1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * HCI based Driver for NXP PN544 NFC Chip
4 *
5 * Copyright (C) 2012 Intel Corporation. All rights reserved.
6 */
7
8#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
9
10#include <linux/delay.h>
11#include <linux/slab.h>
12#include <linux/module.h>
13
14#include <linux/nfc.h>
15#include <net/nfc/hci.h>
16
17#include "pn544.h"
18
19/* Timing restrictions (ms) */
20#define PN544_HCI_RESETVEN_TIME 30
21
22enum pn544_state {
23 PN544_ST_COLD,
24 PN544_ST_FW_READY,
25 PN544_ST_READY,
26};
27
28#define FULL_VERSION_LEN 11
29
30/* Proprietary commands */
31#define PN544_WRITE 0x3f
32#define PN544_TEST_SWP 0x21
33
34/* Proprietary gates, events, commands and registers */
35
36/* NFC_HCI_RF_READER_A_GATE additional registers and commands */
37#define PN544_RF_READER_A_AUTO_ACTIVATION 0x10
38#define PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION 0x12
39#define PN544_MIFARE_CMD 0x21
40
41/* Commands that apply to all RF readers */
42#define PN544_RF_READER_CMD_PRESENCE_CHECK 0x30
43#define PN544_RF_READER_CMD_ACTIVATE_NEXT 0x32
44
45/* NFC_HCI_ID_MGMT_GATE additional registers */
46#define PN544_ID_MGMT_FULL_VERSION_SW 0x10
47
48#define PN544_RF_READER_ISO15693_GATE 0x12
49
50#define PN544_RF_READER_F_GATE 0x14
51#define PN544_FELICA_ID 0x04
52#define PN544_FELICA_RAW 0x20
53
54#define PN544_RF_READER_JEWEL_GATE 0x15
55#define PN544_JEWEL_RAW_CMD 0x23
56
57#define PN544_RF_READER_NFCIP1_INITIATOR_GATE 0x30
58#define PN544_RF_READER_NFCIP1_TARGET_GATE 0x31
59
60#define PN544_SYS_MGMT_GATE 0x90
61#define PN544_SYS_MGMT_INFO_NOTIFICATION 0x02
62
63#define PN544_POLLING_LOOP_MGMT_GATE 0x94
64#define PN544_DEP_MODE 0x01
65#define PN544_DEP_ATR_REQ 0x02
66#define PN544_DEP_ATR_RES 0x03
67#define PN544_DEP_MERGE 0x0D
68#define PN544_PL_RDPHASES 0x06
69#define PN544_PL_EMULATION 0x07
70#define PN544_PL_NFCT_DEACTIVATED 0x09
71
72#define PN544_SWP_MGMT_GATE 0xA0
73#define PN544_SWP_DEFAULT_MODE 0x01
74
75#define PN544_NFC_WI_MGMT_GATE 0xA1
76#define PN544_NFC_ESE_DEFAULT_MODE 0x01
77
78#define PN544_HCI_EVT_SND_DATA 0x01
79#define PN544_HCI_EVT_ACTIVATED 0x02
80#define PN544_HCI_EVT_DEACTIVATED 0x03
81#define PN544_HCI_EVT_RCV_DATA 0x04
82#define PN544_HCI_EVT_CONTINUE_MI 0x05
83#define PN544_HCI_EVT_SWITCH_MODE 0x03
84
85#define PN544_HCI_CMD_ATTREQUEST 0x12
86#define PN544_HCI_CMD_CONTINUE_ACTIVATION 0x13
87
88static const struct nfc_hci_gate pn544_gates[] = {
89 {NFC_HCI_ADMIN_GATE, NFC_HCI_INVALID_PIPE},
90 {NFC_HCI_LOOPBACK_GATE, NFC_HCI_INVALID_PIPE},
91 {NFC_HCI_ID_MGMT_GATE, NFC_HCI_INVALID_PIPE},
92 {NFC_HCI_LINK_MGMT_GATE, NFC_HCI_INVALID_PIPE},
93 {NFC_HCI_RF_READER_B_GATE, NFC_HCI_INVALID_PIPE},
94 {NFC_HCI_RF_READER_A_GATE, NFC_HCI_INVALID_PIPE},
95 {PN544_SYS_MGMT_GATE, NFC_HCI_INVALID_PIPE},
96 {PN544_SWP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
97 {PN544_POLLING_LOOP_MGMT_GATE, NFC_HCI_INVALID_PIPE},
98 {PN544_NFC_WI_MGMT_GATE, NFC_HCI_INVALID_PIPE},
99 {PN544_RF_READER_F_GATE, NFC_HCI_INVALID_PIPE},
100 {PN544_RF_READER_JEWEL_GATE, NFC_HCI_INVALID_PIPE},
101 {PN544_RF_READER_ISO15693_GATE, NFC_HCI_INVALID_PIPE},
102 {PN544_RF_READER_NFCIP1_INITIATOR_GATE, NFC_HCI_INVALID_PIPE},
103 {PN544_RF_READER_NFCIP1_TARGET_GATE, NFC_HCI_INVALID_PIPE}
104};
105
106/* Largest headroom needed for outgoing custom commands */
107#define PN544_CMDS_HEADROOM 2
