1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Sony NFC Port-100 Series driver
4  * Copyright (c) 2013, Intel Corporation.
5  *
6  * Partly based/Inspired by Stephen Tiedemann's nfcpy
7  */
8 
9 #include <linux/module.h>
10 #include <linux/usb.h>
11 #include <net/nfc/digital.h>
12 
13 #define VERSION "0.1"
14 
15 #define SONY_VENDOR_ID		0x054c
16 #define RCS380S_PRODUCT_ID	0x06c1
17 #define RCS380P_PRODUCT_ID	0x06c3
18 
19 #define PORT100_PROTOCOLS (NFC_PROTO_JEWEL_MASK    | \
20 			   NFC_PROTO_MIFARE_MASK   | \
21 			   NFC_PROTO_FELICA_MASK   | \
22 			   NFC_PROTO_NFC_DEP_MASK  | \
23 			   NFC_PROTO_ISO14443_MASK | \
24 			   NFC_PROTO_ISO14443_B_MASK)
25 
26 #define PORT100_CAPABILITIES (NFC_DIGITAL_DRV_CAPS_IN_CRC | \
27 			      NFC_DIGITAL_DRV_CAPS_TG_CRC)
28 
29 /* Standard port100 frame definitions */
30 #define PORT100_FRAME_HEADER_LEN (sizeof(struct port100_frame) \
31 				  + 2) /* data[0] CC, data[1] SCC */
32 #define PORT100_FRAME_TAIL_LEN 2 /* data[len] DCS, data[len + 1] postamble*/
33 
34 #define PORT100_COMM_RF_HEAD_MAX_LEN (sizeof(struct port100_tg_comm_rf_cmd))
35 
36 /*
37  * Max extended frame payload len, excluding CC and SCC
38  * which are already in PORT100_FRAME_HEADER_LEN.
39  */
40 #define PORT100_FRAME_MAX_PAYLOAD_LEN 1001
41 
42 #define PORT100_FRAME_ACK_SIZE 6 /* Preamble (1), SoPC (2), ACK Code (2),
43 				    Postamble (1) */
44 static u8 ack_frame[PORT100_FRAME_ACK_SIZE] = {
45 	0x00, 0x00, 0xff, 0x00, 0xff, 0x00
46 };
47 
48 #define PORT100_FRAME_CHECKSUM(f) (f->data[le16_to_cpu(f->datalen)])
49 #define PORT100_FRAME_POSTAMBLE(f) (f->data[le16_to_cpu(f->datalen) + 1])
50 
51 /* start of frame */
52 #define PORT100_FRAME_SOF	0x00FF
53 #define PORT100_FRAME_EXT	0xFFFF
54 #define PORT100_FRAME_ACK	0x00FF
55 
56 /* Port-100 command: in or out */
57 #define PORT100_FRAME_DIRECTION(f) (f->data[0]) /* CC */
58 #define PORT100_FRAME_DIR_OUT 0xD6
59 #define PORT100_FRAME_DIR_IN  0xD7
60 
61 /* Port-100 sub-command */
62 #define PORT100_FRAME_CMD(f) (f->data[1]) /* SCC */
63 
64 #define PORT100_CMD_GET_FIRMWARE_VERSION 0x20
65 #define PORT100_CMD_GET_COMMAND_TYPE     0x28
66 #define PORT100_CMD_SET_COMMAND_TYPE     0x2A
67 
68 #define PORT100_CMD_IN_SET_RF       0x00
69 #define PORT100_CMD_IN_SET_PROTOCOL 0x02
70 #define PORT100_CMD_IN_COMM_RF      0x04
71 
72 #define PORT100_CMD_TG_SET_RF       0x40
73 #define PORT100_CMD_TG_SET_PROTOCOL 0x42
74 #define PORT100_CMD_TG_SET_RF_OFF   0x46
75 #define PORT100_CMD_TG_COMM_RF      0x48
76 
77 #define PORT100_CMD_SWITCH_RF       0x06
78 
79 #define PORT100_CMD_RESPONSE(cmd) (cmd + 1)
80 
81 #define PORT100_CMD_TYPE_IS_SUPPORTED(mask, cmd_type) \
82 	((mask) & (0x01 << (cmd_type)))
83 #define PORT100_CMD_TYPE_0	0
84 #define PORT100_CMD_TYPE_1	1
85 
86 #define PORT100_CMD_STATUS_OK      0x00
87 #define PORT100_CMD_STATUS_TIMEOUT 0x80
88 
89 #define PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK 0x01
90 #define PORT100_MDAA_TGT_WAS_ACTIVATED_MASK      0x02
91 
92 struct port100;
93 
94 typedef void (*port100_send_async_complete_t)(struct port100 *dev, void *arg,
95 					      struct sk_buff *resp);
96 
97 /**
98  * Setting sets structure for in_set_rf command
99  *
100  * @in_*_set_number: Represent the entry indexes in the port-100 RF Base Table.
101  *              This table contains multiple RF setting sets required for RF
102  *              communication.
103  *
104  * @in_*_comm_type: Theses fields set the communication type to be used.
105  */
106 struct port100_in_rf_setting {
107 	u8 in_send_set_number;
108 	u8 in_send_comm_type;
109 	u8 in_recv_set_number;
110 	u8 in_recv_comm_type;
111 } __packed;
112 
113 #define PORT100_COMM_TYPE_IN_212F 0x01
114 #define PORT100_COMM_TYPE_IN_424F 0x02
115 #define PORT100_COMM_TYPE_IN_106A 0x03
116 #define PORT100_COMM_TYPE_IN_106B 0x07
117 
118 static const struct port100_in_rf_setting in_rf_settings[] = {
119 	[NFC_DIGITAL_RF_TECH_212F] = {
120 		.in_send_set_number = 1,
121 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_212F,
122 		.in_recv_set_number = 15,
123 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_212F,
124 	},
125 	[NFC_DIGITAL_RF_TECH_424F] = {
126 		.in_send_set_number = 1,
127 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_424F,
128 		.in_recv_set_number = 15,
129 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_424F,
130 	},
131 	[NFC_DIGITAL_RF_TECH_106A] = {
132 		.in_send_set_number = 2,
133 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_106A,
134 		.in_recv_set_number = 15,
135 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_106A,
136 	},
137 	[NFC_DIGITAL_RF_TECH_106B] = {
138 		.in_send_set_number = 3,
139 		.in_send_comm_type  = PORT100_COMM_TYPE_IN_106B,
140 		.in_recv_set_number = 15,
141 		.in_recv_comm_type  = PORT100_COMM_TYPE_IN_106B,
142 	},
143 	/* Ensures the array has NFC_DIGITAL_RF_TECH_LAST elements */
144 	[NFC_DIGITAL_RF_TECH_LAST] = { 0 },
145 };
146 
147 /**
148  * Setting sets structure for tg_set_rf command
149  *
150  * @tg_set_number: Represents the entry index in the port-100 RF Base Table.
151  *                 This table contains multiple RF setting sets required for RF
152  *                 communication. this field is used for both send and receive
153  *                 settings.
154  *
155  * @tg_comm_type: Sets the communication type to be used to send and receive
156  *                data.
