Commit Graph

193 Commits

Author SHA1 Message Date
Samuel Ortiz
4d22ea1532 NFC: Close listening LLCP sockets when the device is gone
When the MAC link goes down, we should only keep the bound sockets
alive. They will be closed by sock_release or when the underlying
NFC device is moving away.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:16 -04:00
Samuel Ortiz
b8e7a06d9c NFC: Build LLCP general bytes upon request
Drivers will need them before starting a poll or when being activated
as targets. Mostly WKS can have changed between device registration and
then so we need to re-build the whole array.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:16 -04:00
Samuel Ortiz
12e5bdfefa NFC: Fix LLCP getname socket op
Set the right target index and use a better socket declaration routine.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:15 -04:00
Samuel Ortiz
025f152046 NFC: Update LLCP socket target index when getting a connection
Getting a valid CONNECT means we have a valid target index.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:14 -04:00
Samuel Ortiz
5df16cad44 NFC: Add netlink module alias for NFC
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:14 -04:00
Samuel Ortiz
1155bb617a NFC: Add modules alias for NFC sockets
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:13 -04:00
Eric Lapuyade
a10d595b10 NFC: Allow HCI driver to pre-open pipes to some gates
Some NFC chips will statically create and open pipes for both standard
and proprietary gates. The driver can now pass this information to HCI
such that HCI will not attempt to create and open them, but will instead
directly use the passed pipe ids.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:12 -04:00
Eric Lapuyade
9eb334ac17 NFC: nfc_driver_failure() implementation
If the device is polling we sent a 0 target found event.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:11 -04:00
Eric Lapuyade
d94f9c55ff NFC: nfc_targets_found() should accept zero target found
The semantics for a zero target found event is that the polling operation
could not complete.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:10 -04:00
Eric Lapuyade
8668fdd6ef NFC: Core must test the device polling state inside the device lock
There can ever be only one call to nfc_targets_found() after polling
has been engaged. This could be from a target discovered event from
the driver, or from an error handler to notify poll will never complete.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:09 -04:00
Eric Lapuyade
a070c8591a NFC: Implement HCI driver or internal error management
If there is an ongoing HCI command executing, it will be completed,
thereby pushing the error up to the core. Otherwise, HCI will directly
notify the core with the error.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:09 -04:00
Eric Lapuyade
ccca0d6e88 NFC: Factorize HCI cmd completion
HCI cmd can be completed either from an HCI response or from an
internal driver or HCI error. This requires to factorize the
completion code outside of the device lock.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:08 -04:00
Eric Lapuyade
456411ca81 NFC: Driver failure API
This API should be used by drivers, HCI, SHDLC or NCI stacks to report an
unrecoverable error.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:08 -04:00
Eric Lapuyade
6c1c5b9e1d NFC: Changed HCI cmd execution completion result to std linux errno
An HCI command can complete either from an HCI response
(with an HCI result) or as a consequence of any other system
error during processing. The completion therefore needs to take
a standard errno code. The HCI response will convert its result
to a standard errno before calling the completion.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:07 -04:00
Eric Lapuyade
72b06f75fe NFC: Implement HCP reaggregation allocation error case
We can now report an ENOMEM error up to the HCI layer.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:06 -04:00
Eric Lapuyade
1c215d79a1 NFC: Remove an impossible HCI error case
nfc_hci_recv_frame can not be called with a NULL skb.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:06 -04:00
Eric Lapuyade
5018e490c3 NFC: Handle SHDLC RSET frames from an SHDLC connected chip
shdlc reset may leave HCI in an inconsistent state by loosing parts of
HCI frames. Handle this case by reporting an unrecoverable error to HCI.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:05 -04:00
Eric Lapuyade
d3b4044531 NFC: Removed addressed shdlc TODOs
The questions asked in the comments have been answered and addressed.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:05 -04:00
Eric Lapuyade
a9a741a7e2 NFC: Prepare asynchronous error management for driver and shdlc
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-07-09 16:42:04 -04:00
John W. Linville
635d999fd3 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	net/mac80211/mlme.c
2012-07-09 16:34:34 -04:00
Sasha Levin
147f20e316 NFC: Prevent NULL deref when getting socket name
llcp_sock_getname can be called without a device attached to the nfc_llcp_sock.

