1/* 2 * NFC Digital Protocol stack 3 * Copyright (c) 2013, Intel Corporation. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms and conditions of the GNU General Public License, 7 * version 2, as published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 12 * more details. 13 * 14 */ 15 16#define pr_fmt(fmt) "digital: %s: " fmt, __func__ 17 18#include "digital.h" 19 20#define DIGITAL_CMD_SENS_REQ 0x26 21#define DIGITAL_CMD_ALL_REQ 0x52 22#define DIGITAL_CMD_SEL_REQ_CL1 0x93 23#define DIGITAL_CMD_SEL_REQ_CL2 0x95 24#define DIGITAL_CMD_SEL_REQ_CL3 0x97 25 26#define DIGITAL_SDD_REQ_SEL_PAR 0x20 27 28#define DIGITAL_SDD_RES_CT 0x88 29#define DIGITAL_SDD_RES_LEN 5 30 31#define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04)) 32#define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60)) 33#define DIGITAL_SEL_RES_IS_T4T(sel_res) ((sel_res) & 0x20) 34#define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40) 35 36#define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x0C00) == 0x0C00) 37#define DIGITAL_SENS_RES_IS_VALID(sens_res) \ 38 ((!((sens_res) & 0x001F) && (((sens_res) & 0x0C00) == 0x0C00)) || \ 39 (((sens_res) & 0x001F) && ((sens_res) & 0x0C00) != 0x0C00)) 40 41#define DIGITAL_MIFARE_READ_RES_LEN 16 42#define DIGITAL_MIFARE_ACK_RES 0x0A 43 44#define DIGITAL_CMD_SENSB_REQ 0x05 45#define DIGITAL_SENSB_ADVANCED BIT(5) 46#define DIGITAL_SENSB_EXTENDED BIT(4) 47#define DIGITAL_SENSB_ALLB_REQ BIT(3) 48#define DIGITAL_SENSB_N(n) ((n) & 0x7) 49 50#define DIGITAL_CMD_SENSB_RES 0x50 51 52#define DIGITAL_CMD_ATTRIB_REQ 0x1D 53#define DIGITAL_ATTRIB_P1_TR0_DEFAULT (0x0 << 6) 54#define DIGITAL_ATTRIB_P1_TR1_DEFAULT (0x0 << 4) 55#define DIGITAL_ATTRIB_P1_SUPRESS_EOS BIT(3) 56#define DIGITAL_ATTRIB_P1_SUPRESS_SOS BIT(2) 57#define DIGITAL_ATTRIB_P2_LISTEN_POLL_1 (0x0 << 6) 58#define DIGITAL_ATTRIB_P2_POLL_LISTEN_1 (0x0 << 4) 59#define DIGITAL_ATTRIB_P2_MAX_FRAME_256 0x8 60#define DIGITAL_ATTRIB_P4_DID(n) ((n) & 0xf) 61 62#define DIGITAL_CMD_SENSF_REQ 0x00 63#define DIGITAL_CMD_SENSF_RES 0x01 64 65#define DIGITAL_SENSF_RES_MIN_LENGTH 17 66#define DIGITAL_SENSF_RES_RD_AP_B1 0x00 67#define DIGITAL_SENSF_RES_RD_AP_B2 0x8F 68 69#define DIGITAL_SENSF_REQ_RC_NONE 0 70#define DIGITAL_SENSF_REQ_RC_SC 1 71#define DIGITAL_SENSF_REQ_RC_AP 2 72 73#define DIGITAL_CMD_ISO15693_INVENTORY_REQ 0x01 74 75#define DIGITAL_ISO15693_REQ_FLAG_DATA_RATE BIT(1) 76#define DIGITAL_ISO15693_REQ_FLAG_INVENTORY BIT(2) 77#define DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS BIT(5) 78#define DIGITAL_ISO15693_RES_FLAG_ERROR BIT(0) 79#define DIGITAL_ISO15693_RES_IS_VALID(flags) \ 80 (!((flags) & DIGITAL_ISO15693_RES_FLAG_ERROR)) 81 82#define DIGITAL_ISO_DEP_I_PCB 0x02 83#define DIGITAL_ISO_DEP_PNI(pni) ((pni) & 0x01) 84 85#define DIGITAL_ISO_DEP_PCB_TYPE(pcb) ((pcb) & 0xC0) 86 87#define DIGITAL_ISO_DEP_I_BLOCK 0x00 88 89#define DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb) ((pcb) & 0x08) 90 91static const u8 digital_ats_fsc[] = { 92 16, 24, 32, 40, 48, 64, 96, 128, 93}; 94 95#define DIGITAL_ATS_FSCI(t0) ((t0) & 0x0F) 96#define DIGITAL_SENSB_FSCI(pi2) (((pi2) & 0xF0) >> 4) 97#define DIGITAL_ATS_MAX_FSC 256 98 99#define DIGITAL_RATS_BYTE1 0xE0 100#define DIGITAL_RATS_PARAM 0x80 101 102struct digital_sdd_res { 103 u8 nfcid1[4]; 104 u8 bcc; 105} __packed; 106 107struct digital_sel_req { 108 u8 sel_cmd; 109 u8 b2; 110 u8 nfcid1[4]; 111 u8 bcc; 112} __packed; 113 114struct digital_sensb_req { 115 u8 cmd; 116 u8 afi; 117 u8 param; 118} __packed; 119 120struct digital_sensb_res { 121 u8 cmd; 122 u8 nfcid0[4]; 123 u8 app_data[4]; 124 u8 proto_info[3]; 125} __packed; 126 127struct digital_attrib_req { 128 u8 cmd; 129 u8 nfcid0[4]; 130 u8 param1; 131 u8 param2; 132 u8 param3; 133 u8 param4; 134} __packed; 135 136struct digital_attrib_res { 137 u8 mbli_did; 138} __packed; 139 140struct digital_sensf_req { 141 u8 cmd; 142 u8 sc1; 