aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--drivers/nfc/pn533.c662
-rw-r--r--drivers/nfc/pn544_hci.c10
-rw-r--r--include/linux/nfc.h12
-rw-r--r--include/net/nfc/hci.h3
-rw-r--r--include/net/nfc/nfc.h14
-rw-r--r--include/net/nfc/shdlc.h3
-rw-r--r--net/nfc/core.c119
-rw-r--r--net/nfc/hci/core.c13
-rw-r--r--net/nfc/hci/shdlc.c6
-rw-r--r--net/nfc/llcp/commands.c54
-rw-r--r--net/nfc/llcp/llcp.c421
-rw-r--r--net/nfc/llcp/llcp.h26
-rw-r--r--net/nfc/llcp/sock.c47
-rw-r--r--net/nfc/nci/core.c15
-rw-r--r--net/nfc/netlink.c81
-rw-r--r--net/nfc/nfc.h12
16 files changed, 1106 insertions, 392 deletions
diff --git a/drivers/nfc/pn533.c b/drivers/nfc/pn533.c
index 19110f0eb15f..9ac829e22e73 100644
--- a/drivers/nfc/pn533.c
+++ b/drivers/nfc/pn533.c
@@ -45,6 +45,9 @@ static const struct usb_device_id pn533_table[] = {
45}; 45};
46MODULE_DEVICE_TABLE(usb, pn533_table); 46MODULE_DEVICE_TABLE(usb, pn533_table);
47 47
48/* How much time we spend listening for initiators */
49#define PN533_LISTEN_TIME 2
50
48/* frame definitions */ 51/* frame definitions */
49#define PN533_FRAME_TAIL_SIZE 2 52#define PN533_FRAME_TAIL_SIZE 2
50#define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \ 53#define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
@@ -74,6 +77,10 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
74#define PN533_CMD_IN_RELEASE 0x52 77#define PN533_CMD_IN_RELEASE 0x52
75#define PN533_CMD_IN_JUMP_FOR_DEP 0x56 78#define PN533_CMD_IN_JUMP_FOR_DEP 0x56
76 79
80#define PN533_CMD_TG_INIT_AS_TARGET 0x8c
81#define PN533_CMD_TG_GET_DATA 0x86
82#define PN533_CMD_TG_SET_DATA 0x8e
83
77#define PN533_CMD_RESPONSE(cmd) (cmd + 1) 84#define PN533_CMD_RESPONSE(cmd) (cmd + 1)
78 85
79/* PN533 Return codes */ 86/* PN533 Return codes */
@@ -81,6 +88,9 @@ MODULE_DEVICE_TABLE(usb, pn533_table);
81#define PN533_CMD_MI_MASK 0x40 88#define PN533_CMD_MI_MASK 0x40
82#define PN533_CMD_RET_SUCCESS 0x00 89#define PN533_CMD_RET_SUCCESS 0x00
83 90
91/* PN533 status codes */
92#define PN533_STATUS_TARGET_RELEASED 0x29
93
84struct pn533; 94struct pn533;
85 95
86typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg, 96typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
@@ -97,8 +107,14 @@ struct pn533_fw_version {
97}; 107};
98 108
99/* PN533_CMD_RF_CONFIGURATION */ 109/* PN533_CMD_RF_CONFIGURATION */
110#define PN533_CFGITEM_TIMING 0x02
100#define PN533_CFGITEM_MAX_RETRIES 0x05 111#define PN533_CFGITEM_MAX_RETRIES 0x05
101 112
113#define PN533_CONFIG_TIMING_102 0xb
114#define PN533_CONFIG_TIMING_204 0xc
115#define PN533_CONFIG_TIMING_409 0xd
116#define PN533_CONFIG_TIMING_819 0xe
117
102#define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00 118#define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
103#define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF 119#define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
104 120
@@ -108,6 +124,12 @@ struct pn533_config_max_retries {
108 u8 mx_rty_passive_act; 124 u8 mx_rty_passive_act;
109} __packed; 125} __packed;
110 126
127struct pn533_config_timing {
128 u8 rfu;
129 u8 atr_res_timeout;
130 u8 dep_timeout;
131} __packed;
132
111/* PN533_CMD_IN_LIST_PASSIVE_TARGET */ 133/* PN533_CMD_IN_LIST_PASSIVE_TARGET */
112 134
113/* felica commands opcode */ 135/* felica commands opcode */
@@ -144,6 +166,7 @@ enum {
144 PN533_POLL_MOD_424KBPS_FELICA, 166 PN533_POLL_MOD_424KBPS_FELICA,
145 PN533_POLL_MOD_106KBPS_JEWEL, 167 PN533_POLL_MOD_106KBPS_JEWEL,
146 PN533_POLL_MOD_847KBPS_B, 168 PN533_POLL_MOD_847KBPS_B,
169 PN533_LISTEN_MOD,
147 170
148 __PN533_POLL_MOD_AFTER_LAST, 171 __PN533_POLL_MOD_AFTER_LAST,
149}; 172};
@@ -211,6 +234,9 @@ const struct pn533_poll_modulations poll_mod[] = {
211 }, 234 },
212 .len = 3, 235 .len = 3,
213 }, 236 },
237 [PN533_LISTEN_MOD] = {
238 .len = 0,
239 },
214}; 240};
215 241
216/* PN533_CMD_IN_ATR */ 242/* PN533_CMD_IN_ATR */
@@ -237,7 +263,7 @@ struct pn533_cmd_jump_dep {
237 u8 active; 263 u8 active;
238 u8 baud; 264 u8 baud;
239 u8 next; 265 u8 next;
240 u8 gt[]; 266 u8 data[];
241} __packed; 267} __packed;
242 268
243struct pn533_cmd_jump_dep_response { 269struct pn533_cmd_jump_dep_response {
@@ -253,6 +279,29 @@ struct pn533_cmd_jump_dep_response {
253 u8 gt[]; 279 u8 gt[];
254} __packed; 280} __packed;
255 281
282
283/* PN533_TG_INIT_AS_TARGET */
284#define PN533_INIT_TARGET_PASSIVE 0x1
285#define PN533_INIT_TARGET_DEP 0x2
286
287#define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
288#define PN533_INIT_TARGET_RESP_ACTIVE 0x1
289#define PN533_INIT_TARGET_RESP_DEP 0x4
290
291struct pn533_cmd_init_target {
292 u8 mode;
293 u8 mifare[6];
294 u8 felica[18];
295 u8 nfcid3[10];
296 u8 gb_len;
297 u8 gb[];
298} __packed;
299
300struct pn533_cmd_init_target_response {
301 u8 mode;
302 u8 cmd[];
303} __packed;
304
256struct pn533 { 305struct pn533 {
257 struct usb_device *udev; 306 struct usb_device *udev;
258 struct usb_interface *interface; 307 struct usb_interface *interface;
@@ -270,22 +319,31 @@ struct pn533 {
270 319
271 struct workqueue_struct *wq; 320 struct workqueue_struct *wq;
272 struct work_struct cmd_work; 321 struct work_struct cmd_work;
322 struct work_struct poll_work;
273 struct work_struct mi_work; 323 struct work_struct mi_work;
324 struct work_struct tg_work;
325 struct timer_list listen_timer;
274 struct pn533_frame *wq_in_frame; 326 struct pn533_frame *wq_in_frame;
275 int wq_in_error; 327 int wq_in_error;
328 int cancel_listen;
276 329
277 pn533_cmd_complete_t cmd_complete; 330 pn533_cmd_complete_t cmd_complete;
278 void *cmd_complete_arg; 331 void *cmd_complete_arg;
279 struct semaphore cmd_lock; 332 struct mutex cmd_lock;
280 u8 cmd; 333 u8 cmd;
281 334
282 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1]; 335 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
283 u8 poll_mod_count; 336 u8 poll_mod_count;
284 u8 poll_mod_curr; 337 u8 poll_mod_curr;
285 u32 poll_protocols; 338 u32 poll_protocols;
339 u32 listen_protocols;
340
341 u8 *gb;
342 size_t gb_len;
286 343
287 u8 tgt_available_prots; 344 u8 tgt_available_prots;
288 u8 tgt_active_prot; 345 u8 tgt_active_prot;
346 u8 tgt_mode;
289}; 347};
290 348
291struct pn533_frame { 349struct pn533_frame {
@@ -405,7 +463,7 @@ static void pn533_wq_cmd_complete(struct work_struct *work)
405 PN533_FRAME_CMD_PARAMS_LEN(in_frame)); 463 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
406 464
407 if (rc != -EINPROGRESS) 465 if (rc != -EINPROGRESS)
408 up(&dev->cmd_lock); 466 mutex_unlock(&dev->cmd_lock);
409} 467}
410 468
411static void pn533_recv_response(struct urb *urb) 469static void pn533_recv_response(struct urb *urb)
@@ -583,7 +641,7 @@ static int pn533_send_cmd_frame_async(struct pn533 *dev,
583 641
584 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 642 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
585 643
586 if (down_trylock(&dev->cmd_lock)) 644 if (!mutex_trylock(&dev->cmd_lock))
587 return -EBUSY; 645 return -EBUSY;
588 646
589 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame, 647 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
@@ -593,7 +651,7 @@ static int pn533_send_cmd_frame_async(struct pn533 *dev,
593 651
594 return 0; 652 return 0;
595error: 653error:
596 up(&dev->cmd_lock); 654 mutex_unlock(&dev->cmd_lock);
597 return rc; 655 return rc;
598} 656}
599 657
@@ -963,6 +1021,11 @@ static int pn533_target_found(struct pn533 *dev,
963 return 0; 1021 return 0;
964} 1022}
965 1023
1024static inline void pn533_poll_next_mod(struct pn533 *dev)
1025{
1026 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1027}
1028
966static void pn533_poll_reset_mod_list(struct pn533 *dev) 1029static void pn533_poll_reset_mod_list(struct pn533 *dev)
967{ 1030{
968 dev->poll_mod_count = 0; 1031 dev->poll_mod_count = 0;
@@ -975,102 +1038,283 @@ static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
975 dev->poll_mod_count++; 1038 dev->poll_mod_count++;
976} 1039}
977 1040
978static void pn533_poll_create_mod_list(struct pn533 *dev, u32 protocols) 1041static void pn533_poll_create_mod_list(struct pn533 *dev,
1042 u32 im_protocols, u32 tm_protocols)
979{ 1043{
980 pn533_poll_reset_mod_list(dev); 1044 pn533_poll_reset_mod_list(dev);
981 1045
982 if (protocols & NFC_PROTO_MIFARE_MASK 1046 if (im_protocols & NFC_PROTO_MIFARE_MASK
983 || protocols & NFC_PROTO_ISO14443_MASK 1047 || im_protocols & NFC_PROTO_ISO14443_MASK
984 || protocols & NFC_PROTO_NFC_DEP_MASK) 1048 || im_protocols & NFC_PROTO_NFC_DEP_MASK)
985 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A); 1049 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
986 1050
987 if (protocols & NFC_PROTO_FELICA_MASK 1051 if (im_protocols & NFC_PROTO_FELICA_MASK
988 || protocols & NFC_PROTO_NFC_DEP_MASK) { 1052 || im_protocols & NFC_PROTO_NFC_DEP_MASK) {
989 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA); 1053 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
990 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA); 1054 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
991 } 1055 }
992 1056
993 if (protocols & NFC_PROTO_JEWEL_MASK) 1057 if (im_protocols & NFC_PROTO_JEWEL_MASK)
994 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL); 1058 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
995 1059
996 if (protocols & NFC_PROTO_ISO14443_MASK) 1060 if (im_protocols & NFC_PROTO_ISO14443_MASK)
997 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B); 1061 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1062
1063 if (tm_protocols)
1064 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1065}
1066
1067static int pn533_start_poll_complete(struct pn533 *dev, void *arg,
1068 u8 *params, int params_len)
1069{
1070 struct pn533_poll_response *resp;
1071 int rc;
1072
1073 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1074
1075 resp = (struct pn533_poll_response *) params;
1076 if (resp->nbtg) {
1077 rc = pn533_target_found(dev, resp, params_len);
1078
1079 /* We must stop the poll after a valid target found */
1080 if (rc == 0) {
1081 pn533_poll_reset_mod_list(dev);
1082 return 0;
1083 }
1084 }
1085
1086 return -EAGAIN;
998} 1087}
999 1088
1000static void pn533_start_poll_frame(struct pn533_frame *frame, 1089static int pn533_init_target_frame(struct pn533_frame *frame,
1001 struct pn533_poll_modulations *mod) 1090 u8 *gb, size_t gb_len)
1002{ 1091{
1092 struct pn533_cmd_init_target *cmd;
1093 size_t cmd_len;
1094 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1095 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1096 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1097 0xff, 0xff}; /* System code */
1098 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1099 0x0, 0x0, 0x0,
1100 0x40}; /* SEL_RES for DEP */
1101
1102 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1;
1103 cmd = kzalloc(cmd_len, GFP_KERNEL);
1104 if (cmd == NULL)
1105 return -ENOMEM;
1106
1107 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET);
1108
1109 /* DEP support only */
1110 cmd->mode |= PN533_INIT_TARGET_DEP;
1111
1112 /* Felica params */
1113 memcpy(cmd->felica, felica_params, 18);
1114 get_random_bytes(cmd->felica + 2, 6);
1115
1116 /* NFCID3 */
1117 memset(cmd->nfcid3, 0, 10);
1118 memcpy(cmd->nfcid3, cmd->felica, 8);
1003 1119
1004 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET); 1120 /* MIFARE params */
1121 memcpy(cmd->mifare, mifare_params, 6);
1005 1122
1006 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len); 1123 /* General bytes */
1007 frame->datalen += mod->len; 1124 cmd->gb_len = gb_len;
1125 memcpy(cmd->gb, gb, gb_len);
1126
1127 /* Len Tk */
1128 cmd->gb[gb_len] = 0;
1129
1130 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1131
1132 frame->datalen += cmd_len;
1008 1133
1009 pn533_tx_frame_finish(frame); 1134 pn533_tx_frame_finish(frame);
1135
1136 kfree(cmd);
1137
1138 return 0;
1010} 1139}
1011 1140
1012static int pn533_start_poll_complete(struct pn533 *dev, void *arg, 1141#define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3)
1013 u8 *params, int params_len) 1142#define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1143static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1144 u8 *params, int params_len)
1014{ 1145{
1015 struct pn533_poll_response *resp; 1146 struct sk_buff *skb_resp = arg;
1016 struct pn533_poll_modulations *next_mod; 1147 struct pn533_frame *in_frame = (struct pn533_frame *) skb_resp->data;
1017 int rc;
1018 1148
1019 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1149 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1020 1150
1021 if (params_len == -ENOENT) { 1151 if (params_len < 0) {
1022 nfc_dev_dbg(&dev->interface->dev, "Polling operation has been" 1152 nfc_dev_err(&dev->interface->dev,
1023 " stopped"); 1153 "Error %d when starting as a target",
1024 goto stop_poll; 1154 params_len);
1155
1156 return params_len;
1025 } 1157 }
1026 1158
1159 if (params_len > 0 && params[0] != 0) {
1160 nfc_tm_deactivated(dev->nfc_dev);
1161
1162 dev->tgt_mode = 0;
1163
1164 kfree_skb(skb_resp);
1165 return 0;
1166 }
1167
1168 skb_put(skb_resp, PN533_FRAME_SIZE(in_frame));
