linux/drivers/nfc/pn544/pn544.c
<<
>>
Prefs
   1/*
   2 * HCI based Driver for NXP PN544 NFC Chip
   3 *
   4 * Copyright (C) 2012  Intel Corporation. All rights reserved.
   5 *
   6 * This program is free software; you can redistribute it and/or modify it
   7 * under the terms and conditions of the GNU General Public License,
   8 * version 2, as published by the Free Software Foundation.
   9 *
  10 * This program is distributed in the hope that it will be useful,
  11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 * GNU General Public License for more details.
  14 *
  15 * You should have received a copy of the GNU General Public License
  16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
  17 */
  18
  19#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  20
  21#include <linux/delay.h>
  22#include <linux/slab.h>
  23#include <linux/module.h>
  24
  25#include <linux/nfc.h>
  26#include <net/nfc/hci.h>
  27#include <net/nfc/llc.h>
  28
  29#include "pn544.h"
  30
  31/* Timing restrictions (ms) */
  32#define PN544_HCI_RESETVEN_TIME         30
  33
  34enum pn544_state {
  35        PN544_ST_COLD,
  36        PN544_ST_FW_READY,
  37        PN544_ST_READY,
  38};
  39
  40#define FULL_VERSION_LEN 11
  41
  42/* Proprietary commands */
  43#define PN544_WRITE             0x3f
  44#define PN544_TEST_SWP          0x21
  45
  46/* Proprietary gates, events, commands and registers */
  47
  48/* NFC_HCI_RF_READER_A_GATE additional registers and commands */
  49#define PN544_RF_READER_A_AUTO_ACTIVATION                       0x10
  50#define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION               0x12
  51#define PN544_MIFARE_CMD                                        0x21
  52
  53/* Commands that apply to all RF readers */
  54#define PN544_RF_READER_CMD_PRESENCE_CHECK      0x30
  55#define PN544_RF_READER_CMD_ACTIVATE_NEXT       0x32
  56
  57/* NFC_HCI_ID_MGMT_GATE additional registers */
  58#define PN544_ID_MGMT_FULL_VERSION_SW           0x10
  59
  60#define PN544_RF_READER_ISO15693_GATE           0x12
  61
  62#define PN544_RF_READER_F_GATE                  0x14
  63#define PN544_FELICA_ID                         0x04
  64#define PN544_FELICA_RAW                        0x20
  65
  66#define PN544_RF_READER_JEWEL_GATE              0x15
  67#define PN544_JEWEL_RAW_CMD                     0x23
  68
  69#define PN544_RF_READER_NFCIP1_INITIATOR_GATE   0x30
  70#define PN544_RF_READER_NFCIP1_TARGET_GATE      0x31
  71
  72#define PN544_SYS_MGMT_GATE                     0x90
  73#define PN544_SYS_MGMT_INFO_NOTIFICATION        0x02
  74
  75#define PN544_POLLING_LOOP_MGMT_GATE            0x94
  76#define PN544_DEP_MODE                          0x01
  77#define PN544_DEP_ATR_REQ                       0x02
  78#define PN544_DEP_ATR_RES                       0x03
  79#define PN544_DEP_MERGE                         0x0D
  80#define PN544_PL_RDPHASES                       0x06
  81#define PN544_PL_EMULATION                      0x07
  82#define PN544_PL_NFCT_DEACTIVATED               0x09
  83
  84#define PN544_SWP_MGMT_GATE                     0xA0
  85#define PN544_SWP_DEFAULT_MODE                  0x01
  86
  87#define PN544_NFC_WI_MGMT_GATE                  0xA1
  88#define PN544_NFC_ESE_DEFAULT_MODE              0x01
  89
  90#define PN544_HCI_EVT_SND_DATA                  0x01
  91#define PN544_HCI_EVT_ACTIVATED                 0x02
  92#define PN544_HCI_EVT_DEACTIVATED               0x03
  93#define PN544_HCI_EVT_RCV_DATA                  0x04
  94#define PN544_HCI_EVT_CONTINUE_MI               0x05
  95#define PN544_HCI_EVT_SWITCH_MODE               0x03
  96
  97#define PN544_HCI_CMD_ATTREQUEST                0x12
  98#define PN544_HCI_CMD_CONTINUE_ACTIVATION       0x13
  99
 100static struct nfc_hci_gate pn544_gates[] = {
 101        {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE},
 102        {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE},
 103        {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 104        {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 105        {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE},
 106        {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE},
 107        {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 108        {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 109        {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 110        {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE},
 111        {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE},
 112        {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE},
 113        {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE},
 114        {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE},