This would lead to the following BUG:

[  362.341807] BUG: unable to handle kernel NULL pointer dereference at           (null)
[  362.341815] IP: [<ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[  362.341818] PGD 31b35067 PUD 30631067 PMD 0
[  362.341821] Oops: 0000 [#627] PREEMPT SMP DEBUG_PAGEALLOC
[  362.341826] CPU 3
[  362.341827] Pid: 7816, comm: trinity-child55 Tainted: G      D W    3.5.0-rc4-next-20120628-sasha-00005-g9f23eb7 #479
[  362.341831] RIP: 0010:[<ffffffff836258e5>]  [<ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[  362.341832] RSP: 0018:ffff8800304fde88  EFLAGS: 00010286
[  362.341834] RAX: 0000000000000000 RBX: ffff880033cb8000 RCX: 0000000000000001
[  362.341835] RDX: ffff8800304fdec4 RSI: ffff8800304fdec8 RDI: ffff8800304fdeda
[  362.341836] RBP: ffff8800304fdea8 R08: 7ebcebcb772b7ffb R09: 5fbfcb9c35bdfd53
[  362.341838] R10: 4220020c54326244 R11: 0000000000000246 R12: ffff8800304fdec8
[  362.341839] R13: ffff8800304fdec4 R14: ffff8800304fdec8 R15: 0000000000000044
[  362.341841] FS:  00007effa376e700(0000) GS:ffff880035a00000(0000) knlGS:0000000000000000
[  362.341843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  362.341844] CR2: 0000000000000000 CR3: 0000000030438000 CR4: 00000000000406e0
[  362.341851] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  362.341856] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  362.341858] Process trinity-child55 (pid: 7816, threadinfo ffff8800304fc000, task ffff880031270000)
[  362.341858] Stack:
[  362.341862]  ffff8800304fdea8 ffff880035156780 0000000000000000 0000000000001000
[  362.341865]  ffff8800304fdf78 ffffffff83183b40 00000000304fdec8 0000006000000000
[  362.341868]  ffff8800304f0027 ffffffff83729649 ffff8800304fdee8 ffff8800304fdf48
[  362.341869] Call Trace:
[  362.341874]  [<ffffffff83183b40>] sys_getpeername+0xa0/0x110
[  362.341877]  [<ffffffff83729649>] ? _raw_spin_unlock_irq+0x59/0x80
[  362.341882]  [<ffffffff810f342b>] ? do_setitimer+0x23b/0x290
[  362.341886]  [<ffffffff81985ede>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[  362.341889]  [<ffffffff8372a539>] system_call_fastpath+0x16/0x1b
[  362.341921] Code: 84 00 00 00 00 00 b8 b3 ff ff ff 48 85 db 74 54 66 41 c7 04 24 27 00 49 8d 7c 24 12 41 c7 45 00 60 00 00 00 48 8b 83 28 05 00 00 <8b> 00 41 89 44 24 04 0f b6 83 41 05 00 00 41 88 44 24 10 0f b6
[  362.341924] RIP  [<ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[  362.341925]  RSP <ffff8800304fde88>
[  362.341926] CR2: 0000000000000000
[  362.341928] ---[ end trace 6d450e935ee18bf3 ]---

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-07-09 15:01:00 -04:00
Thomas Graf
58050fce35 net: Use NLMSG_DEFAULT_SIZE in combination with nlmsg_new()
Using NLMSG_GOODSIZE results in multiple pages being used as
nlmsg_new() will automatically add the size of the netlink
header to the payload thus exceeding the page limit.

