aboutsummaryrefslogtreecommitdiffstats
path: root/net/nfc
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2014-12-09 18:12:03 -0500
committerDavid S. Miller <davem@davemloft.net>2014-12-09 18:12:03 -0500
commitb5f185f33d0432cef6ff78765e033dfa8f4de068 (patch)
tree33179c016b8fc3b4d57ed7a7786079ba00b6ef4a /net/nfc
parent450fa21942fe2c37f0c9f52d1a33bbc081eee288 (diff)
parent81c412600f946fc1c8731685cb6c6fae8002043a (diff)
Merge tag 'master-2014-12-08' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next
John W. Linville says: ==================== pull request: wireless-next 2014-12-08 Please pull this last batch of pending wireless updates for the 3.19 tree... For the wireless bits, Johannes says: "This time I have Felix's no-status rate control work, which will allow drivers to work better with rate control even if they don't have perfect status reporting. In addition to this, a small hwsim fix from Patrik, one of the regulatory patches from Arik, and a number of cleanups and fixes I did myself. Of note is a patch where I disable CFG80211_WEXT so that compatibility is no longer selectable - this is intended as a wake-up call for anyone who's still using it, and is still easily worked around (it's a one-line patch) before we fully remove the code as well in the future." For the Bluetooth bits, Johan says: "Here's one more bluetooth-next pull request for 3.19: - Minor cleanups for ieee802154 & mac802154 - Fix for the kernel warning with !TASK_RUNNING reported by Kirill A. Shutemov - Support for another ath3k device - Fix for tracking link key based security level - Device tree bindings for btmrvl + a state update fix - Fix for wrong ACL flags on LE links" And... "In addition to the previous one this contains two more cleanups to mac802154 as well as support for some new HCI features from the Bluetooth 4.2 specification. From the original request: 'Here's what should be the last bluetooth-next pull request for 3.19. It's rather large but the majority of it is the Low Energy Secure Connections feature that's part of the Bluetooth 4.2 specification. The specification went public only this week so we couldn't publish the corresponding code before that. The code itself can nevertheless be considered fairly mature as it's been in development for over 6 months and gone through several interoperability test events. Besides LE SC the pull request contains an important fix for command complete events for mgmt sockets which also fixes some leaks of hci_conn objects when powering off or unplugging Bluetooth adapters. A smaller feature that's part of the pull request is service discovery support. This is like normal device discovery except that devices not matching specific UUIDs or strong enough RSSI are filtered out. Other changes that the pull request contains are firmware dump support to the btmrvl driver, firmware download support for Broadcom BCM20702A0 variants, as well as some coding style cleanups in 6lowpan & ieee802154/mac802154 code.'" For the NFC bits, Samuel says: "With this one we get: - NFC digital improvements for DEP support: Chaining, NACK and ATN support added. - NCI improvements: Support for p2p target, SE IO operand addition, SE operands extensions to support proprietary implementations, and a few fixes. - NFC HCI improvements: OPEN_PIPE and NOTIFY_ALL_CLEARED support, and SE IO operand addition. - A bunch of minor improvements and fixes for STMicro st21nfcb and st21nfca" For the iwlwifi bits, Emmanuel says: "Major works are CSA and TDLS. On top of that I have a new firmware API for scan and a few rate control improvements. Johannes find a few tricks to improve our CPU utilization and adds support for a new spin of 7265 called 7265D. Along with this a few random things that don't stand out." And... "I deprecate here -8.ucode since -9 has been published long ago. Along with that I have a new activity, we have now better a infrastructure for firmware debugging. This will allow to have configurable probes insides the firmware. Luca continues his work on NetDetect, this feature is now complete. All the rest is minor fixes here and there." For the Atheros bits, Kalle says: "Only ath10k changes this time and no major changes. Most visible are: o new debugfs interface for runtime firmware debugging (Yanbo) o fix shared WEP (Sujith) o don't rebuild whenever kernel version changes (Johannes) o lots of refactoring to make it easier to add new hw support (Michal) There's also smaller fixes and improvements with no point of listing here." In addition, there are a few last minute updates to ath5k, ath9k, brcmfmac, brcmsmac, mwifiex, rt2x00, rtlwifi, and wil6210. Also included is a pull of the wireless tree to pick-up the fixes originally included in "pull request: wireless 2014-12-03"... Please let me know if there are problems! ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/nfc')
-rw-r--r--net/nfc/digital_dep.c834
-rw-r--r--net/nfc/hci/command.c3
-rw-r--r--net/nfc/hci/core.c56
-rw-r--r--net/nfc/llcp_commands.c6
-rw-r--r--net/nfc/llcp_core.c5
-rw-r--r--net/nfc/llcp_sock.c6
-rw-r--r--net/nfc/nci/core.c150
-rw-r--r--net/nfc/nci/data.c24
-rw-r--r--net/nfc/nci/ntf.c152
-rw-r--r--net/nfc/netlink.c77
10 files changed, 1188 insertions, 125 deletions
diff --git a/net/nfc/digital_dep.c b/net/nfc/digital_dep.c
index b60aa35c074f..f72be7433df3 100644
--- a/net/nfc/digital_dep.c
+++ b/net/nfc/digital_dep.c
@@ -17,6 +17,9 @@
17 17
18#include "digital.h" 18#include "digital.h"
19 19
20#define DIGITAL_NFC_DEP_N_RETRY_NACK 2
21#define DIGITAL_NFC_DEP_N_RETRY_ATN 2
22
20#define DIGITAL_NFC_DEP_FRAME_DIR_OUT 0xD4 23#define DIGITAL_NFC_DEP_FRAME_DIR_OUT 0xD4
21#define DIGITAL_NFC_DEP_FRAME_DIR_IN 0xD5 24#define DIGITAL_NFC_DEP_FRAME_DIR_IN 0xD5
22 25
@@ -32,20 +35,32 @@
32#define DIGITAL_ATR_REQ_MIN_SIZE 16 35#define DIGITAL_ATR_REQ_MIN_SIZE 16
33#define DIGITAL_ATR_REQ_MAX_SIZE 64 36#define DIGITAL_ATR_REQ_MAX_SIZE 64
34 37
35#define DIGITAL_LR_BITS_PAYLOAD_SIZE_254B 0x30 38#define DIGITAL_DID_MAX 14
36#define DIGITAL_FSL_BITS_PAYLOAD_SIZE_254B \ 39
37 (DIGITAL_LR_BITS_PAYLOAD_SIZE_254B >> 4) 40#define DIGITAL_PAYLOAD_SIZE_MAX 254
41#define DIGITAL_PAYLOAD_BITS_TO_PP(s) (((s) & 0x3) << 4)
42#define DIGITAL_PAYLOAD_PP_TO_BITS(s) (((s) >> 4) & 0x3)
43#define DIGITAL_PAYLOAD_BITS_TO_FSL(s) ((s) & 0x3)
44#define DIGITAL_PAYLOAD_FSL_TO_BITS(s) ((s) & 0x3)
45
38#define DIGITAL_GB_BIT 0x02 46#define DIGITAL_GB_BIT 0x02
39 47
48#define DIGITAL_NFC_DEP_REQ_RES_HEADROOM 2 /* SoD: [SB (NFC-A)] + LEN */
49#define DIGITAL_NFC_DEP_REQ_RES_TAILROOM 2 /* EoD: 2-byte CRC */
50
40#define DIGITAL_NFC_DEP_PFB_TYPE(pfb) ((pfb) & 0xE0) 51#define DIGITAL_NFC_DEP_PFB_TYPE(pfb) ((pfb) & 0xE0)
41 52
42#define DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT 0x10 53#define DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT 0x10
54#define DIGITAL_NFC_DEP_PFB_MI_BIT 0x10
55#define DIGITAL_NFC_DEP_PFB_NACK_BIT 0x10
56#define DIGITAL_NFC_DEP_PFB_DID_BIT 0x04
43 57
44#define DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb) \ 58#define DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb) \
45 ((pfb) & DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT) 59 ((pfb) & DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT)
46#define DIGITAL_NFC_DEP_MI_BIT_SET(pfb) ((pfb) & 0x10) 60#define DIGITAL_NFC_DEP_MI_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_MI_BIT)
61#define DIGITAL_NFC_DEP_NACK_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_NACK_BIT)
47#define DIGITAL_NFC_DEP_NAD_BIT_SET(pfb) ((pfb) & 0x08) 62#define DIGITAL_NFC_DEP_NAD_BIT_SET(pfb) ((pfb) & 0x08)
48#define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & 0x04) 63#define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_DID_BIT)
49#define DIGITAL_NFC_DEP_PFB_PNI(pfb) ((pfb) & 0x03) 64#define DIGITAL_NFC_DEP_PFB_PNI(pfb) ((pfb) & 0x03)
50 65
51#define DIGITAL_NFC_DEP_PFB_I_PDU 0x00 66#define DIGITAL_NFC_DEP_PFB_I_PDU 0x00
@@ -97,6 +112,34 @@ struct digital_dep_req_res {
97 112
98static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, 113static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
99 struct sk_buff *resp); 114 struct sk_buff *resp);
115static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
116 struct sk_buff *resp);
117
118static const u8 digital_payload_bits_map[4] = {
119 [0] = 64,
120 [1] = 128,
121 [2] = 192,
122 [3] = 254
123};
124
125static u8 digital_payload_bits_to_size(u8 payload_bits)
126{
127 if (payload_bits >= ARRAY_SIZE(digital_payload_bits_map))
128 return 0;
129
130 return digital_payload_bits_map[payload_bits];
131}
132
133static u8 digital_payload_size_to_bits(u8 payload_size)
134{
135 int i;
136
137 for (i = 0; i < ARRAY_SIZE(digital_payload_bits_map); i++)
138 if (digital_payload_bits_map[i] == payload_size)
139 return i;
140
141 return 0xff;
142}
100 143
101static void digital_skb_push_dep_sod(struct nfc_digital_dev *ddev, 144static void digital_skb_push_dep_sod(struct nfc_digital_dev *ddev,
102 struct sk_buff *skb) 145 struct sk_buff *skb)
@@ -129,6 +172,106 @@ static int digital_skb_pull_dep_sod(struct nfc_digital_dev *ddev,
129 return 0; 172 return 0;
130} 173}
131 174
175static struct sk_buff *
176digital_send_dep_data_prep(struct nfc_digital_dev *ddev, struct sk_buff *skb,
177 struct digital_dep_req_res *dep_req_res,
178 struct digital_data_exch *data_exch)
179{
180 struct sk_buff *new_skb;
181
182 if (skb->len > ddev->remote_payload_max) {
183 dep_req_res->pfb |= DIGITAL_NFC_DEP_PFB_MI_BIT;
184
185 new_skb = digital_skb_alloc(ddev, ddev->remote_payload_max);
186 if (!new_skb) {
187 kfree_skb(ddev->chaining_skb);
188 ddev->chaining_skb = NULL;
189
190 return ERR_PTR(-ENOMEM);
191 }
192
193 skb_reserve(new_skb, ddev->tx_headroom + NFC_HEADER_SIZE +
194 DIGITAL_NFC_DEP_REQ_RES_HEADROOM);
195 memcpy(skb_put(new_skb, ddev->remote_payload_max), skb->data,
196 ddev->remote_payload_max);
197 skb_pull(skb, ddev->remote_payload_max);
198
199 ddev->chaining_skb = skb;
200 ddev->data_exch = data_exch;
201 } else {
202 ddev->chaining_skb = NULL;
203 new_skb = skb;
204 }
205
206 return new_skb;
207}
208
209static struct sk_buff *
210digital_recv_dep_data_gather(struct nfc_digital_dev *ddev, u8 pfb,
211 struct sk_buff *resp,
212 int (*send_ack)(struct nfc_digital_dev *ddev,
213 struct digital_data_exch
214 *data_exch),
215 struct digital_data_exch *data_exch)
216{
217 struct sk_buff *new_skb;
218 int rc;
219
220 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb) && (!ddev->chaining_skb)) {
221 ddev->chaining_skb =
222 nfc_alloc_recv_skb(8 * ddev->local_payload_max,
223 GFP_KERNEL);
224 if (!ddev->chaining_skb) {
225 rc = -ENOMEM;
226 goto error;
227 }
228 }
229
230 if (ddev->chaining_skb) {
231 if (resp->len > skb_tailroom(ddev->chaining_skb)) {
232 new_skb = skb_copy_expand(ddev->chaining_skb,
233 skb_headroom(
234 ddev->chaining_skb),
235 8 * ddev->local_payload_max,
