2 * NFC Digital Protocol stack
3 * Copyright (c) 2013, Intel Corporation.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
20 #define DIGITAL_CMD_SENS_REQ 0x26
21 #define DIGITAL_CMD_ALL_REQ 0x52
22 #define DIGITAL_CMD_SEL_REQ_CL1 0x93
23 #define DIGITAL_CMD_SEL_REQ_CL2 0x95
24 #define DIGITAL_CMD_SEL_REQ_CL3 0x97
26 #define DIGITAL_SDD_REQ_SEL_PAR 0x20
28 #define DIGITAL_SDD_RES_CT 0x88
29 #define DIGITAL_SDD_RES_LEN 5
31 #define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
32 #define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
33 #define DIGITAL_SEL_RES_IS_NFC_DEP(sel_res) ((sel_res) & 0x40)
35 #define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x0C00) == 0x0C00)
36 #define DIGITAL_SENS_RES_IS_VALID(sens_res) \
37 ((!((sens_res) & 0x001F) && (((sens_res) & 0x0C00) == 0x0C00)) || \
38 (((sens_res) & 0x001F) && ((sens_res) & 0x0C00) != 0x0C00))
40 #define DIGITAL_MIFARE_READ_RES_LEN 16
41 #define DIGITAL_MIFARE_ACK_RES 0x0A
43 #define DIGITAL_CMD_SENSF_REQ 0x00
44 #define DIGITAL_CMD_SENSF_RES 0x01
46 #define DIGITAL_SENSF_RES_MIN_LENGTH 17
47 #define DIGITAL_SENSF_RES_RD_AP_B1 0x00
48 #define DIGITAL_SENSF_RES_RD_AP_B2 0x8F
50 #define DIGITAL_SENSF_REQ_RC_NONE 0
51 #define DIGITAL_SENSF_REQ_RC_SC 1
52 #define DIGITAL_SENSF_REQ_RC_AP 2
54 #define DIGITAL_CMD_ISO15693_INVENTORY_REQ 0x01
56 #define DIGITAL_ISO15693_REQ_FLAG_DATA_RATE BIT(1)
57 #define DIGITAL_ISO15693_REQ_FLAG_INVENTORY BIT(2)
58 #define DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS BIT(5)
59 #define DIGITAL_ISO15693_RES_FLAG_ERROR BIT(0)
60 #define DIGITAL_ISO15693_RES_IS_VALID(flags) \
61 (!((flags) & DIGITAL_ISO15693_RES_FLAG_ERROR))
63 struct digital_sdd_res
{
68 struct digital_sel_req
{
75 struct digital_sensf_req
{
83 struct digital_sensf_res
{
94 struct digital_iso15693_inv_req
{
101 struct digital_iso15693_inv_res
{
107 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
108 struct nfc_target
*target
);
110 static void digital_in_recv_sel_res(struct nfc_digital_dev
*ddev
, void *arg
,
111 struct sk_buff
*resp
)
113 struct nfc_target
*target
= arg
;
124 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
125 rc
= digital_skb_check_crc_a(resp
);
127 PROTOCOL_ERR("4.4.1.3");
137 sel_res
= resp
->data
[0];
139 if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res
)) {
140 rc
= digital_in_send_sdd_req(ddev
, target
);
147 if (DIGITAL_SEL_RES_IS_T2T(sel_res
)) {
148 nfc_proto
= NFC_PROTO_MIFARE
;
149 } else if (DIGITAL_SEL_RES_IS_NFC_DEP(sel_res
)) {
150 nfc_proto
= NFC_PROTO_NFC_DEP
;
156 target
->sel_res
= sel_res
;
158 rc
= digital_target_found(ddev
, target
, nfc_proto
);
167 digital_poll_next_tech(ddev
);
170 static int digital_in_send_sel_req(struct nfc_digital_dev
*ddev
,
171 struct nfc_target
*target
,
172 struct digital_sdd_res
*sdd_res
)
175 struct digital_sel_req
*sel_req
;
179 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sel_req
));
183 skb_put(skb
, sizeof(struct digital_sel_req
));
184 sel_req
= (struct digital_sel_req
*)skb
->data
;
186 if (target
->nfcid1_len
<= 4)
187 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
188 else if (target
->nfcid1_len
< 10)
189 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