1169 skb_pull(skb_resp, PN533_CMD_DATAEXCH_HEAD_LEN);
1170 skb_trim(skb_resp, skb_resp->len - PN533_FRAME_TAIL_SIZE);
1171
1172 return nfc_tm_data_received(dev->nfc_dev, skb_resp);
1173}
1174
1175static void pn533_wq_tg_get_data(struct work_struct *work)
1176{
1177 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1178 struct pn533_frame *in_frame;
1179 struct sk_buff *skb_resp;
1180 size_t skb_resp_len;
1181
1182 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1183
1184 skb_resp_len = PN533_CMD_DATAEXCH_HEAD_LEN +
1185 PN533_CMD_DATAEXCH_DATA_MAXLEN +
1186 PN533_FRAME_TAIL_SIZE;
1187
1188 skb_resp = nfc_alloc_recv_skb(skb_resp_len, GFP_KERNEL);
1189 if (!skb_resp)
1190 return;
1191
1192 in_frame = (struct pn533_frame *)skb_resp->data;
1193
1194 pn533_tx_frame_init(dev->out_frame, PN533_CMD_TG_GET_DATA);
1195 pn533_tx_frame_finish(dev->out_frame);
1196
1197 pn533_send_cmd_frame_async(dev, dev->out_frame, in_frame,
1198 skb_resp_len,
1199 pn533_tm_get_data_complete,
1200 skb_resp, GFP_KERNEL);
1201
1202 return;
1203}
1204
1205#define ATR_REQ_GB_OFFSET 17
1206static int pn533_init_target_complete(struct pn533 *dev, void *arg,
1207 u8 *params, int params_len)
1208{
1209 struct pn533_cmd_init_target_response *resp;
1210 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1211 size_t gb_len;
1212 int rc;
1213
1214 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1215
1027 if (params_len < 0) { 1216 if (params_len < 0) {
1028 nfc_dev_err(&dev->interface->dev, "Error %d when running poll", 1217 nfc_dev_err(&dev->interface->dev,
1029 params_len); 1218 "Error %d when starting as a target",
1030 goto stop_poll; 1219 params_len);
1220
1221 return params_len;
1031 } 1222 }
1032 1223
1033 resp = (struct pn533_poll_response *) params; 1224 if (params_len < ATR_REQ_GB_OFFSET + 1)
1034 if (resp->nbtg) { 1225 return -EINVAL;
1035 rc = pn533_target_found(dev, resp, params_len);
1036 1226
1037 /* We must stop the poll after a valid target found */ 1227 resp = (struct pn533_cmd_init_target_response *) params;
1038 if (rc == 0) 1228
1039 goto stop_poll; 1229 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n",
1230 resp->mode, params_len);
1231
1232 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK;
1233 if (frame == PN533_INIT_TARGET_RESP_ACTIVE)
1234 comm_mode = NFC_COMM_ACTIVE;
1040 1235
1041 if (rc != -EAGAIN) 1236 /* Again, only DEP */
1042 nfc_dev_err(&dev->interface->dev, "The target found is" 1237 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1043 " not valid - continuing to poll"); 1238 return -EOPNOTSUPP;
1239
1240 gb = resp->cmd + ATR_REQ_GB_OFFSET;
1241 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1);
1242
1243 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1244 comm_mode, gb, gb_len);
1245 if (rc < 0) {
1246 nfc_dev_err(&dev->interface->dev,
1247 "Error when signaling target activation");
1248 return rc;
1044 } 1249 }
1045 1250
1046 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count; 1251 dev->tgt_mode = 1;
1047 1252
1048 next_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1253 queue_work(dev->wq, &dev->tg_work);
1049 1254
1050 nfc_dev_dbg(&dev->interface->dev, "Polling next modulation (0x%x)", 1255 return 0;
1051 dev->poll_mod_curr); 1256}
1257
1258static void pn533_listen_mode_timer(unsigned long data)
1259{
1260 struct pn533 *dev = (struct pn533 *) data;
1261
1262 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout");
1263
1264 /* An ack will cancel the last issued command (poll) */
1265 pn533_send_ack(dev, GFP_ATOMIC);
1266
1267 dev->cancel_listen = 1;
1268
1269 mutex_unlock(&dev->cmd_lock);
1270
1271 pn533_poll_next_mod(dev);
1272
1273 queue_work(dev->wq, &dev->poll_work);
1274}
1052 1275
1053 pn533_start_poll_frame(dev->out_frame, next_mod); 1276static int pn533_poll_complete(struct pn533 *dev, void *arg,
1277 u8 *params, int params_len)
1278{
1279 struct pn533_poll_modulations *cur_mod;
1280 int rc;
1054 1281
1055 /* Don't need to down the semaphore again */ 1282 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1056 rc = __pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame, 1283
1057 dev->in_maxlen, pn533_start_poll_complete, 1284 if (params_len == -ENOENT) {
1058 NULL, GFP_ATOMIC); 1285 if (dev->poll_mod_count != 0)
1286 return 0;
1287
1288 nfc_dev_err(&dev->interface->dev,
1289 "Polling operation has been stopped");
1059 1290
1060 if (rc == -EPERM) {
1061 nfc_dev_dbg(&dev->interface->dev, "Cannot poll next modulation"
1062 " because poll has been stopped");
1063 goto stop_poll; 1291 goto stop_poll;
1064 } 1292 }
1065 1293
1066 if (rc) { 1294 if (params_len < 0) {
1067 nfc_dev_err(&dev->interface->dev, "Error %d when trying to poll" 1295 nfc_dev_err(&dev->interface->dev,
1068 " next modulation", rc); 1296 "Error %d when running poll", params_len);
1297
1069 goto stop_poll; 1298 goto stop_poll;
1070 } 1299 }
1071 1300
1072 /* Inform caller function to do not up the semaphore */ 1301 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1073 return -EINPROGRESS; 1302
1303 if (cur_mod->len == 0) {
1304 del_timer(&dev->listen_timer);
1305
1306 return pn533_init_target_complete(dev, arg, params, params_len);
1307 } else {
1308 rc = pn533_start_poll_complete(dev, arg, params, params_len);
1309 if (!rc)
1310 return rc;
1311 }
1312
1313 pn533_poll_next_mod(dev);
1314
1315 queue_work(dev->wq, &dev->poll_work);
1316
1317 return 0;
1074 1318
1075stop_poll: 1319stop_poll:
1076 pn533_poll_reset_mod_list(dev); 1320 pn533_poll_reset_mod_list(dev);
@@ -1078,61 +1322,104 @@ stop_poll:
1078 return 0; 1322 return 0;
1079} 1323}
1080 1324
1081static int pn533_start_poll(struct nfc_dev *nfc_dev, u32 protocols) 1325static void pn533_build_poll_frame(struct pn533 *dev,
1326 struct pn533_frame *frame,
1327 struct pn533_poll_modulations *mod)
1082{ 1328{
1083 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1329 nfc_dev_dbg(&dev->interface->dev, "mod len %d\n", mod->len);
1084 struct pn533_poll_modulations *start_mod;
1085 int rc;
1086 1330
1087 nfc_dev_dbg(&dev->interface->dev, "%s - protocols=0x%x", __func__, 1331 if (mod->len == 0) {
1088 protocols); 1332 /* Listen mode */
1333 pn533_init_target_frame(frame, dev->gb, dev->gb_len);
1334 } else {
1335 /* Polling mode */
1336 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1089 1337
1090 if (dev->poll_mod_count) { 1338 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1091 nfc_dev_err(&dev->interface->dev, "Polling operation already" 1339 frame->datalen += mod->len;
1092 " active");
1093 return -EBUSY;
1094 }
1095 1340
1096 if (dev->tgt_active_prot) { 1341 pn533_tx_frame_finish(frame);
1097 nfc_dev_err(&dev->interface->dev, "Cannot poll with a target"
1098 " already activated");
1099 return -EBUSY;
1100 } 1342 }
1343}
1101 1344
1102 pn533_poll_create_mod_list(dev, protocols); 1345static int pn533_send_poll_frame(struct pn533 *dev)
1346{
1347 struct pn533_poll_modulations *cur_mod;
1348 int rc;
1103 1349
1104 if (!dev->poll_mod_count) { 1350 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1105 nfc_dev_err(&dev->interface->dev, "No valid protocols" 1351
1106 " specified"); 1352 pn533_build_poll_frame(dev, dev->out_frame, cur_mod);
1107 rc = -EINVAL; 1353
1108 goto error; 1354 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1355 dev->in_maxlen, pn533_poll_complete,
1356 NULL, GFP_KERNEL);
1357 if (rc)
1358 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc);
1359
1360 return rc;
1361}
1362
1363static void pn533_wq_poll(struct work_struct *work)
1364{
1365 struct pn533 *dev = container_of(work, struct pn533, poll_work);
1366 struct pn533_poll_modulations *cur_mod;
1367 int rc;
1368
1369 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1370
1371 nfc_dev_dbg(&dev->interface->dev,
1372 "%s cancel_listen %d modulation len %d",
1373 __func__, dev->cancel_listen, cur_mod->len);
1374
1375 if (dev->cancel_listen == 1) {
1376 dev->cancel_listen = 0;
1377 usb_kill_urb(dev->in_urb);
1109 } 1378 }
1110 1379
1111 nfc_dev_dbg(&dev->interface->dev, "It will poll %d modulations types", 1380 rc = pn533_send_poll_frame(dev);
1112 dev->poll_mod_count); 1381 if (rc)
1382 return;
1113 1383
1114 dev->poll_mod_curr = 0; 1384 if (cur_mod->len == 0 && dev->poll_mod_count > 1)
1115 start_mod = dev->poll_mod_active[dev->poll_mod_curr]; 1385 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
1116 1386
1117 pn533_start_poll_frame(dev->out_frame, start_mod); 1387 return;
1388}
1118 1389
1119 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame, 1390static int pn533_start_poll(struct nfc_dev *nfc_dev,
1120 dev->in_maxlen, pn533_start_poll_complete, 1391 u32 im_protocols, u32 tm_protocols)
1121 NULL, GFP_KERNEL); 1392{
1393 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1122 1394
1123 if (rc) { 1395 nfc_dev_dbg(&dev->interface->dev,
1124 nfc_dev_err(&dev->interface->dev, "Error %d when trying to" 1396 "%s: im protocols 0x%x tm protocols 0x%x",
1125 " start poll", rc); 1397 __func__, im_protocols, tm_protocols);
1126 goto error; 1398
1399 if (dev->tgt_active_prot) {
1400 nfc_dev_err(&dev->interface->dev,
1401 "Cannot poll with a target already activated");
1402 return -EBUSY;
1127 } 1403 }
1128 1404
1129 dev->poll_protocols = protocols; 1405 if (dev->tgt_mode) {
1406 nfc_dev_err(&dev->interface->dev,
1407 "Cannot poll while already being activated");
1408 return -EBUSY;
1409 }
1130 1410
1131 return 0; 1411 if (tm_protocols) {
1412 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
1413 if (dev->gb == NULL)
1414 tm_protocols = 0;
1415 }
1132 1416
1133error: 1417 dev->poll_mod_curr = 0;
1134 pn533_poll_reset_mod_list(dev); 1418 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols);
1135 return rc; 1419 dev->poll_protocols = im_protocols;
1420 dev->listen_protocols = tm_protocols;
1421
1422 return pn533_send_poll_frame(dev);
1136} 1423}
1137 1424
1138static void pn533_stop_poll(struct nfc_dev *nfc_dev) 1425static void pn533_stop_poll(struct nfc_dev *nfc_dev)
@@ -1141,6 +1428,8 @@ static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1141 1428
1142 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1429 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1143 1430
1431 del_timer(&dev->listen_timer);
1432
1144 if (!dev->poll_mod_count) { 1433 if (!dev->poll_mod_count) {
1145 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not" 1434 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1146 " running"); 1435 " running");
@@ -1152,6 +1441,8 @@ static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1152 1441
1153 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */ 1442 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1154 usb_kill_urb(dev->in_urb); 1443 usb_kill_urb(dev->in_urb);
1444
1445 pn533_poll_reset_mod_list(dev);
1155} 1446}
1156 1447
1157static int pn533_activate_target_nfcdep(struct pn533 *dev) 1448static int pn533_activate_target_nfcdep(struct pn533 *dev)
@@ -1349,13 +1640,29 @@ static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1349 return 0; 1640 return 0;
1350} 1641}
1351 1642
1643static int pn533_mod_to_baud(struct pn533 *dev)
1644{
1645 switch (dev->poll_mod_curr) {
1646 case PN533_POLL_MOD_106KBPS_A:
1647 return 0;
1648 case PN533_POLL_MOD_212KBPS_FELICA:
1649 return 1;
1650 case PN533_POLL_MOD_424KBPS_FELICA:
1651 return 2;
1652 default:
1653 return -EINVAL;
1654 }
1655}
1656
1657#define PASSIVE_DATA_LEN 5
1352static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target, 1658static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1353 u8 comm_mode, u8* gb, size_t gb_len) 1659 u8 comm_mode, u8* gb, size_t gb_len)
1354{ 1660{
1355 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1661 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1356 struct pn533_cmd_jump_dep *cmd; 1662 struct pn533_cmd_jump_dep *cmd;
1357 u8 cmd_len; 1663 u8 cmd_len, *data_ptr;
1358 int rc; 1664 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1665 int rc, baud;
1359 1666
1360 nfc_dev_dbg(&dev->interface->dev, "%s", __func__); 1667 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1361 1668
@@ -1371,7 +1678,17 @@ static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1371 return -EBUSY; 1678 return -EBUSY;
1372 } 1679 }
1373 1680
1681 baud = pn533_mod_to_baud(dev);
1682 if (baud < 0) {
1683 nfc_dev_err(&dev->interface->dev,
1684 "Invalid curr modulation %d", dev->poll_mod_curr);
1685 return baud;
1686 }
1687
1374 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len; 1688 cmd_len = sizeof(struct pn533_cmd_jump_dep) + gb_len;
1689 if (comm_mode == NFC_COMM_PASSIVE)
1690 cmd_len += PASSIVE_DATA_LEN;
1691
1375 cmd = kzalloc(cmd_len, GFP_KERNEL); 1692 cmd = kzalloc(cmd_len, GFP_KERNEL);
1376 if (cmd == NULL) 1693 if (cmd == NULL)
1377 return -ENOMEM; 1694 return -ENOMEM;
@@ -1379,10 +1696,18 @@ static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1379 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP); 1696 pn533_tx_frame_init(dev->out_frame, PN533_CMD_IN_JUMP_FOR_DEP);
1380 1697
