1 /* 2 * Secure Element driver for STMicroelectronics NFC NCI chip 3 * 4 * Copyright (C) 2014-2015 STMicroelectronics SAS. All rights reserved. 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms and conditions of the GNU General Public License, 8 * version 2, as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 #include <linux/module.h> 20 #include <linux/nfc.h> 21 #include <linux/delay.h> 22 #include <net/nfc/nci.h> 23 #include <net/nfc/nci_core.h> 24 25 #include "st-nci.h" 26 27 struct st_nci_pipe_info { 28 u8 pipe_state; 29 u8 src_host_id; 30 u8 src_gate_id; 31 u8 dst_host_id; 32 u8 dst_gate_id; 33 } __packed; 34 35 /* Hosts */ 36 #define ST_NCI_HOST_CONTROLLER_ID 0x00 37 #define ST_NCI_TERMINAL_HOST_ID 0x01 38 #define ST_NCI_UICC_HOST_ID 0x02 39 #define ST_NCI_ESE_HOST_ID 0xc0 40 41 /* Gates */ 42 #define ST_NCI_APDU_READER_GATE 0xf0 43 #define ST_NCI_CONNECTIVITY_GATE 0x41 44 45 /* Pipes */ 46 #define ST_NCI_DEVICE_MGNT_PIPE 0x02 47 48 /* Connectivity pipe only */ 49 #define ST_NCI_SE_COUNT_PIPE_UICC 0x01 50 /* Connectivity + APDU Reader pipe */ 51 #define ST_NCI_SE_COUNT_PIPE_EMBEDDED 0x02 52 53 #define ST_NCI_SE_TO_HOT_PLUG 1000 /* msecs */ 54 #define ST_NCI_SE_TO_PIPES 2000 55 56 #define ST_NCI_EVT_HOT_PLUG_IS_INHIBITED(x) (x->data[0] & 0x80) 57 58 #define NCI_HCI_APDU_PARAM_ATR 0x01 59 #define NCI_HCI_ADMIN_PARAM_SESSION_IDENTITY 0x01 60 #define NCI_HCI_ADMIN_PARAM_WHITELIST 0x03 61 #define NCI_HCI_ADMIN_PARAM_HOST_LIST 0x04 62 63 #define ST_NCI_EVT_SE_HARD_RESET 0x20 64 #define ST_NCI_EVT_TRANSMIT_DATA 0x10 65 #define ST_NCI_EVT_WTX_REQUEST 0x11 66 #define ST_NCI_EVT_SE_SOFT_RESET 0x11 67 #define ST_NCI_EVT_SE_END_OF_APDU_TRANSFER 0x21 68 #define ST_NCI_EVT_HOT_PLUG 0x03 69 70 #define ST_NCI_SE_MODE_OFF 0x00 71 #define ST_NCI_SE_MODE_ON 0x01 72 73 #define ST_NCI_EVT_CONNECTIVITY 0x10 74 #define ST_NCI_EVT_TRANSACTION 0x12 75 76 #define ST_NCI_DM_GETINFO 0x13 77 #define ST_NCI_DM_GETINFO_PIPE_LIST 0x02 78 #define ST_NCI_DM_GETINFO_PIPE_INFO 0x01 79 #define ST_NCI_DM_PIPE_CREATED 0x02 80 #define ST_NCI_DM_PIPE_OPEN 0x04 81 #define ST_NCI_DM_RF_ACTIVE 0x80 82 #define ST_NCI_DM_DISCONNECT 0x30 83 84 #define ST_NCI_DM_IS_PIPE_OPEN(p) \ 85 ((p & 0x0f) == (ST_NCI_DM_PIPE_CREATED | ST_NCI_DM_PIPE_OPEN)) 86 87 #define ST_NCI_ATR_DEFAULT_BWI 0x04 88 89 /* 90 * WT = 2^BWI/10[s], convert into msecs and add a secure 91 * room by increasing by 2 this timeout 92 */ 93 #define ST_NCI_BWI_TO_TIMEOUT(x) ((1 << x) * 200) 94 #define ST_NCI_ATR_GET_Y_FROM_TD(x) (x >> 4) 95 96 /* If TA is present bit 0 is set */ 97 #define ST_NCI_ATR_TA_PRESENT(x) (x & 0x01) 98 /* If TB is present bit 1 is set */ 99 #define ST_NCI_ATR_TB_PRESENT(x) (x & 0x02) 100 101 #define ST_NCI_NUM_DEVICES 256 102 103 static DECLARE_BITMAP(dev_mask, ST_NCI_NUM_DEVICES); 104 105 /* Here are the mandatory pipe for st_nci */ 106 static