1 /* 2 * HCI based Driver for NXP PN544 NFC Chip 3 * 4 * Copyright (C) 2012 Intel Corporation. All rights reserved. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms and conditions of the GNU General Public License, 8 * version 2, as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 20 21 #include <linux/delay.h> 22 #include <linux/slab.h> 23 #include <linux/module.h> 24 25 #include <linux/nfc.h> 26 #include <net/nfc/hci.h> 27 #include <net/nfc/llc.h> 28 29 #include "pn544.h" 30 31 /* Timing restrictions (ms) */ 32 #define PN544_HCI_RESETVEN_TIME 30 33 34 enum pn544_state { 35 PN544_ST_COLD, 36 PN544_ST_FW_READY, 37 PN544_ST_READY, 38 }; 39 40 #define FULL_VERSION_LEN 11 41 42 /* Proprietary commands */ 43 #define PN544_WRITE 0x3f 44 #define PN544_TEST_SWP 0x21 45 46 /* Proprietary gates, events, commands and registers */ 47 48 /* NFC_HCI_RF_READER_A_GATE additional registers and commands */ 49 #define PN544_RF_READER_A_AUTO_ACTIVATION 0x10 50 #define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12 51 #define PN544_MIFARE_CMD 0x21 52 53 /* Commands that apply to all RF readers */ 54 #define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30 55 #define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32 56 57 /* NFC_HCI_ID_MGMT_GATE additional registers */ 58 #define PN544_ID_MGMT_FULL_VERSION_SW 0x10 59 60 #define PN544_RF_READER_ISO15693_GATE 0x12 61 62 #define PN544_RF_READER_F_GATE 0x14 63 #define PN544_FELICA_ID 0x04 64 #define PN544_FELICA_RAW 0x20 65 66 #define PN544_RF_READER_JEWEL_GATE 0x15 67 #define PN544_JEWEL_RAW_CMD 0x23 68 69 #define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30 70 #define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31 71 72 #define PN544_SYS_MGMT_GATE 0x90 73 #define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02 74 75 #define PN544_POLLING_LOOP_MGMT_GATE 0x94 76 #define PN544_DEP_MODE 0x01 77 #define PN544_DEP_ATR_REQ 0x02 78 #define PN544_DEP_ATR_RES 0x03 79 #define PN544_DEP_MERGE 0x0D 80 #define PN544_PL_RDPHASES 0x06 81 #define PN544_PL_EMULATION 0x07 82 #define PN544_PL_NFCT_DEACTIVATED 0x09 83 84 #define PN544_SWP_MGMT_GATE 0xA0 85 #define PN544_SWP_DEFAULT_MODE 0x01 86 87 #define PN544_NFC_WI_MGMT_GATE 0xA1 88 #define PN544_NFC_ESE_DEFAULT_MODE 0x01 89 90 #define PN544_HCI_EVT_SND_DATA 0x01 91 #define PN544_HCI_EVT_ACTIVATED 0x02 92 #define PN544_HCI_EVT_DEACTIVATED 0x03 93 #define PN544_HCI_EVT_RCV_DATA 0x04 94 #define PN544_HCI_EVT_CONTINUE_MI 0x05 95 #define PN544_HCI_EVT_SWITCH_MODE 0x03 96 97 #define PN544_HCI_CMD_ATTREQUEST 0x12 98 #define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13 99 100 static struct nfc_hci_gate pn544_gates[] = { 101 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE}, 102 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE}, 103 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 104 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 105 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE}, 106 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE}, 107 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 108 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 109 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 110 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 111 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE}, 112 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE}, 113 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE}, 114 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE}, 115 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE} 116 }; 117 118 /* Largest headroom needed for outgoing custom commands */ 119 #define PN544_CMDS_HEADROOM 2 120 121 struct pn544_hci_info { 122 struct nfc_phy_ops *phy_ops; 