projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
acct: constify the name arg to acct_on
[deliverable/linux.git] / drivers / nfc / pn533.c
1 /*
2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
3 *
4 * Authors:
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 */
23
24 #include <linux/device.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/usb.h>
29 #include <linux/nfc.h>
30 #include <linux/netdevice.h>
31 #include <net/nfc/nfc.h>
32
33 #define VERSION "0.1"
34
35 #define PN533_VENDOR_ID 0x4CC
36 #define PN533_PRODUCT_ID 0x2533
37
38 #define SCM_VENDOR_ID 0x4E6
39 #define SCL3711_PRODUCT_ID 0x5591
40
41 #define SONY_VENDOR_ID 0x054c
42 #define PASORI_PRODUCT_ID 0x02e1
43
44 #define PN533_QUIRKS_TYPE_A BIT(0)
45 #define PN533_QUIRKS_TYPE_F BIT(1)
46 #define PN533_QUIRKS_DEP BIT(2)
47 #define PN533_QUIRKS_RAW_EXCHANGE BIT(3)
48
49 #define PN533_DEVICE_STD 0x1
50 #define PN533_DEVICE_PASORI 0x2
51
52 #define PN533_ALL_PROTOCOLS (NFC_PROTO_JEWEL_MASK | NFC_PROTO_MIFARE_MASK |\
53 NFC_PROTO_FELICA_MASK | NFC_PROTO_ISO14443_MASK |\
54 NFC_PROTO_NFC_DEP_MASK |\
55 NFC_PROTO_ISO14443_B_MASK)
56
57 #define PN533_NO_TYPE_B_PROTOCOLS (NFC_PROTO_JEWEL_MASK | \
58 NFC_PROTO_MIFARE_MASK | \
59 NFC_PROTO_FELICA_MASK | \
60 NFC_PROTO_ISO14443_MASK | \
61 NFC_PROTO_NFC_DEP_MASK)
62
63 static const struct usb_device_id pn533_table[] = {
64 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
65 .idVendor = PN533_VENDOR_ID,
66 .idProduct = PN533_PRODUCT_ID,
67 .driver_info = PN533_DEVICE_STD,
68 },
69 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
70 .idVendor = SCM_VENDOR_ID,
71 .idProduct = SCL3711_PRODUCT_ID,
72 .driver_info = PN533_DEVICE_STD,
73 },
74 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
75 .idVendor = SONY_VENDOR_ID,
76 .idProduct = PASORI_PRODUCT_ID,
77 .driver_info = PN533_DEVICE_PASORI,
78 },
79 { }
80 };
81 MODULE_DEVICE_TABLE(usb, pn533_table);
82
83 /* How much time we spend listening for initiators */
84 #define PN533_LISTEN_TIME 2
85
86 /* frame definitions */
87 #define PN533_FRAME_TAIL_SIZE 2
88 #define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
89 PN533_FRAME_TAIL_SIZE)
90 #define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
91 #define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
92 #define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
93
94 /* start of frame */
95 #define PN533_SOF 0x00FF
96
97 /* frame identifier: in/out/error */
98 #define PN533_FRAME_IDENTIFIER(f) (f->data[0])
99 #define PN533_DIR_OUT 0xD4
100 #define PN533_DIR_IN 0xD5
101
102 /* PN533 Commands */
103 #define PN533_FRAME_CMD(f) (f->data[1])
104 #define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
105 #define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
106
107 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
108 #define PN533_CMD_RF_CONFIGURATION 0x32
109 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
110 #define PN533_CMD_IN_COMM_THRU 0x42
111 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
112 #define PN533_CMD_IN_ATR 0x50
113 #define PN533_CMD_IN_RELEASE 0x52
114 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
115
116 #define PN533_CMD_TG_INIT_AS_TARGET 0x8c
117 #define PN533_CMD_TG_GET_DATA 0x86
118 #define PN533_CMD_TG_SET_DATA 0x8e
119
120 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
121
122 /* PN533 Return codes */
123 #define PN533_CMD_RET_MASK 0x3F
124 #define PN533_CMD_MI_MASK 0x40
125 #define PN533_CMD_RET_SUCCESS 0x00
126
127 /* PN533 status codes */
128 #define PN533_STATUS_TARGET_RELEASED 0x29
129
130 struct pn533;
131
132 typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
133 u8 *params, int params_len);
134
135 /* structs for pn533 commands */
136
137 /* PN533_CMD_GET_FIRMWARE_VERSION */
138 struct pn533_fw_version {
139 u8 ic;
140 u8 ver;
141 u8 rev;
142 u8 support;
143 };
144
145 /* PN533_CMD_RF_CONFIGURATION */
146 #define PN533_CFGITEM_TIMING 0x02
147 #define PN533_CFGITEM_MAX_RETRIES 0x05
148 #define PN533_CFGITEM_PASORI 0x82
149
150 #define PN533_CONFIG_TIMING_102 0xb
151 #define PN533_CONFIG_TIMING_204 0xc
152 #define PN533_CONFIG_TIMING_409 0xd
153 #define PN533_CONFIG_TIMING_819 0xe
154
155 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
156 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
157
158 struct pn533_config_max_retries {
159 u8 mx_rty_atr;
160 u8 mx_rty_psl;
161 u8 mx_rty_passive_act;
162 } __packed;
163
164 struct pn533_config_timing {
165 u8 rfu;
166 u8 atr_res_timeout;
167 u8 dep_timeout;
168 } __packed;
169
170 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
171
172 /* felica commands opcode */
173 #define PN533_FELICA_OPC_SENSF_REQ 0
174 #define PN533_FELICA_OPC_SENSF_RES 1
175 /* felica SENSF_REQ parameters */
176 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
177 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
178 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
179 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
180
181 /* type B initiator_data values */
182 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
183 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
184 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
185
186 union pn533_cmd_poll_initdata {
187 struct {
188 u8 afi;
189 u8 polling_method;
190 } __packed type_b;
191 struct {
192 u8 opcode;
193 __be16 sc;
194 u8 rc;
195 u8 tsn;
196 } __packed felica;
197 };
198
199 /* Poll modulations */
200 enum {
201 PN533_POLL_MOD_106KBPS_A,
202 PN533_POLL_MOD_212KBPS_FELICA,
203 PN533_POLL_MOD_424KBPS_FELICA,
204 PN533_POLL_MOD_106KBPS_JEWEL,
205 PN533_POLL_MOD_847KBPS_B,
206 PN533_LISTEN_MOD,
207
208 __PN533_POLL_MOD_AFTER_LAST,
209 };
210 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
211
212 struct pn533_poll_modulations {
213 struct {
214 u8 maxtg;
215 u8 brty;
216 union pn533_cmd_poll_initdata initiator_data;
217 } __packed data;
218 u8 len;
219 };
220
221 const struct pn533_poll_modulations poll_mod[] = {
222 [PN533_POLL_MOD_106KBPS_A] = {
223 .data = {
224 .maxtg = 1,
225 .brty = 0,
226 },
227 .len = 2,
228 },
229 [PN533_POLL_MOD_212KBPS_FELICA] = {
230 .data = {
231 .maxtg = 1,
232 .brty = 1,
233 .initiator_data.felica = {
234 .opcode = PN533_FELICA_OPC_SENSF_REQ,
235 .sc = PN533_FELICA_SENSF_SC_ALL,
236 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
237 .tsn = 0,
238 },
239 },
240 .len = 7,
241 },
242 [PN533_POLL_MOD_424KBPS_FELICA] = {
243 .data = {
244 .maxtg = 1,
245 .brty = 2,
246 .initiator_data.felica = {
247 .opcode = PN533_FELICA_OPC_SENSF_REQ,
248 .sc = PN533_FELICA_SENSF_SC_ALL,
249 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
250 .tsn = 0,
251 },
252 },
253 .len = 7,
254 },
255 [PN533_POLL_MOD_106KBPS_JEWEL] = {
256 .data = {
257 .maxtg = 1,
258 .brty = 4,
259 },
260 .len = 2,
261 },
262 [PN533_POLL_MOD_847KBPS_B] = {
263 .data = {
264 .maxtg = 1,
265 .brty = 8,
266 .initiator_data.type_b = {
267 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
268 .polling_method =
269 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
270 },
271 },
272 .len = 3,
273 },
274 [PN533_LISTEN_MOD] = {
275 .len = 0,
276 },
277 };
278
279 /* PN533_CMD_IN_ATR */
280
281 struct pn533_cmd_activate_param {
282 u8 tg;
283 u8 next;
284 } __packed;
285
286 struct pn533_cmd_activate_response {
287 u8 status;
288 u8 nfcid3t[10];
289 u8 didt;
290 u8 bst;
291 u8 brt;
292 u8 to;
293 u8 ppt;
294 /* optional */
295 u8 gt[];
296 } __packed;
297
298 /* PN533_CMD_IN_JUMP_FOR_DEP */
299 struct pn533_cmd_jump_dep {
300 u8 active;
301 u8 baud;
302 u8 next;
303 u8 data[];
304 } __packed;
305
306 struct pn533_cmd_jump_dep_response {
307 u8 status;
308 u8 tg;
309 u8 nfcid3t[10];
310 u8 didt;
311 u8 bst;
312 u8 brt;
313 u8 to;
314 u8 ppt;
315 /* optional */
316 u8 gt[];
317 } __packed;
318
319
320 /* PN533_TG_INIT_AS_TARGET */
321 #define PN533_INIT_TARGET_PASSIVE 0x1
322 #define PN533_INIT_TARGET_DEP 0x2
323
324 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
325 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1
326 #define PN533_INIT_TARGET_RESP_DEP 0x4
327
328 struct pn533_cmd_init_target {
329 u8 mode;
330 u8 mifare[6];
331 u8 felica[18];
332 u8 nfcid3[10];
333 u8 gb_len;
334 u8 gb[];
335 } __packed;
336
337 struct pn533_cmd_init_target_response {
338 u8 mode;
339 u8 cmd[];
340 } __packed;
341
