projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
NFC: Add target mode protocols to the polling loop startup routine
[deliverable/linux.git] / drivers / nfc / pn533.c
1 /*
2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
3 *
4 * Authors:
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 */
23
24 #include <linux/device.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/usb.h>
29 #include <linux/nfc.h>
30 #include <linux/netdevice.h>
31 #include <net/nfc/nfc.h>
32
33 #define VERSION "0.1"
34
35 #define PN533_VENDOR_ID 0x4CC
36 #define PN533_PRODUCT_ID 0x2533
37
38 #define SCM_VENDOR_ID 0x4E6
39 #define SCL3711_PRODUCT_ID 0x5591
40
41 static const struct usb_device_id pn533_table[] = {
42 { USB_DEVICE(PN533_VENDOR_ID, PN533_PRODUCT_ID) },
43 { USB_DEVICE(SCM_VENDOR_ID, SCL3711_PRODUCT_ID) },
44 { }
45 };
46 MODULE_DEVICE_TABLE(usb, pn533_table);
47
48 /* frame definitions */
49 #define PN533_FRAME_TAIL_SIZE 2
50 #define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
51 PN533_FRAME_TAIL_SIZE)
52 #define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
53 #define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
54 #define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
55
56 /* start of frame */
57 #define PN533_SOF 0x00FF
58
59 /* frame identifier: in/out/error */
60 #define PN533_FRAME_IDENTIFIER(f) (f->data[0])
61 #define PN533_DIR_OUT 0xD4
62 #define PN533_DIR_IN 0xD5
63
64 /* PN533 Commands */
65 #define PN533_FRAME_CMD(f) (f->data[1])
66 #define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
67 #define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
68
69 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
70 #define PN533_CMD_RF_CONFIGURATION 0x32
71 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
72 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
73 #define PN533_CMD_IN_ATR 0x50
74 #define PN533_CMD_IN_RELEASE 0x52
75 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
76
77 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
78
79 /* PN533 Return codes */
80 #define PN533_CMD_RET_MASK 0x3F
81 #define PN533_CMD_MI_MASK 0x40
82 #define PN533_CMD_RET_SUCCESS 0x00
83
84 struct pn533;
85
86 typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
87 u8 *params, int params_len);
88
89 /* structs for pn533 commands */
90
91 /* PN533_CMD_GET_FIRMWARE_VERSION */
92 struct pn533_fw_version {
93 u8 ic;
94 u8 ver;
95 u8 rev;
96 u8 support;
97 };
98
99 /* PN533_CMD_RF_CONFIGURATION */
100 #define PN533_CFGITEM_MAX_RETRIES 0x05
101
102 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
103 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
104
105 struct pn533_config_max_retries {
106 u8 mx_rty_atr;
107 u8 mx_rty_psl;
108 u8 mx_rty_passive_act;
109 } __packed;
110
111 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
112
113 /* felica commands opcode */
114 #define PN533_FELICA_OPC_SENSF_REQ 0
115 #define PN533_FELICA_OPC_SENSF_RES 1
116 /* felica SENSF_REQ parameters */
117 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
118 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
119 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
120 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
121
122 /* type B initiator_data values */
123 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
124 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
125 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
126
127 union pn533_cmd_poll_initdata {
128 struct {
129 u8 afi;
130 u8 polling_method;
131 } __packed type_b;
132 struct {
133 u8 opcode;
134 __be16 sc;
135 u8 rc;
136 u8 tsn;
137 } __packed felica;
138 };
139
140 /* Poll modulations */
141 enum {
142 PN533_POLL_MOD_106KBPS_A,
143 PN533_POLL_MOD_212KBPS_FELICA,
144 PN533_POLL_MOD_424KBPS_FELICA,
145 PN533_POLL_MOD_106KBPS_JEWEL,
146 PN533_POLL_MOD_847KBPS_B,
147
148 __PN533_POLL_MOD_AFTER_LAST,
149 };
150 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
151
152 struct pn533_poll_modulations {
153 struct {
154 u8 maxtg;
155 u8 brty;
156 union pn533_cmd_poll_initdata initiator_data;
157 } __packed data;
158 u8 len;
159 };
160
161 const struct pn533_poll_modulations poll_mod[] = {
162 [PN533_POLL_MOD_106KBPS_A] = {
163 .data = {
164 .maxtg = 1,
165 .brty = 0,
166 },
167 .len = 2,
168 },
169 [PN533_POLL_MOD_212KBPS_FELICA] = {
170 .data = {
171 .maxtg = 1,
172 .brty = 1,
173 .initiator_data.felica = {
174 .opcode = PN533_FELICA_OPC_SENSF_REQ,
175 .sc = PN533_FELICA_SENSF_SC_ALL,
176 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
177 .tsn = 0,
178 },
179 },
180 .len = 7,
181 },
182 [PN533_POLL_MOD_424KBPS_FELICA] = {
183 .data = {
184 .maxtg = 1,
185 .brty = 2,
186 .initiator_data.felica = {
187 .opcode = PN533_FELICA_OPC_SENSF_REQ,
188 .sc = PN533_FELICA_SENSF_SC_ALL,
189 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
190 .tsn = 0,
191 },
192 },
193 .len = 7,
194 },
195 [PN533_POLL_MOD_106KBPS_JEWEL] = {
196 .data = {
197 .maxtg = 1,
198 .brty = 4,
199 },
200 .len = 2,
201 },
202 [PN533_POLL_MOD_847KBPS_B] = {
203 .data = {
204 .maxtg = 1,
205 .brty = 8,
206 .initiator_data.type_b = {
207 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
208 .polling_method =
209 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
210 },
211 },
212 .len = 3,
213 },
214 };
215
216 /* PN533_CMD_IN_ATR */
217
218 struct pn533_cmd_activate_param {
219 u8 tg;
220 u8 next;
221 } __packed;
222
223 struct pn533_cmd_activate_response {
224 u8 status;
225 u8 nfcid3t[10];
226 u8 didt;
227 u8 bst;
228 u8 brt;
229 u8 to;
230 u8 ppt;
231 /* optional */
232 u8 gt[];
233 } __packed;
234
235 /* PN533_CMD_IN_JUMP_FOR_DEP */
236 struct pn533_cmd_jump_dep {
237 u8 active;
238 u8 baud;
239 u8 next;
240 u8 gt[];
241 } __packed;
242
243 struct pn533_cmd_jump_dep_response {
244 u8 status;
245 u8 tg;
246 u8 nfcid3t[10];
247 u8 didt;
248 u8 bst;
249 u8 brt;
250 u8 to;
251 u8 ppt;
252 /* optional */
253 u8 gt[];
254 } __packed;
255
256 struct pn533 {
257 struct usb_device *udev;
258 struct usb_interface *interface;
259 struct nfc_dev *nfc_dev;
260
261 struct urb *out_urb;
262 int out_maxlen;
263 struct pn533_frame *out_frame;
264
265 struct urb *in_urb;
266 int in_maxlen;
267 struct pn533_frame *in_frame;
268
269 struct sk_buff_head resp_q;
270
271 struct workqueue_struct *wq;
272 struct work_struct cmd_work;
