mirror of
https://github.com/flipperdevices/flipperzero-firmware.git
synced 2025-12-12 04:41:26 +04:00
FeliCa anti-collision fix (#3889)
* System code added to felica hal config functions * Felica sensf_res setup logic adjusted with new struct * Set api symbols version to 73.0 * Felica unit tests fix * Furi: prevent use after free on xEventGroupSetBits call Co-authored-by: Aleksandr Kutuzov <alleteam@gmail.com>
This commit is contained in:
RebornedBrain
@@ -48,7 +48,9 @@ uint32_t furi_event_flag_set(FuriEventFlag* instance, uint32_t flags) {
|
|||||||
portYIELD_FROM_ISR(yield);
|
portYIELD_FROM_ISR(yield);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
vTaskSuspendAll();
|
||||||
rflags = xEventGroupSetBits(hEventGroup, (EventBits_t)flags);
|
rflags = xEventGroupSetBits(hEventGroup, (EventBits_t)flags);
|
||||||
|
(void)xTaskResumeAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Return event flags after setting */
|
/* Return event flags after setting */
|
||||||
|
|||||||
@@ -26,10 +26,15 @@ void furi_event_flag_free(FuriEventFlag* instance);
|
|||||||
|
|
||||||
/** Set flags
|
/** Set flags
|
||||||
*
|
*
|
||||||
* @param instance pointer to FuriEventFlag
|
* @warning result of this function can be flags that you've just asked to
|
||||||
* @param[in] flags The flags
|
* set or not if someone was waiting for them and asked to clear it.
|
||||||
|
* It is highly recommended to read this function and
|
||||||
|
* xEventGroupSetBits source code.
|
||||||
*
|
*
|
||||||
* @return Resulting flags or error (FuriStatus)
|
* @param instance pointer to FuriEventFlag
|
||||||
|
* @param[in] flags The flags to set
|
||||||
|
*
|
||||||
|
* @return Resulting flags(see warning) or error (FuriStatus)
|
||||||
*/
|
*/
|
||||||
uint32_t furi_event_flag_set(FuriEventFlag* instance, uint32_t flags);
|
uint32_t furi_event_flag_set(FuriEventFlag* instance, uint32_t flags);
|
||||||
|
|
||||||
|
|||||||
@@ -45,7 +45,9 @@ static void furi_timer_epilogue(void* context, uint32_t arg) {
|
|||||||
UNUSED(arg);
|
UNUSED(arg);
|
||||||
|
|
||||||
EventGroupHandle_t hEvent = context;
|
EventGroupHandle_t hEvent = context;
|
||||||
|
vTaskSuspendAll();
|
||||||
xEventGroupSetBits(hEvent, TIMER_DELETED_EVENT);
|
xEventGroupSetBits(hEvent, TIMER_DELETED_EVENT);
|
||||||
|
(void)xTaskResumeAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
void furi_timer_free(FuriTimer* instance) {
|
void furi_timer_free(FuriTimer* instance) {
|
||||||
@@ -55,11 +57,13 @@ void furi_timer_free(FuriTimer* instance) {
|
|||||||
TimerHandle_t hTimer = (TimerHandle_t)instance;
|
TimerHandle_t hTimer = (TimerHandle_t)instance;
|
||||||
furi_check(xTimerDelete(hTimer, portMAX_DELAY) == pdPASS);
|
furi_check(xTimerDelete(hTimer, portMAX_DELAY) == pdPASS);
|
||||||
|
|
||||||
StaticEventGroup_t event_container;
|
StaticEventGroup_t event_container = {};
|
||||||
EventGroupHandle_t hEvent = xEventGroupCreateStatic(&event_container);
|
EventGroupHandle_t hEvent = xEventGroupCreateStatic(&event_container);
|
||||||
furi_check(xTimerPendFunctionCall(furi_timer_epilogue, hEvent, 0, portMAX_DELAY) == pdPASS);
|
furi_check(xTimerPendFunctionCall(furi_timer_epilogue, hEvent, 0, portMAX_DELAY) == pdPASS);