 115        {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE}
 116};
 117
 118/* Largest headroom needed for outgoing custom commands */
 119#define PN544_CMDS_HEADROOM     2
 120
 121struct pn544_hci_info {
 122        struct nfc_phy_ops *phy_ops;
 123        void *phy_id;
 124
 125        struct nfc_hci_dev *hdev;
 126
 127        enum pn544_state state;
 128
 129        struct mutex info_lock;
 130
 131        int async_cb_type;
 132        data_exchange_cb_t async_cb;
 133        void *async_cb_context;
 134
 135        fw_download_t fw_download;
 136};
 137
 138static int pn544_hci_open(struct nfc_hci_dev *hdev)
 139{
 140        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 141        int r = 0;
 142
 143        mutex_lock(&info->info_lock);
 144
 145        if (info->state != PN544_ST_COLD) {
 146                r = -EBUSY;
 147                goto out;
 148        }
 149
 150        r = info->phy_ops->enable(info->phy_id);
 151
 152        if (r == 0)
 153                info->state = PN544_ST_READY;
 154
 155out:
 156        mutex_unlock(&info->info_lock);
 157        return r;
 158}
 159
 160static void pn544_hci_close(struct nfc_hci_dev *hdev)
 161{
 162        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 163
 164        mutex_lock(&info->info_lock);
 165
 166        if (info->state == PN544_ST_COLD)
 167                goto out;
 168
 169        info->phy_ops->disable(info->phy_id);
 170
 171        info->state = PN544_ST_COLD;
 172
 173out:
 174        mutex_unlock(&info->info_lock);
 175}
 176
 177static int pn544_hci_ready(struct nfc_hci_dev *hdev)
 178{
 179        struct sk_buff *skb;
 180        static struct hw_config {
 181                u8 adr[2];
 182                u8 value;
 183        } hw_config[] = {
 184                {{0x9f, 0x9a}, 0x00},
 185
 186                {{0x98, 0x10}, 0xbc},
 187
 188                {{0x9e, 0x71}, 0x00},
 189
 190                {{0x98, 0x09}, 0x00},
 191
 192                {{0x9e, 0xb4}, 0x00},
 193
 194                {{0x9c, 0x01}, 0x08},
 195
 196                {{0x9e, 0xaa}, 0x01},
 197
 198                {{0x9b, 0xd1}, 0x17},
 199                {{0x9b, 0xd2}, 0x58},
 200                {{0x9b, 0xd3}, 0x10},
 201                {{0x9b, 0xd4}, 0x47},
 202                {{0x9b, 0xd5}, 0x0c},
 203                {{0x9b, 0xd6}, 0x37},
 204                {{0x9b, 0xdd}, 0x33},
 205
 206                {{0x9b, 0x84}, 0x00},
 207                {{0x99, 0x81}, 0x79},
 208                {{0x99, 0x31}, 0x79},
 209
 210                {{0x98, 0x00}, 0x3f},
 211
 212                {{0x9f, 0x09}, 0x02},
 213
 214                {{0x9f, 0x0a}, 0x05},
 215
 216                {{0x9e, 0xd1}, 0xa1},
 217                {{0x99, 0x23}, 0x01},
 218
 219                {{0x9e, 0x74}, 0x00},
 220                {{0x9e, 0x90}, 0x00},
 221                {{0x9f, 0x28}, 0x10},
 222
 223                {{0x9f, 0x35}, 0x04},
 224
 225                {{0x9f, 0x36}, 0x11},
 226
 227                {{0x9c, 0x31}, 0x00},
 228
 229                {{0x9c, 0x32}, 0x00},
 230
 231                {{0x9c, 0x19}, 0x0a},
 232
 233                {{0x9c, 0x1a}, 0x0a},
 234
 235                {{0x9c, 0x0c}, 0x00},
 236
 237                {{0x9c, 0x0d}, 0x00},
 238
 239                {{0x9c, 0x12}, 0x00},
 240
 241                {{0x9c, 0x13}, 0x00},
 242
 243                {{0x98, 0xa2}, 0x09},
 244
 245                {{0x98, 0x93}, 0x00},
 246
 247                {{0x98, 0x7d}, 0x08},
 248                {{0x98, 0x7e}, 0x00},
 249                {{0x9f, 0xc8}, 0x00},
 250        };
 251        struct hw_config *p = hw_config;
 252        int count = ARRAY_SIZE(hw_config);
 253        struct sk_buff *res_skb;
 254        u8 param[4];
 255        int r;
 256
 257        param[0] = 0;
 258        while (count--) {
 259                param[1] = p->adr[0];
 260                param[2] = p->adr[1];
 261                param[3] = p->value;
 262
 263                r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE,
 264                                     param, 4, &res_skb);
 265                if (r < 0)
 266                        return r;
 267
 268                if (res_skb->len != 1) {
 269                        kfree_skb(res_skb);
 270                        return -EPROTO;
 271                }
 272
 273                if (res_skb->data[0] != p->value) {
 274                        kfree_skb(res_skb);
 275                        return -EIO;
 276                }
 277
 278                kfree_skb(res_skb);
 279
 280                p++;
 281        }
 282
 283        param[0] = NFC_HCI_UICC_HOST_ID;
 284        r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE,
 285                              NFC_HCI_ADMIN_WHITELIST, param, 1);
