Commit Graph

595 Commits

Author SHA1 Message Date
Mark A. Greer
4b8b6267be NFC: digital: Handle multiple SENSF_REQ frames
According to section 5.15.1.3 of the NFC Activity
Specification, multiple SENSF_REQ commands can be
received by a target before it receives an ATR_REQ
command.  To handle this, add a routine that checks
whether a SENSF_REQ or ATR_REQ has been recieved.
If its a SENSF_REQ, respond appropriately and
continue waiting for a ATR_REQ.  If its an ATR_REQ,
handle it as before.

CC: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-05-19 23:52:40 +02:00
Mark A. Greer
96e829b433 NFC: digital: SENSF_RES excludes RD when SENSF_REQ RC is zero
The check in digital_tg_send_sensf_res() that excludes
the 'RD' field from the SENSF_RES is inverted.  The 'RD'
field should be excluded when the SENSF_REQ 'RC' field
is equal to DIGITAL_SENSF_REQ_RC_NONE instead of when
its not equal.  This is described in section 6.6.2.11
of the NFC Digital Specification.

CC: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-05-19 23:52:37 +02:00
Christophe Ricard
74157ef54c NFC: hci: Fix sparse: cast to restricted __be16
Fixing "sparse: cast to restricted __be16" message when building with
make C=1 CF=-D__CHECK_ENDIAN__

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-04-22 00:37:29 +02:00
Mark A. Greer
2473460735 NFC: digital: Add support for ISO/IEC 14443-B Protocol
Add support for the ISO/IEC 14443-B protocol and Type 4B tags.
It is expected that there will be only one tag within range so the full
anticollision scheme is not implemented. Only the SENSB_REQ/SENSB_RES
and ATTRIB_REQ/ATTRIB_RES are implemented.

CC: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-04-22 00:37:28 +02:00
Christophe Ricard
e240bc3612 NFC: hci: Add load_session HCI operand
load_session allows a CLF to restore the gate <-> pipe table from some
proprietary location.
The main advantage to add this function is to reduce the memory wear by
running pipe creation (and storing) only once.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-04-22 00:37:26 +02:00
Christophe Ricard
d330905db6 NFC: hci: Extend command execution delay
Extend it up to the maximum FWI value 4949 ms defined by the
ISO14443-3 specification.

Signed-off-by: Christophe Ricard <christophe-h.ricard@st.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-04-22 00:37:26 +02:00
David S. Miller
676d23690f net: Fix use after free by removing length arg from sk_data_ready callbacks.
Several spots in the kernel perform a sequence like:

	skb_queue_tail(&sk->s_receive_queue, skb);
	sk->sk_data_ready(sk, skb->len);

But at the moment we place the SKB onto the socket receive queue it
can be consumed and freed up.  So this skb->len access is potentially
to freed up memory.

Furthermore, the skb->len can be modified by the consumer so it is
possible that the value isn't accurate.

And finally, no actual implementation of this callback actually uses
the length argument.  And since nobody actually cared about it's
value, lots of call sites pass arbitrary values in such as '0' and
even '1'.

So just remove the length argument from the callback, that way there
is no confusion whatsoever and all of these use-after-free cases get
fixed as a side effect.

Based upon a patch by Eric Dumazet and his suggestion to audit this
issue tree-wide.

Signed-off-by: David S. Miller <davem@davemloft.net>
2014-04-11 16:15:36 -04:00
John W. Linville
20d83f2464 NFC: 3.15: First pull request
This is the NFC pull request for 3.15. With this one we have:
 
 - Support for ISO 15693 a.k.a. NFC vicinity a.k.a. Type 5 tags. ISO
   15693 are long range (1 - 2 meters) vicinity tags/cards. The kernel
   now supports those through the NFC netlink and digital APIs.
 
 - Support for TI's trf7970a chipset. This chipset relies on the NFC
   digital layer and the driver currently supports type 2, 4A and 5 tags.
 
 - Support for NXP's pn544 secure firmare download. The pn544 C3 chipsets
   relies on a different firmware download protocal than the C2 one. We
   now support both and use the right one depending on the version we
   detect at runtime.
 
 - Support for 4A tags from the NFC digital layer.
 
 - A bunch of cleanups and minor fixes from Axel Lin and Thierry Escande.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTI1oQAAoJEIqAPN1PVmxKmxgP/iiwhQwsehiUZ6oXYjAc06WT
 e+vmJwHuDgbEnr5QDSIdpeaKuxYtCErbFcG4SD5+thTQNEeiRsmTLYdkwZ0FCDF+
 WKU3F59EdUZu4F0GyUXvt8lUC3D96bJSIHMCJdg1YDJtyaJcuITeK7lW325CK4hF
 4ik0+HXcv9mt/Dq4k6xgqdgCOSz7o9dJSbzw5NTCN1I+G6CNgYrvYqSmvsKut2C7
 DQvFu8KhbUkSlXgY61YIA2qpf1hfATkfgLdSsjGJfYdKvWLUAyKbEwoG8dkFA38Y
 yqc49SJ6DJ4FGmSt4Qm2VtRa8HLqwjA30jBEeb7Zog80j7zEBS+th0NJxqDWp/82
 eaeNdfrA5d17CHiR9ODuGOFt3VJZeN83u+JCli3FKGF727A/2Z0UI8UgnB5ZfcbZ
 +5IxV6mQp/h8H4AaQzGQ88x2xibhnrW/XYmTpoxj7CcT3AdbGw/IerZXf+afXBce
 iyJZ+Ktr6d5zFucCbm0QyZDSwAhfYDIYGiM6AIM3oum9n3K31dA0Qxy6saMiiK8c
 ArYY6raQbRCaOBVCI8JI6PoQFvw5MNug40v7Q/G88dElte9mSLsGslVVhCNBpAVB
 Atdwa+I3gwgsea1oqGJo0rSEaWv6PsOeQcFG8boDoQDUvgapzk17bTCz4k2DlXO5
 U0Q/GcJnFEdcDhqVKqP5
 =xikL
 -----END PGP SIGNATURE-----

Merge tag 'nfc-next-3.15-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-next

Samuel Ortiz <sameo@linux.intel.com> says:

"NFC: 3.15: First pull request

This is the NFC pull request for 3.15. With this one we have:

- Support for ISO 15693 a.k.a. NFC vicinity a.k.a. Type 5 tags. ISO
  15693 are long range (1 - 2 meters) vicinity tags/cards. The kernel
  now supports those through the NFC netlink and digital APIs.

- Support for TI's trf7970a chipset. This chipset relies on the NFC
  digital layer and the driver currently supports type 2, 4A and 5 tags.

- Support for NXP's pn544 secure firmare download. The pn544 C3 chipsets
  relies on a different firmware download protocal than the C2 one. We
  now support both and use the right one depending on the version we
  detect at runtime.

- Support for 4A tags from the NFC digital layer.

- A bunch of cleanups and minor fixes from Axel Lin and Thierry Escande."

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-03-17 13:16:50 -04:00
Axel Lin
29e27dd86b NFC: llcp: Use list_for_each_entry in nfc_llcp_find_local()
nfc_llcp_find_local() does not modify any list entry while iterating the list.
So use list_for_each_entry instead of list_for_each_entry_safe.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-03-14 20:19:08 +01:00
Axel Lin
3143a4ca61 NFC: Move checking valid gb_len value to nfc_llcp_set_remote_gb
This checking is common for all caller, so move the checking to one place.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-03-14 20:19:08 +01:00
Axel Lin
365a721adb NFC: Remove redundant test for dev->n_targets in nfc_find_target
Without this test, it returns NULL if dev->n_targets is 0 anyway.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-03-14 20:19:08 +01:00
Mark A. Greer
ceeee42d85 NFC: digital: Rename Type V tags to Type 5 tags
According to the latest draft specification from
the NFC-V committee, ISO/IEC 15693 tags will be
referred to as "Type 5" tags and not "Type V"
tags anymore.  Make the code reflect the new
terminology.

Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-03-11 00:40:59 +01:00
Axel Lin
0b51fc5633 NFC: Use LIST_HEAD() at appropriate places
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-23 23:34:09 +01:00
Axel Lin
4f913d4631 NFC: digital: Use matching_[im|tm]_protocols to check with NFC protocols masks
This ensures we won't add polling function to the table of polling technologies
for non-supported protocols.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-23 23:34:09 +01:00
Axel Lin
156cef80f2 NFC: Use list_for_each_entry in nfc_find_se()
nfc_find_se() does not modify any list entry while iterating the list.
So use list_for_each_entry instead of list_for_each_entry_safe.

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-23 23:32:18 +01:00
Axel Lin
9bec44bf0b NFC: NCI: Use reinit_completion() at appropriate places
Calling init_completion() once is enough.
Then use reinit_completion() instead in __nci_request() and nci_spi_send().

Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-23 23:32:18 +01:00
Amitkumar Karwar
44a589ca2d NFC: NCI: Fix NULL pointer dereference
The check should be for setup function pointer.

This patch fixes NULL pointer dereference issue for NCI
based NFC driver which doesn't define setup handler.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-23 23:14:45 +01:00
Thierry Escande
6ea7398d00 NFC: digital: Fix a possible memory leak
This fixes a memory leak issue that may occur if data sending fails in
initiator mode. The data_exch structure was not released in case of
error.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:55 +01:00
Thierry Escande
564af14e36 NFC: digital: Add missing break in switch statement
There was a missing break making the digital stack configured for
ISO1443 target instead of ISO15693.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:55 +01:00
Thierry Escande
c813007f9f NFC: digital: Add ISO-DEP support for data exchange
When a type 4A target is activated, this change adds the ISO-DEP SoD
when sending frames and removes it when receiving responses. Chaining
is not supported so sent frames are rejected if they exceed remote FSC
bytes.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:54 +01:00
Thierry Escande
12e3d241e4 NFC: digital: Add poll support for type 4A tag platform
This adds support for ATS request and response handling for type 4A tag
activation.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:54 +01:00
Mark A. Greer
f5f6872ed2 NFC: Add netlink support for ISO/IEC 15693
Add ISO/IEC 15693 support by having netlink push the
1-byte DSFID and 8-byte UID tag information upstream.

Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:53 +01:00
Mark A. Greer
a381d48286 NFC: digital: Add Digital Layer support for ISO/IEC 15693
Add support for ISO/IEC 15693 to the digital layer.  The code
currently uses single-slot anticollision only since the digital
layer infrastructure only supports one tag per adapter (making
it pointless to do 16-slot anticollision).

The code uses two new framing types:
'NFC_DIGITAL_FRAMING_ISO15693_INVENTORY' and
'NFC_DIGITAL_FRAMING_ISO15693_TVT'.  The former is used to
tell the driver to prepare for an Inventory command and the
ensuing anticollision sequence.  The latter is used to tell
the driver that the anticollision sequence is over and to
prepare for non-inventory commands.

Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-02-16 23:49:53 +01:00
Linus Torvalds
4ba9920e5e Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller:

 1) BPF debugger and asm tool by Daniel Borkmann.

 2) Speed up create/bind in AF_PACKET, also from Daniel Borkmann.

 3) Correct reciprocal_divide and update users, from Hannes Frederic
    Sowa and Daniel Borkmann.

 4) Currently we only have a "set" operation for the hw timestamp socket
    ioctl, add a "get" operation to match.  From Ben Hutchings.

 5) Add better trace events for debugging driver datapath problems, also
    from Ben Hutchings.

 6) Implement auto corking in TCP, from Eric Dumazet.  Basically, if we
    have a small send and a previous packet is already in the qdisc or
    device queue, defer until TX completion or we get more data.

 7) Allow userspace to manage ipv6 temporary addresses, from Jiri Pirko.

 8) Add a qdisc bypass option for AF_PACKET sockets, from Daniel
    Borkmann.

 9) Share IP header compression code between Bluetooth and IEEE802154
    layers, from Jukka Rissanen.

10) Fix ipv6 router reachability probing, from Jiri Benc.

11) Allow packets to be captured on macvtap devices, from Vlad Yasevich.

12) Support tunneling in GRO layer, from Jerry Chu.

13) Allow bonding to be configured fully using netlink, from Scott
    Feldman.

14) Allow AF_PACKET users to obtain the VLAN TPID, just like they can
    already get the TCI.  From Atzm Watanabe.

15) New "Heavy Hitter" qdisc, from Terry Lam.

16) Significantly improve the IPSEC support in pktgen, from Fan Du.

17) Allow ipv4 tunnels to cache routes, just like sockets.  From Tom
    Herbert.

