net/nfc/digital_technology.c

   1 /*
   2  * NFC Digital Protocol stack
   3  * Copyright (c) 2013, Intel Corporation.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms and conditions of the GNU General Public License,
   7  * version 2, as published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  12  * more details.
  13  *
  14  */
  15
  16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
  17
  18 #include "digital.h"
  19
  20 #define DIGITAL_CMD_SENS_REQ    0x26
  21 #define DIGITAL_CMD_ALL_REQ     0x52
  22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
  23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
  24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
  25
  26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
  27
  28 #define DIGITAL_SDD_RES_CT  0x88
  29 #define DIGITAL_SDD_RES_LEN 5
  30 #define DIGITAL_SEL_RES_LEN 1
  31
  32 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
  33 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
  34 #define DIGITAL_SEL_RES_IS_T4T(sel_res) ((sel_res) & 0x20)
  35 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
  36
  37 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x0C00) == 0x0C00)
  38 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
  39         ((!((sens_res) & 0x001F) && (((sens_res) & 0x0C00) == 0x0C00)) || \
  40         (((sens_res) & 0x001F) && ((sens_res) & 0x0C00) != 0x0C00))
  41
  42 #define DIGITAL_MIFARE_READ_RES_LEN 16
  43 #define DIGITAL_MIFARE_ACK_RES  0x0A
  44
  45 #define DIGITAL_CMD_SENSB_REQ                   0x05
  46 #define DIGITAL_SENSB_ADVANCED                  BIT(5)
  47 #define DIGITAL_SENSB_EXTENDED                  BIT(4)
  48 #define DIGITAL_SENSB_ALLB_REQ                  BIT(3)
  49 #define DIGITAL_SENSB_N(n)                      ((n) & 0x7)
  50
  51 #define DIGITAL_CMD_SENSB_RES                   0x50
  52
  53 #define DIGITAL_CMD_ATTRIB_REQ                  0x1D
  54 #define DIGITAL_ATTRIB_P1_TR0_DEFAULT           (0x0 << 6)
  55 #define DIGITAL_ATTRIB_P1_TR1_DEFAULT           (0x0 << 4)
  56 #define DIGITAL_ATTRIB_P1_SUPRESS_EOS           BIT(3)
  57 #define DIGITAL_ATTRIB_P1_SUPRESS_SOS           BIT(2)
  58 #define DIGITAL_ATTRIB_P2_LISTEN_POLL_1         (0x0 << 6)
  59 #define DIGITAL_ATTRIB_P2_POLL_LISTEN_1         (0x0 << 4)
  60 #define DIGITAL_ATTRIB_P2_MAX_FRAME_256         0x8
  61 #define DIGITAL_ATTRIB_P4_DID(n)                ((n) & 0xf)
  62
  63 #define DIGITAL_CMD_SENSF_REQ   0x00
  64 #define DIGITAL_CMD_SENSF_RES   0x01
  65
  66 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
  67 #define DIGITAL_SENSF_RES_RD_AP_B1   0x00
  68 #define DIGITAL_SENSF_RES_RD_AP_B2   0x8F
  69
  70 #define DIGITAL_SENSF_REQ_RC_NONE 0
  71 #define DIGITAL_SENSF_REQ_RC_SC   1
  72 #define DIGITAL_SENSF_REQ_RC_AP   2
  73
  74 #define DIGITAL_CMD_ISO15693_INVENTORY_REQ      0x01
  75
  76 #define DIGITAL_ISO15693_REQ_FLAG_DATA_RATE     BIT(1)
  77 #define DIGITAL_ISO15693_REQ_FLAG_INVENTORY     BIT(2)
  78 #define DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS      BIT(5)
  79 #define DIGITAL_ISO15693_RES_FLAG_ERROR         BIT(0)
  80 #define DIGITAL_ISO15693_RES_IS_VALID(flags) \
  81         (!((flags) & DIGITAL_ISO15693_RES_FLAG_ERROR))
  82
  83 #define DIGITAL_ISO_DEP_I_PCB    0x02
  84 #define DIGITAL_ISO_DEP_PNI(pni) ((pni) & 0x01)
  85
  86 #define DIGITAL_ISO_DEP_PCB_TYPE(pcb) ((pcb) & 0xC0)
  87
  88 #define DIGITAL_ISO_DEP_I_BLOCK 0x00
  89
  90 #define DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb) ((pcb) & 0x08)
  91
  92 static const u8 digital_ats_fsc[] = {
  93          16,  24,  32,  40,  48,  64,  96, 128,
  94 };
  95
  96 #define DIGITAL_ATS_FSCI(t0) ((t0) & 0x0F)
  97 #define DIGITAL_SENSB_FSCI(pi2) (((pi2) & 0xF0) >> 4)
  98 #define DIGITAL_ATS_MAX_FSC  256
  99
 100 #define DIGITAL_RATS_BYTE1 0xE0
 101 #define DIGITAL_RATS_PARAM 0x80
 102
 103 struct digital_sdd_res {
 104         u8 nfcid1[4];
 105         u8 bcc;
 106 } __packed;
 107
 108 struct digital_sel_req {
 109         u8 sel_cmd;
 110         u8 b2;
 111         u8 nfcid1[4];
 112         u8 bcc;
 113 } __packed;
 114
 115 struct digital_sensb_req {
 116         u8 cmd;
 117         u8 afi;
 118         u8 param;
 119 } __packed;
 120
 121 struct digital_sensb_res {
 122         u8 cmd;
 123         u8 nfcid0[4];
 124         u8 app_data[4];
 125         u8 proto_info[3];
 126 } __packed;
 127
 128 struct digital_attrib_req {
 129         u8 cmd;
 130         u8 nfcid0[4];
 131         u8 param1;
 132         u8 param2;
 133         u8 param3;
 134         u8 param4;
 135 } __packed;
 136
 137 struct digital_attrib_res {
 138         u8 mbli_did;
 139 } __packed;
 140
 141 struct digital_sensf_req {
 142         u8 cmd;
 143         u8 sc1;
 144         u8 sc2;
 145         u8 rc;
 146         u8 tsn;
 147 } __packed;
 148
 149 struct digital_sensf_res {
 150         u8 cmd;
 151         u8 nfcid2[8];
 152         u8 pad0[2];
 153         u8 pad1[3];
 154         u8 mrti_check;
 155         u8 mrti_update;
 156         u8 pad2;
 157         u8 rd[2];
 158 } __packed;
 159
 160 struct digital_iso15693_inv_req {
 161         u8 flags;
 162         u8 cmd;
 163         u8 mask_len;
 164         u64 mask;
 165 } __packed;
 166
 167 struct digital_iso15693_inv_res {
