2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
24 #include <linux/device.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/usb.h>
29 #include <linux/nfc.h>
30 #include <linux/netdevice.h>
31 #include <net/nfc/nfc.h>
35 #define PN533_VENDOR_ID 0x4CC
36 #define PN533_PRODUCT_ID 0x2533
38 #define SCM_VENDOR_ID 0x4E6
39 #define SCL3711_PRODUCT_ID 0x5591
41 static const struct usb_device_id pn533_table[] = {
42 { USB_DEVICE(PN533_VENDOR_ID, PN533_PRODUCT_ID) },
43 { USB_DEVICE(SCM_VENDOR_ID, SCL3711_PRODUCT_ID) },
46 MODULE_DEVICE_TABLE(usb, pn533_table);
48 /* frame definitions */
49 #define PN533_FRAME_TAIL_SIZE 2
50 #define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
51 PN533_FRAME_TAIL_SIZE)
52 #define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
53 #define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
54 #define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
57 #define PN533_SOF 0x00FF
59 /* frame identifier: in/out/error */
60 #define PN533_FRAME_IDENTIFIER(f) (f->data[0])
61 #define PN533_DIR_OUT 0xD4
62 #define PN533_DIR_IN 0xD5
65 #define PN533_FRAME_CMD(f) (f->data[1])
66 #define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
67 #define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
69 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
70 #define PN533_CMD_RF_CONFIGURATION 0x32
71 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
72 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
73 #define PN533_CMD_IN_ATR 0x50
74 #define PN533_CMD_IN_RELEASE 0x52
75 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
77 #define PN533_CMD_TG_INIT_AS_TARGET 0x8c
78 #define PN533_CMD_TG_GET_DATA 0x86
80 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
82 /* PN533 Return codes */
83 #define PN533_CMD_RET_MASK 0x3F
84 #define PN533_CMD_MI_MASK 0x40
85 #define PN533_CMD_RET_SUCCESS 0x00
87 /* PN533 status codes */
88 #define PN533_STATUS_TARGET_RELEASED 0x29
92 typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
93 u8 *params, int params_len);
95 /* structs for pn533 commands */
97 /* PN533_CMD_GET_FIRMWARE_VERSION */
98 struct pn533_fw_version {
105 /* PN533_CMD_RF_CONFIGURATION */
106 #define PN533_CFGITEM_MAX_RETRIES 0x05
108 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
109 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
111 struct pn533_config_max_retries {
114 u8 mx_rty_passive_act;
117 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
119 /* felica commands opcode */
120 #define PN533_FELICA_OPC_SENSF_REQ 0
121 #define PN533_FELICA_OPC_SENSF_RES 1
122 /* felica SENSF_REQ parameters */
123 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
124 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
125 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
126 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
128 /* type B initiator_data values */
129 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
130 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
131 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
133 union pn533_cmd_poll_initdata {
146 /* Poll modulations */
148 PN533_POLL_MOD_106KBPS_A,
149 PN533_POLL_MOD_212KBPS_FELICA,
150 PN533_POLL_MOD_424KBPS_FELICA,
151 PN533_POLL_MOD_106KBPS_JEWEL,
152 PN533_POLL_MOD_847KBPS_B,
154 __PN533_POLL_MOD_AFTER_LAST,
156 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
158 struct pn533_poll_modulations {
162 union pn533_cmd_poll_initdata initiator_data;
167 const struct pn533_poll_modulations poll_mod[] = {
168 [PN533_POLL_MOD_106KBPS_A] = {
175 [PN533_POLL_MOD_212KBPS_FELICA] = {
179 .initiator_data.felica = {
180 .opcode = PN533_FELICA_OPC_SENSF_REQ,
181 .sc = PN533_FELICA_SENSF_SC_ALL,
182 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
188 [PN533_POLL_MOD_424KBPS_FELICA] = {
192 .initiator_data.felica = {
193 .opcode = PN533_FELICA_OPC_SENSF_REQ,
194 .sc = PN533_FELICA_SENSF_SC_ALL,
195 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
201 [PN533_POLL_MOD_106KBPS_JEWEL] = {
208 [PN533_POLL_MOD_847KBPS_B] = {
212 .initiator_data.type_b = {
213 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
215 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
222 /* PN533_CMD_IN_ATR */
224 struct pn533_cmd_activate_param {
229 struct pn533_cmd_activate_response {
241 /* PN533_CMD_IN_JUMP_FOR_DEP */
242 struct pn533_cmd_jump_dep {
249 struct pn533_cmd_jump_dep_response {
263 /* PN533_TG_INIT_AS_TARGET */
264 #define PN533_INIT_TARGET_PASSIVE 0x1
265 #define PN533_INIT_TARGET_DEP 0x2
267 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
268 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1
269 #define PN533_INIT_TARGET_RESP_DEP 0x4
271 struct pn533_cmd_init_target {
280 struct pn533_cmd_init_target_response {
286 struct usb_device *udev;
287 struct usb_interface *interface;
288 struct nfc_dev *nfc_dev;
292 struct pn533_frame *out_frame;
296 struct pn533_frame *in_frame;
298 struct sk_buff_head resp_q;
300 struct workqueue_struct *wq;
301 struct work_struct cmd_work;
302 struct work_struct mi_work;
303 struct work_struct tg_work;
304 struct pn533_frame *wq_in_frame;
307 pn533_cmd_complete_t cmd_complete;
308 void *cmd_complete_arg;
309 struct semaphore cmd_lock;
312 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
317 u8 tgt_available_prots;
329 /* The rule: value + checksum = 0 */
330 static inline u8 pn533_checksum(u8 value)
335 /* The rule: sum(data elements) + checksum = 0 */
336 static u8 pn533_data_checksum(u8 *data, int datalen)
341 for (i = 0; i < datalen; i++)
344 return pn533_checksum(sum);
348 * pn533_tx_frame_ack - create a ack frame
349 * @frame: The frame to be set as ack
351 * Ack is different type of standard frame. As a standard frame, it has
352 * preamble and start_frame. However the checksum of this frame must fail,
353 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
354 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
355 * After datalen_checksum field, the postamble is placed.
