Loading...
Note: File does not exist in v6.8.
1/*
2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
3 *
4 * Authors:
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 */
23
24#include <linux/device.h>
25#include <linux/kernel.h>
26#include <linux/module.h>
27#include <linux/slab.h>
28#include <linux/usb.h>
29#include <linux/nfc.h>
30#include <linux/netdevice.h>
31#include <net/nfc/nfc.h>
32
33#define VERSION "0.1"
34
35#define PN533_VENDOR_ID 0x4CC
36#define PN533_PRODUCT_ID 0x2533
37
38#define SCM_VENDOR_ID 0x4E6
39#define SCL3711_PRODUCT_ID 0x5591
40
41static const struct usb_device_id pn533_table[] = {
42 { USB_DEVICE(PN533_VENDOR_ID, PN533_PRODUCT_ID) },
43 { USB_DEVICE(SCM_VENDOR_ID, SCL3711_PRODUCT_ID) },
44 { }
45};
46MODULE_DEVICE_TABLE(usb, pn533_table);
47
48/* frame definitions */
49#define PN533_FRAME_TAIL_SIZE 2
50#define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
51 PN533_FRAME_TAIL_SIZE)
52#define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
53#define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
54#define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
55
56/* start of frame */
57#define PN533_SOF 0x00FF
58
59/* frame identifier: in/out/error */
60#define PN533_FRAME_IDENTIFIER(f) (f->data[0])
61#define PN533_DIR_OUT 0xD4
62#define PN533_DIR_IN 0xD5
63
64/* PN533 Commands */
65#define PN533_FRAME_CMD(f) (f->data[1])
66#define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
67#define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
68
69#define PN533_CMD_GET_FIRMWARE_VERSION 0x02
70#define PN533_CMD_RF_CONFIGURATION 0x32
71#define PN533_CMD_IN_DATA_EXCHANGE 0x40
72#define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
73#define PN533_CMD_IN_ATR 0x50
74#define PN533_CMD_IN_RELEASE 0x52
75#define PN533_CMD_IN_JUMP_FOR_DEP 0x56
76
77#define PN533_CMD_RESPONSE(cmd) (cmd + 1)
78
79/* PN533 Return codes */
80#define PN533_CMD_RET_MASK 0x3F
81#define PN533_CMD_MI_MASK 0x40
82#define PN533_CMD_RET_SUCCESS 0x00
83
84struct pn533;
85
86typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
87 u8 *params, int params_len);
88
89/* structs for pn533 commands */
90
91/* PN533_CMD_GET_FIRMWARE_VERSION */
92struct pn533_fw_version {
93 u8 ic;
94 u8 ver;
95 u8 rev;
96 u8 support;
97};
98
99/* PN533_CMD_RF_CONFIGURATION */
100#define PN533_CFGITEM_MAX_RETRIES 0x05
101
102#define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
103#define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
104
105struct pn533_config_max_retries {
106 u8 mx_rty_atr;
107 u8 mx_rty_psl;
108 u8 mx_rty_passive_act;
109} __packed;
110
111/* PN533_CMD_IN_LIST_PASSIVE_TARGET */
112
113/* felica commands opcode */
114#define PN533_FELICA_OPC_SENSF_REQ 0
115#define PN533_FELICA_OPC_SENSF_RES 1
116/* felica SENSF_REQ parameters */
117#define PN533_FELICA_SENSF_SC_ALL 0xFFFF
118#define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
119#define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
120#define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
121
122/* type B initiator_data values */
123#define PN533_TYPE_B_AFI_ALL_FAMILIES 0
124#define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
125#define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
126
127union pn533_cmd_poll_initdata {
128 struct {
129 u8 afi;
130 u8 polling_method;
131 } __packed type_b;
132 struct {
133 u8 opcode;
134 __be16 sc;
135 u8 rc;
136 u8 tsn;
137 } __packed felica;
138};
139
140/* Poll modulations */
141enum {
142 PN533_POLL_MOD_106KBPS_A,
143 PN533_POLL_MOD_212KBPS_FELICA,
144 PN533_POLL_MOD_424KBPS_FELICA,
145 PN533_POLL_MOD_106KBPS_JEWEL,
146 PN533_POLL_MOD_847KBPS_B,
147
148 __PN533_POLL_MOD_AFTER_LAST,
149};
150#define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
151
152struct pn533_poll_modulations {
153 struct {
154 u8 maxtg;
155 u8 brty;
156 union pn533_cmd_poll_initdata initiator_data;
157 } __packed data;
158 u8 len;
159};
160
161const struct pn533_poll_modulations poll_mod[] = {
162 [PN533_POLL_MOD_106KBPS_A] = {
163 .data = {
164 .maxtg = 1,
165 .brty = 0,
166 },
167 .len = 2,
168 },
169 [PN533_POLL_MOD_212KBPS_FELICA] = {
170 .data = {
171 .maxtg = 1,
172 .brty = 1,
173 .initiator_data.felica = {
174 .opcode = PN533_FELICA_OPC_SENSF_REQ,
175 .sc = PN533_FELICA_SENSF_SC_ALL,
176 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
177 .tsn = 0,
178 },
179 },
180 .len = 7,
181 },
182 [PN533_POLL_MOD_424KBPS_FELICA] = {
183 .data = {
184 .maxtg = 1,
185 .brty = 2,
186 .initiator_data.felica = {
187 .opcode = PN533_FELICA_OPC_SENSF_REQ,
188 .sc = PN533_FELICA_SENSF_SC_ALL,
189 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
190 .tsn = 0,
191 },
192 },
193 .len = 7,
194 },
195 [PN533_POLL_MOD_106KBPS_JEWEL] = {
196 .data = {
197 .maxtg = 1,
198 .brty = 4,
199 },
200 .len = 2,
201 },
202 [PN533_POLL_MOD_847KBPS_B] = {
203 .data = {
204 .maxtg = 1,
205 .brty = 8,
206 .initiator_data.type_b = {
207 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
208 .polling_method =
209 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
210 },
211 },
212 .len = 3,
213 },
214};
215
216/* PN533_CMD_IN_ATR */
217
218struct pn533_cmd_activate_param {
219 u8 tg;
220 u8 next;
221} __packed;
222
223struct pn533_cmd_activate_response {
224 u8 status;
225 u8 nfcid3t[10];
226 u8 didt;
227 u8 bst;
228 u8 brt;
229 u8 to;
230 u8 ppt;
231 /* optional */
232 u8 gt[];
233} __packed;
234
235/* PN533_CMD_IN_JUMP_FOR_DEP */
236struct pn533_cmd_jump_dep {
237 u8 active;
238 u8 baud;
239 u8 next;
240 u8 gt[];
241} __packed;
242
243struct pn533_cmd_jump_dep_response {
244 u8 status;
245 u8 tg;
246 u8 nfcid3t[10];
247 u8 didt;
248 u8 bst;
249 u8 brt;
250 u8 to;
251 u8 ppt;
252 /* optional */
253 u8 gt[];
254} __packed;
255
256struct pn533 {
257 struct usb_device *udev;
258 struct usb_interface *interface;
259 struct nfc_dev *nfc_dev;
260
261 struct urb *out_urb;
262 int out_maxlen;
263 struct pn533_frame *out_frame;
264
265 struct urb *in_urb;
266 int in_maxlen;
267 struct pn533_frame *in_frame;
268
269 struct sk_buff_head resp_q;
270
271 struct workqueue_struct *wq;
272 struct work_struct cmd_work;
273 struct work_struct mi_work;
274 struct pn533_frame *wq_in_frame;
275 int wq_in_error;
276
