net/nfc/digital_technology.c

   1 /*
   2  * NFC Digital Protocol stack
   3  * Copyright (c) 2013, Intel Corporation.
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms and conditions of the GNU General Public License,
   7  * version 2, as published by the Free Software Foundation.
   8  *
   9  * This program is distributed in the hope it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  12  * more details.
  13  *
  14  */
  15
  16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
  17
  18 #include "digital.h"
  19
  20 #define DIGITAL_CMD_SENS_REQ    0x26
  21 #define DIGITAL_CMD_ALL_REQ     0x52
  22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
  23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
  24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
  25
  26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
  27
  28 #define DIGITAL_SDD_RES_CT  0x88
  29 #define DIGITAL_SDD_RES_LEN 5
  30
  31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
  32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
  33 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
  34
  35 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x000C) == 0x000C)
  36 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
  37         ((!((sens_res) & 0x1F00) && (((sens_res) & 0x000C) == 0x000C)) || \
  38         (((sens_res) & 0x1F00) && ((sens_res) & 0x000C) != 0x000C))
  39
  40 #define DIGITAL_MIFARE_READ_RES_LEN 16
  41 #define DIGITAL_MIFARE_ACK_RES  0x0A
  42
  43 #define DIGITAL_CMD_SENSF_REQ   0x00
  44 #define DIGITAL_CMD_SENSF_RES   0x01
  45
  46 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
  47 #define DIGITAL_SENSF_RES_RD_AP_B1   0x00
  48 #define DIGITAL_SENSF_RES_RD_AP_B2   0x8F
  49
  50 #define DIGITAL_SENSF_REQ_RC_NONE 0
  51 #define DIGITAL_SENSF_REQ_RC_SC   1
  52 #define DIGITAL_SENSF_REQ_RC_AP   2
  53
  54 struct digital_sdd_res {
  55         u8 nfcid1[4];
  56         u8 bcc;
  57 } __packed;
  58
  59 struct digital_sel_req {
  60         u8 sel_cmd;
  61         u8 b2;
  62         u8 nfcid1[4];
  63         u8 bcc;
  64 } __packed;
  65
  66 struct digital_sensf_req {
  67         u8 cmd;
  68         u8 sc1;
  69         u8 sc2;
  70         u8 rc;
  71         u8 tsn;
  72 } __packed;
  73
  74 struct digital_sensf_res {
  75         u8 cmd;
  76         u8 nfcid2[8];
  77         u8 pad0[2];
  78         u8 pad1[3];
  79         u8 mrti_check;
  80         u8 mrti_update;
  81         u8 pad2;
  82         u8 rd[2];
  83 } __packed;
  84
  85 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
  86                                    struct nfc_target *target);
  87
  88 static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg,
  89                                     struct sk_buff *resp)
  90 {
  91         struct nfc_target *target = arg;
  92         int rc;
  93         u8 sel_res;
  94         u8 nfc_proto;
  95
  96         if (IS_ERR(resp)) {
  97                 rc = PTR_ERR(resp);
  98                 resp = NULL;
  99                 goto exit;
 100         }
 101
 102         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 103                 rc = digital_skb_check_crc_a(resp);
 104                 if (rc) {
 105                         PROTOCOL_ERR("4.4.1.3");
 106                         goto exit;
 107                 }
 108         }
 109
 110         if (!resp->len) {
 111                 rc = -EIO;
 112                 goto exit;
 113         }
 114
 115         sel_res = resp->data[0];
 116
 117         if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) {
 118                 rc = digital_in_send_sdd_req(ddev, target);
 119                 if (rc)
 120                         goto exit;
 121
 122                 goto exit_free_skb;
 123         }
 124
 125         if (DIGITAL_SEL_RES_IS_T2T(sel_res)) {
 126                 nfc_proto = NFC_PROTO_MIFARE;
 127         } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) {
 128                 nfc_proto = NFC_PROTO_NFC_DEP;
 129         } else {
 130                 rc = -EOPNOTSUPP;
 131                 goto exit;
 132         }
 133
 134         target->sel_res = sel_res;
 135
 136         rc = digital_target_found(ddev, target, nfc_proto);
 137
 138 exit:
 139         kfree(target);
 140
 141 exit_free_skb:
 142         dev_kfree_skb(resp);
 143
 144         if (rc)
 145                 digital_poll_next_tech(ddev);
 146 }
 147
 148 static int digital_in_send_sel_req(struct nfc_digital_dev *ddev,
 149                                    struct nfc_target *target,
 150                                    struct digital_sdd_res *sdd_res)
 151 {
 152         struct sk_buff *skb;
 153         struct digital_sel_req *sel_req;
 154         u8 sel_cmd;
 155         int rc;
 156
 157         skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req));
 158         if (!skb)
 159                 return -ENOMEM;
 160
