2 * The NFC Controller Interface is the communication protocol between an
3 * NFC Controller (NFCC) and a Device Host (DH).
4 * This is the HCI over NCI implementation, as specified in the 10.2
5 * section of the NCI 1.1 specification.
7 * Copyright (C) 2014 STMicroelectronics SAS. All rights reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2
11 * as published by the Free Software Foundation
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 #include <linux/skbuff.h>
26 #include <net/nfc/nci.h>
27 #include <net/nfc/nci_core.h>
28 #include <linux/nfc.h>
38 struct nci_hci_create_pipe_params {
44 struct nci_hci_create_pipe_resp {
52 struct nci_hci_delete_pipe_noti {
56 struct nci_hci_all_pipe_cleared_noti {
60 struct nci_hcp_message {
61 u8 header; /* type -cmd,evt,rsp- + instruction */
65 struct nci_hcp_packet {
66 u8 header; /* cbit+pipe */
67 struct nci_hcp_message message;
70 #define NCI_HCI_ANY_SET_PARAMETER 0x01
71 #define NCI_HCI_ANY_GET_PARAMETER 0x02
72 #define NCI_HCI_ANY_CLOSE_PIPE 0x04
74 #define NCI_HFP_NO_CHAINING 0x80
76 #define NCI_NFCEE_ID_HCI 0x80
78 #define NCI_EVT_HOT_PLUG 0x03
80 #define NCI_HCI_ADMIN_PARAM_SESSION_IDENTITY 0x01
83 #define NCI_HCI_HCP_PACKET_HEADER_LEN 1
84 #define NCI_HCI_HCP_MESSAGE_HEADER_LEN 1
85 #define NCI_HCI_HCP_HEADER_LEN 2
88 #define NCI_HCI_HCP_COMMAND 0x00
89 #define NCI_HCI_HCP_EVENT 0x01
90 #define NCI_HCI_HCP_RESPONSE 0x02
92 #define NCI_HCI_ADM_NOTIFY_PIPE_CREATED 0x12
93 #define NCI_HCI_ADM_NOTIFY_PIPE_DELETED 0x13
94 #define NCI_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED 0x15
96 #define NCI_HCI_FRAGMENT 0x7f
97 #define NCI_HCP_HEADER(type, instr) ((((type) & 0x03) << 6) |\
100 #define NCI_HCP_MSG_GET_TYPE(header) ((header & 0xc0) >> 6)
101 #define NCI_HCP_MSG_GET_CMD(header) (header & 0x3f)
102 #define NCI_HCP_MSG_GET_PIPE(header) (header & 0x7f)
105 static void nci_hci_reset_pipes(struct nci_hci_dev *hdev)
109 for (i = 0; i < NCI_HCI_MAX_PIPES; i++) {
110 hdev->pipes[i].gate = NCI_HCI_INVALID_GATE;
111 hdev->pipes[i].host = NCI_HCI_INVALID_HOST;
113 memset(hdev->gate2pipe, NCI_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe));
116 static void nci_hci_reset_pipes_per_host(struct nci_dev *ndev, u8 host)
120 for (i = 0; i < NCI_HCI_MAX_PIPES; i++) {
121 if (ndev->hci_dev->pipes[i].host == host) {
122 ndev->hci_dev->pipes[i].gate = NCI_HCI_INVALID_GATE;
123 ndev->hci_dev->pipes[i].host = NCI_HCI_INVALID_HOST;
128 /* Fragment HCI data over NCI packet.
129 * NFC Forum NCI 10.2.2 Data Exchange:
130 * The payload of the Data Packets sent on the Logical Connection SHALL be
131 * valid HCP packets, as defined within [ETSI_102622]. Each Data Packet SHALL
132 * contain a single HCP packet. NCI Segmentation and Reassembly SHALL NOT be
133 * applied to Data Messages in either direction. The HCI fragmentation mechanism
134 * is used if required.
