2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
24 #include <linux/device.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/usb.h>
29 #include <linux/nfc.h>
30 #include <linux/netdevice.h>
31 #include <net/nfc/nfc.h>
35 #define PN533_VENDOR_ID 0x4CC
36 #define PN533_PRODUCT_ID 0x2533
38 #define SCM_VENDOR_ID 0x4E6
39 #define SCL3711_PRODUCT_ID 0x5591
41 #define SONY_VENDOR_ID 0x054c
42 #define PASORI_PRODUCT_ID 0x02e1
44 #define PN533_QUIRKS_TYPE_A BIT(0)
45 #define PN533_QUIRKS_TYPE_F BIT(1)
46 #define PN533_QUIRKS_DEP BIT(2)
47 #define PN533_QUIRKS_RAW_EXCHANGE BIT(3)
49 #define PN533_DEVICE_STD 0x1
50 #define PN533_DEVICE_PASORI 0x2
52 #define PN533_ALL_PROTOCOLS (NFC_PROTO_JEWEL_MASK | NFC_PROTO_MIFARE_MASK \
53 | NFC_PROTO_FELICA_MASK | NFC_PROTO_ISO14443_MASK \
54 | NFC_PROTO_NFC_DEP_MASK)
56 #define PN533_NO_TYPE_B_PROTOCOLS (NFC_PROTO_JEWEL_MASK | \
57 NFC_PROTO_MIFARE_MASK | \
58 NFC_PROTO_FELICA_MASK | \
59 NFC_PROTO_NFC_DEP_MASK)
61 static const struct usb_device_id pn533_table[] = {
62 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
63 .idVendor = PN533_VENDOR_ID,
64 .idProduct = PN533_PRODUCT_ID,
65 .driver_info = PN533_DEVICE_STD,
67 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
68 .idVendor = SCM_VENDOR_ID,
69 .idProduct = SCL3711_PRODUCT_ID,
70 .driver_info = PN533_DEVICE_STD,
72 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
73 .idVendor = SONY_VENDOR_ID,
74 .idProduct = PASORI_PRODUCT_ID,
75 .driver_info = PN533_DEVICE_PASORI,
79 MODULE_DEVICE_TABLE(usb, pn533_table);
81 /* How much time we spend listening for initiators */
82 #define PN533_LISTEN_TIME 2
84 /* frame definitions */
85 #define PN533_FRAME_TAIL_SIZE 2
86 #define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
87 PN533_FRAME_TAIL_SIZE)
88 #define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
89 #define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
90 #define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
93 #define PN533_SOF 0x00FF
95 /* frame identifier: in/out/error */
96 #define PN533_FRAME_IDENTIFIER(f) (f->data[0])
97 #define PN533_DIR_OUT 0xD4
98 #define PN533_DIR_IN 0xD5
101 #define PN533_FRAME_CMD(f) (f->data[1])
102 #define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
103 #define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
105 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
106 #define PN533_CMD_RF_CONFIGURATION 0x32
107 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
108 #define PN533_CMD_IN_COMM_THRU 0x42
109 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
110 #define PN533_CMD_IN_ATR 0x50
111 #define PN533_CMD_IN_RELEASE 0x52
112 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
114 #define PN533_CMD_TG_INIT_AS_TARGET 0x8c
115 #define PN533_CMD_TG_GET_DATA 0x86
116 #define PN533_CMD_TG_SET_DATA 0x8e
118 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
120 /* PN533 Return codes */
121 #define PN533_CMD_RET_MASK 0x3F
122 #define PN533_CMD_MI_MASK 0x40
123 #define PN533_CMD_RET_SUCCESS 0x00
125 /* PN533 status codes */
126 #define PN533_STATUS_TARGET_RELEASED 0x29
130 typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
131 u8 *params, int params_len);
133 /* structs for pn533 commands */
135 /* PN533_CMD_GET_FIRMWARE_VERSION */
136 struct pn533_fw_version {
143 /* PN533_CMD_RF_CONFIGURATION */
144 #define PN533_CFGITEM_TIMING 0x02
145 #define PN533_CFGITEM_MAX_RETRIES 0x05
146 #define PN533_CFGITEM_PASORI 0x82
148 #define PN533_CONFIG_TIMING_102 0xb
149 #define PN533_CONFIG_TIMING_204 0xc
150 #define PN533_CONFIG_TIMING_409 0xd
151 #define PN533_CONFIG_TIMING_819 0xe
153 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
154 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
156 struct pn533_config_max_retries {
159 u8 mx_rty_passive_act;
162 struct pn533_config_timing {
168 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
170 /* felica commands opcode */
171 #define PN533_FELICA_OPC_SENSF_REQ 0
172 #define PN533_FELICA_OPC_SENSF_RES 1
173 /* felica SENSF_REQ parameters */
174 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
175 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
176 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
177 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
179 /* type B initiator_data values */
180 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
181 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
182 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
184 union pn533_cmd_poll_initdata {
197 /* Poll modulations */
199 PN533_POLL_MOD_106KBPS_A,
200 PN533_POLL_MOD_212KBPS_FELICA,
201 PN533_POLL_MOD_424KBPS_FELICA,
202 PN533_POLL_MOD_106KBPS_JEWEL,
203 PN533_POLL_MOD_847KBPS_B,
206 __PN533_POLL_MOD_AFTER_LAST,
208 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
210 struct pn533_poll_modulations {
214 union pn533_cmd_poll_initdata initiator_data;
219 const struct pn533_poll_modulations poll_mod[] = {
220 [PN533_POLL_MOD_106KBPS_A] = {
227 [PN533_POLL_MOD_212KBPS_FELICA] = {
231 .initiator_data.felica = {
232 .opcode = PN533_FELICA_OPC_SENSF_REQ,
233 .sc = PN533_FELICA_SENSF_SC_ALL,
234 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
240 [PN533_POLL_MOD_424KBPS_FELICA] = {
244 .initiator_data.felica = {
245 .opcode = PN533_FELICA_OPC_SENSF_REQ,
246 .sc = PN533_FELICA_SENSF_SC_ALL,
247 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
253 [PN533_POLL_MOD_106KBPS_JEWEL] = {
260 [PN533_POLL_MOD_847KBPS_B] = {
264 .initiator_data.type_b = {
265 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
267 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
272 [PN533_LISTEN_MOD] = {
277 /* PN533_CMD_IN_ATR */
279 struct pn533_cmd_activate_param {
284 struct pn533_cmd_activate_response {
296 /* PN533_CMD_IN_JUMP_FOR_DEP */
297 struct pn533_cmd_jump_dep {
304 struct pn533_cmd_jump_dep_response {
318 /* PN533_TG_INIT_AS_TARGET */
319 #define PN533_INIT_TARGET_PASSIVE 0x1
320 #define PN533_INIT_TARGET_DEP 0x2
322 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
323 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1
324 #define PN533_INIT_TARGET_RESP_DEP 0x4
326 struct pn533_cmd_init_target {
335 struct pn533_cmd_init_target_response {
341 struct usb_device *udev;
342 struct usb_interface *interface;
343 struct nfc_dev *nfc_dev;
