1 /*
2 *
3 * Intel Management Engine Interface (Intel MEI) Linux driver
4 * Copyright (c) 2003-2013, Intel Corporation.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms and conditions of the GNU General Public License,
8 * version 2, as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 */
16
17 #include <linux/kernel.h>
18 #include <linux/sched.h>
19 #include <linux/module.h>
20 #include <linux/moduleparam.h>
21 #include <linux/device.h>
22 #include <linux/slab.h>
23
24 #include <linux/mei_cl_bus.h>
25
26 #include "mei_dev.h"
27 #include "client.h"
28
29 struct mei_nfc_cmd {
30 u8 command;
31 u8 status;
32 u16 req_id;
33 u32 reserved;
34 u16 data_size;
35 u8 sub_command;
36 u8 data[];
37 } __packed;
38
39 struct mei_nfc_reply {
40 u8 command;
41 u8 status;
42 u16 req_id;
43 u32 reserved;
44 u16 data_size;
45 u8 sub_command;
46 u8 reply_status;
47 u8 data[];
48 } __packed;
49
50 struct mei_nfc_if_version {
51 u8 radio_version_sw[3];
52 u8 reserved[3];
53 u8 radio_version_hw[3];
54 u8 i2c_addr;
55 u8 fw_ivn;
56 u8 vendor_id;
57 u8 radio_type;
58 } __packed;
59
60 struct mei_nfc_connect {
61 u8 fw_ivn;
62 u8 vendor_id;
63 } __packed;
64
65 struct mei_nfc_connect_resp {
66 u8 fw_ivn;
67 u8 vendor_id;
68 u16 me_major;
69 u16 me_minor;
70 u16 me_hotfix;
71 u16 me_build;
72 } __packed;
73
74 struct mei_nfc_hci_hdr {
75 u8 cmd;
76 u8 status;
77 u16 req_id;
78 u32 reserved;
79 u16 data_size;
80 } __packed;
81
82 #define MEI_NFC_CMD_MAINTENANCE 0x00
83 #define MEI_NFC_CMD_HCI_SEND 0x01
84 #define MEI_NFC_CMD_HCI_RECV 0x02
85
86 #define MEI_NFC_SUBCMD_CONNECT 0x00
87 #define MEI_NFC_SUBCMD_IF_VERSION 0x01
88
89 #define MEI_NFC_HEADER_SIZE 10
90
91 /**
92 * struct mei_nfc_dev - NFC mei device
93 *
94 * @cl: NFC host client
95 * @cl_info: NFC info host client
96 * @init_work: perform connection to the info client
97 * @send_wq: send completion wait queue
98 * @fw_ivn: NFC Interface Version Number
99 * @vendor_id: NFC manufacturer ID
100 * @radio_type: NFC radio type
101 * @bus_name: bus name
102 *
103 * @req_id: message counter
104 * @recv_req_id: reception message counter
105 */
106 struct mei_nfc_dev {
107 struct mei_cl *cl;
108 struct mei_cl *cl_info;
109 struct work_struct init_work;
110 wait_queue_head_t send_wq;
111 u8 fw_ivn;
112 u8 vendor_id;
113 u8 radio_type;
114 char *bus_name;
115
116 u16 req_id;
117 u16 recv_req_id;
118 };
119
120 static struct mei_nfc_dev nfc_dev;
121
122 /* UUIDs for NFC F/W clients */
123 const uuid_le mei_nfc_guid = UUID_LE(0x0bb17a78, 0x2a8e, 0x4c50,
124 0x94, 0xd4, 0x50, 0x26,
125 0x67, 0x23, 0x77, 0x5c);
126
127 static const uuid_le mei_nfc_info_guid = UUID_LE(0xd2de1625, 0x382d, 0x417d,
128 0x48, 0xa4, 0xef, 0xab,
129 0xba, 0x8a, 0x12, 0x06);
130
131 /* Vendors */
132 #define MEI_NFC_VENDOR_INSIDE 0x00
133 #define MEI_NFC_VENDOR_NXP 0x01
134
135 /* Radio types */
136 #define MEI_NFC_VENDOR_INSIDE_UREAD 0x00
137 #define MEI_NFC_VENDOR_NXP_PN544 0x01
138
mei_nfc_free(struct mei_nfc_dev * ndev)139 static void mei_nfc_free(struct mei_nfc_dev *ndev)
140 {
141 if (ndev->cl) {
142 list_del(&ndev->cl->device_link);
143 mei_cl_unlink(ndev->cl);
144 kfree(ndev->cl);
145 }
146
147 if (ndev->cl_info) {
148 list_del(&ndev->cl_info->device_link);
149 mei_cl_unlink(ndev->cl_info);
150 kfree(ndev->cl_info);
151 }
152
153 memset(ndev, 0, sizeof(struct mei_nfc_dev));
154 }
155
