1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * HCI based Driver for NXP PN544 NFC Chip 4 * 5 * Copyright (C) 2012 Intel Corporation. All rights reserved. 6 */ 7 8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 9 10 #include <linux/delay.h> 11 #include <linux/slab.h> 12 #include <linux/module.h> 13 14 #include <linux/nfc.h> 15 #include <net/nfc/hci.h> 16 #include <net/nfc/llc.h> 17 18 #include "pn544.h" 19 20 /* Timing restrictions (ms) */ 21 #define PN544_HCI_RESETVEN_TIME 30 22 23 enum pn544_state { 24 PN544_ST_COLD, 25 PN544_ST_FW_READY, 26 PN544_ST_READY, 27 }; 28 29 #define FULL_VERSION_LEN 11 30 31 /* Proprietary commands */ 32 #define PN544_WRITE 0x3f 33 #define PN544_TEST_SWP 0x21 34 35 /* Proprietary gates, events, commands and registers */ 36 37 /* NFC_HCI_RF_READER_A_GATE additional registers and commands */ 38 #define PN544_RF_READER_A_AUTO_ACTIVATION 0x10 39 #define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12 40 #define PN544_MIFARE_CMD 0x21 41 42 /* Commands that apply to all RF readers */ 43 #define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30 44 #define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32 45 46 /* NFC_HCI_ID_MGMT_GATE additional registers */ 47 #define PN544_ID_MGMT_FULL_VERSION_SW 0x10 48 49 #define PN544_RF_READER_ISO15693_GATE 0x12 50 51 #define PN544_RF_READER_F_GATE 0x14 52 #define PN544_FELICA_ID 0x04 53 #define PN544_FELICA_RAW 0x20 54 55 #define PN544_RF_READER_JEWEL_GATE 0x15 56 #define PN544_JEWEL_RAW_CMD 0x23 57 58 #define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30 59 #define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31 60 61 #define PN544_SYS_MGMT_GATE 0x90 62 #define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02 63 64 #define PN544_POLLING_LOOP_MGMT_GATE 0x94 65 #define PN544_DEP_MODE 0x01 66 #define PN544_DEP_ATR_REQ 0x02 67 #define PN544_DEP_ATR_RES 0x03 68 #define PN544_DEP_MERGE 0x0D 69 #define PN544_PL_RDPHASES 0x06 70 #define PN544_PL_EMULATION 0x07 71 #define PN544_PL_NFCT_DEACTIVATED 0x09 72 73 #define PN544_SWP_MGMT_GATE 0xA0 74 #define PN544_SWP_DEFAULT_MODE 0x01 75 76 #define PN544_NFC_WI_MGMT_GATE 0xA1 77 #define PN544_NFC_ESE_DEFAULT_MODE 0x01 78 79 #define PN544_HCI_EVT_SND_DATA 0x01 80 #define PN544_HCI_EVT_ACTIVATED 0x02 81 #define PN544_HCI_EVT_DEACTIVATED 0x03 82 #define PN544_HCI_EVT_RCV_DATA 0x04 83 #define PN544_HCI_EVT_CONTINUE_MI 0x05 84 #define PN544_HCI_EVT_SWITCH_MODE 0x03 85 86 #define PN544_HCI_CMD_ATTREQUEST 0x12 87 #define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13 88 89 static struct nfc_hci_gate pn544_gates[] = { 90 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE}, 91 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE}, 92 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 93 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 94 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE}, 95 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE}, 96 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 97 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 98 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 99 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 100 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE}, 101 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE}, 102 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE}, 103 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE}, 104 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE} 105 }; 106 107 /* Largest headroom needed for outgoing custom commands */ 108 #define PN544_CMDS_HEADROOM 2 109 110 struct pn544_hci_info { 111 struct nfc_phy_ops *phy_ops; 112 void *phy_id; 113 114 struct nfc_hci_dev *hdev; 115 116 enum