143 u8 sc2; 144 u8 rc; 145 u8 tsn; 146} __packed; 147 148struct digital_sensf_res { 149 u8 cmd; 150 u8 nfcid2[8]; 151 u8 pad0[2]; 152 u8 pad1[3]; 153 u8 mrti_check; 154 u8 mrti_update; 155 u8 pad2; 156 u8 rd[2]; 157} __packed; 158 159struct digital_iso15693_inv_req { 160 u8 flags; 161 u8 cmd; 162 u8 mask_len; 163 u64 mask; 164} __packed; 165 166struct digital_iso15693_inv_res { 167 u8 flags; 168 u8 dsfid; 169 u64 uid; 170} __packed; 171 172static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev, 173 struct nfc_target *target); 174 175int digital_in_iso_dep_pull_sod(struct nfc_digital_dev *ddev, 176 struct sk_buff *skb) 177{ 178 u8 pcb; 179 u8 block_type; 180 181 if (skb->len < 1) 182 return -EIO; 183 184 pcb = *skb->data; 185 block_type = DIGITAL_ISO_DEP_PCB_TYPE(pcb); 186 187 /* No support fo R-block nor S-block */ 188 if (block_type != DIGITAL_ISO_DEP_I_BLOCK) { 189 pr_err("ISO_DEP R-block and S-block not supported\n"); 190 return -EIO; 191 } 192 193 if (DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb)) { 194 pr_err("DID field in ISO_DEP PCB not supported\n"); 195 return -EIO; 196 } 197 198 skb_pull(skb, 1); 199 200 return 0; 201} 202 203int digital_in_iso_dep_push_sod(struct nfc_digital_dev *ddev, 204 struct sk_buff *skb) 205{ 206 /* 207 * Chaining not supported so skb->len + 1 PCB byte + 2 CRC bytes must 208 * not be greater than remote FSC 209 */ 210 if (skb->len + 3 > ddev->target_fsc) 211 return -EIO; 212 213 skb_push(skb, 1); 214 215 *skb->data = DIGITAL_ISO_DEP_I_PCB | ddev->curr_nfc_dep_pni; 216 217 ddev->curr_nfc_dep_pni = 218 DIGITAL_ISO_DEP_PNI(ddev->curr_nfc_dep_pni + 1); 219 220 return 0; 221} 222 223static void digital_in_recv_ats(struct nfc_digital_dev *ddev, void *arg, 224 struct sk_buff *resp) 225{ 226 struct nfc_target *target = arg; 227 u8 fsdi; 228 int rc; 229 230 if (IS_ERR(resp)) { 231 rc = PTR_ERR(resp); 232 resp = NULL; 233 goto exit; 234 } 235 236 if (resp->len < 2) { 237 rc = -EIO; 238 goto exit; 239 } 240 241 fsdi = DIGITAL_ATS_FSCI(resp->data[1]); 242 if (fsdi >= 8) 243 ddev->target_fsc = DIGITAL_ATS_MAX_FSC; 244 else 245 ddev->target_fsc = digital_ats_fsc[fsdi]; 246 247 ddev->curr_nfc_dep_pni = 0; 248 249 rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443); 250 251exit: 252 dev_kfree_skb(resp); 253 kfree(target); 254 255 if (rc) 256 digital_poll_next_tech(ddev); 257} 258 259static int digital_in_send_rats(struct nfc_digital_dev *ddev, 260 struct nfc_target *target) 261{ 262 int rc; 263 struct sk_buff *skb; 264 265 skb = digital_skb_alloc(ddev, 2); 266 if (!skb) 267 return -ENOMEM; 268 269 *skb_put(skb, 1) = DIGITAL_RATS_BYTE1; 270 *skb_put(skb, 1) = DIGITAL_RATS_PARAM; 271 272 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_ats, 273 target); 274 if (rc) 275 kfree_skb(skb); 276 277 return rc; 278} 279 280static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg, 281 struct sk_buff *resp) 282{ 283 struct nfc_target *target = arg; 284 int rc; 285 u8 sel_res; 286 u8 nfc_proto; 287 288 if (IS_ERR(resp)) { 289 rc = PTR_ERR(resp); 290 resp = NULL; 291 goto exit; 292 } 293 294 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 295 rc = digital_skb_check_crc_a(resp); 296 if (rc) { 297 PROTOCOL_ERR("4.4.1.3"); 298 goto exit; 299 } 300 } 301 302 if (!resp->len) { 303 rc = -EIO; 304 goto exit; 305 } 306 307 sel_res = resp->data[0]; 308 309 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) { 310 rc = digital_in_send_sdd_req(ddev, target); 311 if (rc) 312 goto exit; 313 314 goto exit_free_skb; 315 } 316 317 target->sel_res = sel_res; 318 319 if (DIGITAL_SEL_RES_IS_T2T(sel_res)) { 320 nfc_proto = NFC_PROTO_MIFARE; 321 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) { 322 nfc_proto = NFC_PROTO_NFC_DEP; 323 } else if (DIGITAL_SEL_RES_IS_T4T(sel_res)) { 324 rc = digital_in_send_rats(ddev, target); 325 if (rc) 326 goto exit; 327 /* 328 * Skip target_found and don't