• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Sony NFC Port-100 Series driver
4  * Copyright (c) 2013, Intel Corporation.
5  *
6  * Partly based/Inspired by Stephen Tiedemann's nfcpy
7  */
8 
9 #include <linux/module.h>
10 #include <linux/usb.h>
11 #include <net/nfc/digital.h>
12 
13 #define VERSION "0.1"
14 
15 #define SONY_VENDOR_ID		0x054c
16 #define RCS380S_PRODUCT_ID	0x06c1
17 #define RCS380P_PRODUCT_ID	0x06c3
18 
19 #define PORT100_PROTOCOLS (NFC_PROTO_JEWEL_MASK    | \
20 			   NFC_PROTO_MIFARE_MASK   | \
21 			   NFC_PROTO_FELICA_MASK   | \
22 			   NFC_PROTO_NFC_DEP_MASK  | \
23 			   NFC_PROTO_ISO14443_MASK | \
24 			   NFC_PROTO_ISO14443_B_MASK)
25 
26 #define PORT100_CAPABILITIES (NFC_DIGITAL_DRV_CAPS_IN_CRC | \
27 			      NFC_DIGITAL_DRV_CAPS_TG_CRC)
28 
29 /* Standard port100 frame definitions */
30 #define PORT100_FRAME_HEADER_LEN (sizeof(struct port100_frame) \
31 				  + 2) /* data[0] CC, data[1] SCC */
32 #define PORT100_FRAME_TAIL_LEN 2 /* data[len] DCS, data[len + 1] postamble*/
33 
34 #define PORT100_COMM_RF_HEAD_MAX_LEN (sizeof(struct port100_tg_comm_rf_cmd))
35 
36 /*
37  * Max extended frame payload len, excluding CC and SCC
38  * which are already in PORT100_FRAME_HEADER_LEN.
39  */
40 #define PORT100_FRAME_MAX_PAYLOAD_LEN 1001
41 
42 #define PORT100_FRAME_ACK_SIZE 6 /* Preamble (1), SoPC (2), ACK Code (2),
43 				    Postamble (1) */
44 static u8 ack_frame[PORT100_FRAME_ACK_SIZE] = {
45 	0x00, 0x00, 0xff, 0x00, 0xff, 0x00
46 };
47 
48 #define PORT100_FRAME_CHECKSUM(f) (f->data[le16_to_cpu(f->datalen)])
49 #define PORT100_FRAME_POSTAMBLE(f) (f->data[le16_to_cpu(f->datalen) + 1])
50 
51 /* start of frame */
52 #define PORT100_FRAME_SOF	0x00FF
53 #define PORT100_FRAME_EXT	0xFFFF
54 #define PORT100_FRAME_ACK	0x00FF
55 
56 /* Port-100 command: in or out */
57 #define PORT100_FRAME_DIRECTION(f) (f->data[0]) /* CC */
58 #define PORT100_FRAME_DIR_OUT 0xD6
59 #define PORT100_FRAME_DIR_IN  0xD7
60 
61 /* Port-100 sub-command */
62 #define PORT100_FRAME_CMD(f) (f->data[1]) /* SCC */
63 
64 #define PORT100_CMD_GET_FIRMWARE_VERSION 0x20
65 #define PORT100_CMD_GET_COMMAND_TYPE     0x28
66 #define PORT100_CMD_SET_COMMAND_TYPE     0x2A
67 
68 #define PORT100_CMD_IN_SET_RF       0x00
69 #define PORT100_CMD_IN_SET_PROTOCOL 0x02
70 #define PORT100_CMD_IN_COMM_RF      0x04
71 
72 #define PORT100_CMD_TG_SET_RF       0x40
73 #define PORT100_CMD_TG_SET_PROTOCOL 0x42
74 #define PORT100_CMD_TG_SET_RF_OFF   0x46
75 #define PORT100_CMD_TG_COMM_RF      0x48
76 
77 #define PORT100_CMD_SWITCH_RF       0x06
78 
79 #define PORT100_CMD_RESPONSE(cmd) (cmd + 1)
80 
81 #define PORT100_CMD_TYPE_IS_SUPPORTED(mask, cmd_type) \
82 	((mask) & (0x01 << (cmd_type)))
83 #define PORT100_CMD_TYPE_0	0
84 #define PORT100_CMD_TYPE_1	1
85 
86 #define PORT100_CMD_STATUS_OK      0x00
87 #define PORT100_CMD_STATUS_TIMEOUT 0x80
88 
89 #define PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK 0x01
90 #define PORT100_MDAA_TGT_WAS_ACTIVATED_MASK      0x02
91 
92 struct port100;
93 
94 typedef void (*port100_send_async_complete_t)(struct port100 *dev, void *arg,
95 					      struct sk_buff *resp);
96 
97 /*
98  * Setting sets structure for in_set_rf command
99  *
100  * @in_*_set_number: Represent the entry indexes in the port-100 RF Base Table.
101  *              This table contains multiple RF setting sets required for RF
102  *              communication.
103  *
104  * @in_*_comm_type: Theses fields set the communication type to be used.
105  */
106 struct port100_in_rf_setting {
107 	u8 in_send_set_number;
108 	u8 in_send_comm_type;
109 	u8 in_recv_set_number;
110 	u8 in_recv_comm_type;
111 } __packed;
112 
113 #define PORT100_COMM_TYPE_IN_212F 0x01
114 #define PORT100_COMM_TYPE_IN_424F 0x02
115 #define PORT100_COMM_TYPE_IN_106A 0x03
116 #define PORT100_COMM_TYPE_IN_106B 0x07
117 
118 static const struct port100_in_rf_setting in_rf_settings[] = {
119 	[NFC_DIGITAL_RF_TECH_212F] = {
120 		.in_send_set_number = 1,
121 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_212F,
122 		.in_recv_set_number = 15,
123 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_212F,
124 	},
125 	[NFC_DIGITAL_RF_TECH_424F] = {
126 		.in_send_set_number = 1,
127 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_424F,
128 		.in_recv_set_number = 15,
129 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_424F,
130 	},
131 	[NFC_DIGITAL_RF_TECH_106A] = {
132 		.in_send_set_number = 2,
133 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_106A,
134 		.in_recv_set_number = 15,
135 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_106A,
136 	},
137 	[NFC_DIGITAL_RF_TECH_106B] = {
138 		.in_send_set_number = 3,
139 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_106B,
140 		.in_recv_set_number = 15,
141 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_106B,
142 	},
143 	/* Ensures the array has NFC_DIGITAL_RF_TECH_LAST elements */
144 	[NFC_DIGITAL_RF_TECH_LAST] = { 0 },
145 };
146 
147 /**
148  * struct port100_tg_rf_setting - Setting sets structure for tg_set_rf command
149  *
150  * @tg_set_number: Represents the entry index in the port-100 RF Base Table.
151  *                 This table contains multiple RF setting sets required for RF
152  *                 communication. this field is used for both send and receive
153  *                 settings.
154  *
155  * @tg_comm_type: Sets the communication type to be used to send and receive
156  *                data.
