1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * NFC Digital Protocol stack
4 * Copyright (c) 2013, Intel Corporation.
5 */
6
7 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
8
9 #include "digital.h"
10
11 #define DIGITAL_NFC_DEP_N_RETRY_NACK 2
12 #define DIGITAL_NFC_DEP_N_RETRY_ATN 2
13
14 #define DIGITAL_NFC_DEP_FRAME_DIR_OUT 0xD4
15 #define DIGITAL_NFC_DEP_FRAME_DIR_IN 0xD5
16
17 #define DIGITAL_NFC_DEP_NFCA_SOD_SB 0xF0
18
19 #define DIGITAL_CMD_ATR_REQ 0x00
20 #define DIGITAL_CMD_ATR_RES 0x01
21 #define DIGITAL_CMD_PSL_REQ 0x04
22 #define DIGITAL_CMD_PSL_RES 0x05
23 #define DIGITAL_CMD_DEP_REQ 0x06
24 #define DIGITAL_CMD_DEP_RES 0x07
25
26 #define DIGITAL_ATR_REQ_MIN_SIZE 16
27 #define DIGITAL_ATR_REQ_MAX_SIZE 64
28
29 #define DIGITAL_ATR_RES_TO_WT(s) ((s) & 0xF)
30
31 #define DIGITAL_DID_MAX 14
32
33 #define DIGITAL_PAYLOAD_SIZE_MAX 254
34 #define DIGITAL_PAYLOAD_BITS_TO_PP(s) (((s) & 0x3) << 4)
35 #define DIGITAL_PAYLOAD_PP_TO_BITS(s) (((s) >> 4) & 0x3)
36 #define DIGITAL_PAYLOAD_BITS_TO_FSL(s) ((s) & 0x3)
37 #define DIGITAL_PAYLOAD_FSL_TO_BITS(s) ((s) & 0x3)
38
39 #define DIGITAL_GB_BIT 0x02
40
41 #define DIGITAL_NFC_DEP_REQ_RES_HEADROOM 2 /* SoD: [SB (NFC-A)] + LEN */
42 #define DIGITAL_NFC_DEP_REQ_RES_TAILROOM 2 /* EoD: 2-byte CRC */
43
44 #define DIGITAL_NFC_DEP_PFB_TYPE(pfb) ((pfb) & 0xE0)
45
46 #define DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT 0x10
47 #define DIGITAL_NFC_DEP_PFB_MI_BIT 0x10
48 #define DIGITAL_NFC_DEP_PFB_NACK_BIT 0x10
49 #define DIGITAL_NFC_DEP_PFB_DID_BIT 0x04
50
51 #define DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb) \
52 ((pfb) & DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT)
53 #define DIGITAL_NFC_DEP_MI_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_MI_BIT)
54 #define DIGITAL_NFC_DEP_NACK_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_NACK_BIT)
55 #define DIGITAL_NFC_DEP_NAD_BIT_SET(pfb) ((pfb) & 0x08)
56 #define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_DID_BIT)
57 #define DIGITAL_NFC_DEP_PFB_PNI(pfb) ((pfb) & 0x03)
58
59 #define DIGITAL_NFC_DEP_RTOX_VALUE(data) ((data) & 0x3F)
60 #define DIGITAL_NFC_DEP_RTOX_MAX 59
61
62 #define DIGITAL_NFC_DEP_PFB_I_PDU 0x00
63 #define DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU 0x40
64 #define DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU 0x80
65
66 struct digital_atr_req {
67 u8 dir;
68 u8 cmd;
69 u8 nfcid3[10];
70 u8 did;
71 u8 bs;
72 u8 br;
73 u8 pp;
74 u8 gb[0];
75 } __packed;
76
77 struct digital_atr_res {
78 u8 dir;
79 u8 cmd;
80 u8 nfcid3[10];
81 u8 did;
82 u8 bs;
83 u8 br;
84 u8 to;
85 u8 pp;
86 u8 gb[0];
87 } __packed;
88
89 struct digital_psl_req {
90 u8 dir;
91 u8 cmd;
92 u8 did;
93 u8 brs;
94 u8 fsl;
95 } __packed;
96
97 struct digital_psl_res {
98 u8 dir;
99 u8 cmd;
100 u8 did;
101 } __packed;
102
103 struct digital_dep_req_res {
104 u8 dir;
105 u8 cmd;
106 u8 pfb;
107 } __packed;
108
109 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
110 struct sk_buff *resp);
111 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
112 struct sk_buff *resp);
113
114 static const u8 digital_payload_bits_map[4] = {
115 [0] = 64,
116 [1] = 128,
117 [2] = 192,
118 [3] = 254
119 };
120
121 /* Response Waiting Time for ATR_RES PDU in ms
122 *
123 * RWT(ATR_RES) = RWT(nfcdep,activation) + dRWT(nfcdep) + dT(nfcdep,initiator)
124 *
125 * with:
126 * RWT(nfcdep,activation) = 4096 * 2^12 / f(c) s
127 * dRWT(nfcdep) = 16 / f(c) s
128 * dT(nfcdep,initiator) = 100 ms
129 * f(c) = 13560000 Hz
130 */
131 #define DIGITAL_ATR_RES_RWT 1337
132
133 /* Response Waiting Time for other DEP PDUs in ms
134 *
135 * max_rwt = rwt + dRWT(nfcdep) + dT(nfcdep,initiator)
136 *
137 * with:
138 * rwt = (256 * 16 / f(c)) * 2^wt s
139 * dRWT(nfcdep) = 16 / f(c) s
140 * dT(nfcdep,initiator) = 100 ms
141 * f(c) = 13560000 Hz
142 * 0 <= wt <= 14 (given by the target by the TO field of ATR_RES response)
143 */
144 #define DIGITAL_NFC_DEP_IN_MAX_WT 14
145 #define DIGITAL_NFC_DEP_TG_MAX_WT 14
146 static const u16 digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT + 1] = {
147 100, 101, 101, 102, 105,
148 110, 119, 139, 177, 255,
149 409, 719, 1337, 2575, 5049,
150 };
151
digital_payload_bits_to_size(u8 payload_bits)152 static u8 digital_payload_bits_to_size(u8 payload_bits)
153 {
154 if (payload_bits >= ARRAY_SIZE(digital_payload_bits_map))
155 return 0;
156
157 return digital_payload_bits_map[payload_bits];
158 }
159
digital_payload_size_to_bits(u8 payload_size)160 static u8 digital_payload_size_to_bits(u8 payload_size)
161 {
162 int i;
163
164 for (i = 0; i < ARRAY_SIZE(digital_payload_bits_map); i++)
165 if (digital_payload_bits_map[i] == payload_size)
166 return i;
167
168 return 0xff;
169 }
170
digital_skb_push_dep_sod(struct nfc_digital_dev * ddev,struct sk_buff * skb)171 static void digital_skb_push_dep_sod(struct nfc_digital_dev *ddev,
172 struct sk_buff *skb)
173 {
174 skb_push(skb, sizeof(u8));
175
176 skb->data[0] = skb->len;
177
178 if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
179 *(u8 *)skb_push(skb, sizeof(u8)) = DIGITAL_NFC_DEP_NFCA_SOD_SB;
180 }
181
digital_skb_pull_dep_sod(struct nfc_digital_dev * ddev,struct sk_buff * skb)182 static int digital_skb_pull_dep_sod(struct nfc_digital_dev *ddev,
183 struct sk_buff *skb)
184 {
185 u8 size;
186
187 if (skb->len < 2)
188 return -EIO;
189
190 if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
191 skb_pull(skb, sizeof(u8));