1381 cmd->active = !comm_mode; 1698 cmd->active = !comm_mode;
1382 cmd->baud = 0; 1699 cmd->next = 0;
1700 cmd->baud = baud;
1701 data_ptr = cmd->data;
1702 if (comm_mode == NFC_COMM_PASSIVE && cmd->baud > 0) {
1703 memcpy(data_ptr, passive_data, PASSIVE_DATA_LEN);
1704 cmd->next |= 1;
1705 data_ptr += PASSIVE_DATA_LEN;
1706 }
1707
1383 if (gb != NULL && gb_len > 0) { 1708 if (gb != NULL && gb_len > 0) {
1384 cmd->next = 4; /* We have some Gi */ 1709 cmd->next |= 4; /* We have some Gi */
1385 memcpy(cmd->gt, gb, gb_len); 1710 memcpy(data_ptr, gb, gb_len);
1386 } else { 1711 } else {
1387 cmd->next = 0; 1712 cmd->next = 0;
1388 } 1713 }
@@ -1407,15 +1732,25 @@ out:
1407 1732
1408static int pn533_dep_link_down(struct nfc_dev *nfc_dev) 1733static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
1409{ 1734{
1410 pn533_deactivate_target(nfc_dev, 0); 1735 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1736
1737 pn533_poll_reset_mod_list(dev);
1738
1739 if (dev->tgt_mode || dev->tgt_active_prot) {
1740 pn533_send_ack(dev, GFP_KERNEL);
1741 usb_kill_urb(dev->in_urb);
1742 }
1743
1744 dev->tgt_active_prot = 0;
1745 dev->tgt_mode = 0;
1746
1747 skb_queue_purge(&dev->resp_q);
1411 1748
1412 return 0; 1749 return 0;
1413} 1750}
1414 1751
1415#define PN533_CMD_DATAEXCH_HEAD_LEN (sizeof(struct pn533_frame) + 3) 1752static int pn533_build_tx_frame(struct pn533 *dev, struct sk_buff *skb,
1416#define PN533_CMD_DATAEXCH_DATA_MAXLEN 262 1753 bool target)
1417
1418static int pn533_data_exchange_tx_frame(struct pn533 *dev, struct sk_buff *skb)
1419{ 1754{
1420 int payload_len = skb->len; 1755 int payload_len = skb->len;
1421 struct pn533_frame *out_frame; 1756 struct pn533_frame *out_frame;
@@ -1432,14 +1767,20 @@ static int pn533_data_exchange_tx_frame(struct pn533 *dev, struct sk_buff *skb)
1432 return -ENOSYS; 1767 return -ENOSYS;
1433 } 1768 }
1434 1769
1435 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN); 1770 if (target == true) {
1436 out_frame = (struct pn533_frame *) skb->data; 1771 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN);
1772 out_frame = (struct pn533_frame *) skb->data;
1437 1773
1438 pn533_tx_frame_init(out_frame, PN533_CMD_IN_DATA_EXCHANGE); 1774 pn533_tx_frame_init(out_frame, PN533_CMD_IN_DATA_EXCHANGE);
1775 tg = 1;
1776 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame), &tg, sizeof(u8));
1777 out_frame->datalen += sizeof(u8);
1778 } else {
1779 skb_push(skb, PN533_CMD_DATAEXCH_HEAD_LEN - 1);
1780 out_frame = (struct pn533_frame *) skb->data;
1781 pn533_tx_frame_init(out_frame, PN533_CMD_TG_SET_DATA);
1782 }
1439 1783
1440 tg = 1;
1441 memcpy(PN533_FRAME_CMD_PARAMS_PTR(out_frame), &tg, sizeof(u8));
1442 out_frame->datalen += sizeof(u8);
1443 1784
1444 /* The data is already in the out_frame, just update the datalen */ 1785 /* The data is already in the out_frame, just update the datalen */
1445 out_frame->datalen += payload_len; 1786 out_frame->datalen += payload_len;
@@ -1550,9 +1891,9 @@ error:
1550 return 0; 1891 return 0;
1551} 1892}
1552 1893
1553static int pn533_data_exchange(struct nfc_dev *nfc_dev, 1894static int pn533_transceive(struct nfc_dev *nfc_dev,
1554 struct nfc_target *target, struct sk_buff *skb, 1895 struct nfc_target *target, struct sk_buff *skb,
1555 data_exchange_cb_t cb, void *cb_context) 1896 data_exchange_cb_t cb, void *cb_context)
1556{ 1897{
1557 struct pn533 *dev = nfc_get_drvdata(nfc_dev); 1898 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1558 struct pn533_frame *out_frame, *in_frame; 1899 struct pn533_frame *out_frame, *in_frame;
@@ -1570,7 +1911,7 @@ static int pn533_data_exchange(struct nfc_dev *nfc_dev,
1570 goto error; 1911 goto error;
1571 } 1912 }
1572 1913
1573 rc = pn533_data_exchange_tx_frame(dev, skb); 1914 rc = pn533_build_tx_frame(dev, skb, true);
1574 if (rc) 1915 if (rc)
1575 goto error; 1916 goto error;
1576 1917
@@ -1618,6 +1959,63 @@ error:
1618 return rc; 1959 return rc;
1619} 1960}
1620 1961
1962static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
1963 u8 *params, int params_len)
1964{
1965 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1966
1967 if (params_len < 0) {
1968 nfc_dev_err(&dev->interface->dev,
1969 "Error %d when sending data",
1970 params_len);
1971
1972 return params_len;
1973 }
1974
1975 if (params_len > 0 && params[0] != 0) {
1976 nfc_tm_deactivated(dev->nfc_dev);
1977
1978 dev->tgt_mode = 0;
1979
1980 return 0;
1981 }
1982
1983 queue_work(dev->wq, &dev->tg_work);
1984
1985 return 0;
1986}
1987
1988static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
1989{
1990 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1991 struct pn533_frame *out_frame;
1992 int rc;
1993
1994 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1995
1996 rc = pn533_build_tx_frame(dev, skb, false);
1997 if (rc)
1998 goto error;
1999
2000 out_frame = (struct pn533_frame *) skb->data;
2001
2002 rc = pn533_send_cmd_frame_async(dev, out_frame, dev->in_frame,
2003 dev->in_maxlen, pn533_tm_send_complete,
2004 NULL, GFP_KERNEL);
2005 if (rc) {
2006 nfc_dev_err(&dev->interface->dev,
2007 "Error %d when trying to send data", rc);
2008 goto error;
2009 }
2010
2011 return 0;
2012
2013error:
2014 kfree_skb(skb);
2015
2016 return rc;
2017}
2018
1621static void pn533_wq_mi_recv(struct work_struct *work) 2019static void pn533_wq_mi_recv(struct work_struct *work)
1622{ 2020{
1623 struct pn533 *dev = container_of(work, struct pn533, mi_work); 2021 struct pn533 *dev = container_of(work, struct pn533, mi_work);
@@ -1638,7 +2036,7 @@ static void pn533_wq_mi_recv(struct work_struct *work)
1638 2036
1639 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN); 2037 skb_reserve(skb_cmd, PN533_CMD_DATAEXCH_HEAD_LEN);
1640 2038
1641 rc = pn533_data_exchange_tx_frame(dev, skb_cmd); 2039 rc = pn533_build_tx_frame(dev, skb_cmd, true);
1642 if (rc) 2040 if (rc)
1643 goto error_frame; 2041 goto error_frame;
1644 2042
@@ -1677,7 +2075,7 @@ error_cmd:
1677 2075
1678 kfree(arg); 2076 kfree(arg);
1679 2077
1680 up(&dev->cmd_lock); 2078 mutex_unlock(&dev->cmd_lock);
1681} 2079}
1682 2080
1683static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata, 2081static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
@@ -1712,7 +2110,8 @@ struct nfc_ops pn533_nfc_ops = {
1712 .stop_poll = pn533_stop_poll, 2110 .stop_poll = pn533_stop_poll,
1713 .activate_target = pn533_activate_target, 2111 .activate_target = pn533_activate_target,
1714 .deactivate_target = pn533_deactivate_target, 2112 .deactivate_target = pn533_deactivate_target,
1715 .data_exchange = pn533_data_exchange, 2113 .im_transceive = pn533_transceive,
2114 .tm_send = pn533_tm_send,
1716}; 2115};
1717 2116
1718static int pn533_probe(struct usb_interface *interface, 2117static int pn533_probe(struct usb_interface *interface,
@@ -1723,6 +2122,7 @@ static int pn533_probe(struct usb_interface *interface,
1723 struct usb_host_interface *iface_desc; 2122 struct usb_host_interface *iface_desc;
1724 struct usb_endpoint_descriptor *endpoint; 2123 struct usb_endpoint_descriptor *endpoint;
1725 struct pn533_config_max_retries max_retries; 2124 struct pn533_config_max_retries max_retries;
2125 struct pn533_config_timing timing;
1726 int in_endpoint = 0; 2126 int in_endpoint = 0;
1727 int out_endpoint = 0; 2127 int out_endpoint = 0;
1728 int rc = -ENOMEM; 2128 int rc = -ENOMEM;
@@ -1735,7 +2135,7 @@ static int pn533_probe(struct usb_interface *interface,
1735 2135
1736 dev->udev = usb_get_dev(interface_to_usbdev(interface)); 2136 dev->udev = usb_get_dev(interface_to_usbdev(interface));
1737 dev->interface = interface; 2137 dev->interface = interface;
1738 sema_init(&dev->cmd_lock, 1); 2138 mutex_init(&dev->cmd_lock);
1739 2139
1740 iface_desc = interface->cur_altsetting; 2140 iface_desc = interface->cur_altsetting;
1741 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) { 2141 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
@@ -1779,12 +2179,18 @@ static int pn533_probe(struct usb_interface *interface,
1779 2179
1780 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete); 2180 INIT_WORK(&dev->cmd_work, pn533_wq_cmd_complete);
1781 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv); 2181 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
2182 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
2183 INIT_WORK(&dev->poll_work, pn533_wq_poll);
1782 dev->wq = alloc_workqueue("pn533", 2184 dev->wq = alloc_workqueue("pn533",
1783 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM, 2185 WQ_NON_REENTRANT | WQ_UNBOUND | WQ_MEM_RECLAIM,
1784 1); 2186 1);
1785 if (dev->wq == NULL) 2187 if (dev->wq == NULL)
1786 goto error; 2188 goto error;
1787 2189
2190 init_timer(&dev->listen_timer);
2191 dev->listen_timer.data = (unsigned long) dev;
2192 dev->listen_timer.function = pn533_listen_mode_timer;
2193
1788 skb_queue_head_init(&dev->resp_q); 2194 skb_queue_head_init(&dev->resp_q);
1789 2195
1790 usb_set_intfdata(interface, dev); 2196 usb_set_intfdata(interface, dev);
@@ -1830,13 +2236,29 @@ static int pn533_probe(struct usb_interface *interface,
1830 if (rc) { 2236 if (rc) {
1831 nfc_dev_err(&dev->interface->dev, "Error on setting MAX_RETRIES" 2237 nfc_dev_err(&dev->interface->dev, "Error on setting MAX_RETRIES"
1832 " config"); 2238 " config");
1833 goto free_nfc_dev; 2239 goto unregister_nfc_dev;
2240 }
2241
2242 timing.rfu = PN533_CONFIG_TIMING_102;
2243 timing.atr_res_timeout = PN533_CONFIG_TIMING_204;
2244 timing.dep_timeout = PN533_CONFIG_TIMING_409;
2245
2246 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING,
2247 (u8 *) &timing, sizeof(timing));
2248 if (rc) {
2249 nfc_dev_err(&dev->interface->dev,
2250 "Error on setting RF timings");
2251 goto unregister_nfc_dev;
1834 } 2252 }
1835 2253
1836 return 0; 2254 return 0;
1837 2255
2256unregister_nfc_dev:
2257 nfc_unregister_device(dev->nfc_dev);
2258
1838free_nfc_dev: 2259free_nfc_dev:
1839 nfc_free_device(dev->nfc_dev); 2260 nfc_free_device(dev->nfc_dev);
2261
1840destroy_wq: 2262destroy_wq:
1841 destroy_workqueue(dev->wq); 2263 destroy_workqueue(dev->wq);
1842error: 2264error:
@@ -1865,6 +2287,8 @@ static void pn533_disconnect(struct usb_interface *interface)
1865 2287
1866 skb_queue_purge(&dev->resp_q); 2288 skb_queue_purge(&dev->resp_q);
1867 2289
2290 del_timer(&dev->listen_timer);
2291
1868 kfree(dev->in_frame); 2292 kfree(dev->in_frame);
1869 usb_free_urb(dev->in_urb); 2293 usb_free_urb(dev->in_urb);
1870 kfree(dev->out_frame); 2294 kfree(dev->out_frame);
diff --git a/drivers/nfc/pn544_hci.c b/drivers/nfc/pn544_hci.c
index 281f18c2fb82..457eac35dc74 100644
--- a/drivers/nfc/pn544_hci.c
+++ b/drivers/nfc/pn544_hci.c
@@ -576,7 +576,8 @@ static int pn544_hci_xmit(struct nfc_shdlc *shdlc, struct sk_buff *skb)
576 return pn544_hci_i2c_write(client, skb->data, skb->len); 576 return pn544_hci_i2c_write(client, skb->data, skb->len);
577} 577}
578 578
579static int pn544_hci_start_poll(struct nfc_shdlc *shdlc, u32 protocols) 579static int pn544_hci_start_poll(struct nfc_shdlc *shdlc,
580 u32 im_protocols, u32 tm_protocols)
580{ 581{
581 struct nfc_hci_dev *hdev = nfc_shdlc_get_hci_dev(shdlc); 582 struct nfc_hci_dev *hdev = nfc_shdlc_get_hci_dev(shdlc);
582 u8 phases = 0; 583 u8 phases = 0;
@@ -584,7 +585,8 @@ static int pn544_hci_start_poll(struct nfc_shdlc *shdlc, u32 protocols)
584 u8 duration[2]; 585 u8 duration[2];
585 u8 activated; 586 u8 activated;
586 587
587 pr_info(DRIVER_DESC ": %s protocols = %d\n", __func__, protocols); 588 pr_info(DRIVER_DESC ": %s protocols 0x%x 0x%x\n",
589 __func__, im_protocols, tm_protocols);
588 590
589 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 591 r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
590 NFC_HCI_EVT_END_OPERATION, NULL, 0); 592 NFC_HCI_EVT_END_OPERATION, NULL, 0);
@@ -604,10 +606,10 @@ static int pn544_hci_start_poll(struct nfc_shdlc *shdlc, u32 protocols)
604 if (r < 0) 606 if (r < 0)
605 return r; 607 return r;
606 608
607 if (protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK | 609 if (im_protocols & (NFC_PROTO_ISO14443_MASK | NFC_PROTO_MIFARE_MASK |
608 NFC_PROTO_JEWEL_MASK)) 610 NFC_PROTO_JEWEL_MASK))
609 phases |= 1; /* Type A */ 611 phases |= 1; /* Type A */
610 if (protocols & NFC_PROTO_FELICA_MASK) { 612 if (im_protocols & NFC_PROTO_FELICA_MASK) {
611 phases |= (1 << 2); /* Type F 212 */ 613 phases |= (1 << 2); /* Type F 212 */
612 phases |= (1 << 3); /* Type F 424 */ 614 phases |= (1 << 3); /* Type F 424 */
613 } 615 }
diff --git a/include/linux/nfc.h b/include/linux/nfc.h
index 0ae9b5857c83..f4e6dd915b1c 100644
--- a/include/linux/nfc.h
+++ b/include/linux/nfc.h
@@ -56,6 +56,10 @@
56 * %NFC_ATTR_PROTOCOLS) 56 * %NFC_ATTR_PROTOCOLS)
57 * @NFC_EVENT_DEVICE_REMOVED: event emitted when a device is removed 57 * @NFC_EVENT_DEVICE_REMOVED: event emitted when a device is removed
58 * (it sends %NFC_ATTR_DEVICE_INDEX) 58 * (it sends %NFC_ATTR_DEVICE_INDEX)
59 * @NFC_EVENT_TM_ACTIVATED: event emitted when the adapter is activated in
60 * target mode.
61 * @NFC_EVENT_DEVICE_DEACTIVATED: event emitted when the adapter is deactivated
62 * from target mode.