mei_nfc_build_bus_name(struct mei_nfc_dev * ndev)156 static int mei_nfc_build_bus_name(struct mei_nfc_dev *ndev)
157 {
158 struct mei_device *dev;
159
160 if (!ndev->cl)
161 return -ENODEV;
162
163 dev = ndev->cl->dev;
164
165 switch (ndev->vendor_id) {
166 case MEI_NFC_VENDOR_INSIDE:
167 switch (ndev->radio_type) {
168 case MEI_NFC_VENDOR_INSIDE_UREAD:
169 ndev->bus_name = "microread";
170 return 0;
171
172 default:
173 dev_err(dev->dev, "Unknown radio type 0x%x\n",
174 ndev->radio_type);
175
176 return -EINVAL;
177 }
178
179 case MEI_NFC_VENDOR_NXP:
180 switch (ndev->radio_type) {
181 case MEI_NFC_VENDOR_NXP_PN544:
182 ndev->bus_name = "pn544";
183 return 0;
184 default:
185 dev_err(dev->dev, "Unknown radio type 0x%x\n",
186 ndev->radio_type);
187
188 return -EINVAL;
189 }
190
191 default:
192 dev_err(dev->dev, "Unknown vendor ID 0x%x\n",
193 ndev->vendor_id);
194
195 return -EINVAL;
196 }
197
198 return 0;
199 }
200
mei_nfc_connect(struct mei_nfc_dev * ndev)201 static int mei_nfc_connect(struct mei_nfc_dev *ndev)
202 {
203 struct mei_device *dev;
204 struct mei_cl *cl;
205 struct mei_nfc_cmd *cmd, *reply;
206 struct mei_nfc_connect *connect;
207 struct mei_nfc_connect_resp *connect_resp;
208 size_t connect_length, connect_resp_length;
209 int bytes_recv, ret;
210
211 cl = ndev->cl;
212 dev = cl->dev;
213
214 connect_length = sizeof(struct mei_nfc_cmd) +
215 sizeof(struct mei_nfc_connect);
216
217 connect_resp_length = sizeof(struct mei_nfc_cmd) +
218 sizeof(struct mei_nfc_connect_resp);
219
220 cmd = kzalloc(connect_length, GFP_KERNEL);
221 if (!cmd)
222 return -ENOMEM;
223 connect = (struct mei_nfc_connect *)cmd->data;
224
225 reply = kzalloc(connect_resp_length, GFP_KERNEL);
226 if (!reply) {
227 kfree(cmd);
228 return -ENOMEM;
229 }
230
231 connect_resp = (struct mei_nfc_connect_resp *)reply->data;
232
233 cmd->command = MEI_NFC_CMD_MAINTENANCE;
234 cmd->data_size = 3;
235 cmd->sub_command = MEI_NFC_SUBCMD_CONNECT;
236 connect->fw_ivn = ndev->fw_ivn;
237 connect->vendor_id = ndev->vendor_id;
238
239 ret = __mei_cl_send(cl, (u8 *)cmd, connect_length);
240 if (ret < 0) {
241 dev_err(dev->dev, "Could not send connect cmd\n");
242 goto err;
243 }
244
245 bytes_recv = __mei_cl_recv(cl, (u8 *)reply, connect_resp_length);
246 if (bytes_recv < 0) {
247 dev_err(dev->dev, "Could not read connect response\n");
248 ret = bytes_recv;
249 goto err;
250 }
251
252 dev_info(dev->dev, "IVN 0x%x Vendor ID 0x%x\n",
253 connect_resp->fw_ivn, connect_resp->vendor_id);
254
255 dev_info(dev->dev, "ME FW %d.%d.%d.%d\n",
256 connect_resp->me_major, connect_resp->me_minor,
257 connect_resp->me_hotfix, connect_resp->me_build);
258
259 ret = 0;
260
261 err:
262 kfree(reply);
263 kfree(cmd);
264
265 return ret;
266 }
267
mei_nfc_if_version(struct mei_nfc_dev * ndev)268 static int mei_nfc_if_version(struct mei_nfc_dev *ndev)
269 {
270 struct mei_device *dev;
271 struct mei_cl *cl;
272
273 struct mei_nfc_cmd cmd;
274 struct mei_nfc_reply *reply = NULL;
275 struct mei_nfc_if_version *version;
276 size_t if_version_length;
277 int bytes_recv, ret;
278
279 cl = ndev->cl_info;
280 dev = cl->dev;
281
282 memset(&cmd, 0, sizeof(struct mei_nfc_cmd));
283 cmd.command = MEI_NFC_CMD_MAINTENANCE;
284 cmd.data_size = 1;
285 cmd.sub_command = MEI_NFC_SUBCMD_IF_VERSION;
286
287 ret = __mei_cl_send(cl, (u8 *)&cmd, sizeof(struct mei_nfc_cmd));
