2 * NFC Digital Protocol stack
3 * Copyright (c) 2013, Intel Corporation.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
20 #define DIGITAL_CMD_SENS_REQ 0x26
21 #define DIGITAL_CMD_ALL_REQ 0x52
22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
28 #define DIGITAL_SDD_RES_CT 0x88
29 #define DIGITAL_SDD_RES_LEN 5
31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
33 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
35 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x000C) == 0x000C)
36 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
37 ((!((sens_res) & 0x1F00) && (((sens_res) & 0x000C) == 0x000C)) || \
38 (((sens_res) & 0x1F00) && ((sens_res) & 0x000C) != 0x000C))
40 #define DIGITAL_MIFARE_READ_RES_LEN 16
41 #define DIGITAL_MIFARE_ACK_RES 0x0A
43 #define DIGITAL_CMD_SENSF_REQ 0x00
44 #define DIGITAL_CMD_SENSF_RES 0x01
46 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
47 #define DIGITAL_SENSF_RES_RD_AP_B1 0x00
48 #define DIGITAL_SENSF_RES_RD_AP_B2 0x8F
50 #define DIGITAL_SENSF_REQ_RC_NONE 0
51 #define DIGITAL_SENSF_REQ_RC_SC 1
52 #define DIGITAL_SENSF_REQ_RC_AP 2
54 struct digital_sdd_res
{
59 struct digital_sel_req
{
66 struct digital_sensf_req
{
74 struct digital_sensf_res
{
85 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
86 struct nfc_target
*target
);
88 static void digital_in_recv_sel_res(struct nfc_digital_dev
*ddev
, void *arg
,
91 struct nfc_target
*target
= arg
;
102 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
103 rc
= digital_skb_check_crc_a(resp
);
105 PROTOCOL_ERR("4.4.1.3");
115 sel_res
= resp
->data
[0];
117 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res
)) {
118 rc
= digital_in_send_sdd_req(ddev
, target
);
125 if (DIGITAL_SEL_RES_IS_T2T(sel_res
)) {
126 nfc_proto
= NFC_PROTO_MIFARE
;
127 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res
)) {
128 nfc_proto
= NFC_PROTO_NFC_DEP
;
134 target
->sel_res
= sel_res
;
136 rc
= digital_target_found(ddev
, target
, nfc_proto
);
145 digital_poll_next_tech(ddev
);
148 static int digital_in_send_sel_req(struct nfc_digital_dev
*ddev
,
149 struct nfc_target
*target
,
150 struct digital_sdd_res
*sdd_res
)
153 struct digital_sel_req
*sel_req
;
157 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sel_req
));
161 skb_put(skb
, sizeof(struct digital_sel_req
));
162 sel_req
= (struct digital_sel_req
*)skb
->data
;
164 if (target
->nfcid1_len
<= 4)
165 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
166 else if (target
->nfcid1_len
< 10)
167 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
169 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
171 sel_req
->sel_cmd
= sel_cmd
;
173 memcpy(sel_req
->nfcid1
, sdd_res
->nfcid1
, 4);
174 sel_req
->bcc
= sdd_res
->bcc
;
176 if (DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
177 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
178 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A
);
182 digital_skb_add_crc_a(skb
);
185 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sel_res
,
194 static void digital_in_recv_sdd_res(struct nfc_digital_dev
*ddev
, void *arg
,
195 struct sk_buff
*resp
)
197 struct nfc_target
*target
= arg
;
198 struct digital_sdd_res
*sdd_res
;
209 if (resp
->len
< DIGITAL_SDD_RES_LEN
) {
210 PROTOCOL_ERR("4.7.2.8");
215 sdd_res
= (struct digital_sdd_res
*)resp
->data
;
217 for (i
= 0, bcc
= 0; i
< 4; i
++)
218 bcc
^= sdd_res
->nfcid1
[i
];
220 if (bcc
!= sdd_res
->bcc
) {
221 PROTOCOL_ERR("4.7.2.6");
226 if (sdd_res
->nfcid1
[0] == DIGITAL_SDD_RES_CT
) {
234 memcpy(target
->nfcid1
+ target
->nfcid1_len
, sdd_res
->nfcid1
+ offset
,
236 target
->nfcid1_len
+= size
;
238 rc
= digital_in_send_sel_req(ddev
, target
, sdd_res
);
245 digital_poll_next_tech(ddev
);
249 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
250 struct nfc_target
*target
)
256 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
257 NFC_DIGITAL_FRAMING_NFCA_STANDARD
);
261 skb
= digital_skb_alloc(ddev
, 2);
265 if (target
->nfcid1_len
== 0)
266 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
267 else if (target
->nfcid1_len
== 3)
268 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
270 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