 168         u8 flags;
 169         u8 dsfid;
 170         u64 uid;
 171 } __packed;
 172
 173 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
 174                                    struct nfc_target *target);
 175
 176 int digital_in_iso_dep_pull_sod(struct nfc_digital_dev *ddev,
 177                                 struct sk_buff *skb)
 178 {
 179         u8 pcb;
 180         u8 block_type;
 181
 182         if (skb->len < 1)
 183                 return -EIO;
 184
 185         pcb = *skb->data;
 186         block_type = DIGITAL_ISO_DEP_PCB_TYPE(pcb);
 187
 188         /* No support fo R-block nor S-block */
 189         if (block_type != DIGITAL_ISO_DEP_I_BLOCK) {
 190                 pr_err("ISO_DEP R-block and S-block not supported\n");
 191                 return -EIO;
 192         }
 193
 194         if (DIGITAL_ISO_DEP_BLOCK_HAS_DID(pcb)) {
 195                 pr_err("DID field in ISO_DEP PCB not supported\n");
 196                 return -EIO;
 197         }
 198
 199         skb_pull(skb, 1);
 200
 201         return 0;
 202 }
 203
 204 int digital_in_iso_dep_push_sod(struct nfc_digital_dev *ddev,
 205                                 struct sk_buff *skb)
 206 {
 207         /*
 208          * Chaining not supported so skb->len + 1 PCB byte + 2 CRC bytes must
 209          * not be greater than remote FSC
 210          */
 211         if (skb->len + 3 > ddev->target_fsc)
 212                 return -EIO;
 213
 214         skb_push(skb, 1);
 215
 216         *skb->data = DIGITAL_ISO_DEP_I_PCB | ddev->curr_nfc_dep_pni;
 217
 218         ddev->curr_nfc_dep_pni =
 219                 DIGITAL_ISO_DEP_PNI(ddev->curr_nfc_dep_pni + 1);
 220
 221         return 0;
 222 }
 223
 224 static void digital_in_recv_ats(struct nfc_digital_dev *ddev, void *arg,
 225                                 struct sk_buff *resp)
 226 {
 227         struct nfc_target *target = arg;
 228         u8 fsdi;
 229         int rc;
 230
 231         if (IS_ERR(resp)) {
 232                 rc = PTR_ERR(resp);
 233                 resp = NULL;
 234                 goto exit;
 235         }
 236
 237         if (resp->len < 2) {
 238                 rc = -EIO;
 239                 goto exit;
 240         }
 241
 242         fsdi = DIGITAL_ATS_FSCI(resp->data[1]);
 243         if (fsdi >= 8)
 244                 ddev->target_fsc = DIGITAL_ATS_MAX_FSC;
 245         else
 246                 ddev->target_fsc = digital_ats_fsc[fsdi];
 247
 248         ddev->curr_nfc_dep_pni = 0;
 249
 250         rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443);
 251
 252 exit:
 253         dev_kfree_skb(resp);
 254         kfree(target);
 255
 256         if (rc)
 257                 digital_poll_next_tech(ddev);
 258 }
 259
 260 static int digital_in_send_rats(struct nfc_digital_dev *ddev,
 261                                 struct nfc_target *target)
 262 {
 263         int rc;
 264         struct sk_buff *skb;
 265
 266         skb = digital_skb_alloc(ddev, 2);
 267         if (!skb)
 268                 return -ENOMEM;
 269
 270         skb_put_u8(skb, DIGITAL_RATS_BYTE1);
 271         skb_put_u8(skb, DIGITAL_RATS_PARAM);
 272
 273         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_ats,
 274                                  target);
 275         if (rc)
 276                 kfree_skb(skb);
 277
 278         return rc;
 279 }
 280
 281 static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg,
 282                                     struct sk_buff *resp)
 283 {
 284         struct nfc_target *target = arg;
 285         int rc;
 286         u8 sel_res;
 287         u8 nfc_proto;
 288
 289         if (IS_ERR(resp)) {
 290                 rc = PTR_ERR(resp);
 291                 resp = NULL;
 292                 goto exit;
 293         }
 294
 295         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 296                 rc = digital_skb_check_crc_a(resp);
 297                 if (rc) {
 298                         PROTOCOL_ERR("4.4.1.3");
 299                         goto exit;
 300                 }
 301         }
 302
 303         if (resp->len != DIGITAL_SEL_RES_LEN) {
 304                 rc = -EIO;
 305                 goto exit;
 306         }
 307
 308         sel_res = resp->data[0];
 309
 310         if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) {
 311                 rc = digital_in_send_sdd_req(ddev, target);
 312                 if (rc)
 313                         goto exit;
 314
 315                 goto exit_free_skb;
 316         }
 317
 318         target->sel_res = sel_res;
 319
 320         if (DIGITAL_SEL_RES_IS_T2T(sel_res)) {
 321                 nfc_proto = NFC_PROTO_MIFARE;
 322         } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) {
 323                 nfc_proto = NFC_PROTO_NFC_DEP;
 324         } else if (DIGITAL_SEL_RES_IS_T4T(sel_res)) {
 325                 rc = digital_in_send_rats(ddev, target);
 326                 if (rc)
 327                         goto exit;
 328                 /*
 329                  * Skip target_found and don't free it for now. This will be
 330                  * done when receiving the ATS
 331                  */
 332                 goto exit_free_skb;
 333         } else {
 334                 rc = -EOPNOTSUPP;
