Pileus Git - ~andy/linux/blob - net/nfc/hci/core.c

   1 /*
   2  * Copyright (C) 2012  Intel Corporation. All rights reserved.
   3  *
   4  * This program is free software; you can redistribute it and/or modify
   5  * it under the terms of the GNU General Public License as published by
   6  * the Free Software Foundation; either version 2 of the License, or
   7  * (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12  * GNU General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, write to the
  16  * Free Software Foundation, Inc.,
  17  * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  18  */
  19
  20 #define pr_fmt(fmt) "hci: %s: " fmt, __func__
  21
  22 #include <linux/init.h>
  23 #include <linux/kernel.h>
  24 #include <linux/module.h>
  25 #include <linux/nfc.h>
  26
  27 #include <net/nfc/nfc.h>
  28 #include <net/nfc/hci.h>
  29 #include <net/nfc/llc.h>
  30
  31 #include "hci.h"
  32
  33 /* Largest headroom needed for outgoing HCI commands */
  34 #define HCI_CMDS_HEADROOM 1
  35
  36 int nfc_hci_result_to_errno(u8 result)
  37 {
  38         switch (result) {
  39         case NFC_HCI_ANY_OK:
  40                 return 0;
  41         case NFC_HCI_ANY_E_REG_PAR_UNKNOWN:
  42                 return -EOPNOTSUPP;
  43         case NFC_HCI_ANY_E_TIMEOUT:
  44                 return -ETIME;
  45         default:
  46                 return -1;
  47         }
  48 }
  49 EXPORT_SYMBOL(nfc_hci_result_to_errno);
  50
  51 static void nfc_hci_msg_tx_work(struct work_struct *work)
  52 {
  53         struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev,
  54                                                 msg_tx_work);
  55         struct hci_msg *msg;
  56         struct sk_buff *skb;
  57         int r = 0;
  58
  59         mutex_lock(&hdev->msg_tx_mutex);
  60
  61         if (hdev->cmd_pending_msg) {
  62                 if (timer_pending(&hdev->cmd_timer) == 0) {
  63                         if (hdev->cmd_pending_msg->cb)
  64                                 hdev->cmd_pending_msg->cb(hdev->
  65                                                           cmd_pending_msg->
  66                                                           cb_context,
  67                                                           NULL,
  68                                                           -ETIME);
  69                         kfree(hdev->cmd_pending_msg);
  70                         hdev->cmd_pending_msg = NULL;
  71                 } else {
  72                         goto exit;
  73                 }
  74         }
  75
  76 next_msg:
  77         if (list_empty(&hdev->msg_tx_queue))
  78                 goto exit;
  79
  80         msg = list_first_entry(&hdev->msg_tx_queue, struct hci_msg, msg_l);
  81         list_del(&msg->msg_l);
  82
  83         pr_debug("msg_tx_queue has a cmd to send\n");
  84         while ((skb = skb_dequeue(&msg->msg_frags)) != NULL) {
  85                 r = nfc_llc_xmit_from_hci(hdev->llc, skb);
  86                 if (r < 0) {
  87                         kfree_skb(skb);
  88                         skb_queue_purge(&msg->msg_frags);
  89                         if (msg->cb)
  90                                 msg->cb(msg->cb_context, NULL, r);
  91                         kfree(msg);
  92                         break;
  93                 }
  94         }
  95
  96         if (r)
  97                 goto next_msg;
  98
  99         if (msg->wait_response == false) {
 100                 kfree(msg);
 101                 goto next_msg;
 102         }
 103
 104         hdev->cmd_pending_msg = msg;
 105         mod_timer(&hdev->cmd_timer, jiffies +
 106                   msecs_to_jiffies(hdev->cmd_pending_msg->completion_delay));
 107
 108 exit:
 109         mutex_unlock(&hdev->msg_tx_mutex);
 110 }
 111
 112 static void nfc_hci_msg_rx_work(struct work_struct *work)
 113 {
 114         struct nfc_hci_dev *hdev = container_of(work, struct nfc_hci_dev,
 115                                                 msg_rx_work);
 116         struct sk_buff *skb;
 117         struct hcp_message *message;
 118         u8 pipe;