18) Add Proportional Integral Enhanced packet scheduler, from Vijay
    Subramanian.

19) Allow openvswitch to mmap'd netlink, from Thomas Graf.

20) Key TCP metrics blobs also by source address, not just destination
    address.  From Christoph Paasch.

21) Support 10G in generic phylib.  From Andy Fleming.

22) Try to short-circuit GRO flow compares using device provided RX
    hash, if provided.  From Tom Herbert.

The wireless and netfilter folks have been busy little bees too.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (2064 commits)
  net/cxgb4: Fix referencing freed adapter
  ipv6: reallocate addrconf router for ipv6 address when lo device up
  fib_frontend: fix possible NULL pointer dereference
  rtnetlink: remove IFLA_BOND_SLAVE definition
  rtnetlink: remove check for fill_slave_info in rtnl_have_link_slave_info
  qlcnic: update version to 5.3.55
  qlcnic: Enhance logic to calculate msix vectors.
  qlcnic: Refactor interrupt coalescing code for all adapters.
  qlcnic: Update poll controller code path
  qlcnic: Interrupt code cleanup
  qlcnic: Enhance Tx timeout debugging.
  qlcnic: Use bool for rx_mac_learn.
  bonding: fix u64 division
  rtnetlink: add missing IFLA_BOND_AD_INFO_UNSPEC
  sfc: Use the correct maximum TX DMA ring size for SFC9100
  Add Shradha Shah as the sfc driver maintainer.
  net/vxlan: Share RX skb de-marking and checksum checks with ovs
  tulip: cleanup by using ARRAY_SIZE()
  ip_tunnel: clear IPCB in ip_tunnel_xmit() in case dst_link_failure() is called
  net/cxgb4: Don't retrieve stats during recovery
  ...
2014-01-25 11:17:34 -08:00
Linus Torvalds
bb1281f2aa Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
Pull trivial tree updates from Jiri Kosina:
 "Usual rocket science stuff from trivial.git"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)
  neighbour.h: fix comment
  sched: Fix warning on make htmldocs caused by wait.h
  slab: struct kmem_cache is protected by slab_mutex
  doc: Fix typo in USB Gadget Documentation
  of/Kconfig: Spelling s/one/once/
  mkregtable: Fix sscanf handling
  lp5523, lp8501: comment improvements
  thermal: rcar: comment spelling
  treewide: fix comments and printk msgs
  IXP4xx: remove '1 &&' from a condition check in ixp4xx_restart()
  Documentation: update /proc/uptime field description
  Documentation: Fix size parameter for snprintf
  arm: fix comment header and macro name
  asm-generic: uaccess: Spelling s/a ny/any/
  mtd: onenand: fix comment header
  doc: driver-model/platform.txt: fix a typo
  drivers: fix typo in DEVTMPFS_MOUNT Kconfig help text
  doc: Fix typo (acces_process_vm -> access_process_vm)
  treewide: Fix typos in printk
  drivers/gpu/drm/qxl/Kconfig: reformat the help text
  ...
2014-01-22 21:21:55 -08:00
Steffen Hurrle
342dfc306f net: add build-time checks for msg->msg_name size
This is a follow-up patch to f3d3342602 ("net: rework recvmsg
handler msg_name and msg_namelen logic").

DECLARE_SOCKADDR validates that the structure we use for writing the
name information to is not larger than the buffer which is reserved
for msg->msg_name (which is 128 bytes). Also use DECLARE_SOCKADDR
consistently in sendmsg code paths.

Signed-off-by: Steffen Hurrle <steffen@hurrle.net>
Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-01-18 23:04:16 -08:00
John W. Linville
7916a07557 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2014-01-17 14:43:17 -05:00
Geert Uytterhoeven
88bfe6ea00 net: Spelling s/transmition/transmission/
Signed-off-by: Geert Uytterhoeven <geert+renesas@linux-m68k.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-01-14 17:11:26 -08:00
David S. Miller
0a379e21c5 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-01-14 14:42:42 -08:00
Thierry Escande
b711ad524b NFC: digital: Set rf tech and crc functions when receiving a PSL_REQ
This patch sets the correct rf tech value and crc functions in target
mode when receiving a PSL_REQ, as done when receiving an ATR_REQ.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-07 18:48:12 +01:00
Thierry Escande
48e1044515 NFC: digital: Set current target active on activate_target() call
The curr_protocol field of nfc_digital_dev structure used to determine
if a target is currently active was set too soon, immediately when a
target is found. This is not good since there is no other way than
deactivate_target() to reset curr_protocol and if activate_target() is
not called, the target remains active and it's not possible to put the
device in poll mode anymore.

With this patch curr_protocol is set when nfc core activates a target,
puts a device up, or when an ATR_REQ is received in target mode.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-07 18:48:12 +01:00
Masanari Iida
8faaaead62 treewide: fix comments and printk msgs
This patch fixed several typo in printk from various
part of kernel source.

Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2014-01-07 15:06:07 +01:00
Amitkumar Karwar
22c15bf30b NFC: NCI: Add set_config API
This API can be used by drivers to send their custom
configuration using SET_CONFIG NCI command to the device.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-07 01:32:40 +01:00
Amitkumar Karwar
86e8586ed5 NFC: NCI: Add setup handler
Some drivers require special configuration while initializing.
This patch adds setup handler for this custom configuration.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-07 01:32:40 +01:00
Amitkumar Karwar
1907299867 NFC: NCI: Don't reverse local general bytes
Local general bytes returned by nfc_get_local_general_bytes()
are already in correct order. We don't need to reverse them.

Remove local_gb[] local array as it's not needed any more.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-07 01:32:40 +01:00
Amitkumar Karwar
fa9be5f009 NFC: NCI: Cancel cmd_timer in nci_close_device()
nci_close_device() sends nci reset command to the device.
If there is no response for this command, nci request timeout
occurs first and then cmd timeout happens. Because command
timer has started after sending the command.

We are immediately flushing command workqueue after nci
timeout. Later we will try to schedule cmd_work in command
timer which leads to a crash.

Cancel cmd_timer before flushing the workqueue to fix the
problem.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-05 23:20:15 +01:00
Thierry Escande
4f319e3251 NFC: digital: Use NFC_NFCID3_MAXSIZE from nfc.h
This removes the declaration of NFCID3 size in digital_dep.c and now
uses the one from nfc.h.

This also removes a faulty and unneeded call to max().

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:35:34 +01:00
Thierry Escande
67af1d7a0f NFC: digital: Fix incorrect use of ERR_PTR and PTR_ERR macros
It's bad to use these macros when not dealing with error code. this
patch changes calls to these macros with correct casts.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:35:34 +01:00
Samuel Ortiz
a434c24074 NFC: Only warn on SE discovery error
SE discovery errors are currently overwriting the dev_up() return error.
This is wrong for many reasons:

- We don't want to report an error if we actually brought the device up
  but it failed to discover SEs. By doing so we pretend we don't have an
  NFC functional device even we do. The only thing we could not do was
  checking for SEs availability. This is the false negative case.

- In some cases the actual device power up failed but the SE discovery
  succeeded. Userspace then believes the device is up while it's not.
  This is the false positive case.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:32:27 +01:00
Szymon Janc
11bfb1c4b9 NFC: llcp: Use default MIU if none was specified on connect
If MIUX is not present in CONNECT or CC use default MIU value (128)
instead of one announced durring link setup.

This was affecting Bluetooth handover with Android 4.3+ NCI stack.

Signed-off-by: Szymon Janc <szymon.janc@gmail.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:32:27 +01:00
Szymon Janc
43d53c29dd NFC: llcp: Fix possible memory leak while sending I frames
If sending was not completed due to low memory condition msg_data
was not free before returning from function.

Signed-off-by: Szymon Janc <szymon.janc@gmail.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:32:27 +01:00
Samuel Ortiz
249eb5bd74 NFC: Return driver failure upon unknown event reception
If the device is polling, this will trigger a netlink event to notify
userspace about the polling error.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:32:27 +01:00
Arron Wang
d31652a26b NFC: Fix target mode p2p link establishment
With commit e29a9e2ae1, we set the active_target pointer from
nfc_dep_link_is_up() in order to support the case where the target
detection and the DEP link setting are done atomically by the driver.
That can only happen in initiator mode, so we need to check for that
otherwise we fail to bring a p2p link in target mode.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2014-01-04 03:31:32 +01:00
Masanari Iida
77d84ff87e treewide: Fix typos in printk
Correct spelling typo in various part of kernel

Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2013-12-19 15:10:49 +01:00
Jeff Kirsher
98b32decc8 nfc: Fix FSF address in file headers
Several files refer to an old address for the Free Software Foundation
in the file header comment.  Resolve by replacing the address with
the URL <http://www.gnu.org/licenses/> so that we do not have to keep
updating the header comments anytime the address changes.

CC: linux-wireless@vger.kernel.org
CC: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
CC: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
CC: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2013-12-11 10:56:21 -05:00
Hannes Frederic Sowa
f3d3342602 net: rework recvmsg handler msg_name and msg_namelen logic
This patch now always passes msg->msg_namelen as 0. recvmsg handlers must
set msg_namelen to the proper size <= sizeof(struct sockaddr_storage)
to return msg_name to the user.

This prevents numerous uninitialized memory leaks we had in the
recvmsg handlers and makes it harder for new code to accidentally leak
uninitialized memory.

Optimize for the case recvfrom is called with NULL as address. We don't
need to copy the address at all, so set it to NULL before invoking the
recvmsg handler. We can do so, because all the recvmsg handlers must
cope with the case a plain read() is called on them. read() also sets
msg_name to NULL.

Also document these changes in include/linux/net.h as suggested by David
Miller.

Changes since RFC:

Set msg->msg_name = NULL if user specified a NULL in msg_name but had a
non-null msg_namelen in verify_iovec/verify_compat_iovec. This doesn't
affect sendto as it would bail out earlier while trying to copy-in the
address. It also more naturally reflects the logic by the callers of
verify_iovec.

With this change in place I could remove "
if (!uaddr || msg_sys->msg_namelen == 0)
	msg->msg_name = NULL
".

This change does not alter the user visible error logic as we ignore
msg_namelen as long as msg_name is NULL.

Also remove two unnecessary curly brackets in ___sys_recvmsg and change
comments to netdev style.

Cc: David Miller <davem@davemloft.net>
Suggested-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-20 21:52:30 -05:00
Johannes Berg
2a94fe48f3 genetlink: make multicast groups const, prevent abuse
Register generic netlink multicast groups as an array with
the family and give them contiguous group IDs. Then instead
of passing the global group ID to the various functions that
send messages, pass the ID relative to the family - for most
families that's just 0 because the only have one group.

This avoids the list_head and ID in each group, adding a new
field for the mcast group ID offset to the family.

At the same time, this allows us to prevent abusing groups
again like the quota and dropmon code did, since we can now
check that a family only uses a group it owns.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-19 16:39:06 -05:00
Johannes Berg
68eb55031d genetlink: pass family to functions using groups
This doesn't really change anything, but prepares for the
next patch that will change the APIs to pass the group ID
within the family, rather than the global group ID.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-19 16:39:06 -05:00
Johannes Berg
c53ed74236 genetlink: only pass array to genl_register_family_with_ops()
As suggested by David Miller, make genl_register_family_with_ops()
a macro and pass only the array, evaluating ARRAY_SIZE() in the
macro, this is a little safer.

The openvswitch has some indirection, assing ops/n_ops directly in
that code. This might ultimately just assign the pointers in the
family initializations, saving the struct genl_family_and_ops and
code (once mcast groups are handled differently.)

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-19 16:39:05 -05:00
Johannes Berg
4534de8305 genetlink: make all genl_ops users const
Now that genl_ops are no longer modified in place when
registering, they can be made const. This patch was done
mostly with spatch:

@@
identifier ops;
@@
+const
 struct genl_ops ops[] = {
 ...
 };

(except the struct thing in net/openvswitch/datapath.c)

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-14 17:10:41 -05:00
Samuel Ortiz
ddc1a70b5f NFC: Fix SE API related sparse warning
se_io_cb can be declared static. This fixes the following sparse
warning:

net/nfc/netlink.c:1287:6: warning: symbol 'se_io_cb' was not declared.
Should it be static?