123 void *phy_id; 124 125 struct nfc_hci_dev *hdev; 126 127 enum pn544_state state; 128 129 struct mutex info_lock; 130 131 int async_cb_type; 132 data_exchange_cb_t async_cb; 133 void *async_cb_context; 134 135 fw_download_t fw_download; 136 }; 137 138 static int pn544_hci_open(struct nfc_hci_dev *hdev) 139 { 140 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 141 int r = 0; 142 143 mutex_lock(&info->info_lock); 144 145 if (info->state != PN544_ST_COLD) { 146 r = -EBUSY; 147 goto out; 148 } 149 150 r = info->phy_ops->enable(info->phy_id); 151 152 if (r == 0) 153 info->state = PN544_ST_READY; 154 155 out: 156 mutex_unlock(&info->info_lock); 157 return r; 158 } 159 160 static void pn544_hci_close(struct nfc_hci_dev *hdev) 161 { 162 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 163 164 mutex_lock(&info->info_lock); 165 166 if (info->state == PN544_ST_COLD) 167 goto out; 168 169 info->phy_ops->disable(info->phy_id); 170 171 info->state = PN544_ST_COLD; 172 173 out: 174 mutex_unlock(&info->info_lock); 175 } 176 177 static int pn544_hci_ready(struct nfc_hci_dev *hdev) 178 { 179 struct sk_buff *skb; 180 static struct hw_config { 181 u8 adr[2]; 182 u8 value; 183 } hw_config[] = { 184 {{0x9f, 0x9a}, 0x00}, 185 186 {{0x98, 0x10}, 0xbc}, 187 188 {{0x9e, 0x71}, 0x00}, 189 190 {{0x98, 0x09}, 0x00}, 191 192 {{0x9e, 0xb4}, 0x00}, 193 194 {{0x9c, 0x01}, 0x08}, 195 196 {{0x9e, 0xaa}, 0x01}, 197 198 {{0x9b, 0xd1}, 0x17}, 199 {{0x9b, 0xd2}, 0x58}, 200 {{0x9b, 0xd3}, 0x10}, 201 {{0x9b, 0xd4}, 0x47}, 202 {{0x9b, 0xd5}, 0x0c}, 203 {{0x9b, 0xd6}, 0x37}, 204 {{0x9b, 0xdd}, 0x33}, 205 206 {{0x9b, 0x84}, 0x00}, 207 {{0x99, 0x81}, 0x79}, 208 {{0x99, 0x31}, 0x79}, 209 210 {{0x98, 0x00}, 0x3f}, 211 212 {{0x9f, 0x09}, 0x02}, 213 214 {{0x9f, 0x0a}, 0x05}, 215 216 {{0x9e, 0xd1}, 0xa1}, 217 {{0x99, 0x23}, 0x01}, 218 219 {{0x9e, 0x74}, 0x00}, 220 {{0x9e, 0x90}, 0x00}, 221 {{0x9f, 0x28}, 0x10}, 222 223 {{0x9f, 0x35}, 0x04}, 224 225 {{0x9f, 0x36}, 0x11}, 226 227 {{0x9c, 0x31}, 0x00}, 228 229 {{0x9c, 0x32}, 0x00}, 230 231 {{0x9c, 0x19}, 0x0a}, 232 233 {{0x9c, 0x1a}, 0x0a}, 234 235 {{0x9c, 0x0c}, 0x00}, 236 237 {{0x9c, 0x0d}, 0x00}, 238 239 {{0x9c, 0x12}, 0x00}, 240 241 {{0x9c, 0x13}, 0x00}, 242 243 {{0x98, 0xa2}, 0x09}, 244 245 {{0x98, 0x93}, 0x00}, 246 247 {{0x98, 0x7d}, 0x08}, 248 {{0x98, 0x7e}, 0x00}, 249 {{0x9f, 0xc8}, 0x00}, 250 }; 251 struct hw_config *p = hw_config; 252 int count = ARRAY_SIZE(hw_config); 253 struct sk_buff *res_skb; 254 u8 param[4]; 255 int r; 256 257 param[0] = 0; 258 while (count--) { 259 param[1] = p->adr[0]; 260 param[2] = p->adr[1]; 261 param[3] = p->value; 262 263 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE, 264 param, 4, &res_skb); 265 if (r < 0) 266 return r; 267 268 if (res_skb->len != 1) { 269 kfree_skb(res_skb); 270 return -EPROTO; 271 } 272 273 if (res_skb->data[0] != p->value) { 274 kfree_skb(res_skb); 275 return -EIO; 276 } 277 278 kfree_skb(res_skb); 279 280 p++; 281 } 282 283 param[0] = NFC_HCI_UICC_HOST_ID; 284 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 285 NFC_HCI_ADMIN_WHITELIST, param, 1); 286 if (r < 0) 287 return r; 288 289 param[0] = 0x3d; 290 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE, 291 PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1); 292 if (r < 0) 293 return r; 294 295 param[0] = 0x0; 296 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE, 297 PN544_RF_READER_A_AUTO_ACTIVATION, param, 1); 298 if (r < 0) 299 return r; 300 301 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 302 NFC_HCI_EVT_END_OPERATION, NULL, 0); 303 if (r < 0) 304 return r; 305 306 param[0] = 0x1; 307 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 308 PN544_PL_NFCT_DEACTIVATED, param, 1); 309 if (r < 0) 310 return r; 311 