 119         u8 type;
 120         u8 instruction;
 121
 122         while ((skb = skb_dequeue(&hdev->msg_rx_queue)) != NULL) {
 123                 pipe = skb->data[0];
 124                 skb_pull(skb, NFC_HCI_HCP_PACKET_HEADER_LEN);
 125                 message = (struct hcp_message *)skb->data;
 126                 type = HCP_MSG_GET_TYPE(message->header);
 127                 instruction = HCP_MSG_GET_CMD(message->header);
 128                 skb_pull(skb, NFC_HCI_HCP_MESSAGE_HEADER_LEN);
 129
 130                 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, skb);
 131         }
 132 }
 133
 134 static void __nfc_hci_cmd_completion(struct nfc_hci_dev *hdev, int err,
 135                                      struct sk_buff *skb)
 136 {
 137         del_timer_sync(&hdev->cmd_timer);
 138
 139         if (hdev->cmd_pending_msg->cb)
 140                 hdev->cmd_pending_msg->cb(hdev->cmd_pending_msg->cb_context,
 141                                           skb, err);
 142         else
 143                 kfree_skb(skb);
 144
 145         kfree(hdev->cmd_pending_msg);
 146         hdev->cmd_pending_msg = NULL;
 147
 148         schedule_work(&hdev->msg_tx_work);
 149 }
 150
 151 void nfc_hci_resp_received(struct nfc_hci_dev *hdev, u8 result,
 152                            struct sk_buff *skb)
 153 {
 154         mutex_lock(&hdev->msg_tx_mutex);
 155
 156         if (hdev->cmd_pending_msg == NULL) {
 157                 kfree_skb(skb);
 158                 goto exit;
 159         }
 160
 161         __nfc_hci_cmd_completion(hdev, nfc_hci_result_to_errno(result), skb);
 162
 163 exit:
 164         mutex_unlock(&hdev->msg_tx_mutex);
 165 }
 166
 167 void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd,
 168                           struct sk_buff *skb)
 169 {
 170         kfree_skb(skb);
 171 }
 172
 173 static u32 nfc_hci_sak_to_protocol(u8 sak)
 174 {
 175         switch (NFC_HCI_TYPE_A_SEL_PROT(sak)) {
 176         case NFC_HCI_TYPE_A_SEL_PROT_MIFARE:
 177                 return NFC_PROTO_MIFARE_MASK;
 178         case NFC_HCI_TYPE_A_SEL_PROT_ISO14443:
 179                 return NFC_PROTO_ISO14443_MASK;
 180         case NFC_HCI_TYPE_A_SEL_PROT_DEP:
 181                 return NFC_PROTO_NFC_DEP_MASK;
 182         case NFC_HCI_TYPE_A_SEL_PROT_ISO14443_DEP:
 183                 return NFC_PROTO_ISO14443_MASK | NFC_PROTO_NFC_DEP_MASK;
 184         default:
 185                 return 0xffffffff;
 186         }
 187 }
 188
 189 int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate)
 190 {
 191         struct nfc_target *targets;
 192         struct sk_buff *atqa_skb = NULL;
 193         struct sk_buff *sak_skb = NULL;
 194         struct sk_buff *uid_skb = NULL;
 195         int r;
 196
 197         pr_debug("from gate %d\n", gate);
 198
 199         targets = kzalloc(sizeof(struct nfc_target), GFP_KERNEL);
 200         if (targets == NULL)
 201                 return -ENOMEM;
 202
 203         switch (gate) {
 204         case NFC_HCI_RF_READER_A_GATE:
 205                 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE,
 206                                       NFC_HCI_RF_READER_A_ATQA, &atqa_skb);
 207                 if (r < 0)
 208                         goto exit;
 209
 210                 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE,
 211                                       NFC_HCI_RF_READER_A_SAK, &sak_skb);
 212                 if (r < 0)
 213                         goto exit;
 214
 215                 if (atqa_skb->len != 2 || sak_skb->len != 1) {
 216                         r = -EPROTO;
 217                         goto exit;
 218                 }
 219
 220                 targets->supported_protocols =
 221                                 nfc_hci_sak_to_protocol(sak_skb->data[0]);
 222                 if (targets->supported_protocols == 0xffffffff) {
 223                         r = -EPROTO;
 224                         goto exit;
 225                 }
 226
 227                 targets->sens_res = be16_to_cpu(*(u16 *)atqa_skb->data);
 228                 targets->sel_res = sak_skb->data[0];
 229