357 static void pn533_tx_frame_ack(struct pn533_frame *frame)
360 frame->start_frame = cpu_to_be16(PN533_SOF);
362 frame->datalen_checksum = 0xFF;
363 /* data[0] is used as postamble */
367 static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
370 frame->start_frame = cpu_to_be16(PN533_SOF);
371 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
372 PN533_FRAME_CMD(frame) = cmd;
376 static void pn533_tx_frame_finish(struct pn533_frame *frame)
378 frame->datalen_checksum = pn533_checksum(frame->datalen);
380 PN533_FRAME_CHECKSUM(frame) =
381 pn533_data_checksum(frame->data, frame->datalen);
383 PN533_FRAME_POSTAMBLE(frame) = 0;
386 static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
390 if (frame->start_frame != cpu_to_be16(PN533_SOF))
393 checksum = pn533_checksum(frame->datalen);
394 if (checksum != frame->datalen_checksum)
397 checksum = pn533_data_checksum(frame->data, frame->datalen);
398 if (checksum != PN533_FRAME_CHECKSUM(frame))
404 static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
406 if (frame->start_frame != cpu_to_be16(PN533_SOF))
409 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
415 static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
417 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
421 static void pn533_wq_cmd_complete(struct work_struct *work)
423 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
424 struct pn533_frame *in_frame;
427 in_frame = dev->wq_in_frame;
429 if (dev->wq_in_error)
430 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
433 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
434 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
435 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
437 if (rc != -EINPROGRESS)
441 static void pn533_recv_response(struct urb *urb)
443 struct pn533 *dev = urb->context;
444 struct pn533_frame *in_frame;
446 dev->wq_in_frame = NULL;
448 switch (urb->status) {
455 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
456 " status: %d", urb->status);
457 dev->wq_in_error = urb->status;
460 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
462 dev->wq_in_error = urb->status;
466 in_frame = dev->in_urb->transfer_buffer;
468 if (!pn533_rx_frame_is_valid(in_frame)) {
469 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
470 dev->wq_in_error = -EIO;
474 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
475 nfc_dev_err(&dev->interface->dev, "The received frame is not "
476 "response to the last command");
477 dev->wq_in_error = -EIO;
481 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
482 dev->wq_in_error = 0;
483 dev->wq_in_frame = in_frame;
486 queue_work(dev->wq, &dev->cmd_work);
489 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
491 dev->in_urb->complete = pn533_recv_response;
493 return usb_submit_urb(dev->in_urb, flags);
496 static void pn533_recv_ack(struct urb *urb)
498 struct pn533 *dev = urb->context;
499 struct pn533_frame *in_frame;
502 switch (urb->status) {
509 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
510 " status: %d", urb->status);
511 dev->wq_in_error = urb->status;
514 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
516 dev->wq_in_error = urb->status;
520 in_frame = dev->in_urb->transfer_buffer;
522 if (!pn533_rx_frame_is_ack(in_frame)) {
523 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
524 dev->wq_in_error = -EIO;
528 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
530 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
532 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
534 dev->wq_in_error = rc;
541 dev->wq_in_frame = NULL;
542 queue_work(dev->wq, &dev->cmd_work);
545 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
547 dev->in_urb->complete = pn533_recv_ack;
549 return usb_submit_urb(dev->in_urb, flags);
552 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
556 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
558 pn533_tx_frame_ack(dev->out_frame);
560 dev->out_urb->transfer_buffer = dev->out_frame;
561 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
562 rc = usb_submit_urb(dev->out_urb, flags);
567 static int __pn533_send_cmd_frame_async(struct pn533 *dev,
568 struct pn533_frame *out_frame,
569 struct pn533_frame *in_frame,
571 pn533_cmd_complete_t cmd_complete,
572 void *arg, gfp_t flags)
576 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
577 PN533_FRAME_CMD(out_frame));
579 dev->cmd = PN533_FRAME_CMD(out_frame);
580 dev->cmd_complete = cmd_complete;
581 dev->cmd_complete_arg = arg;
583 dev->out_urb->transfer_buffer = out_frame;
584 dev->out_urb->transfer_buffer_length =
585 PN533_FRAME_SIZE(out_frame);
587 dev->in_urb->transfer_buffer = in_frame;
588 dev->in_urb->transfer_buffer_length = in_frame_len;
590 rc = usb_submit_urb(dev->out_urb, flags);
594 rc = pn533_submit_urb_for_ack(dev, flags);
601 usb_unlink_urb(dev->out_urb);
605 static int pn533_send_cmd_frame_async(struct pn533 *dev,
606 struct pn533_frame *out_frame,
607 struct pn533_frame *in_frame,
609 pn533_cmd_complete_t cmd_complete,
610 void *arg, gfp_t flags)
614 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
616 if (down_trylock(&dev->cmd_lock))
619 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
620 in_frame_len, cmd_complete, arg, flags);
630 struct pn533_sync_cmd_response {
632 struct completion done;
635 static int pn533_sync_cmd_complete(struct pn533 *dev, void *_arg,
