Merge tag '6.6-rc5-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6
[platform/kernel/linux-rpi.git] / net / nfc / digital_dep.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * NFC Digital Protocol stack
4  * Copyright (c) 2013, Intel Corporation.
5  */
6
7 #define pr_fmt(fmt) "digital: %s: " fmt, __func__
8
9 #include "digital.h"
10
11 #define DIGITAL_NFC_DEP_N_RETRY_NACK    2
12 #define DIGITAL_NFC_DEP_N_RETRY_ATN     2
13
14 #define DIGITAL_NFC_DEP_FRAME_DIR_OUT 0xD4
15 #define DIGITAL_NFC_DEP_FRAME_DIR_IN  0xD5
16
17 #define DIGITAL_NFC_DEP_NFCA_SOD_SB   0xF0
18
19 #define DIGITAL_CMD_ATR_REQ 0x00
20 #define DIGITAL_CMD_ATR_RES 0x01
21 #define DIGITAL_CMD_PSL_REQ 0x04
22 #define DIGITAL_CMD_PSL_RES 0x05
23 #define DIGITAL_CMD_DEP_REQ 0x06
24 #define DIGITAL_CMD_DEP_RES 0x07
25
26 #define DIGITAL_ATR_REQ_MIN_SIZE 16
27 #define DIGITAL_ATR_REQ_MAX_SIZE 64
28
29 #define DIGITAL_ATR_RES_TO_WT(s)        ((s) & 0xF)
30
31 #define DIGITAL_DID_MAX 14
32
33 #define DIGITAL_PAYLOAD_SIZE_MAX        254
34 #define DIGITAL_PAYLOAD_BITS_TO_PP(s)   (((s) & 0x3) << 4)
35 #define DIGITAL_PAYLOAD_PP_TO_BITS(s)   (((s) >> 4) & 0x3)
36 #define DIGITAL_PAYLOAD_BITS_TO_FSL(s)  ((s) & 0x3)
37 #define DIGITAL_PAYLOAD_FSL_TO_BITS(s)  ((s) & 0x3)
38
39 #define DIGITAL_GB_BIT  0x02
40
41 #define DIGITAL_NFC_DEP_PFB_TYPE(pfb) ((pfb) & 0xE0)
42
43 #define DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT 0x10
44 #define DIGITAL_NFC_DEP_PFB_MI_BIT      0x10
45 #define DIGITAL_NFC_DEP_PFB_NACK_BIT    0x10
46 #define DIGITAL_NFC_DEP_PFB_DID_BIT     0x04
47
48 #define DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb) \
49                                 ((pfb) & DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT)
50 #define DIGITAL_NFC_DEP_MI_BIT_SET(pfb)  ((pfb) & DIGITAL_NFC_DEP_PFB_MI_BIT)
51 #define DIGITAL_NFC_DEP_NACK_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_NACK_BIT)
52 #define DIGITAL_NFC_DEP_NAD_BIT_SET(pfb) ((pfb) & 0x08)
53 #define DIGITAL_NFC_DEP_DID_BIT_SET(pfb) ((pfb) & DIGITAL_NFC_DEP_PFB_DID_BIT)
54 #define DIGITAL_NFC_DEP_PFB_PNI(pfb)     ((pfb) & 0x03)
55
56 #define DIGITAL_NFC_DEP_RTOX_VALUE(data) ((data) & 0x3F)
57 #define DIGITAL_NFC_DEP_RTOX_MAX         59
58
59 #define DIGITAL_NFC_DEP_PFB_I_PDU          0x00
60 #define DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU   0x40
61 #define DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU 0x80
62
63 struct digital_atr_req {
64         u8 dir;
65         u8 cmd;
66         u8 nfcid3[10];
67         u8 did;
68         u8 bs;
69         u8 br;
70         u8 pp;
71         u8 gb[];
72 } __packed;
73
74 struct digital_atr_res {
75         u8 dir;
76         u8 cmd;
77         u8 nfcid3[10];
78         u8 did;
79         u8 bs;
80         u8 br;
81         u8 to;
82         u8 pp;
83         u8 gb[];
84 } __packed;
85
86 struct digital_psl_req {
87         u8 dir;
88         u8 cmd;
89         u8 did;
90         u8 brs;
91         u8 fsl;
92 } __packed;
93
94 struct digital_psl_res {
95         u8 dir;
96         u8 cmd;
97         u8 did;
98 } __packed;
99
100 struct digital_dep_req_res {
101         u8 dir;
102         u8 cmd;
103         u8 pfb;
104 } __packed;
105
106 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
107                                     struct sk_buff *resp);
108 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
109                                     struct sk_buff *resp);
110
111 static const u8 digital_payload_bits_map[4] = {
112         [0] = 64,
113         [1] = 128,
114         [2] = 192,
115         [3] = 254
116 };
117
118 /* Response Waiting Time for ATR_RES PDU in ms
119  *
120  * RWT(ATR_RES) = RWT(nfcdep,activation) + dRWT(nfcdep) + dT(nfcdep,initiator)
121  *
122  * with:
123  *  RWT(nfcdep,activation) = 4096 * 2^12 / f(c) s
124  *  dRWT(nfcdep) = 16 / f(c) s
125  *  dT(nfcdep,initiator) = 100 ms
126  *  f(c) = 13560000 Hz
127  */
128 #define DIGITAL_ATR_RES_RWT 1337
129
130 /* Response Waiting Time for other DEP PDUs in ms
131  *
132  * max_rwt = rwt + dRWT(nfcdep) + dT(nfcdep,initiator)
133  *
134  * with:
135  *  rwt = (256 * 16 / f(c)) * 2^wt s
136  *  dRWT(nfcdep) = 16 / f(c) s
137  *  dT(nfcdep,initiator) = 100 ms
138  *  f(c) = 13560000 Hz
139  *  0 <= wt <= 14 (given by the target by the TO field of ATR_RES response)
140  */
141 #define DIGITAL_NFC_DEP_IN_MAX_WT 14
142 #define DIGITAL_NFC_DEP_TG_MAX_WT 14
143 static const u16 digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT + 1] = {
144         100,  101,  101,  102,  105,
145         110,  119,  139,  177,  255,
146         409,  719, 1337, 2575, 5049,
147 };
148
149 static u8 digital_payload_bits_to_size(u8 payload_bits)
150 {
151         if (payload_bits >= ARRAY_SIZE(digital_payload_bits_map))
152                 return 0;
153
154         return digital_payload_bits_map[payload_bits];
155 }
156
157 static u8 digital_payload_size_to_bits(u8 payload_size)
158 {
159         int i;
160
161         for (i = 0; i < ARRAY_SIZE(digital_payload_bits_map); i++)
162                 if (digital_payload_bits_map[i] == payload_size)
163                         return i;
164
165         return 0xff;
166 }
167
168 static void digital_skb_push_dep_sod(struct nfc_digital_dev *ddev,
169                                      struct sk_buff *skb)
170 {
171         skb_push(skb, sizeof(u8));
172
173         skb->data[0] = skb->len;
174
175         if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
176                 *(u8 *)skb_push(skb, sizeof(u8)) = DIGITAL_NFC_DEP_NFCA_SOD_SB;
177 }
178
179 static int digital_skb_pull_dep_sod(struct nfc_digital_dev *ddev,
180                                     struct sk_buff *skb)
181 {
182         u8 size;
183
184         if (skb->len < 2)
185                 return -EIO;
186
187         if (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)
188                 skb_pull(skb, sizeof(u8));
189
190         size = skb->data[0];
191         if (size != skb->len)
192                 return -EIO;
193
194         skb_pull(skb, sizeof(u8));
195
196         return 0;
197 }
198
199 static struct sk_buff *
200 digital_send_dep_data_prep(struct nfc_digital_dev *ddev, struct sk_buff *skb,
201                            struct digital_dep_req_res *dep_req_res,
202                            struct digital_data_exch *data_exch)
203 {
204         struct sk_buff *new_skb;
205
206         if (skb->len > ddev->remote_payload_max) {
207                 dep_req_res->pfb |= DIGITAL_NFC_DEP_PFB_MI_BIT;
208
209                 new_skb = digital_skb_alloc(ddev, ddev->remote_payload_max);
210                 if (!new_skb) {
211                         kfree_skb(ddev->chaining_skb);
212                         ddev->chaining_skb = NULL;
213
214                         return ERR_PTR(-ENOMEM);
215                 }
216
217                 skb_put_data(new_skb, skb->data, ddev->remote_payload_max);
218                 skb_pull(skb, ddev->remote_payload_max);
219
220                 ddev->chaining_skb = skb;
221                 ddev->data_exch = data_exch;