pn544_state state; 117 118 struct mutex info_lock; 119 120 int async_cb_type; 121 data_exchange_cb_t async_cb; 122 void *async_cb_context; 123 124 fw_download_t fw_download; 125 }; 126 127 static int pn544_hci_open(struct nfc_hci_dev *hdev) 128 { 129 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 130 int r = 0; 131 132 mutex_lock(&info->info_lock); 133 134 if (info->state != PN544_ST_COLD) { 135 r = -EBUSY; 136 goto out; 137 } 138 139 r = info->phy_ops->enable(info->phy_id); 140 141 if (r == 0) 142 info->state = PN544_ST_READY; 143 144 out: 145 mutex_unlock(&info->info_lock); 146 return r; 147 } 148 149 static void pn544_hci_close(struct nfc_hci_dev *hdev) 150 { 151 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 152 153 mutex_lock(&info->info_lock); 154 155 if (info->state == PN544_ST_COLD) 156 goto out; 157 158 info->phy_ops->disable(info->phy_id); 159 160 info->state = PN544_ST_COLD; 161 162 out: 163 mutex_unlock(&info->info_lock); 164 } 165 166 static int pn544_hci_ready(struct nfc_hci_dev *hdev) 167 { 168 struct sk_buff *skb; 169 static struct hw_config { 170 u8 adr[2]; 171 u8 value; 172 } hw_config[] = { 173 {{0x9f, 0x9a}, 0x00}, 174 175 {{0x98, 0x10}, 0xbc}, 176 177 {{0x9e, 0x71}, 0x00}, 178 179 {{0x98, 0x09}, 0x00}, 180 181 {{0x9e, 0xb4}, 0x00}, 182 183 {{0x9c, 0x01}, 0x08}, 184 185 {{0x9e, 0xaa}, 0x01}, 186 187 {{0x9b, 0xd1}, 0x17}, 188 {{0x9b, 0xd2}, 0x58}, 189 {{0x9b, 0xd3}, 0x10}, 190 {{0x9b, 0xd4}, 0x47}, 191 {{0x9b, 0xd5}, 0x0c}, 192 {{0x9b, 0xd6}, 0x37}, 193 {{0x9b, 0xdd}, 0x33}, 194 195 {{0x9b, 0x84}, 0x00}, 196 {{0x99, 0x81}, 0x79}, 197 {{0x99, 0x31}, 0x79}, 198 199 {{0x98, 0x00}, 0x3f}, 200 201 {{0x9f, 0x09}, 0x02}, 202 203 {{0x9f, 0x0a}, 0x05}, 204 205 {{0x9e, 0xd1}, 0xa1}, 206 {{0x99, 0x23}, 0x01}, 207 208 {{0x9e, 0x74}, 0x00}, 209 {{0x9e, 0x90}, 0x00}, 210 {{0x9f, 0x28}, 0x10}, 211 212 {{0x9f, 0x35}, 0x04}, 213 214 {{0x9f, 0x36}, 0x11}, 215 216 {{0x9c, 0x31}, 0x00}, 217 218 {{0x9c, 0x32}, 0x00}, 219 220 {{0x9c, 0x19}, 0x0a}, 221 222 {{0x9c, 0x1a}, 0x0a}, 223 224 {{0x9c, 0x0c}, 0x00}, 225 226 {{0x9c, 0x0d}, 0x00}, 227 228 {{0x9c, 0x12}, 0x00}, 229 230 {{0x9c, 0x13}, 0x00}, 231 232 {{0x98, 0xa2}, 0x09}, 233 234 {{0x98, 0x93}, 0x00}, 235 236 {{0x98, 0x7d}, 0x08}, 237 {{0x98, 0x7e}, 0x00}, 238 {{0x9f, 0xc8}, 0x00}, 239 }; 240 struct hw_config *p = hw_config; 241 int count = ARRAY_SIZE(hw_config); 242 struct sk_buff *res_skb; 243 u8 param[4]; 244 int r; 245 246 param[0] = 0; 247 while (count--) { 248 param[1] = p->adr[0]; 249 param[2] = p->adr[1]; 250 param[3] = p->value; 251 252 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE, 253 param, 4, &res_skb); 254 if (r < 0) 255 return r; 256 257 if (res_skb->len != 1) { 258 kfree_skb(res_skb); 259 return -EPROTO; 260 } 261 262 if (res_skb->data[0] != p->value) { 263 kfree_skb(res_skb); 264 return -EIO; 265 } 266 267 kfree_skb(res_skb); 268 269 p++; 270 } 271 272 param[0] = NFC_HCI_UICC_HOST_ID; 273 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 274 NFC_HCI_ADMIN_WHITELIST, param, 1); 275 if (r < 0) 276 return r; 277 278 param[0] = 0x3d; 279 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE, 280 PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1); 281 if (r < 0) 282 return r; 283 284 param[0] = 0x0; 285 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE, 286 PN544_RF_READER_A_AUTO_ACTIVATION, param, 1); 287 if (r < 0) 288 return r; 289 290 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 291 NFC_HCI_EVT_END_OPERATION, NULL, 0); 292 if (r < 0) 293 return r; 294 295 param[0] = 0x1; 296 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 297 PN544_PL_NFCT_DEACTIVATED, param, 1); 298 if (r < 0) 299 return r; 300 301 param[0] = 0x0; 302 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 