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-10-07 14:18:44 +02:00
Eric Lapuyade
2bed278517 NFC: NCI: Modify NCI SPI to implement CS/INT handshake per the spec
The NFC Forum NCI specification defines both a hardware and software
protocol when using a SPI physical transport to connect an NFC NCI
Chipset. The hardware requirement is that, after having raised the chip
select line, the SPI driver must wait for an INT line from the NFC
chipset to raise before it sends the data. The chip select must be
raised first though, because this is the signal that the NFC chipset
will detect to wake up and then raise its INT line. If the INT line
doesn't raise in a timely fashion, the SPI driver should abort
operation.

When data is transferred from Device host (DH) to NFC Controller (NFCC),
the signaling sequence is the following:

Data Transfer from DH to NFCC
• 1-Master asserts SPI_CSN
• 2-Slave asserts SPI_INT
• 3-Master sends NCI-over-SPI protocol header and payload data
• 4-Slave deasserts SPI_INT
• 5-Master deasserts SPI_CSN

When data must be transferred from NFCC to DH, things are a little bit
different.

Data Transfer from NFCC to DH
• 1-Slave asserts SPI_INT -> NFC chipset irq handler called -> process
reading from SPI
• 2-Master asserts SPI_CSN
• 3-Master send 2-octet NCI-over-SPI protocol header
• 4-Slave sends 2-octet NCI-over-SPI protocol payload length
• 5-Slave sends NCI-over-SPI protocol payload
• 6-Master deasserts SPI_CSN

In this case, SPI driver should function normally as it does today. Note
that the INT line can and will be lowered anytime between beginning of
step 3 and end of step 5. A low INT is therefore valid after chip select
has been raised.

This would be easily implemented in a single driver. Unfortunately, we
don't write the SPI driver and I had to imagine some workaround trick to
get the SPI and NFC drivers to work in a synchronized fashion. The trick
is the following:

- send an empty spi message: this will raise the chip select line, and
send nothing. We expect the /CS line will stay arisen because we asked
for it in the spi_transfer cs_change field
- wait for a completion, that will be completed by the NFC driver IRQ
handler when it knows we are in the process of sending data (NFC spec
says that we use SPI in a half duplex mode, so we are either sending or
receiving).
- when completed, proceed with the normal data send.

This has been tested and verified to work very consistently on a Nexus
10 (spi-s3c64xx driver). It may not work the same with other spi
drivers.

The previously defined nci_spi_ops{} whose intended purpose were to
address this problem are not used anymore and therefore totally removed.

The nci_spi_send() takes a new optional write_handshake_completion
completion pointer. If non NULL, the nci spi layer will run the above
trick when sending data to the NFC Chip. If NULL, the data is sent
normally all at once and it is then the NFC driver responsibility to
know what it's doing.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 14:59:56 +02:00
Eric Lapuyade
22d4aae589 NFC: NCI: nci_spi_recv_frame() now returns (not forward) the read frame
Previously, nci_spi_recv_frame() would directly transmit incoming frames
to the NCI Core. However, it turns out that some NFC NCI Chips will add
additional proprietary headers that must be handled/removed before NCI
Core gets a chance to handle the frame. With this modification, the chip
phy or driver are now responsible to transmit incoming frames to NCI
Core after proper treatment, and NCI SPI becomes a driver helper instead
of sitting between the NFC driver and NCI Core.

As a general rule in NFC, *_recv_frame() APIs are used to deliver an
incoming frame to an upper layer. To better suit the actual purpose of
nci_spi_recv_frame(), and go along with its nci_spi_send()
counterpart, the function is renamed to nci_spi_read()

The skb is returned as the function result

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 14:25:41 +02:00
Eric Lapuyade
a4ada6cadb NFC: NCI: zero struct spi_transfer variables before usage
Using ARM compiler, and without zero-ing spi_transfer, spi-s3c64xx
driver would issue abnormal errors due to bpw field value being set to
unexpected value. This structure MUST be set to all zeros except for
those field specifically used.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 14:21:09 +02:00
Samuel Ortiz
5ce3f32b52 NFC: netlink: SE API implementation
Implementation of the NFC_CMD_SE_IO command for sending ISO7816 APDUs to
NFC embedded secure elements. The reply is forwarded to user space
through NFC_CMD_SE_IO as well.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:35:05 +02:00
Thierry Escande
13292c9a1e NFC: digital: Fix sens_res endiannes handling
This was triggered by the following sparse warning:

net/nfc/digital_technology.c:272:20: sparse: cast to restricted __be16

The SENS_RES response must be treated as __le16 with the first byte
received as LSB and the second one as MSB. This is the way neard
handles it in the sens_res field of the nfc_target structure which is
treated as u16 in cpu endianness. So le16_to_cpu() is used on the
received SENS_RES instead of memcpy'ing it.

SENS_RES test macros have also been fixed accordingly.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:42 +02:00
Thierry Escande
4cf7e03296 NFC: rawsock: Fix a memory leak
In the rawsock data exchange callback, the sk_buff is not freed
on error.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:40 +02:00
Fengguang Wu
180106bd07 NFC: digital: digital_tg_send_sensf_res() can be static
Fixes sparse hint:

net/nfc/digital_technology.c:640:5: sparse: symbol 'digital_tg_send_sensf_res'
was not declared. Should it be static?

Cc: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:35 +02:00
Samuel Ortiz
260425308d NFC: digital: Add newline to pr_* calls
We do not add the newline to the pr_fmt macro, in order to give more
flexibility to the caller and to keep the logging style consistent with
the rest of the NFC and kernel code.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:34 +02:00
Samuel Ortiz
c5da0e4a35 NFC: digital: Remove PR_ERR and PR_DBG macros
They can be replaced by the standard pr_err and pr_debug one after
defining the right pr_fmt macro.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:32 +02:00
Eric Lapuyade
645d5087bd NFC: NCI: Store the spi device pointer from the spi instance
Storing the spi device was forgotten in the original implementation,
which would pretty obviously cause some kind of serious crash when
actually trying to send something through that device.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:30 +02:00
Thierry Escande
1c7a4c24fb NFC Digital: Add target NFC-DEP support
This adds support for NFC-DEP target mode for NFC-A and NFC-F
technologies.

If the driver provides it, the stack uses an automatic mode for
technology detection and automatic anti-collision. Otherwise the stack
tries to use non-automatic synchronization and listens for SENS_REQ and
SENSF_REQ commands.

The detection, activation, and data exchange procedures work exactly
the same way as in initiator mode, as described in the previous
commits, except that the digital stack waits for commands and sends
responses back to the peer device.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:28 +02:00
Thierry Escande
7d0911c02f NFC Digital: Add initiator NFC-DEP support
This adds support for NFC-DEP protocol in initiator mode for NFC-A and
NFC-F technologies.

When a target is detected, the process flow is as follow:

For NFC-A technology:
1 - The digital stack receives a SEL_RES as the reply of the SEL_REQ
    command.
2   - If b7 of SEL_RES is set, the peer device is configure for NFC-DEP
      protocol. NFC core is notified through nfc_targets_found().
      Execution continues at step 4.
3   - Otherwise, it's a tag and the NFC core is notified. Detection
      ends.
4 - The digital stacks sends an ATR_REQ command containing a randomly
    generated NFCID3 and the general bytes obtained from the LLCP layer
    of NFC core.

For NFC-F technology:
1 - The digital stack receives a SENSF_RES as the reply of the
    SENSF_REQ command.
2   - If B1 and B2 of NFCID2 are 0x01 and 0xFE respectively, the peer
      device is configured for NFC-DEP protocol. NFC core is notified
      through nfc_targets_found(). Execution continues at step 4.
3   - Otherwise it's a type 3 tag. NFC core is notified. Detection
      ends.
4 - The digital stacks sends an ATR_REQ command containing the NFC-F
    NFCID2 as NFCID3 and the general bytes obtained from the LLCP layer
    of NFC core.

For both technologies:
5 - The digital stacks receives the ATR_RES response containing the
    NFCID3 and the general bytes of the peer device.
6 - The digital stack notifies NFC core that the DEP link is up through
    nfc_dep_link_up().
7 - The NFC core performs data exchange through tm_transceive().
8 - The digital stack sends a DEP_REQ command containing an I PDU with
    the data from NFC core.
9 - The digital stack receives a DEP_RES command
10  - If the DEP_RES response contains a supervisor PDU with timeout
      extension request (RTOX) the digital stack sends a DEP_REQ
      command containing a supervisor PDU acknowledging the RTOX
      request. The execution continues at step 9.
11  - If the DEP_RES response contains an I PDU, the response data is
      passed back to NFC core through the response callback. The
      execution continues at step 8.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:27 +02:00
Thierry Escande
8c0695e499 NFC Digital: Add NFC-F technology support
This adds polling support for NFC-F technology at 212 kbits/s and 424
kbits/s. A user space application like neard can send type 3 tag
commands through the NFC core.

Process flow for NFC-F detection is as follow:

1 - The digital stack sends the SENSF_REQ command to the NFC device.
2 - A peer device replies with a SENSF_RES response.
3   - The digital stack notifies the NFC core of the presence of a
      target in the operation field and passes the target NFCID2.

This also adds support for CRC calculation of type CRC-F. The CRC
calculation is handled by the digital stack if the NFC device doesn't
support it.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:25 +02:00
Thierry Escande
2c66daecc4 NFC Digital: Add NFC-A technology support
This adds support for NFC-A technology at 106 kbits/s. The stack can
detect tags of type 1 and 2. There is no support for collision
detection. Tags can be read and written by using a user space
application or a daemon like neard.

The flow of polling operations for NFC-A detection is as follow:

1 - The digital stack sends the SENS_REQ command to the NFC device.
2 - The NFC device receives a SENS_RES response from a peer device and
    passes it to the digital stack.
3   - If the SENS_RES response identifies a type 1 tag, detection ends.
      NFC core is notified through nfc_targets_found().
4   - Otherwise, the digital stack sets the cascade level of NFCID1 to
      CL1 and sends the SDD_REQ command.
5 - The digital stack selects SEL_CMD and SEL_PAR according to the
    cascade level and sends the SDD_REQ command.
4 - The digital stack receives a SDD_RES response for the cascade level
    passed in the SDD_REQ command.
5 - The digital stack analyses (part of) NFCID1 and verify BCC.
6 - The digital stack sends the SEL_REQ command with the NFCID1
    received in the SDD_RES.
6 - The peer device replies with a SEL_RES response
7   - Detection ends if NFCID1 is complete. NFC core notified of new
      target by nfc_targets_found().
8   - If NFCID1 is not complete, the cascade level is incremented (up
      to and including CL3) and the execution continues at step 5 to
      get the remaining bytes of NFCID1.

Once target detection is done, type 1 and 2 tag commands must be
handled by a user space application (i.e neard) through the NFC core.
Responses for type 1 tag are returned directly to user space via NFC
core.
Responses of type 2 commands are handled differently. The digital stack
doesn't analyse the type of commands sent through im_transceive() and
must differentiate valid responses from error ones.
The response process flow is as follow:

1 - If the response length is 16 bytes, it is a valid response of a
    READ command. the packet is returned to the NFC core through the
    callback passed to im_transceive(). Processing stops.
2 - If the response is 1 byte long and is a ACK byte (0x0A), it is a
    valid response of a WRITE command for example. First packet byte
    is set to 0 for no-error and passed back to the NFC core.
    Processing stops.
3 - Any other response is treated as an error and -EIO error code is
    returned to the NFC core through the response callback.

Moreover, since the driver can't differentiate success response from a
NACK response, the digital stack has to handle CRC calculation.

Thus, this patch also adds support for CRC calculation. If the driver
doesn't handle it, the digital stack will calculate CRC and will add it
to sent frames. CRC will also be checked and removed from received
frames. Pointers to the correct CRC calculation functions are stored in
the digital stack device structure when a target is detected. This
avoids the need to check the current target type for every call to
im_transceive() and for every response received from a peer device.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:23 +02:00
Thierry Escande
59ee2361c9 NFC Digital: Implement driver commands mechanism
This implements the mechanism used to send commands to the driver in
initiator mode through in_send_cmd().

Commands are serialized and sent to the driver by using a work item
on the system workqueue. Responses are handled asynchronously by
another work item. Once the digital stack receives the response through
the command_complete callback, the next command is sent to the driver.

This also implements the polling mechanism. It's handled by a work item
cycling on all supported protocols. The start poll command for a given
protocol is sent to the driver using the mechanism described above.
The process continues until a peer is discovered or stop_poll is
called. This patch implements the poll function for NFC-A that sends a
SENS_REQ command and waits for the SENS_RES response.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 02:02:07 +02:00
Thierry Escande
4b10884eb4 NFC: Digital Protocol stack implementation
This is the initial commit of the NFC Digital Protocol stack
implementation.