 286        if (r < 0)
 287                return r;
 288
 289        param[0] = 0x3d;
 290        r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE,
 291                              PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1);
 292        if (r < 0)
 293                return r;
 294
 295        param[0] = 0x0;
 296        r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE,
 297                              PN544_RF_READER_A_AUTO_ACTIVATION, param, 1);
 298        if (r < 0)
 299                return r;
 300
 301        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 302                               NFC_HCI_EVT_END_OPERATION, NULL, 0);
 303        if (r < 0)
 304                return r;
 305
 306        param[0] = 0x1;
 307        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 308                              PN544_PL_NFCT_DEACTIVATED, param, 1);
 309        if (r < 0)
 310                return r;
 311
 312        param[0] = 0x0;
 313        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 314                              PN544_PL_RDPHASES, param, 1);
 315        if (r < 0)
 316                return r;
 317
 318        r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE,
 319                              PN544_ID_MGMT_FULL_VERSION_SW, &skb);
 320        if (r < 0)
 321                return r;
 322
 323        if (skb->len != FULL_VERSION_LEN) {
 324                kfree_skb(skb);
 325                return -EINVAL;
 326        }
 327
 328        print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ",
 329                       DUMP_PREFIX_NONE, 16, 1,
 330                       skb->data, FULL_VERSION_LEN, false);
 331
 332        kfree_skb(skb);
 333
 334        return 0;
 335}
 336
 337static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 338{
 339        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 340
 341        return info->phy_ops->write(info->phy_id, skb);
 342}
 343
 344static int pn544_hci_start_poll(struct nfc_hci_dev *hdev,
 345                                u32 im_protocols, u32 tm_protocols)
 346{
 347        u8 phases = 0;
 348        int r;
 349        u8 duration[2];
 350        u8 activated;
 351        u8 i_mode = 0x3f; /* Enable all supported modes */
 352        u8 t_mode = 0x0f;
 353        u8 t_merge = 0x01; /* Enable merge by default */
 354
 355        pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n",
 356                __func__, im_protocols, tm_protocols);
 357
 358        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 359                               NFC_HCI_EVT_END_OPERATION, NULL, 0);
 360        if (r < 0)
 361                return r;
 362
 363        duration[0] = 0x18;
 364        duration[1] = 0x6a;
 365        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 366                              PN544_PL_EMULATION, duration, 2);
 367        if (r < 0)
 368                return r;
 369
 370        activated = 0;
 371        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 372                              PN544_PL_NFCT_DEACTIVATED, &activated, 1);
 373        if (r < 0)
 374                return r;
 375
 376        if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK |
 377                         NFC_PROTO_JEWEL_MASK))
 378                phases |= 1;            /* Type A */
 379        if (im_protocols & NFC_PROTO_FELICA_MASK) {
 380                phases |= (1 << 2);     /* Type F 212 */
 381                phases |= (1 << 3);     /* Type F 424 */
 382        }
 383
 384        phases |= (1 << 5);             /* NFC active */
 385
 386        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 387                              PN544_PL_RDPHASES, &phases, 1);
 388        if (r < 0)
 389                return r;
 390
 391        if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
 392                hdev->gb = nfc_get_local_general_bytes(hdev->ndev,
 393                                                        &hdev->gb_len);
 394                pr_debug("generate local bytes %p\n", hdev->gb);
 395                if (hdev->gb == NULL || hdev->gb_len == 0) {
 396                        im_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
 397                        tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
 398                }
 399        }
 400
 401        if (im_protocols & NFC_PROTO_NFC_DEP_MASK) {
 402                r = nfc_hci_send_event(hdev,
 403                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 404                                NFC_HCI_EVT_END_OPERATION, NULL, 0);
 405                if (r < 0)
 406                        return r;
 407
 408                r = nfc_hci_set_param(hdev,