273 struct work_struct mi_work;
274 struct pn533_frame *wq_in_frame;
275 int wq_in_error;
276
277 pn533_cmd_complete_t cmd_complete;
278 void *cmd_complete_arg;
279 struct semaphore cmd_lock;
280 u8 cmd;
281
282 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
283 u8 poll_mod_count;
284 u8 poll_mod_curr;
285 u32 poll_protocols;
286
287 u8 tgt_available_prots;
288 u8 tgt_active_prot;
289 };
290
291 struct pn533_frame {
292 u8 preamble;
293 __be16 start_frame;
294 u8 datalen;
295 u8 datalen_checksum;
296 u8 data[];
297 } __packed;
298
299 /* The rule: value + checksum = 0 */
300 static inline u8 pn533_checksum(u8 value)
301 {
302 return ~value + 1;
303 }
304
305 /* The rule: sum(data elements) + checksum = 0 */
306 static u8 pn533_data_checksum(u8 *data, int datalen)
307 {
308 u8 sum = 0;
309 int i;
310
311 for (i = 0; i < datalen; i++)
312 sum += data[i];
313
314 return pn533_checksum(sum);
315 }
316
317 /**
318 * pn533_tx_frame_ack - create a ack frame
319 * @frame: The frame to be set as ack
320 *
321 * Ack is different type of standard frame. As a standard frame, it has
322 * preamble and start_frame. However the checksum of this frame must fail,
323 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
324 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
325 * After datalen_checksum field, the postamble is placed.
326 */
327 static void pn533_tx_frame_ack(struct pn533_frame *frame)
328 {
329 frame->preamble = 0;
330 frame->start_frame = cpu_to_be16(PN533_SOF);
331 frame->datalen = 0;
332 frame->datalen_checksum = 0xFF;
333 /* data[0] is used as postamble */
334 frame->data[0] = 0;
335 }
336
337 static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
338 {
339 frame->preamble = 0;
340 frame->start_frame = cpu_to_be16(PN533_SOF);
341 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
342 PN533_FRAME_CMD(frame) = cmd;
343 frame->datalen = 2;
344 }
345
346 static void pn533_tx_frame_finish(struct pn533_frame *frame)
347 {
348 frame->datalen_checksum = pn533_checksum(frame->datalen);
349
350 PN533_FRAME_CHECKSUM(frame) =
351 pn533_data_checksum(frame->data, frame->datalen);
352
353 PN533_FRAME_POSTAMBLE(frame) = 0;
354 }
355
356 static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
357 {
358 u8 checksum;
359
360 if (frame->start_frame != cpu_to_be16(PN533_SOF))
361 return false;
362
363 checksum = pn533_checksum(frame->datalen);
364 if (checksum != frame->datalen_checksum)
365 return false;
366
367 checksum = pn533_data_checksum(frame->data, frame->datalen);
368 if (checksum != PN533_FRAME_CHECKSUM(frame))
369 return false;
370
371 return true;
372 }
373
374 static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
375 {
376 if (frame->start_frame != cpu_to_be16(PN533_SOF))
377 return false;
378
379 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
380 return false;
381
382 return true;
383 }
384
385 static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
386 {
387 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
388 }
389
390
391 static void pn533_wq_cmd_complete(struct work_struct *work)
392 {
393 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
394 struct pn533_frame *in_frame;
395 int rc;
396
397 in_frame = dev->wq_in_frame;
398
399 if (dev->wq_in_error)
400 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
401 dev->wq_in_error);
402 else
403 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
404 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
405 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
406
407 if (rc != -EINPROGRESS)
408 up(&dev->cmd_lock);
409 }
410
411 static void pn533_recv_response(struct urb *urb)
412 {
413 struct pn533 *dev = urb->context;
414 struct pn533_frame *in_frame;
415
416 dev->wq_in_frame = NULL;
417
418 switch (urb->status) {
419 case 0:
420 /* success */
421 break;
422 case -ECONNRESET:
423 case -ENOENT:
424 case -ESHUTDOWN:
425 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
426 " status: %d", urb->status);
427 dev->wq_in_error = urb->status;
428 goto sched_wq;
429 default:
430 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
431 " %d", urb->status);
432 dev->wq_in_error = urb->status;
433 goto sched_wq;
434 }
435
436 in_frame = dev->in_urb->transfer_buffer;
437
438 if (!pn533_rx_frame_is_valid(in_frame)) {
439 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
440 dev->wq_in_error = -EIO;
441 goto sched_wq;
442 }
443
444 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
445 nfc_dev_err(&dev->interface->dev, "The received frame is not "
446 "response to the last command");
447 dev->wq_in_error = -EIO;
448 goto sched_wq;
449 }
450
451 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
452 dev->wq_in_error = 0;
453 dev->wq_in_frame = in_frame;
454
455 sched_wq:
456 queue_work(dev->wq, &dev->cmd_work);
457 }
458
459 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
460 {
461 dev->in_urb->complete = pn533_recv_response;
462
463 return usb_submit_urb(dev->in_urb, flags);
464 }
465
466 static void pn533_recv_ack(struct urb *urb)
467 {
468 struct pn533 *dev = urb->context;
469 struct pn533_frame *in_frame;
470 int rc;
471
472 switch (urb->status) {
473 case 0:
474 /* success */
475 break;
476 case -ECONNRESET:
477 case -ENOENT:
478 case -ESHUTDOWN:
479 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
480 " status: %d", urb->status);
481 dev->wq_in_error = urb->status;
482 goto sched_wq;
483 default:
484 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
485 " %d", urb->status);
486 dev->wq_in_error = urb->status;
487 goto sched_wq;
488 }
489
490 in_frame = dev->in_urb->transfer_buffer;
491
492 if (!pn533_rx_frame_is_ack(in_frame)) {
493 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
494 dev->wq_in_error = -EIO;
495 goto sched_wq;
496 }
497
498 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
499
500 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
501 if (rc) {
502 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
503 " result %d", rc);
504 dev->wq_in_error = rc;
505 goto sched_wq;
506 }
507
508 return;
509
510 sched_wq:
511 dev->wq_in_frame = NULL;
512 queue_work(dev->wq, &dev->cmd_work);
513 }
514
515 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
516 {
517 dev->in_urb->complete = pn533_recv_ack;
518
519 return usb_submit_urb(dev->in_urb, flags);
520 }
521