222         } else {
223                 ddev->chaining_skb = NULL;
224                 new_skb = skb;
225         }
226
227         return new_skb;
228 }
229
230 static struct sk_buff *
231 digital_recv_dep_data_gather(struct nfc_digital_dev *ddev, u8 pfb,
232                              struct sk_buff *resp,
233                              int (*send_ack)(struct nfc_digital_dev *ddev,
234                                              struct digital_data_exch
235                                                              *data_exch),
236                              struct digital_data_exch *data_exch)
237 {
238         struct sk_buff *new_skb;
239         int rc;
240
241         if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb) && (!ddev->chaining_skb)) {
242                 ddev->chaining_skb =
243                         nfc_alloc_recv_skb(8 * ddev->local_payload_max,
244                                            GFP_KERNEL);
245                 if (!ddev->chaining_skb) {
246                         rc = -ENOMEM;
247                         goto error;
248                 }
249         }
250
251         if (ddev->chaining_skb) {
252                 if (resp->len > skb_tailroom(ddev->chaining_skb)) {
253                         new_skb = skb_copy_expand(ddev->chaining_skb,
254                                                   skb_headroom(
255                                                           ddev->chaining_skb),
256                                                   8 * ddev->local_payload_max,
257                                                   GFP_KERNEL);
258                         if (!new_skb) {
259                                 rc = -ENOMEM;
260                                 goto error;
261                         }
262
263                         kfree_skb(ddev->chaining_skb);
264                         ddev->chaining_skb = new_skb;
265                 }
266
267                 skb_put_data(ddev->chaining_skb, resp->data, resp->len);
268
269                 kfree_skb(resp);
270                 resp = NULL;
271
272                 if (DIGITAL_NFC_DEP_MI_BIT_SET(pfb)) {
273                         rc = send_ack(ddev, data_exch);
274                         if (rc)
275                                 goto error;
276
277                         return NULL;
278                 }
279
280                 resp = ddev->chaining_skb;
281                 ddev->chaining_skb = NULL;
282         }
283
284         return resp;
285
286 error:
287         kfree_skb(resp);
288
289         kfree_skb(ddev->chaining_skb);
290         ddev->chaining_skb = NULL;
291
292         return ERR_PTR(rc);
293 }
294
295 static void digital_in_recv_psl_res(struct nfc_digital_dev *ddev, void *arg,
296                                     struct sk_buff *resp)
297 {
298         struct nfc_target *target = arg;
299         struct digital_psl_res *psl_res;
300         int rc;
301
302         if (IS_ERR(resp)) {
303                 rc = PTR_ERR(resp);
304                 resp = NULL;
305                 goto exit;
306         }
307
308         rc = ddev->skb_check_crc(resp);
309         if (rc) {
310                 PROTOCOL_ERR("14.4.1.6");
311                 goto exit;
312         }
313
314         rc = digital_skb_pull_dep_sod(ddev, resp);
315         if (rc) {
316                 PROTOCOL_ERR("14.4.1.2");
317                 goto exit;
318         }
319
320         psl_res = (struct digital_psl_res *)resp->data;
321
322         if ((resp->len != sizeof(*psl_res)) ||
323             (psl_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN) ||
324             (psl_res->cmd != DIGITAL_CMD_PSL_RES)) {
325                 rc = -EIO;
326                 goto exit;
327         }
328
329         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH,
330                                      NFC_DIGITAL_RF_TECH_424F);
331         if (rc)
332                 goto exit;
333
334         rc = digital_in_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
335                                      NFC_DIGITAL_FRAMING_NFCF_NFC_DEP);
336         if (rc)
337                 goto exit;
338
339         if (!DIGITAL_DRV_CAPS_IN_CRC(ddev) &&
340             (ddev->curr_rf_tech == NFC_DIGITAL_RF_TECH_106A)) {
341                 ddev->skb_add_crc = digital_skb_add_crc_f;
342                 ddev->skb_check_crc = digital_skb_check_crc_f;
343         }
344
345         ddev->curr_rf_tech = NFC_DIGITAL_RF_TECH_424F;
346
347         nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
348                            NFC_RF_INITIATOR);
349
350         ddev->curr_nfc_dep_pni = 0;
351
352 exit:
353         dev_kfree_skb(resp);
354
355         if (rc)
356                 ddev->curr_protocol = 0;
357 }
358
359 static int digital_in_send_psl_req(struct nfc_digital_dev *ddev,
360                                    struct nfc_target *target)
361 {
362         struct sk_buff *skb;
363         struct digital_psl_req *psl_req;
364         int rc;
365         u8 payload_size, payload_bits;
366
367         skb = digital_skb_alloc(ddev, sizeof(*psl_req));
368         if (!skb)
369                 return -ENOMEM;
370
371         skb_put(skb, sizeof(*psl_req));
372
373         psl_req = (struct digital_psl_req *)skb->data;
374
375         psl_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
376         psl_req->cmd = DIGITAL_CMD_PSL_REQ;
377         psl_req->did = 0;
378         psl_req->brs = (0x2 << 3) | 0x2; /* 424F both directions */
379
380         payload_size = min(ddev->local_payload_max, ddev->remote_payload_max);
381         payload_bits = digital_payload_size_to_bits(payload_size);
382         psl_req->fsl = DIGITAL_PAYLOAD_BITS_TO_FSL(payload_bits);
383
384         ddev->local_payload_max = payload_size;
385         ddev->remote_payload_max = payload_size;
386
387         digital_skb_push_dep_sod(ddev, skb);
388
389         ddev->skb_add_crc(skb);
390
391         rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
392                                  digital_in_recv_psl_res, target);
393         if (rc)
394                 kfree_skb(skb);
395
396         return rc;
397 }
398
399 static void digital_in_recv_atr_res(struct nfc_digital_dev *ddev, void *arg,
400                                  struct sk_buff *resp)
401 {
402         struct nfc_target *target = arg;
403         struct digital_atr_res *atr_res;
404         u8 gb_len, payload_bits;
405         u8 wt;
406         int rc;
407
408         if (IS_ERR(resp)) {
409                 rc = PTR_ERR(resp);
410                 resp = NULL;
411                 goto exit;
412         }
413
414         rc = ddev->skb_check_crc(resp);
415         if (rc) {
416                 PROTOCOL_ERR("14.4.1.6");
417                 goto exit;
418         }
419
420         rc = digital_skb_pull_dep_sod(ddev, resp);
421         if (rc) {
422                 PROTOCOL_ERR("14.4.1.2");
423                 goto exit;
424         }
425
426         if (resp->len < sizeof(struct digital_atr_res)) {
427                 rc = -EIO;