157  */
158 struct port100_tg_rf_setting {
159 	u8 tg_set_number;
160 	u8 tg_comm_type;
161 } __packed;
162 
163 #define PORT100_COMM_TYPE_TG_106A 0x0B
164 #define PORT100_COMM_TYPE_TG_212F 0x0C
165 #define PORT100_COMM_TYPE_TG_424F 0x0D
166 
167 static const struct port100_tg_rf_setting tg_rf_settings[] = {
168 	[NFC_DIGITAL_RF_TECH_106A] = {
169 		.tg_set_number = 8,
170 		.tg_comm_type = PORT100_COMM_TYPE_TG_106A,
171 	},
172 	[NFC_DIGITAL_RF_TECH_212F] = {
173 		.tg_set_number = 8,
174 		.tg_comm_type = PORT100_COMM_TYPE_TG_212F,
175 	},
176 	[NFC_DIGITAL_RF_TECH_424F] = {
177 		.tg_set_number = 8,
178 		.tg_comm_type = PORT100_COMM_TYPE_TG_424F,
179 	},
180 	/* Ensures the array has NFC_DIGITAL_RF_TECH_LAST elements */
181 	[NFC_DIGITAL_RF_TECH_LAST] = { 0 },
182 
183 };
184 
185 #define PORT100_IN_PROT_INITIAL_GUARD_TIME      0x00
186 #define PORT100_IN_PROT_ADD_CRC                 0x01
187 #define PORT100_IN_PROT_CHECK_CRC               0x02
188 #define PORT100_IN_PROT_MULTI_CARD              0x03
189 #define PORT100_IN_PROT_ADD_PARITY              0x04
190 #define PORT100_IN_PROT_CHECK_PARITY            0x05
191 #define PORT100_IN_PROT_BITWISE_AC_RECV_MODE    0x06
192 #define PORT100_IN_PROT_VALID_BIT_NUMBER        0x07
193 #define PORT100_IN_PROT_CRYPTO1                 0x08
194 #define PORT100_IN_PROT_ADD_SOF                 0x09
195 #define PORT100_IN_PROT_CHECK_SOF               0x0A
196 #define PORT100_IN_PROT_ADD_EOF                 0x0B
197 #define PORT100_IN_PROT_CHECK_EOF               0x0C
198 #define PORT100_IN_PROT_DEAF_TIME               0x0E
199 #define PORT100_IN_PROT_CRM                     0x0F
200 #define PORT100_IN_PROT_CRM_MIN_LEN             0x10
201 #define PORT100_IN_PROT_T1_TAG_FRAME            0x11
202 #define PORT100_IN_PROT_RFCA                    0x12
203 #define PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR 0x13
204 #define PORT100_IN_PROT_END                     0x14
205 
206 #define PORT100_IN_MAX_NUM_PROTOCOLS            19
207 
208 #define PORT100_TG_PROT_TU           0x00
209 #define PORT100_TG_PROT_RF_OFF       0x01
210 #define PORT100_TG_PROT_CRM          0x02
211 #define PORT100_TG_PROT_END          0x03
212 
213 #define PORT100_TG_MAX_NUM_PROTOCOLS 3
214 
215 struct port100_protocol {
216 	u8 number;
217 	u8 value;
218 } __packed;
219 
220 static struct port100_protocol
221 in_protocols[][PORT100_IN_MAX_NUM_PROTOCOLS + 1] = {
222 	[NFC_DIGITAL_FRAMING_NFCA_SHORT] = {
223 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
224 		{ PORT100_IN_PROT_ADD_CRC,                 0 },
225 		{ PORT100_IN_PROT_CHECK_CRC,               0 },
226 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
227 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
228 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
229 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
230 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        7 },
231 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
232 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
233 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
234 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
235 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
236 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
237 		{ PORT100_IN_PROT_CRM,                     0 },
238 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
239 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
240 		{ PORT100_IN_PROT_RFCA,                    0 },
241 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
242 		{ PORT100_IN_PROT_END,                     0 },
243 	},
244 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD] = {
245 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
246 		{ PORT100_IN_PROT_ADD_CRC,                 0 },
247 		{ PORT100_IN_PROT_CHECK_CRC,               0 },
248 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
249 		{ PORT100_IN_PROT_ADD_PARITY,              1 },
250 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
251 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
252 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
253 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
254 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
255 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
256 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
257 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
258 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
259 		{ PORT100_IN_PROT_CRM,                     0 },
260 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
261 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
262 		{ PORT100_IN_PROT_RFCA,                    0 },
263 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
264 		{ PORT100_IN_PROT_END,                     0 },
265 	},
266 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A] = {
267 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,      6 },
268 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
269 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
270 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
271 		{ PORT100_IN_PROT_ADD_PARITY,              1 },
272 		{ PORT100_IN_PROT_CHECK_PARITY,            1 },
273 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
274 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
275 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
276 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
277 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
278 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
279 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
280 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
281 		{ PORT100_IN_PROT_CRM,                     0 },
282 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
283 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
284 		{ PORT100_IN_PROT_RFCA,                    0 },
285 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
286 		{ PORT100_IN_PROT_END,                     0 },
287 	},
288 	[NFC_DIGITAL_FRAMING_NFCA_T1T] = {
289 		/* nfc_digital_framing_nfca_short */
290 		{ PORT100_IN_PROT_ADD_CRC,          2 },
291 		{ PORT100_IN_PROT_CHECK_CRC,        2 },
292 		{ PORT100_IN_PROT_VALID_BIT_NUMBER, 8 },
293 		{ PORT100_IN_PROT_T1_TAG_FRAME,     2 },
294 		{ PORT100_IN_PROT_END,              0 },
295 	},
296 	[NFC_DIGITAL_FRAMING_NFCA_T2T] = {
297 		/* nfc_digital_framing_nfca_standard */
298 		{ PORT100_IN_PROT_ADD_CRC,   1 },
299 		{ PORT100_IN_PROT_CHECK_CRC, 0 },
300 		{ PORT100_IN_PROT_END,       0 },
301 	},
302 	[NFC_DIGITAL_FRAMING_NFCA_T4T] = {
303 		/* nfc_digital_framing_nfca_standard_with_crc_a */
304 		{ PORT100_IN_PROT_END,       0 },
305 	},
306 	[NFC_DIGITAL_FRAMING_NFCA_NFC_DEP] = {
307 		/* nfc_digital_framing_nfca_standard */
308 		{ PORT100_IN_PROT_END, 0 },
309 	},
310 	[NFC_DIGITAL_FRAMING_NFCF] = {
311 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     18 },
312 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
313 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
314 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
315 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
316 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