 335                 goto exit;
 336         }
 337
 338         rc = digital_target_found(ddev, target, nfc_proto);
 339
 340 exit:
 341         kfree(target);
 342
 343 exit_free_skb:
 344         dev_kfree_skb(resp);
 345
 346         if (rc)
 347                 digital_poll_next_tech(ddev);
 348 }
 349
 350 static int digital_in_send_sel_req(struct nfc_digital_dev *ddev,
 351                                    struct nfc_target *target,
 352                                    struct digital_sdd_res *sdd_res)
 353 {
 354         struct sk_buff *skb;
 355         struct digital_sel_req *sel_req;
 356         u8 sel_cmd;
 357         int rc;
 358
 359         skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req));
 360         if (!skb)
 361                 return -ENOMEM;
 362
 363         skb_put(skb, sizeof(struct digital_sel_req));
 364         sel_req = (struct digital_sel_req *)skb->data;
 365
 366         if (target->nfcid1_len <= 4)
 367                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
 368         else if (target->nfcid1_len < 10)
 369                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
 370         else
 371                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
 372
 373         sel_req->sel_cmd = sel_cmd;
 374         sel_req->b2 = 0x70;
 375         memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4);
 376         sel_req->bcc = sdd_res->bcc;
 377
 378         if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 379                 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 380                                 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
 381                 if (rc)
 382                         goto exit;
 383         } else {
 384                 digital_skb_add_crc_a(skb);
 385         }
 386
 387         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res,
 388                                  target);
 389 exit:
 390         if (rc)
 391                 kfree_skb(skb);
 392
 393         return rc;
 394 }
 395
 396 static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg,
 397                                     struct sk_buff *resp)
 398 {
 399         struct nfc_target *target = arg;
 400         struct digital_sdd_res *sdd_res;
 401         int rc;
 402         u8 offset, size;
 403         u8 i, bcc;
 404
 405         if (IS_ERR(resp)) {
 406                 rc = PTR_ERR(resp);
 407                 resp = NULL;
 408                 goto exit;
 409         }
 410
 411         if (resp->len < DIGITAL_SDD_RES_LEN) {
 412                 PROTOCOL_ERR("4.7.2.8");
 413                 rc = -EINVAL;
 414                 goto exit;
 415         }
 416
 417         sdd_res = (struct digital_sdd_res *)resp->data;
 418
 419         for (i = 0, bcc = 0; i < 4; i++)
 420                 bcc ^= sdd_res->nfcid1[i];
 421
 422         if (bcc != sdd_res->bcc) {
 423                 PROTOCOL_ERR("4.7.2.6");
 424                 rc = -EINVAL;
 425                 goto exit;
 426         }
 427
 428         if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) {
 429                 offset = 1;
 430                 size = 3;
 431         } else {
 432                 offset = 0;
 433                 size = 4;
 434         }
 435
 436         memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset,
 437                size);
 438         target->nfcid1_len += size;
 439
 440         rc = digital_in_send_sel_req(ddev, target, sdd_res);
 441
 442 exit:
 443         dev_kfree_skb(resp);
 444
 445         if (rc) {
 446                 kfree(target);
 447                 digital_poll_next_tech(ddev);
 448         }
 449 }
 450
 451 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
 452                                    struct nfc_target *target)
 453 {
 454         int rc;
 455         struct sk_buff *skb;
 456         u8 sel_cmd;
 457
 458         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 459                                      NFC_DIGITAL_FRAMING_NFCA_STANDARD);
 460         if (rc)
 461                 return rc;
 462
 463         skb = digital_skb_alloc(ddev, 2);
 464         if (!skb)
 465                 return -ENOMEM;
 466
 467         if (target->nfcid1_len == 0)
 468                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
 469         else if (target->nfcid1_len == 3)
 470                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
 471         else
 472                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
 473
 474         skb_put_u8(skb, sel_cmd);
 475         skb_put_u8(skb, DIGITAL_SDD_REQ_SEL_PAR);
 476
 477         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res,
 478                                  target);
 479         if (rc)
 480                 kfree_skb(skb);
 481
 482         return rc;
 483 }
 484
 485 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg,
 486                                      struct sk_buff *resp)
 487 {
 488         struct nfc_target *target = NULL;
 489         int rc;
 490
 491         if (IS_ERR(resp)) {
 492                 rc = PTR_ERR(resp);
 493                 resp = NULL;
 494                 goto exit;
 495         }
 496
 497         if (resp->len < sizeof(u16)) {