192
193 size = skb->data[0];
194 if (size != skb->len)
195 return -EIO;
196
197 skb_pull(skb, sizeof(u8));
198
199 return 0;
200 }
201
202 static struct sk_buff *
digital_send_dep_data_prep(struct nfc_digital_dev * ddev,struct sk_buff * skb,struct digital_dep_req_res * dep_req_res,struct digital_data_exch * data_exch)203 digital_send_dep_data_prep(struct nfc_digital_dev *ddev, struct sk_buff *skb,
204 struct digital_dep_req_res *dep_req_res,
205 struct digital_data_exch *data_exch)
206 {
207 struct sk_buff *new_skb;
208
209 if (skb->len > ddev->remote_payload_max) {
210 dep_req_res->pfb |= DIGITAL_NFC_DEP_PFB_MI_BIT;
211
212 new_skb = digital_skb_alloc(ddev, ddev->remote_payload_max);
213 if (!new_skb) {
214 kfree_skb(ddev->chaining_skb);
215 ddev->chaining_skb = NULL;
216
217 return ERR_PTR(-ENOMEM);
218 }
219
220 skb_put_data(new_skb, skb->data, ddev->remote_payload_max);
221 skb_pull(skb, ddev->remote_payload_max);
222
223 ddev->chaining_skb = skb;
224 ddev->data_exch = data_exch;
225 } else {
226 ddev->chaining_skb = NULL;
227 new_skb = skb;
228 }
229
230 return new_skb;
231 }
232
233 static struct sk_buff *
digital_recv_dep_data_gather(struct nfc_digital_dev * ddev,u8 pfb,struct sk_buff * resp,int (* send_ack)(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch),struct digital_data_exch * data_exch)234 digital_recv_dep_data_gather(struct nfc_digital_dev *ddev, u8 pfb,
235 struct sk_buff *resp,
236 int (*send_ack)(struct nfc_digital_dev *ddev,
237 struct digital_data_exch
238 *data_exch),
239 struct digital_data_exch *data_exch)
240 {
241 struct sk_buff *new_skb;
242 int rc;
243
244 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb) && (!ddev->chaining_skb)) {
245 ddev->chaining_skb =
246 nfc_alloc_recv_skb(8 * ddev->local_payload_max,
247 GFP_KERNEL);
248 if (!ddev->chaining_skb) {
249 rc = -ENOMEM;
250 goto error;
251 }
252 }
253
254 if (ddev->chaining_skb) {
255 if (resp->len > skb_tailroom(ddev->chaining_skb)) {
256 new_skb = skb_copy_expand(ddev->chaining_skb,
257 skb_headroom(
258 ddev->chaining_skb),
259 8 * ddev->local_payload_max,
260 GFP_KERNEL);
261 if (!new_skb) {
262 rc = -ENOMEM;
263 goto error;
264 }
265
266 kfree_skb(ddev->chaining_skb);
267 ddev->chaining_skb = new_skb;
268 }
269
270 skb_put_data(ddev->chaining_skb, resp->data, resp->len);
271
272 kfree_skb(resp);
273 resp = NULL;
274
275 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb)) {
276 rc = send_ack(ddev, data_exch);
277 if (rc)
278 goto error;
279
280 return NULL;
281 }
282
283 resp = ddev->chaining_skb;
284 ddev->chaining_skb = NULL;
285 }
286
287 return resp;
288
289 error:
290 kfree_skb(resp);
291
292 kfree_skb(ddev->chaining_skb);
293 ddev->chaining_skb = NULL;
294
295 return ERR_PTR(rc);
296 }
297
digital_in_recv_psl_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)298 static void digital_in_recv_psl_res(struct nfc_digital_dev *ddev, void *arg,
299 struct sk_buff *resp)
300 {
301 struct nfc_target *target = arg;
302 struct digital_psl_res *psl_res;
303 int rc;
304
305 if (IS_ERR(resp)) {
306 rc = PTR_ERR(resp);
307 resp = NULL;
308 goto exit;
309 }
310
311 rc = ddev->skb_check_crc(resp);
312 if (rc) {
313 PROTOCOL_ERR("14.4.1.6");
314 goto exit;
315 }
316
317 rc = digital_skb_pull_dep_sod(ddev, resp);
318 if (rc) {
319 PROTOCOL_ERR("14.4.1.2");
320 goto exit;
321 }
322
323 psl_res = (struct digital_psl_res *)resp->data;
324
325 if ((resp->len != sizeof(*psl_res)) ||
326 (psl_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN) ||
327 (psl_res->cmd != DIGITAL_CMD_PSL_RES)) {
328 rc = -EIO;
329 goto exit;
330 }
331
332 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
333 NFC_DIGITAL_RF_TECH_424F);
334 if (rc)
335 goto exit;
336
337 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
338 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
339 if (rc)
340 goto exit;
341
342 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev) &&
343 (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)) {
344 ddev->skb_add_crc = digital_skb_add_crc_f;
345 ddev->skb_check_crc = digital_skb_check_crc_f;
346 }
347
348 ddev->curr_rf_tech = NFC_DIGITAL_RF_TECH_424F;
349
350 nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
351 NFC_RF_INITIATOR);
352
353 ddev->curr_nfc_dep_pni = 0;
354
355 exit:
356 dev_kfree_skb(resp);
357
358 if (rc)
359 ddev->curr_protocol = 0;
360 }
361
digital_in_send_psl_req(struct nfc_digital_dev * ddev,struct nfc_target * target)362 static int digital_in_send_psl_req(struct nfc_digital_dev *ddev,
363 struct nfc_target *target)
364 {
365 struct sk_buff *skb;
366 struct digital_psl_req *psl_req;
367 int rc;
368 u8 payload_size, payload_bits;
369
370 skb = digital_skb_alloc(ddev, sizeof(*psl_req));
371 if (!skb)
372 return -ENOMEM;
373
374 skb_put(skb, sizeof(*psl_req));
375
376 psl_req = (struct digital_psl_req *)skb->data;
377
378 psl_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
379 psl_req->cmd = DIGITAL_CMD_PSL_REQ;
380 psl_req->did = 0;
381 psl_req->brs = (0x2 << 3) | 0x2; /* 424F both directions */
382
383 payload_size = min(ddev->local_payload_max, ddev->remote_payload_max);
384 payload_bits = digital_payload_size_to_bits(payload_size);
385 psl_req->fsl = DIGITAL_PAYLOAD_BITS_TO_FSL(payload_bits);
386
387 ddev->local_payload_max = payload_size;
388 ddev->remote_payload_max = payload_size;
389
390 digital_skb_push_dep_sod(ddev, skb);
391
392 ddev->skb_add_crc(skb);
393