428                 goto exit;
429         }
430
431         gb_len = resp->len - sizeof(struct digital_atr_res);
432
433         atr_res = (struct digital_atr_res *)resp->data;
434
435         wt = DIGITAL_ATR_RES_TO_WT(atr_res->to);
436         if (wt > DIGITAL_NFC_DEP_IN_MAX_WT)
437                 wt = DIGITAL_NFC_DEP_IN_MAX_WT;
438         ddev->dep_rwt = digital_rwt_map[wt];
439
440         payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_res->pp);
441         ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
442
443         if (!ddev->remote_payload_max) {
444                 rc = -EINVAL;
445                 goto exit;
446         }
447
448         rc = nfc_set_remote_general_bytes(ddev->nfc_dev, atr_res->gb, gb_len);
449         if (rc)
450                 goto exit;
451
452         if ((ddev->protocols & NFC_PROTO_FELICA_MASK) &&
453             (ddev->curr_rf_tech != NFC_DIGITAL_RF_TECH_424F)) {
454                 rc = digital_in_send_psl_req(ddev, target);
455                 if (!rc)
456                         goto exit;
457         }
458
459         rc = nfc_dep_link_is_up(ddev->nfc_dev, target->idx, NFC_COMM_ACTIVE,
460                                 NFC_RF_INITIATOR);
461
462         ddev->curr_nfc_dep_pni = 0;
463
464 exit:
465         dev_kfree_skb(resp);
466
467         if (rc)
468                 ddev->curr_protocol = 0;
469 }
470
471 int digital_in_send_atr_req(struct nfc_digital_dev *ddev,
472                             struct nfc_target *target, __u8 comm_mode, __u8 *gb,
473                             size_t gb_len)
474 {
475         struct sk_buff *skb;
476         struct digital_atr_req *atr_req;
477         uint size;
478         int rc;
479         u8 payload_bits;
480
481         size = DIGITAL_ATR_REQ_MIN_SIZE + gb_len;
482
483         if (size > DIGITAL_ATR_REQ_MAX_SIZE) {
484                 PROTOCOL_ERR("14.6.1.1");
485                 return -EINVAL;
486         }
487
488         skb = digital_skb_alloc(ddev, size);
489         if (!skb)
490                 return -ENOMEM;
491
492         skb_put(skb, sizeof(struct digital_atr_req));
493
494         atr_req = (struct digital_atr_req *)skb->data;
495         memset(atr_req, 0, sizeof(struct digital_atr_req));
496
497         atr_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
498         atr_req->cmd = DIGITAL_CMD_ATR_REQ;
499         if (target->nfcid2_len)
500                 memcpy(atr_req->nfcid3, target->nfcid2, NFC_NFCID2_MAXSIZE);
501         else
502                 get_random_bytes(atr_req->nfcid3, NFC_NFCID3_MAXSIZE);
503
504         atr_req->did = 0;
505         atr_req->bs = 0;
506         atr_req->br = 0;
507
508         ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
509         payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
510         atr_req->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
511
512         if (gb_len) {
513                 atr_req->pp |= DIGITAL_GB_BIT;
514                 skb_put_data(skb, gb, gb_len);
515         }
516
517         digital_skb_push_dep_sod(ddev, skb);
518
519         ddev->skb_add_crc(skb);
520
521         rc = digital_in_send_cmd(ddev, skb, DIGITAL_ATR_RES_RWT,
522                                  digital_in_recv_atr_res, target);
523         if (rc)
524                 kfree_skb(skb);
525
526         return rc;
527 }
528
529 static int digital_in_send_ack(struct nfc_digital_dev *ddev,
530                                struct digital_data_exch *data_exch)
531 {
532         struct digital_dep_req_res *dep_req;
533         struct sk_buff *skb;
534         int rc;
535
536         skb = digital_skb_alloc(ddev, 1);
537         if (!skb)
538                 return -ENOMEM;
539
540         skb_push(skb, sizeof(struct digital_dep_req_res));
541
542         dep_req = (struct digital_dep_req_res *)skb->data;
543
544         dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
545         dep_req->cmd = DIGITAL_CMD_DEP_REQ;
546         dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
547                        ddev->curr_nfc_dep_pni;
548
549         digital_skb_push_dep_sod(ddev, skb);
550
551         ddev->skb_add_crc(skb);
552
553         ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
554
555         rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
556                                  digital_in_recv_dep_res, data_exch);
557         if (rc) {
558                 kfree_skb(skb);
559                 kfree_skb(ddev->saved_skb);
560                 ddev->saved_skb = NULL;
561         }
562
563         return rc;
564 }
565
566 static int digital_in_send_nack(struct nfc_digital_dev *ddev,
567                                 struct digital_data_exch *data_exch)
568 {
569         struct digital_dep_req_res *dep_req;
570         struct sk_buff *skb;
571         int rc;
572
573         skb = digital_skb_alloc(ddev, 1);
574         if (!skb)
575                 return -ENOMEM;
576
577         skb_push(skb, sizeof(struct digital_dep_req_res));
578
579         dep_req = (struct digital_dep_req_res *)skb->data;
580
581         dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
582         dep_req->cmd = DIGITAL_CMD_DEP_REQ;
583         dep_req->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
584                        DIGITAL_NFC_DEP_PFB_NACK_BIT | ddev->curr_nfc_dep_pni;
585
586         digital_skb_push_dep_sod(ddev, skb);
587
588         ddev->skb_add_crc(skb);
589
590         rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
591                                  digital_in_recv_dep_res, data_exch);
592         if (rc)
593                 kfree_skb(skb);
594
595         return rc;
596 }
597
598 static int digital_in_send_atn(struct nfc_digital_dev *ddev,
599                                struct digital_data_exch *data_exch)
600 {
601         struct digital_dep_req_res *dep_req;
602         struct sk_buff *skb;
603         int rc;
604
605         skb = digital_skb_alloc(ddev, 1);
606         if (!skb)
607                 return -ENOMEM;
608
609         skb_push(skb, sizeof(struct digital_dep_req_res));
610
611         dep_req = (struct digital_dep_req_res *)skb->data;
612
613         dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
614         dep_req->cmd = DIGITAL_CMD_DEP_REQ;
615         dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
616
617         digital_skb_push_dep_sod(ddev, skb);
618
619         ddev->skb_add_crc(skb);
620
621         rc = digital_in_send_cmd(ddev, skb, ddev->dep_rwt,
622                                  digital_in_recv_dep_res, data_exch);
623         if (rc)
624                 kfree_skb(skb);
625
626         return rc;
627 }
628
629 static int digital_in_send_rtox(struct nfc_digital_dev *ddev,
630                                 struct digital_data_exch *data_exch, u8 rtox)
631 {
632         struct digital_dep_req_res *dep_req;
633         struct sk_buff *skb;
634         int rc;
635         u16 rwt_int;
636
637         rwt_int = ddev->dep_rwt * rtox;
638         if (rwt_int > digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT])