|
||||||
|
|
||||||
xEventGroupWaitBits(hEvent, TIMER_DELETED_EVENT, 0, pdTRUE, portMAX_DELAY);
|
furi_check(
|
||||||
|
xEventGroupWaitBits(hEvent, TIMER_DELETED_EVENT, pdFALSE, pdTRUE, portMAX_DELAY) ==
|
||||||
|
TIMER_DELETED_EVENT);
|
||||||
vEventGroupDelete(hEvent);
|
vEventGroupDelete(hEvent);
|
||||||
|
|
||||||
free(instance);
|
free(instance);
|
||||||
|
|||||||
@@ -651,11 +651,12 @@ NfcError nfc_felica_listener_set_sensf_res_data(
|
|||||||
const uint8_t* idm,
|
const uint8_t* idm,
|
||||||
const uint8_t idm_len,
|
const uint8_t idm_len,
|
||||||
const uint8_t* pmm,
|
const uint8_t* pmm,
|
||||||
const uint8_t pmm_len) {
|
const uint8_t pmm_len,
|
||||||
|
const uint16_t sys_code) {
|
||||||
furi_check(instance);
|
furi_check(instance);
|
||||||
|
|
||||||
FuriHalNfcError error =
|
FuriHalNfcError error =
|
||||||
furi_hal_nfc_felica_listener_set_sensf_res_data(idm, idm_len, pmm, pmm_len);
|
furi_hal_nfc_felica_listener_set_sensf_res_data(idm, idm_len, pmm, pmm_len, sys_code);
|
||||||
instance->comm_state = NfcCommStateIdle;
|
instance->comm_state = NfcCommStateIdle;
|
||||||
return nfc_process_hal_error(error);
|
return nfc_process_hal_error(error);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -361,6 +361,7 @@ NfcError nfc_iso14443a_listener_set_col_res_data(
|
|||||||
* @param[in] idm_len IDm length in bytes.
|
* @param[in] idm_len IDm length in bytes.
|
||||||
* @param[in] pmm pointer to a byte array containing the PMm.
|
* @param[in] pmm pointer to a byte array containing the PMm.
|
||||||
* @param[in] pmm_len PMm length in bytes.
|
* @param[in] pmm_len PMm length in bytes.
|
||||||
|
* @param[in] sys_code System code from SYS_C block
|
||||||
* @returns NfcErrorNone on success, any other error code on failure.
|
* @returns NfcErrorNone on success, any other error code on failure.
|
||||||
*/
|
*/
|
||||||
NfcError nfc_felica_listener_set_sensf_res_data(
|
NfcError nfc_felica_listener_set_sensf_res_data(
|
||||||
@@ -368,7 +369,8 @@ NfcError nfc_felica_listener_set_sensf_res_data(
|
|||||||
const uint8_t* idm,
|
const uint8_t* idm,
|
||||||
const uint8_t idm_len,
|
const uint8_t idm_len,
|
||||||
const uint8_t* pmm,
|
const uint8_t* pmm,
|
||||||
const uint8_t pmm_len);
|
const uint8_t pmm_len,
|
||||||
|
const uint16_t sys_code);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Send ISO15693 Start of Frame pattern in listener mode
|
* @brief Send ISO15693 Start of Frame pattern in listener mode
|
||||||
|
|||||||
@@ -270,7 +270,8 @@ static void nfc_worker_listener_pass_col_res(Nfc* instance, uint8_t* rx_data, ui
|
|||||||
}
|
}
|
||||||
} else if(rx_bits == 8 * 8) {
|
} else if(rx_bits == 8 * 8) {
|
||||||
FelicaPollingRequest* request = (FelicaPollingRequest*)rx_data;
|
FelicaPollingRequest* request = (FelicaPollingRequest*)rx_data;
|
||||||
if(request->system_code == instance->pt_memory.system_code) {
|
if(request->system_code == 0xFFFF ||
|
||||||
|
request->system_code == instance->pt_memory.system_code) {
|
||||||
uint8_t response_size = sizeof(FelicaSensfResData) + 1;
|
uint8_t response_size = sizeof(FelicaSensfResData) + 1;
|
||||||
bit_buffer_reset(tx_buffer);
|
