1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * HCI based Driver for NXP PN544 NFC Chip 4 * 5 * Copyright (C) 2012 Intel Corporation. All rights reserved. 6 */ 7 8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 9 10 #include <linux/delay.h> 11 #include <linux/slab.h> 12 #include <linux/module.h> 13 14 #include <linux/nfc.h> 15 #include <net/nfc/hci.h> 16 17 #include "pn544.h" 18 19 /* Timing restrictions (ms) */ 20 #define PN544_HCI_RESETVEN_TIME 30 21 22 enum pn544_state { 23 PN544_ST_COLD, 24 PN544_ST_FW_READY, 25 PN544_ST_READY, 26 }; 27 28 #define FULL_VERSION_LEN 11 29 30 /* Proprietary commands */ 31 #define PN544_WRITE 0x3f 32 #define PN544_TEST_SWP 0x21 33 34 /* Proprietary gates, events, commands and registers */ 35 36 /* NFC_HCI_RF_READER_A_GATE additional registers and commands */ 37 #define PN544_RF_READER_A_AUTO_ACTIVATION 0x10 38 #define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12 39 #define PN544_MIFARE_CMD 0x21 40 41 /* Commands that apply to all RF readers */ 42 #define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30 43 #define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32 44 45 /* NFC_HCI_ID_MGMT_GATE additional registers */ 46 #define PN544_ID_MGMT_FULL_VERSION_SW 0x10 47 48 #define PN544_RF_READER_ISO15693_GATE 0x12 49 50 #define PN544_RF_READER_F_GATE 0x14 51 #define PN544_FELICA_ID 0x04 52 #define PN544_FELICA_RAW 0x20 53 54 #define PN544_RF_READER_JEWEL_GATE 0x15 55 #define PN544_JEWEL_RAW_CMD 0x23 56 57 #define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30 58 #define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31 59 60 #define PN544_SYS_MGMT_GATE 0x90 61 #define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02 62 63 #define PN544_POLLING_LOOP_MGMT_GATE 0x94 64 #define PN544_DEP_MODE 0x01 65 #define PN544_DEP_ATR_REQ 0x02 66 #define PN544_DEP_ATR_RES 0x03 67 #define PN544_DEP_MERGE 0x0D 68 #define PN544_PL_RDPHASES 0x06 69 #define PN544_PL_EMULATION 0x07 70 #define PN544_PL_NFCT_DEACTIVATED 0x09 71 72 #define PN544_SWP_MGMT_GATE 0xA0 73 #define PN544_SWP_DEFAULT_MODE 0x01 74 75 #define PN544_NFC_WI_MGMT_GATE 0xA1 76 #define PN544_NFC_ESE_DEFAULT_MODE 0x01 77 78 #define PN544_HCI_EVT_SND_DATA 0x01 79 #define PN544_HCI_EVT_ACTIVATED 0x02 80 #define PN544_HCI_EVT_DEACTIVATED 0x03 81 #define PN544_HCI_EVT_RCV_DATA 0x04 82 #define PN544_HCI_EVT_CONTINUE_MI 0x05 83 #define PN544_HCI_EVT_SWITCH_MODE 0x03 84 85 #define PN544_HCI_CMD_ATTREQUEST 0x12 86 #define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13 87 88 static const struct nfc_hci_gate pn544_gates[] = { 89 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE}, 90 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE}, 91 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 92 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 93 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE}, 94 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE}, 95 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 96 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 97 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 98 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 99 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE}, 100 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE}, 101 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE}, 102 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE}, 103 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE} 104 }; 105 106 /* Largest headroom needed for outgoing custom commands */ 107 #define PN544_CMDS_HEADROOM 2 108 109 struct pn544_hci_info { 110 const struct nfc_phy_ops *phy_ops; 111 void *phy_id; 112 113 struct nfc_hci_dev *hdev; 114 115 enum pn544_state state; 116 117 