• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * NFC Digital Protocol stack
4  * Copyright (c) 2013, Intel Corporation.
5  */
6 
7 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
8 
9 #include "digital.h"
10 
11 #define DIGITAL_NFC_DEP_N_RETRY_NACK	2
12 #define DIGITAL_NFC_DEP_N_RETRY_ATN	2
13 
14 #define DIGITAL_NFC_DEP_FRAME_DIR_OUT 0xD4
15 #define DIGITAL_NFC_DEP_FRAME_DIR_IN  0xD5
16 
17 #define DIGITAL_NFC_DEP_NFCA_SOD_SB   0xF0
18 
19 #define DIGITAL_CMD_ATR_REQ 0x00
20 #define DIGITAL_CMD_ATR_RES 0x01
21 #define DIGITAL_CMD_PSL_REQ 0x04
22 #define DIGITAL_CMD_PSL_RES 0x05
23 #define DIGITAL_CMD_DEP_REQ 0x06
24 #define DIGITAL_CMD_DEP_RES 0x07
25 
26 #define DIGITAL_ATR_REQ_MIN_SIZE 16
27 #define DIGITAL_ATR_REQ_MAX_SIZE 64
28 
29 #define DIGITAL_ATR_RES_TO_WT(s)	((s) & 0xF)
30 
31 #define DIGITAL_DID_MAX	14
32 
33 #define DIGITAL_PAYLOAD_SIZE_MAX	254
34 #define DIGITAL_PAYLOAD_BITS_TO_PP(s)	(((s) & 0x3) << 4)
35 #define DIGITAL_PAYLOAD_PP_TO_BITS(s)	(((s) >> 4) & 0x3)
36 #define DIGITAL_PAYLOAD_BITS_TO_FSL(s)	((s) & 0x3)
37 #define DIGITAL_PAYLOAD_FSL_TO_BITS(s)	((s) & 0x3)
38 
39 #define DIGITAL_GB_BIT	0x02
40 
41 #define DIGITAL_NFC_DEP_REQ_RES_HEADROOM	2 /* SoD: [SB (NFC-A)] + LEN */
42 #define DIGITAL_NFC_DEP_REQ_RES_TAILROOM	2 /* EoD: 2-byte CRC */
43 
44 #define DIGITAL_NFC_DEP_PFB_TYPE(pfb) ((pfb) & 0xE0)
45 
46 #define DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT 0x10
47 #define DIGITAL_NFC_DEP_PFB_MI_BIT	0x10
48 #define DIGITAL_NFC_DEP_PFB_NACK_BIT	0x10
49 #define DIGITAL_NFC_DEP_PFB_DID_BIT	0x04
50 
51 #define DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb) \
52 				((pfb) & DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT)
53 #define DIGITAL_NFC_DEP_MI_BIT_SET(pfb)  ((pfb) & DIGITAL_NFC_DEP_PFB_MI_BIT)
54 #define DIGITAL_NFC_DEP_NACK_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_NACK_BIT)
55 #define DIGITAL_NFC_DEP_NAD_BIT_SET(pfb) ((pfb) & 0x08)
56 #define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_DID_BIT)
57 #define DIGITAL_NFC_DEP_PFB_PNI(pfb)     ((pfb) & 0x03)
58 
59 #define DIGITAL_NFC_DEP_RTOX_VALUE(data) ((data) & 0x3F)
60 #define DIGITAL_NFC_DEP_RTOX_MAX	 59
61 
62 #define DIGITAL_NFC_DEP_PFB_I_PDU          0x00
63 #define DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU   0x40
64 #define DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU 0x80
65 
66 struct digital_atr_req {
67 	u8 dir;
68 	u8 cmd;
69 	u8 nfcid3[10];
70 	u8 did;
71 	u8 bs;
72 	u8 br;
73 	u8 pp;
74 	u8 gb[0];
75 } __packed;
76 
77 struct digital_atr_res {
78 	u8 dir;
79 	u8 cmd;
80 	u8 nfcid3[10];
81 	u8 did;
82 	u8 bs;
83 	u8 br;
84 	u8 to;
85 	u8 pp;
86 	u8 gb[0];
87 } __packed;
88 
89 struct digital_psl_req {
90 	u8 dir;
91 	u8 cmd;
92 	u8 did;
93 	u8 brs;
94 	u8 fsl;
95 } __packed;
96 
97 struct digital_psl_res {
98 	u8 dir;
99 	u8 cmd;
100 	u8 did;
101 } __packed;
102 
103 struct digital_dep_req_res {
104 	u8 dir;
105 	u8 cmd;
106 	u8 pfb;
107 } __packed;
108 
109 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
110 				    struct sk_buff *resp);
111 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
112 				    struct sk_buff *resp);
113 
114 static const u8 digital_payload_bits_map[4] = {
115 	[0] = 64,
116 	[1] = 128,
117 	[2] = 192,
118 	[3] = 254
119 };
120 
121 /* Response Waiting Time for ATR_RES PDU in ms
122  *
123  * RWT(ATR_RES) = RWT(nfcdep,activation) + dRWT(nfcdep) + dT(nfcdep,initiator)
124  *
125  * with:
126  *  RWT(nfcdep,activation) = 4096 * 2^12 / f(c) s
127  *  dRWT(nfcdep) = 16 / f(c) s
128  *  dT(nfcdep,initiator) = 100 ms
129  *  f(c) = 13560000 Hz
130  */
131 #define DIGITAL_ATR_RES_RWT 1337
132 
133 /* Response Waiting Time for other DEP PDUs in ms
134  *
135  * max_rwt = rwt + dRWT(nfcdep) + dT(nfcdep,initiator)
136  *
137  * with:
138  *  rwt = (256 * 16 / f(c)) * 2^wt s
139  *  dRWT(nfcdep) = 16 / f(c) s
140  *  dT(nfcdep,initiator) = 100 ms
141  *  f(c) = 13560000 Hz
142  *  0 <= wt <= 14 (given by the target by the TO field of ATR_RES response)
143  */
144 #define DIGITAL_NFC_DEP_IN_MAX_WT 14
145 #define DIGITAL_NFC_DEP_TG_MAX_WT 14
146 static const u16 digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT + 1] = {
147 	100,  101,  101,  102,  105,
148 	110,  119,  139,  177,  255,
149 	409,  719, 1337, 2575, 5049,
150 };
151 
digital_payload_bits_to_size(u8 payload_bits)152 static u8 digital_payload_bits_to_size(u8 payload_bits)
153 {
154 	if (payload_bits >= ARRAY_SIZE(digital_payload_bits_map))
155 		return 0;
156 
157 	return digital_payload_bits_map[payload_bits];
158 }
159 
digital_payload_size_to_bits(u8 payload_size)160 static u8 digital_payload_size_to_bits(u8 payload_size)
161 {
162 	int i;
163 
164 	for (i = 0; i < ARRAY_SIZE(digital_payload_bits_map); i++)
165 		if (digital_payload_bits_map[i] == payload_size)
166 			return i;
167 
168 	return 0xff;
169 }
170 
digital_skb_push_dep_sod(struct nfc_digital_dev * ddev,struct sk_buff * skb)171 static void digital_skb_push_dep_sod(struct nfc_digital_dev *ddev,
172 				     struct sk_buff *skb)
173 {
174 	skb_push(skb, sizeof(u8));
175 
176 	skb->data[0] = skb->len;
177 
178 	if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
179 		*(u8 *)skb_push(skb, sizeof(u8)) = DIGITAL_NFC_DEP_NFCA_SOD_SB;
180 }
181 
digital_skb_pull_dep_sod(struct nfc_digital_dev * ddev,struct sk_buff * skb)182 static int digital_skb_pull_dep_sod(struct nfc_digital_dev *ddev,
183 				    struct sk_buff *skb)
184 {
185 	u8 size;
186 
187 	if (skb->len < 2)
188 		return -EIO;
189 
190 	if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
191 		skb_pull(skb, sizeof(u8));
192 
193 	size = skb->data[0];
194 	if (size != skb->len)
195 		return -EIO;
196 
197 	skb_pull(skb, sizeof(u8));