236 GFP_KERNEL);
237 if (!new_skb) {
238 rc = -ENOMEM;
239 goto error;
240 }
241
242 kfree_skb(ddev->chaining_skb);
243 ddev->chaining_skb = new_skb;
244 }
245
246 memcpy(skb_put(ddev->chaining_skb, resp->len), resp->data,
247 resp->len);
248
249 kfree_skb(resp);
250 resp = NULL;
251
252 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb)) {
253 rc = send_ack(ddev, data_exch);
254 if (rc)
255 goto error;
256
257 return NULL;
258 }
259
260 resp = ddev->chaining_skb;
261 ddev->chaining_skb = NULL;
262 }
263
264 return resp;
265
266error:
267 kfree_skb(resp);
268
269 kfree_skb(ddev->chaining_skb);
270 ddev->chaining_skb = NULL;
271
272 return ERR_PTR(rc);
273}
274
132static void digital_in_recv_psl_res(struct nfc_digital_dev *ddev, void *arg, 275static void digital_in_recv_psl_res(struct nfc_digital_dev *ddev, void *arg,
133 struct sk_buff *resp) 276 struct sk_buff *resp)
134{ 277{
@@ -198,6 +341,8 @@ static int digital_in_send_psl_req(struct nfc_digital_dev *ddev,
198{ 341{
199 struct sk_buff *skb; 342 struct sk_buff *skb;
200 struct digital_psl_req *psl_req; 343 struct digital_psl_req *psl_req;
344 int rc;
345 u8 payload_size, payload_bits;
201 346
202 skb = digital_skb_alloc(ddev, sizeof(*psl_req)); 347 skb = digital_skb_alloc(ddev, sizeof(*psl_req));
203 if (!skb) 348 if (!skb)
@@ -211,14 +356,24 @@ static int digital_in_send_psl_req(struct nfc_digital_dev *ddev,
211 psl_req->cmd = DIGITAL_CMD_PSL_REQ; 356 psl_req->cmd = DIGITAL_CMD_PSL_REQ;
212 psl_req->did = 0; 357 psl_req->did = 0;
213 psl_req->brs = (0x2 << 3) | 0x2; /* 424F both directions */ 358 psl_req->brs = (0x2 << 3) | 0x2; /* 424F both directions */
214 psl_req->fsl = DIGITAL_FSL_BITS_PAYLOAD_SIZE_254B; 359
360 payload_size = min(ddev->local_payload_max, ddev->remote_payload_max);
361 payload_bits = digital_payload_size_to_bits(payload_size);
362 psl_req->fsl = DIGITAL_PAYLOAD_BITS_TO_FSL(payload_bits);
363
364 ddev->local_payload_max = payload_size;
365 ddev->remote_payload_max = payload_size;
215 366
216 digital_skb_push_dep_sod(ddev, skb); 367 digital_skb_push_dep_sod(ddev, skb);
217 368
218 ddev->skb_add_crc(skb); 369 ddev->skb_add_crc(skb);
219 370
220 return digital_in_send_cmd(ddev, skb, 500, digital_in_recv_psl_res, 371 rc = digital_in_send_cmd(ddev, skb, 500, digital_in_recv_psl_res,
221 target); 372 target);
373 if (rc)
374 kfree_skb(skb);
375
376 return rc;
222} 377}
223 378
224static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg, 379static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
@@ -226,7 +381,7 @@ static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
226{ 381{
227 struct nfc_target *target = arg; 382 struct nfc_target *target = arg;
228 struct digital_atr_res *atr_res; 383 struct digital_atr_res *atr_res;
229 u8 gb_len; 384 u8 gb_len, payload_bits;
230 int rc; 385 int rc;
231 386
232 if (IS_ERR(resp)) { 387 if (IS_ERR(resp)) {
@@ -256,6 +411,14 @@ static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
256 411
257 atr_res = (struct digital_atr_res *)resp->data; 412 atr_res = (struct digital_atr_res *)resp->data;
258 413
414 payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_res->pp);
415 ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
416
417 if (!ddev->remote_payload_max) {
418 rc = -EINVAL;
419 goto exit;
420 }
421
259 rc = nfc_set_remote_general_bytes(ddev->nfc_dev, atr_res->gb, gb_len); 422 rc = nfc_set_remote_general_bytes(ddev->nfc_dev, atr_res->gb, gb_len);
260 if (rc) 423 if (rc)
261 goto exit; 424 goto exit;
@@ -286,6 +449,8 @@ int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
286 struct sk_buff *skb; 449 struct sk_buff *skb;
287 struct digital_atr_req *atr_req; 450 struct digital_atr_req *atr_req;
288 uint size; 451 uint size;
452 int rc;
453 u8 payload_bits;
289 454
290 size = DIGITAL_ATR_REQ_MIN_SIZE + gb_len; 455 size = DIGITAL_ATR_REQ_MIN_SIZE + gb_len;
291 456
@@ -314,7 +479,9 @@ int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
314 atr_req->bs = 0; 479 atr_req->bs = 0;
315 atr_req->br = 0; 480 atr_req->br = 0;
316 481
317 atr_req->pp = DIGITAL_LR_BITS_PAYLOAD_SIZE_254B; 482 ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
483 payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
484 atr_req->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
318 485
319 if (gb_len) { 486 if (gb_len) {
320 atr_req->pp |= DIGITAL_GB_BIT; 487 atr_req->pp |= DIGITAL_GB_BIT;
@@ -325,8 +492,113 @@ int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
325 492
326 ddev->skb_add_crc(skb); 493 ddev->skb_add_crc(skb);
327 494
328 return digital_in_send_cmd(ddev, skb, 500, digital_in_recv_atr_res, 495 rc = digital_in_send_cmd(ddev, skb, 500, digital_in_recv_atr_res,
329 target); 496 target);
497 if (rc)
498 kfree_skb(skb);
499
500 return rc;
501}
502
503static int digital_in_send_ack(struct nfc_digital_dev *ddev,
504 struct digital_data_exch *data_exch)
505{
506 struct digital_dep_req_res *dep_req;
507 struct sk_buff *skb;
508 int rc;
509
510 skb = digital_skb_alloc(ddev, 1);
511 if (!skb)
512 return -ENOMEM;
513
514 skb_push(skb, sizeof(struct digital_dep_req_res));
515
516 dep_req = (struct digital_dep_req_res *)skb->data;
517
518 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
519 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
520 dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
521 ddev->curr_nfc_dep_pni;
522
523 digital_skb_push_dep_sod(ddev, skb);
524
525 ddev->skb_add_crc(skb);
526
527 ddev->saved_skb = skb_get(skb);
528 ddev->saved_skb_len = skb->len;
529
530 rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res,
531 data_exch);
532 if (rc) {
533 kfree_skb(skb);
534 kfree_skb(ddev->saved_skb);
535 ddev->saved_skb = NULL;
536 }
537
538 return rc;
539}
540
541static int digital_in_send_nack(struct nfc_digital_dev *ddev,
542 struct digital_data_exch *data_exch)
543{
544 struct digital_dep_req_res *dep_req;
545 struct sk_buff *skb;
546 int rc;
547
548 skb = digital_skb_alloc(ddev, 1);
549 if (!skb)
550 return -ENOMEM;
551
552 skb_push(skb, sizeof(struct digital_dep_req_res));
553
554 dep_req = (struct digital_dep_req_res *)skb->data;
555
556 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
557 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
558 dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
559 DIGITAL_NFC_DEP_PFB_NACK_BIT | ddev->curr_nfc_dep_pni;
560
561 digital_skb_push_dep_sod(ddev, skb);
562
563 ddev->skb_add_crc(skb);
564
565 rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res,
566 data_exch);
567 if (rc)
568 kfree_skb(skb);
569
570 return rc;
571}
572
573static int digital_in_send_atn(struct nfc_digital_dev *ddev,
574 struct digital_data_exch *data_exch)
575{
576 struct digital_dep_req_res *dep_req;
577 struct sk_buff *skb;
578 int rc;
579
580 skb = digital_skb_alloc(ddev, 1);
581 if (!skb)
582 return -ENOMEM;
583
584 skb_push(skb, sizeof(struct digital_dep_req_res));
585
586 dep_req = (struct digital_dep_req_res *)skb->data;
587
588 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
589 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
590 dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
591
592 digital_skb_push_dep_sod(ddev, skb);
593
594 ddev->skb_add_crc(skb);
595
596 rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res,
597 data_exch);
598 if (rc)
599 kfree_skb(skb);
600
601 return rc;
330} 602}
331 603
332static int digital_in_send_rtox(struct nfc_digital_dev *ddev, 604static int digital_in_send_rtox(struct nfc_digital_dev *ddev,
@@ -355,12 +627,30 @@ static int digital_in_send_rtox(struct nfc_digital_dev *ddev,
355 627
356 ddev->skb_add_crc(skb); 628 ddev->skb_add_crc(skb);
357 629
630 ddev->saved_skb = skb_get(skb);
631 ddev->saved_skb_len = skb->len;
632
358 rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, 633 rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res,
359 data_exch); 634 data_exch);
635 if (rc) {
636 kfree_skb(skb);
637 kfree_skb(ddev->saved_skb);
638 ddev->saved_skb = NULL;
639 }
360 640
361 return rc; 641 return rc;
362} 642}
363 643
644static int digital_in_send_saved_skb(struct nfc_digital_dev *ddev,
645 struct digital_data_exch *data_exch)
646{
647 skb_get(ddev->saved_skb);
648 skb_push(ddev->saved_skb, ddev->saved_skb_len);
649
650 return digital_in_send_cmd(ddev, ddev->saved_skb, 1500,
651 digital_in_recv_dep_res, data_exch);
652}
653
364static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, 654static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
365 struct sk_buff *resp) 655 struct sk_buff *resp)
366{ 656{
@@ -373,25 +663,67 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
373 if (IS_ERR(resp)) { 663 if (IS_ERR(resp)) {
374 rc = PTR_ERR(resp); 664 rc = PTR_ERR(resp);
375 resp = NULL; 665 resp = NULL;
666
667 if (((rc != -ETIMEDOUT) || ddev->nack_count) &&
668 (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
669 ddev->atn_count = 0;
670
671 rc = digital_in_send_nack(ddev, data_exch);
672 if (rc)
673 goto error;
674
675 return;
676 } else if ((rc == -ETIMEDOUT) &&
677 (ddev->atn_count++ < DIGITAL_NFC_DEP_N_RETRY_ATN)) {
678 ddev->nack_count = 0;
679
680 rc = digital_in_send_atn(ddev, data_exch);
681 if (rc)
682 goto error;
683
684 return;
685 }
686
687 goto exit;
688 }
689
690 rc = digital_skb_pull_dep_sod(ddev, resp);
691 if (rc) {
692 PROTOCOL_ERR("14.4.1.2");
376 goto exit; 693 goto exit;
377 } 694 }
378 695
379 rc = ddev->skb_check_crc(resp); 696 rc = ddev->skb_check_crc(resp);
380 if (rc) { 697 if (rc) {
698 if ((resp->len >= 4) &&
699 (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
700 ddev->atn_count = 0;
701
702 rc = digital_in_send_nack(ddev, data_exch);
703 if (rc)
704 goto error;
705
706 kfree_skb(resp);
707
708 return;
709 }
710
381 PROTOCOL_ERR("14.4.1.6"); 711 PROTOCOL_ERR("14.4.1.6");
382 goto error; 712 goto error;
383 } 713 }
384 714
385 rc = digital_skb_pull_dep_sod(ddev, resp); 715 ddev->atn_count = 0;
386 if (rc) { 716 ddev->nack_count = 0;
387 PROTOCOL_ERR("14.4.1.2"); 717
718 if (resp->len > ddev->local_payload_max) {
719 rc = -EMSGSIZE;
388 goto exit; 720 goto exit;
389 } 721 }
390 722
723 size = sizeof(struct digital_dep_req_res);
391 dep_res = (struct digital_dep_req_res *)resp->data; 724 dep_res = (struct digital_dep_req_res *)resp->data;
392 725
393 if (resp->len < sizeof(struct digital_dep_req_res) || 726 if (resp->len < size || dep_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN ||
394 dep_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN ||
395 dep_res->cmd != DIGITAL_CMD_DEP_RES) { 727 dep_res->cmd != DIGITAL_CMD_DEP_RES) {
396 rc = -EIO; 728 rc = -EIO;
397 goto error; 729 goto error;
@@ -399,6 +731,24 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
399 731
400 pfb = dep_res->pfb; 732 pfb = dep_res->pfb;
401 733
734 if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
735 PROTOCOL_ERR("14.8.2.1");
736 rc = -EIO;