522 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
523 {
524 int rc;
525
526 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
527
528 pn533_tx_frame_ack(dev->out_frame);
529
530 dev->out_urb->transfer_buffer = dev->out_frame;
531 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
532 rc = usb_submit_urb(dev->out_urb, flags);
533
534 return rc;
535 }
536
537 static int __pn533_send_cmd_frame_async(struct pn533 *dev,
538 struct pn533_frame *out_frame,
539 struct pn533_frame *in_frame,
540 int in_frame_len,
541 pn533_cmd_complete_t cmd_complete,
542 void *arg, gfp_t flags)
543 {
544 int rc;
545
546 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
547 PN533_FRAME_CMD(out_frame));
548
549 dev->cmd = PN533_FRAME_CMD(out_frame);
550 dev->cmd_complete = cmd_complete;
551 dev->cmd_complete_arg = arg;
552
553 dev->out_urb->transfer_buffer = out_frame;
554 dev->out_urb->transfer_buffer_length =
555 PN533_FRAME_SIZE(out_frame);
556
557 dev->in_urb->transfer_buffer = in_frame;
558 dev->in_urb->transfer_buffer_length = in_frame_len;
559
560 rc = usb_submit_urb(dev->out_urb, flags);
561 if (rc)
562 return rc;
563
564 rc = pn533_submit_urb_for_ack(dev, flags);
565 if (rc)
566 goto error;
567
568 return 0;
569
570 error:
571 usb_unlink_urb(dev->out_urb);
572 return rc;
573 }
574
575 static int pn533_send_cmd_frame_async(struct pn533 *dev,
576 struct pn533_frame *out_frame,
577 struct pn533_frame *in_frame,
578 int in_frame_len,
579 pn533_cmd_complete_t cmd_complete,
580 void *arg, gfp_t flags)
581 {
582 int rc;
583
584 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
585
586 if (down_trylock(&dev->cmd_lock))
587 return -EBUSY;
588
589 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
590 in_frame_len, cmd_complete, arg, flags);
591 if (rc)
592 goto error;
593
594 return 0;
595 error:
596 up(&dev->cmd_lock);
597 return rc;
598 }
599
600 struct pn533_sync_cmd_response {
601 int rc;
602 struct completion done;
603 };
604
605 static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg,
606 u8 *params, int params_len)
607 {
608 struct pn533_sync_cmd_response *arg = _arg;
609
610 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
611
612 arg->rc = 0;
613
614 if (params_len < 0) /* error */
615 arg->rc = params_len;
616
617 complete(&arg->done);
618
619 return 0;
620 }
621
622 static int pn533_send_cmd_frame_sync(struct pn533 *dev,
623 struct pn533_frame *out_frame,
624 struct pn533_frame *in_frame,
625 int in_frame_len)
626 {
627 int rc;
628 struct pn533_sync_cmd_response arg;
629
630 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
631
632 init_completion(&arg.done);
633
634 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len,
635 pn533_sync_cmd_complete, &arg, GFP_KERNEL);
636 if (rc)
637 return rc;
638
639 wait_for_completion(&arg.done);
640
641 return arg.rc;
642 }
643
644 static void pn533_send_complete(struct urb *urb)
645 {
646 struct pn533 *dev = urb->context;
647
648 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
649
650 switch (urb->status) {
651 case 0:
652 /* success */
653 break;
654 case -ECONNRESET:
655 case -ENOENT:
656 case -ESHUTDOWN:
657 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
658 " status: %d", urb->status);
659 break;
660 default:
661 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
662 " %d", urb->status);
663 }
664 }
665
666 struct pn533_target_type_a {
667 __be16 sens_res;
668 u8 sel_res;
669 u8 nfcid_len;
670 u8 nfcid_data[];
671 } __packed;
672
673
674 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
675 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
676 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
677
678 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
679 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
680
681 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
682 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
683
684 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
685 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
686 #define PN533_TYPE_A_SEL_PROT_DEP 2
687 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
688
689 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
690 int target_data_len)
691 {
692 u8 ssd;
693 u8 platconf;
694
695 if (target_data_len < sizeof(struct pn533_target_type_a))
696 return false;
697
698 /* The lenght check of nfcid[] and ats[] are not being performed because
699 the values are not being used */
700
701 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
702 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
703 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
704
705 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
706 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
707 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
708 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
709 return false;
710
711 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
712 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
713 return false;
714
715 return true;
716 }
717
718 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
719 int tgt_data_len)
720 {
721 struct pn533_target_type_a *tgt_type_a;
722
723 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
724
725 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
726 return -EPROTO;
727
728 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
729 case PN533_TYPE_A_SEL_PROT_MIFARE:
730 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
731 break;
732 case PN533_TYPE_A_SEL_PROT_ISO14443:
733 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
734 break;
735 case PN533_TYPE_A_SEL_PROT_DEP:
736 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
737 break;
738 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
739 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
740 NFC_PROTO_NFC_DEP_MASK;
741 break;
742 }
743
744 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
745 nfc_tgt->sel_res = tgt_type_a->sel_res;
746 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
747 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
748
749 return 0;
750 }
751
752 struct pn533_target_felica {
753 u8 pol_res;
754 u8 opcode;
755 u8 nfcid2[8];
756 u8 pad[8];
757 /* optional */
758 u8 syst_code[];
759 } __packed;
760
761 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
762 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
