2 * Copyright (C) 2011 Instituto Nokia de Tecnologia
5 * Lauro Ramos Venancio <lauro.venancio@openbossa.org>
6 * Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the
20 * Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
24 #include <linux/device.h>
25 #include <linux/kernel.h>
26 #include <linux/module.h>
27 #include <linux/slab.h>
28 #include <linux/usb.h>
29 #include <linux/nfc.h>
30 #include <linux/netdevice.h>
31 #include <net/nfc/nfc.h>
35 #define PN533_VENDOR_ID 0x4CC
36 #define PN533_PRODUCT_ID 0x2533
38 #define SCM_VENDOR_ID 0x4E6
39 #define SCL3711_PRODUCT_ID 0x5591
41 #define SONY_VENDOR_ID 0x054c
42 #define PASORI_PRODUCT_ID 0x02e1
44 #define PN533_DEVICE_STD 0x1
45 #define PN533_DEVICE_PASORI 0x2
47 #define PN533_ALL_PROTOCOLS (NFC_PROTO_JEWEL_MASK | NFC_PROTO_MIFARE_MASK |\
48 NFC_PROTO_FELICA_MASK | NFC_PROTO_ISO14443_MASK |\
49 NFC_PROTO_NFC_DEP_MASK |\
50 NFC_PROTO_ISO14443_B_MASK)
52 #define PN533_NO_TYPE_B_PROTOCOLS (NFC_PROTO_JEWEL_MASK | \
53 NFC_PROTO_MIFARE_MASK | \
54 NFC_PROTO_FELICA_MASK | \
55 NFC_PROTO_ISO14443_MASK | \
56 NFC_PROTO_NFC_DEP_MASK)
58 static const struct usb_device_id pn533_table[] = {
59 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
60 .idVendor = PN533_VENDOR_ID,
61 .idProduct = PN533_PRODUCT_ID,
62 .driver_info = PN533_DEVICE_STD,
64 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
65 .idVendor = SCM_VENDOR_ID,
66 .idProduct = SCL3711_PRODUCT_ID,
67 .driver_info = PN533_DEVICE_STD,
69 { .match_flags = USB_DEVICE_ID_MATCH_DEVICE,
70 .idVendor = SONY_VENDOR_ID,
71 .idProduct = PASORI_PRODUCT_ID,
72 .driver_info = PN533_DEVICE_PASORI,
76 MODULE_DEVICE_TABLE(usb, pn533_table);
78 /* How much time we spend listening for initiators */
79 #define PN533_LISTEN_TIME 2
81 /* frame definitions */
82 #define PN533_NORMAL_FRAME_MAX_LEN 262 /* 6 (PREAMBLE, SOF, LEN, LCS, TFI)
85 #define PN533_FRAME_HEADER_LEN (sizeof(struct pn533_frame) \
86 + 2) /* data[0] TFI, data[1] CC */
87 #define PN533_FRAME_TAIL_LEN 2 /* data[len] DCS, data[len + 1] postamble*/
90 * Max extended frame payload len, excluding TFI and CC
91 * which are already in PN533_FRAME_HEADER_LEN.
93 #define PN533_FRAME_MAX_PAYLOAD_LEN 263
95 #define PN533_FRAME_SIZE(f) (sizeof(struct pn533_frame) + f->datalen + \
97 #define PN533_FRAME_ACK_SIZE (sizeof(struct pn533_frame) + 1)
98 #define PN533_FRAME_CHECKSUM(f) (f->data[f->datalen])
99 #define PN533_FRAME_POSTAMBLE(f) (f->data[f->datalen + 1])
102 #define PN533_SOF 0x00FF
104 /* frame identifier: in/out/error */
105 #define PN533_FRAME_IDENTIFIER(f) (f->data[0])
106 #define PN533_DIR_OUT 0xD4
107 #define PN533_DIR_IN 0xD5
110 #define PN533_FRAME_CMD(f) (f->data[1])
111 #define PN533_FRAME_CMD_PARAMS_PTR(f) (&f->data[2])
112 #define PN533_FRAME_CMD_PARAMS_LEN(f) (f->datalen - 2)
114 #define PN533_CMD_GET_FIRMWARE_VERSION 0x02
115 #define PN533_CMD_RF_CONFIGURATION 0x32
116 #define PN533_CMD_IN_DATA_EXCHANGE 0x40
117 #define PN533_CMD_IN_COMM_THRU 0x42
118 #define PN533_CMD_IN_LIST_PASSIVE_TARGET 0x4A
119 #define PN533_CMD_IN_ATR 0x50
120 #define PN533_CMD_IN_RELEASE 0x52
121 #define PN533_CMD_IN_JUMP_FOR_DEP 0x56
123 #define PN533_CMD_TG_INIT_AS_TARGET 0x8c
124 #define PN533_CMD_TG_GET_DATA 0x86
125 #define PN533_CMD_TG_SET_DATA 0x8e
126 #define PN533_CMD_UNDEF 0xff
128 #define PN533_CMD_RESPONSE(cmd) (cmd + 1)
130 /* PN533 Return codes */
131 #define PN533_CMD_RET_MASK 0x3F
132 #define PN533_CMD_MI_MASK 0x40
133 #define PN533_CMD_RET_SUCCESS 0x00
137 typedef int (*pn533_cmd_complete_t) (struct pn533 *dev, void *arg,
138 u8 *params, int params_len);
140 typedef int (*pn533_send_async_complete_t) (struct pn533 *dev, void *arg,
141 struct sk_buff *resp);
143 /* structs for pn533 commands */
145 /* PN533_CMD_GET_FIRMWARE_VERSION */
146 struct pn533_fw_version {
153 /* PN533_CMD_RF_CONFIGURATION */
154 #define PN533_CFGITEM_TIMING 0x02
155 #define PN533_CFGITEM_MAX_RETRIES 0x05
156 #define PN533_CFGITEM_PASORI 0x82
158 #define PN533_CONFIG_TIMING_102 0xb
159 #define PN533_CONFIG_TIMING_204 0xc
160 #define PN533_CONFIG_TIMING_409 0xd
161 #define PN533_CONFIG_TIMING_819 0xe
163 #define PN533_CONFIG_MAX_RETRIES_NO_RETRY 0x00
164 #define PN533_CONFIG_MAX_RETRIES_ENDLESS 0xFF
166 struct pn533_config_max_retries {
169 u8 mx_rty_passive_act;
172 struct pn533_config_timing {
178 /* PN533_CMD_IN_LIST_PASSIVE_TARGET */
180 /* felica commands opcode */
181 #define PN533_FELICA_OPC_SENSF_REQ 0
182 #define PN533_FELICA_OPC_SENSF_RES 1
183 /* felica SENSF_REQ parameters */
184 #define PN533_FELICA_SENSF_SC_ALL 0xFFFF
185 #define PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE 0
186 #define PN533_FELICA_SENSF_RC_SYSTEM_CODE 1
187 #define PN533_FELICA_SENSF_RC_ADVANCED_PROTOCOL 2
189 /* type B initiator_data values */
190 #define PN533_TYPE_B_AFI_ALL_FAMILIES 0
191 #define PN533_TYPE_B_POLL_METHOD_TIMESLOT 0
192 #define PN533_TYPE_B_POLL_METHOD_PROBABILISTIC 1
194 union pn533_cmd_poll_initdata {
207 /* Poll modulations */
209 PN533_POLL_MOD_106KBPS_A,
210 PN533_POLL_MOD_212KBPS_FELICA,
211 PN533_POLL_MOD_424KBPS_FELICA,
212 PN533_POLL_MOD_106KBPS_JEWEL,
213 PN533_POLL_MOD_847KBPS_B,
216 __PN533_POLL_MOD_AFTER_LAST,
218 #define PN533_POLL_MOD_MAX (__PN533_POLL_MOD_AFTER_LAST - 1)
220 struct pn533_poll_modulations {
224 union pn533_cmd_poll_initdata initiator_data;
229 const struct pn533_poll_modulations poll_mod[] = {
230 [PN533_POLL_MOD_106KBPS_A] = {
237 [PN533_POLL_MOD_212KBPS_FELICA] = {
241 .initiator_data.felica = {
242 .opcode = PN533_FELICA_OPC_SENSF_REQ,
243 .sc = PN533_FELICA_SENSF_SC_ALL,
244 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
250 [PN533_POLL_MOD_424KBPS_FELICA] = {
254 .initiator_data.felica = {
255 .opcode = PN533_FELICA_OPC_SENSF_REQ,
256 .sc = PN533_FELICA_SENSF_SC_ALL,
257 .rc = PN533_FELICA_SENSF_RC_NO_SYSTEM_CODE,
263 [PN533_POLL_MOD_106KBPS_JEWEL] = {
270 [PN533_POLL_MOD_847KBPS_B] = {
274 .initiator_data.type_b = {
275 .afi = PN533_TYPE_B_AFI_ALL_FAMILIES,
277 PN533_TYPE_B_POLL_METHOD_TIMESLOT,
282 [PN533_LISTEN_MOD] = {
287 /* PN533_CMD_IN_ATR */
289 struct pn533_cmd_activate_response {
301 struct pn533_cmd_jump_dep_response {
315 /* PN533_TG_INIT_AS_TARGET */
316 #define PN533_INIT_TARGET_PASSIVE 0x1
317 #define PN533_INIT_TARGET_DEP 0x2
319 #define PN533_INIT_TARGET_RESP_FRAME_MASK 0x3
320 #define PN533_INIT_TARGET_RESP_ACTIVE 0x1
321 #define PN533_INIT_TARGET_RESP_DEP 0x4
323 struct pn533_cmd_init_target {
332 struct pn533_cmd_init_target_response {
338 struct usb_device *udev;
339 struct usb_interface *interface;
340 struct nfc_dev *nfc_dev;
343 struct pn533_frame *out_frame;
346 struct pn533_frame *in_frame;
348 struct sk_buff_head resp_q;
350 struct workqueue_struct *wq;
351 struct work_struct cmd_work;
352 struct work_struct cmd_complete_work;
353 struct work_struct poll_work;
354 struct work_struct mi_work;
355 struct work_struct tg_work;
356 struct timer_list listen_timer;
357 struct pn533_frame *wq_in_frame;
361 pn533_cmd_complete_t cmd_complete;
362 void *cmd_complete_arg;
363 void *cmd_complete_mi_arg;
364 struct mutex cmd_lock;
367 struct pn533_poll_modulations *poll_mod_active[PN533_POLL_MOD_MAX + 1];
371 u32 listen_protocols;
376 u8 tgt_available_prots;
382 struct list_head cmd_queue;
387 struct list_head queue;
388 struct pn533_frame *out_frame;
389 struct pn533_frame *in_frame;
393 struct sk_buff *resp;
394 pn533_cmd_complete_t cmd_complete;
406 /* The rule: value + checksum = 0 */
407 static inline u8 pn533_checksum(u8 value)
412 /* The rule: sum(data elements) + checksum = 0 */
413 static u8 pn533_data_checksum(u8 *data, int datalen)
418 for (i = 0; i < datalen; i++)
421 return pn533_checksum(sum);
425 * pn533_tx_frame_ack - create a ack frame
426 * @frame: The frame to be set as ack
428 * Ack is different type of standard frame. As a standard frame, it has
429 * preamble and start_frame. However the checksum of this frame must fail,
430 * i.e. datalen + datalen_checksum must NOT be zero. When the checksum test
431 * fails and datalen = 0 and datalen_checksum = 0xFF, the frame is a ack.
