linux/drivers/nfc/pn544/pn544.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 * HCI based Driver for NXP PN544 NFC Chip
   4 *
   5 * Copyright (C) 2012  Intel Corporation. All rights reserved.
   6 */
   7
   8#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
   9
  10#include <linux/delay.h>
  11#include <linux/slab.h>
  12#include <linux/module.h>
  13
  14#include <linux/nfc.h>
  15#include <net/nfc/hci.h>
  16
  17#include "pn544.h"
  18
  19/* Timing restrictions (ms) */
  20#define PN544_HCI_RESETVEN_TIME         30
  21
  22enum pn544_state {
  23        PN544_ST_COLD,
  24        PN544_ST_FW_READY,
  25        PN544_ST_READY,
  26};
  27
  28#define FULL_VERSION_LEN 11
  29
  30/* Proprietary commands */
  31#define PN544_WRITE             0x3f
  32#define PN544_TEST_SWP          0x21
  33
  34/* Proprietary gates, events, commands and registers */
  35
  36/* NFC_HCI_RF_READER_A_GATE additional registers and commands */
  37#define PN544_RF_READER_A_AUTO_ACTIVATION                       0x10
  38#define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION               0x12
  39#define PN544_MIFARE_CMD                                        0x21
  40
  41/* Commands that apply to all RF readers */
  42#define PN544_RF_READER_CMD_PRESENCE_CHECK      0x30
  43#define PN544_RF_READER_CMD_ACTIVATE_NEXT       0x32
  44
  45/* NFC_HCI_ID_MGMT_GATE additional registers */
  46#define PN544_ID_MGMT_FULL_VERSION_SW           0x10
  47
  48#define PN544_RF_READER_ISO15693_GATE           0x12
  49
  50#define PN544_RF_READER_F_GATE                  0x14
  51#define PN544_FELICA_ID                         0x04
  52#define PN544_FELICA_RAW                        0x20
  53
  54#define PN544_RF_READER_JEWEL_GATE              0x15
  55#define PN544_JEWEL_RAW_CMD                     0x23
  56
  57#define PN544_RF_READER_NFCIP1_INITIATOR_GATE   0x30
  58#define PN544_RF_READER_NFCIP1_TARGET_GATE      0x31
  59
  60#define PN544_SYS_MGMT_GATE                     0x90
  61#define PN544_SYS_MGMT_INFO_NOTIFICATION        0x02
  62
  63#define PN544_POLLING_LOOP_MGMT_GATE            0x94
  64#define PN544_DEP_MODE                          0x01
  65#define PN544_DEP_ATR_REQ                       0x02
  66#define PN544_DEP_ATR_RES                       0x03
  67#define PN544_DEP_MERGE                         0x0D
  68#define PN544_PL_RDPHASES                       0x06
  69#define PN544_PL_EMULATION                      0x07
  70#define PN544_PL_NFCT_DEACTIVATED               0x09
  71
  72#define PN544_SWP_MGMT_GATE                     0xA0
  73#define PN544_SWP_DEFAULT_MODE                  0x01
  74
  75#define PN544_NFC_WI_MGMT_GATE                  0xA1
  76#define PN544_NFC_ESE_DEFAULT_MODE              0x01
  77
  78#define PN544_HCI_EVT_SND_DATA                  0x01
  79#define PN544_HCI_EVT_ACTIVATED                 0x02
  80#define PN544_HCI_EVT_DEACTIVATED               0x03
  81#define PN544_HCI_EVT_RCV_DATA                  0x04
  82#define PN544_HCI_EVT_CONTINUE_MI               0x05
  83#define PN544_HCI_EVT_SWITCH_MODE               0x03
  84
  85#define PN544_HCI_CMD_ATTREQUEST                0x12
  86#define PN544_HCI_CMD_CONTINUE_ACTIVATION       0x13
  87
  88static const struct nfc_hci_gate pn544_gates[] = {
  89        {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE},
  90        {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE},
  91        {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  92        {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  93        {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE},
  94        {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE},
  95        {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  96        {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  97        {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  98        {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE},
  99        {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE},
 100        {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE},
 101        {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE},
 102        {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE},
 103        {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE}
 104};
 105
 106/* Largest headroom needed for outgoing custom commands */
 107#define PN544_CMDS_HEADROOM     2
 108
 109struct pn544_hci_info {
 110        const struct nfc_phy_ops *phy_ops;
 111        void *phy_id;
 112
 113        struct nfc_hci_dev *hdev;
 114
 115        enum pn544_state state;
 116
 117        struct mutex info_lock;
 118
 119        int async_cb_type;