303 PN544_PL_RDPHASES, param, 1); 304 if (r < 0) 305 return r; 306 307 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 308 PN544_ID_MGMT_FULL_VERSION_SW, &skb); 309 if (r < 0) 310 return r; 311 312 if (skb->len != FULL_VERSION_LEN) { 313 kfree_skb(skb); 314 return -EINVAL; 315 } 316 317 print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ", 318 DUMP_PREFIX_NONE, 16, 1, 319 skb->data, FULL_VERSION_LEN, false); 320 321 kfree_skb(skb); 322 323 return 0; 324 } 325 326 static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb) 327 { 328 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 329 330 return info->phy_ops->write(info->phy_id, skb); 331 } 332 333 static int pn544_hci_start_poll(struct nfc_hci_dev *hdev, 334 u32 im_protocols, u32 tm_protocols) 335 { 336 u8 phases = 0; 337 int r; 338 u8 duration[2]; 339 u8 activated; 340 u8 i_mode = 0x3f; /* Enable all supported modes */ 341 u8 t_mode = 0x0f; 342 u8 t_merge = 0x01; /* Enable merge by default */ 343 344 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n", 345 __func__, im_protocols, tm_protocols); 346 347 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 348 NFC_HCI_EVT_END_OPERATION, NULL, 0); 349 if (r < 0) 350 return r; 351 352 duration[0] = 0x18; 353 duration[1] = 0x6a; 354 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 355 PN544_PL_EMULATION, duration, 2); 356 if (r < 0) 357 return r; 358 359 activated = 0; 360 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 361 PN544_PL_NFCT_DEACTIVATED, &activated, 1); 362 if (r < 0) 363 return r; 364 365 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 366 NFC_PROTO_JEWEL_MASK)) 367 phases |= 1; /* Type A */ 368 if (im_protocols & NFC_PROTO_FELICA_MASK) { 369 phases |= (1 << 2); /* Type F 212 */ 370 phases |= (1 << 3); /* Type F 424 */ 371 } 372 373 phases |= (1 << 5); /* NFC active */ 374 375 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 376 PN544_PL_RDPHASES, &phases, 1); 377 if (r < 0) 378 return r; 379 380 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) { 381 hdev->gb = nfc_get_local_general_bytes(hdev->ndev, 382 &hdev->gb_len); 383 pr_debug("generate local bytes %p\n", hdev->gb); 384 if (hdev->gb == NULL || hdev->gb_len == 0) { 385 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 386 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 387 } 388 } 389 390 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 391 r = nfc_hci_send_event(hdev, 392 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 393 NFC_HCI_EVT_END_OPERATION, NULL, 0); 394 if (r < 0) 395 return r; 396 397 r = nfc_hci_set_param(hdev, 398 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 399 PN544_DEP_MODE, &i_mode, 1); 400 if (r < 0) 401 return r; 402 403 r = nfc_hci_set_param(hdev, 404 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 405 PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len); 406 if (r < 0) 407 return r; 408 409 r = nfc_hci_send_event(hdev, 410 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 411 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 412 if (r < 0) 413 nfc_hci_send_event(hdev, 414 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 415 NFC_HCI_EVT_END_OPERATION, NULL, 0); 416 } 417 418 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) { 419 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 420 PN544_DEP_MODE, &t_mode, 1); 421 if (r < 0) 422 return r; 423 424 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 425 PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len); 426 if (r < 0) 427 return r; 428 429 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 430 PN544_DEP_MERGE, &t_merge, 1); 431 if (r < 0) 432 return r; 433 } 434 435 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 