It offers an interface for devices that don't have an embedded NFC
Digital protocol stack. The driver instantiates the digital stack by
calling nfc_digital_allocate_device(). Within the nfc_digital_ops
structure, the driver specifies a set of function pointers for driver
operations. These functions must be implemented by the driver and are:

in_configure_hw:
Hardware configuration for RF technology and communication framing in
initiator mode. This is a synchronous function.

in_send_cmd:
Initiator mode data exchange using RF technology and framing previously
set with in_configure_hw. The peer response is returned through
callback cb. If an io error occurs or the peer didn't reply within the
specified timeout (ms), the error code is passed back through the resp
pointer. This is an asynchronous function.

tg_configure_hw:
Hardware configuration for RF technology and communication framing in
target mode. This is a synchronous function.

tg_send_cmd:
Target mode data exchange using RF technology and framing previously
set with tg_configure_hw. The peer next command is returned through
callback cb. If an io error occurs or the peer didn't reply within the
specified timeout (ms), the error code is passed back through the resp
pointer. This is an asynchronous function.

tg_listen:
Put the device in listen mode waiting for data from the peer device.
This is an asynchronous function.

tg_listen_mdaa:
If supported, put the device in automatic listen mode with mode
detection and automatic anti-collision. In this mode, the device
automatically detects the RF technology and executes the
anti-collision detection using the command responses specified in
mdaa_params. The mdaa_params structure contains SENS_RES, NFCID1, and
SEL_RES for 106A RF tech. NFCID2 and system code (sc) for 212F and
424F. The driver returns the NFC-DEP ATR_REQ command through cb. The
digital stack deducts the RF tech by analyzing the SoD of the frame
containing the ATR_REQ command. This is an asynchronous function.

switch_rf:
Turns device radio on or off. The stack does not call explicitly
switch_rf to turn the radio on. A call to in|tg_configure_hw must turn
the device radio on.

abort_cmd:
Discard the last sent command.

Then the driver registers itself against the digital stack by using
nfc_digital_register_device() which in turn registers the digital stack
against the NFC core layer. The digital stack implements common NFC
operations like dev_up(), dev_down(), start_poll(), stop_poll(), etc.

This patch is only a skeleton and NFC operations are just stubs.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:42 +02:00
Samuel Ortiz
e29a9e2ae1 NFC: Set active target upon DEP up event reception
As we can potentially get DEP up events without having sent a netlink
command, we need to set the active target properly from dep_link_is_up.
Spontaneous DEP up events can come from devices that detected an active
p2p target. In that case there is no need to call the netlink DEP up
command as the link is already up and running.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:41 +02:00
Eric Lapuyade
fa544fff62 NFC: NCI: Simplify NCI SPI to become a simple framing/checking layer
NCI SPI layer should not manage the nci dev, this is the job of the nci
chipset driver. This layer should be limited to frame/deframe nci
packets, and optionnaly check integrity (crc) and manage the ack/nak
protocol.

The NCI SPI must not be mixed up with an NCI dev. spi_[dev|device] are
therefore renamed to a simple spi for more clarity.
The header and crc sizes are moved to nci.h so that drivers can use
them to reserve space in outgoing skbs.
nci_spi_send() is exported to be accessible by drivers.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:41 +02:00
Eric Lapuyade
d593751129 NFC: NCI: Rename spi ndev -> nsdev and nci_dev -> ndev for consistency
An hci dev is an hdev. An nci dev is an ndev. Calling an nci spi dev an
ndev is misleading since it's not the same thing. The nci dev contained
in the nci spi dev is also named inconsistently.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:40 +02:00
Eric Lapuyade
079797c3b7 NFC: NCI: Fix wrong allocation size in nci_spi_allocate_device()
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:40 +02:00
Arron Wang
d8eb18eeca NFC: Export nfc_find_se()
This will be needed by all NFC driver implementing the SE ops.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-09-25 01:35:39 +02:00
Arron Wang
39525ee1dc NFC: Update secure element state
The secure element state was not updated from the enable/disable ops,
leaving the SE state to disabled for ever.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 01:13:40 +02:00
Arron Wang
2c3832834b NFC: Fix secure element state check
Another typo from the initial commit where we check for the secure
element type field instead of its state when enabling or disabling it.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 01:13:38 +02:00
Dan Carpenter
4eba11e82a NFC: hci: Fix enable/disable confusion
There is a cut and paste bug so we enable a second time instead of
disabling.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 01:13:36 +02:00
Eric Lapuyade
352a5f5fb3 NFC: netlink: Add result of firmware operation to completion event
Result is added as an NFC_ATTR_FIRMWARE_DOWNLOAD_STATUS attribute
containing the standard errno positive value of the completion result.
This event will be sent when the firmare download operation is done and
will contain the operation result.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 01:12:58 +02:00
Eric Lapuyade
ef04158e13 NFC: Move nfc_fw_download_done() definition from private to public
This API must be called by NFC drivers, and its prototype was
incorrectly placed.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 01:08:01 +02:00
Samuel Ortiz
ac22ac466a NFC: Add a GET_SE netlink API
In order to fetch the discovered secure elements from an NFC controller,
we need to send a netlink command that will dump the list of available
SEs from NFC.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 00:35:19 +02:00
Samuel Ortiz
369f4d503a NFC: Fix SE discovery failure warning condition
This is a typo coming from the initial implementation. se_discover fails
when it returns something different than zero and we should only display
a warning in that case.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-08-14 00:35:19 +02:00
Samuel Ortiz
9ea7187c53 NFC: netlink: Rename CMD_FW_UPLOAD to CMD_FW_DOWNLOAD
Loading a firmware into a target is typically called firmware
download, not firmware upload. So we rename the netlink API to
NFC_CMD_FW_DOWNLOAD in order to avoid any terminology confusion from
userspace.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-07-31 01:19:43 +02:00
Frederic Danis
7427b370e0 NFC: Fix NCI over SPI build
kbuild test robot found following error:

     net/built-in.o: In function `nci_spi_send':
  >> spi.c:(.text+0x19a76f): undefined reference to `crc_ccitt'

Add CRC_CCITT module to Kconfig to fix it

Reported-by: kbuild test robot.
Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-07-19 16:55:26 +02:00
Samuel Ortiz
4ca546e554 NFC: llcp: Fix the well known services endianness
The WKS (Well Known Services) bitmask should be transmitted in big endian
order. Picky implementations will refuse to establish an LLCP link when the
WKS bit 0 is not set to 1. The vast majority of implementations out there
are not that picky though...

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:10 +02:00
Samuel Ortiz
f768b34017 NFC: llcp: Set the LLC Link Management well known service bit
In order to advertise our LLCP support properly and to follow the LLCP
specs requirements, we need to initialize the WKS (Well-Known Services)
bitfield to 1 as SAP 0 is the only mandatory supported service.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:09 +02:00
Samuel Ortiz
2635a4bdfa NFC: llcp: Do not send pending Tx frames when the remote is not ready
When we receive a RNR, the remote is busy processing the last received
frame. We set a local flag for that, and we should send a SYMM when it
is set instead of sending any pending frame.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:08 +02:00
Samuel Ortiz
b4011239a0 NFC: llcp: Fix non blocking sockets connections
Without the new LLCP_CONNECTING state, non blocking sockets will be
woken up with a POLLHUP right after calling connect() because their
state is stuck at LLCP_CLOSED.
That prevents userspace from implementing any proper non blocking
socket based NFC p2p client.

Cc: stable@vger.kernel.org
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:07 +02:00
Thierry Escande
f1b79dc891 NFC: Fix a potential memory leak
In nfc_llcp_tx_work() the sk_buff is not freed when the llcp_sock
is null and the PDU is an I one.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:06 +02:00
Thierry Escande
17f7ae16ae NFC: Keep socket alive until the DISC PDU is actually sent
This patch keeps the socket alive and therefore does not remove
it from the sockets list in the local until the DISC PDU has been
actually sent. Otherwise we would reply with DM PDUs before sending
the DISC one.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:05 +02:00
Thierry Escande
58e3dd1558 NFC: Rename nfc_llcp_disconnect() to nfc_llcp_send_disconnect()
nfc_llcp_send_disconnect() already exists but is not used.
nfc_llcp_disconnect() naming is not consistent with other PDU
sending functions.
This patch removes nfc_llcp_send_disconnect() and renames
nfc_llcp_disconnect()

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:04 +02:00
Samuel Ortiz
be0856535c NFC: Add secure element enablement netlink API
Enabling or disabling an NFC accessible secure element through netlink
requires giving both an NFC controller and a secure element indexes.
Once enabled the secure element will handle card emulation once polling
starts.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:02 +02:00
Samuel Ortiz
c531c9ec29 NFC: Add secure element enablement internal API
Called via netlink, this API will enable or disable a specific secure
element. When a secure element is enabled, it will handle card emulation
and more generically ISO-DEP target mode, i.e. all target mode cases
except for p2p target mode.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:01 +02:00
Samuel Ortiz
ee656e9d09 NFC: Remove and free all SEs when releasing an NFC device
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:45:00 +02:00
Samuel Ortiz
2757c3723c NFC: Send netlink events for secure elements additions and removals
When an NFC driver or host controller stack discovers a secure element,
it will call nfc_add_se(). In order for userspace applications to use
these secure elements, a netlink event will then be sent with the SE
index and its type. With that information userspace applications can
decide wether or not to enable SEs, through their indexes.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:59 +02:00
Samuel Ortiz
fed7c25ec0 NFC: Add secure elements addition and removal API
This API will allow NFC drivers to add and remove the secure elements
they know about or detect. Typically this should be called (asynchronously
or not) from the driver or the host interface stack detect_se hook.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:58 +02:00
Samuel Ortiz
0a946301c2 NFC: Extend and fix the internal secure element API
Secure elements need to be discovered after enabling the NFC controller.
This is typically done by the NCI core and the HCI drivers (HCI does not
specify how to discover SEs, it is left to the specific drivers).
Also, the SE enable/disable API explicitely takes a SE index as its
argument.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:53 +02:00
Samuel Ortiz
0b456c418a NFC: Remove the static supported_se field
Supported secure elements are typically found during a discovery process
initiated when the NFC controller is up and running. For a given NFC
chipset there can be many configurations (embedded SE or not, with or
without a SIM card wired to the NFC controller SWP interface, etc...) and
thus driver code will never know before hand which SEs are available.
So we remove this field, it will be replaced by a real SE discovery
mechanism.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:19 +02:00
Frederic Danis
391d8a2da7 NFC: Add NCI over SPI receive
Before any operation, driver interruption is de-asserted to prevent
race condition between TX and RX.

Transaction starts by emitting "Direct read" and acknowledged mode
bytes. Then packet length is read allowing to allocate correct NCI
socket buffer. After that payload is retrieved.

A delay after the transaction can be added.
This delay is determined by the driver during nci_spi_allocate_device()
call and can be 0.

If acknowledged mode is set:
- CRC of header and payload is checked
- if frame reception fails (CRC error): NACK is sent
- if received frame has ACK or NACK flag: unblock nci_spi_send()

Payload is passed to NCI module.

At the end, driver interruption is re asserted.

Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:16 +02:00
Frederic Danis
ee9596d467 NFC: Add NCI over SPI send
Before any operation, driver interruption is de-asserted to prevent
race condition between TX and RX.

The NCI over SPI header is added in front of NCI packet.
If acknowledged mode is set, CRC-16-CCITT is added to the packet.
Then the packet is forwarded to SPI module to be sent.

A delay after the transaction is added.
This delay is determined by the driver during nci_spi_allocate_device()
call and can be 0.

After data has been sent, driver interruption is re-asserted.

If acknowledged mode is set, nci_spi_send will block until
acknowledgment is received.

Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:15 +02:00
Frederic Danis
8a00a61b0e NFC: Add basic NCI over SPI
The NFC Forum defines a transport interface based on
Serial Peripheral Interface (SPI) for the NFC Controller
Interface (NCI).

This module implements the SPI transport of NCI, calling SPI module
directly to read/write data to NFC controller (NFCC).

NFCC driver should provide functions performing device open and close.
It should also provide functions asserting/de-asserting interruption
to prevent TX/RX race conditions.
NFCC driver can also fix a delay between transactions if needed by
the hardware.

Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 13:44:03 +02:00
Samuel Ortiz
a395298c9c NFC: HCI: Follow a positive code path in the HCI ops implementations
Exiting on the error case is more typical to the kernel coding style.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 00:26:10 +02:00
Eric Lapuyade
9a695d23aa NFC: HCI: Implement fw_upload ops
This is a simple forward to the HCI driver. When driver is done with the
operation, it shall directly notify NFC Core by calling
nfc_fw_upload_done().

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 00:26:09 +02:00
Eric Lapuyade
9674da8759 NFC: Add firmware upload netlink command
As several NFC chipsets can have their firmwares upgraded and
reflashed, this patchset adds a new netlink command to trigger
that the driver loads or flashes a new firmware. This will allows
userspace triggered firmware upgrade through netlink.
The firmware name or hint is passed as a parameter, and the driver
will eventually fetch the firmware binary through the request_firmware
API.
The cmd can only be executed when the nfc dev is not in use. Actual
firmware loading/flashing is an asynchronous operation. Result of the
operation shall send a new event up to user space through the nfc dev
multicast socket. During operation, the nfc dev is not openable and
thus not usable.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 00:26:08 +02:00
Frederic Danis
1095e69f47 NFC: NCI: Fix skb->dev usage
skb->dev is used for carrying a net_device pointer and not
an nci_dev pointer.

Remove usage of skb-dev to carry nci_dev and replace it by parameter
in nci_recv_frame(), nci_send_frame() and driver send() functions.

NfcWilink driver is also updated to use those functions.

Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-06-14 00:25:53 +02:00
Paul Bolle
7c055881de NFC: Remove commented out LLCP related Makefile line
The Kconfig symbol NFC_LLCP was removed in commit 30cc458765 ("NFC: Move
LLCP code to the NFC top level diirectory"). But the reference to its
macro in this Makefile was only commented out. Remove it now.

Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-05-21 10:47:41 +02:00
David S. Miller
58717686cf Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
	drivers/net/ethernet/emulex/benet/be.h
	include/net/tcp.h
	net/mac802154/mac802154.h

Most conflicts were minor overlapping stuff.

The be2net driver brought in some fixes that added __vlan_put_tag
calls, which in net-next take an additional argument.

Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-30 03:55:20 -04:00
John W. Linville
17a2911f33 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2013-04-29 15:31:57 -04:00
Marcel Holtmann
c204ea092e NFC: Add missing RFKILL dependency for Kconfig
Since the NFC subsystem gained RFKILL support, it needs to be able
to build properly with whatever option for RFKILL has been selected.

on i386:

net/built-in.o: In function `nfc_unregister_device':
(.text+0x6a36d): undefined reference to `rfkill_unregister'
net/built-in.o: In function `nfc_unregister_device':
(.text+0x6a378): undefined reference to `rfkill_destroy'
net/built-in.o: In function `nfc_register_device':
(.text+0x6a493): undefined reference to `rfkill_alloc'
net/built-in.o: In function `nfc_register_device':
(.text+0x6a4a4): undefined reference to `rfkill_register'
net/built-in.o: In function `nfc_register_device':
(.text+0x6a4b3): undefined reference to `rfkill_destroy'
net/built-in.o: In function `nfc_dev_up':
(.text+0x6a8e8): undefined reference to `rfkill_blocked'

when CONFIG_RFKILL=m but NFC is builtin.

Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-27 01:02:46 +02:00
Samuel Ortiz
30cc458765 NFC: Move LLCP code to the NFC top level diirectory
And stop making it optional. LLCP is a fundamental part of the NFC
specifications and making it optional does not make much sense.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-26 12:37:28 +02:00
Dan Carpenter
5ffedc6ed3 NFC: llcp: two bugs in ->getname()
The sockaddr_nfc_llcp struct has as hole between ->sa_family and
->dev_idx so I've added a memset() to clear it and prevent an
information leak.

Also the ->nfc_protocol element wasn't set so I've added that.

"uaddr->sa_family" and "llcp_addr->sa_family" are the same thing but
it's less confusing to use llcp_addr consistently throughout.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-25 01:47:59 -04:00
John W. Linville
6ed0e321a0 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2013-04-24 10:54:20 -04:00
Samuel Ortiz
be055b2f89 NFC: RFKILL support
All NFC devices will now get proper RFKILL support as long as they provide
some dev_up and dev_down hooks. Rfkilling an NFC device will bring it down
while it is left to userspace to bring it back up when being rfkill unblocked.
This is very similar to what Bluetooth does.

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-12 16:54:45 +02:00
Samuel Ortiz
7757dc8a3e NFC: Prevent polling when device is down
Some devices turn radio on whenever they're asked to start a poll.
To prevent that from happening, we just don't call into the driver
start_poll hook when the NFC device is down.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:29:10 +02:00
Samuel Ortiz
6d2cd978e5 NFC: llcp: Terminate connection when receiving a DISC on (0,0)
According to the LLCP specs, we must terminate the LLCP link when receiving
a DISC with both ssap and dsap set to 0.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:29:09 +02:00
Samuel Ortiz
c470e319b4 NFC: llcp: Remove local_cleanup last argument
local_cleanup is always called with device set to false as it means the
local LLCP is going away. So no need to pass this switch as an argument.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:29:09 +02:00
Samuel Ortiz
b436a13deb NFC: llcp: Only keep raw sockets alive when the LLCP local leaves
When the MAC goes down, connected and connection less sockets should be
notified, but raw sockets should be kept alive.
They will get notified only when the physical devices goes away.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:29:09 +02:00
Thierry Escande
064f370c5f NFC: llcp: Add support in getsockopt for RW, LTO, and MIU remote parameters
Useful for LLCP validation tests.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:59 +02:00
Thierry Escande
abd18d4330 NFC: llcp: Reset RW, LTO, and MIU remote parameters when link goes down
This resets remote parameters in both local and socket llcp structures when the
link goes down. That way, nfc_llcp_getsockopt won't return values corresponding
to the previous link parameters.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:59 +02:00
Thierry Escande
66cbfa10f3 NFC: llcp: Use localy stored remote_miu value if not set at socket level
If remote_miu value is not set in the socket (i.e. connection-less socket) the
value stored in the local is used.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:58 +02:00
Thierry Escande
098dafcfb4 NFC: llcp: Aggregated frames support
This adds support for AGF PDUs. For each PDU contained in the AGF, a new sk_buff
is allocated and dispatched to its corresponding handler.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:58 +02:00
Olivier Guiter
0b23d666a8 NFC: llcp: Fix zero octets length SDU handling
LLCP Validation test #2 (Connection-less information transfer) send a
service data unit of zero octets length. This is now handled correctly.

Signed-off-by: Olivier Guiter <olivier.guiter@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:57 +02:00
Samuel Ortiz
00e856db49 NFC: llcp: Fall back to local values when getting socket options
If a socket option has not been set by the user, fall back to the LLCP
local ones.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:57 +02:00
Samuel Ortiz
5eef666975 NFC: llcp: Socket miux is a big endian field
The MIUX must be transmitted in big endian and as such we have to convert
it properly.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-04-11 16:28:56 +02:00
John W. Linville
6fe5468f45 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	drivers/net/wireless/rt2x00/rt2x00pci.c
2013-04-10 09:31:39 -04:00
David S. Miller
d978a6361a Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/nfc/microread/mei.c
	net/netfilter/nfnetlink_queue_core.c

Pull in 'net' to get Eric Biederman's AF_UNIX fix, upon which
some cleanups are going to go on-top.

Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-07 18:37:01 -04:00
Mathias Krause
d26d6504f2 NFC: llcp: fix info leaks via msg_name in llcp_sock_recvmsg()
The code in llcp_sock_recvmsg() does not initialize all the members of
struct sockaddr_nfc_llcp when filling the sockaddr info. Nor does it
initialize the padding bytes of the structure inserted by the compiler
for alignment.

Also, if the socket is in state LLCP_CLOSED or is shutting down during
receive the msg_namelen member is not updated to 0 while otherwise
returning with 0, i.e. "success". The msg_namelen update is also
missing for stream and seqpacket sockets which don't fill the sockaddr
info.

Both issues lead to the fact that the code will leak uninitialized
kernel stack bytes in net/socket.c.

Fix the first issue by initializing the memory used for sockaddr info
with memset(0). Fix the second one by setting msg_namelen to 0 early.
It will be updated later if we're going to fill the msg_name member.

Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-07 16:28:02 -04:00
Jacob Keller
8facd5fb73 net: fix smatch warnings inside datagram_poll
Commit 7d4c04fc17 ("net: add option to enable
error queue packets waking select") has an issue due to operator precedence
causing the bit-wise OR to bind to the sock_flags call instead of the result of
the terniary conditional. This fixes the *_poll functions to work properly. The
old code results in "mask |= POLLPRI" instead of what was intended, which is to
only include POLLPRI when the socket option is enabled.

Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-02 16:59:16 -04:00
Keller, Jacob E
7d4c04fc17 net: add option to enable error queue packets waking select
Currently, when a socket receives something on the error queue it only wakes up
the socket on select if it is in the "read" list, that is the socket has
something to read. It is useful also to wake the socket if it is in the error
list, which would enable software to wait on error queue packets without waking
up for regular data on the socket. The main use case is for receiving
timestamped transmit packets which return the timestamp to the socket via the
error queue. This enables an application to select on the socket for the error
queue only instead of for the regular traffic.

-v2-
* Added the SO_SELECT_ERR_QUEUE socket option to every architechture specific file
* Modified every socket poll function that checks error queue

Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Cc: Jeffrey Kirsher <jeffrey.t.kirsher@intel.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Cc: Matthew Vick <matthew.vick@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-31 19:44:20 -04:00
Samuel Ortiz
39a352a5b5 NFC: llcp: Keep the connected socket parent pointer alive
And avoid decreasing the ack log twice when dequeueing connected LLCP
sockets.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-26 14:35:57 +01:00
Thierry Escande
b315515544 NFC: llcp: Remove possible double call to kfree_skb
kfree_skb was called twice when the socket receive queue is full

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-20 16:46:40 +01:00
Samuel Ortiz
bec964ed3b NFC: llcp: Detach socket from process context only when releasing the socket
Calling sock_orphan when e.g. the NFC adapter is removed can lead to
kernel crashes when e.g. a connection less client is sleeping on the
Rx workqueue, waiting for data to show up.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-20 11:30:37 +01:00
John W. Linville
49c87cd1ea Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	net/nfc/llcp/llcp.c
2013-03-18 09:39:21 -04:00
Thierry Escande
40213fa851 NFC: llcp: Add cleanup support for unreplied SNL requests
If the remote LLC doesn't reply in time to our SNL requests we remove
them from the list of pending requests. The timeout is fixed to an
arbitrary value of 3 times remote_lto.

When not replied, the local LLC broadcasts NFC_EVENT_LLC_SDRES nl events for
the concerned uris with sap values set to LLCP_SDP_UNBOUND (which is 65).

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 23:16:41 +01:00
Thierry Escande
d9b8d8e19b NFC: llcp: Service Name Lookup netlink interface
This adds a netlink interface for service name lookup support.
Multiple URIs can be passed nested into the NFC_ATTR_LLC_SDP attribute
using the NFC_CMD_LLC_SDREQ netlink command.
When the SNL reply is received, a NFC_EVENT_LLC_SDRES event is sent to
the user space. URI and SAP tuples are passed back, nested into
NFC_ATTR_LLC_SDP attribute.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 23:14:54 +01:00
Thierry Escande
e0ae7bac06 NFC: llcp: Service Name Lookup SDRES aggregation
This modifies the way SDRES PDUs are sent back. If multiple SDREQs are
received within a single SNL PDU, all SDRES replies are sent packed in
one SNL PDU too.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 23:10:55 +01:00
Thierry Escande
8af362d124 NFC: Add missing type policies for netlink attributes
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 22:20:05 +01:00
Samuel Ortiz
8808edb1ec NFC: llcp: Remove redundant printk
We already have a pr_debug for that.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 22:20:05 +01:00
Samuel Ortiz
06d44f806a NFC: llcp: Use socket specific link parameters before the local ones
If the socket link options are set, use them before the local one.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 22:20:05 +01:00
Samuel Ortiz
26fd76cab2 NFC: llcp: Implement socket options
Some LLCP services (e.g. the validation ones) require some control over
the LLCP link parameters like the receive window (RW) or the MIU extension
(MIUX). This can only be done through socket options.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 22:20:05 +01:00
Samuel Ortiz
e4306bec47 NFC: llcp: Rename socket rw and miu fields
They really are remote peer parameters, and we need to distinguish them
from the local ones as we'll modify the latter with socket options.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-10 22:20:05 +01:00
Samuel Ortiz
3bbc0ceb7a NFC: llcp: Report error to pending sockets when a device is removed
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-08 17:35:22 +01:00
Samuel Ortiz
e6a3a4bb85 NFC: llcp: Clean raw sockets from nfc_llcp_socket_release
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-08 17:34:57 +01:00
Samuel Ortiz
3536da06db NFC: llcp: Clean local timers and works when removing a device
Whenever an adapter is removed we must clean all the local structures,
especially the timers and scheduled work. Otherwise those asynchronous
threads will eventually try to access the freed nfc_dev pointer if an LLCP
link is up.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-08 14:25:04 +01:00
Samuel Ortiz
b141e811a0 NFC: llcp: Decrease socket ack log when accepting a connection
This is really difficult to test with real NFC devices, but without
this fix an LLCP server will eventually refuse new connections.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-03-08 14:25:04 +01:00
Sasha Levin
b67bfe0d42 hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived

        list_for_each_entry(pos, head, member)

The hlist ones were greedy and wanted an extra parameter:

        hlist_for_each_entry(tpos, pos, head, member)

Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.