432 * After datalen_checksum field, the postamble is placed.
434 static void pn533_tx_frame_ack(struct pn533_frame *frame)
437 frame->start_frame = cpu_to_be16(PN533_SOF);
439 frame->datalen_checksum = 0xFF;
440 /* data[0] is used as postamble */
444 static void pn533_tx_frame_init(struct pn533_frame *frame, u8 cmd)
447 frame->start_frame = cpu_to_be16(PN533_SOF);
448 PN533_FRAME_IDENTIFIER(frame) = PN533_DIR_OUT;
449 PN533_FRAME_CMD(frame) = cmd;
453 static void pn533_tx_frame_finish(struct pn533_frame *frame)
455 frame->datalen_checksum = pn533_checksum(frame->datalen);
457 PN533_FRAME_CHECKSUM(frame) =
458 pn533_data_checksum(frame->data, frame->datalen);
460 PN533_FRAME_POSTAMBLE(frame) = 0;
463 static bool pn533_rx_frame_is_valid(struct pn533_frame *frame)
467 if (frame->start_frame != cpu_to_be16(PN533_SOF))
470 checksum = pn533_checksum(frame->datalen);
471 if (checksum != frame->datalen_checksum)
474 checksum = pn533_data_checksum(frame->data, frame->datalen);
475 if (checksum != PN533_FRAME_CHECKSUM(frame))
481 static bool pn533_rx_frame_is_ack(struct pn533_frame *frame)
483 if (frame->start_frame != cpu_to_be16(PN533_SOF))
486 if (frame->datalen != 0 || frame->datalen_checksum != 0xFF)
492 static bool pn533_rx_frame_is_cmd_response(struct pn533_frame *frame, u8 cmd)
494 return (PN533_FRAME_CMD(frame) == PN533_CMD_RESPONSE(cmd));
498 static void pn533_wq_cmd_complete(struct work_struct *work)
500 struct pn533 *dev = container_of(work, struct pn533, cmd_complete_work);
501 struct pn533_frame *in_frame;
504 in_frame = dev->wq_in_frame;
506 if (dev->wq_in_error)
507 rc = dev->cmd_complete(dev, dev->cmd_complete_arg, NULL,
510 rc = dev->cmd_complete(dev, dev->cmd_complete_arg,
511 PN533_FRAME_CMD_PARAMS_PTR(in_frame),
512 PN533_FRAME_CMD_PARAMS_LEN(in_frame));
514 if (rc != -EINPROGRESS)
515 queue_work(dev->wq, &dev->cmd_work);
518 static void pn533_recv_response(struct urb *urb)
520 struct pn533 *dev = urb->context;
521 struct pn533_frame *in_frame;
523 dev->wq_in_frame = NULL;
525 switch (urb->status) {
532 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
533 " status: %d", urb->status);
534 dev->wq_in_error = urb->status;
537 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
539 dev->wq_in_error = urb->status;
543 in_frame = dev->in_urb->transfer_buffer;
545 if (!pn533_rx_frame_is_valid(in_frame)) {
546 nfc_dev_err(&dev->interface->dev, "Received an invalid frame");
547 dev->wq_in_error = -EIO;
551 if (!pn533_rx_frame_is_cmd_response(in_frame, dev->cmd)) {
552 nfc_dev_err(&dev->interface->dev, "The received frame is not "
553 "response to the last command");
554 dev->wq_in_error = -EIO;
558 nfc_dev_dbg(&dev->interface->dev, "Received a valid frame");
559 dev->wq_in_error = 0;
560 dev->wq_in_frame = in_frame;
563 queue_work(dev->wq, &dev->cmd_complete_work);
566 static int pn533_submit_urb_for_response(struct pn533 *dev, gfp_t flags)
568 dev->in_urb->complete = pn533_recv_response;
570 return usb_submit_urb(dev->in_urb, flags);
573 static void pn533_recv_ack(struct urb *urb)
575 struct pn533 *dev = urb->context;
576 struct pn533_frame *in_frame;
579 switch (urb->status) {
586 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
587 " status: %d", urb->status);
588 dev->wq_in_error = urb->status;
591 nfc_dev_err(&dev->interface->dev, "Nonzero urb status received:"
593 dev->wq_in_error = urb->status;
597 in_frame = dev->in_urb->transfer_buffer;
599 if (!pn533_rx_frame_is_ack(in_frame)) {
600 nfc_dev_err(&dev->interface->dev, "Received an invalid ack");
601 dev->wq_in_error = -EIO;
605 nfc_dev_dbg(&dev->interface->dev, "Received a valid ack");
607 rc = pn533_submit_urb_for_response(dev, GFP_ATOMIC);
609 nfc_dev_err(&dev->interface->dev, "usb_submit_urb failed with"
611 dev->wq_in_error = rc;
618 dev->wq_in_frame = NULL;
619 queue_work(dev->wq, &dev->cmd_complete_work);
622 static int pn533_submit_urb_for_ack(struct pn533 *dev, gfp_t flags)
624 dev->in_urb->complete = pn533_recv_ack;
626 return usb_submit_urb(dev->in_urb, flags);
629 static int pn533_send_ack(struct pn533 *dev, gfp_t flags)
633 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
635 pn533_tx_frame_ack(dev->out_frame);
637 dev->out_urb->transfer_buffer = dev->out_frame;
638 dev->out_urb->transfer_buffer_length = PN533_FRAME_ACK_SIZE;
639 rc = usb_submit_urb(dev->out_urb, flags);
644 static int __pn533_send_cmd_frame_async(struct pn533 *dev,
645 struct pn533_frame *out_frame,
646 struct pn533_frame *in_frame,
648 pn533_cmd_complete_t cmd_complete,
653 nfc_dev_dbg(&dev->interface->dev, "Sending command 0x%x",
654 PN533_FRAME_CMD(out_frame));
656 dev->cmd = PN533_FRAME_CMD(out_frame);
657 dev->cmd_complete = cmd_complete;
658 dev->cmd_complete_arg = arg;
660 dev->out_urb->transfer_buffer = out_frame;
661 dev->out_urb->transfer_buffer_length =
662 PN533_FRAME_SIZE(out_frame);
664 dev->in_urb->transfer_buffer = in_frame;
665 dev->in_urb->transfer_buffer_length = in_frame_len;
667 rc = usb_submit_urb(dev->out_urb, GFP_KERNEL);
671 rc = pn533_submit_urb_for_ack(dev, GFP_KERNEL);
678 usb_unlink_urb(dev->out_urb);
682 static void pn533_build_cmd_frame(u8 cmd_code, struct sk_buff *skb)
684 struct pn533_frame *frame;
685 /* payload is already there, just update datalen */
686 int payload_len = skb->len;
688 skb_push(skb, PN533_FRAME_HEADER_LEN);
689 skb_put(skb, PN533_FRAME_TAIL_LEN);
691 frame = (struct pn533_frame *)skb->data;
693 pn533_tx_frame_init(frame, cmd_code);
694 frame->datalen += payload_len;
695 pn533_tx_frame_finish(frame);
698 struct pn533_send_async_complete_arg {
699 pn533_send_async_complete_t complete_cb;
700 void *complete_cb_context;
701 struct sk_buff *resp;
705 static int pn533_send_async_complete(struct pn533 *dev, void *_arg, u8 *params,
708 struct pn533_send_async_complete_arg *arg = _arg;
710 struct sk_buff *req = arg->req;
711 struct sk_buff *resp = arg->resp;
713 struct pn533_frame *frame = (struct pn533_frame *)resp->data;