157  */
158 struct port100_tg_rf_setting {
159 	u8 tg_set_number;
160 	u8 tg_comm_type;
161 } __packed;
162 
163 #define PORT100_COMM_TYPE_TG_106A 0x0B
164 #define PORT100_COMM_TYPE_TG_212F 0x0C
165 #define PORT100_COMM_TYPE_TG_424F 0x0D
166 
167 static const struct port100_tg_rf_setting tg_rf_settings[] = {
168 	[NFC_DIGITAL_RF_TECH_106A] = {
169 		.tg_set_number = 8,
170 		.tg_comm_type = PORT100_COMM_TYPE_TG_106A,
171 	},
172 	[NFC_DIGITAL_RF_TECH_212F] = {
173 		.tg_set_number = 8,
174 		.tg_comm_type = PORT100_COMM_TYPE_TG_212F,
175 	},
176 	[NFC_DIGITAL_RF_TECH_424F] = {
177 		.tg_set_number = 8,
178 		.tg_comm_type = PORT100_COMM_TYPE_TG_424F,
179 	},
180 	/* Ensures the array has NFC_DIGITAL_RF_TECH_LAST elements */
181 	[NFC_DIGITAL_RF_TECH_LAST] = { 0 },
182 
183 };
184 
185 #define PORT100_IN_PROT_INITIAL_GUARD_TIME      0x00
186 #define PORT100_IN_PROT_ADD_CRC                 0x01
187 #define PORT100_IN_PROT_CHECK_CRC               0x02
188 #define PORT100_IN_PROT_MULTI_CARD              0x03
189 #define PORT100_IN_PROT_ADD_PARITY              0x04
190 #define PORT100_IN_PROT_CHECK_PARITY            0x05
191 #define PORT100_IN_PROT_BITWISE_AC_RECV_MODE    0x06
192 #define PORT100_IN_PROT_VALID_BIT_NUMBER        0x07
193 #define PORT100_IN_PROT_CRYPTO1                 0x08
194 #define PORT100_IN_PROT_ADD_SOF                 0x09
195 #define PORT100_IN_PROT_CHECK_SOF               0x0A
196 #define PORT100_IN_PROT_ADD_EOF                 0x0B
197 #define PORT100_IN_PROT_CHECK_EOF               0x0C
198 #define PORT100_IN_PROT_DEAF_TIME               0x0E
199 #define PORT100_IN_PROT_CRM                     0x0F
200 #define PORT100_IN_PROT_CRM_MIN_LEN             0x10
201 #define PORT100_IN_PROT_T1_TAG_FRAME            0x11
202 #define PORT100_IN_PROT_RFCA                    0x12
203 #define PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR 0x13
204 #define PORT100_IN_PROT_END                     0x14
205 
206 #define PORT100_IN_MAX_NUM_PROTOCOLS            19
207 
208 #define PORT100_TG_PROT_TU           0x00
209 #define PORT100_TG_PROT_RF_OFF       0x01
210 #define PORT100_TG_PROT_CRM          0x02
211 #define PORT100_TG_PROT_END          0x03
212 
213 #define PORT100_TG_MAX_NUM_PROTOCOLS 3
214 
215 struct port100_protocol {
216 	u8 number;
217 	u8 value;
218 } __packed;
219 
220 static const struct port100_protocol
221 in_protocols[][PORT100_IN_MAX_NUM_PROTOCOLS + 1] = {
222 	[NFC_DIGITAL_FRAMING_NFCA_SHORT] = {
223 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
224 		{ PORT100_IN_PROT_ADD_CRC,                 0 },
225 		{ PORT100_IN_PROT_CHECK_CRC,               0 },
226 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
227 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
228 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
229 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
230 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        7 },
231 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
232 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
233 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
234 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
235 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
236 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
237 		{ PORT100_IN_PROT_CRM,                     0 },
238 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
239 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
240 		{ PORT100_IN_PROT_RFCA,                    0 },
241 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
242 		{ PORT100_IN_PROT_END,                     0 },
243 	},
244 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD] = {
245 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
246 		{ PORT100_IN_PROT_ADD_CRC,                 0 },
247 		{ PORT100_IN_PROT_CHECK_CRC,               0 },
248 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
249 		{ PORT100_IN_PROT_ADD_PARITY,              1 },
250 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
251 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
252 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
253 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
254 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
255 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
256 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
257 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
258 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
259 		{ PORT100_IN_PROT_CRM,                     0 },
260 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
261 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
262 		{ PORT100_IN_PROT_RFCA,                    0 },
263 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
264 		{ PORT100_IN_PROT_END,                     0 },
265 	},
266 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A] = {
267 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
268 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
269 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
270 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
271 		{ PORT100_IN_PROT_ADD_PARITY,              1 },
272 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
273 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
274 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
275 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
276 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
277 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
278 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
279 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
280 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
281 		{ PORT100_IN_PROT_CRM,                     0 },
282 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
283 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
284 		{ PORT100_IN_PROT_RFCA,                    0 },
285 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
286 		{ PORT100_IN_PROT_END,                     0 },
287 	},
288 	[NFC_DIGITAL_FRAMING_NFCA_T1T] = {
289 		/* nfc_digital_framing_nfca_short */
290 		{ PORT100_IN_PROT_ADD_CRC,          2 },
291 		{ PORT100_IN_PROT_CHECK_CRC,        2 },
292 		{ PORT100_IN_PROT_VALID_BIT_NUMBER, 8 },
293 		{ PORT100_IN_PROT_T1_TAG_FRAME,     2 },
294 		{ PORT100_IN_PROT_END,              0 },
295 	},
296 	[NFC_DIGITAL_FRAMING_NFCA_T2T] = {
297 		/* nfc_digital_framing_nfca_standard */