636 u8 *params, int params_len)
638 struct pn533_sync_cmd_response *arg = _arg;
640 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
644 if (params_len < 0) /* error */
645 arg->rc = params_len;
647 complete(&arg->done);
652 static int pn533_send_cmd_frame_sync(struct pn533 *dev,
653 struct pn533_frame *out_frame,
654 struct pn533_frame *in_frame,
658 struct pn533_sync_cmd_response arg;
660 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
662 init_completion(&arg.done);
664 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, in_frame_len,
665 pn533_sync_cmd_complete, &arg, GFP_KERNEL);
669 wait_for_completion(&arg.done);
674 static void pn533_send_complete(struct urb *urb)
676 struct pn533 *dev = urb->context;
678 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
680 switch (urb->status) {
687 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
688 " status: %d", urb->status);
691 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
696 struct pn533_target_type_a {
704 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
705 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
706 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
708 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
709 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
711 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
712 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
714 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
715 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
716 #define PN533_TYPE_A_SEL_PROT_DEP 2
717 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
719 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
725 if (target_data_len < sizeof(struct pn533_target_type_a))
728 /* The lenght check of nfcid[] and ats[] are not being performed because
729 the values are not being used */
731 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
732 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
733 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
735 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
736 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
737 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
738 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
741 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
742 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
748 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
751 struct pn533_target_type_a *tgt_type_a;
753 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
755 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
758 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
759 case PN533_TYPE_A_SEL_PROT_MIFARE:
760 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
762 case PN533_TYPE_A_SEL_PROT_ISO14443:
763 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
765 case PN533_TYPE_A_SEL_PROT_DEP:
766 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
768 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
769 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
770 NFC_PROTO_NFC_DEP_MASK;
774 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
775 nfc_tgt->sel_res = tgt_type_a->sel_res;
776 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
777 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
782 struct pn533_target_felica {
791 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
792 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
794 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
797 if (target_data_len < sizeof(struct pn533_target_felica))
800 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
806 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
809 struct pn533_target_felica *tgt_felica;
811 tgt_felica = (struct pn533_target_felica *) tgt_data;
813 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
816 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
817 tgt_felica->nfcid2[1] ==
818 PN533_FELICA_SENSF_NFCID2_DEP_B2)
819 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
821 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
823 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
824 nfc_tgt->sensf_res_len = 9;
829 struct pn533_target_jewel {
834 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
840 if (target_data_len < sizeof(struct pn533_target_jewel))
843 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
844 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
845 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
847 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
848 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
849 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
850 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
856 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
859 struct pn533_target_jewel *tgt_jewel;
861 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
863 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
866 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
867 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
868 nfc_tgt->nfcid1_len = 4;
869 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
874 struct pn533_type_b_prot_info {
880 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
881 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
882 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