436 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 437 if (r < 0) 438 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 439 NFC_HCI_EVT_END_OPERATION, NULL, 0); 440 441 return r; 442 } 443 444 static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev, 445 struct nfc_target *target, u8 comm_mode, 446 u8 *gb, size_t gb_len) 447 { 448 struct sk_buff *rgb_skb = NULL; 449 int r; 450 451 r = nfc_hci_get_param(hdev, target->hci_reader_gate, 452 PN544_DEP_ATR_RES, &rgb_skb); 453 if (r < 0) 454 return r; 455 456 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) { 457 r = -EPROTO; 458 goto exit; 459 } 460 print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET, 461 16, 1, rgb_skb->data, rgb_skb->len, true); 462 463 r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data, 464 rgb_skb->len); 465 466 if (r == 0) 467 r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode, 468 NFC_RF_INITIATOR); 469 exit: 470 kfree_skb(rgb_skb); 471 return r; 472 } 473 474 static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev) 475 { 476 477 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE, 478 NFC_HCI_EVT_END_OPERATION, NULL, 0); 479 } 480 481 static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate, 482 struct nfc_target *target) 483 { 484 switch (gate) { 485 case PN544_RF_READER_F_GATE: 486 target->supported_protocols = NFC_PROTO_FELICA_MASK; 487 break; 488 case PN544_RF_READER_JEWEL_GATE: 489 target->supported_protocols = NFC_PROTO_JEWEL_MASK; 490 target->sens_res = 0x0c00; 491 break; 492 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 493 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 494 break; 495 default: 496 return -EPROTO; 497 } 498 499 return 0; 500 } 501 502 static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev, 503 u8 gate, 504 struct nfc_target *target) 505 { 506 struct sk_buff *uid_skb; 507 int r = 0; 508 509 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 510 return r; 511 512 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 513 r = nfc_hci_send_cmd(hdev, 514 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 515 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL); 516 if (r < 0) 517 return r; 518 519 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE; 520 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 521 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 522 target->nfcid1_len != 10) 523 return -EPROTO; 524 525 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 526 PN544_RF_READER_CMD_ACTIVATE_NEXT, 527 target->nfcid1, target->nfcid1_len, NULL); 528 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) { 529 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE, 530 PN544_FELICA_ID, &uid_skb); 531 if (r < 0) 532 return r; 533 534 if (uid_skb->len != 8) { 535 kfree_skb(uid_skb); 536 return -EPROTO; 537 } 538 539 /* Type F NFC-DEP IDm has prefix 0x01FE */ 540 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) { 541 kfree_skb(uid_skb); 542 r = nfc_hci_send_cmd(hdev, 543 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 544 PN544_HCI_CMD_CONTINUE_ACTIVATION, 545 NULL, 0, NULL); 546 if (r < 0) 547 return r; 548 549 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 550 target->hci_reader_gate = 551 PN544_RF_READER_NFCIP1_INITIATOR_GATE; 552 } else { 553 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE, 554 PN544_RF_READER_CMD_ACTIVATE_NEXT, 555 uid_skb->data, uid_skb->len, NULL); 556 kfree_skb(uid_skb); 557 } 558 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) { 559 /* 560 * TODO: maybe other ISO 14443 require some kind of continue 561 * activation, but for now we've seen only this one below. 