2 * NFC Digital Protocol stack
3 * Copyright (c) 2013, Intel Corporation.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
18 #define DIGITAL_CMD_SENS_REQ 0x26
19 #define DIGITAL_CMD_ALL_REQ 0x52
20 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
21 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
22 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
24 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
26 #define DIGITAL_SDD_RES_CT 0x88
27 #define DIGITAL_SDD_RES_LEN 5
29 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
30 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
31 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
33 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x000C) == 0x000C)
34 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
35 ((!((sens_res) & 0x1F00) && (((sens_res) & 0x000C) == 0x000C)) || \
36 (((sens_res) & 0x1F00) && ((sens_res) & 0x000C) != 0x000C))
38 #define DIGITAL_MIFARE_READ_RES_LEN 16
39 #define DIGITAL_MIFARE_ACK_RES 0x0A
41 #define DIGITAL_CMD_SENSF_REQ 0x00
42 #define DIGITAL_CMD_SENSF_RES 0x01
44 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
45 #define DIGITAL_SENSF_RES_RD_AP_B1 0x00
46 #define DIGITAL_SENSF_RES_RD_AP_B2 0x8F
48 #define DIGITAL_SENSF_REQ_RC_NONE 0
49 #define DIGITAL_SENSF_REQ_RC_SC 1
50 #define DIGITAL_SENSF_REQ_RC_AP 2
52 struct digital_sdd_res
{
57 struct digital_sel_req
{
64 struct digital_sensf_req
{
72 struct digital_sensf_res
{
83 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
84 struct nfc_target
*target
);
86 static void digital_in_recv_sel_res(struct nfc_digital_dev
*ddev
, void *arg
,
89 struct nfc_target
*target
= arg
;
100 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
101 rc
= digital_skb_check_crc_a(resp
);
103 PROTOCOL_ERR("4.4.1.3");
113 sel_res
= resp
->data
[0];
115 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res
)) {
116 rc
= digital_in_send_sdd_req(ddev
, target
);
123 if (DIGITAL_SEL_RES_IS_T2T(sel_res
)) {
124 nfc_proto
= NFC_PROTO_MIFARE
;
125 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res
)) {
126 nfc_proto
= NFC_PROTO_NFC_DEP
;
132 target
->sel_res
= sel_res
;
134 rc
= digital_target_found(ddev
, target
, nfc_proto
);
143 digital_poll_next_tech(ddev
);
146 static int digital_in_send_sel_req(struct nfc_digital_dev
*ddev
,
147 struct nfc_target
*target
,
148 struct digital_sdd_res
*sdd_res
)
151 struct digital_sel_req
*sel_req
;
155 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sel_req
));
159 skb_put(skb
, sizeof(struct digital_sel_req
));
160 sel_req
= (struct digital_sel_req
*)skb
->data
;
162 if (target
->nfcid1_len
<= 4)
163 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
164 else if (target
->nfcid1_len
< 10)
165 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
167 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
169 sel_req
->sel_cmd
= sel_cmd
;
171 memcpy(sel_req
->nfcid1
, sdd_res
->nfcid1
, 4);
172 sel_req
->bcc
= sdd_res
->bcc
;
174 if (DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
175 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
176 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A
);
180 digital_skb_add_crc_a(skb
);
183 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sel_res
,
192 static void digital_in_recv_sdd_res(struct nfc_digital_dev
*ddev
, void *arg
,
193 struct sk_buff
*resp
)
195 struct nfc_target
*target
= arg
;
196 struct digital_sdd_res
*sdd_res
;
207 if (resp
->len
< DIGITAL_SDD_RES_LEN
) {
208 PROTOCOL_ERR("4.7.2.8");
213 sdd_res
= (struct digital_sdd_res
*)resp
->data
;
215 for (i
= 0, bcc
= 0; i
< 4; i
++)
216 bcc
^= sdd_res
->nfcid1
[i
];
218 if (bcc
!= sdd_res
->bcc
) {
219 PROTOCOL_ERR("4.7.2.6");
224 if (sdd_res
->nfcid1
[0] == DIGITAL_SDD_RES_CT
) {
232 memcpy(target
->nfcid1
+ target
->nfcid1_len
, sdd_res
->nfcid1
+ offset
,
234 target
->nfcid1_len
+= size
;
236 rc
= digital_in_send_sel_req(ddev
, target
, sdd_res
);
243 digital_poll_next_tech(ddev
);
247 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
248 struct nfc_target
*target
)
254 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
255 NFC_DIGITAL_FRAMING_NFCA_STANDARD
);
259 skb
= digital_skb_alloc(ddev
, 2);
261 PR_ERR("alloc_skb failed");
265 if (target
->nfcid1_len
== 0)
266 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