763
764 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
765 int target_data_len)
766 {
767 if (target_data_len < sizeof(struct pn533_target_felica))
768 return false;
769
770 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
771 return false;
772
773 return true;
774 }
775
776 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
777 int tgt_data_len)
778 {
779 struct pn533_target_felica *tgt_felica;
780
781 tgt_felica = (struct pn533_target_felica *) tgt_data;
782
783 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
784 return -EPROTO;
785
786 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
787 tgt_felica->nfcid2[1] ==
788 PN533_FELICA_SENSF_NFCID2_DEP_B2)
789 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
790 else
791 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
792
793 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
794 nfc_tgt->sensf_res_len = 9;
795
796 return 0;
797 }
798
799 struct pn533_target_jewel {
800 __be16 sens_res;
801 u8 jewelid[4];
802 } __packed;
803
804 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
805 int target_data_len)
806 {
807 u8 ssd;
808 u8 platconf;
809
810 if (target_data_len < sizeof(struct pn533_target_jewel))
811 return false;
812
813 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
814 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
815 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
816
817 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
818 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
819 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
820 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
821 return false;
822
823 return true;
824 }
825
826 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
827 int tgt_data_len)
828 {
829 struct pn533_target_jewel *tgt_jewel;
830
831 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
832
833 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
834 return -EPROTO;
835
836 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
837 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
838 nfc_tgt->nfcid1_len = 4;
839 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
840
841 return 0;
842 }
843
844 struct pn533_type_b_prot_info {
845 u8 bitrate;
846 u8 fsci_type;
847 u8 fwi_adc_fo;
848 } __packed;
849
850 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
851 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
852 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
853
854 struct pn533_type_b_sens_res {
855 u8 opcode;
856 u8 nfcid[4];
857 u8 appdata[4];
858 struct pn533_type_b_prot_info prot_info;
859 } __packed;
860
861 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
862
863 struct pn533_target_type_b {
864 struct pn533_type_b_sens_res sensb_res;
865 u8 attrib_res_len;
866 u8 attrib_res[];
867 } __packed;
868
869 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
870 int target_data_len)
871 {
872 if (target_data_len < sizeof(struct pn533_target_type_b))
873 return false;
874
875 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
876 return false;
877
878 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
879 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
880 return false;
881
882 return true;
883 }
884
885 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
886 int tgt_data_len)
887 {
888 struct pn533_target_type_b *tgt_type_b;
889
890 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
891
892 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
893 return -EPROTO;
894
895 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
896
897 return 0;
898 }
899
900 struct pn533_poll_response {
901 u8 nbtg;
902 u8 tg;
903 u8 target_data[];
904 } __packed;
905
906 static int pn533_target_found(struct pn533 *dev,
907 struct pn533_poll_response *resp, int resp_len)
908 {
909 int target_data_len;
910 struct nfc_target nfc_tgt;
911 int rc;
912
913 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
914 dev->poll_mod_curr);
915
916 if (resp->tg != 1)
917 return -EPROTO;
918
919 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
920
921 target_data_len = resp_len - sizeof(struct pn533_poll_response);
922
923 switch (dev->poll_mod_curr) {
924 case PN533_POLL_MOD_106KBPS_A:
925 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
926 target_data_len);
927 break;
928 case PN533_POLL_MOD_212KBPS_FELICA:
929 case PN533_POLL_MOD_424KBPS_FELICA:
930 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
931 target_data_len);
932 break;
933 case PN533_POLL_MOD_106KBPS_JEWEL:
934 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
935 target_data_len);
936 break;
937 case PN533_POLL_MOD_847KBPS_B:
938 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
939 target_data_len);
940 break;
941 default:
942 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
943 " modulation");
944 return -EPROTO;
945 }
946
947 if (rc)
948 return rc;
949
950 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
951 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
952 " have the desired protocol");
953 return -EAGAIN;
954 }
955
956 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
957 "0x%x", nfc_tgt.supported_protocols);
958
959 dev->tgt_available_prots = nfc_tgt.supported_protocols;
960
961 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
962
963 return 0;
964 }
965
966 static void pn533_poll_reset_mod_list(struct pn533 *dev)
967 {
968 dev->poll_mod_count = 0;
969 }
970
971 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
972 {
973 dev->poll_mod_active[dev->poll_mod_count] =
974 (struct pn533_poll_modulations *) &poll_mod[mod_index];
975 dev->poll_mod_count++;
976 }
977
978 static void pn533_poll_create_mod_list(struct pn533 *dev, u32 protocols)
979 {
980 pn533_poll_reset_mod_list(dev);
981
982 if (protocols & NFC_PROTO_MIFARE_MASK
983 || protocols & NFC_PROTO_ISO14443_MASK
984 || protocols & NFC_PROTO_NFC_DEP_MASK)
985 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
986
987 if (protocols & NFC_PROTO_FELICA_MASK
988 || protocols & NFC_PROTO_NFC_DEP_MASK) {
989 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
990 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
991 }
992
993 if (protocols & NFC_PROTO_JEWEL_MASK)
994 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
995