 409                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 410                                PN544_DEP_MODE, &i_mode, 1);
 411                if (r < 0)
 412                        return r;
 413
 414                r = nfc_hci_set_param(hdev,
 415                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 416                                PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len);
 417                if (r < 0)
 418                        return r;
 419
 420                r = nfc_hci_send_event(hdev,
 421                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 422                                NFC_HCI_EVT_READER_REQUESTED, NULL, 0);
 423                if (r < 0)
 424                        nfc_hci_send_event(hdev,
 425                                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 426                                        NFC_HCI_EVT_END_OPERATION, NULL, 0);
 427        }
 428
 429        if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
 430                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 431                                PN544_DEP_MODE, &t_mode, 1);
 432                if (r < 0)
 433                        return r;
 434
 435                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 436                                PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len);
 437                if (r < 0)
 438                        return r;
 439
 440                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 441                                PN544_DEP_MERGE, &t_merge, 1);
 442                if (r < 0)
 443                        return r;
 444        }
 445
 446        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 447                               NFC_HCI_EVT_READER_REQUESTED, NULL, 0);
 448        if (r < 0)
 449                nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 450                                   NFC_HCI_EVT_END_OPERATION, NULL, 0);
 451
 452        return r;
 453}
 454
 455static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev,
 456                                struct nfc_target *target, u8 comm_mode,
 457                                u8 *gb, size_t gb_len)
 458{
 459        struct sk_buff *rgb_skb = NULL;
 460        int r;
 461
 462        r = nfc_hci_get_param(hdev, target->hci_reader_gate,
 463                                PN544_DEP_ATR_RES, &rgb_skb);
 464        if (r < 0)
 465                return r;
 466
 467        if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) {
 468                r = -EPROTO;
 469                goto exit;
 470        }
 471        print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET,
 472                        16, 1, rgb_skb->data, rgb_skb->len, true);
 473
 474        r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data,
 475                                                rgb_skb->len);
 476
 477        if (r == 0)
 478                r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode,
 479                                        NFC_RF_INITIATOR);
 480exit:
 481        kfree_skb(rgb_skb);
 482        return r;
 483}
 484
 485static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev)
 486{
 487
 488        return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 489                                        NFC_HCI_EVT_END_OPERATION, NULL, 0);
 490}
 491
 492static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate,
 493                                      struct nfc_target *target)
 494{
 495        switch (gate) {
 496        case PN544_RF_READER_F_GATE:
 497                target->supported_protocols = NFC_PROTO_FELICA_MASK;
 498                break;
 499        case PN544_RF_READER_JEWEL_GATE:
 500                target->supported_protocols = NFC_PROTO_JEWEL_MASK;
 501                target->sens_res = 0x0c00;
 502                break;
 503        case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
 504                target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
 505                break;
 506        default:
 507                return -EPROTO;
 508        }
 509
 510        return 0;
 511}
 512
 513static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev,
 514                                                u8 gate,
 515                                                struct nfc_target *target)
 516{
 517        struct sk_buff *uid_skb;
 518        int r = 0;
 519
 520        if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE)
 521                return r;
 522
 523        if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
 524                r = nfc_hci_send_cmd(hdev,
