1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * The NFC Controller Interface is the communication protocol between an
4 * NFC Controller (NFCC) and a Device Host (DH).
5 *
6 * Copyright (C) 2014 Marvell International Ltd.
7 * Copyright (C) 2011 Texas Instruments, Inc.
8 *
9 * Written by Ilan Elias <ilane@ti.com>
10 *
11 * Acknowledgements:
12 * This file is based on hci_event.c, which was written
13 * by Maxim Krasnyansky.
14 */
15
16#define pr_fmt(fmt) KBUILD_MODNAME ": %s: " fmt, __func__
17
18#include <linux/types.h>
19#include <linux/interrupt.h>
20#include <linux/bitops.h>
21#include <linux/skbuff.h>
22
23#include "../nfc.h"
24#include <net/nfc/nci.h>
25#include <net/nfc/nci_core.h>
26#include <linux/nfc.h>
27
28/* Handle NCI Notification packets */
29
30static int nci_core_reset_ntf_packet(struct nci_dev *ndev,
31 const struct sk_buff *skb)
32{
33 /* Handle NCI 2.x core reset notification */
34 const struct nci_core_reset_ntf *ntf;
35
36 if (skb->len < sizeof(struct nci_core_reset_ntf))
37 return -EINVAL;
38
39 ntf = (struct nci_core_reset_ntf *)skb->data;
40
41 ndev->nci_ver = ntf->nci_ver;
42 pr_debug("nci_ver 0x%x, config_status 0x%x\n",
43 ntf->nci_ver, ntf->config_status);
44
45 ndev->manufact_id = ntf->manufact_id;
46 ndev->manufact_specific_info =
47 __le32_to_cpu(ntf->manufact_specific_info);
48
49 nci_req_complete(ndev, NCI_STATUS_OK);
50
51 return 0;
52}
53
54static int nci_core_conn_credits_ntf_packet(struct nci_dev *ndev,
55 struct sk_buff *skb)
56{
57 struct nci_core_conn_credit_ntf *ntf;
58 struct nci_conn_info *conn_info;
59 int i;
60
61 if (skb->len < sizeof(struct nci_core_conn_credit_ntf))
62 return -EINVAL;
63
64 ntf = (struct nci_core_conn_credit_ntf *)skb->data;
65
66 pr_debug("num_entries %d\n", ntf->num_entries);
67
68 if (ntf->num_entries > NCI_MAX_NUM_CONN)
69 ntf->num_entries = NCI_MAX_NUM_CONN;
70
71 /* update the credits */
72 for (i = 0; i < ntf->num_entries; i++) {
73 ntf->conn_entries[i].conn_id =
74 nci_conn_id(&ntf->conn_entries[i].conn_id);
75
76 pr_debug("entry[%d]: conn_id %d, credits %d\n",
77 i, ntf->conn_entries[i].conn_id,
78 ntf->conn_entries[i].credits);
79
80 conn_info = nci_get_conn_info_by_conn_id(ndev,
81 conn_id: ntf->conn_entries[i].conn_id);
82 if (!conn_info)
83 return 0;
84
85 atomic_add(i: ntf->conn_entries[i].credits,
86 v: &conn_info->credits_cnt);
87 }
88
89 /* trigger the next tx */
90 if (!skb_queue_empty(list: &ndev->tx_q))
91 queue_work(wq: ndev->tx_wq, work: &ndev->tx_work);
92
93 return 0;
94}
95
96static int nci_core_generic_error_ntf_packet(struct nci_dev *ndev,
97 const struct sk_buff *skb)
98{
99 __u8 status;
100
101 if (skb->len < 1)
102 return -EINVAL;
103
104 status = skb->data[0];
105
106 pr_debug("status 0x%x\n", status);
107
108 if (atomic_read(v: &ndev->state) == NCI_W4_HOST_SELECT) {
109 /* Activation failed, so complete the request
110 (the state remains the same) */
111 nci_req_complete(ndev, result: status);
112 }
113
114 return 0;
115}
116
117static int nci_core_conn_intf_error_ntf_packet(struct nci_dev *ndev,
118 struct sk_buff *skb)
119{
120 struct nci_core_intf_error_ntf *ntf;
121
122 if (skb->len < sizeof(struct nci_core_intf_error_ntf))
123 return -EINVAL;
124
125 ntf = (struct nci_core_intf_error_ntf *)skb->data;
126
127 ntf->conn_id = nci_conn_id(&ntf->conn_id);
128
129 pr_debug("status 0x%x, conn_id %d\n", ntf->status, ntf->conn_id);
130
131 /* complete the data exchange transaction, if exists */
