search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
target: Perform PROTECT sanity checks for WRITE_SAME
[linux/fpc-iii.git] / drivers / nfc / pn533.c
blobd46a700a9637a9152aee5bc5c41b58eacfbe8ec5
1 /*
2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
3 * Copyright (C) 2012-2013 Tieto Poland
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, see <http://www.gnu.org/licenses/>.
17 */
18
19 #include <linux/device.h>
20 #include <linux/kernel.h>
21 #include <linux/module.h>
22 #include <linux/slab.h>
23 #include <linux/usb.h>
24 #include <linux/nfc.h>
25 #include <linux/netdevice.h>
26 #include <net/nfc/nfc.h>
27
28 #define VERSION "0.2"
29
30 #define PN533_VENDOR_ID 0x4CC
31 #define PN533_PRODUCT_ID 0x2533
32
33 #define SCM_VENDOR_ID 0x4E6
34 #define SCL3711_PRODUCT_ID 0x5591
35
36 #define SONY_VENDOR_ID 0x054c
37 #define PASORI_PRODUCT_ID 0x02e1
38
39 #define ACS_VENDOR_ID 0x072f
40 #define ACR122U_PRODUCT_ID 0x2200
41
42 #define PN533_DEVICE_STD 0x1
43 #define PN533_DEVICE_PASORI 0x2
44 #define PN533_DEVICE_ACR122U 0x3
45
46 #define PN533_ALL_PROTOCOLS (NFC_PROTO_JEWEL_MASK | NFC_PROTO_MIFARE_MASK |\
47 NFC_PROTO_FELICA_MASK | NFC_PROTO_ISO14443_MASK |\
48 NFC_PROTO_NFC_DEP_MASK |\
49 NFC_PROTO_ISO14443_B_MASK)
50
51 #define PN533_NO_TYPE_B_PROTOCOLS (NFC_PROTO_JEWEL_MASK | \
52 NFC_PROTO_MIFARE_MASK | \
53 NFC_PROTO_FELICA_MASK | \
54 NFC_PROTO_ISO14443_MASK | \
55 NFC_PROTO_NFC_DEP_MASK)
56
57 static const struct usb_device_id pn533_table[] = {
58 { USB_DEVICE(PN533_VENDOR_ID, PN533_PRODUCT_ID),
59 .driver_info = PN533_DEVICE_STD },
60 { USB_DEVICE(SCM_VENDOR_ID, SCL3711_PRODUCT_ID),
61 .driver_info = PN533_DEVICE_STD },
62 { USB_DEVICE(SONY_VENDOR_ID, PASORI_PRODUCT_ID),
63 .driver_info = PN533_DEVICE_PASORI },
64 { USB_DEVICE(ACS_VENDOR_ID, ACR122U_PRODUCT_ID),
65 .driver_info = PN533_DEVICE_ACR122U },
66 { }
67 };
68 MODULE_DEVICE_TABLE(usb, pn533_table);
69
70 /* How much time we spend listening for initiators */
71 #define PN533_LISTEN_TIME 2
72 /* Delay between each poll frame (ms) */
73 #define PN533_POLL_INTERVAL 10
74
75 /* Standard pn533 frame definitions (standard and extended)*/
76 #define PN533_STD_FRAME_HEADER_LEN (sizeof(struct pn533_std_frame) \
77 + 2) /* data[0] TFI, data[1] CC */
78 #define PN533_STD_FRAME_TAIL_LEN 2 /* data[len] DCS, data[len + 1] postamble*/
79
80 #define PN533_EXT_FRAME_HEADER_LEN (sizeof(struct pn533_ext_frame) \
81 + 2) /* data[0] TFI, data[1] CC */
82
83 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
84 #define PN533_CMD_DATAFRAME_MAXLEN 240 /* max data length (send) */
85
86 /*
87 * Max extended frame payload len, excluding TFI and CC
88 * which are already in PN533_FRAME_HEADER_LEN.
89 */
90 #define PN533_STD_FRAME_MAX_PAYLOAD_LEN 263
91
92 #define PN533_STD_FRAME_ACK_SIZE 6 /* Preamble (1), SoPC (2), ACK Code (2),
93 Postamble (1) */
94 #define PN533_STD_FRAME_CHECKSUM(f) (f->data[f->datalen])
95 #define PN533_STD_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
96 /* Half start code (3), LEN (4) should be 0xffff for extended frame */
97 #define PN533_STD_IS_EXTENDED(hdr) ((hdr)->datalen == 0xFF \
98 && (hdr)->datalen_checksum == 0xFF)
99 #define PN533_EXT_FRAME_CHECKSUM(f) (f->data[be16_to_cpu(f->datalen)])
100
101 /* start of frame */
102 #define PN533_STD_FRAME_SOF 0x00FF
103
104 /* standard frame identifier: in/out/error */
105 #define PN533_STD_FRAME_IDENTIFIER(f) (f->data[0]) /* TFI */
106 #define PN533_STD_FRAME_DIR_OUT 0xD4
107 #define PN533_STD_FRAME_DIR_IN 0xD5
108
109 /* ACS ACR122 pn533 frame definitions */
110 #define PN533_ACR122_TX_FRAME_HEADER_LEN (sizeof(struct pn533_acr122_tx_frame) \
111 + 2)
112 #define PN533_ACR122_TX_FRAME_TAIL_LEN 0
113 #define PN533_ACR122_RX_FRAME_HEADER_LEN (sizeof(struct pn533_acr122_rx_frame) \
114 + 2)
115 #define PN533_ACR122_RX_FRAME_TAIL_LEN 2
116 #define PN533_ACR122_FRAME_MAX_PAYLOAD_LEN PN533_STD_FRAME_MAX_PAYLOAD_LEN
117
118 /* CCID messages types */
119 #define PN533_ACR122_PC_TO_RDR_ICCPOWERON 0x62
120 #define PN533_ACR122_PC_TO_RDR_ESCAPE 0x6B
121
122 #define PN533_ACR122_RDR_TO_PC_ESCAPE 0x83
123
124 /* PN533 Commands */
125 #define PN533_FRAME_CMD(f) (f->data[1])
126
127 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
128 #define PN533_CMD_RF_CONFIGURATION 0x32
129 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
130 #define PN533_CMD_IN_COMM_THRU 0x42
131 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
132 #define PN533_CMD_IN_ATR 0x50
133 #define PN533_CMD_IN_RELEASE 0x52
134 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
135
136 #define PN533_CMD_TG_INIT_AS_TARGET 0x8c
137 #define PN533_CMD_TG_GET_DATA 0x86
138 #define PN533_CMD_TG_SET_DATA 0x8e
139 #define PN533_CMD_TG_SET_META_DATA 0x94
140 #define PN533_CMD_UNDEF 0xff
141
142 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
143
144 /* PN533 Return codes */
145 #define PN533_CMD_RET_MASK 0x3F
146 #define PN533_CMD_MI_MASK 0x40
147 #define PN533_CMD_RET_SUCCESS 0x00
148
149 struct pn533;
150
151 typedef int (*pn533_send_async_complete_t) (struct pn533 *dev, void *arg,
152 struct sk_buff *resp);
153
154 /* structs for pn533 commands */
155
156 /* PN533_CMD_GET_FIRMWARE_VERSION */
157 struct pn533_fw_version {
158 u8 ic;
159 u8 ver;
160 u8 rev;
161 u8 support;
162 };
163
164 /* PN533_CMD_RF_CONFIGURATION */
165 #define PN533_CFGITEM_RF_FIELD 0x01
166 #define PN533_CFGITEM_TIMING 0x02
167 #define PN533_CFGITEM_MAX_RETRIES 0x05
168 #define PN533_CFGITEM_PASORI 0x82
169
170 #define PN533_CFGITEM_RF_FIELD_AUTO_RFCA 0x2
171 #define PN533_CFGITEM_RF_FIELD_ON 0x1
172 #define PN533_CFGITEM_RF_FIELD_OFF 0x0
173
174 #define PN533_CONFIG_TIMING_102 0xb
175 #define PN533_CONFIG_TIMING_204 0xc
176 #define PN533_CONFIG_TIMING_409 0xd
177 #define PN533_CONFIG_TIMING_819 0xe
178
179 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
180 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
181
182 struct pn533_config_max_retries {
183 u8 mx_rty_atr;
184 u8 mx_rty_psl;
185 u8 mx_rty_passive_act;
186 } __packed;
187
188 struct pn533_config_timing {
189 u8 rfu;
190 u8 atr_res_timeout;
191 u8 dep_timeout;
192 } __packed;
193
194 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
195
196 /* felica commands opcode */
197 #define PN533_FELICA_OPC_SENSF_REQ 0
198 #define PN533_FELICA_OPC_SENSF_RES 1
199 /* felica SENSF_REQ parameters */
200 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
201 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
202 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
203 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
204
205 /* type B initiator_data values */
206 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
207 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
208 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
209
210 union pn533_cmd_poll_initdata {
211 struct {
212 u8 afi;
213 u8 polling_method;
214 } __packed type_b;
215 struct {
216 u8 opcode;
217 __be16 sc;
218 u8 rc;
219 u8 tsn;
220 } __packed felica;
221 };
222
223 /* Poll modulations */
224 enum {
225 PN533_POLL_MOD_106KBPS_A,
226 PN533_POLL_MOD_212KBPS_FELICA,
227 PN533_POLL_MOD_424KBPS_FELICA,
228 PN533_POLL_MOD_106KBPS_JEWEL,
229 PN533_POLL_MOD_847KBPS_B,
230 PN533_LISTEN_MOD,
231
232 __PN533_POLL_MOD_AFTER_LAST,
233 };
234 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
235
236 struct pn533_poll_modulations {
237 struct {
238 u8 maxtg;
239 u8 brty;
240 union pn533_cmd_poll_initdata initiator_data;
241 } __packed data;
242 u8 len;
243 };
244
245 static const struct pn533_poll_modulations poll_mod[] = {
246 [PN533_POLL_MOD_106KBPS_A] = {
247 .data = {
248 .maxtg = 1,
249 .brty = 0,
250 },
251 .len = 2,
252 },
253 [PN533_POLL_MOD_212KBPS_FELICA] = {
254 .data = {
255 .maxtg = 1,
256 .brty = 1,
257 .initiator_data.felica = {
258 .opcode = PN533_FELICA_OPC_SENSF_REQ,
259 .sc = PN533_FELICA_SENSF_SC_ALL,
260 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE,
261 .tsn = 0x03,
262 },
263 },
264 .len = 7,
265 },
266 [PN533_POLL_MOD_424KBPS_FELICA] = {
267 .data = {
268 .maxtg = 1,
269 .brty = 2,
270 .initiator_data.felica = {
271 .opcode = PN533_FELICA_OPC_SENSF_REQ,
272 .sc = PN533_FELICA_SENSF_SC_ALL,
273 .rc = PN533_FELICA_SENSF_RC_SYSTEM_CODE,
274 .tsn = 0x03,
275 },
276 },
277 .len = 7,
278 },
279 [PN533_POLL_MOD_106KBPS_JEWEL] = {
280 .data = {
281 .maxtg = 1,
282 .brty = 4,
283 },
284 .len = 2,
285 },
286 [PN533_POLL_MOD_847KBPS_B] = {
287 .data = {
288 .maxtg = 1,
289 .brty = 8,
290 .initiator_data.type_b = {
291 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
292 .polling_method =
293 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
294 },
295 },
296 .len = 3,
297 },
298 [PN533_LISTEN_MOD] = {
299 .len = 0,
300 },
301 };
302
303 /* PN533_CMD_IN_ATR */
304
305 struct pn533_cmd_activate_response {
306 u8 status;
307 u8 nfcid3t[10];
308 u8 didt;
309 u8 bst;
310 u8 brt;
311 u8 to;
312 u8 ppt;
313 /* optional */
314 u8 gt[];
315 } __packed;
316
317 struct pn533_cmd_jump_dep_response {
318 u8 status;
319 u8 tg;
320 u8 nfcid3t[10];
321 u8 didt;
322 u8 bst;
323 u8 brt;
324 u8 to;
325 u8 ppt;
326 /* optional */
327 u8 gt[];
328 } __packed;
329
330
331 /* PN533_TG_INIT_AS_TARGET */
332 #define PN533_INIT_TARGET_PASSIVE 0x1
333 #define PN533_INIT_TARGET_DEP 0x2
334
335 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
336 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1
337 #define PN533_INIT_TARGET_RESP_DEP 0x4
338
339 enum pn533_protocol_type {
340 PN533_PROTO_REQ_ACK_RESP = 0,
341 PN533_PROTO_REQ_RESP
342 };
343
344 struct pn533 {
345 struct usb_device *udev;
346 struct usb_interface *interface;
347 struct nfc_dev *nfc_dev;
348 u32 device_type;
349 enum pn533_protocol_type protocol_type;
350
351 struct urb *out_urb;
352 struct urb *in_urb;
353
354 struct sk_buff_head resp_q;
355 struct sk_buff_head fragment_skb;
356
357 struct workqueue_struct *wq;
358 struct work_struct cmd_work;
359 struct work_struct cmd_complete_work;
360 struct delayed_work poll_work;
361 struct work_struct mi_rx_work;
362 struct work_struct mi_tx_work;
363 struct work_struct mi_tm_rx_work;
364 struct work_struct mi_tm_tx_work;
365 struct work_struct tg_work;
366 struct work_struct rf_work;
367
368 struct list_head cmd_queue;
369 struct pn533_cmd *cmd;
370 u8 cmd_pending;
371 struct mutex cmd_lock; /* protects cmd queue */
372
373 void *cmd_complete_mi_arg;
374 void *cmd_complete_dep_arg;
375
376 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
377 u8 poll_mod_count;