277 pn533_cmd_complete_t cmd_complete;
278 void *cmd_complete_arg;
279 struct semaphore cmd_lock;
280 u8 cmd;
281
282 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
283 u8 poll_mod_count;
284 u8 poll_mod_curr;
285 u32 poll_protocols;
286
287 u8 tgt_available_prots;
288 u8 tgt_active_prot;
289};
290
291struct pn533_frame {
292 u8 preamble;
293 __be16 start_frame;
294 u8 datalen;
295 u8 datalen_checksum;
296 u8 data[];
297} __packed;
298
299/* The rule: value + checksum = 0 */
300static inline u8 pn533_checksum(u8 value)
301{
302 return ~value + 1;
303}
304
305/* The rule: sum(data elements) + checksum = 0 */
306static u8 pn533_data_checksum(u8 *data, int datalen)
307{
308 u8 sum = 0;
309 int i;
310
311 for (i = 0; i < datalen; i++)
312 sum += data[i];
313
314 return pn533_checksum(sum);
315}
316
317/**
318 * pn533_tx_frame_ack - create a ack frame
319 * @frame: The frame to be set as ack
320 *
321 * Ack is different type of standard frame. As a standard frame, it has
322 * preamble and start_frame. However the checksum of this frame must fail,
323 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
324 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
325 * After datalen_checksum field, the postamble is placed.
326 */
327static void pn533_tx_frame_ack(struct pn533_frame *frame)
328{
329 frame->preamble = 0;
330 frame->start_frame = cpu_to_be16(PN533_SOF);
331 frame->datalen = 0;
332 frame->datalen_checksum = 0xFF;
333 /* data[0] is used as postamble */
334 frame->data[0] = 0;
335}
336
337static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
338{
339 frame->preamble = 0;
340 frame->start_frame = cpu_to_be16(PN533_SOF);
341 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
342 PN533_FRAME_CMD(frame) = cmd;
343 frame->datalen = 2;
344}
345
346static void pn533_tx_frame_finish(struct pn533_frame *frame)
347{
348 frame->datalen_checksum = pn533_checksum(frame->datalen);
349
350 PN533_FRAME_CHECKSUM(frame) =
351 pn533_data_checksum(frame->data, frame->datalen);
352
353 PN533_FRAME_POSTAMBLE(frame) = 0;
354}
355
356static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
357{
358 u8 checksum;
359
360 if (frame->start_frame != cpu_to_be16(PN533_SOF))
361 return false;
362
363 checksum = pn533_checksum(frame->datalen);
364 if (checksum != frame->datalen_checksum)
365 return false;
366
367 checksum = pn533_data_checksum(frame->data, frame->datalen);
368 if (checksum != PN533_FRAME_CHECKSUM(frame))
369 return false;
370
371 return true;
372}
373
374static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
375{
376 if (frame->start_frame != cpu_to_be16(PN533_SOF))
377 return false;
378
379 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
380 return false;
381
382 return true;
383}
384
385static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
386{
387 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
388}
389
390
391static void pn533_wq_cmd_complete(struct work_struct *work)
392{
393 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
394 struct pn533_frame *in_frame;
395 int rc;
396
397 in_frame = dev->wq_in_frame;
398
399 if (dev->wq_in_error)
400 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
401 dev->wq_in_error);
402 else
403 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
404 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
405 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
406
407 if (rc != -EINPROGRESS)
408 up(&dev->cmd_lock);
409}
410
411static void pn533_recv_response(struct urb *urb)
412{
413 struct pn533 *dev = urb->context;
414 struct pn533_frame *in_frame;
415
416 dev->wq_in_frame = NULL;
417
418 switch (urb->status) {
419 case 0:
420 /* success */
421 break;
422 case -ECONNRESET:
423 case -ENOENT:
424 case -ESHUTDOWN:
425 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
426 " status: %d", urb->status);
427 dev->wq_in_error = urb->status;
428 goto sched_wq;
429 default:
430 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
431 " %d", urb->status);
432 dev->wq_in_error = urb->status;
433 goto sched_wq;
434 }
435
436 in_frame = dev->in_urb->transfer_buffer;
437
438 if (!pn533_rx_frame_is_valid(in_frame)) {
439 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
440 dev->wq_in_error = -EIO;
441 goto sched_wq;
442 }
443
444 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
445 nfc_dev_err(&dev->interface->dev, "The received frame is not "
446 "response to the last command");
447 dev->wq_in_error = -EIO;
448 goto sched_wq;
449 }
450
451 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
452 dev->wq_in_error = 0;
453 dev->wq_in_frame = in_frame;
454
455sched_wq:
456 queue_work(dev->wq, &dev->cmd_work);
457}
458
459static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
460{
461 dev->in_urb->complete = pn533_recv_response;
462
463 return usb_submit_urb(dev->in_urb, flags);
464}
465
466static void pn533_recv_ack(struct urb *urb)
467{
468 struct pn533 *dev = urb->context;
469 struct pn533_frame *in_frame;
470 int rc;
471
472 switch (urb->status) {
473 case 0:
474 /* success */
475 break;
476 case -ECONNRESET:
477 case -ENOENT:
478 case -ESHUTDOWN:
479 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
480 " status: %d", urb->status);
481 dev->wq_in_error = urb->status;
482 goto sched_wq;
483 default:
484 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
485 " %d", urb->status);
486 dev->wq_in_error = urb->status;
487 goto sched_wq;
488 }
489
490 in_frame = dev->in_urb->transfer_buffer;
491
492 if (!pn533_rx_frame_is_ack(in_frame)) {
493 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
494 dev->wq_in_error = -EIO;
495 goto sched_wq;
496 }
497
498 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
499
500 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
501 if (rc) {
502 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
503 " result %d", rc);
504 dev->wq_in_error = rc;
505 goto sched_wq;
506 }
507
508 return;
509
510sched_wq:
511 dev->wq_in_frame = NULL;
512 queue_work(dev->wq, &dev->cmd_work);
513}
514
515static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
516{
517 dev->in_urb->complete = pn533_recv_ack;
518
519 return usb_submit_urb(dev->in_urb, flags);
520}
521
522static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