136 static int nci_hci_send_data(struct nci_dev *ndev, u8 pipe,
137 const u8 data_type, const u8 *data,
140 struct nci_conn_info *conn_info;
145 conn_info = ndev->hci_dev->conn_info;
149 skb = nci_skb_alloc(ndev, 2 + conn_info->max_pkt_payload_len +
150 NCI_DATA_HDR_SIZE, GFP_KERNEL);
154 skb_reserve(skb, 2 + NCI_DATA_HDR_SIZE);
155 *skb_push(skb, 1) = data_type;
158 len = conn_info->max_pkt_payload_len;
161 /* If last packet add NCI_HFP_NO_CHAINING */
162 if (i + conn_info->max_pkt_payload_len -
163 (skb->len + 1) >= data_len) {
164 cb |= NCI_HFP_NO_CHAINING;
167 len = conn_info->max_pkt_payload_len - skb->len - 1;
170 *skb_push(skb, 1) = cb;
173 memcpy(skb_put(skb, len), data + i, len);
175 r = nci_send_data(ndev, conn_info->conn_id, skb);
184 } while (i < data_len);
189 static void nci_hci_send_data_req(struct nci_dev *ndev, unsigned long opt)
191 struct nci_data *data = (struct nci_data *)opt;
193 nci_hci_send_data(ndev, data->pipe, data->cmd,
194 data->data, data->data_len);
197 int nci_hci_send_event(struct nci_dev *ndev, u8 gate, u8 event,
198 const u8 *param, size_t param_len)
200 u8 pipe = ndev->hci_dev->gate2pipe[gate];
202 if (pipe == NCI_HCI_INVALID_PIPE)
203 return -EADDRNOTAVAIL;
205 return nci_hci_send_data(ndev, pipe,
206 NCI_HCP_HEADER(NCI_HCI_HCP_EVENT, event),
209 EXPORT_SYMBOL(nci_hci_send_event);
211 int nci_hci_send_cmd(struct nci_dev *ndev, u8 gate, u8 cmd,
212 const u8 *param, size_t param_len,
213 struct sk_buff **skb)
215 struct nci_conn_info *conn_info;
216 struct nci_data data;
218 u8 pipe = ndev->hci_dev->gate2pipe[gate];
220 if (pipe == NCI_HCI_INVALID_PIPE)
221 return -EADDRNOTAVAIL;
223 conn_info = ndev->hci_dev->conn_info;
227 data.conn_id = conn_info->conn_id;
229 data.cmd = NCI_HCP_HEADER(NCI_HCI_HCP_COMMAND, cmd);
231 data.data_len = param_len;
233 r = nci_request(ndev, nci_hci_send_data_req, (unsigned long)&data,
234 msecs_to_jiffies(NCI_DATA_TIMEOUT));
236 if (r == NCI_STATUS_OK)
237 *skb = conn_info->rx_skb;
241 EXPORT_SYMBOL(nci_hci_send_cmd);
243 static void nci_hci_event_received(struct nci_dev *ndev, u8 pipe,
244 u8 event, struct sk_buff *skb)
246 if (ndev->ops->hci_event_received)
247 ndev->ops->hci_event_received(ndev, pipe, event, skb);
250 static void nci_hci_cmd_received(struct nci_dev *ndev, u8 pipe,
251 u8 cmd, struct sk_buff *skb)
253 u8 gate = ndev->hci_dev->pipes[pipe].gate;
254 u8 status = NCI_HCI_ANY_OK | ~NCI_HCI_FRAGMENT;
255 u8 dest_gate, new_pipe;
256 struct nci_hci_create_pipe_resp *create_info;
257 struct nci_hci_delete_pipe_noti *delete_info;
258 struct nci_hci_all_pipe_cleared_noti *cleared_info;
260 pr_debug("from gate %x pipe %x cmd %x\n", gate, pipe, cmd);
263 case NCI_HCI_ADM_NOTIFY_PIPE_CREATED:
265 status = NCI_HCI_ANY_E_NOK;
268 create_info = (struct nci_hci_create_pipe_resp *)skb->data;
269 dest_gate = create_info->dest_gate;
270 new_pipe = create_info->pipe;
272 /* Save the new created pipe and bind with local gate,
273 * the description for skb->data[3] is destination gate id
274 * but since we received this cmd from host controller, we
275 * are the destination and it is our local gate
277 ndev->hci_dev->gate2pipe[dest_gate] = new_pipe;
278 ndev->hci_dev->pipes[new_pipe].gate = dest_gate;
279 ndev->hci_dev->pipes[new_pipe].host =
280 create_info->src_host;
282 case NCI_HCI_ANY_OPEN_PIPE:
283 /* If the pipe is not created report an error */
284 if (gate == NCI_HCI_INVALID_GATE) {
285 status = NCI_HCI_ANY_E_NOK;
289 case NCI_HCI_ADM_NOTIFY_PIPE_DELETED:
291 status = NCI_HCI_ANY_E_NOK;
294 delete_info = (struct nci_hci_delete_pipe_noti *)skb->data;