 498                 rc = -EIO;
 499                 goto exit;
 500         }
 501
 502         target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
 503         if (!target) {
 504                 rc = -ENOMEM;
 505                 goto exit;
 506         }
 507
 508         target->sens_res = __le16_to_cpu(*(__le16 *)resp->data);
 509
 510         if (!DIGITAL_SENS_RES_IS_VALID(target->sens_res)) {
 511                 PROTOCOL_ERR("4.6.3.3");
 512                 rc = -EINVAL;
 513                 goto exit;
 514         }
 515
 516         if (DIGITAL_SENS_RES_IS_T1T(target->sens_res))
 517                 rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL);
 518         else
 519                 rc = digital_in_send_sdd_req(ddev, target);
 520
 521 exit:
 522         dev_kfree_skb(resp);
 523
 524         if (rc) {
 525                 kfree(target);
 526                 digital_poll_next_tech(ddev);
 527         }
 528 }
 529
 530 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 531 {
 532         struct sk_buff *skb;
 533         int rc;
 534
 535         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
 536                                      NFC_DIGITAL_RF_TECH_106A);
 537         if (rc)
 538                 return rc;
 539
 540         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 541                                      NFC_DIGITAL_FRAMING_NFCA_SHORT);
 542         if (rc)
 543                 return rc;
 544
 545         skb = digital_skb_alloc(ddev, 1);
 546         if (!skb)
 547                 return -ENOMEM;
 548
 549         skb_put_u8(skb, DIGITAL_CMD_SENS_REQ);
 550
 551         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL);
 552         if (rc)
 553                 kfree_skb(skb);
 554
 555         return rc;
 556 }
 557
 558 int digital_in_recv_mifare_res(struct sk_buff *resp)
 559 {
 560         /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
 561          * Since the driver can't differentiate a ACK/NACK response from a valid
 562          * READ response, the CRC calculation must be handled at digital level
 563          * even if the driver supports it for this technology.
 564          */
 565         if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) {
 566                 if (digital_skb_check_crc_a(resp)) {
 567                         PROTOCOL_ERR("9.4.1.2");
 568                         return -EIO;
 569                 }
 570
 571                 return 0;
 572         }
 573
 574         /* ACK response (i.e. successful WRITE). */
 575         if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) {
 576                 resp->data[0] = 0;
 577                 return 0;
 578         }
 579
 580         /* NACK and any other responses are treated as error. */
 581         return -EIO;
 582 }
 583
 584 static void digital_in_recv_attrib_res(struct nfc_digital_dev *ddev, void *arg,
 585                                        struct sk_buff *resp)
 586 {
 587         struct nfc_target *target = arg;
 588         struct digital_attrib_res *attrib_res;
 589         int rc;
 590
 591         if (IS_ERR(resp)) {
 592                 rc = PTR_ERR(resp);
 593                 resp = NULL;
 594                 goto exit;
 595         }
 596
 597         if (resp->len < sizeof(*attrib_res)) {
 598                 PROTOCOL_ERR("12.6.2");
 599                 rc = -EIO;
 600                 goto exit;
 601         }
 602
 603         attrib_res = (struct digital_attrib_res *)resp->data;
 604
 605         if (attrib_res->mbli_did & 0x0f) {
 606                 PROTOCOL_ERR("12.6.2.1");
 607                 rc = -EIO;
 608                 goto exit;
 609         }
 610
 611         rc = digital_target_found(ddev, target, NFC_PROTO_ISO14443_B);
 612
 613 exit:
 614         dev_kfree_skb(resp);
 615         kfree(target);
 616
 617         if (rc)
 618                 digital_poll_next_tech(ddev);
 619 }
 620
 621 static int digital_in_send_attrib_req(struct nfc_digital_dev *ddev,
 622                                struct nfc_target *target,
 623                                struct digital_sensb_res *sensb_res)
 624 {
 625         struct digital_attrib_req *attrib_req;
 626         struct sk_buff *skb;
 627         int rc;
 628
 629         skb = digital_skb_alloc(ddev, sizeof(*attrib_req));
 630         if (!skb)
 631                 return -ENOMEM;
 632
 633         attrib_req = skb_put(skb, sizeof(*attrib_req));
 634
 635         attrib_req->cmd = DIGITAL_CMD_ATTRIB_REQ;
 636         memcpy(attrib_req->nfcid0, sensb_res->nfcid0,
 637                sizeof(attrib_req->nfcid0));
 638         attrib_req->param1 = DIGITAL_ATTRIB_P1_TR0_DEFAULT |
 639                              DIGITAL_ATTRIB_P1_TR1_DEFAULT;
 640         attrib_req->param2 = DIGITAL_ATTRIB_P2_LISTEN_POLL_1 |
 641                              DIGITAL_ATTRIB_P2_POLL_LISTEN_1 |
 642                              DIGITAL_ATTRIB_P2_MAX_FRAME_256;
 643         attrib_req->param3 = sensb_res->proto_info[1] & 0x07;
 644         attrib_req->param4 = DIGITAL_ATTRIB_P4_DID(0);
 645
 646         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_attrib_res,
 647                                  target);
 648         if (rc)
 649                 kfree_skb(skb);
 650