737 goto error;
738 }
739
740 if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
741 rc = -EIO;
742 goto exit;
743 }
744
745 if (size > resp->len) {
746 rc = -EIO;
747 goto error;
748 }
749
750 skb_pull(resp, size);
751
402 switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) { 752 switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
403 case DIGITAL_NFC_DEP_PFB_I_PDU: 753 case DIGITAL_NFC_DEP_PFB_I_PDU:
404 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) { 754 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
@@ -409,21 +759,71 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
409 759
410 ddev->curr_nfc_dep_pni = 760 ddev->curr_nfc_dep_pni =
411 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1); 761 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
762
763 kfree_skb(ddev->saved_skb);
764 ddev->saved_skb = NULL;
765
766 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
767 digital_in_send_ack,
768 data_exch);
769 if (IS_ERR(resp)) {
770 rc = PTR_ERR(resp);
771 resp = NULL;
772 goto error;
773 }
774
775 /* If resp is NULL then we're still chaining so return and
776 * wait for the next part of the PDU. Else, the PDU is
777 * complete so pass it up.
778 */
779 if (!resp)
780 return;
781
412 rc = 0; 782 rc = 0;
413 break; 783 break;
414 784
415 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU: 785 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
786 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
787 PROTOCOL_ERR("14.12.3.3");
788 rc = -EIO;
789 goto exit;
790 }
791
792 ddev->curr_nfc_dep_pni =
793 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
794
795 if (ddev->chaining_skb && !DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) {
796 kfree_skb(ddev->saved_skb);
797 ddev->saved_skb = NULL;
798
799 rc = digital_in_send_dep_req(ddev, NULL,
800 ddev->chaining_skb,
801 ddev->data_exch);
802 if (rc)
803 goto error;
804
805 return;
806 }
807
416 pr_err("Received a ACK/NACK PDU\n"); 808 pr_err("Received a ACK/NACK PDU\n");
417 rc = -EIO; 809 rc = -EINVAL;
418 goto error; 810 goto exit;
419 811
420 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU: 812 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
421 if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { 813 if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { /* ATN */
422 rc = -EINVAL; 814 rc = digital_in_send_saved_skb(ddev, data_exch);
423 goto error; 815 if (rc) {
816 kfree_skb(ddev->saved_skb);
817 goto error;
818 }
819
820 return;
424 } 821 }
425 822
426 rc = digital_in_send_rtox(ddev, data_exch, resp->data[3]); 823 kfree_skb(ddev->saved_skb);
824 ddev->saved_skb = NULL;
825
826 rc = digital_in_send_rtox(ddev, data_exch, resp->data[0]);
427 if (rc) 827 if (rc)
428 goto error; 828 goto error;
429 829
@@ -431,30 +831,18 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
431 return; 831 return;
432 } 832 }
433 833
434 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb)) {
435 pr_err("MI bit set. Chained PDU not supported\n");
436 rc = -EIO;
437 goto error;
438 }
439
440 size = sizeof(struct digital_dep_req_res);
441
442 if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb))
443 size++;
444
445 if (size > resp->len) {
446 rc = -EIO;
447 goto error;
448 }
449
450 skb_pull(resp, size);
451
452exit: 834exit:
453 data_exch->cb(data_exch->cb_context, resp, rc); 835 data_exch->cb(data_exch->cb_context, resp, rc);
454 836
455error: 837error:
456 kfree(data_exch); 838 kfree(data_exch);
457 839
840 kfree_skb(ddev->chaining_skb);
841 ddev->chaining_skb = NULL;
842
843 kfree_skb(ddev->saved_skb);
844 ddev->saved_skb = NULL;
845
458 if (rc) 846 if (rc)
459 kfree_skb(resp); 847 kfree_skb(resp);
460} 848}
@@ -464,20 +852,47 @@ int digital_in_send_dep_req(struct nfc_digital_dev *ddev,
464 struct digital_data_exch *data_exch) 852 struct digital_data_exch *data_exch)
465{ 853{
466 struct digital_dep_req_res *dep_req; 854 struct digital_dep_req_res *dep_req;
855 struct sk_buff *chaining_skb, *tmp_skb;
856 int rc;
467 857
468 skb_push(skb, sizeof(struct digital_dep_req_res)); 858 skb_push(skb, sizeof(struct digital_dep_req_res));
469 859
470 dep_req = (struct digital_dep_req_res *)skb->data; 860 dep_req = (struct digital_dep_req_res *)skb->data;
861
471 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT; 862 dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
472 dep_req->cmd = DIGITAL_CMD_DEP_REQ; 863 dep_req->cmd = DIGITAL_CMD_DEP_REQ;
473 dep_req->pfb = ddev->curr_nfc_dep_pni; 864 dep_req->pfb = ddev->curr_nfc_dep_pni;
474 865
475 digital_skb_push_dep_sod(ddev, skb); 866 ddev->atn_count = 0;
867 ddev->nack_count = 0;
476 868
477 ddev->skb_add_crc(skb); 869 chaining_skb = ddev->chaining_skb;
870
871 tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_req, data_exch);
872 if (IS_ERR(tmp_skb))
873 return PTR_ERR(tmp_skb);
874
875 digital_skb_push_dep_sod(ddev, tmp_skb);
876
877 ddev->skb_add_crc(tmp_skb);
478 878
479 return digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, 879 ddev->saved_skb = skb_get(tmp_skb);
480 data_exch); 880 ddev->saved_skb_len = tmp_skb->len;
881
882 rc = digital_in_send_cmd(ddev, tmp_skb, 1500, digital_in_recv_dep_res,
883 data_exch);
884 if (rc) {
885 if (tmp_skb != skb)
886 kfree_skb(tmp_skb);
887
888 kfree_skb(chaining_skb);
889 ddev->chaining_skb = NULL;
890
891 kfree_skb(ddev->saved_skb);
892 ddev->saved_skb = NULL;
893 }
894
895 return rc;
481} 896}
482 897
483static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech) 898static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech)
@@ -507,11 +922,106 @@ static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech)
507 } 922 }
508} 923}
509 924
925static int digital_tg_send_ack(struct nfc_digital_dev *ddev,
926 struct digital_data_exch *data_exch)
927{
928 struct digital_dep_req_res *dep_res;
929 struct sk_buff *skb;
930 int rc;
931
932 skb = digital_skb_alloc(ddev, 1);
933 if (!skb)
934 return -ENOMEM;
935
936 skb_push(skb, sizeof(struct digital_dep_req_res));
937
938 dep_res = (struct digital_dep_req_res *)skb->data;
939
940 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
941 dep_res->cmd = DIGITAL_CMD_DEP_RES;
942 dep_res->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
943 ddev->curr_nfc_dep_pni;
944
945 if (ddev->did) {
946 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
947
948 memcpy(skb_put(skb, sizeof(ddev->did)), &ddev->did,
949 sizeof(ddev->did));
950 }
951
952 ddev->curr_nfc_dep_pni =
953 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
954
955 digital_skb_push_dep_sod(ddev, skb);
956
957 ddev->skb_add_crc(skb);
958
959 ddev->saved_skb = skb_get(skb);
960 ddev->saved_skb_len = skb->len;
961
962 rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
963 data_exch);
964 if (rc) {
965 kfree_skb(skb);
966 kfree_skb(ddev->saved_skb);
967 ddev->saved_skb = NULL;
968 }
969
970 return rc;
971}
972
973static int digital_tg_send_atn(struct nfc_digital_dev *ddev)
974{
975 struct digital_dep_req_res *dep_res;
976 struct sk_buff *skb;
977 int rc;
978
979 skb = digital_skb_alloc(ddev, 1);
980 if (!skb)
981 return -ENOMEM;
982
983 skb_push(skb, sizeof(struct digital_dep_req_res));
984
985 dep_res = (struct digital_dep_req_res *)skb->data;
986
987 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
988 dep_res->cmd = DIGITAL_CMD_DEP_RES;
989 dep_res->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
990
991 if (ddev->did) {
992 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
993
994 memcpy(skb_put(skb, sizeof(ddev->did)), &ddev->did,
995 sizeof(ddev->did));
996 }
997
998 digital_skb_push_dep_sod(ddev, skb);
999
1000 ddev->skb_add_crc(skb);
1001
1002 rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1003 NULL);
1004 if (rc)
1005 kfree_skb(skb);
1006
1007 return rc;
1008}
1009
1010static int digital_tg_send_saved_skb(struct nfc_digital_dev *ddev)
1011{
1012 skb_get(ddev->saved_skb);
1013 skb_push(ddev->saved_skb, ddev->saved_skb_len);
1014
1015 return digital_tg_send_cmd(ddev, ddev->saved_skb, 1500,
1016 digital_tg_recv_dep_req, NULL);
1017}
1018
510static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, 1019static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
511 struct sk_buff *resp) 1020 struct sk_buff *resp)
512{ 1021{
513 int rc; 1022 int rc;
514 struct digital_dep_req_res *dep_req; 1023 struct digital_dep_req_res *dep_req;
1024 u8 pfb;
515 size_t size; 1025 size_t size;
516 1026
517 if (IS_ERR(resp)) { 1027 if (IS_ERR(resp)) {
@@ -532,6 +1042,11 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
532 goto exit; 1042 goto exit;
533 } 1043 }
534 1044
1045 if (resp->len > ddev->local_payload_max) {
1046 rc = -EMSGSIZE;
1047 goto exit;
1048 }
1049
535 size = sizeof(struct digital_dep_req_res); 1050 size = sizeof(struct digital_dep_req_res);
536 dep_req = (struct digital_dep_req_res *)resp->data; 1051 dep_req = (struct digital_dep_req_res *)resp->data;
537 1052
@@ -541,34 +1056,147 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
541 goto exit; 1056 goto exit;
542 } 1057 }
543 1058
544 if (DIGITAL_NFC_DEP_DID_BIT_SET(dep_req->pfb)) 1059 pfb = dep_req->pfb;
545 size++;
546 1060
547 if (resp->len < size) { 1061 if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
1062 if (ddev->did && (ddev->did == resp->data[3])) {
1063 size++;
1064 } else {
1065 rc = -EIO;
1066 goto exit;
1067 }
1068 } else if (ddev->did) {
548 rc = -EIO; 1069 rc = -EIO;
549 goto exit; 1070 goto exit;
550 } 1071 }
551 1072
552 switch (DIGITAL_NFC_DEP_PFB_TYPE(dep_req->pfb)) { 1073 if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
1074 rc = -EIO;
1075 goto exit;
1076 }
1077
1078 if (size > resp->len) {
1079 rc = -EIO;
1080 goto exit;
1081 }
1082
1083 skb_pull(resp, size);
1084
1085 switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
553 case DIGITAL_NFC_DEP_PFB_I_PDU: 1086 case DIGITAL_NFC_DEP_PFB_I_PDU:
554 pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n"); 1087 pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n");
555 ddev->curr_nfc_dep_pni = DIGITAL_NFC_DEP_PFB_PNI(dep_req->pfb); 1088
1089 if ((ddev->atn_count && (DIGITAL_NFC_DEP_PFB_PNI(pfb - 1) !=
1090 ddev->curr_nfc_dep_pni)) ||
1091 (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni)) {
1092 PROTOCOL_ERR("14.12.3.4");
1093 rc = -EIO;
1094 goto exit;
1095 }
1096
1097 if (ddev->atn_count) {
1098 ddev->atn_count = 0;
1099
1100 rc = digital_tg_send_saved_skb(ddev);
1101 if (rc)
1102 goto exit;
1103
1104 return;
1105 }
1106
1107 kfree_skb(ddev->saved_skb);
1108 ddev->saved_skb = NULL;
1109
1110 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
1111 digital_tg_send_ack, NULL);
1112 if (IS_ERR(resp)) {
1113 rc = PTR_ERR(resp);
1114 resp = NULL;
1115 goto exit;
1116 }
1117
1118 /* If resp is NULL then we're still chaining so return and
1119 * wait for the next part of the PDU. Else, the PDU is
1120 * complete so pass it up.