718 if (params_len < 0) {
719 nfc_dev_err(&dev->interface->dev,
720 "Error %d when starting as a target",
723 arg->complete_cb(dev, arg->complete_cb_context,
724 ERR_PTR(params_len));
730 skb_put(resp, PN533_FRAME_SIZE(frame));
731 skb_pull(resp, PN533_FRAME_HEADER_LEN);
732 skb_trim(resp, resp->len - PN533_FRAME_TAIL_LEN);
734 rc = arg->complete_cb(dev, arg->complete_cb_context, resp);
741 static int __pn533_send_async(struct pn533 *dev, u8 cmd_code,
742 struct sk_buff *req, struct sk_buff *resp,
744 pn533_send_async_complete_t complete_cb,
745 void *complete_cb_context)
747 struct pn533_cmd *cmd;
748 struct pn533_send_async_complete_arg *arg;
751 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
753 arg = kzalloc(sizeof(arg), GFP_KERNEL);
757 arg->complete_cb = complete_cb;
758 arg->complete_cb_context = complete_cb_context;
762 pn533_build_cmd_frame(cmd_code, req);
764 mutex_lock(&dev->cmd_lock);
766 if (!dev->cmd_pending) {
767 rc = __pn533_send_cmd_frame_async(dev,
768 (struct pn533_frame *)req->data,
769 (struct pn533_frame *)resp->data,
770 resp_len, pn533_send_async_complete,
775 dev->cmd_pending = 1;
779 nfc_dev_dbg(&dev->interface->dev, "%s Queueing command", __func__);
781 cmd = kzalloc(sizeof(struct pn533_cmd), GFP_KERNEL);
787 INIT_LIST_HEAD(&cmd->queue);
788 cmd->cmd_code = cmd_code;
793 list_add_tail(&cmd->queue, &dev->cmd_queue);
800 mutex_unlock(&dev->cmd_lock);
804 static int pn533_send_data_async(struct pn533 *dev, u8 cmd_code,
806 pn533_send_async_complete_t complete_cb,
807 void *complete_cb_context)
809 struct sk_buff *resp;
811 int resp_len = PN533_FRAME_HEADER_LEN +
812 PN533_FRAME_MAX_PAYLOAD_LEN +
813 PN533_FRAME_TAIL_LEN;
815 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
817 resp = nfc_alloc_recv_skb(resp_len, GFP_KERNEL);
821 rc = __pn533_send_async(dev, cmd_code, req, resp, resp_len, complete_cb,
822 complete_cb_context);
829 static int pn533_send_cmd_async(struct pn533 *dev, u8 cmd_code,
831 pn533_send_async_complete_t complete_cb,
832 void *complete_cb_context)
834 struct sk_buff *resp;
837 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
839 resp = alloc_skb(PN533_NORMAL_FRAME_MAX_LEN, GFP_KERNEL);
843 rc = __pn533_send_async(dev, cmd_code, req, resp,
844 PN533_NORMAL_FRAME_MAX_LEN,
845 complete_cb, complete_cb_context);
853 * pn533_send_cmd_direct_async
855 * The function sends a piority cmd directly to the chip omiting the cmd
856 * queue. It's intended to be used by chaining mechanism of received responses
857 * where the host has to request every single chunk of data before scheduling
858 * next cmd from the queue.
860 static int pn533_send_cmd_direct_async(struct pn533 *dev, u8 cmd_code,
862 pn533_send_async_complete_t complete_cb,
863 void *complete_cb_context)
865 struct pn533_send_async_complete_arg *arg;
866 struct sk_buff *resp;
868 int resp_len = PN533_FRAME_HEADER_LEN +
869 PN533_FRAME_MAX_PAYLOAD_LEN +
870 PN533_FRAME_TAIL_LEN;
872 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
874 resp = alloc_skb(resp_len, GFP_KERNEL);
878 arg = kzalloc(sizeof(arg), GFP_KERNEL);
884 arg->complete_cb = complete_cb;
885 arg->complete_cb_context = complete_cb_context;
889 pn533_build_cmd_frame(cmd_code, req);
891 rc = __pn533_send_cmd_frame_async(dev, (struct pn533_frame *)req->data,
892 (struct pn533_frame *)resp->data,
893 resp_len, pn533_send_async_complete,
903 static void pn533_wq_cmd(struct work_struct *work)
905 struct pn533 *dev = container_of(work, struct pn533, cmd_work);
906 struct pn533_cmd *cmd;
908 mutex_lock(&dev->cmd_lock);
910 if (list_empty(&dev->cmd_queue)) {
911 dev->cmd_pending = 0;
912 mutex_unlock(&dev->cmd_lock);
916 cmd = list_first_entry(&dev->cmd_queue, struct pn533_cmd, queue);
918 list_del(&cmd->queue);
920 mutex_unlock(&dev->cmd_lock);
922 if (cmd->cmd_code != PN533_CMD_UNDEF)
923 __pn533_send_cmd_frame_async(dev,
924 (struct pn533_frame *)cmd->req->data,
925 (struct pn533_frame *)cmd->resp->data,
926 PN533_NORMAL_FRAME_MAX_LEN,
927 pn533_send_async_complete,
930 __pn533_send_cmd_frame_async(dev, cmd->out_frame, cmd->in_frame,
932 cmd->cmd_complete, cmd->arg);
937 static int pn533_send_cmd_frame_async(struct pn533 *dev,
938 struct pn533_frame *out_frame,
939 struct pn533_frame *in_frame,
941 pn533_cmd_complete_t cmd_complete,
944 struct pn533_cmd *cmd;
947 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
949 mutex_lock(&dev->cmd_lock);
951 if (!dev->cmd_pending) {
952 rc = __pn533_send_cmd_frame_async(dev, out_frame, in_frame,
953 in_frame_len, cmd_complete,
956 dev->cmd_pending = 1;
961 nfc_dev_dbg(&dev->interface->dev, "%s Queueing command", __func__);
963 cmd = kzalloc(sizeof(struct pn533_cmd), GFP_KERNEL);
969 INIT_LIST_HEAD(&cmd->queue);
970 cmd->out_frame = out_frame;
971 cmd->in_frame = in_frame;
972 cmd->in_frame_len = in_frame_len;
973 cmd->cmd_code = PN533_CMD_UNDEF;
974 cmd->cmd_complete = cmd_complete;
977 list_add_tail(&cmd->queue, &dev->cmd_queue);
980 mutex_unlock(&dev->cmd_lock);
985 struct pn533_sync_cmd_response {
986 struct sk_buff *resp;
987 struct completion done;
990 static int pn533_send_sync_complete(struct pn533 *dev, void *_arg,
991 struct sk_buff *resp)
993 struct pn533_sync_cmd_response *arg = _arg;
995 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
998 complete(&arg->done);
1003 /* pn533_send_cmd_sync
1005 * Please note the req parameter is freed inside the function to
1006 * limit a number of return value interpretations by the caller.
1008 * 1. negative in case of error during TX path -> req should be freed
1010 * 2. negative in case of error during RX path -> req should not be freed
1011 * as it's been already freed at the begining of RX path by
1012 * async_complete_cb.
1014 * 3. valid pointer in case of succesfult RX path
1016 * A caller has to check a return value with IS_ERR macro. If the test pass,
1017 * the returned pointer is valid.
