2 * NFC Digital Protocol stack
3 * Copyright (c) 2013, Intel Corporation.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
20 #define DIGITAL_CMD_SENS_REQ 0x26
21 #define DIGITAL_CMD_ALL_REQ 0x52
22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
28 #define DIGITAL_SDD_RES_CT 0x88
29 #define DIGITAL_SDD_RES_LEN 5
31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
33 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
35 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x000C) == 0x000C)
36 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
37 ((!((sens_res) & 0x1F00) && (((sens_res) & 0x000C) == 0x000C)) || \
38 (((sens_res) & 0x1F00) && ((sens_res) & 0x000C) != 0x000C))
40 #define DIGITAL_MIFARE_READ_RES_LEN 16
41 #define DIGITAL_MIFARE_ACK_RES 0x0A
43 #define DIGITAL_CMD_SENSF_REQ 0x00
44 #define DIGITAL_CMD_SENSF_RES 0x01
46 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
47 #define DIGITAL_SENSF_RES_RD_AP_B1 0x00
48 #define DIGITAL_SENSF_RES_RD_AP_B2 0x8F
50 #define DIGITAL_SENSF_REQ_RC_NONE 0
51 #define DIGITAL_SENSF_REQ_RC_SC 1
52 #define DIGITAL_SENSF_REQ_RC_AP 2
54 struct digital_sdd_res {
59 struct digital_sel_req {
66 struct digital_sensf_req {
74 struct digital_sensf_res {
85 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
86 struct nfc_target *target);
88 static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg,
91 struct nfc_target *target = arg;
102 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
103 rc = digital_skb_check_crc_a(resp);
105 PROTOCOL_ERR("4.4.1.3");
115 sel_res = resp->data[0];
117 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) {
118 rc = digital_in_send_sdd_req(ddev, target);
125 if (DIGITAL_SEL_RES_IS_T2T(sel_res)) {
126 nfc_proto = NFC_PROTO_MIFARE;
127 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res)) {
128 nfc_proto = NFC_PROTO_NFC_DEP;
134 target->sel_res = sel_res;
136 rc = digital_target_found(ddev, target, nfc_proto);
145 digital_poll_next_tech(ddev);
148 static int digital_in_send_sel_req(struct nfc_digital_dev *ddev,
149 struct nfc_target *target,
150 struct digital_sdd_res *sdd_res)
153 struct digital_sel_req *sel_req;
157 skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req));
161 skb_put(skb, sizeof(struct digital_sel_req));
162 sel_req = (struct digital_sel_req *)skb->data;
164 if (target->nfcid1_len <= 4)
165 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
166 else if (target->nfcid1_len < 10)
167 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
169 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
171 sel_req->sel_cmd = sel_cmd;
173 memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4);
174 sel_req->bcc = sdd_res->bcc;
176 if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
177 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
178 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
182 digital_skb_add_crc_a(skb);
185 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res,
194 static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg,
195 struct sk_buff *resp)
197 struct nfc_target *target = arg;
198 struct digital_sdd_res *sdd_res;
209 if (resp->len < DIGITAL_SDD_RES_LEN) {
210 PROTOCOL_ERR("4.7.2.8");
215 sdd_res = (struct digital_sdd_res *)resp->data;
217 for (i = 0, bcc = 0; i < 4; i++)
218 bcc ^= sdd_res->nfcid1[i];
220 if (bcc != sdd_res->bcc) {
221 PROTOCOL_ERR("4.7.2.6");
226 if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) {
234 memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset,
236 target->nfcid1_len += size;
238 rc = digital_in_send_sel_req(ddev, target, sdd_res);
245 digital_poll_next_tech(ddev);
249 static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
250 struct nfc_target *target)
256 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
257 NFC_DIGITAL_FRAMING_NFCA_STANDARD);
261 skb = digital_skb_alloc(ddev, 2);
265 if (target->nfcid1_len == 0)
266 sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
267 else if (target->nfcid1_len == 3)
268 sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
270 sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
272 *skb_put(skb, sizeof(u8)) = sel_cmd;
273 *skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR;
275 return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res,
279 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg,
280 struct sk_buff *resp)
282 struct nfc_target *target = NULL;
292 if (resp->len < sizeof(u16)) {
297 target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
303 memcpy(&target->sens_res, resp->data, sizeof(u16));
305 sens_res = be16_to_cpu(target->sens_res);
307 if (!DIGITAL_SENS_RES_IS_VALID(sens_res)) {
308 PROTOCOL_ERR("4.6.3.3");
313 if (DIGITAL_SENS_RES_IS_T1T(sens_res))
314 rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL);
316 rc = digital_in_send_sdd_req(ddev, target);
323 digital_poll_next_tech(ddev);
327 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
332 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
333 NFC_DIGITAL_RF_TECH_106A);
337 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
338 NFC_DIGITAL_FRAMING_NFCA_SHORT);
342 skb = digital_skb_alloc(ddev, 1);
346 *skb_put(skb, sizeof(u8)) = DIGITAL_CMD_SENS_REQ;
348 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sens_res, NULL);
355 int digital_in_recv_mifare_res(struct sk_buff *resp)
357 /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
358 * Since the driver can't differentiate a ACK/NACK response from a valid
359 * READ response, the CRC calculation must be handled at digital level
360 * even if the driver supports it for this technology.
