pn533.c (64855B)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Driver for NXP PN533 NFC Chip - core functions 4 * 5 * Copyright (C) 2011 Instituto Nokia de Tecnologia 6 * Copyright (C) 2012-2013 Tieto Poland 7 */ 8 9#include <linux/device.h> 10#include <linux/kernel.h> 11#include <linux/module.h> 12#include <linux/slab.h> 13#include <linux/nfc.h> 14#include <linux/netdevice.h> 15#include <net/nfc/nfc.h> 16#include "pn533.h" 17 18#define VERSION "0.3" 19 20/* How much time we spend listening for initiators */ 21#define PN533_LISTEN_TIME 2 22/* Delay between each poll frame (ms) */ 23#define PN533_POLL_INTERVAL 10 24 25/* structs for pn533 commands */ 26 27/* PN533_CMD_GET_FIRMWARE_VERSION */ 28struct pn533_fw_version { 29 u8 ic; 30 u8 ver; 31 u8 rev; 32 u8 support; 33}; 34 35/* PN533_CMD_RF_CONFIGURATION */ 36#define PN533_CFGITEM_RF_FIELD 0x01 37#define PN533_CFGITEM_TIMING 0x02 38#define PN533_CFGITEM_MAX_RETRIES 0x05 39#define PN533_CFGITEM_PASORI 0x82 40 41#define PN533_CFGITEM_RF_FIELD_AUTO_RFCA 0x2 42#define PN533_CFGITEM_RF_FIELD_ON 0x1 43#define PN533_CFGITEM_RF_FIELD_OFF 0x0 44 45#define PN533_CONFIG_TIMING_102 0xb 46#define PN533_CONFIG_TIMING_204 0xc 47#define PN533_CONFIG_TIMING_409 0xd 48#define PN533_CONFIG_TIMING_819 0xe 49 50#define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00 51#define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF 52 53struct pn533_config_max_retries { 54 u8 mx_rty_atr; 55 u8 mx_rty_psl; 56 u8 mx_rty_passive_act; 57} __packed; 58 59struct pn533_config_timing { 60 u8 rfu; 61 u8 atr_res_timeout; 62 u8 dep_timeout; 63} __packed; 64 65/* PN533_CMD_IN_LIST_PASSIVE_TARGET */ 66 67/* felica commands opcode */ 68#define PN533_FELICA_OPC_SENSF_REQ 0 69#define PN533_FELICA_OPC_SENSF_RES 1 70/* felica SENSF_REQ parameters */ 71#define PN533_FELICA_SENSF_SC_ALL 0xFFFF 72#define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0 73#define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1 74#define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2 75 76/* type B initiator_data values */ 77#define PN533_TYPE_B_AFI_ALL_FAMILIES 0 78#define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0 79#define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1 80 81union pn533_cmd_poll_initdata { 82 struct { 83 u8 afi; 84 u8 polling_method; 85 } __packed type_b; 86 struct { 87 u8 opcode; 88 __be16 sc; 89 u8 rc; 90 u8 tsn; 91 } __packed felica; 92}; 93 94struct pn533_poll_modulations { 95 struct { 96 u8 maxtg; 97 u8 brty; 98 union pn533_cmd_poll_initdata initiator_data; 99 } __packed data; 100 u8 len; 101}; 102 103static const struct pn533_poll_modulations poll_mod[] = { 104 [PN533_POLL_MOD_106KBPS_A] = { 105 .data = { 106 .maxtg = 1, 107 .brty = 0, 108 }, 109 .len = 2, 110 }, 111 [PN533_POLL_MOD_212KBPS_FELICA] = { 112 .data = { 113 .maxtg = 1, 114 .brty = 1, 115 .initiator_data.felica = { 116 .opcode = PN533_FELICA_OPC_SENSF_REQ, 117 .sc = PN533_FELICA_SENSF_SC_ALL, 118 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 119 .tsn = 0x03, 120 }, 121 }, 122 .len = 7, 123 }, 124 [PN533_POLL_MOD_424KBPS_FELICA] = { 125 .data = { 126 .maxtg = 1, 127 .brty = 2, 128 .initiator_data.felica = { 129 .opcode = PN533_FELICA_OPC_SENSF_REQ, 130 .sc = PN533_FELICA_SENSF_SC_ALL, 131 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE, 132 .tsn = 0x03, 133 }, 134 }, 135 .len = 7, 136 }, 137 [PN533_POLL_MOD_106KBPS_JEWEL] = { 138 .data = { 139 .maxtg = 1, 140 .brty = 4, 141 }, 142 .len = 2, 143 }, 144 [PN533_POLL_MOD_847KBPS_B] = { 145 .data = { 146 .maxtg = 1, 147 .brty = 8, 148 .initiator_data.type_b = { 149 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES, 150 .polling_method = 151 PN533_TYPE_B_POLL_METHOD_TIMESLOT, 152 }, 153 }, 154 .len = 3, 155 }, 156 [PN533_LISTEN_MOD] = { 157 .len = 0, 158 }, 159}; 160 161/* PN533_CMD_IN_ATR */ 162 163struct pn533_cmd_activate_response { 164 u8 status; 165 u8 nfcid3t[10]; 166 u8 didt; 167 u8 bst; 168 u8 brt; 169 u8 to; 170 u8 ppt; 171 /* optional */ 172 u8 gt[]; 173} __packed; 174 175struct pn533_cmd_jump_dep_response { 176 u8 status; 177 u8 tg; 178 u8 nfcid3t[10]; 179 u8 didt; 180 u8 bst; 181 u8 brt; 182 u8 to; 183 u8 ppt; 184 /* optional */ 185 u8 gt[]; 186} __packed; 187 188struct pn532_autopoll_resp { 189 u8 type; 190 u8 ln; 191 u8 tg; 192 u8 tgdata[]; 193}; 194 195/* PN532_CMD_IN_AUTOPOLL */ 196#define PN532_AUTOPOLL_POLLNR_INFINITE 0xff 197#define PN532_AUTOPOLL_PERIOD 0x03 /* in units of 150 ms */ 198 199#define PN532_AUTOPOLL_TYPE_GENERIC_106 0x00 200#define PN532_AUTOPOLL_TYPE_GENERIC_212 0x01 201#define PN532_AUTOPOLL_TYPE_GENERIC_424 0x02 202#define PN532_AUTOPOLL_TYPE_JEWEL 0x04 203#define PN532_AUTOPOLL_TYPE_MIFARE 0x10 204#define PN532_AUTOPOLL_TYPE_FELICA212 0x11 205#define PN532_AUTOPOLL_TYPE_FELICA424 0x12 206#define PN532_AUTOPOLL_TYPE_ISOA 0x20 207#define PN532_AUTOPOLL_TYPE_ISOB 0x23 208#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106 0x40 209#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212 0x41 210#define PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424 0x42 211#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106 0x80 212#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_212 0x81 213#define PN532_AUTOPOLL_TYPE_DEP_ACTIVE_424 0x82 214 215/* PN533_TG_INIT_AS_TARGET */ 216#define PN533_INIT_TARGET_PASSIVE 0x1 217#define PN533_INIT_TARGET_DEP 0x2 218 219#define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3 220#define PN533_INIT_TARGET_RESP_ACTIVE 0x1 221#define PN533_INIT_TARGET_RESP_DEP 0x4 222 223/* The rule: value(high byte) + value(low byte) + checksum = 0 */ 224static inline u8 pn533_ext_checksum(u16 value) 225{ 226 return ~(u8)(((value & 0xFF00) >> 8) + (u8)(value & 0xFF)) + 1; 227} 228 229/* The rule: value + checksum = 0 */ 230static inline u8 pn533_std_checksum(u8 value) 231{ 232 return ~value + 1; 233} 234 235/* The rule: sum(data elements) + checksum = 0 */ 236static u8 pn533_std_data_checksum(u8 *data, int datalen) 237{ 238 u8 sum = 0; 239 int i; 240 241 for (i = 0; i < datalen; i++) 242 sum += data[i]; 243 244 return pn533_std_checksum(sum); 245} 246 247static void pn533_std_tx_frame_init(void *_frame, u8 cmd_code) 248{ 249 struct pn533_std_frame *frame = _frame; 250 251 frame->preamble = 0; 252 frame->start_frame = cpu_to_be16(PN533_STD_FRAME_SOF); 253 PN533_STD_FRAME_IDENTIFIER(frame) = PN533_STD_FRAME_DIR_OUT; 254 PN533_FRAME_CMD(frame) = cmd_code; 255 frame->datalen = 2; 256} 257 258static void pn533_std_tx_frame_finish(void *_frame) 259{ 260 struct pn533_std_frame *frame = _frame; 261 262 frame->datalen_checksum = pn533_std_checksum(frame->datalen); 263 264 PN533_STD_FRAME_CHECKSUM(frame) = 265 pn533_std_data_checksum(frame->data, frame->datalen); 266 267 PN533_STD_FRAME_POSTAMBLE(frame) = 0; 268} 269 270static void pn533_std_tx_update_payload_len(void *_frame, int len) 271{ 272 struct pn533_std_frame *frame = _frame; 273 274 frame->datalen += len; 275} 276 277static bool pn533_std_rx_frame_is_valid(void *_frame, struct pn533 *dev) 278{ 279 u8 checksum; 280 struct pn533_std_frame *stdf = _frame; 281 282 if (stdf->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 283 return false; 284 285 if (likely(!PN533_STD_IS_EXTENDED(stdf))) { 286 /* Standard frame code */ 287 dev->ops->rx_header_len = PN533_STD_FRAME_HEADER_LEN; 288 289 checksum = pn533_std_checksum(stdf->datalen); 290 if (checksum != stdf->datalen_checksum) 291 return false; 292 293 checksum = pn533_std_data_checksum(stdf->data, stdf->datalen); 294 if (checksum != PN533_STD_FRAME_CHECKSUM(stdf)) 295 return false; 296 } else { 297 /* Extended */ 298 struct pn533_ext_frame *eif = _frame; 299 300 dev->ops->rx_header_len = PN533_EXT_FRAME_HEADER_LEN; 301 302 checksum = pn533_ext_checksum(be16_to_cpu(eif->datalen)); 303 if (checksum != eif->datalen_checksum) 304 return false; 305 306 /* check data checksum */ 307 checksum = pn533_std_data_checksum(eif->data, 308 be16_to_cpu(eif->datalen)); 309 if (checksum != PN533_EXT_FRAME_CHECKSUM(eif)) 310 return false; 311 } 312 313 return true; 314} 315 316bool pn533_rx_frame_is_ack(void *_frame) 317{ 318 struct pn533_std_frame *frame = _frame; 319 320 if (frame->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF)) 321 return false; 322 323 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF) 324 return false; 325 326 return true; 327} 328EXPORT_SYMBOL_GPL(pn533_rx_frame_is_ack); 329 330static inline int pn533_std_rx_frame_size(void *frame) 331{ 332 struct pn533_std_frame *f = frame; 333 334 /* check for Extended Information frame */ 335 if (PN533_STD_IS_EXTENDED(f)) { 336 struct pn533_ext_frame *eif = frame; 337 338 return sizeof(struct pn533_ext_frame) 339 + be16_to_cpu(eif->datalen) + PN533_STD_FRAME_TAIL_LEN; 340 } 341 342 return sizeof(struct pn533_std_frame) + f->datalen + 343 PN533_STD_FRAME_TAIL_LEN; 344} 345 346static u8 pn533_std_get_cmd_code(void *frame) 347{ 348 struct pn533_std_frame *f = frame; 349 struct pn533_ext_frame *eif = frame; 350 351 if (PN533_STD_IS_EXTENDED(f)) 352 return PN533_FRAME_CMD(eif); 353 else 354 return PN533_FRAME_CMD(f); 355} 356 357bool pn533_rx_frame_is_cmd_response(struct pn533 *dev, void *frame) 358{ 359 return (dev->ops->get_cmd_code(frame) == 360 