 525                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 526                        PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL);
 527                if (r < 0)
 528                        return r;
 529
 530                target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE;
 531        } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 532                if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
 533                    target->nfcid1_len != 10)
 534                        return -EPROTO;
 535
 536                r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 537                                     PN544_RF_READER_CMD_ACTIVATE_NEXT,
 538                                     target->nfcid1, target->nfcid1_len, NULL);
 539        } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) {
 540                r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE,
 541                                      PN544_FELICA_ID, &uid_skb);
 542                if (r < 0)
 543                        return r;
 544
 545                if (uid_skb->len != 8) {
 546                        kfree_skb(uid_skb);
 547                        return -EPROTO;
 548                }
 549
 550                /* Type F NFC-DEP IDm has prefix 0x01FE */
 551                if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) {
 552                        kfree_skb(uid_skb);
 553                        r = nfc_hci_send_cmd(hdev,
 554                                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 555                                        PN544_HCI_CMD_CONTINUE_ACTIVATION,
 556                                        NULL, 0, NULL);
 557                        if (r < 0)
 558                                return r;
 559
 560                        target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
 561                        target->hci_reader_gate =
 562                                PN544_RF_READER_NFCIP1_INITIATOR_GATE;
 563                } else {
 564                        r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE,
 565                                             PN544_RF_READER_CMD_ACTIVATE_NEXT,
 566                                             uid_skb->data, uid_skb->len, NULL);
 567                        kfree_skb(uid_skb);
 568                }
 569        } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) {
 570                /*
 571                 * TODO: maybe other ISO 14443 require some kind of continue
 572                 * activation, but for now we've seen only this one below.
 573                 */
 574                if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */
 575                        r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 576                              PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION,
 577                              NULL, 0, NULL);
 578        }
 579
 580        return r;
 581}
 582
 583#define PN544_CB_TYPE_READER_F 1
 584
 585static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb,
 586                                       int err)
 587{
 588        struct pn544_hci_info *info = context;
 589
 590        switch (info->async_cb_type) {
 591        case PN544_CB_TYPE_READER_F:
 592                if (err == 0)
 593                        skb_pull(skb, 1);
 594                info->async_cb(info->async_cb_context, skb, err);
 595                break;
 596        default:
 597                if (err == 0)
 598                        kfree_skb(skb);
 599                break;
 600        }
 601}
 602
 603#define MIFARE_CMD_AUTH_KEY_A   0x60
 604#define MIFARE_CMD_AUTH_KEY_B   0x61
 605#define MIFARE_CMD_HEADER       2
 606#define MIFARE_UID_LEN          4
 607#define MIFARE_KEY_LEN          6
 608#define MIFARE_CMD_LEN          12
 609/*
 610 * Returns:
 611 * <= 0: driver handled the data exchange
 612 *    1: driver doesn't especially handle, please do standard processing
 613 */
 614static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev,
 615                                   struct nfc_target *target,
 616                                   struct sk_buff *skb, data_exchange_cb_t cb,
 617                                   void *cb_context)
 618{
 619        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 620
 621        pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__,
 622                target->hci_reader_gate);
 623
 624        switch (target->hci_reader_gate) {
 625        case NFC_HCI_RF_READER_A_GATE:
 626                if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 627                        /*
 628                         * It seems that pn544 is inverting key and UID for
 629                         * MIFARE authentication commands.