342 struct pn533 {
343 struct usb_device *udev;
344 struct usb_interface *interface;
345 struct nfc_dev *nfc_dev;
346
347 struct urb *out_urb;
348 int out_maxlen;
349 struct pn533_frame *out_frame;
350
351 struct urb *in_urb;
352 int in_maxlen;
353 struct pn533_frame *in_frame;
354
355 struct sk_buff_head resp_q;
356
357 struct workqueue_struct *wq;
358 struct work_struct cmd_work;
359 struct work_struct cmd_complete_work;
360 struct work_struct poll_work;
361 struct work_struct mi_work;
362 struct work_struct tg_work;
363 struct timer_list listen_timer;
364 struct pn533_frame *wq_in_frame;
365 int wq_in_error;
366 int cancel_listen;
367
368 pn533_cmd_complete_t cmd_complete;
369 void *cmd_complete_arg;
370 struct mutex cmd_lock;
371 u8 cmd;
372
373 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
374 u8 poll_mod_count;
375 u8 poll_mod_curr;
376 u32 poll_protocols;
377 u32 listen_protocols;
378
379 u8 *gb;
380 size_t gb_len;
381
382 u8 tgt_available_prots;
383 u8 tgt_active_prot;
384 u8 tgt_mode;
385
386 u32 device_type;
387
388 struct list_head cmd_queue;
389 u8 cmd_pending;
390 };
391
392 struct pn533_cmd {
393 struct list_head queue;
394 struct pn533_frame *out_frame;
395 struct pn533_frame *in_frame;
396 int in_frame_len;
397 pn533_cmd_complete_t cmd_complete;
398 void *arg;
399 gfp_t flags;
400 };
401
402 struct pn533_frame {
403 u8 preamble;
404 __be16 start_frame;
405 u8 datalen;
406 u8 datalen_checksum;
407 u8 data[];
408 } __packed;
409
410 /* The rule: value + checksum = 0 */
411 static inline u8 pn533_checksum(u8 value)
412 {
413 return ~value + 1;
414 }
415
416 /* The rule: sum(data elements) + checksum = 0 */
417 static u8 pn533_data_checksum(u8 *data, int datalen)
418 {
419 u8 sum = 0;
420 int i;
421
422 for (i = 0; i < datalen; i++)
423 sum += data[i];
424
425 return pn533_checksum(sum);
426 }
427
428 /**
429 * pn533_tx_frame_ack - create a ack frame
430 * @frame: The frame to be set as ack
431 *
432 * Ack is different type of standard frame. As a standard frame, it has
433 * preamble and start_frame. However the checksum of this frame must fail,
434 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
435 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
436 * After datalen_checksum field, the postamble is placed.
437 */
438 static void pn533_tx_frame_ack(struct pn533_frame *frame)
439 {
440 frame->preamble = 0;
441 frame->start_frame = cpu_to_be16(PN533_SOF);
442 frame->datalen = 0;
443 frame->datalen_checksum = 0xFF;
444 /* data[0] is used as postamble */
445 frame->data[0] = 0;
446 }
447
448 static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
449 {
450 frame->preamble = 0;
451 frame->start_frame = cpu_to_be16(PN533_SOF);
452 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
453 PN533_FRAME_CMD(frame) = cmd;
454 frame->datalen = 2;
455 }
456
457 static void pn533_tx_frame_finish(struct pn533_frame *frame)
458 {
459 frame->datalen_checksum = pn533_checksum(frame->datalen);
460
461 PN533_FRAME_CHECKSUM(frame) =
462 pn533_data_checksum(frame->data, frame->datalen);
463
464 PN533_FRAME_POSTAMBLE(frame) = 0;
465 }
466
467 static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
468 {
469 u8 checksum;
470
471 if (frame->start_frame != cpu_to_be16(PN533_SOF))
472 return false;
473
474 checksum = pn533_checksum(frame->datalen);
475 if (checksum != frame->datalen_checksum)
476 return false;
477
478 checksum = pn533_data_checksum(frame->data, frame->datalen);
479 if (checksum != PN533_FRAME_CHECKSUM(frame))
480 return false;
481
482 return true;
483 }
484
485 static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
486 {
487 if (frame->start_frame != cpu_to_be16(PN533_SOF))
488 return false;
489
490 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
491 return false;
492
493 return true;
494 }
495
496 static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
497 {
498 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
499 }
500
501
502 static void pn533_wq_cmd_complete(struct work_struct *work)
503 {
504 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work);
505 struct pn533_frame *in_frame;
506 int rc;
507
508 in_frame = dev->wq_in_frame;
509
510 if (dev->wq_in_error)
511 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
512 dev->wq_in_error);
513 else
514 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
515 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
516 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
517
518 if (rc != -EINPROGRESS)
519 queue_work(dev->wq, &dev->cmd_work);
520 }
521
522 static void pn533_recv_response(struct urb *urb)
523 {
524 struct pn533 *dev = urb->context;
525 struct pn533_frame *in_frame;
526
527 dev->wq_in_frame = NULL;
528
529 switch (urb->status) {
530 case 0:
531 /* success */
532 break;
533 case -ECONNRESET:
534 case -ENOENT:
535 case -ESHUTDOWN:
536 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
537 " status: %d", urb->status);
538 dev->wq_in_error = urb->status;
539 goto sched_wq;
540 default:
541 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
542 " %d", urb->status);
543 dev->wq_in_error = urb->status;
544 goto sched_wq;
545 }
546
547 in_frame = dev->in_urb->transfer_buffer;
548
549 if (!pn533_rx_frame_is_valid(in_frame)) {
550 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
551 dev->wq_in_error = -EIO;
552 goto sched_wq;
553 }
554
555 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
556 nfc_dev_err(&dev->interface->dev, "The received frame is not "
557 "response to the last command");
558 dev->wq_in_error = -EIO;
559 goto sched_wq;
560 }
561
562 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
563 dev->wq_in_error = 0;
564 dev->wq_in_frame = in_frame;
565
566 sched_wq:
567 queue_work(dev->wq, &dev->cmd_complete_work);
568 }
569
570 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
571 {
572 dev->in_urb->complete = pn533_recv_response;
573
574 return usb_submit_urb(dev->in_urb, flags);
575 }
576
577 static void pn533_recv_ack(struct urb *urb)
578 {
579 struct pn533 *dev = urb->context;
580 struct pn533_frame *in_frame;
581 int rc;
582
583 switch (urb->status) {
584 case 0:
585 /* success */
586 break;
587 case -ECONNRESET:
588 case -ENOENT:
589 case -ESHUTDOWN:
590 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
591 " status: %d", urb->status);
592 dev->wq_in_error = urb->status;
593 goto sched_wq;
594 default:
595 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
596 " %d", urb->status);
597 dev->wq_in_error = urb->status;
598 goto sched_wq;
599 }
600
601 in_frame = dev->in_urb->transfer_buffer;
602
603 if (!pn533_rx_frame_is_ack(in_frame)) {
604 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
605 dev->wq_in_error = -EIO;
606 goto sched_wq;
607 }
608
609 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
610
611 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
612 if (rc) {
613 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
614 " result %d", rc);
615 dev->wq_in_error = rc;
616 goto sched_wq;
617 }
618
619 return;
620
621 sched_wq:
622 dev->wq_in_frame = NULL;
623 queue_work(dev->wq, &dev->cmd_complete_work);
624 }
625
626 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
627 {
628 dev->in_urb->complete = pn533_recv_ack;
629
630 return usb_submit_urb(dev->in_urb, flags);
631 }
632
633 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
634 {
635 int rc;
636
637 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
638
639 pn533_tx_frame_ack(dev->out_frame);
640
641 dev->out_urb->transfer_buffer = dev->out_frame;
642 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
643 rc = usb_submit_urb(dev->out_urb, flags);
644
645 return rc;
646 }
647
648 static int __pn533_send_cmd_frame_async(struct pn533 *dev,
649 struct pn533_frame *out_frame,
650 struct pn533_frame *in_frame,
651 int in_frame_len,
652 pn533_cmd_complete_t cmd_complete,
653 void *arg, gfp_t flags)
654 {
655 int rc;
656
657 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
658 PN533_FRAME_CMD(out_frame));
659
660 dev->cmd = PN533_FRAME_CMD(out_frame);
661 dev->cmd_complete = cmd_complete;
662 dev->cmd_complete_arg = arg;
663
664 dev->out_urb->transfer_buffer = out_frame;
665 dev->out_urb->transfer_buffer_length =
666 PN533_FRAME_SIZE(out_frame);
667
668 dev->in_urb->transfer_buffer = in_frame;