996 if (protocols & NFC_PROTO_ISO14443_MASK)
997 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
998 }
999
1000 static void pn533_start_poll_frame(struct pn533_frame *frame,
1001 struct pn533_poll_modulations *mod)
1002 {
1003
1004 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1005
1006 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1007 frame->datalen += mod->len;
1008
1009 pn533_tx_frame_finish(frame);
1010 }
1011
1012 static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1013 u8 *params, int params_len)
1014 {
1015 struct pn533_poll_response *resp;
1016 struct pn533_poll_modulations *next_mod;
1017 int rc;
1018
1019 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1020
1021 if (params_len == -ENOENT) {
1022 nfc_dev_dbg(&dev->interface->dev, "Polling operation has been"
1023 " stopped");
1024 goto stop_poll;
1025 }
1026
1027 if (params_len < 0) {
1028 nfc_dev_err(&dev->interface->dev, "Error %d when running poll",
1029 params_len);
1030 goto stop_poll;
1031 }
1032
1033 resp = (struct pn533_poll_response *) params;
1034 if (resp->nbtg) {
1035 rc = pn533_target_found(dev, resp, params_len);
1036
1037 /* We must stop the poll after a valid target found */
1038 if (rc == 0)
1039 goto stop_poll;
1040
1041 if (rc != -EAGAIN)
1042 nfc_dev_err(&dev->interface->dev, "The target found is"
1043 " not valid - continuing to poll");
1044 }
1045
1046 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1047
1048 next_mod = dev->poll_mod_active[dev->poll_mod_curr];
1049
1050 nfc_dev_dbg(&dev->interface->dev, "Polling next modulation (0x%x)",
1051 dev->poll_mod_curr);
1052
1053 pn533_start_poll_frame(dev->out_frame, next_mod);
1054
1055 /* Don't need to down the semaphore again */
1056 rc = __pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1057 dev->in_maxlen, pn533_start_poll_complete,
1058 NULL, GFP_ATOMIC);
1059
1060 if (rc == -EPERM) {
1061 nfc_dev_dbg(&dev->interface->dev, "Cannot poll next modulation"
1062 " because poll has been stopped");
1063 goto stop_poll;
1064 }
1065
1066 if (rc) {
1067 nfc_dev_err(&dev->interface->dev, "Error %d when trying to poll"
1068 " next modulation", rc);
1069 goto stop_poll;
1070 }
1071
1072 /* Inform caller function to do not up the semaphore */
1073 return -EINPROGRESS;
1074
1075 stop_poll:
1076 pn533_poll_reset_mod_list(dev);
1077 dev->poll_protocols = 0;
1078 return 0;
1079 }
1080
1081 static int pn533_init_target(struct nfc_dev *nfc_dev, u32 protocols)
1082 {
1083 return 0;
1084 }
1085
1086 static int pn533_start_im_poll(struct nfc_dev *nfc_dev, u32 protocols)
1087 {
1088 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1089 struct pn533_poll_modulations *start_mod;
1090 int rc;
1091
1092 if (dev->poll_mod_count) {
1093 nfc_dev_err(&dev->interface->dev, "Polling operation already"
1094 " active");
1095 return -EBUSY;
1096 }
1097
1098 pn533_poll_create_mod_list(dev, protocols);
1099
1100 if (!dev->poll_mod_count) {
1101 nfc_dev_err(&dev->interface->dev, "No valid protocols"
1102 " specified");
1103 rc = -EINVAL;
1104 goto error;
1105 }
1106
1107 nfc_dev_dbg(&dev->interface->dev, "It will poll %d modulations types",
1108 dev->poll_mod_count);
1109
1110 dev->poll_mod_curr = 0;
1111 start_mod = dev->poll_mod_active[dev->poll_mod_curr];
1112
1113 pn533_start_poll_frame(dev->out_frame, start_mod);
1114
1115 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1116 dev->in_maxlen, pn533_start_poll_complete,
1117 NULL, GFP_KERNEL);
1118
1119 if (rc) {
1120 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1121 " start poll", rc);
1122 goto error;
1123 }
1124
1125 dev->poll_protocols = protocols;
1126
1127 return 0;
1128
1129 error:
1130 pn533_poll_reset_mod_list(dev);
1131 return rc;
1132 }
1133
1134 static int pn533_start_poll(struct nfc_dev *nfc_dev,
1135 u32 im_protocols, u32 tm_protocols)
1136 {
1137 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1138
1139 nfc_dev_dbg(&dev->interface->dev,
1140 "%s: im protocols 0x%x tm protocols 0x%x",
1141 __func__, im_protocols, tm_protocols);
1142
1143 if (dev->tgt_active_prot) {
1144 nfc_dev_err(&dev->interface->dev,
1145 "Cannot poll with a target already activated");
1146 return -EBUSY;
1147 }
1148
1149 if (!tm_protocols)
1150 return pn533_start_im_poll(nfc_dev, im_protocols);
1151 else if (!im_protocols)
1152 return pn533_init_target(nfc_dev, tm_protocols);
1153 else
1154 return -EINVAL;
1155 }
1156
1157 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1158 {
1159 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1160
1161 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1162
1163 if (!dev->poll_mod_count) {
1164 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1165 " running");
1166 return;
1167 }
1168
1169 /* An ack will cancel the last issued command (poll) */
1170 pn533_send_ack(dev, GFP_KERNEL);
1171
1172 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1173 usb_kill_urb(dev->in_urb);
1174 }
1175
1176 static int pn533_activate_target_nfcdep(struct pn533 *dev)
1177 {
1178 struct pn533_cmd_activate_param param;
1179 struct pn533_cmd_activate_response *resp;
1180 u16 gt_len;
1181 int rc;
1182
1183 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1184
1185 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR);
1186
1187 param.tg = 1;
1188 param.next = 0;
1189 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &param,
1190 sizeof(struct pn533_cmd_activate_param));
1191 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1192
1193 pn533_tx_frame_finish(dev->out_frame);
1194
1195 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1196 dev->in_maxlen);
1197 if (rc)
1198 return rc;
1199
1200 resp = (struct pn533_cmd_activate_response *)
1201 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1202 rc = resp->status & PN533_CMD_RET_MASK;
1203 if (rc != PN533_CMD_RET_SUCCESS)
1204 return -EIO;
1205
1206 /* ATR_RES general bytes are located at offset 16 */
1207 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16;
1208 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len);
1209
1210 return rc;
1211 }
1212
1213 static int pn533_activate_target(struct nfc_dev *nfc_dev,
1214 struct nfc_target *target, u32 protocol)
1215 {
1216 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1217 int rc;
1218
1219 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1220 protocol);
1221
1222 if (dev->poll_mod_count) {