298 		{ PORT100_IN_PROT_ADD_CRC,   1 },
299 		{ PORT100_IN_PROT_CHECK_CRC, 0 },
300 		{ PORT100_IN_PROT_END,       0 },
301 	},
302 	[NFC_DIGITAL_FRAMING_NFCA_T4T] = {
303 		/* nfc_digital_framing_nfca_standard_with_crc_a */
304 		{ PORT100_IN_PROT_END,       0 },
305 	},
306 	[NFC_DIGITAL_FRAMING_NFCA_NFC_DEP] = {
307 		/* nfc_digital_framing_nfca_standard */
308 		{ PORT100_IN_PROT_END, 0 },
309 	},
310 	[NFC_DIGITAL_FRAMING_NFCF] = {
311 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     18 },
312 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
313 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
314 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
315 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
316 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
317 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
318 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
319 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
320 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
321 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
322 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
323 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
324 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
325 		{ PORT100_IN_PROT_CRM,                     0 },
326 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
327 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
328 		{ PORT100_IN_PROT_RFCA,                    0 },
329 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
330 		{ PORT100_IN_PROT_END,                     0 },
331 	},
332 	[NFC_DIGITAL_FRAMING_NFCF_T3T] = {
333 		/* nfc_digital_framing_nfcf */
334 		{ PORT100_IN_PROT_END, 0 },
335 	},
336 	[NFC_DIGITAL_FRAMING_NFCF_NFC_DEP] = {
337 		/* nfc_digital_framing_nfcf */
338 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     18 },
339 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
340 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
341 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
342 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
343 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
344 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
345 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
346 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
347 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
348 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
349 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
350 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
351 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
352 		{ PORT100_IN_PROT_CRM,                     0 },
353 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
354 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
355 		{ PORT100_IN_PROT_RFCA,                    0 },
356 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
357 		{ PORT100_IN_PROT_END,                     0 },
358 	},
359 	[NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED] = {
360 		{ PORT100_IN_PROT_END, 0 },
361 	},
362 	[NFC_DIGITAL_FRAMING_NFCB] = {
363 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     20 },
364 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
365 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
366 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
367 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
368 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
369 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
370 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
371 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
372 		{ PORT100_IN_PROT_ADD_SOF,                 1 },
373 		{ PORT100_IN_PROT_CHECK_SOF,               1 },
374 		{ PORT100_IN_PROT_ADD_EOF,                 1 },
375 		{ PORT100_IN_PROT_CHECK_EOF,               1 },
376 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
377 		{ PORT100_IN_PROT_CRM,                     0 },
378 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
379 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
380 		{ PORT100_IN_PROT_RFCA,                    0 },
381 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
382 		{ PORT100_IN_PROT_END,                     0 },
383 	},
384 	[NFC_DIGITAL_FRAMING_NFCB_T4T] = {
385 		/* nfc_digital_framing_nfcb */
386 		{ PORT100_IN_PROT_END,                     0 },
387 	},
388 	/* Ensures the array has NFC_DIGITAL_FRAMING_LAST elements */
389 	[NFC_DIGITAL_FRAMING_LAST] = {
390 		{ PORT100_IN_PROT_END, 0 },
391 	},
392 };
393 
394 static const struct port100_protocol
395 tg_protocols[][PORT100_TG_MAX_NUM_PROTOCOLS + 1] = {
396 	[NFC_DIGITAL_FRAMING_NFCA_SHORT] = {
397 		{ PORT100_TG_PROT_END, 0 },
398 	},
399 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD] = {
400 		{ PORT100_TG_PROT_END, 0 },
401 	},
402 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A] = {
403 		{ PORT100_TG_PROT_END, 0 },
404 	},
405 	[NFC_DIGITAL_FRAMING_NFCA_T1T] = {
406 		{ PORT100_TG_PROT_END, 0 },
407 	},
408 	[NFC_DIGITAL_FRAMING_NFCA_T2T] = {
409 		{ PORT100_TG_PROT_END, 0 },
410 	},
411 	[NFC_DIGITAL_FRAMING_NFCA_NFC_DEP] = {
412 		{ PORT100_TG_PROT_TU,     1 },
413 		{ PORT100_TG_PROT_RF_OFF, 0 },
414 		{ PORT100_TG_PROT_CRM,    7 },
415 		{ PORT100_TG_PROT_END,    0 },
416 	},
417 	[NFC_DIGITAL_FRAMING_NFCF] = {
418 		{ PORT100_TG_PROT_END, 0 },
419 	},
420 	[NFC_DIGITAL_FRAMING_NFCF_T3T] = {
421 		{ PORT100_TG_PROT_END, 0 },
422 	},
423 	[NFC_DIGITAL_FRAMING_NFCF_NFC_DEP] = {
424 		{ PORT100_TG_PROT_TU,     1 },
425 		{ PORT100_TG_PROT_RF_OFF, 0 },
426 		{ PORT100_TG_PROT_CRM,    7 },
427 		{ PORT100_TG_PROT_END,    0 },
428 	},
429 	[NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED] = {
430 		{ PORT100_TG_PROT_RF_OFF, 1 },
431 		{ PORT100_TG_PROT_END,    0 },
432 	},
433 	/* Ensures the array has NFC_DIGITAL_FRAMING_LAST elements */
434 	[NFC_DIGITAL_FRAMING_LAST] = {
435 		{ PORT100_TG_PROT_END,    0 },
436 	},
437 };
438 
439 struct port100 {
440 	struct nfc_digital_dev *nfc_digital_dev;
441 
442 	int skb_headroom;
443 	int skb_tailroom;
444 
445 	struct usb_device *udev;
446 	struct usb_interface *interface;
447 
448 	struct urb *out_urb;
449 	struct urb *in_urb;
450 
451 	/* This mutex protects the out_urb and avoids to submit a new command
452 	 * through port100_send_frame_async() while the previous one is being
453 	 * canceled through port100_abort_cmd().