669 dev->in_urb->transfer_buffer_length = in_frame_len;
670
671 rc = usb_submit_urb(dev->out_urb, flags);
672 if (rc)
673 return rc;
674
675 rc = pn533_submit_urb_for_ack(dev, flags);
676 if (rc)
677 goto error;
678
679 return 0;
680
681 error:
682 usb_unlink_urb(dev->out_urb);
683 return rc;
684 }
685
686 static void pn533_wq_cmd(struct work_struct *work)
687 {
688 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
689 struct pn533_cmd *cmd;
690
691 mutex_lock(&dev->cmd_lock);
692
693 if (list_empty(&dev->cmd_queue)) {
694 dev->cmd_pending = 0;
695 mutex_unlock(&dev->cmd_lock);
696 return;
697 }
698
699 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue);
700
701 mutex_unlock(&dev->cmd_lock);
702
703 __pn533_send_cmd_frame_async(dev, cmd->out_frame, cmd->in_frame,
704 cmd->in_frame_len, cmd->cmd_complete,
705 cmd->arg, cmd->flags);
706
707 list_del(&cmd->queue);
708 kfree(cmd);
709 }
710
711 static int pn533_send_cmd_frame_async(struct pn533 *dev,
712 struct pn533_frame *out_frame,
713 struct pn533_frame *in_frame,
714 int in_frame_len,
715 pn533_cmd_complete_t cmd_complete,
716 void *arg, gfp_t flags)
717 {
718 struct pn533_cmd *cmd;
719 int rc = 0;
720
721 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
722
723 mutex_lock(&dev->cmd_lock);
724
725 if (!dev->cmd_pending) {
726 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
727 in_frame_len, cmd_complete,
728 arg, flags);
729 if (!rc)
730 dev->cmd_pending = 1;
731
732 goto unlock;
733 }
734
735 nfc_dev_dbg(&dev->interface->dev, "%s Queueing command", __func__);
736
737 cmd = kzalloc(sizeof(struct pn533_cmd), flags);
738 if (!cmd) {
739 rc = -ENOMEM;
740 goto unlock;
741 }
742
743 INIT_LIST_HEAD(&cmd->queue);
744 cmd->out_frame = out_frame;
745 cmd->in_frame = in_frame;
746 cmd->in_frame_len = in_frame_len;
747 cmd->cmd_complete = cmd_complete;
748 cmd->arg = arg;
749 cmd->flags = flags;
750
751 list_add_tail(&cmd->queue, &dev->cmd_queue);
752
753 unlock:
754 mutex_unlock(&dev->cmd_lock);
755
756 return rc;
757 }
758
759 struct pn533_sync_cmd_response {
760 int rc;
761 struct completion done;
762 };
763
764 static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg,
765 u8 *params, int params_len)
766 {
767 struct pn533_sync_cmd_response *arg = _arg;
768
769 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
770
771 arg->rc = 0;
772
773 if (params_len < 0) /* error */
774 arg->rc = params_len;
775
776 complete(&arg->done);
777
778 return 0;
779 }
780
781 static int pn533_send_cmd_frame_sync(struct pn533 *dev,
782 struct pn533_frame *out_frame,
783 struct pn533_frame *in_frame,
784 int in_frame_len)
785 {
786 int rc;
787 struct pn533_sync_cmd_response arg;
788
789 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
790
791 init_completion(&arg.done);
792
793 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len,
794 pn533_sync_cmd_complete, &arg, GFP_KERNEL);
795 if (rc)
796 return rc;
797
798 wait_for_completion(&arg.done);
799
800 return arg.rc;
801 }
802
803 static void pn533_send_complete(struct urb *urb)
804 {
805 struct pn533 *dev = urb->context;
806
807 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
808
809 switch (urb->status) {
810 case 0:
811 /* success */
812 break;
813 case -ECONNRESET:
814 case -ENOENT:
815 case -ESHUTDOWN:
816 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
817 " status: %d", urb->status);
818 break;
819 default:
820 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
821 " %d", urb->status);
822 }
823 }
824
825 struct pn533_target_type_a {
826 __be16 sens_res;
827 u8 sel_res;
828 u8 nfcid_len;
829 u8 nfcid_data[];
830 } __packed;
831
832
833 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
834 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
835 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
836
837 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
838 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
839
840 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
841 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
842
843 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
844 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
845 #define PN533_TYPE_A_SEL_PROT_DEP 2
846 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
847
848 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
849 int target_data_len)
850 {
851 u8 ssd;
852 u8 platconf;
853
854 if (target_data_len < sizeof(struct pn533_target_type_a))
855 return false;
856
857 /* The lenght check of nfcid[] and ats[] are not being performed because
858 the values are not being used */
859
860 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
861 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
862 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
863
864 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
865 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
866 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
867 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
868 return false;
869
870 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
871 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
872 return false;
873
874 return true;
875 }
876
877 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
878 int tgt_data_len)
879 {
880 struct pn533_target_type_a *tgt_type_a;
881
882 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
883
884 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
885 return -EPROTO;
886
887 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
888 case PN533_TYPE_A_SEL_PROT_MIFARE:
889 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
890 break;
891 case PN533_TYPE_A_SEL_PROT_ISO14443:
892 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
893 break;
894 case PN533_TYPE_A_SEL_PROT_DEP:
895 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
896 break;
897 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
898 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
899 NFC_PROTO_NFC_DEP_MASK;
900 break;
901 }
902
903 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
904 nfc_tgt->sel_res = tgt_type_a->sel_res;
905 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
906 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
907
908 return 0;
909 }
910
911 struct pn533_target_felica {
912 u8 pol_res;
913 u8 opcode;
914 u8 nfcid2[8];
915 u8 pad[8];
916 /* optional */
917 u8 syst_code[];
918 } __packed;
919
920 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
921 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
922
923 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
924 int target_data_len)
925 {
926 if (target_data_len < sizeof(struct pn533_target_felica))
927 return false;
928
929 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
930 return false;
931
932 return true;
933 }
934
935 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
936 int tgt_data_len)
937 {
938 struct pn533_target_felica *tgt_felica;
939
940 tgt_felica = (struct pn533_target_felica *) tgt_data;
941
942 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
943 return -EPROTO;
944
945 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
946 tgt_felica->nfcid2[1] ==
947 PN533_FELICA_SENSF_NFCID2_DEP_B2)
948 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
949 else
950 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
951
952 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
953 nfc_tgt->sensf_res_len = 9;
954
955 return 0;
956 }
957
958 struct pn533_target_jewel {
959 __be16 sens_res;
960 u8 jewelid[4];
961 } __packed;
962
963 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
964 int target_data_len)
965 {
966 u8 ssd;
967 u8 platconf;
968
969 if (target_data_len < sizeof(struct pn533_target_jewel))
970 return false;
971
972 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
973 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
974 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
975
976 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
977 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
978 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
979 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
980 return false;
981
982 return true;
983 }
984
985 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
986 int tgt_data_len)
987 {
988 struct pn533_target_jewel *tgt_jewel;