108
109struct pn544_hci_info {
110 const struct nfc_phy_ops *phy_ops;
111 void *phy_id;
112
113 struct nfc_hci_dev *hdev;
114
115 enum pn544_state state;
116
117 struct mutex info_lock;
118
119 int async_cb_type;
120 data_exchange_cb_t async_cb;
121 void *async_cb_context;
122
123 fw_download_t fw_download;
124};
125
126static int pn544_hci_open(struct nfc_hci_dev *hdev)
127{
128 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
129 int r = 0;
130
131 mutex_lock(&info->info_lock);
132
133 if (info->state != PN544_ST_COLD) {
134 r = -EBUSY;
135 goto out;
136 }
137
138 r = info->phy_ops->enable(info->phy_id);
139
140 if (r == 0)
141 info->state = PN544_ST_READY;
142
143out:
144 mutex_unlock(lock: &info->info_lock);
145 return r;
146}
147
148static void pn544_hci_close(struct nfc_hci_dev *hdev)
149{
150 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
151
152 mutex_lock(&info->info_lock);
153
154 if (info->state == PN544_ST_COLD)
155 goto out;
156
157 info->phy_ops->disable(info->phy_id);
158
159 info->state = PN544_ST_COLD;
160
161out:
162 mutex_unlock(lock: &info->info_lock);
163}
164
165static int pn544_hci_ready(struct nfc_hci_dev *hdev)
166{
167 struct sk_buff *skb;
168 static struct hw_config {
169 u8 adr[2];
170 u8 value;
171 } hw_config[] = {
172 {{0x9f, 0x9a}, 0x00},
173
174 {{0x98, 0x10}, 0xbc},
175
176 {{0x9e, 0x71}, 0x00},
177
178 {{0x98, 0x09}, 0x00},
179
180 {{0x9e, 0xb4}, 0x00},
181
182 {{0x9c, 0x01}, 0x08},
183
184 {{0x9e, 0xaa}, 0x01},
185
186 {{0x9b, 0xd1}, 0x17},
187 {{0x9b, 0xd2}, 0x58},
188 {{0x9b, 0xd3}, 0x10},
189 {{0x9b, 0xd4}, 0x47},
190 {{0x9b, 0xd5}, 0x0c},
191 {{0x9b, 0xd6}, 0x37},
192 {{0x9b, 0xdd}, 0x33},
193
194 {{0x9b, 0x84}, 0x00},
195 {{0x99, 0x81}, 0x79},
196 {{0x99, 0x31}, 0x79},
197
198 {{0x98, 0x00}, 0x3f},
199
200 {{0x9f, 0x09}, 0x02},
201
202 {{0x9f, 0x0a}, 0x05},
203
204 {{0x9e, 0xd1}, 0xa1},
205 {{0x99, 0x23}, 0x01},
206
207 {{0x9e, 0x74}, 0x00},
208 {{0x9e, 0x90}, 0x00},
209 {{0x9f, 0x28}, 0x10},
210
211 {{0x9f, 0x35}, 0x04},
212
213 {{0x9f, 0x36}, 0x11},
214
215 {{0x9c, 0x31}, 0x00},
216
217 {{0x9c, 0x32}, 0x00},
218
219 {{0x9c, 0x19}, 0x0a},
220
221 {{0x9c, 0x1a}, 0x0a},
222
223 {{0x9c, 0x0c}, 0x00},
224
225 {{0x9c, 0x0d}, 0x00},
226
227 {{0x9c, 0x12}, 0x00},
228
229 {{0x9c, 0x13}, 0x00},
230
231 {{0x98, 0xa2}, 0x09},
232
233 {{0x98, 0x93}, 0x00},
234
235 {{0x98, 0x7d}, 0x08},
236 {{0x98, 0x7e}, 0x00},
237 {{0x9f, 0xc8}, 0x00},
238 };
239 struct hw_config *p = hw_config;
240 int count = ARRAY_SIZE(hw_config);
241 struct sk_buff *res_skb;
242 u8 param[4];
243 int r;
244
245 param[0] = 0;
246 while (count--) {
247 param[1] = p->adr[0];
248 param[2] = p->adr[1];
249 param[3] = p->value;
250
251 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_WRITE,
252 param, param_len: 4, skb: &res_skb);
253 if (r < 0)
254 return r;
255
256 if (res_skb->len != 1) {
257 kfree_skb(skb: res_skb);
258 return -EPROTO;
259 }
260
261 if (res_skb->data[0] != p->value) {
262 kfree_skb(skb: res_skb);
263 return -EIO;
264 }
265
266 kfree_skb(skb: res_skb);
267
268 p++;
269 }
270
271 param[0] = NFC_HCI_UICC_HOST_ID;
272 r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE,
273 NFC_HCI_ADMIN_WHITELIST, param, param_len: 1);
274 if (r < 0)
275 return r;
276
277 param[0] = 0x3d;
278 r = nfc_hci_set_param(hdev, PN544_SYS_MGMT_GATE,
279 PN544_SYS_MGMT_INFO_NOTIFICATION, param, param_len: 1);