59 */ 63 */
60enum nfc_commands { 64enum nfc_commands {
61 NFC_CMD_UNSPEC, 65 NFC_CMD_UNSPEC,
@@ -71,6 +75,8 @@ enum nfc_commands {
71 NFC_EVENT_DEVICE_ADDED, 75 NFC_EVENT_DEVICE_ADDED,
72 NFC_EVENT_DEVICE_REMOVED, 76 NFC_EVENT_DEVICE_REMOVED,
73 NFC_EVENT_TARGET_LOST, 77 NFC_EVENT_TARGET_LOST,
78 NFC_EVENT_TM_ACTIVATED,
79 NFC_EVENT_TM_DEACTIVATED,
74/* private: internal use only */ 80/* private: internal use only */
75 __NFC_CMD_AFTER_LAST 81 __NFC_CMD_AFTER_LAST
76}; 82};
@@ -94,6 +100,8 @@ enum nfc_commands {
94 * @NFC_ATTR_TARGET_SENSF_RES: NFC-F targets extra information, max 18 bytes 100 * @NFC_ATTR_TARGET_SENSF_RES: NFC-F targets extra information, max 18 bytes
95 * @NFC_ATTR_COMM_MODE: Passive or active mode 101 * @NFC_ATTR_COMM_MODE: Passive or active mode
96 * @NFC_ATTR_RF_MODE: Initiator or target 102 * @NFC_ATTR_RF_MODE: Initiator or target
103 * @NFC_ATTR_IM_PROTOCOLS: Initiator mode protocols to poll for
104 * @NFC_ATTR_TM_PROTOCOLS: Target mode protocols to listen for
97 */ 105 */
98enum nfc_attrs { 106enum nfc_attrs {
99 NFC_ATTR_UNSPEC, 107 NFC_ATTR_UNSPEC,
@@ -109,6 +117,8 @@ enum nfc_attrs {
109 NFC_ATTR_COMM_MODE, 117 NFC_ATTR_COMM_MODE,
110 NFC_ATTR_RF_MODE, 118 NFC_ATTR_RF_MODE,
111 NFC_ATTR_DEVICE_POWERED, 119 NFC_ATTR_DEVICE_POWERED,
120 NFC_ATTR_IM_PROTOCOLS,
121 NFC_ATTR_TM_PROTOCOLS,
112/* private: internal use only */ 122/* private: internal use only */
113 __NFC_ATTR_AFTER_LAST 123 __NFC_ATTR_AFTER_LAST
114}; 124};
@@ -118,6 +128,7 @@ enum nfc_attrs {
118#define NFC_NFCID1_MAXSIZE 10 128#define NFC_NFCID1_MAXSIZE 10
119#define NFC_SENSB_RES_MAXSIZE 12 129#define NFC_SENSB_RES_MAXSIZE 12
120#define NFC_SENSF_RES_MAXSIZE 18 130#define NFC_SENSF_RES_MAXSIZE 18
131#define NFC_GB_MAXSIZE 48
121 132
122/* NFC protocols */ 133/* NFC protocols */
123#define NFC_PROTO_JEWEL 1 134#define NFC_PROTO_JEWEL 1
@@ -135,6 +146,7 @@ enum nfc_attrs {
135/* NFC RF modes */ 146/* NFC RF modes */
136#define NFC_RF_INITIATOR 0 147#define NFC_RF_INITIATOR 0
137#define NFC_RF_TARGET 1 148#define NFC_RF_TARGET 1
149#define NFC_RF_NONE 2
138 150
139/* NFC protocols masks used in bitsets */ 151/* NFC protocols masks used in bitsets */
140#define NFC_PROTO_JEWEL_MASK (1 << NFC_PROTO_JEWEL) 152#define NFC_PROTO_JEWEL_MASK (1 << NFC_PROTO_JEWEL)
diff --git a/include/net/nfc/hci.h b/include/net/nfc/hci.h
index 4467c9460857..e30e6a869714 100644
--- a/include/net/nfc/hci.h
+++ b/include/net/nfc/hci.h
@@ -31,7 +31,8 @@ struct nfc_hci_ops {
31 void (*close) (struct nfc_hci_dev *hdev); 31 void (*close) (struct nfc_hci_dev *hdev);
32 int (*hci_ready) (struct nfc_hci_dev *hdev); 32 int (*hci_ready) (struct nfc_hci_dev *hdev);
33 int (*xmit) (struct nfc_hci_dev *hdev, struct sk_buff *skb); 33 int (*xmit) (struct nfc_hci_dev *hdev, struct sk_buff *skb);
34 int (*start_poll) (struct nfc_hci_dev *hdev, u32 protocols); 34 int (*start_poll) (struct nfc_hci_dev *hdev,
35 u32 im_protocols, u32 tm_protocols);
35 int (*target_from_gate) (struct nfc_hci_dev *hdev, u8 gate, 36 int (*target_from_gate) (struct nfc_hci_dev *hdev, u8 gate,
36 struct nfc_target *target); 37 struct nfc_target *target);
37 int (*complete_target_discovered) (struct nfc_hci_dev *hdev, u8 gate, 38 int (*complete_target_discovered) (struct nfc_hci_dev *hdev, u8 gate,
diff --git a/include/net/nfc/nfc.h b/include/net/nfc/nfc.h
index b7ca4a2a1d72..180964b954ab 100644
--- a/include/net/nfc/nfc.h
+++ b/include/net/nfc/nfc.h
@@ -53,7 +53,8 @@ struct nfc_target;
53struct nfc_ops { 53struct nfc_ops {
54 int (*dev_up)(struct nfc_dev *dev); 54 int (*dev_up)(struct nfc_dev *dev);
55 int (*dev_down)(struct nfc_dev *dev); 55 int (*dev_down)(struct nfc_dev *dev);
56 int (*start_poll)(struct nfc_dev *dev, u32 protocols); 56 int (*start_poll)(struct nfc_dev *dev,
57 u32 im_protocols, u32 tm_protocols);
57 void (*stop_poll)(struct nfc_dev *dev); 58 void (*stop_poll)(struct nfc_dev *dev);
58 int (*dep_link_up)(struct nfc_dev *dev, struct nfc_target *target, 59 int (*dep_link_up)(struct nfc_dev *dev, struct nfc_target *target,
59 u8 comm_mode, u8 *gb, size_t gb_len); 60 u8 comm_mode, u8 *gb, size_t gb_len);
@@ -62,9 +63,10 @@ struct nfc_ops {
62 u32 protocol); 63 u32 protocol);
63 void (*deactivate_target)(struct nfc_dev *dev, 64 void (*deactivate_target)(struct nfc_dev *dev,
64 struct nfc_target *target); 65 struct nfc_target *target);
65 int (*data_exchange)(struct nfc_dev *dev, struct nfc_target *target, 66 int (*im_transceive)(struct nfc_dev *dev, struct nfc_target *target,
66 struct sk_buff *skb, data_exchange_cb_t cb, 67 struct sk_buff *skb, data_exchange_cb_t cb,
67 void *cb_context); 68 void *cb_context);
69 int (*tm_send)(struct nfc_dev *dev, struct sk_buff *skb);
68 int (*check_presence)(struct nfc_dev *dev, struct nfc_target *target); 70 int (*check_presence)(struct nfc_dev *dev, struct nfc_target *target);
69}; 71};
70 72
@@ -99,10 +101,10 @@ struct nfc_dev {
99 int targets_generation; 101 int targets_generation;
100 struct device dev; 102 struct device dev;
101 bool dev_up; 103 bool dev_up;
104 u8 rf_mode;
102 bool polling; 105 bool polling;
103 struct nfc_target *active_target; 106 struct nfc_target *active_target;
104 bool dep_link_up; 107 bool dep_link_up;
105 u32 dep_rf_mode;
106 struct nfc_genl_data genl_data; 108 struct nfc_genl_data genl_data;
107 u32 supported_protocols; 109 u32 supported_protocols;
108 110
@@ -188,6 +190,7 @@ struct sk_buff *nfc_alloc_recv_skb(unsigned int size, gfp_t gfp);
188 190
189int nfc_set_remote_general_bytes(struct nfc_dev *dev, 191int nfc_set_remote_general_bytes(struct nfc_dev *dev,
190 u8 *gt, u8 gt_len); 192 u8 *gt, u8 gt_len);
193u8 *nfc_get_local_general_bytes(struct nfc_dev *dev, size_t *gb_len);
191 194
192int nfc_targets_found(struct nfc_dev *dev, 195int nfc_targets_found(struct nfc_dev *dev,
193 struct nfc_target *targets, int ntargets); 196 struct nfc_target *targets, int ntargets);
@@ -196,4 +199,9 @@ int nfc_target_lost(struct nfc_dev *dev, u32 target_idx);
196int nfc_dep_link_is_up(struct nfc_dev *dev, u32 target_idx, 199int nfc_dep_link_is_up(struct nfc_dev *dev, u32 target_idx,
197 u8 comm_mode, u8 rf_mode); 200 u8 comm_mode, u8 rf_mode);
198 201
202int nfc_tm_activated(struct nfc_dev *dev, u32 protocol, u8 comm_mode,
203 u8 *gb, size_t gb_len);
204int nfc_tm_deactivated(struct nfc_dev *dev);
205int nfc_tm_data_received(struct nfc_dev *dev, struct sk_buff *skb);
206
199#endif /* __NET_NFC_H */ 207#endif /* __NET_NFC_H */
diff --git a/include/net/nfc/shdlc.h b/include/net/nfc/shdlc.h
index ab06afd462da..35e930d2f638 100644
--- a/include/net/nfc/shdlc.h
+++ b/include/net/nfc/shdlc.h
@@ -27,7 +27,8 @@ struct nfc_shdlc_ops {
27 void (*close) (struct nfc_shdlc *shdlc); 27 void (*close) (struct nfc_shdlc *shdlc);
28 int (*hci_ready) (struct nfc_shdlc *shdlc); 28 int (*hci_ready) (struct nfc_shdlc *shdlc);
29 int (*xmit) (struct nfc_shdlc *shdlc, struct sk_buff *skb); 29 int (*xmit) (struct nfc_shdlc *shdlc, struct sk_buff *skb);
30 int (*start_poll) (struct nfc_shdlc *shdlc, u32 protocols); 30 int (*start_poll) (struct nfc_shdlc *shdlc,
31 u32 im_protocols, u32 tm_protocols);
31 int (*target_from_gate) (struct nfc_shdlc *shdlc, u8 gate, 32 int (*target_from_gate) (struct nfc_shdlc *shdlc, u8 gate,
32 struct nfc_target *target); 33 struct nfc_target *target);
33 int (*complete_target_discovered) (struct nfc_shdlc *shdlc, u8 gate, 34 int (*complete_target_discovered) (struct nfc_shdlc *shdlc, u8 gate,
diff --git a/net/nfc/core.c b/net/nfc/core.c
index 9f6ce011d35d..4177bb5104b9 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -121,14 +121,14 @@ error:
121 * The device remains polling for targets until a target is found or 121 * The device remains polling for targets until a target is found or
122 * the nfc_stop_poll function is called. 122 * the nfc_stop_poll function is called.
123 */ 123 */
124int nfc_start_poll(struct nfc_dev *dev, u32 protocols) 124int nfc_start_poll(struct nfc_dev *dev, u32 im_protocols, u32 tm_protocols)
125{ 125{
126 int rc; 126 int rc;
127 127
128 pr_debug("dev_name=%s protocols=0x%x\n", 128 pr_debug("dev_name %s initiator protocols 0x%x target protocols 0x%x\n",
129 dev_name(&dev->dev), protocols); 129 dev_name(&dev->dev), im_protocols, tm_protocols);
130 130
131 if (!protocols) 131 if (!im_protocols && !tm_protocols)
132 return -EINVAL; 132 return -EINVAL;
133 133
134 device_lock(&dev->dev); 134 device_lock(&dev->dev);
@@ -143,9 +143,11 @@ int nfc_start_poll(struct nfc_dev *dev, u32 protocols)
143 goto error; 143 goto error;
144 } 144 }
145 145
146 rc = dev->ops->start_poll(dev, protocols); 146 rc = dev->ops->start_poll(dev, im_protocols, tm_protocols);
147 if (!rc) 147 if (!rc) {
148 dev->polling = true; 148 dev->polling = true;
149 dev->rf_mode = NFC_RF_NONE;
150 }
149 151
150error: 152error:
151 device_unlock(&dev->dev); 153 device_unlock(&dev->dev);
@@ -235,8 +237,10 @@ int nfc_dep_link_up(struct nfc_dev *dev, int target_index, u8 comm_mode)
235 } 237 }
236 238
237 rc = dev->ops->dep_link_up(dev, target, comm_mode, gb, gb_len); 239 rc = dev->ops->dep_link_up(dev, target, comm_mode, gb, gb_len);
238 if (!rc) 240 if (!rc) {
239 dev->active_target = target; 241 dev->active_target = target;
242 dev->rf_mode = NFC_RF_INITIATOR;
243 }
240 244
241error: 245error:
242 device_unlock(&dev->dev); 246 device_unlock(&dev->dev);
@@ -264,11 +268,6 @@ int nfc_dep_link_down(struct nfc_dev *dev)
264 goto error; 268 goto error;
265 } 269 }
266 270
267 if (dev->dep_rf_mode == NFC_RF_TARGET) {
268 rc = -EOPNOTSUPP;
269 goto error;
270 }
271
272 rc = dev->ops->dep_link_down(dev); 271 rc = dev->ops->dep_link_down(dev);
273 if (!rc) { 272 if (!rc) {
274 dev->dep_link_up = false; 273 dev->dep_link_up = false;
@@ -286,7 +285,6 @@ int nfc_dep_link_is_up(struct nfc_dev *dev, u32 target_idx,
286 u8 comm_mode, u8 rf_mode) 285 u8 comm_mode, u8 rf_mode)
287{ 286{
288 dev->dep_link_up = true; 287 dev->dep_link_up = true;
289 dev->dep_rf_mode = rf_mode;
290 288
291 nfc_llcp_mac_is_up(dev, target_idx, comm_mode, rf_mode); 289 nfc_llcp_mac_is_up(dev, target_idx, comm_mode, rf_mode);
292 290
@@ -330,6 +328,7 @@ int nfc_activate_target(struct nfc_dev *dev, u32 target_idx, u32 protocol)
330 rc = dev->ops->activate_target(dev, target, protocol); 328 rc = dev->ops->activate_target(dev, target, protocol);
331 if (!rc) { 329 if (!rc) {
332 dev->active_target = target; 330 dev->active_target = target;
331 dev->rf_mode = NFC_RF_INITIATOR;
333 332
334 if (dev->ops->check_presence) 333 if (dev->ops->check_presence)
335 mod_timer(&dev->check_pres_timer, jiffies + 334 mod_timer(&dev->check_pres_timer, jiffies +
@@ -409,27 +408,30 @@ int nfc_data_exchange(struct nfc_dev *dev, u32 target_idx, struct sk_buff *skb,
409 goto error; 408 goto error;
410 } 409 }
411 410
412 if (dev->active_target == NULL) { 411 if (dev->rf_mode == NFC_RF_INITIATOR && dev->active_target != NULL) {
413 rc = -ENOTCONN; 412 if (dev->active_target->idx != target_idx) {
414 kfree_skb(skb); 413 rc = -EADDRNOTAVAIL;
415 goto error; 414 kfree_skb(skb);
416 } 415 goto error;
416 }
417 417
418 if (dev->active_target->idx != target_idx) { 418 if (dev->ops->check_presence)
419 rc = -EADDRNOTAVAIL; 419 del_timer_sync(&dev->check_pres_timer);
420
421 rc = dev->ops->im_transceive(dev, dev->active_target, skb, cb,
422 cb_context);
423
424 if (!rc && dev->ops->check_presence)
425 mod_timer(&dev->check_pres_timer, jiffies +
426 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
427 } else if (dev->rf_mode == NFC_RF_TARGET && dev->ops->tm_send != NULL) {
428 rc = dev->ops->tm_send(dev, skb);
429 } else {
430 rc = -ENOTCONN;