378 u8 poll_mod_curr;
379 u8 poll_dep;
380 u32 poll_protocols;
381 u32 listen_protocols;
382 struct timer_list listen_timer;
383 int cancel_listen;
384
385 u8 *gb;
386 size_t gb_len;
387
388 u8 tgt_available_prots;
389 u8 tgt_active_prot;
390 u8 tgt_mode;
391
392 struct pn533_frame_ops *ops;
393 };
394
395 struct pn533_cmd {
396 struct list_head queue;
397 u8 code;
398 int status;
399 struct sk_buff *req;
400 struct sk_buff *resp;
401 int resp_len;
402 pn533_send_async_complete_t complete_cb;
403 void *complete_cb_context;
404 };
405
406 struct pn533_std_frame {
407 u8 preamble;
408 __be16 start_frame;
409 u8 datalen;
410 u8 datalen_checksum;
411 u8 data[];
412 } __packed;
413
414 struct pn533_ext_frame { /* Extended Information frame */
415 u8 preamble;
416 __be16 start_frame;
417 __be16 eif_flag; /* fixed to 0xFFFF */
418 __be16 datalen;
419 u8 datalen_checksum;
420 u8 data[];
421 } __packed;
422
423 struct pn533_frame_ops {
424 void (*tx_frame_init)(void *frame, u8 cmd_code);
425 void (*tx_frame_finish)(void *frame);
426 void (*tx_update_payload_len)(void *frame, int len);
427 int tx_header_len;
428 int tx_tail_len;
429
430 bool (*rx_is_frame_valid)(void *frame, struct pn533 *dev);
431 int (*rx_frame_size)(void *frame);
432 int rx_header_len;
433 int rx_tail_len;
434
435 int max_payload_len;
436 u8 (*get_cmd_code)(void *frame);
437 };
438
439 struct pn533_acr122_ccid_hdr {
440 u8 type;
441 u32 datalen;
442 u8 slot;
443 u8 seq;
444 u8 params[3]; /* 3 msg specific bytes or status, error and 1 specific
445 byte for reposnse msg */
446 u8 data[]; /* payload */
447 } __packed;
448
449 struct pn533_acr122_apdu_hdr {
450 u8 class;
451 u8 ins;
452 u8 p1;
453 u8 p2;
454 } __packed;
455
456 struct pn533_acr122_tx_frame {
457 struct pn533_acr122_ccid_hdr ccid;
458 struct pn533_acr122_apdu_hdr apdu;
459 u8 datalen;
460 u8 data[]; /* pn533 frame: TFI ... */
461 } __packed;
462
463 struct pn533_acr122_rx_frame {
464 struct pn533_acr122_ccid_hdr ccid;
465 u8 data[]; /* pn533 frame : TFI ... */
466 } __packed;
467
468 static void pn533_acr122_tx_frame_init(void *_frame, u8 cmd_code)
469 {
470 struct pn533_acr122_tx_frame *frame = _frame;
471
472 frame->ccid.type = PN533_ACR122_PC_TO_RDR_ESCAPE;
473 frame->ccid.datalen = sizeof(frame->apdu) + 1; /* sizeof(apdu_hdr) +
474 sizeof(datalen) */
475 frame->ccid.slot = 0;
476 frame->ccid.seq = 0;
477 frame->ccid.params[0] = 0;
478 frame->ccid.params[1] = 0;
479 frame->ccid.params[2] = 0;
480
481 frame->data[0] = PN533_STD_FRAME_DIR_OUT;
482 frame->data[1] = cmd_code;
483 frame->datalen = 2; /* data[0] + data[1] */
484
485 frame->apdu.class = 0xFF;
486 frame->apdu.ins = 0;
487 frame->apdu.p1 = 0;
488 frame->apdu.p2 = 0;
489 }
490
491 static void pn533_acr122_tx_frame_finish(void *_frame)
492 {
493 struct pn533_acr122_tx_frame *frame = _frame;
494
495 frame->ccid.datalen += frame->datalen;
496 }
497
498 static void pn533_acr122_tx_update_payload_len(void *_frame, int len)
499 {
500 struct pn533_acr122_tx_frame *frame = _frame;
501
502 frame->datalen += len;
503 }
504
505 static bool pn533_acr122_is_rx_frame_valid(void *_frame, struct pn533 *dev)
506 {
507 struct pn533_acr122_rx_frame *frame = _frame;
508
509 if (frame->ccid.type != 0x83)
510 return false;
511
512 if (!frame->ccid.datalen)
513 return false;
514
515 if (frame->data[frame->ccid.datalen - 2] == 0x63)
516 return false;
517
518 return true;
519 }
520
521 static int pn533_acr122_rx_frame_size(void *frame)
522 {
523 struct pn533_acr122_rx_frame *f = frame;
524
525 /* f->ccid.datalen already includes tail length */
526 return sizeof(struct pn533_acr122_rx_frame) + f->ccid.datalen;
527 }
528
529 static u8 pn533_acr122_get_cmd_code(void *frame)
530 {
531 struct pn533_acr122_rx_frame *f = frame;
532
533 return PN533_FRAME_CMD(f);
534 }
535
536 static struct pn533_frame_ops pn533_acr122_frame_ops = {
537 .tx_frame_init = pn533_acr122_tx_frame_init,
538 .tx_frame_finish = pn533_acr122_tx_frame_finish,
539 .tx_update_payload_len = pn533_acr122_tx_update_payload_len,
540 .tx_header_len = PN533_ACR122_TX_FRAME_HEADER_LEN,
541 .tx_tail_len = PN533_ACR122_TX_FRAME_TAIL_LEN,
542
543 .rx_is_frame_valid = pn533_acr122_is_rx_frame_valid,
544 .rx_header_len = PN533_ACR122_RX_FRAME_HEADER_LEN,
545 .rx_tail_len = PN533_ACR122_RX_FRAME_TAIL_LEN,
546 .rx_frame_size = pn533_acr122_rx_frame_size,
547
548 .max_payload_len = PN533_ACR122_FRAME_MAX_PAYLOAD_LEN,
549 .get_cmd_code = pn533_acr122_get_cmd_code,
550 };
551
552 /* The rule: value(high byte) + value(low byte) + checksum = 0 */
553 static inline u8 pn533_ext_checksum(u16 value)
554 {
555 return ~(u8)(((value & 0xFF00) >> 8) + (u8)(value & 0xFF)) + 1;
556 }
557
558 /* The rule: value + checksum = 0 */
559 static inline u8 pn533_std_checksum(u8 value)
560 {
561 return ~value + 1;
562 }
563
564 /* The rule: sum(data elements) + checksum = 0 */
565 static u8 pn533_std_data_checksum(u8 *data, int datalen)
566 {
567 u8 sum = 0;
568 int i;
569
570 for (i = 0; i < datalen; i++)
571 sum += data[i];
572
573 return pn533_std_checksum(sum);
574 }
575
576 static void pn533_std_tx_frame_init(void *_frame, u8 cmd_code)
577 {
578 struct pn533_std_frame *frame = _frame;
579
580 frame->preamble = 0;
581 frame->start_frame = cpu_to_be16(PN533_STD_FRAME_SOF);
582 PN533_STD_FRAME_IDENTIFIER(frame) = PN533_STD_FRAME_DIR_OUT;
583 PN533_FRAME_CMD(frame) = cmd_code;
584 frame->datalen = 2;
585 }
586
587 static void pn533_std_tx_frame_finish(void *_frame)
588 {
589 struct pn533_std_frame *frame = _frame;
590
591 frame->datalen_checksum = pn533_std_checksum(frame->datalen);
592
593 PN533_STD_FRAME_CHECKSUM(frame) =
594 pn533_std_data_checksum(frame->data, frame->datalen);
595
596 PN533_STD_FRAME_POSTAMBLE(frame) = 0;
597 }
598
599 static void pn533_std_tx_update_payload_len(void *_frame, int len)
600 {
601 struct pn533_std_frame *frame = _frame;
602
603 frame->datalen += len;
604 }
605
606 static bool pn533_std_rx_frame_is_valid(void *_frame, struct pn533 *dev)
607 {
608 u8 checksum;
609 struct pn533_std_frame *stdf = _frame;
610
611 if (stdf->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF))
612 return false;
613
614 if (likely(!PN533_STD_IS_EXTENDED(stdf))) {
615 /* Standard frame code */
616 dev->ops->rx_header_len = PN533_STD_FRAME_HEADER_LEN;
617
618 checksum = pn533_std_checksum(stdf->datalen);
619 if (checksum != stdf->datalen_checksum)
620 return false;
621
622 checksum = pn533_std_data_checksum(stdf->data, stdf->datalen);
623 if (checksum != PN533_STD_FRAME_CHECKSUM(stdf))
624 return false;
625 } else {
626 /* Extended */
627 struct pn533_ext_frame *eif = _frame;
628
629 dev->ops->rx_header_len = PN533_EXT_FRAME_HEADER_LEN;
630
631 checksum = pn533_ext_checksum(be16_to_cpu(eif->datalen));
632 if (checksum != eif->datalen_checksum)
633 return false;
634
635 /* check data checksum */
636 checksum = pn533_std_data_checksum(eif->data,
637 be16_to_cpu(eif->datalen));
638 if (checksum != PN533_EXT_FRAME_CHECKSUM(eif))
639 return false;
640 }
641
642 return true;
643 }
644
645 static bool pn533_std_rx_frame_is_ack(struct pn533_std_frame *frame)
646 {
647 if (frame->start_frame != cpu_to_be16(PN533_STD_FRAME_SOF))
648 return false;
649
650 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
651 return false;
652
653 return true;
654 }
655
656 static inline int pn533_std_rx_frame_size(void *frame)
657 {
658 struct pn533_std_frame *f = frame;
659
660 /* check for Extended Information frame */
661 if (PN533_STD_IS_EXTENDED(f)) {
662 struct pn533_ext_frame *eif = frame;
663
664 return sizeof(struct pn533_ext_frame)
665 + be16_to_cpu(eif->datalen) + PN533_STD_FRAME_TAIL_LEN;
666 }
667
668 return sizeof(struct pn533_std_frame) + f->datalen +
669 PN533_STD_FRAME_TAIL_LEN;
670 }
671
672 static u8 pn533_std_get_cmd_code(void *frame)
673 {
674 struct pn533_std_frame *f = frame;
675 struct pn533_ext_frame *eif = frame;
676
677 if (PN533_STD_IS_EXTENDED(f))
678 return PN533_FRAME_CMD(eif);
679 else
680 return PN533_FRAME_CMD(f);
681 }
682
683 static struct pn533_frame_ops pn533_std_frame_ops = {
684 .tx_frame_init = pn533_std_tx_frame_init,
685 .tx_frame_finish = pn533_std_tx_frame_finish,
686 .tx_update_payload_len = pn533_std_tx_update_payload_len,
687 .tx_header_len = PN533_STD_FRAME_HEADER_LEN,
688 .tx_tail_len = PN533_STD_FRAME_TAIL_LEN,
689
690 .rx_is_frame_valid = pn533_std_rx_frame_is_valid,
691 .rx_frame_size = pn533_std_rx_frame_size,
692 .rx_header_len = PN533_STD_FRAME_HEADER_LEN,
693 .rx_tail_len = PN533_STD_FRAME_TAIL_LEN,
694
695 .max_payload_len = PN533_STD_FRAME_MAX_PAYLOAD_LEN,
696 .get_cmd_code = pn533_std_get_cmd_code,
697 };
698
699 static bool pn533_rx_frame_is_cmd_response(struct pn533 *dev, void *frame)
700 {
701 return (dev->ops->get_cmd_code(frame) ==
702 PN533_CMD_RESPONSE(dev->cmd->code));
703 }
704
705 static void pn533_recv_response(struct urb *urb)
706 {
707 struct pn533 *dev = urb->context;
708 struct pn533_cmd *cmd = dev->cmd;
709 u8 *in_frame;
710
711 cmd->status = urb->status;
712
713 switch (urb->status) {
714 case 0:
715 break; /* success */
716 case -ECONNRESET:
717 case -ENOENT:
718 dev_dbg(&dev->interface->dev,
719 "The urb has been canceled (status %d)\n",
720 urb->status);
721 goto sched_wq;
722 case -ESHUTDOWN:
723 default:
724 nfc_err(&dev->interface->dev,
725 "Urb failure (status %d)\n", urb->status);
726 goto sched_wq;
727 }
728
729 in_frame = dev->in_urb->transfer_buffer;
730
731 dev_dbg(&dev->interface->dev, "Received a frame\n");
732 print_hex_dump_debug("PN533 RX: ", DUMP_PREFIX_NONE, 16, 1, in_frame,
733 dev->ops->rx_frame_size(in_frame), false);
734
735 if (!dev->ops->rx_is_frame_valid(in_frame, dev)) {
736 nfc_err(&dev->interface->dev, "Received an invalid frame\n");
737 cmd->status = -EIO;
738 goto sched_wq;
739 }
740
741 if (!pn533_rx_frame_is_cmd_response(dev, in_frame)) {
742 nfc_err(&dev->interface->dev,
743 "It it not the response to the last command\n");
744 cmd->status = -EIO;
745 goto sched_wq;
746 }
747
748 sched_wq:
749 queue_work(dev->wq, &dev->cmd_complete_work);
750 }
751
752 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
753 {
754 dev->in_urb->complete = pn533_recv_response;
755
756 return usb_submit_urb(dev->in_urb, flags);
757 }
758
759 static void pn533_recv_ack(struct urb *urb)
760 {
761 struct pn533 *dev = urb->context;
762 struct pn533_cmd *cmd = dev->cmd;
763 struct pn533_std_frame *in_frame;
764 int rc;
765
766 cmd->status = urb->status;
767
768 switch (urb->status) {
769 case 0:
770 break; /* success */
771 case -ECONNRESET:
772 case -ENOENT:
773 dev_dbg(&dev->interface->dev,
774 "The urb has been stopped (status %d)\n",
775 urb->status);
776 goto sched_wq;
777 case -ESHUTDOWN:
778 default:
779 nfc_err(&dev->interface->dev,
780 "Urb failure (status %d)\n", urb->status);
781 goto sched_wq;
782 }
783
784 in_frame = dev->in_urb->transfer_buffer;
785
786 if (!pn533_std_rx_frame_is_ack(in_frame)) {
787 nfc_err(&dev->interface->dev, "Received an invalid ack\n");
788 cmd->status = -EIO;
789 goto sched_wq;
790 }
791
792 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
793 if (rc) {
794 nfc_err(&dev->interface->dev,
795 "usb_submit_urb failed with result %d\n", rc);
796 cmd->status = rc;
797 goto sched_wq;
798 }
799
800 return;
801
802 sched_wq:
803 queue_work(dev->wq, &dev->cmd_complete_work);
804 }
805
806 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
807 {
808 dev->in_urb->complete = pn533_recv_ack;
809
810 return usb_submit_urb(dev->in_urb, flags);
811 }
812
813 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
814 {
815 u8 ack[PN533_STD_FRAME_ACK_SIZE] = {0x00, 0x00, 0xff, 0x00, 0xff, 0x00};
816 /* spec 7.1.1.3: Preamble, SoPC (2), ACK Code (2), Postamble */
817 int rc;
818
819 dev->out_urb->transfer_buffer = ack;
820 dev->out_urb->transfer_buffer_length = sizeof(ack);
821 rc = usb_submit_urb(dev->out_urb, flags);
822
823 return rc;
824 }
825
826 static int __pn533_send_frame_async(struct pn533 *dev,
827 struct sk_buff *out,
828 struct sk_buff *in,
829 int in_len)
830 {
831 int rc;
832
833 dev->out_urb->transfer_buffer = out->data;
834 dev->out_urb->transfer_buffer_length = out->len;
835
836 dev->in_urb->transfer_buffer = in->data;
837 dev->in_urb->transfer_buffer_length = in_len;
838
839 print_hex_dump_debug("PN533 TX: ", DUMP_PREFIX_NONE, 16, 1,
840 out->data, out->len, false);
841
842 rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
843 if (rc)
844 return rc;
845
846 if (dev->protocol_type == PN533_PROTO_REQ_RESP) {
847 /* request for response for sent packet directly */
848 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
849 if (rc)
850 goto error;
851 } else if (dev->protocol_type == PN533_PROTO_REQ_ACK_RESP) {
852 /* request for ACK if that's the case */
853 rc = pn533_submit_urb_for_ack(dev, GFP_KERNEL);
854 if (rc)
855 goto error;
856 }
857
858 return 0;
859
860 error:
861 usb_unlink_urb(dev->out_urb);
862 return rc;
863 }
864
865 static void pn533_build_cmd_frame(struct pn533 *dev, u8 cmd_code,
866 struct sk_buff *skb)
867 {
868 /* payload is already there, just update datalen */
869 int payload_len = skb->len;
870 struct pn533_frame_ops *ops = dev->ops;
871
872
873 skb_push(skb, ops->tx_header_len);
874 skb_put(skb, ops->tx_tail_len);
875
876 ops->tx_frame_init(skb->data, cmd_code);
877 ops->tx_update_payload_len(skb->data, payload_len);
878 ops->tx_frame_finish(skb->data);
879 }
880
881 static int pn533_send_async_complete(struct pn533 *dev)
882 {
883 struct pn533_cmd *cmd = dev->cmd;
884 int status = cmd->status;
885
886 struct sk_buff *req = cmd->req;
887 struct sk_buff *resp = cmd->resp;
888
889 int rc;
890
891 dev_kfree_skb(req);
892
893 if (status < 0) {
894 rc = cmd->complete_cb(dev, cmd->complete_cb_context,
895 ERR_PTR(status));
896 dev_kfree_skb(resp);
897 goto done;
898 }
899
900 skb_put(resp, dev->ops->rx_frame_size(resp->data));
901 skb_pull(resp, dev->ops->rx_header_len);
902 skb_trim(resp, resp->len - dev->ops->rx_tail_len);
903
904 rc = cmd->complete_cb(dev, cmd->complete_cb_context, resp);
905
906 done:
907 kfree(cmd);
908 dev->cmd = NULL;
909 return rc;
910 }
911
912 static int __pn533_send_async(struct pn533 *dev, u8 cmd_code,
913 struct sk_buff *req, struct sk_buff *resp,
914 int resp_len,
915 pn533_send_async_complete_t complete_cb,
916 void *complete_cb_context)
917 {
918 struct pn533_cmd *cmd;
919 int rc = 0;
920
921 dev_dbg(&dev->interface->dev, "Sending command 0x%x\n", cmd_code);
922
923 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
924 if (!cmd)
925 return -ENOMEM;
926
927 cmd->code = cmd_code;
928 cmd->req = req;
929 cmd->resp = resp;
930 cmd->resp_len = resp_len;
931 cmd->complete_cb = complete_cb;
932 cmd->complete_cb_context = complete_cb_context;
933
934 pn533_build_cmd_frame(dev, cmd_code, req);
935
936 mutex_lock(&dev->cmd_lock);
937
938 if (!dev->cmd_pending) {
939 rc = __pn533_send_frame_async(dev, req, resp, resp_len);
940 if (rc)
941 goto error;
942
943 dev->cmd_pending = 1;
944 dev->cmd = cmd;
945 goto unlock;
946 }
947
948 dev_dbg(&dev->interface->dev, "%s Queueing command 0x%x\n",
949 __func__, cmd_code);
950
951 INIT_LIST_HEAD(&cmd->queue);
952 list_add_tail(&cmd->queue, &dev->cmd_queue);
953
954 goto unlock;
955
956 error:
957 kfree(cmd);
958 unlock:
959 mutex_unlock(&dev->cmd_lock);
960 return rc;
961 }
962
963 static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code,
964 struct sk_buff *req,
965 pn533_send_async_complete_t complete_cb,
966 void *complete_cb_context)
967 {
968 struct sk_buff *resp;
969 int rc;
970 int resp_len = dev->ops->rx_header_len +
971 dev->ops->max_payload_len +
972 dev->ops->rx_tail_len;
973
974 resp = nfc_alloc_recv_skb(resp_len, GFP_KERNEL);
975 if (!resp)
976 return -ENOMEM;
977
978 rc = __pn533_send_async(dev, cmd_code, req, resp, resp_len, complete_cb,
979 complete_cb_context);
980 if (rc)
981 dev_kfree_skb(resp);
982
983 return rc;
984 }
985
986 static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code,
987 struct sk_buff *req,
988 pn533_send_async_complete_t complete_cb,
989 void *complete_cb_context)
990 {
991 struct sk_buff *resp;
992 int rc;
993 int resp_len = dev->ops->rx_header_len +
994 dev->ops->max_payload_len +
995 dev->ops->rx_tail_len;
996
997 resp = alloc_skb(resp_len, GFP_KERNEL);
998 if (!resp)
999 return -ENOMEM;
1000
1001 rc = __pn533_send_async(dev, cmd_code, req, resp, resp_len, complete_cb,
1002 complete_cb_context);
1003 if (rc)
1004 dev_kfree_skb(resp);
1005
1006 return rc;
1007 }
1008
1009 /*
1010 * pn533_send_cmd_direct_async
1011 *
1012 * The function sends a piority cmd directly to the chip omiting the cmd
1013 * queue. It's intended to be used by chaining mechanism of received responses
1014 * where the host has to request every single chunk of data before scheduling
1015 * next cmd from the queue.
1016 */
1017 static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code,
1018 struct sk_buff *req,
1019 pn533_send_async_complete_t complete_cb,
1020 void *complete_cb_context)
1021 {
1022 struct sk_buff *resp;
1023 struct pn533_cmd *cmd;
1024 int rc;
1025 int resp_len = dev->ops->rx_header_len +
1026 dev->ops->max_payload_len +
1027 dev->ops->rx_tail_len;
1028
1029 resp = alloc_skb(resp_len, GFP_KERNEL);
1030 if (!resp)
1031 return -ENOMEM;
1032
1033 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
1034 if (!cmd) {
1035 dev_kfree_skb(resp);
1036 return -ENOMEM;
1037 }
1038
1039 cmd->code = cmd_code;
1040 cmd->req = req;
1041 cmd->resp = resp;
1042 cmd->resp_len = resp_len;
1043 cmd->complete_cb = complete_cb;
1044 cmd->complete_cb_context = complete_cb_context;
1045
1046 pn533_build_cmd_frame(dev, cmd_code, req);
1047
1048 rc = __pn533_send_frame_async(dev, req, resp, resp_len);
1049 if (rc < 0) {
1050 dev_kfree_skb(resp);
1051 kfree(cmd);
1052 } else {
1053 dev->cmd = cmd;
1054 }
1055
1056 return rc;
1057 }
1058
1059 static void pn533_wq_cmd_complete(struct work_struct *work)
1060 {
1061 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work);
1062 int rc;
1063
1064 rc = pn533_send_async_complete(dev);
1065 if (rc != -EINPROGRESS)
1066 queue_work(dev->wq, &dev->cmd_work);
1067 }
1068
1069 static void pn533_wq_cmd(struct work_struct *work)
1070 {
1071 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
1072 struct pn533_cmd *cmd;
1073 int rc;
1074
1075 mutex_lock(&dev->cmd_lock);
1076
1077 if (list_empty(&dev->cmd_queue)) {
1078 dev->cmd_pending = 0;
1079 mutex_unlock(&dev->cmd_lock);
1080 return;
1081 }
1082
1083 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue);
1084
1085 list_del(&cmd->queue);
1086
1087 mutex_unlock(&dev->cmd_lock);
1088
1089 rc = __pn533_send_frame_async(dev, cmd->req, cmd->resp, cmd->resp_len);
1090 if (rc < 0) {
1091 dev_kfree_skb(cmd->req);
1092 dev_kfree_skb(cmd->resp);
1093 kfree(cmd);
1094 return;
1095 }
1096
1097 dev->cmd = cmd;
1098 }
1099
1100 struct pn533_sync_cmd_response {
1101 struct sk_buff *resp;
1102 struct completion done;
1103 };
1104
1105 static int pn533_send_sync_complete(struct pn533 *dev, void *_arg,
1106 struct sk_buff *resp)
1107 {
1108 struct pn533_sync_cmd_response *arg = _arg;
1109
1110 arg->resp = resp;
1111 complete(&arg->done);
1112
1113 return 0;
1114 }
1115
1116 /* pn533_send_cmd_sync
1117 *
1118 * Please note the req parameter is freed inside the function to
1119 * limit a number of return value interpretations by the caller.
1120 *
1121 * 1. negative in case of error during TX path -> req should be freed
1122 *
1123 * 2. negative in case of error during RX path -> req should not be freed
1124 * as it's been already freed at the begining of RX path by
1125 * async_complete_cb.
1126 *
1127 * 3. valid pointer in case of succesfult RX path
1128 *
1129 * A caller has to check a return value with IS_ERR macro. If the test pass,
1130 * the returned pointer is valid.
1131 *
1132 * */
1133 static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code,
1134 struct sk_buff *req)
1135 {
1136 int rc;
1137 struct pn533_sync_cmd_response arg;
1138
1139 init_completion(&arg.done);
1140
1141 rc = pn533_send_cmd_async(dev, cmd_code, req,
1142 pn533_send_sync_complete, &arg);
1143 if (rc) {
1144 dev_kfree_skb(req);
1145 return ERR_PTR(rc);
1146 }
1147
1148 wait_for_completion(&arg.done);
1149
1150 return arg.resp;
1151 }
1152
1153 static void pn533_send_complete(struct urb *urb)
1154 {
1155 struct pn533 *dev = urb->context;
1156
1157 switch (urb->status) {
1158 case 0:
1159 break; /* success */
1160 case -ECONNRESET:
1161 case -ENOENT:
1162 dev_dbg(&dev->interface->dev,
1163 "The urb has been stopped (status %d)\n",
1164 urb->status);
1165 break;
1166 case -ESHUTDOWN:
1167 default:
1168 nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
1169 urb->status);
1170 }
1171 }
1172
1173 static void pn533_abort_cmd(struct pn533 *dev, gfp_t flags)
1174 {
1175 /* ACR122U does not support any command which aborts last
1176 * issued command i.e. as ACK for standard PN533. Additionally,
1177 * it behaves stange, sending broken or incorrect responses,
1178 * when we cancel urb before the chip will send response.