280 if (r < 0)
281 return r;
282
283 param[0] = 0x0;
284 r = nfc_hci_set_param(hdev, NFC_HCI_RF_READER_A_GATE,
285 PN544_RF_READER_A_AUTO_ACTIVATION, param, param_len: 1);
286 if (r < 0)
287 return r;
288
289 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
290 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
291 if (r < 0)
292 return r;
293
294 param[0] = 0x1;
295 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
296 PN544_PL_NFCT_DEACTIVATED, param, param_len: 1);
297 if (r < 0)
298 return r;
299
300 param[0] = 0x0;
301 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
302 PN544_PL_RDPHASES, param, param_len: 1);
303 if (r < 0)
304 return r;
305
306 r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE,
307 PN544_ID_MGMT_FULL_VERSION_SW, skb: &skb);
308 if (r < 0)
309 return r;
310
311 if (skb->len != FULL_VERSION_LEN) {
312 kfree_skb(skb);
313 return -EINVAL;
314 }
315
316 print_hex_dump(KERN_DEBUG, prefix_str: "FULL VERSION SOFTWARE INFO: ",
317 prefix_type: DUMP_PREFIX_NONE, rowsize: 16, groupsize: 1,
318 buf: skb->data, FULL_VERSION_LEN, ascii: false);
319
320 kfree_skb(skb);
321
322 return 0;
323}
324
325static int pn544_hci_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
326{
327 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
328
329 return info->phy_ops->write(info->phy_id, skb);
330}
331
332static int pn544_hci_start_poll(struct nfc_hci_dev *hdev,
333 u32 im_protocols, u32 tm_protocols)
334{
335 u8 phases = 0;
336 int r;
337 u8 duration[2];
338 u8 activated;
339 u8 i_mode = 0x3f; /* Enable all supported modes */
340 u8 t_mode = 0x0f;
341 u8 t_merge = 0x01; /* Enable merge by default */
342
343 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n",
344 __func__, im_protocols, tm_protocols);
345
346 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
347 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
348 if (r < 0)
349 return r;
350
351 duration[0] = 0x18;
352 duration[1] = 0x6a;
353 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
354 PN544_PL_EMULATION, param: duration, param_len: 2);
355 if (r < 0)
356 return r;
357
358 activated = 0;
359 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
360 PN544_PL_NFCT_DEACTIVATED, param: &activated, param_len: 1);
361 if (r < 0)
362 return r;
363
364 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK |
365 NFC_PROTO_JEWEL_MASK))
366 phases |= 1; /* Type A */
367 if (im_protocols & NFC_PROTO_FELICA_MASK) {
368 phases |= (1 << 2); /* Type F 212 */
369 phases |= (1 << 3); /* Type F 424 */
370 }
371
372 phases |= (1 << 5); /* NFC active */
373
374 r = nfc_hci_set_param(hdev, PN544_POLLING_LOOP_MGMT_GATE,
375 PN544_PL_RDPHASES, param: &phases, param_len: 1);
376 if (r < 0)
377 return r;
378
379 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
380 hdev->gb = nfc_get_local_general_bytes(dev: hdev->ndev,
381 gb_len: &hdev->gb_len);
382 pr_debug("generate local bytes %p\n", hdev->gb);
383 if (hdev->gb == NULL || hdev->gb_len == 0) {
384 im_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
385 tm_protocols &= ~NFC_PROTO_NFC_DEP_MASK;
386 }
387 }
388
389 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) {
390 r = nfc_hci_send_event(hdev,
391 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
392 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
393 if (r < 0)
394 return r;
395
396 r = nfc_hci_set_param(hdev,