 630                         */
 631                        if (skb->len == MIFARE_CMD_LEN &&
 632                            (skb->data[0] == MIFARE_CMD_AUTH_KEY_A ||
 633                             skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) {
 634                                u8 uid[MIFARE_UID_LEN];
 635                                u8 *data = skb->data + MIFARE_CMD_HEADER;
 636
 637                                memcpy(uid, data + MIFARE_KEY_LEN,
 638                                       MIFARE_UID_LEN);
 639                                memmove(data + MIFARE_UID_LEN, data,
 640                                        MIFARE_KEY_LEN);
 641                                memcpy(data, uid, MIFARE_UID_LEN);
 642                        }
 643
 644                        return nfc_hci_send_cmd_async(hdev,
 645                                                      target->hci_reader_gate,
 646                                                      PN544_MIFARE_CMD,
 647                                                      skb->data, skb->len,
 648                                                      cb, cb_context);
 649                } else
 650                        return 1;
 651        case PN544_RF_READER_F_GATE:
 652                *skb_push(skb, 1) = 0;
 653                *skb_push(skb, 1) = 0;
 654
 655                info->async_cb_type = PN544_CB_TYPE_READER_F;
 656                info->async_cb = cb;
 657                info->async_cb_context = cb_context;
 658
 659                return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
 660                                              PN544_FELICA_RAW, skb->data,
 661                                              skb->len,
 662                                              pn544_hci_data_exchange_cb, info);
 663        case PN544_RF_READER_JEWEL_GATE:
 664                return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
 665                                              PN544_JEWEL_RAW_CMD, skb->data,
 666                                              skb->len, cb, cb_context);
 667        case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
 668                *skb_push(skb, 1) = 0;
 669
 670                return nfc_hci_send_event(hdev, target->hci_reader_gate,
 671                                        PN544_HCI_EVT_SND_DATA, skb->data,
 672                                        skb->len);
 673        default:
 674                return 1;
 675        }
 676}
 677
 678static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 679{
 680        int r;
 681
 682        /* Set default false for multiple information chaining */
 683        *skb_push(skb, 1) = 0;
 684
 685        r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 686                               PN544_HCI_EVT_SND_DATA, skb->data, skb->len);
 687
 688        kfree_skb(skb);
 689
 690        return r;
 691}
 692
 693static int pn544_hci_check_presence(struct nfc_hci_dev *hdev,
 694                                   struct nfc_target *target)
 695{
 696        pr_debug("supported protocol %d\b", target->supported_protocols);
 697        if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK |
 698                                        NFC_PROTO_ISO14443_B_MASK)) {
 699                return nfc_hci_send_cmd(hdev, target->hci_reader_gate,
 700                                        PN544_RF_READER_CMD_PRESENCE_CHECK,
 701                                        NULL, 0, NULL);
 702        } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 703                if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
 704                    target->nfcid1_len != 10)
 705                        return -EOPNOTSUPP;
 706
 707                 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 708                                     PN544_RF_READER_CMD_ACTIVATE_NEXT,
 709                                     target->nfcid1, target->nfcid1_len, NULL);
 710        } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK |
 711                                                NFC_PROTO_FELICA_MASK)) {
 712                return -EOPNOTSUPP;
 713        } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
 714                return nfc_hci_send_cmd(hdev, target->hci_reader_gate,
 715                                        PN544_HCI_CMD_ATTREQUEST,
 716                                        NULL, 0, NULL);
 717        }
 718
 719        return 0;
 720}
 721
 722/*
 723 * Returns:
 724 * <= 0: driver handled the event, skb consumed
 725 *    1: driver does not handle the event, please do standard processing
 726 */
 727static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
 728                                    struct sk_buff *skb)
 729{
 730        struct sk_buff *rgb_skb = NULL;
