NFC Digital: Add NFC-A technology support
authorThierry Escande <thierry.escande@linux.intel.com>
Thu, 19 Sep 2013 15:55:27 +0000 (17:55 +0200)
committerSamuel Ortiz <sameo@linux.intel.com>
Wed, 25 Sep 2013 00:02:23 +0000 (02:02 +0200)
This adds support for NFC-A technology at 106 kbits/s. The stack can
detect tags of type 1 and 2. There is no support for collision
detection. Tags can be read and written by using a user space
application or a daemon like neard.

The flow of polling operations for NFC-A detection is as follow:

1 - The digital stack sends the SENS_REQ command to the NFC device.
2 - The NFC device receives a SENS_RES response from a peer device and
    passes it to the digital stack.
3   - If the SENS_RES response identifies a type 1 tag, detection ends.
      NFC core is notified through nfc_targets_found().
4   - Otherwise, the digital stack sets the cascade level of NFCID1 to
      CL1 and sends the SDD_REQ command.
5 - The digital stack selects SEL_CMD and SEL_PAR according to the
    cascade level and sends the SDD_REQ command.
4 - The digital stack receives a SDD_RES response for the cascade level
    passed in the SDD_REQ command.
5 - The digital stack analyses (part of) NFCID1 and verify BCC.
6 - The digital stack sends the SEL_REQ command with the NFCID1
    received in the SDD_RES.
6 - The peer device replies with a SEL_RES response
7   - Detection ends if NFCID1 is complete. NFC core notified of new
      target by nfc_targets_found().
8   - If NFCID1 is not complete, the cascade level is incremented (up
      to and including CL3) and the execution continues at step 5 to
      get the remaining bytes of NFCID1.

Once target detection is done, type 1 and 2 tag commands must be
handled by a user space application (i.e neard) through the NFC core.
Responses for type 1 tag are returned directly to user space via NFC
core.
Responses of type 2 commands are handled differently. The digital stack
doesn't analyse the type of commands sent through im_transceive() and
must differentiate valid responses from error ones.
The response process flow is as follow:

1 - If the response length is 16 bytes, it is a valid response of a
    READ command. the packet is returned to the NFC core through the
    callback passed to im_transceive(). Processing stops.
2 - If the response is 1 byte long and is a ACK byte (0x0A), it is a
    valid response of a WRITE command for example. First packet byte
    is set to 0 for no-error and passed back to the NFC core.
    Processing stops.
3 - Any other response is treated as an error and -EIO error code is
    returned to the NFC core through the response callback.

Moreover, since the driver can't differentiate success response from a
NACK response, the digital stack has to handle CRC calculation.

Thus, this patch also adds support for CRC calculation. If the driver
doesn't handle it, the digital stack will calculate CRC and will add it
to sent frames. CRC will also be checked and removed from received
frames. Pointers to the correct CRC calculation functions are stored in
the digital stack device structure when a target is detected. This
avoids the need to check the current target type for every call to
im_transceive() and for every response received from a peer device.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
include/net/nfc/digital.h
net/nfc/Kconfig
net/nfc/digital.h
net/nfc/digital_core.c
net/nfc/digital_technology.c

index aabd89400d239cb1cb6b50f968ed2adc7dd81858..36acecd5f06c17475d1cf21ff571155b2aaf0221 100644 (file)
@@ -193,6 +193,9 @@ struct nfc_digital_dev {
        u8 curr_protocol;
        u8 curr_rf_tech;
        u8 curr_nfc_dep_pni;
+
+       int (*skb_check_crc)(struct sk_buff *skb);
+       void (*skb_add_crc)(struct sk_buff *skb);
 };
 
 struct nfc_digital_dev *nfc_digital_allocate_device(struct nfc_digital_ops *ops,
index 13e1237e1ea1d8e3639599b13ca8c2f49cdcd8fa..4f4d2481325a497589cc684e383c01f1fe7e97e1 100644 (file)
@@ -16,6 +16,7 @@ menuconfig NFC
 
 config NFC_DIGITAL
        depends on NFC
+       select CRC_CCITT
        tristate "NFC Digital Protocol stack support"
        default n
        help
index 0a2767098daa83af79d8b626eb0cf2fa521c20cd..fb5324b792dedc6bc50cf1b94a8b8689541ec1d6 100644 (file)
@@ -19,6 +19,8 @@
 #include <net/nfc/nfc.h>
 #include <net/nfc/digital.h>
 