397 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
398 PN544_DEP_MODE, param: &i_mode, param_len: 1);
399 if (r < 0)
400 return r;
401
402 r = nfc_hci_set_param(hdev,
403 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
404 PN544_DEP_ATR_REQ, param: hdev->gb, param_len: hdev->gb_len);
405 if (r < 0)
406 return r;
407
408 r = nfc_hci_send_event(hdev,
409 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
410 NFC_HCI_EVT_READER_REQUESTED, NULL, param_len: 0);
411 if (r < 0)
412 nfc_hci_send_event(hdev,
413 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
414 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
415 }
416
417 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
418 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
419 PN544_DEP_MODE, param: &t_mode, param_len: 1);
420 if (r < 0)
421 return r;
422
423 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
424 PN544_DEP_ATR_RES, param: hdev->gb, param_len: hdev->gb_len);
425 if (r < 0)
426 return r;
427
428 r = nfc_hci_set_param(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
429 PN544_DEP_MERGE, param: &t_merge, param_len: 1);
430 if (r < 0)
431 return r;
432 }
433
434 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
435 NFC_HCI_EVT_READER_REQUESTED, NULL, param_len: 0);
436 if (r < 0)
437 nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
438 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
439
440 return r;
441}
442
443static int pn544_hci_dep_link_up(struct nfc_hci_dev *hdev,
444 struct nfc_target *target, u8 comm_mode,
445 u8 *gb, size_t gb_len)
446{
447 struct sk_buff *rgb_skb = NULL;
448 int r;
449
450 r = nfc_hci_get_param(hdev, gate: target->hci_reader_gate,
451 PN544_DEP_ATR_RES, skb: &rgb_skb);
452 if (r < 0)
453 return r;
454
455 if (rgb_skb->len == 0 || rgb_skb->len > NFC_GB_MAXSIZE) {
456 r = -EPROTO;
457 goto exit;
458 }
459 print_hex_dump(KERN_DEBUG, prefix_str: "remote gb: ", prefix_type: DUMP_PREFIX_OFFSET,
460 rowsize: 16, groupsize: 1, buf: rgb_skb->data, len: rgb_skb->len, ascii: true);
461
462 r = nfc_set_remote_general_bytes(dev: hdev->ndev, gt: rgb_skb->data,
463 gt_len: rgb_skb->len);
464
465 if (r == 0)
466 r = nfc_dep_link_is_up(dev: hdev->ndev, target_idx: target->idx, comm_mode,
467 NFC_RF_INITIATOR);
468exit:
469 kfree_skb(skb: rgb_skb);
470 return r;
471}
472
473static int pn544_hci_dep_link_down(struct nfc_hci_dev *hdev)
474{
475
476 return nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_INITIATOR_GATE,
477 NFC_HCI_EVT_END_OPERATION, NULL, param_len: 0);
478}
479
480static int pn544_hci_target_from_gate(struct nfc_hci_dev *hdev, u8 gate,
481 struct nfc_target *target)
482{
483 switch (gate) {
484 case PN544_RF_READER_F_GATE:
485 target->supported_protocols = NFC_PROTO_FELICA_MASK;
486 break;
487 case PN544_RF_READER_JEWEL_GATE:
488 target->supported_protocols = NFC_PROTO_JEWEL_MASK;
489 target->sens_res = 0x0c00;
490 break;
491 case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
492 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
493 break;
494 default:
495 return -EPROTO;
496 }
497
498 return 0;
499}
500
501static int pn544_hci_complete_target_discovered(struct nfc_hci_dev *hdev,
502 u8 gate,
503 struct nfc_target *target)
504{
505 struct sk_buff *uid_skb;
506 int r = 0;
507
508 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE)
509 return r;