362 if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) {
363 if (digital_skb_check_crc_a(resp)) {
364 PROTOCOL_ERR("9.4.1.2");
371 /* ACK response (i.e. successful WRITE). */
372 if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) {
377 /* NACK and any other responses are treated as error. */
381 static void digital_in_recv_sensf_res(struct nfc_digital_dev *ddev, void *arg,
382 struct sk_buff *resp)
386 struct nfc_target target;
387 struct digital_sensf_res *sensf_res;
395 if (resp->len < DIGITAL_SENSF_RES_MIN_LENGTH) {
400 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
401 rc = digital_skb_check_crc_f(resp);
403 PROTOCOL_ERR("6.4.1.8");
410 memset(&target, 0, sizeof(struct nfc_target));
412 sensf_res = (struct digital_sensf_res *)resp->data;
414 memcpy(target.sensf_res, sensf_res, resp->len);
415 target.sensf_res_len = resp->len;
417 memcpy(target.nfcid2, sensf_res->nfcid2, NFC_NFCID2_MAXSIZE);
418 target.nfcid2_len = NFC_NFCID2_MAXSIZE;
420 if (target.nfcid2[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1 &&
421 target.nfcid2[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2)
422 proto = NFC_PROTO_NFC_DEP;
424 proto = NFC_PROTO_FELICA;
426 rc = digital_target_found(ddev, &target, proto);
432 digital_poll_next_tech(ddev);
435 int digital_in_send_sensf_req(struct nfc_digital_dev *ddev, u8 rf_tech)
437 struct digital_sensf_req *sensf_req;
442 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
446 rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
447 NFC_DIGITAL_FRAMING_NFCF);
451 size = sizeof(struct digital_sensf_req);
453 skb = digital_skb_alloc(ddev, size);
459 sensf_req = (struct digital_sensf_req *)skb->data;
460 sensf_req->cmd = DIGITAL_CMD_SENSF_REQ;
461 sensf_req->sc1 = 0xFF;
462 sensf_req->sc2 = 0xFF;
466 *skb_push(skb, 1) = size + 1;
468 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev))
469 digital_skb_add_crc_f(skb);
471 rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sensf_res,
479 static int digital_tg_send_sel_res(struct nfc_digital_dev *ddev)
484 skb = digital_skb_alloc(ddev, 1);
488 *skb_put(skb, 1) = DIGITAL_SEL_RES_NFC_DEP;
490 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
491 digital_skb_add_crc_a(skb);
493 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_atr_req,
501 static void digital_tg_recv_sel_req(struct nfc_digital_dev *ddev, void *arg,
502 struct sk_buff *resp)
512 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
513 rc = digital_skb_check_crc_a(resp);
515 PROTOCOL_ERR("4.4.1.3");
520 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
522 rc = digital_tg_send_sel_res(ddev);
526 digital_poll_next_tech(ddev);
531 static int digital_tg_send_sdd_res(struct nfc_digital_dev *ddev)
534 struct digital_sdd_res *sdd_res;
537 skb = digital_skb_alloc(ddev, sizeof(struct digital_sdd_res));
541 skb_put(skb, sizeof(struct digital_sdd_res));
542 sdd_res = (struct digital_sdd_res *)skb->data;
544 sdd_res->nfcid1[0] = 0x08;
545 get_random_bytes(sdd_res->nfcid1 + 1, 3);
548 for (i = 0; i < 4; i++)
549 sdd_res->bcc ^= sdd_res->nfcid1[i];
551 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sel_req,
559 static void digital_tg_recv_sdd_req(struct nfc_digital_dev *ddev, void *arg,
560 struct sk_buff *resp)
571 sdd_req = resp->data;
573 if (resp->len < 2 || sdd_req[0] != DIGITAL_CMD_SEL_REQ_CL1 ||