Besides the semantic patch, there was some manual work required:

 - Fix up the actual hlist iterators in linux/list.h
 - Fix up the declaration of other iterators based on the hlist ones.
 - A very small amount of places were using the 'node' parameter, this
 was modified to use 'obj->member' instead.
 - Coccinelle didn't handle the hlist_for_each_entry_safe iterator
 properly, so those had to be fixed up manually.

The semantic patch which is mostly the work of Peter Senna Tschudin is here:

@@
iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;

type T;
expression a,c,d,e;
identifier b;
statement S;
@@

-T b;
    <+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
    ...+>

[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes]
Tested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-02-27 19:10:24 -08:00
Linus Torvalds
06991c28f3 Driver core patches for 3.9-rc1
Here is the big driver core merge for 3.9-rc1
 
 There are two major series here, both of which touch lots of drivers all
 over the kernel, and will cause you some merge conflicts:
   - add a new function called devm_ioremap_resource() to properly be
     able to check return values.
   - remove CONFIG_EXPERIMENTAL
 
 If you need me to provide a merged tree to handle these resolutions,
 please let me know.
 
 Other than those patches, there's not much here, some minor fixes and
 updates.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlEmV0cACgkQMUfUDdst+yncCQCfbmnQZju7kzWXk6PjdFuKspT9
 weAAoMCzcAtEzzc4LXuUxxG/sXBVBCjW
 =yWAQ
 -----END PGP SIGNATURE-----

Merge tag 'driver-core-3.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core patches from Greg Kroah-Hartman:
 "Here is the big driver core merge for 3.9-rc1

  There are two major series here, both of which touch lots of drivers
  all over the kernel, and will cause you some merge conflicts:

   - add a new function called devm_ioremap_resource() to properly be
     able to check return values.

   - remove CONFIG_EXPERIMENTAL

  Other than those patches, there's not much here, some minor fixes and
  updates"

Fix up trivial conflicts

* tag 'driver-core-3.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (221 commits)
  base: memory: fix soft/hard_offline_page permissions
  drivercore: Fix ordering between deferred_probe and exiting initcalls
  backlight: fix class_find_device() arguments
  TTY: mark tty_get_device call with the proper const values
  driver-core: constify data for class_find_device()
  firmware: Ignore abort check when no user-helper is used
  firmware: Reduce ifdef CONFIG_FW_LOADER_USER_HELPER
  firmware: Make user-mode helper optional
  firmware: Refactoring for splitting user-mode helper code
  Driver core: treat unregistered bus_types as having no devices
  watchdog: Convert to devm_ioremap_resource()
  thermal: Convert to devm_ioremap_resource()
  spi: Convert to devm_ioremap_resource()
  power: Convert to devm_ioremap_resource()
  mtd: Convert to devm_ioremap_resource()
  mmc: Convert to devm_ioremap_resource()
  mfd: Convert to devm_ioremap_resource()
  media: Convert to devm_ioremap_resource()
  iommu: Convert to devm_ioremap_resource()
  drm: Convert to devm_ioremap_resource()
  ...
2013-02-21 12:05:51 -08:00
Dan Carpenter
e9a4aa3ba3 NFC: llcp: integer underflow in nfc_llcp_set_remote_gb()
If gb_len is less than 3 it would cause an integer underflow and
possibly memory corruption in nfc_llcp_parse_gb_tlv().

I removed the old test for gb_len == 0.  I also removed the test for
->remote_gb == NULL.  It's not possible for ->remote_gb to be NULL and
we have already dereferenced ->remote_gb_len so it's too late to test.

The old test return -ENODEV but my test returns -EINVAL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2013-02-08 14:51:31 -05:00
Michał Mirosław
9f3b795a62 driver-core: constify data for class_find_device()
All in-kernel users of class_find_device() don't really need mutable
data for match callback.

In two places (kernel/power/suspend_test.c, drivers/scsi/osd/osd_uld.c)
this patch changes match callbacks to use const search data.

The const is propagated to rtc_class_open() and power_supply_get_by_name()
parameters.

Note that there's a dev reference leak in suspend_test.c that's not
touched in this patch.

Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Acked-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-02-06 12:18:56 -08:00
Samuel Ortiz
fb97c3e80f NFC: Use skb_copy_datagram_iovec
Safer and more robust than than memcpy_toiovec.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-11 14:56:32 +01:00
Samuel Ortiz
fad2e371bb NFC: Avoid memcpy on LLCP connection less Rx path
We can cast msg_name to a sockaddr_nfc_llcp pointer directly.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-11 14:56:22 +01:00
Samuel Ortiz
390a1bd853 NFC: Initial Secure Element API
Each NFC adapter can have several links to different secure elements and
that property needs to be exported by the drivers.
A secure element link can be enabled and disabled, and card emulation will
be handled by the currently active one. Otherwise card emulation will be
host implemented.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:54 +01:00
Eric Lapuyade
bf71ab8ba5 NFC: Add HCI quirks to support driver (non)standard implementations
Some chips diverge from the HCI spec in their implementation of standard
features. This adds a new quirks parameter to
nfc_hci_allocate_device() to let the driver indicate its divergence.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:51 +01:00
Eric Lapuyade
924d4a023e NFC: Fixed skb leak in tm_send() nfc and hci ops implementations
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:50 +01:00
Eric Lapuyade
40d06d3647 NFC: Changed event_received hci ops result semantic
Some chips use a standard HCI event code, destined to a proprietary
gate, with a different meaning. Therefore, the HCI driver must always
have a chance to intercept the event before standard processing is
attempted.
The new semantic specifies that the result value "1" means that the
driver doesn't especially handle the event. result <= 0 means it was
handled.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:49 +01:00
Eric Lapuyade
27c31191b3 NFC: Added error handling in event_received hci ops
There is no use to return an error if the caller doesn't get it.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:49 +01:00
Eric Lapuyade
f0c9103813 NFC: Fixed nfc core and hci unregistration and cleanup
When an adapter is removed, it will unregister itself from hci and/or
nfc core. In order to do that safely, work tasks must first be canceled
and prevented to be scheduled again, before the hci or nfc device can be
destroyed.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:51:48 +01:00
Samuel Ortiz
1727cf9374 NFC: llcp: Fix Rx memory leak
The reference count bump on the llcp Rx path is leading to a memory leak
whenever we're not receiving an I frame.
We fix that by removing the refcount bump (drivers must not free their
received skb) and using it only in the I frame path, when the frame is
actually queued. In that case, the skb will only be freed when someone
fetches it from userspace. in all other cases, LLCP received frames will
be freed when leaving the Rx work queue.

Reported-by: Eric Lapuyade <eric.lapuyade@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:48:25 +01:00
Samuel Ortiz
2593c2c6ec NFC: llcp: Remove the tx backlog queue
Not only it was improperly use to queue backlogged RX skbuffs, but it was
also not processed at all.
If the socket receive queue is full we simply drop the incoming packets.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:44:31 +01:00
Thierry Escande
2c2d45bdcb NFC: Add support for SO_TIMESTAMP LLCP socket option
Set timestamp in sent and received sk_buffs. timestamp is then put in
msghdr structure in llcp_sock_recvmsg().

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2013-01-10 00:44:24 +01:00
Dave Jones
026e43def7 nfc: remove noisy message from llcp_sock_sendmsg
This is easily triggerable when fuzz-testing as an unprivileged user.
We could rate-limit it, but given we don't print similar messages
for other protocols, I just removed it.

Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-12-13 12:58:10 -05:00
John W. Linville
55cb0797fa This is an NFC LLCP fix for 3.7 and contains only one patch.
It fixes a potential crash when receiving an LLCP HDLC frame acking a frame
 that is not the last sent one. In that case we may dereference an already
 freed pointer.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJQt0kOAAoJEIqAPN1PVmxKpxoQAJwbaylVz/miDjJLPekDhQ+z
 YkDmtBWJD9oy5GS/EUZPRIIEj+Ftaao0lAJDP4couYiZPQbrRBY1llBOxcIzkCqR
 fsAaD8jnPRGHwWtdqws8txFePh4Hn5WXHmJbcsOyVGt4gmy/xT06gme4p3VdIQIP
 XIkbss5mz29OdQwOLHzH4zva7JtZm9XOEWYWAbbFsrgNxXLBt7GhfF92TT29K4Wt
 UxFalwMYrpowY+BCBWzS1H31wVvNaDcsBRSO0hqvUZb7DgWM2b25B4Xnx3LiyLHR
 9A17LWYso6mRhQPSqqhT5wWlKNT1G5VKZ8/X0i69ZLXi040NzpvMbvq41RhM9SwN
 bmWZNUWGrGkQJY6VPAdXeraoSmSNwOD4KnLXNV8rWmmg+NSzf8ZPWNCcxNEdIMnK
 oBe7vvk3j5z6QGNPeMB5C3hfpyRwyvRTqC9O5/dO7DOYD0lb0O6tuj1/MzhsOR2L
 pzBUjkvfJBA0FXdeDD7gFwR062uJZL4hinRpFPj4qTtFWPYypirWdnRpCSZbvbeW
 ZB3k7+8oNOGhn1TYPUmWsN1GNk2EJ4ZSpAf7BUI5Vb1KmcSpUQA6BN6yPlS/WQ4U
 eowwW+sUYPu5LixMCO/LtuUllJ/RCTzdQJH6j/hZlEqmfYs00emKNa08tk15XjGF
 zn2jXJjTykbYiVRirBR5
 =tpAI
 -----END PGP SIGNATURE-----

Merge tag 'nfc-fixes-3.7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-3.0

This is an NFC LLCP fix for 3.7 and contains only one patch.

It fixes a potential crash when receiving an LLCP HDLC frame acking a frame
that is not the last sent one. In that case we may dereference an already
freed pointer.
2012-12-06 14:55:57 -05:00
Waldemar Rymarkiewicz
289814918c NFC: Fix incorrect llcp pointer dereference
nfc_llcp_ns(s) dereferences the s pointer which is freed a line
above. In a result, it can produce a crash or you will read
incorrect value.

Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-28 18:42:04 +01:00
John W. Linville
b311749477 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
	drivers/net/wireless/iwlwifi/pcie/tx.c
2012-11-21 12:57:56 -05:00
Thierry Escande
16a78e9fed NFC: Fix nfc_llcp_local chained list insertion
list_add was called with swapped parameters

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-20 00:09:25 +01:00
Samuel Ortiz
be02b6b624 NFC: Queue a copy of the transmitted LLCP skb
Drivers are allowed to modify the sent skb and thus we need to make a copy
of it before passing it to the driver. Without this fix, LLCP Tx skbs were
not queued properly as the ptype check was failing due to e.g. the pn533
driver skb_pushing the Tx skb.

