1 /* 2 * HCI based Driver for NXP PN544 NFC Chip 3 * 4 * Copyright (C) 2012 Intel Corporation. All rights reserved. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms and conditions of the GNU General Public License, 8 * version 2, as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 20 21 #include <linux/delay.h> 22 #include <linux/slab.h> 23 #include <linux/module.h> 24 25 #include <linux/nfc.h> 26 #include <net/nfc/hci.h> 27 #include <net/nfc/llc.h> 28 29 #include "pn544.h" 30 31 /* Timing restrictions (ms) */ 32 #define PN544_HCI_RESETVEN_TIME 30 33 34 enum pn544_state { 35 PN544_ST_COLD, 36 PN544_ST_FW_READY, 37 PN544_ST_READY, 38 }; 39 40 #define FULL_VERSION_LEN 11 41 42 /* Proprietary commands */ 43 #define PN544_WRITE 0x3f 44 #define PN544_TEST_SWP 0x21 45 46 /* Proprietary gates, events, commands and registers */ 47 48 /* NFC_HCI_RF_READER_A_GATE additional registers and commands */ 49 #define PN544_RF_READER_A_AUTO_ACTIVATION 0x10 50 #define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12 51 #define PN544_MIFARE_CMD 0x21 52 53 /* Commands that apply to all RF readers */ 54 #define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30 55 #define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32 56 57 /* NFC_HCI_ID_MGMT_GATE additional registers */ 58 #define PN544_ID_MGMT_FULL_VERSION_SW 0x10 59 60 #define PN544_RF_READER_ISO15693_GATE 0x12 61 62 #define PN544_RF_READER_F_GATE 0x14 63 #define PN544_FELICA_ID 0x04 64 #define PN544_FELICA_RAW 0x20 65 66 #define PN544_RF_READER_JEWEL_GATE 0x15 67 #define PN544_JEWEL_RAW_CMD 0x23 68 69 #define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30 70 #define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31 71 72 #define PN544_SYS_MGMT_GATE 0x90 73 #define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02 74 75 #define PN544_POLLING_LOOP_MGMT_GATE 0x94 76 #define PN544_DEP_MODE 0x01 77 #define PN544_DEP_ATR_REQ 0x02 78 #define PN544_DEP_ATR_RES 0x03 79 #define PN544_DEP_MERGE 0x0D 80 #define PN544_PL_RDPHASES 0x06 81 #define PN544_PL_EMULATION 0x07 82 #define PN544_PL_NFCT_DEACTIVATED 0x09 83 84 #define PN544_SWP_MGMT_GATE 0xA0 85 #define PN544_SWP_DEFAULT_MODE 0x01 86 87 #define PN544_NFC_WI_MGMT_GATE 0xA1 88 #define PN544_NFC_ESE_DEFAULT_MODE 0x01 89 90 #define PN544_HCI_EVT_SND_DATA 0x01 91 #define PN544_HCI_EVT_ACTIVATED 0x02 92 #define PN544_HCI_EVT_DEACTIVATED 0x03 93 #define PN544_HCI_EVT_RCV_DATA 0x04 94 #define PN544_HCI_EVT_CONTINUE_MI 0x05 95 #define PN544_HCI_EVT_SWITCH_MODE 0x03 96 97 #define PN544_HCI_CMD_ATTREQUEST 0x12 98 #define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13 99 100 static struct nfc_hci_gate pn544_gates[] = { 101 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE}, 102 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE}, 103 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 104 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 105 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE}, 106 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE}, 107 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 108 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 109 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 110 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE}, 111 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE}, 112 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE}, 113 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE}, 114 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE}, 115 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE} 116 }; 117 118 /* Largest headroom needed for outgoing custom commands */ 119 #define PN544_CMDS_HEADROOM 2 120 121 struct pn544_hci_info { 122 struct nfc_phy_ops *phy_ops; 