523{
524 int rc;
525
526 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
527
528 pn533_tx_frame_ack(dev->out_frame);
529
530 dev->out_urb->transfer_buffer = dev->out_frame;
531 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
532 rc = usb_submit_urb(dev->out_urb, flags);
533
534 return rc;
535}
536
537static int __pn533_send_cmd_frame_async(struct pn533 *dev,
538 struct pn533_frame *out_frame,
539 struct pn533_frame *in_frame,
540 int in_frame_len,
541 pn533_cmd_complete_t cmd_complete,
542 void *arg, gfp_t flags)
543{
544 int rc;
545
546 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
547 PN533_FRAME_CMD(out_frame));
548
549 dev->cmd = PN533_FRAME_CMD(out_frame);
550 dev->cmd_complete = cmd_complete;
551 dev->cmd_complete_arg = arg;
552
553 dev->out_urb->transfer_buffer = out_frame;
554 dev->out_urb->transfer_buffer_length =
555 PN533_FRAME_SIZE(out_frame);
556
557 dev->in_urb->transfer_buffer = in_frame;
558 dev->in_urb->transfer_buffer_length = in_frame_len;
559
560 rc = usb_submit_urb(dev->out_urb, flags);
561 if (rc)
562 return rc;
563
564 rc = pn533_submit_urb_for_ack(dev, flags);
565 if (rc)
566 goto error;
567
568 return 0;
569
570error:
571 usb_unlink_urb(dev->out_urb);
572 return rc;
573}
574
575static int pn533_send_cmd_frame_async(struct pn533 *dev,
576 struct pn533_frame *out_frame,
577 struct pn533_frame *in_frame,
578 int in_frame_len,
579 pn533_cmd_complete_t cmd_complete,
580 void *arg, gfp_t flags)
581{
582 int rc;
583
584 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
585
586 if (down_trylock(&dev->cmd_lock))
587 return -EBUSY;
588
589 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
590 in_frame_len, cmd_complete, arg, flags);
591 if (rc)
592 goto error;
593
594 return 0;
595error:
596 up(&dev->cmd_lock);
597 return rc;
598}
599
600struct pn533_sync_cmd_response {
601 int rc;
602 struct completion done;
603};
604
605static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg,
606 u8 *params, int params_len)
607{
608 struct pn533_sync_cmd_response *arg = _arg;
609
610 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
611
612 arg->rc = 0;
613
614 if (params_len < 0) /* error */
615 arg->rc = params_len;
616
617 complete(&arg->done);
618
619 return 0;
620}
621
622static int pn533_send_cmd_frame_sync(struct pn533 *dev,
623 struct pn533_frame *out_frame,
624 struct pn533_frame *in_frame,
625 int in_frame_len)
626{
627 int rc;
628 struct pn533_sync_cmd_response arg;
629
630 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
631
632 init_completion(&arg.done);
633
634 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len,
635 pn533_sync_cmd_complete, &arg, GFP_KERNEL);
636 if (rc)
637 return rc;
638
639 wait_for_completion(&arg.done);
640
641 return arg.rc;
642}
643
644static void pn533_send_complete(struct urb *urb)
645{
646 struct pn533 *dev = urb->context;
647
648 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
649
650 switch (urb->status) {
651 case 0:
652 /* success */
653 break;
654 case -ECONNRESET:
655 case -ENOENT:
656 case -ESHUTDOWN:
657 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
658 " status: %d", urb->status);
659 break;
660 default:
661 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
662 " %d", urb->status);
663 }
664}
665
666struct pn533_target_type_a {
667 __be16 sens_res;
668 u8 sel_res;
669 u8 nfcid_len;
670 u8 nfcid_data[];
671} __packed;
672
673
674#define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
675#define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
676#define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
677
678#define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
679#define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
680
681#define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
682#define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
683
684#define PN533_TYPE_A_SEL_PROT_MIFARE 0
685#define PN533_TYPE_A_SEL_PROT_ISO14443 1
686#define PN533_TYPE_A_SEL_PROT_DEP 2
687#define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
688
689static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
690 int target_data_len)
691{
692 u8 ssd;
693 u8 platconf;
694
695 if (target_data_len < sizeof(struct pn533_target_type_a))
696 return false;
697
698 /* The lenght check of nfcid[] and ats[] are not being performed because
699 the values are not being used */
700
701 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
702 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
703 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
704
705 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
706 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
707 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
708 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
709 return false;
710
711 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
712 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
713 return false;
714
715 return true;
716}
717
718static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
719 int tgt_data_len)
720{
721 struct pn533_target_type_a *tgt_type_a;
722
723 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
724
725 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
726 return -EPROTO;
727
728 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
729 case PN533_TYPE_A_SEL_PROT_MIFARE:
730 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
731 break;
732 case PN533_TYPE_A_SEL_PROT_ISO14443:
733 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
734 break;
735 case PN533_TYPE_A_SEL_PROT_DEP:
736 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
737 break;
738 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
739 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
740 NFC_PROTO_NFC_DEP_MASK;
741 break;
742 }
743
744 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
745 nfc_tgt->sel_res = tgt_type_a->sel_res;
746 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
747 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
748
749 return 0;
750}
751
752struct pn533_target_felica {
753 u8 pol_res;
754 u8 opcode;
755 u8 nfcid2[8];
756 u8 pad[8];
757 /* optional */
758 u8 syst_code[];
759} __packed;