1020 static struct sk_buff *pn533_send_cmd_sync(struct pn533 *dev, u8 cmd_code,
1021 struct sk_buff *req)
1024 struct pn533_sync_cmd_response arg;
1026 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1028 init_completion(&arg.done);
1030 rc = pn533_send_cmd_async(dev, cmd_code, req,
1031 pn533_send_sync_complete, &arg);
1037 wait_for_completion(&arg.done);
1042 static void pn533_send_complete(struct urb *urb)
1044 struct pn533 *dev = urb->context;
1046 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1048 switch (urb->status) {
1055 nfc_dev_dbg(&dev->interface->dev, "Urb shutting down with"
1056 " status: %d", urb->status);
1059 nfc_dev_dbg(&dev->interface->dev, "Nonzero urb status received:"
1060 " %d", urb->status);
1064 static struct sk_buff *pn533_alloc_skb(unsigned int size)
1066 struct sk_buff *skb;
1068 skb = alloc_skb(PN533_FRAME_HEADER_LEN +
1070 PN533_FRAME_TAIL_LEN, GFP_KERNEL);
1073 skb_reserve(skb, PN533_FRAME_HEADER_LEN);
1078 struct pn533_target_type_a {
1086 #define PN533_TYPE_A_SENS_RES_NFCID1(x) ((u8)((be16_to_cpu(x) & 0x00C0) >> 6))
1087 #define PN533_TYPE_A_SENS_RES_SSD(x) ((u8)((be16_to_cpu(x) & 0x001F) >> 0))
1088 #define PN533_TYPE_A_SENS_RES_PLATCONF(x) ((u8)((be16_to_cpu(x) & 0x0F00) >> 8))
1090 #define PN533_TYPE_A_SENS_RES_SSD_JEWEL 0x00
1091 #define PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL 0x0C
1093 #define PN533_TYPE_A_SEL_PROT(x) (((x) & 0x60) >> 5)
1094 #define PN533_TYPE_A_SEL_CASCADE(x) (((x) & 0x04) >> 2)
1096 #define PN533_TYPE_A_SEL_PROT_MIFARE 0
1097 #define PN533_TYPE_A_SEL_PROT_ISO14443 1
1098 #define PN533_TYPE_A_SEL_PROT_DEP 2
1099 #define PN533_TYPE_A_SEL_PROT_ISO14443_DEP 3
1101 static bool pn533_target_type_a_is_valid(struct pn533_target_type_a *type_a,
1102 int target_data_len)
1107 if (target_data_len < sizeof(struct pn533_target_type_a))
1110 /* The lenght check of nfcid[] and ats[] are not being performed because
1111 the values are not being used */
1113 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
1114 ssd = PN533_TYPE_A_SENS_RES_SSD(type_a->sens_res);
1115 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(type_a->sens_res);
1117 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1118 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
1119 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1120 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
1123 /* Requirements 4.8.2.1, 4.8.2.3, 4.8.2.5 and 4.8.2.7 from NFC Forum */
1124 if (PN533_TYPE_A_SEL_CASCADE(type_a->sel_res) != 0)
1130 static int pn533_target_found_type_a(struct nfc_target *nfc_tgt, u8 *tgt_data,
1133 struct pn533_target_type_a *tgt_type_a;
1135 tgt_type_a = (struct pn533_target_type_a *) tgt_data;
1137 if (!pn533_target_type_a_is_valid(tgt_type_a, tgt_data_len))
1140 switch (PN533_TYPE_A_SEL_PROT(tgt_type_a->sel_res)) {
1141 case PN533_TYPE_A_SEL_PROT_MIFARE:
1142 nfc_tgt->supported_protocols = NFC_PROTO_MIFARE_MASK;
1144 case PN533_TYPE_A_SEL_PROT_ISO14443:
1145 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK;
1147 case PN533_TYPE_A_SEL_PROT_DEP:
1148 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1150 case PN533_TYPE_A_SEL_PROT_ISO14443_DEP:
1151 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_MASK |
1152 NFC_PROTO_NFC_DEP_MASK;
1156 nfc_tgt->sens_res = be16_to_cpu(tgt_type_a->sens_res);
1157 nfc_tgt->sel_res = tgt_type_a->sel_res;
1158 nfc_tgt->nfcid1_len = tgt_type_a->nfcid_len;
1159 memcpy(nfc_tgt->nfcid1, tgt_type_a->nfcid_data, nfc_tgt->nfcid1_len);
1164 struct pn533_target_felica {
1173 #define PN533_FELICA_SENSF_NFCID2_DEP_B1 0x01
1174 #define PN533_FELICA_SENSF_NFCID2_DEP_B2 0xFE
1176 static bool pn533_target_felica_is_valid(struct pn533_target_felica *felica,
1177 int target_data_len)
1179 if (target_data_len < sizeof(struct pn533_target_felica))
1182 if (felica->opcode != PN533_FELICA_OPC_SENSF_RES)
1188 static int pn533_target_found_felica(struct nfc_target *nfc_tgt, u8 *tgt_data,
1191 struct pn533_target_felica *tgt_felica;
1193 tgt_felica = (struct pn533_target_felica *) tgt_data;
1195 if (!pn533_target_felica_is_valid(tgt_felica, tgt_data_len))
1198 if (tgt_felica->nfcid2[0] == PN533_FELICA_SENSF_NFCID2_DEP_B1 &&
1199 tgt_felica->nfcid2[1] ==
1200 PN533_FELICA_SENSF_NFCID2_DEP_B2)
1201 nfc_tgt->supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1203 nfc_tgt->supported_protocols = NFC_PROTO_FELICA_MASK;
1205 memcpy(nfc_tgt->sensf_res, &tgt_felica->opcode, 9);
1206 nfc_tgt->sensf_res_len = 9;
1211 struct pn533_target_jewel {
1216 static bool pn533_target_jewel_is_valid(struct pn533_target_jewel *jewel,
1217 int target_data_len)
1222 if (target_data_len < sizeof(struct pn533_target_jewel))
1225 /* Requirement 4.6.3.3 from NFC Forum Digital Spec */
1226 ssd = PN533_TYPE_A_SENS_RES_SSD(jewel->sens_res);
1227 platconf = PN533_TYPE_A_SENS_RES_PLATCONF(jewel->sens_res);
1229 if ((ssd == PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1230 platconf != PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL) ||
1231 (ssd != PN533_TYPE_A_SENS_RES_SSD_JEWEL &&
1232 platconf == PN533_TYPE_A_SENS_RES_PLATCONF_JEWEL))
1238 static int pn533_target_found_jewel(struct nfc_target *nfc_tgt, u8 *tgt_data,
1241 struct pn533_target_jewel *tgt_jewel;
1243 tgt_jewel = (struct pn533_target_jewel *) tgt_data;
1245 if (!pn533_target_jewel_is_valid(tgt_jewel, tgt_data_len))
1248 nfc_tgt->supported_protocols = NFC_PROTO_JEWEL_MASK;
1249 nfc_tgt->sens_res = be16_to_cpu(tgt_jewel->sens_res);
1250 nfc_tgt->nfcid1_len = 4;
1251 memcpy(nfc_tgt->nfcid1, tgt_jewel->jewelid, nfc_tgt->nfcid1_len);
1256 struct pn533_type_b_prot_info {
1262 #define PN533_TYPE_B_PROT_FCSI(x) (((x) & 0xF0) >> 4)
1263 #define PN533_TYPE_B_PROT_TYPE(x) (((x) & 0x0F) >> 0)
1264 #define PN533_TYPE_B_PROT_TYPE_RFU_MASK 0x8
1266 struct pn533_type_b_sens_res {
1270 struct pn533_type_b_prot_info prot_info;
1273 #define PN533_TYPE_B_OPC_SENSB_RES 0x50
1275 struct pn533_target_type_b {
1276 struct pn533_type_b_sens_res sensb_res;
1281 static bool pn533_target_type_b_is_valid(struct pn533_target_type_b *type_b,
1282 int target_data_len)
1284 if (target_data_len < sizeof(struct pn533_target_type_b))
1287 if (type_b->sensb_res.opcode != PN533_TYPE_B_OPC_SENSB_RES)
1290 if (PN533_TYPE_B_PROT_TYPE(type_b->sensb_res.prot_info.fsci_type) &
1291 PN533_TYPE_B_PROT_TYPE_RFU_MASK)
1297 static int pn533_target_found_type_b(struct nfc_target *nfc_tgt, u8 *tgt_data,
1300 struct pn533_target_type_b *tgt_type_b;
1302 tgt_type_b = (struct pn533_target_type_b *) tgt_data;
1304 if (!pn533_target_type_b_is_valid(tgt_type_b, tgt_data_len))
1307 nfc_tgt->supported_protocols = NFC_PROTO_ISO14443_B_MASK;
1312 struct pn533_poll_response {
1318 static int pn533_target_found(struct pn533 *dev,
1319 struct pn533_poll_response *resp, int resp_len)
1321 int target_data_len;
1322 struct nfc_target nfc_tgt;
1325 nfc_dev_dbg(&dev->interface->dev, "%s - modulation=%d", __func__,
1326 dev->poll_mod_curr);
1331 memset(&nfc_tgt, 0, sizeof(struct nfc_target));