198 
199 	return 0;
200 }
201 
202 static struct sk_buff *
digital_send_dep_data_prep(struct nfc_digital_dev * ddev,struct sk_buff * skb,struct digital_dep_req_res * dep_req_res,struct digital_data_exch * data_exch)203 digital_send_dep_data_prep(struct nfc_digital_dev *ddev, struct sk_buff *skb,
204 			   struct digital_dep_req_res *dep_req_res,
205 			   struct digital_data_exch *data_exch)
206 {
207 	struct sk_buff *new_skb;
208 
209 	if (skb->len > ddev->remote_payload_max) {
210 		dep_req_res->pfb |= DIGITAL_NFC_DEP_PFB_MI_BIT;
211 
212 		new_skb = digital_skb_alloc(ddev, ddev->remote_payload_max);
213 		if (!new_skb) {
214 			kfree_skb(ddev->chaining_skb);
215 			ddev->chaining_skb = NULL;
216 
217 			return ERR_PTR(-ENOMEM);
218 		}
219 
220 		skb_put_data(new_skb, skb->data, ddev->remote_payload_max);
221 		skb_pull(skb, ddev->remote_payload_max);
222 
223 		ddev->chaining_skb = skb;
224 		ddev->data_exch = data_exch;
225 	} else {
226 		ddev->chaining_skb = NULL;
227 		new_skb = skb;
228 	}
229 
230 	return new_skb;
231 }
232 
233 static struct sk_buff *
digital_recv_dep_data_gather(struct nfc_digital_dev * ddev,u8 pfb,struct sk_buff * resp,int (* send_ack)(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch),struct digital_data_exch * data_exch)234 digital_recv_dep_data_gather(struct nfc_digital_dev *ddev, u8 pfb,
235 			     struct sk_buff *resp,
236 			     int (*send_ack)(struct nfc_digital_dev *ddev,
237 					     struct digital_data_exch
238 							     *data_exch),
239 			     struct digital_data_exch *data_exch)
240 {
241 	struct sk_buff *new_skb;
242 	int rc;
243 
244 	if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb) && (!ddev->chaining_skb)) {
245 		ddev->chaining_skb =
246 			nfc_alloc_recv_skb(8 * ddev->local_payload_max,
247 					   GFP_KERNEL);
248 		if (!ddev->chaining_skb) {
249 			rc = -ENOMEM;
250 			goto error;
251 		}
252 	}
253 
254 	if (ddev->chaining_skb) {
255 		if (resp->len > skb_tailroom(ddev->chaining_skb)) {
256 			new_skb = skb_copy_expand(ddev->chaining_skb,
257 						  skb_headroom(
258 							  ddev->chaining_skb),
259 						  8 * ddev->local_payload_max,
260 						  GFP_KERNEL);
261 			if (!new_skb) {
262 				rc = -ENOMEM;
263 				goto error;
264 			}
265 
266 			kfree_skb(ddev->chaining_skb);
267 			ddev->chaining_skb = new_skb;
268 		}
269 
270 		skb_put_data(ddev->chaining_skb, resp->data, resp->len);
271 
272 		kfree_skb(resp);
273 		resp = NULL;
274 
275 		if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb)) {
276 			rc = send_ack(ddev, data_exch);
277 			if (rc)
278 				goto error;
279 
280 			return NULL;
281 		}
282 
283 		resp = ddev->chaining_skb;
284 		ddev->chaining_skb = NULL;
285 	}
286 
287 	return resp;
288 
289 error:
290 	kfree_skb(resp);
291 
292 	kfree_skb(ddev->chaining_skb);
293 	ddev->chaining_skb = NULL;
294 
295 	return ERR_PTR(rc);
296 }
297 
digital_in_recv_psl_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)298 static void digital_in_recv_psl_res(struct nfc_digital_dev *ddev, void *arg,
299 				    struct sk_buff *resp)
300 {
301 	struct nfc_target *target = arg;
302 	struct digital_psl_res *psl_res;
303 	int rc;
304 
305 	if (IS_ERR(resp)) {
306 		rc = PTR_ERR(resp);
307 		resp = NULL;
308 		goto exit;
309 	}
310 
311 	rc = ddev->skb_check_crc(resp);
312 	if (rc) {
313 		PROTOCOL_ERR("14.4.1.6");
314 		goto exit;
315 	}
316 
317 	rc = digital_skb_pull_dep_sod(ddev, resp);
318 	if (rc) {
319 		PROTOCOL_ERR("14.4.1.2");
320 		goto exit;
321 	}
322 
323 	psl_res = (struct digital_psl_res *)resp->data;
324 
325 	if ((resp->len != sizeof(*psl_res)) ||
326 	    (psl_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN) ||
327 	    (psl_res->cmd != DIGITAL_CMD_PSL_RES)) {
328 		rc = -EIO;
329 		goto exit;
330 	}
331 
332 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
333 				     NFC_DIGITAL_RF_TECH_424F);
334 	if (rc)
335 		goto exit;
336 
337 	rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
338 				     NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
339 	if (rc)
340 		goto exit;
341 
342 	if (!DIGITAL_DRV_CAPS_IN_CRC(ddev) &&
343 	    (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)) {
344 		ddev->skb_add_crc = digital_skb_add_crc_f;
345 		ddev->skb_check_crc = digital_skb_check_crc_f;
346 	}
347 
348 	ddev->curr_rf_tech = NFC_DIGITAL_RF_TECH_424F;
349 
350 	nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
351 			   NFC_RF_INITIATOR);
352 
353 	ddev->curr_nfc_dep_pni = 0;
354 
355 exit:
356 	dev_kfree_skb(resp);
357 
358 	if (rc)
359 		ddev->curr_protocol = 0;
360 }
361 
digital_in_send_psl_req(struct nfc_digital_dev * ddev,struct nfc_target * target)362 static int digital_in_send_psl_req(struct nfc_digital_dev *ddev,
363 				   struct nfc_target *target)
364 {
365 	struct sk_buff *skb;
366 	struct digital_psl_req *psl_req;
367 	int rc;
368 	u8 payload_size, payload_bits;
369 
370 	skb = digital_skb_alloc(ddev, sizeof(*psl_req));
371 	if (!skb)
372 		return -ENOMEM;
373 
374 	skb_put(skb, sizeof(*psl_req));
375 
376 	psl_req = (struct digital_psl_req *)skb->data;
377 
378 	psl_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
379 	psl_req->cmd = DIGITAL_CMD_PSL_REQ;
380 	psl_req->did = 0;
381 	psl_req->brs = (0x2 << 3) | 0x2; /* 424F both directions */
382 
383 	payload_size = min(ddev->local_payload_max, ddev->remote_payload_max);
384 	payload_bits = digital_payload_size_to_bits(payload_size);
385 	psl_req->fsl = DIGITAL_PAYLOAD_BITS_TO_FSL(payload_bits);
386 
387 	ddev->local_payload_max = payload_size;
388 	ddev->remote_payload_max = payload_size;
389 
390 	digital_skb_push_dep_sod(ddev, skb);
391 
392 	ddev->skb_add_crc(skb);
393 
394 	rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