free it for now. This will be 329 * done when receiving the ATS 330 */ 331 goto exit_free_skb; 332 } else { 333 rc = -EOPNOTSUPP; 334 goto exit; 335 } 336 337 rc = digital_target_found(ddev, target, nfc_proto); 338 339exit: 340 kfree(target); 341 342exit_free_skb: 343 dev_kfree_skb(resp); 344 345 if (rc) 346 digital_poll_next_tech(ddev); 347} 348 349static int digital_in_send_sel_req(struct nfc_digital_dev *ddev, 350 struct nfc_target *target, 351 struct digital_sdd_res *sdd_res) 352{ 353 struct sk_buff *skb; 354 struct digital_sel_req *sel_req; 355 u8 sel_cmd; 356 int rc; 357 358 skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req)); 359 if (!skb) 360 return -ENOMEM; 361 362 skb_put(skb, sizeof(struct digital_sel_req)); 363 sel_req = (struct digital_sel_req *)skb->data; 364 365 if (target->nfcid1_len <= 4) 366 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1; 367 else if (target->nfcid1_len < 10) 368 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2; 369 else 370 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3; 371 372 sel_req->sel_cmd = sel_cmd; 373 sel_req->b2 = 0x70; 374 memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4); 375 sel_req->bcc = sdd_res->bcc; 376 377 if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 378 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 379 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A); 380 if (rc) 381 goto exit; 382 } else { 383 digital_skb_add_crc_a(skb); 384 } 385 386 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res, 387 target); 388exit: 389 if (rc) 390 kfree_skb(skb); 391 392 return rc; 393} 394 395static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg, 396 struct sk_buff *resp) 397{ 398 struct nfc_target *target = arg; 399 struct digital_sdd_res *sdd_res; 400 int rc; 401 u8 offset, size; 402 u8 i, bcc; 403 404 if (IS_ERR(resp)) { 405 rc = PTR_ERR(resp); 406 resp = NULL; 407 goto exit; 408 } 409 410 if (resp->len < DIGITAL_SDD_RES_LEN) { 411 PROTOCOL_ERR("4.7.2.8"); 412 rc = -EINVAL; 413 goto exit; 414 } 415 416 sdd_res = (struct digital_sdd_res *)resp->data; 417 418 for (i = 0, bcc = 0; i < 4; i++) 419 bcc ^= sdd_res->nfcid1[i]; 420 421 if (bcc != sdd_res->bcc) { 422 PROTOCOL_ERR("4.7.2.6"); 423 rc = -EINVAL; 424 goto exit; 425 } 426 427 if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) { 428 offset = 1; 429 size = 3; 430 } else { 431 offset = 0; 432 size = 4; 433 } 434 435 memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset, 436 size); 437 target->nfcid1_len += size; 438 439 rc = digital_in_send_sel_req(ddev, target, sdd_res); 440 441exit: 442 dev_kfree_skb(resp); 443 444 if (rc) { 445 kfree(target); 446 digital_poll_next_tech(ddev); 447 } 448} 449 450static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev, 451 struct nfc_target *target) 452{ 453 int rc; 454 struct sk_buff *skb; 455 u8 sel_cmd; 456 457 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 458 NFC_DIGITAL_FRAMING_NFCA_STANDARD); 459 if (rc) 460 return rc; 461 462 skb = digital_skb_alloc(ddev, 2); 463 if (!skb) 464 return -ENOMEM; 465 466 if (target->nfcid1_len == 0) 467 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1; 468 else if (target->nfcid1_len == 3) 469 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2; 470 else 471 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3; 472 473 *skb_put(skb, sizeof(u8)) = sel_cmd; 474 *skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR; 475 476 return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res, 477 target); 478} 479 480static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg, 481 struct sk_buff *resp) 482{ 483 struct nfc_target *target = NULL; 484 int rc; 485 486 if (IS_ERR(resp)) { 487 rc = PTR_ERR(resp); 488 resp = NULL; 489 goto exit; 490 } 491 492 if (resp->len < sizeof(u16)) { 493 rc = -EIO; 494 goto exit; 495 } 496 497 