+#include <linux/crc-ccitt.h>
+
 #define PR_DBG(fmt, ...)  pr_debug("%s: " fmt "\n", __func__, ##__VA_ARGS__)
 #define PR_ERR(fmt, ...)  pr_err("%s: " fmt "\n", __func__, ##__VA_ARGS__)
 #define PROTOCOL_ERR(req) pr_err("%s:%d: NFC Digital Protocol error: %s\n", \
 #define DIGITAL_MAX_HEADER_LEN 7
 #define DIGITAL_CRC_LEN        2
 
+#define DIGITAL_DRV_CAPS_IN_CRC(ddev) \
+       ((ddev)->driver_capabilities & NFC_DIGITAL_DRV_CAPS_IN_CRC)
+#define DIGITAL_DRV_CAPS_TG_CRC(ddev) \
+       ((ddev)->driver_capabilities & NFC_DIGITAL_DRV_CAPS_TG_CRC)
+
+struct digital_data_exch {
+       data_exchange_cb_t cb;
+       void *cb_context;
+};
+
 struct sk_buff *digital_skb_alloc(struct nfc_digital_dev *ddev,
                                  unsigned int len);
 
@@ -53,4 +65,50 @@ void digital_poll_next_tech(struct nfc_digital_dev *ddev);
 
 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech);
 
+int digital_target_found(struct nfc_digital_dev *ddev,
+                        struct nfc_target *target, u8 protocol);
+
+int digital_in_recv_mifare_res(struct sk_buff *resp);
+
+typedef u16 (*crc_func_t)(u16, const u8 *, size_t);
+
+#define CRC_A_INIT 0x6363
+#define CRC_B_INIT 0xFFFF
+
+void digital_skb_add_crc(struct sk_buff *skb, crc_func_t crc_func, u16 init,
+                        u8 bitwise_inv, u8 msb_first);
+
+static inline void digital_skb_add_crc_a(struct sk_buff *skb)
+{
+       digital_skb_add_crc(skb, crc_ccitt, CRC_A_INIT, 0, 0);
+}
+
+static inline void digital_skb_add_crc_b(struct sk_buff *skb)
+{
+       digital_skb_add_crc(skb, crc_ccitt, CRC_B_INIT, 1, 0);
+}
+
+static inline void digital_skb_add_crc_none(struct sk_buff *skb)
+{
+       return;
+}
+
+int digital_skb_check_crc(struct sk_buff *skb, crc_func_t crc_func,
+                         u16 crc_init, u8 bitwise_inv, u8 msb_first);
+
+static inline int digital_skb_check_crc_a(struct sk_buff *skb)
+{
+       return digital_skb_check_crc(skb, crc_ccitt, CRC_A_INIT, 0, 0);
+}
+
+static inline int digital_skb_check_crc_b(struct sk_buff *skb)
+{
+       return digital_skb_check_crc(skb, crc_ccitt, CRC_B_INIT, 1, 0);
+}
+
+static inline int digital_skb_check_crc_none(struct sk_buff *skb)
+{
+       return 0;
+}
+
 #endif /* __DIGITAL_H */
index 13abd293ca3758cc4f6dca198aaef9cb76ea43bd..4b3ceb45834bc06ee969ecbc91f86c036d55cbcc 100644 (file)
@@ -47,6 +47,51 @@ struct sk_buff *digital_skb_alloc(struct nfc_digital_dev *ddev,
        return skb;
 }
 
+void digital_skb_add_crc(struct sk_buff *skb, crc_func_t crc_func, u16 init,
+                        u8 bitwise_inv, u8 msb_first)
+{
+       u16 crc;
+
+       crc = crc_func(init, skb->data, skb->len);
+
+       if (bitwise_inv)
+               crc = ~crc;
+
+       if (msb_first)
+               crc = __fswab16(crc);
+
+       *skb_put(skb, 1) = crc & 0xFF;
+       *skb_put(skb, 1) = (crc >> 8) & 0xFF;
+}
+
+int digital_skb_check_crc(struct sk_buff *skb, crc_func_t crc_func,
+                         u16 crc_init, u8 bitwise_inv, u8 msb_first)
+{
+       int rc;
+       u16 crc;
+
+       if (skb->len <= 2)
+               return -EIO;
+
+       crc = crc_func(crc_init, skb->data, skb->len - 2);
+
+       if (bitwise_inv)
+               crc = ~crc;
+
+       if (msb_first)
+               crc = __swab16(crc);
+
+       rc = (skb->data[skb->len - 2] - (crc & 0xFF)) +
+            (skb->data[skb->len - 1] - ((crc >> 8) & 0xFF));
+
+       if (rc)
+               return -EIO;
+
+       skb_trim(skb, skb->len - 2);
+
+       return 0;
+}
+
 static inline void digital_switch_rf(struct nfc_digital_dev *ddev, bool on)
 {
        ddev->ops->switch_rf(ddev, on);
@@ -183,6 +228,62 @@ int digital_in_configure_hw(struct nfc_digital_dev *ddev, int type, int param)
        return rc;
 }
 