 120        data_exchange_cb_t async_cb;
 121        void *async_cb_context;
 122
 123        fw_download_t fw_download;
 124};
 125
 126static int pn544_hci_open(struct nfc_hci_dev *hdev)
 127{
 128        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 129        int r = 0;
 130
 131        mutex_lock(&info->info_lock);
 132
 133        if (info->state != PN544_ST_COLD) {
 134                r = -EBUSY;
 135                goto out;
 136        }
 137
 138        r = info->phy_ops->enable(info->phy_id);
 139
 140        if (r == 0)
 141                info->state = PN544_ST_READY;
 142
 143out:
 144        mutex_unlock(&info->info_lock);
 145        return r;
 146}
 147
 148static void pn544_hci_close(struct nfc_hci_dev *hdev)
 149{
 150        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 151
 152        mutex_lock(&info->info_lock);
 153
 154        if (info->state == PN544_ST_COLD)
 155                goto out;
 156
 157        info->phy_ops->disable(info->phy_id);
 158
 159        info->state = PN544_ST_COLD;
 160
 161out:
 162        mutex_unlock(&info->info_lock);
 163}
 164
 165static int pn544_hci_ready(struct nfc_hci_dev *hdev)
 166{
 167        struct sk_buff *skb;
 168        static struct hw_config {
 169                u8 adr[2];
 170                u8 value;
 171        } hw_config[] = {
 172                {{0x9f, 0x9a}, 0x00},
 173
 174                {{0x98, 0x10}, 0xbc},
 175
 176                {{0x9e, 0x71}, 0x00},
 177
 178                {{0x98, 0x09}, 0x00},
 179
 180                {{0x9e, 0xb4}, 0x00},
 181
 182                {{0x9c, 0x01}, 0x08},
 183
 184                {{0x9e, 0xaa}, 0x01},
 185
 186                {{0x9b, 0xd1}, 0x17},
 187                {{0x9b, 0xd2}, 0x58},
 188                {{0x9b, 0xd3}, 0x10},
 189                {{0x9b, 0xd4}, 0x47},
 190                {{0x9b, 0xd5}, 0x0c},
 191                {{0x9b, 0xd6}, 0x37},
 192                {{0x9b, 0xdd}, 0x33},
 193
 194                {{0x9b, 0x84}, 0x00},
 195                {{0x99, 0x81}, 0x79},
 196                {{0x99, 0x31}, 0x79},
 197
 198                {{0x98, 0x00}, 0x3f},
 199
 200                {{0x9f, 0x09}, 0x02},
 201
 202                {{0x9f, 0x0a}, 0x05},
 203
 204                {{0x9e, 0xd1}, 0xa1},
 205                {{0x99, 0x23}, 0x01},
 206
 207                {{0x9e, 0x74}, 0x00},
 208                {{0x9e, 0x90}, 0x00},
 209                {{0x9f, 0x28}, 0x10},
 210
 211                {{0x9f, 0x35}, 0x04},
 212
 213                {{0x9f, 0x36}, 0x11},
 214
 215                {{0x9c, 0x31}, 0x00},
 216
 217                {{0x9c, 0x32}, 0x00},
 218
 219                {{0x9c, 0x19}, 0x0a},
 220
 221                {{0x9c, 0x1a}, 0x0a},
 222
 223                {{0x9c, 0x0c}, 0x00},
 224
 225                {{0x9c, 0x0d}, 0x00},
 226
 227                {{0x9c, 0x12}, 0x00},
 228
 229                {{0x9c, 0x13}, 0x00},
 230
 231                {{0x98, 0xa2}, 0x09},
 232
 233                {{0x98, 0x93}, 0x00},
 234
 235                {{0x98, 0x7d}, 0x08},
 236                {{0x98, 0x7e}, 0x00},
 237                {{0x9f, 0xc8}, 0x00},
 238        };
 239        struct hw_config *p = hw_config;
 240        int count = ARRAY_SIZE(hw_config);
 241        struct sk_buff *res_skb;
 242        u8 param[4];
 243        int r;
 244
 245        param[0] = 0;
 246        while (count--) {
 247                param[1] = p->adr[0];
 248                param[2] = p->adr[1];
 249                param[3] = p->value;
 250
 251                r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE,
 252                                     param, 4, &res_skb);
 253                if (r < 0)
 254                        return r;
 255
 256                if (res_skb->len != 1) {
 257                        kfree_skb(res_skb);
 258                        return -EPROTO;
 259                }
 260
 261                if (res_skb->data[0] != p->value) {
 262                        kfree_skb(res_skb);
 263                        return -EIO;
 264                }
 265
 266                kfree_skb(res_skb);
 267
 268                p++;
 269        }
 270
 271        param[0] = NFC_HCI_UICC_HOST_ID;
 272        r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE,
 273                              NFC_HCI_ADMIN_WHITELIST, param, 1);
 274        if (r < 0)
 275                return r;
 276
 277        param[0] = 0x3d;
 278        r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE,
 279                              PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1);
 280        if (r < 0)
 281                return r;
 282