317 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
318 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
319 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
320 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
321 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
322 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
323 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
324 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
325 		{ PORT100_IN_PROT_CRM,                     0 },
326 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
327 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
328 		{ PORT100_IN_PROT_RFCA,                    0 },
329 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
330 		{ PORT100_IN_PROT_END,                     0 },
331 	},
332 	[NFC_DIGITAL_FRAMING_NFCF_T3T] = {
333 		/* nfc_digital_framing_nfcf */
334 		{ PORT100_IN_PROT_END, 0 },
335 	},
336 	[NFC_DIGITAL_FRAMING_NFCF_NFC_DEP] = {
337 		/* nfc_digital_framing_nfcf */
338 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     18 },
339 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
340 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
341 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
342 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
343 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
344 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
345 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
346 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
347 		{ PORT100_IN_PROT_ADD_SOF,                 0 },
348 		{ PORT100_IN_PROT_CHECK_SOF,               0 },
349 		{ PORT100_IN_PROT_ADD_EOF,                 0 },
350 		{ PORT100_IN_PROT_CHECK_EOF,               0 },
351 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
352 		{ PORT100_IN_PROT_CRM,                     0 },
353 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
354 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
355 		{ PORT100_IN_PROT_RFCA,                    0 },
356 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
357 		{ PORT100_IN_PROT_END,                     0 },
358 	},
359 	[NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED] = {
360 		{ PORT100_IN_PROT_END, 0 },
361 	},
362 	[NFC_DIGITAL_FRAMING_NFCB] = {
363 		{ PORT100_IN_PROT_INITIAL_GUARD_TIME,     20 },
364 		{ PORT100_IN_PROT_ADD_CRC,                 1 },
365 		{ PORT100_IN_PROT_CHECK_CRC,               1 },
366 		{ PORT100_IN_PROT_MULTI_CARD,              0 },
367 		{ PORT100_IN_PROT_ADD_PARITY,              0 },
368 		{ PORT100_IN_PROT_CHECK_PARITY,            0 },
369 		{ PORT100_IN_PROT_BITWISE_AC_RECV_MODE,    0 },
370 		{ PORT100_IN_PROT_VALID_BIT_NUMBER,        8 },
371 		{ PORT100_IN_PROT_CRYPTO1,                 0 },
372 		{ PORT100_IN_PROT_ADD_SOF,                 1 },
373 		{ PORT100_IN_PROT_CHECK_SOF,               1 },
374 		{ PORT100_IN_PROT_ADD_EOF,                 1 },
375 		{ PORT100_IN_PROT_CHECK_EOF,               1 },
376 		{ PORT100_IN_PROT_DEAF_TIME,               4 },
377 		{ PORT100_IN_PROT_CRM,                     0 },
378 		{ PORT100_IN_PROT_CRM_MIN_LEN,             0 },
379 		{ PORT100_IN_PROT_T1_TAG_FRAME,            0 },
380 		{ PORT100_IN_PROT_RFCA,                    0 },
381 		{ PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 },
382 		{ PORT100_IN_PROT_END,                     0 },
383 	},
384 	[NFC_DIGITAL_FRAMING_NFCB_T4T] = {
385 		/* nfc_digital_framing_nfcb */
386 		{ PORT100_IN_PROT_END,                     0 },
387 	},
388 	/* Ensures the array has NFC_DIGITAL_FRAMING_LAST elements */
389 	[NFC_DIGITAL_FRAMING_LAST] = {
390 		{ PORT100_IN_PROT_END, 0 },
391 	},
392 };
393 
394 static struct port100_protocol
395 tg_protocols[][PORT100_TG_MAX_NUM_PROTOCOLS + 1] = {
396 	[NFC_DIGITAL_FRAMING_NFCA_SHORT] = {
397 		{ PORT100_TG_PROT_END, 0 },
398 	},
399 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD] = {
400 		{ PORT100_TG_PROT_END, 0 },
401 	},
402 	[NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A] = {
403 		{ PORT100_TG_PROT_END, 0 },
404 	},
405 	[NFC_DIGITAL_FRAMING_NFCA_T1T] = {
406 		{ PORT100_TG_PROT_END, 0 },
407 	},
408 	[NFC_DIGITAL_FRAMING_NFCA_T2T] = {
409 		{ PORT100_TG_PROT_END, 0 },
410 	},
411 	[NFC_DIGITAL_FRAMING_NFCA_NFC_DEP] = {
412 		{ PORT100_TG_PROT_TU,     1 },
413 		{ PORT100_TG_PROT_RF_OFF, 0 },
414 		{ PORT100_TG_PROT_CRM,    7 },
415 		{ PORT100_TG_PROT_END,    0 },
416 	},
417 	[NFC_DIGITAL_FRAMING_NFCF] = {
418 		{ PORT100_TG_PROT_END, 0 },
419 	},
420 	[NFC_DIGITAL_FRAMING_NFCF_T3T] = {
421 		{ PORT100_TG_PROT_END, 0 },
422 	},
423 	[NFC_DIGITAL_FRAMING_NFCF_NFC_DEP] = {
424 		{ PORT100_TG_PROT_TU,     1 },
425 		{ PORT100_TG_PROT_RF_OFF, 0 },
426 		{ PORT100_TG_PROT_CRM,    7 },
427 		{ PORT100_TG_PROT_END,    0 },
428 	},
429 	[NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED] = {
430 		{ PORT100_TG_PROT_RF_OFF, 1 },
431 		{ PORT100_TG_PROT_END,    0 },
432 	},
433 	/* Ensures the array has NFC_DIGITAL_FRAMING_LAST elements */
434 	[NFC_DIGITAL_FRAMING_LAST] = {
435 		{ PORT100_TG_PROT_END,    0 },
436 	},
437 };
438 
439 struct port100 {
440 	struct nfc_digital_dev *nfc_digital_dev;
441 
442 	int skb_headroom;
443 	int skb_tailroom;
444 
445 	struct usb_device *udev;
446 	struct usb_interface *interface;
447 
448 	struct urb *out_urb;
449 	struct urb *in_urb;
450 
451 	/* This mutex protects the out_urb and avoids to submit a new command
452 	 * through port100_send_frame_async() while the previous one is being
453 	 * canceled through port100_abort_cmd().
454 	 */
455 	struct mutex out_urb_lock;
456 
457 	struct work_struct cmd_complete_work;
458 
459 	u8 cmd_type;
460 
461 	/* The digital stack serializes commands to be sent. There is no need
462 	 * for any queuing/locking mechanism at driver level.
463 	 */
464 	struct port100_cmd *cmd;
465 
466 	bool cmd_cancel;
467 	struct completion cmd_cancel_done;
468 };
469 
470 struct port100_cmd {
471 	u8 code;
472 	int status;
473 	struct sk_buff *req;
474 	struct sk_buff *resp;
475 	int resp_len;
476 	port100_send_async_complete_t  complete_cb;
477 	void *complete_cb_context;
478 };
479 
480 struct port100_frame {
481 	u8 preamble;
482 	__be16 start_frame;
483 	__be16 extended_frame;
484 	__le16 datalen;
485 	u8 datalen_checksum;
486 	u8 data[];
487 } __packed;
488 
489 struct port100_ack_frame {
490 	u8 preamble;
491 	__be16 start_frame;
492 	__be16 ack_frame;
493 	u8 postambule;
494 } __packed;
495 
496 struct port100_cb_arg {
497 	nfc_digital_cmd_complete_t complete_cb;
498 	void *complete_arg;
499 	u8 mdaa;
500 };
501 
502 struct port100_tg_comm_rf_cmd {
503 	__le16 guard_time;
504 	__le16 send_timeout;
505 	u8 mdaa;
506 	u8 nfca_param[6];
507 	u8 nfcf_param[18];
508 	u8 mf_halted;
509 	u8 arae_flag;
510 	__le16 recv_timeout;
511 	u8 data[];
512 } __packed;
513 
514 struct port100_tg_comm_rf_res {
515 	u8 comm_type;
516 	u8 ar_status;
517 	u8 target_activated;
518 	__le32 status;
519 	u8 data[];
520 } __packed;
521 
522 /* The rule: value + checksum = 0 */
port100_checksum(u16 value)523 static inline u8 port100_checksum(u16 value)
524 {
525 	return ~(((u8 *)&value)[0] + ((u8 *)&value)[1]) + 1;
526 }
527 
528 /* The rule: sum(data elements) + checksum = 0 */