132 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
133 nci_data_exchange_complete(ndev, NULL, conn_id: ntf->conn_id, err: -EIO);
134
135 return 0;
136}
137
138static const __u8 *
139nci_extract_rf_params_nfca_passive_poll(struct nci_dev *ndev,
140 struct rf_tech_specific_params_nfca_poll *nfca_poll,
141 const __u8 *data)
142{
143 nfca_poll->sens_res = __le16_to_cpu(*((__le16 *)data));
144 data += 2;
145
146 nfca_poll->nfcid1_len = min_t(__u8, *data++, NFC_NFCID1_MAXSIZE);
147
148 pr_debug("sens_res 0x%x, nfcid1_len %d\n",
149 nfca_poll->sens_res, nfca_poll->nfcid1_len);
150
151 memcpy(nfca_poll->nfcid1, data, nfca_poll->nfcid1_len);
152 data += nfca_poll->nfcid1_len;
153
154 nfca_poll->sel_res_len = *data++;
155
156 if (nfca_poll->sel_res_len != 0)
157 nfca_poll->sel_res = *data++;
158
159 pr_debug("sel_res_len %d, sel_res 0x%x\n",
160 nfca_poll->sel_res_len,
161 nfca_poll->sel_res);
162
163 return data;
164}
165
166static const __u8 *
167nci_extract_rf_params_nfcb_passive_poll(struct nci_dev *ndev,
168 struct rf_tech_specific_params_nfcb_poll *nfcb_poll,
169 const __u8 *data)
170{
171 nfcb_poll->sensb_res_len = min_t(__u8, *data++, NFC_SENSB_RES_MAXSIZE);
172
173 pr_debug("sensb_res_len %d\n", nfcb_poll->sensb_res_len);
174
175 memcpy(nfcb_poll->sensb_res, data, nfcb_poll->sensb_res_len);
176 data += nfcb_poll->sensb_res_len;
177
178 return data;
179}
180
181static const __u8 *
182nci_extract_rf_params_nfcf_passive_poll(struct nci_dev *ndev,
183 struct rf_tech_specific_params_nfcf_poll *nfcf_poll,
184 const __u8 *data)
185{
186 nfcf_poll->bit_rate = *data++;
187 nfcf_poll->sensf_res_len = min_t(__u8, *data++, NFC_SENSF_RES_MAXSIZE);
188
189 pr_debug("bit_rate %d, sensf_res_len %d\n",
190 nfcf_poll->bit_rate, nfcf_poll->sensf_res_len);
191
192 memcpy(nfcf_poll->sensf_res, data, nfcf_poll->sensf_res_len);
193 data += nfcf_poll->sensf_res_len;
194
195 return data;
196}
197
198static const __u8 *
199nci_extract_rf_params_nfcv_passive_poll(struct nci_dev *ndev,
200 struct rf_tech_specific_params_nfcv_poll *nfcv_poll,
201 const __u8 *data)
202{
203 ++data;
204 nfcv_poll->dsfid = *data++;
205 memcpy(nfcv_poll->uid, data, NFC_ISO15693_UID_MAXSIZE);
206 data += NFC_ISO15693_UID_MAXSIZE;
207 return data;
208}
209
210static const __u8 *
211nci_extract_rf_params_nfcf_passive_listen(struct nci_dev *ndev,
212 struct rf_tech_specific_params_nfcf_listen *nfcf_listen,
213 const __u8 *data)
214{
215 nfcf_listen->local_nfcid2_len = min_t(__u8, *data++,
216 NFC_NFCID2_MAXSIZE);
217 memcpy(nfcf_listen->local_nfcid2, data, nfcf_listen->local_nfcid2_len);
218 data += nfcf_listen->local_nfcid2_len;
219
220 return data;
221}
222
223static __u32 nci_get_prop_rf_protocol(struct nci_dev *ndev, __u8 rf_protocol)
224{
225 if (ndev->ops->get_rfprotocol)
226 return ndev->ops->get_rfprotocol(ndev, rf_protocol);
227 return 0;
228}
229
230static int nci_add_new_protocol(struct nci_dev *ndev,
231 struct nfc_target *target,
232 __u8 rf_protocol,
233 __u8 rf_tech_and_mode,
234 const void *params)
235{
236 const struct rf_tech_specific_params_nfca_poll *nfca_poll;
237 const struct rf_tech_specific_params_nfcb_poll *nfcb_poll;
238 const struct rf_tech_specific_params_nfcf_poll *nfcf_poll;
239 const struct rf_tech_specific_params_nfcv_poll *nfcv_poll;
240 __u32 protocol;
241
242 if (rf_protocol == NCI_RF_PROTOCOL_T1T)
243 protocol = NFC_PROTO_JEWEL_MASK;
244 else if (rf_protocol == NCI_RF_PROTOCOL_T2T)
245 protocol = NFC_PROTO_MIFARE_MASK;