454 	 */
455 	struct mutex out_urb_lock;
456 
457 	struct work_struct cmd_complete_work;
458 
459 	u8 cmd_type;
460 
461 	/* The digital stack serializes commands to be sent. There is no need
462 	 * for any queuing/locking mechanism at driver level.
463 	 */
464 	struct port100_cmd *cmd;
465 
466 	bool cmd_cancel;
467 	struct completion cmd_cancel_done;
468 };
469 
470 struct port100_cmd {
471 	u8 code;
472 	int status;
473 	struct sk_buff *req;
474 	struct sk_buff *resp;
475 	int resp_len;
476 	port100_send_async_complete_t  complete_cb;
477 	void *complete_cb_context;
478 };
479 
480 struct port100_frame {
481 	u8 preamble;
482 	__be16 start_frame;
483 	__be16 extended_frame;
484 	__le16 datalen;
485 	u8 datalen_checksum;
486 	u8 data[];
487 } __packed;
488 
489 struct port100_ack_frame {
490 	u8 preamble;
491 	__be16 start_frame;
492 	__be16 ack_frame;
493 	u8 postambule;
494 } __packed;
495 
496 struct port100_cb_arg {
497 	nfc_digital_cmd_complete_t complete_cb;
498 	void *complete_arg;
499 	u8 mdaa;
500 };
501 
502 struct port100_tg_comm_rf_cmd {
503 	__le16 guard_time;
504 	__le16 send_timeout;
505 	u8 mdaa;
506 	u8 nfca_param[6];
507 	u8 nfcf_param[18];
508 	u8 mf_halted;
509 	u8 arae_flag;
510 	__le16 recv_timeout;
511 	u8 data[];
512 } __packed;
513 
514 struct port100_tg_comm_rf_res {
515 	u8 comm_type;
516 	u8 ar_status;
517 	u8 target_activated;
518 	__le32 status;
519 	u8 data[];
520 } __packed;
521 
522 /* The rule: value + checksum = 0 */
port100_checksum(u16 value)523 static inline u8 port100_checksum(u16 value)
524 {
525 	return ~(((u8 *)&value)[0] + ((u8 *)&value)[1]) + 1;
526 }
527 
528 /* The rule: sum(data elements) + checksum = 0 */
port100_data_checksum(const u8 * data,int datalen)529 static u8 port100_data_checksum(const u8 *data, int datalen)
530 {
531 	u8 sum = 0;
532 	int i;
533 
534 	for (i = 0; i < datalen; i++)
535 		sum += data[i];
536 
537 	return port100_checksum(sum);
538 }
539 
port100_tx_frame_init(void * _frame,u8 cmd_code)540 static void port100_tx_frame_init(void *_frame, u8 cmd_code)
541 {
542 	struct port100_frame *frame = _frame;
543 
544 	frame->preamble = 0;
545 	frame->start_frame = cpu_to_be16(PORT100_FRAME_SOF);
546 	frame->extended_frame = cpu_to_be16(PORT100_FRAME_EXT);
547 	PORT100_FRAME_DIRECTION(frame) = PORT100_FRAME_DIR_OUT;
548 	PORT100_FRAME_CMD(frame) = cmd_code;
549 	frame->datalen = cpu_to_le16(2);
550 }
551 
port100_tx_frame_finish(void * _frame)552 static void port100_tx_frame_finish(void *_frame)
553 {
554 	struct port100_frame *frame = _frame;
555 
556 	frame->datalen_checksum = port100_checksum(le16_to_cpu(frame->datalen));
557 
558 	PORT100_FRAME_CHECKSUM(frame) =
559 		port100_data_checksum(frame->data, le16_to_cpu(frame->datalen));
560 
561 	PORT100_FRAME_POSTAMBLE(frame) = 0;
562 }
563 
port100_tx_update_payload_len(void * _frame,int len)564 static void port100_tx_update_payload_len(void *_frame, int len)
565 {
566 	struct port100_frame *frame = _frame;
567 
568 	le16_add_cpu(&frame->datalen, len);
569 }
570 
port100_rx_frame_is_valid(const void * _frame)571 static bool port100_rx_frame_is_valid(const void *_frame)
572 {
573 	u8 checksum;
574 	const struct port100_frame *frame = _frame;
575 
576 	if (frame->start_frame != cpu_to_be16(PORT100_FRAME_SOF) ||
577 	    frame->extended_frame != cpu_to_be16(PORT100_FRAME_EXT))
578 		return false;
579 
580 	checksum = port100_checksum(le16_to_cpu(frame->datalen));
581 	if (checksum != frame->datalen_checksum)
582 		return false;
583 
584 	checksum = port100_data_checksum(frame->data,
585 					 le16_to_cpu(frame->datalen));
586 	if (checksum != PORT100_FRAME_CHECKSUM(frame))
587 		return false;
588 
589 	return true;
590 }
591 
port100_rx_frame_is_ack(const struct port100_ack_frame * frame)592 static bool port100_rx_frame_is_ack(const struct port100_ack_frame *frame)
593 {
594 	return (frame->start_frame == cpu_to_be16(PORT100_FRAME_SOF) &&
595 		frame->ack_frame == cpu_to_be16(PORT100_FRAME_ACK));
596 }
597 
port100_rx_frame_size(const void * frame)598 static inline int port100_rx_frame_size(const void *frame)
599 {
600 	const struct port100_frame *f = frame;
601 
602 	return sizeof(struct port100_frame) + le16_to_cpu(f->datalen) +
603 	       PORT100_FRAME_TAIL_LEN;
604 }
605 
port100_rx_frame_is_cmd_response(const struct port100 * dev,const void * frame)606 static bool port100_rx_frame_is_cmd_response(const struct port100 *dev,
607 					     const void *frame)
608 {
609 	const struct port100_frame *f = frame;
610 
611 	return (PORT100_FRAME_CMD(f) == PORT100_CMD_RESPONSE(dev->cmd->code));
612 }
613 
port100_recv_response(struct urb * urb)614 static void port100_recv_response(struct urb *urb)
615 {
616 	struct port100 *dev = urb->context;
617 	struct port100_cmd *cmd = dev->cmd;
618 	u8 *in_frame;
619 
620 	cmd->status = urb->status;
621 
622 	switch (urb->status) {
623 	case 0:
624 		break; /* success */
625 	case -ECONNRESET:
626 	case -ENOENT:
627 		nfc_dbg(&dev->interface->dev,
628 			"The urb has been canceled (status %d)\n", urb->status);
629 		goto sched_wq;
630 	case -ESHUTDOWN:
631 	default:
632 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
633 			urb->status);
634 		goto sched_wq;
635 	}
636 
637 	in_frame = dev->in_urb->transfer_buffer;
638 
639 	if (!port100_rx_frame_is_valid(in_frame)) {
640 		nfc_err(&dev->interface->dev, "Received an invalid frame\n");
641 		cmd->status = -EIO;
642 		goto sched_wq;
643 	}
644 
645 	print_hex_dump_debug("PORT100 RX: ", DUMP_PREFIX_NONE, 16, 1, in_frame,
646 			     port100_rx_frame_size(in_frame), false);
647 
648 	if (!port100_rx_frame_is_cmd_response(dev, in_frame)) {
649 		nfc_err(&dev->interface->dev,
650 			"It's not the response to the last command\n");
651 		cmd->status = -EIO;
652 		goto sched_wq;
653 	}
654 
655 sched_wq:
656 	schedule_work(&dev->cmd_complete_work);
657 }
658 
port100_submit_urb_for_response(const struct port100 * dev,gfp_t flags)659 static int port100_submit_urb_for_response(const struct port100 *dev,
660 					   gfp_t flags)
661 {
662 	dev->in_urb->complete = port100_recv_response;
663 
664 	return usb_submit_urb(dev->in_urb, flags);
665 }
666 
port100_recv_ack(struct urb * urb)667 static void port100_recv_ack(struct urb *urb)
668 {
669 	struct port100 *dev = urb->context;
670 	struct port100_cmd *cmd = dev->cmd;
671 	const struct port100_ack_frame *in_frame;
672 	int rc;
673 
674 	cmd->status = urb->status;
675 
676 	switch (urb->status) {
677 	case 0:
678 		break; /* success */
679 	case -ECONNRESET:
680 	case -ENOENT:
681 		nfc_dbg(&dev->interface->dev,
682 			"The urb has been stopped (status %d)\n", urb->status);
683 		goto sched_wq;
684 	case -ESHUTDOWN:
685 	default:
686 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
687 			urb->status);
688 		goto sched_wq;
689 	}
690 
691 	in_frame = dev->in_urb->transfer_buffer;
692 
693 	if (!port100_rx_frame_is_ack(in_frame)) {
694 		nfc_err(&dev->interface->dev, "Received an invalid ack\n");
695 		cmd->status = -EIO;
696 		goto sched_wq;
697 	}
698 
699 	rc = port100_submit_urb_for_response(dev, GFP_ATOMIC);
700 	if (rc) {
701 		nfc_err(&dev->interface->dev,
702 			"usb_submit_urb failed with result %d\n", rc);
703 		cmd->status = rc;
704 		goto sched_wq;
705 	}
706 
707 	return;
708 
709 sched_wq:
710 	schedule_work(&dev->cmd_complete_work);
711 }
712 
port100_submit_urb_for_ack(const struct port100 * dev,gfp_t flags)713 static int port100_submit_urb_for_ack(const struct port100 *dev, gfp_t flags)
714 {
715 	dev->in_urb->complete = port100_recv_ack;
716 
717 	return usb_submit_urb(dev->in_urb, flags);
718 }
719 
port100_send_ack(struct port100 * dev)720 static int port100_send_ack(struct port100 *dev)
721 {
722 	int rc = 0;
723 
724 	mutex_lock(&dev->out_urb_lock);
725 
726 	/*
727 	 * If prior cancel is in-flight (dev->cmd_cancel == true), we
728 	 * can skip to send cancel. Then this will wait the prior
729 	 * cancel, or merged into the next cancel rarely if next
730 	 * cancel was started before waiting done. In any case, this
731 	 * will be waked up soon or later.
732 	 */
733 	if (!dev->cmd_cancel) {
734 		reinit_completion(&dev->cmd_cancel_done);
735 
736 		usb_kill_urb(dev->out_urb);
737 
738 		dev->out_urb->transfer_buffer = ack_frame;
739 		dev->out_urb->transfer_buffer_length = sizeof(ack_frame);
740 		rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
741 
742 		/*
743 		 * Set the cmd_cancel flag only if the URB has been
744 		 * successfully submitted. It will be reset by the out
745 		 * URB completion callback port100_send_complete().
746 		 */
747 		dev->cmd_cancel = !rc;
748 	}
749 
750 	mutex_unlock(&dev->out_urb_lock);
751 
752 	if (!rc)
753 		wait_for_completion(&dev->cmd_cancel_done);
754 
755 	return rc;
756 }
757 
port100_send_frame_async(struct port100 * dev,const struct sk_buff * out,const struct sk_buff * in,int in_len)758 static int port100_send_frame_async(struct port100 *dev,
759 				    const struct sk_buff *out,
760 				    const struct sk_buff *in, int in_len)
761 {
762 	int rc;
763 
764 	mutex_lock(&dev->out_urb_lock);
765 
766 	/* A command cancel frame as been sent through dev->out_urb. Don't try
767 	 * to submit a new one.