port100_data_checksum(u8 * data,int datalen)529 static u8 port100_data_checksum(u8 *data, int datalen)
530 {
531 	u8 sum = 0;
532 	int i;
533 
534 	for (i = 0; i < datalen; i++)
535 		sum += data[i];
536 
537 	return port100_checksum(sum);
538 }
539 
port100_tx_frame_init(void * _frame,u8 cmd_code)540 static void port100_tx_frame_init(void *_frame, u8 cmd_code)
541 {
542 	struct port100_frame *frame = _frame;
543 
544 	frame->preamble = 0;
545 	frame->start_frame = cpu_to_be16(PORT100_FRAME_SOF);
546 	frame->extended_frame = cpu_to_be16(PORT100_FRAME_EXT);
547 	PORT100_FRAME_DIRECTION(frame) = PORT100_FRAME_DIR_OUT;
548 	PORT100_FRAME_CMD(frame) = cmd_code;
549 	frame->datalen = cpu_to_le16(2);
550 }
551 
port100_tx_frame_finish(void * _frame)552 static void port100_tx_frame_finish(void *_frame)
553 {
554 	struct port100_frame *frame = _frame;
555 
556 	frame->datalen_checksum = port100_checksum(le16_to_cpu(frame->datalen));
557 
558 	PORT100_FRAME_CHECKSUM(frame) =
559 		port100_data_checksum(frame->data, le16_to_cpu(frame->datalen));
560 
561 	PORT100_FRAME_POSTAMBLE(frame) = 0;
562 }
563 
port100_tx_update_payload_len(void * _frame,int len)564 static void port100_tx_update_payload_len(void *_frame, int len)
565 {
566 	struct port100_frame *frame = _frame;
567 
568 	le16_add_cpu(&frame->datalen, len);
569 }
570 
port100_rx_frame_is_valid(void * _frame)571 static bool port100_rx_frame_is_valid(void *_frame)
572 {
573 	u8 checksum;
574 	struct port100_frame *frame = _frame;
575 
576 	if (frame->start_frame != cpu_to_be16(PORT100_FRAME_SOF) ||
577 	    frame->extended_frame != cpu_to_be16(PORT100_FRAME_EXT))
578 		return false;
579 
580 	checksum = port100_checksum(le16_to_cpu(frame->datalen));
581 	if (checksum != frame->datalen_checksum)
582 		return false;
583 
584 	checksum = port100_data_checksum(frame->data,
585 					 le16_to_cpu(frame->datalen));
586 	if (checksum != PORT100_FRAME_CHECKSUM(frame))
587 		return false;
588 
589 	return true;
590 }
591 
port100_rx_frame_is_ack(struct port100_ack_frame * frame)592 static bool port100_rx_frame_is_ack(struct port100_ack_frame *frame)
593 {
594 	return (frame->start_frame == cpu_to_be16(PORT100_FRAME_SOF) &&
595 		frame->ack_frame == cpu_to_be16(PORT100_FRAME_ACK));
596 }
597 
port100_rx_frame_size(void * frame)598 static inline int port100_rx_frame_size(void *frame)
599 {
600 	struct port100_frame *f = frame;
601 
602 	return sizeof(struct port100_frame) + le16_to_cpu(f->datalen) +
603 	       PORT100_FRAME_TAIL_LEN;
604 }
605 
port100_rx_frame_is_cmd_response(struct port100 * dev,void * frame)606 static bool port100_rx_frame_is_cmd_response(struct port100 *dev, void *frame)
607 {
608 	struct port100_frame *f = frame;
609 
610 	return (PORT100_FRAME_CMD(f) == PORT100_CMD_RESPONSE(dev->cmd->code));
611 }
612 
port100_recv_response(struct urb * urb)613 static void port100_recv_response(struct urb *urb)
614 {
615 	struct port100 *dev = urb->context;
616 	struct port100_cmd *cmd = dev->cmd;
617 	u8 *in_frame;
618 
619 	cmd->status = urb->status;
620 
621 	switch (urb->status) {
622 	case 0:
623 		break; /* success */
624 	case -ECONNRESET:
625 	case -ENOENT:
626 		nfc_err(&dev->interface->dev,
627 			"The urb has been canceled (status %d)\n", urb->status);
628 		goto sched_wq;
629 	case -ESHUTDOWN:
630 	default:
631 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
632 			urb->status);
633 		goto sched_wq;
634 	}
635 
636 	in_frame = dev->in_urb->transfer_buffer;
637 
638 	if (!port100_rx_frame_is_valid(in_frame)) {
639 		nfc_err(&dev->interface->dev, "Received an invalid frame\n");
640 		cmd->status = -EIO;
641 		goto sched_wq;
642 	}
643 
644 	print_hex_dump_debug("PORT100 RX: ", DUMP_PREFIX_NONE, 16, 1, in_frame,
645 			     port100_rx_frame_size(in_frame), false);
646 
647 	if (!port100_rx_frame_is_cmd_response(dev, in_frame)) {
648 		nfc_err(&dev->interface->dev,
649 			"It's not the response to the last command\n");
650 		cmd->status = -EIO;
651 		goto sched_wq;
652 	}
653 
654 sched_wq:
655 	schedule_work(&dev->cmd_complete_work);
656 }
657 
port100_submit_urb_for_response(struct port100 * dev,gfp_t flags)658 static int port100_submit_urb_for_response(struct port100 *dev, gfp_t flags)
659 {
660 	dev->in_urb->complete = port100_recv_response;
661 
662 	return usb_submit_urb(dev->in_urb, flags);
663 }
664 
port100_recv_ack(struct urb * urb)665 static void port100_recv_ack(struct urb *urb)
666 {
667 	struct port100 *dev = urb->context;
668 	struct port100_cmd *cmd = dev->cmd;
669 	struct port100_ack_frame *in_frame;
670 	int rc;
671 
672 	cmd->status = urb->status;
673 
674 	switch (urb->status) {
675 	case 0:
676 		break; /* success */
677 	case -ECONNRESET:
678 	case -ENOENT:
679 		nfc_err(&dev->interface->dev,
680 			"The urb has been stopped (status %d)\n", urb->status);
681 		goto sched_wq;
682 	case -ESHUTDOWN:
683 	default:
684 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
685 			urb->status);
686 		goto sched_wq;
687 	}
688 
689 	in_frame = dev->in_urb->transfer_buffer;
690 
691 	if (!port100_rx_frame_is_ack(in_frame)) {
692 		nfc_err(&dev->interface->dev, "Received an invalid ack\n");
693 		cmd->status = -EIO;
694 		goto sched_wq;
695 	}
696 
697 	rc = port100_submit_urb_for_response(dev, GFP_ATOMIC);
698 	if (rc) {
699 		nfc_err(&dev->interface->dev,
700 			"usb_submit_urb failed with result %d\n", rc);
701 		cmd->status = rc;
702 		goto sched_wq;
703 	}
704 
705 	return;
706 
707 sched_wq:
708 	schedule_work(&dev->cmd_complete_work);
709 }
710 
port100_submit_urb_for_ack(struct port100 * dev,gfp_t flags)711 static int port100_submit_urb_for_ack(struct port100 *dev, gfp_t flags)
712 {
713 	dev->in_urb->complete = port100_recv_ack;
714 
715 	return usb_submit_urb(dev->in_urb, flags);
716 }
717 
port100_send_ack(struct port100 * dev)718 static int port100_send_ack(struct port100 *dev)
719 {
720 	int rc = 0;
721 
722 	mutex_lock(&dev->out_urb_lock);
723 
724 	/*
725 	 * If prior cancel is in-flight (dev->cmd_cancel == true), we
726 	 * can skip to send cancel. Then this will wait the prior
727 	 * cancel, or merged into the next cancel rarely if next
728 	 * cancel was started before waiting done. In any case, this
729 	 * will be waked up soon or later.
730 	 */
731 	if (!dev->cmd_cancel) {
732 		reinit_completion(&dev->cmd_cancel_done);
733 
734 		usb_kill_urb(dev->out_urb);
735 
736 		dev->out_urb->transfer_buffer = ack_frame;
737 		dev->out_urb->transfer_buffer_length = sizeof(ack_frame);
738 		rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
739 
740 		/*
741 		 * Set the cmd_cancel flag only if the URB has been
742 		 * successfully submitted. It will be reset by the out
743 		 * URB completion callback port100_send_complete().
744 		 */
745 		dev->cmd_cancel = !rc;
746 	}
747 
748 	mutex_unlock(&dev->out_urb_lock);
749 
750 	if (!rc)
751 		wait_for_completion(&dev->cmd_cancel_done);
752 
753 	return rc;
754 }
755 
port100_send_frame_async(struct port100 * dev,struct sk_buff * out,struct sk_buff * in,int in_len)756 static int port100_send_frame_async(struct port100 *dev, struct sk_buff *out,
757 				    struct sk_buff *in, int in_len)
758 {
759 	int rc;
760 
761 	mutex_lock(&dev->out_urb_lock);
762 
763 	/* A command cancel frame as been sent through dev->out_urb. Don't try
764 	 * to submit a new one.