312 param[0] = 0x0; 313 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 314 PN544_PL_RDPHASES, param, 1); 315 if (r < 0) 316 return r; 317 318 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 319 PN544_ID_MGMT_FULL_VERSION_SW, &skb); 320 if (r < 0) 321 return r; 322 323 if (skb->len != FULL_VERSION_LEN) { 324 kfree_skb(skb); 325 return -EINVAL; 326 } 327 328 print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ", 329 DUMP_PREFIX_NONE, 16, 1, 330 skb->data, FULL_VERSION_LEN, false); 331 332 kfree_skb(skb); 333 334 return 0; 335 } 336 337 static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb) 338 { 339 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 340 341 return info->phy_ops->write(info->phy_id, skb); 342 } 343 344 static int pn544_hci_start_poll(struct nfc_hci_dev *hdev, 345 u32 im_protocols, u32 tm_protocols) 346 { 347 u8 phases = 0; 348 int r; 349 u8 duration[2]; 350 u8 activated; 351 u8 i_mode = 0x3f; /* Enable all supported modes */ 352 u8 t_mode = 0x0f; 353 u8 t_merge = 0x01; /* Enable merge by default */ 354 355 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n", 356 __func__, im_protocols, tm_protocols); 357 358 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 359 NFC_HCI_EVT_END_OPERATION, NULL, 0); 360 if (r < 0) 361 return r; 362 363 duration[0] = 0x18; 364 duration[1] = 0x6a; 365 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 366 PN544_PL_EMULATION, duration, 2); 367 if (r < 0) 368 return r; 369 370 activated = 0; 371 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 372 PN544_PL_NFCT_DEACTIVATED, &activated, 1); 373 if (r < 0) 374 return r; 375 376 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 377 NFC_PROTO_JEWEL_MASK)) 378 phases |= 1; /* Type A */ 379 if (im_protocols & NFC_PROTO_FELICA_MASK) { 380 phases |= (1 << 2); /* Type F 212 */ 381 phases |= (1 << 3); /* Type F 424 */ 382 } 383 384 phases |= (1 << 5); /* NFC active */ 385 386 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 387 PN544_PL_RDPHASES, &phases, 1); 388 if (r < 0) 389 return r; 390 391 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) { 392 hdev->gb = nfc_get_local_general_bytes(hdev->ndev, 393 &hdev->gb_len); 394 pr_debug("generate local bytes %p\n", hdev->gb); 395 if (hdev->gb == NULL || hdev->gb_len == 0) { 396 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 397 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 398 } 399 } 400 401 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 402 r = nfc_hci_send_event(hdev, 403 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 404 NFC_HCI_EVT_END_OPERATION, NULL, 0); 405 if (r < 0) 406 return r; 407 408 r = nfc_hci_set_param(hdev, 409 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 410 PN544_DEP_MODE, &i_mode, 1); 411 if (r < 0) 412 return r; 413 414 r = nfc_hci_set_param(hdev, 415 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 416 PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len); 417 if (r < 0) 418 return r; 419 420 r = nfc_hci_send_event(hdev, 421 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 422 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 423 if (r < 0) 424 nfc_hci_send_event(hdev, 425 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 426 NFC_HCI_EVT_END_OPERATION, NULL, 0); 427 } 428 429 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) { 430 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 431 PN544_DEP_MODE, &t_mode, 1); 432 if (r < 0) 433 return r; 434 435 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 436 PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len); 437 if (r < 0) 438 return r; 439 440 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 441 PN544_DEP_MERGE, &t_merge, 1); 442 if (r < 0) 