246 else if (rf_protocol == NCI_RF_PROTOCOL_ISO_DEP)
247 if (rf_tech_and_mode == NCI_NFC_A_PASSIVE_POLL_MODE)
248 protocol = NFC_PROTO_ISO14443_MASK;
249 else
250 protocol = NFC_PROTO_ISO14443_B_MASK;
251 else if (rf_protocol == NCI_RF_PROTOCOL_T3T)
252 protocol = NFC_PROTO_FELICA_MASK;
253 else if (rf_protocol == NCI_RF_PROTOCOL_NFC_DEP)
254 protocol = NFC_PROTO_NFC_DEP_MASK;
255 else if (rf_protocol == NCI_RF_PROTOCOL_T5T)
256 protocol = NFC_PROTO_ISO15693_MASK;
257 else
258 protocol = nci_get_prop_rf_protocol(ndev, rf_protocol);
259
260 if (!(protocol & ndev->poll_prots)) {
261 pr_err("the target found does not have the desired protocol\n");
262 return -EPROTO;
263 }
264
265 if (rf_tech_and_mode == NCI_NFC_A_PASSIVE_POLL_MODE) {
266 nfca_poll = (struct rf_tech_specific_params_nfca_poll *)params;
267
268 target->sens_res = nfca_poll->sens_res;
269 target->sel_res = nfca_poll->sel_res;
270 target->nfcid1_len = nfca_poll->nfcid1_len;
271 if (target->nfcid1_len > ARRAY_SIZE(target->nfcid1))
272 return -EPROTO;
273 if (target->nfcid1_len > 0) {
274 memcpy(target->nfcid1, nfca_poll->nfcid1,
275 target->nfcid1_len);
276 }
277 } else if (rf_tech_and_mode == NCI_NFC_B_PASSIVE_POLL_MODE) {
278 nfcb_poll = (struct rf_tech_specific_params_nfcb_poll *)params;
279
280 target->sensb_res_len = nfcb_poll->sensb_res_len;
281 if (target->sensb_res_len > ARRAY_SIZE(target->sensb_res))
282 return -EPROTO;
283 if (target->sensb_res_len > 0) {
284 memcpy(target->sensb_res, nfcb_poll->sensb_res,
285 target->sensb_res_len);
286 }
287 } else if (rf_tech_and_mode == NCI_NFC_F_PASSIVE_POLL_MODE) {
288 nfcf_poll = (struct rf_tech_specific_params_nfcf_poll *)params;
289
290 target->sensf_res_len = nfcf_poll->sensf_res_len;
291 if (target->sensf_res_len > ARRAY_SIZE(target->sensf_res))
292 return -EPROTO;
293 if (target->sensf_res_len > 0) {
294 memcpy(target->sensf_res, nfcf_poll->sensf_res,
295 target->sensf_res_len);
296 }
297 } else if (rf_tech_and_mode == NCI_NFC_V_PASSIVE_POLL_MODE) {
298 nfcv_poll = (struct rf_tech_specific_params_nfcv_poll *)params;
299
300 target->is_iso15693 = 1;
301 target->iso15693_dsfid = nfcv_poll->dsfid;
302 memcpy(target->iso15693_uid, nfcv_poll->uid, NFC_ISO15693_UID_MAXSIZE);
303 } else {
304 pr_err("unsupported rf_tech_and_mode 0x%x\n", rf_tech_and_mode);
305 return -EPROTO;
306 }
307
308 target->supported_protocols |= protocol;
309
310 pr_debug("protocol 0x%x\n", protocol);
311
312 return 0;
313}
314
315static void nci_add_new_target(struct nci_dev *ndev,
316 const struct nci_rf_discover_ntf *ntf)
317{
318 struct nfc_target *target;
319 int i, rc;
320
321 for (i = 0; i < ndev->n_targets; i++) {
322 target = &ndev->targets[i];
323 if (target->logical_idx == ntf->rf_discovery_id) {
324 /* This target already exists, add the new protocol */
325 nci_add_new_protocol(ndev, target, rf_protocol: ntf->rf_protocol,
326 rf_tech_and_mode: ntf->rf_tech_and_mode,
327 params: &ntf->rf_tech_specific_params);
328 return;
329 }
330 }
331
332 /* This is a new target, check if we've enough room */
333 if (ndev->n_targets == NCI_MAX_DISCOVERED_TARGETS) {
334 pr_debug("not enough room, ignoring new target...\n");
335 return;
336 }
337
338 target = &ndev->targets[ndev->n_targets];
339
340 rc = nci_add_new_protocol(ndev, target, rf_protocol: ntf->rf_protocol,
341 rf_tech_and_mode: ntf->rf_tech_and_mode,
342 params: &ntf->rf_tech_specific_params);
343 if (!rc) {
344 target->logical_idx = ntf->rf_discovery_id;
345 ndev->n_targets++;