Reported-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:57:01 +01:00
Samuel Ortiz
dd2bf43ffc NFC: Stop sending LLCP frames when tx queues are getting too deep
When the tx pending queues and/or the socket tx queue is getting too deep,
we have to let userspace know. We won't be queueing any more frames until
the congestion is fixed.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:57:00 +01:00
Samuel Ortiz
6e950fd214 NFC: Copy user space buffer when sending UI frames
Using the userspace IO vector directly is wrong, we should copy it from
user space first.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:57:00 +01:00
Eric Lapuyade
9c5121a034 NFC: Export nfc_hci_sak_to_protocol()
Some HCI drivers will need it.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:56:59 +01:00
Eric Lapuyade
84d4819033 NFC: Export nfc_hci_result_to_errno as it can be needed by HCI drivers
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:56:59 +01:00
Eric Lapuyade
74a5b96621 NFC: Dot not dispatch HCI event received on unopened pipe
A chip with pre-opened gates may send events on a gate that nobody
has opened in the handset host. Discard those events.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:56:58 +01:00
Eric Lapuyade
23f7e6d0d0 NFC: Ignore err when chip doesn't implement HW/SW info registers
NFC_HCI_ID_MGMT_VERSION_SW and NFC_HCI_ID_MGMT_VERSION_HW are optional
registers for gate NFC_HCI_ID_MGMT_GATE in standard HCI. When chip
doesn't implement, just leave all the information as zeros.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:56:58 +01:00
Eric Lapuyade
07887e9220 NFC: Fix hci_connect_gate() when a pre-opened pipe is passed
In some cases, pre-opened pipes don't stay open when a clear all pipes
command is sent. They stay created however. Therefore, one can never
assume that such a pipe is already open. As re-opening a pipe seems not
to be a problem, we do that now.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-11-19 23:56:58 +01:00
Thierry Escande
52feb444a9 NFC: Extend netlink interface for LTO, RW, and MIUX parameters support
NFC_CMD_LLC_GET_PARAMS: request LTO, RW, and MIUX parameters for a device

NFC_CMD_LLC_SET_PARAMS: set one or more of LTO, RW, and MIUX parameters for
a device. LTO must be set before the link is up otherwise -EINPROGRESS is
returned. RW and MIUX can be set at anytime and will be passed in subsequent
CONNECT and CC messages. If one of the passed parameters is wrong none is
set and -EINVAL is returned.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-29 00:25:11 +01:00
Samuel Ortiz
f31652a58b NFC: Purge LLCP socket Tx queues when being disconnected
The Tx queues are no longer valid when we receive a disconnection or when
the LLCP link goes down. In the later case we also purge the entire local
Tx queue.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:53 +02:00
Kees Cook
f152218840 NFC: Remove CONFIG_EXPERIMENTAL from the NCI Makefile
This config item has not carried much meaning for a while now and is
almost always enabled by default. As agreed during the Linux kernel
summit, remove it.

Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:53 +02:00
Kees Cook
54720c301a NFC: Remove CONFIG_EXPERIMENTAL from the LLCP Makefile
This config item has not carried much meaning for a while now and is
almost always enabled by default. As agreed during the Linux kernel
summit, remove it.

Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:52 +02:00
Kees Cook
deccb2a207 NFC: Remove CONFIG_EXPERIMENTAL
This config item has not carried much meaning for a while now and is
almost always enabled by default. As agreed during the Linux kernel
summit, remove it.

Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:52 +02:00
Szymon Janc
0f45077222 NFC: Fix some code style and whitespace issues
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:52 +02:00
Samuel Ortiz
7eda8b8e96 NFC: Use IDR library to assing NFC devices IDs
As a consequence the NFC device IDs won't be increasing all the time,
as IDR provides the first available ID.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:51 +02:00
Samuel Ortiz
a8df0f3792 NFC: Return NULL when no LLCP socket for a dsap,ssap couple is found
The previous code was always returning the last socket from the
LLCP socket list.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:51 +02:00
Samuel Ortiz
b874dec21d NFC: Implement LLCP connection less Tx path
It simply involves getting the client dsap and ssap and calling the UI
frame building and sending routine.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:51 +02:00
Samuel Ortiz
94f418a206 NFC: UI frame sending routine implementation
UI frames still need to follow the MIU rule, and they need to use the
client passed dsap as the listening socket dsap is stuck on SDP.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:50 +02:00
Samuel Ortiz
31ca61a8df NFC: Forward LLCP datagrams to userspace
With connection less PDUs we have to send the SSAP and DSAP as well.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:50 +02:00
Samuel Ortiz
968272bf00 NFC: Handle LLCP UI frames
UI (Unnumbered Information) frames are used for sending data over
connection less links.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:50 +02:00
Samuel Ortiz
c8512be63b NFC: Keep connection less bound sockets alive when DEP link goes down
When DEP goes down, bound cl sockets can be kept alive as there is no
reason to kill a connection less server socket because the LLCP link
went down.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:50 +02:00
Samuel Ortiz
54292d64e1 NFC: Check for connection less sockets when looking for a service name
Connection less server sockets will be in BOUND state, not LISTEN.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:49 +02:00
Samuel Ortiz
e6904081dd NFC: Reserve LLCP ssap when replying to an SNL frame
Replying to an SNL (Service Name Lookup) means that the other end of
the link can now rely on our answer (Which is an ssap) and thus we have
to reserve it.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:49 +02:00
Arron Wang
984d334f28 NFC: Fix sparse warnings due to missing static
Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:49 +02:00
Szymon Janc
874934f4d4 NFC: Fix style issues with logical operations
Logical continuations should be on the previous line.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:49 +02:00
Szymon Janc
0250ffc578 NFC: Fix not propagating return code in nfc_hci_clear_all_pipes
Return code from nfc_hci_execute_cmd was not propagated to caller.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:49 +02:00
Szymon Janc
80e4232ecb NFC: Small nfc_hci_create_pipe refactoring
Check for error and return if any. This makes it easier to see what is
a 'positive' function flow.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:48 +02:00
Szymon Janc
36b05114d1 NFC: Remove unneeded LLCP function return calls
There is no need for return statement at the end of function returning
void.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:48 +02:00
Szymon Janc
f9fc36f46f NFC: Remove not needed local variable in nci_set_local_general_bytes
No need for local rc variable as result of nci_request can be returned
directly.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:48 +02:00
Szymon Janc
460d8f970e NFC: Use NFC_MAX_GT_LEN to check len in nci_set_local_general_bytes
local_gb is of size NFC_MAX_GT_LEN and len is used as index for it.
Check len against this instead of NCI_MAX_PARAM_LEN before accessing
local_gb.

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:48 +02:00
Thierry Escande
7ad39395ab NFC: Add NFC_ATTR_RF_MODE when sending device netlink properties
This is useful when getting devices to know if they're in target or
initiator mode.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:48 +02:00
Thierry Escande
5bcf099c17 NFC: Set rf_mode to NFC_RF_NONE where necessary
rf_mode is now set to NFC_RF_NONE when a device gets allocated,
when the link goes down, and when stop polling.

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:47 +02:00
Samuel Ortiz
19cfe5843e NFC: Initial SNL support
SNL (Service Name Lookup) allows for LLCP peers to map service names with
SAPs. This is mandatory for connection less support as peers need to get
the right SAPs without sending the CONNECT frame.
Here we only support the Rx part of SNL. The Tx one will be implemented
when supporting connection less LLCP sockets.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:47 +02:00
Samuel Ortiz
c43bb03d5a NFC: Add SNL frame building routine
SNL (Service Name Lookup) frames are used to respond to SNL requests.
This is needed for SDP implementation.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:47 +02:00
Samuel Ortiz
922239064b NFC: Use llcp_allocate_pdu to build the DISC frames
We no longer need to be atomic as this is only called from
llcp_sock_release().

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:47 +02:00
Samuel Ortiz
a6a0915f8c NFC: Avoid falling back to SYMM when sk is NULL
In some cases (SNL, DISC, DM) we need to send an LLCP skbs without
having a sock owning it. I frames are an exception here since
they may be requeued to the llcp_sock queue.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:46 +02:00
Eric Lapuyade
632c016ab8 NFC: HCI check presence must not fail when driver doesn't support it
When the driver does not support checking the tag is still present, it
must return -EOPNOTSUPP. The NFC Core will then stop asking and not
report a tag lost event to user space.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:46 +02:00
Arron Wang
e81076235b NFC: Implement HCI DEP send and receive data
And implement the corresponding hooks for pn544.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:46 +02:00
Arron Wang
c40d17401f NFC: Implement HCI DEP link up and down
And implement the corresponding hooks for pn544.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:45 +02:00
Arron Wang
928326f223 NFC: Handle pn544 continue activation
We need to send continue activation command to allow NFCIP-1
activation when a NFC target has been discovered in type A or
type F reader gate.

Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:45 +02:00
Arron Wang
f7a5f6c532 NFC: Pass hardware specific HCI event to driver
Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-10-26 18:26:45 +02:00
Dave Jones
32418cfe49 Remove noisy printks from llcp_sock_connect
Validation of userspace input shouldn't trigger dmesg spamming.

Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-04 15:58:47 -04:00
Linus Torvalds
916082b073 workqueue: avoid using deprecated functions
The network merge brought in a few users of functions that got
deprecated by the workqueue cleanups: the 'system_nrt_wq' is now the
same as the regular system_wq, since all workqueues are now non-
reentrant.

Similarly, remove one use of flush_work_sync() - the regular
flush_work() has become synchronous, and the "_sync()" version is thus
deprecated as being superfluous.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-10-02 16:01:31 -07:00
John W. Linville
c487606f83 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
Conflicts:
	net/nfc/netlink.c

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-09-28 11:11:16 -04:00
Szymon Janc
50b78b2a65 NFC: Fix sleeping in atomic when releasing socket
nfc_llcp_socket_release is calling lock_sock/release_sock while holding
write lock for rwlock. Use bh_lock/unlock_sock instead.

BUG: sleeping function called from invalid context at net/core/sock.c:2138
in_atomic(): 1, irqs_disabled(): 0, pid: 56, name: kworker/1:1
4 locks held by kworker/1:1/56:
Pid: 56, comm: kworker/1:1 Not tainted 3.5.0-999-nfc+ #7
Call Trace:
[<ffffffff810952c5>] __might_sleep+0x145/0x200
[<ffffffff815d7686>] lock_sock_nested+0x36/0xa0
[<ffffffff81731569>] ? _raw_write_lock+0x49/0x50
[<ffffffffa04aa100>] ? nfc_llcp_socket_release+0x30/0x200 [nfc]
[<ffffffffa04aa122>] nfc_llcp_socket_release+0x52/0x200 [nfc]
[<ffffffffa04ab9f0>] nfc_llcp_mac_is_down+0x20/0x30 [nfc]
[<ffffffffa04a6fea>] nfc_dep_link_down+0xaa/0xf0 [nfc]
[<ffffffffa04a9bb5>] nfc_llcp_timeout_work+0x15/0x20 [nfc]
[<ffffffff810825f7>] process_one_work+0x197/0x7c0
[<ffffffff81082596>] ? process_one_work+0x136/0x7c0
[<ffffffff8172fbc9>] ? __schedule+0x419/0x9c0
[<ffffffffa04a9ba0>] ? nfc_llcp_build_gb+0x1b0/0x1b0 [nfc]
[<ffffffff81083090>] worker_thread+0x190/0x4c0
[<ffffffff81082f00>] ? rescuer_thread+0x2a0/0x2a0
[<ffffffff81088d1e>] kthread+0xae/0xc0
[<ffffffff810caafd>] ? trace_hardirqs_on+0xd/0x10
[<ffffffff8173acc4>] kernel_thread_helper+0x4/0x10
[<ffffffff81732174>] ? retint_restore_args+0x13/0x13
[<ffffffff81088c70>] ? flush_kthread_worker+0x150/0x150
[<ffffffff8173acc0>] ? gs_change+0x13/0x13

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-27 10:52:22 +02:00
Szymon Janc
3c0cc8aa23 NFC: Fix sleeping in invalid context when netlink socket is closed
netlink_register_notifier requires notify functions to not sleep.
nfc_stop_poll locks device mutex and must not be called from notifier.
Create workqueue that will handle this for all devices.

BUG: sleeping function called from invalid context at kernel/mutex.c:269
in_atomic(): 0, irqs_disabled(): 0, pid: 4497, name: neard
1 lock held by neard/4497:
Pid: 4497, comm: neard Not tainted 3.5.0-999-nfc+ #5
Call Trace:
[<ffffffff810952c5>] __might_sleep+0x145/0x200
[<ffffffff81743dde>] mutex_lock_nested+0x2e/0x50
[<ffffffff816ffd19>] nfc_stop_poll+0x39/0xb0
[<ffffffff81700a17>] nfc_genl_rcv_nl_event+0x77/0xc0
[<ffffffff8174aa8c>] notifier_call_chain+0x5c/0x120
[<ffffffff8174abd6>] __atomic_notifier_call_chain+0x86/0x140
[<ffffffff8174ab50>] ? notifier_call_chain+0x120/0x120
[<ffffffff815e1347>] ? skb_dequeue+0x67/0x90
[<ffffffff8174aca6>] atomic_notifier_call_chain+0x16/0x20
[<ffffffff8162119a>] netlink_release+0x24a/0x280
[<ffffffff815d7aa8>] sock_release+0x28/0xa0
[<ffffffff815d7be7>] sock_close+0x17/0x30
[<ffffffff811b2a7c>] __fput+0xcc/0x250
[<ffffffff811b2c0e>] ____fput+0xe/0x10
[<ffffffff81085009>] task_work_run+0x69/0x90
[<ffffffff8101b951>] do_notify_resume+0x81/0xd0
[<ffffffff8174ef22>] int_signal+0x12/0x17

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-27 10:52:17 +02:00
John W. Linville
7d777c3d95 NFC: Add dummy nfc_llc_shdlc_register definition
This is used when CONFIG_NFC_SHDLC is disabled.

Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-27 10:48:08 +02:00
Thierry Escande
4463523bef NFC: LLCP raw socket support
This adds support for socket of type SOCK_RAW to LLCP.
sk_buff are copied and sent to raw sockets with a 2 bytes extra header:
The first byte header contains the nfc adapter index.
The second one contains flags:
- 0x01 - Direction (0=RX, 1=TX)
- 0x02-0x80 - Reserved
A raw socket has to be explicitly bound to a nfc adapter. This is achieved
by specifying the adapter index to be bound to in the dev_idx field of the
sockaddr_nfc_llcp struct passed to bind().

Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-27 10:47:59 +02:00
Szymon Janc
fe235b58d5 NFC: Use dynamic initialization for rwlocks
If rwlock is dynamically allocated but statically initialized it is
missing proper lockdep annotation.

INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
Pid: 3352, comm: neard Not tainted 3.5.0-999-nfc+ #2
Call Trace:
[<ffffffff810c8526>] __lock_acquire+0x8f6/0x1bf0
[<ffffffff81739045>] ? printk+0x4d/0x4f
[<ffffffff810c9eed>] lock_acquire+0x9d/0x220
[<ffffffff81702bfe>] ? nfc_llcp_sock_from_sn+0x4e/0x160
[<ffffffff81746724>] _raw_read_lock+0x44/0x60
[<ffffffff81702bfe>] ? nfc_llcp_sock_from_sn+0x4e/0x160
[<ffffffff81702bfe>] nfc_llcp_sock_from_sn+0x4e/0x160
[<ffffffff817034a7>] nfc_llcp_get_sdp_ssap+0xa7/0x1b0
[<ffffffff81706353>] llcp_sock_bind+0x173/0x210
[<ffffffff815d9c94>] sys_bind+0xe4/0x100
[<ffffffff8139209e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff8174ea69>] system_call_fastpath+0x16/0x1b

Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-27 10:47:03 +02:00
Waldemar Rymarkiewicz
4c0ba9ac4b NFC: Fix typo negociating -> negotiating
Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:28 +02:00
Waldemar Rymarkiewicz
12bfd1e890 NFC: Don't handle consequent RSET frames after UA
During processing incoming RSET frame chip, possibly due to
its internal timout, can retrnasmit an another RSET which
is next queued for processing in shdlc layer.

In case when we accept processed RSET skip those remaining on
the rcv queue until chip will send it's first S or I frame.
This will mean the chip completed connection as well.

Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:27 +02:00
Waldemar Rymarkiewicz
9010e39f50 NFC: Handle RSET in SHDLC_CONNECTING state
As queue_work() does not guarantee immediate execution of sm_work it
can happen in crossover RSET usecase that connect timer will constantly
change the shdlc state from NEGOTIATING to CONNECTING before shdlc has
chance to handle incoming frame.

Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Acked-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:27 +02:00
Eric Lapuyade
80faa59847 NFC: Add HCI module description
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:27 +02:00
Eric Lapuyade
a7d0281bbf NFC: Fix LLC registration definitions for ANSI compliance
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:26 +02:00
Samuel Ortiz
f4f20d0650 NFC: Remove unneeded LLC symbols export
After fixing the LLC Makefile, we no longer need those exports.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:26 +02:00
Eric Lapuyade
412fda538f NFC: Changed HCI and PN544 HCI driver to use the new HCI LLC Core
The previous shdlc HCI driver and its header are removed from the tree.
PN544 now registers directly with HCI and passes the name of the llc it
requires (shdlc).
HCI instantiation now allocates the required llc instance. The llc is
started when the HCI device is brought up.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:26 +02:00
Eric Lapuyade
4a61cd6687 NFC: Add an shdlc llc module to llc core
This is used by HCI drivers such as the one for the pn544 which require
communications between HCI and the chip to use shdlc.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Eric Lapuyade
8af00d48dc NFC: Add a nop (passthrough) llc module to llc core
This is a passthrough llc. It can be used by HCI drivers that don't
need link layer control. HCI will then write directly to the driver, and
driver will deliver incoming frames directly to HCI without any
processing.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Eric Lapuyade
67cccfe17d NFC: Add an LLC Core layer to HCI
The LLC layer manages modules that control the link layer protocol (such
as shdlc) between HCI and an HCI driver. The driver must simply specify
the required llc when it registers with HCI.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Eric Lapuyade
f3e8fb5527 NFC: Modified hci_transceive to become an asynchronous operation
This enables the completion callback to be called from a different
context, preventing a possible deadlock if the callback resulted in the
invocation of a nested call to the currently locked nfc_dev.
This is also more in line with the im_transceive nfc_ops for NFC Core or
NCI drivers which already behave asynchronously.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Eric Lapuyade
e4c4789e55 NFC: Add a public nfc_hci_send_cmd_async method
This method initiates execution of an HCI cmd. Result will be delivered
through an asynchronous callback.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Eric Lapuyade
b5faa648fa NFC: Changed the HCI cmd execution callback prototype
Make it match the data_exchange_cb_t so that it can be used directly in
the implementation of an asynchronous hci_transceive

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:25 +02:00
Waldemar Rymarkiewicz
c1be211727 NFC: Correct outgoing frame before requeueing
Driver must handle its data added to the frame, so at this point
removeing control field of shdlc frame is enough.

Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Acked-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:24 +02:00
Waldemar Rymarkiewicz
ade672082d NFC: Remove crc generation from shdlc layer
Checksum is specific for a chip spcification and it varies
(in size and type) between different hardware. It should be
handled in the driver then.

Moreover, shdlc spec doesn't mention crc as a part of the frame.

Update pn544_hci driver as well.

Signed-off-by: Waldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Acked-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:24 +02:00
Wei Yongjun
52da2449e1 NFC: Fix possible LLCP memory leak
nfc_llcp_build_tlv() malloced the memory and should be free in
nfc_llcp_build_gb() after used, and the same in the error handling
case, otherwise it will cause memory leak.

spatch with a semantic match is used to found this problem.
(http://coccinelle.lip6.fr/)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:24 +02:00
Wei Yongjun
33e5971358 NFC: Remove pointless conditional before HCI kfree_skb()
Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:24 +02:00
Tejun Heo
474fee3db1 NFC: Use system_nrt_wq instead of custom ones
NFC is using a number of custom ordered workqueues w/ WQ_MEM_RECLAIM.
WQ_MEM_RECLAIM is unnecessary unless NFC is gonna be used as transport
for storage device, and all use cases match one work item to one
ordered workqueue - IOW, there's no actual ordering going on at all
and using system_nrt_wq gives the same behavior.

There's nothing to be gained by using custom workqueues.  Use
system_nrt_wq instead and drop all the custom ones.

Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:23 +02:00
Syam Sidhardhan
5db327f96d NFC: Remove repeated code for NULL check
This patch remove the repeated code for checking llcp_sock &
llcp_sock->dev against NULL.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:23 +02:00
Ilan Elias
767f19ae69 NFC: Implement NCI dep_link_up and dep_link_down
During NFC-DEP target activation, store the remote
general bytes to be used later in dep_link_up.
When dep_link_up is called, activate the NFC-DEP target,
and forward the remote general bytes.
When dep_link_down is called, deactivate the target.

Signed-off-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:23 +02:00
Ilan Elias
ac20683840 NFC: Parse NCI NFC-DEP activation params
Signed-off-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:23 +02:00
Ilan Elias
7e0352306f NFC: Set local general bytes in nci_start_poll
If initiator protocol is NFC-DEP, set the local general bytes
in nci_start_poll.

Signed-off-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-09-25 00:17:23 +02:00
Eric W. Biederman
15e473046c netlink: Rename pid to portid to avoid confusion
It is a frequent mistake to confuse the netlink port identifier with a
process identifier.  Try to reduce this confusion by renaming fields
that hold port identifiers portid instead of pid.

I have carefully avoided changing the structures exported to
userspace to avoid changing the userspace API.

I have successfully built an allyesconfig kernel with this change.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-10 15:30:41 -04:00
John W. Linville
90b90f60c4 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-07-20 12:30:48 -04:00
John W. Linville
d369f7b2b2 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2012-07-17 15:31:33 -04:00
Dave Jones
8a70e7f8f3 NFC: NCI module license 'unspecified' taints kernel
Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-07-12 14:48:41 -04:00
Eric Lapuyade
81b3039557 NFC: Set target nfcid1 for all HCI reader A targets
Without the discovered target nfcid1 and its length set properly, type 2
tags detection fails with the pn544 as it checks for them from
pn544_hci_complete_target_discovered().

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Reported-by: Mathias Jeppsson <mathias.jeppsson@sonymobile.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-07-12 14:48:41 -04:00
John W. Linville
38a0084063 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-07-12 13:44:50 -04:00
David S. Miller
04c9f416e3 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	net/batman-adv/bridge_loop_avoidance.c
	net/batman-adv/bridge_loop_avoidance.h
	net/batman-adv/soft-interface.c
	net/mac80211/mlme.c

With merge help from Antonio Quartulli (batman-adv) and
Stephen Rothwell (drivers/net/usb/qmi_wwan.c).

The net/mac80211/mlme.c conflict seemed easy enough, accounting for a
conversion to some new tracing macros.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-07-10 23:56:33 -07:00
Mathias Jeppsson
f8bf65bf36 NFC: Fix order of arguments to list_add_tail() when queueing HCP frames
The HCP message should be added to transmit queue, not the other way around.

Signed-off-by: Mathias Jeppsson <mathias.jeppsson@sonymobile.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-07-10 11:42:51 -04:00
Mathias Jeppsson
1913e57cf9 NFC: Fix empty HCI message list check
list_first_entry() will never return NULL. Instead use
list_for_each_entry_safe() to iterate through the list.

Signed-off-by: Mathias Jeppsson <mathias.jeppsson@sonymobile.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-07-10 11:42:50 -04:00
Samuel Ortiz
fe3c094abc NFC: Check for llcp_sock and its device from llcp_sock_getname
They both can potentially be NULL.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:25 -04:00
Samuel Ortiz
01d719a228 NFC: Add ISO 14443 type B protocol
Some devices (e.g. Sony's PaSoRi) can not do type B polling, so we have
to make a distinction between ISO14443 type A and B poll modes.

Cc: Eric Lapuyade <eric.lapuyade@intel.com>
Cc: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:24 -04:00
Samuel Ortiz
c66433dc5d NFC: Dereference LLCP bind socket address after checking for it to be NULL
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:22 -04:00
Samuel Ortiz
a831b91320 NFC: Do not return EBUSY when stopping a poll that's already stopped
We check for the polling flag before checking if the netlink PID caller
match.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:21 -04:00
Samuel Ortiz
1550bf2d59 NFC: Remove warning from nfc_llcp_local_put
The socket local pointer can be NULL when a socket is created but never
bound or connected.

Reported-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:20 -04:00
Samuel Ortiz
5c0560b7a5 NFC: Handle LLCP Disconnected Mode frames
When receiving such frame, the sockets waiting for a connection to finish
should be woken up. Connecting to an unbound LLCP service will trigger a
DM as a response.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:20 -04:00
Samuel Ortiz
8f50020ed9 NFC: LLCP late binding
With the LLCP 16 local SAPs we can potentially quickly run out of source
SAPs for non well known services.
With the so called late binding we will reserve an SAP only when we actually
get a client connection for a local service. The SAP will be released once
the last client is gone, leaving it available to other services.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:19 -04:00
Samuel Ortiz
ebbb16d9eb NFC: Forbid SSAP binding to a not well known LLCP service
With not Well Known Services there is no guarantees as to which
SSAP the server will be listening on, so there is no reason to
support binding to a specific source SAP.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:18 -04:00