+int digital_target_found(struct nfc_digital_dev *ddev,
+                        struct nfc_target *target, u8 protocol)
+{
+       int rc;
+       u8 framing;
+       u8 rf_tech;
+       int (*check_crc)(struct sk_buff *skb);
+       void (*add_crc)(struct sk_buff *skb);
+
+       rf_tech = ddev->poll_techs[ddev->poll_tech_index].rf_tech;
+
+       switch (protocol) {
+       case NFC_PROTO_JEWEL:
+               framing = NFC_DIGITAL_FRAMING_NFCA_T1T;
+               check_crc = digital_skb_check_crc_b;
+               add_crc = digital_skb_add_crc_b;
+               break;
+
+       case NFC_PROTO_MIFARE:
+               framing = NFC_DIGITAL_FRAMING_NFCA_T2T;
+               check_crc = digital_skb_check_crc_a;
+               add_crc = digital_skb_add_crc_a;
+               break;
+
+       default:
+               PR_ERR("Invalid protocol %d", protocol);
+               return -EINVAL;
+       }
+
+       PR_DBG("rf_tech=%d, protocol=%d", rf_tech, protocol);
+
+       ddev->curr_rf_tech = rf_tech;
+       ddev->curr_protocol = protocol;
+
+       if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
+               ddev->skb_add_crc = digital_skb_add_crc_none;
+               ddev->skb_check_crc = digital_skb_check_crc_none;
+       } else {
+               ddev->skb_add_crc = add_crc;
+               ddev->skb_check_crc = check_crc;
+       }
+
+       rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING, framing);
+       if (rc)
+               return rc;
+
+       target->supported_protocols = (1 << protocol);
+       rc = nfc_targets_found(ddev->nfc_dev, target, 1);
+       if (rc)
+               return rc;
+
+       ddev->poll_tech_count = 0;
+
+       return 0;
+}
+
 void digital_poll_next_tech(struct nfc_digital_dev *ddev)
 {
        digital_switch_rf(ddev, 0);
@@ -363,11 +464,53 @@ static int digital_tg_send(struct nfc_dev *dev, struct sk_buff *skb)
        return -EOPNOTSUPP;
 }
 
+static void digital_in_send_complete(struct nfc_digital_dev *ddev, void *arg,
+                                    struct sk_buff *resp)
+{
+       struct digital_data_exch *data_exch = arg;
+       int rc;
+
+       if (IS_ERR(resp)) {
+               rc = PTR_ERR(resp);
+               goto done;
+       }
+
+       if (ddev->curr_protocol == NFC_PROTO_MIFARE)
+               rc = digital_in_recv_mifare_res(resp);
+       else
+               rc = ddev->skb_check_crc(resp);
+
+       if (rc) {
+               kfree_skb(resp);
+               resp = NULL;
+       }
+
+done:
+       data_exch->cb(data_exch->cb_context, resp, rc);
+
+       kfree(data_exch);
+}
+
 static int digital_in_send(struct nfc_dev *nfc_dev, struct nfc_target *target,
                           struct sk_buff *skb, data_exchange_cb_t cb,
                           void *cb_context)
 {
-       return -EOPNOTSUPP;
+       struct nfc_digital_dev *ddev = nfc_get_drvdata(nfc_dev);
+       struct digital_data_exch *data_exch;
+
+       data_exch = kzalloc(sizeof(struct digital_data_exch), GFP_KERNEL);
+       if (!data_exch) {
+               PR_ERR("Failed to allocate data_exch struct");
+               return -ENOMEM;
+       }
+
+       data_exch->cb = cb;
+       data_exch->cb_context = cb_context;
+
+       ddev->skb_add_crc(skb);
+
+       return digital_in_send_cmd(ddev, skb, 500, digital_in_send_complete,
+                                  data_exch);
 }
 
 static struct nfc_ops digital_nfc_ops = {
index 084b0fba5f4d24ab83dff778d8b314b9907384a7..0cad38001c5fd98ab4091681138b94fc9155ca21 100644 (file)
 #define DIGITAL_SDD_RES_CT  0x88
 #define DIGITAL_SDD_RES_LEN 5
 