765 	 */
766 	if (dev->cmd_cancel) {
767 		rc = -EAGAIN;
768 		goto exit;
769 	}
770 
771 	dev->out_urb->transfer_buffer = out->data;
772 	dev->out_urb->transfer_buffer_length = out->len;
773 
774 	dev->in_urb->transfer_buffer = in->data;
775 	dev->in_urb->transfer_buffer_length = in_len;
776 
777 	print_hex_dump_debug("PORT100 TX: ", DUMP_PREFIX_NONE, 16, 1,
778 			     out->data, out->len, false);
779 
780 	rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
781 	if (rc)
782 		goto exit;
783 
784 	rc = port100_submit_urb_for_ack(dev, GFP_KERNEL);
785 	if (rc)
786 		usb_kill_urb(dev->out_urb);
787 
788 exit:
789 	mutex_unlock(&dev->out_urb_lock);
790 
791 	return rc;
792 }
793 
port100_build_cmd_frame(struct port100 * dev,u8 cmd_code,struct sk_buff * skb)794 static void port100_build_cmd_frame(struct port100 *dev, u8 cmd_code,
795 				    struct sk_buff *skb)
796 {
797 	/* payload is already there, just update datalen */
798 	int payload_len = skb->len;
799 
800 	skb_push(skb, PORT100_FRAME_HEADER_LEN);
801 	skb_put(skb, PORT100_FRAME_TAIL_LEN);
802 
803 	port100_tx_frame_init(skb->data, cmd_code);
804 	port100_tx_update_payload_len(skb->data, payload_len);
805 	port100_tx_frame_finish(skb->data);
806 }
807 
port100_send_async_complete(struct port100 * dev)808 static void port100_send_async_complete(struct port100 *dev)
809 {
810 	struct port100_cmd *cmd = dev->cmd;
811 	int status = cmd->status;
812 
813 	struct sk_buff *req = cmd->req;
814 	struct sk_buff *resp = cmd->resp;
815 
816 	dev_kfree_skb(req);
817 
818 	dev->cmd = NULL;
819 
820 	if (status < 0) {
821 		cmd->complete_cb(dev, cmd->complete_cb_context,
822 				 ERR_PTR(status));
823 		dev_kfree_skb(resp);
824 		goto done;
825 	}
826 
827 	skb_put(resp, port100_rx_frame_size(resp->data));
828 	skb_pull(resp, PORT100_FRAME_HEADER_LEN);
829 	skb_trim(resp, resp->len - PORT100_FRAME_TAIL_LEN);
830 
831 	cmd->complete_cb(dev, cmd->complete_cb_context, resp);
832 
833 done:
834 	kfree(cmd);
835 }
836 
port100_send_cmd_async(struct port100 * dev,u8 cmd_code,struct sk_buff * req,port100_send_async_complete_t complete_cb,void * complete_cb_context)837 static int port100_send_cmd_async(struct port100 *dev, u8 cmd_code,
838 				struct sk_buff *req,
839 				port100_send_async_complete_t complete_cb,
840 				void *complete_cb_context)
841 {
842 	struct port100_cmd *cmd;
843 	struct sk_buff *resp;
844 	int rc;
845 	int  resp_len = PORT100_FRAME_HEADER_LEN +
846 			PORT100_FRAME_MAX_PAYLOAD_LEN +
847 			PORT100_FRAME_TAIL_LEN;
848 
849 	if (dev->cmd) {
850 		nfc_err(&dev->interface->dev,
851 			"A command is still in process\n");
852 		return -EBUSY;
853 	}
854 
855 	resp = alloc_skb(resp_len, GFP_KERNEL);
856 	if (!resp)
857 		return -ENOMEM;
858 
859 	cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
860 	if (!cmd) {
861 		dev_kfree_skb(resp);
862 		return -ENOMEM;
863 	}
864 
865 	cmd->code = cmd_code;
866 	cmd->req = req;
867 	cmd->resp = resp;
868 	cmd->resp_len = resp_len;
869 	cmd->complete_cb = complete_cb;
870 	cmd->complete_cb_context = complete_cb_context;
871 
872 	port100_build_cmd_frame(dev, cmd_code, req);
873 
874 	dev->cmd = cmd;
875 
876 	rc = port100_send_frame_async(dev, req, resp, resp_len);
877 	if (rc) {
878 		kfree(cmd);
879 		dev_kfree_skb(resp);
880 		dev->cmd = NULL;
881 	}
882 
883 	return rc;
884 }
885 
886 struct port100_sync_cmd_response {
887 	struct sk_buff *resp;
888 	struct completion done;
889 };
890 
port100_wq_cmd_complete(struct work_struct * work)891 static void port100_wq_cmd_complete(struct work_struct *work)
892 {
893 	struct port100 *dev = container_of(work, struct port100,
894 					   cmd_complete_work);
895 
896 	port100_send_async_complete(dev);
897 }
898 
port100_send_sync_complete(struct port100 * dev,void * _arg,struct sk_buff * resp)899 static void port100_send_sync_complete(struct port100 *dev, void *_arg,
900 				      struct sk_buff *resp)
901 {
902 	struct port100_sync_cmd_response *arg = _arg;
903 
904 	arg->resp = resp;
905 	complete(&arg->done);
906 }
907 
port100_send_cmd_sync(struct port100 * dev,u8 cmd_code,struct sk_buff * req)908 static struct sk_buff *port100_send_cmd_sync(struct port100 *dev, u8 cmd_code,
909 					     struct sk_buff *req)
910 {
911 	int rc;
912 	struct port100_sync_cmd_response arg;
913 
914 	init_completion(&arg.done);
915 
916 	rc = port100_send_cmd_async(dev, cmd_code, req,
917 				    port100_send_sync_complete, &arg);
918 	if (rc) {
919 		dev_kfree_skb(req);
920 		return ERR_PTR(rc);
921 	}
922 
923 	wait_for_completion(&arg.done);
924 
925 	return arg.resp;
926 }
927 
port100_send_complete(struct urb * urb)928 static void port100_send_complete(struct urb *urb)
929 {
930 	struct port100 *dev = urb->context;
931 
932 	if (dev->cmd_cancel) {
933 		complete_all(&dev->cmd_cancel_done);
934 		dev->cmd_cancel = false;
935 	}
936 
937 	switch (urb->status) {
938 	case 0:
939 		break; /* success */
940 	case -ECONNRESET:
941 	case -ENOENT:
942 		nfc_err(&dev->interface->dev,
943 			"The urb has been stopped (status %d)\n", urb->status);
944 		break;
945 	case -ESHUTDOWN:
946 	default:
947 		nfc_err(&dev->interface->dev, "Urb failure (status %d)\n",
948 			urb->status);
949 	}
950 }
951 
port100_abort_cmd(struct nfc_digital_dev * ddev)952 static void port100_abort_cmd(struct nfc_digital_dev *ddev)
953 {
954 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
955 
956 	/* An ack will cancel the last issued command */
957 	port100_send_ack(dev);
958 
959 	/* cancel the urb request */
960 	usb_kill_urb(dev->in_urb);
961 }
962 
port100_alloc_skb(struct port100 * dev,unsigned int size)963 static struct sk_buff *port100_alloc_skb(struct port100 *dev, unsigned int size)
964 {
965 	struct sk_buff *skb;
966 
967 	skb = alloc_skb(dev->skb_headroom + dev->skb_tailroom + size,
968 			GFP_KERNEL);
969 	if (skb)
970 		skb_reserve(skb, dev->skb_headroom);
971 
972 	return skb;
973 }
974 
port100_set_command_type(struct port100 * dev,u8 command_type)975 static int port100_set_command_type(struct port100 *dev, u8 command_type)
976 {
977 	struct sk_buff *skb;
978 	struct sk_buff *resp;
979 	int rc;
980 
981 	skb = port100_alloc_skb(dev, 1);
982 	if (!skb)
983 		return -ENOMEM;
984 
985 	skb_put_u8(skb, command_type);
986 
987 	resp = port100_send_cmd_sync(dev, PORT100_CMD_SET_COMMAND_TYPE, skb);
988 	if (IS_ERR(resp))
989 		return PTR_ERR(resp);
990 
991 	rc = resp->data[0];
992 
993 	dev_kfree_skb(resp);
994 
995 	return rc;
996 }
997 
port100_get_command_type_mask(struct port100 * dev)998 static u64 port100_get_command_type_mask(struct port100 *dev)
999 {