768 	 */
769 	if (dev->cmd_cancel) {
770 		rc = -EAGAIN;
771 		goto exit;
772 	}
773 
774 	dev->out_urb->transfer_buffer = out->data;
775 	dev->out_urb->transfer_buffer_length = out->len;
776 
777 	dev->in_urb->transfer_buffer = in->data;
778 	dev->in_urb->transfer_buffer_length = in_len;
779 
780 	print_hex_dump_debug("PORT100 TX: ", DUMP_PREFIX_NONE, 16, 1,
781 			     out->data, out->len, false);
782 
783 	rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
784 	if (rc)
785 		goto exit;
786 
787 	rc = port100_submit_urb_for_ack(dev, GFP_KERNEL);
788 	if (rc)
789 		usb_kill_urb(dev->out_urb);
790 
791 exit:
792 	mutex_unlock(&dev->out_urb_lock);
793 
794 	return rc;
795 }
796 
port100_build_cmd_frame(struct port100 * dev,u8 cmd_code,struct sk_buff * skb)797 static void port100_build_cmd_frame(struct port100 *dev, u8 cmd_code,
798 				    struct sk_buff *skb)
799 {
800 	/* payload is already there, just update datalen */
801 	int payload_len = skb->len;
802 
803 	skb_push(skb, PORT100_FRAME_HEADER_LEN);
804 	skb_put(skb, PORT100_FRAME_TAIL_LEN);
805 
806 	port100_tx_frame_init(skb->data, cmd_code);
807 	port100_tx_update_payload_len(skb->data, payload_len);
808 	port100_tx_frame_finish(skb->data);
809 }
810 
port100_send_async_complete(struct port100 * dev)811 static void port100_send_async_complete(struct port100 *dev)
812 {
813 	struct port100_cmd *cmd = dev->cmd;
814 	int status = cmd->status;
815 
816 	struct sk_buff *req = cmd->req;
817 	struct sk_buff *resp = cmd->resp;
818 
819 	dev_kfree_skb(req);
820 
821 	dev->cmd = NULL;
822 
823 	if (status < 0) {
824 		cmd->complete_cb(dev, cmd->complete_cb_context,
825 				 ERR_PTR(status));
826 		dev_kfree_skb(resp);
827 		goto done;
828 	}
829 
830 	skb_put(resp, port100_rx_frame_size(resp->data));
831 	skb_pull(resp, PORT100_FRAME_HEADER_LEN);
832 	skb_trim(resp, resp->len - PORT100_FRAME_TAIL_LEN);
833 
834 	cmd->complete_cb(dev, cmd->complete_cb_context, resp);
835 
836 done:
837 	kfree(cmd);
838 }
839 
port100_send_cmd_async(struct port100 * dev,u8 cmd_code,struct sk_buff * req,port100_send_async_complete_t complete_cb,void * complete_cb_context)840 static int port100_send_cmd_async(struct port100 *dev, u8 cmd_code,
841 				struct sk_buff *req,
842 				port100_send_async_complete_t complete_cb,
843 				void *complete_cb_context)
844 {
845 	struct port100_cmd *cmd;
846 	struct sk_buff *resp;
847 	int rc;
848 	int  resp_len = PORT100_FRAME_HEADER_LEN +
849 			PORT100_FRAME_MAX_PAYLOAD_LEN +
850 			PORT100_FRAME_TAIL_LEN;
851 
852 	if (dev->cmd) {
853 		nfc_err(&dev->interface->dev,
854 			"A command is still in process\n");
855 		return -EBUSY;
856 	}
857 
858 	resp = alloc_skb(resp_len, GFP_KERNEL);
859 	if (!resp)
860 		return -ENOMEM;
861 
862 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
863 	if (!cmd) {
864 		dev_kfree_skb(resp);
865 		return -ENOMEM;
866 	}
867 
868 	cmd->code = cmd_code;
869 	cmd->req = req;
870 	cmd->resp = resp;
871 	cmd->resp_len = resp_len;
872 	cmd->complete_cb = complete_cb;
873 	cmd->complete_cb_context = complete_cb_context;
874 
875 	port100_build_cmd_frame(dev, cmd_code, req);
876 
877 	dev->cmd = cmd;
878 
879 	rc = port100_send_frame_async(dev, req, resp, resp_len);
880 	if (rc) {
881 		kfree(cmd);
882 		dev_kfree_skb(resp);
883 		dev->cmd = NULL;
884 	}
885 
886 	return rc;
887 }
888 
889 struct port100_sync_cmd_response {
890 	struct sk_buff *resp;
891 	struct completion done;
892 };
893 
port100_wq_cmd_complete(struct work_struct * work)894 static void port100_wq_cmd_complete(struct work_struct *work)
895 {
896 	struct port100 *dev = container_of(work, struct port100,
897 					   cmd_complete_work);
898 
899 	port100_send_async_complete(dev);
900 }
901 
port100_send_sync_complete(struct port100 * dev,void * _arg,struct sk_buff * resp)902 static void port100_send_sync_complete(struct port100 *dev, void *_arg,
903 				      struct sk_buff *resp)
904 {
905 	struct port100_sync_cmd_response *arg = _arg;
906 
907 	arg->resp = resp;
908 	complete(&arg->done);
909 }
910 
port100_send_cmd_sync(struct port100 * dev,u8 cmd_code,struct sk_buff * req)911 static struct sk_buff *port100_send_cmd_sync(struct port100 *dev, u8 cmd_code,
912 					     struct sk_buff *req)
913 {
914 	int rc;
915 	struct port100_sync_cmd_response arg;
916 
917 	init_completion(&arg.done);
918 
919 	rc = port100_send_cmd_async(dev, cmd_code, req,
920 				    port100_send_sync_complete, &arg);
921 	if (rc) {
922 		dev_kfree_skb(req);
923 		return ERR_PTR(rc);
924 	}
925 
926 	wait_for_completion(&arg.done);
927 
928 	return arg.resp;
929 }
930 
port100_send_complete(struct urb * urb)931 static void port100_send_complete(struct urb *urb)
932 {
933 	struct port100 *dev = urb->context;
934 
935 	if (dev->cmd_cancel) {
936 		complete_all(&dev->cmd_cancel_done);
937 		dev->cmd_cancel = false;
938 	}
939 
940 	switch (urb->status) {
941 	case 0:
942 		break; /* success */
943 	case -ECONNRESET:
944 	case -ENOENT:
945 		nfc_dbg(&dev->interface->dev,
946 			"The urb has been stopped (status %d)\n", urb->status);
947 		break;
948 	case -ESHUTDOWN:
949 	default:
950 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
951 			urb->status);
952 	}
953 }
954 
port100_abort_cmd(struct nfc_digital_dev * ddev)955 static void port100_abort_cmd(struct nfc_digital_dev *ddev)
956 {
957 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
958 
959 	/* An ack will cancel the last issued command */
960 	port100_send_ack(dev);
961 
962 	/* cancel the urb request */
963 	usb_kill_urb(dev->in_urb);
964 }
965 
port100_alloc_skb(const struct port100 * dev,unsigned int size)966 static struct sk_buff *port100_alloc_skb(const struct port100 *dev, unsigned int size)
967 {
968 	struct sk_buff *skb;
969 
970 	skb = alloc_skb(dev->skb_headroom + dev->skb_tailroom + size,
971 			GFP_KERNEL);
972 	if (skb)
973 		skb_reserve(skb, dev->skb_headroom);
974 
975 	return skb;
976 }
977 
port100_set_command_type(struct port100 * dev,u8 command_type)978 static int port100_set_command_type(struct port100 *dev, u8 command_type)
979 {
980 	struct sk_buff *skb;
981 	struct sk_buff *resp;
982 	int rc;
983 
984 	skb = port100_alloc_skb(dev, 1);
985 	if (!skb)
986 		return -ENOMEM;
987 
988 	skb_put_u8(skb, command_type);
989 
990 	resp = port100_send_cmd_sync(dev, PORT100_CMD_SET_COMMAND_TYPE, skb);
991 	if (IS_ERR(resp))
992 		return PTR_ERR(resp);
993 
994 	rc = resp->data[0];
995 
996 	dev_kfree_skb(resp);
997 
998 	return rc;
999 }
1000 
port100_get_command_type_mask(struct port100 * dev)1001 static u64 port100_get_command_type_mask(struct port100 *dev)
1002 {
1003 	struct sk_buff *skb;