 230                 r = nfc_hci_get_param(hdev, NFC_HCI_RF_READER_A_GATE,
 231                                       NFC_HCI_RF_READER_A_UID, &uid_skb);
 232                 if (r < 0)
 233                         goto exit;
 234
 235                 if (uid_skb->len == 0 || uid_skb->len > NFC_NFCID1_MAXSIZE) {
 236                         r = -EPROTO;
 237                         goto exit;
 238                 }
 239
 240                 memcpy(targets->nfcid1, uid_skb->data, uid_skb->len);
 241                 targets->nfcid1_len = uid_skb->len;
 242
 243                 if (hdev->ops->complete_target_discovered) {
 244                         r = hdev->ops->complete_target_discovered(hdev, gate,
 245                                                                   targets);
 246                         if (r < 0)
 247                                 goto exit;
 248                 }
 249                 break;
 250         case NFC_HCI_RF_READER_B_GATE:
 251                 targets->supported_protocols = NFC_PROTO_ISO14443_B_MASK;
 252                 break;
 253         default:
 254                 if (hdev->ops->target_from_gate)
 255                         r = hdev->ops->target_from_gate(hdev, gate, targets);
 256                 else
 257                         r = -EPROTO;
 258                 if (r < 0)
 259                         goto exit;
 260
 261                 if (hdev->ops->complete_target_discovered) {
 262                         r = hdev->ops->complete_target_discovered(hdev, gate,
 263                                                                   targets);
 264                         if (r < 0)
 265                                 goto exit;
 266                 }
 267                 break;
 268         }
 269
 270         /* if driver set the new gate, we will skip the old one */
 271         if (targets->hci_reader_gate == 0x00)
 272                 targets->hci_reader_gate = gate;
 273
 274         r = nfc_targets_found(hdev->ndev, targets, 1);
 275
 276 exit:
 277         kfree(targets);
 278         kfree_skb(atqa_skb);
 279         kfree_skb(sak_skb);
 280         kfree_skb(uid_skb);
 281
 282         return r;
 283 }
 284 EXPORT_SYMBOL(nfc_hci_target_discovered);
 285
 286 void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event,
 287                             struct sk_buff *skb)
 288 {
 289         int r = 0;
 290         u8 gate = nfc_hci_pipe2gate(hdev, pipe);
 291
 292         if (gate == 0xff) {
 293                 pr_err("Discarded event %x to unopened pipe %x\n", event, pipe);
 294                 goto exit;
 295         }
 296
 297         switch (event) {
 298         case NFC_HCI_EVT_TARGET_DISCOVERED:
 299                 if (skb->len < 1) {     /* no status data? */
 300                         r = -EPROTO;
 301                         goto exit;
 302                 }
 303
 304                 if (skb->data[0] == 3) {
 305                         /* TODO: Multiple targets in field, none activated
 306                          * poll is supposedly stopped, but there is no
 307                          * single target to activate, so nothing to report
 308                          * up.
 309                          * if we need to restart poll, we must save the
 310                          * protocols from the initial poll and reuse here.
 311                          */
 312                 }
 313
 314                 if (skb->data[0] != 0) {
 315                         r = -EPROTO;
 316                         goto exit;
 317                 }
 318
 319                 r = nfc_hci_target_discovered(hdev, gate);
 320                 break;
 321         default:
 322                 if (hdev->ops->event_received) {
 323                         hdev->ops->event_received(hdev, gate, event, skb);
 324                         return;
 325                 }
 326
 327                 break;
 328         }
 329
 330 exit:
 331         kfree_skb(skb);
 332
 333         if (r) {
 334                 /* TODO: There was an error dispatching the event,
 335                  * how to propagate up to nfc core?