+#define DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res) (!((sel_res) & 0x04))
+#define DIGITAL_SEL_RES_IS_T2T(sel_res) (!((sel_res) & 0x60))
+
+#define DIGITAL_SENS_RES_IS_T1T(sens_res) (((sens_res) & 0x000C) == 0x000C)
+#define DIGITAL_SENS_RES_IS_VALID(sens_res) \
+       ((!((sens_res) & 0x1F00) && (((sens_res) & 0x000C) == 0x000C)) || \
+       (((sens_res) & 0x1F00) && ((sens_res) & 0x000C) != 0x000C))
+
+#define DIGITAL_MIFARE_READ_RES_LEN 16
+#define DIGITAL_MIFARE_ACK_RES 0x0A
+
+struct digital_sdd_res {
+       u8 nfcid1[4];
+       u8 bcc;
+} __packed;
+
+struct digital_sel_req {
+       u8 sel_cmd;
+       u8 b2;
+       u8 nfcid1[4];
+       u8 bcc;
+} __packed;
+
+static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
+                                  struct nfc_target *target);
+
+static void digital_in_recv_sel_res(struct nfc_digital_dev *ddev, void *arg,
+                                   struct sk_buff *resp)
+{
+       struct nfc_target *target = arg;
+       int rc;
+       u8 sel_res;
+       u8 nfc_proto;
+
+       if (IS_ERR(resp)) {
+               rc = PTR_ERR(resp);
+               resp = NULL;
+               goto exit;
+       }
+
+       if (!DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
+               rc = digital_skb_check_crc_a(resp);
+               if (rc) {
+                       PROTOCOL_ERR("4.4.1.3");
+                       goto exit;
+               }
+       }
+
+       if (!resp->len) {
+               rc = -EIO;
+               goto exit;
+       }
+
+       sel_res = resp->data[0];
+
+       if (!DIGITAL_SEL_RES_NFCID1_COMPLETE(sel_res)) {
+               rc = digital_in_send_sdd_req(ddev, target);
+               if (rc)
+                       goto exit;
+
+               goto exit_free_skb;
+       }
+
+       if (DIGITAL_SEL_RES_IS_T2T(sel_res)) {
+               nfc_proto = NFC_PROTO_MIFARE;
+       } else {
+               rc = -EOPNOTSUPP;
+               goto exit;
+       }
+
+       target->sel_res = sel_res;
+
+       rc = digital_target_found(ddev, target, nfc_proto);
+
+exit:
+       kfree(target);
+
+exit_free_skb:
+       dev_kfree_skb(resp);
+
+       if (rc)
+               digital_poll_next_tech(ddev);
+}
+
+static int digital_in_send_sel_req(struct nfc_digital_dev *ddev,
+                                  struct nfc_target *target,
+                                  struct digital_sdd_res *sdd_res)
+{
+       struct sk_buff *skb;
+       struct digital_sel_req *sel_req;
+       u8 sel_cmd;
+       int rc;
+
+       skb = digital_skb_alloc(ddev, sizeof(struct digital_sel_req));
+       if (!skb)
+               return -ENOMEM;
+
+       skb_put(skb, sizeof(struct digital_sel_req));
+       sel_req = (struct digital_sel_req *)skb->data;
+
+       if (target->nfcid1_len <= 4)
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
+       else if (target->nfcid1_len < 10)
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
+       else
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
+
+       sel_req->sel_cmd = sel_cmd;
+       sel_req->b2 = 0x70;
+       memcpy(sel_req->nfcid1, sdd_res->nfcid1, 4);
+       sel_req->bcc = sdd_res->bcc;
+
+       if (DIGITAL_DRV_CAPS_IN_CRC(ddev)) {
+               rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
+                               NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A);
+               if (rc)
+                       goto exit;
+       } else {
+               digital_skb_add_crc_a(skb);
+       }
+
+       rc = digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sel_res,
+                                target);
+exit:
+       if (rc)
+               kfree_skb(skb);
+
+       return rc;
+}
+
+static void digital_in_recv_sdd_res(struct nfc_digital_dev *ddev, void *arg,
+                                   struct sk_buff *resp)
+{
+       struct nfc_target *target = arg;
+       struct digital_sdd_res *sdd_res;
+       int rc;
+       u8 offset, size;
+       u8 i, bcc;
+
+       if (IS_ERR(resp)) {
+               rc = PTR_ERR(resp);
+               resp = NULL;
+               goto exit;
+       }
+
+       if (resp->len < DIGITAL_SDD_RES_LEN) {
+               PROTOCOL_ERR("4.7.2.8");
+               rc = -EINVAL;
+               goto exit;
+       }
+
+       sdd_res = (struct digital_sdd_res *)resp->data;
+
+       for (i = 0, bcc = 0; i < 4; i++)
+               bcc ^= sdd_res->nfcid1[i];
+
+       if (bcc != sdd_res->bcc) {
+               PROTOCOL_ERR("4.7.2.6");
+               rc = -EINVAL;
+               goto exit;
+       }
+
+       if (sdd_res->nfcid1[0] == DIGITAL_SDD_RES_CT) {
+               offset = 1;
+               size = 3;
+       } else {
+               offset = 0;
+               size = 4;
+       }
+
+       memcpy(target->nfcid1 + target->nfcid1_len, sdd_res->nfcid1 + offset,
+              size);
+       target->nfcid1_len += size;
+
+       rc = digital_in_send_sel_req(ddev, target, sdd_res);
+
+exit:
+       dev_kfree_skb(resp);
+
+       if (rc) {
+               kfree(target);
+               digital_poll_next_tech(ddev);
+       }
+}
+
+static int digital_in_send_sdd_req(struct nfc_digital_dev *ddev,
+                                  struct nfc_target *target)
+{
+       int rc;
+       struct sk_buff *skb;
+       u8 sel_cmd;
+
+       rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
+                                    NFC_DIGITAL_FRAMING_NFCA_STANDARD);
+       if (rc)
+               return rc;
+
+       skb = digital_skb_alloc(ddev, 2);
+       if (!skb) {
+               PR_ERR("alloc_skb failed");
+               return -ENOMEM;
+       }
+
+       if (target->nfcid1_len == 0)
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL1;
+       else if (target->nfcid1_len == 3)
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL2;
+       else
+               sel_cmd = DIGITAL_CMD_SEL_REQ_CL3;
+
+       *skb_put(skb, sizeof(u8)) = sel_cmd;
+       *skb_put(skb, sizeof(u8)) = DIGITAL_SDD_REQ_SEL_PAR;
+
+       return digital_in_send_cmd(ddev, skb, 30, digital_in_recv_sdd_res,
+                                  target);
+}
+
 static void digital_in_recv_sens_res(struct nfc_digital_dev *ddev, void *arg,
                                     struct sk_buff *resp)
 {
-       if (!IS_ERR(resp))
-               dev_kfree_skb(resp);
+       struct nfc_target *target = NULL;
+       u16 sens_res;
+       int rc;
+
+       if (IS_ERR(resp)) {
+               rc = PTR_ERR(resp);
+               resp = NULL;
+               goto exit;
+       }
+
+       if (resp->len < sizeof(u16)) {
+               rc = -EIO;
+               goto exit;
+       }
+
+       target = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
+       if (!target) {
+               rc = -ENOMEM;
+               goto exit;
+       }
+
+       memcpy(&target->sens_res, resp->data, sizeof(u16));
 