 283        param[0] = 0x0;
 284        r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE,
 285                              PN544_RF_READER_A_AUTO_ACTIVATION, param, 1);
 286        if (r < 0)
 287                return r;
 288
 289        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 290                               NFC_HCI_EVT_END_OPERATION, NULL, 0);
 291        if (r < 0)
 292                return r;
 293
 294        param[0] = 0x1;
 295        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 296                              PN544_PL_NFCT_DEACTIVATED, param, 1);
 297        if (r < 0)
 298                return r;
 299
 300        param[0] = 0x0;
 301        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 302                              PN544_PL_RDPHASES, param, 1);
 303        if (r < 0)
 304                return r;
 305
 306        r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE,
 307                              PN544_ID_MGMT_FULL_VERSION_SW, &skb);
 308        if (r < 0)
 309                return r;
 310
 311        if (skb->len != FULL_VERSION_LEN) {
 312                kfree_skb(skb);
 313                return -EINVAL;
 314        }
 315
 316        print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ",
 317                       DUMP_PREFIX_NONE, 16, 1,
 318                       skb->data, FULL_VERSION_LEN, false);
 319
 320        kfree_skb(skb);
 321
 322        return 0;
 323}
 324
 325static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 326{
 327        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 328
 329        return info->phy_ops->write(info->phy_id, skb);
 330}
 331
 332static int pn544_hci_start_poll(struct nfc_hci_dev *hdev,
 333                                u32 im_protocols, u32 tm_protocols)
 334{
 335        u8 phases = 0;
 336        int r;
 337        u8 duration[2];
 338        u8 activated;
 339        u8 i_mode = 0x3f; /* Enable all supported modes */
 340        u8 t_mode = 0x0f;
 341        u8 t_merge = 0x01; /* Enable merge by default */
 342
 343        pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n",
 344                __func__, im_protocols, tm_protocols);
 345
 346        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 347                               NFC_HCI_EVT_END_OPERATION, NULL, 0);
 348        if (r < 0)
 349                return r;
 350
 351        duration[0] = 0x18;
 352        duration[1] = 0x6a;
 353        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 354                              PN544_PL_EMULATION, duration, 2);
 355        if (r < 0)
 356                return r;
 357
 358        activated = 0;
 359        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 360                              PN544_PL_NFCT_DEACTIVATED, &activated, 1);
 361        if (r < 0)
 362                return r;
 363
 364        if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK |
 365                         NFC_PROTO_JEWEL_MASK))
 366                phases |= 1;            /* Type A */
 367        if (im_protocols & NFC_PROTO_FELICA_MASK) {
 368                phases |= (1 << 2);     /* Type F 212 */
 369                phases |= (1 << 3);     /* Type F 424 */
 370        }
 371
 372        phases |= (1 << 5);             /* NFC active */
 373
 374        r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
 375                              PN544_PL_RDPHASES, &phases, 1);
 376        if (r < 0)
 377                return r;
 378
 379        if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
 380                hdev->gb = nfc_get_local_general_bytes(hdev->ndev,
 381                                                        &hdev->gb_len);
 382                pr_debug("generate local bytes %p\n", hdev->gb);
 383                if (hdev->gb == NULL || hdev->gb_len == 0) {
 384                        im_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
 385                        tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
 386                }
 387        }
 388
 389        if (im_protocols & NFC_PROTO_NFC_DEP_MASK) {
 390                r = nfc_hci_send_event(hdev,
 391                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 392                                NFC_HCI_EVT_END_OPERATION, NULL, 0);
 393                if (r < 0)
 394                        return r;
 395
 396                r = nfc_hci_set_param(hdev,
 397                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 398                                PN544_DEP_MODE, &i_mode, 1);
 399                if (r < 0)
 400                        return r;
 401
 402                r = nfc_hci_set_param(hdev,