 336                  */
 337         }
 338 }
 339
 340 static void nfc_hci_cmd_timeout(unsigned long data)
 341 {
 342         struct nfc_hci_dev *hdev = (struct nfc_hci_dev *)data;
 343
 344         schedule_work(&hdev->msg_tx_work);
 345 }
 346
 347 static int hci_dev_connect_gates(struct nfc_hci_dev *hdev, u8 gate_count,
 348                                  struct nfc_hci_gate *gates)
 349 {
 350         int r;
 351         while (gate_count--) {
 352                 r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID,
 353                                          gates->gate, gates->pipe);
 354                 if (r < 0)
 355                         return r;
 356                 gates++;
 357         }
 358
 359         return 0;
 360 }
 361
 362 static int hci_dev_session_init(struct nfc_hci_dev *hdev)
 363 {
 364         struct sk_buff *skb = NULL;
 365         int r;
 366
 367         if (hdev->init_data.gates[0].gate != NFC_HCI_ADMIN_GATE)
 368                 return -EPROTO;
 369
 370         r = nfc_hci_connect_gate(hdev, NFC_HCI_HOST_CONTROLLER_ID,
 371                                  hdev->init_data.gates[0].gate,
 372                                  hdev->init_data.gates[0].pipe);
 373         if (r < 0)
 374                 goto exit;
 375
 376         r = nfc_hci_get_param(hdev, NFC_HCI_ADMIN_GATE,
 377                               NFC_HCI_ADMIN_SESSION_IDENTITY, &skb);
 378         if (r < 0)
 379                 goto disconnect_all;
 380
 381         if (skb->len && skb->len == strlen(hdev->init_data.session_id))
 382                 if (memcmp(hdev->init_data.session_id, skb->data,
 383                            skb->len) == 0) {
 384                         /* TODO ELa: restore gate<->pipe table from
 385                          * some TBD location.
 386                          * note: it doesn't seem possible to get the chip
 387                          * currently open gate/pipe table.
 388                          * It is only possible to obtain the supported
 389                          * gate list.
 390                          */
 391
 392                         /* goto exit
 393                          * For now, always do a full initialization */
 394                 }
 395
 396         r = nfc_hci_disconnect_all_gates(hdev);
 397         if (r < 0)
 398                 goto exit;
 399
 400         r = hci_dev_connect_gates(hdev, hdev->init_data.gate_count,
 401                                   hdev->init_data.gates);
 402         if (r < 0)
 403                 goto disconnect_all;
 404
 405         r = nfc_hci_set_param(hdev, NFC_HCI_ADMIN_GATE,
 406                               NFC_HCI_ADMIN_SESSION_IDENTITY,
 407                               hdev->init_data.session_id,
 408                               strlen(hdev->init_data.session_id));
 409         if (r == 0)
 410                 goto exit;
 411
 412 disconnect_all:
 413         nfc_hci_disconnect_all_gates(hdev);
 414
 415 exit:
 416         kfree_skb(skb);
 417
 418         return r;
 419 }
 420
 421 static int hci_dev_version(struct nfc_hci_dev *hdev)
 422 {
 423         int r;
 424         struct sk_buff *skb;
 425
 426         r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE,
 427                               NFC_HCI_ID_MGMT_VERSION_SW, &skb);
 428         if (r == -EOPNOTSUPP) {
 429                 pr_info("Software/Hardware info not available\n");
 430                 return 0;
 431         }
 432         if (r < 0)
 433                 return r;
 434
 435         if (skb->len != 3) {
 436                 kfree_skb(skb);
 437                 return -EINVAL;
 438         }
 439
 440         hdev->sw_romlib = (skb->data[0] & 0xf0) >> 4;
 441         hdev->sw_patch = skb->data[0] & 0x0f;
 442         hdev->sw_flashlib_major = skb->data[1];
 443         hdev->sw_flashlib_minor = skb->data[2];
 444
 445         kfree_skb(skb);
 446
 447         r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE,
 448                               NFC_HCI_ID_MGMT_VERSION_HW, &skb);
 449         if (r < 0)
 450                 return r;
 451
 452         if (skb->len != 3) {
 453                 kfree_skb(skb);
 454                 return -EINVAL;
 455         }
 456
 457         hdev->hw_derivative = (skb->data[0] & 0xe0) >> 5;
 458         hdev->hw_version = skb->data[0] & 0x1f;
 459         hdev->hw_mpw = (skb->data[1] & 0xc0) >> 6;
 460         hdev->hw_software = skb->data[1] & 0x3f;
 461         hdev->hw_bsid = skb->data[2];
 462
 463         kfree_skb(skb);
 464
 465         pr_info("SOFTWARE INFO:\n");