123 void *phy_id; 124 125 struct nfc_hci_dev *hdev; 126 127 enum pn544_state state; 128 129 struct mutex info_lock; 130 131 int async_cb_type; 132 data_exchange_cb_t async_cb; 133 void *async_cb_context; 134 135 fw_download_t fw_download; 136 }; 137 138 static int pn544_hci_open(struct nfc_hci_dev *hdev) 139 { 140 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 141 int r = 0; 142 143 mutex_lock(&info->info_lock); 144 145 if (info->state != PN544_ST_COLD) { 146 r = -EBUSY; 147 goto out; 148 } 149 150 r = info->phy_ops->enable(info->phy_id); 151 152 if (r == 0) 153 info->state = PN544_ST_READY; 154 155 out: 156 mutex_unlock(&info->info_lock); 157 return r; 158 } 159 160 static void pn544_hci_close(struct nfc_hci_dev *hdev) 161 { 162 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 163 164 mutex_lock(&info->info_lock); 165 166 if (info->state == PN544_ST_COLD) 167 goto out; 168 169 info->phy_ops->disable(info->phy_id); 170 171 info->state = PN544_ST_COLD; 172 173 out: 174 mutex_unlock(&info->info_lock); 175 } 176 177 static int pn544_hci_ready(struct nfc_hci_dev *hdev) 178 { 179 struct sk_buff *skb; 180 static struct hw_config { 181 u8 adr[2]; 182 u8 value; 183 } hw_config[] = { 184 {{0x9f, 0x9a}, 0x00}, 185 186 {{0x98, 0x10}, 0xbc}, 187 188 {{0x9e, 0x71}, 0x00}, 189 190 {{0x98, 0x09}, 0x00}, 191 192 {{0x9e, 0xb4}, 0x00}, 193 194 {{0x9c, 0x01}, 0x08}, 195 196 {{0x9e, 0xaa}, 0x01}, 197 198 {{0x9b, 0xd1}, 0x17}, 199 {{0x9b, 0xd2}, 0x58}, 200 {{0x9b, 0xd3}, 0x10}, 201 {{0x9b, 0xd4}, 0x47}, 202 {{0x9b, 0xd5}, 0x0c}, 203 {{0x9b, 0xd6}, 0x37}, 204 {{0x9b, 0xdd}, 0x33}, 205 206 {{0x9b, 0x84}, 0x00}, 207 {{0x99, 0x81}, 0x79}, 208 {{0x99, 0x31}, 0x79}, 209 210 {{0x98, 0x00}, 0x3f}, 211 212 {{0x9f, 0x09}, 0x02}, 213 214 {{0x9f, 0x0a}, 0x05}, 215 216 {{0x9e, 0xd1}, 0xa1}, 217 {{0x99, 0x23}, 0x01}, 218 219 {{0x9e, 0x74}, 0x00}, 220 {{0x9e, 0x90}, 0x00}, 221 {{0x9f, 0x28}, 0x10}, 222 223 {{0x9f, 0x35}, 0x04}, 224 225 {{0x9f, 0x36}, 0x11}, 226 227 {{0x9c, 0x31}, 0x00}, 228 229 {{0x9c, 0x32}, 0x00}, 230 231 {{0x9c, 0x19}, 0x0a}, 232 233 {{0x9c, 0x1a}, 0x0a}, 234 235 {{0x9c, 0x0c}, 0x00}, 236 237 {{0x9c, 0x0d}, 0x00}, 238 239 {{0x9c, 0x12}, 0x00}, 240 241 {{0x9c, 0x13}, 0x00}, 242 243 {{0x98, 0xa2}, 0x09}, 244 245 {{0x98, 0x93}, 0x00}, 246 247 {{0x98, 0x7d}, 0x08}, 248 {{0x98, 0x7e}, 0x00}, 249 {{0x9f, 0xc8}, 0x00}, 250 }; 251 struct hw_config *p = hw_config; 252 int count = ARRAY_SIZE(hw_config); 253 struct sk_buff *res_skb; 254 u8 param[4]; 255 int r; 256 257 param[0] = 0; 258 while (count--) { 259 param[1] = p->adr[0]; 260 param[2] = p->adr[1]; 261 param[3] = p->value; 262 263 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE, 264 param, 4, &res_skb); 265 if (r < 0) 266 return r; 267 268 if (res_skb->len != 1) { 269 kfree_skb(res_skb); 270 return -EPROTO; 271 } 272 273 if (res_skb->data[0] != p->value) { 274 kfree_skb(res_skb); 275 return -EIO; 276 } 277 278 kfree_skb(res_skb); 279 280 p++; 281 } 282 283 param[0] = NFC_HCI_UICC_HOST_ID; 284 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE, 285 NFC_HCI_ADMIN_WHITELIST, param, 1); 286 if (r < 0) 287 return r; 288 289 param[0] = 0x3d; 290 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE, 291 PN544_SYS_MGMT_INFO_NOTIFICATION, param, 1); 292 if (r < 0) 293 return r; 294 295 param[0] = 0x0; 296 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE, 297 PN544_RF_READER_A_AUTO_ACTIVATION, param, 1); 298 if (r < 0) 299 return r; 300 301 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 302 NFC_HCI_EVT_END_OPERATION, NULL, 0); 303 if (r < 0) 304 return r; 305 306 param[0] = 0x1; 307 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 308 PN544_PL_NFCT_DEACTIVATED, param, 1); 309 if (r < 0) 310 return r; 311 312 param[0] = 0x0; 313 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 314 PN544_PL_RDPHASES, param, 1); 315 if (r < 0) 316 return r; 317 318 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, 319 PN544_ID_MGMT_FULL_VERSION_SW, &skb); 320 if (r < 0) 321 return r; 322 323 if (skb->len != FULL_VERSION_LEN) { 324 kfree_skb(skb); 325 return -EINVAL; 326 } 327 328 print_hex_dump(KERN_DEBUG, "FULL VERSION SOFTWARE INFO: ", 329 DUMP_PREFIX_NONE, 16, 1, 330 skb->data, FULL_VERSION_LEN, false); 331 332 kfree_skb(skb); 333 334 return 0; 335 } 336 337 static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb) 338 { 339 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 340 341 return info->phy_ops->write(info->phy_id, skb); 342 } 343 344 static int pn544_hci_start_poll(struct nfc_hci_dev *hdev, 345 u32 im_protocols, u32 tm_protocols) 346 { 347 u8 phases = 0; 348 int r; 349 u8 duration[2]; 350 u8 activated; 351 u8 i_mode = 0x3f; /* Enable all supported modes */ 352 u8 t_mode = 0x0f; 353 u8 t_merge = 0x01; /* Enable merge by default */ 354 355 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n", 356 __func__, im_protocols, tm_protocols); 357 358 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 359 NFC_HCI_EVT_END_OPERATION, NULL, 0); 360 if (r < 0) 361 return r; 362 363 duration[0] = 0x18; 364 duration[1] = 0x6a; 365 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 366 PN544_PL_EMULATION, duration, 2); 367 if (r < 0) 368 return r; 369 370 activated = 0; 371 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 372 PN544_PL_NFCT_DEACTIVATED, &activated, 1); 373 if (r < 0) 374 return r; 375 376 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 377 NFC_PROTO_JEWEL_MASK)) 378 phases |= 1; /* Type A */ 379 if (im_protocols & NFC_PROTO_FELICA_MASK) { 380 phases |= (1 << 2); /* Type F 212 */ 381 phases |= (1 << 3); /* Type F 424 */ 382 } 383 384 phases |= (1 << 5); /* NFC active */ 385 386 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE, 387 PN544_PL_RDPHASES, &phases, 1); 388 if (r < 0) 389 return r; 390 391 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) { 392 hdev->gb = nfc_get_local_general_bytes(hdev->ndev, 393 &hdev->gb_len); 394 pr_debug("generate local bytes %p\n", hdev->gb); 395 if (hdev->gb == NULL || hdev->gb_len == 0) { 396 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 397 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK; 398 } 399 } 400 401 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 402 r = nfc_hci_send_event(hdev, 403 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 404 NFC_HCI_EVT_END_OPERATION, NULL, 0); 405 if (r < 0) 406 return r; 407 408 r = nfc_hci_set_param(hdev, 409 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 410 PN544_DEP_MODE, &i_mode, 1); 411 if (r < 0) 412 return r; 413 414 r = nfc_hci_set_param(hdev, 415 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 416 PN544_DEP_ATR_REQ, hdev->gb, hdev->gb_len); 417 if (r < 0) 418 return r; 419 420 r = nfc_hci_send_event(hdev, 421 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 422 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 423 if (r < 0) 424 nfc_hci_send_event(hdev, 425 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 426 NFC_HCI_EVT_END_OPERATION, NULL, 0); 427 } 428 429 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) { 430 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 431 PN544_DEP_MODE, &t_mode, 1); 432 if (r < 0) 433 return r; 434 435 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 436 PN544_DEP_ATR_RES, hdev->gb, hdev->gb_len); 437 if (r < 0) 438 return r; 439 440 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 441 PN544_DEP_MERGE, &t_merge, 1); 442 if (r < 0) 443 return r; 444 } 445 446 