 161         skb_put(skb, sizeof(struct digital_sel_req));
 162         sel_req = (struct digital_sel_req *)skb->data;
 163
 164         if (target->nfcid1_len <= 4)
 165                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
 166         else if (target->nfcid1_len < 10)
 167                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
 168         else
 169                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
 170
 171         sel_req->sel_cmd = sel_cmd;
 172         sel_req->b2 = 0x70;
 173         memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4);
 174         sel_req->bcc = sdd_res->bcc;
 175
 176         if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 177                 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 178                                 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
 179                 if (rc)
 180                         goto exit;
 181         } else {
 182                 digital_skb_add_crc_a(skb);
 183         }
 184
 185         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res,
 186                                  target);
 187 exit:
 188         if (rc)
 189                 kfree_skb(skb);
 190
 191         return rc;
 192 }
 193
 194 static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg,
 195                                     struct sk_buff *resp)
 196 {
 197         struct nfc_target *target = arg;
 198         struct digital_sdd_res *sdd_res;
 199         int rc;
 200         u8 offset, size;
 201         u8 i, bcc;
 202
 203         if (IS_ERR(resp)) {
 204                 rc = PTR_ERR(resp);
 205                 resp = NULL;
 206                 goto exit;
 207         }
 208
 209         if (resp->len < DIGITAL_SDD_RES_LEN) {
 210                 PROTOCOL_ERR("4.7.2.8");
 211                 rc = -EINVAL;
 212                 goto exit;
 213         }
 214
 215         sdd_res = (struct digital_sdd_res *)resp->data;
 216
 217         for (i = 0, bcc = 0; i < 4; i++)
 218                 bcc ^= sdd_res->nfcid1[i];
 219
 220         if (bcc != sdd_res->bcc) {
 221                 PROTOCOL_ERR("4.7.2.6");
 222                 rc = -EINVAL;
 223                 goto exit;
 224         }
 225
 226         if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) {
 227                 offset = 1;
 228                 size = 3;
 229         } else {
 230                 offset = 0;
 231                 size = 4;
 232         }
 233
 234         memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset,
 235                size);
 236         target->nfcid1_len += size;
 237
 238         rc = digital_in_send_sel_req(ddev, target, sdd_res);
 239
 240 exit:
 241         dev_kfree_skb(resp);
 242
 243         if (rc) {
 244                 kfree(target);
 245                 digital_poll_next_tech(ddev);
 246         }
 247 }
 248
 249 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
 250                                    struct nfc_target *target)
 251 {
 252         int rc;
 253         struct sk_buff *skb;
 254         u8 sel_cmd;
 255
 256         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 257                                      NFC_DIGITAL_FRAMING_NFCA_STANDARD);
 258         if (rc)
 259                 return rc;
 260
 261         skb = digital_skb_alloc(ddev, 2);
 262         if (!skb)
 263                 return -ENOMEM;
 264
 265         if (target->nfcid1_len == 0)
 266                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
 267         else if (target->nfcid1_len == 3)
 268                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
 269         else
 270                 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
 271
 272         *skb_put(skb, sizeof(u8)) = sel_cmd;
 273         *skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR;
 274
 275         return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res,
 276                                    target);
 277 }
 278
 279 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg,
 280                                      struct sk_buff *resp)
 281 {
 282         struct nfc_target *target = NULL;
 283         u16 sens_res;
 284         int rc;
 285
 286         if (IS_ERR(resp)) {
 287                 rc = PTR_ERR(resp);
 288                 resp = NULL;
 289                 goto exit;
 290         }
 291
 292         if (resp->len < sizeof(u16)) {
 293                 rc = -EIO;
 294                 goto exit;
 295         }
 296
 297         target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
 298         if (!target) {
 299                 rc = -ENOMEM;
 300                 goto exit;
 301         }
 302
 303         memcpy(&target->sens_res, resp->data, sizeof(u16));
 304
 305         sens_res = be16_to_cpu(target->sens_res);
 306
 307         if (!DIGITAL_SENS_RES_IS_VALID(sens_res)) {