struct mutex info_lock; 118 119 int async_cb_type; 120 data_exchange_cb_t async_cb; 121 void *async_cb_context; 122 123 fw_download_t fw_download; 124 }; 125 126 static int pn544_hci_open(struct nfc_hci_dev *hdev) 127 { 128 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 129 int r = 0; 130 131 mutex_lock(&info->info_lock); 132 133 if (info->state != PN544_ST_COLD) { 134 r = -EBUSY; 135 goto out; 136 } 137 138 r = info->phy_ops->enable(info->phy_id); 139 140 if (r == 0) 141 info->state = PN544_ST_READY; 142 143 out: 144 mutex_unlock(&info->info_lock); 145 return r; 146 } 147 148 static void pn544_hci_close(struct nfc_hci_dev *hdev) 149 { 150 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 151 152 mutex_lock(&info->info_lock); 153 154 if (info->state == PN544_ST_COLD) 155 goto out; 156 157 info->phy_ops->disable(info->phy_id); 158 159 info->state = PN544_ST_COLD; 160 161 out: 162 mutex_unlock(&info->info_lock); 163 } 164 165 static int pn544_hci_ready(struct nfc_hci_dev *hdev) 166 { 167 struct sk_buff *skb; 168 static struct hw_config { 169 u8 adr[2]; 170 u8 value; 171 } hw_config[] = { 172 {{0x9f, 0x9a}, 0x00}, 173 174 {{0x98, 0x10}, 0xbc}, 175 176 {{0x9e, 0x71}, 0x00}, 177 178 {{0x98, 0x09}, 0x00}, 179 180 {{0x9e, 0xb4}, 0x00}, 181 182 {{0x9c, 0x01}, 0x08}, 183 184 {{0x9e, 0xaa}, 0x01}, 185 186 {{0x9b, 0xd1}, 0x17}, 187 {{0x9b, 0xd2}, 0x58}, 188 {{0x9b, 0xd3}, 0x10}, 189 {{0x9b, 0xd4}, 0x47}, 190 {{0x9b, 0xd5}, 0x0c}, 191 {{0x9b, 0xd6}, 0x37}, 192 {{0x9b, 0xdd}, 0x33}, 193 194 {{0x9b, 0x84}, 0x00}, 195 {{0x99, 0x81}, 0x79}, 196 {{0x99, 0x31}, 0x79}, 197 198 {{0x98, 0x00}, 0x3f}, 199 200 {{0x9f, 0x09}, 0x02}, 201 202 {{0x9f, 0x0a}, 0x05}, 203 204 {{0x9e, 0xd1}, 0xa1}, 205 {{0x99, 0x23}, 0x01}, 206 207 {{0x9e, 0x74}, 0x00}, 208 {{0x9e, 0x90}, 0x00}, 209 {{0x9f, 0x28}, 0x10}, 210 211 {{0x9f, 0x35}, 0x04}, 212 213 {{0x9f, 0x36}, 0x11}, 214 215 {{0x9c, 0x31}, 0x00}, 216 217 {{0x9c, 0x32}, 0x00}, 218 219 {{0x9c, 0x19}, 0x0a}, 220 221 {{0x9c, 0x1a}, 0x0a}, 222 223 {{0x9c, 0x0c}, 0x00}, 224 225 {{0x9c, 0x0d}, 0x00}, 226 227 {{0x9c, 0x12}, 0x00}, 228 229 {{0x9c, 0x13}, 0x00}, 230 231 {{0x98, 0xa2}, 0x09}, 232 233 {{0x98, 0x93}, 0x00}, 234 235 {{0x98, 0x7d}, 0x08}, 236 {{0x98, 0x7e}, 0x00}, 237 {{0x9f, 0xc8}, 0x00}, 238 }; 239 struct hw_config *p = hw_config; 240 int count = ARRAY_SIZE(hw_config); 241 struct sk_buff *res_skb; 242 u8 param[4]; 243 int r; 244 245 param[0] = 0; 246 while (count--) { 247 param[1] = p->adr[0]; 248 param[2] = p->adr[1]; 249 param[3] = p->value; 250 251 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE, 252 param, 4, &res_skb); 253 if (r < 0) 254 return r; 255 256 if (res_skb->len != 1) { 257 kfree_skb(res_skb); 258 return -EPROTO; 259 } 260 261 if (res_skb->data[0] != p->value) { 262 kfree_skb(res_skb); 263 return -EIO; 264 } 265 266 kfree_skb(res_skb); 267 268 p++; 269 } 270 271 param[0] = NFC_HCI_UICC_HOST_ID; 272 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 273 NFC_HCI_ADMIN_WHITELIST, param, 1); 274 if (r < 0) 275 return r; 276 277 param[0] = 0x3d; 278 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE, 279 PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1); 280 if (r < 0) 281 return r; 282 283 param[0] = 0x0; 284 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE, 285 PN544_RF_READER_A_AUTO_ACTIVATION, param, 1); 286 if (r < 0) 287 return r; 288 289 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 290 NFC_HCI_EVT_END_OPERATION, NULL, 0); 291 if (r < 0) 292 return r; 293 294 param[0] = 0x1; 295 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 296 PN544_PL_NFCT_DEACTIVATED, param, 1); 297 if (r < 0) 298 return r; 299 300 param[0] = 0x0; 301 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 302 