346
347 pr_debug("logical idx %d, n_targets %d\n", target->logical_idx,
348 ndev->n_targets);
349 }
350}
351
352void nci_clear_target_list(struct nci_dev *ndev)
353{
354 memset(ndev->targets, 0,
355 (sizeof(struct nfc_target)*NCI_MAX_DISCOVERED_TARGETS));
356
357 ndev->n_targets = 0;
358}
359
360static int nci_rf_discover_ntf_packet(struct nci_dev *ndev,
361 const struct sk_buff *skb)
362{
363 struct nci_rf_discover_ntf ntf;
364 const __u8 *data;
365 bool add_target = true;
366
367 if (skb->len < sizeof(struct nci_rf_discover_ntf))
368 return -EINVAL;
369
370 data = skb->data;
371
372 ntf.rf_discovery_id = *data++;
373 ntf.rf_protocol = *data++;
374 ntf.rf_tech_and_mode = *data++;
375 ntf.rf_tech_specific_params_len = *data++;
376
377 pr_debug("rf_discovery_id %d\n", ntf.rf_discovery_id);
378 pr_debug("rf_protocol 0x%x\n", ntf.rf_protocol);
379 pr_debug("rf_tech_and_mode 0x%x\n", ntf.rf_tech_and_mode);
380 pr_debug("rf_tech_specific_params_len %d\n",
381 ntf.rf_tech_specific_params_len);
382
383 if (ntf.rf_tech_specific_params_len > 0) {
384 switch (ntf.rf_tech_and_mode) {
385 case NCI_NFC_A_PASSIVE_POLL_MODE:
386 data = nci_extract_rf_params_nfca_passive_poll(ndev,
387 nfca_poll: &(ntf.rf_tech_specific_params.nfca_poll), data);
388 break;
389
390 case NCI_NFC_B_PASSIVE_POLL_MODE:
391 data = nci_extract_rf_params_nfcb_passive_poll(ndev,
392 nfcb_poll: &(ntf.rf_tech_specific_params.nfcb_poll), data);
393 break;
394
395 case NCI_NFC_F_PASSIVE_POLL_MODE:
396 data = nci_extract_rf_params_nfcf_passive_poll(ndev,
397 nfcf_poll: &(ntf.rf_tech_specific_params.nfcf_poll), data);
398 break;
399
400 case NCI_NFC_V_PASSIVE_POLL_MODE:
401 data = nci_extract_rf_params_nfcv_passive_poll(ndev,
402 nfcv_poll: &(ntf.rf_tech_specific_params.nfcv_poll), data);
403 break;
404
405 default:
406 pr_err("unsupported rf_tech_and_mode 0x%x\n",
407 ntf.rf_tech_and_mode);
408 data += ntf.rf_tech_specific_params_len;
409 add_target = false;
410 }
411 }
412
413 ntf.ntf_type = *data++;
414 pr_debug("ntf_type %d\n", ntf.ntf_type);
415
416 if (add_target == true)
417 nci_add_new_target(ndev, ntf: &ntf);
418
419 if (ntf.ntf_type == NCI_DISCOVER_NTF_TYPE_MORE) {
420 atomic_set(v: &ndev->state, i: NCI_W4_ALL_DISCOVERIES);
421 } else {
422 atomic_set(v: &ndev->state, i: NCI_W4_HOST_SELECT);
423 nfc_targets_found(dev: ndev->nfc_dev, targets: ndev->targets,
424 ntargets: ndev->n_targets);
425 }
426
427 return 0;
428}
429
430static int nci_extract_activation_params_iso_dep(struct nci_dev *ndev,
431 struct nci_rf_intf_activated_ntf *ntf,
432 const __u8 *data)
433{
434 struct activation_params_nfca_poll_iso_dep *nfca_poll;
435 struct activation_params_nfcb_poll_iso_dep *nfcb_poll;
436
437 switch (ntf->activation_rf_tech_and_mode) {
438 case NCI_NFC_A_PASSIVE_POLL_MODE:
439 nfca_poll = &ntf->activation_params.nfca_poll_iso_dep;
440 nfca_poll->rats_res_len = min_t(__u8, *data++, NFC_ATS_MAXSIZE);
441 pr_debug("rats_res_len %d\n", nfca_poll->rats_res_len);
442 if (nfca_poll->rats_res_len > 0) {
443 memcpy(nfca_poll->rats_res,
444 data, nfca_poll->rats_res_len);
445 }
446 break;
447
448 case NCI_NFC_B_PASSIVE_POLL_MODE:
449 nfcb_poll = &ntf->activation_params.nfcb_poll_iso_dep;
450 nfcb_poll->attrib_res_len = min_t(__u8, *data++, 50);
451 pr_debug("attrib_res_len %d\n", nfcb_poll->attrib_res_len);
452 if (nfcb_poll->attrib_res_len > 0) {
453 memcpy(nfcb_poll->attrib_res,
454 data, nfcb_poll->attrib_res_len);
455 }
456 break;
457
458 default:
459 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
460 ntf->activation_rf_tech_and_mode);
461 return NCI_STATUS_RF_PROTOCOL_ERROR;
462 }
463
464 return NCI_STATUS_OK;
465}
466
467static int nci_extract_activation_params_nfc_dep(struct nci_dev *ndev,
468 struct nci_rf_intf_activated_ntf *ntf,
469 const __u8 *data)
470{
471 struct activation_params_poll_nfc_dep *poll;
472 struct activation_params_listen_nfc_dep *listen;
473
474 switch (ntf->activation_rf_tech_and_mode) {
475 case NCI_NFC_A_PASSIVE_POLL_MODE:
476 case NCI_NFC_F_PASSIVE_POLL_MODE:
477 poll = &ntf->activation_params.poll_nfc_dep;
478 poll->atr_res_len = min_t(__u8, *data++,
479 NFC_ATR_RES_MAXSIZE - 2);
480 pr_debug("atr_res_len %d\n", poll->atr_res_len);
481 if (poll->atr_res_len > 0)
482 memcpy(poll->atr_res, data, poll->atr_res_len);
483 break;
484
485 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
486 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
487 listen = &ntf->activation_params.listen_nfc_dep;
488 listen->atr_req_len = min_t(__u8, *data++,
489 NFC_ATR_REQ_MAXSIZE - 2);
490 pr_debug("atr_req_len %d\n", listen->atr_req_len);
491 if (listen->atr_req_len > 0)
492 memcpy(listen->atr_req, data, listen->atr_req_len);
493 break;
494
495 default:
496 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
497 ntf->activation_rf_tech_and_mode);
498 return NCI_STATUS_RF_PROTOCOL_ERROR;
499 }
500
501 return NCI_STATUS_OK;
502}
503
504static void nci_target_auto_activated(struct nci_dev *ndev,
505 const struct nci_rf_intf_activated_ntf *ntf)
506{
507 struct nfc_target *target;
508 int rc;
509
510 target = &ndev->targets[ndev->n_targets];
511
512 rc = nci_add_new_protocol(ndev, target, rf_protocol: ntf->rf_protocol,
513 rf_tech_and_mode: ntf->activation_rf_tech_and_mode,
514 params: &ntf->rf_tech_specific_params);
515 if (rc)
516 return;
517
518 target->logical_idx = ntf->rf_discovery_id;
519 ndev->n_targets++;
520
521 pr_debug("logical idx %d, n_targets %d\n",
522 target->logical_idx, ndev->n_targets);
523
524 nfc_targets_found(dev: ndev->nfc_dev, targets: ndev->targets, ntargets: ndev->n_targets);
525}
526
527static int nci_store_general_bytes_nfc_dep(struct nci_dev *ndev,
528 const struct nci_rf_intf_activated_ntf *ntf)
529{
530 ndev->remote_gb_len = 0;
531
532 if (ntf->activation_params_len <= 0)
533 return NCI_STATUS_OK;
534
535 switch (ntf->activation_rf_tech_and_mode) {
536 case NCI_NFC_A_PASSIVE_POLL_MODE:
537 case NCI_NFC_F_PASSIVE_POLL_MODE:
538 ndev->remote_gb_len = min_t(__u8,
539 (ntf->activation_params.poll_nfc_dep.atr_res_len
540 - NFC_ATR_RES_GT_OFFSET),
541 NFC_ATR_RES_GB_MAXSIZE);
542 memcpy(ndev->remote_gb,
543 (ntf->activation_params.poll_nfc_dep.atr_res
544 + NFC_ATR_RES_GT_OFFSET),
545 ndev->remote_gb_len);
546 break;
547
548 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
549 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
550 ndev->remote_gb_len = min_t(__u8,
551 (ntf->activation_params.listen_nfc_dep.atr_req_len
552 - NFC_ATR_REQ_GT_OFFSET),
553 NFC_ATR_REQ_GB_MAXSIZE);
554 memcpy(ndev->remote_gb,
555 (ntf->activation_params.listen_nfc_dep.atr_req
556 + NFC_ATR_REQ_GT_OFFSET),
557 ndev->remote_gb_len);
558 break;
559
560 default:
561 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
562 ntf->activation_rf_tech_and_mode);
563 return NCI_STATUS_RF_PROTOCOL_ERROR;
564 }
565
566 return NCI_STATUS_OK;
567}
568
569static int nci_store_ats_nfc_iso_dep(struct nci_dev *ndev,
570 const struct nci_rf_intf_activated_ntf *ntf)