347 struct pn533_frame *out_frame;
351 struct pn533_frame *in_frame;
353 struct sk_buff_head resp_q;
355 struct workqueue_struct *wq;
356 struct work_struct cmd_work;
357 struct work_struct poll_work;
358 struct work_struct mi_work;
359 struct work_struct tg_work;
360 struct timer_list listen_timer;
361 struct pn533_frame *wq_in_frame;
365 pn533_cmd_complete_t cmd_complete;
366 void *cmd_complete_arg;
367 struct mutex cmd_lock;
370 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
374 u32 listen_protocols;
379 u8 tgt_available_prots;
394 /* The rule: value + checksum = 0 */
395 static inline u8 pn533_checksum(u8 value)
400 /* The rule: sum(data elements) + checksum = 0 */
401 static u8 pn533_data_checksum(u8 *data, int datalen)
406 for (i = 0; i < datalen; i++)
409 return pn533_checksum(sum);
413 * pn533_tx_frame_ack - create a ack frame
414 * @frame: The frame to be set as ack
416 * Ack is different type of standard frame. As a standard frame, it has
417 * preamble and start_frame. However the checksum of this frame must fail,
418 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
419 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
420 * After datalen_checksum field, the postamble is placed.
422 static void pn533_tx_frame_ack(struct pn533_frame *frame)
425 frame->start_frame = cpu_to_be16(PN533_SOF);
427 frame->datalen_checksum = 0xFF;
428 /* data[0] is used as postamble */
432 static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
435 frame->start_frame = cpu_to_be16(PN533_SOF);
436 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
437 PN533_FRAME_CMD(frame) = cmd;
441 static void pn533_tx_frame_finish(struct pn533_frame *frame)
443 frame->datalen_checksum = pn533_checksum(frame->datalen);
445 PN533_FRAME_CHECKSUM(frame) =
446 pn533_data_checksum(frame->data, frame->datalen);
448 PN533_FRAME_POSTAMBLE(frame) = 0;
451 static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
455 if (frame->start_frame != cpu_to_be16(PN533_SOF))
458 checksum = pn533_checksum(frame->datalen);
459 if (checksum != frame->datalen_checksum)
462 checksum = pn533_data_checksum(frame->data, frame->datalen);
463 if (checksum != PN533_FRAME_CHECKSUM(frame))
469 static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
471 if (frame->start_frame != cpu_to_be16(PN533_SOF))
474 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
480 static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
482 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
486 static void pn533_wq_cmd_complete(struct work_struct *work)
488 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
489 struct pn533_frame *in_frame;
492 in_frame = dev->wq_in_frame;
494 if (dev->wq_in_error)
495 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
498 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
499 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
500 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
502 if (rc != -EINPROGRESS)
503 mutex_unlock(&dev->cmd_lock);
506 static void pn533_recv_response(struct urb *urb)
508 struct pn533 *dev = urb->context;
509 struct pn533_frame *in_frame;
511 dev->wq_in_frame = NULL;
513 switch (urb->status) {
520 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
521 " status: %d", urb->status);
522 dev->wq_in_error = urb->status;
525 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
527 dev->wq_in_error = urb->status;
531 in_frame = dev->in_urb->transfer_buffer;
533 if (!pn533_rx_frame_is_valid(in_frame)) {
534 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
535 dev->wq_in_error = -EIO;
539 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
540 nfc_dev_err(&dev->interface->dev, "The received frame is not "
541 "response to the last command");
542 dev->wq_in_error = -EIO;
546 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
547 dev->wq_in_error = 0;
548 dev->wq_in_frame = in_frame;
551 queue_work(dev->wq, &dev->cmd_work);
554 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
556 dev->in_urb->complete = pn533_recv_response;
558 return usb_submit_urb(dev->in_urb, flags);
561 static void pn533_recv_ack(struct urb *urb)
563 struct pn533 *dev = urb->context;
564 struct pn533_frame *in_frame;
567 switch (urb->status) {
574 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
575 " status: %d", urb->status);
576 dev->wq_in_error = urb->status;
579 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
581 dev->wq_in_error = urb->status;
585 in_frame = dev->in_urb->transfer_buffer;
587 if (!pn533_rx_frame_is_ack(in_frame)) {
588 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
589 dev->wq_in_error = -EIO;
593 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
595 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
597 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
599 dev->wq_in_error = rc;
606 dev->wq_in_frame = NULL;
607 queue_work(dev->wq, &dev->cmd_work);
610 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
612 dev->in_urb->complete = pn533_recv_ack;
614 return usb_submit_urb(dev->in_urb, flags);
617 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
621 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
623 pn533_tx_frame_ack(dev->out_frame);
625 dev->out_urb->transfer_buffer = dev->out_frame;
626 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
627 rc = usb_submit_urb(dev->out_urb, flags);
632 static int __pn533_send_cmd_frame_async(struct pn533 *dev,
633 struct pn533_frame *out_frame,
634 struct pn533_frame *in_frame,
636 pn533_cmd_complete_t cmd_complete,
637 void *arg, gfp_t flags)
641 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
642 PN533_FRAME_CMD(out_frame));
644 dev->cmd = PN533_FRAME_CMD(out_frame);
645 dev->cmd_complete = cmd_complete;
646 dev->cmd_complete_arg = arg;
648 dev->out_urb->transfer_buffer = out_frame;
649 dev->out_urb->transfer_buffer_length =
650 PN533_FRAME_SIZE(out_frame);
652 dev->in_urb->transfer_buffer = in_frame;
653 dev->in_urb->transfer_buffer_length = in_frame_len;
655 rc = usb_submit_urb(dev->out_urb, flags);
659 rc = pn533_submit_urb_for_ack(dev, flags);
666 usb_unlink_urb(dev->out_urb);
670 static int pn533_send_cmd_frame_async(struct pn533 *dev,
671 struct pn533_frame *out_frame,
672 struct pn533_frame *in_frame,
674 pn533_cmd_complete_t cmd_complete,