296 ndev->hci_dev->pipes[delete_info->pipe].gate =
297 NCI_HCI_INVALID_GATE;
298 ndev->hci_dev->pipes[delete_info->pipe].host =
299 NCI_HCI_INVALID_HOST;
301 case NCI_HCI_ADM_NOTIFY_ALL_PIPE_CLEARED:
303 status = NCI_HCI_ANY_E_NOK;
308 (struct nci_hci_all_pipe_cleared_noti *)skb->data;
309 nci_hci_reset_pipes_per_host(ndev, cleared_info->host);
312 pr_debug("Discarded unknown cmd %x to gate %x\n", cmd, gate);
316 if (ndev->ops->hci_cmd_received)
317 ndev->ops->hci_cmd_received(ndev, pipe, cmd, skb);
320 nci_hci_send_data(ndev, pipe, status, NULL, 0);
325 static void nci_hci_resp_received(struct nci_dev *ndev, u8 pipe,
326 u8 result, struct sk_buff *skb)
328 struct nci_conn_info *conn_info;
331 if (result != NCI_HCI_ANY_OK)
334 conn_info = ndev->hci_dev->conn_info;
336 status = NCI_STATUS_REJECTED;
340 conn_info->rx_skb = skb;
343 nci_req_complete(ndev, status);
346 /* Receive hcp message for pipe, with type and cmd.
347 * skb contains optional message data only.
349 static void nci_hci_hcp_message_rx(struct nci_dev *ndev, u8 pipe,
350 u8 type, u8 instruction, struct sk_buff *skb)
353 case NCI_HCI_HCP_RESPONSE:
354 nci_hci_resp_received(ndev, pipe, instruction, skb);
356 case NCI_HCI_HCP_COMMAND:
357 nci_hci_cmd_received(ndev, pipe, instruction, skb);
359 case NCI_HCI_HCP_EVENT:
360 nci_hci_event_received(ndev, pipe, instruction, skb);
363 pr_err("UNKNOWN MSG Type %d, instruction=%d\n",
369 nci_req_complete(ndev, 0);
372 static void nci_hci_msg_rx_work(struct work_struct *work)
374 struct nci_hci_dev *hdev =
375 container_of(work, struct nci_hci_dev, msg_rx_work);
377 struct nci_hcp_message *message;
378 u8 pipe, type, instruction;
380 while ((skb = skb_dequeue(&hdev->msg_rx_queue)) != NULL) {
382 skb_pull(skb, NCI_HCI_HCP_PACKET_HEADER_LEN);
383 message = (struct nci_hcp_message *)skb->data;
384 type = NCI_HCP_MSG_GET_TYPE(message->header);
385 instruction = NCI_HCP_MSG_GET_CMD(message->header);
386 skb_pull(skb, NCI_HCI_HCP_MESSAGE_HEADER_LEN);
388 nci_hci_hcp_message_rx(hdev->ndev, pipe,
389 type, instruction, skb);
393 void nci_hci_data_received_cb(void *context,
394 struct sk_buff *skb, int err)
396 struct nci_dev *ndev = (struct nci_dev *)context;
397 struct nci_hcp_packet *packet;
398 u8 pipe, type, instruction;
399 struct sk_buff *hcp_skb;
400 struct sk_buff *frag_skb;
406 nci_req_complete(ndev, err);
410 packet = (struct nci_hcp_packet *)skb->data;
411 if ((packet->header & ~NCI_HCI_FRAGMENT) == 0) {
412 skb_queue_tail(&ndev->hci_dev->rx_hcp_frags, skb);
416 /* it's the last fragment. Does it need re-aggregation? */
417 if (skb_queue_len(&ndev->hci_dev->rx_hcp_frags)) {
418 pipe = packet->header & NCI_HCI_FRAGMENT;
419 skb_queue_tail(&ndev->hci_dev->rx_hcp_frags, skb);
422 skb_queue_walk(&ndev->hci_dev->rx_hcp_frags, frag_skb) {
423 msg_len += (frag_skb->len -
424 NCI_HCI_HCP_PACKET_HEADER_LEN);
427 hcp_skb = nfc_alloc_recv_skb(NCI_HCI_HCP_PACKET_HEADER_LEN +
428 msg_len, GFP_KERNEL);
430 nci_req_complete(ndev, -ENOMEM);
434 *skb_put(hcp_skb, NCI_HCI_HCP_PACKET_HEADER_LEN) = pipe;
436 skb_queue_walk(&ndev->hci_dev->rx_hcp_frags, frag_skb) {
437 msg_len = frag_skb->len - NCI_HCI_HCP_PACKET_HEADER_LEN;
438 memcpy(skb_put(hcp_skb, msg_len), frag_skb->data +
439 NCI_HCI_HCP_PACKET_HEADER_LEN, msg_len);
442 skb_queue_purge(&ndev->hci_dev->rx_hcp_frags);
444 packet->header &= NCI_HCI_FRAGMENT;
448 /* if this is a response, dispatch immediately to
449 * unblock waiting cmd context. Otherwise, enqueue to dispatch
450 * in separate context where handler can also execute command.