562 */ 563 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */ 564 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 565 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION, 566 NULL, 0, NULL); 567 } 568 569 return r; 570 } 571 572 #define PN544_CB_TYPE_READER_F 1 573 574 static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb, 575 int err) 576 { 577 struct pn544_hci_info *info = context; 578 579 switch (info->async_cb_type) { 580 case PN544_CB_TYPE_READER_F: 581 if (err == 0) 582 skb_pull(skb, 1); 583 info->async_cb(info->async_cb_context, skb, err); 584 break; 585 default: 586 if (err == 0) 587 kfree_skb(skb); 588 break; 589 } 590 } 591 592 #define MIFARE_CMD_AUTH_KEY_A 0x60 593 #define MIFARE_CMD_AUTH_KEY_B 0x61 594 #define MIFARE_CMD_HEADER 2 595 #define MIFARE_UID_LEN 4 596 #define MIFARE_KEY_LEN 6 597 #define MIFARE_CMD_LEN 12 598 /* 599 * Returns: 600 * <= 0: driver handled the data exchange 601 * 1: driver doesn't especially handle, please do standard processing 602 */ 603 static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev, 604 struct nfc_target *target, 605 struct sk_buff *skb, data_exchange_cb_t cb, 606 void *cb_context) 607 { 608 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 609 610 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__, 611 target->hci_reader_gate); 612 613 switch (target->hci_reader_gate) { 614 case NFC_HCI_RF_READER_A_GATE: 615 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 616 /* 617 * It seems that pn544 is inverting key and UID for 618 * MIFARE authentication commands. 619 */ 620 if (skb->len == MIFARE_CMD_LEN && 621 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A || 622 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) { 623 u8 uid[MIFARE_UID_LEN]; 624 u8 *data = skb->data + MIFARE_CMD_HEADER; 625 626 memcpy(uid, data + MIFARE_KEY_LEN, 627 MIFARE_UID_LEN); 628 memmove(data + MIFARE_UID_LEN, data, 629 MIFARE_KEY_LEN); 630 memcpy(data, uid, MIFARE_UID_LEN); 631 } 632 633 return nfc_hci_send_cmd_async(hdev, 634 target->hci_reader_gate, 635 PN544_MIFARE_CMD, 636 skb->data, skb->len, 637 cb, cb_context); 638 } else 639 return 1; 640 case PN544_RF_READER_F_GATE: 641 *(u8 *)skb_push(skb, 1) = 0; 642 *(u8 *)skb_push(skb, 1) = 0; 643 644 info->async_cb_type = PN544_CB_TYPE_READER_F; 645 info->async_cb = cb; 646 info->async_cb_context = cb_context; 647 648 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 649 PN544_FELICA_RAW, skb->data, 650 skb->len, 651 pn544_hci_data_exchange_cb, info); 652 case PN544_RF_READER_JEWEL_GATE: 653 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 654 PN544_JEWEL_RAW_CMD, skb->data, 655 skb->len, cb, cb_context); 656 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 657 *(u8 *)skb_push(skb, 1) = 0; 658 659 return nfc_hci_send_event(hdev, target->hci_reader_gate, 660 PN544_HCI_EVT_SND_DATA, skb->data, 661 skb->len); 662 default: 663 return 1; 664 } 665 } 666 667 static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 668 { 669 int r; 670 671 /* Set default false for multiple information chaining */ 672 *(u8 *)skb_push(skb, 1) = 0; 673 674 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 675 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 676 677 kfree_skb(skb); 678 679 return r; 680 } 681 682 static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 683 struct nfc_target *target) 684 { 685 pr_debug("supported protocol %d\b", target->supported_protocols); 686 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK | 687 NFC_PROTO_ISO14443_B_MASK)) { 688 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 689 PN544_RF_READER_CMD_PRESENCE_CHECK, 690 NULL, 0, NULL); 691 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 692 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 693 target->nfcid1_len != 10) 694 return -EOPNOTSUPP; 695 696 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 697 PN544_RF_READER_CMD_ACTIVATE_NEXT, 698 target->nfcid1, target->nfcid1_len, NULL); 699 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK | 700 NFC_PROTO_FELICA_MASK)) { 701 return -EOPNOTSUPP; 702 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 703 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 704 PN544_HCI_CMD_ATTREQUEST, 705 NULL, 0, NULL); 706 } 707 708 return 0; 709 } 710 711 /* 712 * Returns: 713 * <= 0: driver handled the event, skb consumed 714 * 1: driver does not handle the event, please do standard processing 715 */ 716 static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 717 struct sk_buff *skb) 718 { 719 struct sk_buff *rgb_skb = NULL; 720 u8 gate = hdev->pipes[pipe].gate; 721 int r; 722 723 pr_debug("hci event %d\n", event); 724 switch (event) { 725 case PN544_HCI_EVT_ACTIVATED: 726 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) { 727 r = nfc_hci_target_discovered(hdev, gate); 728 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 729 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 730 &rgb_skb); 731 if (r < 0) 732 goto exit; 733 734 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 735 NFC_COMM_PASSIVE, rgb_skb->data, 736 rgb_skb->len); 737 738 kfree_skb(rgb_skb); 739 } else { 740 r = -EINVAL; 741 } 742 break; 743 case PN544_HCI_EVT_DEACTIVATED: 744 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION, 745 NULL, 0); 746 break; 747 case PN544_HCI_EVT_RCV_DATA: 748 if (skb->len < 2) { 749 r = -EPROTO; 750 goto exit; 751 } 752 753 if (skb->data[0] != 0) { 754 pr_debug("data0 %d\n", skb->data[0]); 755 r = -EPROTO; 756 goto exit; 757 } 758 759 skb_pull(skb, 2); 760 return nfc_tm_data_received(hdev->ndev, skb); 761 default: 762 return 1; 763 } 764 765 exit: 766 kfree_skb(skb); 767 768 return r; 769 } 770 771 static int pn544_hci_fw_download(struct nfc_hci_dev *hdev, 772 const char *firmware_name) 773 { 774 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 775 776 if (info->fw_download == NULL) 777 return -ENOTSUPP; 778 779 return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib); 780 } 781 782 static int pn544_hci_discover_se(struct nfc_hci_dev *hdev) 783 { 784 u32 se_idx = 0; 785 u8 ese_mode = 0x01; /* Default mode */ 786 struct sk_buff *res_skb; 787 int r; 788 789 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP, 790 NULL, 0, &res_skb); 791 792 if (r == 0) { 793 if (res_skb->len == 2 && res_skb->data[0] == 0x00) 794 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC); 795 796 kfree_skb(res_skb); 797 } 798 799 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE, 800 PN544_HCI_EVT_SWITCH_MODE, 801 &ese_mode, 1); 802 if (r == 0) 803 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED); 804 805 return !se_idx; 806 } 807 808 #define PN544_SE_MODE_OFF 0x00 809 #define PN544_SE_MODE_ON 0x01 810 static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx) 811 { 812 struct nfc_se *se; 813 u8 enable = PN544_SE_MODE_ON; 814 static struct uicc_gatelist { 815 u8 head; 816 u8 adr[2]; 817 u8 value; 818 } uicc_gatelist[] = { 819 {0x00, {0x9e, 0xd9}, 0x23}, 820 {0x00, {0x9e, 0xda}, 0x21}, 821 {0x00, {0x9e, 0xdb}, 0x22}, 822 {0x00, {0x9e, 0xdc}, 0x24}, 823 }; 824 struct uicc_gatelist *p = uicc_gatelist; 825 int count = ARRAY_SIZE(uicc_gatelist); 826 struct sk_buff *res_skb; 827 int r; 828 829 se = nfc_find_se(hdev->ndev, se_idx); 830 831 switch (se->type) { 832 case NFC_SE_UICC: 833 while (count--) { 834 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, 835 PN544_WRITE, (u8 *)p, 4, &res_skb); 836 if (r < 0) 837 return r; 838 839 if (res_skb->len != 1) { 840 kfree_skb(res_skb); 841 return -EPROTO; 