diff --git a/drivers/nfc/Kconfig b/drivers/nfc/Kconfig index ea8321a483f95a2f329255a55aeb4f6ecc4ba7bf..9d2369269abf141e9d993a50568637d7c4225e45 100644 --- a/drivers/nfc/Kconfig +++ b/drivers/nfc/Kconfig @@ -40,6 +40,7 @@ config NFC_MEI_PHY config NFC_SIM tristate "NFC hardware simulator driver" + depends on NFC_DIGITAL help This driver declares two virtual NFC devices supporting NFC-DEP protocol. An LLCP connection can be established between them and diff --git a/drivers/nfc/fdp/fdp.c b/drivers/nfc/fdp/fdp.c index e44a7a2f4061a10a6838dded77c0ecc999abe82a..7c1eaea3b68546dccbee989786a8f563932485e0 100644 --- a/drivers/nfc/fdp/fdp.c +++ b/drivers/nfc/fdp/fdp.c @@ -345,7 +345,7 @@ static void fdp_nci_release_firmware(struct nci_dev *ndev) if (info->ram_patch) { release_firmware(info->ram_patch); - info->otp_patch = NULL; + info->ram_patch = NULL; } } @@ -353,7 +353,7 @@ static int fdp_nci_patch_otp(struct nci_dev *ndev) { struct fdp_nci_info *info = nci_get_drvdata(ndev); struct device *dev = &info->phy->i2c_dev->dev; - u8 conn_id; + int conn_id; int r = 0; if (info->otp_version >= info->otp_patch_version) @@ -424,7 +424,7 @@ static int fdp_nci_patch_ram(struct nci_dev *ndev) { struct fdp_nci_info *info = nci_get_drvdata(ndev); struct device *dev = &info->phy->i2c_dev->dev; - u8 conn_id; + int conn_id; int r = 0; if (info->ram_version >= info->ram_patch_version) diff --git a/drivers/nfc/nfcsim.c b/drivers/nfc/nfcsim.c index 93aaca5868580dc2430b4dfdac10c937ce703721..a466e79784668ef44955aad0d2b61cc9e1a5b3b6 100644 --- a/drivers/nfc/nfcsim.c +++ b/drivers/nfc/nfcsim.c @@ -16,525 +16,492 @@ #include #include #include +#include +#include #include #include +#include -#define DEV_ERR(_dev, fmt, args...) nfc_err(&_dev->nfc_dev->dev, \ - "%s: " fmt, __func__, ## args) +#define NFCSIM_ERR(d, fmt, args...) nfc_err(&d->nfc_digital_dev->nfc_dev->dev, \ + "%s: " fmt, __func__, ## args) -#define DEV_DBG(_dev, fmt, args...) dev_dbg(&_dev->nfc_dev->dev, \ - "%s: " fmt, __func__, ## args) +#define NFCSIM_DBG(d, fmt, args...) dev_dbg(&d->nfc_digital_dev->nfc_dev->dev, \ + "%s: " fmt, __func__, ## args) -#define NFCSIM_VERSION "0.1" +#define NFCSIM_VERSION "0.2" -#define NFCSIM_POLL_NONE 0 -#define NFCSIM_POLL_INITIATOR 1 -#define NFCSIM_POLL_TARGET 2 -#define NFCSIM_POLL_DUAL (NFCSIM_POLL_INITIATOR | NFCSIM_POLL_TARGET) +#define NFCSIM_MODE_NONE 0 +#define NFCSIM_MODE_INITIATOR 1 +#define NFCSIM_MODE_TARGET 2 -#define RX_DEFAULT_DELAY 5 +#define NFCSIM_CAPABILITIES (NFC_DIGITAL_DRV_CAPS_IN_CRC | \ + NFC_DIGITAL_DRV_CAPS_TG_CRC) struct nfcsim { - struct nfc_dev *nfc_dev; + struct nfc_digital_dev *nfc_digital_dev; - struct mutex lock; + struct work_struct recv_work; + struct delayed_work send_work; - struct delayed_work recv_work; + struct nfcsim_link *link_in; + struct nfcsim_link *link_out; - struct sk_buff *clone_skb; + bool up; + u8 mode; + u8 rf_tech; - struct delayed_work poll_work; - u8 polling_mode; - u8 curr_polling_mode; + u16 recv_timeout; - u8 shutting_down; + nfc_digital_cmd_complete_t cb; + void *arg; - u8 up; + u8 dropframe; +}; - u8 initiator; +struct nfcsim_link { + struct mutex lock; - u32 rx_delay; + u8 rf_tech; + u8 mode; - data_exchange_cb_t cb; - void *cb_context; + u8 shutdown; - struct nfcsim *peer_dev; + struct sk_buff *skb; + wait_queue_head_t recv_wait; + u8 cond; }; -static struct nfcsim *dev0; -static struct nfcsim *dev1; - -static struct workqueue_struct *wq; - -static void nfcsim_cleanup_dev(struct nfcsim *dev, u8 shutdown) +static struct nfcsim_link *nfcsim_link_new(void) { - DEV_DBG(dev, "shutdown=%d\n", shutdown); + struct nfcsim_link *link; - mutex_lock(&dev->lock); + link = kzalloc(sizeof(struct nfcsim_link), GFP_KERNEL); + if (!link) + return NULL; - dev->polling_mode = NFCSIM_POLL_NONE; - dev->shutting_down = shutdown; - dev->cb = NULL; - dev_kfree_skb(dev->clone_skb); - dev->clone_skb = NULL; + mutex_init(&link->lock); + init_waitqueue_head(&link->recv_wait); - mutex_unlock(&dev->lock); - - cancel_delayed_work_sync(&dev->poll_work); - cancel_delayed_work_sync(&dev->recv_work); + return link; } -static int nfcsim_target_found(struct nfcsim *dev) +static void nfcsim_link_free(struct nfcsim_link *link) { - struct nfc_target nfc_tgt; + dev_kfree_skb(link->skb); + kfree(link); +} - DEV_DBG(dev, "\n"); +static void nfcsim_link_recv_wake(struct nfcsim_link *link) +{ + link->cond = 1; + wake_up_interruptible(&link->recv_wait); +} - memset(&nfc_tgt, 0, sizeof(struct nfc_target)); +static void nfcsim_link_set_skb(struct nfcsim_link *link, struct sk_buff *skb, + u8 rf_tech, u8 mode) +{ + mutex_lock(&link->lock); - nfc_tgt.supported_protocols = NFC_PROTO_NFC_DEP_MASK; - nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1); + dev_kfree_skb(link->skb); + link->skb = skb; + link->rf_tech = rf_tech; + link->mode = mode; - return 0; + mutex_unlock(&link->lock); } -static int nfcsim_dev_up(struct nfc_dev *nfc_dev) +static void nfcsim_link_recv_cancel(struct nfcsim_link *link) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); + mutex_lock(&link->lock); - DEV_DBG(dev, "\n"); + link->mode = NFCSIM_MODE_NONE; - mutex_lock(&dev->lock); + mutex_unlock(&link->lock); - dev->up = 1; - - mutex_unlock(&dev->lock); - - return 0; + nfcsim_link_recv_wake(link); } -static int nfcsim_dev_down(struct nfc_dev *nfc_dev) +static void nfcsim_link_shutdown(struct nfcsim_link *link) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); - - DEV_DBG(dev, "\n"); + mutex_lock(&link->lock); - mutex_lock(&dev->lock); + link->shutdown = 1; + link->mode = NFCSIM_MODE_NONE; - dev->up = 0; + mutex_unlock(&link->lock); - mutex_unlock(&dev->lock); - - return 0; + nfcsim_link_recv_wake(link); } -static int nfcsim_dep_link_up(struct nfc_dev *nfc_dev, - struct nfc_target *target, - u8 comm_mode, u8 *gb, size_t gb_len) +static struct sk_buff *nfcsim_link_recv_skb(struct nfcsim_link *link, + int timeout, u8 rf_tech, u8 mode) { int rc; - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); - struct nfcsim *peer = dev->peer_dev; - u8 *remote_gb; - size_t remote_gb_len; + struct sk_buff *skb; - DEV_DBG(dev, "target_idx: %d, comm_mode: %d\n", target->idx, comm_mode); + rc = wait_event_interruptible_timeout(link->recv_wait, + link->cond, + msecs_to_jiffies(timeout)); - mutex_lock(&peer->lock); + mutex_lock(&link->lock); - nfc_tm_activated(peer->nfc_dev, NFC_PROTO_NFC_DEP_MASK, - NFC_COMM_ACTIVE, gb, gb_len); + skb = link->skb; + link->skb = NULL; - remote_gb = nfc_get_local_general_bytes(peer->nfc_dev, &remote_gb_len); - if (!remote_gb) { - DEV_ERR(peer, "Can't get remote general bytes\n"); + if (!rc) { + rc = -ETIMEDOUT; + goto done; + } - mutex_unlock(&peer->lock); - return -EINVAL; + if (!skb || link->rf_tech != rf_tech || link->mode == mode) { + rc = -EINVAL; + goto done; } - mutex_unlock(&peer->lock); + if (link->shutdown) { + rc = -ENODEV; + goto done; + } - mutex_lock(&dev->lock); +done: + mutex_unlock(&link->lock); - rc = nfc_set_remote_general_bytes(nfc_dev, remote_gb, remote_gb_len); - if (rc) { - DEV_ERR(dev, "Can't set remote general bytes\n"); - mutex_unlock(&dev->lock); - return rc; + if (rc < 0) { + dev_kfree_skb(skb); + skb = ERR_PTR(rc); } - rc = nfc_dep_link_is_up(nfc_dev, target->idx, NFC_COMM_ACTIVE, - NFC_RF_INITIATOR); - - mutex_unlock(&dev->lock); + link->cond = 0; - return rc; + return skb; } -static int nfcsim_dep_link_down(struct nfc_dev *nfc_dev) +static void nfcsim_send_wq(struct work_struct *work) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); + struct nfcsim *dev = container_of(work, struct nfcsim, send_work.work); - DEV_DBG(dev, "\n"); - - nfcsim_cleanup_dev(dev, 0); - - return 0; + /* + * To effectively send data, the device just wake up its link_out which + * is the link_in of the peer device. The exchanged skb has already been + * stored in the dev->link_out through nfcsim_link_set_skb(). + */ + nfcsim_link_recv_wake(dev->link_out); } -static int nfcsim_start_poll(struct nfc_dev *nfc_dev, - u32 im_protocols, u32 tm_protocols) +static void nfcsim_recv_wq(struct work_struct *work) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); - int rc; - - mutex_lock(&dev->lock); + struct nfcsim *dev = container_of(work, struct nfcsim, recv_work); + struct sk_buff *skb; - if (dev->polling_mode != NFCSIM_POLL_NONE) { - DEV_ERR(dev, "Already in polling mode\n"); - rc = -EBUSY; - goto exit; - } + skb = nfcsim_link_recv_skb(dev->link_in, dev->recv_timeout, + dev->rf_tech, dev->mode); - if (im_protocols & NFC_PROTO_NFC_DEP_MASK) - dev->polling_mode |= NFCSIM_POLL_INITIATOR; + if (!dev->up) { + NFCSIM_ERR(dev, "Device is down\n"); - if (tm_protocols & NFC_PROTO_NFC_DEP_MASK) - dev->polling_mode |= NFCSIM_POLL_TARGET; + if (!IS_ERR(skb)) + dev_kfree_skb(skb); - if (dev->polling_mode == NFCSIM_POLL_NONE) { - DEV_ERR(dev, "Unsupported polling mode\n"); - rc = -EINVAL; - goto exit; + skb = ERR_PTR(-ENODEV); } - dev->initiator = 0; - dev->curr_polling_mode = NFCSIM_POLL_NONE; + dev->cb(dev->nfc_digital_dev, dev->arg, skb); +} - queue_delayed_work(wq, &dev->poll_work, 0); +static int nfcsim_send(struct nfc_digital_dev *ddev, struct sk_buff *skb, + u16 timeout, nfc_digital_cmd_complete_t cb, void *arg) +{ + struct nfcsim *dev = nfc_digital_get_drvdata(ddev); + u8 delay; - DEV_DBG(dev, "Start polling: im: 0x%X, tm: 0x%X\n", im_protocols, - tm_protocols); + if (!dev->up) { + NFCSIM_ERR(dev, "Device is down\n"); + return -ENODEV; + } - rc = 0; -exit: - mutex_unlock(&dev->lock); + dev->recv_timeout = timeout; + dev->cb = cb; + dev->arg = arg; - return rc; -} + schedule_work(&dev->recv_work); -static void nfcsim_stop_poll(struct nfc_dev *nfc_dev) -{ - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); + if (dev->dropframe) { + NFCSIM_DBG(dev, "dropping frame (out of %d)\n", dev->dropframe); + dev_kfree_skb(skb); + dev->dropframe--; - DEV_DBG(dev, "Stop poll\n"); + return 0; + } - mutex_lock(&dev->lock); + if (skb) { + nfcsim_link_set_skb(dev->link_out, skb, dev->rf_tech, + dev->mode); - dev->polling_mode = NFCSIM_POLL_NONE; + /* Add random delay (between 3 and 10 ms) before sending data */ + get_random_bytes(&delay, 1); + delay = 3 + (delay & 0x07); - mutex_unlock(&dev->lock); + schedule_delayed_work(&dev->send_work, msecs_to_jiffies(delay)); + } - cancel_delayed_work_sync(&dev->poll_work); + return 0; } -static int nfcsim_activate_target(struct nfc_dev *nfc_dev, - struct nfc_target *target, u32 protocol) +static void nfcsim_abort_cmd(struct nfc_digital_dev *ddev) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); - - DEV_DBG(dev, "\n"); + struct nfcsim *dev = nfc_digital_get_drvdata(ddev); - return -ENOTSUPP; + nfcsim_link_recv_cancel(dev->link_in); } -static void nfcsim_deactivate_target(struct nfc_dev *nfc_dev, - struct nfc_target *target, u8 mode) +static int nfcsim_switch_rf(struct nfc_digital_dev *ddev, bool on) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); + struct nfcsim *dev = nfc_digital_get_drvdata(ddev); + + dev->up = on; - DEV_DBG(dev, "\n"); + return 0; } -static void nfcsim_wq_recv(struct work_struct *work) +static int nfcsim_in_configure_hw(struct nfc_digital_dev *ddev, + int type, int param) { - struct nfcsim *dev = container_of(work, struct nfcsim, - recv_work.work); + struct nfcsim *dev = nfc_digital_get_drvdata(ddev); - mutex_lock(&dev->lock); + switch (type) { + case NFC_DIGITAL_CONFIG_RF_TECH: + dev->up = true; + dev->mode = NFCSIM_MODE_INITIATOR; + dev->rf_tech = param; + break; - if (dev->shutting_down || !dev->up || !dev->clone_skb) { - dev_kfree_skb(dev->clone_skb); - goto exit; - } + case NFC_DIGITAL_CONFIG_FRAMING: + break; - if (dev->initiator) { - if (!dev->cb) { - DEV_ERR(dev, "Null recv callback\n"); - dev_kfree_skb(dev->clone_skb); - goto exit; - } - - dev->cb(dev->cb_context, dev->clone_skb, 0); - dev->cb = NULL; - } else { - nfc_tm_data_received(dev->nfc_dev, dev->clone_skb); + default: + NFCSIM_ERR(dev, "Invalid configuration type: %d\n", type); + return -EINVAL; } -exit: - dev->clone_skb = NULL; + return 0; +} - mutex_unlock(&dev->lock); +static int nfcsim_in_send_cmd(struct nfc_digital_dev *ddev, + struct sk_buff *skb, u16 timeout, + nfc_digital_cmd_complete_t cb, void *arg) +{ + return nfcsim_send(ddev, skb, timeout, cb, arg); } -static int nfcsim_tx(struct nfc_dev *nfc_dev, struct nfc_target *target, - struct sk_buff *skb, data_exchange_cb_t cb, - void *cb_context) +static int nfcsim_tg_configure_hw(struct nfc_digital_dev *ddev, + int type, int param) { - struct nfcsim *dev = nfc_get_drvdata(nfc_dev); - struct nfcsim *peer = dev->peer_dev; - int err; + struct nfcsim *dev = nfc_digital_get_drvdata(ddev); - mutex_lock(&dev->lock); + switch (type) { + case NFC_DIGITAL_CONFIG_RF_TECH: + dev->up = true; + dev->mode = NFCSIM_MODE_TARGET; + dev->rf_tech = param; + break; - if (dev->shutting_down || !dev->up) { - mutex_unlock(&dev->lock); - err = -ENODEV; - goto exit; + case NFC_DIGITAL_CONFIG_FRAMING: + break; + + default: + NFCSIM_ERR(dev, "Invalid configuration type: %d\n", type); + return -EINVAL; } - dev->cb = cb; - dev->cb_context = cb_context; + return 0; +} - mutex_unlock(&dev->lock); +static int nfcsim_tg_send_cmd(struct nfc_digital_dev *ddev, + struct sk_buff *skb, u16 timeout, + nfc_digital_cmd_complete_t cb, void *arg) +{ + return nfcsim_send(ddev, skb, timeout, cb, arg); +} - mutex_lock(&peer->lock); +static int nfcsim_tg_listen(struct nfc_digital_dev *ddev, u16 timeout, + nfc_digital_cmd_complete_t cb, void *arg) +{ + return nfcsim_send(ddev, NULL, timeout, cb, arg); +} - peer->clone_skb = skb_clone(skb, GFP_KERNEL); +static struct nfc_digital_ops nfcsim_digital_ops = { + .in_configure_hw = nfcsim_in_configure_hw, + .in_send_cmd = nfcsim_in_send_cmd, - if (!peer->clone_skb) { - DEV_ERR(dev, "skb_clone failed\n"); - mutex_unlock(&peer->lock); - err = -ENOMEM; - goto exit; - } + .tg_listen = nfcsim_tg_listen, + .tg_configure_hw = nfcsim_tg_configure_hw, + .tg_send_cmd = nfcsim_tg_send_cmd, - /* This simulates an arbitrary transmission delay between the 2 devices. - * If packet transmission occurs immediately between them, we have a - * non-stop flow of several tens of thousands SYMM packets per second - * and a burning cpu. - */ - queue_delayed_work(wq, &peer->recv_work, - msecs_to_jiffies(dev->rx_delay)); + .abort_cmd = nfcsim_abort_cmd, + .switch_rf = nfcsim_switch_rf, +}; + +static struct dentry *nfcsim_debugfs_root; - mutex_unlock(&peer->lock); +static void nfcsim_debugfs_init(void) +{ + nfcsim_debugfs_root = debugfs_create_dir("nfcsim", NULL); - err = 0; -exit: - dev_kfree_skb(skb); + if (!nfcsim_debugfs_root) + pr_err("Could not create debugfs entry\n"); - return err; } -static int nfcsim_im_transceive(struct nfc_dev *nfc_dev, - struct nfc_target *target, struct sk_buff *skb, - data_exchange_cb_t cb, void *cb_context) +static void nfcsim_debugfs_remove(void) { - return nfcsim_tx(nfc_dev, target, skb, cb, cb_context); + debugfs_remove_recursive(nfcsim_debugfs_root); } -static int nfcsim_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb) +static void nfcsim_debugfs_init_dev(struct nfcsim *dev) { - return nfcsim_tx(nfc_dev, NULL, skb, NULL, NULL); -} - -static struct nfc_ops nfcsim_nfc_ops = { - .dev_up = nfcsim_dev_up, - .dev_down = nfcsim_dev_down, - .dep_link_up = nfcsim_dep_link_up, - .dep_link_down = nfcsim_dep_link_down, - .start_poll = nfcsim_start_poll, - .stop_poll = nfcsim_stop_poll, - .activate_target = nfcsim_activate_target, - .deactivate_target = nfcsim_deactivate_target, - .im_transceive = nfcsim_im_transceive, - .tm_send = nfcsim_tm_send, -}; + struct dentry *dev_dir; + char devname[5]; /* nfcX\0 */ + u32 idx; + int n; -static void nfcsim_set_polling_mode(struct nfcsim *dev) -{ - if (dev->polling_mode == NFCSIM_POLL_NONE) { - dev->curr_polling_mode = NFCSIM_POLL_NONE; + if (!nfcsim_debugfs_root) { + NFCSIM_ERR(dev, "nfcsim debugfs not initialized\n"); return; } - if (dev->curr_polling_mode == NFCSIM_POLL_NONE) { - if (dev->polling_mode & NFCSIM_POLL_INITIATOR) - dev->curr_polling_mode = NFCSIM_POLL_INITIATOR; - else - dev->curr_polling_mode = NFCSIM_POLL_TARGET; - + idx = dev->nfc_digital_dev->nfc_dev->idx; + n = snprintf(devname, sizeof(devname), "nfc%d", idx); + if (n >= sizeof(devname)) { + NFCSIM_ERR(dev, "Could not compute dev name for dev %d\n", idx); return; } - if (dev->polling_mode == NFCSIM_POLL_DUAL) { - if (dev->curr_polling_mode == NFCSIM_POLL_TARGET) - dev->curr_polling_mode = NFCSIM_POLL_INITIATOR; - else - dev->curr_polling_mode = NFCSIM_POLL_TARGET; + dev_dir = debugfs_create_dir(devname, nfcsim_debugfs_root); + if (!dev_dir) { + NFCSIM_ERR(dev, "Could not create debugfs entries for nfc%d\n", + idx); + return; } + + debugfs_create_u8("dropframe", 0664, dev_dir, &dev->dropframe); } -static void nfcsim_wq_poll(struct work_struct *work) +static struct nfcsim *nfcsim_device_new(struct nfcsim_link *link_in, + struct nfcsim_link *link_out) { - struct nfcsim *dev = container_of(work, struct nfcsim, poll_work.work); - struct nfcsim *peer = dev->peer_dev; + struct nfcsim *dev; + int rc; - /* These work items run on an ordered workqueue and are therefore - * serialized. So we can take both mutexes without being dead locked. - */ - mutex_lock(&dev->lock); - mutex_lock(&peer->lock); + dev = kzalloc(sizeof(struct nfcsim), GFP_KERNEL); + if (!dev) + return ERR_PTR(-ENOMEM); - nfcsim_set_polling_mode(dev); + INIT_DELAYED_WORK(&dev->send_work, nfcsim_send_wq); + INIT_WORK(&dev->recv_work, nfcsim_recv_wq); - if (dev->curr_polling_mode == NFCSIM_POLL_NONE) { - DEV_DBG(dev, "Not polling\n"); - goto unlock; + dev->nfc_digital_dev = + nfc_digital_allocate_device(&nfcsim_digital_ops, + NFC_PROTO_NFC_DEP_MASK, + NFCSIM_CAPABILITIES, + 0, 0); + if (!dev->nfc_digital_dev) { + kfree(dev); + return ERR_PTR(-ENOMEM); } - DEV_DBG(dev, "Polling as %s", - dev->curr_polling_mode == NFCSIM_POLL_INITIATOR ? - "initiator\n" : "target\n"); + nfc_digital_set_drvdata(dev->nfc_digital_dev, dev); - if (dev->curr_polling_mode == NFCSIM_POLL_TARGET) - goto sched_work; + dev->link_in = link_in; + dev->link_out = link_out; - if (peer->curr_polling_mode == NFCSIM_POLL_TARGET) { - peer->polling_mode = NFCSIM_POLL_NONE; - dev->polling_mode = NFCSIM_POLL_NONE; - - dev->initiator = 1; - - nfcsim_target_found(dev); + rc = nfc_digital_register_device(dev->nfc_digital_dev); + if (rc) { + pr_err("Could not register digital device (%d)\n", rc); + nfc_digital_free_device(dev->nfc_digital_dev); + kfree(dev); - goto unlock; + return ERR_PTR(rc); } -sched_work: - /* This defines the delay for an initiator to check if the other device - * is polling in target mode. - * If the device starts in dual mode polling, it switches between - * initiator and target at every round. - * Because the wq is ordered and only 1 work item is executed at a time, - * we'll always have one device polling as initiator and the other as - * target at some point, even if both are started in dual mode. - */ - queue_delayed_work(wq, &dev->poll_work, msecs_to_jiffies(200)); + nfcsim_debugfs_init_dev(dev); -unlock: - mutex_unlock(&peer->lock); - mutex_unlock(&dev->lock); + return