395 				 digital_in_recv_psl_res, target);
396 	if (rc)
397 		kfree_skb(skb);
398 
399 	return rc;
400 }
401 
digital_in_recv_atr_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)402 static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
403 				 struct sk_buff *resp)
404 {
405 	struct nfc_target *target = arg;
406 	struct digital_atr_res *atr_res;
407 	u8 gb_len, payload_bits;
408 	u8 wt;
409 	int rc;
410 
411 	if (IS_ERR(resp)) {
412 		rc = PTR_ERR(resp);
413 		resp = NULL;
414 		goto exit;
415 	}
416 
417 	rc = ddev->skb_check_crc(resp);
418 	if (rc) {
419 		PROTOCOL_ERR("14.4.1.6");
420 		goto exit;
421 	}
422 
423 	rc = digital_skb_pull_dep_sod(ddev, resp);
424 	if (rc) {
425 		PROTOCOL_ERR("14.4.1.2");
426 		goto exit;
427 	}
428 
429 	if (resp->len < sizeof(struct digital_atr_res)) {
430 		rc = -EIO;
431 		goto exit;
432 	}
433 
434 	gb_len = resp->len - sizeof(struct digital_atr_res);
435 
436 	atr_res = (struct digital_atr_res *)resp->data;
437 
438 	wt = DIGITAL_ATR_RES_TO_WT(atr_res->to);
439 	if (wt > DIGITAL_NFC_DEP_IN_MAX_WT)
440 		wt = DIGITAL_NFC_DEP_IN_MAX_WT;
441 	ddev->dep_rwt = digital_rwt_map[wt];
442 
443 	payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_res->pp);
444 	ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
445 
446 	if (!ddev->remote_payload_max) {
447 		rc = -EINVAL;
448 		goto exit;
449 	}
450 
451 	rc = nfc_set_remote_general_bytes(ddev->nfc_dev, atr_res->gb, gb_len);
452 	if (rc)
453 		goto exit;
454 
455 	if ((ddev->protocols & NFC_PROTO_FELICA_MASK) &&
456 	    (ddev->curr_rf_tech != NFC_DIGITAL_RF_TECH_424F)) {
457 		rc = digital_in_send_psl_req(ddev, target);
458 		if (!rc)
459 			goto exit;
460 	}
461 
462 	rc = nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
463 				NFC_RF_INITIATOR);
464 
465 	ddev->curr_nfc_dep_pni = 0;
466 
467 exit:
468 	dev_kfree_skb(resp);
469 
470 	if (rc)
471 		ddev->curr_protocol = 0;
472 }
473 
digital_in_send_atr_req(struct nfc_digital_dev * ddev,struct nfc_target * target,__u8 comm_mode,__u8 * gb,size_t gb_len)474 int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
475 			    struct nfc_target *target, __u8 comm_mode, __u8 *gb,
476 			    size_t gb_len)
477 {
478 	struct sk_buff *skb;
479 	struct digital_atr_req *atr_req;
480 	uint size;
481 	int rc;
482 	u8 payload_bits;
483 
484 	size = DIGITAL_ATR_REQ_MIN_SIZE + gb_len;
485 
486 	if (size > DIGITAL_ATR_REQ_MAX_SIZE) {
487 		PROTOCOL_ERR("14.6.1.1");
488 		return -EINVAL;
489 	}
490 
491 	skb = digital_skb_alloc(ddev, size);
492 	if (!skb)
493 		return -ENOMEM;
494 
495 	skb_put(skb, sizeof(struct digital_atr_req));
496 
497 	atr_req = (struct digital_atr_req *)skb->data;
498 	memset(atr_req, 0, sizeof(struct digital_atr_req));
499 
500 	atr_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
501 	atr_req->cmd = DIGITAL_CMD_ATR_REQ;
502 	if (target->nfcid2_len)
503 		memcpy(atr_req->nfcid3, target->nfcid2, NFC_NFCID2_MAXSIZE);
504 	else
505 		get_random_bytes(atr_req->nfcid3, NFC_NFCID3_MAXSIZE);
506 
507 	atr_req->did = 0;
508 	atr_req->bs = 0;
509 	atr_req->br = 0;
510 
511 	ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
512 	payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
513 	atr_req->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
514 
515 	if (gb_len) {
516 		atr_req->pp |= DIGITAL_GB_BIT;
517 		skb_put_data(skb, gb, gb_len);
518 	}
519 
520 	digital_skb_push_dep_sod(ddev, skb);
521 
522 	ddev->skb_add_crc(skb);
523 
524 	rc = digital_in_send_cmd(ddev, skb, DIGITAL_ATR_RES_RWT,
525 				 digital_in_recv_atr_res, target);
526 	if (rc)
527 		kfree_skb(skb);
528 
529 	return rc;
530 }
531 
digital_in_send_ack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)532 static int digital_in_send_ack(struct nfc_digital_dev *ddev,
533 			       struct digital_data_exch *data_exch)
534 {
535 	struct digital_dep_req_res *dep_req;
536 	struct sk_buff *skb;
537 	int rc;
538 
539 	skb = digital_skb_alloc(ddev, 1);
540 	if (!skb)
541 		return -ENOMEM;
542 
543 	skb_push(skb, sizeof(struct digital_dep_req_res));
544 
545 	dep_req = (struct digital_dep_req_res *)skb->data;
546 
547 	dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
548 	dep_req->cmd = DIGITAL_CMD_DEP_REQ;
549 	dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
550 		       ddev->curr_nfc_dep_pni;
551 
552 	digital_skb_push_dep_sod(ddev, skb);
553 
554 	ddev->skb_add_crc(skb);
555 
556 	ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
557 
558 	rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
559 				 digital_in_recv_dep_res, data_exch);
560 	if (rc) {
561 		kfree_skb(skb);
562 		kfree_skb(ddev->saved_skb);
563 		ddev->saved_skb = NULL;
564 	}
565 
566 	return rc;
567 }
568 
digital_in_send_nack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)569 static int digital_in_send_nack(struct nfc_digital_dev *ddev,
570 				struct digital_data_exch *data_exch)
571 {
572 	struct digital_dep_req_res *dep_req;
573 	struct sk_buff *skb;
574 	int rc;
575 
576 	skb = digital_skb_alloc(ddev, 1);
577 	if (!skb)
578 		return -ENOMEM;
579 
580 	skb_push(skb, sizeof(struct digital_dep_req_res));
581 
582 	dep_req = (struct digital_dep_req_res *)skb->data;
583 
584 	dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
585 	dep_req->cmd = DIGITAL_CMD_DEP_REQ;
586 	dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
587 		       DIGITAL_NFC_DEP_PFB_NACK_BIT | ddev->curr_nfc_dep_pni;
588 
589 	digital_skb_push_dep_sod(ddev, skb);
590 
591 	ddev->skb_add_crc(skb);
592 
593 	rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
594 				 digital_in_recv_dep_res, data_exch);
595 	if (rc)
596 		kfree_skb(skb);
597 
598 	return rc;
599 }
600 