1179 */
1180 if (dev->device_type == PN533_DEVICE_ACR122U)
1181 return;
1182
1183 /* An ack will cancel the last issued command */
1184 pn533_send_ack(dev, flags);
1185
1186 /* cancel the urb request */
1187 usb_kill_urb(dev->in_urb);
1188 }
1189
1190 static struct sk_buff *pn533_alloc_skb(struct pn533 *dev, unsigned int size)
1191 {
1192 struct sk_buff *skb;
1193
1194 skb = alloc_skb(dev->ops->tx_header_len +
1195 size +
1196 dev->ops->tx_tail_len, GFP_KERNEL);
1197
1198 if (skb)
1199 skb_reserve(skb, dev->ops->tx_header_len);
1200
1201 return skb;
1202 }
1203
1204 struct pn533_target_type_a {
1205 __be16 sens_res;
1206 u8 sel_res;
1207 u8 nfcid_len;
1208 u8 nfcid_data[];
1209 } __packed;
1210
1211
1212 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
1213 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
1214 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
1215
1216 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
1217 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
1218
1219 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
1220 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
1221
1222 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
1223 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
1224 #define PN533_TYPE_A_SEL_PROT_DEP 2
1225 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
1226
1227 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
1228 int target_data_len)
1229 {
1230 u8 ssd;
1231 u8 platconf;
1232
1233 if (target_data_len < sizeof(struct pn533_target_type_a))
1234 return false;
1235
1236 /* The lenght check of nfcid[] and ats[] are not being performed because
1237 the values are not being used */
1238
1239 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
1240 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
1241 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
1242
1243 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1244 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
1245 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1246 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
1247 return false;
1248
1249 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
1250 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
1251 return false;
1252
1253 return true;
1254 }
1255
1256 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
1257 int tgt_data_len)
1258 {
1259 struct pn533_target_type_a *tgt_type_a;
1260
1261 tgt_type_a = (struct pn533_target_type_a *)tgt_data;
1262
1263 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
1264 return -EPROTO;
1265
1266 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
1267 case PN533_TYPE_A_SEL_PROT_MIFARE:
1268 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
1269 break;
1270 case PN533_TYPE_A_SEL_PROT_ISO14443:
1271 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
1272 break;
1273 case PN533_TYPE_A_SEL_PROT_DEP:
1274 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1275 break;
1276 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
1277 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
1278 NFC_PROTO_NFC_DEP_MASK;
1279 break;
1280 }
1281
1282 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
1283 nfc_tgt->sel_res = tgt_type_a->sel_res;
1284 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
1285 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
1286
1287 return 0;
1288 }
1289
1290 struct pn533_target_felica {
1291 u8 pol_res;
1292 u8 opcode;
1293 u8 nfcid2[NFC_NFCID2_MAXSIZE];
1294 u8 pad[8];
1295 /* optional */
1296 u8 syst_code[];
1297 } __packed;
1298
1299 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
1300 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
1301
1302 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
1303 int target_data_len)
1304 {
1305 if (target_data_len < sizeof(struct pn533_target_felica))
1306 return false;
1307
1308 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
1309 return false;
1310
1311 return true;
1312 }
1313
1314 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
1315 int tgt_data_len)
1316 {
1317 struct pn533_target_felica *tgt_felica;
1318
1319 tgt_felica = (struct pn533_target_felica *)tgt_data;
1320
1321 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
1322 return -EPROTO;
1323
1324 if ((tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1) &&
1325 (tgt_felica->nfcid2[1] == PN533_FELICA_SENSF_NFCID2_DEP_B2))
1326 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1327 else
1328 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
1329
1330 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
1331 nfc_tgt->sensf_res_len = 9;
1332
1333 memcpy(nfc_tgt->nfcid2, tgt_felica->nfcid2, NFC_NFCID2_MAXSIZE);
1334 nfc_tgt->nfcid2_len = NFC_NFCID2_MAXSIZE;
1335
1336 return 0;
1337 }
1338
1339 struct pn533_target_jewel {
1340 __be16 sens_res;
1341 u8 jewelid[4];
1342 } __packed;
1343
1344 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
1345 int target_data_len)
1346 {
1347 u8 ssd;
1348 u8 platconf;
1349
1350 if (target_data_len < sizeof(struct pn533_target_jewel))
1351 return false;
1352
1353 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
1354 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
1355 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
1356
1357 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1358 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
1359 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1360 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
1361 return false;
1362
1363 return true;
1364 }
1365
1366 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
1367 int tgt_data_len)
1368 {
1369 struct pn533_target_jewel *tgt_jewel;
1370
1371 tgt_jewel = (struct pn533_target_jewel *)tgt_data;
1372
1373 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
1374 return -EPROTO;
1375
1376 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
1377 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
1378 nfc_tgt->nfcid1_len = 4;
1379 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
1380
1381 return 0;
1382 }
1383
1384 struct pn533_type_b_prot_info {
1385 u8 bitrate;
1386 u8 fsci_type;
1387 u8 fwi_adc_fo;
1388 } __packed;
1389
1390 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
1391 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
1392 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
1393
1394 struct pn533_type_b_sens_res {
1395 u8 opcode;
1396 u8 nfcid[4];
1397 u8 appdata[4];
1398 struct pn533_type_b_prot_info prot_info;
1399 } __packed;
1400
1401 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
1402
1403 struct pn533_target_type_b {
1404 struct pn533_type_b_sens_res sensb_res;
1405 u8 attrib_res_len;
1406 u8 attrib_res[];
1407 } __packed;
1408
1409 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
1410 int target_data_len)
1411 {
1412 if (target_data_len < sizeof(struct pn533_target_type_b))
1413 return false;
1414
1415 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
1416 return false;
1417
1418 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
1419 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
1420 return false;
1421
1422 return true;
1423 }
1424
1425 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
1426 int tgt_data_len)
1427 {
1428 struct pn533_target_type_b *tgt_type_b;
1429
1430 tgt_type_b = (struct pn533_target_type_b *)tgt_data;
1431
1432 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
1433 return -EPROTO;
1434
1435 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK;
1436
1437 return 0;
1438 }
1439
1440 static int pn533_target_found(struct pn533 *dev, u8 tg, u8 *tgdata,
1441 int tgdata_len)
1442 {
1443 struct nfc_target nfc_tgt;
1444 int rc;
1445
1446 dev_dbg(&dev->interface->dev, "%s: modulation=%d\n",
1447 __func__, dev->poll_mod_curr);
1448
1449 if (tg != 1)
1450 return -EPROTO;
1451
1452 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
1453
1454 switch (dev->poll_mod_curr) {
1455 case PN533_POLL_MOD_106KBPS_A:
1456 rc = pn533_target_found_type_a(&nfc_tgt, tgdata, tgdata_len);
1457 break;
1458 case PN533_POLL_MOD_212KBPS_FELICA:
1459 case PN533_POLL_MOD_424KBPS_FELICA:
1460 rc = pn533_target_found_felica(&nfc_tgt, tgdata, tgdata_len);
1461 break;
1462 case PN533_POLL_MOD_106KBPS_JEWEL:
1463 rc = pn533_target_found_jewel(&nfc_tgt, tgdata, tgdata_len);
1464 break;
1465 case PN533_POLL_MOD_847KBPS_B:
1466 rc = pn533_target_found_type_b(&nfc_tgt, tgdata, tgdata_len);
1467 break;
1468 default:
1469 nfc_err(&dev->interface->dev,
1470 "Unknown current poll modulation\n");
1471 return -EPROTO;
1472 }
1473
1474 if (rc)
1475 return rc;
1476
1477 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
1478 dev_dbg(&dev->interface->dev,
1479 "The Tg found doesn't have the desired protocol\n");
1480 return -EAGAIN;
1481 }
1482
1483 dev_dbg(&dev->interface->dev,
1484 "Target found - supported protocols: 0x%x\n",
1485 nfc_tgt.supported_protocols);
1486
1487 dev->tgt_available_prots = nfc_tgt.supported_protocols;
1488
1489 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
1490
1491 return 0;
1492 }
1493
1494 static inline void pn533_poll_next_mod(struct pn533 *dev)
1495 {
1496 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1497 }
1498
1499 static void pn533_poll_reset_mod_list(struct pn533 *dev)
1500 {
1501 dev->poll_mod_count = 0;
1502 }
1503
1504 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1505 {
1506 dev->poll_mod_active[dev->poll_mod_count] =
1507 (struct pn533_poll_modulations *)&poll_mod[mod_index];
1508 dev->poll_mod_count++;
1509 }
1510
1511 static void pn533_poll_create_mod_list(struct pn533 *dev,
1512 u32 im_protocols, u32 tm_protocols)
1513 {
1514 pn533_poll_reset_mod_list(dev);
1515
1516 if ((im_protocols & NFC_PROTO_MIFARE_MASK) ||
1517 (im_protocols & NFC_PROTO_ISO14443_MASK) ||
1518 (im_protocols & NFC_PROTO_NFC_DEP_MASK))
1519 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1520
1521 if (im_protocols & NFC_PROTO_FELICA_MASK ||
1522 im_protocols & NFC_PROTO_NFC_DEP_MASK) {
1523 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1524 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1525 }
1526
1527 if (im_protocols & NFC_PROTO_JEWEL_MASK)
1528 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
1529
1530 if (im_protocols & NFC_PROTO_ISO14443_B_MASK)
1531 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1532
1533 if (tm_protocols)
1534 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1535 }
1536
1537 static int pn533_start_poll_complete(struct pn533 *dev, struct sk_buff *resp)
1538 {
1539 u8 nbtg, tg, *tgdata;
1540 int rc, tgdata_len;
1541
1542 /* Toggle the DEP polling */
1543 dev->poll_dep = 1;
1544
1545 nbtg = resp->data[0];
1546 tg = resp->data[1];
1547 tgdata = &resp->data[2];
1548 tgdata_len = resp->len - 2; /* nbtg + tg */
1549
1550 if (nbtg) {
1551 rc = pn533_target_found(dev, tg, tgdata, tgdata_len);
1552
1553 /* We must stop the poll after a valid target found */
1554 if (rc == 0) {
1555 pn533_poll_reset_mod_list(dev);
1556 return 0;
1557 }
1558 }
1559
1560 return -EAGAIN;
1561 }
1562
1563 static struct sk_buff *pn533_alloc_poll_tg_frame(struct pn533 *dev)
1564 {
1565 struct sk_buff *skb;
1566 u8 *felica, *nfcid3, *gb;
1567
1568 u8 *gbytes = dev->gb;
1569 size_t gbytes_len = dev->gb_len;
1570