443 return r; 444 } 445 446 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 447 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 448 if (r < 0) 449 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 450 NFC_HCI_EVT_END_OPERATION, NULL, 0); 451 452 return r; 453 } 454 455 static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev, 456 struct nfc_target *target, u8 comm_mode, 457 u8 *gb, size_t gb_len) 458 { 459 struct sk_buff *rgb_skb = NULL; 460 int r; 461 462 r = nfc_hci_get_param(hdev, target->hci_reader_gate, 463 PN544_DEP_ATR_RES, &rgb_skb); 464 if (r < 0) 465 return r; 466 467 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) { 468 r = -EPROTO; 469 goto exit; 470 } 471 print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET, 472 16, 1, rgb_skb->data, rgb_skb->len, true); 473 474 r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data, 475 rgb_skb->len); 476 477 if (r == 0) 478 r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode, 479 NFC_RF_INITIATOR); 480 exit: 481 kfree_skb(rgb_skb); 482 return r; 483 } 484 485 static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev) 486 { 487 488 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE, 489 NFC_HCI_EVT_END_OPERATION, NULL, 0); 490 } 491 492 static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate, 493 struct nfc_target *target) 494 { 495 switch (gate) { 496 case PN544_RF_READER_F_GATE: 497 target->supported_protocols = NFC_PROTO_FELICA_MASK; 498 break; 499 case PN544_RF_READER_JEWEL_GATE: 500 target->supported_protocols = NFC_PROTO_JEWEL_MASK; 501 target->sens_res = 0x0c00; 502 break; 503 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 504 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 505 break; 506 default: 507 return -EPROTO; 508 } 509 510 return 0; 511 } 512 513 static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev, 514 u8 gate, 515 struct nfc_target *target) 516 { 517 struct sk_buff *uid_skb; 518 int r = 0; 519 520 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 521 return r; 522 523 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 524 r = nfc_hci_send_cmd(hdev, 525 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 526 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL); 527 if (r < 0) 528 return r; 529 530 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE; 531 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 532 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 533 target->nfcid1_len != 10) 534 return -EPROTO; 535 536 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 537 PN544_RF_READER_CMD_ACTIVATE_NEXT, 538 target->nfcid1, target->nfcid1_len, NULL); 539 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) { 540 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE, 541 PN544_FELICA_ID, &uid_skb); 542 if (r < 0) 543 return r; 544 545 if (uid_skb->len != 8) { 546 kfree_skb(uid_skb); 547 return -EPROTO; 548 } 549 550 /* Type F NFC-DEP IDm has prefix 0x01FE */ 551 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) { 552 kfree_skb(uid_skb); 553 r = nfc_hci_send_cmd(hdev, 554 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 555 PN544_HCI_CMD_CONTINUE_ACTIVATION, 556 NULL, 0, NULL); 557 if (r < 0) 558 return r; 559 560 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 561 target->hci_reader_gate = 562 PN544_RF_READER_NFCIP1_INITIATOR_GATE; 563 } else { 564 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE, 565 PN544_RF_READER_CMD_ACTIVATE_NEXT, 566 uid_skb->data, uid_skb->len, NULL); 567 kfree_skb(uid_skb); 568 } 569 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) { 570 /* 571 * TODO: maybe other ISO 14443 require some kind of continue 572 * activation, but for now we've seen only this one below. 