571{
572 ndev->target_ats_len = 0;
573
574 if (ntf->activation_params_len <= 0)
575 return NCI_STATUS_OK;
576
577 if (ntf->activation_params.nfca_poll_iso_dep.rats_res_len > NFC_ATS_MAXSIZE) {
578 pr_debug("ATS too long\n");
579 return NCI_STATUS_RF_PROTOCOL_ERROR;
580 }
581
582 if (ntf->activation_params.nfca_poll_iso_dep.rats_res_len > 0) {
583 ndev->target_ats_len = ntf->activation_params.nfca_poll_iso_dep.rats_res_len;
584 memcpy(ndev->target_ats, ntf->activation_params.nfca_poll_iso_dep.rats_res,
585 ndev->target_ats_len);
586 }
587
588 return NCI_STATUS_OK;
589}
590
591static int nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev,
592 const struct sk_buff *skb)
593{
594 struct nci_conn_info *conn_info;
595 struct nci_rf_intf_activated_ntf ntf;
596 const __u8 *data;
597 int err = NCI_STATUS_OK;
598
599 if (skb->len < sizeof(struct nci_rf_intf_activated_ntf))
600 return -EINVAL;
601
602 data = skb->data;
603
604 ntf.rf_discovery_id = *data++;
605 ntf.rf_interface = *data++;
606 ntf.rf_protocol = *data++;
607 ntf.activation_rf_tech_and_mode = *data++;
608 ntf.max_data_pkt_payload_size = *data++;
609 ntf.initial_num_credits = *data++;
610 ntf.rf_tech_specific_params_len = *data++;
611
612 pr_debug("rf_discovery_id %d\n", ntf.rf_discovery_id);
613 pr_debug("rf_interface 0x%x\n", ntf.rf_interface);
614 pr_debug("rf_protocol 0x%x\n", ntf.rf_protocol);
615 pr_debug("activation_rf_tech_and_mode 0x%x\n",
616 ntf.activation_rf_tech_and_mode);
617 pr_debug("max_data_pkt_payload_size 0x%x\n",
618 ntf.max_data_pkt_payload_size);
619 pr_debug("initial_num_credits 0x%x\n",
620 ntf.initial_num_credits);
621 pr_debug("rf_tech_specific_params_len %d\n",
622 ntf.rf_tech_specific_params_len);
623
624 /* If this contains a value of 0x00 (NFCEE Direct RF
625 * Interface) then all following parameters SHALL contain a
626 * value of 0 and SHALL be ignored.
627 */
628 if (ntf.rf_interface == NCI_RF_INTERFACE_NFCEE_DIRECT)
629 goto listen;
630
631 if (ntf.rf_tech_specific_params_len > 0) {
632 switch (ntf.activation_rf_tech_and_mode) {
633 case NCI_NFC_A_PASSIVE_POLL_MODE:
634 data = nci_extract_rf_params_nfca_passive_poll(ndev,
635 nfca_poll: &(ntf.rf_tech_specific_params.nfca_poll), data);
636 break;
637
638 case NCI_NFC_B_PASSIVE_POLL_MODE:
639 data = nci_extract_rf_params_nfcb_passive_poll(ndev,
640 nfcb_poll: &(ntf.rf_tech_specific_params.nfcb_poll), data);
641 break;
642
643 case NCI_NFC_F_PASSIVE_POLL_MODE:
644 data = nci_extract_rf_params_nfcf_passive_poll(ndev,
645 nfcf_poll: &(ntf.rf_tech_specific_params.nfcf_poll), data);
646 break;
647
648 case NCI_NFC_V_PASSIVE_POLL_MODE:
649 data = nci_extract_rf_params_nfcv_passive_poll(ndev,
650 nfcv_poll: &(ntf.rf_tech_specific_params.nfcv_poll), data);
651 break;
652
653 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
654 /* no RF technology specific parameters */
655 break;
656
657 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
658 data = nci_extract_rf_params_nfcf_passive_listen(ndev,
659 nfcf_listen: &(ntf.rf_tech_specific_params.nfcf_listen),
660 data);
661 break;
662
663 default:
664 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
665 ntf.activation_rf_tech_and_mode);
666 err = NCI_STATUS_RF_PROTOCOL_ERROR;
667 goto exit;
668 }
669 }
670
671 ntf.data_exch_rf_tech_and_mode = *data++;
672 ntf.data_exch_tx_bit_rate = *data++;
673 ntf.data_exch_rx_bit_rate = *data++;
674 ntf.activation_params_len = *data++;
675