struct nci_hci_gate st_nci_gates[] = { 107 {NCI_HCI_ADMIN_GATE, NCI_HCI_ADMIN_PIPE, 108 ST_NCI_HOST_CONTROLLER_ID}, 109 {NCI_HCI_LINK_MGMT_GATE, NCI_HCI_LINK_MGMT_PIPE, 110 ST_NCI_HOST_CONTROLLER_ID}, 111 {ST_NCI_DEVICE_MGNT_GATE, ST_NCI_DEVICE_MGNT_PIPE, 112 ST_NCI_HOST_CONTROLLER_ID}, 113 114 {NCI_HCI_IDENTITY_MGMT_GATE, NCI_HCI_INVALID_PIPE, 115 ST_NCI_HOST_CONTROLLER_ID}, 116 {NCI_HCI_LOOPBACK_GATE, NCI_HCI_INVALID_PIPE, 117 ST_NCI_HOST_CONTROLLER_ID}, 118 119 /* Secure element pipes are created by secure element host */ 120 {ST_NCI_CONNECTIVITY_GATE, NCI_HCI_DO_NOT_OPEN_PIPE, 121 ST_NCI_HOST_CONTROLLER_ID}, 122 {ST_NCI_APDU_READER_GATE, NCI_HCI_DO_NOT_OPEN_PIPE, 123 ST_NCI_HOST_CONTROLLER_ID}, 124 }; 125 126 static u8 st_nci_se_get_bwi(struct nci_dev *ndev) 127 { 128 int i; 129 u8 td; 130 struct st_nci_info *info = nci_get_drvdata(ndev); 131 132 /* Bits 8 to 5 of the first TB for T=1 encode BWI from zero to nine */ 133 for (i = 1; i < ST_NCI_ESE_MAX_LENGTH; i++) { 134 td = ST_NCI_ATR_GET_Y_FROM_TD(info->se_info.atr[i]); 135 if (ST_NCI_ATR_TA_PRESENT(td)) 136 i++; 137 if (ST_NCI_ATR_TB_PRESENT(td)) { 138 i++; 139 return info->se_info.atr[i] >> 4; 140 } 141 } 142 return ST_NCI_ATR_DEFAULT_BWI; 143 } 144 145 static void st_nci_se_get_atr(struct nci_dev *ndev) 146 { 147 struct st_nci_info *info = nci_get_drvdata(ndev); 148 int r; 149 struct sk_buff *skb; 150 151 r = nci_hci_get_param(ndev, ST_NCI_APDU_READER_GATE, 152 NCI_HCI_APDU_PARAM_ATR, &skb); 153 if (r < 0) 154 return; 155 156 if (skb->len <= ST_NCI_ESE_MAX_LENGTH) { 157 memcpy(info->se_info.atr, skb->data, skb->len); 158 159 info->se_info.wt_timeout = 160 ST_NCI_BWI_TO_TIMEOUT(st_nci_se_get_bwi(ndev)); 161 } 162 kfree_skb(skb); 163 } 164 165 int st_nci_hci_load_session(struct nci_dev *ndev) 166 { 167 int i, j, r; 168 struct sk_buff *skb_pipe_list, *skb_pipe_info; 169 struct st_nci_pipe_info *dm_pipe_info; 170 u8 pipe_list[] = { ST_NCI_DM_GETINFO_PIPE_LIST, 171 ST_NCI_TERMINAL_HOST_ID}; 172 u8 pipe_info[] = { ST_NCI_DM_GETINFO_PIPE_INFO, 173 ST_NCI_TERMINAL_HOST_ID, 0}; 174 175 /* On ST_NCI device pipes number are dynamics 176 * If pipes are already created, hci_dev_up will fail. 177 * Doing a clear all pipe is a bad idea because: 178 * - It does useless EEPROM cycling 179 * - It might cause issue for secure elements support 180 * (such as removing connectivity or APDU reader pipe) 181 * A better approach on ST_NCI is to: 182 * - get a pipe list for each host. 183 * (eg: ST_NCI_HOST_CONTROLLER_ID for now). 