PN533_CMD_RESPONSE(dev->cmd->code)); 361} 362EXPORT_SYMBOL_GPL(pn533_rx_frame_is_cmd_response); 363 364 365static struct pn533_frame_ops pn533_std_frame_ops = { 366 .tx_frame_init = pn533_std_tx_frame_init, 367 .tx_frame_finish = pn533_std_tx_frame_finish, 368 .tx_update_payload_len = pn533_std_tx_update_payload_len, 369 .tx_header_len = PN533_STD_FRAME_HEADER_LEN, 370 .tx_tail_len = PN533_STD_FRAME_TAIL_LEN, 371 372 .rx_is_frame_valid = pn533_std_rx_frame_is_valid, 373 .rx_frame_size = pn533_std_rx_frame_size, 374 .rx_header_len = PN533_STD_FRAME_HEADER_LEN, 375 .rx_tail_len = PN533_STD_FRAME_TAIL_LEN, 376 377 .max_payload_len = PN533_STD_FRAME_MAX_PAYLOAD_LEN, 378 .get_cmd_code = pn533_std_get_cmd_code, 379}; 380 381static void pn533_build_cmd_frame(struct pn533 *dev, u8 cmd_code, 382 struct sk_buff *skb) 383{ 384 /* payload is already there, just update datalen */ 385 int payload_len = skb->len; 386 struct pn533_frame_ops *ops = dev->ops; 387 388 389 skb_push(skb, ops->tx_header_len); 390 skb_put(skb, ops->tx_tail_len); 391 392 ops->tx_frame_init(skb->data, cmd_code); 393 ops->tx_update_payload_len(skb->data, payload_len); 394 ops->tx_frame_finish(skb->data); 395} 396 397static int pn533_send_async_complete(struct pn533 *dev) 398{ 399 struct pn533_cmd *cmd = dev->cmd; 400 struct sk_buff *resp; 401 int status, rc = 0; 402 403 if (!cmd) { 404 dev_dbg(dev->dev, "%s: cmd not set\n", __func__); 405 goto done; 406 } 407 408 dev_kfree_skb(cmd->req); 409 410 status = cmd->status; 411 resp = cmd->resp; 412 413 if (status < 0) { 414 rc = cmd->complete_cb(dev, cmd->complete_cb_context, 415 ERR_PTR(status)); 416 dev_kfree_skb(resp); 417 goto done; 418 } 419 420 /* when no response is set we got interrupted */ 421 if (!resp) 422 resp = ERR_PTR(-EINTR); 423 424 if (!IS_ERR(resp)) { 425 skb_pull(resp, dev->ops->rx_header_len); 426 skb_trim(resp, resp->len - dev->ops->rx_tail_len); 427 } 428 429 rc = cmd->complete_cb(dev, cmd->complete_cb_context, resp); 430 431done: 432 kfree(cmd); 433 dev->cmd = NULL; 434 return rc; 435} 436 437static int __pn533_send_async(struct pn533 *dev, u8 cmd_code, 438 struct sk_buff *req, 439 pn533_send_async_complete_t complete_cb, 440 void *complete_cb_context) 441{ 442 struct pn533_cmd *cmd; 443 int rc = 0; 444 445 dev_dbg(dev->dev, "Sending command 0x%x\n", cmd_code); 446 447 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 448 if (!cmd) 449 return -ENOMEM; 450 451 cmd->code = cmd_code; 452 cmd->req = req; 453 cmd->complete_cb = complete_cb; 454 cmd->complete_cb_context = complete_cb_context; 455 456 pn533_build_cmd_frame(dev, cmd_code, req); 457 458 mutex_lock(&dev->cmd_lock); 459 460 if (!dev->cmd_pending) { 461 dev->cmd = cmd; 462 rc = dev->phy_ops->send_frame(dev, req); 463 if (rc) { 464 dev->cmd = NULL; 465 goto error; 466 } 467 468 dev->cmd_pending = 1; 469 goto unlock; 470 } 471 472 dev_dbg(dev->dev, "%s Queueing command 0x%x\n", 473 __func__, cmd_code); 474 475 INIT_LIST_HEAD(&cmd->queue); 476 list_add_tail(&cmd->queue, &dev->cmd_queue); 477 478 goto unlock; 479 480error: 481 kfree(cmd); 482unlock: 483 mutex_unlock(&dev->cmd_lock); 484 return rc; 485} 486 487static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code, 488 struct sk_buff *req, 489 pn533_send_async_complete_t complete_cb, 490 void *complete_cb_context) 491{ 492 return __pn533_send_async(dev, cmd_code, req, complete_cb, 493 complete_cb_context); 494} 495 496static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code, 497 struct sk_buff *req, 498 pn533_send_async_complete_t complete_cb, 499 void *complete_cb_context) 500{ 501 return __pn533_send_async(dev, cmd_code, req, complete_cb, 502 complete_cb_context); 503} 504 505/* 506 * pn533_send_cmd_direct_async 507 * 508 * The function sends a priority cmd directly to the chip omitting the cmd 509 * queue. It's intended to be used by chaining mechanism of received responses 510 * where the host has to request every single chunk of data before scheduling 511 * next cmd from the queue. 512 */ 513static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code, 514 struct sk_buff *req, 515 pn533_send_async_complete_t complete_cb, 516 void *complete_cb_context) 517{ 518 struct pn533_cmd *cmd; 519 int rc; 520 521 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL); 522 if (!cmd) 523 return -ENOMEM; 524 525 cmd->code = cmd_code; 526 cmd->req = req; 527 cmd->complete_cb = complete_cb; 528 cmd->complete_cb_context = complete_cb_context; 529 530 pn533_build_cmd_frame(dev, cmd_code, req); 531 532 dev->cmd = cmd; 533 rc = dev->phy_ops->send_frame(dev, req); 534 if (rc < 0) { 535 dev->cmd = NULL; 536 kfree(cmd); 537 } 538 539 return rc; 540} 541 542static void pn533_wq_cmd_complete(struct work_struct *work) 543{ 544 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work); 545 int rc; 546 547 rc = pn533_send_async_complete(dev); 548 if (rc != -EINPROGRESS) 549 queue_work(dev->wq, &dev->cmd_work); 550} 551 552static void pn533_wq_cmd(struct work_struct *work) 553{ 554 struct pn533 *dev = container_of(work, struct pn533, cmd_work); 555 struct pn533_cmd *cmd; 556 int rc; 557 558 mutex_lock(&dev->cmd_lock); 559 560 if (list_empty(&dev->cmd_queue)) { 561 dev->cmd_pending = 0; 562 mutex_unlock(&dev->cmd_lock); 563 return; 564 } 565 566 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue); 567 568 list_del(&cmd->queue); 569 570 mutex_unlock(&dev->cmd_lock); 571 572 dev->cmd = cmd; 573 rc = dev->phy_ops->send_frame(dev, cmd->req); 574 if (rc < 0) { 575 dev->cmd = NULL; 576 dev_kfree_skb(cmd->req); 577 kfree(cmd); 578 return; 579 } 580 581} 582 583struct pn533_sync_cmd_response { 584 struct sk_buff *resp; 585 struct completion done; 586}; 587 588static int pn533_send_sync_complete(struct pn533 *dev, void *_arg, 589 struct sk_buff *resp) 590{ 591 struct pn533_sync_cmd_response *arg = _arg; 592 593 arg->resp = resp; 594 complete(&arg->done); 595 596 return 0; 597} 598 599/* pn533_send_cmd_sync 600 * 601 * Please note the req parameter is freed inside the function to 602 * limit a number of return value interpretations by the caller. 603 * 604 * 1. negative in case of error during TX path -> req should be freed 605 * 606 * 2. negative in case of error during RX path -> req should not be freed 607 * as it's been already freed at the beginning of RX path by 608 * async_complete_cb. 609 * 610 * 3. valid pointer in case of successful RX path 611 * 612 * A caller has to check a return value with IS_ERR macro. If the test pass, 613 * the returned pointer is valid. 614 * 615 */ 616static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code, 617 struct sk_buff *req) 618{ 619 int rc; 620 struct pn533_sync_cmd_response arg; 621 622 init_completion(&arg.done); 623 624 rc = pn533_send_cmd_async(dev, cmd_code, req, 625 pn533_send_sync_complete, &arg); 626 if (rc) { 627 dev_kfree_skb(req); 628 return ERR_PTR(rc); 629 } 630 631 wait_for_completion(&arg.done); 632 633 return arg.resp; 634} 635 636static struct sk_buff *pn533_alloc_skb(struct pn533 *dev, unsigned int size) 637{ 638 struct sk_buff *skb; 639 640 skb = alloc_skb(dev->ops->tx_header_len + 641 size + 642 dev->ops->tx_tail_len, GFP_KERNEL); 643 644 if (skb) 645 skb_reserve(skb, dev->ops->tx_header_len); 646 647 return skb; 648} 649 650struct pn533_target_type_a { 651 __be16 sens_res; 652 u8 sel_res; 653 u8 nfcid_len; 654 u8 nfcid_data[]; 655} __packed; 656 657 658#define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6)) 659#define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0)) 660#define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8)) 661 662#define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00 663#define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C 664 665#define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5) 666#define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2) 667 668#define PN533_TYPE_A_SEL_PROT_MIFARE 0 669#define PN533_TYPE_A_SEL_PROT_ISO14443 1 670#define PN533_TYPE_A_SEL_PROT_DEP 2 671#define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3 672 673static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a, 674 int target_data_len) 675{ 676 u8 ssd; 677 u8 platconf; 678 679 if (target_data_len < sizeof(struct pn533_target_type_a)) 680 return false; 681 682 /* 683 * The length check of nfcid[] and ats[] are not being performed because 684 * the values are not being used 685 */ 686 687 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 688 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res); 689 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res); 690 691 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 692 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 693 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 694 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 695 return false; 696 697 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */ 698 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0) 699 return false; 700 701 if (type_a->nfcid_len > NFC_NFCID1_MAXSIZE) 702 return false; 703 704 return true; 705} 706 707static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data, 708 int tgt_data_len) 709{ 710 struct pn533_target_type_a *tgt_type_a; 711 712 tgt_type_a = (struct