510
511 if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
512 r = nfc_hci_send_cmd(hdev,
513 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
514 PN544_HCI_CMD_CONTINUE_ACTIVATION, NULL, param_len: 0, NULL);
515 if (r < 0)
516 return r;
517
518 target->hci_reader_gate = PN544_RF_READER_NFCIP1_INITIATOR_GATE;
519 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
520 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
521 target->nfcid1_len != 10)
522 return -EPROTO;
523
524 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
525 PN544_RF_READER_CMD_ACTIVATE_NEXT,
526 param: target->nfcid1, param_len: target->nfcid1_len, NULL);
527 } else if (target->supported_protocols & NFC_PROTO_FELICA_MASK) {
528 r = nfc_hci_get_param(hdev, PN544_RF_READER_F_GATE,
529 PN544_FELICA_ID, skb: &uid_skb);
530 if (r < 0)
531 return r;
532
533 if (uid_skb->len != 8) {
534 kfree_skb(skb: uid_skb);
535 return -EPROTO;
536 }
537
538 /* Type F NFC-DEP IDm has prefix 0x01FE */
539 if ((uid_skb->data[0] == 0x01) && (uid_skb->data[1] == 0xfe)) {
540 kfree_skb(skb: uid_skb);
541 r = nfc_hci_send_cmd(hdev,
542 PN544_RF_READER_NFCIP1_INITIATOR_GATE,
543 PN544_HCI_CMD_CONTINUE_ACTIVATION,
544 NULL, param_len: 0, NULL);
545 if (r < 0)
546 return r;
547
548 target->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
549 target->hci_reader_gate =
550 PN544_RF_READER_NFCIP1_INITIATOR_GATE;
551 } else {
552 r = nfc_hci_send_cmd(hdev, PN544_RF_READER_F_GATE,
553 PN544_RF_READER_CMD_ACTIVATE_NEXT,
554 param: uid_skb->data, param_len: uid_skb->len, NULL);
555 kfree_skb(skb: uid_skb);
556 }
557 } else if (target->supported_protocols & NFC_PROTO_ISO14443_MASK) {
558 /*
559 * TODO: maybe other ISO 14443 require some kind of continue
560 * activation, but for now we've seen only this one below.
561 */
562 if (target->sens_res == 0x4403) /* Type 4 Mifare DESFire */
563 r = nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
564 PN544_RF_READER_A_CMD_CONTINUE_ACTIVATION,
565 NULL, param_len: 0, NULL);
566 }
567
568 return r;
569}
570
571#define PN544_CB_TYPE_READER_F 1
572
573static void pn544_hci_data_exchange_cb(void *context, struct sk_buff *skb,
574 int err)
575{
576 struct pn544_hci_info *info = context;
577
578 switch (info->async_cb_type) {
579 case PN544_CB_TYPE_READER_F:
580 if (err == 0)
581 skb_pull(skb, len: 1);
582 info->async_cb(info->async_cb_context, skb, err);
583 break;
584 default:
585 if (err == 0)
586 kfree_skb(skb);
587 break;
588 }
589}
590
591#define MIFARE_CMD_AUTH_KEY_A 0x60
592#define MIFARE_CMD_AUTH_KEY_B 0x61
593#define MIFARE_CMD_HEADER 2
594#define MIFARE_UID_LEN 4
595#define MIFARE_KEY_LEN 6
596#define MIFARE_CMD_LEN 12
597/*
598 * Returns:
599 * <= 0: driver handled the data exchange
600 * 1: driver doesn't especially handle, please do standard processing
601 */
602static int pn544_hci_im_transceive(struct nfc_hci_dev *hdev,
603 struct nfc_target *target,
604 struct sk_buff *skb, data_exchange_cb_t cb,
605 void *cb_context)
606{
607 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
608
609 pr_info(DRIVER_DESC ": %s for gate=%d\n", __func__,
610 target->hci_reader_gate);
611
612 switch (target->hci_reader_gate) {
613 case NFC_HCI_RF_READER_A_GATE:
614 if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
615 /*
616 * It seems that pn544 is inverting key and UID for
617 * MIFARE authentication commands.