bit_buffer_reset(tx_buffer);
|
||||||
bit_buffer_append_byte(tx_buffer, response_size);
|
bit_buffer_append_byte(tx_buffer, response_size);
|
||||||
@@ -501,19 +502,19 @@ NfcError nfc_felica_listener_set_sensf_res_data(
|
|||||||
const uint8_t* idm,
|
const uint8_t* idm,
|
||||||
const uint8_t idm_len,
|
const uint8_t idm_len,
|
||||||
const uint8_t* pmm,
|
const uint8_t* pmm,
|
||||||
const uint8_t pmm_len) {
|
const uint8_t pmm_len,
|
||||||
|
const uint16_t sys_code) {
|
||||||
furi_assert(instance);
|
furi_assert(instance);
|
||||||
furi_assert(idm);
|
furi_assert(idm);
|
||||||
furi_assert(pmm);
|
furi_assert(pmm);
|
||||||
furi_assert(idm_len == 8);
|
furi_assert(idm_len == 8);
|
||||||
furi_assert(pmm_len == 8);
|
furi_assert(pmm_len == 8);
|
||||||
|
|
||||||
instance->pt_memory.system_code = 0xFFFF;
|
instance->pt_memory.system_code = sys_code;
|
||||||
instance->pt_memory.sens_res.code = 0x01;
|
instance->pt_memory.sens_res.code = 0x01;
|
||||||
instance->software_col_res_required = true;
|
instance->software_col_res_required = true;
|
||||||
memcpy(instance->pt_memory.sens_res.idm.data, idm, idm_len);
|
memcpy(instance->pt_memory.sens_res.idm.data, idm, idm_len);
|
||||||
memcpy(instance->pt_memory.sens_res.pmm.data, pmm, pmm_len);
|
memcpy(instance->pt_memory.sens_res.pmm.data, pmm, pmm_len);
|
||||||
|
|
||||||
return NfcErrorNone;
|
return NfcErrorNone;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -26,8 +26,9 @@ FelicaListener* felica_listener_alloc(Nfc* nfc, FelicaData* data) {
|
|||||||
memcpy(instance->mc_shadow.data, instance->data->data.fs.mc.data, FELICA_DATA_BLOCK_SIZE);
|
memcpy(instance->mc_shadow.data, instance->data->data.fs.mc.data, FELICA_DATA_BLOCK_SIZE);
|
||||||
instance->data->data.fs.state.data[0] = 0;
|
instance->data->data.fs.state.data[0] = 0;
|
||||||
nfc_config(instance->nfc, NfcModeListener, NfcTechFelica);
|
nfc_config(instance->nfc, NfcModeListener, NfcTechFelica);
|
||||||
|
const uint16_t system_code = *(uint16_t*)data->data.fs.sys_c.data;
|
||||||
nfc_felica_listener_set_sensf_res_data(
|
nfc_felica_listener_set_sensf_res_data(
|
||||||
nfc, data->idm.data, sizeof(data->idm), data->pmm.data, sizeof(data->pmm));
|
nfc, data->idm.data, sizeof(data->idm), data->pmm.data, sizeof(data->pmm), system_code);
|
||||||
|
|
||||||
return instance;
|
return instance;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
entry,status,name,type,params
|
entry,status,name,type,params
|
||||||
Version,+,72.5,,
|
Version,+,73.0,,
|
||||||
Header,+,applications/services/bt/bt_service/bt.h,,
|
Header,+,applications/services/bt/bt_service/bt.h,,
|
||||||
Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
|
Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
|
||||||
Header,+,applications/services/cli/cli.h,,
|
Header,+,applications/services/cli/cli.h,,
|
||||||
|
|||||||
|
@@ -1,5 +1,5 @@
|
|||||||
entry,status,name,type,params
|
entry,status,name,type,params
|
||||||
Version,+,72.5,,
|
Version,+,73.0,,
|
||||||
Header,+,applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h,,
|
Header,+,applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h,,
|
||||||
Header,+,applications/services/bt/bt_service/bt.h,,