1333 target_data_len = resp_len - sizeof(struct pn533_poll_response);
1335 switch (dev->poll_mod_curr) {
1336 case PN533_POLL_MOD_106KBPS_A:
1337 rc = pn533_target_found_type_a(&nfc_tgt, resp->target_data,
1340 case PN533_POLL_MOD_212KBPS_FELICA:
1341 case PN533_POLL_MOD_424KBPS_FELICA:
1342 rc = pn533_target_found_felica(&nfc_tgt, resp->target_data,
1345 case PN533_POLL_MOD_106KBPS_JEWEL:
1346 rc = pn533_target_found_jewel(&nfc_tgt, resp->target_data,
1349 case PN533_POLL_MOD_847KBPS_B:
1350 rc = pn533_target_found_type_b(&nfc_tgt, resp->target_data,
1354 nfc_dev_err(&dev->interface->dev, "Unknown current poll"
1362 if (!(nfc_tgt.supported_protocols & dev->poll_protocols)) {
1363 nfc_dev_dbg(&dev->interface->dev, "The target found does not"
1364 " have the desired protocol");
1368 nfc_dev_dbg(&dev->interface->dev, "Target found - supported protocols: "
1369 "0x%x", nfc_tgt.supported_protocols);
1371 dev->tgt_available_prots = nfc_tgt.supported_protocols;
1373 nfc_targets_found(dev->nfc_dev, &nfc_tgt, 1);
1378 static inline void pn533_poll_next_mod(struct pn533 *dev)
1380 dev->poll_mod_curr = (dev->poll_mod_curr + 1) % dev->poll_mod_count;
1383 static void pn533_poll_reset_mod_list(struct pn533 *dev)
1385 dev->poll_mod_count = 0;
1388 static void pn533_poll_add_mod(struct pn533 *dev, u8 mod_index)
1390 dev->poll_mod_active[dev->poll_mod_count] =
1391 (struct pn533_poll_modulations *) &poll_mod[mod_index];
1392 dev->poll_mod_count++;
1395 static void pn533_poll_create_mod_list(struct pn533 *dev,
1396 u32 im_protocols, u32 tm_protocols)
1398 pn533_poll_reset_mod_list(dev);
1400 if (im_protocols & NFC_PROTO_MIFARE_MASK
1401 || im_protocols & NFC_PROTO_ISO14443_MASK
1402 || im_protocols & NFC_PROTO_NFC_DEP_MASK)
1403 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_A);
1405 if (im_protocols & NFC_PROTO_FELICA_MASK
1406 || im_protocols & NFC_PROTO_NFC_DEP_MASK) {
1407 pn533_poll_add_mod(dev, PN533_POLL_MOD_212KBPS_FELICA);
1408 pn533_poll_add_mod(dev, PN533_POLL_MOD_424KBPS_FELICA);
1411 if (im_protocols & NFC_PROTO_JEWEL_MASK)
1412 pn533_poll_add_mod(dev, PN533_POLL_MOD_106KBPS_JEWEL);
1414 if (im_protocols & NFC_PROTO_ISO14443_B_MASK)
1415 pn533_poll_add_mod(dev, PN533_POLL_MOD_847KBPS_B);
1418 pn533_poll_add_mod(dev, PN533_LISTEN_MOD);
1421 static int pn533_start_poll_complete(struct pn533 *dev, u8 *params, int params_len)
1423 struct pn533_poll_response *resp;
1426 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1428 resp = (struct pn533_poll_response *) params;
1430 rc = pn533_target_found(dev, resp, params_len);
1432 /* We must stop the poll after a valid target found */
1434 pn533_poll_reset_mod_list(dev);
1442 static int pn533_init_target_frame(struct pn533_frame *frame,
1443 u8 *gb, size_t gb_len)
1445 struct pn533_cmd_init_target *cmd;
1447 u8 felica_params[18] = {0x1, 0xfe, /* DEP */
1448 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, /* random */
1449 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
1450 0xff, 0xff}; /* System code */
1451 u8 mifare_params[6] = {0x1, 0x1, /* SENS_RES */
1453 0x40}; /* SEL_RES for DEP */
1455 cmd_len = sizeof(struct pn533_cmd_init_target) + gb_len + 1;
1456 cmd = kzalloc(cmd_len, GFP_KERNEL);
1460 pn533_tx_frame_init(frame, PN533_CMD_TG_INIT_AS_TARGET);
1462 /* DEP support only */
1463 cmd->mode |= PN533_INIT_TARGET_DEP;
1466 memcpy(cmd->felica, felica_params, 18);
1467 get_random_bytes(cmd->felica + 2, 6);
1470 memset(cmd->nfcid3, 0, 10);
1471 memcpy(cmd->nfcid3, cmd->felica, 8);
1474 memcpy(cmd->mifare, mifare_params, 6);
1477 cmd->gb_len = gb_len;
1478 memcpy(cmd->gb, gb, gb_len);
1481 cmd->gb[gb_len] = 0;
1483 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), cmd, cmd_len);
1485 frame->datalen += cmd_len;
1487 pn533_tx_frame_finish(frame);
1494 #define PN533_CMD_DATAEXCH_HEAD_LEN 1
1495 #define PN533_CMD_DATAEXCH_DATA_MAXLEN 262
1496 static int pn533_tm_get_data_complete(struct pn533 *dev, void *arg,
1497 struct sk_buff *resp)
1501 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1504 return PTR_ERR(resp);
1506 status = resp->data[0];
1507 skb_pull(resp, sizeof(status));
1510 nfc_tm_deactivated(dev->nfc_dev);
1512 dev_kfree_skb(resp);
1516 return nfc_tm_data_received(dev->nfc_dev, resp);
1519 static void pn533_wq_tg_get_data(struct work_struct *work)
1521 struct pn533 *dev = container_of(work, struct pn533, tg_work);
1523 struct sk_buff *skb;
1526 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1528 skb = pn533_alloc_skb(0);
1532 rc = pn533_send_data_async(dev, PN533_CMD_TG_GET_DATA, skb,
1533 pn533_tm_get_data_complete, NULL);
1541 #define ATR_REQ_GB_OFFSET 17
1542 static int pn533_init_target_complete(struct pn533 *dev, u8 *params, int params_len)
1544 struct pn533_cmd_init_target_response *resp;
1545 u8 frame, comm_mode = NFC_COMM_PASSIVE, *gb;
1549 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1551 if (params_len < 0) {
1552 nfc_dev_err(&dev->interface->dev,
1553 "Error %d when starting as a target",
1559 if (params_len < ATR_REQ_GB_OFFSET + 1)
1562 resp = (struct pn533_cmd_init_target_response *) params;
1564 nfc_dev_dbg(&dev->interface->dev, "Target mode 0x%x param len %d\n",
1565 resp->mode, params_len);
1567 frame = resp->mode & PN533_INIT_TARGET_RESP_FRAME_MASK;
1568 if (frame == PN533_INIT_TARGET_RESP_ACTIVE)
1569 comm_mode = NFC_COMM_ACTIVE;
1571 /* Again, only DEP */
1572 if ((resp->mode & PN533_INIT_TARGET_RESP_DEP) == 0)
1575 gb = resp->cmd + ATR_REQ_GB_OFFSET;
1576 gb_len = params_len - (ATR_REQ_GB_OFFSET + 1);
1578 rc = nfc_tm_activated(dev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1579 comm_mode, gb, gb_len);
1581 nfc_dev_err(&dev->interface->dev,
1582 "Error when signaling target activation");
1588 queue_work(dev->wq, &dev->tg_work);
1593 static void pn533_listen_mode_timer(unsigned long data)
1595 struct pn533 *dev = (struct pn533 *) data;
1597 nfc_dev_dbg(&dev->interface->dev, "Listen mode timeout");
1599 /* An ack will cancel the last issued command (poll) */
1600 pn533_send_ack(dev, GFP_ATOMIC);
1602 dev->cancel_listen = 1;
1604 pn533_poll_next_mod(dev);
1606 queue_work(dev->wq, &dev->poll_work);
1609 static int pn533_poll_complete(struct pn533 *dev, void *arg,
1610 u8 *params, int params_len)
1612 struct pn533_poll_modulations *cur_mod;
1615 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1617 if (params_len == -ENOENT) {
1618 if (dev->poll_mod_count != 0)
1621 nfc_dev_err(&dev->interface->dev,
1622 "Polling operation has been stopped");
1627 if (params_len < 0) {
1628 nfc_dev_err(&dev->interface->dev,
1629 "Error %d when running poll", params_len);
1634 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1636 if (cur_mod->len == 0) {
1637 del_timer(&dev->listen_timer);
1639 return pn533_init_target_complete(dev, params, params_len);
1641 rc = pn533_start_poll_complete(dev, params, params_len);
1646 pn533_poll_next_mod(dev);
1648 queue_work(dev->wq, &dev->poll_work);
1653 pn533_poll_reset_mod_list(dev);
1654 dev->poll_protocols = 0;
1658 static void pn533_build_poll_frame(struct pn533 *dev,