452 packet = (struct nci_hcp_packet *)hcp_skb->data;
453 type = NCI_HCP_MSG_GET_TYPE(packet->message.header);
454 if (type == NCI_HCI_HCP_RESPONSE) {
455 pipe = packet->header;
456 instruction = NCI_HCP_MSG_GET_CMD(packet->message.header);
457 skb_pull(hcp_skb, NCI_HCI_HCP_PACKET_HEADER_LEN +
458 NCI_HCI_HCP_MESSAGE_HEADER_LEN);
459 nci_hci_hcp_message_rx(ndev, pipe, type, instruction, hcp_skb);
461 skb_queue_tail(&ndev->hci_dev->msg_rx_queue, hcp_skb);
462 schedule_work(&ndev->hci_dev->msg_rx_work);
466 int nci_hci_open_pipe(struct nci_dev *ndev, u8 pipe)
468 struct nci_data data;
469 struct nci_conn_info *conn_info;
471 conn_info = ndev->hci_dev->conn_info;
475 data.conn_id = conn_info->conn_id;
477 data.cmd = NCI_HCP_HEADER(NCI_HCI_HCP_COMMAND,
478 NCI_HCI_ANY_OPEN_PIPE);
482 return nci_request(ndev, nci_hci_send_data_req,
483 (unsigned long)&data,
484 msecs_to_jiffies(NCI_DATA_TIMEOUT));
486 EXPORT_SYMBOL(nci_hci_open_pipe);
488 int nci_hci_set_param(struct nci_dev *ndev, u8 gate, u8 idx,
489 const u8 *param, size_t param_len)
491 struct nci_conn_info *conn_info;
492 struct nci_data data;
495 u8 pipe = ndev->hci_dev->gate2pipe[gate];
497 pr_debug("idx=%d to gate %d\n", idx, gate);
499 if (pipe == NCI_HCI_INVALID_PIPE)
500 return -EADDRNOTAVAIL;
502 conn_info = ndev->hci_dev->conn_info;
506 tmp = kmalloc(1 + param_len, GFP_KERNEL);
511 memcpy(tmp + 1, param, param_len);
513 data.conn_id = conn_info->conn_id;
515 data.cmd = NCI_HCP_HEADER(NCI_HCI_HCP_COMMAND,
516 NCI_HCI_ANY_SET_PARAMETER);
518 data.data_len = param_len + 1;
520 r = nci_request(ndev, nci_hci_send_data_req,
521 (unsigned long)&data,
522 msecs_to_jiffies(NCI_DATA_TIMEOUT));
527 EXPORT_SYMBOL(nci_hci_set_param);
529 int nci_hci_get_param(struct nci_dev *ndev, u8 gate, u8 idx,
530 struct sk_buff **skb)
532 struct nci_conn_info *conn_info;
533 struct nci_data data;
535 u8 pipe = ndev->hci_dev->gate2pipe[gate];
537 pr_debug("idx=%d to gate %d\n", idx, gate);
539 if (pipe == NCI_HCI_INVALID_PIPE)
540 return -EADDRNOTAVAIL;
542 conn_info = ndev->hci_dev->conn_info;
546 data.conn_id = conn_info->conn_id;
548 data.cmd = NCI_HCP_HEADER(NCI_HCI_HCP_COMMAND,
549 NCI_HCI_ANY_GET_PARAMETER);
553 r = nci_request(ndev, nci_hci_send_data_req, (unsigned long)&data,
554 msecs_to_jiffies(NCI_DATA_TIMEOUT));
556 if (r == NCI_STATUS_OK)
557 *skb = conn_info->rx_skb;
561 EXPORT_SYMBOL(nci_hci_get_param);