675 void *arg, gfp_t flags)
679 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
681 if (!mutex_trylock(&dev->cmd_lock))
684 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
685 in_frame_len, cmd_complete, arg, flags);
691 mutex_unlock(&dev->cmd_lock);
695 struct pn533_sync_cmd_response {
697 struct completion done;
700 static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg,
701 u8 *params, int params_len)
703 struct pn533_sync_cmd_response *arg = _arg;
705 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
709 if (params_len < 0) /* error */
710 arg->rc = params_len;
712 complete(&arg->done);
717 static int pn533_send_cmd_frame_sync(struct pn533 *dev,
718 struct pn533_frame *out_frame,
719 struct pn533_frame *in_frame,
723 struct pn533_sync_cmd_response arg;
725 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
727 init_completion(&arg.done);
729 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len,
730 pn533_sync_cmd_complete, &arg, GFP_KERNEL);
734 wait_for_completion(&arg.done);
739 static void pn533_send_complete(struct urb *urb)
741 struct pn533 *dev = urb->context;
743 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
745 switch (urb->status) {
752 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
753 " status: %d", urb->status);
756 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
761 struct pn533_target_type_a {
769 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
770 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
771 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
773 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
774 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
776 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
777 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
779 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
780 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
781 #define PN533_TYPE_A_SEL_PROT_DEP 2
782 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
784 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
790 if (target_data_len < sizeof(struct pn533_target_type_a))
793 /* The lenght check of nfcid[] and ats[] are not being performed because
794 the values are not being used */
796 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
797 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
798 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
800 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
801 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
802 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
803 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
806 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
807 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
813 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
816 struct pn533_target_type_a *tgt_type_a;
818 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
820 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
823 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
824 case PN533_TYPE_A_SEL_PROT_MIFARE:
825 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
827 case PN533_TYPE_A_SEL_PROT_ISO14443:
828 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
830 case PN533_TYPE_A_SEL_PROT_DEP:
831 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
833 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
834 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
835 NFC_PROTO_NFC_DEP_MASK;
839 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
840 nfc_tgt->sel_res = tgt_type_a->sel_res;
841 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
842 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
847 struct pn533_target_felica {
856 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
857 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
859 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
862 if (target_data_len < sizeof(struct pn533_target_felica))
865 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
871 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
874 struct pn533_target_felica *tgt_felica;
876 tgt_felica = (struct pn533_target_felica *) tgt_data;
878 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
881 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
882 tgt_felica->nfcid2[1] ==
883 PN533_FELICA_SENSF_NFCID2_DEP_B2)
884 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
886 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
888 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
889 nfc_tgt->sensf_res_len = 9;
894 struct pn533_target_jewel {
899 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
905 if (target_data_len < sizeof(struct pn533_target_jewel))
908 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
909 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
910 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
912 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
913 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
914 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
915 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
921 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
924 struct pn533_target_jewel *tgt_jewel;
926 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
928 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
931 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
932 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
933 nfc_tgt->nfcid1_len = 4;
934 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
939 struct pn533_type_b_prot_info {
945 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
946 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
947 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
949 struct pn533_type_b_sens_res {
953 struct pn533_type_b_prot_info prot_info;
956 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
958 struct pn533_target_type_b {
959 struct pn533_type_b_sens_res sensb_res;
964 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
967 if (target_data_len < sizeof(struct pn533_target_type_b))
970 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
973 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
974 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
980 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