1121 */
1122 if (!resp)
1123 return;
1124
1125 rc = 0;
556 break; 1126 break;
557 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU: 1127 case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
558 pr_err("Received a ACK/NACK PDU\n"); 1128 if (!DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* ACK */
559 rc = -EINVAL; 1129 if ((ddev->atn_count &&
560 goto exit; 1130 (DIGITAL_NFC_DEP_PFB_PNI(pfb - 1) !=
1131 ddev->curr_nfc_dep_pni)) ||
1132 (DIGITAL_NFC_DEP_PFB_PNI(pfb) !=
1133 ddev->curr_nfc_dep_pni) ||
1134 !ddev->chaining_skb || !ddev->saved_skb) {
1135 rc = -EIO;
1136 goto exit;
1137 }
1138
1139 if (ddev->atn_count) {
1140 ddev->atn_count = 0;
1141
1142 rc = digital_tg_send_saved_skb(ddev);
1143 if (rc)
1144 goto exit;
1145
1146 return;
1147 }
1148
1149 kfree_skb(ddev->saved_skb);
1150 ddev->saved_skb = NULL;
1151
1152 rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb);
1153 if (rc)
1154 goto exit;
1155 } else { /* NACK */
1156 if ((DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) !=
1157 ddev->curr_nfc_dep_pni) ||
1158 !ddev->saved_skb) {
1159 rc = -EIO;
1160 goto exit;
1161 }
1162
1163 ddev->atn_count = 0;
1164
1165 rc = digital_tg_send_saved_skb(ddev);
1166 if (rc) {
1167 kfree_skb(ddev->saved_skb);
1168 goto exit;
1169 }
1170 }
1171
1172 return;
561 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU: 1173 case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
562 pr_err("Received a SUPERVISOR PDU\n"); 1174 if (DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) {
563 rc = -EINVAL; 1175 rc = -EINVAL;
564 goto exit; 1176 goto exit;
565 } 1177 }
566 1178
567 skb_pull(resp, size); 1179 rc = digital_tg_send_atn(ddev);
1180 if (rc)
1181 goto exit;
1182
1183 ddev->atn_count++;
1184
1185 kfree_skb(resp);
1186 return;
1187 }
568 1188
569 rc = nfc_tm_data_received(ddev->nfc_dev, resp); 1189 rc = nfc_tm_data_received(ddev->nfc_dev, resp);
570 1190
571exit: 1191exit:
1192 kfree_skb(ddev->chaining_skb);
1193 ddev->chaining_skb = NULL;
1194
1195 ddev->atn_count = 0;
1196
1197 kfree_skb(ddev->saved_skb);
1198 ddev->saved_skb = NULL;
1199
572 if (rc) 1200 if (rc)
573 kfree_skb(resp); 1201 kfree_skb(resp);
574} 1202}
@@ -576,20 +1204,54 @@ exit:
576int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb) 1204int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb)
577{ 1205{
578 struct digital_dep_req_res *dep_res; 1206 struct digital_dep_req_res *dep_res;
1207 struct sk_buff *chaining_skb, *tmp_skb;
1208 int rc;
579 1209
580 skb_push(skb, sizeof(struct digital_dep_req_res)); 1210 skb_push(skb, sizeof(struct digital_dep_req_res));
1211
581 dep_res = (struct digital_dep_req_res *)skb->data; 1212 dep_res = (struct digital_dep_req_res *)skb->data;
582 1213
583 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN; 1214 dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
584 dep_res->cmd = DIGITAL_CMD_DEP_RES; 1215 dep_res->cmd = DIGITAL_CMD_DEP_RES;
585 dep_res->pfb = ddev->curr_nfc_dep_pni; 1216 dep_res->pfb = ddev->curr_nfc_dep_pni;
586 1217
587 digital_skb_push_dep_sod(ddev, skb); 1218 if (ddev->did) {
1219 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
588 1220
589 ddev->skb_add_crc(skb); 1221 memcpy(skb_put(skb, sizeof(ddev->did)), &ddev->did,
1222 sizeof(ddev->did));
1223 }
1224
1225 ddev->curr_nfc_dep_pni =
1226 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1227
1228 chaining_skb = ddev->chaining_skb;
1229
1230 tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_res, NULL);
1231 if (IS_ERR(tmp_skb))
1232 return PTR_ERR(tmp_skb);
1233
1234 digital_skb_push_dep_sod(ddev, tmp_skb);
1235
1236 ddev->skb_add_crc(tmp_skb);
1237
1238 ddev->saved_skb = skb_get(tmp_skb);
1239 ddev->saved_skb_len = tmp_skb->len;
1240
1241 rc = digital_tg_send_cmd(ddev, tmp_skb, 1500, digital_tg_recv_dep_req,
1242 NULL);
1243 if (rc) {
1244 if (tmp_skb != skb)
1245 kfree_skb(tmp_skb);
1246
1247 kfree_skb(chaining_skb);
1248 ddev->chaining_skb = NULL;
590 1249
591 return digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req, 1250 kfree_skb(ddev->saved_skb);
592 NULL); 1251 ddev->saved_skb = NULL;
1252 }
1253
1254 return rc;
593} 1255}
594 1256
595static void digital_tg_send_psl_res_complete(struct nfc_digital_dev *ddev, 1257static void digital_tg_send_psl_res_complete(struct nfc_digital_dev *ddev,
@@ -632,9 +1294,10 @@ static int digital_tg_send_psl_res(struct nfc_digital_dev *ddev, u8 did,
632 1294
633 ddev->skb_add_crc(skb); 1295 ddev->skb_add_crc(skb);
634 1296
1297 ddev->curr_nfc_dep_pni = 0;
1298
635 rc = digital_tg_send_cmd(ddev, skb, 0, digital_tg_send_psl_res_complete, 1299 rc = digital_tg_send_cmd(ddev, skb, 0, digital_tg_send_psl_res_complete,
636 (void *)(unsigned long)rf_tech); 1300 (void *)(unsigned long)rf_tech);
637
638 if (rc) 1301 if (rc)
639 kfree_skb(skb); 1302 kfree_skb(skb);
640 1303
@@ -647,7 +1310,7 @@ static void digital_tg_recv_psl_req(struct nfc_digital_dev *ddev, void *arg,
647 int rc; 1310 int rc;
648 struct digital_psl_req *psl_req; 1311 struct digital_psl_req *psl_req;
649 u8 rf_tech; 1312 u8 rf_tech;
650 u8 dsi; 1313 u8 dsi, payload_size, payload_bits;
651 1314
652 if (IS_ERR(resp)) { 1315 if (IS_ERR(resp)) {
653 rc = PTR_ERR(resp); 1316 rc = PTR_ERR(resp);
@@ -692,6 +1355,18 @@ static void digital_tg_recv_psl_req(struct nfc_digital_dev *ddev, void *arg,
692 goto exit; 1355 goto exit;
693 } 1356 }
694 1357
1358 payload_bits = DIGITAL_PAYLOAD_FSL_TO_BITS(psl_req->fsl);
1359 payload_size = digital_payload_bits_to_size(payload_bits);
1360
1361 if (!payload_size || (payload_size > min(ddev->local_payload_max,
1362 ddev->remote_payload_max))) {
1363 rc = -EINVAL;
1364 goto exit;
1365 }
1366
1367 ddev->local_payload_max = payload_size;
1368 ddev->remote_payload_max = payload_size;
1369
695 rc = digital_tg_send_psl_res(ddev, psl_req->did, rf_tech); 1370 rc = digital_tg_send_psl_res(ddev, psl_req->did, rf_tech);
696 1371
697exit: 1372exit:
@@ -712,6 +1387,8 @@ static void digital_tg_send_atr_res_complete(struct nfc_digital_dev *ddev,
712 if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB) 1387 if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB)
713 offset++; 1388 offset++;
714 1389
1390 ddev->atn_count = 0;
1391
715 if (resp->data[offset] == DIGITAL_CMD_PSL_REQ) 1392 if (resp->data[offset] == DIGITAL_CMD_PSL_REQ)
716 digital_tg_recv_psl_req(ddev, arg, resp); 1393 digital_tg_recv_psl_req(ddev, arg, resp);
717 else 1394 else
@@ -723,7 +1400,7 @@ static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
723{ 1400{
724 struct digital_atr_res *atr_res; 1401 struct digital_atr_res *atr_res;
725 struct sk_buff *skb; 1402 struct sk_buff *skb;
726 u8 *gb; 1403 u8 *gb, payload_bits;
727 size_t gb_len; 1404 size_t gb_len;
728 int rc; 1405 int rc;
729 1406
@@ -744,7 +1421,11 @@ static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
744 atr_res->cmd = DIGITAL_CMD_ATR_RES; 1421 atr_res->cmd = DIGITAL_CMD_ATR_RES;
745 memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3)); 1422 memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3));
746 atr_res->to = 8; 1423 atr_res->to = 8;
747 atr_res->pp = DIGITAL_LR_BITS_PAYLOAD_SIZE_254B; 1424
1425 ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
1426 payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
1427 atr_res->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
1428
748 if (gb_len) { 1429 if (gb_len) {
749 skb_put(skb, gb_len); 1430 skb_put(skb, gb_len);
750 1431
@@ -756,12 +1437,12 @@ static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
756 1437
757 ddev->skb_add_crc(skb); 1438 ddev->skb_add_crc(skb);
758 1439
1440 ddev->curr_nfc_dep_pni = 0;
1441
759 rc = digital_tg_send_cmd(ddev, skb, 999, 1442 rc = digital_tg_send_cmd(ddev, skb, 999,
760 digital_tg_send_atr_res_complete, NULL); 1443 digital_tg_send_atr_res_complete, NULL);
761 if (rc) { 1444 if (rc)
762 kfree_skb(skb); 1445 kfree_skb(skb);
763 return rc;
764 }
765 1446
766 return rc; 1447 return rc;
767} 1448}
@@ -772,7 +1453,7 @@ void digital_tg_recv_atr_req(struct nfc_digital_dev *ddev, void *arg,
772 int rc; 1453 int rc;