760
761#define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
762#define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
763
764static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
765 int target_data_len)
766{
767 if (target_data_len < sizeof(struct pn533_target_felica))
768 return false;
769
770 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
771 return false;
772
773 return true;
774}
775
776static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
777 int tgt_data_len)
778{
779 struct pn533_target_felica *tgt_felica;
780
781 tgt_felica = (struct pn533_target_felica *) tgt_data;
782
783 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
784 return -EPROTO;
785
786 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
787 tgt_felica->nfcid2[1] ==
788 PN533_FELICA_SENSF_NFCID2_DEP_B2)
789 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
790 else
791 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
792
793 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
794 nfc_tgt->sensf_res_len = 9;
795
796 return 0;
797}
798
799struct pn533_target_jewel {
800 __be16 sens_res;
801 u8 jewelid[4];
802} __packed;
803
804static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
805 int target_data_len)
806{
807 u8 ssd;
808 u8 platconf;
809
810 if (target_data_len < sizeof(struct pn533_target_jewel))
811 return false;
812
813 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
814 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
815 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
816
817 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
818 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
819 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
820 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
821 return false;
822
823 return true;
824}
825
826static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
827 int tgt_data_len)
828{
829 struct pn533_target_jewel *tgt_jewel;
830
831 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
832
833 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
834 return -EPROTO;
835
836 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
837 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
838 nfc_tgt->nfcid1_len = 4;
839 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
840
841 return 0;
842}
843
844struct pn533_type_b_prot_info {
845 u8 bitrate;
846 u8 fsci_type;
847 u8 fwi_adc_fo;
848} __packed;
849
850#define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
851#define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
852#define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
853
854struct pn533_type_b_sens_res {
855 u8 opcode;
856 u8 nfcid[4];
857 u8 appdata[4];
858 struct pn533_type_b_prot_info prot_info;
859} __packed;
860
861#define PN533_TYPE_B_OPC_SENSB_RES 0x50
862
863struct pn533_target_type_b {
864 struct pn533_type_b_sens_res sensb_res;
865 u8 attrib_res_len;
866 u8 attrib_res[];
867} __packed;
868
869static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
870 int target_data_len)
871{
872 if (target_data_len < sizeof(struct pn533_target_type_b))
873 return false;
874
875 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
876 return false;
877
878 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
879 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
880 return false;
881
882 return true;
883}
884
885static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
886 int tgt_data_len)
887{
888 struct pn533_target_type_b *tgt_type_b;
889
890 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
891
892 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
893 return -EPROTO;
894
895 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
896
897 return 0;
898}
899
900struct pn533_poll_response {
901 u8 nbtg;
902 u8 tg;
903 u8 target_data[];
904} __packed;
905
906static int pn533_target_found(struct pn533 *dev,
907 struct pn533_poll_response *resp, int resp_len)
908{
909 int target_data_len;
910 struct nfc_target nfc_tgt;
911 int rc;
912
913 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
914 dev->poll_mod_curr);
915
916 if (resp->tg != 1)
917 return -EPROTO;
918
919 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
920
921 target_data_len = resp_len - sizeof(struct pn533_poll_response);
922
923 switch (dev->poll_mod_curr) {
924 case PN533_POLL_MOD_106KBPS_A:
925 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
926 target_data_len);
927 break;
928 case PN533_POLL_MOD_212KBPS_FELICA:
929 case PN533_POLL_MOD_424KBPS_FELICA:
930 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
931 target_data_len);
932 break;
933 case PN533_POLL_MOD_106KBPS_JEWEL:
934 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
935 target_data_len);
936 break;
937 case PN533_POLL_MOD_847KBPS_B:
938 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
939 target_data_len);
940 break;
941 default:
942 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
943 " modulation");
944 return -EPROTO;
945 }
946
947 if (rc)
948 return rc;
949
950 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
951 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
952 " have the desired protocol");
953 return -EAGAIN;
954 }
955
956 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
957 "0x%x", nfc_tgt.supported_protocols);
958
959 dev->tgt_available_prots = nfc_tgt.supported_protocols;
960
961 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
962
963 return 0;
964}
965
966static void pn533_poll_reset_mod_list(struct pn533 *dev)
967{
968 dev->poll_mod_count = 0;
969}
970
971static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
972{
973 dev->poll_mod_active[dev->poll_mod_count] =
974 (struct pn533_poll_modulations *) &poll_mod[mod_index];
975 dev->poll_mod_count++;
976}
977
978static void pn533_poll_create_mod_list(struct pn533 *dev, u32 protocols)
979{
980 pn533_poll_reset_mod_list(dev);
981
982 if (protocols & NFC_PROTO_MIFARE_MASK
983 || protocols & NFC_PROTO_ISO14443_MASK
984 || protocols & NFC_PROTO_NFC_DEP_MASK)
985 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
986
987 if (protocols & NFC_PROTO_FELICA_MASK
988 || protocols & NFC_PROTO_NFC_DEP_MASK) {
989 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