394 rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
395 digital_in_recv_psl_res, target);
396 if (rc)
397 kfree_skb(skb);
398
399 return rc;
400 }
401
digital_in_recv_atr_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)402 static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
403 struct sk_buff *resp)
404 {
405 struct nfc_target *target = arg;
406 struct digital_atr_res *atr_res;
407 u8 gb_len, payload_bits;
408 u8 wt;
409 int rc;
410
411 if (IS_ERR(resp)) {
412 rc = PTR_ERR(resp);
413 resp = NULL;
414 goto exit;
415 }
416
417 rc = ddev->skb_check_crc(resp);
418 if (rc) {
419 PROTOCOL_ERR("14.4.1.6");
420 goto exit;
421 }
422
423 rc = digital_skb_pull_dep_sod(ddev, resp);
424 if (rc) {
425 PROTOCOL_ERR("14.4.1.2");
426 goto exit;
427 }
428
429 if (resp->len < sizeof(struct digital_atr_res)) {
430 rc = -EIO;
431 goto exit;
432 }
433
434 gb_len = resp->len - sizeof(struct digital_atr_res);
435
436 atr_res = (struct digital_atr_res *)resp->data;
437
438 wt = DIGITAL_ATR_RES_TO_WT(atr_res->to);
439 if (wt > DIGITAL_NFC_DEP_IN_MAX_WT)
440 wt = DIGITAL_NFC_DEP_IN_MAX_WT;
441 ddev->dep_rwt = digital_rwt_map[wt];
442
443 payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_res->pp);
444 ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
445
446 if (!ddev->remote_payload_max) {
447 rc = -EINVAL;
448 goto exit;
449 }
450
451 rc = nfc_set_remote_general_bytes(ddev->nfc_dev, atr_res->gb, gb_len);
452 if (rc)
453 goto exit;
454
455 if ((ddev->protocols & NFC_PROTO_FELICA_MASK) &&
456 (ddev->curr_rf_tech != NFC_DIGITAL_RF_TECH_424F)) {
457 rc = digital_in_send_psl_req(ddev, target);
458 if (!rc)
459 goto exit;
460 }
461
462 rc = nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
463 NFC_RF_INITIATOR);
464
465 ddev->curr_nfc_dep_pni = 0;
466
467 exit:
468 dev_kfree_skb(resp);
469
470 if (rc)
471 ddev->curr_protocol = 0;
472 }
473
digital_in_send_atr_req(struct nfc_digital_dev * ddev,struct nfc_target * target,__u8 comm_mode,__u8 * gb,size_t gb_len)474 int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
475 struct nfc_target *target, __u8 comm_mode, __u8 *gb,
476 size_t gb_len)
477 {
478 struct sk_buff *skb;
479 struct digital_atr_req *atr_req;
480 uint size;
481 int rc;
482 u8 payload_bits;
483
484 size = DIGITAL_ATR_REQ_MIN_SIZE + gb_len;
485
486 if (size > DIGITAL_ATR_REQ_MAX_SIZE) {
487 PROTOCOL_ERR("14.6.1.1");
488 return -EINVAL;
489 }
490
491 skb = digital_skb_alloc(ddev, size);
492 if (!skb)
493 return -ENOMEM;
494
495 skb_put(skb, sizeof(struct digital_atr_req));
496
497 atr_req = (struct digital_atr_req *)skb->data;
498 memset(atr_req, 0, sizeof(struct digital_atr_req));
499
500 atr_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
501 atr_req->cmd = DIGITAL_CMD_ATR_REQ;
502 if (target->nfcid2_len)
503 memcpy(atr_req->nfcid3, target->nfcid2, NFC_NFCID2_MAXSIZE);
504 else
505 get_random_bytes(atr_req->nfcid3, NFC_NFCID3_MAXSIZE);
506
507 atr_req->did = 0;
508 atr_req->bs = 0;
509 atr_req->br = 0;
510
511 ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
512 payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
513 atr_req->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
514
515 if (gb_len) {
516 atr_req->pp |= DIGITAL_GB_BIT;
517 skb_put_data(skb, gb, gb_len);
518 }
519
520 digital_skb_push_dep_sod(ddev, skb);
521
522 ddev->skb_add_crc(skb);
523
524 rc = digital_in_send_cmd(ddev, skb, DIGITAL_ATR_RES_RWT,
525 digital_in_recv_atr_res, target);
526 if (rc)
527 kfree_skb(skb);
528
529 return rc;
530 }
531
digital_in_send_ack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)532 static int digital_in_send_ack(struct nfc_digital_dev *ddev,
533 struct digital_data_exch *data_exch)
534 {
535 struct digital_dep_req_res *dep_req;
536 struct sk_buff *skb;
537 int rc;
538
539 skb = digital_skb_alloc(ddev, 1);
540 if (!skb)
541 return -ENOMEM;
542
543 skb_push(skb, sizeof(struct digital_dep_req_res));
544
545 dep_req = (struct digital_dep_req_res *)skb->data;
546
547 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
548 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
549 dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
550 ddev->curr_nfc_dep_pni;
551
552 digital_skb_push_dep_sod(ddev, skb);
553
554 ddev->skb_add_crc(skb);
555
556 ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
557
558 rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
559 digital_in_recv_dep_res, data_exch);
560 if (rc) {
561 kfree_skb(skb);
562 kfree_skb(ddev->saved_skb);
563 ddev->saved_skb = NULL;
564 }
565
566 return rc;
567 }
568
digital_in_send_nack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)569 static int digital_in_send_nack(struct nfc_digital_dev *ddev,
570 struct digital_data_exch *data_exch)
571 {
572 struct digital_dep_req_res *dep_req;
573 struct sk_buff *skb;
574 int rc;
575
576 skb = digital_skb_alloc(ddev, 1);
577 if (!skb)
578 return -ENOMEM;
579
580 skb_push(skb, sizeof(struct digital_dep_req_res));
581
582 dep_req = (struct digital_dep_req_res *)skb->data;
583
584 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
585 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
586 dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
587 DIGITAL_NFC_DEP_PFB_NACK_BIT | ddev->curr_nfc_dep_pni;
588
589 digital_skb_push_dep_sod(ddev, skb);
590
591 ddev->skb_add_crc(skb);
592
593 rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
594 digital_in_recv_dep_res, data_exch);
595 if (rc)
596 kfree_skb(skb);