989
990 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
991
992 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
993 return -EPROTO;
994
995 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
996 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
997 nfc_tgt->nfcid1_len = 4;
998 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
999
1000 return 0;
1001 }
1002
1003 struct pn533_type_b_prot_info {
1004 u8 bitrate;
1005 u8 fsci_type;
1006 u8 fwi_adc_fo;
1007 } __packed;
1008
1009 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
1010 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
1011 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
1012
1013 struct pn533_type_b_sens_res {
1014 u8 opcode;
1015 u8 nfcid[4];
1016 u8 appdata[4];
1017 struct pn533_type_b_prot_info prot_info;
1018 } __packed;
1019
1020 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
1021
1022 struct pn533_target_type_b {
1023 struct pn533_type_b_sens_res sensb_res;
1024 u8 attrib_res_len;
1025 u8 attrib_res[];
1026 } __packed;
1027
1028 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
1029 int target_data_len)
1030 {
1031 if (target_data_len < sizeof(struct pn533_target_type_b))
1032 return false;
1033
1034 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
1035 return false;
1036
1037 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
1038 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
1039 return false;
1040
1041 return true;
1042 }
1043
1044 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
1045 int tgt_data_len)
1046 {
1047 struct pn533_target_type_b *tgt_type_b;
1048
1049 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
1050
1051 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
1052 return -EPROTO;
1053
1054 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK;
1055
1056 return 0;
1057 }
1058
1059 struct pn533_poll_response {
1060 u8 nbtg;
1061 u8 tg;
1062 u8 target_data[];
1063 } __packed;
1064
1065 static int pn533_target_found(struct pn533 *dev,
1066 struct pn533_poll_response *resp, int resp_len)
1067 {
1068 int target_data_len;
1069 struct nfc_target nfc_tgt;
1070 int rc;
1071
1072 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
1073 dev->poll_mod_curr);
1074
1075 if (resp->tg != 1)
1076 return -EPROTO;
1077
1078 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
1079
1080 target_data_len = resp_len - sizeof(struct pn533_poll_response);
1081
1082 switch (dev->poll_mod_curr) {
1083 case PN533_POLL_MOD_106KBPS_A:
1084 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
1085 target_data_len);
1086 break;
1087 case PN533_POLL_MOD_212KBPS_FELICA:
1088 case PN533_POLL_MOD_424KBPS_FELICA:
1089 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
1090 target_data_len);
1091 break;
1092 case PN533_POLL_MOD_106KBPS_JEWEL:
1093 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
1094 target_data_len);
1095 break;
1096 case PN533_POLL_MOD_847KBPS_B:
1097 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
1098 target_data_len);
1099 break;
1100 default:
1101 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
1102 " modulation");
1103 return -EPROTO;
1104 }
1105
1106 if (rc)
1107 return rc;
1108
1109 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
1110 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
1111 " have the desired protocol");
1112 return -EAGAIN;
1113 }
1114
1115 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
1116 "0x%x", nfc_tgt.supported_protocols);
1117
1118 dev->tgt_available_prots = nfc_tgt.supported_protocols;
1119
1120 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
1121
1122 return 0;
1123 }
1124
1125 static inline void pn533_poll_next_mod(struct pn533 *dev)
1126 {
1127 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1128 }
1129
1130 static void pn533_poll_reset_mod_list(struct pn533 *dev)
1131 {
1132 dev->poll_mod_count = 0;
1133 }
1134
1135 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1136 {
1137 dev->poll_mod_active[dev->poll_mod_count] =
1138 (struct pn533_poll_modulations *) &poll_mod[mod_index];
1139 dev->poll_mod_count++;
1140 }
1141
1142 static void pn533_poll_create_mod_list(struct pn533 *dev,
1143 u32 im_protocols, u32 tm_protocols)
1144 {
1145 pn533_poll_reset_mod_list(dev);
1146
1147 if (im_protocols & NFC_PROTO_MIFARE_MASK
1148 || im_protocols & NFC_PROTO_ISO14443_MASK
1149 || im_protocols & NFC_PROTO_NFC_DEP_MASK)
1150 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1151
1152 if (im_protocols & NFC_PROTO_FELICA_MASK
1153 || im_protocols & NFC_PROTO_NFC_DEP_MASK) {
1154 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1155 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1156 }
1157
1158 if (im_protocols & NFC_PROTO_JEWEL_MASK)
1159 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
1160
1161 if (im_protocols & NFC_PROTO_ISO14443_B_MASK)
1162 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1163
1164 if (tm_protocols)
1165 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1166 }
1167
1168 static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1169 u8 *params, int params_len)
1170 {
1171 struct pn533_poll_response *resp;
1172 int rc;
1173
1174 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1175
1176 resp = (struct pn533_poll_response *) params;
1177 if (resp->nbtg) {
1178 rc = pn533_target_found(dev, resp, params_len);
1179
1180 /* We must stop the poll after a valid target found */
1181 if (rc == 0) {
1182 pn533_poll_reset_mod_list(dev);
1183 return 0;
1184 }
1185 }
1186
1187 return -EAGAIN;
1188 }
1189
1190 static int pn533_init_target_frame(struct pn533_frame *frame,
1191 u8 *gb, size_t gb_len)
1192 {
1193 struct pn533_cmd_init_target *cmd;
1194 size_t cmd_len;
1195 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1196 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1197 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1198 0xff, 0xff}; /* System code */
1199 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1200 0x0, 0x0, 0x0,
1201 0x40}; /* SEL_RES for DEP */
1202
1203 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1;
1204 cmd = kzalloc(cmd_len, GFP_KERNEL);
1205 if (cmd == NULL)
1206 return -ENOMEM;
1207
1208 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET);
1209
1210 /* DEP support only */
1211 cmd->mode |= PN533_INIT_TARGET_DEP;
1212
1213 /* Felica params */
1214 memcpy(cmd->felica, felica_params, 18);
1215 get_random_bytes(cmd->felica + 2, 6);
1216
1217 /* NFCID3 */
1218 memset(cmd->nfcid3, 0, 10);
1219 memcpy(cmd->nfcid3, cmd->felica, 8);
1220
1221 /* MIFARE params */
1222 memcpy(cmd->mifare, mifare_params, 6);
1223
1224 /* General bytes */
1225 cmd->gb_len = gb_len;
1226 memcpy(cmd->gb, gb, gb_len);
1227
1228 /* Len Tk */
1229 cmd->gb[gb_len] = 0;
1230
1231 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1232
1233 frame->datalen += cmd_len;
1234
1235 pn533_tx_frame_finish(frame);
1236
1237 kfree(cmd);
1238
1239 return 0;
1240 }
1241
1242 #define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1243 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1244 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1245 u8 *params, int params_len)
1246 {
1247 struct sk_buff *skb_resp = arg;
1248 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1249
1250 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1251
1252 if (params_len < 0) {
1253 nfc_dev_err(&dev->interface->dev,
1254 "Error %d when starting as a target",
1255 params_len);
1256
1257 return params_len;
1258 }
1259
1260 if (params_len > 0 && params[0] != 0) {
1261 nfc_tm_deactivated(dev->nfc_dev);
1262
1263 dev->tgt_mode = 0;
1264
1265 kfree_skb(skb_resp);
1266 return 0;
1267 }
1268
1269 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1270 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1271 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1272
1273 return nfc_tm_data_received(dev->nfc_dev, skb_resp);
1274 }
1275
1276 static void pn533_wq_tg_get_data(struct work_struct *work)
1277 {
1278 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1279 struct pn533_frame *in_frame;
1280 struct sk_buff *skb_resp;
1281 size_t skb_resp_len;
1282
1283 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1284
1285 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1286 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1287 PN533_FRAME_TAIL_SIZE;