1000 	struct sk_buff *skb;
1001 	struct sk_buff *resp;
1002 	u64 mask;
1003 
1004 	skb = port100_alloc_skb(dev, 0);
1005 	if (!skb)
1006 		return -ENOMEM;
1007 
1008 	resp = port100_send_cmd_sync(dev, PORT100_CMD_GET_COMMAND_TYPE, skb);
1009 	if (IS_ERR(resp))
1010 		return PTR_ERR(resp);
1011 
1012 	if (resp->len < 8)
1013 		mask = 0;
1014 	else
1015 		mask = be64_to_cpu(*(__be64 *)resp->data);
1016 
1017 	dev_kfree_skb(resp);
1018 
1019 	return mask;
1020 }
1021 
port100_get_firmware_version(struct port100 * dev)1022 static u16 port100_get_firmware_version(struct port100 *dev)
1023 {
1024 	struct sk_buff *skb;
1025 	struct sk_buff *resp;
1026 	u16 fw_ver;
1027 
1028 	skb = port100_alloc_skb(dev, 0);
1029 	if (!skb)
1030 		return 0;
1031 
1032 	resp = port100_send_cmd_sync(dev, PORT100_CMD_GET_FIRMWARE_VERSION,
1033 				     skb);
1034 	if (IS_ERR(resp))
1035 		return 0;
1036 
1037 	fw_ver = le16_to_cpu(*(__le16 *)resp->data);
1038 
1039 	dev_kfree_skb(resp);
1040 
1041 	return fw_ver;
1042 }
1043 
port100_switch_rf(struct nfc_digital_dev * ddev,bool on)1044 static int port100_switch_rf(struct nfc_digital_dev *ddev, bool on)
1045 {
1046 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1047 	struct sk_buff *skb, *resp;
1048 
1049 	skb = port100_alloc_skb(dev, 1);
1050 	if (!skb)
1051 		return -ENOMEM;
1052 
1053 	skb_put_u8(skb, on ? 1 : 0);
1054 
1055 	/* Cancel the last command if the device is being switched off */
1056 	if (!on)
1057 		port100_abort_cmd(ddev);
1058 
1059 	resp = port100_send_cmd_sync(dev, PORT100_CMD_SWITCH_RF, skb);
1060 
1061 	if (IS_ERR(resp))
1062 		return PTR_ERR(resp);
1063 
1064 	dev_kfree_skb(resp);
1065 
1066 	return 0;
1067 }
1068 
port100_in_set_rf(struct nfc_digital_dev * ddev,u8 rf)1069 static int port100_in_set_rf(struct nfc_digital_dev *ddev, u8 rf)
1070 {
1071 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1072 	struct sk_buff *skb;
1073 	struct sk_buff *resp;
1074 	int rc;
1075 
1076 	if (rf >= NFC_DIGITAL_RF_TECH_LAST)
1077 		return -EINVAL;
1078 
1079 	skb = port100_alloc_skb(dev, sizeof(struct port100_in_rf_setting));
1080 	if (!skb)
1081 		return -ENOMEM;
1082 
1083 	skb_put_data(skb, &in_rf_settings[rf],
1084 		     sizeof(struct port100_in_rf_setting));
1085 
1086 	resp = port100_send_cmd_sync(dev, PORT100_CMD_IN_SET_RF, skb);
1087 
1088 	if (IS_ERR(resp))
1089 		return PTR_ERR(resp);
1090 
1091 	rc = resp->data[0];
1092 
1093 	dev_kfree_skb(resp);
1094 
1095 	return rc;
1096 }
1097 
port100_in_set_framing(struct nfc_digital_dev * ddev,int param)1098 static int port100_in_set_framing(struct nfc_digital_dev *ddev, int param)
1099 {
1100 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1101 	struct port100_protocol *protocols;
1102 	struct sk_buff *skb;
1103 	struct sk_buff *resp;
1104 	int num_protocols;
1105 	size_t size;
1106 	int rc;
1107 
1108 	if (param >= NFC_DIGITAL_FRAMING_LAST)
1109 		return -EINVAL;
1110 
1111 	protocols = in_protocols[param];
1112 
1113 	num_protocols = 0;
1114 	while (protocols[num_protocols].number != PORT100_IN_PROT_END)
1115 		num_protocols++;
1116 
1117 	if (!num_protocols)
1118 		return 0;
1119 
1120 	size = sizeof(struct port100_protocol) * num_protocols;
1121 
1122 	skb = port100_alloc_skb(dev, size);
1123 	if (!skb)
1124 		return -ENOMEM;
1125 
1126 	skb_put_data(skb, protocols, size);
1127 
1128 	resp = port100_send_cmd_sync(dev, PORT100_CMD_IN_SET_PROTOCOL, skb);
1129 
1130 	if (IS_ERR(resp))
1131 		return PTR_ERR(resp);
1132 
1133 	rc = resp->data[0];
1134 
1135 	dev_kfree_skb(resp);
1136 
1137 	return rc;
1138 }
1139 
port100_in_configure_hw(struct nfc_digital_dev * ddev,int type,int param)1140 static int port100_in_configure_hw(struct nfc_digital_dev *ddev, int type,
1141 				   int param)
1142 {
1143 	if (type == NFC_DIGITAL_CONFIG_RF_TECH)
1144 		return port100_in_set_rf(ddev, param);
1145 
1146 	if (type == NFC_DIGITAL_CONFIG_FRAMING)
1147 		return port100_in_set_framing(ddev, param);
1148 
1149 	return -EINVAL;
1150 }
1151 
port100_in_comm_rf_complete(struct port100 * dev,void * arg,struct sk_buff * resp)1152 static void port100_in_comm_rf_complete(struct port100 *dev, void *arg,
1153 				       struct sk_buff *resp)
1154 {
1155 	struct port100_cb_arg *cb_arg = arg;
1156 	nfc_digital_cmd_complete_t cb = cb_arg->complete_cb;
1157 	u32 status;
1158 	int rc;
1159 
1160 	if (IS_ERR(resp)) {
1161 		rc =  PTR_ERR(resp);
1162 		goto exit;
1163 	}
1164 
1165 	if (resp->len < 4) {
1166 		nfc_err(&dev->interface->dev,
1167 			"Invalid packet length received\n");
1168 		rc = -EIO;
1169 		goto error;
1170 	}
1171 
1172 	status = le32_to_cpu(*(__le32 *)resp->data);
1173 
1174 	skb_pull(resp, sizeof(u32));
1175 
1176 	if (status == PORT100_CMD_STATUS_TIMEOUT) {
1177 		rc = -ETIMEDOUT;
1178 		goto error;
1179 	}
1180 
1181 	if (status != PORT100_CMD_STATUS_OK) {
1182 		nfc_err(&dev->interface->dev,
1183 			"in_comm_rf failed with status 0x%08x\n", status);
1184 		rc = -EIO;
1185 		goto error;
1186 	}
1187 
1188 	/* Remove collision bits byte */
1189 	skb_pull(resp, 1);
1190 
1191 	goto exit;
1192 
1193 error:
1194 	kfree_skb(resp);
1195 	resp = ERR_PTR(rc);
1196 
1197 exit:
1198 	cb(dev->nfc_digital_dev, cb_arg->complete_arg, resp);
1199 
1200 	kfree(cb_arg);
1201 }
1202 
port100_in_send_cmd(struct nfc_digital_dev * ddev,struct sk_buff * skb,u16 _timeout,nfc_digital_cmd_complete_t cb,void * arg)1203 static int port100_in_send_cmd(struct nfc_digital_dev *ddev,
1204 			       struct sk_buff *skb, u16 _timeout,
1205 			       nfc_digital_cmd_complete_t cb, void *arg)
1206 {
1207 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1208 	struct port100_cb_arg *cb_arg;
1209 	__le16 timeout;
1210 
1211 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1212 	if (!cb_arg)
1213 		return -ENOMEM;
1214 
1215 	cb_arg->complete_cb = cb;
1216 	cb_arg->complete_arg = arg;
1217 
1218 	timeout = cpu_to_le16(_timeout * 10);
1219 
1220 	memcpy(skb_push(skb, sizeof(__le16)), &timeout, sizeof(__le16));
1221 
1222 	return port100_send_cmd_async(dev, PORT100_CMD_IN_COMM_RF, skb,
1223 				      port100_in_comm_rf_complete, cb_arg);
1224 }
1225 
port100_tg_set_rf(struct nfc_digital_dev * ddev,u8 rf)1226 static int port100_tg_set_rf(struct nfc_digital_dev *ddev, u8 rf)
1227 {
1228 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1229 	struct sk_buff *skb;
1230 	struct sk_buff *resp;
1231 	int rc;
1232 
1233 	if (rf >= NFC_DIGITAL_RF_TECH_LAST)
1234 		return -EINVAL;
1235 
1236 	skb = port100_alloc_skb(dev, sizeof(struct port100_tg_rf_setting));
1237 	if (!skb)
1238 		return -ENOMEM;
1239 
1240 	skb_put_data(skb, &tg_rf_settings[rf],