dev; } -static struct nfcsim *nfcsim_init_dev(void) +static void nfcsim_device_free(struct nfcsim *dev) { - struct nfcsim *dev; - int rc = -ENOMEM; + nfc_digital_unregister_device(dev->nfc_digital_dev); - dev = kzalloc(sizeof(*dev), GFP_KERNEL); - if (dev == NULL) - return ERR_PTR(-ENOMEM); + dev->up = false; - mutex_init(&dev->lock); + nfcsim_link_shutdown(dev->link_in); - INIT_DELAYED_WORK(&dev->recv_work, nfcsim_wq_recv); - INIT_DELAYED_WORK(&dev->poll_work, nfcsim_wq_poll); + cancel_delayed_work_sync(&dev->send_work); + cancel_work_sync(&dev->recv_work); - dev->nfc_dev = nfc_allocate_device(&nfcsim_nfc_ops, - NFC_PROTO_NFC_DEP_MASK, - 0, 0); - if (!dev->nfc_dev) - goto error; + nfc_digital_free_device(dev->nfc_digital_dev); - nfc_set_drvdata(dev->nfc_dev, dev); - - rc = nfc_register_device(dev->nfc_dev); - if (rc) - goto free_nfc_dev; - - dev->rx_delay = RX_DEFAULT_DELAY; - return dev; - -free_nfc_dev: - nfc_free_device(dev->nfc_dev); - -error: kfree(dev); - - return ERR_PTR(rc); } -static void nfcsim_free_device(struct nfcsim *dev) -{ - nfc_unregister_device(dev->nfc_dev); - - nfc_free_device(dev->nfc_dev); - - kfree(dev); -} +static struct nfcsim *dev0; +static struct nfcsim *dev1; static int __init nfcsim_init(void) { + struct nfcsim_link *link0, *link1; int rc; - /* We need an ordered wq to ensure that poll_work items are executed - * one at a time. - */ - wq = alloc_ordered_workqueue("nfcsim", 0); - if (!wq) { + link0 = nfcsim_link_new(); + link1 = nfcsim_link_new(); + if (!link0 || !link1) { rc = -ENOMEM; - goto exit; + goto exit_err; } - dev0 = nfcsim_init_dev(); + nfcsim_debugfs_init(); + + dev0 = nfcsim_device_new(link0, link1); if (IS_ERR(dev0)) { rc = PTR_ERR(dev0); - goto exit; + goto exit_err; } - dev1 = nfcsim_init_dev(); + dev1 = nfcsim_device_new(link1, link0); if (IS_ERR(dev1)) { - kfree(dev0); + nfcsim_device_free(dev0); rc = PTR_ERR(dev1); - goto exit; + goto exit_err; } - dev0->peer_dev = dev1; - dev1->peer_dev = dev0; + pr_info("nfcsim " NFCSIM_VERSION " initialized\n"); + + return 0; - pr_debug("NFCsim " NFCSIM_VERSION " initialized\n"); +exit_err: + pr_err("Failed to initialize nfcsim driver (%d)\n", rc); - rc = 0; -exit: - if (rc) - pr_err("Failed to initialize nfcsim driver (%d)\n", - rc); + nfcsim_link_free(link0); + nfcsim_link_free(link1); return rc; } static void __exit nfcsim_exit(void) { - nfcsim_cleanup_dev(dev0, 1); - nfcsim_cleanup_dev(dev1, 1); + struct nfcsim_link *link0, *link1; + + link0 = dev0->link_in; + link1 = dev0->link_out; + + nfcsim_device_free(dev0); + nfcsim_device_free(dev1); - nfcsim_free_device(dev0); - nfcsim_free_device(dev1); + nfcsim_link_free(link0); + nfcsim_link_free(link1); - destroy_workqueue(wq); + nfcsim_debugfs_remove(); } module_init(nfcsim_init); diff --git a/drivers/nfc/pn533/usb.c b/drivers/nfc/pn533/usb.c index 8ca060324b6aa9ef9a200e5b26b249f3e7e4003d..33ed78be2750455c34fd51d3b69611f177b52374 100644 --- a/drivers/nfc/pn533/usb.c +++ b/drivers/nfc/pn533/usb.c @@ -464,10 +464,8 @@ static int pn533_usb_probe(struct usb_interface *interface, return -ENOMEM; in_buf = kzalloc(in_buf_len, GFP_KERNEL); - if (!in_buf) { - rc = -ENOMEM; - goto out_free_phy; - } + if (!in_buf) + return -ENOMEM; phy->udev = usb_get_dev(interface_to_usbdev(interface)); phy->interface = interface; @@ -554,8 +552,7 @@ static int pn533_usb_probe(struct usb_interface *interface, usb_free_urb(phy->out_urb); usb_put_dev(phy->udev); kfree(in_buf); -out_free_phy: - kfree(phy); + return rc; } diff --git a/drivers/nfc/port100.c b/drivers/nfc/port100.c index 87d509996704039c3ac224dcb95bb4b096570542..2b2330b235e63a251755bcd23ae4e066cd4aa7db 100644 --- a/drivers/nfc/port100.c +++ b/drivers/nfc/port100.c @@ -343,7 +343,26 @@ in_protocols[][PORT100_IN_MAX_NUM_PROTOCOLS + 1] = { }, [NFC_DIGITAL_FRAMING_NFCF_NFC_DEP] = { /* nfc_digital_framing_nfcf */ - { PORT100_IN_PROT_END, 0 }, + { PORT100_IN_PROT_INITIAL_GUARD_TIME, 18 }, + { PORT100_IN_PROT_ADD_CRC, 1 }, + { PORT100_IN_PROT_CHECK_CRC, 1 }, + { PORT100_IN_PROT_MULTI_CARD, 0 }, + { PORT100_IN_PROT_ADD_PARITY, 0 }, + { PORT100_IN_PROT_CHECK_PARITY, 0 }, + { PORT100_IN_PROT_BITWISE_AC_RECV_MODE, 0 }, + { PORT100_IN_PROT_VALID_BIT_NUMBER, 8 }, + { PORT100_IN_PROT_CRYPTO1, 0 }, + { PORT100_IN_PROT_ADD_SOF, 0 }, + { PORT100_IN_PROT_CHECK_SOF, 0 }, + { PORT100_IN_PROT_ADD_EOF, 0 }, + { PORT100_IN_PROT_CHECK_EOF, 0 }, + { PORT100_IN_PROT_DEAF_TIME, 4 }, + { PORT100_IN_PROT_CRM, 0 }, + { PORT100_IN_PROT_CRM_MIN_LEN, 0 }, + { PORT100_IN_PROT_T1_TAG_FRAME, 0 }, + { PORT100_IN_PROT_RFCA, 0 }, + { PORT100_IN_PROT_GUARD_TIME_AT_INITIATOR, 6 }, + { PORT100_IN_PROT_END, 0 }, }, [NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED] = { { PORT100_IN_PROT_END, 0 }, @@ -437,6 +456,12 @@ struct port100 { struct urb *out_urb; struct urb *in_urb; + /* This mutex protects the out_urb and avoids to submit a new command + * through port100_send_frame_async() while the previous one is being + * canceled through port100_abort_cmd(). + */ + struct mutex out_urb_lock; + struct work_struct cmd_complete_work; u8 cmd_type; @@ -445,6 +470,9 @@ struct port100 { * for any queuing/locking mechanism at driver level. */ struct port100_cmd *cmd; + + bool cmd_cancel; + struct completion cmd_cancel_done; }; struct port100_cmd { @@ -699,10 +727,27 @@ static int port100_send_ack(struct port100 *dev) { int rc; + mutex_lock(&dev->out_urb_lock); + + init_completion(&dev->cmd_cancel_done); + + usb_kill_urb(dev->out_urb); + dev->out_urb->transfer_buffer = ack_frame; dev->out_urb->transfer_buffer_length = sizeof(ack_frame); rc = usb_submit_urb(dev->out_urb, GFP_KERNEL); + /* Set the cmd_cancel flag only if the URB has been successfully + * submitted. It will be reset by the out URB completion callback + * port100_send_complete(). + */ + dev->cmd_cancel = !rc; + + mutex_unlock(&dev->out_urb_lock); + + if (!rc) + wait_for_completion(&dev->cmd_cancel_done); + return rc; } @@ -711,6 +756,16 @@ static int port100_send_frame_async(struct port100 *dev, struct sk_buff *out, { int rc; + mutex_lock(&dev->out_urb_lock); + + /* A command cancel frame as been sent through dev->out_urb. Don't try + * to submit a new one. + */ + if (dev->cmd_cancel) { + rc = -EAGAIN; + goto exit; + } + dev->out_urb->transfer_buffer = out->data; dev->out_urb->transfer_buffer_length = out->len; @@ -722,16 +777,15 @@ static int port100_send_frame_async(struct port100 *dev, struct sk_buff *out, rc = usb_submit_urb(dev->out_urb, GFP_KERNEL); if (rc) - return rc; + goto exit; rc = port100_submit_urb_for_ack(dev, GFP_KERNEL); if (rc) - goto error; + usb_unlink_urb(dev->out_urb); - return 0; +exit: + mutex_unlock(&dev->out_urb_lock); -error: - usb_unlink_urb(dev->out_urb); return rc; } @@ -790,6 +844,12 @@ static int port100_send_cmd_async(struct port100 *dev, u8 cmd_code, PORT100_FRAME_MAX_PAYLOAD_LEN + PORT100_FRAME_TAIL_LEN; + if (dev->cmd) { + nfc_err(&dev->interface->dev, + "A command is still in process\n"); + return -EBUSY; + } + resp = alloc_skb(resp_len, GFP_KERNEL); if (!resp) return -ENOMEM; @@ -867,6 +927,11 @@ static void port100_send_complete(struct urb *urb) { struct port100 *dev = urb->context; + if (dev->cmd_cancel) { + dev->cmd_cancel = false; + complete(&dev->cmd_cancel_done); + } + switch (urb->status) { case 0: break; /* success */ @@ -985,6 +1050,10 @@ static int port100_switch_rf(struct nfc_digital_dev *ddev, bool on) *skb_put(skb, 1) = on ? 1 : 0; + /* Cancel the last command if the device is being switched off */ + if (!on) + port100_abort_cmd(ddev); + resp = port100_send_cmd_sync(dev, PORT100_CMD_SWITCH_RF, skb); if (IS_ERR(resp)) @@ -1430,6 +1499,7 @@ static int port100_probe(struct usb_interface *interface, if (!dev) return -ENOMEM; + mutex_init(&dev->out_urb_lock); dev->udev = usb_get_dev(interface_to_usbdev(interface)); dev->interface = interface; usb_set_intfdata(interface, dev); diff --git a/drivers/nfc/trf7970a.c b/drivers/nfc/trf7970a.c index 10842b7051b32206190ddfb4ab29cc8d18ed268c..26c9dbbccb0c504c59fcec5157adf2310c323587 100644 --- a/drivers/nfc/trf7970a.c +++ b/drivers/nfc/trf7970a.c @@ -1048,6 +1048,10 @@ static int trf7970a_init(struct trf7970a *trf) if (ret) goto err_out; + ret = trf7970a_write(trf, TRF7970A_NFC_TARGET_LEVEL, 0); + if (ret) + goto err_out; + usleep_range(1000, 2000); trf->chip_status_ctrl &= ~TRF7970A_CHIP_STATUS_RF_ON; diff --git a/include/net/nfc/digital.h b/include/net/nfc/digital.h index 0ae101eef0f44a89271368d858aae83f030b2e26..74fa7eb94e727f670355e09ebf41ea5dd8e8d633 100644 --- a/include/net/nfc/digital.h +++ b/include/net/nfc/digital.h @@ -220,12 +220,13 @@ struct nfc_digital_dev { struct list_head cmd_queue; struct mutex cmd_lock; - struct work_struct poll_work; + struct delayed_work poll_work; u8 curr_protocol; u8 curr_rf_tech; u8 curr_nfc_dep_pni; u8 did; + u16 dep_rwt; u8 local_payload_max; u8 remote_payload_max; @@ -237,7 +238,6 @@ struct nfc_digital_dev { int nack_count; struct sk_buff *saved_skb; - unsigned int saved_skb_len; u16 target_fsc; diff --git a/include/net/nfc/llc.h b/include/net/nfc/llc.h index c25fbdee0d61068f69416bbec68ecc54e2d366c2..7ecb45757897a6bd8c9418f93a042f46e482402e 100644 --- a/include/net/nfc/llc.h +++ b/include/net/nfc/llc.h @@ -37,10 +37,6 @@ struct nfc_llc *nfc_llc_allocate(const char *name, struct nfc_hci_dev *hdev, int tx_tailroom, llc_failure_t llc_failure); void nfc_llc_free(struct nfc_llc *llc); -void nfc_llc_get_rx_head_tail_room(struct nfc_llc *llc, int *rx_headroom, - int *rx_tailroom); - - int nfc_llc_start(struct nfc_llc *llc); int nfc_llc_stop(struct nfc_llc *llc); void nfc_llc_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb); diff --git a/net/nfc/digital_core.c b/net/nfc/digital_core.c index dd9003f388225f80b7a65f8a7f4678a423b35428..0fd5518bf2522e1d4ab3e660c296ccfafb7cf897 100644 --- a/net/nfc/digital_core.c +++ b/net/nfc/digital_core.c @@ -30,6 +30,9 @@ #define DIGITAL_PROTO_ISO15693_RF_TECH NFC_PROTO_ISO15693_MASK +/* Delay between each poll frame (ms) */ +#define DIGITAL_POLL_INTERVAL 10 + struct digital_cmd { struct list_head queue; @@ -173,6 +176,8 @@ static void digital_wq_cmd(struct work_struct *work) return; } + cmd->pending = 1; + mutex_unlock(&ddev->cmd_lock); if (cmd->req) @@ -419,7 +424,8 @@ void digital_poll_next_tech(struct nfc_digital_dev *ddev) mutex_unlock(&ddev->poll_lock); - schedule_work(&ddev->poll_work); + schedule_delayed_work(&ddev->poll_work, + msecs_to_jiffies(DIGITAL_POLL_INTERVAL)); } static void digital_wq_poll(struct work_struct *work) @@ -428,7 +434,7 @@ static void digital_wq_poll(struct work_struct *work) struct digital_poll_tech *poll_tech; struct nfc_digital_dev *ddev = container_of(work, struct nfc_digital_dev, - poll_work); + poll_work.work); mutex_lock(&ddev->poll_lock); if (!ddev->poll_tech_count) { @@ -543,7 +549,7 @@ static int digital_start_poll(struct nfc_dev *nfc_dev, __u32 im_protocols, return -EINVAL; } - schedule_work(&ddev->poll_work); + schedule_delayed_work(&ddev->poll_work, 0); return 0; } @@ -564,7 +570,7 @@ static void digital_stop_poll(struct nfc_dev *nfc_dev) mutex_unlock(&ddev->poll_lock); - cancel_work_sync(&ddev->poll_work); + cancel_delayed_work_sync(&ddev->poll_work); digital_abort_cmd(ddev); } @@ -606,6 +612,8 @@ static int digital_dep_link_down(struct nfc_dev *nfc_dev) { struct nfc_digital_dev *ddev = nfc_get_drvdata(nfc_dev); + digital_abort_cmd(ddev); + ddev->curr_protocol = 0; return 0; @@ -770,7 +778,7 @@ struct nfc_digital_dev *nfc_digital_allocate_device(struct nfc_digital_ops *ops, INIT_WORK(&ddev->cmd_complete_work, digital_wq_cmd_complete); mutex_init(&ddev->poll_lock); - INIT_WORK(&ddev->poll_work, digital_wq_poll); + INIT_DELAYED_WORK(&ddev->poll_work, digital_wq_poll); if (supported_protocols & NFC_PROTO_JEWEL_MASK) ddev->protocols |= NFC_PROTO_JEWEL_MASK; @@ -832,12 +840,20 @@ void nfc_digital_unregister_device(struct nfc_digital_dev *ddev) ddev->poll_tech_count = 0; mutex_unlock(&ddev->poll_lock); - cancel_work_sync(&ddev->poll_work); + cancel_delayed_work_sync(&ddev->poll_work); cancel_work_sync(&ddev->cmd_work); cancel_work_sync(&ddev->cmd_complete_work); list_for_each_entry_safe(cmd, n, &ddev->cmd_queue, queue) { list_del(&cmd->queue); + + /* Call the command callback if any and pass it a ENODEV error. + * This gives a chance to the command issuer to free any + * allocated buffer. + */ + if (cmd->cmd_cb) + cmd->cmd_cb(ddev, cmd->cb_context, ERR_PTR(-ENODEV)); + kfree(cmd->mdaa_params); kfree(cmd); } diff --git a/net/nfc/digital_dep.c b/net/nfc/digital_dep.c index f72be7433df35fc1acfa3105a151b40876c0d47f..f864ce19e13dbc5d7734ca2ff8308047089c2d70 100644 --- a/net/nfc/digital_dep.c +++ b/net/nfc/digital_dep.c @@ -35,6 +35,8 @@ #define