1571 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1572 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1573 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1574 0xff, 0xff}; /* System code */
1575
1576 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1577 0x0, 0x0, 0x0,
1578 0x40}; /* SEL_RES for DEP */
1579
1580 unsigned int skb_len = 36 + /* mode (1), mifare (6),
1581 felica (18), nfcid3 (10), gb_len (1) */
1582 gbytes_len +
1583 1; /* len Tk*/
1584
1585 skb = pn533_alloc_skb(dev, skb_len);
1586 if (!skb)
1587 return NULL;
1588
1589 /* DEP support only */
1590 *skb_put(skb, 1) = PN533_INIT_TARGET_DEP;
1591
1592 /* MIFARE params */
1593 memcpy(skb_put(skb, 6), mifare_params, 6);
1594
1595 /* Felica params */
1596 felica = skb_put(skb, 18);
1597 memcpy(felica, felica_params, 18);
1598 get_random_bytes(felica + 2, 6);
1599
1600 /* NFCID3 */
1601 nfcid3 = skb_put(skb, 10);
1602 memset(nfcid3, 0, 10);
1603 memcpy(nfcid3, felica, 8);
1604
1605 /* General bytes */
1606 *skb_put(skb, 1) = gbytes_len;
1607
1608 gb = skb_put(skb, gbytes_len);
1609 memcpy(gb, gbytes, gbytes_len);
1610
1611 /* Len Tk */
1612 *skb_put(skb, 1) = 0;
1613
1614 return skb;
1615 }
1616
1617 #define PN533_CMD_DATAEXCH_HEAD_LEN 1
1618 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1619 static void pn533_wq_tm_mi_recv(struct work_struct *work);
1620 static struct sk_buff *pn533_build_response(struct pn533 *dev);
1621
1622 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1623 struct sk_buff *resp)
1624 {
1625 struct sk_buff *skb;
1626 u8 status, ret, mi;
1627 int rc;
1628
1629 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1630
1631 if (IS_ERR(resp)) {
1632 skb_queue_purge(&dev->resp_q);
1633 return PTR_ERR(resp);
1634 }
1635
1636 status = resp->data[0];
1637
1638 ret = status & PN533_CMD_RET_MASK;
1639 mi = status & PN533_CMD_MI_MASK;
1640
1641 skb_pull(resp, sizeof(status));
1642
1643 if (ret != PN533_CMD_RET_SUCCESS) {
1644 rc = -EIO;
1645 goto error;
1646 }
1647
1648 skb_queue_tail(&dev->resp_q, resp);
1649
1650 if (mi) {
1651 queue_work(dev->wq, &dev->mi_tm_rx_work);
1652 return -EINPROGRESS;
1653 }
1654
1655 skb = pn533_build_response(dev);
1656 if (!skb) {
1657 rc = -EIO;
1658 goto error;
1659 }
1660
1661 return nfc_tm_data_received(dev->nfc_dev, skb);
1662
1663 error:
1664 nfc_tm_deactivated(dev->nfc_dev);
1665 dev->tgt_mode = 0;
1666 skb_queue_purge(&dev->resp_q);
1667 dev_kfree_skb(resp);
1668
1669 return rc;
1670 }
1671
1672 static void pn533_wq_tm_mi_recv(struct work_struct *work)
1673 {
1674 struct pn533 *dev = container_of(work, struct pn533, mi_tm_rx_work);
1675 struct sk_buff *skb;
1676 int rc;
1677
1678 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1679
1680 skb = pn533_alloc_skb(dev, 0);
1681 if (!skb)
1682 return;
1683
1684 rc = pn533_send_cmd_direct_async(dev,
1685 PN533_CMD_TG_GET_DATA,
1686 skb,
1687 pn533_tm_get_data_complete,
1688 NULL);
1689
1690 if (rc < 0)
1691 dev_kfree_skb(skb);
1692
1693 return;
1694 }
1695
1696 static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
1697 struct sk_buff *resp);
1698 static void pn533_wq_tm_mi_send(struct work_struct *work)
1699 {
1700 struct pn533 *dev = container_of(work, struct pn533, mi_tm_tx_work);
1701 struct sk_buff *skb;
1702 int rc;
1703
1704 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1705
1706 /* Grab the first skb in the queue */
1707 skb = skb_dequeue(&dev->fragment_skb);
1708 if (skb == NULL) { /* No more data */
1709 /* Reset the queue for future use */
1710 skb_queue_head_init(&dev->fragment_skb);
1711 goto error;
1712 }
1713
1714 /* last entry - remove MI bit */
1715 if (skb_queue_len(&dev->fragment_skb) == 0) {
1716 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_TG_SET_DATA,
1717 skb, pn533_tm_send_complete, NULL);
1718 } else
1719 rc = pn533_send_cmd_direct_async(dev,
1720 PN533_CMD_TG_SET_META_DATA,
1721 skb, pn533_tm_send_complete, NULL);
1722
1723 if (rc == 0) /* success */
1724 return;
1725
1726 dev_err(&dev->interface->dev,
1727 "Error %d when trying to perform set meta data_exchange", rc);
1728
1729 dev_kfree_skb(skb);
1730
1731 error:
1732 pn533_send_ack(dev, GFP_KERNEL);
1733 queue_work(dev->wq, &dev->cmd_work);
1734 }
1735
1736 static void pn533_wq_tg_get_data(struct work_struct *work)
1737 {
1738 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1739 struct sk_buff *skb;
1740 int rc;
1741
1742 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1743
1744 skb = pn533_alloc_skb(dev, 0);
1745 if (!skb)
1746 return;
1747
1748 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb,
1749 pn533_tm_get_data_complete, NULL);
1750
1751 if (rc < 0)
1752 dev_kfree_skb(skb);
1753
1754 return;
1755 }
1756
1757 #define ATR_REQ_GB_OFFSET 17
1758 static int pn533_init_target_complete(struct pn533 *dev, struct sk_buff *resp)
1759 {
1760 u8 mode, *cmd, comm_mode = NFC_COMM_PASSIVE, *gb;
1761 size_t gb_len;
1762 int rc;
1763
1764 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1765
1766 if (resp->len < ATR_REQ_GB_OFFSET + 1)
1767 return -EINVAL;
1768
1769 mode = resp->data[0];
1770 cmd = &resp->data[1];
1771
1772 dev_dbg(&dev->interface->dev, "Target mode 0x%x len %d\n",
1773 mode, resp->len);
1774
1775 if ((mode & PN533_INIT_TARGET_RESP_FRAME_MASK) ==
1776 PN533_INIT_TARGET_RESP_ACTIVE)
1777 comm_mode = NFC_COMM_ACTIVE;
1778
1779 if ((mode & PN533_INIT_TARGET_RESP_DEP) == 0) /* Only DEP supported */
1780 return -EOPNOTSUPP;
1781
1782 gb = cmd + ATR_REQ_GB_OFFSET;
1783 gb_len = resp->len - (ATR_REQ_GB_OFFSET + 1);
1784
1785 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1786 comm_mode, gb, gb_len);
1787 if (rc < 0) {
1788 nfc_err(&dev->interface->dev,
1789 "Error when signaling target activation\n");
1790 return rc;
1791 }
1792
1793 dev->tgt_mode = 1;
1794 queue_work(dev->wq, &dev->tg_work);
1795
1796 return 0;
1797 }
1798
1799 static void pn533_listen_mode_timer(unsigned long data)
1800 {
1801 struct pn533 *dev = (struct pn533 *)data;
1802
1803 dev_dbg(&dev->interface->dev, "Listen mode timeout\n");
1804
1805 dev->cancel_listen = 1;
1806
1807 pn533_poll_next_mod(dev);
1808
1809 queue_delayed_work(dev->wq, &dev->poll_work,
1810 msecs_to_jiffies(PN533_POLL_INTERVAL));
1811 }
1812
1813 static int pn533_rf_complete(struct pn533 *dev, void *arg,
1814 struct sk_buff *resp)
1815 {
1816 int rc = 0;
1817
1818 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1819
1820 if (IS_ERR(resp)) {
1821 rc = PTR_ERR(resp);
1822
1823 nfc_err(&dev->interface->dev, "RF setting error %d", rc);
1824
1825 return rc;
1826 }
1827
1828 queue_delayed_work(dev->wq, &dev->poll_work,
1829 msecs_to_jiffies(PN533_POLL_INTERVAL));
1830
1831 dev_kfree_skb(resp);
1832 return rc;
1833 }
1834
1835 static void pn533_wq_rf(struct work_struct *work)
1836 {
1837 struct pn533 *dev = container_of(work, struct pn533, rf_work);
1838 struct sk_buff *skb;
1839 int rc;
1840
1841 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1842
1843 skb = pn533_alloc_skb(dev, 2);
1844 if (!skb)
1845 return;
1846
1847 *skb_put(skb, 1) = PN533_CFGITEM_RF_FIELD;
1848 *skb_put(skb, 1) = PN533_CFGITEM_RF_FIELD_AUTO_RFCA;
1849
1850 rc = pn533_send_cmd_async(dev, PN533_CMD_RF_CONFIGURATION, skb,
1851 pn533_rf_complete, NULL);
1852 if (rc < 0) {
1853 dev_kfree_skb(skb);
1854 nfc_err(&dev->interface->dev, "RF setting error %d\n", rc);
1855 }
1856
1857 return;
1858 }
1859
1860 static int pn533_poll_dep_complete(struct pn533 *dev, void *arg,
1861 struct sk_buff *resp)
1862 {
1863 struct pn533_cmd_jump_dep_response *rsp;
1864 struct nfc_target nfc_target;
1865 u8 target_gt_len;
1866 int rc;
1867
1868 if (IS_ERR(resp))
1869 return PTR_ERR(resp);
1870
1871 rsp = (struct pn533_cmd_jump_dep_response *)resp->data;
1872
1873 rc = rsp->status & PN533_CMD_RET_MASK;
1874 if (rc != PN533_CMD_RET_SUCCESS) {
1875 /* Not target found, turn radio off */
1876 queue_work(dev->wq, &dev->rf_work);
1877
1878 dev_kfree_skb(resp);
1879 return 0;
1880 }
1881
1882 dev_dbg(&dev->interface->dev, "Creating new target");
1883
1884 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1885 nfc_target.nfcid1_len = 10;
1886 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len);
1887 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1888 if (rc)
1889 goto error;
1890
1891 dev->tgt_available_prots = 0;
1892 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1893
1894 /* ATR_RES general bytes are located at offset 17 */
1895 target_gt_len = resp->len - 17;
1896 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1897 rsp->gt, target_gt_len);
1898 if (!rc) {
1899 rc = nfc_dep_link_is_up(dev->nfc_dev,
1900 dev->nfc_dev->targets[0].idx,
1901 0, NFC_RF_INITIATOR);
1902
1903 if (!rc)
1904 pn533_poll_reset_mod_list(dev);
1905 }
1906 error:
1907 dev_kfree_skb(resp);
1908 return rc;
1909 }
1910
1911 #define PASSIVE_DATA_LEN 5
1912 static int pn533_poll_dep(struct nfc_dev *nfc_dev)
1913 {
1914 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1915 struct sk_buff *skb;
1916 int rc, skb_len;
1917 u8 *next, nfcid3[NFC_NFCID3_MAXSIZE];
1918 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1919
1920 dev_dbg(&dev->interface->dev, "%s", __func__);
1921
1922 if (!dev->gb) {
1923 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
1924
1925 if (!dev->gb || !dev->gb_len) {
1926 dev->poll_dep = 0;
1927 queue_work(dev->wq, &dev->rf_work);
1928 }
1929 }
1930
1931 skb_len = 3 + dev->gb_len; /* ActPass + BR + Next */
1932 skb_len += PASSIVE_DATA_LEN;
1933
1934 /* NFCID3 */
1935 skb_len += NFC_NFCID3_MAXSIZE;
1936 nfcid3[0] = 0x1;
1937 nfcid3[1] = 0xfe;
1938 get_random_bytes(nfcid3 + 2, 6);
1939
1940 skb = pn533_alloc_skb(dev, skb_len);
1941 if (!skb)
1942 return -ENOMEM;
1943
1944 *skb_put(skb, 1) = 0x01; /* Active */
1945 *skb_put(skb, 1) = 0x02; /* 424 kbps */
1946
1947 next = skb_put(skb, 1); /* Next */
1948 *next = 0;
1949
1950 /* Copy passive data */
1951 memcpy(skb_put(skb, PASSIVE_DATA_LEN), passive_data, PASSIVE_DATA_LEN);
1952 *next |= 1;
1953
1954 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */
1955 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), nfcid3,
1956 NFC_NFCID3_MAXSIZE);
1957 *next |= 2;
1958
1959 memcpy(skb_put(skb, dev->gb_len), dev->gb, dev->gb_len);
1960 *next |= 4; /* We have some Gi */
1961
1962 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb,
1963 pn533_poll_dep_complete, NULL);
1964
1965 if (rc < 0)
1966 dev_kfree_skb(skb);
1967
1968 return rc;
1969 }
1970
1971 static int pn533_poll_complete(struct pn533 *dev, void *arg,
1972 struct sk_buff *resp)
1973 {
1974 struct pn533_poll_modulations *cur_mod;
1975 int rc;
1976
1977 dev_dbg(&dev->interface->dev, "%s\n", __func__);
1978
1979 if (IS_ERR(resp)) {
1980 rc = PTR_ERR(resp);
1981
1982 nfc_err(&dev->interface->dev, "%s Poll complete error %d\n",
1983 __func__, rc);
1984
1985 if (rc == -ENOENT) {
1986 if (dev->poll_mod_count != 0)
1987 return rc;
1988 else
1989 goto stop_poll;
1990 } else if (rc < 0) {
1991 nfc_err(&dev->interface->dev,
1992 "Error %d when running poll\n", rc);
1993 goto stop_poll;
1994 }
1995 }
1996
1997 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1998
1999 if (cur_mod->len == 0) { /* Target mode */
2000 del_timer(&dev->listen_timer);
2001 rc = pn533_init_target_complete(dev, resp);
2002 goto done;
2003 }
2004
2005 /* Initiator mode */
2006 rc = pn533_start_poll_complete(dev, resp);