PN544_PL_RDPHASES, param, 1); 303 if (r < 0) 304 return r; 305 306 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 307 PN544_ID_MGMT_FULL_VERSION_SW, &skb); 308 if (r < 0) 309 return r; 310 311 if (skb->len != FULL_VERSION_LEN) { 312 kfree_skb(skb); 313 return -EINVAL; 314 } 315 316 print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ", 317 DUMP_PREFIX_NONE, 16, 1, 318 skb->data, FULL_VERSION_LEN, false); 319 320 kfree_skb(skb); 321 322 return 0; 323 } 324 325 static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb) 326 { 327 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 328 329 return info->phy_ops->write(info->phy_id, skb); 330 } 331 332 static int pn544_hci_start_poll(struct nfc_hci_dev *hdev, 333 u32 im_protocols, u32 tm_protocols) 334 { 335 u8 phases = 0; 336 int r; 337 u8 duration[2]; 338 u8 activated; 339 u8 i_mode = 0x3f; /* Enable all supported modes */ 340 u8 t_mode = 0x0f; 341 u8 t_merge = 0x01; /* Enable merge by default */ 342 343 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n", 344 __func__, im_protocols, tm_protocols); 345 346 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 347 NFC_HCI_EVT_END_OPERATION, NULL, 0); 348 if (r < 0) 349 return r; 350 351 duration[0] = 0x18; 352 duration[1] = 0x6a; 353 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 354 PN544_PL_EMULATION, duration, 2); 355 if (r < 0) 356 return r; 357 358 activated = 0; 359 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 360 PN544_PL_NFCT_DEACTIVATED, &activated, 1); 361 if (r < 0) 362 return r; 363 364 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 365 NFC_PROTO_JEWEL_MASK)) 366 phases |= 1; /* Type A */ 367 if (im_protocols & NFC_PROTO_FELICA_MASK) { 368 phases |= (1 << 2); /* Type F 212 */ 369 phases |= (1 << 3); /* Type F 424 */ 370 } 371 372 phases |= (1 << 5); /* NFC active */ 373 374 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 375 PN544_PL_RDPHASES, &phases, 1); 376 if (r < 0) 377 return r; 378 379 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) { 380 hdev->gb = nfc_get_local_general_bytes(hdev->ndev, 381 &hdev->gb_len); 382 pr_debug("generate local bytes %p\n", hdev->gb); 383 if (hdev->gb == NULL || hdev->gb_len == 0) { 384 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 385 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 386 } 387 } 388 389 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 390 r = nfc_hci_send_event(hdev, 391 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 392 NFC_HCI_EVT_END_OPERATION, NULL, 0); 393 if (r < 0) 394 return r; 395 396 r = nfc_hci_set_param(hdev, 397 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 398 PN544_DEP_MODE, &i_mode, 1); 399 if (r < 0) 400 return r; 401 402 r = nfc_hci_set_param(hdev, 403 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 404 PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len); 405 if (r < 0) 406 return r; 407 408 r = nfc_hci_send_event(hdev, 409 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 410 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 411 if (r < 0) 412 nfc_hci_send_event(hdev, 413 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 414 NFC_HCI_EVT_END_OPERATION, NULL, 0); 415 } 416 417 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) { 418 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 419 PN544_DEP_MODE, &t_mode, 1); 420 if (r < 0) 421 return r; 422 423 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 424 PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len); 425 if (r < 0) 426 return r; 427 428 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 429 PN544_DEP_MERGE, &t_merge, 1); 430 if (r < 0) 431 return r; 432 } 433 434 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 435 