191 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
193 sel_req
->sel_cmd
= sel_cmd
;
195 memcpy(sel_req
->nfcid1
, sdd_res
->nfcid1
, 4);
196 sel_req
->bcc
= sdd_res
->bcc
;
198 if (DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
199 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
200 NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A
);
204 digital_skb_add_crc_a(skb
);
207 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sel_res
,
216 static void digital_in_recv_sdd_res(struct nfc_digital_dev
*ddev
, void *arg
,
217 struct sk_buff
*resp
)
219 struct nfc_target
*target
= arg
;
220 struct digital_sdd_res
*sdd_res
;
231 if (resp
->len
< DIGITAL_SDD_RES_LEN
) {
232 PROTOCOL_ERR("4.7.2.8");
237 sdd_res
= (struct digital_sdd_res
*)resp
->data
;
239 for (i
= 0, bcc
= 0; i
< 4; i
++)
240 bcc
^= sdd_res
->nfcid1
[i
];
242 if (bcc
!= sdd_res
->bcc
) {
243 PROTOCOL_ERR("4.7.2.6");
248 if (sdd_res
->nfcid1
[0] == DIGITAL_SDD_RES_CT
) {
256 memcpy(target
->nfcid1
+ target
->nfcid1_len
, sdd_res
->nfcid1
+ offset
,
258 target
->nfcid1_len
+= size
;
260 rc
= digital_in_send_sel_req(ddev
, target
, sdd_res
);
267 digital_poll_next_tech(ddev
);
271 static int digital_in_send_sdd_req(struct nfc_digital_dev
*ddev
,
272 struct nfc_target
*target
)
278 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
279 NFC_DIGITAL_FRAMING_NFCA_STANDARD
);
283 skb
= digital_skb_alloc(ddev
, 2);
287 if (target
->nfcid1_len
== 0)
288 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL1
;
289 else if (target
->nfcid1_len
== 3)
290 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL2
;
292 sel_cmd
= DIGITAL_CMD_SEL_REQ_CL3
;
294 *skb_put(skb
, sizeof(u8
)) = sel_cmd
;
295 *skb_put(skb
, sizeof(u8
)) = DIGITAL_SDD_REQ_SEL_PAR
;
297 return digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sdd_res
,
301 static void digital_in_recv_sens_res(struct nfc_digital_dev
*ddev
, void *arg
,
302 struct sk_buff
*resp
)
304 struct nfc_target
*target
= NULL
;
313 if (resp
->len
< sizeof(u16
)) {
318 target
= kzalloc(sizeof(struct nfc_target
), GFP_KERNEL
);
324 target
->sens_res
= __le16_to_cpu(*(__le16
*)resp
->data
);
326 if (!DIGITAL_SENS_RES_IS_VALID(target
->sens_res
)) {
327 PROTOCOL_ERR("4.6.3.3");
332 if (DIGITAL_SENS_RES_IS_T1T(target
->sens_res
))
333 rc
= digital_target_found(ddev
, target
, NFC_PROTO_JEWEL
);
335 rc
= digital_in_send_sdd_req(ddev
, target
);
342 digital_poll_next_tech(ddev
);
346 int digital_in_send_sens_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
351 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
,
352 NFC_DIGITAL_RF_TECH_106A
);
356 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
357 NFC_DIGITAL_FRAMING_NFCA_SHORT
);
361 skb
= digital_skb_alloc(ddev
, 1);
365 *skb_put(skb
, sizeof(u8
)) = DIGITAL_CMD_SENS_REQ
;
367 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sens_res
, NULL
);
374 int digital_in_recv_mifare_res(struct sk_buff
*resp
)
376 /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
377 * Since the driver can't differentiate a ACK/NACK response from a valid
378 * READ response, the CRC calculation must be handled at digital level
379 * even if the driver supports it for this technology.