pn533_target_type_a *)tgt_data; 713 714 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len)) 715 return -EPROTO; 716 717 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) { 718 case PN533_TYPE_A_SEL_PROT_MIFARE: 719 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK; 720 break; 721 case PN533_TYPE_A_SEL_PROT_ISO14443: 722 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK; 723 break; 724 case PN533_TYPE_A_SEL_PROT_DEP: 725 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 726 break; 727 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP: 728 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK | 729 NFC_PROTO_NFC_DEP_MASK; 730 break; 731 } 732 733 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res); 734 nfc_tgt->sel_res = tgt_type_a->sel_res; 735 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len; 736 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len); 737 738 return 0; 739} 740 741struct pn533_target_felica { 742 u8 pol_res; 743 u8 opcode; 744 u8 nfcid2[NFC_NFCID2_MAXSIZE]; 745 u8 pad[8]; 746 /* optional */ 747 u8 syst_code[]; 748} __packed; 749 750#define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01 751#define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE 752 753static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica, 754 int target_data_len) 755{ 756 if (target_data_len < sizeof(struct pn533_target_felica)) 757 return false; 758 759 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES) 760 return false; 761 762 return true; 763} 764 765static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data, 766 int tgt_data_len) 767{ 768 struct pn533_target_felica *tgt_felica; 769 770 tgt_felica = (struct pn533_target_felica *)tgt_data; 771 772 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len)) 773 return -EPROTO; 774 775 if ((tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1) && 776 (tgt_felica->nfcid2[1] == PN533_FELICA_SENSF_NFCID2_DEP_B2)) 777 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 778 else 779 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK; 780 781 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9); 782 nfc_tgt->sensf_res_len = 9; 783 784 memcpy(nfc_tgt->nfcid2, tgt_felica->nfcid2, NFC_NFCID2_MAXSIZE); 785 nfc_tgt->nfcid2_len = NFC_NFCID2_MAXSIZE; 786 787 return 0; 788} 789 790struct pn533_target_jewel { 791 __be16 sens_res; 792 u8 jewelid[4]; 793} __packed; 794 795static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel, 796 int target_data_len) 797{ 798 u8 ssd; 799 u8 platconf; 800 801 if (target_data_len < sizeof(struct pn533_target_jewel)) 802 return false; 803 804 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */ 805 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res); 806 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res); 807 808 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL && 809 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) || 810 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL && 811 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL)) 812 return false; 813 814 return true; 815} 816 817static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data, 818 int tgt_data_len) 819{ 820 struct pn533_target_jewel *tgt_jewel; 821 822 tgt_jewel = (struct pn533_target_jewel *)tgt_data; 823 824 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len)) 825 return -EPROTO; 826 827 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK; 828 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res); 829 nfc_tgt->nfcid1_len = 4; 830 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len); 831 832 return 0; 833} 834 835struct pn533_type_b_prot_info { 836 u8 bitrate; 837 u8 fsci_type; 838 u8 fwi_adc_fo; 839} __packed; 840 841#define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4) 842#define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0) 843#define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8 844 845struct pn533_type_b_sens_res { 846 u8 opcode; 847 u8 nfcid[4]; 848 u8 appdata[4]; 849 struct pn533_type_b_prot_info prot_info; 850} __packed; 851 852#define PN533_TYPE_B_OPC_SENSB_RES 0x50 853 854struct pn533_target_type_b { 855 struct pn533_type_b_sens_res sensb_res; 856 u8 attrib_res_len; 857 u8 attrib_res[]; 858} __packed; 859 860static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b, 861 int target_data_len) 862{ 863 if (target_data_len < sizeof(struct pn533_target_type_b)) 864 return false; 865 866 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES) 867 return false; 868 869 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) & 870 PN533_TYPE_B_PROT_TYPE_RFU_MASK) 871 return false; 872 873 return true; 874} 875 876static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data, 877 int tgt_data_len) 878{ 879 struct pn533_target_type_b *tgt_type_b; 880 881 tgt_type_b = (struct pn533_target_type_b *)tgt_data; 882 883 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len)) 884 return -EPROTO; 885 886 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK; 887 888 return 0; 889} 890 891static void pn533_poll_reset_mod_list(struct pn533 *dev); 892static int pn533_target_found(struct pn533 *dev, u8 tg, u8 *tgdata, 893 int tgdata_len) 894{ 895 struct nfc_target nfc_tgt; 896 int rc; 897 898 dev_dbg(dev->dev, "%s: modulation=%d\n", 899 __func__, dev->poll_mod_curr); 900 901 if (tg != 1) 902 return -EPROTO; 903 904 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 905 906 switch (dev->poll_mod_curr) { 907 case PN533_POLL_MOD_106KBPS_A: 908 rc = pn533_target_found_type_a(&nfc_tgt, tgdata, tgdata_len); 909 break; 910 case PN533_POLL_MOD_212KBPS_FELICA: 911 case PN533_POLL_MOD_424KBPS_FELICA: 912 rc = pn533_target_found_felica(&nfc_tgt, tgdata, tgdata_len); 913 break; 914 case PN533_POLL_MOD_106KBPS_JEWEL: 915 rc = pn533_target_found_jewel(&nfc_tgt, tgdata, tgdata_len); 916 break; 917 case PN533_POLL_MOD_847KBPS_B: 918 rc = pn533_target_found_type_b(&nfc_tgt, tgdata, tgdata_len); 919 break; 920 default: 921 nfc_err(dev->dev, 922 "Unknown current poll modulation\n"); 923 return -EPROTO; 924 } 925 926 if (rc) 927 return rc; 928 929 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 930 dev_dbg(dev->dev, 931 "The Tg found doesn't have the desired protocol\n"); 932 return -EAGAIN; 933 } 934 935 dev_dbg(dev->dev, 936 "Target found - supported protocols: 0x%x\n", 937 nfc_tgt.supported_protocols); 938 939 dev->tgt_available_prots = nfc_tgt.supported_protocols; 940 941 pn533_poll_reset_mod_list(dev); 942 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 943 944 return 0; 945} 946 947static inline void pn533_poll_next_mod(struct pn533 *dev) 948{ 949 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count; 950} 951 952static void pn533_poll_reset_mod_list(struct pn533 *dev) 953{ 954 dev->poll_mod_count = 0; 955} 956 957static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index) 958{ 959 dev->poll_mod_active[dev->poll_mod_count] = 960 (struct pn533_poll_modulations *)&poll_mod[mod_index]; 961 dev->poll_mod_count++; 962} 963 964static void pn533_poll_create_mod_list(struct pn533 *dev, 965 u32 im_protocols, u32 tm_protocols) 966{ 967 pn533_poll_reset_mod_list(dev); 968 969 if ((im_protocols & NFC_PROTO_MIFARE_MASK) || 970 (im_protocols & NFC_PROTO_ISO14443_MASK) || 971 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 972 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A); 973 974 if (im_protocols & NFC_PROTO_FELICA_MASK || 975 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 976 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA); 977 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA); 978 } 979 980 if (im_protocols & NFC_PROTO_JEWEL_MASK) 981 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL); 982 983 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 984 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B); 985 986 if (tm_protocols) 987 pn533_poll_add_mod(dev, PN533_LISTEN_MOD); 988} 989 990static int pn533_start_poll_complete(struct pn533 *dev, struct sk_buff *resp) 991{ 992 u8 nbtg, tg, *tgdata; 993 int rc, tgdata_len; 994 995 /* Toggle the DEP polling */ 996 if (dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) 997 dev->poll_dep = 1; 998 999 nbtg = resp->data[0]; 1000 tg = resp->data[1]; 1001 tgdata = &resp->data[2]; 1002 tgdata_len = resp->len - 2; /* nbtg + tg */ 1003 1004 if (nbtg) { 1005 rc = pn533_target_found(dev, tg, tgdata, tgdata_len); 1006 1007 /* We must stop the poll after a valid target found */ 1008 if (rc == 0) 1009 return 0; 1010 } 1011 1012 return -EAGAIN; 1013} 1014 1015static struct sk_buff *pn533_alloc_poll_tg_frame(struct pn533 *dev) 1016{ 1017 struct sk_buff *skb; 1018 u8 *felica, *nfcid3; 1019 1020 u8 *gbytes = dev->gb; 1021 size_t gbytes_len = dev->gb_len; 1022 1023 u8 felica_params[18] = {0x1, 0xfe, /* DEP */ 1024 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */ 1025 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 1026 0xff, 0xff}; /* System code */ 1027 1028 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */ 1029 0x0, 0x0, 0x0, 1030 0x40}; /* SEL_RES for DEP */ 1031 1032 unsigned int skb_len = 36 + /* 1033 * mode (1), mifare (6), 1034 * felica (18), nfcid3 (10), gb_len (1) 1035 */ 1036 gbytes_len + 1037 1; /* len Tk*/ 1038 1039 skb = pn533_alloc_skb(dev, skb_len); 1040 if (!skb) 1041 return NULL; 1042 1043 /* DEP support only */ 1044 skb_put_u8(skb, PN533_INIT_TARGET_DEP); 1045 1046 /* MIFARE params */ 1047 skb_put_data(skb, mifare_params, 6); 1048 1049 /* Felica params */ 1050 felica = skb_put_data(skb, felica_params, 18); 1051 get_random_bytes(felica + 2, 6); 1052 1053 /* NFCID3 */ 1054 nfcid3 = skb_put_zero(skb, 10); 1055 memcpy(nfcid3, felica, 8); 1056 1057 /* General bytes */ 1058 skb_put_u8(skb, gbytes_len); 1059 1060 skb_put_data(skb, gbytes, gbytes_len); 1061 1062 /* Len Tk */ 1063 skb_put_u8(skb, 0); 1064 1065 return skb; 1066} 1067 1068static void pn533_wq_tm_mi_recv(struct work_struct *work); 1069static struct sk_buff *pn533_build_response(struct pn533 *dev); 1070 1071static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg, 1072 struct sk_buff *resp) 1073{ 1074 struct sk_buff *skb; 1075 u8 status, ret, mi; 1076 int rc; 1077 1078 if (IS_ERR(resp)) { 1079 skb_queue_purge(&dev->resp_q); 1080 return PTR_ERR(resp); 1081 } 1082 1083 status = resp->data[0]; 1084 1085 ret = status & PN533_CMD_RET_MASK; 1086 mi = status & PN533_CMD_MI_MASK; 1087 1088 skb_pull(resp, sizeof(status)); 1089 1090 if (ret != PN533_CMD_RET_SUCCESS) { 1091 rc = -EIO; 1092 goto error; 1093 } 1094 1095 skb_queue_tail(&dev->resp_q, resp); 1096 1097 if (mi) { 1098 queue_work(dev->wq, &dev->mi_tm_rx_work); 1099 return -EINPROGRESS; 1100 } 1101 1102 skb = pn533_build_response(dev); 1103 if (!skb) { 1104 rc = -EIO; 1105 goto error; 1106 } 1107 1108 return nfc_tm_data_received(dev->nfc_dev, skb); 1109 1110error: 1111 nfc_tm_deactivated(dev->nfc_dev); 1112 dev->tgt_mode = 0; 1113 skb_queue_purge(&dev->resp_q); 1114 dev_kfree_skb(resp); 1115 1116 return rc; 1117} 1118 1119static void pn533_wq_tm_mi_recv(struct work_struct *work) 1120{ 1121 struct pn533 *dev = container_of(work, struct pn533, mi_tm_rx_work); 1122 struct sk_buff *skb; 1123 int rc; 1124 1125 skb = pn533_alloc_skb(dev, 0); 1126 if (!skb) 1127 return; 1128 1129 rc = pn533_send_cmd_direct_async(dev, 1130 PN533_CMD_TG_GET_DATA, 1131 skb, 1132 pn533_tm_get_data_complete, 1133 NULL); 1134 1135 if (rc < 0) 1136 dev_kfree_skb(skb); 1137} 1138 1139static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 1140 struct sk_buff *resp); 1141static void pn533_wq_tm_mi_send(struct work_struct *work) 1142{ 1143 struct pn533 *dev = container_of(work, struct pn533, mi_tm_tx_work); 1144 struct sk_buff *skb; 1145 int rc; 1146 1147 /* Grab the first skb in the queue */ 1148 skb = skb_dequeue(&dev->fragment_skb); 1149 if (skb == NULL) { /* No more data */ 1150 /* Reset the queue for future use */ 1151 skb_queue_head_init(&dev->fragment_skb); 1152 goto error; 1153 } 1154 1155 /* last entry - remove MI bit */ 1156 if (skb_queue_len(&dev->fragment_skb) == 0) { 1157 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_TG_SET_DATA, 1158 skb, pn533_tm_send_complete, NULL); 1159 } else 1160 rc = pn533_send_cmd_direct_async(dev, 1161 PN533_CMD_TG_SET_META_DATA, 1162 skb, pn533_tm_send_complete, NULL); 1163 1164 if (rc == 0) /* success */ 1165 return; 1166 1167 dev_err(dev->dev, 1168 "Error %d when trying to perform set meta data_exchange", rc); 1169 1170 dev_kfree_skb(skb); 1171 1172error: 1173 dev->phy_ops->send_ack(dev, GFP_KERNEL); 1174 queue_work(dev->wq, &dev->cmd_work); 1175} 1176 1177static void pn533_wq_tg_get_data(struct work_struct *work) 1178{ 1179 struct pn533 *dev = container_of(work, struct pn533, tg_work); 1180 struct sk_buff *skb; 1181 int rc; 1182 1183 skb = pn533_alloc_skb(dev, 0); 1184 if (!skb) 1185 return; 1186 1187 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb, 1188 pn533_tm_get_data_complete, NULL); 1189 1190 if (rc < 0) 1191 dev_kfree_skb(skb); 1192} 1193 1194#define ATR_REQ_GB_OFFSET 17 1195static int pn533_init_target_complete(struct pn533 *dev, struct sk_buff *resp) 1196{ 1197 u8 mode, *cmd, comm_mode = NFC_COMM_PASSIVE, *gb; 1198 size_t gb_len; 1199 int rc; 1200 1201 if (resp->len < ATR_REQ_GB_OFFSET + 1) 1202 return -EINVAL; 1203 1204 mode = resp->data[0]; 1205 cmd = &resp->data[1]; 1206 1207 dev_dbg(dev->dev, "Target mode 0x%x len %d\n", 1208 mode, resp->len); 1209 1210 if ((mode & PN533_INIT_TARGET_RESP_FRAME_MASK) == 1211 PN533_INIT_TARGET_RESP_ACTIVE) 1212 comm_mode = NFC_COMM_ACTIVE; 1213 1214 if ((mode & PN533_INIT_TARGET_RESP_DEP) == 0) /* Only DEP supported */ 1215 return -EOPNOTSUPP; 1216 1217 gb = cmd + ATR_REQ_GB_OFFSET; 1218 gb_len = resp->len - (ATR_REQ_GB_OFFSET + 1); 1219 1220 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK, 1221 comm_mode, gb, gb_len); 1222 if (rc < 0) { 1223 nfc_err(dev->dev, 1224 "Error when signaling target activation\n"); 1225 return rc; 1226 } 1227 1228 dev->tgt_mode = 1; 1229 queue_work(dev->wq, &dev->tg_work); 1230 1231 return 0; 1232} 1233 1234static void pn533_listen_mode_timer(struct timer_list *t) 1235{ 1236 struct pn533 *dev = from_timer(dev, t, listen_timer); 1237 1238 dev->cancel_listen = 1; 1239 1240 pn533_poll_next_mod(dev); 1241 1242 queue_delayed_work(dev->wq, &dev->poll_work, 1243 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1244} 1245 1246static int pn533_rf_complete(struct pn533 *dev, void *arg, 1247 struct sk_buff *resp) 1248{ 1249 int rc = 0; 1250 1251 if (IS_ERR(resp)) { 1252 rc = PTR_ERR(resp); 1253 1254 nfc_err(dev->dev, "RF setting error %d\n", rc); 1255 1256 return rc; 1257 } 1258 1259 queue_delayed_work(dev->wq, &dev->poll_work, 1260 msecs_to_jiffies(PN533_POLL_INTERVAL)); 1261 1262 dev_kfree_skb(resp); 1263 return rc; 1264} 1265 1266static void pn533_wq_rf(struct work_struct *work) 1267{ 1268 struct pn533 *dev = container_of(work, struct pn533, rf_work); 1269 struct sk_buff *skb; 1270 int rc; 1271 1272 skb = pn533_alloc_skb(dev, 2); 1273 if (!skb) 1274 return; 1275 1276 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD); 1277 skb_put_u8(skb, PN533_CFGITEM_RF_FIELD_AUTO_RFCA); 1278 1279 rc = pn533_send_cmd_async(dev, PN533_CMD_RF_CONFIGURATION, skb, 1280 pn533_rf_complete, NULL); 1281 if (rc < 0) { 1282 dev_kfree_skb(skb); 1283 nfc_err(dev->dev, "RF setting error %d\n", rc); 1284 } 1285} 1286 1287static int pn533_poll_dep_complete(struct pn533 *dev, void *arg, 1288 struct sk_buff *resp) 1289{ 1290 struct pn533_cmd_jump_dep_response *rsp; 1291 struct nfc_target nfc_target; 1292 u8 target_gt_len; 1293 int rc; 1294 1295 if (IS_ERR(resp)) 1296 return PTR_ERR(resp); 1297 1298 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1299 1300 rc = rsp->status & PN533_CMD_RET_MASK; 1301 if (rc != PN533_CMD_RET_SUCCESS) { 1302 /* Not target found, turn radio off */ 1303 queue_work(dev->wq, &dev->rf_work); 1304 1305 dev_kfree_skb(resp); 1306 return 0; 1307 } 1308 1309 dev_dbg(dev->dev, "Creating new target"); 1310 1311 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1312 nfc_target.nfcid1_len = 10; 1313 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1314 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1315 if (rc) 1316 goto error; 1317 1318 dev->tgt_available_prots = 0; 1319 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1320 1321 /* ATR_RES general bytes are located at offset 17 */ 1322 target_gt_len = resp->len - 17; 1323 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1324 rsp->gt, target_gt_len); 1325 if (!rc) { 1326 rc = nfc_dep_link_is_up(dev->nfc_dev, 1327 dev->nfc_dev->targets[0].idx, 1328 0, NFC_RF_INITIATOR); 1329 1330 if (!rc) 1331 pn533_poll_reset_mod_list(dev); 1332 } 1333error: 1334 dev_kfree_skb(resp); 1335 return rc; 1336} 1337 1338#define PASSIVE_DATA_LEN 5 1339static int pn533_poll_dep(struct nfc_dev *nfc_dev) 1340{ 1341 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1342 struct sk_buff *skb; 1343 int rc, skb_len; 1344 u8 *next, nfcid3[NFC_NFCID3_MAXSIZE]; 1345 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1346 1347 if (!dev->gb) { 1348 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1349 1350 if (!dev->gb || !dev->gb_len) { 1351 dev->poll_dep = 0; 1352 queue_work(dev->wq, &dev->rf_work); 1353 } 1354 } 1355 1356 skb_len = 3 + dev->gb_len; /* ActPass + BR + Next */ 1357 skb_len += PASSIVE_DATA_LEN; 1358 1359 /* NFCID3 */ 1360 skb_len += NFC_NFCID3_MAXSIZE; 1361 nfcid3[0] = 0x1; 1362 nfcid3[1] = 0xfe; 1363 get_random_bytes(nfcid3 + 2, 6); 1364 1365 skb = pn533_alloc_skb(dev, skb_len); 1366 if (!skb) 1367 return -ENOMEM; 1368 1369 skb_put_u8(skb, 0x01); /* Active */ 1370 skb_put_u8(skb, 0x02); /* 424 kbps */ 1371 1372 next = skb_put(skb, 1); /* Next */ 1373 *next = 0; 1374 1375 /* Copy passive data */ 1376 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 1377 *next |= 1; 1378 1379 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 1380 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 1381 *next |= 2; 1382 1383 skb_put_data(skb, dev->gb, dev->gb_len); 1384 *next |= 4; /* We have some Gi */ 1385 1386 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 1387 pn533_poll_dep_complete, NULL); 1388 1389 if (rc < 0) 1390 dev_kfree_skb(skb); 1391 1392 return rc; 1393} 1394 1395static int pn533_autopoll_complete(struct pn533 *dev, void *arg, 1396 struct sk_buff *resp) 1397{ 1398 struct pn532_autopoll_resp *apr; 1399 struct nfc_target nfc_tgt; 1400 u8 nbtg; 