773 struct digital_atr_req *atr_req; 1454 struct digital_atr_req *atr_req;
774 size_t gb_len, min_size; 1455 size_t gb_len, min_size;
775 u8 poll_tech_count; 1456 u8 poll_tech_count, payload_bits;
776 1457
777 if (IS_ERR(resp)) { 1458 if (IS_ERR(resp)) {
778 rc = PTR_ERR(resp); 1459 rc = PTR_ERR(resp);
@@ -815,11 +1496,22 @@ void digital_tg_recv_atr_req(struct nfc_digital_dev *ddev, void *arg,
815 atr_req = (struct digital_atr_req *)resp->data; 1496 atr_req = (struct digital_atr_req *)resp->data;
816 1497
817 if (atr_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT || 1498 if (atr_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
818 atr_req->cmd != DIGITAL_CMD_ATR_REQ) { 1499 atr_req->cmd != DIGITAL_CMD_ATR_REQ ||
1500 atr_req->did > DIGITAL_DID_MAX) {
819 rc = -EINVAL; 1501 rc = -EINVAL;
820 goto exit; 1502 goto exit;
821 } 1503 }
822 1504
1505 payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_req->pp);
1506 ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
1507
1508 if (!ddev->remote_payload_max) {
1509 rc = -EINVAL;
1510 goto exit;
1511 }
1512
1513 ddev->did = atr_req->did;
1514
823 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, 1515 rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
824 NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED); 1516 NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED);
825 if (rc) 1517 if (rc)
diff --git a/net/nfc/hci/command.c b/net/nfc/hci/command.c
index 677d24bb70f8..91df487aa0a9 100644
--- a/net/nfc/hci/command.c
+++ b/net/nfc/hci/command.c
@@ -345,6 +345,9 @@ int nfc_hci_connect_gate(struct nfc_hci_dev *hdev, u8 dest_host, u8 dest_gate,
345 345
346 pr_debug("\n"); 346 pr_debug("\n");
347 347
348 if (hdev->gate2pipe[dest_gate] == NFC_HCI_DO_NOT_CREATE_PIPE)
349 return 0;
350
348 if (hdev->gate2pipe[dest_gate] != NFC_HCI_INVALID_PIPE) 351 if (hdev->gate2pipe[dest_gate] != NFC_HCI_INVALID_PIPE)
349 return -EADDRINUSE; 352 return -EADDRINUSE;
350 353
diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c
index 117708263ced..ef50e7716c4a 100644
--- a/net/nfc/hci/core.c
+++ b/net/nfc/hci/core.c
@@ -167,6 +167,48 @@ exit:
167void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd, 167void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd,
168 struct sk_buff *skb) 168 struct sk_buff *skb)
169{ 169{
170 int r = 0;
171 u8 gate = nfc_hci_pipe2gate(hdev, pipe);
172 u8 local_gate, new_pipe;
173 u8 gate_opened = 0x00;
174
175 pr_debug("from gate %x pipe %x cmd %x\n", gate, pipe, cmd);
176
177 switch (cmd) {
178 case NFC_HCI_ADM_NOTIFY_PIPE_CREATED:
179 if (skb->len != 5) {
180 r = -EPROTO;
181 break;
182 }
183
184 local_gate = skb->data[3];
185 new_pipe = skb->data[4];
186 nfc_hci_send_response(hdev, gate, NFC_HCI_ANY_OK, NULL, 0);
187
188 /* save the new created pipe and bind with local gate,
189 * the description for skb->data[3] is destination gate id
190 * but since we received this cmd from host controller, we
191 * are the destination and it is our local gate
192 */
193 hdev->gate2pipe[local_gate] = new_pipe;
194 break;
195 case NFC_HCI_ANY_OPEN_PIPE:
196 /* if the pipe is already created, we allow remote host to
197 * open it
198 */
199 if (gate != 0xff)
200 nfc_hci_send_response(hdev, gate, NFC_HCI_ANY_OK,
201 &gate_opened, 1);
202 break;
203 case NFC_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED:
204 nfc_hci_send_response(hdev, gate, NFC_HCI_ANY_OK, NULL, 0);
205 break;
206 default:
207 pr_info("Discarded unknown cmd %x to gate %x\n", cmd, gate);
208 r = -EINVAL;
209 break;
210 }
211
170 kfree_skb(skb); 212 kfree_skb(skb);
171} 213}
172 214
@@ -717,6 +759,19 @@ static int hci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx)
717 return 0; 759 return 0;
718} 760}
719 761
762static int hci_se_io(struct nfc_dev *nfc_dev, u32 se_idx,
763 u8 *apdu, size_t apdu_length,
764 se_io_cb_t cb, void *cb_context)
765{
766 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
767
768 if (hdev->ops->se_io)
769 return hdev->ops->se_io(hdev, se_idx, apdu,
770 apdu_length, cb, cb_context);
771
772 return 0;
773}
774
720static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err) 775static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err)
721{ 776{
722 mutex_lock(&hdev->msg_tx_mutex); 777 mutex_lock(&hdev->msg_tx_mutex);
@@ -830,6 +885,7 @@ static struct nfc_ops hci_nfc_ops = {
830 .discover_se = hci_discover_se, 885 .discover_se = hci_discover_se,
831 .enable_se = hci_enable_se, 886 .enable_se = hci_enable_se,
832 .disable_se = hci_disable_se, 887 .disable_se = hci_disable_se,
888 .se_io = hci_se_io,
833}; 889};
834 890
835struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops, 891struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
diff --git a/net/nfc/llcp_commands.c b/net/nfc/llcp_commands.c
index c4da0c2d8a14..3621a902cb6e 100644
--- a/net/nfc/llcp_commands.c
+++ b/net/nfc/llcp_commands.c
@@ -401,7 +401,8 @@ int nfc_llcp_send_connect(struct nfc_llcp_sock *sock)
401 u8 *miux_tlv = NULL, miux_tlv_length; 401 u8 *miux_tlv = NULL, miux_tlv_length;
402 u8 *rw_tlv = NULL, rw_tlv_length, rw; 402 u8 *rw_tlv = NULL, rw_tlv_length, rw;
403 int err; 403 int err;
404 u16 size = 0, miux; 404 u16 size = 0;
405 __be16 miux;
405 406
406 pr_debug("Sending CONNECT\n"); 407 pr_debug("Sending CONNECT\n");
407 408
@@ -465,7 +466,8 @@ int nfc_llcp_send_cc(struct nfc_llcp_sock *sock)
465 u8 *miux_tlv = NULL, miux_tlv_length; 466 u8 *miux_tlv = NULL, miux_tlv_length;
466 u8 *rw_tlv = NULL, rw_tlv_length, rw; 467 u8 *rw_tlv = NULL, rw_tlv_length, rw;
467 int err; 468 int err;
468 u16 size = 0, miux; 469 u16 size = 0;
470 __be16 miux;
469 471
470 pr_debug("Sending CC\n"); 472 pr_debug("Sending CC\n");
471 473
diff --git a/net/nfc/llcp_core.c b/net/nfc/llcp_core.c
index 51e788797317..b18f07ccb504 100644
--- a/net/nfc/llcp_core.c
+++ b/net/nfc/llcp_core.c
@@ -1,5 +1,6 @@
1/* 1/*
2 * Copyright (C) 2011 Intel Corporation. All rights reserved. 2 * Copyright (C) 2011 Intel Corporation. All rights reserved.
3 * Copyright (C) 2014 Marvell International Ltd.
3 * 4 *
4 * This program is free software; you can redistribute it and/or modify 5 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by 6 * it under the terms of the GNU General Public License as published by
@@ -1511,8 +1512,10 @@ int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb)
1511 struct nfc_llcp_local *local; 1512 struct nfc_llcp_local *local;
1512 1513
1513 local = nfc_llcp_find_local(dev); 1514 local = nfc_llcp_find_local(dev);
1514 if (local == NULL) 1515 if (local == NULL) {
1516 kfree_skb(skb);
1515 return -ENODEV; 1517 return -ENODEV;
1518 }
1516 1519
1517 __nfc_llcp_recv(local, skb); 1520 __nfc_llcp_recv(local, skb);
1518 1521
diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c
index 83bc785d5855..e181e290427c 100644
--- a/net/nfc/llcp_sock.c
+++ b/net/nfc/llcp_sock.c
@@ -524,13 +524,13 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *uaddr,
524 524
525static inline unsigned int llcp_accept_poll(struct sock *parent) 525static inline unsigned int llcp_accept_poll(struct sock *parent)
526{ 526{
527 struct nfc_llcp_sock *llcp_sock, *n, *parent_sock; 527 struct nfc_llcp_sock *llcp_sock, *parent_sock;
528 struct sock *sk; 528 struct sock *sk;
529 529
530 parent_sock = nfc_llcp_sock(parent); 530 parent_sock = nfc_llcp_sock(parent);
531 531
532 list_for_each_entry_safe(llcp_sock, n, &parent_sock->accept_queue, 532 list_for_each_entry(llcp_sock, &parent_sock->accept_queue,
533 accept_queue) { 533 accept_queue) {
534 sk = &llcp_sock->sk; 534 sk = &llcp_sock->sk;
535 535
536 if (sk->sk_state == LLCP_CONNECTED) 536 if (sk->sk_state == LLCP_CONNECTED)
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index 90b16cb40058..51feb5e63008 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -3,6 +3,7 @@
3 * NFC Controller (NFCC) and a Device Host (DH). 3 * NFC Controller (NFCC) and a Device Host (DH).
4 * 4 *
5 * Copyright (C) 2011 Texas Instruments, Inc. 5 * Copyright (C) 2011 Texas Instruments, Inc.
6 * Copyright (C) 2014 Marvell International Ltd.