990 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
991 }
992
993 if (protocols & NFC_PROTO_JEWEL_MASK)
994 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
995
996 if (protocols & NFC_PROTO_ISO14443_MASK)
997 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
998}
999
1000static void pn533_start_poll_frame(struct pn533_frame *frame,
1001 struct pn533_poll_modulations *mod)
1002{
1003
1004 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1005
1006 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1007 frame->datalen += mod->len;
1008
1009 pn533_tx_frame_finish(frame);
1010}
1011
1012static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1013 u8 *params, int params_len)
1014{
1015 struct pn533_poll_response *resp;
1016 struct pn533_poll_modulations *next_mod;
1017 int rc;
1018
1019 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1020
1021 if (params_len == -ENOENT) {
1022 nfc_dev_dbg(&dev->interface->dev, "Polling operation has been"
1023 " stopped");
1024 goto stop_poll;
1025 }
1026
1027 if (params_len < 0) {
1028 nfc_dev_err(&dev->interface->dev, "Error %d when running poll",
1029 params_len);
1030 goto stop_poll;
1031 }
1032
1033 resp = (struct pn533_poll_response *) params;
1034 if (resp->nbtg) {
1035 rc = pn533_target_found(dev, resp, params_len);
1036
1037 /* We must stop the poll after a valid target found */
1038 if (rc == 0)
1039 goto stop_poll;
1040
1041 if (rc != -EAGAIN)
1042 nfc_dev_err(&dev->interface->dev, "The target found is"
1043 " not valid - continuing to poll");
1044 }
1045
1046 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1047
1048 next_mod = dev->poll_mod_active[dev->poll_mod_curr];
1049
1050 nfc_dev_dbg(&dev->interface->dev, "Polling next modulation (0x%x)",
1051 dev->poll_mod_curr);
1052
1053 pn533_start_poll_frame(dev->out_frame, next_mod);
1054
1055 /* Don't need to down the semaphore again */
1056 rc = __pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1057 dev->in_maxlen, pn533_start_poll_complete,
1058 NULL, GFP_ATOMIC);
1059
1060 if (rc == -EPERM) {
1061 nfc_dev_dbg(&dev->interface->dev, "Cannot poll next modulation"
1062 " because poll has been stopped");
1063 goto stop_poll;
1064 }
1065
1066 if (rc) {
1067 nfc_dev_err(&dev->interface->dev, "Error %d when trying to poll"
1068 " next modulation", rc);
1069 goto stop_poll;
1070 }
1071
1072 /* Inform caller function to do not up the semaphore */
1073 return -EINPROGRESS;
1074
1075stop_poll:
1076 pn533_poll_reset_mod_list(dev);
1077 dev->poll_protocols = 0;
1078 return 0;
1079}
1080
1081static int pn533_start_poll(struct nfc_dev *nfc_dev, u32 protocols)
1082{
1083 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1084 struct pn533_poll_modulations *start_mod;
1085 int rc;
1086
1087 nfc_dev_dbg(&dev->interface->dev, "%s - protocols=0x%x", __func__,
1088 protocols);
1089
1090 if (dev->poll_mod_count) {
1091 nfc_dev_err(&dev->interface->dev, "Polling operation already"
1092 " active");
1093 return -EBUSY;
1094 }
1095
1096 if (dev->tgt_active_prot) {
1097 nfc_dev_err(&dev->interface->dev, "Cannot poll with a target"
1098 " already activated");
1099 return -EBUSY;
1100 }
1101
1102 pn533_poll_create_mod_list(dev, protocols);
1103
1104 if (!dev->poll_mod_count) {
1105 nfc_dev_err(&dev->interface->dev, "No valid protocols"
1106 " specified");
1107 rc = -EINVAL;
1108 goto error;
1109 }
1110
1111 nfc_dev_dbg(&dev->interface->dev, "It will poll %d modulations types",
1112 dev->poll_mod_count);
1113
1114 dev->poll_mod_curr = 0;
1115 start_mod = dev->poll_mod_active[dev->poll_mod_curr];
1116
1117 pn533_start_poll_frame(dev->out_frame, start_mod);
1118
1119 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1120 dev->in_maxlen, pn533_start_poll_complete,
1121 NULL, GFP_KERNEL);
1122
1123 if (rc) {
1124 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1125 " start poll", rc);
1126 goto error;
1127 }
1128
1129 dev->poll_protocols = protocols;
1130
1131 return 0;
1132
1133error:
1134 pn533_poll_reset_mod_list(dev);
1135 return rc;
1136}
1137
1138static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1139{
1140 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1141
1142 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1143
1144 if (!dev->poll_mod_count) {
1145 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1146 " running");
1147 return;
1148 }
1149
1150 /* An ack will cancel the last issued command (poll) */
1151 pn533_send_ack(dev, GFP_KERNEL);
1152
1153 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1154 usb_kill_urb(dev->in_urb);
1155}
1156
1157static int pn533_activate_target_nfcdep(struct pn533 *dev)
1158{
1159 struct pn533_cmd_activate_param param;
1160 struct pn533_cmd_activate_response *resp;
1161 u16 gt_len;
1162 int rc;
1163
1164 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1165
1166 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR);
1167
1168 param.tg = 1;
1169 param.next = 0;
1170 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), ¶m,
1171 sizeof(struct pn533_cmd_activate_param));
1172 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1173
1174 pn533_tx_frame_finish(dev->out_frame);
1175
1176 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1177 dev->in_maxlen);
1178 if (rc)
1179 return rc;
1180
1181 resp = (struct pn533_cmd_activate_response *)
1182 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1183 rc = resp->status & PN533_CMD_RET_MASK;
1184 if (rc != PN533_CMD_RET_SUCCESS)
1185 return -EIO;
1186
1187 /* ATR_RES general bytes are located at offset 16 */
1188 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16;
1189 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len);
1190
1191 return rc;
1192}
1193
1194static int pn533_activate_target(struct nfc_dev *nfc_dev,
1195 struct nfc_target *target, u32 protocol)
1196{
1197 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1198 int rc;
1199
1200 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1201 protocol);
1202
1203 if (dev->poll_mod_count) {
1204 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1205 " polling");
1206 return -EBUSY;
1207 }
1208
1209 if (dev->tgt_active_prot) {
1210 nfc_dev_err(&dev->interface->dev, "There is already an active"