597
598 return rc;
599 }
600
digital_in_send_atn(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)601 static int digital_in_send_atn(struct nfc_digital_dev *ddev,
602 struct digital_data_exch *data_exch)
603 {
604 struct digital_dep_req_res *dep_req;
605 struct sk_buff *skb;
606 int rc;
607
608 skb = digital_skb_alloc(ddev, 1);
609 if (!skb)
610 return -ENOMEM;
611
612 skb_push(skb, sizeof(struct digital_dep_req_res));
613
614 dep_req = (struct digital_dep_req_res *)skb->data;
615
616 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
617 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
618 dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
619
620 digital_skb_push_dep_sod(ddev, skb);
621
622 ddev->skb_add_crc(skb);
623
624 rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
625 digital_in_recv_dep_res, data_exch);
626 if (rc)
627 kfree_skb(skb);
628
629 return rc;
630 }
631
digital_in_send_rtox(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch,u8 rtox)632 static int digital_in_send_rtox(struct nfc_digital_dev *ddev,
633 struct digital_data_exch *data_exch, u8 rtox)
634 {
635 struct digital_dep_req_res *dep_req;
636 struct sk_buff *skb;
637 int rc;
638 u16 rwt_int;
639
640 rwt_int = ddev->dep_rwt * rtox;
641 if (rwt_int > digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT])
642 rwt_int = digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT];
643
644 skb = digital_skb_alloc(ddev, 1);
645 if (!skb)
646 return -ENOMEM;
647
648 skb_put_u8(skb, rtox);
649
650 skb_push(skb, sizeof(struct digital_dep_req_res));
651
652 dep_req = (struct digital_dep_req_res *)skb->data;
653
654 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
655 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
656 dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU |
657 DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT;
658
659 digital_skb_push_dep_sod(ddev, skb);
660
661 ddev->skb_add_crc(skb);
662
663 rc = digital_in_send_cmd(ddev, skb, rwt_int,
664 digital_in_recv_dep_res, data_exch);
665 if (rc)
666 kfree_skb(skb);
667
668 return rc;
669 }
670
digital_in_send_saved_skb(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)671 static int digital_in_send_saved_skb(struct nfc_digital_dev *ddev,
672 struct digital_data_exch *data_exch)
673 {
674 int rc;
675
676 if (!ddev->saved_skb)
677 return -EINVAL;
678
679 skb_get(ddev->saved_skb);
680
681 rc = digital_in_send_cmd(ddev, ddev->saved_skb, ddev->dep_rwt,
682 digital_in_recv_dep_res, data_exch);
683 if (rc)
684 kfree_skb(ddev->saved_skb);
685
686 return rc;
687 }
688
digital_in_recv_dep_res(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)689 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
690 struct sk_buff *resp)
691 {
692 struct digital_data_exch *data_exch = arg;
693 struct digital_dep_req_res *dep_res;
694 u8 pfb;
695 uint size;
696 int rc;
697 u8 rtox;
698
699 if (IS_ERR(resp)) {
700 rc = PTR_ERR(resp);
701 resp = NULL;
702
703 if ((rc == -EIO || (rc == -ETIMEDOUT && ddev->nack_count)) &&
704 (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
705 ddev->atn_count = 0;
706
707 rc = digital_in_send_nack(ddev, data_exch);
708 if (rc)
709 goto error;
710
711 return;
712 } else if ((rc == -ETIMEDOUT) &&
713 (ddev->atn_count++ < DIGITAL_NFC_DEP_N_RETRY_ATN)) {
714 ddev->nack_count = 0;
715
716 rc = digital_in_send_atn(ddev, data_exch);
717 if (rc)
718 goto error;
719
720 return;
721 }
722
723 goto exit;
724 }
725
726 rc = digital_skb_pull_dep_sod(ddev, resp);
727 if (rc) {
728 PROTOCOL_ERR("14.4.1.2");
729 goto exit;
730 }
731
732 rc = ddev->skb_check_crc(resp);
733 if (rc) {
734 if ((resp->len >= 4) &&
735 (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
736 ddev->atn_count = 0;
737
738 rc = digital_in_send_nack(ddev, data_exch);
739 if (rc)
740 goto error;
741
742 kfree_skb(resp);
743
744 return;
745 }
746
747 PROTOCOL_ERR("14.4.1.6");
748 goto error;
749 }
750
751 ddev->atn_count = 0;
752 ddev->nack_count = 0;
753
754 if (resp->len > ddev->local_payload_max) {
755 rc = -EMSGSIZE;
756 goto exit;
757 }
758
759 size = sizeof(struct digital_dep_req_res);
760 dep_res = (struct digital_dep_req_res *)resp->data;
761
762 if (resp->len < size || dep_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN ||
763 dep_res->cmd != DIGITAL_CMD_DEP_RES) {
764 rc = -EIO;
765 goto error;
766 }
767
768 pfb = dep_res->pfb;
769
770 if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
771 PROTOCOL_ERR("14.8.2.1");
772 rc = -EIO;
773 goto error;
774 }
775
776 if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
777 rc = -EIO;
778 goto exit;
779 }
780
781 if (size > resp->len) {
782 rc = -EIO;
783 goto error;
784 }
785
786 skb_pull(resp, size);
787
788 switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
789 case DIGITAL_NFC_DEP_PFB_I_PDU:
790 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
791 PROTOCOL_ERR("14.12.3.3");
792 rc = -EIO;
793 goto error;
794 }
795
796 ddev->curr_nfc_dep_pni =
797 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
798
799 kfree_skb(ddev->saved_skb);
800 ddev->saved_skb = NULL;
801
802 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
803 digital_in_send_ack,
804 data_exch);
805 if (IS_ERR(resp)) {
806 rc = PTR_ERR(resp);
807 resp = NULL;
808 goto error;
809 }
810
811 /* If resp is NULL then we're still chaining so return and
812 * wait for the next part of the PDU. Else, the PDU is
813 * complete so pass it up.