target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 498 if (!target) { 499 rc = -ENOMEM; 500 goto exit; 501 } 502 503 target->sens_res = __le16_to_cpu(*(__le16 *)resp->data); 504 505 if (!DIGITAL_SENS_RES_IS_VALID(target->sens_res)) { 506 PROTOCOL_ERR("4.6.3.3"); 507 rc = -EINVAL; 508 goto exit; 509 } 510 511 if (DIGITAL_SENS_RES_IS_T1T(target->sens_res)) 512 rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL); 513 else 514 rc = digital_in_send_sdd_req(ddev, target); 515 516exit: 517 dev_kfree_skb(resp); 518 519 if (rc) { 520 kfree(target); 521 digital_poll_next_tech(ddev); 522 } 523} 524 525int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech) 526{ 527 struct sk_buff *skb; 528 int rc; 529 530 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 531 NFC_DIGITAL_RF_TECH_106A); 532 if (rc) 533 return rc; 534 535 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 536 NFC_DIGITAL_FRAMING_NFCA_SHORT); 537 if (rc) 538 return rc; 539 540 skb = digital_skb_alloc(ddev, 1); 541 if (!skb) 542 return -ENOMEM; 543 544 *skb_put(skb, sizeof(u8)) = DIGITAL_CMD_SENS_REQ; 545 546 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL); 547 if (rc) 548 kfree_skb(skb); 549 550 return rc; 551} 552 553int digital_in_recv_mifare_res(struct sk_buff *resp) 554{ 555 /* Successful READ command response is 16 data bytes + 2 CRC bytes long. 556 * Since the driver can't differentiate a ACK/NACK response from a valid 557 * READ response, the CRC calculation must be handled at digital level 558 * even if the driver supports it for this technology. 559 */ 560 if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) { 561 if (digital_skb_check_crc_a(resp)) { 562 PROTOCOL_ERR("9.4.1.2"); 563 return -EIO; 564 } 565 566 return 0; 567 } 568 569 /* ACK response (i.e. successful WRITE). */ 570 if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) { 571 resp->data[0] = 0; 572 return 0; 573 } 574 575 /* NACK and any other responses are treated as error. */ 576 return -EIO; 577} 578 579static void digital_in_recv_attrib_res(struct nfc_digital_dev *ddev, void *arg, 580 struct sk_buff *resp) 581{ 582 struct nfc_target *target = arg; 583 struct digital_attrib_res *attrib_res; 584 int rc; 585 586 if (IS_ERR(resp)) { 587 rc = PTR_ERR(resp); 588 resp = NULL; 589 goto exit; 590 } 591 592 if (resp->len < sizeof(*attrib_res)) { 593 PROTOCOL_ERR("12.6.2"); 594 rc = -EIO; 595 goto exit; 596 } 597 598 attrib_res = (struct digital_attrib_res *)resp->data; 599 600 if (attrib_res->mbli_did & 0x0f) { 601 PROTOCOL_ERR("12.6.2.1"); 602 rc = -EIO; 603 goto exit; 604 } 605 606 rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443_B); 607 608exit: 609 dev_kfree_skb(resp); 610 kfree(target); 611 612 if (rc) 613 digital_poll_next_tech(ddev); 614} 615 616static int digital_in_send_attrib_req(struct nfc_digital_dev *ddev, 617 struct nfc_target *target, 618 struct digital_sensb_res *sensb_res) 619{ 620 struct digital_attrib_req *attrib_req; 621 struct sk_buff *skb; 622 int rc; 623 624 skb = digital_skb_alloc(ddev, sizeof(*attrib_req)); 625 if (!skb) 626 return -ENOMEM; 627 628 attrib_req = (struct digital_attrib_req *)skb_put(skb, 629 sizeof(*attrib_req)); 630 631 attrib_req->cmd = DIGITAL_CMD_ATTRIB_REQ; 632 memcpy(attrib_req->nfcid0, sensb_res->nfcid0, 633 sizeof(attrib_req->nfcid0)); 634 attrib_req->param1 = DIGITAL_ATTRIB_P1_TR0_DEFAULT | 635 DIGITAL_ATTRIB_P1_TR1_DEFAULT; 636 attrib_req->param2 = DIGITAL_ATTRIB_P2_LISTEN_POLL_1 | 637 DIGITAL_ATTRIB_P2_POLL_LISTEN_1 | 638 DIGITAL_ATTRIB_P2_MAX_FRAME_256; 639 attrib_req->param3 = sensb_res->proto_info[1] & 0x07; 640 attrib_req->param4 = DIGITAL_ATTRIB_P4_DID(0); 641 642 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_attrib_res, 643 target); 644 if (rc) 645 kfree_skb(skb); 646 647 return rc; 648} 649 650static void digital_in_recv_sensb_res(struct nfc_digital_dev *ddev, void *arg, 651 struct sk_buff *resp) 652{ 653 struct nfc_target *target = NULL; 654 struct digital_sensb_res *sensb_res; 655 u8 fsci; 656 int rc; 657 658 if (IS_ERR(resp)) { 659 rc = PTR_ERR(resp); 660 resp = NULL; 661 goto exit; 662 } 663 664 if (resp->len != sizeof(*sensb_res)) { 665 PROTOCOL_ERR("5.6.2.1"); 666 rc = -EIO; 667 goto exit; 668 } 669 670 sensb_res = (struct digital_sensb_res *)resp->data; 671 672 if (sensb_res->cmd != DIGITAL_CMD_SENSB_RES) { 673 PROTOCOL_ERR("5.6.2"); 674 rc = -EIO; 675 goto exit; 676 } 677 678 if (!