1004 	struct sk_buff *resp;
1005 	u64 mask;
1006 
1007 	skb = port100_alloc_skb(dev, 0);
1008 	if (!skb)
1009 		return 0;
1010 
1011 	resp = port100_send_cmd_sync(dev, PORT100_CMD_GET_COMMAND_TYPE, skb);
1012 	if (IS_ERR(resp))
1013 		return 0;
1014 
1015 	if (resp->len < 8)
1016 		mask = 0;
1017 	else
1018 		mask = be64_to_cpu(*(__be64 *)resp->data);
1019 
1020 	dev_kfree_skb(resp);
1021 
1022 	return mask;
1023 }
1024 
port100_get_firmware_version(struct port100 * dev)1025 static u16 port100_get_firmware_version(struct port100 *dev)
1026 {
1027 	struct sk_buff *skb;
1028 	struct sk_buff *resp;
1029 	u16 fw_ver;
1030 
1031 	skb = port100_alloc_skb(dev, 0);
1032 	if (!skb)
1033 		return 0;
1034 
1035 	resp = port100_send_cmd_sync(dev, PORT100_CMD_GET_FIRMWARE_VERSION,
1036 				     skb);
1037 	if (IS_ERR(resp))
1038 		return 0;
1039 
1040 	fw_ver = le16_to_cpu(*(__le16 *)resp->data);
1041 
1042 	dev_kfree_skb(resp);
1043 
1044 	return fw_ver;
1045 }
1046 
port100_switch_rf(struct nfc_digital_dev * ddev,bool on)1047 static int port100_switch_rf(struct nfc_digital_dev *ddev, bool on)
1048 {
1049 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1050 	struct sk_buff *skb, *resp;
1051 
1052 	skb = port100_alloc_skb(dev, 1);
1053 	if (!skb)
1054 		return -ENOMEM;
1055 
1056 	skb_put_u8(skb, on ? 1 : 0);
1057 
1058 	/* Cancel the last command if the device is being switched off */
1059 	if (!on)
1060 		port100_abort_cmd(ddev);
1061 
1062 	resp = port100_send_cmd_sync(dev, PORT100_CMD_SWITCH_RF, skb);
1063 
1064 	if (IS_ERR(resp))
1065 		return PTR_ERR(resp);
1066 
1067 	dev_kfree_skb(resp);
1068 
1069 	return 0;
1070 }
1071 
port100_in_set_rf(struct nfc_digital_dev * ddev,u8 rf)1072 static int port100_in_set_rf(struct nfc_digital_dev *ddev, u8 rf)
1073 {
1074 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1075 	struct sk_buff *skb;
1076 	struct sk_buff *resp;
1077 	int rc;
1078 
1079 	if (rf >= NFC_DIGITAL_RF_TECH_LAST)
1080 		return -EINVAL;
1081 
1082 	skb = port100_alloc_skb(dev, sizeof(struct port100_in_rf_setting));
1083 	if (!skb)
1084 		return -ENOMEM;
1085 
1086 	skb_put_data(skb, &in_rf_settings[rf],
1087 		     sizeof(struct port100_in_rf_setting));
1088 
1089 	resp = port100_send_cmd_sync(dev, PORT100_CMD_IN_SET_RF, skb);
1090 
1091 	if (IS_ERR(resp))
1092 		return PTR_ERR(resp);
1093 
1094 	rc = resp->data[0];
1095 
1096 	dev_kfree_skb(resp);
1097 
1098 	return rc;
1099 }
1100 
port100_in_set_framing(struct nfc_digital_dev * ddev,int param)1101 static int port100_in_set_framing(struct nfc_digital_dev *ddev, int param)
1102 {
1103 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1104 	const struct port100_protocol *protocols;
1105 	struct sk_buff *skb;
1106 	struct sk_buff *resp;
1107 	int num_protocols;
1108 	size_t size;
1109 	int rc;
1110 
1111 	if (param >= NFC_DIGITAL_FRAMING_LAST)
1112 		return -EINVAL;
1113 
1114 	protocols = in_protocols[param];
1115 
1116 	num_protocols = 0;
1117 	while (protocols[num_protocols].number != PORT100_IN_PROT_END)
1118 		num_protocols++;
1119 
1120 	if (!num_protocols)
1121 		return 0;
1122 
1123 	size = sizeof(struct port100_protocol) * num_protocols;
1124 
1125 	skb = port100_alloc_skb(dev, size);
1126 	if (!skb)
1127 		return -ENOMEM;
1128 
1129 	skb_put_data(skb, protocols, size);
1130 
1131 	resp = port100_send_cmd_sync(dev, PORT100_CMD_IN_SET_PROTOCOL, skb);
1132 
1133 	if (IS_ERR(resp))
1134 		return PTR_ERR(resp);
1135 
1136 	rc = resp->data[0];
1137 
1138 	dev_kfree_skb(resp);
1139 
1140 	return rc;
1141 }
1142 
port100_in_configure_hw(struct nfc_digital_dev * ddev,int type,int param)1143 static int port100_in_configure_hw(struct nfc_digital_dev *ddev, int type,
1144 				   int param)
1145 {
1146 	if (type == NFC_DIGITAL_CONFIG_RF_TECH)
1147 		return port100_in_set_rf(ddev, param);
1148 
1149 	if (type == NFC_DIGITAL_CONFIG_FRAMING)
1150 		return port100_in_set_framing(ddev, param);
1151 
1152 	return -EINVAL;
1153 }
1154 
port100_in_comm_rf_complete(struct port100 * dev,void * arg,struct sk_buff * resp)1155 static void port100_in_comm_rf_complete(struct port100 *dev, void *arg,
1156 				       struct sk_buff *resp)
1157 {
1158 	const struct port100_cb_arg *cb_arg = arg;
1159 	nfc_digital_cmd_complete_t cb = cb_arg->complete_cb;
1160 	u32 status;
1161 	int rc;
1162 
1163 	if (IS_ERR(resp)) {
1164 		rc =  PTR_ERR(resp);
1165 		goto exit;
1166 	}
1167 
1168 	if (resp->len < 4) {
1169 		nfc_err(&dev->interface->dev,
1170 			"Invalid packet length received\n");
1171 		rc = -EIO;
1172 		goto error;
1173 	}
1174 
1175 	status = le32_to_cpu(*(__le32 *)resp->data);
1176 
1177 	skb_pull(resp, sizeof(u32));
1178 
1179 	if (status == PORT100_CMD_STATUS_TIMEOUT) {
1180 		rc = -ETIMEDOUT;
1181 		goto error;
1182 	}
1183 
1184 	if (status != PORT100_CMD_STATUS_OK) {
1185 		nfc_err(&dev->interface->dev,
1186 			"in_comm_rf failed with status 0x%08x\n", status);
1187 		rc = -EIO;
1188 		goto error;
1189 	}
1190 
1191 	/* Remove collision bits byte */
1192 	skb_pull(resp, 1);
1193 
1194 	goto exit;
1195 
1196 error:
1197 	kfree_skb(resp);
1198 	resp = ERR_PTR(rc);
1199 
1200 exit:
1201 	cb(dev->nfc_digital_dev, cb_arg->complete_arg, resp);
1202 
1203 	kfree(cb_arg);
1204 }
1205 
port100_in_send_cmd(struct nfc_digital_dev * ddev,struct sk_buff * skb,u16 _timeout,nfc_digital_cmd_complete_t cb,void * arg)1206 static int port100_in_send_cmd(struct nfc_digital_dev *ddev,
1207 			       struct sk_buff *skb, u16 _timeout,
1208 			       nfc_digital_cmd_complete_t cb, void *arg)
1209 {
1210 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1211 	struct port100_cb_arg *cb_arg;
1212 	__le16 timeout;
1213 
1214 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1215 	if (!cb_arg)
1216 		return -ENOMEM;
1217 
1218 	cb_arg->complete_cb = cb;
1219 	cb_arg->complete_arg = arg;
1220 
1221 	timeout = cpu_to_le16(_timeout * 10);
1222 
1223 	memcpy(skb_push(skb, sizeof(__le16)), &timeout, sizeof(__le16));
1224 
1225 	return port100_send_cmd_async(dev, PORT100_CMD_IN_COMM_RF, skb,
1226 				      port100_in_comm_rf_complete, cb_arg);
1227 }
1228 
port100_tg_set_rf(struct nfc_digital_dev * ddev,u8 rf)1229 static int port100_tg_set_rf(struct nfc_digital_dev *ddev, u8 rf)
1230 {
1231 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1232 	struct sk_buff *skb;
1233 	struct sk_buff *resp;
1234 	int rc;
1235 
1236 	if (rf >= NFC_DIGITAL_RF_TECH_LAST)
1237 		return -EINVAL;
1238 
1239 	skb = port100_alloc_skb(dev, sizeof(struct port100_tg_rf_setting));
1240 	if (!skb)
1241 		return -ENOMEM;
1242 
1243 	skb_put_data(skb, &tg_rf_settings[rf],
1244 		     sizeof(struct port100_tg_rf_setting));
1245 
