Introduce NFC driver with RFAL middleware #4566
Conversation
… serial interface [no changelog]
kopecdav
force-pushed
the
kopecdav/T3W1/NFC_driver
branch
from
2e6bf04 to
4c189eb
Compare
|
…rev.B [no changelog]
kopecdav
force-pushed
the
kopecdav/T3W1/NFC_driver
branch
from
4c189eb to
606d8c9
Compare
… board rev.B [no changelog]
|
|
||
| #include <sys/irq.h> | ||
| #include <sys/systick.h> | ||
| #include <trezor_bsp.h> |
There was a problem hiding this comment.
There is no strict rule on how to order #include statements, but in new code, we follow this convention:
#include <trezor_xxx.h>. <-- comes first
// empty line
#include <module/header.h> <-- comes next
// empty line
#include "local_header.h" <--- comes last
There is no strict rule on how to order #include statements, but in new code, we follow this convention:
There was a problem hiding this comment.
Hope to fix correctly in d0ecd9f
There was a problem hiding this comment.
Maybe #include <io/nfc.h> belongs to the second category. Otherwise it looks good.
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| */ | ||
| 0x00, 0x00}; /* RD */ | ||
|
|
||
| static ReturnCode nfc_transcieve_blocking(uint8_t *txBuf, uint16_t txBufSize, |
There was a problem hiding this comment.
In new code, we prefer camelCase over snake_case. camelCase is also used in other parts of the file.
There was a problem hiding this comment.
wait do we? i am confused now, i believe snake_case is almost exclusively used in our C code
There was a problem hiding this comment.
I changed the return type to the nfc_status_t but in rest of the code I have everything in snake_case i think. Unfortunatelly the RFAL is written in camelCase so the code looks bit wierd :/. But I dont think we can do anything about it.
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| return NFC_ERROR; | ||
| } | ||
|
|
||
| char *uid_str = hex2Str(nfcDevice->nfcid, nfcDevice->nfcidLen); |
There was a problem hiding this comment.
Consider replacing hex2Str with cstr_encode_hex from <rtl/strutils.>
There was a problem hiding this comment.
Didnt know we already have it 😮 , fixed d0ecd9f but not tested yet, please leave open
There was a problem hiding this comment.
Yes, you couldn't have known. It's only been there for a few days.
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
|
|
||
| uint32_t nfc_create_timer(uint16_t time) { return (systick_ms() + time); } | ||
|
|
||
| bool nfc_timer_is_expired(uint32_t timer) { |
There was a problem hiding this comment.
see ticks_expired() in sys/systick.h
There was a problem hiding this comment.
Maybe you don't need these functions at all. Why not use systick_xxxz in rfal_platform.h` directly?
kopecdav
force-pushed
the
kopecdav/T3W1/NFC_driver
branch
from
09828c9 to
d0ecd9f
Compare
core/embed/io/nfc/inc/io/nfc.h
Outdated
|
|
||
| #pragma once | ||
|
|
||
| #include "trezor_types.h" |
There was a problem hiding this comment.
We should include this header using <...> instead.
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| #include "rfal_platform.h" | ||
|
|
||
| #define LM_SEL_RES \ | ||
| 0x20U /*!<NFC-A SEL_RES configured for Type 4A Tag Platform */ |
There was a problem hiding this comment.
Our clang-format doesn’t handle this type of comment well. How about placing it on its own line before the definition, like this:
// NFC-A SEL_RES configured for Type 4A Tag Platform
#define LM_SEL_RES 0x20
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| #define LM_SC_BYTE2 \ | ||
| 0xFCU /*!<NFC-F System Code byte 2 */ | ||
| #define LM_PAD0 \ | ||
| 0x00U /*!<NFC-F PAD0 */ |
There was a problem hiding this comment.
Even though there's nothing inherently wrong with multiline comments, we don’t use them often and usually prefer single-line comments (except for the license header). These comments also contain Doxygen inline annotation syntax /*!<...
| cli_trace(cli, "NFC Type AP2P: UID: %s", dev_info.uid); | ||
| break; | ||
| case NFC_DEV_TYPE_UNKNOWN: | ||
| cli_error(cli, CLI_ERROR, "NFC Type UNKNOWN"); |
There was a problem hiding this comment.
In the case of this error, both cli_error() and cli_error() are called.
There was a problem hiding this comment.
you mean cli_error() and cli cli_ok() right? changed break -> cleanup
fixed in bd5de3a
|
|
||
| nfc_deinit(); | ||
|
|
||
| cli_ok(cli, ""); |
There was a problem hiding this comment.
nfc_deinit() is not always called. How about this:
...
cli_ok(cli, "");
cleanup:
nfc_deinit();
}
then, instead of return, you can use goto cleanup
The similar issue exists in prodtest_nfc_emulate_card and prodtest_nfc_write_card
| if (*buffer == 0xFF) { | ||
| // TLV 3 byte length format | ||
| buffer++; | ||
| message->message_total_len = (int16_t)(buffer[0] << 8 | buffer[1]); |
There was a problem hiding this comment.