 308                 PROTOCOL_ERR("4.6.3.3");
 309                 rc = -EINVAL;
 310                 goto exit;
 311         }
 312
 313         if (DIGITAL_SENS_RES_IS_T1T(sens_res))
 314                 rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL);
 315         else
 316                 rc = digital_in_send_sdd_req(ddev, target);
 317
 318 exit:
 319         dev_kfree_skb(resp);
 320
 321         if (rc) {
 322                 kfree(target);
 323                 digital_poll_next_tech(ddev);
 324         }
 325 }
 326
 327 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 328 {
 329         struct sk_buff *skb;
 330         int rc;
 331
 332         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
 333                                      NFC_DIGITAL_RF_TECH_106A);
 334         if (rc)
 335                 return rc;
 336
 337         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 338                                      NFC_DIGITAL_FRAMING_NFCA_SHORT);
 339         if (rc)
 340                 return rc;
 341
 342         skb = digital_skb_alloc(ddev, 1);
 343         if (!skb)
 344                 return -ENOMEM;
 345
 346         *skb_put(skb, sizeof(u8)) = DIGITAL_CMD_SENS_REQ;
 347
 348         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL);
 349         if (rc)
 350                 kfree_skb(skb);
 351
 352         return rc;
 353 }
 354
 355 int digital_in_recv_mifare_res(struct sk_buff *resp)
 356 {
 357         /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
 358          * Since the driver can't differentiate a ACK/NACK response from a valid
 359          * READ response, the CRC calculation must be handled at digital level
 360          * even if the driver supports it for this technology.
 361          */
 362         if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) {
 363                 if (digital_skb_check_crc_a(resp)) {
 364                         PROTOCOL_ERR("9.4.1.2");
 365                         return -EIO;
 366                 }
 367
 368                 return 0;
 369         }
 370
 371         /* ACK response (i.e. successful WRITE). */
 372         if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) {
 373                 resp->data[0] = 0;
 374                 return 0;
 375         }
 376
 377         /* NACK and any other responses are treated as error. */
 378         return -EIO;
 379 }
 380
 381 static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg,
 382                                    struct sk_buff *resp)
 383 {
 384         int rc;
 385         u8 proto;
 386         struct nfc_target target;
 387         struct digital_sensf_res *sensf_res;
 388
 389         if (IS_ERR(resp)) {
 390                 rc = PTR_ERR(resp);
 391                 resp = NULL;
 392                 goto exit;
 393         }
 394
 395         if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) {
 396                 rc = -EIO;
 397                 goto exit;
 398         }
 399
 400         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
 401                 rc = digital_skb_check_crc_f(resp);
 402                 if (rc) {
 403                         PROTOCOL_ERR("6.4.1.8");
 404                         goto exit;
 405                 }
 406         }
 407
 408         skb_pull(resp, 1);
 409
 410         memset(&target, 0, sizeof(struct nfc_target));
 411
 412         sensf_res = (struct digital_sensf_res *)resp->data;
 413
 414         memcpy(target.sensf_res, sensf_res, resp->len);
 415         target.sensf_res_len = resp->len;
 416
 417         memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE);
 418         target.nfcid2_len = NFC_NFCID2_MAXSIZE;
 419
 420         if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 &&
 421             target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2)
 422                 proto = NFC_PROTO_NFC_DEP;
 423         else
 424                 proto = NFC_PROTO_FELICA;
 425
 426         rc = digital_target_found(ddev, &target, proto);
 427
 428 exit:
 429         dev_kfree_skb(resp);
 430
 431         if (rc)
 432                 digital_poll_next_tech(ddev);
 433 }
 434
 435 int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 436 {
 437         struct digital_sensf_req *sensf_req;
 438         struct sk_buff *skb;
 439         int rc;
 440         u8 size;
 441
 442         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
 443         if (rc)
 444                 return rc;
 445
 446         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 447                                      NFC_DIGITAL_FRAMING_NFCF);
 448         if (rc)
 449                 return rc;
 450
 451         size = sizeof(struct digital_sensf_req);
 452
 453         skb = digital_skb_alloc(ddev, size);
 454         if (!skb)
 455                 return -ENOMEM;
 456
 457         skb_put(skb, size);
 458