2007 if (!rc)
2008 goto done;
2009
2010 if (!dev->poll_mod_count) {
2011 dev_dbg(&dev->interface->dev, "Polling has been stopped\n");
2012 goto done;
2013 }
2014
2015 pn533_poll_next_mod(dev);
2016 /* Not target found, turn radio off */
2017 queue_work(dev->wq, &dev->rf_work);
2018
2019 done:
2020 dev_kfree_skb(resp);
2021 return rc;
2022
2023 stop_poll:
2024 nfc_err(&dev->interface->dev, "Polling operation has been stopped\n");
2025
2026 pn533_poll_reset_mod_list(dev);
2027 dev->poll_protocols = 0;
2028 return rc;
2029 }
2030
2031 static struct sk_buff *pn533_alloc_poll_in_frame(struct pn533 *dev,
2032 struct pn533_poll_modulations *mod)
2033 {
2034 struct sk_buff *skb;
2035
2036 skb = pn533_alloc_skb(dev, mod->len);
2037 if (!skb)
2038 return NULL;
2039
2040 memcpy(skb_put(skb, mod->len), &mod->data, mod->len);
2041
2042 return skb;
2043 }
2044
2045 static int pn533_send_poll_frame(struct pn533 *dev)
2046 {
2047 struct pn533_poll_modulations *mod;
2048 struct sk_buff *skb;
2049 int rc;
2050 u8 cmd_code;
2051
2052 mod = dev->poll_mod_active[dev->poll_mod_curr];
2053
2054 dev_dbg(&dev->interface->dev, "%s mod len %d\n",
2055 __func__, mod->len);
2056
2057 if (dev->poll_dep) {
2058 dev->poll_dep = 0;
2059 return pn533_poll_dep(dev->nfc_dev);
2060 }
2061
2062 if (mod->len == 0) { /* Listen mode */
2063 cmd_code = PN533_CMD_TG_INIT_AS_TARGET;
2064 skb = pn533_alloc_poll_tg_frame(dev);
2065 } else { /* Polling mode */
2066 cmd_code = PN533_CMD_IN_LIST_PASSIVE_TARGET;
2067 skb = pn533_alloc_poll_in_frame(dev, mod);
2068 }
2069
2070 if (!skb) {
2071 nfc_err(&dev->interface->dev, "Failed to allocate skb\n");
2072 return -ENOMEM;
2073 }
2074
2075 rc = pn533_send_cmd_async(dev, cmd_code, skb, pn533_poll_complete,
2076 NULL);
2077 if (rc < 0) {
2078 dev_kfree_skb(skb);
2079 nfc_err(&dev->interface->dev, "Polling loop error %d\n", rc);
2080 }
2081
2082 return rc;
2083 }
2084
2085 static void pn533_wq_poll(struct work_struct *work)
2086 {
2087 struct pn533 *dev = container_of(work, struct pn533, poll_work.work);
2088 struct pn533_poll_modulations *cur_mod;
2089 int rc;
2090
2091 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
2092
2093 dev_dbg(&dev->interface->dev,
2094 "%s cancel_listen %d modulation len %d\n",
2095 __func__, dev->cancel_listen, cur_mod->len);
2096
2097 if (dev->cancel_listen == 1) {
2098 dev->cancel_listen = 0;
2099 pn533_abort_cmd(dev, GFP_ATOMIC);
2100 }
2101
2102 rc = pn533_send_poll_frame(dev);
2103 if (rc)
2104 return;
2105
2106 if (cur_mod->len == 0 && dev->poll_mod_count > 1)
2107 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
2108
2109 return;
2110 }
2111
2112 static int pn533_start_poll(struct nfc_dev *nfc_dev,
2113 u32 im_protocols, u32 tm_protocols)
2114 {
2115 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2116 struct pn533_poll_modulations *cur_mod;
2117 u8 rand_mod;
2118 int rc;
2119
2120 dev_dbg(&dev->interface->dev,
2121 "%s: im protocols 0x%x tm protocols 0x%x\n",
2122 __func__, im_protocols, tm_protocols);
2123
2124 if (dev->tgt_active_prot) {
2125 nfc_err(&dev->interface->dev,
2126 "Cannot poll with a target already activated\n");
2127 return -EBUSY;
2128 }
2129
2130 if (dev->tgt_mode) {
2131 nfc_err(&dev->interface->dev,
2132 "Cannot poll while already being activated\n");
2133 return -EBUSY;
2134 }
2135
2136 if (tm_protocols) {
2137 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
2138 if (dev->gb == NULL)
2139 tm_protocols = 0;
2140 }
2141
2142 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols);
2143 dev->poll_protocols = im_protocols;
2144 dev->listen_protocols = tm_protocols;
2145
2146 /* Do not always start polling from the same modulation */
2147 get_random_bytes(&rand_mod, sizeof(rand_mod));
2148 rand_mod %= dev->poll_mod_count;
2149 dev->poll_mod_curr = rand_mod;
2150
2151 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
2152
2153 rc = pn533_send_poll_frame(dev);
2154
2155 /* Start listen timer */
2156 if (!rc && cur_mod->len == 0 && dev->poll_mod_count > 1)
2157 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
2158
2159 return rc;
2160 }
2161
2162 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
2163 {
2164 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2165
2166 del_timer(&dev->listen_timer);
2167
2168 if (!dev->poll_mod_count) {
2169 dev_dbg(&dev->interface->dev,
2170 "Polling operation was not running\n");
2171 return;
2172 }
2173
2174 pn533_abort_cmd(dev, GFP_KERNEL);
2175 flush_delayed_work(&dev->poll_work);
2176 pn533_poll_reset_mod_list(dev);
2177 }
2178
2179 static int pn533_activate_target_nfcdep(struct pn533 *dev)
2180 {
2181 struct pn533_cmd_activate_response *rsp;
2182 u16 gt_len;
2183 int rc;
2184 struct sk_buff *skb;
2185 struct sk_buff *resp;
2186
2187 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2188
2189 skb = pn533_alloc_skb(dev, sizeof(u8) * 2); /*TG + Next*/
2190 if (!skb)
2191 return -ENOMEM;
2192
2193 *skb_put(skb, sizeof(u8)) = 1; /* TG */
2194 *skb_put(skb, sizeof(u8)) = 0; /* Next */
2195
2196 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb);
2197 if (IS_ERR(resp))
2198 return PTR_ERR(resp);
2199
2200 rsp = (struct pn533_cmd_activate_response *)resp->data;
2201 rc = rsp->status & PN533_CMD_RET_MASK;
2202 if (rc != PN533_CMD_RET_SUCCESS) {
2203 nfc_err(&dev->interface->dev,
2204 "Target activation failed (error 0x%x)\n", rc);
2205 dev_kfree_skb(resp);
2206 return -EIO;
2207 }
2208
2209 /* ATR_RES general bytes are located at offset 16 */
2210 gt_len = resp->len - 16;
2211 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len);
2212
2213 dev_kfree_skb(resp);
2214 return rc;
2215 }
2216
2217 static int pn533_activate_target(struct nfc_dev *nfc_dev,
2218 struct nfc_target *target, u32 protocol)
2219 {
2220 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2221 int rc;
2222
2223 dev_dbg(&dev->interface->dev, "%s: protocol=%u\n", __func__, protocol);
2224
2225 if (dev->poll_mod_count) {
2226 nfc_err(&dev->interface->dev,
2227 "Cannot activate while polling\n");
2228 return -EBUSY;
2229 }
2230
2231 if (dev->tgt_active_prot) {
2232 nfc_err(&dev->interface->dev,
2233 "There is already an active target\n");
2234 return -EBUSY;
2235 }
2236
2237 if (!dev->tgt_available_prots) {
2238 nfc_err(&dev->interface->dev,
2239 "There is no available target to activate\n");
2240 return -EINVAL;
2241 }
2242
2243 if (!(dev->tgt_available_prots & (1 << protocol))) {
2244 nfc_err(&dev->interface->dev,
2245 "Target doesn't support requested proto %u\n",
2246 protocol);
2247 return -EINVAL;
2248 }
2249
2250 if (protocol == NFC_PROTO_NFC_DEP) {
2251 rc = pn533_activate_target_nfcdep(dev);
2252 if (rc) {
2253 nfc_err(&dev->interface->dev,
2254 "Activating target with DEP failed %d\n", rc);
2255 return rc;
2256 }
2257 }
2258
2259 dev->tgt_active_prot = protocol;
2260 dev->tgt_available_prots = 0;
2261
2262 return 0;
2263 }
2264
2265 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
2266 struct nfc_target *target)
2267 {
2268 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2269 struct sk_buff *skb;
2270 struct sk_buff *resp;
2271 int rc;
2272
2273 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2274
2275 if (!dev->tgt_active_prot) {
2276 nfc_err(&dev->interface->dev, "There is no active target\n");
2277 return;
2278 }
2279
2280 dev->tgt_active_prot = 0;
2281 skb_queue_purge(&dev->resp_q);
2282
2283 skb = pn533_alloc_skb(dev, sizeof(u8));
2284 if (!skb)
2285 return;
2286
2287 *skb_put(skb, 1) = 1; /* TG*/
2288
2289 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_RELEASE, skb);
2290 if (IS_ERR(resp))
2291 return;
2292
2293 rc = resp->data[0] & PN533_CMD_RET_MASK;
2294 if (rc != PN533_CMD_RET_SUCCESS)
2295 nfc_err(&dev->interface->dev,
2296 "Error 0x%x when releasing the target\n", rc);
2297
2298 dev_kfree_skb(resp);
2299 return;
2300 }
2301
2302
2303 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
2304 struct sk_buff *resp)
2305 {
2306 struct pn533_cmd_jump_dep_response *rsp;
2307 u8 target_gt_len;
2308 int rc;
2309 u8 active = *(u8 *)arg;
2310
2311 kfree(arg);
2312
2313 if (IS_ERR(resp))
2314 return PTR_ERR(resp);
2315
2316 if (dev->tgt_available_prots &&
2317 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
2318 nfc_err(&dev->interface->dev,
2319 "The target does not support DEP\n");
2320 rc = -EINVAL;
2321 goto error;
2322 }
2323
2324 rsp = (struct pn533_cmd_jump_dep_response *)resp->data;
2325
2326 rc = rsp->status & PN533_CMD_RET_MASK;
2327 if (rc != PN533_CMD_RET_SUCCESS) {
2328 nfc_err(&dev->interface->dev,
2329 "Bringing DEP link up failed (error 0x%x)\n", rc);
2330 goto error;
2331 }
2332
2333 if (!dev->tgt_available_prots) {
2334 struct nfc_target nfc_target;
2335
2336 dev_dbg(&dev->interface->dev, "Creating new target\n");
2337
2338 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
2339 nfc_target.nfcid1_len = 10;
2340 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len);
2341 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
2342 if (rc)
2343 goto error;
2344
2345 dev->tgt_available_prots = 0;
2346 }
2347
2348 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
2349
2350 /* ATR_RES general bytes are located at offset 17 */
2351 target_gt_len = resp->len - 17;
2352 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
2353 rsp->gt, target_gt_len);
2354 if (rc == 0)
2355 rc = nfc_dep_link_is_up(dev->nfc_dev,
2356 dev->nfc_dev->targets[0].idx,
2357 !active, NFC_RF_INITIATOR);
2358
2359 error:
2360 dev_kfree_skb(resp);
2361 return rc;
2362 }
2363
2364 static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf);
2365 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
2366 u8 comm_mode, u8 *gb, size_t gb_len)
2367 {
2368 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2369 struct sk_buff *skb;
2370 int rc, skb_len;
2371 u8 *next, *arg, nfcid3[NFC_NFCID3_MAXSIZE];
2372 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
2373
2374 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2375
2376 if (dev->poll_mod_count) {
2377 nfc_err(&dev->interface->dev,
2378 "Cannot bring the DEP link up while polling\n");
2379 return -EBUSY;
2380 }
2381
2382 if (dev->tgt_active_prot) {
2383 nfc_err(&dev->interface->dev,
2384 "There is already an active target\n");
2385 return -EBUSY;
2386 }
2387
2388 skb_len = 3 + gb_len; /* ActPass + BR + Next */
2389 skb_len += PASSIVE_DATA_LEN;
2390
2391 /* NFCID3 */
2392 skb_len += NFC_NFCID3_MAXSIZE;
2393 if (target && !target->nfcid2_len) {
2394 nfcid3[0] = 0x1;
2395 nfcid3[1] = 0xfe;
2396 get_random_bytes(nfcid3 + 2, 6);
2397 }
2398
2399 skb = pn533_alloc_skb(dev, skb_len);
2400 if (!skb)
2401 return -ENOMEM;
2402
2403 *skb_put(skb, 1) = !comm_mode; /* ActPass */
2404 *skb_put(skb, 1) = 0x02; /* 424 kbps */
2405
2406 next = skb_put(skb, 1); /* Next */
2407 *next = 0;
2408
2409 /* Copy passive data */
2410 memcpy(skb_put(skb, PASSIVE_DATA_LEN), passive_data, PASSIVE_DATA_LEN);
2411 *next |= 1;
2412
2413 /* Copy NFCID3 (which is NFCID2 from SENSF_RES) */
2414 if (target && target->nfcid2_len)
2415 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), target->nfcid2,
2416 target->nfcid2_len);
2417 else
2418 memcpy(skb_put(skb, NFC_NFCID3_MAXSIZE), nfcid3,
2419 NFC_NFCID3_MAXSIZE);
2420 *next |= 2;
2421
2422 if (gb != NULL && gb_len > 0) {
2423 memcpy(skb_put(skb, gb_len), gb, gb_len);