|
Header,+,applications/services/bt/bt_service/bt.h,,
|
||||||
Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
|
Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
|
||||||
@@ -1444,7 +1444,7 @@ Function,+,furi_hal_nfc_abort,FuriHalNfcError,
|
|||||||
Function,+,furi_hal_nfc_acquire,FuriHalNfcError,
|
Function,+,furi_hal_nfc_acquire,FuriHalNfcError,
|
||||||
Function,+,furi_hal_nfc_event_start,FuriHalNfcError,
|
Function,+,furi_hal_nfc_event_start,FuriHalNfcError,
|
||||||
Function,+,furi_hal_nfc_event_stop,FuriHalNfcError,
|
Function,+,furi_hal_nfc_event_stop,FuriHalNfcError,
|
||||||
Function,+,furi_hal_nfc_felica_listener_set_sensf_res_data,FuriHalNfcError,"const uint8_t*, const uint8_t, const uint8_t*, const uint8_t"
|
Function,+,furi_hal_nfc_felica_listener_set_sensf_res_data,FuriHalNfcError,"const uint8_t*, const uint8_t, const uint8_t*, const uint8_t, const uint16_t"
|
||||||
Function,+,furi_hal_nfc_field_detect_start,FuriHalNfcError,
|
Function,+,furi_hal_nfc_field_detect_start,FuriHalNfcError,
|
||||||
Function,+,furi_hal_nfc_field_detect_stop,FuriHalNfcError,
|
Function,+,furi_hal_nfc_field_detect_stop,FuriHalNfcError,
|
||||||
Function,+,furi_hal_nfc_field_is_present,_Bool,
|
Function,+,furi_hal_nfc_field_is_present,_Bool,
|
||||||
@@ -2778,7 +2778,7 @@ Function,+,nfc_device_save,_Bool,"NfcDevice*, const char*"
|
|||||||
Function,+,nfc_device_set_data,void,"NfcDevice*, NfcProtocol, const NfcDeviceData*"
|
Function,+,nfc_device_set_data,void,"NfcDevice*, NfcProtocol, const NfcDeviceData*"
|
||||||
Function,+,nfc_device_set_loading_callback,void,"NfcDevice*, NfcLoadingCallback, void*"
|
Function,+,nfc_device_set_loading_callback,void,"NfcDevice*, NfcLoadingCallback, void*"
|
||||||
Function,+,nfc_device_set_uid,_Bool,"NfcDevice*, const uint8_t*, size_t"
|
Function,+,nfc_device_set_uid,_Bool,"NfcDevice*, const uint8_t*, size_t"
|
||||||
Function,+,nfc_felica_listener_set_sensf_res_data,NfcError,"Nfc*, const uint8_t*, const uint8_t, const uint8_t*, const uint8_t"
|
Function,+,nfc_felica_listener_set_sensf_res_data,NfcError,"Nfc*, const uint8_t*, const uint8_t, const uint8_t*, const uint8_t, const uint16_t"
|
||||||
Function,+,nfc_free,void,Nfc*
|
Function,+,nfc_free,void,Nfc*
|
||||||
Function,+,nfc_iso14443a_listener_set_col_res_data,NfcError,"Nfc*, uint8_t*, uint8_t, uint8_t*, uint8_t"
|
Function,+,nfc_iso14443a_listener_set_col_res_data,NfcError,"Nfc*, uint8_t*, uint8_t, uint8_t*, uint8_t"
|
||||||
Function,+,nfc_iso14443a_listener_tx_custom_parity,NfcError,"Nfc*, const BitBuffer*"
|
Function,+,nfc_iso14443a_listener_tx_custom_parity,NfcError,"Nfc*, const BitBuffer*"
|
||||||
|
|||||||
|
@@ -4,6 +4,20 @@
|
|||||||
// Prevent FDT timer from starting
|
// Prevent FDT timer from starting
|
||||||
#define FURI_HAL_NFC_FELICA_LISTENER_FDT_COMP_FC (INT32_MAX)
|
#define FURI_HAL_NFC_FELICA_LISTENER_FDT_COMP_FC (INT32_MAX)
|
||||||
|
|
||||||
|
#define FURI_HAL_FELICA_COMMUNICATION_PERFORMANCE (0x0083U)
|
||||||
|
#define FURI_HAL_FELICA_RESPONSE_CODE (0x01)
|
||||||
|
#define FURI_HAL_FELICA_IDM_PMM_LENGTH (8)
|
||||||
|
|
||||||
|
#pragma pack(push, 1)
|
||||||
|
typedef struct {
|
||||||
|
uint16_t system_code;