 731        u8 gate = hdev->pipes[pipe].gate;
 732        int r;
 733
 734        pr_debug("hci event %d\n", event);
 735        switch (event) {
 736        case PN544_HCI_EVT_ACTIVATED:
 737                if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) {
 738                        r = nfc_hci_target_discovered(hdev, gate);
 739                } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) {
 740                        r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ,
 741                                              &rgb_skb);
 742                        if (r < 0)
 743                                goto exit;
 744
 745                        r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK,
 746                                             NFC_COMM_PASSIVE, rgb_skb->data,
 747                                             rgb_skb->len);
 748
 749                        kfree_skb(rgb_skb);
 750                } else {
 751                        r = -EINVAL;
 752                }
 753                break;
 754        case PN544_HCI_EVT_DEACTIVATED:
 755                r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION,
 756                                       NULL, 0);
 757                break;
 758        case PN544_HCI_EVT_RCV_DATA:
 759                if (skb->len < 2) {
 760                        r = -EPROTO;
 761                        goto exit;
 762                }
 763
 764                if (skb->data[0] != 0) {
 765                        pr_debug("data0 %d\n", skb->data[0]);
 766                        r = -EPROTO;
 767                        goto exit;
 768                }
 769
 770                skb_pull(skb, 2);
 771                return nfc_tm_data_received(hdev->ndev, skb);
 772        default:
 773                return 1;
 774        }
 775
 776exit:
 777        kfree_skb(skb);
 778
 779        return r;
 780}
 781
 782static int pn544_hci_fw_download(struct nfc_hci_dev *hdev,
 783                                 const char *firmware_name)
 784{
 785        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 786
 787        if (info->fw_download == NULL)
 788                return -ENOTSUPP;
 789
 790        return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib);
 791}
 792
 793static int pn544_hci_discover_se(struct nfc_hci_dev *hdev)
 794{
 795        u32 se_idx = 0;
 796        u8 ese_mode = 0x01; /* Default mode */
 797        struct sk_buff *res_skb;
 798        int r;
 799
 800        r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP,
 801                             NULL, 0, &res_skb);
 802
 803        if (r == 0) {
 804                if (res_skb->len == 2 && res_skb->data[0] == 0x00)
 805                        nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC);
 806
 807                kfree_skb(res_skb);
 808        }
 809
 810        r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE,
 811                                PN544_HCI_EVT_SWITCH_MODE,
 812                                &ese_mode, 1);
 813        if (r == 0)
 814                nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED);
 815
 816        return !se_idx;
 817}
 818
 819#define PN544_SE_MODE_OFF       0x00
 820#define PN544_SE_MODE_ON        0x01
 821static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx)
 822{
 823        struct nfc_se *se;
 824        u8 enable = PN544_SE_MODE_ON;
 825        static struct uicc_gatelist {
 826                u8 head;
 827                u8 adr[2];
 828                u8 value;
 829        } uicc_gatelist[] = {
 830                {0x00, {0x9e, 0xd9}, 0x23},
 831                {0x00, {0x9e, 0xda}, 0x21},
 832                {0x00, {0x9e, 0xdb}, 0x22},
 833                {0x00, {0x9e, 0xdc}, 0x24},
 834        };
 835        struct uicc_gatelist *p = uicc_gatelist;
 836        int count = ARRAY_SIZE(uicc_gatelist);
 837        struct sk_buff *res_skb;
 838        int r;
 839
 840        se = nfc_find_se(hdev->ndev, se_idx);
 841
 842        switch (se->type) {
 843        case NFC_SE_UICC:
 844                while (count--) {
 845                        r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE,
 846                                        PN544_WRITE, (u8 *)p, 4, &res_skb);
 847                        if (r < 0)
 848                                return r;
 849
 850                        if (res_skb->len != 1) {
 851                                kfree_skb(res_skb);
 852                                return -EPROTO;
 853                        }
 854
 855                        if (res_skb->data[0] != p->value) {
 856                                kfree_skb(res_skb);
 857                                return -EIO;
 858                        }
 859
 860                        kfree_skb(res_skb);