2424 *next |= 4; /* We have some Gi */
2425 } else {
2426 *next = 0;
2427 }
2428
2429 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
2430 if (!arg) {
2431 dev_kfree_skb(skb);
2432 return -ENOMEM;
2433 }
2434
2435 *arg = !comm_mode;
2436
2437 pn533_rf_field(dev->nfc_dev, 0);
2438
2439 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb,
2440 pn533_in_dep_link_up_complete, arg);
2441
2442 if (rc < 0) {
2443 dev_kfree_skb(skb);
2444 kfree(arg);
2445 }
2446
2447 return rc;
2448 }
2449
2450 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
2451 {
2452 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2453
2454 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2455
2456 pn533_poll_reset_mod_list(dev);
2457
2458 if (dev->tgt_mode || dev->tgt_active_prot)
2459 pn533_abort_cmd(dev, GFP_KERNEL);
2460
2461 dev->tgt_active_prot = 0;
2462 dev->tgt_mode = 0;
2463
2464 skb_queue_purge(&dev->resp_q);
2465
2466 return 0;
2467 }
2468
2469 struct pn533_data_exchange_arg {
2470 data_exchange_cb_t cb;
2471 void *cb_context;
2472 };
2473
2474 static struct sk_buff *pn533_build_response(struct pn533 *dev)
2475 {
2476 struct sk_buff *skb, *tmp, *t;
2477 unsigned int skb_len = 0, tmp_len = 0;
2478
2479 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2480
2481 if (skb_queue_empty(&dev->resp_q))
2482 return NULL;
2483
2484 if (skb_queue_len(&dev->resp_q) == 1) {
2485 skb = skb_dequeue(&dev->resp_q);
2486 goto out;
2487 }
2488
2489 skb_queue_walk_safe(&dev->resp_q, tmp, t)
2490 skb_len += tmp->len;
2491
2492 dev_dbg(&dev->interface->dev, "%s total length %d\n",
2493 __func__, skb_len);
2494
2495 skb = alloc_skb(skb_len, GFP_KERNEL);
2496 if (skb == NULL)
2497 goto out;
2498
2499 skb_put(skb, skb_len);
2500
2501 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
2502 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
2503 tmp_len += tmp->len;
2504 }
2505
2506 out:
2507 skb_queue_purge(&dev->resp_q);
2508
2509 return skb;
2510 }
2511
2512 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
2513 struct sk_buff *resp)
2514 {
2515 struct pn533_data_exchange_arg *arg = _arg;
2516 struct sk_buff *skb;
2517 int rc = 0;
2518 u8 status, ret, mi;
2519
2520 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2521
2522 if (IS_ERR(resp)) {
2523 rc = PTR_ERR(resp);
2524 goto _error;
2525 }
2526
2527 status = resp->data[0];
2528 ret = status & PN533_CMD_RET_MASK;
2529 mi = status & PN533_CMD_MI_MASK;
2530
2531 skb_pull(resp, sizeof(status));
2532
2533 if (ret != PN533_CMD_RET_SUCCESS) {
2534 nfc_err(&dev->interface->dev,
2535 "Exchanging data failed (error 0x%x)\n", ret);
2536 rc = -EIO;
2537 goto error;
2538 }
2539
2540 skb_queue_tail(&dev->resp_q, resp);
2541
2542 if (mi) {
2543 dev->cmd_complete_mi_arg = arg;
2544 queue_work(dev->wq, &dev->mi_rx_work);
2545 return -EINPROGRESS;
2546 }
2547
2548 /* Prepare for the next round */
2549 if (skb_queue_len(&dev->fragment_skb) > 0) {
2550 dev->cmd_complete_dep_arg = arg;
2551 queue_work(dev->wq, &dev->mi_tx_work);
2552
2553 return -EINPROGRESS;
2554 }
2555
2556 skb = pn533_build_response(dev);
2557 if (!skb)
2558 goto error;
2559
2560 arg->cb(arg->cb_context, skb, 0);
2561 kfree(arg);
2562 return 0;
2563
2564 error:
2565 dev_kfree_skb(resp);
2566 _error:
2567 skb_queue_purge(&dev->resp_q);
2568 arg->cb(arg->cb_context, NULL, rc);
2569 kfree(arg);
2570 return rc;
2571 }
2572
2573 /* Split the Tx skb into small chunks */
2574 static int pn533_fill_fragment_skbs(struct pn533 *dev, struct sk_buff *skb)
2575 {
2576 struct sk_buff *frag;
2577 int frag_size;
2578
2579 do {
2580 /* Remaining size */
2581 if (skb->len > PN533_CMD_DATAFRAME_MAXLEN)
2582 frag_size = PN533_CMD_DATAFRAME_MAXLEN;
2583 else
2584 frag_size = skb->len;
2585
2586 /* Allocate and reserve */
2587 frag = pn533_alloc_skb(dev, frag_size);
2588 if (!frag) {
2589 skb_queue_purge(&dev->fragment_skb);
2590 break;
2591 }
2592
2593 if (!dev->tgt_mode) {
2594 /* Reserve the TG/MI byte */
2595 skb_reserve(frag, 1);
2596
2597 /* MI + TG */
2598 if (frag_size == PN533_CMD_DATAFRAME_MAXLEN)
2599 *skb_push(frag, sizeof(u8)) =
2600 (PN533_CMD_MI_MASK | 1);
2601 else
2602 *skb_push(frag, sizeof(u8)) = 1; /* TG */
2603 }
2604
2605 memcpy(skb_put(frag, frag_size), skb->data, frag_size);
2606
2607 /* Reduce the size of incoming buffer */
2608 skb_pull(skb, frag_size);
2609
2610 /* Add this to skb_queue */
2611 skb_queue_tail(&dev->fragment_skb, frag);
2612
2613 } while (skb->len > 0);
2614
2615 dev_kfree_skb(skb);
2616
2617 return skb_queue_len(&dev->fragment_skb);
2618 }
2619
2620 static int pn533_transceive(struct nfc_dev *nfc_dev,
2621 struct nfc_target *target, struct sk_buff *skb,
2622 data_exchange_cb_t cb, void *cb_context)
2623 {
2624 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2625 struct pn533_data_exchange_arg *arg = NULL;
2626 int rc;
2627
2628 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2629
2630 if (!dev->tgt_active_prot) {
2631 nfc_err(&dev->interface->dev,
2632 "Can't exchange data if there is no active target\n");
2633 rc = -EINVAL;
2634 goto error;
2635 }
2636
2637 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
2638 if (!arg) {
2639 rc = -ENOMEM;
2640 goto error;
2641 }
2642
2643 arg->cb = cb;
2644 arg->cb_context = cb_context;
2645
2646 switch (dev->device_type) {
2647 case PN533_DEVICE_PASORI:
2648 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2649 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU,
2650 skb,
2651 pn533_data_exchange_complete,
2652 arg);
2653
2654 break;
2655 }
2656 default:
2657 /* jumbo frame ? */
2658 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2659 rc = pn533_fill_fragment_skbs(dev, skb);
2660 if (rc <= 0)
2661 goto error;
2662
2663 skb = skb_dequeue(&dev->fragment_skb);
2664 if (!skb) {
2665 rc = -EIO;
2666 goto error;
2667 }
2668 } else {
2669 *skb_push(skb, sizeof(u8)) = 1; /* TG */
2670 }
2671
2672 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE,
2673 skb, pn533_data_exchange_complete,
2674 arg);
2675
2676 break;
2677 }
2678
2679 if (rc < 0) /* rc from send_async */
2680 goto error;
2681
2682 return 0;
2683
2684 error:
2685 kfree(arg);
2686 dev_kfree_skb(skb);
2687 return rc;
2688 }
2689
2690 static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2691 struct sk_buff *resp)
2692 {
2693 u8 status;
2694
2695 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2696
2697 if (IS_ERR(resp))
2698 return PTR_ERR(resp);
2699
2700 status = resp->data[0];
2701
2702 /* Prepare for the next round */
2703 if (skb_queue_len(&dev->fragment_skb) > 0) {
2704 queue_work(dev->wq, &dev->mi_tm_tx_work);
2705 return -EINPROGRESS;
2706 }
2707 dev_kfree_skb(resp);
2708
2709 if (status != 0) {
2710 nfc_tm_deactivated(dev->nfc_dev);
2711
2712 dev->tgt_mode = 0;
2713
2714 return 0;
2715 }
2716
2717 queue_work(dev->wq, &dev->tg_work);
2718
2719 return 0;
2720 }
2721
2722 static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
2723 {
2724 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2725 int rc;
2726
2727 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2728
2729 /* let's split in multiple chunks if size's too big */
2730 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2731 rc = pn533_fill_fragment_skbs(dev, skb);
2732 if (rc <= 0)
2733 goto error;
2734
2735 /* get the first skb */
2736 skb = skb_dequeue(&dev->fragment_skb);
2737 if (!skb) {
2738 rc = -EIO;
2739 goto error;
2740 }
2741
2742 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_META_DATA, skb,
2743 pn533_tm_send_complete, NULL);
2744 } else {
2745 /* Send th skb */
2746 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb,
2747 pn533_tm_send_complete, NULL);
2748 }
2749
2750 error:
2751 if (rc < 0) {
2752 dev_kfree_skb(skb);
2753 skb_queue_purge(&dev->fragment_skb);
2754 }
2755
2756 return rc;
2757 }
2758
2759 static void pn533_wq_mi_recv(struct work_struct *work)
2760 {
2761 struct pn533 *dev = container_of(work, struct pn533, mi_rx_work);
2762 struct sk_buff *skb;
2763 int rc;
2764
2765 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2766
2767 skb = pn533_alloc_skb(dev, PN533_CMD_DATAEXCH_HEAD_LEN);
2768 if (!skb)
2769 goto error;
2770
2771 switch (dev->device_type) {
2772 case PN533_DEVICE_PASORI:
2773 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2774 rc = pn533_send_cmd_direct_async(dev,
2775 PN533_CMD_IN_COMM_THRU,
2776 skb,
2777 pn533_data_exchange_complete,
2778 dev->cmd_complete_mi_arg);
2779
2780 break;
2781 }
2782 default:
2783 *skb_put(skb, sizeof(u8)) = 1; /*TG*/
2784
2785 rc = pn533_send_cmd_direct_async(dev,
2786 PN533_CMD_IN_DATA_EXCHANGE,
2787 skb,
2788 pn533_data_exchange_complete,
2789 dev->cmd_complete_mi_arg);
2790
2791 break;
2792 }
2793
2794 if (rc == 0) /* success */
2795 return;
2796
2797 nfc_err(&dev->interface->dev,
2798 "Error %d when trying to perform data_exchange\n", rc);
2799
2800 dev_kfree_skb(skb);
2801 kfree(dev->cmd_complete_mi_arg);
2802
2803 error:
2804 pn533_send_ack(dev, GFP_KERNEL);
2805 queue_work(dev->wq, &dev->cmd_work);
2806 }
2807
2808 static void pn533_wq_mi_send(struct work_struct *work)
2809 {
2810 struct pn533 *dev = container_of(work, struct pn533, mi_tx_work);
2811 struct sk_buff *skb;
2812 int rc;
2813
2814 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2815
2816 /* Grab the first skb in the queue */
2817 skb = skb_dequeue(&dev->fragment_skb);
2818
2819 if (skb == NULL) { /* No more data */
2820 /* Reset the queue for future use */
2821 skb_queue_head_init(&dev->fragment_skb);
2822 goto error;
2823 }
2824
2825 switch (dev->device_type) {
2826 case PN533_DEVICE_PASORI:
2827 if (dev->tgt_active_prot != NFC_PROTO_FELICA) {
2828 rc = -EIO;
2829 break;
2830 }
2831
2832 rc = pn533_send_cmd_direct_async(dev, PN533_CMD_IN_COMM_THRU,
2833 skb,
2834 pn533_data_exchange_complete,
2835 dev->cmd_complete_dep_arg);
2836
2837 break;
2838
2839 default:
2840 /* Still some fragments? */
2841 rc = pn533_send_cmd_direct_async(dev,PN533_CMD_IN_DATA_EXCHANGE,
2842 skb,
2843 pn533_data_exchange_complete,
2844 dev->cmd_complete_dep_arg);
2845
2846 break;
2847 }
2848
2849 if (rc == 0) /* success */
2850 return;
2851
2852 nfc_err(&dev->interface->dev,
2853 "Error %d when trying to perform data_exchange\n", rc);
2854
2855 dev_kfree_skb(skb);
2856 kfree(dev->cmd_complete_dep_arg);
2857
2858 error:
2859 pn533_send_ack(dev, GFP_KERNEL);
2860 queue_work(dev->wq, &dev->cmd_work);
2861 }
2862
2863 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
2864 u8 cfgdata_len)
2865 {
2866 struct sk_buff *skb;
2867 struct sk_buff *resp;
2868 int skb_len;
2869
2870 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2871
2872 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */
2873
2874 skb = pn533_alloc_skb(dev, skb_len);
2875 if (!skb)
2876 return -ENOMEM;
2877
2878 *skb_put(skb, sizeof(cfgitem)) = cfgitem;
2879 memcpy(skb_put(skb, cfgdata_len), cfgdata, cfgdata_len);
2880
2881 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb);
2882 if (IS_ERR(resp))
2883 return PTR_ERR(resp);
2884
2885 dev_kfree_skb(resp);
2886 return 0;
2887 }
2888
2889 static int pn533_get_firmware_version(struct pn533 *dev,
2890 struct pn533_fw_version *fv)
2891 {
2892 struct sk_buff *skb;
2893 struct sk_buff *resp;
2894
2895 skb = pn533_alloc_skb(dev, 0);
2896 if (!skb)
2897 return -ENOMEM;
2898
2899 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb);