digital_in_send_atn(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)601 static int digital_in_send_atn(struct nfc_digital_dev *ddev,
602 			       struct digital_data_exch *data_exch)
603 {
604 	struct digital_dep_req_res *dep_req;
605 	struct sk_buff *skb;
606 	int rc;
607 
608 	skb = digital_skb_alloc(ddev, 1);
609 	if (!skb)
610 		return -ENOMEM;
611 
612 	skb_push(skb, sizeof(struct digital_dep_req_res));
613 
614 	dep_req = (struct digital_dep_req_res *)skb->data;
615 
616 	dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
617 	dep_req->cmd = DIGITAL_CMD_DEP_REQ;
618 	dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
619 
620 	digital_skb_push_dep_sod(ddev, skb);
621 
622 	ddev->skb_add_crc(skb);
623 
624 	rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
625 				 digital_in_recv_dep_res, data_exch);
626 	if (rc)
627 		kfree_skb(skb);
628 
629 	return rc;
630 }
631 
digital_in_send_rtox(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch,u8 rtox)632 static int digital_in_send_rtox(struct nfc_digital_dev *ddev,
633 				struct digital_data_exch *data_exch, u8 rtox)
634 {
635 	struct digital_dep_req_res *dep_req;
636 	struct sk_buff *skb;
637 	int rc;
638 	u16 rwt_int;
639 
640 	rwt_int = ddev->dep_rwt * rtox;
641 	if (rwt_int > digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT])
642 		rwt_int = digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT];
643 
644 	skb = digital_skb_alloc(ddev, 1);
645 	if (!skb)
646 		return -ENOMEM;
647 
648 	skb_put_u8(skb, rtox);
649 
650 	skb_push(skb, sizeof(struct digital_dep_req_res));
651 
652 	dep_req = (struct digital_dep_req_res *)skb->data;
653 
654 	dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
655 	dep_req->cmd = DIGITAL_CMD_DEP_REQ;
656 	dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU |
657 		       DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT;
658 
659 	digital_skb_push_dep_sod(ddev, skb);
660 
661 	ddev->skb_add_crc(skb);
662 
663 	rc = digital_in_send_cmd(ddev, skb, rwt_int,
664 				 digital_in_recv_dep_res, data_exch);
665 	if (rc)
666 		kfree_skb(skb);
667 
668 	return rc;
669 }
670 
digital_in_send_saved_skb(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)671 static int digital_in_send_saved_skb(struct nfc_digital_dev *ddev,
672 				     struct digital_data_exch *data_exch)
673 {
674 	int rc;
675 
676 	if (!ddev->saved_skb)
677 		return -EINVAL;
678 
679 	skb_get(ddev->saved_skb);
680 
681 	rc = digital_in_send_cmd(ddev, ddev->saved_skb, ddev->dep_rwt,
682 				 digital_in_recv_dep_res, data_exch);
683 	if (rc)
684 		kfree_skb(ddev->saved_skb);
685 
686 	return rc;
687 }
688 
digital_in_recv_dep_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)689 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
690 				    struct sk_buff *resp)
691 {
692 	struct digital_data_exch *data_exch = arg;
693 	struct digital_dep_req_res *dep_res;
694 	u8 pfb;
695 	uint size;
696 	int rc;
697 	u8 rtox;
698 
699 	if (IS_ERR(resp)) {
700 		rc = PTR_ERR(resp);
701 		resp = NULL;
702 
703 		if ((rc == -EIO || (rc == -ETIMEDOUT && ddev->nack_count)) &&
704 		    (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
705 			ddev->atn_count = 0;
706 
707 			rc = digital_in_send_nack(ddev, data_exch);
708 			if (rc)
709 				goto error;
710 
711 			return;
712 		} else if ((rc == -ETIMEDOUT) &&
713 			   (ddev->atn_count++ < DIGITAL_NFC_DEP_N_RETRY_ATN)) {
714 			ddev->nack_count = 0;
715 
716 			rc = digital_in_send_atn(ddev, data_exch);
717 			if (rc)
718 				goto error;
719 
720 			return;
721 		}
722 
723 		goto exit;
724 	}
725 
726 	rc = digital_skb_pull_dep_sod(ddev, resp);
727 	if (rc) {
728 		PROTOCOL_ERR("14.4.1.2");
729 		goto exit;
730 	}
731 
732 	rc = ddev->skb_check_crc(resp);
733 	if (rc) {
734 		if ((resp->len >= 4) &&
735 		    (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
736 			ddev->atn_count = 0;
737 
738 			rc = digital_in_send_nack(ddev, data_exch);
739 			if (rc)
740 				goto error;
741 
742 			kfree_skb(resp);
743 
744 			return;
745 		}
746 
747 		PROTOCOL_ERR("14.4.1.6");
748 		goto error;
749 	}
750 
751 	ddev->atn_count = 0;
752 	ddev->nack_count = 0;
753 
754 	if (resp->len > ddev->local_payload_max) {
755 		rc = -EMSGSIZE;
756 		goto exit;
757 	}
758 
759 	size = sizeof(struct digital_dep_req_res);
760 	dep_res = (struct digital_dep_req_res *)resp->data;
761 
762 	if (resp->len < size || dep_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN ||
763 	    dep_res->cmd != DIGITAL_CMD_DEP_RES) {
764 		rc = -EIO;
765 		goto error;
766 	}
767 
768 	pfb = dep_res->pfb;
769 
770 	if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
771 		PROTOCOL_ERR("14.8.2.1");
772 		rc = -EIO;
773 		goto error;
774 	}
775 
776 	if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
777 		rc = -EIO;
778 		goto exit;
779 	}
780 
781 	if (size > resp->len) {
782 		rc = -EIO;
783 		goto error;
784 	}
785 
786 	skb_pull(resp, size);
787 
788 	switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
789 	case DIGITAL_NFC_DEP_PFB_I_PDU:
790 		if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
791 			PROTOCOL_ERR("14.12.3.3");
792 			rc = -EIO;
793 			goto error;
794 		}
795 
796 		ddev->curr_nfc_dep_pni =
797 			DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
798 
799 		kfree_skb(ddev->saved_skb);
800 		ddev->saved_skb = NULL;
801 
802 		resp = digital_recv_dep_data_gather(ddev, pfb, resp,
803 						    digital_in_send_ack,
804 						    data_exch);
805 		if (IS_ERR(resp)) {
806 			rc = PTR_ERR(resp);
807 			resp = NULL;
808 			goto error;
809 		}
810 
811 		/* If resp is NULL then we're still chaining so return and
812 		 * wait for the next part of the PDU.  Else, the PDU is
813 		 * complete so pass it up.