618 */
619 if (skb->len == MIFARE_CMD_LEN &&
620 (skb->data[0] == MIFARE_CMD_AUTH_KEY_A ||
621 skb->data[0] == MIFARE_CMD_AUTH_KEY_B)) {
622 u8 uid[MIFARE_UID_LEN];
623 u8 *data = skb->data + MIFARE_CMD_HEADER;
624
625 memcpy(uid, data + MIFARE_KEY_LEN,
626 MIFARE_UID_LEN);
627 memmove(data + MIFARE_UID_LEN, data,
628 MIFARE_KEY_LEN);
629 memcpy(data, uid, MIFARE_UID_LEN);
630 }
631
632 return nfc_hci_send_cmd_async(hdev,
633 gate: target->hci_reader_gate,
634 PN544_MIFARE_CMD,
635 param: skb->data, param_len: skb->len,
636 cb, cb_context);
637 } else
638 return 1;
639 case PN544_RF_READER_F_GATE:
640 *(u8 *)skb_push(skb, len: 1) = 0;
641 *(u8 *)skb_push(skb, len: 1) = 0;
642
643 info->async_cb_type = PN544_CB_TYPE_READER_F;
644 info->async_cb = cb;
645 info->async_cb_context = cb_context;
646
647 return nfc_hci_send_cmd_async(hdev, gate: target->hci_reader_gate,
648 PN544_FELICA_RAW, param: skb->data,
649 param_len: skb->len,
650 cb: pn544_hci_data_exchange_cb, cb_context: info);
651 case PN544_RF_READER_JEWEL_GATE:
652 return nfc_hci_send_cmd_async(hdev, gate: target->hci_reader_gate,
653 PN544_JEWEL_RAW_CMD, param: skb->data,
654 param_len: skb->len, cb, cb_context);
655 case PN544_RF_READER_NFCIP1_INITIATOR_GATE:
656 *(u8 *)skb_push(skb, len: 1) = 0;
657
658 return nfc_hci_send_event(hdev, gate: target->hci_reader_gate,
659 PN544_HCI_EVT_SND_DATA, param: skb->data,
660 param_len: skb->len);
661 default:
662 return 1;
663 }
664}
665
666static int pn544_hci_tm_send(struct nfc_hci_dev *hdev, struct sk_buff *skb)
667{
668 int r;
669
670 /* Set default false for multiple information chaining */
671 *(u8 *)skb_push(skb, len: 1) = 0;
672
673 r = nfc_hci_send_event(hdev, PN544_RF_READER_NFCIP1_TARGET_GATE,
674 PN544_HCI_EVT_SND_DATA, param: skb->data, param_len: skb->len);
675
676 kfree_skb(skb);
677
678 return r;
679}
680
681static int pn544_hci_check_presence(struct nfc_hci_dev *hdev,
682 struct nfc_target *target)
683{
684 pr_debug("supported protocol %d\n", target->supported_protocols);
685 if (target->supported_protocols & (NFC_PROTO_ISO14443_MASK |
686 NFC_PROTO_ISO14443_B_MASK)) {
687 return nfc_hci_send_cmd(hdev, gate: target->hci_reader_gate,
688 PN544_RF_READER_CMD_PRESENCE_CHECK,
689 NULL, param_len: 0, NULL);
690 } else if (target->supported_protocols & NFC_PROTO_MIFARE_MASK) {
691 if (target->nfcid1_len != 4 && target->nfcid1_len != 7 &&
692 target->nfcid1_len != 10)
693 return -EOPNOTSUPP;
694
695 return nfc_hci_send_cmd(hdev, NFC_HCI_RF_READER_A_GATE,
696 PN544_RF_READER_CMD_ACTIVATE_NEXT,
697 param: target->nfcid1, param_len: target->nfcid1_len, NULL);
698 } else if (target->supported_protocols & (NFC_PROTO_JEWEL_MASK |
699 NFC_PROTO_FELICA_MASK)) {
700 return -EOPNOTSUPP;
701 } else if (target->supported_protocols & NFC_PROTO_NFC_DEP_MASK) {
702 return nfc_hci_send_cmd(hdev, gate: target->hci_reader_gate,
703 PN544_HCI_CMD_ATTREQUEST,
704 NULL, param_len: 0, NULL);
705 }
706
707 return 0;
708}
709
710/*
711 * Returns:
712 * <= 0: driver handled the event, skb consumed
713 * 1: driver does not handle the event, please do standard processing
714 */
715static int pn544_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
716 struct sk_buff *skb)
717{
718 struct sk_buff *rgb_skb = NULL;
719 u8 gate = hdev->pipes[pipe].gate;
720 int r;
721
722 pr_debug("hci event %d\n", event);
723 switch (event) {
724 case PN544_HCI_EVT_ACTIVATED:
725 if (gate == PN544_RF_READER_NFCIP1_INITIATOR_GATE) {