676 pr_debug("data_exch_rf_tech_and_mode 0x%x\n",
677 ntf.data_exch_rf_tech_and_mode);
678 pr_debug("data_exch_tx_bit_rate 0x%x\n", ntf.data_exch_tx_bit_rate);
679 pr_debug("data_exch_rx_bit_rate 0x%x\n", ntf.data_exch_rx_bit_rate);
680 pr_debug("activation_params_len %d\n", ntf.activation_params_len);
681
682 if (ntf.activation_params_len > 0) {
683 switch (ntf.rf_interface) {
684 case NCI_RF_INTERFACE_ISO_DEP:
685 err = nci_extract_activation_params_iso_dep(ndev,
686 ntf: &ntf, data);
687 break;
688
689 case NCI_RF_INTERFACE_NFC_DEP:
690 err = nci_extract_activation_params_nfc_dep(ndev,
691 ntf: &ntf, data);
692 break;
693
694 case NCI_RF_INTERFACE_FRAME:
695 /* no activation params */
696 break;
697
698 default:
699 pr_err("unsupported rf_interface 0x%x\n",
700 ntf.rf_interface);
701 err = NCI_STATUS_RF_PROTOCOL_ERROR;
702 break;
703 }
704 }
705
706exit:
707 if (err == NCI_STATUS_OK) {
708 conn_info = ndev->rf_conn_info;
709 if (!conn_info)
710 return 0;
711
712 conn_info->max_pkt_payload_len = ntf.max_data_pkt_payload_size;
713 conn_info->initial_num_credits = ntf.initial_num_credits;
714
715 /* set the available credits to initial value */
716 atomic_set(v: &conn_info->credits_cnt,
717 i: conn_info->initial_num_credits);
718
719 /* store general bytes to be reported later in dep_link_up */
720 if (ntf.rf_interface == NCI_RF_INTERFACE_NFC_DEP) {
721 err = nci_store_general_bytes_nfc_dep(ndev, ntf: &ntf);
722 if (err != NCI_STATUS_OK)
723 pr_err("unable to store general bytes\n");
724 }
725
726 /* store ATS to be reported later in nci_activate_target */
727 if (ntf.rf_interface == NCI_RF_INTERFACE_ISO_DEP &&
728 ntf.activation_rf_tech_and_mode == NCI_NFC_A_PASSIVE_POLL_MODE) {
729 err = nci_store_ats_nfc_iso_dep(ndev, ntf: &ntf);
730 if (err != NCI_STATUS_OK)
731 pr_err("unable to store ATS\n");
732 }
733 }
734
735 if (!(ntf.activation_rf_tech_and_mode & NCI_RF_TECH_MODE_LISTEN_MASK)) {
736 /* Poll mode */
737 if (atomic_read(v: &ndev->state) == NCI_DISCOVERY) {
738 /* A single target was found and activated
739 * automatically */
740 atomic_set(v: &ndev->state, i: NCI_POLL_ACTIVE);
741 if (err == NCI_STATUS_OK)
742 nci_target_auto_activated(ndev, ntf: &ntf);
743 } else { /* ndev->state == NCI_W4_HOST_SELECT */
744 /* A selected target was activated, so complete the
745 * request */
746 atomic_set(v: &ndev->state, i: NCI_POLL_ACTIVE);
747 nci_req_complete(ndev, result: err);
748 }
749 } else {
750listen:
751 /* Listen mode */
752 atomic_set(v: &ndev->state, i: NCI_LISTEN_ACTIVE);
753 if (err == NCI_STATUS_OK &&
754 ntf.rf_protocol == NCI_RF_PROTOCOL_NFC_DEP) {
755 err = nfc_tm_activated(dev: ndev->nfc_dev,
756 NFC_PROTO_NFC_DEP_MASK,
757 NFC_COMM_PASSIVE,
758 gb: ndev->remote_gb,
759 gb_len: ndev->remote_gb_len);
760 if (err != NCI_STATUS_OK)
761 pr_err("error when signaling tm activation\n");
762 }
763 }
764
765 return 0;
766}
767
768static int nci_rf_deactivate_ntf_packet(struct nci_dev *ndev,
769 const struct sk_buff *skb)
770{
771 const struct nci_conn_info *conn_info;
772 const struct nci_rf_deactivate_ntf *ntf;
773
774 if (skb->len < sizeof(struct nci_rf_deactivate_ntf))
775 return -EINVAL;
776
777 ntf = (struct nci_rf_deactivate_ntf *)skb->data;
778
779 pr_debug("entry, type 0x%x, reason 0x%x\n", ntf->type, ntf->reason);
780
781 conn_info = ndev->rf_conn_info;
782 if (!conn_info)
783 return 0;
784
785 /* drop tx data queue */
786 skb_queue_purge(list: &ndev->tx_q);
787
788 /* drop partial rx data packet */