DIGITAL_ATR_REQ_MIN_SIZE 16 #define DIGITAL_ATR_REQ_MAX_SIZE 64 +#define DIGITAL_ATR_RES_TO_WT(s) ((s) & 0xF) + #define DIGITAL_DID_MAX 14 #define DIGITAL_PAYLOAD_SIZE_MAX 254 @@ -63,6 +65,9 @@ #define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_DID_BIT) #define DIGITAL_NFC_DEP_PFB_PNI(pfb) ((pfb) & 0x03) +#define DIGITAL_NFC_DEP_RTOX_VALUE(data) ((data) & 0x3F) +#define DIGITAL_NFC_DEP_RTOX_MAX 59 + #define DIGITAL_NFC_DEP_PFB_I_PDU 0x00 #define DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU 0x40 #define DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU 0x80 @@ -122,6 +127,37 @@ static const u8 digital_payload_bits_map[4] = { [3] = 254 }; +/* Response Waiting Time for ATR_RES PDU in ms + * + * RWT(ATR_RES) = RWT(nfcdep,activation) + dRWT(nfcdep) + dT(nfcdep,initiator) + * + * with: + * RWT(nfcdep,activation) = 4096 * 2^12 / f(c) s + * dRWT(nfcdep) = 16 / f(c) s + * dT(nfcdep,initiator) = 100 ms + * f(c) = 13560000 Hz + */ +#define DIGITAL_ATR_RES_RWT 1337 + +/* Response Waiting Time for other DEP PDUs in ms + * + * max_rwt = rwt + dRWT(nfcdep) + dT(nfcdep,initiator) + * + * with: + * rwt = (256 * 16 / f(c)) * 2^wt s + * dRWT(nfcdep) = 16 / f(c) s + * dT(nfcdep,initiator) = 100 ms + * f(c) = 13560000 Hz + * 0 <= wt <= 14 (given by the target by the TO field of ATR_RES response) + */ +#define DIGITAL_NFC_DEP_IN_MAX_WT 14 +#define DIGITAL_NFC_DEP_TG_MAX_WT 8 +static const u16 digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT + 1] = { + 100, 101, 101, 102, 105, + 110, 119, 139, 177, 255, + 409, 719, 1337, 2575, 5049, +}; + static u8 digital_payload_bits_to_size(u8 payload_bits) { if (payload_bits >= ARRAY_SIZE(digital_payload_bits_map)) @@ -190,8 +226,6 @@ digital_send_dep_data_prep(struct nfc_digital_dev *ddev, struct sk_buff *skb, return ERR_PTR(-ENOMEM); } - skb_reserve(new_skb, ddev->tx_headroom + NFC_HEADER_SIZE + - DIGITAL_NFC_DEP_REQ_RES_HEADROOM); memcpy(skb_put(new_skb, ddev->remote_payload_max), skb->data, ddev->remote_payload_max); skb_pull(skb, ddev->remote_payload_max); @@ -368,8 +402,8 @@ static int digital_in_send_psl_req(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - rc = digital_in_send_cmd(ddev, skb, 500, digital_in_recv_psl_res, - target); + rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt, + digital_in_recv_psl_res, target); if (rc) kfree_skb(skb); @@ -382,6 +416,7 @@ static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg, struct nfc_target *target = arg; struct digital_atr_res *atr_res; u8 gb_len, payload_bits; + u8 wt; int rc; if (IS_ERR(resp)) { @@ -411,6 +446,11 @@ static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg, atr_res = (struct digital_atr_res *)resp->data; + wt = DIGITAL_ATR_RES_TO_WT(atr_res->to); + if (wt > DIGITAL_NFC_DEP_IN_MAX_WT) + wt = DIGITAL_NFC_DEP_IN_MAX_WT; + ddev->dep_rwt = digital_rwt_map[wt]; + payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_res->pp); ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits); @@ -492,8 +532,8 @@ int digital_in_send_atr_req(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - rc = digital_in_send_cmd(ddev, skb, 500, digital_in_recv_atr_res, - target); + rc = digital_in_send_cmd(ddev, skb, DIGITAL_ATR_RES_RWT, + digital_in_recv_atr_res, target); if (rc) kfree_skb(skb); @@ -524,11 +564,10 @@ static int digital_in_send_ack(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - ddev->saved_skb = skb_get(skb); - ddev->saved_skb_len = skb->len; + ddev->saved_skb = pskb_copy(skb, GFP_KERNEL); - rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, - data_exch); + rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt, + digital_in_recv_dep_res, data_exch); if (rc) { kfree_skb(skb); kfree_skb(ddev->saved_skb); @@ -562,8 +601,8 @@ static int digital_in_send_nack(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, - data_exch); + rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt, + digital_in_recv_dep_res, data_exch); if (rc) kfree_skb(skb); @@ -593,8 +632,8 @@ static int digital_in_send_atn(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, - data_exch); + rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt, + digital_in_recv_dep_res, data_exch); if (rc) kfree_skb(skb); @@ -607,6 +646,11 @@ static int digital_in_send_rtox(struct nfc_digital_dev *ddev, struct digital_dep_req_res *dep_req; struct sk_buff *skb; int rc; + u16 rwt_int; + + rwt_int = ddev->dep_rwt * rtox; + if (rwt_int > digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT]) + rwt_int = digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT]; skb = digital_skb_alloc(ddev, 1); if (!skb) @@ -627,16 +671,10 @@ static int digital_in_send_rtox(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - ddev->saved_skb = skb_get(skb); - ddev->saved_skb_len = skb->len; - - rc = digital_in_send_cmd(ddev, skb, 1500, digital_in_recv_dep_res, - data_exch); - if (rc) { + rc = digital_in_send_cmd(ddev, skb, rwt_int, + digital_in_recv_dep_res, data_exch); + if (rc) kfree_skb(skb); - kfree_skb(ddev->saved_skb); - ddev->saved_skb = NULL; - } return rc; } @@ -644,11 +682,19 @@ static int digital_in_send_rtox(struct nfc_digital_dev *ddev, static int digital_in_send_saved_skb(struct nfc_digital_dev *ddev, struct digital_data_exch *data_exch) { + int rc; + + if (!ddev->saved_skb) + return -EINVAL; + skb_get(ddev->saved_skb); - skb_push(ddev->saved_skb, ddev->saved_skb_len); - return digital_in_send_cmd(ddev, ddev->saved_skb, 1500, - digital_in_recv_dep_res, data_exch); + rc = digital_in_send_cmd(ddev, ddev->saved_skb, ddev->dep_rwt, + digital_in_recv_dep_res, data_exch); + if (rc) + kfree_skb(ddev->saved_skb); + + return rc; } static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, @@ -659,12 +705,13 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, u8 pfb; uint size; int rc; + u8 rtox; if (IS_ERR(resp)) { rc = PTR_ERR(resp); resp = NULL; - if (((rc != -ETIMEDOUT) || ddev->nack_count) && + if ((rc == -EIO || (rc == -ETIMEDOUT && ddev->nack_count)) && (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) { ddev->atn_count = 0; @@ -783,6 +830,12 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, break; case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU: + if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { + PROTOCOL_ERR("14.12.4.5"); + rc = -EIO; + goto