884 struct pn533_type_b_sens_res {
888 struct pn533_type_b_prot_info prot_info;
891 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
893 struct pn533_target_type_b {
894 struct pn533_type_b_sens_res sensb_res;
899 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
902 if (target_data_len < sizeof(struct pn533_target_type_b))
905 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
908 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
909 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
915 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
918 struct pn533_target_type_b *tgt_type_b;
920 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
922 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
925 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
930 struct pn533_poll_response {
936 static int pn533_target_found(struct pn533 *dev,
937 struct pn533_poll_response *resp, int resp_len)
940 struct nfc_target nfc_tgt;
943 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
949 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
951 target_data_len = resp_len - sizeof(struct pn533_poll_response);
953 switch (dev->poll_mod_curr) {
954 case PN533_POLL_MOD_106KBPS_A:
955 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
958 case PN533_POLL_MOD_212KBPS_FELICA:
959 case PN533_POLL_MOD_424KBPS_FELICA:
960 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
963 case PN533_POLL_MOD_106KBPS_JEWEL:
964 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
967 case PN533_POLL_MOD_847KBPS_B:
968 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
972 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
980 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
981 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
982 " have the desired protocol");
986 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
987 "0x%x", nfc_tgt.supported_protocols);
989 dev->tgt_available_prots = nfc_tgt.supported_protocols;
991 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
996 static void pn533_poll_reset_mod_list(struct pn533 *dev)
998 dev->poll_mod_count = 0;
1001 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1003 dev->poll_mod_active[dev->poll_mod_count] =
1004 (struct pn533_poll_modulations *) &poll_mod[mod_index];
1005 dev->poll_mod_count++;
1008 static void pn533_poll_create_mod_list(struct pn533 *dev, u32 protocols)
1010 pn533_poll_reset_mod_list(dev);
1012 if (protocols & NFC_PROTO_MIFARE_MASK
1013 || protocols & NFC_PROTO_ISO14443_MASK
1014 || protocols & NFC_PROTO_NFC_DEP_MASK)
1015 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1017 if (protocols & NFC_PROTO_FELICA_MASK
1018 || protocols & NFC_PROTO_NFC_DEP_MASK) {
1019 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1020 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1023 if (protocols & NFC_PROTO_JEWEL_MASK)
1024 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
1026 if (protocols & NFC_PROTO_ISO14443_MASK)
1027 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1030 static void pn533_start_poll_frame(struct pn533_frame *frame,
1031 struct pn533_poll_modulations *mod)
1034 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1036 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1037 frame->datalen += mod->len;
1039 pn533_tx_frame_finish(frame);
1042 static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1043 u8 *params, int params_len)
1045 struct pn533_poll_response *resp;
1046 struct pn533_poll_modulations *next_mod;
1049 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1051 if (params_len == -ENOENT) {
1052 nfc_dev_dbg(&dev->interface->dev, "Polling operation has been"
1057 if (params_len < 0) {
1058 nfc_dev_err(&dev->interface->dev, "Error %d when running poll",
1063 resp = (struct pn533_poll_response *) params;
1065 rc = pn533_target_found(dev, resp, params_len);
1067 /* We must stop the poll after a valid target found */
1072 nfc_dev_err(&dev->interface->dev, "The target found is"
1073 " not valid - continuing to poll");
1076 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1078 next_mod = dev->poll_mod_active[dev->poll_mod_curr];
1080 nfc_dev_dbg(&dev->interface->dev, "Polling next modulation (0x%x)",
1081 dev->poll_mod_curr);
1083 pn533_start_poll_frame(dev->out_frame, next_mod);
1085 /* Don't need to down the semaphore again */
1086 rc = __pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1087 dev->in_maxlen, pn533_start_poll_complete,
1091 nfc_dev_dbg(&dev->interface->dev, "Cannot poll next modulation"
1092 " because poll has been stopped");
1097 nfc_dev_err(&dev->interface->dev, "Error %d when trying to poll"
1098 " next modulation", rc);
1102 /* Inform caller function to do not up the semaphore */
1103 return -EINPROGRESS;
1106 pn533_poll_reset_mod_list(dev);
1107 dev->poll_protocols = 0;
1111 static int pn533_init_target_frame(struct pn533_frame *frame,
1112 u8 *gb, size_t gb_len)
1114 struct pn533_cmd_init_target *cmd;
1117 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1;
1118 cmd = kzalloc(cmd_len, GFP_KERNEL);
1122 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET);
1124 /* DEP support only */
1125 cmd->mode |= PN533_INIT_TARGET_DEP;
1126 get_random_bytes(cmd->nfcid3, 10);
1127 cmd->gb_len = gb_len;
1128 memcpy(cmd->gb, gb, gb_len);
1130 cmd->gb[gb_len] = 0;
1132 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1133 frame->datalen += cmd_len;