267 else if (target
->nfcid1_len
== 3)
268 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
270 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
272 *skb_put(skb
, sizeof(u8
)) = sel_cmd
;
273 *skb_put(skb
, sizeof(u8
)) = DIGITAL_SDD_REQ_SEL_PAR
;
275 return digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sdd_res
,
279 static void digital_in_recv_sens_res(struct nfc_digital_dev
*ddev
, void *arg
,
280 struct sk_buff
*resp
)
282 struct nfc_target
*target
= NULL
;
292 if (resp
->len
< sizeof(u16
)) {
297 target
= kzalloc(sizeof(struct nfc_target
), GFP_KERNEL
);
303 memcpy(&target
->sens_res
, resp
->data
, sizeof(u16
));
305 sens_res
= be16_to_cpu(target
->sens_res
);
307 if (!DIGITAL_SENS_RES_IS_VALID(sens_res
)) {
308 PROTOCOL_ERR("4.6.3.3");
313 if (DIGITAL_SENS_RES_IS_T1T(sens_res
))
314 rc
= digital_target_found(ddev
, target
, NFC_PROTO_JEWEL
);
316 rc
= digital_in_send_sdd_req(ddev
, target
);
323 digital_poll_next_tech(ddev
);
327 int digital_in_send_sens_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
332 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
,
333 NFC_DIGITAL_RF_TECH_106A
);
337 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
338 NFC_DIGITAL_FRAMING_NFCA_SHORT
);
342 skb
= digital_skb_alloc(ddev
, 1);
346 *skb_put(skb
, sizeof(u8
)) = DIGITAL_CMD_SENS_REQ
;
348 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sens_res
, NULL
);
355 int digital_in_recv_mifare_res(struct sk_buff
*resp
)
357 /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
358 * Since the driver can't differentiate a ACK/NACK response from a valid
359 * READ response, the CRC calculation must be handled at digital level
360 * even if the driver supports it for this technology.
362 if (resp
->len
== DIGITAL_MIFARE_READ_RES_LEN
+ DIGITAL_CRC_LEN
) {
363 if (digital_skb_check_crc_a(resp
)) {
364 PROTOCOL_ERR("9.4.1.2");
371 /* ACK response (i.e. successful WRITE). */
372 if (resp
->len
== 1 && resp
->data
[0] == DIGITAL_MIFARE_ACK_RES
) {
377 /* NACK and any other responses are treated as error. */
381 static void digital_in_recv_sensf_res(struct nfc_digital_dev
*ddev
, void *arg
,
382 struct sk_buff
*resp
)
386 struct nfc_target target
;
387 struct digital_sensf_res
*sensf_res
;
395 if (resp
->len
< DIGITAL_SENSF_RES_MIN_LENGTH
) {
400 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
401 rc
= digital_skb_check_crc_f(resp
);
403 PROTOCOL_ERR("6.4.1.8");
410 memset(&target
, 0, sizeof(struct nfc_target
));
412 sensf_res
= (struct digital_sensf_res
*)resp
->data
;
414 memcpy(target
.sensf_res
, sensf_res
, resp
->len
);
415 target
.sensf_res_len
= resp
->len
;
417 memcpy(target
.nfcid2
, sensf_res
->nfcid2
, NFC_NFCID2_MAXSIZE
);
418 target
.nfcid2_len
= NFC_NFCID2_MAXSIZE
;
420 if (target
.nfcid2
[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1
&&
421 target
.nfcid2
[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2
)
422 proto
= NFC_PROTO_NFC_DEP
;
424 proto
= NFC_PROTO_FELICA
;
426 rc
= digital_target_found(ddev
, &target
, proto
);
432 digital_poll_next_tech(ddev
);
435 int digital_in_send_sensf_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
437 struct digital_sensf_req
*sensf_req
;
442 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
446 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
447 NFC_DIGITAL_FRAMING_NFCF
);
451 size
= sizeof(struct digital_sensf_req
);
453 skb
= digital_skb_alloc(ddev
, size
);
459 sensf_req
= (struct digital_sensf_req
*)skb
->data
;
460 sensf_req
->cmd
= DIGITAL_CMD_SENSF_REQ
;
461 sensf_req
->sc1
= 0xFF;
462 sensf_req
->sc2
= 0xFF;
466 *skb_push(skb
, 1) = size
+ 1;
468 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
))
469 digital_skb_add_crc_f(skb
);
471 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sensf_res
,
479 static int digital_tg_send_sel_res(struct nfc_digital_dev
*ddev
)
484 skb
= digital_skb_alloc(ddev
, 1);
488 *skb_put(skb
, 1) = DIGITAL_SEL_RES_NFC_DEP
;
490 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
491 digital_skb_add_crc_a(skb
);
493 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_atr_req
,
501 static void digital_tg_recv_sel_req(struct nfc_digital_dev
*ddev
, void *arg
,
502 struct sk_buff
*resp
)
512 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