1211 " target");
1212 return -EBUSY;
1213 }
1214
1215 if (!dev->tgt_available_prots) {
1216 nfc_dev_err(&dev->interface->dev, "There is no available target"
1217 " to activate");
1218 return -EINVAL;
1219 }
1220
1221 if (!(dev->tgt_available_prots & (1 << protocol))) {
1222 nfc_dev_err(&dev->interface->dev, "The target does not support"
1223 " the requested protocol %u", protocol);
1224 return -EINVAL;
1225 }
1226
1227 if (protocol == NFC_PROTO_NFC_DEP) {
1228 rc = pn533_activate_target_nfcdep(dev);
1229 if (rc) {
1230 nfc_dev_err(&dev->interface->dev, "Error %d when"
1231 " activating target with"
1232 " NFC_DEP protocol", rc);
1233 return rc;
1234 }
1235 }
1236
1237 dev->tgt_active_prot = protocol;
1238 dev->tgt_available_prots = 0;
1239
1240 return 0;
1241}
1242
1243static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1244 struct nfc_target *target)
1245{
1246 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1247 u8 tg;
1248 u8 status;
1249 int rc;
1250
1251 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1252
1253 if (!dev->tgt_active_prot) {
1254 nfc_dev_err(&dev->interface->dev, "There is no active target");
1255 return;
1256 }
1257
1258 dev->tgt_active_prot = 0;
1259
1260 skb_queue_purge(&dev->resp_q);
1261
1262 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE);
1263
1264 tg = 1;
1265 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1266 dev->out_frame->datalen += sizeof(u8);
1267
1268 pn533_tx_frame_finish(dev->out_frame);
1269
1270 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1271 dev->in_maxlen);
1272 if (rc) {
1273 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1274 " command to the controller");
1275 return;
1276 }
1277
1278 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0];
1279 rc = status & PN533_CMD_RET_MASK;
1280 if (rc != PN533_CMD_RET_SUCCESS)
1281 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1282 " the target", rc);
1283
1284 return;
1285}
1286
1287
1288static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1289 u8 *params, int params_len)
1290{
1291 struct pn533_cmd_jump_dep *cmd;
1292 struct pn533_cmd_jump_dep_response *resp;
1293 struct nfc_target nfc_target;
1294 u8 target_gt_len;
1295 int rc;
1296
1297 if (params_len == -ENOENT) {
1298 nfc_dev_dbg(&dev->interface->dev, "");
1299 return 0;
1300 }
1301
1302 if (params_len < 0) {
1303 nfc_dev_err(&dev->interface->dev,
1304 "Error %d when bringing DEP link up",
1305 params_len);
1306 return 0;
1307 }
1308
1309 if (dev->tgt_available_prots &&
1310 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1311 nfc_dev_err(&dev->interface->dev,
1312 "The target does not support DEP");
1313 return -EINVAL;
1314 }
1315
1316 resp = (struct pn533_cmd_jump_dep_response *) params;
1317 cmd = (struct pn533_cmd_jump_dep *) arg;
1318 rc = resp->status & PN533_CMD_RET_MASK;
1319 if (rc != PN533_CMD_RET_SUCCESS) {
1320 nfc_dev_err(&dev->interface->dev,
1321 "Bringing DEP link up failed %d", rc);
1322 return 0;
1323 }
1324
1325 if (!dev->tgt_available_prots) {
1326 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1327
1328 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1329 nfc_target.nfcid1_len = 10;
1330 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len);
1331 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1332 if (rc)
1333 return 0;
1334
1335 dev->tgt_available_prots = 0;
1336 }
1337
1338 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1339
1340 /* ATR_RES general bytes are located at offset 17 */
1341 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17;
1342 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1343 resp->gt, target_gt_len);
1344 if (rc == 0)
1345 rc = nfc_dep_link_is_up(dev->nfc_dev,
1346 dev->nfc_dev->targets[0].idx,
1347 !cmd->active, NFC_RF_INITIATOR);
1348
1349 return 0;
1350}
1351
1352static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1353 u8 comm_mode, u8* gb, size_t gb_len)
1354{
1355 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1356 struct pn533_cmd_jump_dep *cmd;
1357 u8 cmd_len;
1358 int rc;
1359
1360 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1361
1362 if (dev->poll_mod_count) {
1363 nfc_dev_err(&dev->interface->dev,
1364 "Cannot bring the DEP link up while polling");
1365 return -EBUSY;
1366 }
1367
1368 if (dev->tgt_active_prot) {
1369 nfc_dev_err(&dev->interface->dev,
1370 "There is already an active target");
1371 return -EBUSY;
1372 }
1373
1374 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1375 cmd = kzalloc(cmd_len, GFP_KERNEL);
1376 if (cmd == NULL)
1377 return -ENOMEM;
1378
1379 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1380
1381 cmd->active = !comm_mode;
1382 cmd->baud = 0;
1383 if (gb != NULL && gb_len > 0) {
1384 cmd->next = 4; /* We have some Gi */
1385 memcpy(cmd->gt, gb, gb_len);
1386 } else {
1387 cmd->next = 0;
1388 }
1389
1390 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len);
1391 dev->out_frame->datalen += cmd_len;
1392
1393 pn533_tx_frame_finish(dev->out_frame);
1394
1395 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1396 dev->in_maxlen, pn533_in_dep_link_up_complete,
1397 cmd, GFP_KERNEL);
1398 if (rc)
1399 goto out;
1400
1401
1402out:
1403 kfree(cmd);
1404
1405 return rc;
1406}
1407
1408static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1409{
1410 pn533_deactivate_target(nfc_dev, 0);
1411
1412 return 0;
1413}
1414
1415#define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1416#define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1417
1418static int pn533_data_exchange_tx_frame(struct pn533 *dev, struct sk_buff *skb)
1419{
1420 int payload_len = skb->len;
1421 struct pn533_frame *out_frame;
1422 u8 tg;
1423
1424 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1425 payload_len);
1426
1427 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1428 /* TODO: Implement support to multi-part data exchange */
1429 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1430 " max allowed: %d",
1431 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1432 return -ENOSYS;
1433 }
1434
1435 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1436 out_frame = (struct pn533_frame *) skb->data;
1437
1438 pn533_tx_frame_init(out_frame, PN533_CMD_IN_DATA_EXCHANGE);