1135 pn533_tx_frame_finish(frame);
1140 #define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1141 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1142 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1143 u8 *params, int params_len)
1145 struct sk_buff *skb_resp = arg;
1146 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1148 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1150 if (params_len < 0) {
1151 nfc_dev_err(&dev->interface->dev,
1152 "Error %d when starting as a target",
1158 if (params_len > 0 && params[0] != 0) {
1159 nfc_tm_deactivated(dev->nfc_dev);
1161 kfree_skb(skb_resp);
1165 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1166 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1167 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1169 return nfc_tm_data_received(dev->nfc_dev, skb_resp);
1172 static void pn533_wq_tg_get_data(struct work_struct *work)
1174 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1175 struct pn533_frame *in_frame;
1176 struct sk_buff *skb_resp;
1177 size_t skb_resp_len;
1179 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1181 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1182 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1183 PN533_FRAME_TAIL_SIZE;
1185 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1189 in_frame = (struct pn533_frame *)skb_resp->data;
1191 pn533_tx_frame_init(dev->out_frame, PN533_CMD_TG_GET_DATA);
1192 pn533_tx_frame_finish(dev->out_frame);
1194 pn533_send_cmd_frame_async(dev, dev->out_frame, in_frame,
1196 pn533_tm_get_data_complete,
1197 skb_resp, GFP_KERNEL);
1202 #define ATR_REQ_GB_OFFSET 17
1203 static int pn533_init_target_complete(struct pn533 *dev, void *arg,
1204 u8 *params, int params_len)
1206 struct pn533_cmd_init_target_response *resp;
1207 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1211 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1213 if (params_len < 0) {
1214 nfc_dev_err(&dev->interface->dev,
1215 "Error %d when starting as a target",
1221 if (params_len < ATR_REQ_GB_OFFSET + 1)
1224 resp = (struct pn533_cmd_init_target_response *) params;
1226 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n",
1227 resp->mode, params_len);
1229 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK;
1230 if (frame == PN533_INIT_TARGET_RESP_ACTIVE)
1231 comm_mode = NFC_COMM_ACTIVE;
1233 /* Again, only DEP */
1234 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1237 gb = resp->cmd + ATR_REQ_GB_OFFSET;
1238 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1);
1240 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1241 comm_mode, gb, gb_len);
1243 nfc_dev_err(&dev->interface->dev,
1244 "Error when signaling target activation");
1248 queue_work(dev->wq, &dev->tg_work);
1253 static int pn533_init_target(struct nfc_dev *nfc_dev, u32 protocols)
1255 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1260 pn533_poll_reset_mod_list(dev);
1262 gb = nfc_get_local_general_bytes(nfc_dev, &gb_len);
1266 rc = pn533_init_target_frame(dev->out_frame, gb, gb_len);
1270 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1272 pn533_init_target_complete,
1276 nfc_dev_err(&dev->interface->dev,
1277 "Error %d when trying to initiate as a target", rc);
1279 dev->poll_mod_count++;
1284 static int pn533_start_im_poll(struct nfc_dev *nfc_dev, u32 protocols)
1286 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1287 struct pn533_poll_modulations *start_mod;
1290 if (dev->poll_mod_count) {
1291 nfc_dev_err(&dev->interface->dev, "Polling operation already"
1296 pn533_poll_create_mod_list(dev, protocols);
1298 if (!dev->poll_mod_count) {
1299 nfc_dev_err(&dev->interface->dev, "No valid protocols"
1305 nfc_dev_dbg(&dev->interface->dev, "It will poll %d modulations types",
1306 dev->poll_mod_count);
1308 dev->poll_mod_curr = 0;
1309 start_mod = dev->poll_mod_active[dev->poll_mod_curr];
1311 pn533_start_poll_frame(dev->out_frame, start_mod);
1313 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1314 dev->in_maxlen, pn533_start_poll_complete,
1318 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1323 dev->poll_protocols = protocols;
1328 pn533_poll_reset_mod_list(dev);
1332 static int pn533_start_poll(struct nfc_dev *nfc_dev,
1333 u32 im_protocols, u32 tm_protocols)
1335 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1337 nfc_dev_dbg(&dev->interface->dev,
1338 "%s: im protocols 0x%x tm protocols 0x%x",
1339 __func__, im_protocols, tm_protocols);
1341 if (dev->tgt_active_prot) {
1342 nfc_dev_err(&dev->interface->dev,
1343 "Cannot poll with a target already activated");
1348 return pn533_start_im_poll(nfc_dev, im_protocols);
1351 return pn533_init_target(nfc_dev, tm_protocols);
1356 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1358 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1360 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1362 if (!dev->poll_mod_count) {
1363 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1368 /* An ack will cancel the last issued command (poll) */
1369 pn533_send_ack(dev, GFP_KERNEL);
1371 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1372 usb_kill_urb(dev->in_urb);
1375 static int pn533_activate_target_nfcdep(struct pn533 *dev)
1377 struct pn533_cmd_activate_param param;
1378 struct pn533_cmd_activate_response *resp;