1246 	resp = port100_send_cmd_sync(dev, PORT100_CMD_TG_SET_RF, skb);
1247 
1248 	if (IS_ERR(resp))
1249 		return PTR_ERR(resp);
1250 
1251 	rc = resp->data[0];
1252 
1253 	dev_kfree_skb(resp);
1254 
1255 	return rc;
1256 }
1257 
port100_tg_set_framing(struct nfc_digital_dev * ddev,int param)1258 static int port100_tg_set_framing(struct nfc_digital_dev *ddev, int param)
1259 {
1260 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1261 	const struct port100_protocol *protocols;
1262 	struct sk_buff *skb;
1263 	struct sk_buff *resp;
1264 	int rc;
1265 	int num_protocols;
1266 	size_t size;
1267 
1268 	if (param >= NFC_DIGITAL_FRAMING_LAST)
1269 		return -EINVAL;
1270 
1271 	protocols = tg_protocols[param];
1272 
1273 	num_protocols = 0;
1274 	while (protocols[num_protocols].number != PORT100_TG_PROT_END)
1275 		num_protocols++;
1276 
1277 	if (!num_protocols)
1278 		return 0;
1279 
1280 	size = sizeof(struct port100_protocol) * num_protocols;
1281 
1282 	skb = port100_alloc_skb(dev, size);
1283 	if (!skb)
1284 		return -ENOMEM;
1285 
1286 	skb_put_data(skb, protocols, size);
1287 
1288 	resp = port100_send_cmd_sync(dev, PORT100_CMD_TG_SET_PROTOCOL, skb);
1289 
1290 	if (IS_ERR(resp))
1291 		return PTR_ERR(resp);
1292 
1293 	rc = resp->data[0];
1294 
1295 	dev_kfree_skb(resp);
1296 
1297 	return rc;
1298 }
1299 
port100_tg_configure_hw(struct nfc_digital_dev * ddev,int type,int param)1300 static int port100_tg_configure_hw(struct nfc_digital_dev *ddev, int type,
1301 				   int param)
1302 {
1303 	if (type == NFC_DIGITAL_CONFIG_RF_TECH)
1304 		return port100_tg_set_rf(ddev, param);
1305 
1306 	if (type == NFC_DIGITAL_CONFIG_FRAMING)
1307 		return port100_tg_set_framing(ddev, param);
1308 
1309 	return -EINVAL;
1310 }
1311 
port100_tg_target_activated(struct port100 * dev,u8 tgt_activated)1312 static bool port100_tg_target_activated(struct port100 *dev, u8 tgt_activated)
1313 {
1314 	u8 mask;
1315 
1316 	switch (dev->cmd_type) {
1317 	case PORT100_CMD_TYPE_0:
1318 		mask = PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK;
1319 		break;
1320 	case PORT100_CMD_TYPE_1:
1321 		mask = PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK |
1322 		       PORT100_MDAA_TGT_WAS_ACTIVATED_MASK;
1323 		break;
1324 	default:
1325 		nfc_err(&dev->interface->dev, "Unknown command type\n");
1326 		return false;
1327 	}
1328 
1329 	return ((tgt_activated & mask) == mask);
1330 }
1331 
port100_tg_comm_rf_complete(struct port100 * dev,void * arg,struct sk_buff * resp)1332 static void port100_tg_comm_rf_complete(struct port100 *dev, void *arg,
1333 					struct sk_buff *resp)
1334 {
1335 	u32 status;
1336 	const struct port100_cb_arg *cb_arg = arg;
1337 	nfc_digital_cmd_complete_t cb = cb_arg->complete_cb;
1338 	struct port100_tg_comm_rf_res *hdr;
1339 
1340 	if (IS_ERR(resp))
1341 		goto exit;
1342 
1343 	hdr = (struct port100_tg_comm_rf_res *)resp->data;
1344 
1345 	status = le32_to_cpu(hdr->status);
1346 
1347 	if (cb_arg->mdaa &&
1348 	    !port100_tg_target_activated(dev, hdr->target_activated)) {
1349 		kfree_skb(resp);
1350 		resp = ERR_PTR(-ETIMEDOUT);
1351 
1352 		goto exit;
1353 	}
1354 
1355 	skb_pull(resp, sizeof(struct port100_tg_comm_rf_res));
1356 
1357 	if (status != PORT100_CMD_STATUS_OK) {
1358 		kfree_skb(resp);
1359 
1360 		if (status == PORT100_CMD_STATUS_TIMEOUT)
1361 			resp = ERR_PTR(-ETIMEDOUT);
1362 		else
1363 			resp = ERR_PTR(-EIO);
1364 	}
1365 
1366 exit:
1367 	cb(dev->nfc_digital_dev, cb_arg->complete_arg, resp);
1368 
1369 	kfree(cb_arg);
1370 }
1371 
port100_tg_send_cmd(struct nfc_digital_dev * ddev,struct sk_buff * skb,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1372 static int port100_tg_send_cmd(struct nfc_digital_dev *ddev,
1373 			       struct sk_buff *skb, u16 timeout,
1374 			       nfc_digital_cmd_complete_t cb, void *arg)
1375 {
1376 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1377 	struct port100_tg_comm_rf_cmd *hdr;
1378 	struct port100_cb_arg *cb_arg;
1379 
1380 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1381 	if (!cb_arg)
1382 		return -ENOMEM;
1383 
1384 	cb_arg->complete_cb = cb;
1385 	cb_arg->complete_arg = arg;
1386 
1387 	skb_push(skb, sizeof(struct port100_tg_comm_rf_cmd));
1388 
1389 	hdr = (struct port100_tg_comm_rf_cmd *)skb->data;
1390 
1391 	memset(hdr, 0, sizeof(struct port100_tg_comm_rf_cmd));
1392 	hdr->guard_time = cpu_to_le16(500);
1393 	hdr->send_timeout = cpu_to_le16(0xFFFF);
1394 	hdr->recv_timeout = cpu_to_le16(timeout);
1395 
1396 	return port100_send_cmd_async(dev, PORT100_CMD_TG_COMM_RF, skb,
1397 				      port100_tg_comm_rf_complete, cb_arg);
1398 }
1399 
port100_listen_mdaa(struct nfc_digital_dev * ddev,struct digital_tg_mdaa_params * params,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1400 static int port100_listen_mdaa(struct nfc_digital_dev *ddev,
1401 			       struct digital_tg_mdaa_params *params,
1402 			       u16 timeout,
1403 			       nfc_digital_cmd_complete_t cb, void *arg)
1404 {
1405 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1406 	struct port100_tg_comm_rf_cmd *hdr;
1407 	struct port100_cb_arg *cb_arg;
1408 	struct sk_buff *skb;
1409 	int rc;
1410 
1411 	rc = port100_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
1412 				     NFC_DIGITAL_RF_TECH_106A);
1413 	if (rc)
1414 		return rc;
1415 
1416 	rc = port100_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1417 				     NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
1418 	if (rc)
1419 		return rc;
1420 
1421 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1422 	if (!cb_arg)
1423 		return -ENOMEM;
1424 
1425 	cb_arg->complete_cb = cb;
1426 	cb_arg->complete_arg = arg;
1427 	cb_arg->mdaa = 1;
1428 
1429 	skb = port100_alloc_skb(dev, 0);
1430 	if (!skb) {
1431 		kfree(cb_arg);
1432 		return -ENOMEM;
1433 	}
1434 
1435 	skb_push(skb, sizeof(struct port100_tg_comm_rf_cmd));
1436 	hdr = (struct port100_tg_comm_rf_cmd *)skb->data;
1437 
1438 	memset(hdr, 0, sizeof(struct port100_tg_comm_rf_cmd));
1439 
1440 	hdr->guard_time = 0;
1441 	hdr->send_timeout = cpu_to_le16(0xFFFF);
1442 	hdr->mdaa = 1;
1443 	hdr->nfca_param[0] = (params->sens_res >> 8) & 0xFF;
1444 	hdr->nfca_param[1] = params->sens_res & 0xFF;
1445 	memcpy(hdr->nfca_param + 2, params->nfcid1, 3);
1446 	hdr->nfca_param[5] = params->sel_res;
1447 	memcpy(hdr->nfcf_param, params->nfcid2, 8);
1448 	hdr->nfcf_param[16] = (params->sc >> 8) & 0xFF;
1449 	hdr->nfcf_param[17] = params->sc & 0xFF;
1450 	hdr->recv_timeout = cpu_to_le16(timeout);
1451 
1452 	return port100_send_cmd_async(dev, PORT100_CMD_TG_COMM_RF, skb,
1453 				      port100_tg_comm_rf_complete, cb_arg);