1223 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1224 " polling");
1225 return -EBUSY;
1226 }
1227
1228 if (dev->tgt_active_prot) {
1229 nfc_dev_err(&dev->interface->dev, "There is already an active"
1230 " target");
1231 return -EBUSY;
1232 }
1233
1234 if (!dev->tgt_available_prots) {
1235 nfc_dev_err(&dev->interface->dev, "There is no available target"
1236 " to activate");
1237 return -EINVAL;
1238 }
1239
1240 if (!(dev->tgt_available_prots & (1 << protocol))) {
1241 nfc_dev_err(&dev->interface->dev, "The target does not support"
1242 " the requested protocol %u", protocol);
1243 return -EINVAL;
1244 }
1245
1246 if (protocol == NFC_PROTO_NFC_DEP) {
1247 rc = pn533_activate_target_nfcdep(dev);
1248 if (rc) {
1249 nfc_dev_err(&dev->interface->dev, "Error %d when"
1250 " activating target with"
1251 " NFC_DEP protocol", rc);
1252 return rc;
1253 }
1254 }
1255
1256 dev->tgt_active_prot = protocol;
1257 dev->tgt_available_prots = 0;
1258
1259 return 0;
1260 }
1261
1262 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1263 struct nfc_target *target)
1264 {
1265 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1266 u8 tg;
1267 u8 status;
1268 int rc;
1269
1270 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1271
1272 if (!dev->tgt_active_prot) {
1273 nfc_dev_err(&dev->interface->dev, "There is no active target");
1274 return;
1275 }
1276
1277 dev->tgt_active_prot = 0;
1278
1279 skb_queue_purge(&dev->resp_q);
1280
1281 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE);
1282
1283 tg = 1;
1284 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1285 dev->out_frame->datalen += sizeof(u8);
1286
1287 pn533_tx_frame_finish(dev->out_frame);
1288
1289 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1290 dev->in_maxlen);
1291 if (rc) {
1292 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1293 " command to the controller");
1294 return;
1295 }
1296
1297 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0];
1298 rc = status & PN533_CMD_RET_MASK;
1299 if (rc != PN533_CMD_RET_SUCCESS)
1300 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1301 " the target", rc);
1302
1303 return;
1304 }
1305
1306
1307 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1308 u8 *params, int params_len)
1309 {
1310 struct pn533_cmd_jump_dep *cmd;
1311 struct pn533_cmd_jump_dep_response *resp;
1312 struct nfc_target nfc_target;
1313 u8 target_gt_len;
1314 int rc;
1315
1316 if (params_len == -ENOENT) {
1317 nfc_dev_dbg(&dev->interface->dev, "");
1318 return 0;
1319 }
1320
1321 if (params_len < 0) {
1322 nfc_dev_err(&dev->interface->dev,
1323 "Error %d when bringing DEP link up",
1324 params_len);
1325 return 0;
1326 }
1327
1328 if (dev->tgt_available_prots &&
1329 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1330 nfc_dev_err(&dev->interface->dev,
1331 "The target does not support DEP");
1332 return -EINVAL;
1333 }
1334
1335 resp = (struct pn533_cmd_jump_dep_response *) params;
1336 cmd = (struct pn533_cmd_jump_dep *) arg;
1337 rc = resp->status & PN533_CMD_RET_MASK;
1338 if (rc != PN533_CMD_RET_SUCCESS) {
1339 nfc_dev_err(&dev->interface->dev,
1340 "Bringing DEP link up failed %d", rc);
1341 return 0;
1342 }
1343
1344 if (!dev->tgt_available_prots) {
1345 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1346
1347 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1348 nfc_target.nfcid1_len = 10;
1349 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len);
1350 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1351 if (rc)
1352 return 0;
1353
1354 dev->tgt_available_prots = 0;
1355 }
1356
1357 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1358
1359 /* ATR_RES general bytes are located at offset 17 */
1360 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17;
1361 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1362 resp->gt, target_gt_len);
1363 if (rc == 0)
1364 rc = nfc_dep_link_is_up(dev->nfc_dev,
1365 dev->nfc_dev->targets[0].idx,
1366 !cmd->active, NFC_RF_INITIATOR);
1367
1368 return 0;
1369 }
1370
1371 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1372 u8 comm_mode, u8* gb, size_t gb_len)
1373 {
1374 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1375 struct pn533_cmd_jump_dep *cmd;
1376 u8 cmd_len;
1377 int rc;
1378
1379 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1380
1381 if (dev->poll_mod_count) {
1382 nfc_dev_err(&dev->interface->dev,
1383 "Cannot bring the DEP link up while polling");
1384 return -EBUSY;
1385 }
1386
1387 if (dev->tgt_active_prot) {
1388 nfc_dev_err(&dev->interface->dev,
1389 "There is already an active target");
1390 return -EBUSY;
1391 }
1392
1393 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1394 cmd = kzalloc(cmd_len, GFP_KERNEL);
1395 if (cmd == NULL)
1396 return -ENOMEM;
1397
1398 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1399
1400 cmd->active = !comm_mode;
1401 cmd->baud = 0;
1402 if (gb != NULL && gb_len > 0) {
1403 cmd->next = 4; /* We have some Gi */
1404 memcpy(cmd->gt, gb, gb_len);
1405 } else {
1406 cmd->next = 0;
1407 }
1408
1409 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len);
1410 dev->out_frame->datalen += cmd_len;
1411
1412 pn533_tx_frame_finish(dev->out_frame);
1413
1414 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1415 dev->in_maxlen, pn533_in_dep_link_up_complete,
1416 cmd, GFP_KERNEL);
1417 if (rc)
1418 goto out;
1419
1420
1421 out:
1422 kfree(cmd);
1423
1424 return rc;
1425 }
1426
1427 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1428 {
1429 pn533_deactivate_target(nfc_dev, 0);
1430
1431 return 0;
1432 }
1433
1434 #define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1435 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1436
1437 static int pn533_data_exchange_tx_frame(struct pn533 *dev, struct sk_buff *skb)
1438 {
1439 int payload_len = skb->len;
1440 struct pn533_frame *out_frame;
1441 u8 tg;
1442
1443 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1444 payload_len);
1445
1446 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1447 /* TODO: Implement support to multi-part data exchange */
1448 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1449 " max allowed: %d",
1450 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1451 return -ENOSYS;
1452 }
1453
1454 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1455 out_frame = (struct pn533_frame *) skb->data;