184 * (TODO Later on UICC HOST and eSE HOST) 185 * - get pipe information 186 * - match retrieved pipe list in st_nci_gates 187 * ST_NCI_DEVICE_MGNT_GATE is a proprietary gate 188 * with ST_NCI_DEVICE_MGNT_PIPE. 189 * Pipe can be closed and need to be open. 190 */ 191 r = nci_hci_connect_gate(ndev, ST_NCI_HOST_CONTROLLER_ID, 192 ST_NCI_DEVICE_MGNT_GATE, 193 ST_NCI_DEVICE_MGNT_PIPE); 194 if (r < 0) 195 return r; 196 197 /* Get pipe list */ 198 r = nci_hci_send_cmd(ndev, ST_NCI_DEVICE_MGNT_GATE, 199 ST_NCI_DM_GETINFO, pipe_list, sizeof(pipe_list), 200 &skb_pipe_list); 201 if (r < 0) 202 return r; 203 204 /* Complete the existing gate_pipe table */ 205 for (i = 0; i < skb_pipe_list->len; i++) { 206 pipe_info[2] = skb_pipe_list->data[i]; 207 r = nci_hci_send_cmd(ndev, ST_NCI_DEVICE_MGNT_GATE, 208 ST_NCI_DM_GETINFO, pipe_info, 209 sizeof(pipe_info), &skb_pipe_info); 210 211 if (r) 212 continue; 213 214 /* 215 * Match pipe ID and gate ID 216 * Output format from ST21NFC_DM_GETINFO is: 217 * - pipe state (1byte) 218 * - source hid (1byte) 219 * - source gid (1byte) 220 * - destination hid (1byte) 221 * - destination gid (1byte) 222 */ 223 dm_pipe_info = (struct st_nci_pipe_info *)skb_pipe_info->data; 224 if (dm_pipe_info->dst_gate_id == ST_NCI_APDU_READER_GATE && 225 dm_pipe_info->src_host_id != ST_NCI_ESE_HOST_ID) { 226 pr_err("Unexpected apdu_reader pipe on host %x\n", 227 dm_pipe_info->src_host_id); 228 kfree_skb(skb_pipe_info); 229 continue; 230 } 231 232 for (j = 3; (j < ARRAY_SIZE(st_nci_gates)) && 233 (st_nci_gates[j].gate != dm_pipe_info->dst_gate_id); j++) 234 ; 235 236 if (j < ARRAY_SIZE(st_nci_gates) && 237 st_nci_gates[j].gate == dm_pipe_info->dst_gate_id && 238 ST_NCI_DM_IS_PIPE_OPEN(dm_pipe_info->pipe_state)) { 239 ndev->hci_dev->init_data.gates[j].pipe = pipe_info[2]; 240 241 ndev->hci_dev->gate2pipe[st_nci_gates[j].gate] = 242 pipe_info[2]; 243 ndev->hci_dev->pipes[pipe_info[2]].gate = 244 st_nci_gates[j].gate; 245 ndev->hci_dev->pipes[pipe_info[2]].host = 246 dm_pipe_info->src_host_id; 247 } 248 kfree_skb(skb_pipe_info); 249 } 250 251 /* 252 * 3 gates have a well known pipe ID. Only NCI_HCI_LINK_MGMT_GATE 253 * is not yet open at this stage. 254 */ 255 r = nci_hci_connect_gate(ndev, ST_NCI_HOST_CONTROLLER_ID, 256 NCI_HCI_LINK_MGMT_GATE, 257 NCI_HCI_LINK_MGMT_PIPE); 258 259 kfree_skb(skb_pipe_list); 260 return r; 261 } 262 EXPORT_SYMBOL_GPL(st_nci_hci_load_session); 263 264 static void st_nci_hci_admin_event_received(struct nci_dev *ndev, 265 u8 event, struct sk_buff *skb) 266 { 267 struct st_nci_info *info = nci_get_drvdata(ndev); 268 269 switch (event) { 270 case ST_NCI_EVT_HOT_PLUG: 271 if (info->se_info.se_active) { 272 if (!ST_NCI_EVT_HOT_PLUG_IS_INHIBITED(skb)) { 273 del_timer_sync(&info->se_info.se_active_timer); 274 info->se_info.se_active = false; 275 complete(&info->se_info.req_completion); 276 } else { 277 mod_timer(&info->se_info.se_active_timer, 278 jiffies + 279 msecs_to_jiffies(ST_NCI_SE_TO_PIPES)); 280 } 281 } 282 break; 283 default: 284 nfc_err(&ndev->nfc_dev->dev, "Unexpected event on admin gate\n"); 285 } 286 } 287 288 static int st_nci_hci_apdu_reader_event_received(struct nci_dev *ndev, 289 u8 event, 