 466         pr_info("RomLib         : %d\n", hdev->sw_romlib);
 467         pr_info("Patch          : %d\n", hdev->sw_patch);
 468         pr_info("FlashLib Major : %d\n", hdev->sw_flashlib_major);
 469         pr_info("FlashLib Minor : %d\n", hdev->sw_flashlib_minor);
 470         pr_info("HARDWARE INFO:\n");
 471         pr_info("Derivative     : %d\n", hdev->hw_derivative);
 472         pr_info("HW Version     : %d\n", hdev->hw_version);
 473         pr_info("#MPW           : %d\n", hdev->hw_mpw);
 474         pr_info("Software       : %d\n", hdev->hw_software);
 475         pr_info("BSID Version   : %d\n", hdev->hw_bsid);
 476
 477         return 0;
 478 }
 479
 480 static int hci_dev_up(struct nfc_dev *nfc_dev)
 481 {
 482         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 483         int r = 0;
 484
 485         if (hdev->ops->open) {
 486                 r = hdev->ops->open(hdev);
 487                 if (r < 0)
 488                         return r;
 489         }
 490
 491         r = nfc_llc_start(hdev->llc);
 492         if (r < 0)
 493                 goto exit_close;
 494
 495         r = hci_dev_session_init(hdev);
 496         if (r < 0)
 497                 goto exit_llc;
 498
 499         r = nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 500                                NFC_HCI_EVT_END_OPERATION, NULL, 0);
 501         if (r < 0)
 502                 goto exit_llc;
 503
 504         if (hdev->ops->hci_ready) {
 505                 r = hdev->ops->hci_ready(hdev);
 506                 if (r < 0)
 507                         goto exit_llc;
 508         }
 509
 510         r = hci_dev_version(hdev);
 511         if (r < 0)
 512                 goto exit_llc;
 513
 514         return 0;
 515
 516 exit_llc:
 517         nfc_llc_stop(hdev->llc);
 518
 519 exit_close:
 520         if (hdev->ops->close)
 521                 hdev->ops->close(hdev);
 522
 523         return r;
 524 }
 525
 526 static int hci_dev_down(struct nfc_dev *nfc_dev)
 527 {
 528         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 529
 530         nfc_llc_stop(hdev->llc);
 531
 532         if (hdev->ops->close)
 533                 hdev->ops->close(hdev);
 534
 535         memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe));
 536
 537         return 0;
 538 }
 539
 540 static int hci_start_poll(struct nfc_dev *nfc_dev,
 541                           u32 im_protocols, u32 tm_protocols)
 542 {
 543         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 544
 545         if (hdev->ops->start_poll)
 546                 return hdev->ops->start_poll(hdev, im_protocols, tm_protocols);
 547         else
 548                 return nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 549                                           NFC_HCI_EVT_READER_REQUESTED,
 550                                           NULL, 0);
 551 }
 552
 553 static void hci_stop_poll(struct nfc_dev *nfc_dev)
 554 {
 555         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 556
 557         nfc_hci_send_event(hdev, NFC_HCI_RF_READER_A_GATE,
 558                            NFC_HCI_EVT_END_OPERATION, NULL, 0);
 559 }
 560
 561 static int hci_dep_link_up(struct nfc_dev *nfc_dev, struct nfc_target *target,
 562                                 __u8 comm_mode, __u8 *gb, size_t gb_len)
 563 {
 564         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 565
 566         if (hdev->ops->dep_link_up)
 567                 return hdev->ops->dep_link_up(hdev, target, comm_mode,
 568                                                 gb, gb_len);
 569
 570         return 0;
 571 }
 572
 573 static int hci_dep_link_down(struct nfc_dev *nfc_dev)
 574 {
 575         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 576
 577         if (hdev->ops->dep_link_down)
 578                 return hdev->ops->dep_link_down(hdev);
 579
 580         return 0;
 581 }
 582
 583 static int hci_activate_target(struct nfc_dev *nfc_dev,
 584                                struct nfc_target *target, u32 protocol)
 585 {
 586         return 0;
 587 }
 588
 589 static void hci_deactivate_target(struct nfc_dev *nfc_dev,
 590                                   struct nfc_target *target)
 591 {
 592 }
 593
 594 #define HCI_CB_TYPE_TRANSCEIVE 1
 595
 596 static void hci_transceive_cb(void *context, struct sk_buff *skb, int err)
 597 {
 598         struct nfc_hci_dev *hdev = context;
 599
 600         switch (hdev->async_cb_type) {
 601         case HCI_CB_TYPE_TRANSCEIVE:
 602                 /*
 603                  * TODO: Check RF Error indicator to make sure data is valid.