1454 }
1455 
port100_listen(struct nfc_digital_dev * ddev,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1456 static int port100_listen(struct nfc_digital_dev *ddev, u16 timeout,
1457 			  nfc_digital_cmd_complete_t cb, void *arg)
1458 {
1459 	const struct port100 *dev = nfc_digital_get_drvdata(ddev);
1460 	struct sk_buff *skb;
1461 
1462 	skb = port100_alloc_skb(dev, 0);
1463 	if (!skb)
1464 		return -ENOMEM;
1465 
1466 	return port100_tg_send_cmd(ddev, skb, timeout, cb, arg);
1467 }
1468 
1469 static const struct nfc_digital_ops port100_digital_ops = {
1470 	.in_configure_hw = port100_in_configure_hw,
1471 	.in_send_cmd = port100_in_send_cmd,
1472 
1473 	.tg_listen_mdaa = port100_listen_mdaa,
1474 	.tg_listen = port100_listen,
1475 	.tg_configure_hw = port100_tg_configure_hw,
1476 	.tg_send_cmd = port100_tg_send_cmd,
1477 
1478 	.switch_rf = port100_switch_rf,
1479 	.abort_cmd = port100_abort_cmd,
1480 };
1481 
1482 static const struct usb_device_id port100_table[] = {
1483 	{ USB_DEVICE(SONY_VENDOR_ID, RCS380S_PRODUCT_ID), },
1484 	{ USB_DEVICE(SONY_VENDOR_ID, RCS380P_PRODUCT_ID), },
1485 	{ }
1486 };
1487 MODULE_DEVICE_TABLE(usb, port100_table);
1488 
port100_probe(struct usb_interface * interface,const struct usb_device_id * id)1489 static int port100_probe(struct usb_interface *interface,
1490 			 const struct usb_device_id *id)
1491 {
1492 	struct port100 *dev;
1493 	int rc;
1494 	struct usb_host_interface *iface_desc;
1495 	struct usb_endpoint_descriptor *endpoint;
1496 	int in_endpoint;
1497 	int out_endpoint;
1498 	u16 fw_version;
1499 	u64 cmd_type_mask;
1500 	int i;
1501 
1502 	dev = devm_kzalloc(&interface->dev, sizeof(struct port100), GFP_KERNEL);
1503 	if (!dev)
1504 		return -ENOMEM;
1505 
1506 	mutex_init(&dev->out_urb_lock);
1507 	dev->udev = usb_get_dev(interface_to_usbdev(interface));
1508 	dev->interface = interface;
1509 	usb_set_intfdata(interface, dev);
1510 
1511 	in_endpoint = out_endpoint = 0;
1512 	iface_desc = interface->cur_altsetting;
1513 	for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
1514 		endpoint = &iface_desc->endpoint[i].desc;
1515 
1516 		if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint))
1517 			in_endpoint = endpoint->bEndpointAddress;
1518 
1519 		if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint))
1520 			out_endpoint = endpoint->bEndpointAddress;
1521 	}
1522 
1523 	if (!in_endpoint || !out_endpoint) {
1524 		nfc_err(&interface->dev,
1525 			"Could not find bulk-in or bulk-out endpoint\n");
1526 		rc = -ENODEV;
1527 		goto error;
1528 	}
1529 
1530 	dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
1531 	dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
1532 
1533 	if (!dev->in_urb || !dev->out_urb) {
1534 		nfc_err(&interface->dev, "Could not allocate USB URBs\n");
1535 		rc = -ENOMEM;
1536 		goto error;
1537 	}
1538 
1539 	usb_fill_bulk_urb(dev->in_urb, dev->udev,
1540 			  usb_rcvbulkpipe(dev->udev, in_endpoint),
1541 			  NULL, 0, NULL, dev);
1542 	usb_fill_bulk_urb(dev->out_urb, dev->udev,
1543 			  usb_sndbulkpipe(dev->udev, out_endpoint),
1544 			  NULL, 0, port100_send_complete, dev);
1545 	dev->out_urb->transfer_flags = URB_ZERO_PACKET;
1546 
1547 	dev->skb_headroom = PORT100_FRAME_HEADER_LEN +
1548 			    PORT100_COMM_RF_HEAD_MAX_LEN;
1549 	dev->skb_tailroom = PORT100_FRAME_TAIL_LEN;
1550 
1551 	init_completion(&dev->cmd_cancel_done);
1552 	INIT_WORK(&dev->cmd_complete_work, port100_wq_cmd_complete);
1553 
1554 	/* The first thing to do with the Port-100 is to set the command type
1555 	 * to be used. If supported we use command type 1. 0 otherwise.
1556 	 */
1557 	cmd_type_mask = port100_get_command_type_mask(dev);
1558 	if (!cmd_type_mask) {
1559 		nfc_err(&interface->dev,
1560 			"Could not get supported command types\n");
1561 		rc = -ENODEV;
1562 		goto error;
1563 	}
1564 
1565 	if (PORT100_CMD_TYPE_IS_SUPPORTED(cmd_type_mask, PORT100_CMD_TYPE_1))
1566 		dev->cmd_type = PORT100_CMD_TYPE_1;
1567 	else
1568 		dev->cmd_type = PORT100_CMD_TYPE_0;
1569 
1570 	rc = port100_set_command_type(dev, dev->cmd_type);
1571 	if (rc) {
1572 		nfc_err(&interface->dev,
1573 			"The device does not support command type %u\n",
1574 			dev->cmd_type);
1575 		goto error;
1576 	}
1577 
1578 	fw_version = port100_get_firmware_version(dev);
1579 	if (!fw_version)
1580 		nfc_err(&interface->dev,
1581 			"Could not get device firmware version\n");
1582 
1583 	nfc_info(&interface->dev,
1584 		 "Sony NFC Port-100 Series attached (firmware v%x.%02x)\n",
1585 		 (fw_version & 0xFF00) >> 8, fw_version & 0xFF);
1586 
1587 	dev->nfc_digital_dev = nfc_digital_allocate_device(&port100_digital_ops,
1588 							   PORT100_PROTOCOLS,
1589 							   PORT100_CAPABILITIES,
1590 							   dev->skb_headroom,
1591 							   dev->skb_tailroom);
1592 	if (!dev->nfc_digital_dev) {
1593 		nfc_err(&interface->dev,
1594 			"Could not allocate nfc_digital_dev\n");
1595 		rc = -ENOMEM;
1596 		goto error;
1597 	}
1598 
1599 	nfc_digital_set_parent_dev(dev->nfc_digital_dev, &interface->dev);
1600 	nfc_digital_set_drvdata(dev->nfc_digital_dev, dev);
1601 
1602 	rc = nfc_digital_register_device(dev->nfc_digital_dev);
1603 	if (rc) {
1604 		nfc_err(&interface->dev,
1605 			"Could not register digital device\n");
1606 		goto free_nfc_dev;
1607 	}
1608 
1609 	return 0;
1610 
1611 free_nfc_dev:
1612 	nfc_digital_free_device(dev->nfc_digital_dev);
1613 
1614 error:
1615 	usb_kill_urb(dev->in_urb);
1616 	usb_free_urb(dev->in_urb);
1617 	usb_kill_urb(dev->out_urb);
1618 	usb_free_urb(dev->out_urb);
1619 	usb_put_dev(dev->udev);
1620 
1621 	return rc;
1622 }
1623 
port100_disconnect(struct usb_interface * interface)1624 static void port100_disconnect(struct usb_interface *interface)
1625 {
1626 	struct port100 *dev;
1627 
1628 	dev = usb_get_intfdata(interface);
1629 	usb_set_intfdata(interface, NULL);
1630 
1631 	nfc_digital_unregister_device(dev->nfc_digital_dev);
1632 	nfc_digital_free_device(dev->nfc_digital_dev);
1633 
1634 	usb_kill_urb(dev->in_urb);
1635 	usb_kill_urb(dev->out_urb);
1636 
1637 	usb_free_urb(dev->in_urb);
1638 	usb_free_urb(dev->out_urb);
1639 	usb_put_dev(dev->udev);
1640 
1641 	kfree(dev->cmd);
1642 
1643 	nfc_info(&interface->dev, "Sony Port-100 NFC device disconnected\n");
1644 }
1645 
1646 static struct usb_driver port100_driver = {
1647 	.name =		"port100",
1648 	.probe =	port100_probe,
1649 	.disconnect =	port100_disconnect,
1650 	.id_table =	port100_table,
1651 };
1652 
1653 module_usb_driver(port100_driver);
1654 
1655 MODULE_DESCRIPTION("NFC Port-100 series usb driver ver " VERSION);
1656 MODULE_VERSION(VERSION);
1657 MODULE_LICENSE("GPL");
1658