 459         sensf_req = (struct digital_sensf_req *)skb->data;
 460         sensf_req->cmd = DIGITAL_CMD_SENSF_REQ;
 461         sensf_req->sc1 = 0xFF;
 462         sensf_req->sc2 = 0xFF;
 463         sensf_req->rc = 0;
 464         sensf_req->tsn = 0;
 465
 466         *skb_push(skb, 1) = size + 1;
 467
 468         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev))
 469                 digital_skb_add_crc_f(skb);
 470
 471         rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res,
 472                                  NULL);
 473         if (rc)
 474                 kfree_skb(skb);
 475
 476         return rc;
 477 }
 478
 479 static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev)
 480 {
 481         struct sk_buff *skb;
 482         int rc;
 483
 484         skb = digital_skb_alloc(ddev, 1);
 485         if (!skb)
 486                 return -ENOMEM;
 487
 488         *skb_put(skb, 1) = DIGITAL_SEL_RES_NFC_DEP;
 489
 490         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
 491                 digital_skb_add_crc_a(skb);
 492
 493         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req,
 494                                  NULL);
 495         if (rc)
 496                 kfree_skb(skb);
 497
 498         return rc;
 499 }
 500
 501 static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg,
 502                                     struct sk_buff *resp)
 503 {
 504         int rc;
 505
 506         if (IS_ERR(resp)) {
 507                 rc = PTR_ERR(resp);
 508                 resp = NULL;
 509                 goto exit;
 510         }
 511
 512         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
 513                 rc = digital_skb_check_crc_a(resp);
 514                 if (rc) {
 515                         PROTOCOL_ERR("4.4.1.3");
 516                         goto exit;
 517                 }
 518         }
 519
 520         /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
 521
 522         rc = digital_tg_send_sel_res(ddev);
 523
 524 exit:
 525         if (rc)
 526                 digital_poll_next_tech(ddev);
 527
 528         dev_kfree_skb(resp);
 529 }
 530
 531 static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev)
 532 {
 533         struct sk_buff *skb;
 534         struct digital_sdd_res *sdd_res;
 535         int rc, i;
 536
 537         skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res));
 538         if (!skb)
 539                 return -ENOMEM;
 540
 541         skb_put(skb, sizeof(struct digital_sdd_res));
 542         sdd_res = (struct digital_sdd_res *)skb->data;
 543
 544         sdd_res->nfcid1[0] = 0x08;
 545         get_random_bytes(sdd_res->nfcid1 + 1, 3);
 546
 547         sdd_res->bcc = 0;
 548         for (i = 0; i < 4; i++)
 549                 sdd_res->bcc ^= sdd_res->nfcid1[i];
 550
 551         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req,
 552                                  NULL);
 553         if (rc)
 554                 kfree_skb(skb);
 555
 556         return rc;
 557 }
 558
 559 static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg,
 560                                     struct sk_buff *resp)
 561 {
 562         u8 *sdd_req;
 563         int rc;
 564
 565         if (IS_ERR(resp)) {
 566                 rc = PTR_ERR(resp);
 567                 resp = NULL;
 568                 goto exit;
 569         }
 570
 571         sdd_req = resp->data;
 572
 573         if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 ||
 574             sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) {
 575                 rc = -EINVAL;
 576                 goto exit;
 577         }
 578
 579         rc = digital_tg_send_sdd_res(ddev);
 580
 581 exit:
 582         if (rc)
 583                 digital_poll_next_tech(ddev);
 584
 585         dev_kfree_skb(resp);
 586 }
 587
 588 static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev)
 589 {
 590         struct sk_buff *skb;
 591         u8 *sens_res;
 592         int rc;
 593
 594         skb = digital_skb_alloc(ddev, 2);
 595         if (!skb)
 596                 return -ENOMEM;
 597
 598         sens_res = skb_put(skb, 2);
 599
 600         sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF;
 601         sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF;
 602
 603         rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req,
 604                                  NULL);
 605         if (rc)
 606                 kfree_skb(skb);
 607
 608         return rc;
 609 }
 610
 611 void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg,
 612                               struct sk_buff *resp)
 613 {
 614         u8 sens_req;
 615         int rc;
 616
 617         if (IS_ERR(resp)) {
 618                 rc = PTR_ERR(resp);
 619                 resp = NULL;
 620                 goto exit;
 621         }
 622
 623         sens_req = resp->data[0];
 624