381 if (resp
->len
== DIGITAL_MIFARE_READ_RES_LEN
+ DIGITAL_CRC_LEN
) {
382 if (digital_skb_check_crc_a(resp
)) {
383 PROTOCOL_ERR("9.4.1.2");
390 /* ACK response (i.e. successful WRITE). */
391 if (resp
->len
== 1 && resp
->data
[0] == DIGITAL_MIFARE_ACK_RES
) {
396 /* NACK and any other responses are treated as error. */
400 static void digital_in_recv_sensf_res(struct nfc_digital_dev
*ddev
, void *arg
,
401 struct sk_buff
*resp
)
405 struct nfc_target target
;
406 struct digital_sensf_res
*sensf_res
;
414 if (resp
->len
< DIGITAL_SENSF_RES_MIN_LENGTH
) {
419 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
)) {
420 rc
= digital_skb_check_crc_f(resp
);
422 PROTOCOL_ERR("6.4.1.8");
429 memset(&target
, 0, sizeof(struct nfc_target
));
431 sensf_res
= (struct digital_sensf_res
*)resp
->data
;
433 memcpy(target
.sensf_res
, sensf_res
, resp
->len
);
434 target
.sensf_res_len
= resp
->len
;
436 memcpy(target
.nfcid2
, sensf_res
->nfcid2
, NFC_NFCID2_MAXSIZE
);
437 target
.nfcid2_len
= NFC_NFCID2_MAXSIZE
;
439 if (target
.nfcid2
[0] == DIGITAL_SENSF_NFCID2_NFC_DEP_B1
&&
440 target
.nfcid2
[1] == DIGITAL_SENSF_NFCID2_NFC_DEP_B2
)
441 proto
= NFC_PROTO_NFC_DEP
;
443 proto
= NFC_PROTO_FELICA
;
445 rc
= digital_target_found(ddev
, &target
, proto
);
451 digital_poll_next_tech(ddev
);
454 int digital_in_send_sensf_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
456 struct digital_sensf_req
*sensf_req
;
461 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
465 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
466 NFC_DIGITAL_FRAMING_NFCF
);
470 size
= sizeof(struct digital_sensf_req
);
472 skb
= digital_skb_alloc(ddev
, size
);
478 sensf_req
= (struct digital_sensf_req
*)skb
->data
;
479 sensf_req
->cmd
= DIGITAL_CMD_SENSF_REQ
;
480 sensf_req
->sc1
= 0xFF;
481 sensf_req
->sc2
= 0xFF;
485 *skb_push(skb
, 1) = size
+ 1;
487 if (!DIGITAL_DRV_CAPS_IN_CRC(ddev
))
488 digital_skb_add_crc_f(skb
);
490 rc
= digital_in_send_cmd(ddev
, skb
, 30, digital_in_recv_sensf_res
,
498 static void digital_in_recv_iso15693_inv_res(struct nfc_digital_dev
*ddev
,
499 void *arg
, struct sk_buff
*resp
)
501 struct digital_iso15693_inv_res
*res
;
502 struct nfc_target
*target
= NULL
;
511 if (resp
->len
!= sizeof(*res
)) {
516 res
= (struct digital_iso15693_inv_res
*)resp
->data
;
518 if (!DIGITAL_ISO15693_RES_IS_VALID(res
->flags
)) {
519 PROTOCOL_ERR("ISO15693 - 10.3.1");
524 target
= kzalloc(sizeof(*target
), GFP_KERNEL
);
530 target
->is_iso15693
= 1;
531 target
->iso15693_dsfid
= res
->dsfid
;
532 memcpy(target
->iso15693_uid
, &res
->uid
, sizeof(target
->iso15693_uid
));
534 rc
= digital_target_found(ddev
, target
, NFC_PROTO_ISO15693
);
542 digital_poll_next_tech(ddev
);
545 int digital_in_send_iso15693_inv_req(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