 403                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 404                                PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len);
 405                if (r < 0)
 406                        return r;
 407
 408                r = nfc_hci_send_event(hdev,
 409                                PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 410                                NFC_HCI_EVT_READER_REQUESTED, NULL, 0);
 411                if (r < 0)
 412                        nfc_hci_send_event(hdev,
 413                                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 414                                        NFC_HCI_EVT_END_OPERATION, NULL, 0);
 415        }
 416
 417        if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
 418                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 419                                PN544_DEP_MODE, &t_mode, 1);
 420                if (r < 0)
 421                        return r;
 422
 423                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 424                                PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len);
 425                if (r < 0)
 426                        return r;
 427
 428                r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 429                                PN544_DEP_MERGE, &t_merge, 1);
 430                if (r < 0)
 431                        return r;
 432        }
 433
 434        r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 435                               NFC_HCI_EVT_READER_REQUESTED, NULL, 0);
 436        if (r < 0)
 437                nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 438                                   NFC_HCI_EVT_END_OPERATION, NULL, 0);
 439
 440        return r;
 441}
 442
 443static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev,
 444                                struct nfc_target *target, u8 comm_mode,
 445                                u8 *gb, size_t gb_len)
 446{
 447        struct sk_buff *rgb_skb = NULL;
 448        int r;
 449
 450        r = nfc_hci_get_param(hdev, target->hci_reader_gate,
 451                                PN544_DEP_ATR_RES, &rgb_skb);
 452        if (r < 0)
 453                return r;
 454
 455        if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) {
 456                r = -EPROTO;
 457                goto exit;
 458        }
 459        print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET,
 460                        16, 1, rgb_skb->data, rgb_skb->len, true);
 461
 462        r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data,
 463                                                rgb_skb->len);
 464
 465        if (r == 0)
 466                r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode,
 467                                        NFC_RF_INITIATOR);
 468exit:
 469        kfree_skb(rgb_skb);
 470        return r;
 471}
 472
 473static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev)
 474{
 475
 476        return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 477                                        NFC_HCI_EVT_END_OPERATION, NULL, 0);
 478}
 479
 480static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate,
 481                                      struct nfc_target *target)
 482{
 483        switch (gate) {
 484        case PN544_RF_READER_F_GATE:
 485                target->supported_protocols = NFC_PROTO_FELICA_MASK;
 486                break;
 487        case PN544_RF_READER_JEWEL_GATE:
 488                target->supported_protocols = NFC_PROTO_JEWEL_MASK;
 489                target->sens_res = 0x0c00;
 490                break;
 491        case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
 492                target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
 493                break;
 494        default:
 495                return -EPROTO;
 496        }
 497
 498        return 0;
 499}
 500
 501static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev,
 502                                                u8 gate,
 503                                                struct nfc_target *target)
 504{
 505        struct sk_buff *uid_skb;
 506        int r = 0;
 507
 508        if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE)
 509                return r;
 510
 511        if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
 512                r = nfc_hci_send_cmd(hdev,
 513                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 514                        PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL);
