diff --git a/include/net/nfc/nfc.h b/include/net/nfc/nfc.h index 431a6c59b418c1ef709ba6de1d3774d56a8f3797..45f05634315bfbfcdf3ecf5412869602dc01f4ef 100644 --- a/include/net/nfc/nfc.h +++ b/include/net/nfc/nfc.h @@ -79,6 +79,7 @@ struct nfc_target { u8 sensf_res_len; u8 sensf_res[NFC_SENSF_RES_MAXSIZE]; u8 hci_reader_gate; + u8 logical_idx; }; struct nfc_genl_data { @@ -88,6 +89,7 @@ struct nfc_genl_data { struct nfc_dev { unsigned idx; + unsigned target_idx; struct nfc_target *targets; int n_targets; int targets_generation; diff --git a/net/nfc/core.c b/net/nfc/core.c index deb4721ce8a129699bae9a68e8d5fcb3af35c8db..d92400087b61ac48feffd5f7af8be163d9b1dcda 100644 --- a/net/nfc/core.c +++ b/net/nfc/core.c @@ -428,10 +428,15 @@ EXPORT_SYMBOL(nfc_alloc_recv_skb); int nfc_targets_found(struct nfc_dev *dev, struct nfc_target *targets, int n_targets) { + int i; + pr_debug("dev_name=%s n_targets=%d\n", dev_name(&dev->dev), n_targets); dev->polling = false; + for (i = 0; i < n_targets; i++) + targets[i].idx = dev->target_idx++; + spin_lock_bh(&dev->targets_lock); dev->targets_generation++; diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c index 9ec065bb9ee1e78b96321a8f2f1e5c6827dd15bc..8737c2089fddeb005253afd768b89d0f814e13a4 100644 --- a/net/nfc/nci/core.c +++ b/net/nfc/nci/core.c @@ -477,7 +477,7 @@ static int nci_activate_target(struct nfc_dev *nfc_dev, __u32 target_idx, } if (atomic_read(&ndev->state) == NCI_W4_HOST_SELECT) { - param.rf_discovery_id = target->idx; + param.rf_discovery_id = target->logical_idx; if (protocol == NFC_PROTO_JEWEL) param.rf_protocol = NCI_RF_PROTOCOL_T1T; diff --git a/net/nfc/nci/ntf.c b/net/nfc/nci/ntf.c index 2e3dee42196d064d0fdcf5ad7c6e4fe50945d57b..99e1632e6aac7535efb587012979807a5f590619 100644 --- a/net/nfc/nci/ntf.c +++ b/net/nfc/nci/ntf.c @@ -227,7 +227,7 @@ static void nci_add_new_target(struct nci_dev *ndev, for (i = 0; i < ndev->n_targets; i++) { target = &ndev->targets[i]; - if (target->idx == ntf->rf_discovery_id) { + if (target->logical_idx == ntf->rf_discovery_id) { /* This target already exists, add the new protocol */ nci_add_new_protocol(ndev, target, ntf->rf_protocol, ntf->rf_tech_and_mode, @@ -248,10 +248,10 @@ static void nci_add_new_target(struct nci_dev *ndev, ntf->rf_tech_and_mode, &ntf->rf_tech_specific_params); if (!rc) { - target->idx = ntf->rf_discovery_id; + target->logical_idx = ntf->rf_discovery_id; ndev->n_targets++; - pr_debug("target_idx %d, n_targets %d\n", target->idx, + pr_debug("logical idx %d, n_targets %d\n", target->logical_idx, ndev->n_targets); } } @@ -372,10 +372,11 @@ static void nci_target_auto_activated(struct nci_dev *ndev, if (rc) return; - target->idx = ntf->rf_discovery_id; + target->logical_idx = ntf->rf_discovery_id; ndev->n_targets++; - pr_debug("target_idx %d, n_targets %d\n", target->idx, ndev->n_targets); + pr_debug("logical idx %d, n_targets %d\n", + target->logical_idx, ndev->n_targets); nfc_targets_found(ndev->nfc_dev, ndev->targets, ndev->n_targets); } diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c index 5a839ceb2e82f1f23e45595ae836526b9589fefd..b2825aa85f64cec7fc3c0c52ae4f7bc796beca28 100644 --- a/net/nfc/rawsock.c +++ b/net/nfc/rawsock.c @@ -92,6 +92,12 @@ static int rawsock_connect(struct socket *sock, struct sockaddr *_addr, goto error; } + if (addr->target_idx > dev->target_idx - 1 || + addr->target_idx < dev->target_idx - dev->n_targets) { + rc = -EINVAL; + goto error; + } + rc = nfc_activate_target(dev, addr->target_idx, addr->nfc_protocol); if (rc) goto put_dev;