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 436 if (r < 0) 437 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 438 NFC_HCI_EVT_END_OPERATION, NULL, 0); 439 440 return r; 441 } 442 443 static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev, 444 struct nfc_target *target, u8 comm_mode, 445 u8 *gb, size_t gb_len) 446 { 447 struct sk_buff *rgb_skb = NULL; 448 int r; 449 450 r = nfc_hci_get_param(hdev, target->hci_reader_gate, 451 PN544_DEP_ATR_RES, &rgb_skb); 452 if (r < 0) 453 return r; 454 455 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) { 456 r = -EPROTO; 457 goto exit; 458 } 459 print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET, 460 16, 1, rgb_skb->data, rgb_skb->len, true); 461 462 r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data, 463 rgb_skb->len); 464 465 if (r == 0) 466 r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode, 467 NFC_RF_INITIATOR); 468 exit: 469 kfree_skb(rgb_skb); 470 return r; 471 } 472 473 static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev) 474 { 475 476 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE, 477 NFC_HCI_EVT_END_OPERATION, NULL, 0); 478 } 479 480 static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate, 481 struct nfc_target *target) 482 { 483 switch (gate) { 484 case PN544_RF_READER_F_GATE: 485 target->supported_protocols = NFC_PROTO_FELICA_MASK; 486 break; 487 case PN544_RF_READER_JEWEL_GATE: 488 target->supported_protocols = NFC_PROTO_JEWEL_MASK; 489 target->sens_res = 0x0c00; 490 break; 491 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 492 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 493 break; 494 default: 495 return -EPROTO; 496 } 497 498 return 0; 499 } 500 501 static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev, 502 u8 gate, 503 struct nfc_target *target) 504 { 505 struct sk_buff *uid_skb; 506 int r = 0; 507 508 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 509 return r; 510 511 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 512 r = nfc_hci_send_cmd(hdev, 513 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 514 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL); 515 if (r < 0) 516 return r; 517 518 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE; 519 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 520 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 521 target->nfcid1_len != 10) 522 return -EPROTO; 523 524 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 525 PN544_RF_READER_CMD_ACTIVATE_NEXT, 526 target->nfcid1, target->nfcid1_len, NULL); 527 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) { 528 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE, 529 PN544_FELICA_ID, &uid_skb); 530 if (r < 0) 531 return r; 532 533 if (uid_skb->len != 8) { 534 kfree_skb(uid_skb); 535 return -EPROTO; 536 } 537 538 /* Type F NFC-DEP IDm has prefix 0x01FE */ 539 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) { 540 kfree_skb(uid_skb); 541 r = nfc_hci_send_cmd(hdev, 542 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 543 PN544_HCI_CMD_CONTINUE_ACTIVATION, 544 NULL, 0, NULL); 545 if (r < 0) 546 return r; 547 548 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 549 target->hci_reader_gate = 550 PN544_RF_READER_NFCIP1_INITIATOR_GATE; 551 } else { 552 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE, 553 PN544_RF_READER_CMD_ACTIVATE_NEXT, 554 uid_skb->data, uid_skb->len, NULL); 555 kfree_skb(uid_skb); 556 } 557 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) { 558 /* 559 * TODO: maybe other ISO 14443 require some kind of continue 560 * activation, but for now we've seen only this one below. 561 */ 562 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */ 563 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 564 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION, 565 NULL, 0, NULL); 566 } 567 568 return r; 569 } 570 571 #define PN544_CB_TYPE_READER_F 1 572 573 static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb, 574 int err) 575 { 576 struct pn544_hci_info *info = context; 577 578 switch (info->async_cb_type) { 579 case PN544_CB_TYPE_READER_F: 580 if (err == 0) 581 skb_pull(skb, 1); 582 info->async_cb(info->async_cb_context, skb, err); 583 break; 584 default: 585 if (err == 0) 586 kfree_skb(skb); 587 break; 588 } 589 } 590 591 #define MIFARE_CMD_AUTH_KEY_A 0x60 592 #define MIFARE_CMD_AUTH_KEY_B 0x61 593 #define MIFARE_CMD_HEADER 2 594 #define MIFARE_UID_LEN 4 595 #define MIFARE_KEY_LEN 6 596 #define MIFARE_CMD_LEN 12 597 /* 598 * Returns: 599 * <= 0: driver handled the data exchange 600 * 1: driver doesn't especially handle, please do standard processing 601 */ 602 static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev, 603 struct nfc_target *target, 604 struct sk_buff *skb, data_exchange_cb_t cb, 605 void *cb_context) 606 { 607 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 608 609 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__, 610 target->hci_reader_gate); 611 612 switch (target->hci_reader_gate) { 613 case NFC_HCI_RF_READER_A_GATE: 614 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 615 /* 616 * It seems that pn544 is inverting key and UID for 617 * MIFARE authentication commands. 618 */ 619 if (skb->len == MIFARE_CMD_LEN && 620 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A || 621 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) { 622 u8 uid[MIFARE_UID_LEN]; 623 u8 *data = skb->data + MIFARE_CMD_HEADER; 624 625 memcpy(uid, data + MIFARE_KEY_LEN, 626 MIFARE_UID_LEN); 627 memmove(data + MIFARE_UID_LEN, data, 628 MIFARE_KEY_LEN); 629 memcpy(data, uid, MIFARE_UID_LEN); 630 } 631 632 return nfc_hci_send_cmd_async(hdev, 633 target->hci_reader_gate, 634 PN544_MIFARE_CMD, 635 skb->data, skb->len, 636 cb, cb_context); 637 } else 638 return 1; 639 case PN544_RF_READER_F_GATE: 640 *(u8 *)skb_push(skb, 1) = 0; 641 *(u8 *)skb_push(skb, 1) = 0; 642 643 info->async_cb_type = PN544_CB_TYPE_READER_F; 644 info->async_cb = cb; 645 info->async_cb_context = cb_context; 646 647 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 648 PN544_FELICA_RAW, skb->data, 649 skb->len, 650 pn544_hci_data_exchange_cb, info); 651 case PN544_RF_READER_JEWEL_GATE: 652 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 653 PN544_JEWEL_RAW_CMD, skb->data, 654 skb->len, cb, cb_context); 655 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 656 *(u8 *)skb_push(skb, 1) = 0; 657 658 return nfc_hci_send_event(hdev, target->hci_reader_gate, 659 PN544_HCI_EVT_SND_DATA, skb->data, 660 skb->len); 661 default: 662 return 1; 663 } 664 } 665 666 static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 667 { 668 int r; 669 670 /* Set default false for multiple information chaining */ 671 *(u8 *)skb_push(skb, 1) = 0; 672 673 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 674 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 675 676 kfree_skb(skb); 677 678 return r; 679 } 680 681 static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 682 struct nfc_target *target) 683 { 684 pr_debug("supported protocol %d\n", target->supported_protocols); 685 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK | 686 NFC_PROTO_ISO14443_B_MASK)) { 687 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 688 PN544_RF_READER_CMD_PRESENCE_CHECK, 689 NULL, 0, NULL); 690 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 691 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 692 target->nfcid1_len != 10) 693 return -EOPNOTSUPP; 