547 struct digital_iso15693_inv_req
*req
;
551 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
,
552 NFC_DIGITAL_RF_TECH_ISO15693
);
556 rc
= digital_in_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
557 NFC_DIGITAL_FRAMING_ISO15693_INVENTORY
);
561 skb
= digital_skb_alloc(ddev
, sizeof(*req
));
565 skb_put(skb
, sizeof(*req
) - sizeof(req
->mask
)); /* No mask */
566 req
= (struct digital_iso15693_inv_req
*)skb
->data
;
568 /* Single sub-carrier, high data rate, no AFI, single slot
571 req
->flags
= DIGITAL_ISO15693_REQ_FLAG_DATA_RATE
|
572 DIGITAL_ISO15693_REQ_FLAG_INVENTORY
|
573 DIGITAL_ISO15693_REQ_FLAG_NB_SLOTS
;
574 req
->cmd
= DIGITAL_CMD_ISO15693_INVENTORY_REQ
;
577 rc
= digital_in_send_cmd(ddev
, skb
, 30,
578 digital_in_recv_iso15693_inv_res
, NULL
);
585 static int digital_tg_send_sel_res(struct nfc_digital_dev
*ddev
)
590 skb
= digital_skb_alloc(ddev
, 1);
594 *skb_put(skb
, 1) = DIGITAL_SEL_RES_NFC_DEP
;
596 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
597 digital_skb_add_crc_a(skb
);
599 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_atr_req
,
607 static void digital_tg_recv_sel_req(struct nfc_digital_dev
*ddev
, void *arg
,
608 struct sk_buff
*resp
)
618 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
619 rc
= digital_skb_check_crc_a(resp
);
621 PROTOCOL_ERR("4.4.1.3");
626 /* Silently ignore SEL_REQ content and send a SEL_RES for NFC-DEP */
628 rc
= digital_tg_send_sel_res(ddev
);
632 digital_poll_next_tech(ddev
);
637 static int digital_tg_send_sdd_res(struct nfc_digital_dev
*ddev
)
640 struct digital_sdd_res
*sdd_res
;
643 skb
= digital_skb_alloc(ddev
, sizeof(struct digital_sdd_res
));
647 skb_put(skb
, sizeof(struct digital_sdd_res
));
648 sdd_res
= (struct digital_sdd_res
*)skb
->data
;
650 sdd_res
->nfcid1
[0] = 0x08;
651 get_random_bytes(sdd_res
->nfcid1
+ 1, 3);
654 for (i
= 0; i
< 4; i
++)
655 sdd_res
->bcc
^= sdd_res
->nfcid1
[i
];
657 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sel_req
,
665 static void digital_tg_recv_sdd_req(struct nfc_digital_dev
*ddev
, void *arg
,
666 struct sk_buff
*resp
)
677 sdd_req
= resp
->data
;
679 if (resp
->len
< 2 || sdd_req
[0] != DIGITAL_CMD_SEL_REQ_CL1
||
680 sdd_req
[1] != DIGITAL_SDD_REQ_SEL_PAR
) {
685 rc
= digital_tg_send_sdd_res(ddev
);
689 digital_poll_next_tech(ddev
);
694 static int digital_tg_send_sens_res(struct nfc_digital_dev
*ddev
)
700 skb
= digital_skb_alloc(ddev
, 2);
704 sens_res
= skb_put(skb
, 2);
706 sens_res
[0] = (DIGITAL_SENS_RES_NFC_DEP
>> 8) & 0xFF;
707 sens_res
[1] = DIGITAL_SENS_RES_NFC_DEP
& 0xFF;
709 rc
= digital_tg_send_cmd(ddev
, skb
, 300, digital_tg_recv_sdd_req
,
717 void digital_tg_recv_sens_req(struct nfc_digital_dev
*ddev
, void *arg
,
718 struct sk_buff
*resp
)
729 sens_req
= resp
->data
[0];