983 struct pn533_target_type_b *tgt_type_b;
985 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
987 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
990 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
995 struct pn533_poll_response {
1001 static int pn533_target_found(struct pn533 *dev,
1002 struct pn533_poll_response *resp, int resp_len)
1004 int target_data_len;
1005 struct nfc_target nfc_tgt;
1008 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
1009 dev->poll_mod_curr);
1014 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
1016 target_data_len = resp_len - sizeof(struct pn533_poll_response);
1018 switch (dev->poll_mod_curr) {
1019 case PN533_POLL_MOD_106KBPS_A:
1020 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
1023 case PN533_POLL_MOD_212KBPS_FELICA:
1024 case PN533_POLL_MOD_424KBPS_FELICA:
1025 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
1028 case PN533_POLL_MOD_106KBPS_JEWEL:
1029 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
1032 case PN533_POLL_MOD_847KBPS_B:
1033 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
1037 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
1045 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
1046 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
1047 " have the desired protocol");
1051 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
1052 "0x%x", nfc_tgt.supported_protocols);
1054 dev->tgt_available_prots = nfc_tgt.supported_protocols;
1056 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
1061 static inline void pn533_poll_next_mod(struct pn533 *dev)
1063 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1066 static void pn533_poll_reset_mod_list(struct pn533 *dev)
1068 dev->poll_mod_count = 0;
1071 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1073 dev->poll_mod_active[dev->poll_mod_count] =
1074 (struct pn533_poll_modulations *) &poll_mod[mod_index];
1075 dev->poll_mod_count++;
1078 static void pn533_poll_create_mod_list(struct pn533 *dev,
1079 u32 im_protocols, u32 tm_protocols)
1081 pn533_poll_reset_mod_list(dev);
1083 if (im_protocols & NFC_PROTO_MIFARE_MASK
1084 || im_protocols & NFC_PROTO_ISO14443_MASK
1085 || im_protocols & NFC_PROTO_NFC_DEP_MASK)
1086 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1088 if (im_protocols & NFC_PROTO_FELICA_MASK
1089 || im_protocols & NFC_PROTO_NFC_DEP_MASK) {
1090 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1091 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1094 if (im_protocols & NFC_PROTO_JEWEL_MASK)
1095 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
1097 if (im_protocols & NFC_PROTO_ISO14443_MASK)
1098 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1101 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1104 static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1105 u8 *params, int params_len)
1107 struct pn533_poll_response *resp;
1110 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1112 resp = (struct pn533_poll_response *) params;
1114 rc = pn533_target_found(dev, resp, params_len);
1116 /* We must stop the poll after a valid target found */
1118 pn533_poll_reset_mod_list(dev);
1126 static int pn533_init_target_frame(struct pn533_frame *frame,
1127 u8 *gb, size_t gb_len)
1129 struct pn533_cmd_init_target *cmd;
1131 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1132 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1133 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1134 0xff, 0xff}; /* System code */
1135 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1137 0x40}; /* SEL_RES for DEP */
1139 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1;
1140 cmd = kzalloc(cmd_len, GFP_KERNEL);
1144 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET);
1146 /* DEP support only */
1147 cmd->mode |= PN533_INIT_TARGET_DEP;
1150 memcpy(cmd->felica, felica_params, 18);
1151 get_random_bytes(cmd->felica + 2, 6);
1154 memset(cmd->nfcid3, 0, 10);
1155 memcpy(cmd->nfcid3, cmd->felica, 8);
1158 memcpy(cmd->mifare, mifare_params, 6);
1161 cmd->gb_len = gb_len;
1162 memcpy(cmd->gb, gb, gb_len);
1165 cmd->gb[gb_len] = 0;
1167 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1169 frame->datalen += cmd_len;
1171 pn533_tx_frame_finish(frame);
1178 #define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1179 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1180 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1181 u8 *params, int params_len)
1183 struct sk_buff *skb_resp = arg;
1184 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1186 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1188 if (params_len < 0) {
1189 nfc_dev_err(&dev->interface->dev,
1190 "Error %d when starting as a target",
1196 if (params_len > 0 && params[0] != 0) {
1197 nfc_tm_deactivated(dev->nfc_dev);
1201 kfree_skb(skb_resp);
1205 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1206 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1207 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1209 return nfc_tm_data_received(dev->nfc_dev, skb_resp);
1212 static void pn533_wq_tg_get_data(struct work_struct *work)
1214 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1215 struct pn533_frame *in_frame;
1216 struct sk_buff *skb_resp;
1217 size_t skb_resp_len;
1219 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1221 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1222 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1223 PN533_FRAME_TAIL_SIZE;
1225 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1229 in_frame = (struct pn533_frame *)skb_resp->data;
1231 pn533_tx_frame_init(dev->out_frame, PN533_CMD_TG_GET_DATA);
1232 pn533_tx_frame_finish(dev->out_frame);
1234 pn533_send_cmd_frame_async(dev, dev->out_frame, in_frame,
1236 pn533_tm_get_data_complete,
1237 skb_resp, GFP_KERNEL);
1242 #define ATR_REQ_GB_OFFSET 17
1243 static int pn533_init_target_complete(struct pn533 *dev, void *arg,
1244 u8 *params, int params_len)
1246 struct pn533_cmd_init_target_response *resp;
1247 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1251 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1253 if (params_len < 0) {
1254 nfc_dev_err(&dev->interface->dev,
1255 "Error %d when starting as a target",
1261 if (params_len < ATR_REQ_GB_OFFSET + 1)