1401 int rc; 1402 1403 if (IS_ERR(resp)) { 1404 rc = PTR_ERR(resp); 1405 1406 nfc_err(dev->dev, "%s autopoll complete error %d\n", 1407 __func__, rc); 1408 1409 if (rc == -ENOENT) { 1410 if (dev->poll_mod_count != 0) 1411 return rc; 1412 goto stop_poll; 1413 } else if (rc < 0) { 1414 nfc_err(dev->dev, 1415 "Error %d when running autopoll\n", rc); 1416 goto stop_poll; 1417 } 1418 } 1419 1420 nbtg = resp->data[0]; 1421 if ((nbtg > 2) || (nbtg <= 0)) 1422 return -EAGAIN; 1423 1424 apr = (struct pn532_autopoll_resp *)&resp->data[1]; 1425 while (nbtg--) { 1426 memset(&nfc_tgt, 0, sizeof(struct nfc_target)); 1427 switch (apr->type) { 1428 case PN532_AUTOPOLL_TYPE_ISOA: 1429 dev_dbg(dev->dev, "ISOA\n"); 1430 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1431 apr->ln - 1); 1432 break; 1433 case PN532_AUTOPOLL_TYPE_FELICA212: 1434 case PN532_AUTOPOLL_TYPE_FELICA424: 1435 dev_dbg(dev->dev, "FELICA\n"); 1436 rc = pn533_target_found_felica(&nfc_tgt, apr->tgdata, 1437 apr->ln - 1); 1438 break; 1439 case PN532_AUTOPOLL_TYPE_JEWEL: 1440 dev_dbg(dev->dev, "JEWEL\n"); 1441 rc = pn533_target_found_jewel(&nfc_tgt, apr->tgdata, 1442 apr->ln - 1); 1443 break; 1444 case PN532_AUTOPOLL_TYPE_ISOB: 1445 dev_dbg(dev->dev, "ISOB\n"); 1446 rc = pn533_target_found_type_b(&nfc_tgt, apr->tgdata, 1447 apr->ln - 1); 1448 break; 1449 case PN532_AUTOPOLL_TYPE_MIFARE: 1450 dev_dbg(dev->dev, "Mifare\n"); 1451 rc = pn533_target_found_type_a(&nfc_tgt, apr->tgdata, 1452 apr->ln - 1); 1453 break; 1454 default: 1455 nfc_err(dev->dev, 1456 "Unknown current poll modulation\n"); 1457 rc = -EPROTO; 1458 } 1459 1460 if (rc) 1461 goto done; 1462 1463 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) { 1464 nfc_err(dev->dev, 1465 "The Tg found doesn't have the desired protocol\n"); 1466 rc = -EAGAIN; 1467 goto done; 1468 } 1469 1470 dev->tgt_available_prots = nfc_tgt.supported_protocols; 1471 apr = (struct pn532_autopoll_resp *) 1472 (apr->tgdata + (apr->ln - 1)); 1473 } 1474 1475 pn533_poll_reset_mod_list(dev); 1476 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); 1477 1478done: 1479 dev_kfree_skb(resp); 1480 return rc; 1481 1482stop_poll: 1483 nfc_err(dev->dev, "autopoll operation has been stopped\n"); 1484 1485 pn533_poll_reset_mod_list(dev); 1486 dev->poll_protocols = 0; 1487 return rc; 1488} 1489 1490static int pn533_poll_complete(struct pn533 *dev, void *arg, 1491 struct sk_buff *resp) 1492{ 1493 struct pn533_poll_modulations *cur_mod; 1494 int rc; 1495 1496 if (IS_ERR(resp)) { 1497 rc = PTR_ERR(resp); 1498 1499 nfc_err(dev->dev, "%s Poll complete error %d\n", 1500 __func__, rc); 1501 1502 if (rc == -ENOENT) { 1503 if (dev->poll_mod_count != 0) 1504 return rc; 1505 goto stop_poll; 1506 } else if (rc < 0) { 1507 nfc_err(dev->dev, 1508 "Error %d when running poll\n", rc); 1509 goto stop_poll; 1510 } 1511 } 1512 1513 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1514 1515 if (cur_mod->len == 0) { /* Target mode */ 1516 del_timer(&dev->listen_timer); 1517 rc = pn533_init_target_complete(dev, resp); 1518 goto done; 1519 } 1520 1521 /* Initiator mode */ 1522 rc = pn533_start_poll_complete(dev, resp); 1523 if (!rc) 1524 goto done; 1525 1526 if (!dev->poll_mod_count) { 1527 dev_dbg(dev->dev, "Polling has been stopped\n"); 1528 goto done; 1529 } 1530 1531 pn533_poll_next_mod(dev); 1532 /* Not target found, turn radio off */ 1533 queue_work(dev->wq, &dev->rf_work); 1534 1535done: 1536 dev_kfree_skb(resp); 1537 return rc; 1538 1539stop_poll: 1540 nfc_err(dev->dev, "Polling operation has been stopped\n"); 1541 1542 pn533_poll_reset_mod_list(dev); 1543 dev->poll_protocols = 0; 1544 return rc; 1545} 1546 1547static struct sk_buff *pn533_alloc_poll_in_frame(struct pn533 *dev, 1548 struct pn533_poll_modulations *mod) 1549{ 1550 struct sk_buff *skb; 1551 1552 skb = pn533_alloc_skb(dev, mod->len); 1553 if (!skb) 1554 return NULL; 1555 1556 skb_put_data(skb, &mod->data, mod->len); 1557 1558 return skb; 1559} 1560 1561static int pn533_send_poll_frame(struct pn533 *dev) 1562{ 1563 struct pn533_poll_modulations *mod; 1564 struct sk_buff *skb; 1565 int rc; 1566 u8 cmd_code; 1567 1568 mod = dev->poll_mod_active[dev->poll_mod_curr]; 1569 1570 dev_dbg(dev->dev, "%s mod len %d\n", 1571 __func__, mod->len); 1572 1573 if ((dev->poll_protocols & NFC_PROTO_NFC_DEP_MASK) && dev->poll_dep) { 1574 dev->poll_dep = 0; 1575 return pn533_poll_dep(dev->nfc_dev); 1576 } 1577 1578 if (mod->len == 0) { /* Listen mode */ 1579 cmd_code = PN533_CMD_TG_INIT_AS_TARGET; 1580 skb = pn533_alloc_poll_tg_frame(dev); 1581 } else { /* Polling mode */ 1582 cmd_code = PN533_CMD_IN_LIST_PASSIVE_TARGET; 1583 skb = pn533_alloc_poll_in_frame(dev, mod); 1584 } 1585 1586 if (!skb) { 1587 nfc_err(dev->dev, "Failed to allocate skb\n"); 1588 return -ENOMEM; 1589 } 1590 1591 rc = pn533_send_cmd_async(dev, cmd_code, skb, pn533_poll_complete, 1592 NULL); 1593 if (rc < 0) { 1594 dev_kfree_skb(skb); 1595 nfc_err(dev->dev, "Polling loop error %d\n", rc); 1596 } 1597 1598 return rc; 1599} 1600 1601static void pn533_wq_poll(struct work_struct *work) 1602{ 1603 struct pn533 *dev = container_of(work, struct pn533, poll_work.work); 1604 struct pn533_poll_modulations *cur_mod; 1605 int rc; 1606 1607 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1608 1609 dev_dbg(dev->dev, 1610 "%s cancel_listen %d modulation len %d\n", 1611 __func__, dev->cancel_listen, cur_mod->len); 1612 1613 if (dev->cancel_listen == 1) { 1614 dev->cancel_listen = 0; 1615 dev->phy_ops->abort_cmd(dev, GFP_ATOMIC); 1616 } 1617 1618 rc = pn533_send_poll_frame(dev); 1619 if (rc) 1620 return; 1621 1622 if (cur_mod->len == 0 && dev->poll_mod_count > 1) 1623 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1624} 1625 1626static int pn533_start_poll(struct nfc_dev *nfc_dev, 1627 u32 im_protocols, u32 tm_protocols) 1628{ 1629 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1630 struct pn533_poll_modulations *cur_mod; 1631 struct sk_buff *skb; 1632 u8 rand_mod; 1633 int rc; 1634 1635 dev_dbg(dev->dev, 1636 "%s: im protocols 0x%x tm protocols 0x%x\n", 1637 __func__, im_protocols, tm_protocols); 1638 1639 if (dev->tgt_active_prot) { 1640 nfc_err(dev->dev, 1641 "Cannot poll with a target already activated\n"); 1642 return -EBUSY; 1643 } 1644 1645 if (dev->tgt_mode) { 1646 nfc_err(dev->dev, 1647 "Cannot poll while already being activated\n"); 1648 return -EBUSY; 1649 } 1650 1651 if (tm_protocols) { 1652 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len); 1653 if (dev->gb == NULL) 1654 tm_protocols = 0; 1655 } 1656 1657 dev->poll_protocols = im_protocols; 1658 dev->listen_protocols = tm_protocols; 1659 if (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL) { 1660 skb = pn533_alloc_skb(dev, 4 + 6); 1661 if (!skb) 1662 return -ENOMEM; 1663 1664 *((u8 *)skb_put(skb, sizeof(u8))) = 1665 PN532_AUTOPOLL_POLLNR_INFINITE; 1666 *((u8 *)skb_put(skb, sizeof(u8))) = PN532_AUTOPOLL_PERIOD; 1667 1668 if ((im_protocols & NFC_PROTO_MIFARE_MASK) && 1669 (im_protocols & NFC_PROTO_ISO14443_MASK) && 1670 (im_protocols & NFC_PROTO_NFC_DEP_MASK)) 1671 *((u8 *)skb_put(skb, sizeof(u8))) = 1672 PN532_AUTOPOLL_TYPE_GENERIC_106; 1673 else { 1674 if (im_protocols & NFC_PROTO_MIFARE_MASK) 1675 *((u8 *)skb_put(skb, sizeof(u8))) = 1676 PN532_AUTOPOLL_TYPE_MIFARE; 1677 1678 if (im_protocols & NFC_PROTO_ISO14443_MASK) 1679 *((u8 *)skb_put(skb, sizeof(u8))) = 1680 PN532_AUTOPOLL_TYPE_ISOA; 1681 1682 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1683 *((u8 *)skb_put(skb, sizeof(u8))) = 1684 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_106; 1685 *((u8 *)skb_put(skb, sizeof(u8))) = 1686 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_212; 1687 *((u8 *)skb_put(skb, sizeof(u8))) = 1688 PN532_AUTOPOLL_TYPE_DEP_PASSIVE_424; 1689 } 1690 } 1691 1692 if (im_protocols & NFC_PROTO_FELICA_MASK || 1693 im_protocols & NFC_PROTO_NFC_DEP_MASK) { 1694 *((u8 *)skb_put(skb, sizeof(u8))) = 1695 PN532_AUTOPOLL_TYPE_FELICA212; 1696 *((u8 *)skb_put(skb, sizeof(u8))) = 1697 PN532_AUTOPOLL_TYPE_FELICA424; 1698 } 1699 1700 if (im_protocols & NFC_PROTO_JEWEL_MASK) 1701 *((u8 *)skb_put(skb, sizeof(u8))) = 1702 PN532_AUTOPOLL_TYPE_JEWEL; 1703 1704 if (im_protocols & NFC_PROTO_ISO14443_B_MASK) 1705 *((u8 *)skb_put(skb, sizeof(u8))) = 1706 PN532_AUTOPOLL_TYPE_ISOB; 1707 1708 if (tm_protocols) 1709 *((u8 *)skb_put(skb, sizeof(u8))) = 1710 PN532_AUTOPOLL_TYPE_DEP_ACTIVE_106; 1711 1712 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_AUTOPOLL, skb, 1713 pn533_autopoll_complete, NULL); 1714 1715 if (rc < 0) 1716 dev_kfree_skb(skb); 1717 else 1718 dev->poll_mod_count++; 1719 1720 return rc; 1721 } 1722 1723 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols); 1724 1725 /* Do not always start polling from the same modulation */ 1726 get_random_bytes(&rand_mod, sizeof(rand_mod)); 1727 rand_mod %= dev->poll_mod_count; 1728 dev->poll_mod_curr = rand_mod; 1729 1730 cur_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1731 1732 rc = pn533_send_poll_frame(dev); 1733 1734 /* Start listen timer */ 1735 if (!rc && cur_mod->len == 0 && dev->poll_mod_count > 1) 1736 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ); 1737 1738 return rc; 1739} 1740 1741static void pn533_stop_poll(struct nfc_dev *nfc_dev) 