1288
1289 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1290 if (!skb_resp)
1291 return;
1292
1293 in_frame = (struct pn533_frame *)skb_resp->data;
1294
1295 pn533_tx_frame_init(dev->out_frame, PN533_CMD_TG_GET_DATA);
1296 pn533_tx_frame_finish(dev->out_frame);
1297
1298 pn533_send_cmd_frame_async(dev, dev->out_frame, in_frame,
1299 skb_resp_len,
1300 pn533_tm_get_data_complete,
1301 skb_resp, GFP_KERNEL);
1302
1303 return;
1304 }
1305
1306 #define ATR_REQ_GB_OFFSET 17
1307 static int pn533_init_target_complete(struct pn533 *dev, void *arg,
1308 u8 *params, int params_len)
1309 {
1310 struct pn533_cmd_init_target_response *resp;
1311 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1312 size_t gb_len;
1313 int rc;
1314
1315 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1316
1317 if (params_len < 0) {
1318 nfc_dev_err(&dev->interface->dev,
1319 "Error %d when starting as a target",
1320 params_len);
1321
1322 return params_len;
1323 }
1324
1325 if (params_len < ATR_REQ_GB_OFFSET + 1)
1326 return -EINVAL;
1327
1328 resp = (struct pn533_cmd_init_target_response *) params;
1329
1330 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n",
1331 resp->mode, params_len);
1332
1333 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK;
1334 if (frame == PN533_INIT_TARGET_RESP_ACTIVE)
1335 comm_mode = NFC_COMM_ACTIVE;
1336
1337 /* Again, only DEP */
1338 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1339 return -EOPNOTSUPP;
1340
1341 gb = resp->cmd + ATR_REQ_GB_OFFSET;
1342 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1);
1343
1344 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1345 comm_mode, gb, gb_len);
1346 if (rc < 0) {
1347 nfc_dev_err(&dev->interface->dev,
1348 "Error when signaling target activation");
1349 return rc;
1350 }
1351
1352 dev->tgt_mode = 1;
1353
1354 queue_work(dev->wq, &dev->tg_work);
1355
1356 return 0;
1357 }
1358
1359 static void pn533_listen_mode_timer(unsigned long data)
1360 {
1361 struct pn533 *dev = (struct pn533 *) data;
1362
1363 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout");
1364
1365 /* An ack will cancel the last issued command (poll) */
1366 pn533_send_ack(dev, GFP_ATOMIC);
1367
1368 dev->cancel_listen = 1;
1369
1370 pn533_poll_next_mod(dev);
1371
1372 queue_work(dev->wq, &dev->poll_work);
1373 }
1374
1375 static int pn533_poll_complete(struct pn533 *dev, void *arg,
1376 u8 *params, int params_len)
1377 {
1378 struct pn533_poll_modulations *cur_mod;
1379 int rc;
1380
1381 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1382
1383 if (params_len == -ENOENT) {
1384 if (dev->poll_mod_count != 0)
1385 return 0;
1386
1387 nfc_dev_err(&dev->interface->dev,
1388 "Polling operation has been stopped");
1389
1390 goto stop_poll;
1391 }
1392
1393 if (params_len < 0) {
1394 nfc_dev_err(&dev->interface->dev,
1395 "Error %d when running poll", params_len);
1396
1397 goto stop_poll;
1398 }
1399
1400 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1401
1402 if (cur_mod->len == 0) {
1403 del_timer(&dev->listen_timer);
1404
1405 return pn533_init_target_complete(dev, arg, params, params_len);
1406 } else {
1407 rc = pn533_start_poll_complete(dev, arg, params, params_len);
1408 if (!rc)
1409 return rc;
1410 }
1411
1412 pn533_poll_next_mod(dev);
1413
1414 queue_work(dev->wq, &dev->poll_work);
1415
1416 return 0;
1417
1418 stop_poll:
1419 pn533_poll_reset_mod_list(dev);
1420 dev->poll_protocols = 0;
1421 return 0;
1422 }
1423
1424 static void pn533_build_poll_frame(struct pn533 *dev,
1425 struct pn533_frame *frame,
1426 struct pn533_poll_modulations *mod)
1427 {
1428 nfc_dev_dbg(&dev->interface->dev, "mod len %d\n", mod->len);
1429
1430 if (mod->len == 0) {
1431 /* Listen mode */
1432 pn533_init_target_frame(frame, dev->gb, dev->gb_len);
1433 } else {
1434 /* Polling mode */
1435 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1436
1437 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1438 frame->datalen += mod->len;
1439
1440 pn533_tx_frame_finish(frame);
1441 }
1442 }
1443
1444 static int pn533_send_poll_frame(struct pn533 *dev)
1445 {
1446 struct pn533_poll_modulations *cur_mod;
1447 int rc;
1448
1449 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1450
1451 pn533_build_poll_frame(dev, dev->out_frame, cur_mod);
1452
1453 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1454 dev->in_maxlen, pn533_poll_complete,
1455 NULL, GFP_KERNEL);
1456 if (rc)
1457 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc);
1458
1459 return rc;
1460 }
1461
1462 static void pn533_wq_poll(struct work_struct *work)
1463 {
1464 struct pn533 *dev = container_of(work, struct pn533, poll_work);
1465 struct pn533_poll_modulations *cur_mod;
1466 int rc;
1467
1468 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1469
1470 nfc_dev_dbg(&dev->interface->dev,
1471 "%s cancel_listen %d modulation len %d",
1472 __func__, dev->cancel_listen, cur_mod->len);
1473
1474 if (dev->cancel_listen == 1) {
1475 dev->cancel_listen = 0;
1476 usb_kill_urb(dev->in_urb);
1477 }
1478
1479 rc = pn533_send_poll_frame(dev);
1480 if (rc)
1481 return;
1482
1483 if (cur_mod->len == 0 && dev->poll_mod_count > 1)
1484 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
1485
1486 return;
1487 }
1488
1489 static int pn533_start_poll(struct nfc_dev *nfc_dev,
1490 u32 im_protocols, u32 tm_protocols)
1491 {
1492 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1493
1494 nfc_dev_dbg(&dev->interface->dev,
1495 "%s: im protocols 0x%x tm protocols 0x%x",
1496 __func__, im_protocols, tm_protocols);
1497
1498 if (dev->tgt_active_prot) {
1499 nfc_dev_err(&dev->interface->dev,
1500 "Cannot poll with a target already activated");
1501 return -EBUSY;
1502 }
1503
1504 if (dev->tgt_mode) {
1505 nfc_dev_err(&dev->interface->dev,
1506 "Cannot poll while already being activated");
1507 return -EBUSY;
1508 }
1509
1510 if (tm_protocols) {
1511 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
1512 if (dev->gb == NULL)
1513 tm_protocols = 0;
1514 }
1515
1516 dev->poll_mod_curr = 0;
1517 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols);
1518 dev->poll_protocols = im_protocols;
1519 dev->listen_protocols = tm_protocols;
1520
1521 return pn533_send_poll_frame(dev);
1522 }
1523
1524 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1525 {
1526 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1527
1528 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1529
1530 del_timer(&dev->listen_timer);
1531
1532 if (!dev->poll_mod_count) {
1533 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1534 " running");
1535 return;
1536 }
1537
1538 /* An ack will cancel the last issued command (poll) */
1539 pn533_send_ack(dev, GFP_KERNEL);
1540
1541 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1542 usb_kill_urb(dev->in_urb);
1543
1544 pn533_poll_reset_mod_list(dev);
1545 }
1546
1547 static int pn533_activate_target_nfcdep(struct pn533 *dev)
1548 {
1549 struct pn533_cmd_activate_param param;
1550 struct pn533_cmd_activate_response *resp;
1551 u16 gt_len;
1552 int rc;
1553
1554 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1555
1556 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR);
1557
1558 param.tg = 1;
1559 param.next = 0;
1560 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &param,
1561 sizeof(struct pn533_cmd_activate_param));
1562 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1563
1564 pn533_tx_frame_finish(dev->out_frame);
1565
1566 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1567 dev->in_maxlen);
1568 if (rc)
1569 return rc;
1570
1571 resp = (struct pn533_cmd_activate_response *)
1572 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1573 rc = resp->status & PN533_CMD_RET_MASK;
1574 if (rc != PN533_CMD_RET_SUCCESS)
1575 return -EIO;
1576
1577 /* ATR_RES general bytes are located at offset 16 */
1578 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16;
1579 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len);
1580
1581 return rc;
1582 }
1583
1584 static int pn533_activate_target(struct nfc_dev *nfc_dev,
1585 struct nfc_target *target, u32 protocol)
1586 {
1587 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1588 int rc;
1589
1590 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1591 protocol);