290 struct sk_buff *skb) 291 { 292 int r = 0; 293 struct st_nci_info *info = nci_get_drvdata(ndev); 294 295 pr_debug("apdu reader gate event: %x\n", event); 296 297 switch (event) { 298 case ST_NCI_EVT_TRANSMIT_DATA: 299 del_timer_sync(&info->se_info.bwi_timer); 300 info->se_info.bwi_active = false; 301 info->se_info.cb(info->se_info.cb_context, 302 skb->data, skb->len, 0); 303 break; 304 case ST_NCI_EVT_WTX_REQUEST: 305 mod_timer(&info->se_info.bwi_timer, jiffies + 306 msecs_to_jiffies(info->se_info.wt_timeout)); 307 break; 308 default: 309 nfc_err(&ndev->nfc_dev->dev, "Unexpected event on apdu reader gate\n"); 310 return 1; 311 } 312 313 kfree_skb(skb); 314 return r; 315 } 316 317 /* 318 * Returns: 319 * <= 0: driver handled the event, skb consumed 320 * 1: driver does not handle the event, please do standard processing 321 */ 322 static int st_nci_hci_connectivity_event_received(struct nci_dev *ndev, 323 u8 host, u8 event, 324 struct sk_buff *skb) 325 { 326 int r = 0; 327 struct device *dev = &ndev->nfc_dev->dev; 328 struct nfc_evt_transaction *transaction; 329 330 pr_debug("connectivity gate event: %x\n", event); 331 332 switch (event) { 333 case ST_NCI_EVT_CONNECTIVITY: 334 335 break; 336 case ST_NCI_EVT_TRANSACTION: 337 /* According to specification etsi 102 622 338 * 11.2.2.4 EVT_TRANSACTION Table 52 339 * Description Tag Length 340 * AID 81 5 to 16 341 * PARAMETERS 82 0 to 255 342 */ 343 if (skb->len < NFC_MIN_AID_LENGTH + 2 && 344 skb->data[0] != NFC_EVT_TRANSACTION_AID_TAG) 345 return -EPROTO; 346 347 transaction = (struct nfc_evt_transaction *)devm_kzalloc(dev, 348 skb->len - 2, GFP_KERNEL); 349 350 transaction->aid_len = skb->data[1]; 351 memcpy(transaction->aid, &skb->data[2], transaction->aid_len); 352 353 /* Check next byte is PARAMETERS tag (82) */ 354 if (skb->data[transaction->aid_len + 2] != 355 NFC_EVT_TRANSACTION_PARAMS_TAG) 356 return -EPROTO; 357 358 transaction->params_len = skb->data[transaction->aid_len + 3]; 359 memcpy(transaction->params, skb->data + 360 transaction->aid_len + 4, transaction->params_len); 361 362 r = nfc_se_transaction(ndev->nfc_dev, host, transaction); 363 break; 364 default: 365 nfc_err(&ndev->nfc_dev->dev, "Unexpected event on connectivity gate\n"); 366 return 1; 367 } 368 kfree_skb(skb); 369 return r; 370 } 371 372 void st_nci_hci_event_received(struct nci_dev *ndev, u8 pipe, 373 u8 event, struct sk_buff *skb) 374 { 375 u8 gate = ndev->hci_dev->pipes[pipe].gate; 376 u8 host = ndev->hci_dev->pipes[pipe].host; 377 378 switch (gate) { 379 case NCI_HCI_ADMIN_GATE: 380 st_nci_hci_admin_event_received(ndev, event, skb); 381 break; 382 case ST_NCI_APDU_READER_GATE: 383 st_nci_hci_apdu_reader_event_received(ndev, event, skb); 384 break; 385 case ST_NCI_CONNECTIVITY_GATE: 386 st_nci_hci_connectivity_event_received(ndev, host, event, skb); 387 break; 388 case