1742{ 1743 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1744 1745 del_timer(&dev->listen_timer); 1746 1747 if (!dev->poll_mod_count) { 1748 dev_dbg(dev->dev, 1749 "Polling operation was not running\n"); 1750 return; 1751 } 1752 1753 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 1754 flush_delayed_work(&dev->poll_work); 1755 pn533_poll_reset_mod_list(dev); 1756} 1757 1758static int pn533_activate_target_nfcdep(struct pn533 *dev) 1759{ 1760 struct pn533_cmd_activate_response *rsp; 1761 u16 gt_len; 1762 int rc; 1763 struct sk_buff *skb; 1764 struct sk_buff *resp; 1765 1766 skb = pn533_alloc_skb(dev, sizeof(u8) * 2); /*TG + Next*/ 1767 if (!skb) 1768 return -ENOMEM; 1769 1770 skb_put_u8(skb, 1); /* TG */ 1771 skb_put_u8(skb, 0); /* Next */ 1772 1773 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb); 1774 if (IS_ERR(resp)) 1775 return PTR_ERR(resp); 1776 1777 rsp = (struct pn533_cmd_activate_response *)resp->data; 1778 rc = rsp->status & PN533_CMD_RET_MASK; 1779 if (rc != PN533_CMD_RET_SUCCESS) { 1780 nfc_err(dev->dev, 1781 "Target activation failed (error 0x%x)\n", rc); 1782 dev_kfree_skb(resp); 1783 return -EIO; 1784 } 1785 1786 /* ATR_RES general bytes are located at offset 16 */ 1787 gt_len = resp->len - 16; 1788 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len); 1789 1790 dev_kfree_skb(resp); 1791 return rc; 1792} 1793 1794static int pn533_activate_target(struct nfc_dev *nfc_dev, 1795 struct nfc_target *target, u32 protocol) 1796{ 1797 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1798 int rc; 1799 1800 dev_dbg(dev->dev, "%s: protocol=%u\n", __func__, protocol); 1801 1802 if (dev->poll_mod_count) { 1803 nfc_err(dev->dev, 1804 "Cannot activate while polling\n"); 1805 return -EBUSY; 1806 } 1807 1808 if (dev->tgt_active_prot) { 1809 nfc_err(dev->dev, 1810 "There is already an active target\n"); 1811 return -EBUSY; 1812 } 1813 1814 if (!dev->tgt_available_prots) { 1815 nfc_err(dev->dev, 1816 "There is no available target to activate\n"); 1817 return -EINVAL; 1818 } 1819 1820 if (!(dev->tgt_available_prots & (1 << protocol))) { 1821 nfc_err(dev->dev, 1822 "Target doesn't support requested proto %u\n", 1823 protocol); 1824 return -EINVAL; 1825 } 1826 1827 if (protocol == NFC_PROTO_NFC_DEP) { 1828 rc = pn533_activate_target_nfcdep(dev); 1829 if (rc) { 1830 nfc_err(dev->dev, 1831 "Activating target with DEP failed %d\n", rc); 1832 return rc; 1833 } 1834 } 1835 1836 dev->tgt_active_prot = protocol; 1837 dev->tgt_available_prots = 0; 1838 1839 return 0; 1840} 1841 1842static int pn533_deactivate_target_complete(struct pn533 *dev, void *arg, 1843 struct sk_buff *resp) 1844{ 1845 int rc = 0; 1846 1847 if (IS_ERR(resp)) { 1848 rc = PTR_ERR(resp); 1849 1850 nfc_err(dev->dev, "Target release error %d\n", rc); 1851 1852 return rc; 1853 } 1854 1855 rc = resp->data[0] & PN533_CMD_RET_MASK; 1856 if (rc != PN533_CMD_RET_SUCCESS) 1857 nfc_err(dev->dev, 1858 "Error 0x%x when releasing the target\n", rc); 1859 1860 dev_kfree_skb(resp); 1861 return rc; 1862} 1863 1864static void pn533_deactivate_target(struct nfc_dev *nfc_dev, 1865 struct nfc_target *target, u8 mode) 1866{ 1867 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1868 struct sk_buff *skb; 1869 int rc; 1870 1871 if (!dev->tgt_active_prot) { 1872 nfc_err(dev->dev, "There is no active target\n"); 1873 return; 1874 } 1875 1876 dev->tgt_active_prot = 0; 1877 skb_queue_purge(&dev->resp_q); 1878 1879 skb = pn533_alloc_skb(dev, sizeof(u8)); 1880 if (!skb) 1881 return; 1882 1883 skb_put_u8(skb, 1); /* TG*/ 1884 1885 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_RELEASE, skb, 1886 pn533_deactivate_target_complete, NULL); 1887 if (rc < 0) { 1888 dev_kfree_skb(skb); 1889 nfc_err(dev->dev, "Target release error %d\n", rc); 1890 } 1891} 1892 1893 1894static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg, 1895 struct sk_buff *resp) 1896{ 1897 struct pn533_cmd_jump_dep_response *rsp; 1898 u8 target_gt_len; 1899 int rc; 1900 u8 active = *(u8 *)arg; 1901 1902 kfree(arg); 1903 1904 if (IS_ERR(resp)) 1905 return PTR_ERR(resp); 1906 1907 if (dev->tgt_available_prots && 1908 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) { 1909 nfc_err(dev->dev, 1910 "The target does not support DEP\n"); 1911 rc = -EINVAL; 1912 goto error; 1913 } 1914 1915 rsp = (struct pn533_cmd_jump_dep_response *)resp->data; 1916 1917 rc = rsp->status & PN533_CMD_RET_MASK; 1918 if (rc != PN533_CMD_RET_SUCCESS) { 1919 nfc_err(dev->dev, 1920 "Bringing DEP link up failed (error 0x%x)\n", rc); 1921 goto error; 1922 } 1923 1924 if (!dev->tgt_available_prots) { 1925 struct nfc_target nfc_target; 1926 1927 dev_dbg(dev->dev, "Creating new target\n"); 1928 1929 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK; 1930 nfc_target.nfcid1_len = 10; 1931 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len); 1932 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1); 1933 if (rc) 1934 goto error; 1935 1936 dev->tgt_available_prots = 0; 1937 } 1938 1939 dev->tgt_active_prot = NFC_PROTO_NFC_DEP; 1940 1941 /* ATR_RES general bytes are located at offset 17 */ 1942 target_gt_len = resp->len - 17; 1943 rc = nfc_set_remote_general_bytes(dev->nfc_dev, 1944 rsp->gt, target_gt_len); 1945 if (rc == 0) 1946 rc = nfc_dep_link_is_up(dev->nfc_dev, 1947 dev->nfc_dev->targets[0].idx, 1948 !active, NFC_RF_INITIATOR); 1949 1950error: 1951 dev_kfree_skb(resp); 1952 return rc; 1953} 1954 1955static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf); 1956static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 1957 u8 comm_mode, u8 *gb, size_t gb_len) 1958{ 1959 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1960 struct sk_buff *skb; 1961 int rc, skb_len; 1962 u8 *next, *arg, nfcid3[NFC_NFCID3_MAXSIZE]; 1963 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3}; 1964 1965 if (dev->poll_mod_count) { 1966 nfc_err(dev->dev, 1967 "Cannot bring the DEP link up while polling\n"); 1968 return -EBUSY; 1969 } 1970 1971 if (dev->tgt_active_prot) { 1972 nfc_err(dev->dev, 1973 "There is already an active target\n"); 1974 return -EBUSY; 1975 } 1976 1977 skb_len = 3 + gb_len; /* ActPass + BR + Next */ 1978 skb_len += PASSIVE_DATA_LEN; 1979 1980 /* NFCID3 */ 1981 skb_len += NFC_NFCID3_MAXSIZE; 1982 if (target && !target->nfcid2_len) { 1983 nfcid3[0] = 0x1; 1984 nfcid3[1] = 0xfe; 1985 get_random_bytes(nfcid3 + 2, 6); 1986 } 1987 1988 skb = pn533_alloc_skb(dev, skb_len); 1989 if (!skb) 1990 return -ENOMEM; 1991 1992 skb_put_u8(skb, !comm_mode); /* ActPass */ 1993 skb_put_u8(skb, 0x02); /* 424 kbps */ 1994 1995 next = skb_put(skb, 1); /* Next */ 1996 *next = 0; 1997 1998 /* Copy passive data */ 1999 skb_put_data(skb, passive_data, PASSIVE_DATA_LEN); 2000 *next |= 1; 2001 2002 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */ 2003 if (target && target->nfcid2_len) 2004 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), target->nfcid2, 2005 target->nfcid2_len); 2006 else 2007 skb_put_data(skb, nfcid3, NFC_NFCID3_MAXSIZE); 2008 *next |= 2; 2009 2010 if (gb != NULL && gb_len > 0) { 2011 skb_put_data(skb, gb, gb_len); 2012 *next |= 4; /* We have some Gi */ 2013 } else { 2014 *next = 0; 2015 } 2016 2017 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2018 if (!arg) { 2019 dev_kfree_skb(skb); 2020 return -ENOMEM; 2021 } 2022 2023 *arg = !comm_mode; 2024 2025 pn533_rf_field(dev->nfc_dev, 0); 2026 2027 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb, 2028 pn533_in_dep_link_up_complete, arg); 2029 2030 if (rc < 0) { 2031 dev_kfree_skb(skb); 2032 kfree(arg); 2033 } 2034 2035 return rc; 2036} 2037 2038static int pn533_dep_link_down(struct nfc_dev *nfc_dev) 2039{ 2040 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2041 2042 pn533_poll_reset_mod_list(dev); 2043 2044 if (dev->tgt_mode || dev->tgt_active_prot) 2045 dev->phy_ops->abort_cmd(dev, GFP_KERNEL); 2046 2047 dev->tgt_active_prot = 0; 2048 dev->tgt_mode = 0; 2049 2050 skb_queue_purge(&dev->resp_q); 2051 2052 return 0; 2053} 2054 2055struct pn533_data_exchange_arg { 2056 data_exchange_cb_t cb; 2057 void *cb_context; 2058}; 2059 2060static struct sk_buff *pn533_build_response(struct pn533 *dev) 2061{ 2062 struct sk_buff *skb, *tmp, *t; 2063 unsigned int skb_len = 0, tmp_len = 0; 2064 2065 if (skb_queue_empty(&dev->resp_q)) 2066 return NULL; 2067 2068 if (skb_queue_len(&dev->resp_q) == 1) { 2069 skb = skb_dequeue(&dev->resp_q); 2070 goto out; 2071 } 2072 2073 skb_queue_walk_safe(&dev->resp_q, tmp, t) 2074 skb_len += tmp->len; 2075 2076 dev_dbg(dev->dev, "%s total length %d\n", 2077 __func__, skb_len); 2078 2079 skb = alloc_skb(skb_len, GFP_KERNEL); 2080 if (skb == NULL) 2081 goto out; 2082 2083 skb_put(skb, skb_len); 2084 2085 skb_queue_walk_safe(&dev->resp_q, tmp, t) { 2086 memcpy(skb->data + tmp_len, tmp->data, tmp->len); 2087 tmp_len += tmp->len; 2088 } 2089 2090out: 2091 skb_queue_purge(&dev->resp_q); 2092 2093 return skb; 2094} 2095 2096static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg, 2097 struct sk_buff *resp) 2098{ 2099 struct pn533_data_exchange_arg *arg = _arg; 2100 struct sk_buff *skb; 2101 int rc = 0; 2102 u8 status, ret, mi; 2103 2104 if (IS_ERR(resp)) { 2105 rc = PTR_ERR(resp); 2106 goto _error; 2107 } 2108 2109 status = resp->data[0]; 2110 ret = status & PN533_CMD_RET_MASK; 2111 mi = status & PN533_CMD_MI_MASK; 2112 2113 skb_pull(resp, sizeof(status)); 2114 2115 if (ret != PN533_CMD_RET_SUCCESS) { 2116 nfc_err(dev->dev, 2117 "Exchanging data failed (error 0x%x)\n", ret); 2118 rc = -EIO; 2119 goto error; 2120 } 2121 2122 skb_queue_tail(&dev->resp_q, resp); 2123 2124 if (mi) { 2125 dev->cmd_complete_mi_arg = arg; 2126 queue_work(dev->wq, &dev->mi_rx_work); 2127 return -EINPROGRESS; 2128 } 2129 2130 /* Prepare for the next round */ 2131 if (skb_queue_len(&dev->fragment_skb) > 0) { 2132 dev->cmd_complete_dep_arg = arg; 2133 queue_work(dev->wq, &dev->mi_tx_work); 2134 2135 return -EINPROGRESS; 2136 } 2137 2138 skb = pn533_build_response(dev); 2139 if (!skb) { 2140 rc = -ENOMEM; 2141 goto error; 2142 } 2143 2144 arg->cb(arg->cb_context, skb, 0); 2145 kfree(arg); 2146 return 0; 2147 2148error: 2149 dev_kfree_skb(resp); 2150_error: 2151 skb_queue_purge(&dev->resp_q); 2152 arg->cb(arg->cb_context, NULL, rc); 2153 kfree(arg); 2154 return rc; 2155} 2156 2157/* 2158 * Receive an incoming pn533 frame. skb contains only header and payload. 