639                 rwt_int = digital_rwt_map[DIGITAL_NFC_DEP_IN_MAX_WT];
640
641         skb = digital_skb_alloc(ddev, 1);
642         if (!skb)
643                 return -ENOMEM;
644
645         skb_put_u8(skb, rtox);
646
647         skb_push(skb, sizeof(struct digital_dep_req_res));
648
649         dep_req = (struct digital_dep_req_res *)skb->data;
650
651         dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
652         dep_req->cmd = DIGITAL_CMD_DEP_REQ;
653         dep_req->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU |
654                        DIGITAL_NFC_DEP_PFB_TIMEOUT_BIT;
655
656         digital_skb_push_dep_sod(ddev, skb);
657
658         ddev->skb_add_crc(skb);
659
660         rc = digital_in_send_cmd(ddev, skb, rwt_int,
661                                  digital_in_recv_dep_res, data_exch);
662         if (rc)
663                 kfree_skb(skb);
664
665         return rc;
666 }
667
668 static int digital_in_send_saved_skb(struct nfc_digital_dev *ddev,
669                                      struct digital_data_exch *data_exch)
670 {
671         int rc;
672
673         if (!ddev->saved_skb)
674                 return -EINVAL;
675
676         skb_get(ddev->saved_skb);
677
678         rc = digital_in_send_cmd(ddev, ddev->saved_skb, ddev->dep_rwt,
679                                  digital_in_recv_dep_res, data_exch);
680         if (rc)
681                 kfree_skb(ddev->saved_skb);
682
683         return rc;
684 }
685
686 static void digital_in_recv_dep_res(struct nfc_digital_dev *ddev, void *arg,
687                                     struct sk_buff *resp)
688 {
689         struct digital_data_exch *data_exch = arg;
690         struct digital_dep_req_res *dep_res;
691         u8 pfb;
692         uint size;
693         int rc;
694         u8 rtox;
695
696         if (IS_ERR(resp)) {
697                 rc = PTR_ERR(resp);
698                 resp = NULL;
699
700                 if ((rc == -EIO || (rc == -ETIMEDOUT && ddev->nack_count)) &&
701                     (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
702                         ddev->atn_count = 0;
703
704                         rc = digital_in_send_nack(ddev, data_exch);
705                         if (rc)
706                                 goto error;
707
708                         return;
709                 } else if ((rc == -ETIMEDOUT) &&
710                            (ddev->atn_count++ < DIGITAL_NFC_DEP_N_RETRY_ATN)) {
711                         ddev->nack_count = 0;
712
713                         rc = digital_in_send_atn(ddev, data_exch);
714                         if (rc)
715                                 goto error;
716
717                         return;
718                 }
719
720                 goto exit;
721         }
722
723         rc = digital_skb_pull_dep_sod(ddev, resp);
724         if (rc) {
725                 PROTOCOL_ERR("14.4.1.2");
726                 goto exit;
727         }
728
729         rc = ddev->skb_check_crc(resp);
730         if (rc) {
731                 if ((resp->len >= 4) &&
732                     (ddev->nack_count++ < DIGITAL_NFC_DEP_N_RETRY_NACK)) {
733                         ddev->atn_count = 0;
734
735                         rc = digital_in_send_nack(ddev, data_exch);
736                         if (rc)
737                                 goto error;
738
739                         kfree_skb(resp);
740
741                         return;
742                 }
743
744                 PROTOCOL_ERR("14.4.1.6");
745                 goto error;
746         }
747
748         ddev->atn_count = 0;
749         ddev->nack_count = 0;
750
751         if (resp->len > ddev->local_payload_max) {
752                 rc = -EMSGSIZE;
753                 goto exit;
754         }
755
756         size = sizeof(struct digital_dep_req_res);
757         dep_res = (struct digital_dep_req_res *)resp->data;
758
759         if (resp->len < size || dep_res->dir != DIGITAL_NFC_DEP_FRAME_DIR_IN ||
760             dep_res->cmd != DIGITAL_CMD_DEP_RES) {
761                 rc = -EIO;
762                 goto error;
763         }
764
765         pfb = dep_res->pfb;
766
767         if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
768                 PROTOCOL_ERR("14.8.2.1");
769                 rc = -EIO;
770                 goto error;
771         }
772
773         if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
774                 rc = -EIO;
775                 goto exit;
776         }
777
778         if (size > resp->len) {
779                 rc = -EIO;
780                 goto error;
781         }
782
783         skb_pull(resp, size);
784
785         switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
786         case DIGITAL_NFC_DEP_PFB_I_PDU:
787                 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
788                         PROTOCOL_ERR("14.12.3.3");
789                         rc = -EIO;
790                         goto error;
791                 }
792
793                 ddev->curr_nfc_dep_pni =
794                         DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
795
796                 kfree_skb(ddev->saved_skb);
797                 ddev->saved_skb = NULL;
798
799                 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
800                                                     digital_in_send_ack,
801                                                     data_exch);
802                 if (IS_ERR(resp)) {
803                         rc = PTR_ERR(resp);
804                         resp = NULL;
805                         goto error;
806                 }
807
808                 /* If resp is NULL then we're still chaining so return and
809                  * wait for the next part of the PDU.  Else, the PDU is
810                  * complete so pass it up.
811                  */
812                 if (!resp)
813                         return;
814
815                 rc = 0;
816                 break;
817
818         case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
819                 if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) {
820                         PROTOCOL_ERR("14.12.4.5");
821                         rc = -EIO;
822                         goto exit;
823                 }
824
825                 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
826                         PROTOCOL_ERR("14.12.3.3");
827                         rc = -EIO;
828                         goto exit;
829                 }
830
831                 ddev->curr_nfc_dep_pni =
832                         DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
833
834                 if (!ddev->chaining_skb) {
835                         PROTOCOL_ERR("14.12.4.3");
836                         rc = -EIO;
837                         goto exit;
838                 }
839
840                 /* The initiator has received a valid ACK. Free the last sent
841                  * PDU and keep on sending chained skb.
842                  */
843                 kfree_skb(ddev->saved_skb);
844                 ddev->saved_skb = NULL;
845
846                 rc = digital_in_send_dep_req(ddev, NULL,
847                                              ddev->chaining_skb,
848                                              ddev->data_exch);
849                 if (rc)
850                         goto error;
851
852                 goto free_resp;
853
854         case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
855                 if (!DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) { /* ATN */
856                         rc = digital_in_send_saved_skb(ddev, data_exch);
857                         if (rc)
858                                 goto error;
859
860                         goto free_resp;
861                 }
862
863                 if (ddev->atn_count || ddev->nack_count) {
864                         PROTOCOL_ERR("14.12.4.4");
865                         rc = -EIO;
866                         goto error;
867                 }
868
869                 rtox = DIGITAL_NFC_DEP_RTOX_VALUE(resp->data[0]);
870                 if (!rtox || rtox > DIGITAL_NFC_DEP_RTOX_MAX) {
871                         PROTOCOL_ERR("14.8.4.1");
872                         rc = -EIO;
873                         goto error;
874                 }
875
876                 rc = digital_in_send_rtox(ddev, data_exch, rtox);
877                 if (rc)
878                         goto error;
879
880                 goto free_resp;
881         }
882
883 exit:
884         data_exch->cb(data_exch->cb_context, resp, rc);
885
886 error:
887         kfree(data_exch);
888
889         kfree_skb(ddev->chaining_skb);
890         ddev->chaining_skb = NULL;
891
892         kfree_skb(ddev->saved_skb);
893         ddev->saved_skb = NULL;
894
895         if (rc)
896                 kfree_skb(resp);
897
898         return;
899
900 free_resp:
901         dev_kfree_skb(resp);
902 }
903
904 int digital_in_send_dep_req(struct nfc_digital_dev *ddev,
905                             struct nfc_target *target, struct sk_buff *skb,
906                             struct digital_data_exch *data_exch)
907 {
908         struct digital_dep_req_res *dep_req;
909         struct sk_buff *chaining_skb, *tmp_skb;
910         int rc;
911
912         skb_push(skb, sizeof(struct digital_dep_req_res));
913
914         dep_req = (struct digital_dep_req_res *)skb->data;
915
916         dep_req->dir = DIGITAL_NFC_DEP_FRAME_DIR_OUT;
917         dep_req->cmd = DIGITAL_CMD_DEP_REQ;
918         dep_req->pfb = ddev->curr_nfc_dep_pni;
919
920         ddev->atn_count = 0;
921         ddev->nack_count = 0;
922
923         chaining_skb = ddev->chaining_skb;
924
925         tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_req, data_exch);
926         if (IS_ERR(tmp_skb))
927                 return PTR_ERR(tmp_skb);
928
929         digital_skb_push_dep_sod(ddev, tmp_skb);
930
931         ddev->skb_add_crc(tmp_skb);
932
933         ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
934
935         rc = digital_in_send_cmd(ddev, tmp_skb, ddev->dep_rwt,
936                                  digital_in_recv_dep_res, data_exch);
937         if (rc) {
938                 if (tmp_skb != skb)
939                         kfree_skb(tmp_skb);
940
941                 kfree_skb(chaining_skb);
942                 ddev->chaining_skb = NULL;
943
944                 kfree_skb(ddev->saved_skb);
945                 ddev->saved_skb = NULL;
946         }
947
948         return rc;
949 }
950
951 static void digital_tg_set_rf_tech(struct nfc_digital_dev *ddev, u8 rf_tech)
952 {
953         ddev->curr_rf_tech = rf_tech;
954
955         ddev->skb_add_crc = digital_skb_add_crc_none;
956         ddev->skb_check_crc = digital_skb_check_crc_none;
957
958         if (DIGITAL_DRV_CAPS_TG_CRC(ddev))
959                 return;
960
961         switch (ddev->curr_rf_tech) {
962         case NFC_DIGITAL_RF_TECH_106A:
963                 ddev->skb_add_crc = digital_skb_add_crc_a;
964                 ddev->skb_check_crc = digital_skb_check_crc_a;
965                 break;
966
967         case NFC_DIGITAL_RF_TECH_212F:
968         case NFC_DIGITAL_RF_TECH_424F:
969                 ddev->skb_add_crc = digital_skb_add_crc_f;
970                 ddev->skb_check_crc = digital_skb_check_crc_f;
971                 break;
972
973         default:
974                 break;
975         }
976 }
977
978 static int digital_tg_send_ack(struct nfc_digital_dev *ddev,
979                                struct digital_data_exch *data_exch)
980 {
981         struct digital_dep_req_res *dep_res;
982         struct sk_buff *skb;
983         int rc;
984
985         skb = digital_skb_alloc(ddev, 1);
986         if (!skb)
987                 return -ENOMEM;
988
989         skb_push(skb, sizeof(struct digital_dep_req_res));
990
991         dep_res = (struct digital_dep_req_res *)skb->data;
992
993         dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
994         dep_res->cmd = DIGITAL_CMD_DEP_RES;
995         dep_res->pfb = DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU |
996                        ddev->curr_nfc_dep_pni;
997
998         if (ddev->did) {
999                 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1000
1001                 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1002         }
1003
1004         ddev->curr_nfc_dep_pni =
1005                 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1006
1007         digital_skb_push_dep_sod(ddev, skb);
1008
1009         ddev->skb_add_crc(skb);
1010
1011         ddev->saved_skb = pskb_copy(skb, GFP_KERNEL);
1012
1013         rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1014                                  data_exch);
1015         if (rc) {
1016                 kfree_skb(skb);
1017                 kfree_skb(ddev->saved_skb);
1018                 ddev->saved_skb = NULL;
1019         }
1020
1021         return rc;
1022 }
1023
1024 static int digital_tg_send_atn(struct nfc_digital_dev *ddev)
1025 {
1026         struct digital_dep_req_res *dep_res;
1027         struct sk_buff *skb;
1028         int rc;
1029
1030         skb = digital_skb_alloc(ddev, 1);
1031         if (!skb)
1032                 return -ENOMEM;
1033
1034         skb_push(skb, sizeof(struct digital_dep_req_res));
1035
1036         dep_res = (struct digital_dep_req_res *)skb->data;
1037
1038         dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1039         dep_res->cmd = DIGITAL_CMD_DEP_RES;
1040         dep_res->pfb = DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU;
1041
1042         if (ddev->did) {
1043                 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1044
1045                 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1046         }
1047
1048         digital_skb_push_dep_sod(ddev, skb);
1049
1050         ddev->skb_add_crc(skb);
1051
1052         rc = digital_tg_send_cmd(ddev, skb, 1500, digital_tg_recv_dep_req,
1053                                  NULL);
1054         if (rc)
1055                 kfree_skb(skb);
1056
1057         return rc;
1058 }
1059
1060 static int digital_tg_send_saved_skb(struct nfc_digital_dev *ddev)
1061 {
1062         int rc;
1063
1064         if (!ddev->saved_skb)
1065                 return -EINVAL;
1066
1067         skb_get(ddev->saved_skb);
1068
1069         rc = digital_tg_send_cmd(ddev, ddev->saved_skb, 1500,
1070                                  digital_tg_recv_dep_req, NULL);
1071         if (rc)
1072                 kfree_skb(ddev->saved_skb);
1073
1074         return rc;
1075 }
1076
1077 static void digital_tg_recv_dep_req(struct nfc_digital_dev *ddev, void *arg,
1078                                     struct sk_buff *resp)
1079 {
1080         int rc;
1081         struct digital_dep_req_res *dep_req;
1082         u8 pfb;
1083         size_t size;
1084
1085         if (IS_ERR(resp)) {
1086                 rc = PTR_ERR(resp);
1087                 resp = NULL;
1088                 goto exit;
1089         }
1090
1091         rc = ddev->skb_check_crc(resp);
1092         if (rc) {
1093                 PROTOCOL_ERR("14.4.1.6");
1094                 goto exit;
1095         }
1096
1097         rc = digital_skb_pull_dep_sod(ddev, resp);
1098         if (rc) {
1099                 PROTOCOL_ERR("14.4.1.2");
1100                 goto exit;
1101         }
1102
1103         if (resp->len > ddev->local_payload_max) {
1104                 rc = -EMSGSIZE;
1105                 goto exit;
1106         }
1107
1108         size = sizeof(struct digital_dep_req_res);
1109         dep_req = (struct digital_dep_req_res *)resp->data;
1110
1111         if (resp->len < size || dep_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1112             dep_req->cmd != DIGITAL_CMD_DEP_REQ) {
1113                 rc = -EIO;
1114                 goto exit;
1115         }
1116
1117         pfb = dep_req->pfb;
1118
1119         if (DIGITAL_NFC_DEP_DID_BIT_SET(pfb)) {
1120                 if (ddev->did && (ddev->did == resp->data[3])) {
1121                         size++;
1122                 } else {
1123                         rc = -EIO;
1124                         goto exit;
1125                 }
1126         } else if (ddev->did) {
1127                 rc = -EIO;
1128                 goto exit;
1129         }
1130
1131         if (DIGITAL_NFC_DEP_NAD_BIT_SET(pfb)) {
1132                 rc = -EIO;
1133                 goto exit;
1134         }
1135
1136         if (size > resp->len) {
1137                 rc = -EIO;
1138                 goto exit;
1139         }
1140
1141         skb_pull(resp, size);
1142
1143         switch (DIGITAL_NFC_DEP_PFB_TYPE(pfb)) {
1144         case DIGITAL_NFC_DEP_PFB_I_PDU:
1145                 pr_debug("DIGITAL_NFC_DEP_PFB_I_PDU\n");
1146
1147                 if (ddev->atn_count) {
1148                         /* The target has received (and replied to) at least one
1149                          * ATN DEP_REQ.
1150                          */
1151                         ddev->atn_count = 0;
1152
1153                         /* pni of resp PDU equal to the target current pni - 1
1154                          * means resp is the previous DEP_REQ PDU received from
1155                          * the initiator so the target replies with saved_skb
1156                          * which is the previous DEP_RES saved in
1157                          * digital_tg_send_dep_res().
1158                          */
1159                         if (DIGITAL_NFC_DEP_PFB_PNI(pfb) ==
1160                           DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni - 1)) {
1161                                 rc = digital_tg_send_saved_skb(ddev);
1162                                 if (rc)
1163                                         goto exit;
1164
1165                                 goto free_resp;
1166                         }
1167
1168                         /* atn_count > 0 and PDU pni != curr_nfc_dep_pni - 1
1169                          * means the target probably did not received the last
1170                          * DEP_REQ PDU sent by the initiator. The target
1171                          * fallbacks to normal processing then.
1172                          */
1173                 }
1174
1175                 if (DIGITAL_NFC_DEP_PFB_PNI(pfb) != ddev->curr_nfc_dep_pni) {
1176                         PROTOCOL_ERR("14.12.3.4");
1177                         rc = -EIO;
1178                         goto exit;
1179                 }
1180
1181                 kfree_skb(ddev->saved_skb);
1182                 ddev->saved_skb = NULL;
1183
1184                 resp = digital_recv_dep_data_gather(ddev, pfb, resp,
1185                                                     digital_tg_send_ack, NULL);
1186                 if (IS_ERR(resp)) {
1187                         rc = PTR_ERR(resp);
1188                         resp = NULL;
1189                         goto exit;
1190                 }
1191
1192                 /* If resp is NULL then we're still chaining so return and
1193                  * wait for the next part of the PDU.  Else, the PDU is
1194                  * complete so pass it up.
1195                  */
1196                 if (!resp)
1197                         return;
1198
1199                 rc = 0;
1200                 break;
1201         case DIGITAL_NFC_DEP_PFB_ACK_NACK_PDU:
1202                 if (DIGITAL_NFC_DEP_NACK_BIT_SET(pfb)) { /* NACK */
1203                         if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) !=
1204                                                 ddev->curr_nfc_dep_pni) {
1205                                 rc = -EIO;
1206                                 goto exit;
1207                         }
1208
1209                         ddev->atn_count = 0;
1210
1211                         rc = digital_tg_send_saved_skb(ddev);
1212                         if (rc)
1213                                 goto exit;
1214
1215                         goto free_resp;
1216                 }
1217
1218                 /* ACK */
1219                 if (ddev->atn_count) {
1220                         /* The target has previously received one or more ATN
1221                          * PDUs.
1222                          */
1223                         ddev->atn_count = 0;
1224
1225                         /* If the ACK PNI is equal to the target PNI - 1 means
1226                          * that the initiator did not receive the previous PDU
1227                          * sent by the target so re-send it.
1228                          */
1229                         if (DIGITAL_NFC_DEP_PFB_PNI(pfb + 1) ==
1230                                                 ddev->curr_nfc_dep_pni) {
1231                                 rc = digital_tg_send_saved_skb(ddev);
1232                                 if (rc)
1233                                         goto exit;
1234
1235                                 goto free_resp;
1236                         }
1237
1238                         /* Otherwise, the target did not receive the previous
1239                          * ACK PDU from the initiator. Fallback to normal
1240                          * processing of chained PDU then.
1241                          */
1242                 }
1243
1244                 /* Keep on sending chained PDU */
1245                 if (!ddev->chaining_skb ||
1246                     DIGITAL_NFC_DEP_PFB_PNI(pfb) !=
1247                                         ddev->curr_nfc_dep_pni) {
1248                         rc = -EIO;
1249                         goto exit;
1250                 }
1251
1252                 kfree_skb(ddev->saved_skb);
1253                 ddev->saved_skb = NULL;
1254
1255                 rc = digital_tg_send_dep_res(ddev, ddev->chaining_skb);
1256                 if (rc)
1257                         goto exit;
1258
1259                 goto free_resp;
1260         case DIGITAL_NFC_DEP_PFB_SUPERVISOR_PDU:
1261                 if (DIGITAL_NFC_DEP_PFB_IS_TIMEOUT(pfb)) {
1262                         rc = -EINVAL;
1263                         goto exit;
1264                 }
1265
1266                 rc = digital_tg_send_atn(ddev);
1267                 if (rc)
1268                         goto exit;
1269
1270                 ddev->atn_count++;
1271
1272                 goto free_resp;
1273         }
1274
1275         rc = nfc_tm_data_received(ddev->nfc_dev, resp);
1276         if (rc)
1277                 resp = NULL;
1278
1279 exit:
1280         kfree_skb(ddev->chaining_skb);
1281         ddev->chaining_skb = NULL;
1282
1283         ddev->atn_count = 0;
1284
1285         kfree_skb(ddev->saved_skb);
1286         ddev->saved_skb = NULL;
1287
1288         if (rc)
1289                 kfree_skb(resp);
1290
1291         return;
1292
1293 free_resp:
1294         dev_kfree_skb(resp);
1295 }
1296
1297 int digital_tg_send_dep_res(struct nfc_digital_dev *ddev, struct sk_buff *skb)
1298 {
1299         struct digital_dep_req_res *dep_res;
1300         struct sk_buff *chaining_skb, *tmp_skb;
1301         int rc;
1302
1303         skb_push(skb, sizeof(struct digital_dep_req_res));
1304
1305         dep_res = (struct digital_dep_req_res *)skb->data;
1306
1307         dep_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1308         dep_res->cmd = DIGITAL_CMD_DEP_RES;
1309         dep_res->pfb = ddev->curr_nfc_dep_pni;
1310
1311         if (ddev->did) {
1312                 dep_res->pfb |= DIGITAL_NFC_DEP_PFB_DID_BIT;
1313
1314                 skb_put_data(skb, &ddev->did, sizeof(ddev->did));
1315         }
1316
1317         ddev->curr_nfc_dep_pni =
1318                 DIGITAL_NFC_DEP_PFB_PNI(ddev->curr_nfc_dep_pni + 1);
1319
1320         chaining_skb = ddev->chaining_skb;
1321
1322         tmp_skb = digital_send_dep_data_prep(ddev, skb, dep_res, NULL);
1323         if (IS_ERR(tmp_skb))
1324                 return PTR_ERR(tmp_skb);
1325
1326         digital_skb_push_dep_sod(ddev, tmp_skb);
1327
1328         ddev->skb_add_crc(tmp_skb);
1329
1330         ddev->saved_skb = pskb_copy(tmp_skb, GFP_KERNEL);
1331
1332         rc = digital_tg_send_cmd(ddev, tmp_skb, 1500, digital_tg_recv_dep_req,
1333                                  NULL);
1334         if (rc) {
1335                 if (tmp_skb != skb)
1336                         kfree_skb(tmp_skb);
1337
1338                 kfree_skb(chaining_skb);
1339                 ddev->chaining_skb = NULL;
1340
1341                 kfree_skb(ddev->saved_skb);
1342                 ddev->saved_skb = NULL;
1343         }
1344
1345         return rc;
1346 }
1347
1348 static void digital_tg_send_psl_res_complete(struct nfc_digital_dev *ddev,
1349                                              void *arg, struct sk_buff *resp)
1350 {
1351         u8 rf_tech = (unsigned long)arg;
1352
1353         if (IS_ERR(resp))
1354                 return;
1355
1356         digital_tg_set_rf_tech(ddev, rf_tech);
1357
1358         digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_RF_TECH, rf_tech);
1359
1360         digital_tg_listen(ddev, 1500, digital_tg_recv_dep_req, NULL);
1361
1362         dev_kfree_skb(resp);
1363 }
1364
1365 static int digital_tg_send_psl_res(struct nfc_digital_dev *ddev, u8 did,
1366                                    u8 rf_tech)
1367 {
1368         struct digital_psl_res *psl_res;
1369         struct sk_buff *skb;
1370         int rc;
1371
1372         skb = digital_skb_alloc(ddev, sizeof(struct digital_psl_res));
1373         if (!skb)
1374                 return -ENOMEM;
1375
1376         skb_put(skb, sizeof(struct digital_psl_res));
1377
1378         psl_res = (struct digital_psl_res *)skb->data;
1379
1380         psl_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1381         psl_res->cmd = DIGITAL_CMD_PSL_RES;
1382         psl_res->did = did;
1383
1384         digital_skb_push_dep_sod(ddev, skb);
1385
1386         ddev->skb_add_crc(skb);
1387
1388         ddev->curr_nfc_dep_pni = 0;
1389
1390         rc = digital_tg_send_cmd(ddev, skb, 0, digital_tg_send_psl_res_complete,
1391                                  (void *)(unsigned long)rf_tech);
1392         if (rc)
1393                 kfree_skb(skb);
1394
1395         return rc;
1396 }
1397
1398 static void digital_tg_recv_psl_req(struct nfc_digital_dev *ddev, void *arg,
1399                                     struct sk_buff *resp)
1400 {
1401         int rc;
1402         struct digital_psl_req *psl_req;
1403         u8 rf_tech;
1404         u8 dsi, payload_size, payload_bits;
1405
1406         if (IS_ERR(resp)) {
1407                 rc = PTR_ERR(resp);
1408                 resp = NULL;
1409                 goto exit;
1410         }
1411
1412         rc = ddev->skb_check_crc(resp);
1413         if (rc) {
1414                 PROTOCOL_ERR("14.4.1.6");
1415                 goto exit;
1416         }
1417
1418         rc = digital_skb_pull_dep_sod(ddev, resp);
1419         if (rc) {
1420                 PROTOCOL_ERR("14.4.1.2");
1421                 goto exit;
1422         }
1423
1424         psl_req = (struct digital_psl_req *)resp->data;
1425
1426         if (resp->len != sizeof(struct digital_psl_req) ||
1427             psl_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1428             psl_req->cmd != DIGITAL_CMD_PSL_REQ) {
1429                 rc = -EIO;
1430                 goto exit;
1431         }
1432
1433         dsi = (psl_req->brs >> 3) & 0x07;
1434         switch (dsi) {
1435         case 0:
1436                 rf_tech = NFC_DIGITAL_RF_TECH_106A;
1437                 break;
1438         case 1:
1439                 rf_tech = NFC_DIGITAL_RF_TECH_212F;
1440                 break;
1441         case 2:
1442                 rf_tech = NFC_DIGITAL_RF_TECH_424F;
1443                 break;
1444         default:
1445                 pr_err("Unsupported dsi value %d\n", dsi);
1446                 goto exit;
1447         }
1448
1449         payload_bits = DIGITAL_PAYLOAD_FSL_TO_BITS(psl_req->fsl);
1450         payload_size = digital_payload_bits_to_size(payload_bits);
1451
1452         if (!payload_size || (payload_size > min(ddev->local_payload_max,
1453                                                  ddev->remote_payload_max))) {
1454                 rc = -EINVAL;
1455                 goto exit;
1456         }
1457
1458         ddev->local_payload_max = payload_size;
1459         ddev->remote_payload_max = payload_size;
1460
1461         rc = digital_tg_send_psl_res(ddev, psl_req->did, rf_tech);
1462
1463 exit:
1464         kfree_skb(resp);
1465 }
1466
1467 static void digital_tg_send_atr_res_complete(struct nfc_digital_dev *ddev,
1468                                              void *arg, struct sk_buff *resp)
1469 {
1470         int offset;
1471
1472         if (IS_ERR(resp)) {
1473                 digital_poll_next_tech(ddev);
1474                 return;
1475         }
1476
1477         offset = 2;
1478         if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB)
1479                 offset++;
1480
1481         ddev->atn_count = 0;
1482
1483         if (resp->data[offset] == DIGITAL_CMD_PSL_REQ)
1484                 digital_tg_recv_psl_req(ddev, arg, resp);
1485         else
1486                 digital_tg_recv_dep_req(ddev, arg, resp);
1487 }
1488
1489 static int digital_tg_send_atr_res(struct nfc_digital_dev *ddev,
1490                                    struct digital_atr_req *atr_req)
1491 {
1492         struct digital_atr_res *atr_res;
1493         struct sk_buff *skb;
1494         u8 *gb, payload_bits;
1495         size_t gb_len;
1496         int rc;
1497
1498         gb = nfc_get_local_general_bytes(ddev->nfc_dev, &gb_len);
1499         if (!gb)
1500                 gb_len = 0;
1501
1502         skb = digital_skb_alloc(ddev, sizeof(struct digital_atr_res) + gb_len);
1503         if (!skb)
1504                 return -ENOMEM;
1505
1506         skb_put(skb, sizeof(struct digital_atr_res));
1507         atr_res = (struct digital_atr_res *)skb->data;
1508
1509         memset(atr_res, 0, sizeof(struct digital_atr_res));
1510
1511         atr_res->dir = DIGITAL_NFC_DEP_FRAME_DIR_IN;
1512         atr_res->cmd = DIGITAL_CMD_ATR_RES;
1513         memcpy(atr_res->nfcid3, atr_req->nfcid3, sizeof(atr_req->nfcid3));
1514         atr_res->to = DIGITAL_NFC_DEP_TG_MAX_WT;
1515
1516         ddev->local_payload_max = DIGITAL_PAYLOAD_SIZE_MAX;
1517         payload_bits = digital_payload_size_to_bits(ddev->local_payload_max);
1518         atr_res->pp = DIGITAL_PAYLOAD_BITS_TO_PP(payload_bits);
1519
1520         if (gb_len) {
1521                 skb_put(skb, gb_len);
1522
1523                 atr_res->pp |= DIGITAL_GB_BIT;
1524                 memcpy(atr_res->gb, gb, gb_len);
1525         }
1526
1527         digital_skb_push_dep_sod(ddev, skb);
1528
1529         ddev->skb_add_crc(skb);
1530
1531         ddev->curr_nfc_dep_pni = 0;
1532
1533         rc = digital_tg_send_cmd(ddev, skb, 999,
1534                                  digital_tg_send_atr_res_complete, NULL);
1535         if (rc)
1536                 kfree_skb(skb);
1537
1538         return rc;
1539 }
1540
1541 void digital_tg_recv_atr_req(struct nfc_digital_dev *ddev, void *arg,
1542                              struct sk_buff *resp)
1543 {
1544         int rc;
1545         struct digital_atr_req *atr_req;
1546         size_t gb_len, min_size;
1547         u8 poll_tech_count, payload_bits;
1548
1549         if (IS_ERR(resp)) {
1550                 rc = PTR_ERR(resp);
1551                 resp = NULL;
1552                 goto exit;
1553         }
1554
1555         if (!resp->len) {
1556                 rc = -EIO;
1557                 goto exit;
1558         }
1559
1560         if (resp->data[0] == DIGITAL_NFC_DEP_NFCA_SOD_SB) {
1561                 min_size = DIGITAL_ATR_REQ_MIN_SIZE + 2;
1562                 digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_106A);
1563         } else {
1564                 min_size = DIGITAL_ATR_REQ_MIN_SIZE + 1;
1565                 digital_tg_set_rf_tech(ddev, NFC_DIGITAL_RF_TECH_212F);
1566         }
1567
1568         if (resp->len < min_size) {
1569                 rc = -EIO;
1570                 goto exit;
1571         }
1572
1573         ddev->curr_protocol = NFC_PROTO_NFC_DEP_MASK;
1574
1575         rc = ddev->skb_check_crc(resp);
1576         if (rc) {
1577                 PROTOCOL_ERR("14.4.1.6");
1578                 goto exit;
1579         }
1580
1581         rc = digital_skb_pull_dep_sod(ddev, resp);
1582         if (rc) {
1583                 PROTOCOL_ERR("14.4.1.2");
1584                 goto exit;
1585         }
1586
1587         atr_req = (struct digital_atr_req *)resp->data;
1588
1589         if (atr_req->dir != DIGITAL_NFC_DEP_FRAME_DIR_OUT ||
1590             atr_req->cmd != DIGITAL_CMD_ATR_REQ ||
1591             atr_req->did > DIGITAL_DID_MAX) {
1592                 rc = -EINVAL;
1593                 goto exit;
1594         }
1595
1596         payload_bits = DIGITAL_PAYLOAD_PP_TO_BITS(atr_req->pp);
1597         ddev->remote_payload_max = digital_payload_bits_to_size(payload_bits);
1598
1599         if (!ddev->remote_payload_max) {
1600                 rc = -EINVAL;
1601                 goto exit;
1602         }
1603
1604         ddev->did = atr_req->did;
1605
1606         rc = digital_tg_configure_hw(ddev, NFC_DIGITAL_CONFIG_FRAMING,
1607                                      NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED);
1608         if (rc)
1609                 goto exit;
1610
1611         rc = digital_tg_send_atr_res(ddev, atr_req);
1612         if (rc)
1613                 goto exit;
1614
1615         gb_len = resp->len - sizeof(struct digital_atr_req);
1616
1617         poll_tech_count = ddev->poll_tech_count;
1618         ddev->poll_tech_count = 0;
1619
1620         rc = nfc_tm_activated(ddev->nfc_dev, NFC_PROTO_NFC_DEP_MASK,
1621                               NFC_COMM_PASSIVE, atr_req->gb, gb_len);
1622         if (rc) {
1623                 ddev->poll_tech_count = poll_tech_count;
1624                 goto exit;
1625         }
1626
1627         rc = 0;
1628 exit:
1629         if (rc)
1630                 digital_poll_next_tech(ddev);
1631
1632         dev_kfree_skb(resp);
1633 }