694 695 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 696 PN544_RF_READER_CMD_ACTIVATE_NEXT, 697 target->nfcid1, target->nfcid1_len, NULL); 698 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK | 699 NFC_PROTO_FELICA_MASK)) { 700 return -EOPNOTSUPP; 701 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 702 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 703 PN544_HCI_CMD_ATTREQUEST, 704 NULL, 0, NULL); 705 } 706 707 return 0; 708 } 709 710 /* 711 * Returns: 712 * <= 0: driver handled the event, skb consumed 713 * 1: driver does not handle the event, please do standard processing 714 */ 715 static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 716 struct sk_buff *skb) 717 { 718 struct sk_buff *rgb_skb = NULL; 719 u8 gate = hdev->pipes[pipe].gate; 720 int r; 721 722 pr_debug("hci event %d\n", event); 723 switch (event) { 724 case PN544_HCI_EVT_ACTIVATED: 725 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) { 726 r = nfc_hci_target_discovered(hdev, gate); 727 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 728 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 729 &rgb_skb); 730 if (r < 0) 731 goto exit; 732 733 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 734 NFC_COMM_PASSIVE, rgb_skb->data, 735 rgb_skb->len); 736 737 kfree_skb(rgb_skb); 738 } else { 739 r = -EINVAL; 740 } 741 break; 742 case PN544_HCI_EVT_DEACTIVATED: 743 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION, 744 NULL, 0); 745 break; 746 case PN544_HCI_EVT_RCV_DATA: 747 if (skb->len < 2) { 748 r = -EPROTO; 749 goto exit; 750 } 751 752 if (skb->data[0] != 0) { 753 pr_debug("data0 %d\n", skb->data[0]); 754 r = -EPROTO; 755 goto exit; 756 } 757 758 skb_pull(skb, 2); 759 return nfc_tm_data_received(hdev->ndev, skb); 760 default: 761 return 1; 762 } 763 764 exit: 765 kfree_skb(skb); 766 767 return r; 768 } 769 770 static int pn544_hci_fw_download(struct nfc_hci_dev *hdev, 771 const char *firmware_name) 772 { 773 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 774 775 if (info->fw_download == NULL) 776 return -ENOTSUPP; 777 778 return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib); 779 } 780 781 static int pn544_hci_discover_se(struct nfc_hci_dev *hdev) 782 { 783 u32 se_idx = 0; 784 u8 ese_mode = 0x01; /* Default mode */ 785 struct sk_buff *res_skb; 786 int r; 787 788 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP, 789 NULL, 0, &res_skb); 790 791 if (r == 0) { 792 if (res_skb->len == 2 && res_skb->data[0] == 0x00) 793 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC); 794 795 kfree_skb(res_skb); 796 } 797 798 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE, 799 PN544_HCI_EVT_SWITCH_MODE, 800 &ese_mode, 1); 801 if (r == 0) 802 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED); 803 804 return !se_idx; 805 } 806 807 #define PN544_SE_MODE_OFF 0x00 808 #define PN544_SE_MODE_ON 0x01 809 static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx) 810 { 811 const struct nfc_se *se; 812 u8 enable = PN544_SE_MODE_ON; 813 static struct uicc_gatelist { 814 u8 head; 815 u8 adr[2]; 816 u8 value; 817 } uicc_gatelist[] = { 818 {0x00, {0x9e, 0xd9}, 0x23}, 819 {0x00, {0x9e, 0xda}, 0x21}, 820 {0x00, {0x9e, 0xdb}, 0x22}, 821 {0x00, {0x9e, 0xdc}, 0x24}, 822 }; 823 struct uicc_gatelist *p = uicc_gatelist; 824 int count = ARRAY_SIZE(uicc_gatelist); 825 struct sk_buff *res_skb; 826 int r; 827 828 se = nfc_find_se(hdev->ndev, se_idx); 829 830 switch (se->type) { 831 case NFC_SE_UICC: 832 while (count--) { 833 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, 834 PN544_WRITE, (u8 *)p, 4, &res_skb); 835 if (r < 0) 836 return r; 837 838 if (res_skb->len != 1) { 839 kfree_skb(res_skb); 840 return -EPROTO; 841 } 842 843 if (res_skb->data[0] != p->value) { 