From 07887e92205c5808820de0be53bf326b4019d060 Mon Sep 17 00:00:00 2001 From: Eric Lapuyade Date: Wed, 17 Oct 2012 16:47:13 +0200 Subject: [PATCH 01/11] NFC: Fix hci_connect_gate() when a pre-opened pipe is passed In some cases, pre-opened pipes don't stay open when a clear all pipes command is sent. They stay created however. Therefore, one can never assume that such a pipe is already open. As re-opening a pipe seems not to be a problem, we do that now. Signed-off-by: Eric Lapuyade Signed-off-by: Samuel Ortiz --- net/nfc/hci/command.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/nfc/hci/command.c b/net/nfc/hci/command.c index 07659cfd6d7b..7d99410e6c1a 100644 --- a/net/nfc/hci/command.c +++ b/net/nfc/hci/command.c @@ -344,7 +344,7 @@ int nfc_hci_connect_gate(struct nfc_hci_dev *hdev, u8 dest_host, u8 dest_gate, return -EADDRINUSE; if (pipe != NFC_HCI_INVALID_PIPE) - goto pipe_is_open; + goto open_pipe; switch (dest_gate) { case NFC_HCI_LINK_MGMT_GATE: @@ -361,6 +361,7 @@ int nfc_hci_connect_gate(struct nfc_hci_dev *hdev, u8 dest_host, u8 dest_gate, break; } +open_pipe: r = nfc_hci_open_pipe(hdev, pipe); if (r < 0) { if (pipe_created) @@ -371,7 +372,6 @@ int nfc_hci_connect_gate(struct nfc_hci_dev *hdev, u8 dest_host, u8 dest_gate, return r; } -pipe_is_open: hdev->gate2pipe[dest_gate] = pipe; return 0; From 23f7e6d0d060e2eb0be1daef818d030025453b44 Mon Sep 17 00:00:00 2001 From: Eric Lapuyade Date: Wed, 17 Oct 2012 16:48:21 +0200 Subject: [PATCH 02/11] NFC: Ignore err when chip doesn't implement HW/SW info registers NFC_HCI_ID_MGMT_VERSION_SW and NFC_HCI_ID_MGMT_VERSION_HW are optional registers for gate NFC_HCI_ID_MGMT_GATE in standard HCI. When chip doesn't implement, just leave all the information as zeros. Signed-off-by: Eric Lapuyade Signed-off-by: Samuel Ortiz --- net/nfc/hci/core.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c index bc571b0efb92..a58db89b4555 100644 --- a/net/nfc/hci/core.c +++ b/net/nfc/hci/core.c @@ -38,6 +38,8 @@ static int nfc_hci_result_to_errno(u8 result) switch (result) { case NFC_HCI_ANY_OK: return 0; + case NFC_HCI_ANY_E_REG_PAR_UNKNOWN: + return -EOPNOTSUPP; case NFC_HCI_ANY_E_TIMEOUT: return -ETIME; default: @@ -419,6 +421,10 @@ static int hci_dev_version(struct nfc_hci_dev *hdev) r = nfc_hci_get_param(hdev, NFC_HCI_ID_MGMT_GATE, NFC_HCI_ID_MGMT_VERSION_SW, &skb); + if (r == -EOPNOTSUPP) { + pr_info("Software/Hardware info not available\n"); + return 0; + } if (r < 0) return r; From 74a5b96621a50a6c41377bad65149930b050df98 Mon Sep 17 00:00:00 2001 From: Eric Lapuyade Date: Wed, 17 Oct 2012 16:49:12 +0200 Subject: [PATCH 03/11] NFC: Dot not dispatch HCI event received on unopened pipe A chip with pre-opened gates may send events on a gate that nobody has opened in the handset host. Discard those events. Signed-off-by: Eric Lapuyade Signed-off-by: Samuel Ortiz --- net/nfc/hci/core.