814 		 */
815 		if (!resp)
816 			return;
817 
818 		rc = 0;
819 		break;
820 
821 	case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
822 		if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) {
823 			PROTOCOL_ERR("14.12.4.5");
824 			rc = -EIO;
825 			goto exit;
826 		}
827 
828 		if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
829 			PROTOCOL_ERR("14.12.3.3");
830 			rc = -EIO;
831 			goto exit;
832 		}
833 
834 		ddev->curr_nfc_dep_pni =
835 			DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
836 
837 		if (!ddev->chaining_skb) {
838 			PROTOCOL_ERR("14.12.4.3");
839 			rc = -EIO;
840 			goto exit;
841 		}
842 
843 		/* The initiator has received a valid ACK. Free the last sent
844 		 * PDU and keep on sending chained skb.
845 		 */
846 		kfree_skb(ddev->saved_skb);
847 		ddev->saved_skb = NULL;
848 
849 		rc = digital_in_send_dep_req(ddev, NULL,
850 					     ddev->chaining_skb,
851 					     ddev->data_exch);
852 		if (rc)
853 			goto error;
854 
855 		goto free_resp;
856 
857 	case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
858 		if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { /* ATN */
859 			rc = digital_in_send_saved_skb(ddev, data_exch);
860 			if (rc)
861 				goto error;
862 
863 			goto free_resp;
864 		}
865 
866 		if (ddev->atn_count || ddev->nack_count) {
867 			PROTOCOL_ERR("14.12.4.4");
868 			rc = -EIO;
869 			goto error;
870 		}
871 
872 		rtox = DIGITAL_NFC_DEP_RTOX_VALUE(resp->data[0]);
873 		if (!rtox || rtox > DIGITAL_NFC_DEP_RTOX_MAX) {
874 			PROTOCOL_ERR("14.8.4.1");
875 			rc = -EIO;
876 			goto error;
877 		}
878 
879 		rc = digital_in_send_rtox(ddev, data_exch, rtox);
880 		if (rc)
881 			goto error;
882 
883 		goto free_resp;
884 	}
885 
886 exit:
887 	data_exch->cb(data_exch->cb_context, resp, rc);
888 
889 error:
890 	kfree(data_exch);
891 
892 	kfree_skb(ddev->chaining_skb);
893 	ddev->chaining_skb = NULL;
894 
895 	kfree_skb(ddev->saved_skb);
896 	ddev->saved_skb = NULL;
897 
898 	if (rc)
899 		kfree_skb(resp);
900 
901 	return;
902 
903 free_resp:
904 	dev_kfree_skb(resp);
905 }
906 
digital_in_send_dep_req(struct nfc_digital_dev * ddev,struct nfc_target * target,struct sk_buff * skb,struct digital_data_exch * data_exch)907 int digital_in_send_dep_req(struct nfc_digital_dev *ddev,
908 			    struct nfc_target *target, struct sk_buff *skb,
909 			    struct digital_data_exch *data_exch)
910 {
911 	struct digital_dep_req_res *dep_req;
912 	struct sk_buff *chaining_skb, *tmp_skb;
913 	int rc;
914 
915 	skb_push(skb, sizeof(struct digital_dep_req_res));
916 
917 	dep_req = (struct digital_dep_req_res *)skb->data;
918 
919 	dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
920 	dep_req->cmd = DIGITAL_CMD_DEP_REQ;
921 	dep_req->pfb = ddev->curr_nfc_dep_pni;
922 
923 	ddev->atn_count = 0;
924 	ddev->nack_count = 0;
925 
926 	chaining_skb = ddev->chaining_skb;
927 
928 	tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_req, data_exch);
929 	if (IS_ERR(tmp_skb))
930 		return PTR_ERR(tmp_skb);
931 
932 	digital_skb_push_dep_sod(ddev, tmp_skb);
933 
934 	ddev->skb_add_crc(tmp_skb);
935 
936 	ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
937 
938 	rc = digital_in_send_cmd(ddev, tmp_skb, ddev->dep_rwt,
939 				 digital_in_recv_dep_res, data_exch);
940 	if (rc) {
941 		if (tmp_skb != skb)
942 			kfree_skb(tmp_skb);
943 
944 		kfree_skb(chaining_skb);
945 		ddev->chaining_skb = NULL;
946 
947 		kfree_skb(ddev->saved_skb);
948 		ddev->saved_skb = NULL;
949 	}
950 
951 	return rc;
952 }
953 
digital_tg_set_rf_tech(struct nfc_digital_dev * ddev,u8 rf_tech)954 static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech)
955 {
956 	ddev->curr_rf_tech = rf_tech;
957 
958 	ddev->skb_add_crc = digital_skb_add_crc_none;
959 	ddev->skb_check_crc = digital_skb_check_crc_none;
960 
961 	if (DIGITAL_DRV_CAPS_TG_CRC(ddev))
962 		return;
963 
964 	switch (ddev->curr_rf_tech) {
965 	case NFC_DIGITAL_RF_TECH_106A:
966 		ddev->skb_add_crc = digital_skb_add_crc_a;
967 		ddev->skb_check_crc = digital_skb_check_crc_a;
968 		break;
969 
970 	case NFC_DIGITAL_RF_TECH_212F:
971 	case NFC_DIGITAL_RF_TECH_424F:
972 		ddev->skb_add_crc = digital_skb_add_crc_f;
973 		ddev->skb_check_crc = digital_skb_check_crc_f;
974 		break;
975 
976 	default:
977 		break;
978 	}
979 }
980 
digital_tg_send_ack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)981 static int digital_tg_send_ack(struct nfc_digital_dev *ddev,
982 			       struct digital_data_exch *data_exch)
983 {
984 	struct digital_dep_req_res *dep_res;
985 	struct sk_buff *skb;
986 	int rc;
987 
988 	skb = digital_skb_alloc(ddev, 1);
989 	if (!skb)
990 		return -ENOMEM;
991 
992 	skb_push(skb, sizeof(struct digital_dep_req_res));
993 
994 	dep_res = (struct digital_dep_req_res *)skb->data;
995 
996 	dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
997 	dep_res->cmd = DIGITAL_CMD_DEP_RES;
998 	dep_res->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
999 		       ddev->curr_nfc_dep_pni;
1000 
1001 	if (ddev->did) {
1002 		dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1003 
1004 		skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1005 	}
1006 
1007 	ddev->curr_nfc_dep_pni =
1008 		DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1009 
1010 	digital_skb_push_dep_sod(ddev, skb);
1011 
1012 	ddev->skb_add_crc(skb);
1013 
1014 	ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
1015 
1016 	rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1017 				 data_exch);
1018 	if (rc) {
1019 		kfree_skb(skb);
1020 		kfree_skb(ddev->saved_skb);
1021 		ddev->saved_skb = NULL;
1022 	}
1023 
1024 	return rc;