844 kfree_skb(res_skb); 845 return -EIO; 846 } 847 848 kfree_skb(res_skb); 849 850 p++; 851 } 852 853 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 854 PN544_SWP_DEFAULT_MODE, &enable, 1); 855 case NFC_SE_EMBEDDED: 856 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 857 PN544_NFC_ESE_DEFAULT_MODE, &enable, 1); 858 859 default: 860 return -EINVAL; 861 } 862 } 863 864 static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx) 865 { 866 const struct nfc_se *se; 867 u8 disable = PN544_SE_MODE_OFF; 868 869 se = nfc_find_se(hdev->ndev, se_idx); 870 871 switch (se->type) { 872 case NFC_SE_UICC: 873 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 874 PN544_SWP_DEFAULT_MODE, &disable, 1); 875 case NFC_SE_EMBEDDED: 876 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 877 PN544_NFC_ESE_DEFAULT_MODE, &disable, 1); 878 default: 879 return -EINVAL; 880 } 881 } 882 883 static const struct nfc_hci_ops pn544_hci_ops = { 884 .open = pn544_hci_open, 885 .close = pn544_hci_close, 886 .hci_ready = pn544_hci_ready, 887 .xmit = pn544_hci_xmit, 888 .start_poll = pn544_hci_start_poll, 889 .dep_link_up = pn544_hci_dep_link_up, 890 .dep_link_down = pn544_hci_dep_link_down, 891 .target_from_gate = pn544_hci_target_from_gate, 892 .complete_target_discovered = pn544_hci_complete_target_discovered, 893 .im_transceive = pn544_hci_im_transceive, 894 .tm_send = pn544_hci_tm_send, 895 .check_presence = pn544_hci_check_presence, 896 .event_received = pn544_hci_event_received, 897 .fw_download = pn544_hci_fw_download, 898 .discover_se = pn544_hci_discover_se, 899 .enable_se = pn544_hci_enable_se, 900 .disable_se = pn544_hci_disable_se, 901 }; 902 903 int pn544_hci_probe(void *phy_id, const struct nfc_phy_ops *phy_ops, 904 char *llc_name, int phy_headroom, int phy_tailroom, 905 int phy_payload, fw_download_t fw_download, 906 struct nfc_hci_dev **hdev) 907 { 908 struct pn544_hci_info *info; 909 u32 protocols; 910 struct nfc_hci_init_data init_data; 911 int r; 912 913 info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL); 914 if (!info) { 915 r = -ENOMEM; 916 goto err_info_alloc; 917 } 918 919 info->phy_ops = phy_ops; 920 info->phy_id = phy_id; 921 info->fw_download = fw_download; 922 info->state = PN544_ST_COLD; 923 mutex_init(&info->info_lock); 924 925 init_data.gate_count = ARRAY_SIZE(pn544_gates); 926 927 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates)); 928 929 /* 930 * TODO: Session id must include the driver name + some bus addr 931 * persistent info to discriminate 2 identical chips 932 */ 933 strcpy(init_data.session_id, "ID544HCI"); 934 935 protocols = NFC_PROTO_JEWEL_MASK | 936 NFC_PROTO_MIFARE_MASK | 937 NFC_PROTO_FELICA_MASK | 938 NFC_PROTO_ISO14443_MASK | 939 NFC_PROTO_ISO14443_B_MASK | 940 NFC_PROTO_NFC_DEP_MASK; 941 942 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0, 943 protocols, llc_name, 944 phy_headroom + PN544_CMDS_HEADROOM, 945 phy_tailroom, phy_payload); 946 if (!info->hdev) { 947 pr_err("Cannot allocate nfc hdev\n"); 948 r = -ENOMEM; 949 goto err_alloc_hdev; 950 } 951 952 nfc_hci_set_clientdata(info->hdev, info); 953 954 r = nfc_hci_register_device(info->hdev); 955 if (r) 956 goto err_regdev; 957 958 *hdev = info->hdev; 959 960 return 0; 961 962 err_regdev: 963 nfc_hci_free_device(info->hdev); 964 965 err_alloc_hdev: 966 kfree(info); 967 968 err_info_alloc: 969 return r; 970 } 971 EXPORT_SYMBOL(pn544_hci_probe); 972 973 void pn544_hci_remove(struct nfc_hci_dev *hdev) 974 { 975 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 976 977 nfc_hci_unregister_device(hdev); 978 nfc_hci_free_device(hdev); 979 kfree(info); 980 } 981 EXPORT_SYMBOL(pn544_hci_remove); 982 983 MODULE_LICENSE("GPL"); 984 MODULE_DESCRIPTION(DRIVER_DESC); 985