-       digital_poll_next_tech(ddev);
+       sens_res = be16_to_cpu(target->sens_res);
+
+       if (!DIGITAL_SENS_RES_IS_VALID(sens_res)) {
+               PROTOCOL_ERR("4.6.3.3");
+               rc = -EINVAL;
+               goto exit;
+       }
+
+       if (DIGITAL_SENS_RES_IS_T1T(sens_res))
+               rc = digital_target_found(ddev, target, NFC_PROTO_JEWEL);
+       else
+               rc = digital_in_send_sdd_req(ddev, target);
+
+exit:
+       dev_kfree_skb(resp);
+
+       if (rc) {
+               kfree(target);
+               digital_poll_next_tech(ddev);
+       }
 }
 
 int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
@@ -62,3 +318,29 @@ int digital_in_send_sens_req(struct nfc_digital_dev *ddev, u8 rf_tech)
 
        return rc;
 }
+
+int digital_in_recv_mifare_res(struct sk_buff *resp)
+{
+       /* Successful READ command response is 16 data bytes + 2 CRC bytes long.
+        * Since the driver can't differentiate a ACK/NACK response from a valid
+        * READ response, the CRC calculation must be handled at digital level
+        * even if the driver supports it for this technology.
+        */
+       if (resp->len == DIGITAL_MIFARE_READ_RES_LEN + DIGITAL_CRC_LEN) {
+               if (digital_skb_check_crc_a(resp)) {
+                       PROTOCOL_ERR("9.4.1.2");
+                       return -EIO;
+               }
+
+               return 0;
+       }
+
+       /* ACK response (i.e. successful WRITE). */
+       if (resp->len == 1 && resp->data[0] == DIGITAL_MIFARE_ACK_RES) {
+               resp->data[0] = 0;
+               return 0;
+       }
+
+       /* NACK and any other responses are treated as error. */
+       return -EIO;
+}