2159 * If skb == NULL, it is a notification that the link below is dead. 2160 */ 2161void pn533_recv_frame(struct pn533 *dev, struct sk_buff *skb, int status) 2162{ 2163 if (!dev->cmd) 2164 goto sched_wq; 2165 2166 dev->cmd->status = status; 2167 2168 if (status != 0) { 2169 dev_dbg(dev->dev, "%s: Error received: %d\n", __func__, status); 2170 goto sched_wq; 2171 } 2172 2173 if (skb == NULL) { 2174 dev_err(dev->dev, "NULL Frame -> link is dead\n"); 2175 goto sched_wq; 2176 } 2177 2178 if (pn533_rx_frame_is_ack(skb->data)) { 2179 dev_dbg(dev->dev, "%s: Received ACK frame\n", __func__); 2180 dev_kfree_skb(skb); 2181 return; 2182 } 2183 2184 print_hex_dump_debug("PN533 RX: ", DUMP_PREFIX_NONE, 16, 1, skb->data, 2185 dev->ops->rx_frame_size(skb->data), false); 2186 2187 if (!dev->ops->rx_is_frame_valid(skb->data, dev)) { 2188 nfc_err(dev->dev, "Received an invalid frame\n"); 2189 dev->cmd->status = -EIO; 2190 } else if (!pn533_rx_frame_is_cmd_response(dev, skb->data)) { 2191 nfc_err(dev->dev, "It it not the response to the last command\n"); 2192 dev->cmd->status = -EIO; 2193 } 2194 2195 dev->cmd->resp = skb; 2196 2197sched_wq: 2198 queue_work(dev->wq, &dev->cmd_complete_work); 2199} 2200EXPORT_SYMBOL(pn533_recv_frame); 2201 2202/* Split the Tx skb into small chunks */ 2203static int pn533_fill_fragment_skbs(struct pn533 *dev, struct sk_buff *skb) 2204{ 2205 struct sk_buff *frag; 2206 int frag_size; 2207 2208 do { 2209 /* Remaining size */ 2210 if (skb->len > PN533_CMD_DATAFRAME_MAXLEN) 2211 frag_size = PN533_CMD_DATAFRAME_MAXLEN; 2212 else 2213 frag_size = skb->len; 2214 2215 /* Allocate and reserve */ 2216 frag = pn533_alloc_skb(dev, frag_size); 2217 if (!frag) { 2218 skb_queue_purge(&dev->fragment_skb); 2219 return -ENOMEM; 2220 } 2221 2222 if (!dev->tgt_mode) { 2223 /* Reserve the TG/MI byte */ 2224 skb_reserve(frag, 1); 2225 2226 /* MI + TG */ 2227 if (frag_size == PN533_CMD_DATAFRAME_MAXLEN) 2228 *(u8 *)skb_push(frag, sizeof(u8)) = 2229 (PN533_CMD_MI_MASK | 1); 2230 else 2231 *(u8 *)skb_push(frag, sizeof(u8)) = 1; /* TG */ 2232 } 2233 2234 skb_put_data(frag, skb->data, frag_size); 2235 2236 /* Reduce the size of incoming buffer */ 2237 skb_pull(skb, frag_size); 2238 2239 /* Add this to skb_queue */ 2240 skb_queue_tail(&dev->fragment_skb, frag); 2241 2242 } while (skb->len > 0); 2243 2244 dev_kfree_skb(skb); 2245 2246 return skb_queue_len(&dev->fragment_skb); 2247} 2248 2249static int pn533_transceive(struct nfc_dev *nfc_dev, 2250 struct nfc_target *target, struct sk_buff *skb, 2251 data_exchange_cb_t cb, void *cb_context) 2252{ 2253 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2254 struct pn533_data_exchange_arg *arg = NULL; 2255 int rc; 2256 2257 if (!dev->tgt_active_prot) { 2258 nfc_err(dev->dev, 2259 "Can't exchange data if there is no active target\n"); 2260 rc = -EINVAL; 2261 goto error; 2262 } 2263 2264 arg = kmalloc(sizeof(*arg), GFP_KERNEL); 2265 if (!arg) { 2266 rc = -ENOMEM; 2267 goto error; 2268 } 2269 2270 arg->cb = cb; 2271 arg->cb_context = cb_context; 2272 2273 switch (dev->device_type) { 2274 case PN533_DEVICE_PASORI: 2275 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2276 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU, 2277 skb, 2278 pn533_data_exchange_complete, 2279 arg); 2280 2281 break; 2282 } 2283 fallthrough; 2284 default: 2285 /* jumbo frame ? */ 2286 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2287 rc = pn533_fill_fragment_skbs(dev, skb); 2288 if (rc < 0) 2289 goto error; 2290 2291 skb = skb_dequeue(&dev->fragment_skb); 2292 if (!skb) { 2293 rc = -EIO; 2294 goto error; 2295 } 2296 } else { 2297 *(u8 *)skb_push(skb, sizeof(u8)) = 1; /* TG */ 2298 } 2299 2300 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE, 2301 skb, pn533_data_exchange_complete, 2302 arg); 2303 2304 break; 2305 } 2306 2307 if (rc < 0) /* rc from send_async */ 2308 goto error; 2309 2310 return 0; 2311 2312error: 2313 kfree(arg); 2314 dev_kfree_skb(skb); 2315 return rc; 2316} 2317 2318static int pn533_tm_send_complete(struct pn533 *dev, void *arg, 2319 struct sk_buff *resp) 2320{ 2321 u8 status; 2322 2323 if (IS_ERR(resp)) 2324 return PTR_ERR(resp); 2325 2326 status = resp->data[0]; 2327 2328 /* Prepare for the next round */ 2329 if (skb_queue_len(&dev->fragment_skb) > 0) { 2330 queue_work(dev->wq, &dev->mi_tm_tx_work); 2331 return -EINPROGRESS; 2332 } 2333 dev_kfree_skb(resp); 2334 2335 if (status != 0) { 2336 nfc_tm_deactivated(dev->nfc_dev); 2337 2338 dev->tgt_mode = 0; 2339 2340 return 0; 2341 } 2342 2343 queue_work(dev->wq, &dev->tg_work); 2344 2345 return 0; 2346} 2347 2348static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) 2349{ 2350 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2351 int rc; 2352 2353 /* let's split in multiple chunks if size's too big */ 2354 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) { 2355 rc = pn533_fill_fragment_skbs(dev, skb); 2356 if (rc < 0) 2357 goto error; 2358 2359 /* get the first skb */ 2360 skb = skb_dequeue(&dev->fragment_skb); 2361 if (!skb) { 2362 rc = -EIO; 2363 goto error; 2364 } 2365 2366 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_META_DATA, skb, 2367 pn533_tm_send_complete, NULL); 2368 } else { 2369 /* Send th skb */ 2370 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb, 2371 pn533_tm_send_complete, NULL); 2372 } 2373 2374error: 2375 if (rc < 0) { 2376 dev_kfree_skb(skb); 2377 skb_queue_purge(&dev->fragment_skb); 2378 } 2379 2380 return rc; 2381} 2382 2383static void pn533_wq_mi_recv(struct work_struct *work) 2384{ 2385 struct pn533 *dev = container_of(work, struct pn533, mi_rx_work); 2386 struct sk_buff *skb; 2387 int rc; 2388 2389 skb = pn533_alloc_skb(dev, PN533_CMD_DATAEXCH_HEAD_LEN); 2390 if (!skb) 2391 goto error; 2392 2393 switch (dev->device_type) { 2394 case PN533_DEVICE_PASORI: 2395 if (dev->tgt_active_prot == NFC_PROTO_FELICA) { 2396 rc = pn533_send_cmd_direct_async(dev, 2397 PN533_CMD_IN_COMM_THRU, 2398 skb, 2399 pn533_data_exchange_complete, 2400 dev->cmd_complete_mi_arg); 2401 2402 break; 2403 } 2404 fallthrough; 2405 default: 2406 skb_put_u8(skb, 1); /*TG*/ 2407 2408 rc = pn533_send_cmd_direct_async(dev, 2409 PN533_CMD_IN_DATA_EXCHANGE, 2410 skb, 2411 pn533_data_exchange_complete, 2412 dev->cmd_complete_mi_arg); 2413 2414 break; 2415 } 2416 2417 if (rc == 0) /* success */ 2418 return; 2419 2420 nfc_err(dev->dev, 2421 "Error %d when trying to perform data_exchange\n", rc); 2422 2423 dev_kfree_skb(skb); 2424 kfree(dev->cmd_complete_mi_arg); 2425 2426error: 2427 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2428 queue_work(dev->wq, &dev->cmd_work); 2429} 2430 2431static void pn533_wq_mi_send(struct work_struct *work) 2432{ 2433 struct pn533 *dev = container_of(work, struct pn533, mi_tx_work); 2434 struct sk_buff *skb; 2435 int rc; 2436 2437 /* Grab the first skb in the queue */ 2438 skb = skb_dequeue(&dev->fragment_skb); 2439 2440 if (skb == NULL) { /* No more data */ 2441 /* Reset the queue for future use */ 2442 skb_queue_head_init(&dev->fragment_skb); 2443 goto error; 2444 } 2445 2446 switch (dev->device_type) { 2447 case PN533_DEVICE_PASORI: 2448 if (dev->tgt_active_prot != NFC_PROTO_FELICA) { 2449 rc = -EIO; 2450 break; 2451 } 2452 2453 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_IN_COMM_THRU, 2454 skb, 2455 pn533_data_exchange_complete, 2456 dev->cmd_complete_dep_arg); 2457 2458 break; 2459 2460 default: 2461 /* Still some fragments? */ 2462 rc = pn533_send_cmd_direct_async(dev, 2463 PN533_CMD_IN_DATA_EXCHANGE, 2464 skb, 2465 pn533_data_exchange_complete, 2466 dev->cmd_complete_dep_arg); 2467 2468 break; 2469 } 2470 2471 if (rc == 0) /* success */ 2472 return; 2473 2474 nfc_err(dev->dev, 2475 "Error %d when trying to perform data_exchange\n", rc); 2476 2477 dev_kfree_skb(skb); 2478 kfree(dev->cmd_complete_dep_arg); 2479 2480error: 2481 dev->phy_ops->send_ack(dev, GFP_KERNEL); 2482 queue_work(dev->wq, &dev->cmd_work); 2483} 2484 2485static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata, 2486 u8 cfgdata_len) 2487{ 2488 struct sk_buff *skb; 2489 struct sk_buff *resp; 2490 int skb_len; 2491 2492 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */ 2493 2494 skb = pn533_alloc_skb(dev, skb_len); 2495 if (!skb) 2496 return -ENOMEM; 2497 2498 skb_put_u8(skb, cfgitem); 2499 skb_put_data(skb, cfgdata, cfgdata_len); 2500 2501 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb); 2502 if (IS_ERR(resp)) 2503 return PTR_ERR(resp); 2504 2505 dev_kfree_skb(resp); 2506 return 0; 2507} 2508 2509static int pn533_get_firmware_version(struct pn533 *dev, 2510 struct pn533_fw_version *fv) 2511{ 2512 struct sk_buff *skb; 2513 struct sk_buff *resp; 2514 2515 skb = pn533_alloc_skb(dev, 0); 2516 if (!skb) 2517 return -ENOMEM; 2518 2519 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb); 2520 if (IS_ERR(resp)) 2521 return PTR_ERR(resp); 2522 2523 fv->ic = resp->data[0]; 2524 fv->ver = resp->data[1]; 2525 fv->rev = resp->data[2]; 2526 fv->support = resp->data[3]; 2527 2528 dev_kfree_skb(resp); 2529 return 0; 2530} 2531 2532static int pn533_pasori_fw_reset(struct pn533 *dev) 2533{ 2534 struct sk_buff *skb; 2535 struct sk_buff *resp; 2536 2537 skb = pn533_alloc_skb(dev, sizeof(u8)); 2538 if (!skb) 2539 return -ENOMEM; 2540 2541 skb_put_u8(skb, 0x1); 2542 2543 resp = pn533_send_cmd_sync(dev, 0x18, skb); 2544 if (IS_ERR(resp)) 2545 return PTR_ERR(resp); 2546 2547 dev_kfree_skb(resp); 2548 2549 return 0; 2550} 2551 2552static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf) 2553{ 2554 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2555 u8 rf_field = !!rf; 2556 int rc; 2557 2558 rf_field |= PN533_CFGITEM_RF_FIELD_AUTO_RFCA; 2559 2560 rc = pn533_set_configuration(dev, PN533_CFGITEM_RF_FIELD, 2561 (u8 *)&rf_field, 1); 2562 if (rc) { 2563 nfc_err(dev->dev, "Error on setting RF field\n"); 2564 return rc; 2565 } 2566 2567 return 0; 2568} 2569 2570static int pn532_sam_configuration(struct nfc_dev *nfc_dev) 2571{ 2572 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2573 struct sk_buff *skb; 2574 struct sk_buff *resp; 2575 2576 skb = pn533_alloc_skb(dev, 1); 2577 if (!skb) 2578 return -ENOMEM; 2579 2580 skb_put_u8(skb, 0x01); 2581 2582 resp = pn533_send_cmd_sync(dev, PN533_CMD_SAM_CONFIGURATION, skb); 2583 if (IS_ERR(resp)) 2584 return PTR_ERR(resp); 2585 2586 dev_kfree_skb(resp); 2587 return 0; 2588} 2589 2590static int pn533_dev_up(struct nfc_dev *nfc_dev) 2591{ 2592 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2593 int rc; 2594 2595 if (dev->phy_ops->dev_up) { 2596 rc = dev->phy_ops->dev_up(dev); 2597 if (rc) 2598 return rc; 2599 } 2600 2601 if ((dev->device_type == PN533_DEVICE_PN532) || 2602 (dev->device_type == PN533_DEVICE_PN532_AUTOPOLL)) { 2603 rc = pn532_sam_configuration(nfc_dev); 2604 2605 if (rc) 2606 return rc; 2607 } 2608 2609 return pn533_rf_field(nfc_dev, 1); 2610} 2611 2612static int pn533_dev_down(struct nfc_dev *nfc_dev) 2613{ 2614 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 2615 int ret; 2616 2617 ret = pn533_rf_field(nfc_dev, 0); 2618 if (dev->phy_ops->dev_down && !ret) 2619 ret = dev->phy_ops->dev_down(dev); 2620 2621 return ret; 2622} 2623 2624static const struct nfc_ops pn533_nfc_ops = { 2625 .dev_up = pn533_dev_up, 2626 .dev_down = pn533_dev_down, 2627 .dep_link_up = pn533_dep_link_up, 2628 .dep_link_down = pn533_dep_link_down, 2629 .start_poll = pn533_start_poll, 2630 .stop_poll = pn533_stop_poll, 2631 .activate_target = pn533_activate_target, 2632 .deactivate_target = pn533_deactivate_target, 2633 .im_transceive = pn533_transceive, 2634 .tm_send = pn533_tm_send, 2635}; 2636 2637static int pn533_setup(struct pn533 *dev) 2638{ 2639 struct pn533_config_max_retries max_retries; 2640 struct pn533_config_timing timing; 2641 u8 pasori_cfg[3] = {0x08, 0x01, 0x08}; 2642 int rc; 2643 2644 switch (dev->device_type) { 2645 case PN533_DEVICE_STD: 2646 case PN533_DEVICE_PASORI: 2647 case PN533_DEVICE_ACR122U: 2648 case PN533_DEVICE_PN532: 2649 case PN533_DEVICE_PN532_AUTOPOLL: 2650 max_retries.mx_rty_atr = 0x2; 2651 max_retries.mx_rty_psl = 0x1; 2652 max_retries.mx_rty_passive_act = 2653 PN533_CONFIG_MAX_RETRIES_NO_RETRY; 2654 2655 timing.rfu = PN533_CONFIG_TIMING_102; 2656 timing.atr_res_timeout = PN533_CONFIG_TIMING_102; 2657 timing.dep_timeout = PN533_CONFIG_TIMING_204; 2658 2659 break; 2660 2661 default: 2662 nfc_err(dev->dev, "Unknown device type %d\n", 2663 dev->device_type); 2664 return -EINVAL; 2665 } 2666 2667 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES, 2668 (u8 *)&max_retries, sizeof(max_retries)); 2669 if (rc) { 2670 nfc_err(dev->dev, 2671 "Error on setting MAX_RETRIES config\n"); 2672 return rc; 2673 } 2674 2675 2676 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING, 2677 (u8 *)&timing, sizeof(timing)); 2678 if (rc) { 2679 nfc_err(dev->dev, "Error on setting RF timings\n"); 2680 return rc; 2681 } 2682 2683 switch (dev->device_type) { 2684 case PN533_DEVICE_STD: 2685 case PN533_DEVICE_PN532: 2686 case PN533_DEVICE_PN532_AUTOPOLL: 2687 break; 2688 2689 case PN533_DEVICE_PASORI: 2690 pn533_pasori_fw_reset(dev); 2691 2692 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI, 2693 pasori_cfg, 3); 2694 if (rc) { 2695 nfc_err(dev->dev, 2696 "Error while settings PASORI config\n"); 2697 return rc; 2698 } 2699 2700 pn533_pasori_fw_reset(dev); 2701 2702 break; 2703 } 2704 2705 return 0; 2706} 2707 2708int pn533_finalize_setup(struct pn533 *dev) 2709{ 2710 2711 struct pn533_fw_version fw_ver; 2712 int rc; 2713 2714 memset(&fw_ver, 0, sizeof(fw_ver)); 2715 2716 rc = pn533_get_firmware_version(dev, &fw_ver); 2717 if (rc) { 2718 nfc_err(dev->dev, "Unable to get FW version\n"); 2719 return rc; 2720 } 2721 2722 nfc_info(dev->dev, "NXP PN5%02X firmware ver %d.%d now attached\n", 2723 fw_ver.ic, fw_ver.ver, fw_ver.rev); 2724 2725 rc = pn533_setup(dev); 2726 if (rc) 2727 return rc; 2728 2729 return 0; 2730} 2731EXPORT_SYMBOL_GPL(pn533_finalize_setup); 2732 2733struct pn533 *pn53x_common_init(u32 device_type, 2734 enum pn533_protocol_type protocol_type, 2735 void *phy, 2736 const struct pn533_phy_ops *phy_ops, 2737 struct pn533_frame_ops *fops, 2738 struct device *dev) 2739{ 2740 struct pn533 *priv; 2741 2742 priv = kzalloc(sizeof(*priv), GFP_KERNEL); 2743 if (!priv) 2744 return ERR_PTR(-ENOMEM); 2745 2746 priv->phy = phy; 2747 priv->phy_ops = phy_ops; 2748 priv->dev = dev; 2749 if (fops != NULL) 2750 priv->ops = fops; 2751 else 2752 priv->ops = &pn533_std_frame_ops; 2753 2754 priv->protocol_type = protocol_type; 2755 priv->device_type = device_type; 2756 2757 mutex_init(&priv->cmd_lock); 2758 2759 INIT_WORK(&priv->cmd_work, pn533_wq_cmd); 2760 INIT_WORK(&priv->cmd_complete_work, pn533_wq_cmd_complete); 2761 INIT_WORK(&priv->mi_rx_work, pn533_wq_mi_recv); 2762 INIT_WORK(&priv->mi_tx_work, pn533_wq_mi_send); 2763 INIT_WORK(&priv->tg_work, pn533_wq_tg_get_data); 2764 INIT_WORK(&priv->mi_tm_rx_work, pn533_wq_tm_mi_recv); 2765 INIT_WORK(&priv->mi_tm_tx_work, pn533_wq_tm_mi_send); 2766 INIT_DELAYED_WORK(&priv->poll_work, pn533_wq_poll); 2767 INIT_WORK(&priv->rf_work, pn533_wq_rf); 2768 priv->wq = alloc_ordered_workqueue("pn533", 0); 2769 if (priv->wq == NULL) 2770 goto error; 2771 2772 timer_setup(&priv->listen_timer, pn533_listen_mode_timer, 0); 2773 2774 skb_queue_head_init(&priv->resp_q); 2775 skb_queue_head_init(&priv->fragment_skb); 2776 2777 INIT_LIST_HEAD(&priv->cmd_queue); 2778 return priv; 2779 2780error: 2781 kfree(priv); 2782 return ERR_PTR(-ENOMEM); 2783} 2784EXPORT_SYMBOL_GPL(pn53x_common_init); 2785 2786void pn53x_common_clean(struct pn533 *priv) 2787{ 2788 struct pn533_cmd *cmd, *n; 2789 2790 /* delete the timer before cleanup the worker */ 2791 del_timer_sync(&priv->listen_timer); 2792 2793 flush_delayed_work(&priv->poll_work); 2794 destroy_workqueue(priv->wq); 2795 2796 skb_queue_purge(&priv->resp_q); 2797 2798 list_for_each_entry_safe(cmd, n, &priv->cmd_queue, queue) { 2799 list_del(&cmd->queue); 2800 kfree(cmd); 2801 } 2802 2803 kfree(priv); 2804} 2805EXPORT_SYMBOL_GPL(pn53x_common_clean); 2806 2807int pn532_i2c_nfc_alloc(struct pn533 *priv, u32 protocols, 2808 struct device *parent) 2809{ 2810 priv->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols, 2811 priv->ops->tx_header_len + 2812 PN533_CMD_DATAEXCH_HEAD_LEN, 2813 priv->ops->tx_tail_len); 2814 if (!priv->nfc_dev) 2815 return -ENOMEM; 2816 2817 nfc_set_parent_dev(priv->nfc_dev, parent); 2818 nfc_set_drvdata(priv->nfc_dev, priv); 2819 return 0; 2820} 2821EXPORT_SYMBOL_GPL(pn532_i2c_nfc_alloc); 2822 2823int pn53x_register_nfc(struct pn533 *priv, u32 protocols, 2824 struct device *parent) 2825{ 2826 int rc; 2827 2828 rc = pn532_i2c_nfc_alloc(priv, protocols, parent); 2829 if (rc) 2830 return rc; 2831 2832 rc = nfc_register_device(priv->nfc_dev); 2833 if (rc) 2834 nfc_free_device(priv->nfc_dev); 2835 2836 return rc; 2837} 2838EXPORT_SYMBOL_GPL(pn53x_register_nfc); 2839 2840void pn53x_unregister_nfc(struct pn533 *priv) 2841{ 2842 nfc_unregister_device(priv->nfc_dev); 2843 nfc_free_device(priv->nfc_dev); 2844} 2845EXPORT_SYMBOL_GPL(pn53x_unregister_nfc); 2846 2847MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>"); 2848MODULE_AUTHOR("Aloisio Almeida Jr <aloisio.almeida@openbossa.org>"); 2849MODULE_AUTHOR("Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>"); 2850MODULE_DESCRIPTION("PN533 driver ver " VERSION); 2851MODULE_VERSION(VERSION); 2852MODULE_LICENSE("GPL");