1439
1440 tg = 1;
1441 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame), &tg, sizeof(u8));
1442 out_frame->datalen += sizeof(u8);
1443
1444 /* The data is already in the out_frame, just update the datalen */
1445 out_frame->datalen += payload_len;
1446
1447 pn533_tx_frame_finish(out_frame);
1448 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1449
1450 return 0;
1451}
1452
1453struct pn533_data_exchange_arg {
1454 struct sk_buff *skb_resp;
1455 struct sk_buff *skb_out;
1456 data_exchange_cb_t cb;
1457 void *cb_context;
1458};
1459
1460static struct sk_buff *pn533_build_response(struct pn533 *dev)
1461{
1462 struct sk_buff *skb, *tmp, *t;
1463 unsigned int skb_len = 0, tmp_len = 0;
1464
1465 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
1466
1467 if (skb_queue_empty(&dev->resp_q))
1468 return NULL;
1469
1470 if (skb_queue_len(&dev->resp_q) == 1) {
1471 skb = skb_dequeue(&dev->resp_q);
1472 goto out;
1473 }
1474
1475 skb_queue_walk_safe(&dev->resp_q, tmp, t)
1476 skb_len += tmp->len;
1477
1478 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
1479 __func__, skb_len);
1480
1481 skb = alloc_skb(skb_len, GFP_KERNEL);
1482 if (skb == NULL)
1483 goto out;
1484
1485 skb_put(skb, skb_len);
1486
1487 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
1488 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
1489 tmp_len += tmp->len;
1490 }
1491
1492out:
1493 skb_queue_purge(&dev->resp_q);
1494
1495 return skb;
1496}
1497
1498static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1499 u8 *params, int params_len)
1500{
1501 struct pn533_data_exchange_arg *arg = _arg;
1502 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp;
1503 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1504 int err = 0;
1505 u8 status;
1506 u8 cmd_ret;
1507
1508 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1509
1510 dev_kfree_skb(arg->skb_out);
1511
1512 if (params_len < 0) { /* error */
1513 err = params_len;
1514 goto error;
1515 }
1516
1517 status = params[0];
1518
1519 cmd_ret = status & PN533_CMD_RET_MASK;
1520 if (cmd_ret != PN533_CMD_RET_SUCCESS) {
1521 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when"
1522 " exchanging data", cmd_ret);
1523 err = -EIO;
1524 goto error;
1525 }
1526
1527 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1528 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1529 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1530 skb_queue_tail(&dev->resp_q, skb_resp);
1531
1532 if (status & PN533_CMD_MI_MASK) {
1533 queue_work(dev->wq, &dev->mi_work);
1534 return -EINPROGRESS;
1535 }
1536
1537 skb = pn533_build_response(dev);
1538 if (skb == NULL)
1539 goto error;
1540
1541 arg->cb(arg->cb_context, skb, 0);
1542 kfree(arg);
1543 return 0;
1544
1545error:
1546 skb_queue_purge(&dev->resp_q);
1547 dev_kfree_skb(skb_resp);
1548 arg->cb(arg->cb_context, NULL, err);
1549 kfree(arg);
1550 return 0;
1551}
1552
1553static int pn533_data_exchange(struct nfc_dev *nfc_dev,
1554 struct nfc_target *target, struct sk_buff *skb,
1555 data_exchange_cb_t cb, void *cb_context)
1556{
1557 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1558 struct pn533_frame *out_frame, *in_frame;
1559 struct pn533_data_exchange_arg *arg;
1560 struct sk_buff *skb_resp;
1561 int skb_resp_len;
1562 int rc;
1563
1564 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1565
1566 if (!dev->tgt_active_prot) {
1567 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
1568 " there is no active target");
1569 rc = -EINVAL;
1570 goto error;
1571 }
1572
1573 rc = pn533_data_exchange_tx_frame(dev, skb);
1574 if (rc)
1575 goto error;
1576
1577 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1578 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1579 PN533_FRAME_TAIL_SIZE;
1580
1581 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1582 if (!skb_resp) {
1583 rc = -ENOMEM;
1584 goto error;
1585 }
1586
1587 in_frame = (struct pn533_frame *) skb_resp->data;
1588 out_frame = (struct pn533_frame *) skb->data;
1589
1590 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
1591 if (!arg) {
1592 rc = -ENOMEM;
1593 goto free_skb_resp;
1594 }
1595
1596 arg->skb_resp = skb_resp;
1597 arg->skb_out = skb;
1598 arg->cb = cb;
1599 arg->cb_context = cb_context;
1600
1601 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len,
1602 pn533_data_exchange_complete, arg,
1603 GFP_KERNEL);
1604 if (rc) {
1605 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1606 " perform data_exchange", rc);
1607 goto free_arg;
1608 }
1609
1610 return 0;
1611
1612free_arg:
1613 kfree(arg);
1614free_skb_resp:
1615 kfree_skb(skb_resp);
1616error:
1617 kfree_skb(skb);
1618 return rc;
1619}
1620
1621static void pn533_wq_mi_recv(struct work_struct *work)
1622{
1623 struct pn533 *dev = container_of(work, struct pn533, mi_work);
1624 struct sk_buff *skb_cmd;
1625 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg;
1626 struct pn533_frame *out_frame, *in_frame;
1627 struct sk_buff *skb_resp;
1628 int skb_resp_len;
1629 int rc;
1630
1631 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1632
1633 /* This is a zero payload size skb */
1634 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE,
1635 GFP_KERNEL);
1636 if (skb_cmd == NULL)
1637 goto error_cmd;
1638
1639 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
1640
1641 rc = pn533_data_exchange_tx_frame(dev, skb_cmd);
1642 if (rc)
1643 goto error_frame;
1644
1645 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1646 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1647 PN533_FRAME_TAIL_SIZE;
1648 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL);
1649 if (!skb_resp) {
1650 rc = -ENOMEM;
1651 goto error_frame;
1652 }
1653
1654 in_frame = (struct pn533_frame *) skb_resp->data;
1655 out_frame = (struct pn533_frame *) skb_cmd->data;
1656
1657 arg->skb_resp = skb_resp;
1658 arg->skb_out = skb_cmd;
1659
1660 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
1661 skb_resp_len,
1662 pn533_data_exchange_complete,
1663 dev->cmd_complete_arg, GFP_KERNEL);
1664 if (!rc)
1665 return;
1666
1667 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1668 " perform data_exchange", rc);
1669
1670 kfree_skb(skb_resp);
1671
1672error_frame:
1673 kfree_skb(skb_cmd);