573 */ 574 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */ 575 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 576 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION, 577 NULL, 0, NULL); 578 } 579 580 return r; 581 } 582 583 #define PN544_CB_TYPE_READER_F 1 584 585 static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb, 586 int err) 587 { 588 struct pn544_hci_info *info = context; 589 590 switch (info->async_cb_type) { 591 case PN544_CB_TYPE_READER_F: 592 if (err == 0) 593 skb_pull(skb, 1); 594 info->async_cb(info->async_cb_context, skb, err); 595 break; 596 default: 597 if (err == 0) 598 kfree_skb(skb); 599 break; 600 } 601 } 602 603 #define MIFARE_CMD_AUTH_KEY_A 0x60 604 #define MIFARE_CMD_AUTH_KEY_B 0x61 605 #define MIFARE_CMD_HEADER 2 606 #define MIFARE_UID_LEN 4 607 #define MIFARE_KEY_LEN 6 608 #define MIFARE_CMD_LEN 12 609 /* 610 * Returns: 611 * <= 0: driver handled the data exchange 612 * 1: driver doesn't especially handle, please do standard processing 613 */ 614 static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev, 615 struct nfc_target *target, 616 struct sk_buff *skb, data_exchange_cb_t cb, 617 void *cb_context) 618 { 619 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 620 621 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__, 622 target->hci_reader_gate); 623 624 switch (target->hci_reader_gate) { 625 case NFC_HCI_RF_READER_A_GATE: 626 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 627 /* 628 * It seems that pn544 is inverting key and UID for 629 * MIFARE authentication commands. 630 */ 631 if (skb->len == MIFARE_CMD_LEN && 632 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A || 633 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) { 634 u8 uid[MIFARE_UID_LEN]; 635 u8 *data = skb->data + MIFARE_CMD_HEADER; 636 637 memcpy(uid, data + MIFARE_KEY_LEN, 638 MIFARE_UID_LEN); 639 memmove(data + MIFARE_UID_LEN, data, 640 MIFARE_KEY_LEN); 641 memcpy(data, uid, MIFARE_UID_LEN); 642 } 643 644 return nfc_hci_send_cmd_async(hdev, 645 target->hci_reader_gate, 646 PN544_MIFARE_CMD, 647 skb->data, skb->len, 648 cb, cb_context); 649 } else 650 return 1; 651 case PN544_RF_READER_F_GATE: 652 *skb_push(skb, 1) = 0; 653 *skb_push(skb, 1) = 0; 654 655 info->async_cb_type = PN544_CB_TYPE_READER_F; 656 info->async_cb = cb; 657 info->async_cb_context = cb_context; 658 659 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 660 PN544_FELICA_RAW, skb->data, 661 skb->len, 662 pn544_hci_data_exchange_cb, info); 663 case PN544_RF_READER_JEWEL_GATE: 664 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 665 PN544_JEWEL_RAW_CMD, skb->data, 666 skb->len, cb, cb_context); 667 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 668 *skb_push(skb, 1) = 0; 669 670 return nfc_hci_send_event(hdev, target->hci_reader_gate, 671 PN544_HCI_EVT_SND_DATA, skb->data, 672 skb->len); 673 default: 674 return 1; 675 } 676 } 677 678 static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 679 { 680 int r; 681 682 /* Set default false for multiple information chaining */ 683 *skb_push(skb, 1) = 0; 684 685 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 686 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 687 688 kfree_skb(skb); 689 690 return r; 691 } 692 693 static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 694 struct nfc_target *target) 695 { 696 pr_debug("supported protocol %d\b", target->supported_protocols); 697 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK | 698 NFC_PROTO_ISO14443_B_MASK)) { 699 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 700 PN544_RF_READER_CMD_PRESENCE_CHECK, 701 NULL, 0, NULL); 702 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 703 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 