1241 		     sizeof(struct port100_tg_rf_setting));
1242 
1243 	resp = port100_send_cmd_sync(dev, PORT100_CMD_TG_SET_RF, skb);
1244 
1245 	if (IS_ERR(resp))
1246 		return PTR_ERR(resp);
1247 
1248 	rc = resp->data[0];
1249 
1250 	dev_kfree_skb(resp);
1251 
1252 	return rc;
1253 }
1254 
port100_tg_set_framing(struct nfc_digital_dev * ddev,int param)1255 static int port100_tg_set_framing(struct nfc_digital_dev *ddev, int param)
1256 {
1257 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1258 	struct port100_protocol *protocols;
1259 	struct sk_buff *skb;
1260 	struct sk_buff *resp;
1261 	int rc;
1262 	int num_protocols;
1263 	size_t size;
1264 
1265 	if (param >= NFC_DIGITAL_FRAMING_LAST)
1266 		return -EINVAL;
1267 
1268 	protocols = tg_protocols[param];
1269 
1270 	num_protocols = 0;
1271 	while (protocols[num_protocols].number != PORT100_TG_PROT_END)
1272 		num_protocols++;
1273 
1274 	if (!num_protocols)
1275 		return 0;
1276 
1277 	size = sizeof(struct port100_protocol) * num_protocols;
1278 
1279 	skb = port100_alloc_skb(dev, size);
1280 	if (!skb)
1281 		return -ENOMEM;
1282 
1283 	skb_put_data(skb, protocols, size);
1284 
1285 	resp = port100_send_cmd_sync(dev, PORT100_CMD_TG_SET_PROTOCOL, skb);
1286 
1287 	if (IS_ERR(resp))
1288 		return PTR_ERR(resp);
1289 
1290 	rc = resp->data[0];
1291 
1292 	dev_kfree_skb(resp);
1293 
1294 	return rc;
1295 }
1296 
port100_tg_configure_hw(struct nfc_digital_dev * ddev,int type,int param)1297 static int port100_tg_configure_hw(struct nfc_digital_dev *ddev, int type,
1298 				   int param)
1299 {
1300 	if (type == NFC_DIGITAL_CONFIG_RF_TECH)
1301 		return port100_tg_set_rf(ddev, param);
1302 
1303 	if (type == NFC_DIGITAL_CONFIG_FRAMING)
1304 		return port100_tg_set_framing(ddev, param);
1305 
1306 	return -EINVAL;
1307 }
1308 
port100_tg_target_activated(struct port100 * dev,u8 tgt_activated)1309 static bool port100_tg_target_activated(struct port100 *dev, u8 tgt_activated)
1310 {
1311 	u8 mask;
1312 
1313 	switch (dev->cmd_type) {
1314 	case PORT100_CMD_TYPE_0:
1315 		mask = PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK;
1316 		break;
1317 	case PORT100_CMD_TYPE_1:
1318 		mask = PORT100_MDAA_TGT_HAS_BEEN_ACTIVATED_MASK |
1319 		       PORT100_MDAA_TGT_WAS_ACTIVATED_MASK;
1320 		break;
1321 	default:
1322 		nfc_err(&dev->interface->dev, "Unknown command type\n");
1323 		return false;
1324 	}
1325 
1326 	return ((tgt_activated & mask) == mask);
1327 }
1328 
port100_tg_comm_rf_complete(struct port100 * dev,void * arg,struct sk_buff * resp)1329 static void port100_tg_comm_rf_complete(struct port100 *dev, void *arg,
1330 					struct sk_buff *resp)
1331 {
1332 	u32 status;
1333 	struct port100_cb_arg *cb_arg = arg;
1334 	nfc_digital_cmd_complete_t cb = cb_arg->complete_cb;
1335 	struct port100_tg_comm_rf_res *hdr;
1336 
1337 	if (IS_ERR(resp))
1338 		goto exit;
1339 
1340 	hdr = (struct port100_tg_comm_rf_res *)resp->data;
1341 
1342 	status = le32_to_cpu(hdr->status);
1343 
1344 	if (cb_arg->mdaa &&
1345 	    !port100_tg_target_activated(dev, hdr->target_activated)) {
1346 		kfree_skb(resp);
1347 		resp = ERR_PTR(-ETIMEDOUT);
1348 
1349 		goto exit;
1350 	}
1351 
1352 	skb_pull(resp, sizeof(struct port100_tg_comm_rf_res));
1353 
1354 	if (status != PORT100_CMD_STATUS_OK) {
1355 		kfree_skb(resp);
1356 
1357 		if (status == PORT100_CMD_STATUS_TIMEOUT)
1358 			resp = ERR_PTR(-ETIMEDOUT);
1359 		else
1360 			resp = ERR_PTR(-EIO);
1361 	}
1362 
1363 exit:
1364 	cb(dev->nfc_digital_dev, cb_arg->complete_arg, resp);
1365 
1366 	kfree(cb_arg);
1367 }
1368 
port100_tg_send_cmd(struct nfc_digital_dev * ddev,struct sk_buff * skb,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1369 static int port100_tg_send_cmd(struct nfc_digital_dev *ddev,
1370 			       struct sk_buff *skb, u16 timeout,
1371 			       nfc_digital_cmd_complete_t cb, void *arg)
1372 {
1373 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1374 	struct port100_tg_comm_rf_cmd *hdr;
1375 	struct port100_cb_arg *cb_arg;
1376 
1377 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1378 	if (!cb_arg)
1379 		return -ENOMEM;
1380 
1381 	cb_arg->complete_cb = cb;
1382 	cb_arg->complete_arg = arg;
1383 
1384 	skb_push(skb, sizeof(struct port100_tg_comm_rf_cmd));
1385 
1386 	hdr = (struct port100_tg_comm_rf_cmd *)skb->data;
1387 
1388 	memset(hdr, 0, sizeof(struct port100_tg_comm_rf_cmd));
1389 	hdr->guard_time = cpu_to_le16(500);
1390 	hdr->send_timeout = cpu_to_le16(0xFFFF);
1391 	hdr->recv_timeout = cpu_to_le16(timeout);
1392 
1393 	return port100_send_cmd_async(dev, PORT100_CMD_TG_COMM_RF, skb,
1394 				      port100_tg_comm_rf_complete, cb_arg);
1395 }
1396 
port100_listen_mdaa(struct nfc_digital_dev * ddev,struct digital_tg_mdaa_params * params,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1397 static int port100_listen_mdaa(struct nfc_digital_dev *ddev,
1398 			       struct digital_tg_mdaa_params *params,
1399 			       u16 timeout,
1400 			       nfc_digital_cmd_complete_t cb, void *arg)
1401 {
1402 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1403 	struct port100_tg_comm_rf_cmd *hdr;
1404 	struct port100_cb_arg *cb_arg;
1405 	struct sk_buff *skb;
1406 	int rc;
1407 
1408 	rc = port100_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
1409 				     NFC_DIGITAL_RF_TECH_106A);
1410 	if (rc)
1411 		return rc;
1412 
1413 	rc = port100_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1414 				     NFC_DIGITAL_FRAMING_NFCA_NFC_DEP);
1415 	if (rc)
1416 		return rc;
1417 
1418 	cb_arg = kzalloc(sizeof(struct port100_cb_arg), GFP_KERNEL);
1419 	if (!cb_arg)
1420 		return -ENOMEM;
1421 
1422 	cb_arg->complete_cb = cb;
1423 	cb_arg->complete_arg = arg;
1424 	cb_arg->mdaa = 1;
1425 
1426 	skb = port100_alloc_skb(dev, 0);
1427 	if (!skb) {
1428 		kfree(cb_arg);
1429 		return -ENOMEM;
1430 	}
1431 
1432 	skb_push(skb, sizeof(struct port100_tg_comm_rf_cmd));
1433 	hdr = (struct port100_tg_comm_rf_cmd *)skb->data;
1434 
1435 	memset(hdr, 0, sizeof(struct port100_tg_comm_rf_cmd));
1436 
1437 	hdr->guard_time = 0;
1438 	hdr->send_timeout = cpu_to_le16(0xFFFF);
1439 	hdr->mdaa = 1;
1440 	hdr->nfca_param[0] = (params->sens_res >> 8) & 0xFF;
1441 	hdr->nfca_param[1] = params->sens_res & 0xFF;
1442 	memcpy(hdr->nfca_param + 2, params->nfcid1, 3);
1443 	hdr->nfca_param[5] = params->sel_res;
1444 	memcpy(hdr->nfcf_param, params->nfcid2, 8);
1445 	hdr->nfcf_param[16] = (params->sc >> 8) & 0xFF;
1446 	hdr->nfcf_param[17] = params->sc & 0xFF;
1447 	hdr->recv_timeout = cpu_to_le16(timeout);
1448 
1449 	return port100_send_cmd_async(dev, PORT100_CMD_TG_COMM_RF, skb,