NCI_HCI_LOOPBACK_GATE: 389 st_nci_hci_loopback_event_received(ndev, event, skb); 390 break; 391 } 392 } 393 EXPORT_SYMBOL_GPL(st_nci_hci_event_received); 394 395 396 void st_nci_hci_cmd_received(struct nci_dev *ndev, u8 pipe, u8 cmd, 397 struct sk_buff *skb) 398 { 399 struct st_nci_info *info = nci_get_drvdata(ndev); 400 u8 gate = ndev->hci_dev->pipes[pipe].gate; 401 402 pr_debug("cmd: %x\n", cmd); 403 404 switch (cmd) { 405 case NCI_HCI_ANY_OPEN_PIPE: 406 if (gate != ST_NCI_APDU_READER_GATE && 407 ndev->hci_dev->pipes[pipe].host != ST_NCI_UICC_HOST_ID) 408 ndev->hci_dev->count_pipes++; 409 410 if (ndev->hci_dev->count_pipes == 411 ndev->hci_dev->expected_pipes) { 412 del_timer_sync(&info->se_info.se_active_timer); 413 info->se_info.se_active = false; 414 ndev->hci_dev->count_pipes = 0; 415 complete(&info->se_info.req_completion); 416 } 417 break; 418 } 419 } 420 EXPORT_SYMBOL_GPL(st_nci_hci_cmd_received); 421 422 static int st_nci_control_se(struct nci_dev *ndev, u8 se_idx, 423 u8 state) 424 { 425 struct st_nci_info *info = nci_get_drvdata(ndev); 426 int r, i; 427 struct sk_buff *sk_host_list; 428 u8 host_id; 429 430 switch (se_idx) { 431 case ST_NCI_UICC_HOST_ID: 432 ndev->hci_dev->count_pipes = 0; 433 ndev->hci_dev->expected_pipes = ST_NCI_SE_COUNT_PIPE_UICC; 434 break; 435 case ST_NCI_ESE_HOST_ID: 436 ndev->hci_dev->count_pipes = 0; 437 ndev->hci_dev->expected_pipes = ST_NCI_SE_COUNT_PIPE_EMBEDDED; 438 break; 439 default: 440 return -EINVAL; 441 } 442 443 /* 444 * Wait for an EVT_HOT_PLUG in order to 445 * retrieve a relevant host list. 446 */ 447 reinit_completion(&info->se_info.req_completion); 448 r = nci_nfcee_mode_set(ndev, se_idx, state); 449 if (r != NCI_STATUS_OK) 450 return r; 451 452 mod_timer(&info->se_info.se_active_timer, jiffies + 453 msecs_to_jiffies(ST_NCI_SE_TO_HOT_PLUG)); 454 info->se_info.se_active = true; 455 456 /* Ignore return value and check in any case the host_list */ 457 wait_for_completion_interruptible(&info->se_info.req_completion); 458 459 /* There might be some "collision" after receiving a HOT_PLUG event 460 * This may cause the CLF to not answer to the next hci command. 461 * There is no possible synchronization to prevent this. 462 * Adding a small delay is the only way to solve the issue. 463 */ 464 if (info->se_info.se_status->is_ese_present && 465 info->se_info.se_status->is_uicc_present) 466 usleep_range(15000, 20000); 467 468 r = nci_hci_get_param(ndev, NCI_HCI_ADMIN_GATE, 469 NCI_HCI_ADMIN_PARAM_HOST_LIST, &sk_host_list); 470 if (r != NCI_HCI_ANY_OK) 471 return r; 472 473 for (i = 0; i < sk_host_list->len && 474 sk_host_list->data[i] != se_idx; i++) 475 ; 476 host_id = sk_host_list->data[i]; 477 kfree_skb(sk_host_list); 478 if (state == ST_NCI_SE_MODE_ON && host_id == se_idx) 479 return se_idx; 480 else if (state == ST_NCI_SE_MODE_OFF && host_id != se_idx) 