272 *skb_put(skb
, sizeof(u8
)) = sel_cmd
;
273 *skb_put(skb
, sizeof(u8
)) = DIGITAL_SDD_REQ_SEL_PAR
;
275 return digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sdd_res
,
279 static void digital_in_recv_sens_res(struct nfc_digital_dev
*ddev
, void *arg
,
280 struct sk_buff
*resp
)
282 struct nfc_target
*target
= NULL
;
292 if (resp
->len
< sizeof(u16
)) {
297 target
= kzalloc(sizeof(struct nfc_target
), GFP_KERNEL
);
303 memcpy(&target
->sens_res
, resp
->data
, sizeof(u16
));
305 sens_res
= be16_to_cpu(target
->sens_res
);
307 if (!DIGITAL_SENS_RES_IS_VALID(sens_res
)) {
308 PROTOCOL_ERR("4.6.3.3");
313 if (DIGITAL_SENS_RES_IS_T1T(sens_res
))
314 rc
= digital_target_found(ddev
, target
, NFC_PROTO_JEWEL
);
316 rc
= digital_in_send_sdd_req(ddev
, target
);
323 digital_poll_next_tech(ddev
);
327 int digital_in_send_sens_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
332 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
,
333 NFC_DIGITAL_RF_TECH_106A
);
337 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
338 NFC_DIGITAL_FRAMING_NFCA_SHORT
);
342 skb
= digital_skb_alloc(ddev
, 1);
346 *skb_put(skb
, sizeof(u8
)) = DIGITAL_CMD_SENS_REQ
;
348 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sens_res
, NULL
);
355 int digital_in_recv_mifare_res(struct sk_buff
*resp
)
357 /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
358 * Since the driver can't differentiate a ACK/NACK response from a valid
359 * READ response, the CRC calculation must be handled at digital level
360 * even if the driver supports it for this technology.
362 if (resp
->len
== DIGITAL_MIFARE_READ_RES_LEN
+ DIGITAL_CRC_LEN
) {
363 if (digital_skb_check_crc_a(resp
)) {
364 PROTOCOL_ERR("9.4.1.2");
371 /* ACK response (i.e. successful WRITE). */
372 if (resp
->len
== 1 && resp
->data
[0] == DIGITAL_MIFARE_ACK_RES
) {
377 /* NACK and any other responses are treated as error. */
381 static void digital_in_recv_sensf_res(struct nfc_digital_dev
*ddev
, void *arg
,
382 struct sk_buff
*resp
)
386 struct nfc_target target
;
387 struct digital_sensf_res
*sensf_res
;
395 if (resp
->len
< DIGITAL_SENSF_RES_MIN_LENGTH
) {
400 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
401 rc
= digital_skb_check_crc_f(resp
);
403 PROTOCOL_ERR("6.4.1.8");
410 memset(&target
, 0, sizeof(struct nfc_target
));
412 sensf_res
= (struct digital_sensf_res
*)resp
->data
;
414 memcpy(target
.sensf_res
, sensf_res
, resp
->len
);
415 target
.sensf_res_len
= resp
->len
;
417 memcpy(target
.nfcid2
, sensf_res
->nfcid2
, NFC_NFCID2_MAXSIZE
);
418 target
.nfcid2_len
= NFC_NFCID2_MAXSIZE
;
420 if (target
.nfcid2
[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1
&&
421 target
.nfcid2
[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2
)
422 proto
= NFC_PROTO_NFC_DEP
;
424 proto
= NFC_PROTO_FELICA
;
426 rc
= digital_target_found(ddev
, &target
, proto
);
432 digital_poll_next_tech(ddev
);
435 int digital_in_send_sensf_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
437 struct digital_sensf_req
*sensf_req
;
442 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
446 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
447 NFC_DIGITAL_FRAMING_NFCF
);
451 size
= sizeof(struct digital_sensf_req
);
453 skb
= digital_skb_alloc(ddev
, size
);
459 sensf_req
= (struct digital_sensf_req
*)skb
->data
;
460 sensf_req
->cmd
= DIGITAL_CMD_SENSF_REQ
;
461 sensf_req
->sc1
= 0xFF;
462 sensf_req
->sc2
= 0xFF;
466 *skb_push(skb
, 1) = size
+ 1;
468 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
))
469 digital_skb_add_crc_f(skb
);
471 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sensf_res
,
479 static int digital_tg_send_sel_res(struct nfc_digital_dev
*ddev
)
484 skb
= digital_skb_alloc(ddev
, 1);
488 *skb_put(skb
, 1) = DIGITAL_SEL_RES_NFC_DEP
;
490 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
491 digital_skb_add_crc_a(skb
);
493 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_atr_req
,
501 static void digital_tg_recv_sel_req(struct nfc_digital_dev
*ddev
, void *arg
,
502 struct sk_buff
*resp
)
512 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
513 rc
= digital_skb_check_crc_a(resp
);
515 PROTOCOL_ERR("4.4.1.3");