If the message is corrupted, message_total_len might be initialized to a nonsense value. I think we should check whether message_total_len fits within the buffer passed to the function.
core/embed/io/nfc/st25r3916b/ndef.c
Outdated
| } | ||
|
|
||
| if (rec->type_length > 0) { | ||
| memcpy(&(rec->type), buffer + bp, rec->type_length); |
There was a problem hiding this comment.
hese parentheses are not necessary (personally, I find them a bit unusual and slightly confusing):
&(rec->type) ->&rec->type
A similar pattern appears in the code above: &(message->records[message->records_cnt]).
| buffer++; | ||
| } | ||
|
|
||
| remaining_len = message->message_total_len; |
There was a problem hiding this comment.
The general issue with these parsing functions is that they do not properly validate the input data. If the data is corrupted (for any reason), the function may access memory beyond the buffer. But I understand that the code is still somewhat experimental, so this is not a critical issue for now.
core/embed/io/nfc/st25r3916b/ndef.c
Outdated
| } | ||
|
|
||
| uint16_t ndef_create_uri(const char *uri, uint8_t *buffer) { | ||
| *buffer = 0x3; // TLV header |
There was a problem hiding this comment.
I would be much better not to rely on the caller it provide a sufficient buffer. Instead, we should take a more defensive approach and modify the function to have buffer_size argument:
size_t ndef_create_uri(const char* uri, uint8_t* buffer, size_t buffer_size);
core/embed/io/nfc/st25r3916b/ndef.c
Outdated
| } | ||
|
|
||
| // Look at first byte, parse header | ||
| memcpy(&(rec->header), buffer, 1); |
There was a problem hiding this comment.
I'm not sure we always need memcpy here. In some cases, a simple assignment would be enough. However, if you insist on using memcpy, it would be safer to use sizeof instead of a constant, like this:
memcpy(&rec->header, &buffer[bp], sizeof(rec->header);
bp += sizeof(rec->header);
Personally, I prefer just:
rec->header = buffer[bp++];
There was a problem hiding this comment.
header was a non-scalar type variable since i split the struct into bitfields so direct assignment was not possible. I changed the header into union so i can access it as a single byte.
| #endif | ||
|
|
||
| /* Includes ------------------------------------------------------------------*/ | ||
| #include <trezor_bsp.h> |
There was a problem hiding this comment.
include trezor_types instead
| @@ -0,0 +1,44 @@ | |||
| #pragma once | |||
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| 0x00U /*!<NFC-F PAD0 */ | ||
|
|
||
| /* P2P communication data */ | ||
| static uint8_t NFCID3[] = {0x01, 0xFE, 0x03, 0x04, 0x05, |
There was a problem hiding this comment.
sure static const is even better
| st25r3916b_driver_t *drv = &g_st25r3916b_driver; | ||
|
|
||
| if(!drv->initialized) { | ||
| return NFC_NOT_INITIALIZED; |
There was a problem hiding this comment.
should return nfc_event_t, but this is different type. Either return NFC_NO_EVENT, or maybe better function signature would be bool nfc_get_event(nfc_event_t *event), which also allows adding data to events if needed.
There was a problem hiding this comment.
Right, I changed the function structure to nfc_status_t nfc_get_event(nfc_event_t *event) so it returns error if the driver was not initialized as well.
core/embed/io/nfc/st25r3916b/nfc.c
Outdated
| */ | ||
| 0x00, 0x00}; /* RD */ | ||
|
|
||
| static ReturnCode nfc_transcieve_blocking(uint8_t *txBuf, uint16_t txBufSize, |
There was a problem hiding this comment.
wait do we? i am confused now, i believe snake_case is almost exclusively used in our C code
core/embed/io/nfc/inc/io/nfc.h
Outdated
|
|
||
| typedef enum { | ||
| NFC_NO_EVENT, | ||
| NFC_STATE_ACTIVATED, |
There was a problem hiding this comment.
the polling mechanism is meant to get events, so changes of states, not the state itself. So in this case, we should return NFC_EVENT_ACTIVATED and NFC_EVENT_DEACTIVATED pair. We could have a separate nfc_get_state function that would return current state, but mainly we need the event polling.
There was a problem hiding this comment.
right, understood. I renamed the event enum to NFC_EVENT_ACTIVATED, but for now that is the only event provided by nfc_get_event() function. The nfc_get_event() function might be further extended in the future to monitor more events when we have a proper usecase.
| @@ -0,0 +1,14 @@ | |||
|
|
|||
|
|
||
| #pragma once | ||
|
|
||
| #include <trezor_bsp.h> |
There was a problem hiding this comment.
trezor_types shoudl be enough
This PR Introduce NFC driver with RFAL middleware to control ST25R3916.
RFAL is a ST middleware which provides a low level control of the ST25R3916 + an extra layer to support several different NFC standards.
PR also introduce prodtests to READ, EMULATE and WRITE to NFC card.