 515                if (r < 0)
 516                        return r;
 517
 518                target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE;
 519        } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 520                if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
 521                    target->nfcid1_len != 10)
 522                        return -EPROTO;
 523
 524                r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 525                                     PN544_RF_READER_CMD_ACTIVATE_NEXT,
 526                                     target->nfcid1, target->nfcid1_len, NULL);
 527        } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) {
 528                r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE,
 529                                      PN544_FELICA_ID, &uid_skb);
 530                if (r < 0)
 531                        return r;
 532
 533                if (uid_skb->len != 8) {
 534                        kfree_skb(uid_skb);
 535                        return -EPROTO;
 536                }
 537
 538                /* Type F NFC-DEP IDm has prefix 0x01FE */
 539                if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) {
 540                        kfree_skb(uid_skb);
 541                        r = nfc_hci_send_cmd(hdev,
 542                                        PN544_RF_READER_NFCIP1_INITIATOR_GATE,
 543                                        PN544_HCI_CMD_CONTINUE_ACTIVATION,
 544                                        NULL, 0, NULL);
 545                        if (r < 0)
 546                                return r;
 547
 548                        target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
 549                        target->hci_reader_gate =
 550                                PN544_RF_READER_NFCIP1_INITIATOR_GATE;
 551                } else {
 552                        r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE,
 553                                             PN544_RF_READER_CMD_ACTIVATE_NEXT,
 554                                             uid_skb->data, uid_skb->len, NULL);
 555                        kfree_skb(uid_skb);
 556                }
 557        } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) {
 558                /*
 559                 * TODO: maybe other ISO 14443 require some kind of continue
 560                 * activation, but for now we've seen only this one below.
 561                 */
 562                if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */
 563                        r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 564                              PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION,
 565                              NULL, 0, NULL);
 566        }
 567
 568        return r;
 569}
 570
 571#define PN544_CB_TYPE_READER_F 1
 572
 573static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb,
 574                                       int err)
 575{
 576        struct pn544_hci_info *info = context;
 577
 578        switch (info->async_cb_type) {
 579        case PN544_CB_TYPE_READER_F:
 580                if (err == 0)
 581                        skb_pull(skb, 1);
 582                info->async_cb(info->async_cb_context, skb, err);
 583                break;
 584        default:
 585                if (err == 0)
 586                        kfree_skb(skb);
 587                break;
 588        }
 589}
 590
 591#define MIFARE_CMD_AUTH_KEY_A   0x60
 592#define MIFARE_CMD_AUTH_KEY_B   0x61
 593#define MIFARE_CMD_HEADER       2
 594#define MIFARE_UID_LEN          4
 595#define MIFARE_KEY_LEN          6
 596#define MIFARE_CMD_LEN          12
 597/*
 598 * Returns:
 599 * <= 0: driver handled the data exchange
 600 *    1: driver doesn't especially handle, please do standard processing
 601 */
 602static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev,
 603                                   struct nfc_target *target,
 604                                   struct sk_buff *skb, data_exchange_cb_t cb,
 605                                   void *cb_context)
 606{
 607        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 608
 609        pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__,
 610                target->hci_reader_gate);
 611
 612        switch (target->hci_reader_gate) {
 613        case NFC_HCI_RF_READER_A_GATE:
 614                if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 615                        /*
 616                         * It seems that pn544 is inverting key and UID for
 617                         * MIFARE authentication commands.