481 return se_idx; 482 483 return -1; 484 } 485 486 int st_nci_disable_se(struct nci_dev *ndev, u32 se_idx) 487 { 488 int r; 489 490 pr_debug("st_nci_disable_se\n"); 491 492 /* 493 * According to upper layer, se_idx == NFC_SE_UICC when 494 * info->se_info.se_status->is_uicc_enable is true should never happen 495 * Same for eSE. 496 */ 497 r = st_nci_control_se(ndev, se_idx, ST_NCI_SE_MODE_OFF); 498 if (r < 0) { 499 /* Do best effort to release SWP */ 500 if (se_idx == NFC_SE_EMBEDDED) { 501 r = nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, 502 ST_NCI_EVT_SE_END_OF_APDU_TRANSFER, 503 NULL, 0); 504 } 505 return r; 506 } 507 508 return 0; 509 } 510 EXPORT_SYMBOL_GPL(st_nci_disable_se); 511 512 int st_nci_enable_se(struct nci_dev *ndev, u32 se_idx) 513 { 514 int r; 515 516 pr_debug("st_nci_enable_se\n"); 517 518 /* 519 * According to upper layer, se_idx == NFC_SE_UICC when 520 * info->se_info.se_status->is_uicc_enable is true should never happen. 521 * Same for eSE. 522 */ 523 r = st_nci_control_se(ndev, se_idx, ST_NCI_SE_MODE_ON); 524 if (r == ST_NCI_HCI_HOST_ID_ESE) { 525 st_nci_se_get_atr(ndev); 526 r = nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, 527 ST_NCI_EVT_SE_SOFT_RESET, NULL, 0); 528 } 529 530 if (r < 0) { 531 /* 532 * The activation procedure failed, the secure element 533 * is not connected. Remove from the list. 534 */ 535 nfc_remove_se(ndev->nfc_dev, se_idx); 536 return r; 537 } 538 539 return 0; 540 } 541 EXPORT_SYMBOL_GPL(st_nci_enable_se); 542 543 static int st_nci_hci_network_init(struct nci_dev *ndev) 544 { 545 struct st_nci_info *info = nci_get_drvdata(ndev); 546 struct core_conn_create_dest_spec_params *dest_params; 547 struct dest_spec_params spec_params; 548 struct nci_conn_info *conn_info; 549 int r, dev_num; 550 551 dest_params = 552 kzalloc(sizeof(struct core_conn_create_dest_spec_params) + 553 sizeof(struct dest_spec_params), GFP_KERNEL); 554 if (dest_params == NULL) { 555 r = -ENOMEM; 556 goto exit; 557 } 558 559 dest_params->type = NCI_DESTINATION_SPECIFIC_PARAM_NFCEE_TYPE; 560 dest_params->length = sizeof(struct dest_spec_params); 561 spec_params.id = ndev->hci_dev->nfcee_id; 562 spec_params.protocol = NCI_NFCEE_INTERFACE_HCI_ACCESS; 563 memcpy(dest_params->value, &spec_params, 564 sizeof(struct dest_spec_params)); 565 r = nci_core_conn_create(ndev, NCI_DESTINATION_NFCEE, 1, 566 sizeof(struct core_conn_create_dest_spec_params) + 567 sizeof(struct dest_spec_params), 568 dest_params); 569 if (r != NCI_STATUS_OK) 570 goto free_dest_params; 571 572 conn_info = ndev->hci_dev->conn_info; 573 if (!conn_info) 574 goto free_dest_params; 575 576 ndev->hci_dev->init_data.gate_count = ARRAY_SIZE(st_nci_gates); 577 memcpy(ndev->hci_dev->init_data.gates, st_nci_gates, 578 sizeof(st_nci_gates)); 579 580 /* 581 * Session id must include the driver name + i2c bus addr 