|
||||||
|
uint8_t response_code;
|
||||||
|
uint8_t Idm[FURI_HAL_FELICA_IDM_PMM_LENGTH];
|
||||||
|
uint8_t Pmm[FURI_HAL_FELICA_IDM_PMM_LENGTH];
|
||||||
|
uint16_t communication_performance;
|
||||||
|
} FuriHalFelicaPtMemory;
|
||||||
|
#pragma pack(pop)
|
||||||
|
|
||||||
static FuriHalNfcError furi_hal_nfc_felica_poller_init(FuriHalSpiBusHandle* handle) {
|
static FuriHalNfcError furi_hal_nfc_felica_poller_init(FuriHalSpiBusHandle* handle) {
|
||||||
// Enable Felica mode, AM modulation
|
// Enable Felica mode, AM modulation
|
||||||
st25r3916_change_reg_bits(
|
st25r3916_change_reg_bits(
|
||||||
@@ -161,17 +175,23 @@ FuriHalNfcError furi_hal_nfc_felica_listener_set_sensf_res_data(
|
|||||||
const uint8_t* idm,
|
const uint8_t* idm,
|
||||||
const uint8_t idm_len,
|
const uint8_t idm_len,
|
||||||
const uint8_t* pmm,
|
const uint8_t* pmm,
|
||||||
const uint8_t pmm_len) {
|
const uint8_t pmm_len,
|
||||||
|
const uint16_t sys_code) {
|
||||||
furi_check(idm);
|
furi_check(idm);
|
||||||
furi_check(pmm);
|
furi_check(pmm);
|
||||||
|
furi_check(idm_len == FURI_HAL_FELICA_IDM_PMM_LENGTH);
|
||||||
|
furi_check(pmm_len == FURI_HAL_FELICA_IDM_PMM_LENGTH);
|
||||||
|
|
||||||
FuriHalSpiBusHandle* handle = &furi_hal_spi_bus_handle_nfc;
|
FuriHalSpiBusHandle* handle = &furi_hal_spi_bus_handle_nfc;
|
||||||
// Write PT Memory
|
// Write PT Memory
|
||||||
uint8_t pt_memory[19] = {};
|
FuriHalFelicaPtMemory pt;
|
||||||
pt_memory[2] = 0x01;
|
pt.system_code = sys_code;
|
||||||
memcpy(pt_memory + 3, idm, idm_len);
|
pt.response_code = FURI_HAL_FELICA_RESPONSE_CODE;
|
||||||
memcpy(pt_memory + 3 + idm_len, pmm, pmm_len);
|
pt.communication_performance = __builtin_bswap16(FURI_HAL_FELICA_COMMUNICATION_PERFORMANCE);
|
||||||
st25r3916_write_ptf_mem(handle, pt_memory, sizeof(pt_memory));
|
memcpy(pt.Idm, idm, idm_len);
|
||||||
|
memcpy(pt.Pmm, pmm, pmm_len);
|
||||||
|
|
||||||
|
st25r3916_write_ptf_mem(handle, (uint8_t*)&pt, sizeof(FuriHalFelicaPtMemory));
|
||||||
return FuriHalNfcErrorNone;
|
return FuriHalNfcErrorNone;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -461,13 +461,15 @@ FuriHalNfcError furi_hal_nfc_iso15693_listener_tx_sof(void);
|
|||||||
* @param[in] idm_len IDm length in bytes.
|
* @param[in] idm_len IDm length in bytes.
|
||||||
* @param[in] pmm pointer to a byte array containing the PMm.
|
* @param[in] pmm pointer to a byte array containing the PMm.
|
||||||
* @param[in] pmm_len PMm length in bytes.
|
* @param[in] pmm_len PMm length in bytes.
|
||||||
|
* @param[in] sys_code System code from SYS_C block
|
||||||
* @returns NfcErrorNone on success, any other error code on failure.
|
* @returns NfcErrorNone on success, any other error code on failure.
|
||||||
*/
|
*/
|
||||||
FuriHalNfcError furi_hal_nfc_felica_listener_set_sensf_res_data(
|
FuriHalNfcError furi_hal_nfc_felica_listener_set_sensf_res_data(
|
||||||
const uint8_t* idm,
|
const uint8_t* idm,
|
||||||
const uint8_t idm_len,
|
const uint8_t idm_len,
|
||||||
const uint8_t* pmm,
|
const uint8_t* pmm,
|
||||||
const uint8_t pmm_len);
|
const uint8_t pmm_len,
|
||||||
|
const uint16_t sys_code);
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user