 618                         */
 619                        if (skb->len == MIFARE_CMD_LEN &&
 620                            (skb->data[0] == MIFARE_CMD_AUTH_KEY_A ||
 621                             skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) {
 622                                u8 uid[MIFARE_UID_LEN];
 623                                u8 *data = skb->data + MIFARE_CMD_HEADER;
 624
 625                                memcpy(uid, data + MIFARE_KEY_LEN,
 626                                       MIFARE_UID_LEN);
 627                                memmove(data + MIFARE_UID_LEN, data,
 628                                        MIFARE_KEY_LEN);
 629                                memcpy(data, uid, MIFARE_UID_LEN);
 630                        }
 631
 632                        return nfc_hci_send_cmd_async(hdev,
 633                                                      target->hci_reader_gate,
 634                                                      PN544_MIFARE_CMD,
 635                                                      skb->data, skb->len,
 636                                                      cb, cb_context);
 637                } else
 638                        return 1;
 639        case PN544_RF_READER_F_GATE:
 640                *(u8 *)skb_push(skb, 1) = 0;
 641                *(u8 *)skb_push(skb, 1) = 0;
 642
 643                info->async_cb_type = PN544_CB_TYPE_READER_F;
 644                info->async_cb = cb;
 645                info->async_cb_context = cb_context;
 646
 647                return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
 648                                              PN544_FELICA_RAW, skb->data,
 649                                              skb->len,
 650                                              pn544_hci_data_exchange_cb, info);
 651        case PN544_RF_READER_JEWEL_GATE:
 652                return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
 653                                              PN544_JEWEL_RAW_CMD, skb->data,
 654                                              skb->len, cb, cb_context);
 655        case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
 656                *(u8 *)skb_push(skb, 1) = 0;
 657
 658                return nfc_hci_send_event(hdev, target->hci_reader_gate,
 659                                        PN544_HCI_EVT_SND_DATA, skb->data,
 660                                        skb->len);
 661        default:
 662                return 1;
 663        }
 664}
 665
 666static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 667{
 668        int r;
 669
 670        /* Set default false for multiple information chaining */
 671        *(u8 *)skb_push(skb, 1) = 0;
 672
 673        r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
 674                               PN544_HCI_EVT_SND_DATA, skb->data, skb->len);
 675
 676        kfree_skb(skb);
 677
 678        return r;
 679}
 680
 681static int pn544_hci_check_presence(struct nfc_hci_dev *hdev,
 682                                   struct nfc_target *target)
 683{
 684        pr_debug("supported protocol %d\n", target->supported_protocols);
 685        if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK |
 686                                        NFC_PROTO_ISO14443_B_MASK)) {
 687                return nfc_hci_send_cmd(hdev, target->hci_reader_gate,
 688                                        PN544_RF_READER_CMD_PRESENCE_CHECK,
 689                                        NULL, 0, NULL);
 690        } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
 691                if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
 692                    target->nfcid1_len != 10)
 693                        return -EOPNOTSUPP;
 694
 695                return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
 696                                     PN544_RF_READER_CMD_ACTIVATE_NEXT,
 697                                     target->nfcid1, target->nfcid1_len, NULL);
 698        } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK |
 699                                                NFC_PROTO_FELICA_MASK)) {
 700                return -EOPNOTSUPP;
 701        } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
 702                return nfc_hci_send_cmd(hdev, target->hci_reader_gate,
 703                                        PN544_HCI_CMD_ATTREQUEST,
 704                                        NULL, 0, NULL);
 705        }
 706
 707        return 0;
 708}
 709
 710/*
 711 * Returns:
 712 * <= 0: driver handled the event, skb consumed
 713 *    1: driver does not handle the event, please do standard processing
 714 */
 715static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
 716                                    struct sk_buff *skb)
 717{
 718        struct sk_buff *rgb_skb = NULL;