NLMSG_DEFAULT_SIZE takes this into account.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Cc: Jiri Pirko <jpirko@redhat.com>
Cc: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Cc: Sergey Lapin <slapin@ossfans.org>
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Reviewed-by: Jiri Pirko <jpirko@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-28 17:56:43 -07:00
David S. Miller
b26d344c6b Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	drivers/net/caif/caif_hsi.c
	drivers/net/usb/qmi_wwan.c

The qmi_wwan merge was trivial.

The caif_hsi.c, on the other hand, was not.  It's a conflict between
1c385f1fdf ("caif-hsi: Replace platform
device with ops structure.") in the net-next tree and commit
39abbaef19 ("caif-hsi: Postpone init of
HIS until open()") in the net tree.

I did my best with that one and will ask Sjur to check it out.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-28 17:37:00 -07:00
Eric Dumazet
03e934f620 NFC: Return from rawsock_release when sk is NULL
Sasha Levin reported following panic :

[ 2136.383310] BUG: unable to handle kernel NULL pointer dereference at
00000000000003b0
[ 2136.384022] IP: [<ffffffff8114e400>] __lock_acquire+0xc0/0x4b0
[ 2136.384022] PGD 131c4067 PUD 11c0c067 PMD 0
[ 2136.388106] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 2136.388106] CPU 1
[ 2136.388106] Pid: 24855, comm: trinity-child1 Tainted: G        W
3.5.0-rc2-sasha-00015-g7b268f7 #374
[ 2136.388106] RIP: 0010:[<ffffffff8114e400>]  [<ffffffff8114e400>]
__lock_acquire+0xc0/0x4b0
[ 2136.388106] RSP: 0018:ffff8800130b3ca8  EFLAGS: 00010046
[ 2136.388106] RAX: 0000000000000086 RBX: ffff88001186b000 RCX:
0000000000000000
[ 2136.388106] RDX: 0000000000000000 RSI: 0000000000000000 RDI:
0000000000000000
[ 2136.388106] RBP: ffff8800130b3d08 R08: 0000000000000001 R09:
0000000000000000
[ 2136.388106] R10: 0000000000000000 R11: 0000000000000001 R12:
0000000000000002
[ 2136.388106] R13: 00000000000003b0 R14: 0000000000000000 R15:
0000000000000000
[ 2136.388106] FS:  00007fa5b1bd4700(0000) GS:ffff88001b800000(0000)
knlGS:0000000000000000
[ 2136.388106] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2136.388106] CR2: 00000000000003b0 CR3: 0000000011d1f000 CR4:
00000000000406e0
[ 2136.388106] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 2136.388106] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000400
[ 2136.388106] Process trinity-child1 (pid: 24855, threadinfo
ffff8800130b2000, task ffff88001186b000)
[ 2136.388106] Stack:
[ 2136.388106]  ffff8800130b3cd8 ffffffff81121785 ffffffff81236774
000080d000000001
[ 2136.388106]  ffff88001b9d6c00 00000000001d6c00 ffffffff130b3d08
ffff88001186b000
[ 2136.388106]  0000000000000000 0000000000000002 0000000000000000
0000000000000000
[ 2136.388106] Call Trace:
[ 2136.388106]  [<ffffffff81121785>] ? sched_clock_local+0x25/0x90
[ 2136.388106]  [<ffffffff81236774>] ? get_empty_filp+0x74/0x220
[ 2136.388106]  [<ffffffff8114e97a>] lock_acquire+0x18a/0x1e0
[ 2136.388106]  [<ffffffff836b37df>] ? rawsock_release+0x4f/0xa0
[ 2136.388106]  [<ffffffff837c0ef0>] _raw_write_lock_bh+0x40/0x80
[ 2136.388106]  [<ffffffff836b37df>] ? rawsock_release+0x4f/0xa0
[ 2136.388106]  [<ffffffff836b37df>] rawsock_release+0x4f/0xa0
[ 2136.388106]  [<ffffffff8321cfe8>] sock_release+0x18/0x70
[ 2136.388106]  [<ffffffff8321d069>] sock_close+0x29/0x30
[ 2136.388106]  [<ffffffff81236bca>] __fput+0x11a/0x2c0
[ 2136.388106]  [<ffffffff81236d85>] fput+0x15/0x20
[ 2136.388106]  [<ffffffff8321de34>] sys_accept4+0x1b4/0x200
[ 2136.388106]  [<ffffffff837c165c>] ? _raw_spin_unlock_irq+0x4c/0x80
[ 2136.388106]  [<ffffffff837c1669>] ? _raw_spin_unlock_irq+0x59/0x80
[ 2136.388106]  [<ffffffff837c2565>] ? sysret_check+0x22/0x5d
[ 2136.388106]  [<ffffffff8321de8b>] sys_accept+0xb/0x10
[ 2136.388106]  [<ffffffff837c2539>] system_call_fastpath+0x16/0x1b
[ 2136.388106] Code: ec 04 00 0f 85 ea 03 00 00 be d5 0b 00 00 48 c7 c7
8a c1 40 84 e8 b1 a5 f8 ff 31 c0 e9 d4 03 00 00 66 2e 0f 1f 84 00 00 00
00 00 <49> 81 7d 00 60 73 5e 85 b8 01 00 00 00 44 0f 44 e0 83 fe 01 77
[ 2136.388106] RIP  [<ffffffff8114e400>] __lock_acquire+0xc0/0x4b0
[ 2136.388106]  RSP <ffff8800130b3ca8>
[ 2136.388106] CR2: 00000000000003b0
[ 2136.388106] ---[ end trace 6d450e935ee18982 ]---
[ 2136.388106] Kernel panic - not syncing: Fatal exception in interrupt