1456
1457 pn533_tx_frame_init(out_frame, PN533_CMD_IN_DATA_EXCHANGE);
1458
1459 tg = 1;
1460 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame), &tg, sizeof(u8));
1461 out_frame->datalen += sizeof(u8);
1462
1463 /* The data is already in the out_frame, just update the datalen */
1464 out_frame->datalen += payload_len;
1465
1466 pn533_tx_frame_finish(out_frame);
1467 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1468
1469 return 0;
1470 }
1471
1472 struct pn533_data_exchange_arg {
1473 struct sk_buff *skb_resp;
1474 struct sk_buff *skb_out;
1475 data_exchange_cb_t cb;
1476 void *cb_context;
1477 };
1478
1479 static struct sk_buff *pn533_build_response(struct pn533 *dev)
1480 {
1481 struct sk_buff *skb, *tmp, *t;
1482 unsigned int skb_len = 0, tmp_len = 0;
1483
1484 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
1485
1486 if (skb_queue_empty(&dev->resp_q))
1487 return NULL;
1488
1489 if (skb_queue_len(&dev->resp_q) == 1) {
1490 skb = skb_dequeue(&dev->resp_q);
1491 goto out;
1492 }
1493
1494 skb_queue_walk_safe(&dev->resp_q, tmp, t)
1495 skb_len += tmp->len;
1496
1497 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
1498 __func__, skb_len);
1499
1500 skb = alloc_skb(skb_len, GFP_KERNEL);
1501 if (skb == NULL)
1502 goto out;
1503
1504 skb_put(skb, skb_len);
1505
1506 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
1507 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
1508 tmp_len += tmp->len;
1509 }
1510
1511 out:
1512 skb_queue_purge(&dev->resp_q);
1513
1514 return skb;
1515 }
1516
1517 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1518 u8 *params, int params_len)
1519 {
1520 struct pn533_data_exchange_arg *arg = _arg;
1521 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp;
1522 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1523 int err = 0;
1524 u8 status;
1525 u8 cmd_ret;
1526
1527 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1528
1529 dev_kfree_skb(arg->skb_out);
1530
1531 if (params_len < 0) { /* error */
1532 err = params_len;
1533 goto error;
1534 }
1535
1536 status = params[0];
1537
1538 cmd_ret = status & PN533_CMD_RET_MASK;
1539 if (cmd_ret != PN533_CMD_RET_SUCCESS) {
1540 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when"
1541 " exchanging data", cmd_ret);
1542 err = -EIO;
1543 goto error;
1544 }
1545
1546 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1547 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1548 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1549 skb_queue_tail(&dev->resp_q, skb_resp);
1550
1551 if (status & PN533_CMD_MI_MASK) {
1552 queue_work(dev->wq, &dev->mi_work);
1553 return -EINPROGRESS;
1554 }
1555
1556 skb = pn533_build_response(dev);
1557 if (skb == NULL)
1558 goto error;
1559
1560 arg->cb(arg->cb_context, skb, 0);
1561 kfree(arg);
1562 return 0;
1563
1564 error:
1565 skb_queue_purge(&dev->resp_q);
1566 dev_kfree_skb(skb_resp);
1567 arg->cb(arg->cb_context, NULL, err);
1568 kfree(arg);
1569 return 0;
1570 }
1571
1572 static int pn533_data_exchange(struct nfc_dev *nfc_dev,
1573 struct nfc_target *target, struct sk_buff *skb,
1574 data_exchange_cb_t cb, void *cb_context)
1575 {
1576 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1577 struct pn533_frame *out_frame, *in_frame;
1578 struct pn533_data_exchange_arg *arg;
1579 struct sk_buff *skb_resp;
1580 int skb_resp_len;
1581 int rc;
1582
1583 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1584
1585 if (!dev->tgt_active_prot) {
1586 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
1587 " there is no active target");
1588 rc = -EINVAL;
1589 goto error;
1590 }
1591
1592 rc = pn533_data_exchange_tx_frame(dev, skb);
1593 if (rc)
1594 goto error;
1595
1596 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1597 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1598 PN533_FRAME_TAIL_SIZE;
1599
1600 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1601 if (!skb_resp) {
1602 rc = -ENOMEM;
1603 goto error;
1604 }
1605
1606 in_frame = (struct pn533_frame *) skb_resp->data;
1607 out_frame = (struct pn533_frame *) skb->data;
1608
1609 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
1610 if (!arg) {
1611 rc = -ENOMEM;
1612 goto free_skb_resp;
1613 }
1614
1615 arg->skb_resp = skb_resp;
1616 arg->skb_out = skb;
1617 arg->cb = cb;
1618 arg->cb_context = cb_context;
1619
1620 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len,
1621 pn533_data_exchange_complete, arg,
1622 GFP_KERNEL);
1623 if (rc) {
1624 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1625 " perform data_exchange", rc);
1626 goto free_arg;
1627 }
1628
1629 return 0;
1630
1631 free_arg:
1632 kfree(arg);
1633 free_skb_resp:
1634 kfree_skb(skb_resp);
1635 error:
1636 kfree_skb(skb);
1637 return rc;
1638 }
1639
1640 static void pn533_wq_mi_recv(struct work_struct *work)
1641 {
1642 struct pn533 *dev = container_of(work, struct pn533, mi_work);
1643 struct sk_buff *skb_cmd;
1644 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg;
1645 struct pn533_frame *out_frame, *in_frame;
1646 struct sk_buff *skb_resp;
1647 int skb_resp_len;
1648 int rc;
1649
1650 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1651
1652 /* This is a zero payload size skb */
1653 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE,
1654 GFP_KERNEL);
1655 if (skb_cmd == NULL)
1656 goto error_cmd;
1657
1658 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
1659
1660 rc = pn533_data_exchange_tx_frame(dev, skb_cmd);
1661 if (rc)
1662 goto error_frame;
1663
1664 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1665 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1666 PN533_FRAME_TAIL_SIZE;
1667 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL);
1668 if (!skb_resp) {
1669 rc = -ENOMEM;
1670 goto error_frame;
1671 }
1672
1673 in_frame = (struct pn533_frame *) skb_resp->data;
1674 out_frame = (struct pn533_frame *) skb_cmd->data;
1675
1676 arg->skb_resp = skb_resp;
1677 arg->skb_out = skb_cmd;
1678
1679 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
1680 skb_resp_len,
1681 pn533_data_exchange_complete,
1682 dev->cmd_complete_arg, GFP_KERNEL);
1683 if (!rc)
1684 return;
1685
1686 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1687 " perform data_exchange", rc);
1688
1689 kfree_skb(skb_resp);
1690
1691 error_frame:
1692 kfree_skb(skb_cmd);