582 * persistent info to discriminate 2 identical chips 583 */ 584 dev_num = find_first_zero_bit(dev_mask, ST_NCI_NUM_DEVICES); 585 if (dev_num >= ST_NCI_NUM_DEVICES) { 586 r = -ENODEV; 587 goto free_dest_params; 588 } 589 590 scnprintf(ndev->hci_dev->init_data.session_id, 591 sizeof(ndev->hci_dev->init_data.session_id), 592 "%s%2x", "ST21BH", dev_num); 593 594 r = nci_hci_dev_session_init(ndev); 595 if (r != NCI_HCI_ANY_OK) 596 goto free_dest_params; 597 598 /* 599 * In factory mode, we prevent secure elements activation 600 * by disabling nfcee on the current HCI connection id. 601 * HCI will be used here only for proprietary commands. 602 */ 603 if (test_bit(ST_NCI_FACTORY_MODE, &info->flags)) 604 r = nci_nfcee_mode_set(ndev, ndev->hci_dev->conn_info->id, 605 NCI_NFCEE_DISABLE); 606 else 607 r = nci_nfcee_mode_set(ndev, ndev->hci_dev->conn_info->id, 608 NCI_NFCEE_ENABLE); 609 610 free_dest_params: 611 kfree(dest_params); 612 613 exit: 614 return r; 615 } 616 617 int st_nci_discover_se(struct nci_dev *ndev) 618 { 619 u8 white_list[2]; 620 int r, wl_size = 0; 621 int se_count = 0; 622 struct st_nci_info *info = nci_get_drvdata(ndev); 623 624 pr_debug("st_nci_discover_se\n"); 625 626 r = st_nci_hci_network_init(ndev); 627 if (r != 0) 628 return r; 629 630 if (test_bit(ST_NCI_FACTORY_MODE, &info->flags)) 631 return 0; 632 633 if (info->se_info.se_status->is_ese_present && 634 info->se_info.se_status->is_uicc_present) { 635 white_list[wl_size++] = ST_NCI_UICC_HOST_ID; 636 white_list[wl_size++] = ST_NCI_ESE_HOST_ID; 637 } else if (!info->se_info.se_status->is_ese_present && 638 info->se_info.se_status->is_uicc_present) { 639 white_list[wl_size++] = ST_NCI_UICC_HOST_ID; 640 } else if (info->se_info.se_status->is_ese_present && 641 !info->se_info.se_status->is_uicc_present) { 642 white_list[wl_size++] = ST_NCI_ESE_HOST_ID; 643 } 644 645 if (wl_size) { 646 r = nci_hci_set_param(ndev, NCI_HCI_ADMIN_GATE, 647 NCI_HCI_ADMIN_PARAM_WHITELIST, 648 white_list, wl_size); 649 if (r != NCI_HCI_ANY_OK) 650 return r; 651 } 652 653 if (info->se_info.se_status->is_uicc_present) { 654 nfc_add_se(ndev->nfc_dev, ST_NCI_UICC_HOST_ID, NFC_SE_UICC); 655 se_count++; 656 } 657 658 if (info->se_info.se_status->is_ese_present) { 659 nfc_add_se(ndev->nfc_dev, ST_NCI_ESE_HOST_ID, NFC_SE_EMBEDDED); 660 se_count++; 661 } 662 663 return !se_count; 664 } 665 EXPORT_SYMBOL_GPL(st_nci_discover_se); 666 667 int st_nci_se_io(struct nci_dev *ndev, u32 se_idx, 668 u8 *apdu, size_t apdu_length, 669 se_io_cb_t cb, void *cb_context) 670 { 671 struct st_nci_info *info = nci_get_drvdata(ndev); 672 673 pr_debug("\n"); 674 675 switch (se_idx) { 676 case ST_NCI_HCI_HOST_ID_ESE: 677 info->se_info.cb = cb; 678 info->se_info.cb_context = cb_context; 679 mod_timer(&info->se_info.bwi_timer, jiffies + 680 msecs_to_jiffies(info->se_info.wt_timeout)); 681 info->se_info.bwi_active = true; 682 return nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, 683 ST_NCI_EVT_TRANSMIT_DATA, apdu, 684 apdu_length); 685 default: 686 return -ENODEV; 687 } 688 } 689 EXPORT_SYMBOL(st_nci_se_io); 690 691 static void st_nci_se_wt_timeout(unsigned long data) 692 { 693 /* 694 * No answer from the secure element 695 * within the defined timeout. 696 * Let's send a reset request as recovery procedure. 697 * According to the situation, we first try to send a software reset 698 * to the secure element. If the next command is still not 699 * answering in time, we send to the CLF a secure element hardware 700 * reset request. 701 */ 702 /* hardware reset managed through VCC_UICC_OUT power supply */ 703 u8 param = 0x01; 704 struct st_nci_info *info = (struct st_nci_info *) data; 705 706 pr_debug("\n"); 707 708 info->se_info.bwi_active = false; 709 710 if (!info->se_info.xch_error) { 711 info->se_info.xch_error = true; 712 nci_hci_send_event(info->ndlc->ndev, ST_NCI_APDU_READER_GATE, 713 ST_NCI_EVT_SE_SOFT_RESET, NULL, 0); 714 } else { 715 info->se_info.xch_error = false; 716 nci_hci_send_event(info->ndlc->ndev, ST_NCI_DEVICE_MGNT_GATE, 717 ST_NCI_EVT_SE_HARD_RESET, ¶m, 1); 718 } 719 info->se_info.cb(info->se_info.cb_context, NULL, 0, -ETIME); 720 } 721 722 static void st_nci_se_activation_timeout(unsigned long data) 723 { 724 struct st_nci_info *info = (struct st_nci_info *) data; 725 726 pr_debug("\n"); 727 728 info->se_info.se_active = false; 729 730 complete(&info->se_info.req_completion); 731 } 732 733 int st_nci_se_init(struct nci_dev *ndev, struct st_nci_se_status *se_status) 734 { 735 struct st_nci_info *info = nci_get_drvdata(ndev); 736 737 init_completion(&info->se_info.req_completion); 738 /* initialize timers */ 739 init_timer(&info->se_info.bwi_timer); 740 info->se_info.bwi_timer.data = (unsigned long)info; 741 info->se_info.bwi_timer.function = st_nci_se_wt_timeout; 742 info->se_info.bwi_active = false; 743 744 init_timer(&info->se_info.se_active_timer); 745 info->se_info.se_active_timer.data = (unsigned long)info; 746 info->se_info.se_active_timer.function = 747 st_nci_se_activation_timeout; 748 info->se_info.se_active = false; 749 750 info->se_info.xch_error = false; 751 752 info->se_info.wt_timeout = 753 ST_NCI_BWI_TO_TIMEOUT(ST_NCI_ATR_DEFAULT_BWI); 754 755 info->se_info.se_status = se_status; 756 757 return 0; 758 } 759 EXPORT_SYMBOL(st_nci_se_init); 760 761 void st_nci_se_deinit(struct nci_dev *ndev) 762 { 763 struct st_nci_info *info = nci_get_drvdata(ndev); 764 765 if (info->se_info.bwi_active) 766 del_timer_sync(&info->se_info.bwi_timer); 767 if (info->se_info.se_active) 768 del_timer_sync(&info->se_info.se_active_timer); 769 770 info->se_info.se_active = false; 771 info->se_info.bwi_active = false; 772 } 773 EXPORT_SYMBOL(st_nci_se_deinit); 774 775