Commit | Line | Data |
---|---|---|
8ae01f79 | 1 | /* |
ed06aeef | 2 | * Secure Element driver for STMicroelectronics NFC NCI chip |
8ae01f79 | 3 | * |
ed06aeef | 4 | * Copyright (C) 2014-2015 STMicroelectronics SAS. All rights reserved. |
8ae01f79 CR |
5 | * |
6 | * This program is free software; you can redistribute it and/or modify it | |
7 | * under the terms and conditions of the GNU General Public License, | |
8 | * version 2, as published by the Free Software Foundation. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU General Public License | |
16 | * along with this program; if not, see <http://www.gnu.org/licenses/>. | |
17 | */ | |
18 | ||
19 | #include <linux/module.h> | |
20 | #include <linux/nfc.h> | |
21 | #include <linux/delay.h> | |
22 | #include <net/nfc/nci.h> | |
23 | #include <net/nfc/nci_core.h> | |
24 | ||
ed06aeef | 25 | #include "st-nci.h" |
8ae01f79 | 26 | |
ed06aeef | 27 | struct st_nci_pipe_info { |
8ae01f79 CR |
28 | u8 pipe_state; |
29 | u8 src_host_id; | |
30 | u8 src_gate_id; | |
31 | u8 dst_host_id; | |
32 | u8 dst_gate_id; | |
33 | } __packed; | |
34 | ||
35 | /* Hosts */ | |
ed06aeef CR |
36 | #define ST_NCI_HOST_CONTROLLER_ID 0x00 |
37 | #define ST_NCI_TERMINAL_HOST_ID 0x01 | |
38 | #define ST_NCI_UICC_HOST_ID 0x02 | |
39 | #define ST_NCI_ESE_HOST_ID 0xc0 | |
8ae01f79 CR |
40 | |
41 | /* Gates */ | |
ed06aeef CR |
42 | #define ST_NCI_APDU_READER_GATE 0xf0 |
43 | #define ST_NCI_CONNECTIVITY_GATE 0x41 | |
8ae01f79 CR |
44 | |
45 | /* Pipes */ | |
ed06aeef | 46 | #define ST_NCI_DEVICE_MGNT_PIPE 0x02 |
8ae01f79 CR |
47 | |
48 | /* Connectivity pipe only */ | |
ed06aeef | 49 | #define ST_NCI_SE_COUNT_PIPE_UICC 0x01 |
8ae01f79 | 50 | /* Connectivity + APDU Reader pipe */ |
ed06aeef | 51 | #define ST_NCI_SE_COUNT_PIPE_EMBEDDED 0x02 |
8ae01f79 | 52 | |
ed06aeef CR |
53 | #define ST_NCI_SE_TO_HOT_PLUG 1000 /* msecs */ |
54 | #define ST_NCI_SE_TO_PIPES 2000 | |
8ae01f79 | 55 | |
ed06aeef | 56 | #define ST_NCI_EVT_HOT_PLUG_IS_INHIBITED(x) (x->data[0] & 0x80) |
8ae01f79 CR |
57 | |
58 | #define NCI_HCI_APDU_PARAM_ATR 0x01 | |
59 | #define NCI_HCI_ADMIN_PARAM_SESSION_IDENTITY 0x01 | |
60 | #define NCI_HCI_ADMIN_PARAM_WHITELIST 0x03 | |
61 | #define NCI_HCI_ADMIN_PARAM_HOST_LIST 0x04 | |
62 | ||
ed06aeef CR |
63 | #define ST_NCI_EVT_SE_HARD_RESET 0x20 |
64 | #define ST_NCI_EVT_TRANSMIT_DATA 0x10 | |
064d0047 | 65 | #define ST_NCI_EVT_WTX_REQUEST 0x11 |
ed06aeef CR |
66 | #define ST_NCI_EVT_SE_SOFT_RESET 0x11 |
67 | #define ST_NCI_EVT_SE_END_OF_APDU_TRANSFER 0x21 | |
68 | #define ST_NCI_EVT_HOT_PLUG 0x03 | |
8ae01f79 | 69 | |
ed06aeef CR |
70 | #define ST_NCI_SE_MODE_OFF 0x00 |
71 | #define ST_NCI_SE_MODE_ON 0x01 | |
8ae01f79 | 72 | |
ed06aeef CR |
73 | #define ST_NCI_EVT_CONNECTIVITY 0x10 |
74 | #define ST_NCI_EVT_TRANSACTION 0x12 | |
8ae01f79 | 75 | |
ed06aeef CR |
76 | #define ST_NCI_DM_GETINFO 0x13 |
77 | #define ST_NCI_DM_GETINFO_PIPE_LIST 0x02 | |
78 | #define ST_NCI_DM_GETINFO_PIPE_INFO 0x01 | |
79 | #define ST_NCI_DM_PIPE_CREATED 0x02 | |
80 | #define ST_NCI_DM_PIPE_OPEN 0x04 | |
81 | #define ST_NCI_DM_RF_ACTIVE 0x80 | |
82 | #define ST_NCI_DM_DISCONNECT 0x30 | |
8ae01f79 | 83 | |
ed06aeef CR |
84 | #define ST_NCI_DM_IS_PIPE_OPEN(p) \ |
85 | ((p & 0x0f) == (ST_NCI_DM_PIPE_CREATED | ST_NCI_DM_PIPE_OPEN)) | |
8ae01f79 | 86 | |
ed06aeef | 87 | #define ST_NCI_ATR_DEFAULT_BWI 0x04 |
8ae01f79 CR |
88 | |
89 | /* | |
90 | * WT = 2^BWI/10[s], convert into msecs and add a secure | |
91 | * room by increasing by 2 this timeout | |
92 | */ | |
ed06aeef CR |
93 | #define ST_NCI_BWI_TO_TIMEOUT(x) ((1 << x) * 200) |
94 | #define ST_NCI_ATR_GET_Y_FROM_TD(x) (x >> 4) | |
8ae01f79 CR |
95 | |
96 | /* If TA is present bit 0 is set */ | |
ed06aeef | 97 | #define ST_NCI_ATR_TA_PRESENT(x) (x & 0x01) |
8ae01f79 | 98 | /* If TB is present bit 1 is set */ |
ed06aeef | 99 | #define ST_NCI_ATR_TB_PRESENT(x) (x & 0x02) |
8ae01f79 | 100 | |
ed06aeef | 101 | #define ST_NCI_NUM_DEVICES 256 |
8ae01f79 | 102 | |
ed06aeef | 103 | static DECLARE_BITMAP(dev_mask, ST_NCI_NUM_DEVICES); |
8ae01f79 | 104 | |
ed06aeef CR |
105 | /* Here are the mandatory pipe for st_nci */ |
106 | static struct nci_hci_gate st_nci_gates[] = { | |
8ae01f79 | 107 | {NCI_HCI_ADMIN_GATE, NCI_HCI_ADMIN_PIPE, |
ed06aeef | 108 | ST_NCI_HOST_CONTROLLER_ID}, |
8ae01f79 | 109 | {NCI_HCI_LINK_MGMT_GATE, NCI_HCI_LINK_MGMT_PIPE, |
ed06aeef CR |
110 | ST_NCI_HOST_CONTROLLER_ID}, |
111 | {ST_NCI_DEVICE_MGNT_GATE, ST_NCI_DEVICE_MGNT_PIPE, | |
112 | ST_NCI_HOST_CONTROLLER_ID}, | |
8ae01f79 | 113 | |
7e357404 CR |
114 | {NCI_HCI_IDENTITY_MGMT_GATE, NCI_HCI_INVALID_PIPE, |
115 | ST_NCI_HOST_CONTROLLER_ID}, | |
116 | ||
8ae01f79 | 117 | /* Secure element pipes are created by secure element host */ |
ed06aeef CR |
118 | {ST_NCI_CONNECTIVITY_GATE, NCI_HCI_DO_NOT_OPEN_PIPE, |
119 | ST_NCI_HOST_CONTROLLER_ID}, | |
120 | {ST_NCI_APDU_READER_GATE, NCI_HCI_DO_NOT_OPEN_PIPE, | |
121 | ST_NCI_HOST_CONTROLLER_ID}, | |
8ae01f79 CR |
122 | }; |
123 | ||
ed06aeef | 124 | static u8 st_nci_se_get_bwi(struct nci_dev *ndev) |
8ae01f79 CR |
125 | { |
126 | int i; | |
127 | u8 td; | |
ed06aeef | 128 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
129 | |
130 | /* Bits 8 to 5 of the first TB for T=1 encode BWI from zero to nine */ | |
ed06aeef CR |
131 | for (i = 1; i < ST_NCI_ESE_MAX_LENGTH; i++) { |
132 | td = ST_NCI_ATR_GET_Y_FROM_TD(info->se_info.atr[i]); | |
133 | if (ST_NCI_ATR_TA_PRESENT(td)) | |
8ae01f79 | 134 | i++; |
ed06aeef | 135 | if (ST_NCI_ATR_TB_PRESENT(td)) { |
8ae01f79 CR |
136 | i++; |
137 | return info->se_info.atr[i] >> 4; | |
138 | } | |
139 | } | |
ed06aeef | 140 | return ST_NCI_ATR_DEFAULT_BWI; |
8ae01f79 CR |
141 | } |
142 | ||
ed06aeef | 143 | static void st_nci_se_get_atr(struct nci_dev *ndev) |
8ae01f79 | 144 | { |
ed06aeef | 145 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
146 | int r; |
147 | struct sk_buff *skb; | |
148 | ||
ed06aeef | 149 | r = nci_hci_get_param(ndev, ST_NCI_APDU_READER_GATE, |
8ae01f79 CR |
150 | NCI_HCI_APDU_PARAM_ATR, &skb); |
151 | if (r < 0) | |
152 | return; | |
153 | ||
ed06aeef | 154 | if (skb->len <= ST_NCI_ESE_MAX_LENGTH) { |
8ae01f79 CR |
155 | memcpy(info->se_info.atr, skb->data, skb->len); |
156 | ||
157 | info->se_info.wt_timeout = | |
ed06aeef | 158 | ST_NCI_BWI_TO_TIMEOUT(st_nci_se_get_bwi(ndev)); |
8ae01f79 CR |
159 | } |
160 | kfree_skb(skb); | |
161 | } | |
162 | ||
ed06aeef | 163 | int st_nci_hci_load_session(struct nci_dev *ndev) |
8ae01f79 CR |
164 | { |
165 | int i, j, r; | |
166 | struct sk_buff *skb_pipe_list, *skb_pipe_info; | |
ed06aeef CR |
167 | struct st_nci_pipe_info *dm_pipe_info; |
168 | u8 pipe_list[] = { ST_NCI_DM_GETINFO_PIPE_LIST, | |
169 | ST_NCI_TERMINAL_HOST_ID}; | |
170 | u8 pipe_info[] = { ST_NCI_DM_GETINFO_PIPE_INFO, | |
171 | ST_NCI_TERMINAL_HOST_ID, 0}; | |
8ae01f79 | 172 | |
ed06aeef | 173 | /* On ST_NCI device pipes number are dynamics |
8ae01f79 CR |
174 | * If pipes are already created, hci_dev_up will fail. |
175 | * Doing a clear all pipe is a bad idea because: | |
176 | * - It does useless EEPROM cycling | |
177 | * - It might cause issue for secure elements support | |
178 | * (such as removing connectivity or APDU reader pipe) | |
ed06aeef | 179 | * A better approach on ST_NCI is to: |
8ae01f79 | 180 | * - get a pipe list for each host. |
ed06aeef | 181 | * (eg: ST_NCI_HOST_CONTROLLER_ID for now). |
8ae01f79 CR |
182 | * (TODO Later on UICC HOST and eSE HOST) |
183 | * - get pipe information | |
ed06aeef CR |
184 | * - match retrieved pipe list in st_nci_gates |
185 | * ST_NCI_DEVICE_MGNT_GATE is a proprietary gate | |
186 | * with ST_NCI_DEVICE_MGNT_PIPE. | |
8ae01f79 CR |
187 | * Pipe can be closed and need to be open. |
188 | */ | |
ed06aeef CR |
189 | r = nci_hci_connect_gate(ndev, ST_NCI_HOST_CONTROLLER_ID, |
190 | ST_NCI_DEVICE_MGNT_GATE, | |
191 | ST_NCI_DEVICE_MGNT_PIPE); | |
8ae01f79 | 192 | if (r < 0) |
daaf1e1f | 193 | return r; |
8ae01f79 CR |
194 | |
195 | /* Get pipe list */ | |
ed06aeef CR |
196 | r = nci_hci_send_cmd(ndev, ST_NCI_DEVICE_MGNT_GATE, |
197 | ST_NCI_DM_GETINFO, pipe_list, sizeof(pipe_list), | |
8ae01f79 CR |
198 | &skb_pipe_list); |
199 | if (r < 0) | |
daaf1e1f | 200 | return r; |
8ae01f79 CR |
201 | |
202 | /* Complete the existing gate_pipe table */ | |
203 | for (i = 0; i < skb_pipe_list->len; i++) { | |
204 | pipe_info[2] = skb_pipe_list->data[i]; | |
ed06aeef CR |
205 | r = nci_hci_send_cmd(ndev, ST_NCI_DEVICE_MGNT_GATE, |
206 | ST_NCI_DM_GETINFO, pipe_info, | |
8ae01f79 CR |
207 | sizeof(pipe_info), &skb_pipe_info); |
208 | ||
209 | if (r) | |
210 | continue; | |
211 | ||
212 | /* | |
213 | * Match pipe ID and gate ID | |
214 | * Output format from ST21NFC_DM_GETINFO is: | |
215 | * - pipe state (1byte) | |
216 | * - source hid (1byte) | |
217 | * - source gid (1byte) | |
218 | * - destination hid (1byte) | |
219 | * - destination gid (1byte) | |
220 | */ | |
ed06aeef CR |
221 | dm_pipe_info = (struct st_nci_pipe_info *)skb_pipe_info->data; |
222 | if (dm_pipe_info->dst_gate_id == ST_NCI_APDU_READER_GATE && | |
0209e79d | 223 | dm_pipe_info->src_host_id == ST_NCI_UICC_HOST_ID) { |
8ae01f79 CR |
224 | pr_err("Unexpected apdu_reader pipe on host %x\n", |
225 | dm_pipe_info->src_host_id); | |
daaf1e1f | 226 | kfree_skb(skb_pipe_info); |
8ae01f79 CR |
227 | continue; |
228 | } | |
229 | ||
d3f13c55 | 230 | for (j = 3; (j < ARRAY_SIZE(st_nci_gates)) && |
ed06aeef | 231 | (st_nci_gates[j].gate != dm_pipe_info->dst_gate_id); j++) |
8ae01f79 CR |
232 | ; |
233 | ||
ed06aeef CR |
234 | if (j < ARRAY_SIZE(st_nci_gates) && |
235 | st_nci_gates[j].gate == dm_pipe_info->dst_gate_id && | |
236 | ST_NCI_DM_IS_PIPE_OPEN(dm_pipe_info->pipe_state)) { | |
22c84c5b | 237 | ndev->hci_dev->init_data.gates[j].pipe = pipe_info[2]; |
8ae01f79 | 238 | |
ed06aeef | 239 | ndev->hci_dev->gate2pipe[st_nci_gates[j].gate] = |
22c84c5b CR |
240 | pipe_info[2]; |
241 | ndev->hci_dev->pipes[pipe_info[2]].gate = | |
ed06aeef | 242 | st_nci_gates[j].gate; |
22c84c5b | 243 | ndev->hci_dev->pipes[pipe_info[2]].host = |
8ae01f79 CR |
244 | dm_pipe_info->src_host_id; |
245 | } | |
daaf1e1f | 246 | kfree_skb(skb_pipe_info); |
8ae01f79 CR |
247 | } |
248 | ||
9dfe29f1 CR |
249 | /* |
250 | * 3 gates have a well known pipe ID. Only NCI_HCI_LINK_MGMT_GATE | |
251 | * is not yet open at this stage. | |
252 | */ | |
253 | r = nci_hci_connect_gate(ndev, ST_NCI_HOST_CONTROLLER_ID, | |
254 | NCI_HCI_LINK_MGMT_GATE, | |
255 | NCI_HCI_LINK_MGMT_PIPE); | |
256 | ||
8ae01f79 CR |
257 | kfree_skb(skb_pipe_list); |
258 | return r; | |
259 | } | |
ed06aeef | 260 | EXPORT_SYMBOL_GPL(st_nci_hci_load_session); |
8ae01f79 | 261 | |
ed06aeef | 262 | static void st_nci_hci_admin_event_received(struct nci_dev *ndev, |
8ae01f79 CR |
263 | u8 event, struct sk_buff *skb) |
264 | { | |
ed06aeef | 265 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
266 | |
267 | switch (event) { | |
ed06aeef | 268 | case ST_NCI_EVT_HOT_PLUG: |
8ae01f79 | 269 | if (info->se_info.se_active) { |
ed06aeef | 270 | if (!ST_NCI_EVT_HOT_PLUG_IS_INHIBITED(skb)) { |
8ae01f79 CR |
271 | del_timer_sync(&info->se_info.se_active_timer); |
272 | info->se_info.se_active = false; | |
273 | complete(&info->se_info.req_completion); | |
274 | } else { | |
275 | mod_timer(&info->se_info.se_active_timer, | |
276 | jiffies + | |
ed06aeef | 277 | msecs_to_jiffies(ST_NCI_SE_TO_PIPES)); |
8ae01f79 CR |
278 | } |
279 | } | |
280 | break; | |
2b5dbe08 CR |
281 | default: |
282 | nfc_err(&ndev->nfc_dev->dev, "Unexpected event on admin gate\n"); | |
8ae01f79 CR |
283 | } |
284 | } | |
285 | ||
ed06aeef | 286 | static int st_nci_hci_apdu_reader_event_received(struct nci_dev *ndev, |
8ae01f79 CR |
287 | u8 event, |
288 | struct sk_buff *skb) | |
289 | { | |
290 | int r = 0; | |
ed06aeef | 291 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
292 | |
293 | pr_debug("apdu reader gate event: %x\n", event); | |
294 | ||
295 | switch (event) { | |
ed06aeef | 296 | case ST_NCI_EVT_TRANSMIT_DATA: |
8ae01f79 CR |
297 | del_timer_sync(&info->se_info.bwi_timer); |
298 | info->se_info.bwi_active = false; | |
299 | info->se_info.cb(info->se_info.cb_context, | |
300 | skb->data, skb->len, 0); | |
301 | break; | |
ed06aeef | 302 | case ST_NCI_EVT_WTX_REQUEST: |
8ae01f79 CR |
303 | mod_timer(&info->se_info.bwi_timer, jiffies + |
304 | msecs_to_jiffies(info->se_info.wt_timeout)); | |
305 | break; | |
2b5dbe08 CR |
306 | default: |
307 | nfc_err(&ndev->nfc_dev->dev, "Unexpected event on apdu reader gate\n"); | |
308 | return 1; | |
8ae01f79 CR |
309 | } |
310 | ||
311 | kfree_skb(skb); | |
312 | return r; | |
313 | } | |
314 | ||
315 | /* | |
316 | * Returns: | |
317 | * <= 0: driver handled the event, skb consumed | |
318 | * 1: driver does not handle the event, please do standard processing | |
319 | */ | |
ed06aeef | 320 | static int st_nci_hci_connectivity_event_received(struct nci_dev *ndev, |
8ae01f79 CR |
321 | u8 host, u8 event, |
322 | struct sk_buff *skb) | |
323 | { | |
324 | int r = 0; | |
5d1ceb7f CR |
325 | struct device *dev = &ndev->nfc_dev->dev; |
326 | struct nfc_evt_transaction *transaction; | |
8ae01f79 CR |
327 | |
328 | pr_debug("connectivity gate event: %x\n", event); | |
329 | ||
330 | switch (event) { | |
ed06aeef | 331 | case ST_NCI_EVT_CONNECTIVITY: |
25960c21 | 332 | r = nfc_se_connectivity(ndev->nfc_dev, host); |
8ae01f79 | 333 | break; |
ed06aeef | 334 | case ST_NCI_EVT_TRANSACTION: |
1dab57f0 CR |
335 | /* According to specification etsi 102 622 |
336 | * 11.2.2.4 EVT_TRANSACTION Table 52 | |
337 | * Description Tag Length | |
338 | * AID 81 5 to 16 | |
339 | * PARAMETERS 82 0 to 255 | |
340 | */ | |
5d1ceb7f CR |
341 | if (skb->len < NFC_MIN_AID_LENGTH + 2 && |
342 | skb->data[0] != NFC_EVT_TRANSACTION_AID_TAG) | |
343 | return -EPROTO; | |
344 | ||
345 | transaction = (struct nfc_evt_transaction *)devm_kzalloc(dev, | |
346 | skb->len - 2, GFP_KERNEL); | |
347 | ||
348 | transaction->aid_len = skb->data[1]; | |
1dab57f0 | 349 | memcpy(transaction->aid, &skb->data[2], transaction->aid_len); |
5d1ceb7f | 350 | |
1dab57f0 | 351 | /* Check next byte is PARAMETERS tag (82) */ |
5d1ceb7f CR |
352 | if (skb->data[transaction->aid_len + 2] != |
353 | NFC_EVT_TRANSACTION_PARAMS_TAG) | |
354 | return -EPROTO; | |
355 | ||
356 | transaction->params_len = skb->data[transaction->aid_len + 3]; | |
357 | memcpy(transaction->params, skb->data + | |
358 | transaction->aid_len + 4, transaction->params_len); | |
359 | ||
360 | r = nfc_se_transaction(ndev->nfc_dev, host, transaction); | |
05db6e94 | 361 | break; |
8ae01f79 | 362 | default: |
2b5dbe08 | 363 | nfc_err(&ndev->nfc_dev->dev, "Unexpected event on connectivity gate\n"); |
8ae01f79 CR |
364 | return 1; |
365 | } | |
366 | kfree_skb(skb); | |
367 | return r; | |
368 | } | |
369 | ||
ed06aeef | 370 | void st_nci_hci_event_received(struct nci_dev *ndev, u8 pipe, |
8ae01f79 CR |
371 | u8 event, struct sk_buff *skb) |
372 | { | |
373 | u8 gate = ndev->hci_dev->pipes[pipe].gate; | |
374 | u8 host = ndev->hci_dev->pipes[pipe].host; | |
375 | ||
376 | switch (gate) { | |
377 | case NCI_HCI_ADMIN_GATE: | |
ed06aeef | 378 | st_nci_hci_admin_event_received(ndev, event, skb); |
8ae01f79 | 379 | break; |
ed06aeef CR |
380 | case ST_NCI_APDU_READER_GATE: |
381 | st_nci_hci_apdu_reader_event_received(ndev, event, skb); | |
8ae01f79 | 382 | break; |
ed06aeef | 383 | case ST_NCI_CONNECTIVITY_GATE: |
b1fa4dc4 CR |
384 | st_nci_hci_connectivity_event_received(ndev, host, event, skb); |
385 | break; | |
8ae01f79 CR |
386 | } |
387 | } | |
ed06aeef | 388 | EXPORT_SYMBOL_GPL(st_nci_hci_event_received); |
8ae01f79 | 389 | |
ed06aeef | 390 | void st_nci_hci_cmd_received(struct nci_dev *ndev, u8 pipe, u8 cmd, |
8ae01f79 CR |
391 | struct sk_buff *skb) |
392 | { | |
ed06aeef | 393 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
394 | u8 gate = ndev->hci_dev->pipes[pipe].gate; |
395 | ||
396 | pr_debug("cmd: %x\n", cmd); | |
397 | ||
398 | switch (cmd) { | |
399 | case NCI_HCI_ANY_OPEN_PIPE: | |
ed06aeef CR |
400 | if (gate != ST_NCI_APDU_READER_GATE && |
401 | ndev->hci_dev->pipes[pipe].host != ST_NCI_UICC_HOST_ID) | |
8ae01f79 CR |
402 | ndev->hci_dev->count_pipes++; |
403 | ||
404 | if (ndev->hci_dev->count_pipes == | |
405 | ndev->hci_dev->expected_pipes) { | |
406 | del_timer_sync(&info->se_info.se_active_timer); | |
407 | info->se_info.se_active = false; | |
408 | ndev->hci_dev->count_pipes = 0; | |
409 | complete(&info->se_info.req_completion); | |
410 | } | |
411 | break; | |
412 | } | |
413 | } | |
ed06aeef | 414 | EXPORT_SYMBOL_GPL(st_nci_hci_cmd_received); |
8ae01f79 | 415 | |
ed06aeef | 416 | static int st_nci_control_se(struct nci_dev *ndev, u8 se_idx, |
3648dc6d | 417 | u8 state) |
8ae01f79 | 418 | { |
ed06aeef | 419 | struct st_nci_info *info = nci_get_drvdata(ndev); |
4e932acc | 420 | int r, i; |
8ae01f79 CR |
421 | struct sk_buff *sk_host_list; |
422 | u8 host_id; | |
423 | ||
424 | switch (se_idx) { | |
ed06aeef | 425 | case ST_NCI_UICC_HOST_ID: |
8ae01f79 | 426 | ndev->hci_dev->count_pipes = 0; |
ed06aeef | 427 | ndev->hci_dev->expected_pipes = ST_NCI_SE_COUNT_PIPE_UICC; |
8ae01f79 | 428 | break; |
ed06aeef | 429 | case ST_NCI_ESE_HOST_ID: |
8ae01f79 | 430 | ndev->hci_dev->count_pipes = 0; |
ed06aeef | 431 | ndev->hci_dev->expected_pipes = ST_NCI_SE_COUNT_PIPE_EMBEDDED; |
8ae01f79 CR |
432 | break; |
433 | default: | |
434 | return -EINVAL; | |
435 | } | |
436 | ||
437 | /* | |
438 | * Wait for an EVT_HOT_PLUG in order to | |
439 | * retrieve a relevant host list. | |
440 | */ | |
441 | reinit_completion(&info->se_info.req_completion); | |
3648dc6d | 442 | r = nci_nfcee_mode_set(ndev, se_idx, state); |
8ae01f79 CR |
443 | if (r != NCI_STATUS_OK) |
444 | return r; | |
445 | ||
446 | mod_timer(&info->se_info.se_active_timer, jiffies + | |
ed06aeef | 447 | msecs_to_jiffies(ST_NCI_SE_TO_HOT_PLUG)); |
8ae01f79 CR |
448 | info->se_info.se_active = true; |
449 | ||
450 | /* Ignore return value and check in any case the host_list */ | |
451 | wait_for_completion_interruptible(&info->se_info.req_completion); | |
452 | ||
453 | /* There might be some "collision" after receiving a HOT_PLUG event | |
454 | * This may cause the CLF to not answer to the next hci command. | |
455 | * There is no possible synchronization to prevent this. | |
456 | * Adding a small delay is the only way to solve the issue. | |
457 | */ | |
3648dc6d CR |
458 | if (info->se_info.se_status->is_ese_present && |
459 | info->se_info.se_status->is_uicc_present) | |
06521053 | 460 | usleep_range(15000, 20000); |
8ae01f79 CR |
461 | |
462 | r = nci_hci_get_param(ndev, NCI_HCI_ADMIN_GATE, | |
463 | NCI_HCI_ADMIN_PARAM_HOST_LIST, &sk_host_list); | |
464 | if (r != NCI_HCI_ANY_OK) | |
465 | return r; | |
466 | ||
4e932acc CR |
467 | for (i = 0; i < sk_host_list->len && |
468 | sk_host_list->data[i] != se_idx; i++) | |
469 | ; | |
470 | host_id = sk_host_list->data[i]; | |
8ae01f79 | 471 | kfree_skb(sk_host_list); |
ed06aeef | 472 | if (state == ST_NCI_SE_MODE_ON && host_id == se_idx) |
8ae01f79 | 473 | return se_idx; |
ed06aeef | 474 | else if (state == ST_NCI_SE_MODE_OFF && host_id != se_idx) |
8ae01f79 CR |
475 | return se_idx; |
476 | ||
477 | return -1; | |
478 | } | |
479 | ||
ed06aeef | 480 | int st_nci_disable_se(struct nci_dev *ndev, u32 se_idx) |
8ae01f79 CR |
481 | { |
482 | int r; | |
483 | ||
ed06aeef | 484 | pr_debug("st_nci_disable_se\n"); |
8ae01f79 | 485 | |
3648dc6d CR |
486 | /* |
487 | * According to upper layer, se_idx == NFC_SE_UICC when | |
488 | * info->se_info.se_status->is_uicc_enable is true should never happen | |
489 | * Same for eSE. | |
490 | */ | |
491 | r = st_nci_control_se(ndev, se_idx, ST_NCI_SE_MODE_OFF); | |
492 | if (r < 0) { | |
493 | /* Do best effort to release SWP */ | |
494 | if (se_idx == NFC_SE_EMBEDDED) { | |
495 | r = nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, | |
496 | ST_NCI_EVT_SE_END_OF_APDU_TRANSFER, | |
497 | NULL, 0); | |
498 | } | |
499 | return r; | |
8ae01f79 CR |
500 | } |
501 | ||
502 | return 0; | |
503 | } | |
ed06aeef | 504 | EXPORT_SYMBOL_GPL(st_nci_disable_se); |
8ae01f79 | 505 | |
ed06aeef | 506 | int st_nci_enable_se(struct nci_dev *ndev, u32 se_idx) |
8ae01f79 CR |
507 | { |
508 | int r; | |
509 | ||
ed06aeef | 510 | pr_debug("st_nci_enable_se\n"); |
8ae01f79 | 511 | |
3648dc6d CR |
512 | /* |
513 | * According to upper layer, se_idx == NFC_SE_UICC when | |
514 | * info->se_info.se_status->is_uicc_enable is true should never happen. | |
515 | * Same for eSE. | |
516 | */ | |
517 | r = st_nci_control_se(ndev, se_idx, ST_NCI_SE_MODE_ON); | |
c50e8fef | 518 | if (r == ST_NCI_ESE_HOST_ID) { |
3648dc6d | 519 | st_nci_se_get_atr(ndev); |
ed06aeef CR |
520 | r = nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, |
521 | ST_NCI_EVT_SE_SOFT_RESET, NULL, 0); | |
3648dc6d CR |
522 | } |
523 | ||
524 | if (r < 0) { | |
525 | /* | |
526 | * The activation procedure failed, the secure element | |
527 | * is not connected. Remove from the list. | |
528 | */ | |
529 | nfc_remove_se(ndev->nfc_dev, se_idx); | |
530 | return r; | |
8ae01f79 CR |
531 | } |
532 | ||
533 | return 0; | |
534 | } | |
ed06aeef | 535 | EXPORT_SYMBOL_GPL(st_nci_enable_se); |
8ae01f79 | 536 | |
ed06aeef | 537 | static int st_nci_hci_network_init(struct nci_dev *ndev) |
8ae01f79 | 538 | { |
b1fa4dc4 | 539 | struct st_nci_info *info = nci_get_drvdata(ndev); |
b16ae716 CR |
540 | struct core_conn_create_dest_spec_params *dest_params; |
541 | struct dest_spec_params spec_params; | |
8ae01f79 CR |
542 | struct nci_conn_info *conn_info; |
543 | int r, dev_num; | |
544 | ||
b16ae716 CR |
545 | dest_params = |
546 | kzalloc(sizeof(struct core_conn_create_dest_spec_params) + | |
547 | sizeof(struct dest_spec_params), GFP_KERNEL); | |
548 | if (dest_params == NULL) { | |
549 | r = -ENOMEM; | |
8ae01f79 | 550 | goto exit; |
b16ae716 CR |
551 | } |
552 | ||
553 | dest_params->type = NCI_DESTINATION_SPECIFIC_PARAM_NFCEE_TYPE; | |
554 | dest_params->length = sizeof(struct dest_spec_params); | |
15d4a8da | 555 | spec_params.id = ndev->hci_dev->nfcee_id; |
b16ae716 | 556 | spec_params.protocol = NCI_NFCEE_INTERFACE_HCI_ACCESS; |
ed06aeef CR |
557 | memcpy(dest_params->value, &spec_params, |
558 | sizeof(struct dest_spec_params)); | |
b16ae716 CR |
559 | r = nci_core_conn_create(ndev, NCI_DESTINATION_NFCEE, 1, |
560 | sizeof(struct core_conn_create_dest_spec_params) + | |
561 | sizeof(struct dest_spec_params), | |
562 | dest_params); | |
563 | if (r != NCI_STATUS_OK) | |
564 | goto free_dest_params; | |
8ae01f79 CR |
565 | |
566 | conn_info = ndev->hci_dev->conn_info; | |
567 | if (!conn_info) | |
b16ae716 | 568 | goto free_dest_params; |
8ae01f79 | 569 | |
404b3e58 | 570 | ndev->hci_dev->init_data.gate_count = ARRAY_SIZE(st_nci_gates); |
ed06aeef CR |
571 | memcpy(ndev->hci_dev->init_data.gates, st_nci_gates, |
572 | sizeof(st_nci_gates)); | |
8ae01f79 CR |
573 | |
574 | /* | |
575 | * Session id must include the driver name + i2c bus addr | |
576 | * persistent info to discriminate 2 identical chips | |
577 | */ | |
ed06aeef CR |
578 | dev_num = find_first_zero_bit(dev_mask, ST_NCI_NUM_DEVICES); |
579 | if (dev_num >= ST_NCI_NUM_DEVICES) { | |
b16ae716 CR |
580 | r = -ENODEV; |
581 | goto free_dest_params; | |
582 | } | |
8ae01f79 CR |
583 | |
584 | scnprintf(ndev->hci_dev->init_data.session_id, | |
585 | sizeof(ndev->hci_dev->init_data.session_id), | |
586 | "%s%2x", "ST21BH", dev_num); | |
587 | ||
588 | r = nci_hci_dev_session_init(ndev); | |
589 | if (r != NCI_HCI_ANY_OK) | |
2ca21002 | 590 | goto free_dest_params; |
8ae01f79 | 591 | |
b1fa4dc4 CR |
592 | /* |
593 | * In factory mode, we prevent secure elements activation | |
594 | * by disabling nfcee on the current HCI connection id. | |
595 | * HCI will be used here only for proprietary commands. | |
596 | */ | |
597 | if (test_bit(ST_NCI_FACTORY_MODE, &info->flags)) | |
9b8d1a4c CR |
598 | r = nci_nfcee_mode_set(ndev, |
599 | ndev->hci_dev->conn_info->dest_params->id, | |
b1fa4dc4 CR |
600 | NCI_NFCEE_DISABLE); |
601 | else | |
9b8d1a4c CR |
602 | r = nci_nfcee_mode_set(ndev, |
603 | ndev->hci_dev->conn_info->dest_params->id, | |
b1fa4dc4 | 604 | NCI_NFCEE_ENABLE); |
8ae01f79 | 605 | |
b16ae716 CR |
606 | free_dest_params: |
607 | kfree(dest_params); | |
608 | ||
8ae01f79 CR |
609 | exit: |
610 | return r; | |
611 | } | |
612 | ||
ed06aeef | 613 | int st_nci_discover_se(struct nci_dev *ndev) |
8ae01f79 | 614 | { |
3648dc6d CR |
615 | u8 white_list[2]; |
616 | int r, wl_size = 0; | |
8ae01f79 | 617 | int se_count = 0; |
b1fa4dc4 | 618 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 | 619 | |
ed06aeef | 620 | pr_debug("st_nci_discover_se\n"); |
8ae01f79 | 621 | |
ed06aeef | 622 | r = st_nci_hci_network_init(ndev); |
8ae01f79 CR |
623 | if (r != 0) |
624 | return r; | |
625 | ||
b1fa4dc4 CR |
626 | if (test_bit(ST_NCI_FACTORY_MODE, &info->flags)) |
627 | return 0; | |
628 | ||
cde4856e | 629 | if (info->se_info.se_status->is_uicc_present) |
3648dc6d | 630 | white_list[wl_size++] = ST_NCI_UICC_HOST_ID; |
cde4856e | 631 | if (info->se_info.se_status->is_ese_present) |
3648dc6d | 632 | white_list[wl_size++] = ST_NCI_ESE_HOST_ID; |
3648dc6d CR |
633 | |
634 | if (wl_size) { | |
635 | r = nci_hci_set_param(ndev, NCI_HCI_ADMIN_GATE, | |
636 | NCI_HCI_ADMIN_PARAM_WHITELIST, | |
637 | white_list, wl_size); | |
638 | if (r != NCI_HCI_ANY_OK) | |
639 | return r; | |
640 | } | |
8ae01f79 | 641 | |
3648dc6d | 642 | if (info->se_info.se_status->is_uicc_present) { |
ed06aeef | 643 | nfc_add_se(ndev->nfc_dev, ST_NCI_UICC_HOST_ID, NFC_SE_UICC); |
8ae01f79 CR |
644 | se_count++; |
645 | } | |
646 | ||
3648dc6d CR |
647 | if (info->se_info.se_status->is_ese_present) { |
648 | nfc_add_se(ndev->nfc_dev, ST_NCI_ESE_HOST_ID, NFC_SE_EMBEDDED); | |
8ae01f79 | 649 | se_count++; |
8ae01f79 CR |
650 | } |
651 | ||
652 | return !se_count; | |
653 | } | |
ed06aeef | 654 | EXPORT_SYMBOL_GPL(st_nci_discover_se); |
8ae01f79 | 655 | |
ed06aeef | 656 | int st_nci_se_io(struct nci_dev *ndev, u32 se_idx, |
8ae01f79 CR |
657 | u8 *apdu, size_t apdu_length, |
658 | se_io_cb_t cb, void *cb_context) | |
659 | { | |
ed06aeef | 660 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
661 | |
662 | pr_debug("\n"); | |
663 | ||
664 | switch (se_idx) { | |
c50e8fef | 665 | case ST_NCI_ESE_HOST_ID: |
8ae01f79 CR |
666 | info->se_info.cb = cb; |
667 | info->se_info.cb_context = cb_context; | |
668 | mod_timer(&info->se_info.bwi_timer, jiffies + | |
669 | msecs_to_jiffies(info->se_info.wt_timeout)); | |
670 | info->se_info.bwi_active = true; | |
ed06aeef CR |
671 | return nci_hci_send_event(ndev, ST_NCI_APDU_READER_GATE, |
672 | ST_NCI_EVT_TRANSMIT_DATA, apdu, | |
8ae01f79 CR |
673 | apdu_length); |
674 | default: | |
675 | return -ENODEV; | |
676 | } | |
677 | } | |
ed06aeef | 678 | EXPORT_SYMBOL(st_nci_se_io); |
8ae01f79 | 679 | |
ed06aeef | 680 | static void st_nci_se_wt_timeout(unsigned long data) |
8ae01f79 CR |
681 | { |
682 | /* | |
683 | * No answer from the secure element | |
684 | * within the defined timeout. | |
685 | * Let's send a reset request as recovery procedure. | |
686 | * According to the situation, we first try to send a software reset | |
687 | * to the secure element. If the next command is still not | |
688 | * answering in time, we send to the CLF a secure element hardware | |
689 | * reset request. | |
690 | */ | |
691 | /* hardware reset managed through VCC_UICC_OUT power supply */ | |
692 | u8 param = 0x01; | |
ed06aeef | 693 | struct st_nci_info *info = (struct st_nci_info *) data; |
8ae01f79 CR |
694 | |
695 | pr_debug("\n"); | |
696 | ||
697 | info->se_info.bwi_active = false; | |
698 | ||
699 | if (!info->se_info.xch_error) { | |
700 | info->se_info.xch_error = true; | |
ed06aeef CR |
701 | nci_hci_send_event(info->ndlc->ndev, ST_NCI_APDU_READER_GATE, |
702 | ST_NCI_EVT_SE_SOFT_RESET, NULL, 0); | |
8ae01f79 CR |
703 | } else { |
704 | info->se_info.xch_error = false; | |
ed06aeef CR |
705 | nci_hci_send_event(info->ndlc->ndev, ST_NCI_DEVICE_MGNT_GATE, |
706 | ST_NCI_EVT_SE_HARD_RESET, ¶m, 1); | |
8ae01f79 CR |
707 | } |
708 | info->se_info.cb(info->se_info.cb_context, NULL, 0, -ETIME); | |
709 | } | |
710 | ||
ed06aeef | 711 | static void st_nci_se_activation_timeout(unsigned long data) |
8ae01f79 | 712 | { |
ed06aeef | 713 | struct st_nci_info *info = (struct st_nci_info *) data; |
8ae01f79 CR |
714 | |
715 | pr_debug("\n"); | |
716 | ||
717 | info->se_info.se_active = false; | |
718 | ||
719 | complete(&info->se_info.req_completion); | |
720 | } | |
721 | ||
3648dc6d | 722 | int st_nci_se_init(struct nci_dev *ndev, struct st_nci_se_status *se_status) |
8ae01f79 | 723 | { |
ed06aeef | 724 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
725 | |
726 | init_completion(&info->se_info.req_completion); | |
727 | /* initialize timers */ | |
728 | init_timer(&info->se_info.bwi_timer); | |
729 | info->se_info.bwi_timer.data = (unsigned long)info; | |
ed06aeef | 730 | info->se_info.bwi_timer.function = st_nci_se_wt_timeout; |
8ae01f79 CR |
731 | info->se_info.bwi_active = false; |
732 | ||
733 | init_timer(&info->se_info.se_active_timer); | |
734 | info->se_info.se_active_timer.data = (unsigned long)info; | |
735 | info->se_info.se_active_timer.function = | |
ed06aeef | 736 | st_nci_se_activation_timeout; |
8ae01f79 CR |
737 | info->se_info.se_active = false; |
738 | ||
739 | info->se_info.xch_error = false; | |
740 | ||
741 | info->se_info.wt_timeout = | |
ed06aeef | 742 | ST_NCI_BWI_TO_TIMEOUT(ST_NCI_ATR_DEFAULT_BWI); |
8ae01f79 | 743 | |
3648dc6d CR |
744 | info->se_info.se_status = se_status; |
745 | ||
8ae01f79 CR |
746 | return 0; |
747 | } | |
ed06aeef | 748 | EXPORT_SYMBOL(st_nci_se_init); |
8ae01f79 | 749 | |
ed06aeef | 750 | void st_nci_se_deinit(struct nci_dev *ndev) |
8ae01f79 | 751 | { |
ed06aeef | 752 | struct st_nci_info *info = nci_get_drvdata(ndev); |
8ae01f79 CR |
753 | |
754 | if (info->se_info.bwi_active) | |
755 | del_timer_sync(&info->se_info.bwi_timer); | |
756 | if (info->se_info.se_active) | |
757 | del_timer_sync(&info->se_info.se_active_timer); | |
758 | ||
759 | info->se_info.se_active = false; | |
760 | info->se_info.bwi_active = false; | |
761 | } | |
ed06aeef | 762 | EXPORT_SYMBOL(st_nci_se_deinit); |
8ae01f79 | 763 |