 651         return rc;
 652 }
 653
 654 static void digital_in_recv_sensb_res(struct nfc_digital_dev *ddev, void *arg,
 655                                       struct sk_buff *resp)
 656 {
 657         struct nfc_target *target = NULL;
 658         struct digital_sensb_res *sensb_res;
 659         u8 fsci;
 660         int rc;
 661
 662         if (IS_ERR(resp)) {
 663                 rc = PTR_ERR(resp);
 664                 resp = NULL;
 665                 goto exit;
 666         }
 667
 668         if (resp->len != sizeof(*sensb_res)) {
 669                 PROTOCOL_ERR("5.6.2.1");
 670                 rc = -EIO;
 671                 goto exit;
 672         }
 673
 674         sensb_res = (struct digital_sensb_res *)resp->data;
 675
 676         if (sensb_res->cmd != DIGITAL_CMD_SENSB_RES) {
 677                 PROTOCOL_ERR("5.6.2");
 678                 rc = -EIO;
 679                 goto exit;
 680         }
 681
 682         if (!(sensb_res->proto_info[1] & BIT(0))) {
 683                 PROTOCOL_ERR("5.6.2.12");
 684                 rc = -EIO;
 685                 goto exit;
 686         }
 687
 688         if (sensb_res->proto_info[1] & BIT(3)) {
 689                 PROTOCOL_ERR("5.6.2.16");
 690                 rc = -EIO;
 691                 goto exit;
 692         }
 693
 694         fsci = DIGITAL_SENSB_FSCI(sensb_res->proto_info[1]);
 695         if (fsci >= 8)
 696                 ddev->target_fsc = DIGITAL_ATS_MAX_FSC;
 697         else
 698                 ddev->target_fsc = digital_ats_fsc[fsci];
 699
 700         target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
 701         if (!target) {
 702                 rc = -ENOMEM;
 703                 goto exit;
 704         }
 705
 706         rc = digital_in_send_attrib_req(ddev, target, sensb_res);
 707
 708 exit:
 709         dev_kfree_skb(resp);
 710
 711         if (rc) {
 712                 kfree(target);
 713                 digital_poll_next_tech(ddev);
 714         }
 715 }
 716
 717 int digital_in_send_sensb_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 718 {
 719         struct digital_sensb_req *sensb_req;
 720         struct sk_buff *skb;
 721         int rc;
 722
 723         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
 724                                      NFC_DIGITAL_RF_TECH_106B);
 725         if (rc)
 726                 return rc;
 727
 728         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 729                                      NFC_DIGITAL_FRAMING_NFCB);
 730         if (rc)
 731                 return rc;
 732
 733         skb = digital_skb_alloc(ddev, sizeof(*sensb_req));
 734         if (!skb)
 735                 return -ENOMEM;
 736
 737         sensb_req = skb_put(skb, sizeof(*sensb_req));
 738
 739         sensb_req->cmd = DIGITAL_CMD_SENSB_REQ;
 740         sensb_req->afi = 0x00; /* All families and sub-families */
 741         sensb_req->param = DIGITAL_SENSB_N(0);
 742
 743         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensb_res,
 744                                  NULL);
 745         if (rc)
 746                 kfree_skb(skb);
 747
 748         return rc;
 749 }
 750
 751 static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg,
 752                                    struct sk_buff *resp)
 753 {
 754         int rc;
 755         u8 proto;
 756         struct nfc_target target;
 757         struct digital_sensf_res *sensf_res;
 758
 759         if (IS_ERR(resp)) {
 760                 rc = PTR_ERR(resp);
 761                 resp = NULL;
 762                 goto exit;
 763         }
 764
 765         if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) {
 766                 rc = -EIO;
 767                 goto exit;
 768         }
 769
 770         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 771                 rc = digital_skb_check_crc_f(resp);
 772                 if (rc) {
 773                         PROTOCOL_ERR("6.4.1.8");
 774                         goto exit;
 775                 }
 776         }
 777
 778         skb_pull(resp, 1);
 779
 780         memset(&target, 0, sizeof(struct nfc_target));
 781
 782         sensf_res = (struct digital_sensf_res *)resp->data;
 783
 784         memcpy(target.sensf_res, sensf_res, resp->len);
 785         target.sensf_res_len = resp->len;
 786
 787         memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE);
 788         target.nfcid2_len = NFC_NFCID2_MAXSIZE;
 789
 790         if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 &&
 791             target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2)
 792                 proto = NFC_PROTO_NFC_DEP;
 793         else
 794                 proto = NFC_PROTO_FELICA;
 795
 796         rc = digital_target_found(ddev, &target, proto);
 797
 798 exit:
 799         dev_kfree_skb(resp);
 800
 801         if (rc)
 802                 digital_poll_next_tech(ddev);
 803 }
 804
 805 int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 806 {
 807         struct digital_sensf_req *sensf_req;
 808         struct sk_buff *skb;
 809         int rc;
 810         u8 size;
 811
 812         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
 813         if (rc)
 814                 return rc;
 815