288 if (ret < 0) {
289 dev_err(dev->dev, "Could not send IF version cmd\n");
290 return ret;
291 }
292
293 /* to be sure on the stack we alloc memory */
294 if_version_length = sizeof(struct mei_nfc_reply) +
295 sizeof(struct mei_nfc_if_version);
296
297 reply = kzalloc(if_version_length, GFP_KERNEL);
298 if (!reply)
299 return -ENOMEM;
300
301 bytes_recv = __mei_cl_recv(cl, (u8 *)reply, if_version_length);
302 if (bytes_recv < 0 || bytes_recv < sizeof(struct mei_nfc_reply)) {
303 dev_err(dev->dev, "Could not read IF version\n");
304 ret = -EIO;
305 goto err;
306 }
307
308 version = (struct mei_nfc_if_version *)reply->data;
309
310 ndev->fw_ivn = version->fw_ivn;
311 ndev->vendor_id = version->vendor_id;
312 ndev->radio_type = version->radio_type;
313
314 err:
315 kfree(reply);
316 return ret;
317 }
318
mei_nfc_enable(struct mei_cl_device * cldev)319 static int mei_nfc_enable(struct mei_cl_device *cldev)
320 {
321 struct mei_device *dev;
322 struct mei_nfc_dev *ndev = &nfc_dev;
323 int ret;
324
325 dev = ndev->cl->dev;
326
327 ret = mei_nfc_connect(ndev);
328 if (ret < 0) {
329 dev_err(dev->dev, "Could not connect to NFC");
330 return ret;
331 }
332
333 return 0;
334 }
335
mei_nfc_disable(struct mei_cl_device * cldev)336 static int mei_nfc_disable(struct mei_cl_device *cldev)
337 {
338 return 0;
339 }
340
mei_nfc_send(struct mei_cl_device * cldev,u8 * buf,size_t length)341 static int mei_nfc_send(struct mei_cl_device *cldev, u8 *buf, size_t length)
342 {
343 struct mei_device *dev;
344 struct mei_nfc_dev *ndev;
345 struct mei_nfc_hci_hdr *hdr;
346 u8 *mei_buf;
347 int err;
348
349 ndev = (struct mei_nfc_dev *) cldev->priv_data;
350 dev = ndev->cl->dev;
351
352 err = -ENOMEM;
353 mei_buf = kzalloc(length + MEI_NFC_HEADER_SIZE, GFP_KERNEL);
354 if (!mei_buf)
355 goto out;
356
357 hdr = (struct mei_nfc_hci_hdr *) mei_buf;
358 hdr->cmd = MEI_NFC_CMD_HCI_SEND;
359 hdr->status = 0;
360 hdr->req_id = ndev->req_id;
361 hdr->reserved = 0;
362 hdr->data_size = length;
363
364 memcpy(mei_buf + MEI_NFC_HEADER_SIZE, buf, length);
365 err = __mei_cl_send(ndev->cl, mei_buf, length + MEI_NFC_HEADER_SIZE);
366 if (err < 0)
367 goto out;
368
369 if (!wait_event_interruptible_timeout(ndev->send_wq,
370 ndev->recv_req_id == ndev->req_id, HZ)) {
371 dev_err(dev->dev, "NFC MEI command timeout\n");
372 err = -ETIME;
373 } else {
374 ndev->req_id++;
375 }
376 out:
377 kfree(mei_buf);
378 return err;
379 }
380
mei_nfc_recv(struct mei_cl_device * cldev,u8 * buf,size_t length)381 static int mei_nfc_recv(struct mei_cl_device *cldev, u8 *buf, size_t length)
382 {
383 struct mei_nfc_dev *ndev;
384 struct mei_nfc_hci_hdr *hci_hdr;
385 int received_length;
386
387 ndev = (struct mei_nfc_dev *)cldev->priv_data;
388
389 received_length = __mei_cl_recv(ndev->cl, buf, length);
390 if (received_length < 0)
391 return received_length;
392
393 hci_hdr = (struct mei_nfc_hci_hdr *) buf;
394
395 if (hci_hdr->cmd == MEI_NFC_CMD_HCI_SEND) {
396 ndev->recv_req_id = hci_hdr->req_id;
397 wake_up(&ndev->send_wq);
398
399 return 0;
400 }
401
402 return received_length;
403 }
404
405 static struct mei_cl_ops nfc_ops = {
406 .enable = mei_nfc_enable,
407 .disable = mei_nfc_disable,
408 .send = mei_nfc_send,
409 .recv = mei_nfc_recv,
410 };
411
mei_nfc_init(struct work_struct * work)412 static void mei_nfc_init(struct work_struct *work)
413 {
414 struct mei_device *dev;