exit; + } + if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) { PROTOCOL_ERR("14.12.3.3"); rc = -EIO; @@ -792,43 +845,53 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, ddev->curr_nfc_dep_pni = DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1); - if (ddev->chaining_skb && !DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { - kfree_skb(ddev->saved_skb); - ddev->saved_skb = NULL; + if (!ddev->chaining_skb) { + PROTOCOL_ERR("14.12.4.3"); + rc = -EIO; + goto exit; + } - rc = digital_in_send_dep_req(ddev, NULL, - ddev->chaining_skb, - ddev->data_exch); - if (rc) - goto error; + /* The initiator has received a valid ACK. Free the last sent + * PDU and keep on sending chained skb. + */ + kfree_skb(ddev->saved_skb); + ddev->saved_skb = NULL; - return; - } + rc = digital_in_send_dep_req(ddev, NULL, + ddev->chaining_skb, + ddev->data_exch); + if (rc) + goto error; - pr_err("Received a ACK/NACK PDU\n"); - rc = -EINVAL; - goto exit; + goto free_resp; case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU: if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { /* ATN */ rc = digital_in_send_saved_skb(ddev, data_exch); - if (rc) { - kfree_skb(ddev->saved_skb); + if (rc) goto error; - } - return; + goto free_resp; } - kfree_skb(ddev->saved_skb); - ddev->saved_skb = NULL; + if (ddev->atn_count || ddev->nack_count) { + PROTOCOL_ERR("14.12.4.4"); + rc = -EIO; + goto error; + } + + rtox = DIGITAL_NFC_DEP_RTOX_VALUE(resp->data[0]); + if (!rtox || rtox > DIGITAL_NFC_DEP_RTOX_MAX) { + PROTOCOL_ERR("14.8.4.1"); + rc = -EIO; + goto error; + } - rc = digital_in_send_rtox(ddev, data_exch, resp->data[0]); + rc = digital_in_send_rtox(ddev, data_exch, rtox); if (rc) goto error; - kfree_skb(resp); - return; + goto free_resp; } exit: @@ -845,6 +908,11 @@ static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg, if (rc) kfree_skb(resp); + + return; + +free_resp: + dev_kfree_skb(resp); } int digital_in_send_dep_req(struct nfc_digital_dev *ddev, @@ -876,11 +944,10 @@ int digital_in_send_dep_req(struct nfc_digital_dev *ddev, ddev->skb_add_crc(tmp_skb); - ddev->saved_skb = skb_get(tmp_skb); - ddev->saved_skb_len = tmp_skb->len; + ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL); - rc = digital_in_send_cmd(ddev, tmp_skb, 1500, digital_in_recv_dep_res, - data_exch); + rc = digital_in_send_cmd(ddev, tmp_skb, ddev->dep_rwt, + digital_in_recv_dep_res, data_exch); if (rc) { if (tmp_skb != skb) kfree_skb(tmp_skb); @@ -956,8 +1023,7 @@ static int digital_tg_send_ack(struct nfc_digital_dev *ddev, ddev->skb_add_crc(skb); - ddev->saved_skb = skb_get(skb); - ddev->saved_skb_len = skb->len; + ddev->saved_skb = pskb_copy(skb, GFP_KERNEL); rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req, data_exch); @@ -1009,11 +1075,19 @@ static int digital_tg_send_atn(struct nfc_digital_dev *ddev) static int digital_tg_send_saved_skb(struct nfc_digital_dev *ddev) { + int rc; + + if (!ddev->saved_skb) + return -EINVAL; + skb_get(ddev->saved_skb); - skb_push(ddev->saved_skb, ddev->saved_skb_len); - return digital_tg_send_cmd(ddev, ddev->saved_skb, 1500, - digital_tg_recv_dep_req, NULL); + rc = digital_tg_send_cmd(ddev, ddev->saved_skb, 1500, + digital_tg_recv_dep_req, NULL); + if (rc) + kfree_skb(ddev->saved_skb); + + return rc; } static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, @@ -1086,22 +1160,38 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, case DIGITAL_NFC_DEP_PFB_I_PDU: pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n"); - if ((ddev->atn_count && (DIGITAL_NFC_DEP_PFB_PNI(pfb - 1) != - ddev->curr_nfc_dep_pni)) || - (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni)) { - PROTOCOL_ERR("14.12.3.4"); - rc = -EIO; - goto exit; - } - if (ddev->atn_count) { + /* The target has received (and replied to) at least one + * ATN DEP_REQ. + */ ddev->atn_count = 0; - rc = digital_tg_send_saved_skb(ddev); - if (rc) - goto exit; + /* pni of resp PDU equal to the target current pni - 1 + * means resp is the previous DEP_REQ PDU received from + * the initiator so the target replies with saved_skb + * which is the previous DEP_RES saved in + * digital_tg_send_dep_res(). + */ + if (DIGITAL_NFC_DEP_PFB_PNI(pfb) == + DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni - 1)) { + rc = digital_tg_send_saved_skb(ddev); + if (rc) + goto exit; - return; + goto free_resp; + } + + /* atn_count > 0 and PDU pni != curr_nfc_dep_pni - 1 + * means the target probably did not received the last + * DEP_REQ PDU sent by the initiator. The target + * fallbacks to normal processing then. + */ + } + + if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) { + PROTOCOL_ERR("14.12.3.4"); + rc = -EIO; + goto exit; } kfree_skb(ddev->saved_skb); @@ -1125,51 +1215,64 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, rc = 0; break; case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU: - if (!DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* ACK */ - if ((ddev->atn_count && - (DIGITAL_NFC_DEP_PFB_PNI(pfb - 1) != - ddev->curr_nfc_dep_pni)) || - (DIGITAL_NFC_DEP_PFB_PNI(pfb) != - ddev->curr_nfc_dep_pni) || - !ddev->chaining_skb || !ddev->saved_skb) { + if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* NACK */ + if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) != + ddev->curr_nfc_dep_pni) { rc = -EIO; goto exit; } - if (ddev->atn_count) { - ddev->atn_count = 0; + ddev->atn_count = 0; + rc = digital_tg_send_saved_skb(ddev); + if (rc) + goto exit; + + goto free_resp; + } + + /* ACK */ + if (ddev->atn_count) { + /* The target has previously recevied one or more ATN + * PDUs. + */ + ddev->atn_count = 0; + + /* If the ACK PNI is equal to the target PNI - 1 means + * that the initiator did not receive the previous PDU + * sent by the target so re-send it. + */ + if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) == + ddev->curr_nfc_dep_pni) { rc = digital_tg_send_saved_skb(ddev); if (rc) goto exit; - return; + goto free_resp; } - kfree_skb(ddev->saved_skb); - ddev->saved_skb = NULL; + /* Otherwise, the target did not receive the previous + * ACK PDU from the initiator. Fallback to normal + * processing of chained PDU then. + */ + } - rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb); - if (rc) - goto exit; - } else { /* NACK */ - if ((DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) != - ddev->curr_nfc_dep_pni) || - !ddev->saved_skb) { - rc = -EIO; - goto exit; - } + /* Keep on sending chained PDU */ + if (!ddev->chaining_skb || + DIGITAL_NFC_DEP_PFB_PNI(pfb) != + ddev->curr_nfc_dep_pni) { + rc = -EIO; + goto exit; + } - ddev->atn_count = 0; + kfree_skb(ddev->saved_skb); + ddev->saved_skb = NULL; - rc = digital_tg_send_saved_skb(ddev); - if (rc) { - kfree_skb(ddev->saved_skb); - goto exit; - } - } + rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb); + if (rc) + goto exit; - return; + goto free_resp; case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU: if (DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { rc = -EINVAL; @@ -1182,8 +1285,7 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, ddev->atn_count++; - kfree_skb(resp); - return; + goto free_resp; } rc = nfc_tm_data_received(ddev->nfc_dev, resp); @@ -1199,6 +1301,11 @@ static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg, if (rc) kfree_skb(resp); + + return; + +free_resp: + dev_kfree_skb(resp); } int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb) @@ -1235,8 +1342,7 @@ int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb) ddev->skb_add_crc(tmp_skb); - ddev->saved_skb = skb_get(tmp_skb); - ddev->saved_skb_len = tmp_skb->len; + ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL); rc = digital_tg_send_cmd(ddev, tmp_skb, 1500, digital_tg_recv_dep_req, NULL); @@ -1420,7 +1526,7 @@ static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev, atr_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN; atr_res->cmd = DIGITAL_CMD_ATR_RES; memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3)); - atr_res->to = 8; + atr_res->to = DIGITAL_NFC_DEP_TG_MAX_WT; ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX; payload_bits = digital_payload_size_to_bits(ddev->local_payload_max); diff --git a/net/nfc/digital_technology.c b/net/nfc/digital_technology.c index fb58ed2dd41d1afcfd2368de28e754a17535b705..d9080dec5d278c21d8d8e89eca52a085eb7f7b40 100644 --- a/net/nfc/digital_technology.c +++ b/net/nfc/digital_technology.c @@ -1257,21 +1257,12 @@ static int digital_tg_config_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech) int digital_tg_listen_nfcf(struct nfc_digital_dev *ddev, u8 rf_tech) { int rc; - u8 *nfcid2; rc = digital_tg_config_nfcf(ddev, rf_tech); if (rc) return rc; - nfcid2 = kzalloc(NFC_NFCID2_MAXSIZE, GFP_KERNEL); - if (!nfcid2) - return -ENOMEM; - - nfcid2[0] = DIGITAL_SENSF_NFCID2_NFC_DEP_B1; - nfcid2[1] = DIGITAL_SENSF_NFCID2_NFC_DEP_B2; - get_random_bytes(nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2); - - return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, nfcid2); + return digital_tg_listen(ddev, 300, digital_tg_recv_sensf_req, NULL); } void digital_tg_recv_md_req(struct nfc_digital_dev *ddev, void *arg, diff --git a/net/nfc/hci/llc.c b/net/nfc/hci/llc.c index 1399a03fa6e66716cec38bd5d96df15d4226d0eb..3d699cbc74354a2dcd9e9fe9107960554fadff2e 100644 --- a/net/nfc/hci/llc.c +++ b/net/nfc/hci/llc.c @@ -133,36 +133,29 @@ void nfc_llc_free(struct nfc_llc *llc) kfree(llc); } -inline void nfc_llc_get_rx_head_tail_room(struct nfc_llc *llc, int *rx_headroom, - int *rx_tailroom) -{ - *rx_headroom = llc->rx_headroom; - *rx_tailroom = llc->rx_tailroom; -} - -inline int nfc_llc_start(struct nfc_llc *llc) +int nfc_llc_start(struct nfc_llc *llc) { return llc->ops->start(llc); } EXPORT_SYMBOL(nfc_llc_start); -inline int nfc_llc_stop(struct nfc_llc *llc) +int nfc_llc_stop(struct nfc_llc *llc) { return llc->ops->stop(llc); } EXPORT_SYMBOL(nfc_llc_stop); -inline void nfc_llc_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb) +void nfc_llc_rcv_from_drv(struct nfc_llc *llc, struct sk_buff *skb) { llc->ops->rcv_from_drv(llc, skb); } -inline int nfc_llc_xmit_from_hci(struct nfc_llc *llc, struct sk_buff *skb) +int nfc_llc_xmit_from_hci(struct nfc_llc *llc, struct sk_buff *skb) { return llc->ops->xmit_from_hci(llc, skb); } -inline void *nfc_llc_get_data(struct nfc_llc *llc) +void *nfc_llc_get_data(struct nfc_llc *llc) { return llc->data; } diff --git a/net/nfc/llcp_commands.c b/net/nfc/llcp_commands.c index 3425532c39f7839d9ce6d87167d6b9222d6cd5e2..c5959ce503e6c857c98d5cb7583f48b42b3eac71 100644 --- a/net/nfc/llcp_commands.c +++ b/net/nfc/llcp_commands.c @@ -438,19 +438,17 @@ int nfc_llcp_send_connect(struct nfc_llcp_sock *sock) goto error_tlv; } - if (service_name_tlv != NULL) - skb = llcp_add_tlv(skb, service_name_tlv, - service_name_tlv_length); - - skb = llcp_add_tlv(skb, miux_tlv, miux_tlv_length); - skb = llcp_add_tlv(skb, rw_tlv, rw_tlv_length); + llcp_add_tlv(skb, service_name_tlv, service_name_tlv_length); + llcp_add_tlv(skb, miux_tlv, miux_tlv_length); + llcp_add_tlv(skb, rw_tlv, rw_tlv_length); skb_queue_tail(&local->tx_queue, skb); - return 0; + err = 0; error_tlv: - pr_err("error %d\n", err); + if (err) + pr_err("error %d\n", err); kfree(service_name_tlv); kfree(miux_tlv); @@ -493,15 +491,16 @@ int nfc_llcp_send_cc(struct nfc_llcp_sock *sock) goto error_tlv; } - skb = llcp_add_tlv(skb, miux_tlv, miux_tlv_length); - skb = llcp_add_tlv(skb, rw_tlv, rw_tlv_length); + llcp_add_tlv(skb, miux_tlv, miux_tlv_length); + llcp_add_tlv(skb, rw_tlv, rw_tlv_length); skb_queue_tail(&local->tx_queue, skb); - return 0; + err = 0; error_tlv: - pr_err("error %d\n", err); + if (err) + pr_err("error %d\n", err); kfree(miux_tlv); kfree(rw_tlv); diff --git a/net/nfc/llcp_core.c b/net/nfc/llcp_core.c index 98876274a1eea22b709403dde2c5702b1387a0be..e69786c6804cdf83cd5b758bad3985afacb1a4b2 100644 --- a/net/nfc/llcp_core.c +++ b/net/nfc/llcp_core.c @@ -732,9 +732,8 @@ static void nfc_llcp_tx_work(struct work_struct *work) int ret; pr_debug("Sending pending skb\n"); - print_hex_dump(KERN_DEBUG, "LLCP Tx: ", - DUMP_PREFIX_OFFSET, 16, 1, - skb->data, skb->len, true); + print_hex_dump_debug("LLCP Tx: ", DUMP_PREFIX_OFFSET, + 16, 1, skb->data, skb->len, true); if (ptype == LLCP_PDU_DISC && sk != NULL && sk->sk_state == LLCP_DISCONNECTING) { @@ -1412,8 +1411,8 @@ static void nfc_llcp_rx_skb(struct nfc_llcp_local *local, struct sk_buff *skb) pr_debug("ptype 0x%x dsap 0x%x ssap 0x%x\n", ptype, dsap, ssap); if (ptype != LLCP_PDU_SYMM) - print_hex_dump(KERN_DEBUG, "LLCP Rx: ", DUMP_PREFIX_OFFSET, - 16, 1, skb->data, skb->len, true); + print_hex_dump_debug("LLCP Rx: ", DUMP_PREFIX_OFFSET, 16, 1, + skb->data, skb->len, true); switch (ptype) { case LLCP_PDU_SYMM: