info_list, list) {
1319 list_del(&conn_info->list);
1320 /* conn_info is allocated with devm_kzalloc */
1321 }
1322
1323 nfc_unregister_device(ndev->nfc_dev);
1324}
1325EXPORT_SYMBOL(nci_unregister_device);
1326
1327/**
1328 * nci_recv_frame - receive frame from NCI drivers
1329 *
1330 * @ndev: The nci device
1331 * @skb: The sk_buff to receive
1332 */
1333int nci_recv_frame(struct nci_dev *ndev, struct sk_buff *skb)
1334{
1335 pr_debug("len %d\n", skb->len);
1336
1337 if (!ndev || (!test_bit(NCI_UP, &ndev->flags) &&
1338 !test_bit(NCI_INIT, &ndev->flags))) {
1339 kfree_skb(skb);
1340 return -ENXIO;
1341 }
1342
1343 /* Queue frame for rx worker thread */
1344 skb_queue_tail(&ndev->rx_q, skb);
1345 queue_work(ndev->rx_wq, &ndev->rx_work);
1346
1347 return 0;
1348}
1349EXPORT_SYMBOL(nci_recv_frame);
1350
1351int nci_send_frame(struct nci_dev *ndev, struct sk_buff *skb)
1352{
1353 pr_debug("len %d\n", skb->len);
1354
1355 if (!ndev) {
1356 kfree_skb(skb);
1357 return -ENODEV;
1358 }
1359
1360 /* Get rid of skb owner, prior to sending to the driver. */
1361 skb_orphan(skb);
1362
1363 /* Send copy to sniffer */
1364 nfc_send_to_raw_sock(ndev->nfc_dev, skb,
1365 RAW_PAYLOAD_NCI, NFC_DIRECTION_TX);
1366
1367 return ndev->ops->send(ndev, skb);
1368}
1369EXPORT_SYMBOL(nci_send_frame);
1370
1371/* Send NCI command */
1372int nci_send_cmd(struct nci_dev *ndev, __u16 opcode, __u8 plen, const void *payload)
1373{
1374 struct nci_ctrl_hdr *hdr;
1375 struct sk_buff *skb;
1376
1377 pr_debug("opcode 0x%x, plen %d\n", opcode, plen);
1378
1379 skb = nci_skb_alloc(ndev, (NCI_CTRL_HDR_SIZE + plen), GFP_KERNEL);
1380 if (!skb) {
1381 pr_err("no memory for command\n");
1382 return -ENOMEM;
1383 }
1384
1385 hdr = skb_put(skb, NCI_CTRL_HDR_SIZE);
1386 hdr->gid = nci_opcode_gid(opcode);
1387 hdr->oid = nci_opcode_oid(opcode);
1388 hdr->plen = plen;
1389
1390 nci_mt_set((__u8 *)hdr, NCI_MT_CMD_PKT);
1391 nci_pbf_set((__u8 *)hdr, NCI_PBF_LAST);
1392
1393 if (plen)
1394 skb_put_data(skb, payload, plen);
1395
1396 skb_queue_tail(&ndev->cmd_q, skb);
1397 queue_work(ndev->cmd_wq, &ndev->cmd_work);
1398
1399 return 0;
1400}
1401EXPORT_SYMBOL(nci_send_cmd);
1402
1403/* Proprietary commands API */
1404static const struct nci_driver_ops *ops_cmd_lookup(const struct nci_driver_ops *ops,
1405 size_t n_ops,
1406 __u16 opcode)
1407{
1408 size_t i;
1409 const struct nci_driver_ops *op;
1410
1411 if (!ops || !n_ops)
1412 return NULL;
1413
1414 for (i = 0; i < n_ops; i++) {
1415 op = &ops[i];
1416 if (op->opcode == opcode)
1417 return op;
1418 }
1419
1420 return NULL;
1421}
1422
1423static int nci_op_rsp_packet(struct nci_dev *ndev, __u16 rsp_opcode,
1424 struct sk_buff *skb, const struct nci_driver_ops *ops,
1425 size_t n_ops)
1426{
1427 const struct nci_driver_ops *op;
1428
1429 op = ops_cmd_lookup(ops, n_ops, rsp_opcode);
1430 if (!op || !op->rsp)
1431 return -ENOTSUPP;
1432
1433 return op->rsp(ndev, skb);
1434}
1435
1436static int nci_op_ntf_packet(struct nci_dev *ndev, __u16 ntf_opcode,
1437 struct sk_buff *skb, const struct nci_driver_ops *ops,
1438 size_t n_ops)
1439{
1440 const struct nci_driver_ops *op;
1441
1442 op = ops_cmd_lookup(ops, n_ops, ntf_opcode);
1443 if (!op || !op->ntf)
1444 return -ENOTSUPP;
1445
1446 return op->ntf(ndev, skb);
1447}
1448
1449int nci_prop_rsp_packet(struct nci_dev *ndev, __u16 opcode,
1450 struct sk_buff *skb)
1451{
1452 return nci_op_rsp_packet(ndev, opcode, skb, ndev->ops->prop_ops,
1453 ndev->ops->n_prop_ops);
1454}
1455
1456int nci_prop_ntf_packet(struct nci_dev *ndev, __u16 opcode,
1457 struct sk_buff *skb)
1458{
1459 return nci_op_ntf_packet(ndev, opcode, skb, ndev->ops->prop_ops,
1460 ndev->ops->n_prop_ops);
1461}
1462
1463int nci_core_rsp_packet(struct nci_dev *ndev, __u16 opcode,
1464 struct sk_buff *skb)
1465{
1466 return nci_op_rsp_packet(ndev, opcode, skb, ndev->ops->core_ops,
1467 ndev->ops->n_core_ops);
1468}
1469
1470int nci_core_ntf_packet(struct nci_dev *ndev, __u16 opcode,
1471 struct sk_buff *skb)
1472{
1473 return nci_op_ntf_packet(ndev, opcode, skb, ndev->ops->core_ops,
1474 ndev->ops->n_core_ops);
1475}
1476
1477static bool nci_valid_size(struct sk_buff *skb)
1478{
1479 BUILD_BUG_ON(NCI_CTRL_HDR_SIZE != NCI_DATA_HDR_SIZE);
1480 unsigned int hdr_size = NCI_CTRL_HDR_SIZE;
1481
1482 if (skb->len < hdr_size ||
1483 !nci_plen(skb->data) ||
1484 skb->len < hdr_size + nci_plen(skb->data)) {
1485 return false;
1486 }
1487 return true;
1488}
1489
1490/* ---- NCI TX Data worker thread ---- */
1491
1492static void nci_tx_work(struct work_struct *work)
1493{
1494 struct nci_dev *ndev = container_of(work, struct nci_dev, tx_work);
1495 struct nci_conn_info *conn_info;
1496 struct sk_buff *skb;
1497
1498 conn_info = nci_get_conn_info_by_conn_id(ndev, ndev->cur_conn_id);
1499 if (!conn_info)
1500 return;
1501
1502 pr_debug("credits_cnt %d\n", atomic_read(&conn_info->credits_cnt));
1503
1504 /* Send queued tx data */
1505 while (atomic_read(&conn_info->credits_cnt)) {
1506 skb = skb_dequeue(&ndev->tx_q);
1507 if (!skb)
1508 return;
1509 kcov_remote_start_common(skb_get_kcov_handle(skb));
1510
1511 /* Check if data flow control is used */
1512 if (atomic_read(&conn_info->credits_cnt) !=
1513 NCI_DATA_FLOW_CONTROL_NOT_USED)
1514 atomic_dec(&conn_info->credits_cnt);
1515
1516 pr_debug("NCI TX: MT=data, PBF=%d, conn_id=%d, plen=%d\n",
1517 nci_pbf(skb->data),
1518 nci_conn_id(skb->data),
1519 nci_plen(skb->data));
1520
1521 nci_send_frame(ndev, skb);
1522
1523 mod_timer(&ndev->data_timer,
1524 jiffies + msecs_to_jiffies(NCI_DATA_TIMEOUT));
1525 kcov_remote_stop();
1526 }
1527}
1528
1529/* ----- NCI RX worker thread (data & control) ----- */
1530
1531static void nci_rx_work(struct work_struct *work)
1532{
1533 struct nci_dev *ndev = container_of(work, struct nci_dev, rx_work);
1534 struct sk_buff *skb;
1535
1536 for (; (skb = skb_dequeue(&ndev->rx_q)); kcov_remote_stop()) {
1537 kcov_remote_start_common(skb_get_kcov_handle(skb));
1538
1539 /* Send copy to sniffer */
1540 nfc_send_to_raw_sock(ndev->nfc_dev, skb,
1541 RAW_PAYLOAD_NCI, NFC_DIRECTION_RX);
1542
1543 if (!nci_valid_size(skb)) {
1544 kfree_skb(skb);
1545 continue;
1546 }
1547
1548 /* Process frame */
1549 switch (nci_mt(skb->data)) {
1550 case NCI_MT_RSP_PKT:
1551 nci_rsp_packet(ndev, skb);
1552 break;
1553
1554 case NCI_MT_NTF_PKT:
1555 nci_ntf_packet(ndev, skb);
1556 break;
1557
1558 case NCI_MT_DATA_PKT:
1559 nci_rx_data_packet(ndev, skb);
1560 break;
1561
1562 default:
1563 pr_err("unknown MT 0x%x\n", nci_mt(skb->data));
1564 kfree_skb(skb);
1565 break;
1566 }
1567 }
1568
1569 /* check if a data exchange timeout has occurred */
1570 if (test_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags)) {
1571 /* complete the data exchange transaction, if exists */
1572 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
1573 nci_data_exchange_complete(ndev, NULL,
1574 ndev->cur_conn_id,
1575 -ETIMEDOUT);
1576
1577 clear_bit(NCI_DATA_EXCHANGE_TO, &ndev->flags);
1578 }
1579}
1580
1581/* ----- NCI TX CMD worker thread ----- */
1582
1583static void nci_cmd_work(struct work_struct *work)
1584{
1585 struct nci_dev *ndev = container_of(work, struct nci_dev, cmd_work);
1586 struct sk_buff *skb;
1587
1588 pr_debug("cmd_cnt %d\n", atomic_read(&ndev->cmd_cnt));
1589
1590 /* Send queued command */
1591 if (atomic_read(&ndev->cmd_cnt)) {
1592 skb = skb_dequeue(&ndev->cmd_q);
1593 if (!skb)
1594 return;
1595
1596 kcov_remote_start_common(skb_get_kcov_handle(skb));
1597 atomic_dec(&ndev->cmd_cnt);
1598
1599 pr_debug("NCI TX: MT=cmd, PBF=%d, GID=0x%x, OID=0x%x, plen=%d\n",
1600 nci_pbf(skb->data),
1601 nci_opcode_gid(nci_opcode(skb->data)),
1602 nci_opcode_oid(nci_opcode(skb->data)),
1603 nci_plen(skb->data));
1604
1605 nci_send_frame(ndev, skb);
1606
1607 mod_timer(&ndev->cmd_timer,
1608 jiffies + msecs_to_jiffies(NCI_CMD_TIMEOUT));
1609 kcov_remote_stop();
1610 }
1611}
1612
1613MODULE_DESCRIPTION("NFC Controller Interface");
1614MODULE_LICENSE("GPL");