1382 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1384 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_ATR);
1388 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), ¶m,
1389 sizeof(struct pn533_cmd_activate_param));
1390 dev->out_frame->datalen += sizeof(struct pn533_cmd_activate_param);
1392 pn533_tx_frame_finish(dev->out_frame);
1394 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1399 resp = (struct pn533_cmd_activate_response *)
1400 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
1401 rc = resp->status & PN533_CMD_RET_MASK;
1402 if (rc != PN533_CMD_RET_SUCCESS)
1405 /* ATR_RES general bytes are located at offset 16 */
1406 gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 16;
1407 rc = nfc_set_remote_general_bytes(dev->nfc_dev, resp->gt, gt_len);
1412 static int pn533_activate_target(struct nfc_dev *nfc_dev,
1413 struct nfc_target *target, u32 protocol)
1415 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1418 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1421 if (dev->poll_mod_count) {
1422 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1427 if (dev->tgt_active_prot) {
1428 nfc_dev_err(&dev->interface->dev, "There is already an active"
1433 if (!dev->tgt_available_prots) {
1434 nfc_dev_err(&dev->interface->dev, "There is no available target"
1439 if (!(dev->tgt_available_prots & (1 << protocol))) {
1440 nfc_dev_err(&dev->interface->dev, "The target does not support"
1441 " the requested protocol %u", protocol);
1445 if (protocol == NFC_PROTO_NFC_DEP) {
1446 rc = pn533_activate_target_nfcdep(dev);
1448 nfc_dev_err(&dev->interface->dev, "Error %d when"
1449 " activating target with"
1450 " NFC_DEP protocol", rc);
1455 dev->tgt_active_prot = protocol;
1456 dev->tgt_available_prots = 0;
1461 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1462 struct nfc_target *target)
1464 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1469 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1471 if (!dev->tgt_active_prot) {
1472 nfc_dev_err(&dev->interface->dev, "There is no active target");
1476 dev->tgt_active_prot = 0;
1478 skb_queue_purge(&dev->resp_q);
1480 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_RELEASE);
1483 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), &tg, sizeof(u8));
1484 dev->out_frame->datalen += sizeof(u8);
1486 pn533_tx_frame_finish(dev->out_frame);
1488 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1491 nfc_dev_err(&dev->interface->dev, "Error when sending release"
1492 " command to the controller");
1496 status = PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame)[0];
1497 rc = status & PN533_CMD_RET_MASK;
1498 if (rc != PN533_CMD_RET_SUCCESS)
1499 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1506 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1507 u8 *params, int params_len)
1509 struct pn533_cmd_jump_dep *cmd;
1510 struct pn533_cmd_jump_dep_response *resp;
1511 struct nfc_target nfc_target;
1515 if (params_len == -ENOENT) {
1516 nfc_dev_dbg(&dev->interface->dev, "");
1520 if (params_len < 0) {
1521 nfc_dev_err(&dev->interface->dev,
1522 "Error %d when bringing DEP link up",
1527 if (dev->tgt_available_prots &&
1528 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1529 nfc_dev_err(&dev->interface->dev,
1530 "The target does not support DEP");
1534 resp = (struct pn533_cmd_jump_dep_response *) params;
1535 cmd = (struct pn533_cmd_jump_dep *) arg;
1536 rc = resp->status & PN533_CMD_RET_MASK;
1537 if (rc != PN533_CMD_RET_SUCCESS) {
1538 nfc_dev_err(&dev->interface->dev,
1539 "Bringing DEP link up failed %d", rc);
1543 if (!dev->tgt_available_prots) {
1544 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1546 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1547 nfc_target.nfcid1_len = 10;
1548 memcpy(nfc_target.nfcid1, resp->nfcid3t, nfc_target.nfcid1_len);
1549 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1553 dev->tgt_available_prots = 0;
1556 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1558 /* ATR_RES general bytes are located at offset 17 */
1559 target_gt_len = PN533_FRAME_CMD_PARAMS_LEN(dev->in_frame) - 17;
1560 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1561 resp->gt, target_gt_len);
1563 rc = nfc_dep_link_is_up(dev->nfc_dev,
1564 dev->nfc_dev->targets[0].idx,
1565 !cmd->active, NFC_RF_INITIATOR);
1570 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1571 u8 comm_mode, u8* gb, size_t gb_len)
1573 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1574 struct pn533_cmd_jump_dep *cmd;
1578 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1580 if (dev->poll_mod_count) {
1581 nfc_dev_err(&dev->interface->dev,
1582 "Cannot bring the DEP link up while polling");
1586 if (dev->tgt_active_prot) {
1587 nfc_dev_err(&dev->interface->dev,
1588 "There is already an active target");
1592 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1593 cmd = kzalloc(cmd_len, GFP_KERNEL);
1597 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1599 cmd->active = !comm_mode;
1601 if (gb != NULL && gb_len > 0) {
1602 cmd->next = 4; /* We have some Gi */
1603 memcpy(cmd->gt, gb, gb_len);
1608 memcpy(PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame), cmd, cmd_len);
1609 dev->out_frame->datalen += cmd_len;
1611 pn533_tx_frame_finish(dev->out_frame);
1613 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1614 dev->in_maxlen, pn533_in_dep_link_up_complete,