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c index a58db89b4555..38d5f96dfd10 100644 --- a/net/nfc/hci/core.c +++ b/net/nfc/hci/core.c @@ -286,6 +286,12 @@ void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, struct sk_buff *skb) { int r = 0; + u8 gate = nfc_hci_pipe2gate(hdev, pipe); + + if (gate == 0xff) { + pr_err("Discarded event %x to unopened pipe %x\n", event, pipe); + goto exit; + } switch (event) { case NFC_HCI_EVT_TARGET_DISCOVERED: @@ -309,14 +315,11 @@ void nfc_hci_event_received(struct nfc_hci_dev *hdev, u8 pipe, u8 event, goto exit; } - r = nfc_hci_target_discovered(hdev, - nfc_hci_pipe2gate(hdev, pipe)); + r = nfc_hci_target_discovered(hdev, gate); break; default: if (hdev->ops->event_received) { - hdev->ops->event_received(hdev, - nfc_hci_pipe2gate(hdev, pipe), - event, skb); + hdev->ops->event_received(hdev, gate, event, skb); return; } From 84d4819033972f6bae2b34a8ba07c5c2e836e989 Mon Sep 17 00:00:00 2001 From: Eric Lapuyade Date: Wed, 17 Oct 2012 16:50:10 +0200 Subject: [PATCH 04/11] NFC: Export nfc_hci_result_to_errno as it can be needed by HCI drivers Signed-off-by: Eric Lapuyade Signed-off-by: Samuel Ortiz --- include/net/nfc/hci.h | 2 ++ net/nfc/hci/core.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/include/net/nfc/hci.h b/include/net/nfc/hci.h index 639f50af42df..150e3caddbcf 100644 --- a/include/net/nfc/hci.h +++ b/include/net/nfc/hci.h @@ -149,6 +149,8 @@ void *nfc_hci_get_clientdata(struct nfc_hci_dev *hdev); void nfc_hci_driver_failure(struct nfc_hci_dev *hdev, int err); +int nfc_hci_result_to_errno(u8 result); + /* Host IDs */ #define NFC_HCI_HOST_CONTROLLER_ID 0x00 #define NFC_HCI_TERMINAL_HOST_ID 0x01 diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c index 38d5f96dfd10..6825a200c4bb 100644 --- a/net/nfc/hci/core.c +++ b/net/nfc/hci/core.c @@ -33,7 +33,7 @@ /* Largest headroom needed for outgoing HCI commands */ #define HCI_CMDS_HEADROOM 1 -static int nfc_hci_result_to_errno(u8 result) +int nfc_hci_result_to_errno(u8 result) { switch (result) { case NFC_HCI_ANY_OK: @@ -46,6 +46,7 @@ static int nfc_hci_result_to_errno(u8 result) return -1; } } +EXPORT_SYMBOL(nfc_hci_result_to_errno); static void nfc_hci_msg_tx_work(struct work_struct *work) { From 9c5121a034b1414d83c553e9961bda823e2e65b4 Mon Sep 17 00:00:00 2001 From: Eric Lapuyade Date: Tue, 23 Oct 2012 11:37:43 +0200 Subject: [PATCH 05/11] NFC: Export nfc_hci_sak_to_protocol() Some HCI drivers will need it. Signed-off-by: Eric Lapuyade Signed-off-by: Samuel Ortiz --- include/net/nfc/hci.h | 1 + net/nfc/hci/core.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/net/nfc/hci.h b/include/net/nfc/hci.h index 150e3caddbcf..671953e11575 100644 --- a/include/net/nfc/hci.h +++ b/include/net/nfc/hci.h @@ -237,5 +237,6 @@ int nfc_hci_send_response(struct nfc_hci_dev *hdev, u8 gate, u8 response, int nfc_hci_send_event(struct nfc_hci_dev *hdev, u8 gate, u8 event, const u8 *param, size_t param_len); int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate); +u32 nfc_hci_sak_to_protocol(u8 sak); #endif /* __NET_HCI_H */ diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c index 6825a200c4bb..7bea574d5934 100644 --- a/net/nfc/hci/core.c +++ b/net/nfc/hci/core.c @@ -170,7 +170,7 @@ void nfc_hci_cmd_received(struct nfc_hci_dev *hdev, u8 pipe, u8 cmd, kfree_skb(skb); } -static u32 nfc_hci_sak_to_protocol(u8 