1025 }
1026 
digital_tg_send_atn(struct nfc_digital_dev * ddev)1027 static int digital_tg_send_atn(struct nfc_digital_dev *ddev)
1028 {
1029 	struct digital_dep_req_res *dep_res;
1030 	struct sk_buff *skb;
1031 	int rc;
1032 
1033 	skb = digital_skb_alloc(ddev, 1);
1034 	if (!skb)
1035 		return -ENOMEM;
1036 
1037 	skb_push(skb, sizeof(struct digital_dep_req_res));
1038 
1039 	dep_res = (struct digital_dep_req_res *)skb->data;
1040 
1041 	dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1042 	dep_res->cmd = DIGITAL_CMD_DEP_RES;
1043 	dep_res->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
1044 
1045 	if (ddev->did) {
1046 		dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1047 
1048 		skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1049 	}
1050 
1051 	digital_skb_push_dep_sod(ddev, skb);
1052 
1053 	ddev->skb_add_crc(skb);
1054 
1055 	rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1056 				 NULL);
1057 	if (rc)
1058 		kfree_skb(skb);
1059 
1060 	return rc;
1061 }
1062 
digital_tg_send_saved_skb(struct nfc_digital_dev * ddev)1063 static int digital_tg_send_saved_skb(struct nfc_digital_dev *ddev)
1064 {
1065 	int rc;
1066 
1067 	if (!ddev->saved_skb)
1068 		return -EINVAL;
1069 
1070 	skb_get(ddev->saved_skb);
1071 
1072 	rc = digital_tg_send_cmd(ddev, ddev->saved_skb, 1500,
1073 				 digital_tg_recv_dep_req, NULL);
1074 	if (rc)
1075 		kfree_skb(ddev->saved_skb);
1076 
1077 	return rc;
1078 }
1079 
digital_tg_recv_dep_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1080 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
1081 				    struct sk_buff *resp)
1082 {
1083 	int rc;
1084 	struct digital_dep_req_res *dep_req;
1085 	u8 pfb;
1086 	size_t size;
1087 
1088 	if (IS_ERR(resp)) {
1089 		rc = PTR_ERR(resp);
1090 		resp = NULL;
1091 		goto exit;
1092 	}
1093 
1094 	rc = ddev->skb_check_crc(resp);
1095 	if (rc) {
1096 		PROTOCOL_ERR("14.4.1.6");
1097 		goto exit;
1098 	}
1099 
1100 	rc = digital_skb_pull_dep_sod(ddev, resp);
1101 	if (rc) {
1102 		PROTOCOL_ERR("14.4.1.2");
1103 		goto exit;
1104 	}
1105 
1106 	if (resp->len > ddev->local_payload_max) {
1107 		rc = -EMSGSIZE;
1108 		goto exit;
1109 	}
1110 
1111 	size = sizeof(struct digital_dep_req_res);
1112 	dep_req = (struct digital_dep_req_res *)resp->data;
1113 
1114 	if (resp->len < size || dep_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1115 	    dep_req->cmd != DIGITAL_CMD_DEP_REQ) {
1116 		rc = -EIO;
1117 		goto exit;
1118 	}
1119 
1120 	pfb = dep_req->pfb;
1121 
1122 	if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
1123 		if (ddev->did && (ddev->did == resp->data[3])) {
1124 			size++;
1125 		} else {
1126 			rc = -EIO;
1127 			goto exit;
1128 		}
1129 	} else if (ddev->did) {
1130 		rc = -EIO;
1131 		goto exit;
1132 	}
1133 
1134 	if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
1135 		rc = -EIO;
1136 		goto exit;
1137 	}
1138 
1139 	if (size > resp->len) {
1140 		rc = -EIO;
1141 		goto exit;
1142 	}
1143 
1144 	skb_pull(resp, size);
1145 
1146 	switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
1147 	case DIGITAL_NFC_DEP_PFB_I_PDU:
1148 		pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n");
1149 
1150 		if (ddev->atn_count) {
1151 			/* The target has received (and replied to) at least one
1152 			 * ATN DEP_REQ.
1153 			 */
1154 			ddev->atn_count = 0;
1155 
1156 			/* pni of resp PDU equal to the target current pni - 1
1157 			 * means resp is the previous DEP_REQ PDU received from
1158 			 * the initiator so the target replies with saved_skb
1159 			 * which is the previous DEP_RES saved in
1160 			 * digital_tg_send_dep_res().
1161 			 */
1162 			if (DIGITAL_NFC_DEP_PFB_PNI(pfb) ==
1163 			  DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni - 1)) {
1164 				rc = digital_tg_send_saved_skb(ddev);
1165 				if (rc)
1166 					goto exit;
1167 
1168 				goto free_resp;
1169 			}
1170 
1171 			/* atn_count > 0 and PDU pni != curr_nfc_dep_pni - 1
1172 			 * means the target probably did not received the last
1173 			 * DEP_REQ PDU sent by the initiator. The target
1174 			 * fallbacks to normal processing then.
1175 			 */
1176 		}
1177 
1178 		if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
1179 			PROTOCOL_ERR("14.12.3.4");
1180 			rc = -EIO;
1181 			goto exit;
1182 		}
1183 
1184 		kfree_skb(ddev->saved_skb);
1185 		ddev->saved_skb = NULL;
1186 
1187 		resp = digital_recv_dep_data_gather(ddev, pfb, resp,
1188 						    digital_tg_send_ack, NULL);
1189 		if (IS_ERR(resp)) {
1190 			rc = PTR_ERR(resp);
1191 			resp = NULL;
1192 			goto exit;
1193 		}
1194 
1195 		/* If resp is NULL then we're still chaining so return and
1196 		 * wait for the next part of the PDU.  Else, the PDU is
1197 		 * complete so pass it up.
1198 		 */
1199 		if (!resp)
1200 			return;
1201 
1202 		rc = 0;
1203 		break;
1204 	case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
1205 		if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* NACK */
1206 			if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) !=
1207 						ddev->curr_nfc_dep_pni) {
1208 				rc = -EIO;
1209 				goto exit;
1210 			}
1211 
1212 			ddev->atn_count = 0;
1213 
1214 			rc = digital_tg_send_saved_skb(ddev);
1215 			if (rc)
1216 				goto exit;
1217 
1218 			goto free_resp;
1219 		}
1220 
1221 		/* ACK */
1222 		if (ddev->atn_count) {
1223 			/* The target has previously recevied one or more ATN
1224 			 * PDUs.
1225 			 */
1226 			ddev->atn_count = 0;
1227 
1228 			/* If the ACK PNI is equal to the target PNI - 1 means
1229 			 * that the initiator did not receive the previous PDU
1230 			 * sent by the target so re-send it.