(sensb_res->proto_info[1] & BIT(0))) { 679 PROTOCOL_ERR("5.6.2.12"); 680 rc = -EIO; 681 goto exit; 682 } 683 684 if (sensb_res->proto_info[1] & BIT(3)) { 685 PROTOCOL_ERR("5.6.2.16"); 686 rc = -EIO; 687 goto exit; 688 } 689 690 fsci = DIGITAL_SENSB_FSCI(sensb_res->proto_info[1]); 691 if (fsci >= 8) 692 ddev->target_fsc = DIGITAL_ATS_MAX_FSC; 693 else 694 ddev->target_fsc = digital_ats_fsc[fsci]; 695 696 target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL); 697 if (!target) { 698 rc = -ENOMEM; 699 goto exit; 700 } 701 702 rc = digital_in_send_attrib_req(ddev, target, sensb_res); 703 704exit: 705 dev_kfree_skb(resp); 706 707 if (rc) { 708 kfree(target); 709 digital_poll_next_tech(ddev); 710 } 711} 712 713int digital_in_send_sensb_req(struct nfc_digital_dev *ddev, u8 rf_tech) 714{ 715 struct digital_sensb_req *sensb_req; 716 struct sk_buff *skb; 717 int rc; 718 719 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 720 NFC_DIGITAL_RF_TECH_106B); 721 if (rc) 722 return rc; 723 724 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 725 NFC_DIGITAL_FRAMING_NFCB); 726 if (rc) 727 return rc; 728 729 skb = digital_skb_alloc(ddev, sizeof(*sensb_req)); 730 if (!skb) 731 return -ENOMEM; 732 733 sensb_req = (struct digital_sensb_req *)skb_put(skb, 734 sizeof(*sensb_req)); 735 736 sensb_req->cmd = DIGITAL_CMD_SENSB_REQ; 737 sensb_req->afi = 0x00; /* All families and sub-families */ 738 sensb_req->param = DIGITAL_SENSB_N(0); 739 740 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensb_res, 741 NULL); 742 if (rc) 743 kfree_skb(skb); 744 745 return rc; 746} 747 748static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg, 749 struct sk_buff *resp) 750{ 751 int rc; 752 u8 proto; 753 struct nfc_target target; 754 struct digital_sensf_res *sensf_res; 755 756 if (IS_ERR(resp)) { 757 rc = PTR_ERR(resp); 758 resp = NULL; 759 goto exit; 760 } 761 762 if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) { 763 rc = -EIO; 764 goto exit; 765 } 766 767 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) { 768 rc = digital_skb_check_crc_f(resp); 769 if (rc) { 770 PROTOCOL_ERR("6.4.1.8"); 771 goto exit; 772 } 773 } 774 775 skb_pull(resp, 1); 776 777 memset(&target, 0, sizeof(struct nfc_target)); 778 779 sensf_res = (struct digital_sensf_res *)resp->data; 780 781 memcpy(target.sensf_res, sensf_res, resp->len); 782 target.sensf_res_len = resp->len; 783 784 memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE); 785 target.nfcid2_len = NFC_NFCID2_MAXSIZE; 786 787 if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 && 788 target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2) 789 proto = NFC_PROTO_NFC_DEP; 790 else 791 proto = NFC_PROTO_FELICA; 792 793 rc = digital_target_found(ddev, &target, proto); 794 795exit: 796 dev_kfree_skb(resp); 797 798 if (rc) 799 digital_poll_next_tech(ddev); 800} 801 802int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech) 803{ 804 struct digital_sensf_req *sensf_req; 805 struct sk_buff *skb; 806 int rc; 807 u8 size; 808 809 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech); 810 if (rc) 811 return rc; 812 813 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 814 NFC_DIGITAL_FRAMING_NFCF); 815 if (rc) 816 return rc; 817 818 size = sizeof(struct digital_sensf_req); 819 820 skb = digital_skb_alloc(ddev, size); 821 if (!skb) 822 return -ENOMEM; 823 824 skb_put(skb, size); 825 826 sensf_req = (struct digital_sensf_req *)skb->data; 827 sensf_req->cmd = DIGITAL_CMD_SENSF_REQ; 828 sensf_req->sc1 = 0xFF; 829 sensf_req->sc2 = 0xFF; 830 sensf_req->rc = 0; 831 sensf_req->tsn = 0; 832 833 *skb_push(skb, 1) = size + 1; 834 835 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) 836 digital_skb_add_crc_f(skb); 837 838 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res, 839 NULL); 840 if (rc) 841 kfree_skb(skb); 842 843 return rc; 844} 845 846static void digital_in_recv_iso15693_inv_res(struct nfc_digital_dev *ddev, 847 void *arg, struct sk_buff *resp) 848{ 849 struct digital_iso15693_inv_res *res; 850 struct nfc_target *target = NULL; 851 int rc; 852 853 if (IS_ERR(resp)) { 854 rc = PTR_ERR(resp); 855 resp = NULL; 856 goto out_free_skb; 857 } 858 859 if (resp->len != sizeof(*res)) { 860 rc = -EIO; 861 goto out_free_skb; 862 } 863 864 res = (struct digital_iso15693_inv_res *)resp->data; 865 866 if (!DIGITAL_ISO15693_RES_IS_VALID(res->flags)) { 867 PROTOCOL_ERR("ISO15693 - 10.3.1"); 868 rc = -EINVAL; 869 goto out_free_skb; 870 } 871 872 target = kzalloc(sizeof(*target), GFP_KERNEL); 873 if (!target) { 874 rc = -ENOMEM; 875 goto out_free_skb; 876 } 877 878 target->is_iso15693 = 1; 879 target->iso15693_dsfid = res->dsfid; 880 memcpy(target->iso15693_uid, &res->uid, sizeof(target->iso15693_uid)); 881 882 rc = digital_target_found(ddev, target, NFC_PROTO_ISO15693); 883 884 kfree(target); 885 886out_free_skb: 887 dev_kfree_skb(resp); 888 889 if (rc) 890 digital_poll_next_tech(ddev); 891} 892 893int digital_in_send_iso15693_inv_req(struct nfc_digital_dev *ddev, u8 rf_tech) 894{ 895 struct digital_iso15693_inv_req *req; 896 struct sk_buff *skb; 897 int rc; 898 899 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 900 NFC_DIGITAL_RF_TECH_ISO15693); 901 if (rc) 902 return rc; 903 904 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 905 NFC_DIGITAL_FRAMING_ISO15693_INVENTORY); 906 if (rc) 907 return rc; 908 909 skb = digital_skb_alloc(ddev, sizeof(*req)); 910 if (!skb) 911 return -ENOMEM; 912 913 skb_put(skb, sizeof(*req) - sizeof(req->mask)); /* No mask */ 914 req = (struct digital_iso15693_inv_req *)skb->data; 915 916 /* Single sub-carrier, high data rate, no AFI, single slot 917 * Inventory command 918 */ 919 req->flags = DIGITAL_ISO15693_REQ_FLAG_DATA_RATE | 920 DIGITAL_ISO15693_REQ_FLAG_INVENTORY | 921 DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS; 922 req->cmd = DIGITAL_CMD_ISO15693_INVENTORY_REQ; 923 req->mask_len = 0; 924 925 rc = digital_in_send_cmd(ddev, skb, 30, 926 digital_in_recv_iso15693_inv_res, NULL); 927 if (rc) 928 kfree_skb(skb); 929 930 return rc; 931} 932 933static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev) 934{ 935 struct sk_buff *skb; 936 int rc; 937 938 skb = digital_skb_alloc(ddev, 1); 939 if (!skb) 940 return -ENOMEM; 941 942 *skb_put(skb, 1) = DIGITAL_SEL_RES_NFC_DEP; 943 944 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) 945 digital_skb_add_crc_a(skb); 946 947 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 948 NFC_DIGITAL_FRAMING_NFCA_ANTICOL_COMPLETE); 949 if (rc) { 950 kfree_skb(skb); 951 return rc; 952 } 953 954 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req, 955 NULL); 956 if (rc) 957 kfree_skb(skb); 958 959 return rc; 960} 961 962static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg, 963 struct sk_buff *resp) 964{ 965 int rc; 966 967 if (IS_ERR(resp)) { 968 rc = PTR_ERR(resp); 969 resp = NULL; 970 goto exit; 971 } 972 973 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) { 974 rc = digital_skb_check_crc_a(resp); 975 if (rc) { 976 PROTOCOL_ERR("4.4.1.3"); 977 goto exit; 978 } 979 } 980 981 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */ 982 983 rc = digital_tg_send_sel_res(ddev); 984 985exit: 986 if (rc) 987 digital_poll_next_tech(ddev); 988 989 dev_kfree_skb(resp); 990} 991 992static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev) 