1264 resp = (struct pn533_cmd_init_target_response *) params;
1266 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n",
1267 resp->mode, params_len);
1269 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK;
1270 if (frame == PN533_INIT_TARGET_RESP_ACTIVE)
1271 comm_mode = NFC_COMM_ACTIVE;
1273 /* Again, only DEP */
1274 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1277 gb = resp->cmd + ATR_REQ_GB_OFFSET;
1278 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1);
1280 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1281 comm_mode, gb, gb_len);
1283 nfc_dev_err(&dev->interface->dev,
1284 "Error when signaling target activation");
1290 queue_work(dev->wq, &dev->tg_work);
1295 static void pn533_listen_mode_timer(unsigned long data)
1297 struct pn533 *dev = (struct pn533 *) data;
1299 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout");
1301 /* An ack will cancel the last issued command (poll) */
1302 pn533_send_ack(dev, GFP_ATOMIC);
1304 dev->cancel_listen = 1;
1306 mutex_unlock(&dev->cmd_lock);
1308 pn533_poll_next_mod(dev);
1310 queue_work(dev->wq, &dev->poll_work);
1313 static int pn533_poll_complete(struct pn533 *dev, void *arg,
1314 u8 *params, int params_len)
1316 struct pn533_poll_modulations *cur_mod;
1319 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1321 if (params_len == -ENOENT) {
1322 if (dev->poll_mod_count != 0)
1325 nfc_dev_err(&dev->interface->dev,
1326 "Polling operation has been stopped");
1331 if (params_len < 0) {
1332 nfc_dev_err(&dev->interface->dev,
1333 "Error %d when running poll", params_len);
1338 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1340 if (cur_mod->len == 0) {
1341 del_timer(&dev->listen_timer);
1343 return pn533_init_target_complete(dev, arg, params, params_len);
1345 rc = pn533_start_poll_complete(dev, arg, params, params_len);
1350 pn533_poll_next_mod(dev);
1352 queue_work(dev->wq, &dev->poll_work);
1357 pn533_poll_reset_mod_list(dev);
1358 dev->poll_protocols = 0;
1362 static void pn533_build_poll_frame(struct pn533 *dev,
1363 struct pn533_frame *frame,
1364 struct pn533_poll_modulations *mod)
1366 nfc_dev_dbg(&dev->interface->dev, "mod len %d\n", mod->len);
1368 if (mod->len == 0) {
1370 pn533_init_target_frame(frame, dev->gb, dev->gb_len);
1373 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1375 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1376 frame->datalen += mod->len;
1378 pn533_tx_frame_finish(frame);
1382 static int pn533_send_poll_frame(struct pn533 *dev)
1384 struct pn533_poll_modulations *cur_mod;
1387 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1389 pn533_build_poll_frame(dev, dev->out_frame, cur_mod);
1391 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1392 dev->in_maxlen, pn533_poll_complete,
1395 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc);
1400 static void pn533_wq_poll(struct work_struct *work)
1402 struct pn533 *dev = container_of(work, struct pn533, poll_work);
1403 struct pn533_poll_modulations *cur_mod;
1406 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1408 nfc_dev_dbg(&dev->interface->dev,
1409 "%s cancel_listen %d modulation len %d",
1410 __func__, dev->cancel_listen, cur_mod->len);
1412 if (dev->cancel_listen == 1) {
1413 dev->cancel_listen = 0;
1414 usb_kill_urb(dev->in_urb);
1417 rc = pn533_send_poll_frame(dev);
1421 if (cur_mod->len == 0 && dev->poll_mod_count > 1)
1422 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
1427 static int pn533_start_poll(struct nfc_dev *nfc_dev,
1428 u32 im_protocols, u32 tm_protocols)
1430 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1432 nfc_dev_dbg(&dev->interface->dev,
1433 "%s: im protocols 0x%x tm protocols 0x%x",
1434 __func__, im_protocols, tm_protocols);
1436 if (dev->tgt_active_prot) {
1437 nfc_dev_err(&dev->interface->dev,
1438 "Cannot poll with a target already activated");
1442 if (dev->tgt_mode) {
1443 nfc_dev_err(&dev->interface->dev,
1444 "Cannot poll while already being activated");
1449 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
1450 if (dev->gb == NULL)
1454 dev->poll_mod_curr = 0;
1455 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols);
1456 dev->poll_protocols = im_protocols;
1457 dev->listen_protocols = tm_protocols;
1459 return pn533_send_poll_frame(dev);
1462 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1464 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1466 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1468 del_timer(&dev->listen_timer);
1470 if (!dev->poll_mod_count) {
1471 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1476 /* An ack will cancel the last issued command (poll) */
1477 pn533_send_ack(dev, GFP_KERNEL);
1479 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1480 usb_kill_urb(dev->in_urb);
1482 pn533_poll_reset_mod_list(dev);
1485 static int pn533_activate_target_nfcdep(struct pn533 *dev)
1487 struct pn533_cmd_activate_param param;
1488 struct pn533_cmd_activate_response *resp;
1492 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1494 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR);
1498 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), ¶m,
1499 sizeof(struct pn533_cmd_activate_param));
1500 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1502 pn533_tx_frame_finish(dev->out_frame);
1504 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1509 resp = (struct pn533_cmd_activate_response *)
1510 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1511 rc = resp->status & PN533_CMD_RET_MASK;
1512 if (rc != PN533_CMD_RET_SUCCESS)
1515 /* ATR_RES general bytes are located at offset 16 */
1516 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16;
1517 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len);
1522 static int pn533_activate_target(struct nfc_dev *nfc_dev,
1523 struct nfc_target *target, u32 protocol)
1525 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1528 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1531 if (dev->poll_mod_count) {
1532 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1537 if (dev->tgt_active_prot) {
1538 nfc_dev_err(&dev->interface->dev, "There is already an active"
1543 if (!dev->tgt_available_prots) {
1544 nfc_dev_err(&dev->interface->dev, "There is no available target"
1549 if (!(dev->tgt_available_prots & (1 << protocol))) {