726 r = nfc_hci_target_discovered(hdev, gate);
727 } else if (gate == PN544_RF_READER_NFCIP1_TARGET_GATE) {
728 r = nfc_hci_get_param(hdev, gate, PN544_DEP_ATR_REQ,
729 skb: &rgb_skb);
730 if (r < 0)
731 goto exit;
732
733 r = nfc_tm_activated(dev: hdev->ndev, NFC_PROTO_NFC_DEP_MASK,
734 NFC_COMM_PASSIVE, gb: rgb_skb->data,
735 gb_len: rgb_skb->len);
736
737 kfree_skb(skb: rgb_skb);
738 } else {
739 r = -EINVAL;
740 }
741 break;
742 case PN544_HCI_EVT_DEACTIVATED:
743 r = nfc_hci_send_event(hdev, gate, NFC_HCI_EVT_END_OPERATION,
744 NULL, param_len: 0);
745 break;
746 case PN544_HCI_EVT_RCV_DATA:
747 if (skb->len < 2) {
748 r = -EPROTO;
749 goto exit;
750 }
751
752 if (skb->data[0] != 0) {
753 pr_debug("data0 %d\n", skb->data[0]);
754 r = -EPROTO;
755 goto exit;
756 }
757
758 skb_pull(skb, len: 2);
759 return nfc_tm_data_received(dev: hdev->ndev, skb);
760 default:
761 return 1;
762 }
763
764exit:
765 kfree_skb(skb);
766
767 return r;
768}
769
770static int pn544_hci_fw_download(struct nfc_hci_dev *hdev,
771 const char *firmware_name)
772{
773 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
774
775 if (info->fw_download == NULL)
776 return -ENOTSUPP;
777
778 return info->fw_download(info->phy_id, firmware_name, hdev->sw_romlib);
779}
780
781static int pn544_hci_discover_se(struct nfc_hci_dev *hdev)
782{
783 u32 se_idx = 0;
784 u8 ese_mode = 0x01; /* Default mode */
785 struct sk_buff *res_skb;
786 int r;
787
788 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE, PN544_TEST_SWP,
789 NULL, param_len: 0, skb: &res_skb);
790
791 if (r == 0) {
792 if (res_skb->len == 2 && res_skb->data[0] == 0x00)
793 nfc_add_se(dev: hdev->ndev, se_idx: se_idx++, NFC_SE_UICC);
794
795 kfree_skb(skb: res_skb);
796 }
797
798 r = nfc_hci_send_event(hdev, PN544_NFC_WI_MGMT_GATE,
799 PN544_HCI_EVT_SWITCH_MODE,
800 param: &ese_mode, param_len: 1);
801 if (r == 0)
802 nfc_add_se(dev: hdev->ndev, se_idx: se_idx++, NFC_SE_EMBEDDED);
803
804 return !se_idx;
805}
806
807#define PN544_SE_MODE_OFF 0x00
808#define PN544_SE_MODE_ON 0x01
809static int pn544_hci_enable_se(struct nfc_hci_dev *hdev, u32 se_idx)
810{
811 const struct nfc_se *se;
812 u8 enable = PN544_SE_MODE_ON;
813 static struct uicc_gatelist {
814 u8 head;
815 u8 adr[2];
816 u8 value;
817 } uicc_gatelist[] = {
818 {0x00, {0x9e, 0xd9}, 0x23},
819 {0x00, {0x9e, 0xda}, 0x21},
820 {0x00, {0x9e, 0xdb}, 0x22},
821 {0x00, {0x9e, 0xdc}, 0x24},
822 };
823 struct uicc_gatelist *p = uicc_gatelist;
824 int count = ARRAY_SIZE(uicc_gatelist);
825 struct sk_buff *res_skb;
826 int r;
827
828 se = nfc_find_se(dev: hdev->ndev, se_idx);
829
830 switch (se->type) {
831 case NFC_SE_UICC:
832 while (count--) {
833 r = nfc_hci_send_cmd(hdev, PN544_SYS_MGMT_GATE,
834 PN544_WRITE, param: (u8 *)p, param_len: 4, skb: &res_skb);
835 if (r < 0)
836 return r;
837
838 if (res_skb->len != 1) {
839 kfree_skb(skb: res_skb);
840 return -EPROTO;
841 }
842
843 if (res_skb->data[0] != p->value) {
844 kfree_skb(skb: res_skb);
845 return -EIO;
846 }
847
848 kfree_skb(skb: res_skb);
849
850 p++;
851 }
852
853 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
854 PN544_SWP_DEFAULT_MODE, param: &enable, param_len: 1);
855 case NFC_SE_EMBEDDED:
856 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
857 PN544_NFC_ESE_DEFAULT_MODE, param: &enable, param_len: 1);
858
859 default:
860 return -EINVAL;
861 }
862}
863
864static int pn544_hci_disable_se(struct nfc_hci_dev *hdev, u32 se_idx)
865{
866 const struct nfc_se *se;