415 struct mei_cl_device *cldev;
416 struct mei_nfc_dev *ndev;
417 struct mei_cl *cl_info;
418
419 ndev = container_of(work, struct mei_nfc_dev, init_work);
420
421 cl_info = ndev->cl_info;
422 dev = cl_info->dev;
423
424 mutex_lock(&dev->device_lock);
425
426 if (mei_cl_connect(cl_info, NULL) < 0) {
427 mutex_unlock(&dev->device_lock);
428 dev_err(dev->dev, "Could not connect to the NFC INFO ME client");
429
430 goto err;
431 }
432
433 mutex_unlock(&dev->device_lock);
434
435 if (mei_nfc_if_version(ndev) < 0) {
436 dev_err(dev->dev, "Could not get the NFC interface version");
437
438 goto err;
439 }
440
441 dev_info(dev->dev, "NFC MEI VERSION: IVN 0x%x Vendor ID 0x%x Type 0x%x\n",
442 ndev->fw_ivn, ndev->vendor_id, ndev->radio_type);
443
444 mutex_lock(&dev->device_lock);
445
446 if (mei_cl_disconnect(cl_info) < 0) {
447 mutex_unlock(&dev->device_lock);
448 dev_err(dev->dev, "Could not disconnect the NFC INFO ME client");
449
450 goto err;
451 }
452
453 mutex_unlock(&dev->device_lock);
454
455 if (mei_nfc_build_bus_name(ndev) < 0) {
456 dev_err(dev->dev, "Could not build the bus ID name\n");
457 return;
458 }
459
460 cldev = mei_cl_add_device(dev, mei_nfc_guid, ndev->bus_name, &nfc_ops);
461 if (!cldev) {
462 dev_err(dev->dev, "Could not add the NFC device to the MEI bus\n");
463
464 goto err;
465 }
466
467 cldev->priv_data = ndev;
468
469
470 return;
471
472 err:
473 mutex_lock(&dev->device_lock);
474 mei_nfc_free(ndev);
475 mutex_unlock(&dev->device_lock);
476
477 }
478
479
mei_nfc_host_init(struct mei_device * dev)480 int mei_nfc_host_init(struct mei_device *dev)
481 {
482 struct mei_nfc_dev *ndev = &nfc_dev;
483 struct mei_cl *cl_info, *cl = NULL;
484 struct mei_me_client *me_cl;
485 int ret;
486
487 /* already initialized */
488 if (ndev->cl_info)
489 return 0;
490
491 ndev->cl_info = mei_cl_allocate(dev);
492 ndev->cl = mei_cl_allocate(dev);
493
494 cl = ndev->cl;
495 cl_info = ndev->cl_info;
496
497 if (!cl || !cl_info) {
498 ret = -ENOMEM;
499 goto err;
500 }
501
502 /* check for valid client id */
503 me_cl = mei_me_cl_by_uuid(dev, &mei_nfc_info_guid);
504 if (!me_cl) {
505 dev_info(dev->dev, "nfc: failed to find the client\n");
506 ret = -ENOTTY;
507 goto err;
508 }
509
510 cl_info->me_client_id = me_cl->client_id;
511 cl_info->cl_uuid = me_cl->props.protocol_name;
512
513 ret = mei_cl_link(cl_info, MEI_HOST_CLIENT_ID_ANY);
514 if (ret)
515 goto err;
516
517
518 list_add_tail(&cl_info->device_link, &dev->device_list);
519
520 /* check for valid client id */
521 me_cl = mei_me_cl_by_uuid(dev, &mei_nfc_guid);
522 if (!me_cl) {
523 dev_info(dev->dev, "nfc: failed to find the client\n");
524 ret = -ENOTTY;
525 goto err;
526 }
527
528 cl->me_client_id = me_cl->client_id;
529 cl->cl_uuid = me_cl->props.protocol_name;
530
531 ret = mei_cl_link(cl, MEI_HOST_CLIENT_ID_ANY);
532 if (ret)
533 goto err;
534
535 list_add_tail(&cl->device_link, &dev->device_list);
536
537 ndev->req_id = 1;
538
539 INIT_WORK(&ndev->init_work, mei_nfc_init);
540 init_waitqueue_head(&ndev->send_wq);
541 schedule_work(&ndev->init_work);
542
543 return 0;
544
545 err:
546 mei_nfc_free(ndev);
547
548 return ret;
549 }
550
mei_nfc_host_exit(struct mei_device * dev)551 void mei_nfc_host_exit(struct mei_device *dev)
552 {
553 struct mei_nfc_dev *ndev = &nfc_dev;
554
555 cancel_work_sync(&ndev->init_work);
556 }
557
558
559