6 * 7 *
7 * Written by Ilan Elias <ilane@ti.com> 8 * Written by Ilan Elias <ilane@ti.com>
8 * 9 *
@@ -196,18 +197,24 @@ static void nci_set_config_req(struct nci_dev *ndev, unsigned long opt)
196 nci_send_cmd(ndev, NCI_OP_CORE_SET_CONFIG_CMD, (3 + param->len), &cmd); 197 nci_send_cmd(ndev, NCI_OP_CORE_SET_CONFIG_CMD, (3 + param->len), &cmd);
197} 198}
198 199
200struct nci_rf_discover_param {
201 __u32 im_protocols;
202 __u32 tm_protocols;
203};
204
199static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt) 205static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
200{ 206{
207 struct nci_rf_discover_param *param =
208 (struct nci_rf_discover_param *)opt;
201 struct nci_rf_disc_cmd cmd; 209 struct nci_rf_disc_cmd cmd;
202 __u32 protocols = opt;
203 210
204 cmd.num_disc_configs = 0; 211 cmd.num_disc_configs = 0;
205 212
206 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) && 213 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
207 (protocols & NFC_PROTO_JEWEL_MASK || 214 (param->im_protocols & NFC_PROTO_JEWEL_MASK ||
208 protocols & NFC_PROTO_MIFARE_MASK || 215 param->im_protocols & NFC_PROTO_MIFARE_MASK ||
209 protocols & NFC_PROTO_ISO14443_MASK || 216 param->im_protocols & NFC_PROTO_ISO14443_MASK ||
210 protocols & NFC_PROTO_NFC_DEP_MASK)) { 217 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
211 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode = 218 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
212 NCI_NFC_A_PASSIVE_POLL_MODE; 219 NCI_NFC_A_PASSIVE_POLL_MODE;
213 cmd.disc_configs[cmd.num_disc_configs].frequency = 1; 220 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
@@ -215,7 +222,7 @@ static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
215 } 222 }
216 223
217 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) && 224 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
218 (protocols & NFC_PROTO_ISO14443_B_MASK)) { 225 (param->im_protocols & NFC_PROTO_ISO14443_B_MASK)) {
219 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode = 226 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
220 NCI_NFC_B_PASSIVE_POLL_MODE; 227 NCI_NFC_B_PASSIVE_POLL_MODE;
221 cmd.disc_configs[cmd.num_disc_configs].frequency = 1; 228 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
@@ -223,8 +230,8 @@ static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
223 } 230 }
224 231
225 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) && 232 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
226 (protocols & NFC_PROTO_FELICA_MASK || 233 (param->im_protocols & NFC_PROTO_FELICA_MASK ||
227 protocols & NFC_PROTO_NFC_DEP_MASK)) { 234 param->im_protocols & NFC_PROTO_NFC_DEP_MASK)) {
228 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode = 235 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
229 NCI_NFC_F_PASSIVE_POLL_MODE; 236 NCI_NFC_F_PASSIVE_POLL_MODE;
230 cmd.disc_configs[cmd.num_disc_configs].frequency = 1; 237 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
@@ -232,13 +239,25 @@ static void nci_rf_discover_req(struct nci_dev *ndev, unsigned long opt)
232 } 239 }
233 240
234 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) && 241 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS) &&
235 (protocols & NFC_PROTO_ISO15693_MASK)) { 242 (param->im_protocols & NFC_PROTO_ISO15693_MASK)) {
236 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode = 243 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
237 NCI_NFC_V_PASSIVE_POLL_MODE; 244 NCI_NFC_V_PASSIVE_POLL_MODE;
238 cmd.disc_configs[cmd.num_disc_configs].frequency = 1; 245 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
239 cmd.num_disc_configs++; 246 cmd.num_disc_configs++;
240 } 247 }
241 248
249 if ((cmd.num_disc_configs < NCI_MAX_NUM_RF_CONFIGS - 1) &&
250 (param->tm_protocols & NFC_PROTO_NFC_DEP_MASK)) {
251 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
252 NCI_NFC_A_PASSIVE_LISTEN_MODE;
253 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
254 cmd.num_disc_configs++;
255 cmd.disc_configs[cmd.num_disc_configs].rf_tech_and_mode =
256 NCI_NFC_F_PASSIVE_LISTEN_MODE;
257 cmd.disc_configs[cmd.num_disc_configs].frequency = 1;
258 cmd.num_disc_configs++;
259 }
260
242 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_CMD, 261 nci_send_cmd(ndev, NCI_OP_RF_DISCOVER_CMD,
243 (1 + (cmd.num_disc_configs * sizeof(struct disc_config))), 262 (1 + (cmd.num_disc_configs * sizeof(struct disc_config))),
244 &cmd); 263 &cmd);
@@ -280,7 +299,7 @@ static void nci_rf_deactivate_req(struct nci_dev *ndev, unsigned long opt)
280{ 299{
281 struct nci_rf_deactivate_cmd cmd; 300 struct nci_rf_deactivate_cmd cmd;
282 301
283 cmd.type = NCI_DEACTIVATE_TYPE_IDLE_MODE; 302 cmd.type = opt;
284 303
285 nci_send_cmd(ndev, NCI_OP_RF_DEACTIVATE_CMD, 304 nci_send_cmd(ndev, NCI_OP_RF_DEACTIVATE_CMD,
286 sizeof(struct nci_rf_deactivate_cmd), &cmd); 305 sizeof(struct nci_rf_deactivate_cmd), &cmd);
@@ -441,6 +460,7 @@ static int nci_set_local_general_bytes(struct nfc_dev *nfc_dev)
441{ 460{
442 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev); 461 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
443 struct nci_set_config_param param; 462 struct nci_set_config_param param;
463 int rc;
444 464
445 param.val = nfc_get_local_general_bytes(nfc_dev, &param.len); 465 param.val = nfc_get_local_general_bytes(nfc_dev, &param.len);
446 if ((param.val == NULL) || (param.len == 0)) 466 if ((param.val == NULL) || (param.len == 0))
@@ -451,14 +471,45 @@ static int nci_set_local_general_bytes(struct nfc_dev *nfc_dev)
451 471
452 param.id = NCI_PN_ATR_REQ_GEN_BYTES; 472 param.id = NCI_PN_ATR_REQ_GEN_BYTES;
453 473
474 rc = nci_request(ndev, nci_set_config_req, (unsigned long)&param,
475 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
476 if (rc)
477 return rc;
478
479 param.id = NCI_LN_ATR_RES_GEN_BYTES;
480
454 return nci_request(ndev, nci_set_config_req, (unsigned long)&param, 481 return nci_request(ndev, nci_set_config_req, (unsigned long)&param,
455 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT)); 482 msecs_to_jiffies(NCI_SET_CONFIG_TIMEOUT));
456} 483}
457 484
485static int nci_set_listen_parameters(struct nfc_dev *nfc_dev)
486{
487 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
488 int rc;
489 __u8 val;
490
491 val = NCI_LA_SEL_INFO_NFC_DEP_MASK;
492
493 rc = nci_set_config(ndev, NCI_LA_SEL_INFO, 1, &val);
494 if (rc)
495 return rc;
496
497 val = NCI_LF_PROTOCOL_TYPE_NFC_DEP_MASK;
498
499 rc = nci_set_config(ndev, NCI_LF_PROTOCOL_TYPE, 1, &val);
500 if (rc)
501 return rc;
502
503 val = NCI_LF_CON_BITR_F_212 | NCI_LF_CON_BITR_F_424;
504
505 return nci_set_config(ndev, NCI_LF_CON_BITR_F, 1, &val);
506}
507
458static int nci_start_poll(struct nfc_dev *nfc_dev, 508static int nci_start_poll(struct nfc_dev *nfc_dev,
459 __u32 im_protocols, __u32 tm_protocols) 509 __u32 im_protocols, __u32 tm_protocols)
460{ 510{
461 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev); 511 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
512 struct nci_rf_discover_param param;
462 int rc; 513 int rc;
463 514
464 if ((atomic_read(&ndev->state) == NCI_DISCOVERY) || 515 if ((atomic_read(&ndev->state) == NCI_DISCOVERY) ||
@@ -476,13 +527,14 @@ static int nci_start_poll(struct nfc_dev *nfc_dev,
476 (atomic_read(&ndev->state) == NCI_POLL_ACTIVE)) { 527 (atomic_read(&ndev->state) == NCI_POLL_ACTIVE)) {
477 pr_debug("target active or w4 select, implicitly deactivate\n"); 528 pr_debug("target active or w4 select, implicitly deactivate\n");
478 529
479 rc = nci_request(ndev, nci_rf_deactivate_req, 0, 530 rc = nci_request(ndev, nci_rf_deactivate_req,
531 NCI_DEACTIVATE_TYPE_IDLE_MODE,
480 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT)); 532 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
481 if (rc) 533 if (rc)
482 return -EBUSY; 534 return -EBUSY;
483 } 535 }
484 536
485 if (im_protocols & NFC_PROTO_NFC_DEP_MASK) { 537 if ((im_protocols | tm_protocols) & NFC_PROTO_NFC_DEP_MASK) {
486 rc = nci_set_local_general_bytes(nfc_dev); 538 rc = nci_set_local_general_bytes(nfc_dev);
487 if (rc) { 539 if (rc) {
488 pr_err("failed to set local general bytes\n"); 540 pr_err("failed to set local general bytes\n");
@@ -490,7 +542,15 @@ static int nci_start_poll(struct nfc_dev *nfc_dev,
490 } 542 }
491 } 543 }
492 544
493 rc = nci_request(ndev, nci_rf_discover_req, im_protocols, 545 if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) {
546 rc = nci_set_listen_parameters(nfc_dev);
547 if (rc)
548 pr_err("failed to set listen parameters\n");
549 }
550
551 param.im_protocols = im_protocols;
552 param.tm_protocols = tm_protocols;
553 rc = nci_request(ndev, nci_rf_discover_req, (unsigned long)&param,
494 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT)); 554 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT));
495 555
496 if (!rc) 556 if (!rc)
@@ -509,7 +569,7 @@ static void nci_stop_poll(struct nfc_dev *nfc_dev)
509 return; 569 return;
510 } 570 }
511 571
512 nci_request(ndev, nci_rf_deactivate_req, 0, 572 nci_request(ndev, nci_rf_deactivate_req, NCI_DEACTIVATE_TYPE_IDLE_MODE,
513 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT)); 573 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
514} 574}
515 575