 719        u8 gate = hdev->pipes[pipe].gate;
 720        int r;
 721
 722        pr_debug("hci event %d\n", event);
 723        switch (event) {
 724        case PN544_HCI_EVT_ACTIVATED:
 725                if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) {
 726                        r = nfc_hci_target_discovered(hdev, gate);
 727                } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) {
 728                        r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ,
 729                                              &rgb_skb);
 730                        if (r < 0)
 731                                goto exit;
 732
 733                        r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK,
 734                                             NFC_COMM_PASSIVE, rgb_skb->data,
 735                                             rgb_skb->len);
 736
 737                        kfree_skb(rgb_skb);
 738                } else {
 739                        r = -EINVAL;
 740                }
 741                break;
 742        case PN544_HCI_EVT_DEACTIVATED:
 743                r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION,
 744                                       NULL, 0);
 745                break;
 746        case PN544_HCI_EVT_RCV_DATA:
 747                if (skb->len < 2) {
 748                        r = -EPROTO;
 749                        goto exit;
 750                }
 751
 752                if (skb->data[0] != 0) {
 753                        pr_debug("data0 %d\n", skb->data[0]);
 754                        r = -EPROTO;
 755                        goto exit;
 756                }
 757
 758                skb_pull(skb, 2);
 759                return nfc_tm_data_received(hdev->ndev, skb);
 760        default:
 761                return 1;
 762        }
 763
 764exit:
 765        kfree_skb(skb);
 766
 767        return r;
 768}
 769
 770static int pn544_hci_fw_download(struct nfc_hci_dev *hdev,
 771                                 const char *firmware_name)
 772{
 773        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 774
 775        if (info->fw_download == NULL)
 776                return -ENOTSUPP;
 777
 778        return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib);
 779}
 780
 781static int pn544_hci_discover_se(struct nfc_hci_dev *hdev)
 782{
 783        u32 se_idx = 0;
 784        u8 ese_mode = 0x01; /* Default mode */
 785        struct sk_buff *res_skb;
 786        int r;
 787
 788        r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP,
 789                             NULL, 0, &res_skb);
 790
 791        if (r == 0) {
 792                if (res_skb->len == 2 && res_skb->data[0] == 0x00)
 793                        nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC);
 794
 795                kfree_skb(res_skb);
 796        }
 797
 798        r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE,
 799                                PN544_HCI_EVT_SWITCH_MODE,
 800                                &ese_mode, 1);
 801        if (r == 0)
 802                nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED);
 803
 804        return !se_idx;
 805}
 806
 807#define PN544_SE_MODE_OFF       0x00
 808#define PN544_SE_MODE_ON        0x01
 809static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx)
 810{
 811        const struct nfc_se *se;
 812        u8 enable = PN544_SE_MODE_ON;
 813        static struct uicc_gatelist {
 814                u8 head;
 815                u8 adr[2];
 816                u8 value;
 817        } uicc_gatelist[] = {
 818                {0x00, {0x9e, 0xd9}, 0x23},
 819                {0x00, {0x9e, 0xda}, 0x21},
 820                {0x00, {0x9e, 0xdb}, 0x22},
 821                {0x00, {0x9e, 0xdc}, 0x24},
 822        };
 823        struct uicc_gatelist *p = uicc_gatelist;
 824        int count = ARRAY_SIZE(uicc_gatelist);
 825        struct sk_buff *res_skb;
 826        int r;
 827
 828        se = nfc_find_se(hdev->ndev, se_idx);
 829
 830        switch (se->type) {
 831        case NFC_SE_UICC:
 832                while (count--) {
 833                        r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE,
 834                                        PN544_WRITE, (u8 *)p, 4, &res_skb);
 835                        if (r < 0)
 836                                return r;
 837
 838                        if (res_skb->len != 1) {
 839                                kfree_skb(res_skb);
 840                                return -EPROTO;
 841                        }
 842
 843                        if (res_skb->data[0] != p->value) {
 844                                kfree_skb(res_skb);
 845                                return -EIO;
 846                        }
 847
 848                        kfree_skb(res_skb);
 849