1674
1675error_cmd:
1676 pn533_send_ack(dev, GFP_KERNEL);
1677
1678 kfree(arg);
1679
1680 up(&dev->cmd_lock);
1681}
1682
1683static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
1684 u8 cfgdata_len)
1685{
1686 int rc;
1687 u8 *params;
1688
1689 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1690
1691 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION);
1692
1693 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
1694 params[0] = cfgitem;
1695 memcpy(¶ms[1], cfgdata, cfgdata_len);
1696 dev->out_frame->datalen += (1 + cfgdata_len);
1697
1698 pn533_tx_frame_finish(dev->out_frame);
1699
1700 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1701 dev->in_maxlen);
1702
1703 return rc;
1704}
1705
1706struct nfc_ops pn533_nfc_ops = {
1707 .dev_up = NULL,
1708 .dev_down = NULL,
1709 .dep_link_up = pn533_dep_link_up,
1710 .dep_link_down = pn533_dep_link_down,
1711 .start_poll = pn533_start_poll,
1712 .stop_poll = pn533_stop_poll,
1713 .activate_target = pn533_activate_target,
1714 .deactivate_target = pn533_deactivate_target,
1715 .data_exchange = pn533_data_exchange,
1716};
1717
1718static int pn533_probe(struct usb_interface *interface,
1719 const struct usb_device_id *id)
1720{
1721 struct pn533_fw_version *fw_ver;
1722 struct pn533 *dev;
1723 struct usb_host_interface *iface_desc;
1724 struct usb_endpoint_descriptor *endpoint;
1725 struct pn533_config_max_retries max_retries;
1726 int in_endpoint = 0;
1727 int out_endpoint = 0;
1728 int rc = -ENOMEM;
1729 int i;
1730 u32 protocols;
1731
1732 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
1733 if (!dev)
1734 return -ENOMEM;
1735
1736 dev->udev = usb_get_dev(interface_to_usbdev(interface));
1737 dev->interface = interface;
1738 sema_init(&dev->cmd_lock, 1);
1739
1740 iface_desc = interface->cur_altsetting;
1741 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
1742 endpoint = &iface_desc->endpoint[i].desc;
1743
1744 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) {
1745 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
1746 in_endpoint = endpoint->bEndpointAddress;
1747 }
1748
1749 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) {
1750 dev->out_maxlen =
1751 le16_to_cpu(endpoint->wMaxPacketSize);
1752 out_endpoint = endpoint->bEndpointAddress;
1753 }
1754 }
1755
1756 if (!in_endpoint || !out_endpoint) {
1757 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
1758 " bulk-out endpoint");
1759 rc = -ENODEV;
1760 goto error;
1761 }
1762
1763 dev->in_frame = kmalloc(dev->in_maxlen, GFP_KERNEL);
1764 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
1765 dev->out_frame = kmalloc(dev->out_maxlen, GFP_KERNEL);
1766 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
1767
1768 if (!dev->in_frame || !dev->out_frame ||
1769 !dev->in_urb || !dev->out_urb)
1770 goto error;
1771
1772 usb_fill_bulk_urb(dev->in_urb, dev->udev,
1773 usb_rcvbulkpipe(dev->udev, in_endpoint),
1774 NULL, 0, NULL, dev);
1775 usb_fill_bulk_urb(dev->out_urb, dev->udev,
1776 usb_sndbulkpipe(dev->udev, out_endpoint),
1777 NULL, 0,
1778 pn533_send_complete, dev);
1779
1780 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete);
1781 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
1782 dev->wq = alloc_workqueue("pn533",
1783 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1784 1);
1785 if (dev->wq == NULL)
1786 goto error;
1787
1788 skb_queue_head_init(&dev->resp_q);
1789
1790 usb_set_intfdata(interface, dev);
1791
1792 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION);
1793 pn533_tx_frame_finish(dev->out_frame);
1794
1795 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1796 dev->in_maxlen);
1797 if (rc)
1798 goto destroy_wq;
1799
1800 fw_ver = (struct pn533_fw_version *)
1801 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1802 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
1803 " attached", fw_ver->ver, fw_ver->rev);
1804
1805 protocols = NFC_PROTO_JEWEL_MASK
1806 | NFC_PROTO_MIFARE_MASK | NFC_PROTO_FELICA_MASK
1807 | NFC_PROTO_ISO14443_MASK
1808 | NFC_PROTO_NFC_DEP_MASK;
1809
1810 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
1811 PN533_CMD_DATAEXCH_HEAD_LEN,
1812 PN533_FRAME_TAIL_SIZE);
1813 if (!dev->nfc_dev)
1814 goto destroy_wq;
1815
1816 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
1817 nfc_set_drvdata(dev->nfc_dev, dev);
1818
1819 rc = nfc_register_device(dev->nfc_dev);
1820 if (rc)
1821 goto free_nfc_dev;
1822
1823 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
1824 max_retries.mx_rty_psl = 2;
1825 max_retries.mx_rty_passive_act = PN533_CONFIG_MAX_RETRIES_NO_RETRY;
1826
1827 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
1828 (u8 *) &max_retries, sizeof(max_retries));
1829
1830 if (rc) {
1831 nfc_dev_err(&dev->interface->dev, "Error on setting MAX_RETRIES"
1832 " config");
1833 goto free_nfc_dev;
1834 }
1835
1836 return 0;
1837
1838free_nfc_dev:
1839 nfc_free_device(dev->nfc_dev);
1840destroy_wq:
1841 destroy_workqueue(dev->wq);
1842error:
1843 kfree(dev->in_frame);
1844 usb_free_urb(dev->in_urb);
1845 kfree(dev->out_frame);
1846 usb_free_urb(dev->out_urb);
1847 kfree(dev);
1848 return rc;
1849}
1850
1851static void pn533_disconnect(struct usb_interface *interface)
1852{
1853 struct pn533 *dev;
1854
1855 dev = usb_get_intfdata(interface);
1856 usb_set_intfdata(interface, NULL);
1857
1858 nfc_unregister_device(dev->nfc_dev);
1859 nfc_free_device(dev->nfc_dev);
1860
1861 usb_kill_urb(dev->in_urb);
1862 usb_kill_urb(dev->out_urb);
1863
1864 destroy_workqueue(dev->wq);
1865
1866 skb_queue_purge(&dev->resp_q);
1867
1868 kfree(dev->in_frame);
1869 usb_free_urb(dev->in_urb);
1870 kfree(dev->out_frame);
1871 usb_free_urb(dev->out_urb);
1872 kfree(dev);
1873
1874 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
1875}
1876
1877static struct usb_driver pn533_driver = {
1878 .name = "pn533",
1879 .probe = pn533_probe,
1880 .disconnect = pn533_disconnect,
1881 .id_table = pn533_table,
1882};
1883
1884module_usb_driver(pn533_driver);
1885
1886MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>,"
1887 " Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
1888MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
1889MODULE_VERSION(VERSION);
1890MODULE_LICENSE("GPL");