842 } 843 844 if (res_skb->data[0] != p->value) { 845 kfree_skb(res_skb); 846 return -EIO; 847 } 848 849 kfree_skb(res_skb); 850 851 p++; 852 } 853 854 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 855 PN544_SWP_DEFAULT_MODE, &enable, 1); 856 case NFC_SE_EMBEDDED: 857 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 858 PN544_NFC_ESE_DEFAULT_MODE, &enable, 1); 859 860 default: 861 return -EINVAL; 862 } 863 } 864 865 static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx) 866 { 867 struct nfc_se *se; 868 u8 disable = PN544_SE_MODE_OFF; 869 870 se = nfc_find_se(hdev->ndev, se_idx); 871 872 switch (se->type) { 873 case NFC_SE_UICC: 874 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 875 PN544_SWP_DEFAULT_MODE, &disable, 1); 876 case NFC_SE_EMBEDDED: 877 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 878 PN544_NFC_ESE_DEFAULT_MODE, &disable, 1); 879 default: 880 return -EINVAL; 881 } 882 } 883 884 static struct nfc_hci_ops pn544_hci_ops = { 885 .open = pn544_hci_open, 886 .close = pn544_hci_close, 887 .hci_ready = pn544_hci_ready, 888 .xmit = pn544_hci_xmit, 889 .start_poll = pn544_hci_start_poll, 890 .dep_link_up = pn544_hci_dep_link_up, 891 .dep_link_down = pn544_hci_dep_link_down, 892 .target_from_gate = pn544_hci_target_from_gate, 893 .complete_target_discovered = pn544_hci_complete_target_discovered, 894 .im_transceive = pn544_hci_im_transceive, 895 .tm_send = pn544_hci_tm_send, 896 .check_presence = pn544_hci_check_presence, 897 .event_received = pn544_hci_event_received, 898 .fw_download = pn544_hci_fw_download, 899 .discover_se = pn544_hci_discover_se, 900 .enable_se = pn544_hci_enable_se, 901 .disable_se = pn544_hci_disable_se, 902 }; 903 904 int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name, 905 int phy_headroom, int phy_tailroom, int phy_payload, 906 fw_download_t fw_download, struct nfc_hci_dev **hdev) 907 { 908 struct pn544_hci_info *info; 909 u32 protocols; 910 struct nfc_hci_init_data init_data; 911 int r; 912 913 info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL); 914 if (!info) { 915 r = -ENOMEM; 916 goto err_info_alloc; 917 } 918 919 info->phy_ops = phy_ops; 920 info->phy_id = phy_id; 921 info->fw_download = fw_download; 922 info->state = PN544_ST_COLD; 923 mutex_init(&info->info_lock); 924 925 init_data.gate_count = ARRAY_SIZE(pn544_gates); 926 927 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates)); 928 929 /* 930 * TODO: Session id must include the driver name + some bus addr 931 * persistent info to discriminate 2 identical chips 932 */ 933 strcpy(init_data.session_id, "ID544HCI"); 934 935 protocols = NFC_PROTO_JEWEL_MASK | 936 NFC_PROTO_MIFARE_MASK | 937 NFC_PROTO_FELICA_MASK | 938 NFC_PROTO_ISO14443_MASK | 939 NFC_PROTO_ISO14443_B_MASK | 940 NFC_PROTO_NFC_DEP_MASK; 941 942 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0, 943 protocols, llc_name, 944 phy_headroom + PN544_CMDS_HEADROOM, 945 phy_tailroom, phy_payload); 946 if (!info->hdev) { 947 pr_err("Cannot allocate nfc hdev\n"); 948 r = -ENOMEM; 949 goto err_alloc_hdev; 950 } 951 952 nfc_hci_set_clientdata(info->hdev, info); 953 954 r = nfc_hci_register_device(info->hdev); 955 if (r) 956 goto err_regdev; 957 958 *hdev = info->hdev; 959 960 return 0; 961 962 err_regdev: 963 nfc_hci_free_device(info->hdev); 964 965 err_alloc_hdev: 966 kfree(info); 967 968 err_info_alloc: 969 return r; 970 } 971 EXPORT_SYMBOL(pn544_hci_probe); 972 973 void pn544_hci_remove(struct nfc_hci_dev *hdev) 974 { 975 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 976 977 nfc_hci_unregister_device(hdev); 978 nfc_hci_free_device(hdev); 979 kfree(info); 980 } 981 EXPORT_SYMBOL(pn544_hci_remove); 982 983 MODULE_LICENSE("GPL"); 984 MODULE_DESCRIPTION(DRIVER_DESC); 985