 604                  * It seems that HCI cmd can complete without error, but data
 605                  * can be invalid if an RF error occured? Ignore for now.
 606                  */
 607                 if (err == 0)
 608                         skb_trim(skb, skb->len - 1); /* RF Err ind */
 609
 610                 hdev->async_cb(hdev->async_cb_context, skb, err);
 611                 break;
 612         default:
 613                 if (err == 0)
 614                         kfree_skb(skb);
 615                 break;
 616         }
 617 }
 618
 619 static int hci_transceive(struct nfc_dev *nfc_dev, struct nfc_target *target,
 620                           struct sk_buff *skb, data_exchange_cb_t cb,
 621                           void *cb_context)
 622 {
 623         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 624         int r;
 625
 626         pr_debug("target_idx=%d\n", target->idx);
 627
 628         switch (target->hci_reader_gate) {
 629         case NFC_HCI_RF_READER_A_GATE:
 630         case NFC_HCI_RF_READER_B_GATE:
 631                 if (hdev->ops->im_transceive) {
 632                         r = hdev->ops->im_transceive(hdev, target, skb, cb,
 633                                                      cb_context);
 634                         if (r <= 0)     /* handled */
 635                                 break;
 636                 }
 637
 638                 *skb_push(skb, 1) = 0;  /* CTR, see spec:10.2.2.1 */
 639
 640                 hdev->async_cb_type = HCI_CB_TYPE_TRANSCEIVE;
 641                 hdev->async_cb = cb;
 642                 hdev->async_cb_context = cb_context;
 643
 644                 r = nfc_hci_send_cmd_async(hdev, target->hci_reader_gate,
 645                                            NFC_HCI_WR_XCHG_DATA, skb->data,
 646                                            skb->len, hci_transceive_cb, hdev);
 647                 break;
 648         default:
 649                 if (hdev->ops->im_transceive) {
 650                         r = hdev->ops->im_transceive(hdev, target, skb, cb,
 651                                                      cb_context);
 652                         if (r == 1)
 653                                 r = -ENOTSUPP;
 654                 } else {
 655                         r = -ENOTSUPP;
 656                 }
 657                 break;
 658         }
 659
 660         kfree_skb(skb);
 661
 662         return r;
 663 }
 664
 665 static int hci_tm_send(struct nfc_dev *nfc_dev, struct sk_buff *skb)
 666 {
 667         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 668
 669         if (hdev->ops->tm_send)
 670                 return hdev->ops->tm_send(hdev, skb);
 671         else
 672                 return -ENOTSUPP;
 673 }
 674
 675 static int hci_check_presence(struct nfc_dev *nfc_dev,
 676                               struct nfc_target *target)
 677 {
 678         struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
 679
 680         if (hdev->ops->check_presence)
 681                 return hdev->ops->check_presence(hdev, target);
 682
 683         return 0;
 684 }
 685
 686 static void nfc_hci_failure(struct nfc_hci_dev *hdev, int err)
 687 {
 688         mutex_lock(&hdev->msg_tx_mutex);
 689
 690         if (hdev->cmd_pending_msg == NULL) {
 691                 nfc_driver_failure(hdev->ndev, err);
 692                 goto exit;
 693         }
 694
 695         __nfc_hci_cmd_completion(hdev, err, NULL);
 696
 697 exit:
 698         mutex_unlock(&hdev->msg_tx_mutex);
 699 }
 700
 701 static void nfc_hci_llc_failure(struct nfc_hci_dev *hdev, int err)
 702 {
 703         nfc_hci_failure(hdev, err);
 704 }
 705
 706 static void nfc_hci_recv_from_llc(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 707 {
 708         struct hcp_packet *packet;
 709         u8 type;
 710         u8 instruction;
 711         struct sk_buff *hcp_skb;
 712         u8 pipe;