 816         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 817                                      NFC_DIGITAL_FRAMING_NFCF);
 818         if (rc)
 819                 return rc;
 820
 821         size = sizeof(struct digital_sensf_req);
 822
 823         skb = digital_skb_alloc(ddev, size);
 824         if (!skb)
 825                 return -ENOMEM;
 826
 827         skb_put(skb, size);
 828
 829         sensf_req = (struct digital_sensf_req *)skb->data;
 830         sensf_req->cmd = DIGITAL_CMD_SENSF_REQ;
 831         sensf_req->sc1 = 0xFF;
 832         sensf_req->sc2 = 0xFF;
 833         sensf_req->rc = 0;
 834         sensf_req->tsn = 0;
 835
 836         *(u8 *)skb_push(skb, 1) = size + 1;
 837
 838         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev))
 839                 digital_skb_add_crc_f(skb);
 840
 841         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res,
 842                                  NULL);
 843         if (rc)
 844                 kfree_skb(skb);
 845
 846         return rc;
 847 }
 848
 849 static void digital_in_recv_iso15693_inv_res(struct nfc_digital_dev *ddev,
 850                 void *arg, struct sk_buff *resp)
 851 {
 852         struct digital_iso15693_inv_res *res;
 853         struct nfc_target *target = NULL;
 854         int rc;
 855
 856         if (IS_ERR(resp)) {
 857                 rc = PTR_ERR(resp);
 858                 resp = NULL;
 859                 goto out_free_skb;
 860         }
 861
 862         if (resp->len != sizeof(*res)) {
 863                 rc = -EIO;
 864                 goto out_free_skb;
 865         }
 866
 867         res = (struct digital_iso15693_inv_res *)resp->data;
 868
 869         if (!DIGITAL_ISO15693_RES_IS_VALID(res->flags)) {
 870                 PROTOCOL_ERR("ISO15693 - 10.3.1");
 871                 rc = -EINVAL;
 872                 goto out_free_skb;
 873         }
 874
 875         target = kzalloc(sizeof(*target), GFP_KERNEL);
 876         if (!target) {
 877                 rc = -ENOMEM;
 878                 goto out_free_skb;
 879         }
 880
 881         target->is_iso15693 = 1;
 882         target->iso15693_dsfid = res->dsfid;
 883         memcpy(target->iso15693_uid, &res->uid, sizeof(target->iso15693_uid));
 884
 885         rc = digital_target_found(ddev, target, NFC_PROTO_ISO15693);
 886
 887         kfree(target);
 888
 889 out_free_skb:
 890         dev_kfree_skb(resp);
 891
 892         if (rc)
 893                 digital_poll_next_tech(ddev);
 894 }
 895
 896 int digital_in_send_iso15693_inv_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 897 {
 898         struct digital_iso15693_inv_req *req;
 899         struct sk_buff *skb;
 900         int rc;
 901
 902         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
 903                                      NFC_DIGITAL_RF_TECH_ISO15693);
 904         if (rc)
 905                 return rc;
 906
 907         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 908                                      NFC_DIGITAL_FRAMING_ISO15693_INVENTORY);
 909         if (rc)
 910                 return rc;
 911
 912         skb = digital_skb_alloc(ddev, sizeof(*req));
 913         if (!skb)
 914                 return -ENOMEM;
 915
 916         skb_put(skb, sizeof(*req) - sizeof(req->mask)); /* No mask */
 917         req = (struct digital_iso15693_inv_req *)skb->data;
 918
 919         /* Single sub-carrier, high data rate, no AFI, single slot
 920          * Inventory command
 921          */
 922         req->flags = DIGITAL_ISO15693_REQ_FLAG_DATA_RATE |
 923                      DIGITAL_ISO15693_REQ_FLAG_INVENTORY |
 924                      DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS;
 925         req->cmd = DIGITAL_CMD_ISO15693_INVENTORY_REQ;
 926         req->mask_len = 0;
 927
 928         rc = digital_in_send_cmd(ddev, skb, 30,
 929                                  digital_in_recv_iso15693_inv_res, NULL);
 930         if (rc)
 931                 kfree_skb(skb);
 932
 933         return rc;
 934 }
 935
 936 static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev)
 937 {
 938         struct sk_buff *skb;
 939         int rc;
 940
 941         skb = digital_skb_alloc(ddev, 1);
 942         if (!skb)
 943                 return -ENOMEM;
 944
 945         skb_put_u8(skb, DIGITAL_SEL_RES_NFC_DEP);
 946
 947         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
 948                 digital_skb_add_crc_a(skb);
 949
 950         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 951                                      NFC_DIGITAL_FRAMING_NFCA_ANTICOL_COMPLETE);
 952         if (rc) {
 953                 kfree_skb(skb);
 954                 return rc;
 955         }
 956
 957         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req,
 958                                  NULL);
 959         if (rc)
 960                 kfree_skb(skb);
 961
 962         return rc;
 963 }
 964
 965 static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg,
 966                                     struct sk_buff *resp)
 967 {
 968         int rc;
 969
 970         if (IS_ERR(resp)) {
 971                 rc = PTR_ERR(resp);
 972                 resp = NULL;
 973                 goto exit;
 974         }
 975