993{ 994 struct sk_buff *skb; 995 struct digital_sdd_res *sdd_res; 996 int rc, i; 997 998 skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res)); 999 if (!skb) 1000 return -ENOMEM; 1001 1002 skb_put(skb, sizeof(struct digital_sdd_res)); 1003 sdd_res = (struct digital_sdd_res *)skb->data; 1004 1005 sdd_res->nfcid1[0] = 0x08; 1006 get_random_bytes(sdd_res->nfcid1 + 1, 3); 1007 1008 sdd_res->bcc = 0; 1009 for (i = 0; i < 4; i++) 1010 sdd_res->bcc ^= sdd_res->nfcid1[i]; 1011 1012 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1013 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A); 1014 if (rc) { 1015 kfree_skb(skb); 1016 return rc; 1017 } 1018 1019 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req, 1020 NULL); 1021 if (rc) 1022 kfree_skb(skb); 1023 1024 return rc; 1025} 1026 1027static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg, 1028 struct sk_buff *resp) 1029{ 1030 u8 *sdd_req; 1031 int rc; 1032 1033 if (IS_ERR(resp)) { 1034 rc = PTR_ERR(resp); 1035 resp = NULL; 1036 goto exit; 1037 } 1038 1039 sdd_req = resp->data; 1040 1041 if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 || 1042 sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) { 1043 rc = -EINVAL; 1044 goto exit; 1045 } 1046 1047 rc = digital_tg_send_sdd_res(ddev); 1048 1049exit: 1050 if (rc) 1051 digital_poll_next_tech(ddev); 1052 1053 dev_kfree_skb(resp); 1054} 1055 1056static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev) 1057{ 1058 struct sk_buff *skb; 1059 u8 *sens_res; 1060 int rc; 1061 1062 skb = digital_skb_alloc(ddev, 2); 1063 if (!skb) 1064 return -ENOMEM; 1065 1066 sens_res = skb_put(skb, 2); 1067 1068 sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF; 1069 sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF; 1070 1071 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1072 NFC_DIGITAL_FRAMING_NFCA_STANDARD); 1073 if (rc) { 1074 kfree_skb(skb); 1075 return rc; 1076 } 1077 1078 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req, 1079 NULL); 1080 if (rc) 1081 kfree_skb(skb); 1082 1083 return rc; 1084} 1085 1086void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg, 1087 struct sk_buff *resp) 1088{ 1089 u8 sens_req; 1090 int rc; 1091 1092 if (IS_ERR(resp)) { 1093 rc = PTR_ERR(resp); 1094 resp = NULL; 1095 goto exit; 1096 } 1097 1098 sens_req = resp->data[0]; 1099 1100 if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ && 1101 sens_req != DIGITAL_CMD_ALL_REQ)) { 1102 rc = -EINVAL; 1103 goto exit; 1104 } 1105 1106 rc = digital_tg_send_sens_res(ddev); 1107 1108exit: 1109 if (rc) 1110 digital_poll_next_tech(ddev); 1111 1112 dev_kfree_skb(resp); 1113} 1114 1115static void digital_tg_recv_atr_or_sensf_req(struct nfc_digital_dev *ddev, 1116 void *arg, struct sk_buff *resp) 1117{ 1118 if (!IS_ERR(resp) && (resp->len >= 2) && 1119 (resp->data[1] == DIGITAL_CMD_SENSF_REQ)) 1120 digital_tg_recv_sensf_req(ddev, arg, resp); 1121 else 1122 digital_tg_recv_atr_req(ddev, arg, resp); 1123 1124 return; 1125} 1126 1127static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev, 1128 struct digital_sensf_req *sensf_req) 1129{ 1130 struct sk_buff *skb; 1131 u8 size; 1132 int rc; 1133 struct digital_sensf_res *sensf_res; 1134 1135 size = sizeof(struct digital_sensf_res); 1136 1137 if (sensf_req->rc == DIGITAL_SENSF_REQ_RC_NONE) 1138 size -= sizeof(sensf_res->rd); 1139 1140 skb = digital_skb_alloc(ddev, size); 1141 if (!skb) 1142 return -ENOMEM; 1143 1144 skb_put(skb, size); 1145 1146 sensf_res = (struct digital_sensf_res *)skb->data; 1147 1148 memset(sensf_res, 0, size); 1149 1150 sensf_res->cmd = DIGITAL_CMD_SENSF_RES; 1151 sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1; 1152 sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2; 1153 get_random_bytes(&sensf_res->nfcid2[2], 6); 1154 1155 switch (sensf_req->rc) { 1156 case DIGITAL_SENSF_REQ_RC_SC: 1157 