1592
1593 if (dev->poll_mod_count) {
1594 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1595 " polling");
1596 return -EBUSY;
1597 }
1598
1599 if (dev->tgt_active_prot) {
1600 nfc_dev_err(&dev->interface->dev, "There is already an active"
1601 " target");
1602 return -EBUSY;
1603 }
1604
1605 if (!dev->tgt_available_prots) {
1606 nfc_dev_err(&dev->interface->dev, "There is no available target"
1607 " to activate");
1608 return -EINVAL;
1609 }
1610
1611 if (!(dev->tgt_available_prots & (1 << protocol))) {
1612 nfc_dev_err(&dev->interface->dev, "The target does not support"
1613 " the requested protocol %u", protocol);
1614 return -EINVAL;
1615 }
1616
1617 if (protocol == NFC_PROTO_NFC_DEP) {
1618 rc = pn533_activate_target_nfcdep(dev);
1619 if (rc) {
1620 nfc_dev_err(&dev->interface->dev, "Error %d when"
1621 " activating target with"
1622 " NFC_DEP protocol", rc);
1623 return rc;
1624 }
1625 }
1626
1627 dev->tgt_active_prot = protocol;
1628 dev->tgt_available_prots = 0;
1629
1630 return 0;
1631 }
1632
1633 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1634 struct nfc_target *target)
1635 {
1636 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1637 u8 tg;
1638 u8 status;
1639 int rc;
1640
1641 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1642
1643 if (!dev->tgt_active_prot) {
1644 nfc_dev_err(&dev->interface->dev, "There is no active target");
1645 return;
1646 }
1647
1648 dev->tgt_active_prot = 0;
1649
1650 skb_queue_purge(&dev->resp_q);
1651
1652 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE);
1653
1654 tg = 1;
1655 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1656 dev->out_frame->datalen += sizeof(u8);
1657
1658 pn533_tx_frame_finish(dev->out_frame);
1659
1660 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1661 dev->in_maxlen);
1662 if (rc) {
1663 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1664 " command to the controller");
1665 return;
1666 }
1667
1668 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0];
1669 rc = status & PN533_CMD_RET_MASK;
1670 if (rc != PN533_CMD_RET_SUCCESS)
1671 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1672 " the target", rc);
1673
1674 return;
1675 }
1676
1677
1678 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1679 u8 *params, int params_len)
1680 {
1681 struct pn533_cmd_jump_dep *cmd;
1682 struct pn533_cmd_jump_dep_response *resp;
1683 struct nfc_target nfc_target;
1684 u8 target_gt_len;
1685 int rc;
1686
1687 if (params_len == -ENOENT) {
1688 nfc_dev_dbg(&dev->interface->dev, "");
1689 return 0;
1690 }
1691
1692 if (params_len < 0) {
1693 nfc_dev_err(&dev->interface->dev,
1694 "Error %d when bringing DEP link up",
1695 params_len);
1696 return 0;
1697 }
1698
1699 if (dev->tgt_available_prots &&
1700 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1701 nfc_dev_err(&dev->interface->dev,
1702 "The target does not support DEP");
1703 return -EINVAL;
1704 }
1705
1706 resp = (struct pn533_cmd_jump_dep_response *) params;
1707 cmd = (struct pn533_cmd_jump_dep *) arg;
1708 rc = resp->status & PN533_CMD_RET_MASK;
1709 if (rc != PN533_CMD_RET_SUCCESS) {
1710 nfc_dev_err(&dev->interface->dev,
1711 "Bringing DEP link up failed %d", rc);
1712 return 0;
1713 }
1714
1715 if (!dev->tgt_available_prots) {
1716 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1717
1718 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1719 nfc_target.nfcid1_len = 10;
1720 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len);
1721 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1722 if (rc)
1723 return 0;
1724
1725 dev->tgt_available_prots = 0;
1726 }
1727
1728 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1729
1730 /* ATR_RES general bytes are located at offset 17 */
1731 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17;
1732 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1733 resp->gt, target_gt_len);
1734 if (rc == 0)
1735 rc = nfc_dep_link_is_up(dev->nfc_dev,
1736 dev->nfc_dev->targets[0].idx,
1737 !cmd->active, NFC_RF_INITIATOR);
1738
1739 return 0;
1740 }
1741
1742 static int pn533_mod_to_baud(struct pn533 *dev)
1743 {
1744 switch (dev->poll_mod_curr) {
1745 case PN533_POLL_MOD_106KBPS_A:
1746 return 0;
1747 case PN533_POLL_MOD_212KBPS_FELICA:
1748 return 1;
1749 case PN533_POLL_MOD_424KBPS_FELICA:
1750 return 2;
1751 default:
1752 return -EINVAL;
1753 }
1754 }
1755
1756 #define PASSIVE_DATA_LEN 5
1757 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1758 u8 comm_mode, u8* gb, size_t gb_len)
1759 {
1760 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1761 struct pn533_cmd_jump_dep *cmd;
1762 u8 cmd_len, *data_ptr;
1763 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1764 int rc, baud;
1765
1766 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1767
1768 if (dev->poll_mod_count) {
1769 nfc_dev_err(&dev->interface->dev,
1770 "Cannot bring the DEP link up while polling");
1771 return -EBUSY;
1772 }
1773
1774 if (dev->tgt_active_prot) {
1775 nfc_dev_err(&dev->interface->dev,
1776 "There is already an active target");
1777 return -EBUSY;
1778 }
1779
1780 baud = pn533_mod_to_baud(dev);
1781 if (baud < 0) {
1782 nfc_dev_err(&dev->interface->dev,
1783 "Invalid curr modulation %d", dev->poll_mod_curr);
1784 return baud;
1785 }
1786
1787 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1788 if (comm_mode == NFC_COMM_PASSIVE)
1789 cmd_len += PASSIVE_DATA_LEN;
1790
1791 cmd = kzalloc(cmd_len, GFP_KERNEL);
1792 if (cmd == NULL)
1793 return -ENOMEM;
1794
1795 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1796
1797 cmd->active = !comm_mode;
1798 cmd->next = 0;
1799 cmd->baud = baud;
1800 data_ptr = cmd->data;
1801 if (comm_mode == NFC_COMM_PASSIVE && cmd->baud > 0) {
1802 memcpy(data_ptr, passive_data, PASSIVE_DATA_LEN);
1803 cmd->next |= 1;
1804 data_ptr += PASSIVE_DATA_LEN;
1805 }
1806
1807 if (gb != NULL && gb_len > 0) {
1808 cmd->next |= 4; /* We have some Gi */
1809 memcpy(data_ptr, gb, gb_len);
1810 } else {
1811 cmd->next = 0;
1812 }
1813
1814 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len);
1815 dev->out_frame->datalen += cmd_len;
1816
1817 pn533_tx_frame_finish(dev->out_frame);
1818
1819 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1820 dev->in_maxlen, pn533_in_dep_link_up_complete,
1821 cmd, GFP_KERNEL);
1822 if (rc)
1823 goto out;
1824
1825
1826 out:
1827 kfree(cmd);
1828
1829 return rc;
1830 }
1831
1832 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1833 {
1834 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1835
1836 pn533_poll_reset_mod_list(dev);
1837
1838 if (dev->tgt_mode || dev->tgt_active_prot) {
1839 pn533_send_ack(dev, GFP_KERNEL);
1840 usb_kill_urb(dev->in_urb);
1841 }
1842
1843 dev->tgt_active_prot = 0;
1844 dev->tgt_mode = 0;
1845
1846 skb_queue_purge(&dev->resp_q);
1847
1848 return 0;
1849 }
1850
1851 static int pn533_build_tx_frame(struct pn533 *dev, struct sk_buff *skb,
1852 bool target)
1853 {
1854 int payload_len = skb->len;
1855 struct pn533_frame *out_frame;
1856 u8 tg;
1857
1858 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1859 payload_len);
1860
1861 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1862 /* TODO: Implement support to multi-part data exchange */
1863 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1864 " max allowed: %d",
1865 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1866 return -ENOSYS;
1867 }
1868
1869 if (target == true) {
1870 switch (dev->device_type) {
1871 case PN533_DEVICE_PASORI:
1872 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
1873 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1874 out_frame = (struct pn533_frame *) skb->data;
1875 pn533_tx_frame_init(out_frame,
1876 PN533_CMD_IN_COMM_THRU);
1877
1878 break;
1879 }
1880
1881 default:
1882 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1883 out_frame = (struct pn533_frame *) skb->data;
1884 pn533_tx_frame_init(out_frame,
1885 PN533_CMD_IN_DATA_EXCHANGE);
1886 tg = 1;
1887 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame),
1888 &tg, sizeof(u8));
1889 out_frame->datalen += sizeof(u8);
1890
1891 break;
1892 }
1893
1894 } else {
1895 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1896 out_frame = (struct pn533_frame *) skb->data;
1897 pn533_tx_frame_init(out_frame, PN533_CMD_TG_SET_DATA);
1898 }
1899
1900