704 target->nfcid1_len != 10) 705 return -EOPNOTSUPP; 706 707 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 708 PN544_RF_READER_CMD_ACTIVATE_NEXT, 709 target->nfcid1, target->nfcid1_len, NULL); 710 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK | 711 NFC_PROTO_FELICA_MASK)) { 712 return -EOPNOTSUPP; 713 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 714 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 715 PN544_HCI_CMD_ATTREQUEST, 716 NULL, 0, NULL); 717 } 718 719 return 0; 720 } 721 722 /* 723 * Returns: 724 * <= 0: driver handled the event, skb consumed 725 * 1: driver does not handle the event, please do standard processing 726 */ 727 static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 gate, u8 event, 728 struct sk_buff *skb) 729 { 730 struct sk_buff *rgb_skb = NULL; 731 int r; 732 733 pr_debug("hci event %d\n", event); 734 switch (event) { 735 case PN544_HCI_EVT_ACTIVATED: 736 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) { 737 r = nfc_hci_target_discovered(hdev, gate); 738 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 739 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 740 &rgb_skb); 741 if (r < 0) 742 goto exit; 743 744 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 745 NFC_COMM_PASSIVE, rgb_skb->data, 746 rgb_skb->len); 747 748 kfree_skb(rgb_skb); 749 } else { 750 r = -EINVAL; 751 } 752 break; 753 case PN544_HCI_EVT_DEACTIVATED: 754 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION, 755 NULL, 0); 756 break; 757 case PN544_HCI_EVT_RCV_DATA: 758 if (skb->len < 2) { 759 r = -EPROTO; 760 goto exit; 761 } 762 763 if (skb->data[0] != 0) { 764 pr_debug("data0 %d\n", skb->data[0]); 765 r = -EPROTO; 766 goto exit; 767 } 768 769 skb_pull(skb, 2); 770 return nfc_tm_data_received(hdev->ndev, skb); 771 default: 772 return 1; 773 } 774 775 exit: 776 kfree_skb(skb); 777 778 return r; 779 } 780 781 static int pn544_hci_fw_download(struct nfc_hci_dev *hdev, 782 const char *firmware_name) 783 { 784 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 785 786 if (info->fw_download == NULL) 787 return -ENOTSUPP; 788 789 return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib); 790 } 791 792 static int pn544_hci_discover_se(struct nfc_hci_dev *hdev) 793 { 794 u32 se_idx = 0; 795 u8 ese_mode = 0x01; /* Default mode */ 796 struct sk_buff *res_skb; 797 int r; 798 799 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP, 800 NULL, 0, &res_skb); 801 802 if (r == 0) { 803 if (res_skb->len == 2 && res_skb->data[0] == 0x00) 804 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC); 805 806 kfree_skb(res_skb); 807 } 808 809 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE, 810 PN544_HCI_EVT_SWITCH_MODE, 811 &ese_mode, 1); 812 if (r == 0) 813 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED); 814 815 return !se_idx; 816 } 817 818 #define PN544_SE_MODE_OFF 0x00 819 #define PN544_SE_MODE_ON 0x01 820 static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx) 821 { 822 struct nfc_se *se; 823 u8 enable = PN544_SE_MODE_ON; 824 static struct uicc_gatelist { 825 u8 head; 826 u8 adr[2]; 827 u8 value; 828 } uicc_gatelist[] = { 829 {0x00, {0x9e, 0xd9}, 0x23}, 830 {0x00, {0x9e, 0xda}, 0x21}, 831 {0x00, {0x9e, 0xdb}, 0x22}, 832 {0x00, {0x9e, 0xdc}, 0x24}, 833 }; 834 struct uicc_gatelist *p = uicc_gatelist; 835 int count = ARRAY_SIZE(uicc_gatelist); 836 struct sk_buff *res_skb; 837 int r; 838 839 se = nfc_find_se(hdev->ndev, se_idx); 840 841 switch (se->type) { 842 case NFC_SE_UICC: 843 while (count--) { 844 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, 845 PN544_WRITE, (u8 *)p, 4, &res_skb); 846 if (r < 0) 847 return r; 848 849 if (res_skb->len != 1) { 850 kfree_skb(res_skb); 851 return -EPROTO; 