1231 			 */
1232 			if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) ==
1233 						ddev->curr_nfc_dep_pni) {
1234 				rc = digital_tg_send_saved_skb(ddev);
1235 				if (rc)
1236 					goto exit;
1237 
1238 				goto free_resp;
1239 			}
1240 
1241 			/* Otherwise, the target did not receive the previous
1242 			 * ACK PDU from the initiator. Fallback to normal
1243 			 * processing of chained PDU then.
1244 			 */
1245 		}
1246 
1247 		/* Keep on sending chained PDU */
1248 		if (!ddev->chaining_skb ||
1249 		    DIGITAL_NFC_DEP_PFB_PNI(pfb) !=
1250 					ddev->curr_nfc_dep_pni) {
1251 			rc = -EIO;
1252 			goto exit;
1253 		}
1254 
1255 		kfree_skb(ddev->saved_skb);
1256 		ddev->saved_skb = NULL;
1257 
1258 		rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb);
1259 		if (rc)
1260 			goto exit;
1261 
1262 		goto free_resp;
1263 	case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
1264 		if (DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) {
1265 			rc = -EINVAL;
1266 			goto exit;
1267 		}
1268 
1269 		rc = digital_tg_send_atn(ddev);
1270 		if (rc)
1271 			goto exit;
1272 
1273 		ddev->atn_count++;
1274 
1275 		goto free_resp;
1276 	}
1277 
1278 	rc = nfc_tm_data_received(ddev->nfc_dev, resp);
1279 
1280 exit:
1281 	kfree_skb(ddev->chaining_skb);
1282 	ddev->chaining_skb = NULL;
1283 
1284 	ddev->atn_count = 0;
1285 
1286 	kfree_skb(ddev->saved_skb);
1287 	ddev->saved_skb = NULL;
1288 
1289 	if (rc)
1290 		kfree_skb(resp);
1291 
1292 	return;
1293 
1294 free_resp:
1295 	dev_kfree_skb(resp);
1296 }
1297 
digital_tg_send_dep_res(struct nfc_digital_dev * ddev,struct sk_buff * skb)1298 int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb)
1299 {
1300 	struct digital_dep_req_res *dep_res;
1301 	struct sk_buff *chaining_skb, *tmp_skb;
1302 	int rc;
1303 
1304 	skb_push(skb, sizeof(struct digital_dep_req_res));
1305 
1306 	dep_res = (struct digital_dep_req_res *)skb->data;
1307 
1308 	dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1309 	dep_res->cmd = DIGITAL_CMD_DEP_RES;
1310 	dep_res->pfb = ddev->curr_nfc_dep_pni;
1311 
1312 	if (ddev->did) {
1313 		dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1314 
1315 		skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1316 	}
1317 
1318 	ddev->curr_nfc_dep_pni =
1319 		DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1320 
1321 	chaining_skb = ddev->chaining_skb;
1322 
1323 	tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_res, NULL);
1324 	if (IS_ERR(tmp_skb))
1325 		return PTR_ERR(tmp_skb);
1326 
1327 	digital_skb_push_dep_sod(ddev, tmp_skb);
1328 
1329 	ddev->skb_add_crc(tmp_skb);
1330 
1331 	ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
1332 
1333 	rc = digital_tg_send_cmd(ddev, tmp_skb, 1500, digital_tg_recv_dep_req,
1334 				 NULL);
1335 	if (rc) {
1336 		if (tmp_skb != skb)
1337 			kfree_skb(tmp_skb);
1338 
1339 		kfree_skb(chaining_skb);
1340 		ddev->chaining_skb = NULL;
1341 
1342 		kfree_skb(ddev->saved_skb);
1343 		ddev->saved_skb = NULL;
1344 	}
1345 
1346 	return rc;
1347 }
1348 
digital_tg_send_psl_res_complete(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1349 static void digital_tg_send_psl_res_complete(struct nfc_digital_dev *ddev,
1350 					     void *arg, struct sk_buff *resp)
1351 {
1352 	u8 rf_tech = (unsigned long)arg;
1353 
1354 	if (IS_ERR(resp))
1355 		return;
1356 
1357 	digital_tg_set_rf_tech(ddev, rf_tech);
1358 
1359 	digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
1360 
1361 	digital_tg_listen(ddev, 1500, digital_tg_recv_dep_req, NULL);
1362 
1363 	dev_kfree_skb(resp);
1364 }
1365 
digital_tg_send_psl_res(struct nfc_digital_dev * ddev,u8 did,u8 rf_tech)1366 static int digital_tg_send_psl_res(struct nfc_digital_dev *ddev, u8 did,
1367 				   u8 rf_tech)
1368 {
1369 	struct digital_psl_res *psl_res;
1370 	struct sk_buff *skb;
1371 	int rc;
1372 
1373 	skb = digital_skb_alloc(ddev, sizeof(struct digital_psl_res));
1374 	if (!skb)
1375 		return -ENOMEM;
1376 
1377 	skb_put(skb, sizeof(struct digital_psl_res));
1378 
1379 	psl_res = (struct digital_psl_res *)skb->data;
1380 
1381 	psl_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1382 	psl_res->cmd = DIGITAL_CMD_PSL_RES;
1383 	psl_res->did = did;
1384 
1385 	digital_skb_push_dep_sod(ddev, skb);
1386 
1387 	ddev->skb_add_crc(skb);
1388 
1389 	ddev->curr_nfc_dep_pni = 0;
1390 
1391 	rc = digital_tg_send_cmd(ddev, skb, 0, digital_tg_send_psl_res_complete,
1392 				 (void *)(unsigned long)rf_tech);
1393 	if (rc)
1394 		kfree_skb(skb);
1395 
1396 	return rc;
1397 }
1398 
digital_tg_recv_psl_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1399 static void digital_tg_recv_psl_req(struct nfc_digital_dev *ddev, void *arg,
1400 				    struct sk_buff *resp)
1401 {
1402 	int rc;
1403 	struct digital_psl_req *psl_req;
1404 	u8 rf_tech;
1405 	u8 dsi, payload_size, payload_bits;
1406 
1407 	if (IS_ERR(resp)) {
1408 		rc = PTR_ERR(resp);
1409 		resp = NULL;
1410 		goto exit;
1411 	}
1412 
1413 	rc = ddev->skb_check_crc(resp);
1414 	if (rc) {
1415 		PROTOCOL_ERR("14.4.1.6");
1416 		goto exit;
1417 	}
1418 
1419 	rc = digital_skb_pull_dep_sod(ddev, resp);
1420 	if (rc) {
1421 		PROTOCOL_ERR("14.4.1.2");
1422 		goto exit;
1423 	}
1424 
1425 	psl_req = (struct digital_psl_req *)resp->data;
1426 
1427 	if (resp->len != sizeof(struct digital_psl_req) ||
1428 	    psl_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1429 	    psl_req->cmd != DIGITAL_CMD_PSL_REQ) {
1430 		rc = -EIO;
1431 		goto exit;
1432 	}
1433 
1434 	dsi = (psl_req->brs >> 3) & 0x07;
1435 	switch (dsi) {
1436 	case 0:
1437 		rf_tech = NFC_DIGITAL_RF_TECH_106A;
1438 		break;
1439 	case 1:
1440 		rf_tech = NFC_DIGITAL_RF_TECH_212F;
1441 		break;
1442 	case 2:
1443 		rf_tech = NFC_DIGITAL_RF_TECH_424F;
1444 		break;
1445 	default:
1446 		pr_err("Unsupported dsi value %d\n", dsi);
1447 		goto exit;
1448 	}
1449 
1450 	payload_bits = DIGITAL_PAYLOAD_FSL_TO_BITS(psl_req->fsl);
1451 	payload_size = digital_payload_bits_to_size(payload_bits);
1452 
1453 	if (!payload_size || (payload_size > min(ddev->local_payload_max,
1454 						 ddev->remote_payload_max))) {
1455 		rc = -EINVAL;
1456 		goto exit;
1457 	}
1458 
1459 	ddev->local_payload_max = payload_size;
1460 	ddev->remote_payload_max = payload_size;
1461 
1462 	rc = digital_tg_send_psl_res(ddev, psl_req->did, rf_tech);
1463 
1464 exit:
1465 	kfree_skb(resp);
1466 }
1467 
digital_tg_send_atr_res_complete(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1468 static void digital_tg_send_atr_res_complete(struct nfc_digital_dev *ddev,
1469 					     void *arg, struct sk_buff *resp)
1470 {
1471 	int offset;
1472 
1473 	if (IS_ERR(resp)) {
1474 		digital_poll_next_tech(ddev);
1475 		return;
1476 	}
1477 
1478 	offset = 2;
1479 	if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB)
1480 		offset++;
1481 
1482 	ddev->atn_count = 0;
1483 
1484 	if (resp->data[offset] == DIGITAL_CMD_PSL_REQ)
1485 		digital_tg_recv_psl_req(ddev, arg, resp);
1486 	else
1487 		digital_tg_recv_dep_req(ddev, arg, resp);
1488 }
1489 
digital_tg_send_atr_res(struct nfc_digital_dev * ddev,struct digital_atr_req * atr_req)1490 static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
1491 				   struct digital_atr_req *atr_req)
1492 {
1493 	struct digital_atr_res *atr_res;
1494 	struct sk_buff *skb;
1495 	u8 *gb, payload_bits;
1496 	size_t gb_len;
1497 	int rc;
1498 
1499 	gb = nfc_get_local_general_bytes(ddev->nfc_dev, &gb_len);
1500 	if (!gb)
1501 		gb_len = 0;
1502 
1503 	skb = digital_skb_alloc(ddev, sizeof(struct digital_atr_res) + gb_len);
1504 	if (!skb)
1505 		return -ENOMEM;
1506 
1507 	skb_put(skb, sizeof(struct digital_atr_res));
1508 	atr_res = (struct digital_atr_res *)skb->data;
1509 
1510 	memset(atr_res, 0, sizeof(struct digital_atr_res));
1511 
1512 	atr_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1513 	atr_res->cmd = DIGITAL_CMD_ATR_RES;
1514 	memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3));
1515 	atr_res->to = DIGITAL_NFC_DEP_TG_MAX_WT;
1516 
1517 	ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
1518 	payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
1519 	atr_res->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
1520 
1521 	if (gb_len) {
1522 		skb_put(skb, gb_len);
1523 
1524 		atr_res->pp |= DIGITAL_GB_BIT;
1525 		memcpy(atr_res->gb, gb, gb_len);
1526 	}
1527 
1528 	digital_skb_push_dep_sod(ddev, skb);
1529 
1530 	ddev->skb_add_crc(skb);
1531 
1532 	ddev->curr_nfc_dep_pni = 0;
1533 
1534 	rc = digital_tg_send_cmd(ddev, skb, 999,
1535 				 digital_tg_send_atr_res_complete, NULL);
1536 	if (rc)
1537 		kfree_skb(skb);
1538 
1539 	return rc;
1540 }
1541 
digital_tg_recv_atr_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1542 void digital_tg_recv_atr_req(struct nfc_digital_dev *ddev, void *arg,
1543 			     struct sk_buff *resp)
1544 {
1545 	int rc;
1546 	struct digital_atr_req *atr_req;
1547 	size_t gb_len, min_size;
1548 	u8 poll_tech_count, payload_bits;
1549 
1550 	if (IS_ERR(resp)) {
1551 		rc = PTR_ERR(resp);
1552 		resp = NULL;
1553 		goto exit;
1554 	}
1555 
1556 	if (!resp->len) {
1557 		rc = -EIO;
1558 		goto exit;
1559 	}
1560 
1561 	if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB) {
1562 		min_size = DIGITAL_ATR_REQ_MIN_SIZE + 2;
1563 		digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_106A);
1564 	} else {
1565 		min_size = DIGITAL_ATR_REQ_MIN_SIZE + 1;
1566 		digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_212F);
1567 	}
1568 
1569 	if (resp->len < min_size) {
1570 		rc = -EIO;
1571 		goto exit;
1572 	}
1573 
1574 	ddev->curr_protocol = NFC_PROTO_NFC_DEP_MASK;
1575 
1576 	rc = ddev->skb_check_crc(resp);
1577 	if (rc) {
1578 		PROTOCOL_ERR("14.4.1.6");
1579 		goto exit;
1580 	}
1581 
1582 	rc = digital_skb_pull_dep_sod(ddev, resp);
1583 	if (rc) {
1584 		PROTOCOL_ERR("14.4.1.2");
1585 		goto exit;
1586 	}
1587 
1588 	atr_req = (struct digital_atr_req *)resp->data;
1589 
1590 	if (atr_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1591 	    atr_req->cmd != DIGITAL_CMD_ATR_REQ ||
1592 	    atr_req->did > DIGITAL_DID_MAX) {
1593 		rc = -EINVAL;
1594 		goto exit;
1595 	}
1596 
1597 	payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_req->pp);
1598 	ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
1599 
1600 	if (!ddev->remote_payload_max) {
1601 		rc = -EINVAL;
1602 		goto exit;
1603 	}
1604 
1605 	ddev->did = atr_req->did;
1606 
1607 	rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1608 				     NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED);
1609 	if (rc)
1610 		goto exit;
1611 
1612 	rc = digital_tg_send_atr_res(ddev, atr_req);
1613 	if (rc)
1614 		goto exit;
1615 
1616 	gb_len = resp->len - sizeof(struct digital_atr_req);
1617 
1618 	poll_tech_count = ddev->poll_tech_count;
1619 	ddev->poll_tech_count = 0;
1620 
1621 	rc = nfc_tm_activated(ddev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1622 			      NFC_COMM_PASSIVE, atr_req->gb, gb_len);
1623 	if (rc) {
1624 		ddev->poll_tech_count = poll_tech_count;
1625 		goto exit;
1626 	}
1627 
1628 	rc = 0;
1629 exit:
1630 	if (rc)
1631 		digital_poll_next_tech(ddev);
1632 
1633 	dev_kfree_skb(resp);
1634 }
1635