513 rc
= digital_skb_check_crc_a(resp
);
515 PROTOCOL_ERR("4.4.1.3");
520 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
522 rc
= digital_tg_send_sel_res(ddev
);
526 digital_poll_next_tech(ddev
);
531 static int digital_tg_send_sdd_res(struct nfc_digital_dev
*ddev
)
534 struct digital_sdd_res
*sdd_res
;
537 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sdd_res
));
541 skb_put(skb
, sizeof(struct digital_sdd_res
));
542 sdd_res
= (struct digital_sdd_res
*)skb
->data
;
544 sdd_res
->nfcid1
[0] = 0x08;
545 get_random_bytes(sdd_res
->nfcid1
+ 1, 3);
548 for (i
= 0; i
< 4; i
++)
549 sdd_res
->bcc
^= sdd_res
->nfcid1
[i
];
551 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sel_req
,
559 static void digital_tg_recv_sdd_req(struct nfc_digital_dev
*ddev
, void *arg
,
560 struct sk_buff
*resp
)
571 sdd_req
= resp
->data
;
573 if (resp
->len
< 2 || sdd_req
[0] != DIGITAL_CMD_SEL_REQ_CL1
||
574 sdd_req
[1] != DIGITAL_SDD_REQ_SEL_PAR
) {
579 rc
= digital_tg_send_sdd_res(ddev
);
583 digital_poll_next_tech(ddev
);
588 static int digital_tg_send_sens_res(struct nfc_digital_dev
*ddev
)
594 skb
= digital_skb_alloc(ddev
, 2);
598 sens_res
= skb_put(skb
, 2);
600 sens_res
[0] = (DIGITAL_SENS_RES_NFC_DEP
>> 8) & 0xFF;
601 sens_res
[1] = DIGITAL_SENS_RES_NFC_DEP
& 0xFF;
603 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sdd_req
,
611 void digital_tg_recv_sens_req(struct nfc_digital_dev
*ddev
, void *arg
,
612 struct sk_buff
*resp
)
623 sens_req
= resp
->data
[0];
625 if (!resp
->len
|| (sens_req
!= DIGITAL_CMD_SENS_REQ
&&
626 sens_req
!= DIGITAL_CMD_ALL_REQ
)) {
631 rc
= digital_tg_send_sens_res(ddev
);
635 digital_poll_next_tech(ddev
);
640 int digital_tg_send_sensf_res(struct nfc_digital_dev
*ddev
,
641 struct digital_sensf_req
*sensf_req
)
646 struct digital_sensf_res
*sensf_res
;
648 size
= sizeof(struct digital_sensf_res
);
650 if (sensf_req
->rc
!= DIGITAL_SENSF_REQ_RC_NONE
)
651 size
-= sizeof(sensf_res
->rd
);
653 skb
= digital_skb_alloc(ddev
, size
);
659 sensf_res
= (struct digital_sensf_res
*)skb
->data
;
661 memset(sensf_res
, 0, size
);
663 sensf_res
->cmd
= DIGITAL_CMD_SENSF_RES
;
664 sensf_res
->nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
665 sensf_res
->nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
666 get_random_bytes(&sensf_res
->nfcid2
[2], 6);
668 switch (sensf_req
->rc
) {
669 case DIGITAL_SENSF_REQ_RC_SC
:
670 sensf_res
->rd
[0] = sensf_req
->sc1
;
671 sensf_res
->rd
[1] = sensf_req
->sc2
;
673 case DIGITAL_SENSF_REQ_RC_AP
:
674 sensf_res
->rd
[0] = DIGITAL_SENSF_RES_RD_AP_B1
;
675 sensf_res
->rd
[1] = DIGITAL_SENSF_RES_RD_AP_B2
;
679 *skb_push(skb
, sizeof(u8
)) = size
+ 1;
681 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
682 digital_skb_add_crc_f(skb
);
684 rc
= digital_tg_send_cmd(ddev
, skb
, 300,
685 digital_tg_recv_atr_req
, NULL
);
692 void digital_tg_recv_sensf_req(struct nfc_digital_dev
*ddev
, void *arg
,
693 struct sk_buff
*resp
)
695 struct digital_sensf_req
*sensf_req
;
704 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
705 rc
= digital_skb_check_crc_f(resp
);
707 PROTOCOL_ERR("6.4.1.8");
712 if (resp
->len
!= sizeof(struct digital_sensf_req
) + 1) {
718 sensf_req
= (struct digital_sensf_req
*)resp
->data
;
720 if (sensf_req
->cmd
!= DIGITAL_CMD_SENSF_REQ
) {
725 rc
= digital_tg_send_sensf_res(ddev
, sensf_req
);
729 digital_poll_next_tech(ddev
);
734 int digital_tg_listen_nfca(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
738 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
742 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
743 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP
);
747 return digital_tg_listen(ddev
, 300, digital_tg_recv_sens_req
, NULL
);
750 int digital_tg_listen_nfcf(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
755 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
759 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
760 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP
);
764 nfcid2
= kzalloc(NFC_NFCID2_MAXSIZE
, GFP_KERNEL
);
768 nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
769 nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
770 get_random_bytes(nfcid2
+ 2, NFC_NFCID2_MAXSIZE
- 2);
772 return digital_tg_listen(ddev
, 300, digital_tg_recv_sensf_req
, nfcid2
);