rawsock_release() should test if sock->sk is NULL before calling
sock_orphan()/sock_put()

Reported-by: Sasha Levin <levinsasha928@gmail.com>
Tested-by: Sasha Levin <levinsasha928@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-26 01:35:26 +02:00
Dan Rosenberg
67de956ff5 NFC: Prevent multiple buffer overflows in NCI
Fix multiple remotely-exploitable stack-based buffer overflows due to
the NCI code pulling length fields directly from incoming frames and
copying too much data into statically-sized arrays.

Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Cc: stable@kernel.org
Cc: security@kernel.org
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: David S. Miller <davem@davemloft.net>
Acked-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-25 16:38:40 +02:00
David S. Miller
43b03f1f6d Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Conflicts:
	MAINTAINERS
	drivers/net/wireless/iwlwifi/pcie/trans.c

The iwlwifi conflict was resolved by keeping the code added
in 'net' that turns off the buggy chip feature.

The MAINTAINERS conflict was merely overlapping changes, one
change updated all the wireless web site URLs and the other
changed some GIT trees to be Johannes's instead of John's.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-12 21:59:18 -07:00
John W. Linville
a59f975a78 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
Conflicts:
	MAINTAINERS
	drivers/net/wireless/iwlwifi/pcie/trans.c
2012-06-12 14:11:13 -04:00
Sasha Levin
58d1eab7ef NFC: Fix possible NULL ptr deref when getting the name of a socket
llcp_sock_getname() might get called before the LLCP socket was created.
This condition isn't checked, and llcp_sock_getname will simply deref a
NULL ptr in that case.

This exists starting with d646960 ("NFC: Initial LLCP support").

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-06-08 13:47:07 -04:00
Samuel Ortiz
07922bb1e0 NFC: Destroy LLCP timout workqueue when releasing the link
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:33 +02:00
Samuel Ortiz
5e50ee3ae6 NFC: Switch to Initiator mode when getting NFC_ATTR_PROTOCOLS
That is needed for keeping backward compatibility with apps using the old
netlink polling API (NFC_ATTR_PROTOCOLS instead of NFC_ATTR_IM_PROTOCOLS).