 625         if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ &&
 626             sens_req != DIGITAL_CMD_ALL_REQ)) {
 627                 rc = -EINVAL;
 628                 goto exit;
 629         }
 630
 631         rc = digital_tg_send_sens_res(ddev);
 632
 633 exit:
 634         if (rc)
 635                 digital_poll_next_tech(ddev);
 636
 637         dev_kfree_skb(resp);
 638 }
 639
 640 static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev,
 641                               struct digital_sensf_req *sensf_req)
 642 {
 643         struct sk_buff *skb;
 644         u8 size;
 645         int rc;
 646         struct digital_sensf_res *sensf_res;
 647
 648         size = sizeof(struct digital_sensf_res);
 649
 650         if (sensf_req->rc != DIGITAL_SENSF_REQ_RC_NONE)
 651                 size -= sizeof(sensf_res->rd);
 652
 653         skb = digital_skb_alloc(ddev, size);
 654         if (!skb)
 655                 return -ENOMEM;
 656
 657         skb_put(skb, size);
 658
 659         sensf_res = (struct digital_sensf_res *)skb->data;
 660
 661         memset(sensf_res, 0, size);
 662
 663         sensf_res->cmd = DIGITAL_CMD_SENSF_RES;
 664         sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
 665         sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
 666         get_random_bytes(&sensf_res->nfcid2[2], 6);
 667
 668         switch (sensf_req->rc) {
 669         case DIGITAL_SENSF_REQ_RC_SC:
 670                 sensf_res->rd[0] = sensf_req->sc1;
 671                 sensf_res->rd[1] = sensf_req->sc2;
 672                 break;
 673         case DIGITAL_SENSF_REQ_RC_AP:
 674                 sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1;
 675                 sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2;
 676                 break;
 677         }
 678
 679         *skb_push(skb, sizeof(u8)) = size + 1;
 680
 681         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
 682                 digital_skb_add_crc_f(skb);
 683
 684         rc = digital_tg_send_cmd(ddev, skb, 300,
 685                                  digital_tg_recv_atr_req, NULL);
 686         if (rc)
 687                 kfree_skb(skb);
 688
 689         return rc;
 690 }
 691
 692 void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg,
 693                                struct sk_buff *resp)
 694 {
 695         struct digital_sensf_req *sensf_req;
 696         int rc;
 697
 698         if (IS_ERR(resp)) {
 699                 rc = PTR_ERR(resp);
 700                 resp = NULL;
 701                 goto exit;
 702         }
 703
 704         if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
 705                 rc = digital_skb_check_crc_f(resp);
 706                 if (rc) {
 707                         PROTOCOL_ERR("6.4.1.8");
 708                         goto exit;
 709                 }
 710         }
 711
 712         if (resp->len != sizeof(struct digital_sensf_req) + 1) {
 713                 rc = -EINVAL;
 714                 goto exit;
 715         }
 716
 717         skb_pull(resp, 1);
 718         sensf_req = (struct digital_sensf_req *)resp->data;
 719
 720         if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) {
 721                 rc = -EINVAL;
 722                 goto exit;
 723         }
 724
 725         rc = digital_tg_send_sensf_res(ddev, sensf_req);
 726
 727 exit:
 728         if (rc)
 729                 digital_poll_next_tech(ddev);
 730
 731         dev_kfree_skb(resp);
 732 }
 733
 734 int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech)
 735 {
 736         int rc;
 737
 738         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
 739         if (rc)
 740                 return rc;
 741
 742         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 743                                      NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
 744         if (rc)
 745                 return rc;
 746
 747         return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL);
 748 }
 749
 750 int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech)
 751 {
 752         int rc;
 753         u8 *nfcid2;
 754
 755         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
 756         if (rc)
 757                 return rc;
 758
 759         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
 760                                      NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
 761         if (rc)
 762                 return rc;
 763
 764         nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL);
 765         if (!nfcid2)
 766                 return -ENOMEM;
 767
 768         nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
 769         nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
 770         get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2);
 771
 772         return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2);
 773 }