420 kfree_skb(skb); 431 kfree_skb(skb);
421 goto error; 432 goto error;
422 } 433 }
423 434
424 if (dev->ops->check_presence)
425 del_timer_sync(&dev->check_pres_timer);
426
427 rc = dev->ops->data_exchange(dev, dev->active_target, skb, cb,
428 cb_context);
429
430 if (!rc && dev->ops->check_presence)
431 mod_timer(&dev->check_pres_timer, jiffies +
432 msecs_to_jiffies(NFC_CHECK_PRES_FREQ_MS));
433 435
434error: 436error:
435 device_unlock(&dev->dev); 437 device_unlock(&dev->dev);
@@ -447,6 +449,63 @@ int nfc_set_remote_general_bytes(struct nfc_dev *dev, u8 *gb, u8 gb_len)
447} 449}
448EXPORT_SYMBOL(nfc_set_remote_general_bytes); 450EXPORT_SYMBOL(nfc_set_remote_general_bytes);
449 451
452u8 *nfc_get_local_general_bytes(struct nfc_dev *dev, size_t *gb_len)
453{
454 pr_debug("dev_name=%s\n", dev_name(&dev->dev));
455
456 return nfc_llcp_general_bytes(dev, gb_len);
457}
458EXPORT_SYMBOL(nfc_get_local_general_bytes);
459
460int nfc_tm_data_received(struct nfc_dev *dev, struct sk_buff *skb)
461{
462 /* Only LLCP target mode for now */
463 if (dev->dep_link_up == false) {
464 kfree_skb(skb);
465 return -ENOLINK;
466 }
467
468 return nfc_llcp_data_received(dev, skb);
469}
470EXPORT_SYMBOL(nfc_tm_data_received);
471
472int nfc_tm_activated(struct nfc_dev *dev, u32 protocol, u8 comm_mode,
473 u8 *gb, size_t gb_len)
474{
475 int rc;
476
477 device_lock(&dev->dev);
478
479 dev->polling = false;
480
481 if (gb != NULL) {
482 rc = nfc_set_remote_general_bytes(dev, gb, gb_len);
483 if (rc < 0)
484 goto out;
485 }
486
487 dev->rf_mode = NFC_RF_TARGET;
488
489 if (protocol == NFC_PROTO_NFC_DEP_MASK)
490 nfc_dep_link_is_up(dev, 0, comm_mode, NFC_RF_TARGET);
491
492 rc = nfc_genl_tm_activated(dev, protocol);
493
494out:
495 device_unlock(&dev->dev);
496
497 return rc;
498}
499EXPORT_SYMBOL(nfc_tm_activated);
500
501int nfc_tm_deactivated(struct nfc_dev *dev)
502{
503 dev->dep_link_up = false;
504
505 return nfc_genl_tm_deactivated(dev);
506}
507EXPORT_SYMBOL(nfc_tm_deactivated);
508
450/** 509/**
451 * nfc_alloc_send_skb - allocate a skb for data exchange responses 510 * nfc_alloc_send_skb - allocate a skb for data exchange responses
452 * 511 *
@@ -678,7 +737,7 @@ struct nfc_dev *nfc_allocate_device(struct nfc_ops *ops,
678 struct nfc_dev *dev; 737 struct nfc_dev *dev;
679 738
680 if (!ops->start_poll || !ops->stop_poll || !ops->activate_target || 739 if (!ops->start_poll || !ops->stop_poll || !ops->activate_target ||
681 !ops->deactivate_target || !ops->data_exchange) 740 !ops->deactivate_target || !ops->im_transceive)
682 return NULL; 741 return NULL;
683 742
684 if (!supported_protocols) 743 if (!supported_protocols)
diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c
index e1a640d2b588..a8b0b71e8f86 100644
--- a/net/nfc/hci/core.c
+++ b/net/nfc/hci/core.c
@@ -481,12 +481,13 @@ static int hci_dev_down(struct nfc_dev *nfc_dev)
481 return 0; 481 return 0;
482} 482}
483 483
484static int hci_start_poll(struct nfc_dev *nfc_dev, u32 protocols) 484static int hci_start_poll(struct nfc_dev *nfc_dev,
485 u32 im_protocols, u32 tm_protocols)
485{ 486{
486 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 487 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
487 488
488 if (hdev->ops->start_poll) 489 if (hdev->ops->start_poll)
489 return hdev->ops->start_poll(hdev, protocols); 490 return hdev->ops->start_poll(hdev, im_protocols, tm_protocols);
490 else 491 else
491 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE, 492 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
492 NFC_HCI_EVT_READER_REQUESTED, NULL, 0); 493 NFC_HCI_EVT_READER_REQUESTED, NULL, 0);
@@ -511,9 +512,9 @@ static void hci_deactivate_target(struct nfc_dev *nfc_dev,
511{ 512{
512} 513}
513 514
514static int hci_data_exchange(struct nfc_dev *nfc_dev, struct nfc_target *target, 515static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
515 struct sk_buff *skb, data_exchange_cb_t cb, 516 struct sk_buff *skb, data_exchange_cb_t cb,
516 void *cb_context) 517 void *cb_context)
517{ 518{
518 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 519 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
519 int r; 520 int r;
@@ -579,7 +580,7 @@ static struct nfc_ops hci_nfc_ops = {
579 .stop_poll = hci_stop_poll, 580 .stop_poll = hci_stop_poll,
580 .activate_target = hci_activate_target, 581 .activate_target = hci_activate_target,
581 .deactivate_target = hci_deactivate_target, 582 .deactivate_target = hci_deactivate_target,
582 .data_exchange = hci_data_exchange, 583 .im_transceive = hci_transceive,
583 .check_presence = hci_check_presence, 584 .check_presence = hci_check_presence,
584}; 585};
585 586
diff --git a/net/nfc/hci/shdlc.c b/net/nfc/hci/shdlc.c
index 5665dc6d893a..6b836e6242b7 100644
--- a/net/nfc/hci/shdlc.c
+++ b/net/nfc/hci/shdlc.c
@@ -765,14 +765,16 @@ static int nfc_shdlc_xmit(struct nfc_hci_dev *hdev, struct sk_buff *skb)
765 return 0; 765 return 0;
766} 766}
767 767
768static int nfc_shdlc_start_poll(struct nfc_hci_dev *hdev, u32 protocols) 768static int nfc_shdlc_start_poll(struct nfc_hci_dev *hdev,
769 u32 im_protocols, u32 tm_protocols)
769{ 770{
770 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev); 771 struct nfc_shdlc *shdlc = nfc_hci_get_clientdata(hdev);
771 772
772 pr_debug("\n"); 773 pr_debug("\n");
773 774
774 if (shdlc->ops->start_poll) 775 if (shdlc->ops->start_poll)
775 return shdlc->ops->start_poll(shdlc, protocols); 776 return shdlc->ops->start_poll(shdlc,
777 im_protocols, tm_protocols);
776 778
777 return 0; 779 return 0;
778} 780}
diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c
index bf8ae4f0b90c..b982b5b890d7 100644
--- a/net/nfc/llcp/commands.c
+++ b/net/nfc/llcp/commands.c
@@ -51,7 +51,7 @@ static u8 llcp_tlv8(u8 *tlv, u8 type)
51 return tlv[2]; 51 return tlv[2];
52} 52}
53 53
54static u8 llcp_tlv16(u8 *tlv, u8 type) 54static u16 llcp_tlv16(u8 *tlv, u8 type)
55{ 55{
56 if (tlv[0] != type || tlv[1] != llcp_tlv_length[tlv[0]]) 56 if (tlv[0] != type || tlv[1] != llcp_tlv_length[tlv[0]])
57 return 0; 57 return 0;
@@ -67,7 +67,7 @@ static u8 llcp_tlv_version(u8 *tlv)
67 67
68static u16 llcp_tlv_miux(u8 *tlv) 68static u16 llcp_tlv_miux(u8 *tlv)
69{ 69{
70 return llcp_tlv16(tlv, LLCP_TLV_MIUX) & 0x7f; 70 return llcp_tlv16(tlv, LLCP_TLV_MIUX) & 0x7ff;
71} 71}
72 72
73static u16 llcp_tlv_wks(u8 *tlv) 73static u16 llcp_tlv_wks(u8 *tlv)
@@ -117,8 +117,8 @@ u8 *nfc_llcp_build_tlv(u8 type, u8 *value, u8 value_length, u8 *tlv_length)
117 return tlv; 117 return tlv;
118} 118}
119 119
120int nfc_llcp_parse_tlv(struct nfc_llcp_local *local, 120int nfc_llcp_parse_gb_tlv(struct nfc_llcp_local *local,
121 u8 *tlv_array, u16 tlv_array_len) 121 u8 *tlv_array, u16 tlv_array_len)
122{ 122{
123 u8 *tlv = tlv_array, type, length, offset = 0; 123 u8 *tlv = tlv_array, type, length, offset = 0;
124 124
@@ -149,8 +149,45 @@ int nfc_llcp_parse_tlv(struct nfc_llcp_local *local,
149 case LLCP_TLV_OPT: 149 case LLCP_TLV_OPT:
150 local->remote_opt = llcp_tlv_opt(tlv); 150 local->remote_opt = llcp_tlv_opt(tlv);
151 break; 151 break;
152 default:
153 pr_err("Invalid gt tlv value 0x%x\n", type);
154 break;
155 }
156
157 offset += length + 2;
158 tlv += length + 2;
159 }
160
161 pr_debug("version 0x%x miu %d lto %d opt 0x%x wks 0x%x\n",
162 local->remote_version, local->remote_miu,
163 local->remote_lto, local->remote_opt,
164 local->remote_wks);
165
166 return 0;
167}
168
169int nfc_llcp_parse_connection_tlv(struct nfc_llcp_sock *sock,
170 u8 *tlv_array, u16 tlv_array_len)
171{
172 u8 *tlv = tlv_array, type, length, offset = 0;
173
174 pr_debug("TLV array length %d\n", tlv_array_len);
175
176 if (sock == NULL)
177 return -ENOTCONN;
178
179 while (offset < tlv_array_len) {
180 type = tlv[0];
181 length = tlv[1];
182
183 pr_debug("type 0x%x length %d\n", type, length);
184
185 switch (type) {
186 case LLCP_TLV_MIUX:
187 sock->miu = llcp_tlv_miux(tlv) + 128;
188 break;
152 case LLCP_TLV_RW: 189 case LLCP_TLV_RW:
153 local->remote_rw = llcp_tlv_rw(tlv); 190 sock->rw = llcp_tlv_rw(tlv);
154 break; 191 break;
155 case LLCP_TLV_SN: 192 case LLCP_TLV_SN:
156 break; 193 break;
@@ -163,10 +200,7 @@ int nfc_llcp_parse_tlv(struct nfc_llcp_local *local,
163 tlv += length + 2; 200 tlv += length + 2;
164 } 201 }
165 202
166 pr_debug("version 0x%x miu %d lto %d opt 0x%x wks 0x%x rw %d\n", 203 pr_debug("sock %p rw %d miu %d\n", sock, sock->rw, sock->miu);
167 local->remote_version, local->remote_miu,
168 local->remote_lto, local->remote_opt,
169 local->remote_wks, local->remote_rw);
170 204
171 return 0; 205 return 0;
172} 206}
@@ -474,7 +508,7 @@ int nfc_llcp_send_i_frame(struct nfc_llcp_sock *sock,
474 508
475 while (remaining_len > 0) { 509 while (remaining_len > 0) {
476 510
477 frag_len = min_t(size_t, local->remote_miu, remaining_len); 511 frag_len = min_t(size_t, sock->miu, remaining_len);
478 512
479 pr_debug("Fragment %zd bytes remaining %zd", 513 pr_debug("Fragment %zd bytes remaining %zd",
480 frag_len, remaining_len); 514 frag_len, remaining_len);
diff --git a/net/nfc/llcp/llcp.c b/net/nfc/llcp/llcp.c
index 42994fac26d6..5d503eeb15a1 100644
--- a/net/nfc/llcp/llcp.c
+++ b/net/nfc/llcp/llcp.c
@@ -31,47 +31,41 @@ static u8 llcp_magic[3] = {0x46, 0x66, 0x6d};
31 31
32static struct list_head llcp_devices; 32static struct list_head llcp_devices;
33 33
34static void nfc_llcp_socket_release(struct nfc_llcp_local *local) 34void nfc_llcp_sock_link(struct llcp_sock_list *l, struct sock *sk)
35{ 35{
36 struct nfc_llcp_sock *parent, *s, *n; 36 write_lock(&l->lock);
37 struct sock *sk, *parent_sk; 37 sk_add_node(sk, &l->head);
38 int i; 38 write_unlock(&l->lock);
39 39}
40 mutex_lock(&local->socket_lock);
41
42 for (i = 0; i < LLCP_MAX_SAP; i++) {
43 parent = local->sockets[i];
44 if (parent == NULL)
45 continue;
46
47 /* Release all child sockets */
48 list_for_each_entry_safe(s, n, &parent->list, list) {
49 list_del_init(&s->list);
50 sk = &s->sk;
51
52 lock_sock(sk);
53
54 if (sk->sk_state == LLCP_CONNECTED)
55 nfc_put_device(s->dev);
56 40
57 sk->sk_state = LLCP_CLOSED; 41void nfc_llcp_sock_unlink(struct llcp_sock_list *l, struct sock *sk)
42{
43 write_lock(&l->lock);
44 sk_del_node_init(sk);
45 write_unlock(&l->lock);
46}
58 47
59 release_sock(sk); 48static void nfc_llcp_socket_release(struct nfc_llcp_local *local)
49{
50 struct sock *sk;
51 struct hlist_node *node, *tmp;
52 struct nfc_llcp_sock *llcp_sock;
60 53
61 sock_orphan(sk); 54 write_lock(&local->sockets.lock);
62 55
63 s->local = NULL; 56 sk_for_each_safe(sk, node, tmp, &local->sockets.head) {
64 } 57 llcp_sock = nfc_llcp_sock(sk);
65 58
66 parent_sk = &parent->sk; 59 lock_sock(sk);
67 60
68 lock_sock(parent_sk); 61 if (sk->sk_state == LLCP_CONNECTED)
62 nfc_put_device(llcp_sock->dev);
69 63
70 if (parent_sk->sk_state == LLCP_LISTEN) { 64 if (sk->sk_state == LLCP_LISTEN) {
71 struct nfc_llcp_sock *lsk, *n; 65 struct nfc_llcp_sock *lsk, *n;
72 struct sock *accept_sk; 66 struct sock *accept_sk;
73 67
74 list_for_each_entry_safe(lsk, n, &parent->accept_queue, 68 list_for_each_entry_safe(lsk, n, &llcp_sock->accept_queue,
75 accept_queue) { 69 accept_queue) {
76 accept_sk = &lsk->sk; 70 accept_sk = &lsk->sk;
77 lock_sock(accept_sk); 71 lock_sock(accept_sk);
@@ -83,24 +77,53 @@ static void nfc_llcp_socket_release(struct nfc_llcp_local *local)
83 release_sock(accept_sk); 77 release_sock(accept_sk);
84 78
85 sock_orphan(accept_sk); 79 sock_orphan(accept_sk);
86
87 lsk->local = NULL;
88 } 80 }
89 } 81 }
90 82
91 if (parent_sk->sk_state == LLCP_CONNECTED) 83 sk->sk_state = LLCP_CLOSED;
92 nfc_put_device(parent->dev);
93
94 parent_sk->sk_state = LLCP_CLOSED;
95 84