814 */
815 if (!resp)
816 return;
817
818 rc = 0;
819 break;
820
821 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
822 if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) {
823 PROTOCOL_ERR("14.12.4.5");
824 rc = -EIO;
825 goto exit;
826 }
827
828 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
829 PROTOCOL_ERR("14.12.3.3");
830 rc = -EIO;
831 goto exit;
832 }
833
834 ddev->curr_nfc_dep_pni =
835 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
836
837 if (!ddev->chaining_skb) {
838 PROTOCOL_ERR("14.12.4.3");
839 rc = -EIO;
840 goto exit;
841 }
842
843 /* The initiator has received a valid ACK. Free the last sent
844 * PDU and keep on sending chained skb.
845 */
846 kfree_skb(ddev->saved_skb);
847 ddev->saved_skb = NULL;
848
849 rc = digital_in_send_dep_req(ddev, NULL,
850 ddev->chaining_skb,
851 ddev->data_exch);
852 if (rc)
853 goto error;
854
855 goto free_resp;
856
857 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
858 if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { /* ATN */
859 rc = digital_in_send_saved_skb(ddev, data_exch);
860 if (rc)
861 goto error;
862
863 goto free_resp;
864 }
865
866 if (ddev->atn_count || ddev->nack_count) {
867 PROTOCOL_ERR("14.12.4.4");
868 rc = -EIO;
869 goto error;
870 }
871
872 rtox = DIGITAL_NFC_DEP_RTOX_VALUE(resp->data[0]);
873 if (!rtox || rtox > DIGITAL_NFC_DEP_RTOX_MAX) {
874 PROTOCOL_ERR("14.8.4.1");
875 rc = -EIO;
876 goto error;
877 }
878
879 rc = digital_in_send_rtox(ddev, data_exch, rtox);
880 if (rc)
881 goto error;
882
883 goto free_resp;
884 }
885
886 exit:
887 data_exch->cb(data_exch->cb_context, resp, rc);
888
889 error:
890 kfree(data_exch);
891
892 kfree_skb(ddev->chaining_skb);
893 ddev->chaining_skb = NULL;
894
895 kfree_skb(ddev->saved_skb);
896 ddev->saved_skb = NULL;
897
898 if (rc)
899 kfree_skb(resp);
900
901 return;
902
903 free_resp:
904 dev_kfree_skb(resp);
905 }
906
digital_in_send_dep_req(struct nfc_digital_dev * ddev,struct nfc_target * target,struct sk_buff * skb,struct digital_data_exch * data_exch)907 int digital_in_send_dep_req(struct nfc_digital_dev *ddev,
908 struct nfc_target *target, struct sk_buff *skb,
909 struct digital_data_exch *data_exch)
910 {
911 struct digital_dep_req_res *dep_req;
912 struct sk_buff *chaining_skb, *tmp_skb;
913 int rc;
914
915 skb_push(skb, sizeof(struct digital_dep_req_res));
916
917 dep_req = (struct digital_dep_req_res *)skb->data;
918
919 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
920 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
921 dep_req->pfb = ddev->curr_nfc_dep_pni;
922
923 ddev->atn_count = 0;
924 ddev->nack_count = 0;
925
926 chaining_skb = ddev->chaining_skb;
927
928 tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_req, data_exch);
929 if (IS_ERR(tmp_skb))
930 return PTR_ERR(tmp_skb);
931
932 digital_skb_push_dep_sod(ddev, tmp_skb);
933
934 ddev->skb_add_crc(tmp_skb);
935
936 ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
937
938 rc = digital_in_send_cmd(ddev, tmp_skb, ddev->dep_rwt,
939 digital_in_recv_dep_res, data_exch);
940 if (rc) {
941 if (tmp_skb != skb)
942 kfree_skb(tmp_skb);
943
944 kfree_skb(chaining_skb);
945 ddev->chaining_skb = NULL;
946
947 kfree_skb(ddev->saved_skb);
948 ddev->saved_skb = NULL;
949 }
950
951 return rc;
952 }
953
digital_tg_set_rf_tech(struct nfc_digital_dev * ddev,u8 rf_tech)954 static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech)
955 {
956 ddev->curr_rf_tech = rf_tech;
957
958 ddev->skb_add_crc = digital_skb_add_crc_none;
959 ddev->skb_check_crc = digital_skb_check_crc_none;
960
961 if (DIGITAL_DRV_CAPS_TG_CRC(ddev))
962 return;
963
964 switch (ddev->curr_rf_tech) {
965 case NFC_DIGITAL_RF_TECH_106A:
966 ddev->skb_add_crc = digital_skb_add_crc_a;
967 ddev->skb_check_crc = digital_skb_check_crc_a;
968 break;
969
970 case NFC_DIGITAL_RF_TECH_212F:
971 case NFC_DIGITAL_RF_TECH_424F:
972 ddev->skb_add_crc = digital_skb_add_crc_f;
973 ddev->skb_check_crc = digital_skb_check_crc_f;
974 break;
975
976 default:
977 break;
978 }
979 }
980
digital_tg_send_ack(struct nfc_digital_dev * ddev,struct digital_data_exch * data_exch)981 static int digital_tg_send_ack(struct nfc_digital_dev *ddev,
982 struct digital_data_exch *data_exch)
983 {
984 struct digital_dep_req_res *dep_res;
985 struct sk_buff *skb;
986 int rc;
987
988 skb = digital_skb_alloc(ddev, 1);
989 if (!skb)
990 return -ENOMEM;
991
992 skb_push(skb, sizeof(struct digital_dep_req_res));
993
994 dep_res = (struct digital_dep_req_res *)skb->data;
995
996 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
997 dep_res->cmd = DIGITAL_CMD_DEP_RES;
998 dep_res->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
999 ddev->curr_nfc_dep_pni;
1000
1001 if (ddev->did) {
1002 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1003
1004 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1005 }
1006
1007 ddev->curr_nfc_dep_pni =
1008 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1009
1010 digital_skb_push_dep_sod(ddev, skb);
1011
1012 ddev->skb_add_crc(skb);
1013
1014 ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
1015
1016 rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1017 data_exch);
1018 if (rc) {
1019 kfree_skb(skb);
1020 kfree_skb(ddev->saved_skb);
1021 ddev->saved_skb = NULL;
1022 }
1023
1024 return rc;
1025 }
1026
digital_tg_send_atn(struct nfc_digital_dev * ddev)1027 static int digital_tg_send_atn(struct nfc_digital_dev *ddev)
1028 {