2900 if (IS_ERR(resp))
2901 return PTR_ERR(resp);
2902
2903 fv->ic = resp->data[0];
2904 fv->ver = resp->data[1];
2905 fv->rev = resp->data[2];
2906 fv->support = resp->data[3];
2907
2908 dev_kfree_skb(resp);
2909 return 0;
2910 }
2911
2912 static int pn533_pasori_fw_reset(struct pn533 *dev)
2913 {
2914 struct sk_buff *skb;
2915 struct sk_buff *resp;
2916
2917 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2918
2919 skb = pn533_alloc_skb(dev, sizeof(u8));
2920 if (!skb)
2921 return -ENOMEM;
2922
2923 *skb_put(skb, sizeof(u8)) = 0x1;
2924
2925 resp = pn533_send_cmd_sync(dev, 0x18, skb);
2926 if (IS_ERR(resp))
2927 return PTR_ERR(resp);
2928
2929 dev_kfree_skb(resp);
2930
2931 return 0;
2932 }
2933
2934 struct pn533_acr122_poweron_rdr_arg {
2935 int rc;
2936 struct completion done;
2937 };
2938
2939 static void pn533_acr122_poweron_rdr_resp(struct urb *urb)
2940 {
2941 struct pn533_acr122_poweron_rdr_arg *arg = urb->context;
2942
2943 dev_dbg(&urb->dev->dev, "%s\n", __func__);
2944
2945 print_hex_dump_debug("ACR122 RX: ", DUMP_PREFIX_NONE, 16, 1,
2946 urb->transfer_buffer, urb->transfer_buffer_length,
2947 false);
2948
2949 arg->rc = urb->status;
2950 complete(&arg->done);
2951 }
2952
2953 static int pn533_acr122_poweron_rdr(struct pn533 *dev)
2954 {
2955 /* Power on th reader (CCID cmd) */
2956 u8 cmd[10] = {PN533_ACR122_PC_TO_RDR_ICCPOWERON,
2957 0, 0, 0, 0, 0, 0, 3, 0, 0};
2958 u8 buf[255];
2959 int rc;
2960 void *cntx;
2961 struct pn533_acr122_poweron_rdr_arg arg;
2962
2963 dev_dbg(&dev->interface->dev, "%s\n", __func__);
2964
2965 init_completion(&arg.done);
2966 cntx = dev->in_urb->context; /* backup context */
2967
2968 dev->in_urb->transfer_buffer = buf;
2969 dev->in_urb->transfer_buffer_length = 255;
2970 dev->in_urb->complete = pn533_acr122_poweron_rdr_resp;
2971 dev->in_urb->context = &arg;
2972
2973 dev->out_urb->transfer_buffer = cmd;
2974 dev->out_urb->transfer_buffer_length = sizeof(cmd);
2975
2976 print_hex_dump_debug("ACR122 TX: ", DUMP_PREFIX_NONE, 16, 1,
2977 cmd, sizeof(cmd), false);
2978
2979 rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
2980 if (rc) {
2981 nfc_err(&dev->interface->dev,
2982 "Reader power on cmd error %d\n", rc);
2983 return rc;
2984 }
2985
2986 rc = usb_submit_urb(dev->in_urb, GFP_KERNEL);
2987 if (rc) {
2988 nfc_err(&dev->interface->dev,
2989 "Can't submit reader poweron cmd response %d\n", rc);
2990 return rc;
2991 }
2992
2993 wait_for_completion(&arg.done);
2994 dev->in_urb->context = cntx; /* restore context */
2995
2996 return arg.rc;
2997 }
2998
2999 static int pn533_rf_field(struct nfc_dev *nfc_dev, u8 rf)
3000 {
3001 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
3002 u8 rf_field = !!rf;
3003 int rc;
3004
3005 rf_field |= PN533_CFGITEM_RF_FIELD_AUTO_RFCA;
3006
3007 rc = pn533_set_configuration(dev, PN533_CFGITEM_RF_FIELD,
3008 (u8 *)&rf_field, 1);
3009 if (rc) {
3010 nfc_err(&dev->interface->dev, "Error on setting RF field\n");
3011 return rc;
3012 }
3013
3014 return rc;
3015 }
3016
3017 static int pn533_dev_up(struct nfc_dev *nfc_dev)
3018 {
3019 return pn533_rf_field(nfc_dev, 1);
3020 }
3021
3022 static int pn533_dev_down(struct nfc_dev *nfc_dev)
3023 {
3024 return pn533_rf_field(nfc_dev, 0);
3025 }
3026
3027 static struct nfc_ops pn533_nfc_ops = {
3028 .dev_up = pn533_dev_up,
3029 .dev_down = pn533_dev_down,
3030 .dep_link_up = pn533_dep_link_up,
3031 .dep_link_down = pn533_dep_link_down,
3032 .start_poll = pn533_start_poll,
3033 .stop_poll = pn533_stop_poll,
3034 .activate_target = pn533_activate_target,
3035 .deactivate_target = pn533_deactivate_target,
3036 .im_transceive = pn533_transceive,
3037 .tm_send = pn533_tm_send,
3038 };
3039
3040 static int pn533_setup(struct pn533 *dev)
3041 {
3042 struct pn533_config_max_retries max_retries;
3043 struct pn533_config_timing timing;
3044 u8 pasori_cfg[3] = {0x08, 0x01, 0x08};
3045 int rc;
3046
3047 switch (dev->device_type) {
3048 case PN533_DEVICE_STD:
3049 case PN533_DEVICE_PASORI:
3050 case PN533_DEVICE_ACR122U:
3051 max_retries.mx_rty_atr = 0x2;
3052 max_retries.mx_rty_psl = 0x1;
3053 max_retries.mx_rty_passive_act =
3054 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
3055
3056 timing.rfu = PN533_CONFIG_TIMING_102;
3057 timing.atr_res_timeout = PN533_CONFIG_TIMING_102;
3058 timing.dep_timeout = PN533_CONFIG_TIMING_204;
3059
3060 break;
3061
3062 default:
3063 nfc_err(&dev->interface->dev, "Unknown device type %d\n",
3064 dev->device_type);
3065 return -EINVAL;
3066 }
3067
3068 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
3069 (u8 *)&max_retries, sizeof(max_retries));
3070 if (rc) {
3071 nfc_err(&dev->interface->dev,
3072 "Error on setting MAX_RETRIES config\n");
3073 return rc;
3074 }
3075
3076
3077 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING,
3078 (u8 *)&timing, sizeof(timing));
3079 if (rc) {
3080 nfc_err(&dev->interface->dev, "Error on setting RF timings\n");
3081 return rc;
3082 }
3083
3084 switch (dev->device_type) {
3085 case PN533_DEVICE_STD:
3086 break;
3087
3088 case PN533_DEVICE_PASORI:
3089 pn533_pasori_fw_reset(dev);
3090
3091 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI,
3092 pasori_cfg, 3);
3093 if (rc) {
3094 nfc_err(&dev->interface->dev,
3095 "Error while settings PASORI config\n");
3096 return rc;
3097 }
3098
3099 pn533_pasori_fw_reset(dev);
3100
3101 break;
3102 }
3103
3104 return 0;
3105 }
3106
3107 static int pn533_probe(struct usb_interface *interface,
3108 const struct usb_device_id *id)
3109 {
3110 struct pn533_fw_version fw_ver;
3111 struct pn533 *dev;
3112 struct usb_host_interface *iface_desc;
3113 struct usb_endpoint_descriptor *endpoint;
3114 int in_endpoint = 0;
3115 int out_endpoint = 0;
3116 int rc = -ENOMEM;
3117 int i;
3118 u32 protocols;
3119
3120 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
3121 if (!dev)
3122 return -ENOMEM;
3123
3124 dev->udev = usb_get_dev(interface_to_usbdev(interface));
3125 dev->interface = interface;
3126 mutex_init(&dev->cmd_lock);
3127
3128 iface_desc = interface->cur_altsetting;
3129 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
3130 endpoint = &iface_desc->endpoint[i].desc;
3131
3132 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint))
3133 in_endpoint = endpoint->bEndpointAddress;
3134
3135 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint))
3136 out_endpoint = endpoint->bEndpointAddress;
3137 }
3138
3139 if (!in_endpoint || !out_endpoint) {
3140 nfc_err(&interface->dev,
3141 "Could not find bulk-in or bulk-out endpoint\n");
3142 rc = -ENODEV;
3143 goto error;
3144 }
3145
3146 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
3147 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
3148
3149 if (!dev->in_urb || !dev->out_urb)
3150 goto error;
3151
3152 usb_fill_bulk_urb(dev->in_urb, dev->udev,
3153 usb_rcvbulkpipe(dev->udev, in_endpoint),
3154 NULL, 0, NULL, dev);
3155 usb_fill_bulk_urb(dev->out_urb, dev->udev,
3156 usb_sndbulkpipe(dev->udev, out_endpoint),
3157 NULL, 0, pn533_send_complete, dev);
3158
3159 INIT_WORK(&dev->cmd_work, pn533_wq_cmd);
3160 INIT_WORK(&dev->cmd_complete_work, pn533_wq_cmd_complete);
3161 INIT_WORK(&dev->mi_rx_work, pn533_wq_mi_recv);
3162 INIT_WORK(&dev->mi_tx_work, pn533_wq_mi_send);
3163 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
3164 INIT_WORK(&dev->mi_tm_rx_work, pn533_wq_tm_mi_recv);
3165 INIT_WORK(&dev->mi_tm_tx_work, pn533_wq_tm_mi_send);
3166 INIT_DELAYED_WORK(&dev->poll_work, pn533_wq_poll);
3167 INIT_WORK(&dev->rf_work, pn533_wq_rf);
3168 dev->wq = alloc_ordered_workqueue("pn533", 0);
3169 if (dev->wq == NULL)
3170 goto error;
3171
3172 init_timer(&dev->listen_timer);
3173 dev->listen_timer.data = (unsigned long) dev;
3174 dev->listen_timer.function = pn533_listen_mode_timer;
3175
3176 skb_queue_head_init(&dev->resp_q);
3177 skb_queue_head_init(&dev->fragment_skb);
3178
3179 INIT_LIST_HEAD(&dev->cmd_queue);
3180
3181 usb_set_intfdata(interface, dev);
3182
3183 dev->ops = &pn533_std_frame_ops;
3184
3185 dev->protocol_type = PN533_PROTO_REQ_ACK_RESP;
3186 dev->device_type = id->driver_info;
3187 switch (dev->device_type) {
3188 case PN533_DEVICE_STD:
3189 protocols = PN533_ALL_PROTOCOLS;
3190 break;
3191
3192 case PN533_DEVICE_PASORI:
3193 protocols = PN533_NO_TYPE_B_PROTOCOLS;
3194 break;
3195
3196 case PN533_DEVICE_ACR122U:
3197 protocols = PN533_NO_TYPE_B_PROTOCOLS;
3198 dev->ops = &pn533_acr122_frame_ops;
3199 dev->protocol_type = PN533_PROTO_REQ_RESP,
3200
3201 rc = pn533_acr122_poweron_rdr(dev);
3202 if (rc < 0) {
3203 nfc_err(&dev->interface->dev,
3204 "Couldn't poweron the reader (error %d)\n", rc);
3205 goto destroy_wq;
3206 }
3207 break;
3208
3209 default:
3210 nfc_err(&dev->interface->dev, "Unknown device type %d\n",
3211 dev->device_type);
3212 rc = -EINVAL;
3213 goto destroy_wq;
3214 }
3215
3216 memset(&fw_ver, 0, sizeof(fw_ver));
3217 rc = pn533_get_firmware_version(dev, &fw_ver);
3218 if (rc < 0)
3219 goto destroy_wq;
3220
3221 nfc_info(&dev->interface->dev,
3222 "NXP PN5%02X firmware ver %d.%d now attached\n",
3223 fw_ver.ic, fw_ver.ver, fw_ver.rev);
3224
3225
3226 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
3227 dev->ops->tx_header_len +
3228 PN533_CMD_DATAEXCH_HEAD_LEN,
3229 dev->ops->tx_tail_len);
3230 if (!dev->nfc_dev) {
3231 rc = -ENOMEM;
3232 goto destroy_wq;
3233 }
3234
3235 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
3236 nfc_set_drvdata(dev->nfc_dev, dev);
3237
3238 rc = nfc_register_device(dev->nfc_dev);
3239 if (rc)
3240 goto free_nfc_dev;
3241
3242 rc = pn533_setup(dev);
3243 if (rc)
3244 goto unregister_nfc_dev;
3245
3246 return 0;
3247
3248 unregister_nfc_dev:
3249 nfc_unregister_device(dev->nfc_dev);
3250
3251 free_nfc_dev:
3252 nfc_free_device(dev->nfc_dev);
3253
3254 destroy_wq:
3255 destroy_workqueue(dev->wq);
3256 error:
3257 usb_free_urb(dev->in_urb);
3258 usb_free_urb(dev->out_urb);
3259 usb_put_dev(dev->udev);
3260 kfree(dev);
3261 return rc;
3262 }
3263
3264 static void pn533_disconnect(struct usb_interface *interface)
3265 {
3266 struct pn533 *dev;
3267 struct pn533_cmd *cmd, *n;
3268
3269 dev = usb_get_intfdata(interface);
3270 usb_set_intfdata(interface, NULL);
3271
3272 nfc_unregister_device(dev->nfc_dev);
3273 nfc_free_device(dev->nfc_dev);
3274
3275 usb_kill_urb(dev->in_urb);
3276 usb_kill_urb(dev->out_urb);
3277
3278 flush_delayed_work(&dev->poll_work);
3279 destroy_workqueue(dev->wq);
3280
3281 skb_queue_purge(&dev->resp_q);
3282
3283 del_timer(&dev->listen_timer);
3284
3285 list_for_each_entry_safe(cmd, n, &dev->cmd_queue, queue) {
3286 list_del(&cmd->queue);
3287 kfree(cmd);
3288 }
3289
3290 usb_free_urb(dev->in_urb);
3291 usb_free_urb(dev->out_urb);
3292 kfree(dev);
3293
3294 nfc_info(&interface->dev, "NXP PN533 NFC device disconnected\n");
3295 }
3296
3297 static struct usb_driver pn533_driver = {
3298 .name = "pn533",
3299 .probe = pn533_probe,
3300 .disconnect = pn533_disconnect,
3301 .id_table = pn533_table,
3302 };
3303
3304 module_usb_driver(pn533_driver);
3305
3306 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>");
3307 MODULE_AUTHOR("Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
3308 MODULE_AUTHOR("Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>");
3309 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
3310 MODULE_VERSION(VERSION);
3311 MODULE_LICENSE("GPL");
Linux with added FPC-III support