sak) +u32 nfc_hci_sak_to_protocol(u8 sak) { switch (NFC_HCI_TYPE_A_SEL_PROT(sak)) { case NFC_HCI_TYPE_A_SEL_PROT_MIFARE: @@ -185,6 +185,7 @@ static u32 nfc_hci_sak_to_protocol(u8 sak) return 0xffffffff; } } +EXPORT_SYMBOL(nfc_hci_sak_to_protocol); int nfc_hci_target_discovered(struct nfc_hci_dev *hdev, u8 gate) { From d962ec4922493da48bb0fd33b26200de039b0d75 Mon Sep 17 00:00:00 2001 From: Marcel Holtmann Date: Wed, 24 Oct 2012 11:45:12 -0700 Subject: [PATCH 06/11] NFC: Remove unused details from pn544.h header file The majority of the defines and structures from pn544.h are no longer in use. So just remove them. Signed-off-by: Marcel Holtmann Signed-off-by: Samuel Ortiz --- include/linux/nfc/pn544.h | 60 --------------------------------------- 1 file changed, 60 deletions(-) diff --git a/include/linux/nfc/pn544.h b/include/linux/nfc/pn544.h index 9890bbaf4328..713bfd703342 100644 --- a/include/linux/nfc/pn544.h +++ b/include/linux/nfc/pn544.h @@ -25,65 +25,6 @@ #include -#define PN544_DRIVER_NAME "pn544" -#define PN544_MAXWINDOW_SIZE 7 -#define PN544_WINDOW_SIZE 4 -#define PN544_RETRIES 10 -#define PN544_MAX_I2C_TRANSFER 0x0400 -#define PN544_MSG_MAX_SIZE 0x21 /* at normal HCI mode */ - -/* ioctl */ -#define PN544_CHAR_BASE 'P' -#define PN544_IOR(num, dtype) _IOR(PN544_CHAR_BASE, num, dtype) -#define PN544_IOW(num, dtype) _IOW(PN544_CHAR_BASE, num, dtype) -#define PN544_GET_FW_MODE PN544_IOW(1, unsigned int) -#define PN544_SET_FW_MODE PN544_IOW(2, unsigned int) -#define PN544_GET_DEBUG PN544_IOW(3, unsigned int) -#define PN544_SET_DEBUG PN544_IOW(4, unsigned int) - -/* Timing restrictions (ms) */ -#define PN544_RESETVEN_TIME 30 /* 7 */ -#define PN544_PVDDVEN_TIME 0 -#define PN544_VBATVEN_TIME 0 -#define PN544_GPIO4VEN_TIME 0 -#define PN544_WAKEUP_ACK 5 -#define PN544_WAKEUP_GUARD (PN544_WAKEUP_ACK + 1) -#define PN544_INACTIVITY_TIME 1000 -#define PN544_INTERFRAME_DELAY 200 /* us */ -#define PN544_BAUDRATE_CHANGE 150 /* us */ - -/* Debug bits */ -#define PN544_DEBUG_BUF 0x01 -#define PN544_DEBUG_READ 0x02 -#define PN544_DEBUG_WRITE 0x04 -#define PN544_DEBUG_IRQ 0x08 -#define PN544_DEBUG_CALLS 0x10 -#define PN544_DEBUG_MODE 0x20 - -/* Normal (HCI) mode */ -#define PN544_LLC_HCI_OVERHEAD 3 /* header + crc (to length) */ -#define PN544_LLC_MIN_SIZE (1 + PN544_LLC_HCI_OVERHEAD) /* length + */ -#define PN544_LLC_MAX_DATA (PN544_MSG_MAX_SIZE - 2) -#define PN544_LLC_MAX_HCI_SIZE (PN544_LLC_MAX_DATA - 2) - -struct pn544_llc_packet { - unsigned char length; /* of rest of packet */ - unsigned char header; - unsigned char data[PN544_LLC_MAX_DATA]; /* includes crc-ccitt */ -}; - -/* Firmware upgrade mode */ -#define PN544_FW_HEADER_SIZE 3 -/* max fw transfer is 1024bytes, but I2C limits it to 0xC0 */ -#define PN544_MAX_FW_DATA (PN544_MAX_I2C_TRANSFER - PN544_FW_HEADER_SIZE) - -struct pn544_fw_packet { - unsigned char command; /* status in answer */ - unsigned char length[2]; /* big-endian order (msf) */ - unsigned char data[PN544_MAX_FW_DATA]; -}; - -#ifdef __KERNEL__ enum { NFC_GPIO_ENABLE, NFC_GPIO_FW_RESET, @@ -99,6 +40,5 @@ struct pn544_nfc_platform_data { void (*disable) (void); int (*get_gpio)(int type); }; -#endif /* __KERNEL__ */ #endif /* _PN544_H_ */ From 61cdb01853c99e78d8b54db1b77e524c0dce585d Mon Sep 17 00:00:00 2001 From: Marcel Holtmann Date: Wed, 24 Oct 2012 11:45:26 -0700 Subject: [PATCH 07/11] NFC: Move pn544.h to linux/platform_data/ The pn544.h just provides the platform data struct and defines and nothing else. So move it to to linux/platform_data/ now. Signed-off-by: Marcel Holtmann Signed-off-by: Samuel Ortiz --- drivers/nfc/pn544/i2c.c | 2 +- include/linux/{nfc => platform_data}/pn544.h | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename include/linux/{nfc => platform_data}/pn544.h (100%) diff --git a/drivers/nfc/pn544/i2c.c b/drivers/nfc/pn544/i2c.c index fb430d882352..7da9071b68b6 100644 --- a/drivers/nfc/pn544/i2c.c +++ b/drivers/nfc/pn544/i2c.c @@ -26,7 +26,7 @@ #include #include -#include +#include #include #include diff --git a/include/linux/nfc/pn544.h b/include/linux/platform_data/pn544.h similarity index 100% rename from include/linux/nfc/pn544.h rename to include/linux/platform_data/pn544.h From 08eaa1e0ce5bad11bedd311a9ddc3baf778ee1df Mon Sep 17 00:00:00 2001 From: Marcel Holtmann Date: Wed, 24 Oct 2012 11:45:38 -0700 Subject: [PATCH 08/11] MAINTAINERS: Add reference to pn544.h platform data header The platform data header for PN544 based NFC devices should also be mentioned here. Signed-off-by: Marcel Holtmann Signed-off-by: Samuel Ortiz --- MAINTAINERS | 1 + 1 file changed, 1 insertion(+) diff --git a/MAINTAINERS b/MAINTAINERS index 568ea9373091..ed5b5f5ac175 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -5067,6 +5067,7 @@ F: net/nfc/ F: include/linux/nfc.h F: include/net/nfc/ F: drivers/nfc/ +F: include/linux/platform_data/pn544.h NFS, SUNRPC, AND LOCKD CLIENTS M: Trond Myklebust From 6e950fd214645e71e94bce2429bea58b88e1b5d0 Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Mon, 29 Oct 2012 14:02:17 +0100 Subject: [PATCH 09/11] NFC: Copy user space buffer when sending UI frames Using the userspace IO vector directly is wrong, we should copy it from user space first. Signed-off-by: Samuel Ortiz --- net/nfc/llcp/commands.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c index ed2d17312d61..f0a39456f26b 100644 --- a/net/nfc/llcp/commands.c +++ b/net/nfc/llcp/commands.c @@ -579,7 +579,7 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap, struct sk_buff *pdu; struct nfc_llcp_local *local; size_t frag_len = 0, remaining_len; - u8 *msg_ptr; + u8 *msg_ptr, *msg_data; int err; pr_debug("Send UI frame len %zd\n", len); @@ -588,8 +588,17 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap, if (local == NULL) return -ENODEV; + msg_data = kzalloc(len, GFP_KERNEL); + if (msg_data == NULL) + return -ENOMEM; + + if (memcpy_fromiovec(msg_data, msg->msg_iov, len)) { + kfree(msg_data); + return -EFAULT; + } + remaining_len = len; - msg_ptr = (u8 *) msg->msg_iov; + msg_ptr = msg_data; while (remaining_len > 0) { @@ -616,6 +625,8 @@ int nfc_llcp_send_ui_frame(struct nfc_llcp_sock *sock, u8 ssap, u8 dsap, msg_ptr += frag_len; } + kfree(msg_data); + return len; } From dd2bf43ffcf0d1bba94d20abc6cc44ed294db66b Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Thu, 1 Nov 2012 23:33:00 +0100 Subject: [PATCH 10/11] NFC: Stop sending LLCP frames when tx queues are getting too deep When the tx pending queues and/or the socket tx queue is getting too deep, we have to let userspace know. We won't be queueing any more frames until the congestion is fixed. Signed-off-by: Samuel Ortiz --- net/nfc/llcp/commands.