1550 nfc_dev_err(&dev->interface->dev, "The target does not support"
1551 " the requested protocol %u", protocol);
1555 if (protocol == NFC_PROTO_NFC_DEP) {
1556 rc = pn533_activate_target_nfcdep(dev);
1558 nfc_dev_err(&dev->interface->dev, "Error %d when"
1559 " activating target with"
1560 " NFC_DEP protocol", rc);
1565 dev->tgt_active_prot = protocol;
1566 dev->tgt_available_prots = 0;
1571 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1572 struct nfc_target *target)
1574 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1579 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1581 if (!dev->tgt_active_prot) {
1582 nfc_dev_err(&dev->interface->dev, "There is no active target");
1586 dev->tgt_active_prot = 0;
1588 skb_queue_purge(&dev->resp_q);
1590 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE);
1593 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1594 dev->out_frame->datalen += sizeof(u8);
1596 pn533_tx_frame_finish(dev->out_frame);
1598 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1601 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1602 " command to the controller");
1606 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0];
1607 rc = status & PN533_CMD_RET_MASK;
1608 if (rc != PN533_CMD_RET_SUCCESS)
1609 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1616 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1617 u8 *params, int params_len)
1619 struct pn533_cmd_jump_dep *cmd;
1620 struct pn533_cmd_jump_dep_response *resp;
1621 struct nfc_target nfc_target;
1625 if (params_len == -ENOENT) {
1626 nfc_dev_dbg(&dev->interface->dev, "");
1630 if (params_len < 0) {
1631 nfc_dev_err(&dev->interface->dev,
1632 "Error %d when bringing DEP link up",
1637 if (dev->tgt_available_prots &&
1638 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1639 nfc_dev_err(&dev->interface->dev,
1640 "The target does not support DEP");
1644 resp = (struct pn533_cmd_jump_dep_response *) params;
1645 cmd = (struct pn533_cmd_jump_dep *) arg;
1646 rc = resp->status & PN533_CMD_RET_MASK;
1647 if (rc != PN533_CMD_RET_SUCCESS) {
1648 nfc_dev_err(&dev->interface->dev,
1649 "Bringing DEP link up failed %d", rc);
1653 if (!dev->tgt_available_prots) {
1654 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1656 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1657 nfc_target.nfcid1_len = 10;
1658 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len);
1659 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1663 dev->tgt_available_prots = 0;
1666 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1668 /* ATR_RES general bytes are located at offset 17 */
1669 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17;
1670 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1671 resp->gt, target_gt_len);
1673 rc = nfc_dep_link_is_up(dev->nfc_dev,
1674 dev->nfc_dev->targets[0].idx,
1675 !cmd->active, NFC_RF_INITIATOR);
1680 static int pn533_mod_to_baud(struct pn533 *dev)
1682 switch (dev->poll_mod_curr) {
1683 case PN533_POLL_MOD_106KBPS_A:
1685 case PN533_POLL_MOD_212KBPS_FELICA:
1687 case PN533_POLL_MOD_424KBPS_FELICA:
1694 #define PASSIVE_DATA_LEN 5
1695 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1696 u8 comm_mode, u8* gb, size_t gb_len)
1698 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1699 struct pn533_cmd_jump_dep *cmd;
1700 u8 cmd_len, *data_ptr;
1701 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1704 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1706 if (dev->poll_mod_count) {
1707 nfc_dev_err(&dev->interface->dev,
1708 "Cannot bring the DEP link up while polling");
1712 if (dev->tgt_active_prot) {
1713 nfc_dev_err(&dev->interface->dev,
1714 "There is already an active target");
1718 baud = pn533_mod_to_baud(dev);
1720 nfc_dev_err(&dev->interface->dev,
1721 "Invalid curr modulation %d", dev->poll_mod_curr);
1725 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1726 if (comm_mode == NFC_COMM_PASSIVE)
1727 cmd_len += PASSIVE_DATA_LEN;
1729 cmd = kzalloc(cmd_len, GFP_KERNEL);
1733 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1735 cmd->active = !comm_mode;
1738 data_ptr = cmd->data;
1739 if (comm_mode == NFC_COMM_PASSIVE && cmd->baud > 0) {
1740 memcpy(data_ptr, passive_data, PASSIVE_DATA_LEN);
1742 data_ptr += PASSIVE_DATA_LEN;
1745 if (gb != NULL && gb_len > 0) {
1746 cmd->next |= 4; /* We have some Gi */
1747 memcpy(data_ptr, gb, gb_len);
1752 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len);
1753 dev->out_frame->datalen += cmd_len;
1755 pn533_tx_frame_finish(dev->out_frame);
1757 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1758 dev->in_maxlen, pn533_in_dep_link_up_complete,
1770 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1772 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1774 pn533_poll_reset_mod_list(dev);
1776 if (dev->tgt_mode || dev->tgt_active_prot) {
1777 pn533_send_ack(dev, GFP_KERNEL);
1778 usb_kill_urb(dev->in_urb);
1781 dev->tgt_active_prot = 0;
1784 skb_queue_purge(&dev->resp_q);
1789 static int pn533_build_tx_frame(struct pn533 *dev, struct sk_buff *skb,
1792 int payload_len = skb->len;
1793 struct pn533_frame *out_frame;
1796 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1799 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1800 /* TODO: Implement support to multi-part data exchange */
1801 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1803 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1807 if (target == true) {
1808 switch (dev->device_type) {
1809 case PN533_DEVICE_STD:
1810 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1811 out_frame = (struct pn533_frame *) skb->data;
1812 pn533_tx_frame_init(out_frame,
1813 PN533_CMD_IN_DATA_EXCHANGE);
1815 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame),
1817 out_frame->datalen += sizeof(u8);
1820 case PN533_DEVICE_PASORI:
1821 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1822 out_frame = (struct pn533_frame *) skb->data;
1823 pn533_tx_frame_init(out_frame, PN533_CMD_IN_COMM_THRU);
1828 nfc_dev_err(&dev->interface->dev,
1829 "Unknown device type %d", dev->device_type);
1834 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1835 out_frame = (struct pn533_frame *) skb->data;
1836 pn533_tx_frame_init(out_frame, PN533_CMD_TG_SET_DATA);
1840 /* The data is already in the out_frame, just update the datalen */