1693
1694 error_cmd:
1695 pn533_send_ack(dev, GFP_KERNEL);
1696
1697 kfree(arg);
1698
1699 up(&dev->cmd_lock);
1700 }
1701
1702 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
1703 u8 cfgdata_len)
1704 {
1705 int rc;
1706 u8 *params;
1707
1708 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1709
1710 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION);
1711
1712 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
1713 params[0] = cfgitem;
1714 memcpy(&params[1], cfgdata, cfgdata_len);
1715 dev->out_frame->datalen += (1 + cfgdata_len);
1716
1717 pn533_tx_frame_finish(dev->out_frame);
1718
1719 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1720 dev->in_maxlen);
1721
1722 return rc;
1723 }
1724
1725 struct nfc_ops pn533_nfc_ops = {
1726 .dev_up = NULL,
1727 .dev_down = NULL,
1728 .dep_link_up = pn533_dep_link_up,
1729 .dep_link_down = pn533_dep_link_down,
1730 .start_poll = pn533_start_poll,
1731 .stop_poll = pn533_stop_poll,
1732 .activate_target = pn533_activate_target,
1733 .deactivate_target = pn533_deactivate_target,
1734 .data_exchange = pn533_data_exchange,
1735 };
1736
1737 static int pn533_probe(struct usb_interface *interface,
1738 const struct usb_device_id *id)
1739 {
1740 struct pn533_fw_version *fw_ver;
1741 struct pn533 *dev;
1742 struct usb_host_interface *iface_desc;
1743 struct usb_endpoint_descriptor *endpoint;
1744 struct pn533_config_max_retries max_retries;
1745 int in_endpoint = 0;
1746 int out_endpoint = 0;
1747 int rc = -ENOMEM;
1748 int i;
1749 u32 protocols;
1750
1751 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
1752 if (!dev)
1753 return -ENOMEM;
1754
1755 dev->udev = usb_get_dev(interface_to_usbdev(interface));
1756 dev->interface = interface;
1757 sema_init(&dev->cmd_lock, 1);
1758
1759 iface_desc = interface->cur_altsetting;
1760 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
1761 endpoint = &iface_desc->endpoint[i].desc;
1762
1763 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) {
1764 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
1765 in_endpoint = endpoint->bEndpointAddress;
1766 }
1767
1768 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) {
1769 dev->out_maxlen =
1770 le16_to_cpu(endpoint->wMaxPacketSize);
1771 out_endpoint = endpoint->bEndpointAddress;
1772 }
1773 }
1774
1775 if (!in_endpoint || !out_endpoint) {
1776 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
1777 " bulk-out endpoint");
1778 rc = -ENODEV;
1779 goto error;
1780 }
1781
1782 dev->in_frame = kmalloc(dev->in_maxlen, GFP_KERNEL);
1783 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
1784 dev->out_frame = kmalloc(dev->out_maxlen, GFP_KERNEL);
1785 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
1786
1787 if (!dev->in_frame || !dev->out_frame ||
1788 !dev->in_urb || !dev->out_urb)
1789 goto error;
1790
1791 usb_fill_bulk_urb(dev->in_urb, dev->udev,
1792 usb_rcvbulkpipe(dev->udev, in_endpoint),
1793 NULL, 0, NULL, dev);
1794 usb_fill_bulk_urb(dev->out_urb, dev->udev,
1795 usb_sndbulkpipe(dev->udev, out_endpoint),
1796 NULL, 0,
1797 pn533_send_complete, dev);
1798
1799 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete);
1800 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
1801 dev->wq = alloc_workqueue("pn533",
1802 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1803 1);
1804 if (dev->wq == NULL)
1805 goto error;
1806
1807 skb_queue_head_init(&dev->resp_q);
1808
1809 usb_set_intfdata(interface, dev);
1810
1811 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION);
1812 pn533_tx_frame_finish(dev->out_frame);
1813
1814 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1815 dev->in_maxlen);
1816 if (rc)
1817 goto destroy_wq;
1818
1819 fw_ver = (struct pn533_fw_version *)
1820 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1821 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
1822 " attached", fw_ver->ver, fw_ver->rev);
1823
1824 protocols = NFC_PROTO_JEWEL_MASK
1825 | NFC_PROTO_MIFARE_MASK | NFC_PROTO_FELICA_MASK
1826 | NFC_PROTO_ISO14443_MASK
1827 | NFC_PROTO_NFC_DEP_MASK;
1828
1829 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
1830 PN533_CMD_DATAEXCH_HEAD_LEN,
1831 PN533_FRAME_TAIL_SIZE);
1832 if (!dev->nfc_dev)
1833 goto destroy_wq;
1834
1835 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
1836 nfc_set_drvdata(dev->nfc_dev, dev);
1837
1838 rc = nfc_register_device(dev->nfc_dev);
1839 if (rc)
1840 goto free_nfc_dev;
1841
1842 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
1843 max_retries.mx_rty_psl = 2;
1844 max_retries.mx_rty_passive_act = PN533_CONFIG_MAX_RETRIES_NO_RETRY;
1845
1846 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
1847 (u8 *) &max_retries, sizeof(max_retries));
1848
1849 if (rc) {
1850 nfc_dev_err(&dev->interface->dev, "Error on setting MAX_RETRIES"
1851 " config");
1852 goto free_nfc_dev;
1853 }
1854
1855 return 0;
1856
1857 free_nfc_dev:
1858 nfc_free_device(dev->nfc_dev);
1859 destroy_wq:
1860 destroy_workqueue(dev->wq);
1861 error:
1862 kfree(dev->in_frame);
1863 usb_free_urb(dev->in_urb);
1864 kfree(dev->out_frame);
1865 usb_free_urb(dev->out_urb);
1866 kfree(dev);
1867 return rc;
1868 }
1869
1870 static void pn533_disconnect(struct usb_interface *interface)
1871 {
1872 struct pn533 *dev;
1873
1874 dev = usb_get_intfdata(interface);
1875 usb_set_intfdata(interface, NULL);
1876
1877 nfc_unregister_device(dev->nfc_dev);
1878 nfc_free_device(dev->nfc_dev);
1879
1880 usb_kill_urb(dev->in_urb);
1881 usb_kill_urb(dev->out_urb);
1882
1883 destroy_workqueue(dev->wq);
1884
1885 skb_queue_purge(&dev->resp_q);
1886
1887 kfree(dev->in_frame);
1888 usb_free_urb(dev->in_urb);
1889 kfree(dev->out_frame);
1890 usb_free_urb(dev->out_urb);
1891 kfree(dev);
1892
1893 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
1894 }
1895
1896 static struct usb_driver pn533_driver = {
1897 .name = "pn533",
1898 .probe = pn533_probe,
1899 .disconnect = pn533_disconnect,
1900 .id_table = pn533_table,
1901 };
1902
1903 module_usb_driver(pn533_driver);
1904
1905 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>,"
1906 " Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
1907 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
1908 MODULE_VERSION(VERSION);
1909 MODULE_LICENSE("GPL");
Linux kernel - Deliverables
This page took 0.068849 seconds and 6 git commands to generate.