96 release_sock(parent_sk); 85 release_sock(sk);
97 86
98 sock_orphan(parent_sk); 87 sock_orphan(sk);
99 88
100 parent->local = NULL; 89 sk_del_node_init(sk);
101 } 90 }
102 91
103 mutex_unlock(&local->socket_lock); 92 write_unlock(&local->sockets.lock);
93}
94
95struct nfc_llcp_local *nfc_llcp_local_get(struct nfc_llcp_local *local)
96{
97 kref_get(&local->ref);
98
99 return local;
100}
101
102static void local_release(struct kref *ref)
103{
104 struct nfc_llcp_local *local;
105
106 local = container_of(ref, struct nfc_llcp_local, ref);
107
108 list_del(&local->list);
109 nfc_llcp_socket_release(local);
110 del_timer_sync(&local->link_timer);
111 skb_queue_purge(&local->tx_queue);
112 destroy_workqueue(local->tx_wq);
113 destroy_workqueue(local->rx_wq);
114 destroy_workqueue(local->timeout_wq);
115 kfree_skb(local->rx_pending);
116 kfree(local);
117}
118
119int nfc_llcp_local_put(struct nfc_llcp_local *local)
120{
121 WARN_ON(local == NULL);
122
123 if (local == NULL)
124 return 0;
125
126 return kref_put(&local->ref, local_release);
104} 127}
105 128
106static void nfc_llcp_clear_sdp(struct nfc_llcp_local *local) 129static void nfc_llcp_clear_sdp(struct nfc_llcp_local *local)
@@ -384,31 +407,9 @@ int nfc_llcp_set_remote_gb(struct nfc_dev *dev, u8 *gb, u8 gb_len)
384 return -EINVAL; 407 return -EINVAL;
385 } 408 }
386 409
387 return nfc_llcp_parse_tlv(local, 410 return nfc_llcp_parse_gb_tlv(local,
388 &local->remote_gb[3], 411 &local->remote_gb[3],
389 local->remote_gb_len - 3); 412 local->remote_gb_len - 3);
390}
391
392static void nfc_llcp_tx_work(struct work_struct *work)
393{
394 struct nfc_llcp_local *local = container_of(work, struct nfc_llcp_local,
395 tx_work);
396 struct sk_buff *skb;
397
398 skb = skb_dequeue(&local->tx_queue);
399 if (skb != NULL) {
400 pr_debug("Sending pending skb\n");
401 print_hex_dump(KERN_DEBUG, "LLCP Tx: ", DUMP_PREFIX_OFFSET,
402 16, 1, skb->data, skb->len, true);
403
404 nfc_data_exchange(local->dev, local->target_idx,
405 skb, nfc_llcp_recv, local);
406 } else {
407 nfc_llcp_send_symm(local->dev);
408 }
409
410 mod_timer(&local->link_timer,
411 jiffies + msecs_to_jiffies(local->remote_lto));
412} 413}
413 414
414static u8 nfc_llcp_dsap(struct sk_buff *pdu) 415static u8 nfc_llcp_dsap(struct sk_buff *pdu)
@@ -443,46 +444,146 @@ static void nfc_llcp_set_nrns(struct nfc_llcp_sock *sock, struct sk_buff *pdu)
443 sock->recv_ack_n = (sock->recv_n - 1) % 16; 444 sock->recv_ack_n = (sock->recv_n - 1) % 16;
444} 445}
445 446
447static void nfc_llcp_tx_work(struct work_struct *work)
448{
449 struct nfc_llcp_local *local = container_of(work, struct nfc_llcp_local,
450 tx_work);
451 struct sk_buff *skb;
452 struct sock *sk;
453 struct nfc_llcp_sock *llcp_sock;
454
455 skb = skb_dequeue(&local->tx_queue);
456 if (skb != NULL) {
457 sk = skb->sk;
458 llcp_sock = nfc_llcp_sock(sk);
459 if (llcp_sock != NULL) {
460 int ret;
461
462 pr_debug("Sending pending skb\n");
463 print_hex_dump(KERN_DEBUG, "LLCP Tx: ",
464 DUMP_PREFIX_OFFSET, 16, 1,
465 skb->data, skb->len, true);
466
467 ret = nfc_data_exchange(local->dev, local->target_idx,
468 skb, nfc_llcp_recv, local);
469
470 if (!ret && nfc_llcp_ptype(skb) == LLCP_PDU_I) {
471 skb = skb_get(skb);
472 skb_queue_tail(&llcp_sock->tx_pending_queue,
473 skb);
474 }
475 } else {
476 nfc_llcp_send_symm(local->dev);
477 }
478 } else {
479 nfc_llcp_send_symm(local->dev);
480 }
481
482 mod_timer(&local->link_timer,
483 jiffies + msecs_to_jiffies(2 * local->remote_lto));
484}
485
486static struct nfc_llcp_sock *nfc_llcp_connecting_sock_get(struct nfc_llcp_local *local,
487 u8 ssap)
488{
489 struct sock *sk;
490 struct nfc_llcp_sock *llcp_sock;
491 struct hlist_node *node;
492
493 read_lock(&local->connecting_sockets.lock);
494
495 sk_for_each(sk, node, &local->connecting_sockets.head) {
496 llcp_sock = nfc_llcp_sock(sk);
497
498 if (llcp_sock->ssap == ssap) {
499 sock_hold(&llcp_sock->sk);
500 goto out;
501 }
502 }
503
504 llcp_sock = NULL;
505
506out:
507 read_unlock(&local->connecting_sockets.lock);
508
509 return llcp_sock;
510}
511
446static struct nfc_llcp_sock *nfc_llcp_sock_get(struct nfc_llcp_local *local, 512static struct nfc_llcp_sock *nfc_llcp_sock_get(struct nfc_llcp_local *local,
447 u8 ssap, u8 dsap) 513 u8 ssap, u8 dsap)
448{ 514{
449 struct nfc_llcp_sock *sock, *llcp_sock, *n; 515 struct sock *sk;
516 struct hlist_node *node;
517 struct nfc_llcp_sock *llcp_sock;
450 518
451 pr_debug("ssap dsap %d %d\n", ssap, dsap); 519 pr_debug("ssap dsap %d %d\n", ssap, dsap);
452 520
453 if (ssap == 0 && dsap == 0) 521 if (ssap == 0 && dsap == 0)
454 return NULL; 522 return NULL;
455 523
456 mutex_lock(&local->socket_lock); 524 read_lock(&local->sockets.lock);
457 sock = local->sockets[ssap];
458 if (sock == NULL) {
459 mutex_unlock(&local->socket_lock);
460 return NULL;
461 }
462 525
463 pr_debug("root dsap %d (%d)\n", sock->dsap, dsap); 526 llcp_sock = NULL;
464 527
465 if (sock->dsap == dsap) { 528 sk_for_each(sk, node, &local->sockets.head) {
466 sock_hold(&sock->sk); 529 llcp_sock = nfc_llcp_sock(sk);
467 mutex_unlock(&local->socket_lock); 530
468 return sock; 531 if (llcp_sock->ssap == ssap &&
532 llcp_sock->dsap == dsap)
533 break;
469 } 534 }
470 535
471 list_for_each_entry_safe(llcp_sock, n, &sock->list, list) { 536 read_unlock(&local->sockets.lock);
472 pr_debug("llcp_sock %p sk %p dsap %d\n", llcp_sock, 537
473 &llcp_sock->sk, llcp_sock->dsap); 538 if (llcp_sock == NULL)
474 if (llcp_sock->dsap == dsap) { 539 return NULL;
475 sock_hold(&llcp_sock->sk); 540
476 mutex_unlock(&local->socket_lock); 541 sock_hold(&llcp_sock->sk);
477 return llcp_sock; 542
478 } 543 return llcp_sock;
544}
545
546static struct nfc_llcp_sock *nfc_llcp_sock_get_sn(struct nfc_llcp_local *local,
547 u8 *sn, size_t sn_len)
548{
549 struct sock *sk;
550 struct hlist_node *node;
551 struct nfc_llcp_sock *llcp_sock;
552
553 pr_debug("sn %zd\n", sn_len);
554
555 if (sn == NULL || sn_len == 0)
556 return NULL;
557
558 read_lock(&local->sockets.lock);
559
560 llcp_sock = NULL;
561
562 sk_for_each(sk, node, &local->sockets.head) {
563 llcp_sock = nfc_llcp_sock(sk);
564
565 if (llcp_sock->sk.sk_state != LLCP_LISTEN)
566 continue;
567
568 if (llcp_sock->service_name == NULL ||
569 llcp_sock->service_name_len == 0)
570 continue;
571
572 if (llcp_sock->service_name_len != sn_len)
573 continue;
574
575 if (memcmp(sn, llcp_sock->service_name, sn_len) == 0)
576 break;
479 } 577 }
480 578
481 pr_err("Could not find socket for %d %d\n", ssap, dsap); 579 read_unlock(&local->sockets.lock);
482 580
483 mutex_unlock(&local->socket_lock); 581 if (llcp_sock == NULL)
582 return NULL;
484 583
485 return NULL; 584 sock_hold(&llcp_sock->sk);
585
586 return llcp_sock;
486} 587}
487 588
488static void nfc_llcp_sock_put(struct nfc_llcp_sock *sock) 589static void nfc_llcp_sock_put(struct nfc_llcp_sock *sock)
@@ -518,35 +619,19 @@ static void nfc_llcp_recv_connect(struct nfc_llcp_local *local,
518{ 619{
519 struct sock *new_sk, *parent; 620 struct sock *new_sk, *parent;
520 struct nfc_llcp_sock *sock, *new_sock; 621 struct nfc_llcp_sock *sock, *new_sock;
521 u8 dsap, ssap, bound_sap, reason; 622 u8 dsap, ssap, reason;
522 623
523 dsap = nfc_llcp_dsap(skb); 624 dsap = nfc_llcp_dsap(skb);
524 ssap = nfc_llcp_ssap(skb); 625 ssap = nfc_llcp_ssap(skb);
525 626
526 pr_debug("%d %d\n", dsap, ssap); 627 pr_debug("%d %d\n", dsap, ssap);
527 628
528 nfc_llcp_parse_tlv(local, &skb->data[LLCP_HEADER_SIZE],
529 skb->len - LLCP_HEADER_SIZE);
530
531 if (dsap != LLCP_SAP_SDP) { 629 if (dsap != LLCP_SAP_SDP) {
532 bound_sap = dsap; 630 sock = nfc_llcp_sock_get(local, dsap, LLCP_SAP_SDP);
533 631 if (sock == NULL || sock->sk.sk_state != LLCP_LISTEN) {
534 mutex_lock(&local->socket_lock);
535 sock = local->sockets[dsap];
536 if (sock == NULL) {
537 mutex_unlock(&local->socket_lock);
538 reason = LLCP_DM_NOBOUND; 632 reason = LLCP_DM_NOBOUND;
539 goto fail; 633 goto fail;
540 } 634 }
541
542 sock_hold(&sock->sk);
543 mutex_unlock(&local->socket_lock);
544
545 lock_sock(&sock->sk);
546
547 if (sock->dsap == LLCP_SAP_SDP &&
548 sock->sk.sk_state == LLCP_LISTEN)
549 goto enqueue;
550 } else { 635 } else {
551 u8 *sn; 636 u8 *sn;
552 size_t sn_len; 637 size_t sn_len;
@@ -559,40 +644,15 @@ static void nfc_llcp_recv_connect(struct nfc_llcp_local *local,
559 644
560 pr_debug("Service name length %zu\n", sn_len); 645 pr_debug("Service name length %zu\n", sn_len);
561 646
562 mutex_lock(&local->socket_lock); 647 sock = nfc_llcp_sock_get_sn(local, sn, sn_len);
563 for (bound_sap = 0; bound_sap < LLCP_LOCAL_SAP_OFFSET; 648 if (sock == NULL) {
564 bound_sap++) { 649 reason = LLCP_DM_NOBOUND;
565 sock = local->sockets[bound_sap]; 650 goto fail;
566 if (sock == NULL)
567 continue;
568
569 if (sock->service_name == NULL ||
570 sock->service_name_len == 0)
571 continue;
572
573 if (sock->service_name_len != sn_len)
574 continue;
575
576 if (sock->dsap == LLCP_SAP_SDP &&
577 sock->sk.sk_state == LLCP_LISTEN &&
578 !memcmp(sn, sock->service_name, sn_len)) {
579 pr_debug("Found service name at SAP %d\n",
580 bound_sap);
581 sock_hold(&sock->sk);
582 mutex_unlock(&local->socket_lock);
583
584 lock_sock(&sock->sk);
585
586 goto enqueue;
587 }
588 } 651 }
589 mutex_unlock(&local->socket_lock);
590 } 652 }
591 653
592 reason = LLCP_DM_NOBOUND; 654 lock_sock(&sock->sk);
593 goto fail;
594 655
595enqueue:
596 parent = &sock->sk; 656 parent = &sock->sk;
597 657
598 if (sk_acceptq_is_full(parent)) { 658 if (sk_acceptq_is_full(parent)) {
@@ -612,15 +672,19 @@ enqueue:
612 672
613 new_sock = nfc_llcp_sock(new_sk); 673 new_sock = nfc_llcp_sock(new_sk);
614 new_sock->dev = local->dev; 674 new_sock->dev = local->dev;
615 new_sock->local = local; 675 new_sock->local = nfc_llcp_local_get(local);
676 new_sock->miu = local->remote_miu;
616 new_sock->nfc_protocol = sock->nfc_protocol; 677 new_sock->nfc_protocol = sock->nfc_protocol;
617 new_sock->ssap = bound_sap; 678 new_sock->ssap = sock->ssap;
618 new_sock->dsap = ssap; 679 new_sock->dsap = ssap;
619 new_sock->parent = parent; 680 new_sock->parent = parent;
620 681
682 nfc_llcp_parse_connection_tlv(new_sock, &skb->data[LLCP_HEADER_SIZE],
683 skb->len - LLCP_HEADER_SIZE);
684
621 pr_debug("new sock %p sk %p\n", new_sock, &new_sock->sk); 685 pr_debug("new sock %p sk %p\n", new_sock, &new_sock->sk);
622 686
623 list_add_tail(&new_sock->list, &sock->list); 687 nfc_llcp_sock_link(&local->sockets, new_sk);
624 688
625 nfc_llcp_accept_enqueue(&sock->sk, new_sk); 689 nfc_llcp_accept_enqueue(&sock->sk, new_sk);
626 690
@@ -654,12 +718,12 @@ int nfc_llcp_queue_i_frames(struct nfc_llcp_sock *sock)
654 718
655 pr_debug("Remote ready %d tx queue len %d remote rw %d", 719 pr_debug("Remote ready %d tx queue len %d remote rw %d",
656 sock->remote_ready, skb_queue_len(&sock->tx_pending_queue), 720 sock->remote_ready, skb_queue_len(&sock->tx_pending_queue),
657 local->remote_rw); 721 sock->rw);
658 722
659 /* Try to queue some I frames for transmission */ 723 /* Try to queue some I frames for transmission */
660 while (sock->remote_ready && 724 while (sock->remote_ready &&
661 skb_queue_len(&sock->tx_pending_queue) < local->remote_rw) { 725 skb_queue_len(&sock->tx_pending_queue) < sock->rw) {
662 struct sk_buff *pdu, *pending_pdu; 726 struct sk_buff *pdu;
663 727
664 pdu = skb_dequeue(&sock->tx_queue); 728 pdu = skb_dequeue(&sock->tx_queue);
665 if (pdu == NULL) 729 if (pdu == NULL)
@@ -668,10 +732,7 @@ int nfc_llcp_queue_i_frames(struct nfc_llcp_sock *sock)
668 /* Update N(S)/N(R) */ 732 /* Update N(S)/N(R) */
669 nfc_llcp_set_nrns(sock, pdu); 733 nfc_llcp_set_nrns(sock, pdu);
670 734