1450 				      port100_tg_comm_rf_complete, cb_arg);
1451 }
1452 
port100_listen(struct nfc_digital_dev * ddev,u16 timeout,nfc_digital_cmd_complete_t cb,void * arg)1453 static int port100_listen(struct nfc_digital_dev *ddev, u16 timeout,
1454 			  nfc_digital_cmd_complete_t cb, void *arg)
1455 {
1456 	struct port100 *dev = nfc_digital_get_drvdata(ddev);
1457 	struct sk_buff *skb;
1458 
1459 	skb = port100_alloc_skb(dev, 0);
1460 	if (!skb)
1461 		return -ENOMEM;
1462 
1463 	return port100_tg_send_cmd(ddev, skb, timeout, cb, arg);
1464 }
1465 
1466 static struct nfc_digital_ops port100_digital_ops = {
1467 	.in_configure_hw = port100_in_configure_hw,
1468 	.in_send_cmd = port100_in_send_cmd,
1469 
1470 	.tg_listen_mdaa = port100_listen_mdaa,
1471 	.tg_listen = port100_listen,
1472 	.tg_configure_hw = port100_tg_configure_hw,
1473 	.tg_send_cmd = port100_tg_send_cmd,
1474 
1475 	.switch_rf = port100_switch_rf,
1476 	.abort_cmd = port100_abort_cmd,
1477 };
1478 
1479 static const struct usb_device_id port100_table[] = {
1480 	{ USB_DEVICE(SONY_VENDOR_ID, RCS380S_PRODUCT_ID), },
1481 	{ USB_DEVICE(SONY_VENDOR_ID, RCS380P_PRODUCT_ID), },
1482 	{ }
1483 };
1484 MODULE_DEVICE_TABLE(usb, port100_table);
1485 
port100_probe(struct usb_interface * interface,const struct usb_device_id * id)1486 static int port100_probe(struct usb_interface *interface,
1487 			 const struct usb_device_id *id)
1488 {
1489 	struct port100 *dev;
1490 	int rc;
1491 	struct usb_host_interface *iface_desc;
1492 	struct usb_endpoint_descriptor *endpoint;
1493 	int in_endpoint;
1494 	int out_endpoint;
1495 	u16 fw_version;
1496 	u64 cmd_type_mask;
1497 	int i;
1498 
1499 	dev = devm_kzalloc(&interface->dev, sizeof(struct port100), GFP_KERNEL);
1500 	if (!dev)
1501 		return -ENOMEM;
1502 
1503 	mutex_init(&dev->out_urb_lock);
1504 	dev->udev = usb_get_dev(interface_to_usbdev(interface));
1505 	dev->interface = interface;
1506 	usb_set_intfdata(interface, dev);
1507 
1508 	in_endpoint = out_endpoint = 0;
1509 	iface_desc = interface->cur_altsetting;
1510 	for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
1511 		endpoint = &iface_desc->endpoint[i].desc;
1512 
1513 		if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint))
1514 			in_endpoint = endpoint->bEndpointAddress;
1515 
1516 		if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint))
1517 			out_endpoint = endpoint->bEndpointAddress;
1518 	}
1519 
1520 	if (!in_endpoint || !out_endpoint) {
1521 		nfc_err(&interface->dev,
1522 			"Could not find bulk-in or bulk-out endpoint\n");
1523 		rc = -ENODEV;
1524 		goto error;
1525 	}
1526 
1527 	dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
1528 	dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
1529 
1530 	if (!dev->in_urb || !dev->out_urb) {
1531 		nfc_err(&interface->dev, "Could not allocate USB URBs\n");
1532 		rc = -ENOMEM;
1533 		goto error;
1534 	}
1535 
1536 	usb_fill_bulk_urb(dev->in_urb, dev->udev,
1537 			  usb_rcvbulkpipe(dev->udev, in_endpoint),
1538 			  NULL, 0, NULL, dev);
1539 	usb_fill_bulk_urb(dev->out_urb, dev->udev,
1540 			  usb_sndbulkpipe(dev->udev, out_endpoint),
1541 			  NULL, 0, port100_send_complete, dev);
1542 	dev->out_urb->transfer_flags = URB_ZERO_PACKET;
1543 
1544 	dev->skb_headroom = PORT100_FRAME_HEADER_LEN +
1545 			    PORT100_COMM_RF_HEAD_MAX_LEN;
1546 	dev->skb_tailroom = PORT100_FRAME_TAIL_LEN;
1547 
1548 	init_completion(&dev->cmd_cancel_done);
1549 	INIT_WORK(&dev->cmd_complete_work, port100_wq_cmd_complete);
1550 
1551 	/* The first thing to do with the Port-100 is to set the command type
1552 	 * to be used. If supported we use command type 1. 0 otherwise.
1553 	 */
1554 	cmd_type_mask = port100_get_command_type_mask(dev);
1555 	if (!cmd_type_mask) {
1556 		nfc_err(&interface->dev,
1557 			"Could not get supported command types\n");
1558 		rc = -ENODEV;
1559 		goto error;
1560 	}
1561 
1562 	if (PORT100_CMD_TYPE_IS_SUPPORTED(cmd_type_mask, PORT100_CMD_TYPE_1))
1563 		dev->cmd_type = PORT100_CMD_TYPE_1;
1564 	else
1565 		dev->cmd_type = PORT100_CMD_TYPE_0;
1566 
1567 	rc = port100_set_command_type(dev, dev->cmd_type);
1568 	if (rc) {
1569 		nfc_err(&interface->dev,
1570 			"The device does not support command type %u\n",
1571 			dev->cmd_type);
1572 		goto error;
1573 	}
1574 
1575 	fw_version = port100_get_firmware_version(dev);
1576 	if (!fw_version)
1577 		nfc_err(&interface->dev,
1578 			"Could not get device firmware version\n");
1579 
1580 	nfc_info(&interface->dev,
1581 		 "Sony NFC Port-100 Series attached (firmware v%x.%02x)\n",
1582 		 (fw_version & 0xFF00) >> 8, fw_version & 0xFF);
1583 
1584 	dev->nfc_digital_dev = nfc_digital_allocate_device(&port100_digital_ops,
1585 							   PORT100_PROTOCOLS,
1586 							   PORT100_CAPABILITIES,
1587 							   dev->skb_headroom,
1588 							   dev->skb_tailroom);
1589 	if (!dev->nfc_digital_dev) {
1590 		nfc_err(&interface->dev,
1591 			"Could not allocate nfc_digital_dev\n");
1592 		rc = -ENOMEM;
1593 		goto error;
1594 	}
1595 
1596 	nfc_digital_set_parent_dev(dev->nfc_digital_dev, &interface->dev);
1597 	nfc_digital_set_drvdata(dev->nfc_digital_dev, dev);
1598 
1599 	rc = nfc_digital_register_device(dev->nfc_digital_dev);
1600 	if (rc) {
1601 		nfc_err(&interface->dev,
1602 			"Could not register digital device\n");
1603 		goto free_nfc_dev;
1604 	}
1605 
1606 	return 0;
1607 
1608 free_nfc_dev:
1609 	nfc_digital_free_device(dev->nfc_digital_dev);
1610 
1611 error:
1612 	usb_free_urb(dev->in_urb);
1613 	usb_free_urb(dev->out_urb);
1614 	usb_put_dev(dev->udev);
1615 
1616 	return rc;
1617 }
1618 
port100_disconnect(struct usb_interface * interface)1619 static void port100_disconnect(struct usb_interface *interface)
1620 {
1621 	struct port100 *dev;
1622 
1623 	dev = usb_get_intfdata(interface);
1624 	usb_set_intfdata(interface, NULL);
1625 
1626 	nfc_digital_unregister_device(dev->nfc_digital_dev);
1627 	nfc_digital_free_device(dev->nfc_digital_dev);
1628 
1629 	usb_kill_urb(dev->in_urb);
1630 	usb_kill_urb(dev->out_urb);
1631 
1632 	usb_free_urb(dev->in_urb);
1633 	usb_free_urb(dev->out_urb);
1634 	usb_put_dev(dev->udev);
1635 
1636 	kfree(dev->cmd);
1637 
1638 	nfc_info(&interface->dev, "Sony Port-100 NFC device disconnected\n");
1639 }
1640 
1641 static struct usb_driver port100_driver = {
1642 	.name =		"port100",
1643 	.probe =	port100_probe,
1644 	.disconnect =	port100_disconnect,
1645 	.id_table =	port100_table,
1646 };
1647 
1648 module_usb_driver(port100_driver);
1649 
1650 MODULE_DESCRIPTION("NFC Port-100 series usb driver ver " VERSION);
1651 MODULE_VERSION(VERSION);
1652 MODULE_LICENSE("GPL");
1653