 976         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
 977                 rc = digital_skb_check_crc_a(resp);
 978                 if (rc) {
 979                         PROTOCOL_ERR("4.4.1.3");
 980                         goto exit;
 981                 }
 982         }
 983
 984         /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
 985
 986         rc = digital_tg_send_sel_res(ddev);
 987
 988 exit:
 989         if (rc)
 990                 digital_poll_next_tech(ddev);
 991
 992         dev_kfree_skb(resp);
 993 }
 994
 995 static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev)
 996 {
 997         struct sk_buff *skb;
 998         struct digital_sdd_res *sdd_res;
 999         int rc, i;
1000
1001         skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res));
1002         if (!skb)
1003                 return -ENOMEM;
1004
1005         skb_put(skb, sizeof(struct digital_sdd_res));
1006         sdd_res = (struct digital_sdd_res *)skb->data;
1007
1008         sdd_res->nfcid1[0] = 0x08;
1009         get_random_bytes(sdd_res->nfcid1 + 1, 3);
1010
1011         sdd_res->bcc = 0;
1012         for (i = 0; i < 4; i++)
1013                 sdd_res->bcc ^= sdd_res->nfcid1[i];
1014
1015         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1016                                 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
1017         if (rc) {
1018                 kfree_skb(skb);
1019                 return rc;
1020         }
1021
1022         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req,
1023                                  NULL);
1024         if (rc)
1025                 kfree_skb(skb);
1026
1027         return rc;
1028 }
1029
1030 static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg,
1031                                     struct sk_buff *resp)
1032 {
1033         u8 *sdd_req;
1034         int rc;
1035
1036         if (IS_ERR(resp)) {
1037                 rc = PTR_ERR(resp);
1038                 resp = NULL;
1039                 goto exit;
1040         }
1041
1042         sdd_req = resp->data;
1043
1044         if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 ||
1045             sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) {
1046                 rc = -EINVAL;
1047                 goto exit;
1048         }
1049
1050         rc = digital_tg_send_sdd_res(ddev);
1051
1052 exit:
1053         if (rc)
1054                 digital_poll_next_tech(ddev);
1055
1056         dev_kfree_skb(resp);
1057 }
1058
1059 static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev)
1060 {
1061         struct sk_buff *skb;
1062         u8 *sens_res;
1063         int rc;
1064
1065         skb = digital_skb_alloc(ddev, 2);
1066         if (!skb)
1067                 return -ENOMEM;
1068
1069         sens_res = skb_put(skb, 2);
1070
1071         sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF;
1072         sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF;
1073
1074         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1075                                      NFC_DIGITAL_FRAMING_NFCA_STANDARD);
1076         if (rc) {
1077                 kfree_skb(skb);
1078                 return rc;
1079         }
1080
1081         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req,
1082                                  NULL);
1083         if (rc)
1084                 kfree_skb(skb);
1085
1086         return rc;
1087 }
1088
1089 void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg,
1090                               struct sk_buff *resp)
1091 {
1092         u8 sens_req;
1093         int rc;
1094
1095         if (IS_ERR(resp)) {
1096                 rc = PTR_ERR(resp);
1097                 resp = NULL;
1098                 goto exit;
1099         }
1100
1101         sens_req = resp->data[0];
1102
1103         if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ &&
1104             sens_req != DIGITAL_CMD_ALL_REQ)) {
1105                 rc = -EINVAL;
1106                 goto exit;
1107         }
1108
1109         rc = digital_tg_send_sens_res(ddev);
1110
1111 exit:
1112         if (rc)
1113                 digital_poll_next_tech(ddev);
1114
1115         dev_kfree_skb(resp);
1116 }
1117
1118 static void digital_tg_recv_atr_or_sensf_req(struct nfc_digital_dev *ddev,
1119                 void *arg, struct sk_buff *resp)
1120 {
1121         if (!IS_ERR(resp) && (resp->len >= 2) &&
1122                         (resp->data[1] == DIGITAL_CMD_SENSF_REQ))
1123                 digital_tg_recv_sensf_req(ddev, arg, resp);
1124         else
1125                 digital_tg_recv_atr_req(ddev, arg, resp);
1126
1127         return;
1128 }
1129
1130 static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev,
1131                               struct digital_sensf_req *sensf_req)
1132 {
1133         struct sk_buff *skb;
1134         u8 size;
1135         int rc;
1136         struct digital_sensf_res *sensf_res;
1137
1138         size = sizeof(struct digital_sensf_res);
1139
1140         if (sensf_req->rc == DIGITAL_SENSF_REQ_RC_NONE)
1141                 size -= sizeof(sensf_res->rd);
1142
1143         skb = digital_skb_alloc(ddev, size);
1144         if (!skb)
1145                 return -ENOMEM;
1146
1147         skb_put(skb, size);
1148