sensf_res->rd[0] = sensf_req->sc1; 1158 sensf_res->rd[1] = sensf_req->sc2; 1159 break; 1160 case DIGITAL_SENSF_REQ_RC_AP: 1161 sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1; 1162 sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2; 1163 break; 1164 } 1165 1166 *skb_push(skb, sizeof(u8)) = size + 1; 1167 1168 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) 1169 digital_skb_add_crc_f(skb); 1170 1171 rc = digital_tg_send_cmd(ddev, skb, 300, 1172 digital_tg_recv_atr_or_sensf_req, NULL); 1173 if (rc) 1174 kfree_skb(skb); 1175 1176 return rc; 1177} 1178 1179void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg, 1180 struct sk_buff *resp) 1181{ 1182 struct digital_sensf_req *sensf_req; 1183 int rc; 1184 1185 if (IS_ERR(resp)) { 1186 rc = PTR_ERR(resp); 1187 resp = NULL; 1188 goto exit; 1189 } 1190 1191 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) { 1192 rc = digital_skb_check_crc_f(resp); 1193 if (rc) { 1194 PROTOCOL_ERR("6.4.1.8"); 1195 goto exit; 1196 } 1197 } 1198 1199 if (resp->len != sizeof(struct digital_sensf_req) + 1) { 1200 rc = -EINVAL; 1201 goto exit; 1202 } 1203 1204 skb_pull(resp, 1); 1205 sensf_req = (struct digital_sensf_req *)resp->data; 1206 1207 if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) { 1208 rc = -EINVAL; 1209 goto exit; 1210 } 1211 1212 rc = digital_tg_send_sensf_res(ddev, sensf_req); 1213 1214exit: 1215 if (rc) 1216 digital_poll_next_tech(ddev); 1217 1218 dev_kfree_skb(resp); 1219} 1220 1221static int digital_tg_config_nfca(struct nfc_digital_dev *ddev) 1222{ 1223 int rc; 1224 1225 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, 1226 NFC_DIGITAL_RF_TECH_106A); 1227 if (rc) 1228 return rc; 1229 1230 return digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1231 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP); 1232} 1233 1234int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech) 1235{ 1236 int rc; 1237 1238 rc = digital_tg_config_nfca(ddev); 1239 if (rc) 1240 return rc; 1241 1242 return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL); 1243} 1244 1245static int digital_tg_config_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech) 1246{ 1247 int rc; 1248 1249 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech); 1250 if (rc) 1251 return rc; 1252 1253 return digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1254 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP); 1255} 1256 1257int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech) 1258{ 1259 int rc; 1260 u8 *nfcid2; 1261 1262 rc = digital_tg_config_nfcf(ddev, rf_tech); 1263 if (rc) 1264 return rc; 1265 1266 nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL); 1267 if (!nfcid2) 1268 return -ENOMEM; 1269 1270 nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1; 1271 nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2; 1272 get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2); 1273 1274 return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2); 1275} 1276 1277void digital_tg_recv_md_req(struct nfc_digital_dev *ddev, void *arg, 1278 struct sk_buff *resp) 1279{ 1280 u8 rf_tech; 1281 int rc; 1282 1283 if (IS_ERR(resp)) { 1284 resp = NULL; 1285 goto exit_free_skb; 1286 } 1287 1288 rc = ddev->ops->tg_get_rf_tech(ddev, &rf_tech); 1289 if (rc) 1290 goto exit_free_skb; 1291 1292 switch (rf_tech) { 1293 case NFC_DIGITAL_RF_TECH_106A: 1294 rc = digital_tg_config_nfca(ddev); 1295 if (rc) 1296 goto exit_free_skb; 1297 digital_tg_recv_sens_req(ddev, arg, resp); 1298 break; 1299 case NFC_DIGITAL_RF_TECH_212F: 1300 case NFC_DIGITAL_RF_TECH_424F: 1301 rc = digital_tg_config_nfcf(ddev, rf_tech); 1302 if (rc) 1303 goto exit_free_skb; 1304 digital_tg_recv_sensf_req(ddev, arg, resp); 1305 break; 1306 default: 1307 goto exit_free_skb; 1308 } 1309 1310 return; 1311 1312exit_free_skb: 1313 digital_poll_next_tech(ddev); 1314 dev_kfree_skb(resp); 1315} 1316