1901 /* The data is already in the out_frame, just update the datalen */
1902 out_frame->datalen += payload_len;
1903
1904 pn533_tx_frame_finish(out_frame);
1905 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1906
1907 return 0;
1908 }
1909
1910 struct pn533_data_exchange_arg {
1911 struct sk_buff *skb_resp;
1912 struct sk_buff *skb_out;
1913 data_exchange_cb_t cb;
1914 void *cb_context;
1915 };
1916
1917 static struct sk_buff *pn533_build_response(struct pn533 *dev)
1918 {
1919 struct sk_buff *skb, *tmp, *t;
1920 unsigned int skb_len = 0, tmp_len = 0;
1921
1922 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
1923
1924 if (skb_queue_empty(&dev->resp_q))
1925 return NULL;
1926
1927 if (skb_queue_len(&dev->resp_q) == 1) {
1928 skb = skb_dequeue(&dev->resp_q);
1929 goto out;
1930 }
1931
1932 skb_queue_walk_safe(&dev->resp_q, tmp, t)
1933 skb_len += tmp->len;
1934
1935 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
1936 __func__, skb_len);
1937
1938 skb = alloc_skb(skb_len, GFP_KERNEL);
1939 if (skb == NULL)
1940 goto out;
1941
1942 skb_put(skb, skb_len);
1943
1944 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
1945 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
1946 tmp_len += tmp->len;
1947 }
1948
1949 out:
1950 skb_queue_purge(&dev->resp_q);
1951
1952 return skb;
1953 }
1954
1955 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1956 u8 *params, int params_len)
1957 {
1958 struct pn533_data_exchange_arg *arg = _arg;
1959 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp;
1960 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1961 int err = 0;
1962 u8 status;
1963 u8 cmd_ret;
1964
1965 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1966
1967 dev_kfree_skb(arg->skb_out);
1968
1969 if (params_len < 0) { /* error */
1970 err = params_len;
1971 goto error;
1972 }
1973
1974 status = params[0];
1975
1976 cmd_ret = status & PN533_CMD_RET_MASK;
1977 if (cmd_ret != PN533_CMD_RET_SUCCESS) {
1978 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when"
1979 " exchanging data", cmd_ret);
1980 err = -EIO;
1981 goto error;
1982 }
1983
1984 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1985 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1986 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1987 skb_queue_tail(&dev->resp_q, skb_resp);
1988
1989 if (status & PN533_CMD_MI_MASK) {
1990 queue_work(dev->wq, &dev->mi_work);
1991 return -EINPROGRESS;
1992 }
1993
1994 skb = pn533_build_response(dev);
1995 if (skb == NULL)
1996 goto error;
1997
1998 arg->cb(arg->cb_context, skb, 0);
1999 kfree(arg);
2000 return 0;
2001
2002 error:
2003 skb_queue_purge(&dev->resp_q);
2004 dev_kfree_skb(skb_resp);
2005 arg->cb(arg->cb_context, NULL, err);
2006 kfree(arg);
2007 return 0;
2008 }
2009
2010 static int pn533_transceive(struct nfc_dev *nfc_dev,
2011 struct nfc_target *target, struct sk_buff *skb,
2012 data_exchange_cb_t cb, void *cb_context)
2013 {
2014 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2015 struct pn533_frame *out_frame, *in_frame;
2016 struct pn533_data_exchange_arg *arg;
2017 struct sk_buff *skb_resp;
2018 int skb_resp_len;
2019 int rc;
2020
2021 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2022
2023 if (!dev->tgt_active_prot) {
2024 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
2025 " there is no active target");
2026 rc = -EINVAL;
2027 goto error;
2028 }
2029
2030 rc = pn533_build_tx_frame(dev, skb, true);
2031 if (rc)
2032 goto error;
2033
2034 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
2035 PN533_CMD_DATAEXCH_DATA_MAXLEN +
2036 PN533_FRAME_TAIL_SIZE;
2037
2038 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
2039 if (!skb_resp) {
2040 rc = -ENOMEM;
2041 goto error;
2042 }
2043
2044 in_frame = (struct pn533_frame *) skb_resp->data;
2045 out_frame = (struct pn533_frame *) skb->data;
2046
2047 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
2048 if (!arg) {
2049 rc = -ENOMEM;
2050 goto free_skb_resp;
2051 }
2052
2053 arg->skb_resp = skb_resp;
2054 arg->skb_out = skb;
2055 arg->cb = cb;
2056 arg->cb_context = cb_context;
2057
2058 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len,
2059 pn533_data_exchange_complete, arg,
2060 GFP_KERNEL);
2061 if (rc) {
2062 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
2063 " perform data_exchange", rc);
2064 goto free_arg;
2065 }
2066
2067 return 0;
2068
2069 free_arg:
2070 kfree(arg);
2071 free_skb_resp:
2072 kfree_skb(skb_resp);
2073 error:
2074 kfree_skb(skb);
2075 return rc;
2076 }
2077
2078 static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2079 u8 *params, int params_len)
2080 {
2081 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2082
2083 if (params_len < 0) {
2084 nfc_dev_err(&dev->interface->dev,
2085 "Error %d when sending data",
2086 params_len);
2087
2088 return params_len;
2089 }
2090
2091 if (params_len > 0 && params[0] != 0) {
2092 nfc_tm_deactivated(dev->nfc_dev);
2093
2094 dev->tgt_mode = 0;
2095
2096 return 0;
2097 }
2098
2099 queue_work(dev->wq, &dev->tg_work);
2100
2101 return 0;
2102 }
2103
2104 static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
2105 {
2106 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2107 struct pn533_frame *out_frame;
2108 int rc;
2109
2110 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2111
2112 rc = pn533_build_tx_frame(dev, skb, false);
2113 if (rc)
2114 goto error;
2115
2116 out_frame = (struct pn533_frame *) skb->data;
2117
2118 rc = pn533_send_cmd_frame_async(dev, out_frame, dev->in_frame,
2119 dev->in_maxlen, pn533_tm_send_complete,
2120 NULL, GFP_KERNEL);
2121 if (rc) {
2122 nfc_dev_err(&dev->interface->dev,
2123 "Error %d when trying to send data", rc);
2124 goto error;
2125 }
2126
2127 return 0;
2128
2129 error:
2130 kfree_skb(skb);
2131
2132 return rc;
2133 }
2134
2135 static void pn533_wq_mi_recv(struct work_struct *work)
2136 {
2137 struct pn533 *dev = container_of(work, struct pn533, mi_work);
2138 struct sk_buff *skb_cmd;
2139 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg;
2140 struct pn533_frame *out_frame, *in_frame;
2141 struct sk_buff *skb_resp;
2142 int skb_resp_len;
2143 int rc;
2144
2145 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2146
2147 /* This is a zero payload size skb */
2148 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE,
2149 GFP_KERNEL);
2150 if (skb_cmd == NULL)
2151 goto error_cmd;
2152
2153 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
2154
2155 rc = pn533_build_tx_frame(dev, skb_cmd, true);
2156 if (rc)
2157 goto error_frame;
2158
2159 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
2160 PN533_CMD_DATAEXCH_DATA_MAXLEN +
2161 PN533_FRAME_TAIL_SIZE;
2162 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL);
2163 if (!skb_resp) {
2164 rc = -ENOMEM;
2165 goto error_frame;
2166 }
2167
2168 in_frame = (struct pn533_frame *) skb_resp->data;
2169 out_frame = (struct pn533_frame *) skb_cmd->data;
2170
2171 arg->skb_resp = skb_resp;
2172 arg->skb_out = skb_cmd;
2173
2174 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
2175 skb_resp_len,
2176 pn533_data_exchange_complete,
2177 dev->cmd_complete_arg, GFP_KERNEL);
2178 if (!rc)
2179 return;
2180
2181 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
2182 " perform data_exchange", rc);
2183
2184 kfree_skb(skb_resp);
2185
2186 error_frame:
2187 kfree_skb(skb_cmd);
2188
2189 error_cmd:
2190 pn533_send_ack(dev, GFP_KERNEL);
2191
2192 kfree(arg);
2193
2194 queue_work(dev->wq, &dev->cmd_work);
2195 }
2196
2197 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
2198 u8 cfgdata_len)
2199 {
2200 int rc;
2201 u8 *params;
2202
2203 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2204
2205 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION);
2206
2207 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
2208 params[0] = cfgitem;
2209 memcpy(&params[1], cfgdata, cfgdata_len);
2210 dev->out_frame->datalen += (1 + cfgdata_len);
2211
2212 pn533_tx_frame_finish(dev->out_frame);
2213
2214 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2215 dev->in_maxlen);
2216
2217 return rc;
2218 }
2219
2220 static int pn533_fw_reset(struct pn533 *dev)
2221 {
2222 int rc;
2223 u8 *params;
2224
2225 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2226
2227 pn533_tx_frame_init(dev->out_frame, 0x18);
2228
2229 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