731 if (!resp
->len
|| (sens_req
!= DIGITAL_CMD_SENS_REQ
&&
732 sens_req
!= DIGITAL_CMD_ALL_REQ
)) {
737 rc
= digital_tg_send_sens_res(ddev
);
741 digital_poll_next_tech(ddev
);
746 static int digital_tg_send_sensf_res(struct nfc_digital_dev
*ddev
,
747 struct digital_sensf_req
*sensf_req
)
752 struct digital_sensf_res
*sensf_res
;
754 size
= sizeof(struct digital_sensf_res
);
756 if (sensf_req
->rc
!= DIGITAL_SENSF_REQ_RC_NONE
)
757 size
-= sizeof(sensf_res
->rd
);
759 skb
= digital_skb_alloc(ddev
, size
);
765 sensf_res
= (struct digital_sensf_res
*)skb
->data
;
767 memset(sensf_res
, 0, size
);
769 sensf_res
->cmd
= DIGITAL_CMD_SENSF_RES
;
770 sensf_res
->nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
771 sensf_res
->nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
772 get_random_bytes(&sensf_res
->nfcid2
[2], 6);
774 switch (sensf_req
->rc
) {
775 case DIGITAL_SENSF_REQ_RC_SC
:
776 sensf_res
->rd
[0] = sensf_req
->sc1
;
777 sensf_res
->rd
[1] = sensf_req
->sc2
;
779 case DIGITAL_SENSF_REQ_RC_AP
:
780 sensf_res
->rd
[0] = DIGITAL_SENSF_RES_RD_AP_B1
;
781 sensf_res
->rd
[1] = DIGITAL_SENSF_RES_RD_AP_B2
;
785 *skb_push(skb
, sizeof(u8
)) = size
+ 1;
787 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
))
788 digital_skb_add_crc_f(skb
);
790 rc
= digital_tg_send_cmd(ddev
, skb
, 300,
791 digital_tg_recv_atr_req
, NULL
);
798 void digital_tg_recv_sensf_req(struct nfc_digital_dev
*ddev
, void *arg
,
799 struct sk_buff
*resp
)
801 struct digital_sensf_req
*sensf_req
;
810 if (!DIGITAL_DRV_CAPS_TG_CRC(ddev
)) {
811 rc
= digital_skb_check_crc_f(resp
);
813 PROTOCOL_ERR("6.4.1.8");
818 if (resp
->len
!= sizeof(struct digital_sensf_req
) + 1) {
824 sensf_req
= (struct digital_sensf_req
*)resp
->data
;
826 if (sensf_req
->cmd
!= DIGITAL_CMD_SENSF_REQ
) {
831 rc
= digital_tg_send_sensf_res(ddev
, sensf_req
);
835 digital_poll_next_tech(ddev
);
840 int digital_tg_listen_nfca(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
844 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
848 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
849 NFC_DIGITAL_FRAMING_NFCA_NFC_DEP
);
853 return digital_tg_listen(ddev
, 300, digital_tg_recv_sens_req
, NULL
);
856 int digital_tg_listen_nfcf(struct nfc_digital_dev
*ddev
, u8 rf_tech
)
861 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_RF_TECH
, rf_tech
);
865 rc
= digital_tg_configure_hw(ddev
, NFC_DIGITAL_CONFIG_FRAMING
,
866 NFC_DIGITAL_FRAMING_NFCF_NFC_DEP
);
870 nfcid2
= kzalloc(NFC_NFCID2_MAXSIZE
, GFP_KERNEL
);
874 nfcid2
[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1
;
875 nfcid2
[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2
;
876 get_random_bytes(nfcid2
+ 2, NFC_NFCID2_MAXSIZE
- 2);
878 return digital_tg_listen(ddev
, 300, digital_tg_recv_sensf_req
, nfcid2
);