852 } 853 854 if (res_skb->data[0] != p->value) { 855 kfree_skb(res_skb); 856 return -EIO; 857 } 858 859 kfree_skb(res_skb); 860 861 p++; 862 } 863 864 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 865 PN544_SWP_DEFAULT_MODE, &enable, 1); 866 case NFC_SE_EMBEDDED: 867 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 868 PN544_NFC_ESE_DEFAULT_MODE, &enable, 1); 869 870 default: 871 return -EINVAL; 872 } 873 } 874 875 static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx) 876 { 877 struct nfc_se *se; 878 u8 disable = PN544_SE_MODE_OFF; 879 880 se = nfc_find_se(hdev->ndev, se_idx); 881 882 switch (se->type) { 883 case NFC_SE_UICC: 884 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 885 PN544_SWP_DEFAULT_MODE, &disable, 1); 886 case NFC_SE_EMBEDDED: 887 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 888 PN544_NFC_ESE_DEFAULT_MODE, &disable, 1); 889 default: 890 return -EINVAL; 891 } 892 } 893 894 static struct nfc_hci_ops pn544_hci_ops = { 895 .open = pn544_hci_open, 896 .close = pn544_hci_close, 897 .hci_ready = pn544_hci_ready, 898 .xmit = pn544_hci_xmit, 899 .start_poll = pn544_hci_start_poll, 900 .dep_link_up = pn544_hci_dep_link_up, 901 .dep_link_down = pn544_hci_dep_link_down, 902 .target_from_gate = pn544_hci_target_from_gate, 903 .complete_target_discovered = pn544_hci_complete_target_discovered, 904 .im_transceive = pn544_hci_im_transceive, 905 .tm_send = pn544_hci_tm_send, 906 .check_presence = pn544_hci_check_presence, 907 .event_received = pn544_hci_event_received, 908 .fw_download = pn544_hci_fw_download, 909 .discover_se = pn544_hci_discover_se, 910 .enable_se = pn544_hci_enable_se, 911 .disable_se = pn544_hci_disable_se, 912 }; 913 914 int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name, 915 int phy_headroom, int phy_tailroom, int phy_payload, 916 fw_download_t fw_download, struct nfc_hci_dev **hdev) 917 { 918 struct pn544_hci_info *info; 919 u32 protocols; 920 struct nfc_hci_init_data init_data; 921 int r; 922 923 info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL); 924 if (!info) { 925 r = -ENOMEM; 926 goto err_info_alloc; 927 } 928 929 info->phy_ops = phy_ops; 930 info->phy_id = phy_id; 931 info->fw_download = fw_download; 932 info->state = PN544_ST_COLD; 933 mutex_init(&info->info_lock); 934 935 init_data.gate_count = ARRAY_SIZE(pn544_gates); 936 937 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates)); 938 939 /* 940 * TODO: Session id must include the driver name + some bus addr 941 * persistent info to discriminate 2 identical chips 942 */ 943 strcpy(init_data.session_id, "ID544HCI"); 944 945 protocols = NFC_PROTO_JEWEL_MASK | 946 NFC_PROTO_MIFARE_MASK | 947 NFC_PROTO_FELICA_MASK | 948 NFC_PROTO_ISO14443_MASK | 949 NFC_PROTO_ISO14443_B_MASK | 950 NFC_PROTO_NFC_DEP_MASK; 951 952 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0, 953 protocols, llc_name, 954 phy_headroom + PN544_CMDS_HEADROOM, 955 phy_tailroom, phy_payload); 956 if (!info->hdev) { 957 pr_err("Cannot allocate nfc hdev\n"); 958 r = -ENOMEM; 959 goto err_alloc_hdev; 960 } 961 962 nfc_hci_set_clientdata(info->hdev, info); 963 964 r = nfc_hci_register_device(info->hdev); 965 if (r) 966 goto err_regdev; 967 968 *hdev = info->hdev; 969 970 return 0; 971 972 err_regdev: 973 nfc_hci_free_device(info->hdev); 974 975 err_alloc_hdev: 976 kfree(info); 977 978 err_info_alloc: 979 return r; 980 } 981 EXPORT_SYMBOL(pn544_hci_probe); 982 983 void pn544_hci_remove(struct nfc_hci_dev *hdev) 984 { 985 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 986 987 nfc_hci_unregister_device(hdev); 988 nfc_hci_free_device(hdev); 989 kfree(info); 990 } 991 EXPORT_SYMBOL(pn544_hci_remove); 992 993 MODULE_LICENSE("GPL"); 994 MODULE_DESCRIPTION(DRIVER_DESC); 995