1626 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1628 pn533_deactivate_target(nfc_dev, 0);
1633 static int pn533_data_exchange_tx_frame(struct pn533 *dev, struct sk_buff *skb)
1635 int payload_len = skb->len;
1636 struct pn533_frame *out_frame;
1639 nfc_dev_dbg(&dev->interface->dev, "%s - Sending %d bytes", __func__,
1642 if (payload_len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
1643 /* TODO: Implement support to multi-part data exchange */
1644 nfc_dev_err(&dev->interface->dev, "Data length greater than the"
1646 PN533_CMD_DATAEXCH_DATA_MAXLEN);
1650 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1651 out_frame = (struct pn533_frame *) skb->data;
1653 pn533_tx_frame_init(out_frame, PN533_CMD_IN_DATA_EXCHANGE);
1656 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame), &tg, sizeof(u8));
1657 out_frame->datalen += sizeof(u8);
1659 /* The data is already in the out_frame, just update the datalen */
1660 out_frame->datalen += payload_len;
1662 pn533_tx_frame_finish(out_frame);
1663 skb_put(skb, PN533_FRAME_TAIL_SIZE);
1668 struct pn533_data_exchange_arg {
1669 struct sk_buff *skb_resp;
1670 struct sk_buff *skb_out;
1671 data_exchange_cb_t cb;
1675 static struct sk_buff *pn533_build_response(struct pn533 *dev)
1677 struct sk_buff *skb, *tmp, *t;
1678 unsigned int skb_len = 0, tmp_len = 0;
1680 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
1682 if (skb_queue_empty(&dev->resp_q))
1685 if (skb_queue_len(&dev->resp_q) == 1) {
1686 skb = skb_dequeue(&dev->resp_q);
1690 skb_queue_walk_safe(&dev->resp_q, tmp, t)
1691 skb_len += tmp->len;
1693 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
1696 skb = alloc_skb(skb_len, GFP_KERNEL);
1700 skb_put(skb, skb_len);
1702 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
1703 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
1704 tmp_len += tmp->len;
1708 skb_queue_purge(&dev->resp_q);
1713 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
1714 u8 *params, int params_len)
1716 struct pn533_data_exchange_arg *arg = _arg;
1717 struct sk_buff *skb = NULL, *skb_resp = arg->skb_resp;
1718 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1723 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1725 dev_kfree_skb(arg->skb_out);
1727 if (params_len < 0) { /* error */
1734 cmd_ret = status & PN533_CMD_RET_MASK;
1735 if (cmd_ret != PN533_CMD_RET_SUCCESS) {
1736 nfc_dev_err(&dev->interface->dev, "PN533 reported error %d when"
1737 " exchanging data", cmd_ret);
1742 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1743 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1744 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1745 skb_queue_tail(&dev->resp_q, skb_resp);
1747 if (status & PN533_CMD_MI_MASK) {
1748 queue_work(dev->wq, &dev->mi_work);
1749 return -EINPROGRESS;
1752 skb = pn533_build_response(dev);
1756 arg->cb(arg->cb_context, skb, 0);
1761 skb_queue_purge(&dev->resp_q);
1762 dev_kfree_skb(skb_resp);
1763 arg->cb(arg->cb_context, NULL, err);
1768 static int pn533_transceive(struct nfc_dev *nfc_dev,
1769 struct nfc_target *target, struct sk_buff *skb,
1770 data_exchange_cb_t cb, void *cb_context)
1772 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1773 struct pn533_frame *out_frame, *in_frame;
1774 struct pn533_data_exchange_arg *arg;
1775 struct sk_buff *skb_resp;
1779 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1781 if (!dev->tgt_active_prot) {
1782 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
1783 " there is no active target");
1788 rc = pn533_data_exchange_tx_frame(dev, skb);
1792 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1793 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1794 PN533_FRAME_TAIL_SIZE;
1796 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1802 in_frame = (struct pn533_frame *) skb_resp->data;
1803 out_frame = (struct pn533_frame *) skb->data;
1805 arg = kmalloc(sizeof(struct pn533_data_exchange_arg), GFP_KERNEL);
1811 arg->skb_resp = skb_resp;
1814 arg->cb_context = cb_context;
1816 rc = pn533_send_cmd_frame_async(dev, out_frame, in_frame, skb_resp_len,
1817 pn533_data_exchange_complete, arg,
1820 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1821 " perform data_exchange", rc);
1830 kfree_skb(skb_resp);
1836 static void pn533_wq_mi_recv(struct work_struct *work)
1838 struct pn533 *dev = container_of(work, struct pn533, mi_work);
1839 struct sk_buff *skb_cmd;
1840 struct pn533_data_exchange_arg *arg = dev->cmd_complete_arg;
1841 struct pn533_frame *out_frame, *in_frame;
1842 struct sk_buff *skb_resp;
1846 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1848 /* This is a zero payload size skb */
1849 skb_cmd = alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN + PN533_FRAME_TAIL_SIZE,
1851 if (skb_cmd == NULL)
1854 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
1856 rc = pn533_data_exchange_tx_frame(dev, skb_cmd);
1860 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1861 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1862 PN533_FRAME_TAIL_SIZE;
1863 skb_resp = alloc_skb(skb_resp_len, GFP_KERNEL);
1869 in_frame = (struct pn533_frame *) skb_resp->data;
1870 out_frame = (struct pn533_frame *) skb_cmd->data;
1872 arg->skb_resp = skb_resp;
1873 arg->skb_out = skb_cmd;
1875 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
1877 pn533_data_exchange_complete,
1878 dev->cmd_complete_arg, GFP_KERNEL);