1841 out_frame->datalen += payload_len;
1843 pn533_tx_frame_finish(out_frame);
1844 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1849 struct pn533_data_exchange_arg {
1850 struct sk_buff *skb_resp;
1851 struct sk_buff *skb_out;
1852 data_exchange_cb_t cb;
1856 static struct sk_buff *pn533_build_response(struct pn533 *dev)
1858 struct sk_buff *skb, *tmp, *t;
1859 unsigned int skb_len = 0, tmp_len = 0;
1861 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
1863 if (skb_queue_empty(&dev->resp_q))
1866 if (skb_queue_len(&dev->resp_q) == 1) {
1867 skb = skb_dequeue(&dev->resp_q);
1871 skb_queue_walk_safe(&dev->resp_q, tmp, t)
1872 skb_len += tmp->len;
1874 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
1877 skb = alloc_skb(skb_len, GFP_KERNEL);
1881 skb_put(skb, skb_len);
1883 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
1884 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
1885 tmp_len += tmp->len;
1889 skb_queue_purge(&dev->resp_q);
1894 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1895 u8 *params, int params_len)
1897 struct pn533_data_exchange_arg *arg = _arg;
1898 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp;
1899 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1904 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1906 dev_kfree_skb(arg->skb_out);
1908 if (params_len < 0) { /* error */
1915 cmd_ret = status & PN533_CMD_RET_MASK;
1916 if (cmd_ret != PN533_CMD_RET_SUCCESS) {
1917 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when"
1918 " exchanging data", cmd_ret);
1923 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1924 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1925 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1926 skb_queue_tail(&dev->resp_q, skb_resp);
1928 if (status & PN533_CMD_MI_MASK) {
1929 queue_work(dev->wq, &dev->mi_work);
1930 return -EINPROGRESS;
1933 skb = pn533_build_response(dev);
1937 arg->cb(arg->cb_context, skb, 0);
1942 skb_queue_purge(&dev->resp_q);
1943 dev_kfree_skb(skb_resp);
1944 arg->cb(arg->cb_context, NULL, err);
1949 static int pn533_transceive(struct nfc_dev *nfc_dev,
1950 struct nfc_target *target, struct sk_buff *skb,
1951 data_exchange_cb_t cb, void *cb_context)
1953 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1954 struct pn533_frame *out_frame, *in_frame;
1955 struct pn533_data_exchange_arg *arg;
1956 struct sk_buff *skb_resp;
1960 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1962 if (!dev->tgt_active_prot) {
1963 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
1964 " there is no active target");
1969 rc = pn533_build_tx_frame(dev, skb, true);
1973 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1974 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1975 PN533_FRAME_TAIL_SIZE;
1977 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1983 in_frame = (struct pn533_frame *) skb_resp->data;
1984 out_frame = (struct pn533_frame *) skb->data;
1986 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
1992 arg->skb_resp = skb_resp;
1995 arg->cb_context = cb_context;
1997 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len,
1998 pn533_data_exchange_complete, arg,
2001 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
2002 " perform data_exchange", rc);
2011 kfree_skb(skb_resp);
2017 static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2018 u8 *params, int params_len)
2020 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2022 if (params_len < 0) {
2023 nfc_dev_err(&dev->interface->dev,
2024 "Error %d when sending data",
2030 if (params_len > 0 && params[0] != 0) {
2031 nfc_tm_deactivated(dev->nfc_dev);
2038 queue_work(dev->wq, &dev->tg_work);
2043 static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
2045 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2046 struct pn533_frame *out_frame;
2049 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2051 rc = pn533_build_tx_frame(dev, skb, false);
2055 out_frame = (struct pn533_frame *) skb->data;
2057 rc = pn533_send_cmd_frame_async(dev, out_frame, dev->in_frame,
2058 dev->in_maxlen, pn533_tm_send_complete,
2061 nfc_dev_err(&dev->interface->dev,
2062 "Error %d when trying to send data", rc);
2074 static void pn533_wq_mi_recv(struct work_struct *work)
2076 struct pn533 *dev = container_of(work, struct pn533, mi_work);
2077 struct sk_buff *skb_cmd;
2078 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg;
2079 struct pn533_frame *out_frame, *in_frame;
2080 struct sk_buff *skb_resp;
2084 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2086 /* This is a zero payload size skb */
2087 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE,
2089 if (skb_cmd == NULL)
2092 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
2094 rc = pn533_build_tx_frame(dev, skb_cmd, true);
2098 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
2099 PN533_CMD_DATAEXCH_DATA_MAXLEN +
2100 PN533_FRAME_TAIL_SIZE;
2101 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL);
2107 in_frame = (struct pn533_frame *) skb_resp->data;
2108 out_frame = (struct pn533_frame *) skb_cmd->data;
2110 arg->skb_resp = skb_resp;
2111 arg->skb_out = skb_cmd;
2113 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
2115 pn533_data_exchange_complete,
2116 dev->cmd_complete_arg, GFP_KERNEL);
2120 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
2121 " perform data_exchange", rc);
2123 kfree_skb(skb_resp);
2129 pn533_send_ack(dev, GFP_KERNEL);
2133 mutex_unlock(&dev->cmd_lock);
2136 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
2142 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2144 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION);
2146 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
2147 params[0] = cfgitem;
2148 memcpy(¶ms[1], cfgdata, cfgdata_len);
2149 dev->out_frame->datalen += (1 + cfgdata_len);
2151 pn533_tx_frame_finish(dev->out_frame);
2153 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2159 static int pn533_fw_reset(struct pn533 *dev)
2164 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2166 pn533_tx_frame_init(dev->out_frame, 0x18);
2168 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
2170 dev->out_frame->datalen += 1;
2172 pn533_tx_frame_finish(dev->out_frame);
2174 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2180 static struct nfc_ops pn533_nfc_ops = {