1029 struct digital_dep_req_res *dep_res;
1030 struct sk_buff *skb;
1031 int rc;
1032
1033 skb = digital_skb_alloc(ddev, 1);
1034 if (!skb)
1035 return -ENOMEM;
1036
1037 skb_push(skb, sizeof(struct digital_dep_req_res));
1038
1039 dep_res = (struct digital_dep_req_res *)skb->data;
1040
1041 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1042 dep_res->cmd = DIGITAL_CMD_DEP_RES;
1043 dep_res->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
1044
1045 if (ddev->did) {
1046 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1047
1048 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1049 }
1050
1051 digital_skb_push_dep_sod(ddev, skb);
1052
1053 ddev->skb_add_crc(skb);
1054
1055 rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1056 NULL);
1057 if (rc)
1058 kfree_skb(skb);
1059
1060 return rc;
1061 }
1062
digital_tg_send_saved_skb(struct nfc_digital_dev * ddev)1063 static int digital_tg_send_saved_skb(struct nfc_digital_dev *ddev)
1064 {
1065 int rc;
1066
1067 if (!ddev->saved_skb)
1068 return -EINVAL;
1069
1070 skb_get(ddev->saved_skb);
1071
1072 rc = digital_tg_send_cmd(ddev, ddev->saved_skb, 1500,
1073 digital_tg_recv_dep_req, NULL);
1074 if (rc)
1075 kfree_skb(ddev->saved_skb);
1076
1077 return rc;
1078 }
1079
digital_tg_recv_dep_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1080 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
1081 struct sk_buff *resp)
1082 {
1083 int rc;
1084 struct digital_dep_req_res *dep_req;
1085 u8 pfb;
1086 size_t size;
1087
1088 if (IS_ERR(resp)) {
1089 rc = PTR_ERR(resp);
1090 resp = NULL;
1091 goto exit;
1092 }
1093
1094 rc = ddev->skb_check_crc(resp);
1095 if (rc) {
1096 PROTOCOL_ERR("14.4.1.6");
1097 goto exit;
1098 }
1099
1100 rc = digital_skb_pull_dep_sod(ddev, resp);
1101 if (rc) {
1102 PROTOCOL_ERR("14.4.1.2");
1103 goto exit;
1104 }
1105
1106 if (resp->len > ddev->local_payload_max) {
1107 rc = -EMSGSIZE;
1108 goto exit;
1109 }
1110
1111 size = sizeof(struct digital_dep_req_res);
1112 dep_req = (struct digital_dep_req_res *)resp->data;
1113
1114 if (resp->len < size || dep_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1115 dep_req->cmd != DIGITAL_CMD_DEP_REQ) {
1116 rc = -EIO;
1117 goto exit;
1118 }
1119
1120 pfb = dep_req->pfb;
1121
1122 if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
1123 if (ddev->did && (ddev->did == resp->data[3])) {
1124 size++;
1125 } else {
1126 rc = -EIO;
1127 goto exit;
1128 }
1129 } else if (ddev->did) {
1130 rc = -EIO;
1131 goto exit;
1132 }
1133
1134 if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
1135 rc = -EIO;
1136 goto exit;
1137 }
1138
1139 if (size > resp->len) {
1140 rc = -EIO;
1141 goto exit;
1142 }
1143
1144 skb_pull(resp, size);
1145
1146 switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
1147 case DIGITAL_NFC_DEP_PFB_I_PDU:
1148 pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n");
1149
1150 if (ddev->atn_count) {
1151 /* The target has received (and replied to) at least one
1152 * ATN DEP_REQ.
1153 */
1154 ddev->atn_count = 0;
1155
1156 /* pni of resp PDU equal to the target current pni - 1
1157 * means resp is the previous DEP_REQ PDU received from
1158 * the initiator so the target replies with saved_skb
1159 * which is the previous DEP_RES saved in
1160 * digital_tg_send_dep_res().
1161 */
1162 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) ==
1163 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni - 1)) {
1164 rc = digital_tg_send_saved_skb(ddev);
1165 if (rc)
1166 goto exit;
1167
1168 goto free_resp;
1169 }
1170
1171 /* atn_count > 0 and PDU pni != curr_nfc_dep_pni - 1
1172 * means the target probably did not received the last
1173 * DEP_REQ PDU sent by the initiator. The target
1174 * fallbacks to normal processing then.
1175 */
1176 }
1177
1178 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
1179 PROTOCOL_ERR("14.12.3.4");
1180 rc = -EIO;
1181 goto exit;
1182 }
1183
1184 kfree_skb(ddev->saved_skb);
1185 ddev->saved_skb = NULL;
1186
1187 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
1188 digital_tg_send_ack, NULL);
1189 if (IS_ERR(resp)) {
1190 rc = PTR_ERR(resp);
1191 resp = NULL;
1192 goto exit;
1193 }
1194
1195 /* If resp is NULL then we're still chaining so return and
1196 * wait for the next part of the PDU. Else, the PDU is
1197 * complete so pass it up.
1198 */
1199 if (!resp)
1200 return;
1201
1202 rc = 0;
1203 break;
1204 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
1205 if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* NACK */
1206 if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) !=
1207 ddev->curr_nfc_dep_pni) {
1208 rc = -EIO;
1209 goto exit;
1210 }
1211
1212 ddev->atn_count = 0;
1213
1214 rc = digital_tg_send_saved_skb(ddev);
1215 if (rc)
1216 goto exit;
1217
1218 goto free_resp;
1219 }
1220
1221 /* ACK */
1222 if (ddev->atn_count) {
1223 /* The target has previously recevied one or more ATN
1224 * PDUs.
1225 */
1226 ddev->atn_count = 0;
1227
1228 /* If the ACK PNI is equal to the target PNI - 1 means
1229 * that the initiator did not receive the previous PDU
1230 * sent by the target so re-send it.
1231 */
1232 if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) ==
1233 ddev->curr_nfc_dep_pni) {
1234 rc = digital_tg_send_saved_skb(ddev);
1235 if (rc)
1236 goto exit;
1237
1238 goto free_resp;
1239 }
1240
1241 /* Otherwise, the target did not receive the previous
1242 * ACK PDU from the initiator. Fallback to normal
1243 * processing of chained PDU then.