 850                        p++;
 851                }
 852
 853                return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
 854                              PN544_SWP_DEFAULT_MODE, &enable, 1);
 855        case NFC_SE_EMBEDDED:
 856                return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
 857                              PN544_NFC_ESE_DEFAULT_MODE, &enable, 1);
 858
 859        default:
 860                return -EINVAL;
 861        }
 862}
 863
 864static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx)
 865{
 866        const struct nfc_se *se;
 867        u8 disable = PN544_SE_MODE_OFF;
 868
 869        se = nfc_find_se(hdev->ndev, se_idx);
 870
 871        switch (se->type) {
 872        case NFC_SE_UICC:
 873                return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
 874                              PN544_SWP_DEFAULT_MODE, &disable, 1);
 875        case NFC_SE_EMBEDDED:
 876                return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
 877                              PN544_NFC_ESE_DEFAULT_MODE, &disable, 1);
 878        default:
 879                return -EINVAL;
 880        }
 881}
 882
 883static const struct nfc_hci_ops pn544_hci_ops = {
 884        .open = pn544_hci_open,
 885        .close = pn544_hci_close,
 886        .hci_ready = pn544_hci_ready,
 887        .xmit = pn544_hci_xmit,
 888        .start_poll = pn544_hci_start_poll,
 889        .dep_link_up = pn544_hci_dep_link_up,
 890        .dep_link_down = pn544_hci_dep_link_down,
 891        .target_from_gate = pn544_hci_target_from_gate,
 892        .complete_target_discovered = pn544_hci_complete_target_discovered,
 893        .im_transceive = pn544_hci_im_transceive,
 894        .tm_send = pn544_hci_tm_send,
 895        .check_presence = pn544_hci_check_presence,
 896        .event_received = pn544_hci_event_received,
 897        .fw_download = pn544_hci_fw_download,
 898        .discover_se = pn544_hci_discover_se,
 899        .enable_se = pn544_hci_enable_se,
 900        .disable_se = pn544_hci_disable_se,
 901};
 902
 903int pn544_hci_probe(void *phy_id, const struct nfc_phy_ops *phy_ops,
 904                    char *llc_name, int phy_headroom, int phy_tailroom,
 905                    int phy_payload, fw_download_t fw_download,
 906                    struct nfc_hci_dev **hdev)
 907{
 908        struct pn544_hci_info *info;
 909        u32 protocols;
 910        struct nfc_hci_init_data init_data;
 911        int r;
 912
 913        info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL);
 914        if (!info) {
 915                r = -ENOMEM;
 916                goto err_info_alloc;
 917        }
 918
 919        info->phy_ops = phy_ops;
 920        info->phy_id = phy_id;
 921        info->fw_download = fw_download;
 922        info->state = PN544_ST_COLD;
 923        mutex_init(&info->info_lock);
 924
 925        init_data.gate_count = ARRAY_SIZE(pn544_gates);
 926
 927        memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates));
 928
 929        /*
 930         * TODO: Session id must include the driver name + some bus addr
 931         * persistent info to discriminate 2 identical chips
 932         */
 933        strcpy(init_data.session_id, "ID544HCI");
 934
 935        protocols = NFC_PROTO_JEWEL_MASK |
 936                    NFC_PROTO_MIFARE_MASK |
 937                    NFC_PROTO_FELICA_MASK |
 938                    NFC_PROTO_ISO14443_MASK |
 939                    NFC_PROTO_ISO14443_B_MASK |
 940                    NFC_PROTO_NFC_DEP_MASK;
 941
 942        info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0,
 943                                             protocols, llc_name,
 944                                             phy_headroom + PN544_CMDS_HEADROOM,
 945                                             phy_tailroom, phy_payload);
 946        if (!info->hdev) {
 947                pr_err("Cannot allocate nfc hdev\n");
 948                r = -ENOMEM;
 949                goto err_alloc_hdev;
 950        }
 951
 952        nfc_hci_set_clientdata(info->hdev, info);
 953
 954        r = nfc_hci_register_device(info->hdev);
 955        if (r)
 956                goto err_regdev;
 957
 958        *hdev = info->hdev;
 959
 960        return 0;
 961
 962err_regdev:
 963        nfc_hci_free_device(info->hdev);
 964
 965err_alloc_hdev:
 966        kfree(info);
 967
 968err_info_alloc:
 969        return r;
 970}
 971EXPORT_SYMBOL(pn544_hci_probe);
 972
 973void pn544_hci_remove(struct nfc_hci_dev *hdev)
 974{
 975        struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
 976
 977        nfc_hci_unregister_device(hdev);
 978        nfc_hci_free_device(hdev);
 979        kfree(info);
 980}
 981EXPORT_SYMBOL(pn544_hci_remove);
 982
 983MODULE_LICENSE("GPL");
 984MODULE_DESCRIPTION(DRIVER_DESC);
 985