1659 struct pn533_frame *frame,
1660 struct pn533_poll_modulations *mod)
1662 nfc_dev_dbg(&dev->interface->dev, "mod len %d\n", mod->len);
1664 if (mod->len == 0) {
1666 pn533_init_target_frame(frame, dev->gb, dev->gb_len);
1669 pn533_tx_frame_init(frame, PN533_CMD_IN_LIST_PASSIVE_TARGET);
1671 memcpy(PN533_FRAME_CMD_PARAMS_PTR(frame), &mod->data, mod->len);
1672 frame->datalen += mod->len;
1674 pn533_tx_frame_finish(frame);
1678 static int pn533_send_poll_frame(struct pn533 *dev)
1680 struct pn533_poll_modulations *cur_mod;
1683 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1685 pn533_build_poll_frame(dev, dev->out_frame, cur_mod);
1687 rc = pn533_send_cmd_frame_async(dev, dev->out_frame, dev->in_frame,
1688 PN533_NORMAL_FRAME_MAX_LEN,
1689 pn533_poll_complete,
1692 nfc_dev_err(&dev->interface->dev, "Polling loop error %d", rc);
1697 static void pn533_wq_poll(struct work_struct *work)
1699 struct pn533 *dev = container_of(work, struct pn533, poll_work);
1700 struct pn533_poll_modulations *cur_mod;
1703 cur_mod = dev->poll_mod_active[dev->poll_mod_curr];
1705 nfc_dev_dbg(&dev->interface->dev,
1706 "%s cancel_listen %d modulation len %d",
1707 __func__, dev->cancel_listen, cur_mod->len);
1709 if (dev->cancel_listen == 1) {
1710 dev->cancel_listen = 0;
1711 usb_kill_urb(dev->in_urb);
1714 rc = pn533_send_poll_frame(dev);
1718 if (cur_mod->len == 0 && dev->poll_mod_count > 1)
1719 mod_timer(&dev->listen_timer, jiffies + PN533_LISTEN_TIME * HZ);
1724 static int pn533_start_poll(struct nfc_dev *nfc_dev,
1725 u32 im_protocols, u32 tm_protocols)
1727 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1729 nfc_dev_dbg(&dev->interface->dev,
1730 "%s: im protocols 0x%x tm protocols 0x%x",
1731 __func__, im_protocols, tm_protocols);
1733 if (dev->tgt_active_prot) {
1734 nfc_dev_err(&dev->interface->dev,
1735 "Cannot poll with a target already activated");
1739 if (dev->tgt_mode) {
1740 nfc_dev_err(&dev->interface->dev,
1741 "Cannot poll while already being activated");
1746 dev->gb = nfc_get_local_general_bytes(nfc_dev, &dev->gb_len);
1747 if (dev->gb == NULL)
1751 dev->poll_mod_curr = 0;
1752 pn533_poll_create_mod_list(dev, im_protocols, tm_protocols);
1753 dev->poll_protocols = im_protocols;
1754 dev->listen_protocols = tm_protocols;
1756 return pn533_send_poll_frame(dev);
1759 static void pn533_stop_poll(struct nfc_dev *nfc_dev)
1761 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1763 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1765 del_timer(&dev->listen_timer);
1767 if (!dev->poll_mod_count) {
1768 nfc_dev_dbg(&dev->interface->dev, "Polling operation was not"
1773 /* An ack will cancel the last issued command (poll) */
1774 pn533_send_ack(dev, GFP_KERNEL);
1776 /* prevent pn533_start_poll_complete to issue a new poll meanwhile */
1777 usb_kill_urb(dev->in_urb);
1779 pn533_poll_reset_mod_list(dev);
1782 static int pn533_activate_target_nfcdep(struct pn533 *dev)
1784 struct pn533_cmd_activate_response *rsp;
1788 struct sk_buff *skb;
1789 struct sk_buff *resp;
1791 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1793 skb = pn533_alloc_skb(sizeof(u8) * 2); /*TG + Next*/
1797 *skb_put(skb, sizeof(u8)) = 1; /* TG */
1798 *skb_put(skb, sizeof(u8)) = 0; /* Next */
1800 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_ATR, skb);
1802 return PTR_ERR(resp);
1804 rsp = (struct pn533_cmd_activate_response *) resp->data;
1805 rc = rsp->status & PN533_CMD_RET_MASK;
1806 if (rc != PN533_CMD_RET_SUCCESS)
1807 dev_kfree_skb(resp);
1810 /* ATR_RES general bytes are located at offset 16 */
1811 gt_len = resp->len - 16;
1812 rc = nfc_set_remote_general_bytes(dev->nfc_dev, rsp->gt, gt_len);
1814 dev_kfree_skb(resp);
1818 static int pn533_activate_target(struct nfc_dev *nfc_dev,
1819 struct nfc_target *target, u32 protocol)
1821 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1824 nfc_dev_dbg(&dev->interface->dev, "%s - protocol=%u", __func__,
1827 if (dev->poll_mod_count) {
1828 nfc_dev_err(&dev->interface->dev, "Cannot activate while"
1833 if (dev->tgt_active_prot) {
1834 nfc_dev_err(&dev->interface->dev, "There is already an active"
1839 if (!dev->tgt_available_prots) {
1840 nfc_dev_err(&dev->interface->dev, "There is no available target"
1845 if (!(dev->tgt_available_prots & (1 << protocol))) {
1846 nfc_dev_err(&dev->interface->dev, "The target does not support"
1847 " the requested protocol %u", protocol);
1851 if (protocol == NFC_PROTO_NFC_DEP) {
1852 rc = pn533_activate_target_nfcdep(dev);
1854 nfc_dev_err(&dev->interface->dev, "Error %d when"
1855 " activating target with"
1856 " NFC_DEP protocol", rc);
1861 dev->tgt_active_prot = protocol;
1862 dev->tgt_available_prots = 0;
1867 static void pn533_deactivate_target(struct nfc_dev *nfc_dev,
1868 struct nfc_target *target)
1870 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1872 struct sk_buff *skb;
1873 struct sk_buff *resp;
1877 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1879 if (!dev->tgt_active_prot) {
1880 nfc_dev_err(&dev->interface->dev, "There is no active target");
1884 dev->tgt_active_prot = 0;
1885 skb_queue_purge(&dev->resp_q);
1887 skb = pn533_alloc_skb(sizeof(u8));
1891 *skb_put(skb, 1) = 1; /* TG*/
1893 resp = pn533_send_cmd_sync(dev, PN533_CMD_IN_RELEASE, skb);
1897 rc = resp->data[0] & PN533_CMD_RET_MASK;
1898 if (rc != PN533_CMD_RET_SUCCESS)
1899 nfc_dev_err(&dev->interface->dev, "Error 0x%x when releasing"
1902 dev_kfree_skb(resp);
1907 static int pn533_in_dep_link_up_complete(struct pn533 *dev, void *arg,
1908 struct sk_buff *resp)
1910 struct pn533_cmd_jump_dep_response *rsp;
1913 u8 active = *(u8 *)arg;
1918 return PTR_ERR(resp);
1920 if (dev->tgt_available_prots &&
1921 !(dev->tgt_available_prots & (1 << NFC_PROTO_NFC_DEP))) {
1922 nfc_dev_err(&dev->interface->dev,
1923 "The target does not support DEP");
1928 rsp = (struct pn533_cmd_jump_dep_response *)resp->data;
1930 rc = rsp->status & PN533_CMD_RET_MASK;
1931 if (rc != PN533_CMD_RET_SUCCESS) {
1932 nfc_dev_err(&dev->interface->dev,
1933 "Bringing DEP link up failed %d", rc);
1937 if (!dev->tgt_available_prots) {
1938 struct nfc_target nfc_target;
1940 nfc_dev_dbg(&dev->interface->dev, "Creating new target");
1942 nfc_target.supported_protocols = NFC_PROTO_NFC_DEP_MASK;
1943 nfc_target.nfcid1_len = 10;
1944 memcpy(nfc_target.nfcid1, rsp->nfcid3t, nfc_target.nfcid1_len);
1945 rc = nfc_targets_found(dev->nfc_dev, &nfc_target, 1);
1949 dev->tgt_available_prots = 0;
1952 dev->tgt_active_prot = NFC_PROTO_NFC_DEP;
1954 /* ATR_RES general bytes are located at offset 17 */
1955 target_gt_len = resp->len - 17;
1956 rc = nfc_set_remote_general_bytes(dev->nfc_dev,
1957 rsp->gt, target_gt_len);
1959 rc = nfc_dep_link_is_up(dev->nfc_dev,
1960 dev->nfc_dev->targets[0].idx,
1961 !active, NFC_RF_INITIATOR);
1964 dev_kfree_skb(resp);
1968 static int pn533_mod_to_baud(struct pn533 *dev)
1970 switch (dev->poll_mod_curr) {
1971 case PN533_POLL_MOD_106KBPS_A:
1973 case PN533_POLL_MOD_212KBPS_FELICA:
1975 case PN533_POLL_MOD_424KBPS_FELICA:
1982 #define PASSIVE_DATA_LEN 5
1983 static int pn533_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
1984 u8 comm_mode, u8* gb, size_t gb_len)
1986 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
1987 struct sk_buff *skb;
1988 int rc, baud, skb_len;
1991 u8 passive_data[PASSIVE_DATA_LEN] = {0x00, 0xff, 0xff, 0x00, 0x3};
1993 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
1995 if (dev->poll_mod_count) {
1996 nfc_dev_err(&dev->interface->dev,
1997 "Cannot bring the DEP link up while polling");
2001 if (dev->tgt_active_prot) {
2002 nfc_dev_err(&dev->interface->dev,
2003 "There is already an active target");
2007 baud = pn533_mod_to_baud(dev);
2009 nfc_dev_err(&dev->interface->dev,
2010 "Invalid curr modulation %d", dev->poll_mod_curr);
2014 skb_len = 3 + gb_len; /* ActPass + BR + Next */
2015 if (comm_mode == NFC_COMM_PASSIVE)
2016 skb_len += PASSIVE_DATA_LEN;
2018 skb = pn533_alloc_skb(skb_len);
2022 *skb_put(skb, 1) = !comm_mode; /* ActPass */
2023 *skb_put(skb, 1) = baud; /* Baud rate */
2025 next = skb_put(skb, 1); /* Next */
2028 if (comm_mode == NFC_COMM_PASSIVE && baud > 0) {
2029 memcpy(skb_put(skb, PASSIVE_DATA_LEN), passive_data,
2034 if (gb != NULL && gb_len > 0) {
2035 memcpy(skb_put(skb, gb_len), gb, gb_len);
2036 *next |= 4; /* We have some Gi */
2041 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
2049 rc = pn533_send_cmd_async(dev, PN533_CMD_IN_JUMP_FOR_DEP, skb,
2050 pn533_in_dep_link_up_complete, arg);
2060 static int pn533_dep_link_down(struct nfc_dev *nfc_dev)
2062 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2064 pn533_poll_reset_mod_list(dev);
2066 if (dev->tgt_mode || dev->tgt_active_prot) {
2067 pn533_send_ack(dev, GFP_KERNEL);
2068 usb_kill_urb(dev->in_urb);
2071 dev->tgt_active_prot = 0;
2074 skb_queue_purge(&dev->resp_q);
2079 struct pn533_data_exchange_arg {
2080 data_exchange_cb_t cb;
2084 static struct sk_buff *pn533_build_response(struct pn533 *dev)
2086 struct sk_buff *skb, *tmp, *t;
2087 unsigned int skb_len = 0, tmp_len = 0;
2089 nfc_dev_dbg(&dev->interface->dev, "%s\n", __func__);
2091 if (skb_queue_empty(&dev->resp_q))
2094 if (skb_queue_len(&dev->resp_q) == 1) {
2095 skb = skb_dequeue(&dev->resp_q);
2099 skb_queue_walk_safe(&dev->resp_q, tmp, t)
2100 skb_len += tmp->len;
2102 nfc_dev_dbg(&dev->interface->dev, "%s total length %d\n",
2105 skb = alloc_skb(skb_len, GFP_KERNEL);
2109 skb_put(skb, skb_len);
2111 skb_queue_walk_safe(&dev->resp_q, tmp, t) {
2112 memcpy(skb->data + tmp_len, tmp->data, tmp->len);
2113 tmp_len += tmp->len;
2117 skb_queue_purge(&dev->resp_q);
2122 static int pn533_data_exchange_complete(struct pn533 *dev, void *_arg,
2123 struct sk_buff *resp)
2125 struct pn533_data_exchange_arg *arg = _arg;
2126 struct sk_buff *skb;
2130 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2137 status = resp->data[0];
2138 ret = status & PN533_CMD_RET_MASK;
2139 mi = status & PN533_CMD_MI_MASK;
2141 skb_pull(resp, sizeof(status));
2143 if (ret != PN533_CMD_RET_SUCCESS) {
2144 nfc_dev_err(&dev->interface->dev,
2145 "PN533 reported error %d when exchanging data",
2151 skb_queue_tail(&dev->resp_q, resp);
2154 dev->cmd_complete_mi_arg = arg;
2155 queue_work(dev->wq, &dev->mi_work);
2156 return -EINPROGRESS;
2159 skb = pn533_build_response(dev);
2163 arg->cb(arg->cb_context, skb, 0);
2168 dev_kfree_skb(resp);
2170 skb_queue_purge(&dev->resp_q);
2171 arg->cb(arg->cb_context, NULL, rc);
2176 static int pn533_transceive(struct nfc_dev *nfc_dev,
2177 struct nfc_target *target, struct sk_buff *skb,
2178 data_exchange_cb_t cb, void *cb_context)
2180 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2181 struct pn533_data_exchange_arg *arg = NULL;
2184 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2186 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2187 /* TODO: Implement support to multi-part data exchange */
2188 nfc_dev_err(&dev->interface->dev,
2189 "Data length greater than the max allowed: %d",
2190 PN533_CMD_DATAEXCH_DATA_MAXLEN);
2195 if (!dev->tgt_active_prot) {
2196 nfc_dev_err(&dev->interface->dev, "Cannot exchange data if"
2197 " there is no active target");
2202 arg = kmalloc(sizeof(*arg), GFP_KERNEL);
2209 arg->cb_context = cb_context;
2211 switch (dev->device_type) {
2212 case PN533_DEVICE_PASORI:
2213 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2214 rc = pn533_send_data_async(dev, PN533_CMD_IN_COMM_THRU,
2216 pn533_data_exchange_complete,
2222 *skb_push(skb, sizeof(u8)) = 1; /*TG*/
2224 rc = pn533_send_data_async(dev, PN533_CMD_IN_DATA_EXCHANGE,
2225 skb, pn533_data_exchange_complete,
2231 if (rc < 0) /* rc from send_async */
2242 static int pn533_tm_send_complete(struct pn533 *dev, void *arg,
2243 struct sk_buff *resp)
2247 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2250 return PTR_ERR(resp);
2252 status = resp->data[0];
2254 dev_kfree_skb(resp);
2257 nfc_tm_deactivated(dev->nfc_dev);
2264 queue_work(dev->wq, &dev->tg_work);
2269 static int pn533_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
2271 struct pn533 *dev = nfc_get_drvdata(nfc_dev);
2274 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2276 if (skb->len > PN533_CMD_DATAEXCH_DATA_MAXLEN) {
2277 nfc_dev_err(&dev->interface->dev,
2278 "Data length greater than the max allowed: %d",
2279 PN533_CMD_DATAEXCH_DATA_MAXLEN);
2283 rc = pn533_send_data_async(dev, PN533_CMD_TG_SET_DATA, skb,
2284 pn533_tm_send_complete, NULL);
2291 static void pn533_wq_mi_recv(struct work_struct *work)
2293 struct pn533 *dev = container_of(work, struct pn533, mi_work);
2295 struct sk_buff *skb;
2298 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2300 skb = pn533_alloc_skb(PN533_CMD_DATAEXCH_HEAD_LEN);
2304 switch (dev->device_type) {
2305 case PN533_DEVICE_PASORI:
2306 if (dev->tgt_active_prot == NFC_PROTO_FELICA) {
2307 rc = pn533_send_cmd_direct_async(dev,
2308 PN533_CMD_IN_COMM_THRU,
2310 pn533_data_exchange_complete,
2311 dev->cmd_complete_mi_arg);
2316 *skb_put(skb, sizeof(u8)) = 1; /*TG*/
2318 rc = pn533_send_cmd_direct_async(dev,
2319 PN533_CMD_IN_DATA_EXCHANGE,
2321 pn533_data_exchange_complete,
2322 dev->cmd_complete_mi_arg);
2327 if (rc == 0) /* success */
2330 nfc_dev_err(&dev->interface->dev,
2331 "Error %d when trying to perform data_exchange", rc);
2334 kfree(dev->cmd_complete_arg);
2337 pn533_send_ack(dev, GFP_KERNEL);
2338 queue_work(dev->wq, &dev->cmd_work);
2341 static int pn533_set_configuration(struct pn533 *dev, u8 cfgitem, u8 *cfgdata,
2344 struct sk_buff *skb;
2345 struct sk_buff *resp;
2349 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2351 skb_len = sizeof(cfgitem) + cfgdata_len; /* cfgitem + cfgdata */
2353 skb = pn533_alloc_skb(skb_len);
2357 *skb_put(skb, sizeof(cfgitem)) = cfgitem;
2358 memcpy(skb_put(skb, cfgdata_len), cfgdata, cfgdata_len);
2360 resp = pn533_send_cmd_sync(dev, PN533_CMD_RF_CONFIGURATION, skb);
2362 return PTR_ERR(resp);
2364 dev_kfree_skb(resp);
2368 static int pn533_get_firmware_version(struct pn533 *dev,
2369 struct pn533_fw_version *fv)
2371 struct sk_buff *skb;