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:33 +02:00
Samuel Ortiz
56af2568c2 NFC: Send a receiver ready frame only to reply to an I frame
Sending an RR as a reply to another RR is fine but not quite logical.
We should send RRs only as a reply to I frames.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:33 +02:00
Samuel Ortiz
8445796038 NFC: Requeue lost LLCP frames
When receiving an I or RR frame telling us that some of the pending queues
were not received, we should requeue them before the currently pending ones.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:33 +02:00
Samuel Ortiz
cb3a4503f4 NFC: Call the DEP link down ops even when in target mode
Even in target mode we need to let the driver know that we want to
bring the DEP link down.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:31 +02:00
Samuel Ortiz
5a0f6f3b46 NFC: Don't hold a NULL connecting LLCP socket lock
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:31 +02:00
Samuel Ortiz
73167ced31 NFC: Introduce target mode rx data callback
This routine will be called by drivers whenever they receive data in target
mode. This should be unexpected events and as such should be handled by a
standalone API (i.e. not as a callback pointer from an existing API).

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:31 +02:00
Samuel Ortiz
be9ae4ce4e NFC: Introduce target mode tx ops
And rename the initiator mode data exchange ops for consistency sake.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:30 +02:00
Samuel Ortiz
f212ad5e99 NFC: Set the NFC device RF mode appropriately
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:30 +02:00
Samuel Ortiz
fc40a8c1a0 NFC: Add target mode activation netlink event
Userspace gets a netlink event upon target mode activation.
The LLCP layer is also signaled when we get an ATR_REQ in order to get
the remote general bytes.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:30 +02:00
Samuel Ortiz
fe7c580073 NFC: Add target mode protocols to the polling loop startup routine
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:29 +02:00
Samuel Ortiz
ab73b75130 NFC: Export LLCP general bytes getter
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:29 +02:00
Samuel Ortiz
76762b7369 NFC: LLCP's MIUX is 10 bytes long, not 7
The mask is 0x7ff and not 0x7f and the return value is an u16.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:29 +02:00
Samuel Ortiz
93d7e490b7 NFC: Move LLCP MIU extension value to socket structure
The MIU extension value can be received during the PAX or during the
connection establishment process. It's definitely a connection related value
rather than a link one.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:29 +02:00
Samuel Ortiz
7a06e586b9 NFC: Move LLCP receiver window value to socket structure
RW can only be fetched from a CONNECT or a CC frame thus making it an
end points specific value, not a link one.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:28 +02:00
Samuel Ortiz
a69f32af86 NFC: Socket linked list
Simplify the LLCP sockets structure by putting all the connected ones
into a single linked list.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:28 +02:00
Samuel Ortiz
c7aa12252f NFC: Take a reference on the LLCP local pointer when creating a socket
LLCP sockets point to their local LLCP service, so they need to take a
reference on it.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2012-06-04 21:34:28 +02:00
Samuel Ortiz
bdbc59b35f NFC: Queue I frame fragments to the LLCP sockets queue tail
After testing our stack with large SNEP messages, we realized the fragments
were arriving in reversed order.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-16 13:08:14 -04:00
Eric Lapuyade
03bed29e05 NFC: HCI drivers don't have to keep track of polling state
The NFC core code already does that for them.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:31:22 -04:00
H Hartley Sweeten
e5fe4cf8ee NFC: The NFC genl family structure should not be exposed globally
The variable 'nfc_genl_family' is only referenced in this file and
should be marked static to prevent it from being exposed globally.

Quites the sparse warning:

warning: symbol 'nfc_genl_family' was not declared. Should it be static?

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:30 -04:00
H Hartley Sweeten
bd007bea21 NFC: HCI ops should not be exposed globally
The variable 'hci_nfc_ops' is only referenced in this file and
should be marked static to prevent it from being exposed globally.