 713         struct sk_buff *frag_skb;
 714         int msg_len;
 715
 716         packet = (struct hcp_packet *)skb->data;
 717         if ((packet->header & ~NFC_HCI_FRAGMENT) == 0) {
 718                 skb_queue_tail(&hdev->rx_hcp_frags, skb);
 719                 return;
 720         }
 721
 722         /* it's the last fragment. Does it need re-aggregation? */
 723         if (skb_queue_len(&hdev->rx_hcp_frags)) {
 724                 pipe = packet->header & NFC_HCI_FRAGMENT;
 725                 skb_queue_tail(&hdev->rx_hcp_frags, skb);
 726
 727                 msg_len = 0;
 728                 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
 729                         msg_len += (frag_skb->len -
 730                                     NFC_HCI_HCP_PACKET_HEADER_LEN);
 731                 }
 732
 733                 hcp_skb = nfc_alloc_recv_skb(NFC_HCI_HCP_PACKET_HEADER_LEN +
 734                                              msg_len, GFP_KERNEL);
 735                 if (hcp_skb == NULL) {
 736                         nfc_hci_failure(hdev, -ENOMEM);
 737                         return;
 738                 }
 739
 740                 *skb_put(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN) = pipe;
 741
 742                 skb_queue_walk(&hdev->rx_hcp_frags, frag_skb) {
 743                         msg_len = frag_skb->len - NFC_HCI_HCP_PACKET_HEADER_LEN;
 744                         memcpy(skb_put(hcp_skb, msg_len),
 745                                frag_skb->data + NFC_HCI_HCP_PACKET_HEADER_LEN,
 746                                msg_len);
 747                 }
 748
 749                 skb_queue_purge(&hdev->rx_hcp_frags);
 750         } else {
 751                 packet->header &= NFC_HCI_FRAGMENT;
 752                 hcp_skb = skb;
 753         }
 754
 755         /* if this is a response, dispatch immediately to
 756          * unblock waiting cmd context. Otherwise, enqueue to dispatch
 757          * in separate context where handler can also execute command.
 758          */
 759         packet = (struct hcp_packet *)hcp_skb->data;
 760         type = HCP_MSG_GET_TYPE(packet->message.header);
 761         if (type == NFC_HCI_HCP_RESPONSE) {
 762                 pipe = packet->header;
 763                 instruction = HCP_MSG_GET_CMD(packet->message.header);
 764                 skb_pull(hcp_skb, NFC_HCI_HCP_PACKET_HEADER_LEN +
 765                          NFC_HCI_HCP_MESSAGE_HEADER_LEN);
 766                 nfc_hci_hcp_message_rx(hdev, pipe, type, instruction, hcp_skb);
 767         } else {
 768                 skb_queue_tail(&hdev->msg_rx_queue, hcp_skb);
 769                 schedule_work(&hdev->msg_rx_work);
 770         }
 771 }
 772
 773 static struct nfc_ops hci_nfc_ops = {
 774         .dev_up = hci_dev_up,
 775         .dev_down = hci_dev_down,
 776         .start_poll = hci_start_poll,
 777         .stop_poll = hci_stop_poll,
 778         .dep_link_up = hci_dep_link_up,
 779         .dep_link_down = hci_dep_link_down,
 780         .activate_target = hci_activate_target,
 781         .deactivate_target = hci_deactivate_target,
 782         .im_transceive = hci_transceive,
 783         .tm_send = hci_tm_send,
 784         .check_presence = hci_check_presence,
 785 };
 786
 787 struct nfc_hci_dev *nfc_hci_allocate_device(struct nfc_hci_ops *ops,
 788                                             struct nfc_hci_init_data *init_data,
 789                                             u32 protocols,
 790                                             const char *llc_name,
 791                                             int tx_headroom,
 792                                             int tx_tailroom,
 793                                             int max_link_payload)
 794 {
 795         struct nfc_hci_dev *hdev;
 796
 797         if (ops->xmit == NULL)
 798                 return NULL;
 799
 800         if (protocols == 0)