574 sdd_req[1] != DIGITAL_SDD_REQ_SEL_PAR) {
579 rc = digital_tg_send_sdd_res(ddev);
583 digital_poll_next_tech(ddev);
588 static int digital_tg_send_sens_res(struct nfc_digital_dev *ddev)
594 skb = digital_skb_alloc(ddev, 2);
598 sens_res = skb_put(skb, 2);
600 sens_res[0] = (DIGITAL_SENS_RES_NFC_DEP >> 8) & 0xFF;
601 sens_res[1] = DIGITAL_SENS_RES_NFC_DEP & 0xFF;
603 rc = digital_tg_send_cmd(ddev, skb, 300, digital_tg_recv_sdd_req,
611 void digital_tg_recv_sens_req(struct nfc_digital_dev *ddev, void *arg,
612 struct sk_buff *resp)
623 sens_req = resp->data[0];
625 if (!resp->len || (sens_req != DIGITAL_CMD_SENS_REQ &&
626 sens_req != DIGITAL_CMD_ALL_REQ)) {
631 rc = digital_tg_send_sens_res(ddev);
635 digital_poll_next_tech(ddev);
640 static int digital_tg_send_sensf_res(struct nfc_digital_dev *ddev,
641 struct digital_sensf_req *sensf_req)
646 struct digital_sensf_res *sensf_res;
648 size = sizeof(struct digital_sensf_res);
650 if (sensf_req->rc != DIGITAL_SENSF_REQ_RC_NONE)
651 size -= sizeof(sensf_res->rd);
653 skb = digital_skb_alloc(ddev, size);
659 sensf_res = (struct digital_sensf_res *)skb->data;
661 memset(sensf_res, 0, size);
663 sensf_res->cmd = DIGITAL_CMD_SENSF_RES;
664 sensf_res->nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
665 sensf_res->nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
666 get_random_bytes(&sensf_res->nfcid2[2], 6);
668 switch (sensf_req->rc) {
669 case DIGITAL_SENSF_REQ_RC_SC:
670 sensf_res->rd[0] = sensf_req->sc1;
671 sensf_res->rd[1] = sensf_req->sc2;
673 case DIGITAL_SENSF_REQ_RC_AP:
674 sensf_res->rd[0] = DIGITAL_SENSF_RES_RD_AP_B1;
675 sensf_res->rd[1] = DIGITAL_SENSF_RES_RD_AP_B2;
679 *skb_push(skb, sizeof(u8)) = size + 1;
681 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev))
682 digital_skb_add_crc_f(skb);
684 rc = digital_tg_send_cmd(ddev, skb, 300,
685 digital_tg_recv_atr_req, NULL);
692 void digital_tg_recv_sensf_req(struct nfc_digital_dev *ddev, void *arg,
693 struct sk_buff *resp)
695 struct digital_sensf_req *sensf_req;
704 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev)) {
705 rc = digital_skb_check_crc_f(resp);
707 PROTOCOL_ERR("6.4.1.8");
712 if (resp->len != sizeof(struct digital_sensf_req) + 1) {
718 sensf_req = (struct digital_sensf_req *)resp->data;
720 if (sensf_req->cmd != DIGITAL_CMD_SENSF_REQ) {
725 rc = digital_tg_send_sensf_res(ddev, sensf_req);
729 digital_poll_next_tech(ddev);
734 int digital_tg_listen_nfca(struct nfc_digital_dev *ddev, u8 rf_tech)
738 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
742 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
743 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
747 return digital_tg_listen(ddev, 300, digital_tg_recv_sens_req, NULL);
750 int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech)
755 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
759 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
760 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
764 nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL);
768 nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1;
769 nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2;
770 get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2);
772 return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2);