Quites the sparse warning:

warning: symbol 'hci_nfc_ops' was not declared. Should it be static?

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:30 -04:00
H Hartley Sweeten
799030b75a NFC: Quiet nci/ntf.c sparse noise about plain integer as NULL pointer
Pointers should be cleared with NULL, not 0.

Quiets a couple sparse warnings of the type:

warning: Using plain integer as NULL pointer

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:30 -04:00
H Hartley Sweeten
502b424082 NFC: Include nci_core.h to nci/lib.c
Include the header to pickup the exported symbol prototype.

Quites the sparse warning:

warning: symbol 'nci_to_errno' was not declared. Should it be static?

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
CC: Samuel Ortiz <sameo@linux.intel.com>
CC: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:29 -04:00
H Hartley Sweeten
040487f364 NFC: Quiet nci/data.c sparse noise about plain integer as NULL pointer
Pointers should be cleared with NULL, not 0.

Quiets a couple sparse warnings of the type:

warning: Using plain integer as NULL pointer

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:29 -04:00
joseph daniel
51c25be857 NFC: Fix LLCP compilation warning
nfc_llcp_general_bytes is defined in nfc/core.c as:
nfc_llcp_general_bytes(struct nfc_dev *dev, size_t *gb_len).

as in nfc/nfc.h:
nfc_llcp_general_bytes(struct nfc_dev *dev, u8 *gb_len), if CONFIG_NFC_LLCP
is not defined.

so we got some warnings,
net/nfc/core.c:207:2: warning: passing argument 2 of ‘nfc_llcp_general_bytes’ from incompatible pointer type [enabled by default]
net/nfc/nfc.h:87:19: note: expected ‘u8 *’ but argument is of type ‘size_t *’

Signed-off-by: joseph daniel <josephdanielwalter@gmail.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:30:29 -04:00
Samuel Ortiz
43472fffb4 NFC: Return the amount of LLCP bytes queued to sock_sendmsg
Otherwise an LLCP send() always returns 0.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:02 -04:00
Samuel Ortiz
4260c13ba9 NFC: Update the LLCP poll mask
Fix the poll mask depending on the socket state. POLLOUT was missing
for example.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:02 -04:00
Samuel Ortiz
ff353d86a9 NFC: LLCP connect must wait for a CC frame
Blocking sockets should sleep on a CC (Connection Complete) reception
from the connect() call.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:01 -04:00
Eric Lapuyade
1676f75159 NFC: Add HCI/SHDLC support to let driver check for tag presence
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:00 -04:00
Eric Lapuyade
d4ccb13280 NFC: Specify usage for targets found and target lost events
It is now specified that nfc_target_found() and nfc_target_lost() core
functions must not be called from an atomic context. This allow us to
serialize calls and protect the targets table using the nfc device lock
instead of a spinlock.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:00 -04:00
Eric Lapuyade
addfabf98d NFC: Remove useless HCI private nfc target table
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:28:00 -04:00
Eric Lapuyade
9009943326 NFC: Cache the core NFC active target pointer instead of its index
The NFC Core now caches the active nfc target pointer, thereby avoiding
the need to lookup the target table for each invocation of a driver ops.
Consequently, pn533, HCI and NCI now directly receive an nfc_target
pointer instead of a target index.

Cc: Ilan Elias <ilane@ti.com>
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:27:59 -04:00
Marcel Holtmann
f3a138c10b NFC: Select CRC_CCITT for SHDLC link layer of HCI based drivers
The SHDLC link layer of HCI based drivers uses CRC-CCITT and thus
needs to select that kernel option.