1882 nfc_dev_err(&dev->interface->dev, "Error %d when trying to"
1883 " perform data_exchange", rc);
1885 kfree_skb(skb_resp);
1891 pn533_send_ack(dev, GFP_KERNEL);
1898 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
1904 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1906 pn533_tx_frame_init(dev->out_frame, PN533_CMD_RF_CONFIGURATION);
1908 params = PN533_FRAME_CMD_PARAMS_PTR(dev->out_frame);
1909 params[0] = cfgitem;
1910 memcpy(¶ms[1], cfgdata, cfgdata_len);
1911 dev->out_frame->datalen += (1 + cfgdata_len);
1913 pn533_tx_frame_finish(dev->out_frame);
1915 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
1921 struct nfc_ops pn533_nfc_ops = {
1924 .dep_link_up = pn533_dep_link_up,
1925 .dep_link_down = pn533_dep_link_down,
1926 .start_poll = pn533_start_poll,
1927 .stop_poll = pn533_stop_poll,
1928 .activate_target = pn533_activate_target,
1929 .deactivate_target = pn533_deactivate_target,
1930 .im_transceive = pn533_transceive,
1933 static int pn533_probe(struct usb_interface *interface,
1934 const struct usb_device_id *id)
1936 struct pn533_fw_version *fw_ver;
1938 struct usb_host_interface *iface_desc;
1939 struct usb_endpoint_descriptor *endpoint;
1940 struct pn533_config_max_retries max_retries;
1941 int in_endpoint = 0;
1942 int out_endpoint = 0;
1947 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
1951 dev->udev = usb_get_dev(interface_to_usbdev(interface));
1952 dev->interface = interface;
1953 sema_init(&dev->cmd_lock, 1);
1955 iface_desc = interface->cur_altsetting;
1956 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
1957 endpoint = &iface_desc->endpoint[i].desc;
1959 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint)) {
1960 dev->in_maxlen = le16_to_cpu(endpoint->wMaxPacketSize);
1961 in_endpoint = endpoint->bEndpointAddress;
1964 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint)) {
1966 le16_to_cpu(endpoint->wMaxPacketSize);
1967 out_endpoint = endpoint->bEndpointAddress;
1971 if (!in_endpoint || !out_endpoint) {
1972 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
1973 " bulk-out endpoint");
1978 dev->in_frame = kmalloc(dev->in_maxlen, GFP_KERNEL);
1979 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
1980 dev->out_frame = kmalloc(dev->out_maxlen, GFP_KERNEL);
1981 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
1983 if (!dev->in_frame || !dev->out_frame ||
1984 !dev->in_urb || !dev->out_urb)
1987 usb_fill_bulk_urb(dev->in_urb, dev->udev,
1988 usb_rcvbulkpipe(dev->udev, in_endpoint),
1989 NULL, 0, NULL, dev);
1990 usb_fill_bulk_urb(dev->out_urb, dev->udev,
1991 usb_sndbulkpipe(dev->udev, out_endpoint),
1993 pn533_send_complete, dev);
1995 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete);
1996 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
1997 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
1998 dev->wq = alloc_workqueue("pn533",
1999 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
2001 if (dev->wq == NULL)
2004 skb_queue_head_init(&dev->resp_q);
2006 usb_set_intfdata(interface, dev);
2008 pn533_tx_frame_init(dev->out_frame, PN533_CMD_GET_FIRMWARE_VERSION);
2009 pn533_tx_frame_finish(dev->out_frame);
2011 rc = pn533_send_cmd_frame_sync(dev, dev->out_frame, dev->in_frame,
2016 fw_ver = (struct pn533_fw_version *)
2017 PN533_FRAME_CMD_PARAMS_PTR(dev->in_frame);
2018 nfc_dev_info(&dev->interface->dev, "NXP PN533 firmware ver %d.%d now"
2019 " attached", fw_ver->ver, fw_ver->rev);
2021 protocols = NFC_PROTO_JEWEL_MASK
2022 | NFC_PROTO_MIFARE_MASK | NFC_PROTO_FELICA_MASK
2023 | NFC_PROTO_ISO14443_MASK
2024 | NFC_PROTO_NFC_DEP_MASK;
2026 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
2027 PN533_CMD_DATAEXCH_HEAD_LEN,
2028 PN533_FRAME_TAIL_SIZE);
2032 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
2033 nfc_set_drvdata(dev->nfc_dev, dev);
2035 rc = nfc_register_device(dev->nfc_dev);
2039 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
2040 max_retries.mx_rty_psl = 2;
2041 max_retries.mx_rty_passive_act = PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2043 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
2044 (u8 *) &max_retries, sizeof(max_retries));
2047 nfc_dev_err(&dev->interface->dev, "Error on setting MAX_RETRIES"
2055 nfc_free_device(dev->nfc_dev);
2057 destroy_workqueue(dev->wq);
2059 kfree(dev->in_frame);
2060 usb_free_urb(dev->in_urb);
2061 kfree(dev->out_frame);
2062 usb_free_urb(dev->out_urb);
2067 static void pn533_disconnect(struct usb_interface *interface)
2071 dev = usb_get_intfdata(interface);
2072 usb_set_intfdata(interface, NULL);
2074 nfc_unregister_device(dev->nfc_dev);
2075 nfc_free_device(dev->nfc_dev);
2077 usb_kill_urb(dev->in_urb);
2078 usb_kill_urb(dev->out_urb);
2080 destroy_workqueue(dev->wq);
2082 skb_queue_purge(&dev->resp_q);
2084 kfree(dev->in_frame);
2085 usb_free_urb(dev->in_urb);
2086 kfree(dev->out_frame);
2087 usb_free_urb(dev->out_urb);
2090 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
2093 static struct usb_driver pn533_driver = {
2095 .probe = pn533_probe,
2096 .disconnect = pn533_disconnect,
2097 .id_table = pn533_table,
2100 module_usb_driver(pn533_driver);
2102 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>,"
2103 " Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
2104 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
2105 MODULE_VERSION(VERSION);
2106 MODULE_LICENSE("GPL");