671 pending_pdu = skb_clone(pdu, GFP_KERNEL);
672
673 skb_queue_tail(&local->tx_queue, pdu); 735 skb_queue_tail(&local->tx_queue, pdu);
674 skb_queue_tail(&sock->tx_pending_queue, pending_pdu);
675 nr_frames++; 736 nr_frames++;
676 } 737 }
677 738
@@ -728,11 +789,21 @@ static void nfc_llcp_recv_hdlc(struct nfc_llcp_local *local,
728 789
729 llcp_sock->send_ack_n = nr; 790 llcp_sock->send_ack_n = nr;
730 791
731 skb_queue_walk_safe(&llcp_sock->tx_pending_queue, s, tmp) 792 /* Remove and free all skbs until ns == nr */
732 if (nfc_llcp_ns(s) <= nr) { 793 skb_queue_walk_safe(&llcp_sock->tx_pending_queue, s, tmp) {
733 skb_unlink(s, &llcp_sock->tx_pending_queue); 794 skb_unlink(s, &llcp_sock->tx_pending_queue);
734 kfree_skb(s); 795 kfree_skb(s);
735 } 796
797 if (nfc_llcp_ns(s) == nr)
798 break;
799 }
800
801 /* Re-queue the remaining skbs for transmission */
802 skb_queue_reverse_walk_safe(&llcp_sock->tx_pending_queue,
803 s, tmp) {
804 skb_unlink(s, &llcp_sock->tx_pending_queue);
805 skb_queue_head(&local->tx_queue, s);
806 }
736 } 807 }
737 808
738 if (ptype == LLCP_PDU_RR) 809 if (ptype == LLCP_PDU_RR)
@@ -740,7 +811,7 @@ static void nfc_llcp_recv_hdlc(struct nfc_llcp_local *local,
740 else if (ptype == LLCP_PDU_RNR) 811 else if (ptype == LLCP_PDU_RNR)
741 llcp_sock->remote_ready = false; 812 llcp_sock->remote_ready = false;
742 813
743 if (nfc_llcp_queue_i_frames(llcp_sock) == 0) 814 if (nfc_llcp_queue_i_frames(llcp_sock) == 0 && ptype == LLCP_PDU_I)
744 nfc_llcp_send_rr(llcp_sock); 815 nfc_llcp_send_rr(llcp_sock);
745 816
746 release_sock(sk); 817 release_sock(sk);
@@ -791,11 +862,7 @@ static void nfc_llcp_recv_cc(struct nfc_llcp_local *local, struct sk_buff *skb)
791 dsap = nfc_llcp_dsap(skb); 862 dsap = nfc_llcp_dsap(skb);
792 ssap = nfc_llcp_ssap(skb); 863 ssap = nfc_llcp_ssap(skb);
793 864
794 llcp_sock = nfc_llcp_sock_get(local, dsap, ssap); 865 llcp_sock = nfc_llcp_connecting_sock_get(local, dsap);
795
796 if (llcp_sock == NULL)
797 llcp_sock = nfc_llcp_sock_get(local, dsap, LLCP_SAP_SDP);
798
799 if (llcp_sock == NULL) { 866 if (llcp_sock == NULL) {
800 pr_err("Invalid CC\n"); 867 pr_err("Invalid CC\n");
801 nfc_llcp_send_dm(local, dsap, ssap, LLCP_DM_NOCONN); 868 nfc_llcp_send_dm(local, dsap, ssap, LLCP_DM_NOCONN);
@@ -803,11 +870,15 @@ static void nfc_llcp_recv_cc(struct nfc_llcp_local *local, struct sk_buff *skb)
803 return; 870 return;
804 } 871 }
805 872
806 llcp_sock->dsap = ssap;
807 sk = &llcp_sock->sk; 873 sk = &llcp_sock->sk;
808 874
809 nfc_llcp_parse_tlv(local, &skb->data[LLCP_HEADER_SIZE], 875 /* Unlink from connecting and link to the client array */
810 skb->len - LLCP_HEADER_SIZE); 876 nfc_llcp_sock_unlink(&local->connecting_sockets, sk);
877 nfc_llcp_sock_link(&local->sockets, sk);
878 llcp_sock->dsap = ssap;
879
880 nfc_llcp_parse_connection_tlv(llcp_sock, &skb->data[LLCP_HEADER_SIZE],
881 skb->len - LLCP_HEADER_SIZE);
811 882
812 sk->sk_state = LLCP_CONNECTED; 883 sk->sk_state = LLCP_CONNECTED;
813 sk->sk_state_change(sk); 884 sk->sk_state_change(sk);
@@ -891,6 +962,21 @@ void nfc_llcp_recv(void *data, struct sk_buff *skb, int err)
891 return; 962 return;
892} 963}
893 964
965int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb)
966{
967 struct nfc_llcp_local *local;
968
969 local = nfc_llcp_find_local(dev);
970 if (local == NULL)
971 return -ENODEV;
972
973 local->rx_pending = skb_get(skb);
974 del_timer(&local->link_timer);
975 queue_work(local->rx_wq, &local->rx_work);
976
977 return 0;
978}
979
894void nfc_llcp_mac_is_down(struct nfc_dev *dev) 980void nfc_llcp_mac_is_down(struct nfc_dev *dev)
895{ 981{
896 struct nfc_llcp_local *local; 982 struct nfc_llcp_local *local;
@@ -943,8 +1029,8 @@ int nfc_llcp_register_device(struct nfc_dev *ndev)
943 1029
944 local->dev = ndev; 1030 local->dev = ndev;
945 INIT_LIST_HEAD(&local->list); 1031 INIT_LIST_HEAD(&local->list);
1032 kref_init(&local->ref);
946 mutex_init(&local->sdp_lock); 1033 mutex_init(&local->sdp_lock);
947 mutex_init(&local->socket_lock);
948 init_timer(&local->link_timer); 1034 init_timer(&local->link_timer);
949 local->link_timer.data = (unsigned long) local; 1035 local->link_timer.data = (unsigned long) local;
950 local->link_timer.function = nfc_llcp_symm_timer; 1036 local->link_timer.function = nfc_llcp_symm_timer;
@@ -984,11 +1070,13 @@ int nfc_llcp_register_device(struct nfc_dev *ndev)
984 goto err_rx_wq; 1070 goto err_rx_wq;
985 } 1071 }
986 1072
1073 local->sockets.lock = __RW_LOCK_UNLOCKED(local->sockets.lock);
1074 local->connecting_sockets.lock = __RW_LOCK_UNLOCKED(local->connecting_sockets.lock);
1075
987 nfc_llcp_build_gb(local); 1076 nfc_llcp_build_gb(local);
988 1077
989 local->remote_miu = LLCP_DEFAULT_MIU; 1078 local->remote_miu = LLCP_DEFAULT_MIU;
990 local->remote_lto = LLCP_DEFAULT_LTO; 1079 local->remote_lto = LLCP_DEFAULT_LTO;
991 local->remote_rw = LLCP_DEFAULT_RW;
992 1080
993 list_add(&llcp_devices, &local->list); 1081 list_add(&llcp_devices, &local->list);
994 1082
@@ -1015,14 +1103,7 @@ void nfc_llcp_unregister_device(struct nfc_dev *dev)
1015 return; 1103 return;
1016 } 1104 }
1017 1105
1018 list_del(&local->list); 1106 nfc_llcp_local_put(local);
1019 nfc_llcp_socket_release(local);
1020 del_timer_sync(&local->link_timer);
1021 skb_queue_purge(&local->tx_queue);
1022 destroy_workqueue(local->tx_wq);
1023 destroy_workqueue(local->rx_wq);
1024 kfree_skb(local->rx_pending);
1025 kfree(local);
1026} 1107}
1027 1108
1028int __init nfc_llcp_init(void) 1109int __init nfc_llcp_init(void)
diff --git a/net/nfc/llcp/llcp.h b/net/nfc/llcp/llcp.h
index 50680ce5ae43..7286c86982ff 100644
--- a/net/nfc/llcp/llcp.h
+++ b/net/nfc/llcp/llcp.h
@@ -40,12 +40,18 @@ enum llcp_state {
40 40
41struct nfc_llcp_sock; 41struct nfc_llcp_sock;
42 42
43struct llcp_sock_list {
44 struct hlist_head head;
45 rwlock_t lock;
46};
47
43struct nfc_llcp_local { 48struct nfc_llcp_local {
44 struct list_head list; 49 struct list_head list;
45 struct nfc_dev *dev; 50 struct nfc_dev *dev;
46 51
52 struct kref ref;
53
47 struct mutex sdp_lock; 54 struct mutex sdp_lock;
48 struct mutex socket_lock;
49 55
50 struct timer_list link_timer; 56 struct timer_list link_timer;
51 struct sk_buff_head tx_queue; 57 struct sk_buff_head tx_queue;
@@ -77,24 +83,26 @@ struct nfc_llcp_local {
77 u16 remote_lto; 83 u16 remote_lto;
78 u8 remote_opt; 84 u8 remote_opt;
79 u16 remote_wks; 85 u16 remote_wks;
80 u8 remote_rw;
81 86
82 /* sockets array */ 87 /* sockets array */
83 struct nfc_llcp_sock *sockets[LLCP_MAX_SAP]; 88 struct llcp_sock_list sockets;
89 struct llcp_sock_list connecting_sockets;
84}; 90};
85 91
86struct nfc_llcp_sock { 92struct nfc_llcp_sock {
87 struct sock sk; 93 struct sock sk;
88 struct list_head list;
89 struct nfc_dev *dev; 94 struct nfc_dev *dev;
90 struct nfc_llcp_local *local; 95 struct nfc_llcp_local *local;
91 u32 target_idx; 96 u32 target_idx;
92 u32 nfc_protocol; 97 u32 nfc_protocol;
93 98
99 /* Link parameters */
94 u8 ssap; 100 u8 ssap;
95 u8 dsap; 101 u8 dsap;
96 char *service_name; 102 char *service_name;
97 size_t service_name_len; 103 size_t service_name_len;
104 u8 rw;
105 u16 miu;
98 106
99 /* Link variables */ 107 /* Link variables */
100 u8 send_n; 108 u8 send_n;
@@ -164,7 +172,11 @@ struct nfc_llcp_sock {
164#define LLCP_DM_REJ 0x03 172#define LLCP_DM_REJ 0x03
165 173
166 174
175void nfc_llcp_sock_link(struct llcp_sock_list *l, struct sock *s);
176void nfc_llcp_sock_unlink(struct llcp_sock_list *l, struct sock *s);
167struct nfc_llcp_local *nfc_llcp_find_local(struct nfc_dev *dev); 177struct nfc_llcp_local *nfc_llcp_find_local(struct nfc_dev *dev);
178struct nfc_llcp_local *nfc_llcp_local_get(struct nfc_llcp_local *local);
179int nfc_llcp_local_put(struct nfc_llcp_local *local);
168u8 nfc_llcp_get_sdp_ssap(struct nfc_llcp_local *local, 180u8 nfc_llcp_get_sdp_ssap(struct nfc_llcp_local *local,
169 struct nfc_llcp_sock *sock); 181 struct nfc_llcp_sock *sock);
170u8 nfc_llcp_get_local_ssap(struct nfc_llcp_local *local); 182u8 nfc_llcp_get_local_ssap(struct nfc_llcp_local *local);
@@ -179,8 +191,10 @@ void nfc_llcp_accept_enqueue(struct sock *parent, struct sock *sk);
179struct sock *nfc_llcp_accept_dequeue(struct sock *sk, struct socket *newsock); 191struct sock *nfc_llcp_accept_dequeue(struct sock *sk, struct socket *newsock);
180 192
181/* TLV API */ 193/* TLV API */
182int nfc_llcp_parse_tlv(struct nfc_llcp_local *local, 194int nfc_llcp_parse_gb_tlv(struct nfc_llcp_local *local,
183 u8 *tlv_array, u16 tlv_array_len); 195 u8 *tlv_array, u16 tlv_array_len);
196int nfc_llcp_parse_connection_tlv(struct nfc_llcp_sock *sock,
197 u8 *tlv_array, u16 tlv_array_len);
184 198
185/* Commands API */ 199/* Commands API */
186void nfc_llcp_recv(void *data, struct sk_buff *skb, int err); 200void nfc_llcp_recv(void *data, struct sk_buff *skb, int err);
diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c
index 3f339b19d140..30e3cc71be7a 100644
--- a/net/nfc/llcp/sock.c
+++ b/net/nfc/llcp/sock.c
@@ -111,7 +111,7 @@ static int llcp_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
111 } 111 }
112 112
113 llcp_sock->dev = dev; 113 llcp_sock->dev = dev;
114 llcp_sock->local = local; 114 llcp_sock->local = nfc_llcp_local_get(local);
115 llcp_sock->nfc_protocol = llcp_addr.nfc_protocol; 115 llcp_sock->nfc_protocol = llcp_addr.nfc_protocol;
116 llcp_sock->service_name_len = min_t(unsigned int, 116 llcp_sock->service_name_len = min_t(unsigned int,
117 llcp_addr.service_name_len, 117 llcp_addr.service_name_len,
@@ -124,7 +124,7 @@ static int llcp_sock_bind(struct socket *sock, struct sockaddr *addr, int alen)
124 if (llcp_sock->ssap == LLCP_MAX_SAP) 124 if (llcp_sock->ssap == LLCP_MAX_SAP)
125 goto put_dev; 125 goto put_dev;
126 126
127 local->sockets[llcp_sock->ssap] = llcp_sock; 127 nfc_llcp_sock_link(&local->sockets, sk);
128 128
129 pr_debug("Socket bound to SAP %d\n", llcp_sock->ssap); 129 pr_debug("Socket bound to SAP %d\n", llcp_sock->ssap);
130 130
@@ -379,15 +379,6 @@ static int llcp_sock_release(struct socket *sock)
379 goto out; 379 goto out;
380 } 380 }
381 381
382 mutex_lock(&local->socket_lock);
383
384 if (llcp_sock == local->sockets[llcp_sock->ssap])
385 local->sockets[llcp_sock->ssap] = NULL;
386 else
387 list_del_init(&llcp_sock->list);
388
389 mutex_unlock(&local->socket_lock);
390
391 lock_sock(sk); 382 lock_sock(sk);
392 383
393 /* Send a DISC */ 384 /* Send a DISC */
@@ -412,14 +403,12 @@ static int llcp_sock_release(struct socket *sock)
412 } 403 }
413 } 404 }
414 405
415 /* Freeing the SAP */ 406 nfc_llcp_put_ssap(llcp_sock->local, llcp_sock->ssap);
416 if ((sk->sk_state == LLCP_CONNECTED
417 && llcp_sock->ssap > LLCP_LOCAL_SAP_OFFSET) ||
418 sk->sk_state == LLCP_BOUND || sk->sk_state == LLCP_LISTEN)
419 nfc_llcp_put_ssap(llcp_sock->local, llcp_sock->ssap);
420 407
421 release_sock(sk); 408 release_sock(sk);
422 409
410 nfc_llcp_sock_unlink(&local->sockets, sk);
411
423out: 412out:
424 sock_orphan(sk); 413 sock_orphan(sk);
425 sock_put(sk); 414 sock_put(sk);
@@ -487,7 +476,8 @@ static int llcp_sock_connect(struct socket *sock, struct sockaddr *_addr,
487 } 476 }
488 477
489 llcp_sock->dev = dev; 478 llcp_sock->dev = dev;
490 llcp_sock->local = local; 479 llcp_sock->local = nfc_llcp_local_get(local);
480 llcp_sock->miu = llcp_sock->local->remote_miu;
491 llcp_sock->ssap = nfc_llcp_get_local_ssap(local); 481 llcp_sock->ssap = nfc_llcp_get_local_ssap(local);
492 if (llcp_sock->ssap == LLCP_SAP_MAX) { 482 if (llcp_sock->ssap == LLCP_SAP_MAX) {
493 ret = -ENOMEM; 483 ret = -ENOMEM;
@@ -505,21 +495,26 @@ static int llcp_sock_connect(struct socket *sock, struct sockaddr *_addr,