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 447 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 448 if (r < 0) 449 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 450 NFC_HCI_EVT_END_OPERATION, NULL, 0); 451 452 return r; 453 } 454 455 static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev, 456 struct nfc_target *target, u8 comm_mode, 457 u8 *gb, size_t gb_len) 458 { 459 struct sk_buff *rgb_skb = NULL; 460 int r; 461 462 r = nfc_hci_get_param(hdev, target->hci_reader_gate, 463 PN544_DEP_ATR_RES, &rgb_skb); 464 if (r < 0) 465 return r; 466 467 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) { 468 r = -EPROTO; 469 goto exit; 470 } 471 print_hex_dump(KERN_DEBUG, "remote gb: ", DUMP_PREFIX_OFFSET, 472 16, 1, rgb_skb->data, rgb_skb->len, true); 473 474 r = nfc_set_remote_general_bytes(hdev->ndev, rgb_skb->data, 475 rgb_skb->len); 476 477 if (r == 0) 478 r = nfc_dep_link_is_up(hdev->ndev, target->idx, comm_mode, 479 NFC_RF_INITIATOR); 480 exit: 481 kfree_skb(rgb_skb); 482 return r; 483 } 484 485 static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev) 486 { 487 488 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE, 489 NFC_HCI_EVT_END_OPERATION, NULL, 0); 490 } 491 492 static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate, 493 struct nfc_target *target) 494 { 495 switch (gate) { 496 case PN544_RF_READER_F_GATE: 497 target->supported_protocols = NFC_PROTO_FELICA_MASK; 498 break; 499 case PN544_RF_READER_JEWEL_GATE: 500 target->supported_protocols = NFC_PROTO_JEWEL_MASK; 501 target->sens_res = 0x0c00; 502 break; 503 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 504 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 505 break; 506 default: 507 return -EPROTO; 508 } 509 510 return 0; 511 } 512 513 static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev, 514 u8 gate, 515 struct nfc_target *target) 516 { 517 struct sk_buff *uid_skb; 518 int r = 0; 519 520 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) 521 return r; 522 523 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 524 r = nfc_hci_send_cmd(hdev, 525 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 526 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, 0, NULL); 527 if (r < 0) 528 return r; 529 530 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE; 531 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 532 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 533 target->nfcid1_len != 10) 534 return -EPROTO; 535 536 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 537 PN544_RF_READER_CMD_ACTIVATE_NEXT, 538 target->nfcid1, target->nfcid1_len, NULL); 539 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) { 540 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE, 541 PN544_FELICA_ID, &uid_skb); 542 if (r < 0) 543 return r; 544 545 if (uid_skb->len != 8) { 546 kfree_skb(uid_skb); 547 return -EPROTO; 548 } 549 550 /* Type F NFC-DEP IDm has prefix 0x01FE */ 551 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) { 552 kfree_skb(uid_skb); 553 r = nfc_hci_send_cmd(hdev, 554 PN544_RF_READER_NFCIP1_INITIATOR_GATE, 555 PN544_HCI_CMD_CONTINUE_ACTIVATION, 556 NULL, 0, NULL); 557 if (r < 0) 558 return r; 559 560 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK; 561 target->hci_reader_gate = 562 PN544_RF_READER_NFCIP1_INITIATOR_GATE; 563 } else { 564 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE, 565 PN544_RF_READER_CMD_ACTIVATE_NEXT, 566 uid_skb->data, uid_skb->len, NULL); 567 kfree_skb(uid_skb); 568 } 569 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) { 570 /* 571 * TODO: maybe other ISO 14443 require some kind of continue 572 * activation, but for now we've seen only this one below. 