 861
 862                        p++;
 863                }
 864
 865                return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
 866                              PN544_SWP_DEFAULT_MODE, &enable, 1);
 867        case NFC_SE_EMBEDDED:
 868                return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
 869                              PN544_NFC_ESE_DEFAULT_MODE, &enable, 1);
 870
 871        default:
 872                return -EINVAL;
 873        }
 874}
 875
 876static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx)
 877{
 878        struct nfc_se *se;
 879        u8 disable = PN544_SE_MODE_OFF;
 880
 881        se = nfc_find_se(hdev->ndev, se_idx);
 882
 883        switch (se->type) {
 884        case NFC_SE_UICC:
 885                return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
 886                              PN544_SWP_DEFAULT_MODE, &disable, 1);
 887        case NFC_SE_EMBEDDED:
 888                return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
 889                              PN544_NFC_ESE_DEFAULT_MODE, &disable, 1);
 890        default:
 891                return -EINVAL;
 892        }
 893}
 894
 895static struct nfc_hci_ops pn544_hci_ops = {
 896        .open = pn544_hci_open,
 897        .close = pn544_hci_close,
 898        .hci_ready = pn544_hci_ready,
 899        .xmit = pn544_hci_xmit,
 900        .start_poll = pn544_hci_start_poll,
 901        .dep_link_up = pn544_hci_dep_link_up,
 902        .dep_link_down = pn544_hci_dep_link_down,
 903        .target_from_gate = pn544_hci_target_from_gate,
 904        .complete_target_discovered = pn544_hci_complete_target_discovered,
 905        .im_transceive = pn544_hci_im_transceive,
 906        .tm_send = pn544_hci_tm_send,
 907        .check_presence = pn544_hci_check_presence,
 908        .event_received = pn544_hci_event_received,
 909        .fw_download = pn544_hci_fw_download,
 910        .discover_se = pn544_hci_discover_se,
 911        .enable_se = pn544_hci_enable_se,
 912        .disable_se = pn544_hci_disable_se,
 913};
 914
 915int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name,
 916                    int phy_headroom, int phy_tailroom, int phy_payload,
 917                    fw_download_t fw_download, struct nfc_hci_dev **hdev)
 918{
 919        struct pn544_hci_info *info;
 920        u32 protocols;
 921        struct nfc_hci_init_data init_data;
 922        int r;
 923
 924        info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL);
 925        if (!info) {
 926                r = -ENOMEM;
 927                goto err_info_alloc;
 928        }
 929
 930        info->phy_ops = phy_ops;
 931        info->phy_id = phy_id;
 932        info->fw_download = fw_download;
 933        info->state = PN544_ST_COLD;
 934        mutex_init(&info->info_lock);
 935
 936        init_data.gate_count = ARRAY_SIZE(pn544_gates);
 937
 938        memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates));
 939
 940        /*
 941         * TODO: Session id must include the driver name + some bus addr
 942         * persistent info to discriminate 2 identical chips
 943         */
 944        strcpy(init_data.session_id, "ID544HCI");
 945
 946        protocols = NFC_PROTO_JEWEL_MASK |
 947                    NFC_PROTO_MIFARE_MASK |
 948                    NFC_PROTO_FELICA_MASK |
 949                    NFC_PROTO_ISO14443_MASK |
 950                    NFC_PROTO_ISO14443_B_MASK |
 951                    NFC_PROTO_NFC_DEP_MASK;
 952
 953        info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0,
 954                                             protocols, llc_name,
 955                                             phy_headroom + PN544_CMDS_HEADROOM,
 956                                             phy_tailroom, phy_payload);
 957        if (!info->hdev) {
 958                pr_err("Cannot allocate nfc hdev\n");
 959                r = -ENOMEM;
 960                goto err_alloc_hdev;
 961        }
 962
 963        nfc_hci_set_clientdata(info->hdev, info);
 964
 965        r = nfc_hci_register_device(info->hdev);
 966        if (r)
 967                goto err_regdev;
 968
 969        *hdev = info->hdev;
 970
 971        return 0;
 972
 973err_regdev:
 974        nfc_hci_free_device(info->hdev);
 975
 976err_alloc_hdev:
 977        kfree(info);
 978
 979err_info_alloc:
 980        return r;
 981}
 982EXPORT_SYMBOL(pn544_hci_probe);
 983
 984void pn544_hci_remove(struct nfc_hci_dev *hdev)
 985{
 986        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 987
 988        nfc_hci_unregister_device(hdev);
 989        nfc_hci_free_device(hdev);
 990        kfree(info);
 991}
 992EXPORT_SYMBOL(pn544_hci_remove);
 993
 994MODULE_LICENSE("GPL");
 995MODULE_DESCRIPTION(DRIVER_DESC);
 996