2230 params[0] = 0x1;
2231 dev->out_frame->datalen += 1;
2232
2233 pn533_tx_frame_finish(dev->out_frame);
2234
2235 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2236 dev->in_maxlen);
2237
2238 return rc;
2239 }
2240
2241 static struct nfc_ops pn533_nfc_ops = {
2242 .dev_up = NULL,
2243 .dev_down = NULL,
2244 .dep_link_up = pn533_dep_link_up,
2245 .dep_link_down = pn533_dep_link_down,
2246 .start_poll = pn533_start_poll,
2247 .stop_poll = pn533_stop_poll,
2248 .activate_target = pn533_activate_target,
2249 .deactivate_target = pn533_deactivate_target,
2250 .im_transceive = pn533_transceive,
2251 .tm_send = pn533_tm_send,
2252 };
2253
2254 static int pn533_setup(struct pn533 *dev)
2255 {
2256 struct pn533_config_max_retries max_retries;
2257 struct pn533_config_timing timing;
2258 u8 pasori_cfg[3] = {0x08, 0x01, 0x08};
2259 int rc;
2260
2261 switch (dev->device_type) {
2262 case PN533_DEVICE_STD:
2263 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
2264 max_retries.mx_rty_psl = 2;
2265 max_retries.mx_rty_passive_act =
2266 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2267
2268 timing.rfu = PN533_CONFIG_TIMING_102;
2269 timing.atr_res_timeout = PN533_CONFIG_TIMING_204;
2270 timing.dep_timeout = PN533_CONFIG_TIMING_409;
2271
2272 break;
2273
2274 case PN533_DEVICE_PASORI:
2275 max_retries.mx_rty_atr = 0x2;
2276 max_retries.mx_rty_psl = 0x1;
2277 max_retries.mx_rty_passive_act =
2278 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2279
2280 timing.rfu = PN533_CONFIG_TIMING_102;
2281 timing.atr_res_timeout = PN533_CONFIG_TIMING_102;
2282 timing.dep_timeout = PN533_CONFIG_TIMING_204;
2283
2284 break;
2285
2286 default:
2287 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2288 dev->device_type);
2289 return -EINVAL;
2290 }
2291
2292 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
2293 (u8 *)&max_retries, sizeof(max_retries));
2294 if (rc) {
2295 nfc_dev_err(&dev->interface->dev,
2296 "Error on setting MAX_RETRIES config");
2297 return rc;
2298 }
2299
2300
2301 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING,
2302 (u8 *)&timing, sizeof(timing));
2303 if (rc) {
2304 nfc_dev_err(&dev->interface->dev,
2305 "Error on setting RF timings");
2306 return rc;
2307 }
2308
2309 switch (dev->device_type) {
2310 case PN533_DEVICE_STD:
2311 break;
2312
2313 case PN533_DEVICE_PASORI:
2314 pn533_fw_reset(dev);
2315
2316 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI,
2317 pasori_cfg, 3);
2318 if (rc) {
2319 nfc_dev_err(&dev->interface->dev,
2320 "Error while settings PASORI config");
2321 return rc;
2322 }
2323
2324 pn533_fw_reset(dev);
2325
2326 break;
2327 }
2328
2329 return 0;
2330 }
2331
2332 static int pn533_probe(struct usb_interface *interface,
2333 const struct usb_device_id *id)
2334 {
2335 struct pn533_fw_version *fw_ver;
2336 struct pn533 *dev;
2337 struct usb_host_interface *iface_desc;
2338 struct usb_endpoint_descriptor *endpoint;
2339 int in_endpoint = 0;
2340 int out_endpoint = 0;
2341 int rc = -ENOMEM;
2342 int i;
2343 u32 protocols;
2344
2345 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2346 if (!dev)
2347 return -ENOMEM;
2348
2349 dev->udev = usb_get_dev(interface_to_usbdev(interface));
2350 dev->interface = interface;
2351 mutex_init(&dev->cmd_lock);
2352
2353 iface_desc = interface->cur_altsetting;
2354 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
2355 endpoint = &iface_desc->endpoint[i].desc;
2356
2357 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) {
2358 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
2359 in_endpoint = endpoint->bEndpointAddress;
2360 }
2361
2362 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) {
2363 dev->out_maxlen =
2364 le16_to_cpu(endpoint->wMaxPacketSize);
2365 out_endpoint = endpoint->bEndpointAddress;
2366 }
2367 }
2368
2369 if (!in_endpoint || !out_endpoint) {
2370 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
2371 " bulk-out endpoint");
2372 rc = -ENODEV;
2373 goto error;
2374 }
2375
2376 dev->in_frame = kmalloc(dev->in_maxlen, GFP_KERNEL);
2377 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
2378 dev->out_frame = kmalloc(dev->out_maxlen, GFP_KERNEL);
2379 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
2380
2381 if (!dev->in_frame || !dev->out_frame ||
2382 !dev->in_urb || !dev->out_urb)
2383 goto error;
2384
2385 usb_fill_bulk_urb(dev->in_urb, dev->udev,
2386 usb_rcvbulkpipe(dev->udev, in_endpoint),
2387 NULL, 0, NULL, dev);
2388 usb_fill_bulk_urb(dev->out_urb, dev->udev,
2389 usb_sndbulkpipe(dev->udev, out_endpoint),
2390 NULL, 0,
2391 pn533_send_complete, dev);
2392
2393 INIT_WORK(&dev->cmd_work, pn533_wq_cmd);
2394 INIT_WORK(&dev->cmd_complete_work, pn533_wq_cmd_complete);
2395 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
2396 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
2397 INIT_WORK(&dev->poll_work, pn533_wq_poll);
2398 dev->wq = alloc_ordered_workqueue("pn533", 0);
2399 if (dev->wq == NULL)
2400 goto error;
2401
2402 init_timer(&dev->listen_timer);
2403 dev->listen_timer.data = (unsigned long) dev;
2404 dev->listen_timer.function = pn533_listen_mode_timer;
2405
2406 skb_queue_head_init(&dev->resp_q);
2407
2408 INIT_LIST_HEAD(&dev->cmd_queue);
2409
2410 usb_set_intfdata(interface, dev);
2411
2412 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION);
2413 pn533_tx_frame_finish(dev->out_frame);
2414
2415 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2416 dev->in_maxlen);
2417 if (rc)
2418 goto destroy_wq;
2419
2420 fw_ver = (struct pn533_fw_version *)
2421 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
2422 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
2423 " attached", fw_ver->ver, fw_ver->rev);
2424
2425 dev->device_type = id->driver_info;
2426 switch (dev->device_type) {
2427 case PN533_DEVICE_STD:
2428 protocols = PN533_ALL_PROTOCOLS;
2429 break;
2430
2431 case PN533_DEVICE_PASORI:
2432 protocols = PN533_NO_TYPE_B_PROTOCOLS;
2433 break;
2434
2435 default:
2436 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2437 dev->device_type);
2438 rc = -EINVAL;
2439 goto destroy_wq;
2440 }
2441
2442 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
2443 PN533_CMD_DATAEXCH_HEAD_LEN,
2444 PN533_FRAME_TAIL_SIZE);
2445 if (!dev->nfc_dev)
2446 goto destroy_wq;
2447
2448 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
2449 nfc_set_drvdata(dev->nfc_dev, dev);
2450
2451 rc = nfc_register_device(dev->nfc_dev);
2452 if (rc)
2453 goto free_nfc_dev;
2454
2455 rc = pn533_setup(dev);
2456 if (rc)
2457 goto unregister_nfc_dev;
2458
2459 return 0;
2460
2461 unregister_nfc_dev:
2462 nfc_unregister_device(dev->nfc_dev);
2463
2464 free_nfc_dev:
2465 nfc_free_device(dev->nfc_dev);
2466
2467 destroy_wq:
2468 destroy_workqueue(dev->wq);
2469 error:
2470 kfree(dev->in_frame);
2471 usb_free_urb(dev->in_urb);
2472 kfree(dev->out_frame);
2473 usb_free_urb(dev->out_urb);
2474 kfree(dev);
2475 return rc;
2476 }
2477
2478 static void pn533_disconnect(struct usb_interface *interface)
2479 {
2480 struct pn533 *dev;
2481 struct pn533_cmd *cmd, *n;
2482
2483 dev = usb_get_intfdata(interface);
2484 usb_set_intfdata(interface, NULL);
2485
2486 nfc_unregister_device(dev->nfc_dev);
2487 nfc_free_device(dev->nfc_dev);
2488
2489 usb_kill_urb(dev->in_urb);
2490 usb_kill_urb(dev->out_urb);
2491
2492 destroy_workqueue(dev->wq);
2493
2494 skb_queue_purge(&dev->resp_q);
2495
2496 del_timer(&dev->listen_timer);
2497
2498 list_for_each_entry_safe(cmd, n, &dev->cmd_queue, queue) {
2499 list_del(&cmd->queue);
2500 kfree(cmd);
2501 }
2502
2503 kfree(dev->in_frame);
2504 usb_free_urb(dev->in_urb);
2505 kfree(dev->out_frame);
2506 usb_free_urb(dev->out_urb);
2507 kfree(dev);
2508
2509 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
2510 }
2511
2512 static struct usb_driver pn533_driver = {
2513 .name = "pn533",
2514 .probe = pn533_probe,
2515 .disconnect = pn533_disconnect,
2516 .id_table = pn533_table,
2517 };
2518
2519 module_usb_driver(pn533_driver);
2520
2521 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>,"
2522 " Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
2523 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
2524 MODULE_VERSION(VERSION);
2525 MODULE_LICENSE("GPL");
Linux kernel - Deliverables
This page took 0.114377 seconds and 5 git commands to generate.