789 if (ndev->rx_data_reassembly) {
790 kfree_skb(skb: ndev->rx_data_reassembly);
791 ndev->rx_data_reassembly = NULL;
792 }
793
794 /* complete the data exchange transaction, if exists */
795 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
796 nci_data_exchange_complete(ndev, NULL, NCI_STATIC_RF_CONN_ID,
797 err: -EIO);
798
799 switch (ntf->type) {
800 case NCI_DEACTIVATE_TYPE_IDLE_MODE:
801 nci_clear_target_list(ndev);
802 atomic_set(v: &ndev->state, i: NCI_IDLE);
803 break;
804 case NCI_DEACTIVATE_TYPE_SLEEP_MODE:
805 case NCI_DEACTIVATE_TYPE_SLEEP_AF_MODE:
806 atomic_set(v: &ndev->state, i: NCI_W4_HOST_SELECT);
807 break;
808 case NCI_DEACTIVATE_TYPE_DISCOVERY:
809 nci_clear_target_list(ndev);
810 atomic_set(v: &ndev->state, i: NCI_DISCOVERY);
811 break;
812 }
813
814 nci_req_complete(ndev, NCI_STATUS_OK);
815
816 return 0;
817}
818
819static int nci_nfcee_discover_ntf_packet(struct nci_dev *ndev,
820 const struct sk_buff *skb)
821{
822 u8 status = NCI_STATUS_OK;
823 const struct nci_nfcee_discover_ntf *nfcee_ntf;
824
825 if (skb->len < sizeof(struct nci_nfcee_discover_ntf))
826 return -EINVAL;
827
828 nfcee_ntf = (struct nci_nfcee_discover_ntf *)skb->data;
829
830 /* NFCForum NCI 9.2.1 HCI Network Specific Handling
831 * If the NFCC supports the HCI Network, it SHALL return one,
832 * and only one, NFCEE_DISCOVER_NTF with a Protocol type of
833 * “HCI Access”, even if the HCI Network contains multiple NFCEEs.
834 */
835 ndev->hci_dev->nfcee_id = nfcee_ntf->nfcee_id;
836 ndev->cur_params.id = nfcee_ntf->nfcee_id;
837
838 nci_req_complete(ndev, result: status);
839
840 return 0;
841}
842
843void nci_ntf_packet(struct nci_dev *ndev, struct sk_buff *skb)
844{
845 __u16 ntf_opcode = nci_opcode(skb->data);
846
847 pr_debug("NCI RX: MT=ntf, PBF=%d, GID=0x%x, OID=0x%x, plen=%d\n",
848 nci_pbf(skb->data),
849 nci_opcode_gid(ntf_opcode),
850 nci_opcode_oid(ntf_opcode),
851 nci_plen(skb->data));
852
853 /* strip the nci control header */
854 skb_pull(skb, NCI_CTRL_HDR_SIZE);
855
856 if (nci_opcode_gid(ntf_opcode) == NCI_GID_PROPRIETARY) {
857 if (nci_prop_ntf_packet(ndev, opcode: ntf_opcode, skb) == -ENOTSUPP) {
858 pr_err("unsupported ntf opcode 0x%x\n",
859 ntf_opcode);
860 }
861
862 goto end;
863 }
864
865 switch (ntf_opcode) {
866 case NCI_OP_CORE_RESET_NTF:
867 if (nci_core_reset_ntf_packet(ndev, skb))
868 goto end;
869 break;
870
871 case NCI_OP_CORE_CONN_CREDITS_NTF:
872 if (nci_core_conn_credits_ntf_packet(ndev, skb))
873 goto end;
874 break;
875
876 case NCI_OP_CORE_GENERIC_ERROR_NTF:
877 if (nci_core_generic_error_ntf_packet(ndev, skb))
878 goto end;
879 break;
880
881 case NCI_OP_CORE_INTF_ERROR_NTF:
882 if (nci_core_conn_intf_error_ntf_packet(ndev, skb))
883 goto end;
884 break;
885
886 case NCI_OP_RF_DISCOVER_NTF:
887 if (nci_rf_discover_ntf_packet(ndev, skb))
888 goto end;
889 break;
890
891 case NCI_OP_RF_INTF_ACTIVATED_NTF:
892 if (nci_rf_intf_activated_ntf_packet(ndev, skb))
893 goto end;
894 break;
895
896 case NCI_OP_RF_DEACTIVATE_NTF:
897 if (nci_rf_deactivate_ntf_packet(ndev, skb))
898 goto end;
899 break;
900
901 case NCI_OP_NFCEE_DISCOVER_NTF:
902 if (nci_nfcee_discover_ntf_packet(ndev, skb))
903 goto end;
904 break;
905
906 case NCI_OP_RF_NFCEE_ACTION_NTF:
907 break;
908
909 default:
910 pr_err("unknown ntf opcode 0x%x\n", ntf_opcode);
911 break;
912 }
913
914 nci_core_ntf_packet(ndev, opcode: ntf_opcode, skb);
915end:
916 kfree_skb(skb);
917}
918

source code of linux/net/nfc/nci/ntf.c