2183 .dep_link_up = pn533_dep_link_up,
2184 .dep_link_down = pn533_dep_link_down,
2185 .start_poll = pn533_start_poll,
2186 .stop_poll = pn533_stop_poll,
2187 .activate_target = pn533_activate_target,
2188 .deactivate_target = pn533_deactivate_target,
2189 .im_transceive = pn533_transceive,
2190 .tm_send = pn533_tm_send,
2193 static int pn533_setup(struct pn533 *dev)
2195 struct pn533_config_max_retries max_retries;
2196 struct pn533_config_timing timing;
2197 u8 pasori_cfg[3] = {0x08, 0x01, 0x08};
2200 switch (dev->device_type) {
2201 case PN533_DEVICE_STD:
2202 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
2203 max_retries.mx_rty_psl = 2;
2204 max_retries.mx_rty_passive_act =
2205 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2207 timing.rfu = PN533_CONFIG_TIMING_102;
2208 timing.atr_res_timeout = PN533_CONFIG_TIMING_204;
2209 timing.dep_timeout = PN533_CONFIG_TIMING_409;
2213 case PN533_DEVICE_PASORI:
2214 max_retries.mx_rty_atr = 0x2;
2215 max_retries.mx_rty_psl = 0x1;
2216 max_retries.mx_rty_passive_act =
2217 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2219 timing.rfu = PN533_CONFIG_TIMING_102;
2220 timing.atr_res_timeout = PN533_CONFIG_TIMING_102;
2221 timing.dep_timeout = PN533_CONFIG_TIMING_204;
2226 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2231 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
2232 (u8 *)&max_retries, sizeof(max_retries));
2234 nfc_dev_err(&dev->interface->dev,
2235 "Error on setting MAX_RETRIES config");
2240 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING,
2241 (u8 *)&timing, sizeof(timing));
2243 nfc_dev_err(&dev->interface->dev,
2244 "Error on setting RF timings");
2248 switch (dev->device_type) {
2249 case PN533_DEVICE_STD:
2252 case PN533_DEVICE_PASORI:
2253 pn533_fw_reset(dev);
2255 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI,
2258 nfc_dev_err(&dev->interface->dev,
2259 "Error while settings PASORI config");
2263 pn533_fw_reset(dev);
2271 static int pn533_probe(struct usb_interface *interface,
2272 const struct usb_device_id *id)
2274 struct pn533_fw_version *fw_ver;
2276 struct usb_host_interface *iface_desc;
2277 struct usb_endpoint_descriptor *endpoint;
2278 int in_endpoint = 0;
2279 int out_endpoint = 0;
2284 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2288 dev->udev = usb_get_dev(interface_to_usbdev(interface));
2289 dev->interface = interface;
2290 mutex_init(&dev->cmd_lock);
2292 iface_desc = interface->cur_altsetting;
2293 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
2294 endpoint = &iface_desc->endpoint[i].desc;
2296 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) {
2297 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
2298 in_endpoint = endpoint->bEndpointAddress;
2301 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) {
2303 le16_to_cpu(endpoint->wMaxPacketSize);
2304 out_endpoint = endpoint->bEndpointAddress;
2308 if (!in_endpoint || !out_endpoint) {
2309 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
2310 " bulk-out endpoint");
2315 dev->in_frame = kmalloc(dev->in_maxlen, GFP_KERNEL);
2316 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
2317 dev->out_frame = kmalloc(dev->out_maxlen, GFP_KERNEL);
2318 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
2320 if (!dev->in_frame || !dev->out_frame ||
2321 !dev->in_urb || !dev->out_urb)
2324 usb_fill_bulk_urb(dev->in_urb, dev->udev,
2325 usb_rcvbulkpipe(dev->udev, in_endpoint),
2326 NULL, 0, NULL, dev);
2327 usb_fill_bulk_urb(dev->out_urb, dev->udev,
2328 usb_sndbulkpipe(dev->udev, out_endpoint),
2330 pn533_send_complete, dev);
2332 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete);
2333 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
2334 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
2335 INIT_WORK(&dev->poll_work, pn533_wq_poll);
2336 dev->wq = alloc_workqueue("pn533",
2337 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
2339 if (dev->wq == NULL)
2342 init_timer(&dev->listen_timer);
2343 dev->listen_timer.data = (unsigned long) dev;
2344 dev->listen_timer.function = pn533_listen_mode_timer;
2346 skb_queue_head_init(&dev->resp_q);
2348 usb_set_intfdata(interface, dev);
2350 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION);
2351 pn533_tx_frame_finish(dev->out_frame);
2353 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2358 fw_ver = (struct pn533_fw_version *)
2359 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
2360 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
2361 " attached", fw_ver->ver, fw_ver->rev);
2363 dev->device_type = id->driver_info;
2364 switch (dev->device_type) {
2365 case PN533_DEVICE_STD:
2366 protocols = PN533_ALL_PROTOCOLS;
2369 case PN533_DEVICE_PASORI:
2370 protocols = PN533_NO_TYPE_B_PROTOCOLS;
2374 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2380 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
2381 PN533_CMD_DATAEXCH_HEAD_LEN,
2382 PN533_FRAME_TAIL_SIZE);
2386 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
2387 nfc_set_drvdata(dev->nfc_dev, dev);
2389 rc = nfc_register_device(dev->nfc_dev);
2393 rc = pn533_setup(dev);
2395 goto unregister_nfc_dev;
2400 nfc_unregister_device(dev->nfc_dev);
2403 nfc_free_device(dev->nfc_dev);
2406 destroy_workqueue(dev->wq);
2408 kfree(dev->in_frame);
2409 usb_free_urb(dev->in_urb);
2410 kfree(dev->out_frame);
2411 usb_free_urb(dev->out_urb);
2416 static void pn533_disconnect(struct usb_interface *interface)
2420 dev = usb_get_intfdata(interface);
2421 usb_set_intfdata(interface, NULL);
2423 nfc_unregister_device(dev->nfc_dev);
2424 nfc_free_device(dev->nfc_dev);
2426 usb_kill_urb(dev->in_urb);
2427 usb_kill_urb(dev->out_urb);
2429 destroy_workqueue(dev->wq);
2431 skb_queue_purge(&dev->resp_q);
2433 del_timer(&dev->listen_timer);
2435 kfree(dev->in_frame);
2436 usb_free_urb(dev->in_urb);
2437 kfree(dev->out_frame);
2438 usb_free_urb(dev->out_urb);
2441 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
2444 static struct usb_driver pn533_driver = {
2446 .probe = pn533_probe,
2447 .disconnect = pn533_disconnect,
2448 .id_table = pn533_table,
2451 module_usb_driver(pn533_driver);
2455 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
2456 MODULE_VERSION(VERSION);
2457 MODULE_LICENSE("GPL");
projects / linux.git / blob