1149         sensf_res = (struct digital_sensf_res *)skb->data;
1150
1151         memset(sensf_res, 0, size);
1152
1153         sensf_res->cmd = DIGITAL_CMD_SENSF_RES;
1154         sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
1155         sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
1156         get_random_bytes(&sensf_res->nfcid2[2], 6);
1157
1158         switch (sensf_req->rc) {
1159         case DIGITAL_SENSF_REQ_RC_SC:
1160                 sensf_res->rd[0] = sensf_req->sc1;
1161                 sensf_res->rd[1] = sensf_req->sc2;
1162                 break;
1163         case DIGITAL_SENSF_REQ_RC_AP:
1164                 sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1;
1165                 sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2;
1166                 break;
1167         }
1168
1169         *(u8 *)skb_push(skb, sizeof(u8)) = size + 1;
1170
1171         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
1172                 digital_skb_add_crc_f(skb);
1173
1174         rc = digital_tg_send_cmd(ddev, skb, 300,
1175                                  digital_tg_recv_atr_or_sensf_req, NULL);
1176         if (rc)
1177                 kfree_skb(skb);
1178
1179         return rc;
1180 }
1181
1182 void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg,
1183                                struct sk_buff *resp)
1184 {
1185         struct digital_sensf_req *sensf_req;
1186         int rc;
1187
1188         if (IS_ERR(resp)) {
1189                 rc = PTR_ERR(resp);
1190                 resp = NULL;
1191                 goto exit;
1192         }
1193
1194         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
1195                 rc = digital_skb_check_crc_f(resp);
1196                 if (rc) {
1197                         PROTOCOL_ERR("6.4.1.8");
1198                         goto exit;
1199                 }
1200         }
1201
1202         if (resp->len != sizeof(struct digital_sensf_req) + 1) {
1203                 rc = -EINVAL;
1204                 goto exit;
1205         }
1206
1207         skb_pull(resp, 1);
1208         sensf_req = (struct digital_sensf_req *)resp->data;
1209
1210         if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) {
1211                 rc = -EINVAL;
1212                 goto exit;
1213         }
1214
1215         rc = digital_tg_send_sensf_res(ddev, sensf_req);
1216
1217 exit:
1218         if (rc)
1219                 digital_poll_next_tech(ddev);
1220
1221         dev_kfree_skb(resp);
1222 }
1223
1224 static int digital_tg_config_nfca(struct nfc_digital_dev *ddev)
1225 {
1226         int rc;
1227
1228         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
1229                                      NFC_DIGITAL_RF_TECH_106A);
1230         if (rc)
1231                 return rc;
1232
1233         return digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1234                                        NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
1235 }
1236
1237 int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech)
1238 {
1239         int rc;
1240
1241         rc = digital_tg_config_nfca(ddev);
1242         if (rc)
1243                 return rc;
1244
1245         return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL);
1246 }
1247
1248 static int digital_tg_config_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech)
1249 {
1250         int rc;
1251
1252         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
1253         if (rc)
1254                 return rc;
1255
1256         return digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1257                                        NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
1258 }
1259
1260 int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech)
1261 {
1262         int rc;
1263
1264         rc = digital_tg_config_nfcf(ddev, rf_tech);
1265         if (rc)
1266                 return rc;
1267
1268         return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, NULL);
1269 }
1270
1271 void digital_tg_recv_md_req(struct nfc_digital_dev *ddev, void *arg,
1272                             struct sk_buff *resp)
1273 {
1274         u8 rf_tech;
1275         int rc;
1276
1277         if (IS_ERR(resp)) {
1278                 resp = NULL;
1279                 goto exit_free_skb;
1280         }
1281
1282         rc = ddev->ops->tg_get_rf_tech(ddev, &rf_tech);
1283         if (rc)
1284                 goto exit_free_skb;
1285
1286         switch (rf_tech) {
1287         case NFC_DIGITAL_RF_TECH_106A:
1288                 rc = digital_tg_config_nfca(ddev);
1289                 if (rc)
1290                         goto exit_free_skb;
1291                 digital_tg_recv_sens_req(ddev, arg, resp);
1292                 break;
1293         case NFC_DIGITAL_RF_TECH_212F:
1294         case NFC_DIGITAL_RF_TECH_424F:
1295                 rc = digital_tg_config_nfcf(ddev, rf_tech);
1296                 if (rc)
1297                         goto exit_free_skb;
1298                 digital_tg_recv_sensf_req(ddev, arg, resp);
1299                 break;
1300         default:
1301                 goto exit_free_skb;
1302         }
1303
1304         return;
1305
1306 exit_free_skb:
1307         digital_poll_next_tech(ddev);
1308         dev_kfree_skb(resp);
1309 }