@@ -594,7 +654,8 @@ static void nci_deactivate_target(struct nfc_dev *nfc_dev,
594 ndev->target_active_prot = 0; 654 ndev->target_active_prot = 0;
595 655
596 if (atomic_read(&ndev->state) == NCI_POLL_ACTIVE) { 656 if (atomic_read(&ndev->state) == NCI_POLL_ACTIVE) {
597 nci_request(ndev, nci_rf_deactivate_req, 0, 657 nci_request(ndev, nci_rf_deactivate_req,
658 NCI_DEACTIVATE_TYPE_SLEEP_MODE,
598 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT)); 659 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
599 } 660 }
600} 661}
@@ -622,9 +683,24 @@ static int nci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
622 683
623static int nci_dep_link_down(struct nfc_dev *nfc_dev) 684static int nci_dep_link_down(struct nfc_dev *nfc_dev)
624{ 685{
686 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
687 int rc;
688
625 pr_debug("entry\n"); 689 pr_debug("entry\n");
626 690
627 nci_deactivate_target(nfc_dev, NULL); 691 if (nfc_dev->rf_mode == NFC_RF_INITIATOR) {
692 nci_deactivate_target(nfc_dev, NULL);
693 } else {
694 if (atomic_read(&ndev->state) == NCI_LISTEN_ACTIVE ||
695 atomic_read(&ndev->state) == NCI_DISCOVERY) {
696 nci_request(ndev, nci_rf_deactivate_req, 0,
697 msecs_to_jiffies(NCI_RF_DEACTIVATE_TIMEOUT));
698 }
699
700 rc = nfc_tm_deactivated(nfc_dev);
701 if (rc)
702 pr_err("error when signaling tm deactivation\n");
703 }
628 704
629 return 0; 705 return 0;
630} 706}
@@ -658,18 +734,58 @@ static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
658 return rc; 734 return rc;
659} 735}
660 736
737static int nci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
738{
739 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
740 int rc;
741
742 rc = nci_send_data(ndev, NCI_STATIC_RF_CONN_ID, skb);
743 if (rc)
744 pr_err("unable to send data\n");
745
746 return rc;
747}
748
661static int nci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx) 749static int nci_enable_se(struct nfc_dev *nfc_dev, u32 se_idx)
662{ 750{
751 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
752
753 if (ndev->ops->enable_se)
754 return ndev->ops->enable_se(ndev, se_idx);
755
663 return 0; 756 return 0;
664} 757}
665 758
666static int nci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx) 759static int nci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx)
667{ 760{
761 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
762
763 if (ndev->ops->disable_se)
764 return ndev->ops->disable_se(ndev, se_idx);
765
668 return 0; 766 return 0;
669} 767}
670 768
671static int nci_discover_se(struct nfc_dev *nfc_dev) 769static int nci_discover_se(struct nfc_dev *nfc_dev)
672{ 770{
771 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
772
773 if (ndev->ops->discover_se)
774 return ndev->ops->discover_se(ndev);
775
776 return 0;
777}
778
779static int nci_se_io(struct nfc_dev *nfc_dev, u32 se_idx,
780 u8 *apdu, size_t apdu_length,
781 se_io_cb_t cb, void *cb_context)
782{
783 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
784
785 if (ndev->ops->se_io)
786 return ndev->ops->se_io(ndev, se_idx, apdu,
787 apdu_length, cb, cb_context);
788
673 return 0; 789 return 0;
674} 790}
675 791
@@ -683,9 +799,11 @@ static struct nfc_ops nci_nfc_ops = {
683 .activate_target = nci_activate_target, 799 .activate_target = nci_activate_target,
684 .deactivate_target = nci_deactivate_target, 800 .deactivate_target = nci_deactivate_target,
685 .im_transceive = nci_transceive, 801 .im_transceive = nci_transceive,
802 .tm_send = nci_tm_send,
686 .enable_se = nci_enable_se, 803 .enable_se = nci_enable_se,
687 .disable_se = nci_disable_se, 804 .disable_se = nci_disable_se,
688 .discover_se = nci_discover_se, 805 .discover_se = nci_discover_se,
806 .se_io = nci_se_io,
689}; 807};
690 808
691/* ---- Interface to NCI drivers ---- */ 809/* ---- Interface to NCI drivers ---- */
diff --git a/net/nfc/nci/data.c b/net/nfc/nci/data.c
index 427ef2c7ab68..a2de2a8cb00e 100644
--- a/net/nfc/nci/data.c
+++ b/net/nfc/nci/data.c
@@ -3,6 +3,7 @@
3 * NFC Controller (NFCC) and a Device Host (DH). 3 * NFC Controller (NFCC) and a Device Host (DH).
4 * 4 *
5 * Copyright (C) 2011 Texas Instruments, Inc. 5 * Copyright (C) 2011 Texas Instruments, Inc.
6 * Copyright (C) 2014 Marvell International Ltd.
6 * 7 *
7 * Written by Ilan Elias <ilane@ti.com> 8 * Written by Ilan Elias <ilane@ti.com>
8 * 9 *
@@ -184,11 +185,16 @@ exit:
184 185
185static void nci_add_rx_data_frag(struct nci_dev *ndev, 186static void nci_add_rx_data_frag(struct nci_dev *ndev,
186 struct sk_buff *skb, 187 struct sk_buff *skb,
187 __u8 pbf) 188 __u8 pbf, __u8 status)
188{ 189{
189 int reassembly_len; 190 int reassembly_len;
190 int err = 0; 191 int err = 0;
191 192
193 if (status) {
194 err = status;
195 goto exit;
196 }
197
192 if (ndev->rx_data_reassembly) { 198 if (ndev->rx_data_reassembly) {
193 reassembly_len = ndev->rx_data_reassembly->len; 199 reassembly_len = ndev->rx_data_reassembly->len;
194 200
@@ -223,13 +229,24 @@ static void nci_add_rx_data_frag(struct nci_dev *ndev,
223 } 229 }
224 230
225exit: 231exit:
226 nci_data_exchange_complete(ndev, skb, err); 232 if (ndev->nfc_dev->rf_mode == NFC_RF_INITIATOR) {
233 nci_data_exchange_complete(ndev, skb, err);
234 } else if (ndev->nfc_dev->rf_mode == NFC_RF_TARGET) {
235 /* Data received in Target mode, forward to nfc core */
236 err = nfc_tm_data_received(ndev->nfc_dev, skb);
237 if (err)
238 pr_err("unable to handle received data\n");
239 } else {
240 pr_err("rf mode unknown\n");
241 kfree_skb(skb);
242 }
227} 243}
228 244
229/* Rx Data packet */ 245/* Rx Data packet */
230void nci_rx_data_packet(struct nci_dev *ndev, struct sk_buff *skb) 246void nci_rx_data_packet(struct nci_dev *ndev, struct sk_buff *skb)
231{ 247{
232 __u8 pbf = nci_pbf(skb->data); 248 __u8 pbf = nci_pbf(skb->data);
249 __u8 status = 0;
233 250
234 pr_debug("len %d\n", skb->len); 251 pr_debug("len %d\n", skb->len);
235 252
@@ -247,8 +264,9 @@ void nci_rx_data_packet(struct nci_dev *ndev, struct sk_buff *skb)
247 ndev->target_active_prot == NFC_PROTO_ISO15693) { 264 ndev->target_active_prot == NFC_PROTO_ISO15693) {
248 /* frame I/F => remove the status byte */ 265 /* frame I/F => remove the status byte */
249 pr_debug("frame I/F => remove the status byte\n"); 266 pr_debug("frame I/F => remove the status byte\n");
267 status = skb->data[skb->len - 1];
250 skb_trim(skb, (skb->len - 1)); 268 skb_trim(skb, (skb->len - 1));
251 } 269 }
252 270
253 nci_add_rx_data_frag(ndev, skb, pbf); 271 nci_add_rx_data_frag(ndev, skb, pbf, nci_to_errno(status));
254} 272}
diff --git a/net/nfc/nci/ntf.c b/net/nfc/nci/ntf.c
index 205b35f666db..22e453cb787d 100644
--- a/net/nfc/nci/ntf.c
+++ b/net/nfc/nci/ntf.c
@@ -103,7 +103,7 @@ static __u8 *nci_extract_rf_params_nfca_passive_poll(struct nci_dev *ndev,
103 struct rf_tech_specific_params_nfca_poll *nfca_poll, 103 struct rf_tech_specific_params_nfca_poll *nfca_poll,
104 __u8 *data) 104 __u8 *data)
105{ 105{
106 nfca_poll->sens_res = __le16_to_cpu(*((__u16 *)data)); 106 nfca_poll->sens_res = __le16_to_cpu(*((__le16 *)data));
107 data += 2; 107 data += 2;
108 108
109 nfca_poll->nfcid1_len = min_t(__u8, *data++, NFC_NFCID1_MAXSIZE); 109 nfca_poll->nfcid1_len = min_t(__u8, *data++, NFC_NFCID1_MAXSIZE);
@@ -167,7 +167,19 @@ static __u8 *nci_extract_rf_params_nfcv_passive_poll(struct nci_dev *ndev,
167 return data; 167 return data;
168} 168}
169 169
170__u32 nci_get_prop_rf_protocol(struct nci_dev *ndev, __u8 rf_protocol) 170static __u8 *nci_extract_rf_params_nfcf_passive_listen(struct nci_dev *ndev,
171 struct rf_tech_specific_params_nfcf_listen *nfcf_listen,
172 __u8 *data)
173{
174 nfcf_listen->local_nfcid2_len = min_t(__u8, *data++,
175 NFC_NFCID2_MAXSIZE);
176 memcpy(nfcf_listen->local_nfcid2, data, nfcf_listen->local_nfcid2_len);
177 data += nfcf_listen->local_nfcid2_len;
178
179 return data;
180}
181
182static __u32 nci_get_prop_rf_protocol(struct nci_dev *ndev, __u8 rf_protocol)
171{ 183{
172 if (ndev->ops->get_rfprotocol) 184 if (ndev->ops->get_rfprotocol)
173 return ndev->ops->get_rfprotocol(ndev, rf_protocol); 185 return ndev->ops->get_rfprotocol(ndev, rf_protocol);
@@ -401,17 +413,29 @@ static int nci_extract_activation_params_nfc_dep(struct nci_dev *ndev,
401 struct nci_rf_intf_activated_ntf *ntf, __u8 *data) 413 struct nci_rf_intf_activated_ntf *ntf, __u8 *data)
402{ 414{
403 struct activation_params_poll_nfc_dep *poll; 415 struct activation_params_poll_nfc_dep *poll;
416 struct activation_params_listen_nfc_dep *listen;
404 417
405 switch (ntf->activation_rf_tech_and_mode) { 418 switch (ntf->activation_rf_tech_and_mode) {
406 case NCI_NFC_A_PASSIVE_POLL_MODE: 419 case NCI_NFC_A_PASSIVE_POLL_MODE:
407 case NCI_NFC_F_PASSIVE_POLL_MODE: 420 case NCI_NFC_F_PASSIVE_POLL_MODE:
408 poll = &ntf->activation_params.poll_nfc_dep; 421 poll = &ntf->activation_params.poll_nfc_dep;
409 poll->atr_res_len = min_t(__u8, *data++, 63); 422 poll->atr_res_len = min_t(__u8, *data++,
423 NFC_ATR_RES_MAXSIZE - 2);
410 pr_debug("atr_res_len %d\n", poll->atr_res_len); 424 pr_debug("atr_res_len %d\n", poll->atr_res_len);
411 if (poll->atr_res_len > 0) 425 if (poll->atr_res_len > 0)
412 memcpy(poll->atr_res, data, poll->atr_res_len); 426 memcpy(poll->atr_res, data, poll->atr_res_len);
413 break; 427 break;
414 428
429 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