563 int nci_hci_connect_gate(struct nci_dev *ndev,
564 u8 dest_host, u8 dest_gate, u8 pipe)
568 if (pipe == NCI_HCI_DO_NOT_OPEN_PIPE)
571 if (ndev->hci_dev->gate2pipe[dest_gate] != NCI_HCI_INVALID_PIPE)
574 if (pipe != NCI_HCI_INVALID_PIPE)
578 case NCI_HCI_LINK_MGMT_GATE:
579 pipe = NCI_HCI_LINK_MGMT_PIPE;
581 case NCI_HCI_ADMIN_GATE:
582 pipe = NCI_HCI_ADMIN_PIPE;
587 r = nci_hci_open_pipe(ndev, pipe);
591 ndev->hci_dev->pipes[pipe].gate = dest_gate;
592 ndev->hci_dev->pipes[pipe].host = dest_host;
593 ndev->hci_dev->gate2pipe[dest_gate] = pipe;
597 EXPORT_SYMBOL(nci_hci_connect_gate);
599 static int nci_hci_dev_connect_gates(struct nci_dev *ndev,
601 struct nci_hci_gate *gates)
605 while (gate_count--) {
606 r = nci_hci_connect_gate(ndev, gates->dest_host,
607 gates->gate, gates->pipe);
616 int nci_hci_dev_session_init(struct nci_dev *ndev)
618 struct nci_conn_info *conn_info;
622 ndev->hci_dev->count_pipes = 0;
623 ndev->hci_dev->expected_pipes = 0;
625 conn_info = ndev->hci_dev->conn_info;
629 conn_info->data_exchange_cb = nci_hci_data_received_cb;
630 conn_info->data_exchange_cb_context = ndev;
632 nci_hci_reset_pipes(ndev->hci_dev);
634 if (ndev->hci_dev->init_data.gates[0].gate != NCI_HCI_ADMIN_GATE)
637 r = nci_hci_connect_gate(ndev,
638 ndev->hci_dev->init_data.gates[0].dest_host,
639 ndev->hci_dev->init_data.gates[0].gate,
640 ndev->hci_dev->init_data.gates[0].pipe);
644 r = nci_hci_get_param(ndev, NCI_HCI_ADMIN_GATE,
645 NCI_HCI_ADMIN_PARAM_SESSION_IDENTITY, &skb);
650 skb->len == strlen(ndev->hci_dev->init_data.session_id) &&
651 memcmp(ndev->hci_dev->init_data.session_id,
652 skb->data, skb->len) == 0 &&
653 ndev->ops->hci_load_session) {
654 /* Restore gate<->pipe table from some proprietary location. */
655 r = ndev->ops->hci_load_session(ndev);
659 r = nci_hci_dev_connect_gates(ndev,
660 ndev->hci_dev->init_data.gate_count,
661 ndev->hci_dev->init_data.gates);
665 r = nci_hci_set_param(ndev, NCI_HCI_ADMIN_GATE,
666 NCI_HCI_ADMIN_PARAM_SESSION_IDENTITY,
667 ndev->hci_dev->init_data.session_id,
668 strlen(ndev->hci_dev->init_data.session_id));
678 EXPORT_SYMBOL(nci_hci_dev_session_init);
680 struct nci_hci_dev *nci_hci_allocate(struct nci_dev *ndev)
682 struct nci_hci_dev *hdev;
684 hdev = kzalloc(sizeof(*hdev), GFP_KERNEL);
688 skb_queue_head_init(&hdev->rx_hcp_frags);
689 INIT_WORK(&hdev->msg_rx_work, nci_hci_msg_rx_work);
690 skb_queue_head_init(&hdev->msg_rx_queue);