1244 */
1245 }
1246
1247 /* Keep on sending chained PDU */
1248 if (!ddev->chaining_skb ||
1249 DIGITAL_NFC_DEP_PFB_PNI(pfb) !=
1250 ddev->curr_nfc_dep_pni) {
1251 rc = -EIO;
1252 goto exit;
1253 }
1254
1255 kfree_skb(ddev->saved_skb);
1256 ddev->saved_skb = NULL;
1257
1258 rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb);
1259 if (rc)
1260 goto exit;
1261
1262 goto free_resp;
1263 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
1264 if (DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) {
1265 rc = -EINVAL;
1266 goto exit;
1267 }
1268
1269 rc = digital_tg_send_atn(ddev);
1270 if (rc)
1271 goto exit;
1272
1273 ddev->atn_count++;
1274
1275 goto free_resp;
1276 }
1277
1278 rc = nfc_tm_data_received(ddev->nfc_dev, resp);
1279 if (rc)
1280 resp = NULL;
1281
1282 exit:
1283 kfree_skb(ddev->chaining_skb);
1284 ddev->chaining_skb = NULL;
1285
1286 ddev->atn_count = 0;
1287
1288 kfree_skb(ddev->saved_skb);
1289 ddev->saved_skb = NULL;
1290
1291 if (rc)
1292 kfree_skb(resp);
1293
1294 return;
1295
1296 free_resp:
1297 dev_kfree_skb(resp);
1298 }
1299
digital_tg_send_dep_res(struct nfc_digital_dev * ddev,struct sk_buff * skb)1300 int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb)
1301 {
1302 struct digital_dep_req_res *dep_res;
1303 struct sk_buff *chaining_skb, *tmp_skb;
1304 int rc;
1305
1306 skb_push(skb, sizeof(struct digital_dep_req_res));
1307
1308 dep_res = (struct digital_dep_req_res *)skb->data;
1309
1310 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1311 dep_res->cmd = DIGITAL_CMD_DEP_RES;
1312 dep_res->pfb = ddev->curr_nfc_dep_pni;
1313
1314 if (ddev->did) {
1315 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1316
1317 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1318 }
1319
1320 ddev->curr_nfc_dep_pni =
1321 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1322
1323 chaining_skb = ddev->chaining_skb;
1324
1325 tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_res, NULL);
1326 if (IS_ERR(tmp_skb))
1327 return PTR_ERR(tmp_skb);
1328
1329 digital_skb_push_dep_sod(ddev, tmp_skb);
1330
1331 ddev->skb_add_crc(tmp_skb);
1332
1333 ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
1334
1335 rc = digital_tg_send_cmd(ddev, tmp_skb, 1500, digital_tg_recv_dep_req,
1336 NULL);
1337 if (rc) {
1338 if (tmp_skb != skb)
1339 kfree_skb(tmp_skb);
1340
1341 kfree_skb(chaining_skb);
1342 ddev->chaining_skb = NULL;
1343
1344 kfree_skb(ddev->saved_skb);
1345 ddev->saved_skb = NULL;
1346 }
1347
1348 return rc;
1349 }
1350
digital_tg_send_psl_res_complete(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1351 static void digital_tg_send_psl_res_complete(struct nfc_digital_dev *ddev,
1352 void *arg, struct sk_buff *resp)
1353 {
1354 u8 rf_tech = (unsigned long)arg;
1355
1356 if (IS_ERR(resp))
1357 return;
1358
1359 digital_tg_set_rf_tech(ddev, rf_tech);
1360
1361 digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
1362
1363 digital_tg_listen(ddev, 1500, digital_tg_recv_dep_req, NULL);
1364
1365 dev_kfree_skb(resp);
1366 }
1367
digital_tg_send_psl_res(struct nfc_digital_dev * ddev,u8 did,u8 rf_tech)1368 static int digital_tg_send_psl_res(struct nfc_digital_dev *ddev, u8 did,
1369 u8 rf_tech)
1370 {
1371 struct digital_psl_res *psl_res;
1372 struct sk_buff *skb;
1373 int rc;
1374
1375 skb = digital_skb_alloc(ddev, sizeof(struct digital_psl_res));
1376 if (!skb)
1377 return -ENOMEM;
1378
1379 skb_put(skb, sizeof(struct digital_psl_res));
1380
1381 psl_res = (struct digital_psl_res *)skb->data;
1382
1383 psl_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1384 psl_res->cmd = DIGITAL_CMD_PSL_RES;
1385 psl_res->did = did;
1386
1387 digital_skb_push_dep_sod(ddev, skb);
1388
1389 ddev->skb_add_crc(skb);
1390
1391 ddev->curr_nfc_dep_pni = 0;
1392
1393 rc = digital_tg_send_cmd(ddev, skb, 0, digital_tg_send_psl_res_complete,
1394 (void *)(unsigned long)rf_tech);
1395 if (rc)
1396 kfree_skb(skb);
1397
1398 return rc;
1399 }
1400
digital_tg_recv_psl_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1401 static void digital_tg_recv_psl_req(struct nfc_digital_dev *ddev, void *arg,
1402 struct sk_buff *resp)
1403 {
1404 int rc;
1405 struct digital_psl_req *psl_req;
1406 u8 rf_tech;
1407 u8 dsi, payload_size, payload_bits;
1408
1409 if (IS_ERR(resp)) {
1410 rc = PTR_ERR(resp);
1411 resp = NULL;
1412 goto exit;
1413 }
1414
1415 rc = ddev->skb_check_crc(resp);
1416 if (rc) {
1417 PROTOCOL_ERR("14.4.1.6");
1418 goto exit;
1419 }
1420
1421 rc = digital_skb_pull_dep_sod(ddev, resp);
1422 if (rc) {
1423 PROTOCOL_ERR("14.4.1.2");
1424 goto exit;
1425 }
1426
1427 psl_req = (struct digital_psl_req *)resp->data;
1428
1429 if (resp->len != sizeof(struct digital_psl_req) ||
1430 psl_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1431 psl_req->cmd != DIGITAL_CMD_PSL_REQ) {
1432 rc = -EIO;
1433 goto exit;
1434 }
1435
1436 dsi = (psl_req->brs >> 3) & 0x07;
1437 switch (dsi) {
1438 case 0:
1439 rf_tech = NFC_DIGITAL_RF_TECH_106A;
1440 break;
1441 case 1:
1442 rf_tech = NFC_DIGITAL_RF_TECH_212F;
1443 break;
1444 case 2:
1445 rf_tech = NFC_DIGITAL_RF_TECH_424F;
1446 break;
1447 default:
1448 pr_err("Unsupported dsi value %d\n", dsi);
1449 goto exit;
1450 }
1451
1452 payload_bits = DIGITAL_PAYLOAD_FSL_TO_BITS(psl_req->fsl);
1453 payload_size = digital_payload_bits_to_size(payload_bits);
1454
1455 if (!payload_size || (payload_size > min(ddev->local_payload_max,
1456 ddev->remote_payload_max))) {
1457 rc = -EINVAL;
1458 goto exit;
1459 }
1460
1461 ddev->local_payload_max = payload_size;
1462 ddev->remote_payload_max = payload_size;
1463
1464 rc = digital_tg_send_psl_res(ddev, psl_req->did, rf_tech);
1465
1466 exit:
1467 kfree_skb(resp);
1468 }
1469
digital_tg_send_atr_res_complete(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1470 static void digital_tg_send_atr_res_complete(struct nfc_digital_dev *ddev,
1471 void *arg, struct sk_buff *resp)
1472 {
1473 int offset;
1474
1475 if (IS_ERR(resp)) {
1476 digital_poll_next_tech(ddev);
1477 return;
1478 }
1479
1480 offset = 2;
1481 if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB)
1482 offset++;
1483
1484 ddev->atn_count = 0;
1485
1486 if (resp->data[offset] == DIGITAL_CMD_PSL_REQ)
1487 digital_tg_recv_psl_req(ddev, arg, resp);
1488 else
1489 digital_tg_recv_dep_req(ddev, arg, resp);
1490 }
1491
digital_tg_send_atr_res(struct nfc_digital_dev * ddev,struct digital_atr_req * atr_req)1492 static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
1493 struct digital_atr_req *atr_req)
1494 {
1495 struct digital_atr_res *atr_res;
1496 struct sk_buff *skb;
1497 u8 *gb, payload_bits;
1498 size_t gb_len;
1499 int rc;
1500
1501 gb = nfc_get_local_general_bytes(ddev->nfc_dev, &gb_len);
1502 if (!gb)
1503 gb_len = 0;
1504
1505 skb = digital_skb_alloc(ddev, sizeof(struct digital_atr_res) + gb_len);
1506 if (!skb)
1507 return -ENOMEM;
1508
1509 skb_put(skb, sizeof(struct digital_atr_res));
1510 atr_res = (struct digital_atr_res *)skb->data;
1511
1512 memset(atr_res, 0, sizeof(struct digital_atr_res));
1513
1514 atr_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1515 atr_res->cmd = DIGITAL_CMD_ATR_RES;
1516 memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3));
1517 atr_res->to = DIGITAL_NFC_DEP_TG_MAX_WT;
1518
1519 ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
1520 payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
1521 atr_res->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
1522
1523 if (gb_len) {
1524 skb_put(skb, gb_len);
1525
1526 atr_res->pp |= DIGITAL_GB_BIT;
1527 memcpy(atr_res->gb, gb, gb_len);
1528 }
1529
1530 digital_skb_push_dep_sod(ddev, skb);
1531
1532 ddev->skb_add_crc(skb);
1533
1534 ddev->curr_nfc_dep_pni = 0;
1535
1536 rc = digital_tg_send_cmd(ddev, skb, 999,
1537 digital_tg_send_atr_res_complete, NULL);
1538 if (rc)
1539 kfree_skb(skb);
1540
1541 return rc;
1542 }
1543
digital_tg_recv_atr_req(struct nfc_digital_dev * ddev,void * arg,struct sk_buff * resp)1544 void digital_tg_recv_atr_req(struct nfc_digital_dev *ddev, void *arg,
1545 struct sk_buff *resp)
1546 {
1547 int rc;
1548 struct digital_atr_req *atr_req;
1549 size_t gb_len, min_size;
1550 u8 poll_tech_count, payload_bits;
1551
1552 if (IS_ERR(resp)) {
1553 rc = PTR_ERR(resp);
1554 resp = NULL;
1555 goto exit;
1556 }
1557
1558 if (!resp->len) {
1559 rc = -EIO;
1560 goto exit;
1561 }
1562
1563 if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB) {
1564 min_size = DIGITAL_ATR_REQ_MIN_SIZE + 2;
1565 digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_106A);
1566 } else {
1567 min_size = DIGITAL_ATR_REQ_MIN_SIZE + 1;
1568 digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_212F);
1569 }
1570
1571 if (resp->len < min_size) {
1572 rc = -EIO;
1573 goto exit;
1574 }
1575
1576 ddev->curr_protocol = NFC_PROTO_NFC_DEP_MASK;
1577
1578 rc = ddev->skb_check_crc(resp);
1579 if (rc) {
1580 PROTOCOL_ERR("14.4.1.6");
1581 goto exit;
1582 }
1583
1584 rc = digital_skb_pull_dep_sod(ddev, resp);
1585 if (rc) {
1586 PROTOCOL_ERR("14.4.1.2");
1587 goto exit;
1588 }
1589
1590 atr_req = (struct digital_atr_req *)resp->data;
1591
1592 if (atr_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1593 atr_req->cmd != DIGITAL_CMD_ATR_REQ ||
1594 atr_req->did > DIGITAL_DID_MAX) {
1595 rc = -EINVAL;
1596 goto exit;
1597 }
1598
1599 payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_req->pp);
1600 ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
1601
1602 if (!ddev->remote_payload_max) {
1603 rc = -EINVAL;
1604 goto exit;
1605 }
1606
1607 ddev->did = atr_req->did;
1608
1609 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1610 NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED);
1611 if (rc)
1612 goto exit;
1613
1614 rc = digital_tg_send_atr_res(ddev, atr_req);
1615 if (rc)
1616 goto exit;
1617
1618 gb_len = resp->len - sizeof(struct digital_atr_req);
1619
1620 poll_tech_count = ddev->poll_tech_count;
1621 ddev->poll_tech_count = 0;
1622
1623 rc = nfc_tm_activated(ddev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1624 NFC_COMM_PASSIVE, atr_req->gb, gb_len);
1625 if (rc) {
1626 ddev->poll_tech_count = poll_tech_count;
1627 goto exit;
1628 }
1629
1630 rc = 0;
1631 exit:
1632 if (rc)
1633 digital_poll_next_tech(ddev);
1634
1635 dev_kfree_skb(resp);
1636 }
1637