2372 struct sk_buff *resp;
2374 skb = pn533_alloc_skb(0);
2378 resp = pn533_send_cmd_sync(dev, PN533_CMD_GET_FIRMWARE_VERSION, skb);
2380 return PTR_ERR(resp);
2382 fv->ic = resp->data[0];
2383 fv->ver = resp->data[1];
2384 fv->rev = resp->data[2];
2385 fv->support = resp->data[3];
2387 dev_kfree_skb(resp);
2391 static int pn533_fw_reset(struct pn533 *dev)
2393 struct sk_buff *skb;
2394 struct sk_buff *resp;
2396 nfc_dev_dbg(&dev->interface->dev, "%s", __func__);
2398 skb = pn533_alloc_skb(sizeof(u8));
2402 *skb_put(skb, sizeof(u8)) = 0x1;
2404 resp = pn533_send_cmd_sync(dev, 0x18, skb);
2406 return PTR_ERR(resp);
2408 dev_kfree_skb(resp);
2413 static struct nfc_ops pn533_nfc_ops = {
2416 .dep_link_up = pn533_dep_link_up,
2417 .dep_link_down = pn533_dep_link_down,
2418 .start_poll = pn533_start_poll,
2419 .stop_poll = pn533_stop_poll,
2420 .activate_target = pn533_activate_target,
2421 .deactivate_target = pn533_deactivate_target,
2422 .im_transceive = pn533_transceive,
2423 .tm_send = pn533_tm_send,
2426 static int pn533_setup(struct pn533 *dev)
2428 struct pn533_config_max_retries max_retries;
2429 struct pn533_config_timing timing;
2430 u8 pasori_cfg[3] = {0x08, 0x01, 0x08};
2433 switch (dev->device_type) {
2434 case PN533_DEVICE_STD:
2435 max_retries.mx_rty_atr = PN533_CONFIG_MAX_RETRIES_ENDLESS;
2436 max_retries.mx_rty_psl = 2;
2437 max_retries.mx_rty_passive_act =
2438 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2440 timing.rfu = PN533_CONFIG_TIMING_102;
2441 timing.atr_res_timeout = PN533_CONFIG_TIMING_204;
2442 timing.dep_timeout = PN533_CONFIG_TIMING_409;
2446 case PN533_DEVICE_PASORI:
2447 max_retries.mx_rty_atr = 0x2;
2448 max_retries.mx_rty_psl = 0x1;
2449 max_retries.mx_rty_passive_act =
2450 PN533_CONFIG_MAX_RETRIES_NO_RETRY;
2452 timing.rfu = PN533_CONFIG_TIMING_102;
2453 timing.atr_res_timeout = PN533_CONFIG_TIMING_102;
2454 timing.dep_timeout = PN533_CONFIG_TIMING_204;
2459 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2464 rc = pn533_set_configuration(dev, PN533_CFGITEM_MAX_RETRIES,
2465 (u8 *)&max_retries, sizeof(max_retries));
2467 nfc_dev_err(&dev->interface->dev,
2468 "Error on setting MAX_RETRIES config");
2473 rc = pn533_set_configuration(dev, PN533_CFGITEM_TIMING,
2474 (u8 *)&timing, sizeof(timing));
2476 nfc_dev_err(&dev->interface->dev,
2477 "Error on setting RF timings");
2481 switch (dev->device_type) {
2482 case PN533_DEVICE_STD:
2485 case PN533_DEVICE_PASORI:
2486 pn533_fw_reset(dev);
2488 rc = pn533_set_configuration(dev, PN533_CFGITEM_PASORI,
2491 nfc_dev_err(&dev->interface->dev,
2492 "Error while settings PASORI config");
2496 pn533_fw_reset(dev);
2504 static int pn533_probe(struct usb_interface *interface,
2505 const struct usb_device_id *id)
2507 struct pn533_fw_version fw_ver;
2509 struct usb_host_interface *iface_desc;
2510 struct usb_endpoint_descriptor *endpoint;
2511 int in_endpoint = 0;
2512 int out_endpoint = 0;
2517 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2521 dev->udev = usb_get_dev(interface_to_usbdev(interface));
2522 dev->interface = interface;
2523 mutex_init(&dev->cmd_lock);
2525 iface_desc = interface->cur_altsetting;
2526 for (i = 0; i < iface_desc->desc.bNumEndpoints; ++i) {
2527 endpoint = &iface_desc->endpoint[i].desc;
2529 if (!in_endpoint && usb_endpoint_is_bulk_in(endpoint))
2530 in_endpoint = endpoint->bEndpointAddress;
2532 if (!out_endpoint && usb_endpoint_is_bulk_out(endpoint))
2533 out_endpoint = endpoint->bEndpointAddress;
2536 if (!in_endpoint || !out_endpoint) {
2537 nfc_dev_err(&interface->dev, "Could not find bulk-in or"
2538 " bulk-out endpoint");
2543 dev->in_frame = kmalloc(PN533_NORMAL_FRAME_MAX_LEN, GFP_KERNEL);
2544 dev->in_urb = usb_alloc_urb(0, GFP_KERNEL);
2545 dev->out_frame = kmalloc(PN533_NORMAL_FRAME_MAX_LEN, GFP_KERNEL);
2546 dev->out_urb = usb_alloc_urb(0, GFP_KERNEL);
2548 if (!dev->in_frame || !dev->out_frame ||
2549 !dev->in_urb || !dev->out_urb)
2552 usb_fill_bulk_urb(dev->in_urb, dev->udev,
2553 usb_rcvbulkpipe(dev->udev, in_endpoint),
2554 NULL, 0, NULL, dev);
2555 usb_fill_bulk_urb(dev->out_urb, dev->udev,
2556 usb_sndbulkpipe(dev->udev, out_endpoint),
2558 pn533_send_complete, dev);
2560 INIT_WORK(&dev->cmd_work, pn533_wq_cmd);
2561 INIT_WORK(&dev->cmd_complete_work, pn533_wq_cmd_complete);
2562 INIT_WORK(&dev->mi_work, pn533_wq_mi_recv);
2563 INIT_WORK(&dev->tg_work, pn533_wq_tg_get_data);
2564 INIT_WORK(&dev->poll_work, pn533_wq_poll);
2565 dev->wq = alloc_ordered_workqueue("pn533", 0);
2566 if (dev->wq == NULL)
2569 init_timer(&dev->listen_timer);
2570 dev->listen_timer.data = (unsigned long) dev;
2571 dev->listen_timer.function = pn533_listen_mode_timer;
2573 skb_queue_head_init(&dev->resp_q);
2575 INIT_LIST_HEAD(&dev->cmd_queue);
2577 usb_set_intfdata(interface, dev);
2579 memset(&fw_ver, 0, sizeof(fw_ver));
2580 rc = pn533_get_firmware_version(dev, &fw_ver);
2584 nfc_dev_info(&dev->interface->dev,
2585 "NXP PN533 firmware ver %d.%d now attached",
2586 fw_ver.ver, fw_ver.rev);
2588 dev->device_type = id->driver_info;
2589 switch (dev->device_type) {
2590 case PN533_DEVICE_STD:
2591 protocols = PN533_ALL_PROTOCOLS;
2594 case PN533_DEVICE_PASORI:
2595 protocols = PN533_NO_TYPE_B_PROTOCOLS;
2599 nfc_dev_err(&dev->interface->dev, "Unknown device type %d\n",
2605 dev->nfc_dev = nfc_allocate_device(&pn533_nfc_ops, protocols,
2606 PN533_FRAME_HEADER_LEN +
2607 PN533_CMD_DATAEXCH_HEAD_LEN,
2608 PN533_FRAME_TAIL_LEN);
2612 nfc_set_parent_dev(dev->nfc_dev, &interface->dev);
2613 nfc_set_drvdata(dev->nfc_dev, dev);
2615 rc = nfc_register_device(dev->nfc_dev);
2619 rc = pn533_setup(dev);
2621 goto unregister_nfc_dev;
2626 nfc_unregister_device(dev->nfc_dev);
2629 nfc_free_device(dev->nfc_dev);
2632 destroy_workqueue(dev->wq);
2634 kfree(dev->in_frame);
2635 usb_free_urb(dev->in_urb);
2636 kfree(dev->out_frame);
2637 usb_free_urb(dev->out_urb);
2642 static void pn533_disconnect(struct usb_interface *interface)
2645 struct pn533_cmd *cmd, *n;
2647 dev = usb_get_intfdata(interface);
2648 usb_set_intfdata(interface, NULL);
2650 nfc_unregister_device(dev->nfc_dev);
2651 nfc_free_device(dev->nfc_dev);
2653 usb_kill_urb(dev->in_urb);
2654 usb_kill_urb(dev->out_urb);
2656 destroy_workqueue(dev->wq);
2658 skb_queue_purge(&dev->resp_q);
2660 del_timer(&dev->listen_timer);
2662 list_for_each_entry_safe(cmd, n, &dev->cmd_queue, queue) {
2663 list_del(&cmd->queue);
2667 kfree(dev->in_frame);
2668 usb_free_urb(dev->in_urb);
2669 kfree(dev->out_frame);
2670 usb_free_urb(dev->out_urb);
2673 nfc_dev_info(&interface->dev, "NXP PN533 NFC device disconnected");
2676 static struct usb_driver pn533_driver = {
2678 .probe = pn533_probe,
2679 .disconnect = pn533_disconnect,
2680 .id_table = pn533_table,
2683 module_usb_driver(pn533_driver);
2685 MODULE_AUTHOR("Lauro Ramos Venancio <lauro.venancio@openbossa.org>,"
2686 " Aloisio Almeida Jr <aloisio.almeida@openbossa.org>");
2687 MODULE_DESCRIPTION("PN533 usb driver ver " VERSION);
2688 MODULE_VERSION(VERSION);
2689 MODULE_LICENSE("GPL");