430 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
431 listen = &ntf->activation_params.listen_nfc_dep;
432 listen->atr_req_len = min_t(__u8, *data++,
433 NFC_ATR_REQ_MAXSIZE - 2);
434 pr_debug("atr_req_len %d\n", listen->atr_req_len);
435 if (listen->atr_req_len > 0)
436 memcpy(listen->atr_req, data, listen->atr_req_len);
437 break;
438
415 default: 439 default:
416 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n", 440 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
417 ntf->activation_rf_tech_and_mode); 441 ntf->activation_rf_tech_and_mode);
@@ -444,6 +468,48 @@ static void nci_target_auto_activated(struct nci_dev *ndev,
444 nfc_targets_found(ndev->nfc_dev, ndev->targets, ndev->n_targets); 468 nfc_targets_found(ndev->nfc_dev, ndev->targets, ndev->n_targets);
445} 469}
446 470
471static int nci_store_general_bytes_nfc_dep(struct nci_dev *ndev,
472 struct nci_rf_intf_activated_ntf *ntf)
473{
474 ndev->remote_gb_len = 0;
475
476 if (ntf->activation_params_len <= 0)
477 return NCI_STATUS_OK;
478
479 switch (ntf->activation_rf_tech_and_mode) {
480 case NCI_NFC_A_PASSIVE_POLL_MODE:
481 case NCI_NFC_F_PASSIVE_POLL_MODE:
482 ndev->remote_gb_len = min_t(__u8,
483 (ntf->activation_params.poll_nfc_dep.atr_res_len
484 - NFC_ATR_RES_GT_OFFSET),
485 NFC_ATR_RES_GB_MAXSIZE);
486 memcpy(ndev->remote_gb,
487 (ntf->activation_params.poll_nfc_dep.atr_res
488 + NFC_ATR_RES_GT_OFFSET),
489 ndev->remote_gb_len);
490 break;
491
492 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
493 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
494 ndev->remote_gb_len = min_t(__u8,
495 (ntf->activation_params.listen_nfc_dep.atr_req_len
496 - NFC_ATR_REQ_GT_OFFSET),
497 NFC_ATR_REQ_GB_MAXSIZE);
498 memcpy(ndev->remote_gb,
499 (ntf->activation_params.listen_nfc_dep.atr_req
500 + NFC_ATR_REQ_GT_OFFSET),
501 ndev->remote_gb_len);
502 break;
503
504 default:
505 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
506 ntf->activation_rf_tech_and_mode);
507 return NCI_STATUS_RF_PROTOCOL_ERROR;
508 }
509
510 return NCI_STATUS_OK;
511}
512
447static void nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev, 513static void nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev,
448 struct sk_buff *skb) 514 struct sk_buff *skb)
449{ 515{
@@ -493,6 +559,16 @@ static void nci_rf_intf_activated_ntf_packet(struct nci_dev *ndev,
493 &(ntf.rf_tech_specific_params.nfcv_poll), data); 559 &(ntf.rf_tech_specific_params.nfcv_poll), data);
494 break; 560 break;
495 561
562 case NCI_NFC_A_PASSIVE_LISTEN_MODE:
563 /* no RF technology specific parameters */
564 break;
565
566 case NCI_NFC_F_PASSIVE_LISTEN_MODE:
567 data = nci_extract_rf_params_nfcf_passive_listen(ndev,
568 &(ntf.rf_tech_specific_params.nfcf_listen),
569 data);
570 break;
571
496 default: 572 default:
497 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n", 573 pr_err("unsupported activation_rf_tech_and_mode 0x%x\n",
498 ntf.activation_rf_tech_and_mode); 574 ntf.activation_rf_tech_and_mode);
@@ -546,32 +622,39 @@ exit:
546 622
547 /* store general bytes to be reported later in dep_link_up */ 623 /* store general bytes to be reported later in dep_link_up */
548 if (ntf.rf_interface == NCI_RF_INTERFACE_NFC_DEP) { 624 if (ntf.rf_interface == NCI_RF_INTERFACE_NFC_DEP) {
549 ndev->remote_gb_len = 0; 625 err = nci_store_general_bytes_nfc_dep(ndev, &ntf);
550 626 if (err != NCI_STATUS_OK)
551 if (ntf.activation_params_len > 0) { 627 pr_err("unable to store general bytes\n");
552 /* ATR_RES general bytes at offset 15 */
553 ndev->remote_gb_len = min_t(__u8,
554 (ntf.activation_params
555 .poll_nfc_dep.atr_res_len
556 - NFC_ATR_RES_GT_OFFSET),
557 NFC_MAX_GT_LEN);
558 memcpy(ndev->remote_gb,
559 (ntf.activation_params.poll_nfc_dep
560 .atr_res + NFC_ATR_RES_GT_OFFSET),
561 ndev->remote_gb_len);
562 }
563 } 628 }
564 } 629 }
565 630
566 if (atomic_read(&ndev->state) == NCI_DISCOVERY) { 631 if (!(ntf.activation_rf_tech_and_mode & NCI_RF_TECH_MODE_LISTEN_MASK)) {
567 /* A single target was found and activated automatically */ 632 /* Poll mode */
568 atomic_set(&ndev->state, NCI_POLL_ACTIVE); 633 if (atomic_read(&ndev->state) == NCI_DISCOVERY) {
569 if (err == NCI_STATUS_OK) 634 /* A single target was found and activated
570 nci_target_auto_activated(ndev, &ntf); 635 * automatically */
571 } else { /* ndev->state == NCI_W4_HOST_SELECT */ 636 atomic_set(&ndev->state, NCI_POLL_ACTIVE);
572 /* A selected target was activated, so complete the request */ 637 if (err == NCI_STATUS_OK)
573 atomic_set(&ndev->state, NCI_POLL_ACTIVE); 638 nci_target_auto_activated(ndev, &ntf);
574 nci_req_complete(ndev, err); 639 } else { /* ndev->state == NCI_W4_HOST_SELECT */
640 /* A selected target was activated, so complete the
641 * request */
642 atomic_set(&ndev->state, NCI_POLL_ACTIVE);
643 nci_req_complete(ndev, err);
644 }
645 } else {
646 /* Listen mode */
647 atomic_set(&ndev->state, NCI_LISTEN_ACTIVE);
648 if (err == NCI_STATUS_OK &&
649 ntf.rf_protocol == NCI_RF_PROTOCOL_NFC_DEP) {
650 err = nfc_tm_activated(ndev->nfc_dev,
651 NFC_PROTO_NFC_DEP_MASK,
652 NFC_COMM_PASSIVE,
653 ndev->remote_gb,
654 ndev->remote_gb_len);
655 if (err != NCI_STATUS_OK)
656 pr_err("error when signaling tm activation\n");
657 }
575 } 658 }
576} 659}
577 660
@@ -595,8 +678,21 @@ static void nci_rf_deactivate_ntf_packet(struct nci_dev *ndev,
595 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags)) 678 if (test_bit(NCI_DATA_EXCHANGE, &ndev->flags))
596 nci_data_exchange_complete(ndev, NULL, -EIO); 679 nci_data_exchange_complete(ndev, NULL, -EIO);
597 680
598 nci_clear_target_list(ndev); 681 switch (ntf->type) {
599 atomic_set(&ndev->state, NCI_IDLE); 682 case NCI_DEACTIVATE_TYPE_IDLE_MODE:
683 nci_clear_target_list(ndev);
684 atomic_set(&ndev->state, NCI_IDLE);
685 break;
686 case NCI_DEACTIVATE_TYPE_SLEEP_MODE:
687 case NCI_DEACTIVATE_TYPE_SLEEP_AF_MODE:
688 atomic_set(&ndev->state, NCI_W4_HOST_SELECT);
689 break;
690 case NCI_DEACTIVATE_TYPE_DISCOVERY:
691 nci_clear_target_list(ndev);
692 atomic_set(&ndev->state, NCI_DISCOVERY);
693 break;
694 }
695
600 nci_req_complete(ndev, NCI_STATUS_OK); 696 nci_req_complete(ndev, NCI_STATUS_OK);
601} 697}
602 698
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 43cb1c17e267..44989fc8cddf 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -810,6 +810,31 @@ out:
810 return rc; 810 return rc;
811} 811}
812 812
813static int nfc_genl_activate_target(struct sk_buff *skb, struct genl_info *info)
814{
815 struct nfc_dev *dev;
816 u32 device_idx, target_idx, protocol;
817 int rc;
818
819 if (!info->attrs[NFC_ATTR_DEVICE_INDEX])
820 return -EINVAL;
821
822 device_idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
823
824 dev = nfc_get_device(device_idx);
825 if (!dev)
826 return -ENODEV;
827
828 target_idx = nla_get_u32(info->attrs[NFC_ATTR_TARGET_INDEX]);
829 protocol = nla_get_u32(info->attrs[NFC_ATTR_PROTOCOLS]);
830
831 nfc_deactivate_target(dev, target_idx);
832 rc = nfc_activate_target(dev, target_idx, protocol);
833
834 nfc_put_device(dev);
835 return 0;
836}
837
813static int nfc_genl_dep_link_up(struct sk_buff *skb, struct genl_info *info) 838static int nfc_genl_dep_link_up(struct sk_buff *skb, struct genl_info *info)
814{ 839{
815 struct nfc_dev *dev; 840 struct nfc_dev *dev;
@@ -1285,6 +1310,51 @@ static int nfc_genl_dump_ses_done(struct netlink_callback *cb)
1285 return 0; 1310 return 0;
1286} 1311}
1287 1312
1313static int nfc_se_io(struct nfc_dev *dev, u32 se_idx,
1314 u8 *apdu, size_t apdu_length,
1315 se_io_cb_t cb, void *cb_context)
1316{
1317 struct nfc_se *se;
1318 int rc;
1319
1320 pr_debug("%s se index %d\n", dev_name(&dev->dev), se_idx);
1321
1322 device_lock(&dev->dev);
1323
1324 if (!device_is_registered(&dev->dev)) {
1325 rc = -ENODEV;
1326 goto error;
1327 }
1328
1329 if (!dev->dev_up) {
1330 rc = -ENODEV;
1331 goto error;
1332 }
1333
1334 if (!dev->ops->se_io) {
1335 rc = -EOPNOTSUPP;
1336 goto error;
1337 }
1338
1339 se = nfc_find_se(dev, se_idx);
1340 if (!se) {
1341 rc = -EINVAL;
1342 goto error;
1343 }
1344
1345 if (se->state != NFC_SE_ENABLED) {
1346 rc = -ENODEV;
1347 goto error;
1348 }
1349
1350 rc = dev->ops->se_io(dev, se_idx, apdu,
1351 apdu_length, cb, cb_context);
1352
1353error:
1354 device_unlock(&dev->dev);
1355 return rc;
1356}
1357
1288struct se_io_ctx { 1358struct se_io_ctx {
1289 u32 dev_idx; 1359 u32 dev_idx;
1290 u32 se_idx; 1360 u32 se_idx;
@@ -1367,7 +1437,7 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info)
1367 ctx->dev_idx = dev_idx; 1437 ctx->dev_idx = dev_idx;
1368 ctx->se_idx = se_idx; 1438 ctx->se_idx = se_idx;
1369 1439
1370 return dev->ops->se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx); 1440 return nfc_se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx);
1371} 1441}
1372 1442
1373static const struct genl_ops nfc_genl_ops[] = { 1443static const struct genl_ops nfc_genl_ops[] = {
@@ -1455,6 +1525,11 @@ static const struct genl_ops nfc_genl_ops[] = {
1455 .doit = nfc_genl_se_io, 1525 .doit = nfc_genl_se_io,
1456 .policy = nfc_genl_policy, 1526 .policy = nfc_genl_policy,
1457 }, 1527 },
1528 {
1529 .cmd = NFC_CMD_ACTIVATE_TARGET,
1530 .doit = nfc_genl_activate_target,
1531 .policy = nfc_genl_policy,
1532 },
1458}; 1533};
1459 1534
1460 1535