505 llcp_sock->service_name_len, 495 llcp_sock->service_name_len,
506 GFP_KERNEL); 496 GFP_KERNEL);
507 497
508 local->sockets[llcp_sock->ssap] = llcp_sock; 498 nfc_llcp_sock_link(&local->connecting_sockets, sk);
509 499
510 ret = nfc_llcp_send_connect(llcp_sock); 500 ret = nfc_llcp_send_connect(llcp_sock);
511 if (ret) 501 if (ret)
512 goto put_dev; 502 goto sock_unlink;
513 503
514 ret = sock_wait_state(sk, LLCP_CONNECTED, 504 ret = sock_wait_state(sk, LLCP_CONNECTED,
515 sock_sndtimeo(sk, flags & O_NONBLOCK)); 505 sock_sndtimeo(sk, flags & O_NONBLOCK));
516 if (ret) 506 if (ret)
517 goto put_dev; 507 goto sock_unlink;
518 508
519 release_sock(sk); 509 release_sock(sk);
520 510
521 return 0; 511 return 0;
522 512
513sock_unlink:
514 nfc_llcp_put_ssap(local, llcp_sock->ssap);
515
516 nfc_llcp_sock_unlink(&local->connecting_sockets, sk);
517
523put_dev: 518put_dev:
524 nfc_put_device(dev); 519 nfc_put_device(dev);
525 520
@@ -684,13 +679,14 @@ struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp)
684 679
685 llcp_sock->ssap = 0; 680 llcp_sock->ssap = 0;
686 llcp_sock->dsap = LLCP_SAP_SDP; 681 llcp_sock->dsap = LLCP_SAP_SDP;
682 llcp_sock->rw = LLCP_DEFAULT_RW;
683 llcp_sock->miu = LLCP_DEFAULT_MIU;
687 llcp_sock->send_n = llcp_sock->send_ack_n = 0; 684 llcp_sock->send_n = llcp_sock->send_ack_n = 0;
688 llcp_sock->recv_n = llcp_sock->recv_ack_n = 0; 685 llcp_sock->recv_n = llcp_sock->recv_ack_n = 0;
689 llcp_sock->remote_ready = 1; 686 llcp_sock->remote_ready = 1;
690 skb_queue_head_init(&llcp_sock->tx_queue); 687 skb_queue_head_init(&llcp_sock->tx_queue);
691 skb_queue_head_init(&llcp_sock->tx_pending_queue); 688 skb_queue_head_init(&llcp_sock->tx_pending_queue);
692 skb_queue_head_init(&llcp_sock->tx_backlog_queue); 689 skb_queue_head_init(&llcp_sock->tx_backlog_queue);
693 INIT_LIST_HEAD(&llcp_sock->list);
694 INIT_LIST_HEAD(&llcp_sock->accept_queue); 690 INIT_LIST_HEAD(&llcp_sock->accept_queue);
695 691
696 if (sock != NULL) 692 if (sock != NULL)
@@ -701,8 +697,6 @@ struct sock *nfc_llcp_sock_alloc(struct socket *sock, int type, gfp_t gfp)
701 697
702void nfc_llcp_sock_free(struct nfc_llcp_sock *sock) 698void nfc_llcp_sock_free(struct nfc_llcp_sock *sock)
703{ 699{
704 struct nfc_llcp_local *local = sock->local;
705
706 kfree(sock->service_name); 700 kfree(sock->service_name);
707 701
708 skb_queue_purge(&sock->tx_queue); 702 skb_queue_purge(&sock->tx_queue);
@@ -711,12 +705,9 @@ void nfc_llcp_sock_free(struct nfc_llcp_sock *sock)
711 705
712 list_del_init(&sock->accept_queue); 706 list_del_init(&sock->accept_queue);
713 707
714 if (local != NULL && sock == local->sockets[sock->ssap])
715 local->sockets[sock->ssap] = NULL;
716 else
717 list_del_init(&sock->list);
718
719 sock->parent = NULL; 708 sock->parent = NULL;
709
710 nfc_llcp_local_put(sock->local);
720} 711}
721 712
722static int llcp_sock_create(struct net *net, struct socket *sock, 713static int llcp_sock_create(struct net *net, struct socket *sock,
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index d560e6f13072..766a02b1dfa1 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -387,7 +387,8 @@ static int nci_dev_down(struct nfc_dev *nfc_dev)
387 return nci_close_device(ndev); 387 return nci_close_device(ndev);
388} 388}
389 389
390static int nci_start_poll(struct nfc_dev *nfc_dev, __u32 protocols) 390static int nci_start_poll(struct nfc_dev *nfc_dev,
391 __u32 im_protocols, __u32 tm_protocols)
391{ 392{
392 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev); 393 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
393 int rc; 394 int rc;
@@ -413,11 +414,11 @@ static int nci_start_poll(struct nfc_dev *nfc_dev, __u32 protocols)
413 return -EBUSY; 414 return -EBUSY;
414 } 415 }
415 416
416 rc = nci_request(ndev, nci_rf_discover_req, protocols, 417 rc = nci_request(ndev, nci_rf_discover_req, im_protocols,
417 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT)); 418 msecs_to_jiffies(NCI_RF_DISC_TIMEOUT));
418 419
419 if (!rc) 420 if (!rc)
420 ndev->poll_prots = protocols; 421 ndev->poll_prots = im_protocols;
421 422
422 return rc; 423 return rc;
423} 424}
@@ -521,9 +522,9 @@ static void nci_deactivate_target(struct nfc_dev *nfc_dev,
521 } 522 }
522} 523}
523 524
524static int nci_data_exchange(struct nfc_dev *nfc_dev, struct nfc_target *target, 525static int nci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
525 struct sk_buff *skb, 526 struct sk_buff *skb,
526 data_exchange_cb_t cb, void *cb_context) 527 data_exchange_cb_t cb, void *cb_context)
527{ 528{
528 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev); 529 struct nci_dev *ndev = nfc_get_drvdata(nfc_dev);
529 int rc; 530 int rc;
@@ -556,7 +557,7 @@ static struct nfc_ops nci_nfc_ops = {
556 .stop_poll = nci_stop_poll, 557 .stop_poll = nci_stop_poll,
557 .activate_target = nci_activate_target, 558 .activate_target = nci_activate_target,
558 .deactivate_target = nci_deactivate_target, 559 .deactivate_target = nci_deactivate_target,
559 .data_exchange = nci_data_exchange, 560 .im_transceive = nci_transceive,
560}; 561};
561 562
562/* ---- Interface to NCI drivers ---- */ 563/* ---- Interface to NCI drivers ---- */
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index 581d419083aa..03c31db38f12 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -49,6 +49,8 @@ static const struct nla_policy nfc_genl_policy[NFC_ATTR_MAX + 1] = {
49 [NFC_ATTR_COMM_MODE] = { .type = NLA_U8 }, 49 [NFC_ATTR_COMM_MODE] = { .type = NLA_U8 },
50 [NFC_ATTR_RF_MODE] = { .type = NLA_U8 }, 50 [NFC_ATTR_RF_MODE] = { .type = NLA_U8 },
51 [NFC_ATTR_DEVICE_POWERED] = { .type = NLA_U8 }, 51 [NFC_ATTR_DEVICE_POWERED] = { .type = NLA_U8 },
52 [NFC_ATTR_IM_PROTOCOLS] = { .type = NLA_U32 },
53 [NFC_ATTR_TM_PROTOCOLS] = { .type = NLA_U32 },
52}; 54};
53 55
54static int nfc_genl_send_target(struct sk_buff *msg, struct nfc_target *target, 56static int nfc_genl_send_target(struct sk_buff *msg, struct nfc_target *target,
@@ -219,6 +221,68 @@ free_msg:
219 return -EMSGSIZE; 221 return -EMSGSIZE;
220} 222}
221 223
224int nfc_genl_tm_activated(struct nfc_dev *dev, u32 protocol)
225{
226 struct sk_buff *msg;
227 void *hdr;
228
229 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
230 if (!msg)
231 return -ENOMEM;
232
233 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
234 NFC_EVENT_TM_ACTIVATED);
235 if (!hdr)
236 goto free_msg;
237
238 if (nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx))
239 goto nla_put_failure;
240 if (nla_put_u32(msg, NFC_ATTR_TM_PROTOCOLS, protocol))
241 goto nla_put_failure;
242
243 genlmsg_end(msg, hdr);
244
245 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_KERNEL);
246
247 return 0;
248
249nla_put_failure:
250 genlmsg_cancel(msg, hdr);
251free_msg:
252 nlmsg_free(msg);
253 return -EMSGSIZE;
254}
255
256int nfc_genl_tm_deactivated(struct nfc_dev *dev)
257{
258 struct sk_buff *msg;
259 void *hdr;
260
261 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
262 if (!msg)
263 return -ENOMEM;
264
265 hdr = genlmsg_put(msg, 0, 0, &nfc_genl_family, 0,
266 NFC_EVENT_TM_DEACTIVATED);
267 if (!hdr)
268 goto free_msg;
269
270 if (nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx))
271 goto nla_put_failure;
272
273 genlmsg_end(msg, hdr);
274
275 genlmsg_multicast(msg, 0, nfc_genl_event_mcgrp.id, GFP_KERNEL);
276
277 return 0;
278
279nla_put_failure:
280 genlmsg_cancel(msg, hdr);
281free_msg:
282 nlmsg_free(msg);
283 return -EMSGSIZE;
284}
285
222int nfc_genl_device_added(struct nfc_dev *dev) 286int nfc_genl_device_added(struct nfc_dev *dev)
223{ 287{
224 struct sk_buff *msg; 288 struct sk_buff *msg;
@@ -519,16 +583,25 @@ static int nfc_genl_start_poll(struct sk_buff *skb, struct genl_info *info)
519 struct nfc_dev *dev; 583 struct nfc_dev *dev;
520 int rc; 584 int rc;
521 u32 idx; 585 u32 idx;
522 u32 protocols; 586 u32 im_protocols = 0, tm_protocols = 0;
523 587
524 pr_debug("Poll start\n"); 588 pr_debug("Poll start\n");
525 589
526 if (!info->attrs[NFC_ATTR_DEVICE_INDEX] || 590 if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||
527 !info->attrs[NFC_ATTR_PROTOCOLS]) 591 ((!info->attrs[NFC_ATTR_IM_PROTOCOLS] &&
592 !info->attrs[NFC_ATTR_PROTOCOLS]) &&
593 !info->attrs[NFC_ATTR_TM_PROTOCOLS]))
528 return -EINVAL; 594 return -EINVAL;
529 595
530 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]); 596 idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
531 protocols = nla_get_u32(info->attrs[NFC_ATTR_PROTOCOLS]); 597
598 if (info->attrs[NFC_ATTR_TM_PROTOCOLS])
599 tm_protocols = nla_get_u32(info->attrs[NFC_ATTR_TM_PROTOCOLS]);
600
601 if (info->attrs[NFC_ATTR_IM_PROTOCOLS])
602 im_protocols = nla_get_u32(info->attrs[NFC_ATTR_IM_PROTOCOLS]);
603 else if (info->attrs[NFC_ATTR_PROTOCOLS])
604 im_protocols = nla_get_u32(info->attrs[NFC_ATTR_PROTOCOLS]);
532 605
533 dev = nfc_get_device(idx); 606 dev = nfc_get_device(idx);
534 if (!dev) 607 if (!dev)
@@ -536,7 +609,7 @@ static int nfc_genl_start_poll(struct sk_buff *skb, struct genl_info *info)
536 609
537 mutex_lock(&dev->genl_data.genl_data_mutex); 610 mutex_lock(&dev->genl_data.genl_data_mutex);
538 611
539 rc = nfc_start_poll(dev, protocols); 612 rc = nfc_start_poll(dev, im_protocols, tm_protocols);
540 if (!rc) 613 if (!rc)
541 dev->genl_data.poll_req_pid = info->snd_pid; 614 dev->genl_data.poll_req_pid = info->snd_pid;
542 615
diff --git a/net/nfc/nfc.h b/net/nfc/nfc.h
index 3dd4232ae664..c5e42b79a418 100644
--- a/net/nfc/nfc.h
+++ b/net/nfc/nfc.h
@@ -55,6 +55,7 @@ int nfc_llcp_register_device(struct nfc_dev *dev);
55void nfc_llcp_unregister_device(struct nfc_dev *dev); 55void nfc_llcp_unregister_device(struct nfc_dev *dev);
56int nfc_llcp_set_remote_gb(struct nfc_dev *dev, u8 *gb, u8 gb_len); 56int nfc_llcp_set_remote_gb(struct nfc_dev *dev, u8 *gb, u8 gb_len);
57u8 *nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *general_bytes_len); 57u8 *nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *general_bytes_len);
58int nfc_llcp_data_received(struct nfc_dev *dev, struct sk_buff *skb);
58int __init nfc_llcp_init(void); 59int __init nfc_llcp_init(void);
59void nfc_llcp_exit(void); 60void nfc_llcp_exit(void);
60 61
@@ -90,6 +91,12 @@ static inline u8 *nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *gb_len)
90 return NULL; 91 return NULL;
91} 92}
92 93
94static inline int nfc_llcp_data_received(struct nfc_dev *dev,
95 struct sk_buff *skb)
96{
97 return 0;
98}
99
93static inline int nfc_llcp_init(void) 100static inline int nfc_llcp_init(void)
94{ 101{
95 return 0; 102 return 0;
@@ -128,6 +135,9 @@ int nfc_genl_dep_link_up_event(struct nfc_dev *dev, u32 target_idx,
128 u8 comm_mode, u8 rf_mode); 135 u8 comm_mode, u8 rf_mode);
129int nfc_genl_dep_link_down_event(struct nfc_dev *dev); 136int nfc_genl_dep_link_down_event(struct nfc_dev *dev);
130 137
138int nfc_genl_tm_activated(struct nfc_dev *dev, u32 protocol);
139int nfc_genl_tm_deactivated(struct nfc_dev *dev);
140
131struct nfc_dev *nfc_get_device(unsigned int idx); 141struct nfc_dev *nfc_get_device(unsigned int idx);
132 142
133static inline void nfc_put_device(struct nfc_dev *dev) 143static inline void nfc_put_device(struct nfc_dev *dev)
@@ -158,7 +168,7 @@ int nfc_dev_up(struct nfc_dev *dev);
158 168
159int nfc_dev_down(struct nfc_dev *dev); 169int nfc_dev_down(struct nfc_dev *dev);
160 170
161int nfc_start_poll(struct nfc_dev *dev, u32 protocols); 171int nfc_start_poll(struct nfc_dev *dev, u32 im_protocols, u32 tm_protocols);
162 172
163int nfc_stop_poll(struct nfc_dev *dev); 173int nfc_stop_poll(struct nfc_dev *dev);
164 174
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-05 00:46:37 -0500