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/net/nfc/llcp/commands.c b/net/nfc/llcp/commands.c index f0a39456f26b..df24be48d4da 100644 --- a/net/nfc/llcp/commands.c +++ b/net/nfc/llcp/commands.c @@ -528,6 +528,23 @@ int nfc_llcp_send_i_frame(struct nfc_llcp_sock *sock, if (local == NULL) return -ENODEV; + /* Remote is ready but has not acknowledged our frames */ + if((sock->remote_ready && + skb_queue_len(&sock->tx_pending_queue) >= sock->rw && + skb_queue_len(&sock->tx_queue) >= 2 * sock->rw)) { + pr_err("Pending queue is full %d frames\n", + skb_queue_len(&sock->tx_pending_queue)); + return -ENOBUFS; + } + + /* Remote is not ready and we've been queueing enough frames */ + if ((!sock->remote_ready && + skb_queue_len(&sock->tx_queue) >= 2 * sock->rw)) { + pr_err("Tx queue is full %d frames\n", + skb_queue_len(&sock->tx_queue)); + return -ENOBUFS; + } + msg_data = kzalloc(len, GFP_KERNEL); if (msg_data == NULL) return -ENOMEM; From be02b6b624005d47c388f799ce23714136430217 Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Thu, 1 Nov 2012 23:36:07 +0100 Subject: [PATCH 11/11] NFC: Queue a copy of the transmitted LLCP skb Drivers are allowed to modify the sent skb and thus we need to make a copy of it before passing it to the driver. Without this fix, LLCP Tx skbs were not queued properly as the ptype check was failing due to e.g. the pn533 driver skb_pushing the Tx skb. Reported-by: Thierry Escande Signed-off-by: Samuel Ortiz --- net/nfc/llcp/llcp.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/net/nfc/llcp/llcp.c b/net/nfc/llcp/llcp.c index f6804532047a..66733335345f 100644 --- a/net/nfc/llcp/llcp.c +++ b/net/nfc/llcp/llcp.c @@ -656,6 +656,8 @@ static void nfc_llcp_tx_work(struct work_struct *work) if (llcp_sock == NULL && nfc_llcp_ptype(skb) == LLCP_PDU_I) { nfc_llcp_send_symm(local->dev); } else { + struct sk_buff *copy_skb = NULL; + u8 ptype = nfc_llcp_ptype(skb); int ret; pr_debug("Sending pending skb\n"); @@ -663,22 +665,29 @@ static void nfc_llcp_tx_work(struct work_struct *work) DUMP_PREFIX_OFFSET, 16, 1, skb->data, skb->len, true); + if (ptype == LLCP_PDU_I) + copy_skb = skb_copy(skb, GFP_ATOMIC); + nfc_llcp_send_to_raw_sock(local, skb, NFC_LLCP_DIRECTION_TX); ret = nfc_data_exchange(local->dev, local->target_idx, skb, nfc_llcp_recv, local); - if (!ret && nfc_llcp_ptype(skb) == LLCP_PDU_I) { - skb = skb_get(skb); - skb_queue_tail(&llcp_sock->tx_pending_queue, - skb); + if (ret) { + kfree_skb(copy_skb); + goto out; } + + if (ptype == LLCP_PDU_I && copy_skb) + skb_queue_tail(&llcp_sock->tx_pending_queue, + copy_skb); } } else { nfc_llcp_send_symm(local->dev); } +out: mod_timer(&local->link_timer, jiffies + msecs_to_jiffies(2 * local->remote_lto)); }