520 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
522 rc
= digital_tg_send_sel_res(ddev
);
526 digital_poll_next_tech(ddev
);
531 static int digital_tg_send_sdd_res(struct nfc_digital_dev
*ddev
)
534 struct digital_sdd_res
*sdd_res
;
537 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sdd_res
));
541 skb_put(skb
, sizeof(struct digital_sdd_res
));
542 sdd_res
= (struct digital_sdd_res
*)skb
->data
;
544 sdd_res
->nfcid1
[0] = 0x08;
545 get_random_bytes(sdd_res
->nfcid1
+ 1, 3);
548 for (i
= 0; i
< 4; i
++)
549 sdd_res
->bcc
^= sdd_res
->nfcid1
[i
];
551 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sel_req
,
559 static void digital_tg_recv_sdd_req(struct nfc_digital_dev
*ddev
, void *arg
,
560 struct sk_buff
*resp
)
571 sdd_req
= resp
->data
;
573 if (resp
->len
< 2 || sdd_req
[0] != DIGITAL_CMD_SEL_REQ_CL1
||
574 sdd_req
[1] != DIGITAL_SDD_REQ_SEL_PAR
) {
579 rc
= digital_tg_send_sdd_res(ddev
);
583 digital_poll_next_tech(ddev
);
588 static int digital_tg_send_sens_res(struct nfc_digital_dev
*ddev
)
594 skb
= digital_skb_alloc(ddev
, 2);
598 sens_res
= skb_put(skb
, 2);
600 sens_res
[0] = (DIGITAL_SENS_RES_NFC_DEP
>> 8) & 0xFF;
601 sens_res
[1] = DIGITAL_SENS_RES_NFC_DEP
& 0xFF;
603 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sdd_req
,
611 void digital_tg_recv_sens_req(struct nfc_digital_dev
*ddev
, void *arg
,
612 struct sk_buff
*resp
)
623 sens_req
= resp
->data
[0];
625 if (!resp
->len
|| (sens_req
!= DIGITAL_CMD_SENS_REQ
&&
626 sens_req
!= DIGITAL_CMD_ALL_REQ
)) {
631 rc
= digital_tg_send_sens_res(ddev
);
635 digital_poll_next_tech(ddev
);
640 int digital_tg_send_sensf_res(struct nfc_digital_dev
*ddev
,
641 struct digital_sensf_req
*sensf_req
)
646 struct digital_sensf_res
*sensf_res
;
648 size
= sizeof(struct digital_sensf_res
);
650 if (sensf_req
->rc
!= DIGITAL_SENSF_REQ_RC_NONE
)
651 size
-= sizeof(sensf_res
->rd
);
653 skb
= digital_skb_alloc(ddev
, size
);
659 sensf_res
= (struct digital_sensf_res
*)skb
->data
;
661 memset(sensf_res
, 0, size
);
663 sensf_res
->cmd
= DIGITAL_CMD_SENSF_RES
;
664 sensf_res
->nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
665 sensf_res
->nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
666 get_random_bytes(&sensf_res
->nfcid2
[2], 6);
668 switch (sensf_req
->rc
) {
669 case DIGITAL_SENSF_REQ_RC_SC
:
670 sensf_res
->rd
[0] = sensf_req
->sc1
;
671 sensf_res
->rd
[1] = sensf_req
->sc2
;
673 case DIGITAL_SENSF_REQ_RC_AP
:
674 sensf_res
->rd
[0] = DIGITAL_SENSF_RES_RD_AP_B1
;
675 sensf_res
->rd
[1] = DIGITAL_SENSF_RES_RD_AP_B2
;
679 *skb_push(skb
, sizeof(u8
)) = size
+ 1;
681 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
682 digital_skb_add_crc_f(skb
);
684 rc
= digital_tg_send_cmd(ddev
, skb
, 300,
685 digital_tg_recv_atr_req
, NULL
);
692 void digital_tg_recv_sensf_req(struct nfc_digital_dev
*ddev
, void *arg
,
693 struct sk_buff
*resp
)
695 struct digital_sensf_req
*sensf_req
;
704 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
705 rc
= digital_skb_check_crc_f(resp
);
707 PROTOCOL_ERR("6.4.1.8");
712 if (resp
->len
!= sizeof(struct digital_sensf_req
) + 1) {
718 sensf_req
= (struct digital_sensf_req
*)resp
->data
;
720 if (sensf_req
->cmd
!= DIGITAL_CMD_SENSF_REQ
) {
725 rc
= digital_tg_send_sensf_res(ddev
, sensf_req
);
729 digital_poll_next_tech(ddev
);
734 int digital_tg_listen_nfca(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
738 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
742 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
743 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP
);
747 return digital_tg_listen(ddev
, 300, digital_tg_recv_sens_req
, NULL
);
750 int digital_tg_listen_nfcf(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
755 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
759 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
760 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP
);
764 nfcid2
= kzalloc(NFC_NFCID2_MAXSIZE
, GFP_KERNEL
);
768 nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
769 nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
770 get_random_bytes(nfcid2
+ 2, NFC_NFCID2_MAXSIZE
- 2);
772 return digital_tg_listen(ddev
, 300, digital_tg_recv_sensf_req
, nfcid2
);