867 u8 disable = PN544_SE_MODE_OFF;
868
869 se = nfc_find_se(dev: hdev->ndev, se_idx);
870
871 switch (se->type) {
872 case NFC_SE_UICC:
873 return nfc_hci_set_param(hdev, PN544_SWP_MGMT_GATE,
874 PN544_SWP_DEFAULT_MODE, param: &disable, param_len: 1);
875 case NFC_SE_EMBEDDED:
876 return nfc_hci_set_param(hdev, PN544_NFC_WI_MGMT_GATE,
877 PN544_NFC_ESE_DEFAULT_MODE, param: &disable, param_len: 1);
878 default:
879 return -EINVAL;
880 }
881}
882
883static const struct nfc_hci_ops pn544_hci_ops = {
884 .open = pn544_hci_open,
885 .close = pn544_hci_close,
886 .hci_ready = pn544_hci_ready,
887 .xmit = pn544_hci_xmit,
888 .start_poll = pn544_hci_start_poll,
889 .dep_link_up = pn544_hci_dep_link_up,
890 .dep_link_down = pn544_hci_dep_link_down,
891 .target_from_gate = pn544_hci_target_from_gate,
892 .complete_target_discovered = pn544_hci_complete_target_discovered,
893 .im_transceive = pn544_hci_im_transceive,
894 .tm_send = pn544_hci_tm_send,
895 .check_presence = pn544_hci_check_presence,
896 .event_received = pn544_hci_event_received,
897 .fw_download = pn544_hci_fw_download,
898 .discover_se = pn544_hci_discover_se,
899 .enable_se = pn544_hci_enable_se,
900 .disable_se = pn544_hci_disable_se,
901};
902
903int pn544_hci_probe(void *phy_id, const struct nfc_phy_ops *phy_ops,
904 char *llc_name, int phy_headroom, int phy_tailroom,
905 int phy_payload, fw_download_t fw_download,
906 struct nfc_hci_dev **hdev)
907{
908 struct pn544_hci_info *info;
909 u32 protocols;
910 struct nfc_hci_init_data init_data;
911 int r;
912
913 info = kzalloc(size: sizeof(struct pn544_hci_info), GFP_KERNEL);
914 if (!info) {
915 r = -ENOMEM;
916 goto err_info_alloc;
917 }
918
919 info->phy_ops = phy_ops;
920 info->phy_id = phy_id;
921 info->fw_download = fw_download;
922 info->state = PN544_ST_COLD;
923 mutex_init(&info->info_lock);
924
925 init_data.gate_count = ARRAY_SIZE(pn544_gates);
926
927 memcpy(init_data.gates, pn544_gates, sizeof(pn544_gates));
928
929 /*
930 * TODO: Session id must include the driver name + some bus addr
931 * persistent info to discriminate 2 identical chips
932 */
933 strcpy(p: init_data.session_id, q: "ID544HCI");
934
935 protocols = NFC_PROTO_JEWEL_MASK |
936 NFC_PROTO_MIFARE_MASK |
937 NFC_PROTO_FELICA_MASK |
938 NFC_PROTO_ISO14443_MASK |
939 NFC_PROTO_ISO14443_B_MASK |
940 NFC_PROTO_NFC_DEP_MASK;
941
942 info->hdev = nfc_hci_allocate_device(ops: &pn544_hci_ops, init_data: &init_data, quirks: 0,
943 protocols, llc_name,
944 tx_headroom: phy_headroom + PN544_CMDS_HEADROOM,
945 tx_tailroom: phy_tailroom, max_link_payload: phy_payload);
946 if (!info->hdev) {
947 pr_err("Cannot allocate nfc hdev\n");
948 r = -ENOMEM;
949 goto err_alloc_hdev;
950 }
951
952 nfc_hci_set_clientdata(hdev: info->hdev, clientdata: info);
953
954 r = nfc_hci_register_device(hdev: info->hdev);
955 if (r)
956 goto err_regdev;
957
958 *hdev = info->hdev;
959
960 return 0;
961
962err_regdev:
963 nfc_hci_free_device(hdev: info->hdev);
964
965err_alloc_hdev:
966 kfree(objp: info);
967
968err_info_alloc:
969 return r;
970}
971EXPORT_SYMBOL(pn544_hci_probe);
972
973void pn544_hci_remove(struct nfc_hci_dev *hdev)
974{
975 struct pn544_hci_info *info = nfc_hci_get_clientdata(hdev);
976
977 nfc_hci_unregister_device(hdev);
978 nfc_hci_free_device(hdev);
979 kfree(objp: info);
980}
981EXPORT_SYMBOL(pn544_hci_remove);
982
983MODULE_LICENSE("GPL");
984MODULE_DESCRIPTION(DRIVER_DESC);
985

source code of linux/drivers/nfc/pn544/pn544.c