Otherwise it ends up with this linking error:

net/built-in.o: In function `nfc_shdlc_add_len_crc':
net/nfc/hci/shdlc.c:113: undefined reference to `crc_ccitt'

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Acked-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-15 17:27:28 -04:00
John W. Linville
59ef43e681 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
Conflicts:
	drivers/net/wireless/iwlwifi/iwl-testmode.c
	include/net/nfc/nfc.h
	net/nfc/netlink.c
	net/wireless/nl80211.c
2012-04-18 14:27:48 -04:00
Eric Dumazet
95c9617472 net: cleanup unsigned to unsigned int
Use of "unsigned int" is preferred to bare "unsigned" in net tree.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-04-15 12:44:40 -04:00
David S. Miller
011e3c6325 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-12 19:41:23 -04:00
Samuel Ortiz
91b0ade112 NFC: Fix LLCP link timeout typo
We were sending the LTO TLV as a version TLV instead of the actual link
timeout one.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:45 -04:00
Samuel Ortiz
56d5876a22 NFC: Add MIUX to the local LLCP general bytes
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:44 -04:00
Samuel Ortiz
ffc29315e5 NFC: Call llcp_add_header properly when sending LLCP DM or DISC
dsap and ssap were swapped when sending DN or DISC.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:42 -04:00
Samuel Ortiz
324b0af6f5 NFC: Fix LLCP TLV building routine
The if logic could lead to zero length TLVs.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:41 -04:00
Samuel Ortiz
279cf174ae NFC: No need to apply twice the modulo op to LLCP's recv_n
recv_n is set properly when receiving an HDLC frame.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:41 -04:00
Samuel Ortiz
4be646ecc9 NFC: Dump LLCP frames
At KERN_DEBUG level.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:40 -04:00
Eric Lapuyade
c8d56ae786 NFC: Add Core support to generate tag lost event
Some HW/drivers get notifications when a tag moves out of the radio field.
This notification is now forwarded to user space through netlink.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:39 -04:00
Eric Lapuyade
144612cacc NFC: Changed target activated state logic
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:38 -04:00
Eric Lapuyade
01ae0eea9b NFC: Fix next target_idx type and rename for clarity
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:37 -04:00
Samuel Ortiz
c4fbb6515a NFC: The core part should generate the target index
The target index can be used by userspace to uniquely identify a target
and thus should be kept unique, per NFC adapter. Moreover, some protocols
do not provide a logical index when discovering new targets, so we have to
generate one for them.
For NCI or pn533 to fetch their logical index, we added a logical_idx field
to the target structure.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:37 -04:00
Eric Lapuyade
eb738fe535 NFC: SHDLC implementation
Most NFC HCI chipsets actually use a simplified HDLC link layer to
carry HCI payloads.
This implementation registers itself as an HCI device on behalf of the
NFC driver.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:35 -04:00
Eric Lapuyade
8b8d2e08bf NFC: HCI support
This is an implementation of ETSI TS 102 622 specification.
Many NFC chipsets use HCI as the host <-> target protocol on top of a
serial link like i2c.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:34 -04:00
Eric Lapuyade
e1da0efa2e NFC: Export target lost function
NFC drivers will call this routine when they detect that a tag leaves the
RF field. This will eventually lead to the corresponding netlink event
to be sent.

Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:34 -04:00
Samuel Ortiz
8112a5c91d NFC: Add a target lost netlink event
Some chips are capable of detecting when a tag is out of the field, so
they could send a netlink event about it to userspace.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-12 15:10:33 -04:00
Samuel Ortiz
b4838d12e1 NFC: Fix the LLCP Tx fragmentation loop
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-04-11 15:09:33 -04:00
David S. Miller
1e6428d82b nfc: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-04-01 18:11:37 -04:00
Samuel Ortiz
eb9bc6e9a0 NFC: NCI code identation fixes
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:25 -05:00
Samuel Ortiz
0a40acb246 NFC: Core code identation fixes
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:25 -05:00
Samuel Ortiz
427a2eb1f5 NFC: LLCP code identation fixes
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:24 -05:00
Samuel Ortiz
40c75f81d6 NFC: Fix LLCP sockets releasing path
The socket local pointer needs to be set to NULL when the adapter is
removed or the MAC goes down.
If the socket release code is called after such an event, the socket
reference count still needs to be decreased in order for the socket to
eventually be freed.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:24 -05:00
Samuel Ortiz
47807d3dbb NFC: Remove the rf mode parameter from the DEP link up routine
When calling nfc_dep_link_up, we implicitely are in initiator mode.
Which means we also can provide the general bytes as a function argument,
as all drivers will eventually request them.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:23 -05:00
Samuel Ortiz
9dda50f4c9 NFC: SN is not an invalid GT value
We just don't do anything with it when parsing the general bytes.
We handle it from the CONNECT reception code.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:23 -05:00
Samuel Ortiz
0c31835993 NFC: Unlink LLCP child sockets from llcp_sock_release
The parent socket (the bound one) could be freed before its children, so
we should unlink the children without trying to reach it through the parent.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:23 -05:00
Samuel Ortiz
e65b0f46ed NFC: Fragment LLCP I frames
Based on the receiver MIU, we have to fragment the frame to be
transmitted.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:22 -05:00
Samuel Ortiz
eda21f16a5 NFC: Set MIU and RW values from CONNECT and CC LLCP frames
We use the maximum values for the LLCP Maximum Information Unit and Receive
Window Size.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:22 -05:00
Samuel Ortiz
d094afa155 NFC: Send LLCP RR frames to acknowledge received I frames
In order to acknowledge an I frame, we have to either queue pending local
I frames or queue a receiver ready frame.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:22 -05:00
Samuel Ortiz
0767a7fa87 NFC: Set the right LLCP N(R) value for I frames
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:21 -05:00
Samuel Ortiz
b9a76f1d3c NFC: Clear LLCP SDPs whan MAC goes down
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:21 -05:00
Samuel Ortiz
1762c17c9c NFC: Fix bitops usage in LLCP
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:20 -05:00
Samuel Ortiz
53a0ac2ee8 NFC: LLCP socket sendmsg implemetation
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:20 -05:00
Samuel Ortiz
53aef92054 NFC: Handle Receiver Not Ready LLCP frame
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:20 -05:00
Samuel Ortiz
4722d2b70b NFC: Factorize the I frame queueing routine
This one will be called from the I frame command sending.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:19 -05:00
Samuel Ortiz
c970a1ac4e NFC: Add device powered netlink attribute
For user space to know if a device is up or down.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-03-06 15:16:19 -05:00
Dan Carpenter
6269cc83e7 nfc: NULL vs zero in nci_activate_target()
This is a pointer so it should be NULL instead of zero.  Sparse
complains about this stuff:
net/nfc/nci/core.c:447:37: warning: Using plain integer as NULL pointer

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Samuel Ortiz <sameo@linux.intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-27 14:57:04 -05:00
Ilan Elias
019c4fbaa7 NFC: Add NCI multiple targets support
Add the ability to select between multiple targets in NCI.
If only one target is found, it will be auto-activated.
If more than one target is found, then DISCOVER_NTF will be
generated for each target, and the host should select one by
calling DISCOVER_SELECT_CMD. Then, the target will be activated.
If the activation fails, GENERIC_ERROR_NTF is generated.

Signed-off-by: Ilan Elias <ilane@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-24 14:32:29 -05:00
Ilan Elias
25a1d9dc85 NFC: NFC core layer should not set the target_idx
The NFC core layer should not set the target_idx.
Instead, the driver layer (e.g. NCI, PN533) should set the
target_idx, so that it will be able to identify the target
when its I/F (e.g. activate_target) is called.
This is required in order to support multiple targets.
Note that currently supported drivers (PN533 and NCI) don't
use the target_idx in their implementation.

Signed-off-by: Ilan Elias <ilane@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-24 14:32:28 -05:00