 801                 return NULL;
 802
 803         hdev = kzalloc(sizeof(struct nfc_hci_dev), GFP_KERNEL);
 804         if (hdev == NULL)
 805                 return NULL;
 806
 807         hdev->llc = nfc_llc_allocate(llc_name, hdev, ops->xmit,
 808                                      nfc_hci_recv_from_llc, tx_headroom,
 809                                      tx_tailroom, nfc_hci_llc_failure);
 810         if (hdev->llc == NULL) {
 811                 kfree(hdev);
 812                 return NULL;
 813         }
 814
 815         hdev->ndev = nfc_allocate_device(&hci_nfc_ops, protocols,
 816                                          tx_headroom + HCI_CMDS_HEADROOM,
 817                                          tx_tailroom);
 818         if (!hdev->ndev) {
 819                 nfc_llc_free(hdev->llc);
 820                 kfree(hdev);
 821                 return NULL;
 822         }
 823
 824         hdev->ops = ops;
 825         hdev->max_data_link_payload = max_link_payload;
 826         hdev->init_data = *init_data;
 827
 828         nfc_set_drvdata(hdev->ndev, hdev);
 829
 830         memset(hdev->gate2pipe, NFC_HCI_INVALID_PIPE, sizeof(hdev->gate2pipe));
 831
 832         return hdev;
 833 }
 834 EXPORT_SYMBOL(nfc_hci_allocate_device);
 835
 836 void nfc_hci_free_device(struct nfc_hci_dev *hdev)
 837 {
 838         nfc_free_device(hdev->ndev);
 839         nfc_llc_free(hdev->llc);
 840         kfree(hdev);
 841 }
 842 EXPORT_SYMBOL(nfc_hci_free_device);
 843
 844 int nfc_hci_register_device(struct nfc_hci_dev *hdev)
 845 {
 846         mutex_init(&hdev->msg_tx_mutex);
 847
 848         INIT_LIST_HEAD(&hdev->msg_tx_queue);
 849
 850         INIT_WORK(&hdev->msg_tx_work, nfc_hci_msg_tx_work);
 851
 852         init_timer(&hdev->cmd_timer);
 853         hdev->cmd_timer.data = (unsigned long)hdev;
 854         hdev->cmd_timer.function = nfc_hci_cmd_timeout;
 855
 856         skb_queue_head_init(&hdev->rx_hcp_frags);
 857
 858         INIT_WORK(&hdev->msg_rx_work, nfc_hci_msg_rx_work);
 859
 860         skb_queue_head_init(&hdev->msg_rx_queue);
 861
 862         return nfc_register_device(hdev->ndev);
 863 }
 864 EXPORT_SYMBOL(nfc_hci_register_device);
 865
 866 void nfc_hci_unregister_device(struct nfc_hci_dev *hdev)
 867 {
 868         struct hci_msg *msg, *n;
 869
 870         skb_queue_purge(&hdev->rx_hcp_frags);
 871         skb_queue_purge(&hdev->msg_rx_queue);
 872
 873         list_for_each_entry_safe(msg, n, &hdev->msg_tx_queue, msg_l) {
 874                 list_del(&msg->msg_l);
 875                 skb_queue_purge(&msg->msg_frags);
 876                 kfree(msg);
 877         }
 878
 879         del_timer_sync(&hdev->cmd_timer);
 880
 881         nfc_unregister_device(hdev->ndev);
 882
 883         cancel_work_sync(&hdev->msg_tx_work);
 884         cancel_work_sync(&hdev->msg_rx_work);
 885 }
 886 EXPORT_SYMBOL(nfc_hci_unregister_device);
 887
 888 void nfc_hci_set_clientdata(struct nfc_hci_dev *hdev, void *clientdata)
 889 {
 890         hdev->clientdata = clientdata;
 891 }
 892 EXPORT_SYMBOL(nfc_hci_set_clientdata);
 893
 894 void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev)
 895 {
 896         return hdev->clientdata;
 897 }
 898 EXPORT_SYMBOL(nfc_hci_get_clientdata);
 899
 900 void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err)
 901 {
 902         nfc_hci_failure(hdev, err);
 903 }
 904 EXPORT_SYMBOL(nfc_hci_driver_failure);
 905
 906 void nfc_hci_recv_frame(struct nfc_hci_dev *hdev, struct sk_buff *skb)
 907 {
 908         nfc_llc_rcv_from_drv(hdev->llc, skb);
 909 }
 910 EXPORT_SYMBOL(nfc_hci_recv_frame);
 911
 912 static int __init nfc_hci_init(void)
 913 {
 914         return nfc_llc_init();
 915 }
 916
 917 static void __exit nfc_hci_exit(void)
 918 {
 919         nfc_llc_exit();
 920 }
 921
 922 subsys_initcall(nfc_hci_init);
 923 module_exit(nfc_hci_exit);
 924
 925 MODULE_LICENSE("GPL");
 926 MODULE_DESCRIPTION("NFC HCI Core");