573 */ 574 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */ 575 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 576 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION, 577 NULL, 0, NULL); 578 } 579 580 return r; 581 } 582 583 #define PN544_CB_TYPE_READER_F 1 584 585 static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb, 586 int err) 587 { 588 struct pn544_hci_info *info = context; 589 590 switch (info->async_cb_type) { 591 case PN544_CB_TYPE_READER_F: 592 if (err == 0) 593 skb_pull(skb, 1); 594 info->async_cb(info->async_cb_context, skb, err); 595 break; 596 default: 597 if (err == 0) 598 kfree_skb(skb); 599 break; 600 } 601 } 602 603 #define MIFARE_CMD_AUTH_KEY_A 0x60 604 #define MIFARE_CMD_AUTH_KEY_B 0x61 605 #define MIFARE_CMD_HEADER 2 606 #define MIFARE_UID_LEN 4 607 #define MIFARE_KEY_LEN 6 608 #define MIFARE_CMD_LEN 12 609 /* 610 * Returns: 611 * <= 0: driver handled the data exchange 612 * 1: driver doesn't especially handle, please do standard processing 613 */ 614 static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev, 615 struct nfc_target *target, 616 struct sk_buff *skb, data_exchange_cb_t cb, 617 void *cb_context) 618 { 619 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 620 621 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__, 622 target->hci_reader_gate); 623 624 switch (target->hci_reader_gate) { 625 case NFC_HCI_RF_READER_A_GATE: 626 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 627 /* 628 * It seems that pn544 is inverting key and UID for 629 * MIFARE authentication commands. 630 */ 631 if (skb->len == MIFARE_CMD_LEN && 632 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A || 633 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) { 634 u8 uid[MIFARE_UID_LEN]; 635 u8 *data = skb->data + MIFARE_CMD_HEADER; 636 637 memcpy(uid, data + MIFARE_KEY_LEN, 638 MIFARE_UID_LEN); 639 memmove(data + MIFARE_UID_LEN, data, 640 MIFARE_KEY_LEN); 641 memcpy(data, uid, MIFARE_UID_LEN); 642 } 643 644 return nfc_hci_send_cmd_async(hdev, 645 target->hci_reader_gate, 646 PN544_MIFARE_CMD, 647 skb->data, skb->len, 648 cb, cb_context); 649 } else 650 return 1; 651 case PN544_RF_READER_F_GATE: 652 *skb_push(skb, 1) = 0; 653 *skb_push(skb, 1) = 0; 654 655 info->async_cb_type = PN544_CB_TYPE_READER_F; 656 info->async_cb = cb; 657 info->async_cb_context = cb_context; 658 659 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 660 PN544_FELICA_RAW, skb->data, 661 skb->len, 662 pn544_hci_data_exchange_cb, info); 663 case PN544_RF_READER_JEWEL_GATE: 664 return nfc_hci_send_cmd_async(hdev, target->hci_reader_gate, 665 PN544_JEWEL_RAW_CMD, skb->data, 666 skb->len, cb, cb_context); 667 case PN544_RF_READER_NFCIP1_INITIATOR_GATE: 668 *skb_push(skb, 1) = 0; 669 670 return nfc_hci_send_event(hdev, target->hci_reader_gate, 671 PN544_HCI_EVT_SND_DATA, skb->data, 672 skb->len); 673 default: 674 return 1; 675 } 676 } 677 678 static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb) 679 { 680 int r; 681 682 /* Set default false for multiple information chaining */ 683 *skb_push(skb, 1) = 0; 684 685 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE, 686 PN544_HCI_EVT_SND_DATA, skb->data, skb->len); 687 688 kfree_skb(skb); 689 690 return r; 691 } 692 693 static int pn544_hci_check_presence(struct nfc_hci_dev *hdev, 694 struct nfc_target *target) 695 { 696 pr_debug("supported protocol %d\b", target->supported_protocols); 697 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK | 698 NFC_PROTO_ISO14443_B_MASK)) { 699 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 700 PN544_RF_READER_CMD_PRESENCE_CHECK, 701 NULL, 0, NULL); 702 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) { 703 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 && 704 target->nfcid1_len != 10) 705 return -EOPNOTSUPP; 706 707 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE, 708 PN544_RF_READER_CMD_ACTIVATE_NEXT, 709 target->nfcid1, target->nfcid1_len, NULL); 710 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK | 711 NFC_PROTO_FELICA_MASK)) { 712 return -EOPNOTSUPP; 713 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) { 714 return nfc_hci_send_cmd(hdev, target->hci_reader_gate, 715 PN544_HCI_CMD_ATTREQUEST, 716 NULL, 0, NULL); 717 } 718 719 return 0; 720 } 721 722 /* 723 * Returns: 724 * <= 0: driver handled the event, skb consumed 725 * 1: driver does not handle the event, please do standard processing 726 */ 727 static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, 728 struct sk_buff *skb) 729 { 730 struct sk_buff *rgb_skb = NULL; 731 u8 gate = hdev->pipes[pipe].gate; 732 int r; 733 734 pr_debug("hci event %d\n", event); 735 switch (event) { 736 case PN544_HCI_EVT_ACTIVATED: 737 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) { 738 r = nfc_hci_target_discovered(hdev, gate); 739 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) { 740 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ, 741 &rgb_skb); 742 if (r < 0) 743 goto exit; 744 745 r = nfc_tm_activated(hdev->ndev, NFC_PROTO_NFC_DEP_MASK, 746 NFC_COMM_PASSIVE, rgb_skb->data, 747 rgb_skb->len); 748 749 kfree_skb(rgb_skb); 750 } else { 751 r = -EINVAL; 752 } 753 break; 754 case PN544_HCI_EVT_DEACTIVATED: 755 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION, 756 NULL, 0); 757 break; 758 case PN544_HCI_EVT_RCV_DATA: 759 if (skb->len < 2) { 760 r = -EPROTO; 761 goto exit; 762 } 763 764 if (skb->data[0] != 0) { 765 pr_debug("data0 %d\n", skb->data[0]); 766 r = -EPROTO; 767 goto exit; 768 } 769 770 skb_pull(skb, 2); 771 return nfc_tm_data_received(hdev->ndev, skb); 772 default: 773 return 1; 774 } 775 776 exit: 777 kfree_skb(skb); 778 779 return r; 780 } 781 782 static int pn544_hci_fw_download(struct nfc_hci_dev *hdev, 783 const char *firmware_name) 784 { 785 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 786 787 if (info->fw_download == NULL) 788 return -ENOTSUPP; 789 790 return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib); 791 } 792 793 static int pn544_hci_discover_se(struct nfc_hci_dev *hdev) 794 { 795 u32 se_idx = 0; 796 u8 ese_mode = 0x01; /* Default mode */ 797 struct sk_buff *res_skb; 798 int r; 799 800 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP, 801 NULL, 0, &res_skb); 802 803 if (r == 0) { 804 if (res_skb->len == 2 && res_skb->data[0] == 0x00) 805 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_UICC); 806 807 kfree_skb(res_skb); 808 } 809 810 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE, 811 PN544_HCI_EVT_SWITCH_MODE, 812 &ese_mode, 1); 813 if (r == 0) 814 nfc_add_se(hdev->ndev, se_idx++, NFC_SE_EMBEDDED); 815 816 return !se_idx; 817 } 818 819 #define PN544_SE_MODE_OFF 0x00 820 #define PN544_SE_MODE_ON 0x01 821 static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx) 822 { 823 struct nfc_se *se; 824 u8 enable = PN544_SE_MODE_ON; 825 static struct uicc_gatelist { 826 u8 head; 827 u8 adr[2]; 828 u8 value; 829 } uicc_gatelist[] = { 830 {0x00, {0x9e, 0xd9}, 0x23}, 831 {0x00, {0x9e, 0xda}, 0x21}, 832 {0x00, {0x9e, 0xdb}, 0x22}, 833 {0x00, {0x9e, 0xdc}, 0x24}, 834 }; 835 struct uicc_gatelist *p = uicc_gatelist; 836 int count = ARRAY_SIZE(uicc_gatelist); 837 struct sk_buff *res_skb; 838 int r; 839 840 se = nfc_find_se(hdev->ndev, se_idx); 841 842 switch (se->type) { 843 case NFC_SE_UICC: 844 while (count--) { 845 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, 846 PN544_WRITE, (u8 *)p, 4, &res_skb); 847 if (r < 0) 848 return r; 849 850 if (res_skb->len != 1) { 851 kfree_skb(res_skb); 852 return -EPROTO; 853 } 854 855 if (res_skb->data[0] != p->value) { 856 kfree_skb(res_skb); 857 return -EIO; 858 } 859 860 kfree_skb(res_skb); 861 862 p++; 863 } 864 865 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 866 PN544_SWP_DEFAULT_MODE, &enable, 1); 867 case NFC_SE_EMBEDDED: 868 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 869 PN544_NFC_ESE_DEFAULT_MODE, &enable, 1); 870 871 default: 872 return -EINVAL; 873 } 874 } 875 876 static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx) 877 { 878 struct nfc_se *se; 879 u8 disable = PN544_SE_MODE_OFF; 880 881 se = nfc_find_se(hdev->ndev, se_idx); 882 883 switch (se->type) { 884 case NFC_SE_UICC: 885 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE, 886 PN544_SWP_DEFAULT_MODE, &disable, 1); 887 case NFC_SE_EMBEDDED: 888 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE, 889 PN544_NFC_ESE_DEFAULT_MODE, &disable, 1); 890 default: 891 return -EINVAL; 892 } 893 } 894 895 static struct nfc_hci_ops pn544_hci_ops = { 896 .open = pn544_hci_open, 897 .close = pn544_hci_close, 898 .hci_ready = pn544_hci_ready, 899 .xmit = pn544_hci_xmit, 900 .start_poll = pn544_hci_start_poll, 901 .dep_link_up = pn544_hci_dep_link_up, 902 .dep_link_down = pn544_hci_dep_link_down, 903 .target_from_gate = pn544_hci_target_from_gate, 904 .complete_target_discovered = pn544_hci_complete_target_discovered, 905 .im_transceive = pn544_hci_im_transceive, 906 .tm_send = pn544_hci_tm_send, 907 .check_presence = pn544_hci_check_presence, 908 .event_received = pn544_hci_event_received, 909 .fw_download = pn544_hci_fw_download, 910 .discover_se = pn544_hci_discover_se, 911 .enable_se = pn544_hci_enable_se, 912 .disable_se = pn544_hci_disable_se, 913 }; 914 915 int pn544_hci_probe(void *phy_id, struct nfc_phy_ops *phy_ops, char *llc_name, 916 int phy_headroom, int phy_tailroom, int phy_payload, 917 fw_download_t fw_download, struct nfc_hci_dev **hdev) 918 { 919 struct pn544_hci_info *info; 920 u32 protocols; 921 struct nfc_hci_init_data init_data; 922 int r; 923 924 info = kzalloc(sizeof(struct pn544_hci_info), GFP_KERNEL); 925 if (!info) { 926 r = -ENOMEM; 927 goto err_info_alloc; 928 } 929 930 info->phy_ops = phy_ops; 931 info->phy_id = phy_id; 932 info->fw_download = fw_download; 933 info->state = PN544_ST_COLD; 934 mutex_init(&info->info_lock); 935 936 init_data.gate_count = ARRAY_SIZE(pn544_gates); 937 938 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates)); 939 940 /* 941 * TODO: Session id must include the driver name + some bus addr 942 * persistent info to discriminate 2 identical chips 943 */ 944 strcpy(init_data.session_id, "ID544HCI"); 945 946 protocols = NFC_PROTO_JEWEL_MASK | 947 NFC_PROTO_MIFARE_MASK | 948 NFC_PROTO_FELICA_MASK | 949 NFC_PROTO_ISO14443_MASK | 950 NFC_PROTO_ISO14443_B_MASK | 951 NFC_PROTO_NFC_DEP_MASK; 952 953 info->hdev = nfc_hci_allocate_device(&pn544_hci_ops, &init_data, 0, 954 protocols, llc_name, 955 phy_headroom + PN544_CMDS_HEADROOM, 956 phy_tailroom, phy_payload); 957 if (!info->hdev) { 958 pr_err("Cannot allocate nfc hdev\n"); 959 r = -ENOMEM; 960 goto err_alloc_hdev; 961 } 962 963 nfc_hci_set_clientdata(info->hdev, info); 964 965 r = nfc_hci_register_device(info->hdev); 966 if (r) 967 goto err_regdev; 968 969 *hdev = info->hdev; 970 971 return 0; 972 973 err_regdev: 974 nfc_hci_free_device(info->hdev); 975 976 err_alloc_hdev: 977 kfree(info); 978 979 err_info_alloc: 980 return r; 981 } 982 EXPORT_SYMBOL(pn544_hci_probe); 983 984 void pn544_hci_remove(struct nfc_hci_dev *hdev) 985 { 986 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev); 987 988 nfc_hci_unregister_device(hdev); 989 nfc_hci_free_device(hdev); 990 kfree(info); 991 } 992 EXPORT_SYMBOL(pn544_hci_remove); 993 994 MODULE_LICENSE("GPL"); 995 MODULE_DESCRIPTION(DRIVER_DESC); 996