1 /******************************************************************************
2  *
3  *  Copyright (C) 2010-2014 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains the action functions the NFA_RW state machine.
22  *
23  ******************************************************************************/
24 #include <log/log.h>
25 #include <string.h>
26 
27 #include <android-base/stringprintf.h>
28 #include <base/logging.h>
29 
30 #include "ndef_utils.h"
31 #include "nfa_dm_int.h"
32 #include "nfa_mem_co.h"
33 #include "nfa_rw_int.h"
34 
35 using android::base::StringPrintf;
36 
37 extern bool nfc_debug_enabled;
38 
39 #define NFA_RW_OPTION_INVALID 0xFF
40 
41 /* Tag sleep req cmd*/
42 uint8_t NFA_RW_TAG_SLP_REQ[] = {0x50, 0x00};
43 
44 /* Local static function prototypes */
45 static tNFC_STATUS nfa_rw_start_ndef_read(void);
46 static tNFC_STATUS nfa_rw_start_ndef_write(void);
47 static tNFC_STATUS nfa_rw_start_ndef_detection(void);
48 static tNFC_STATUS nfa_rw_config_tag_ro(bool b_hard_lock);
49 static bool nfa_rw_op_req_while_busy(tNFA_RW_MSG* p_data);
50 static bool nfa_rw_op_req_while_inactive(tNFA_RW_MSG* p_data);
51 static void nfa_rw_error_cleanup(uint8_t event);
52 static void nfa_rw_presence_check(tNFA_RW_MSG* p_data);
53 static void nfa_rw_handle_t2t_evt(tRW_EVENT event, tRW_DATA* p_rw_data);
54 static bool nfa_rw_detect_ndef(void);
55 static void nfa_rw_cback(tRW_EVENT event, tRW_DATA* p_rw_data);
56 static void nfa_rw_handle_mfc_evt(tRW_EVENT event, tRW_DATA* p_rw_data);
57 
58 /*******************************************************************************
59 **
60 ** Function         nfa_rw_free_ndef_rx_buf
61 **
62 ** Description      Free buffer allocated to hold incoming NDEF message
63 **
64 ** Returns          Nothing
65 **
66 *******************************************************************************/
nfa_rw_free_ndef_rx_buf(void)67 void nfa_rw_free_ndef_rx_buf(void) {
68   if (nfa_rw_cb.p_ndef_buf) {
69     nfa_mem_co_free(nfa_rw_cb.p_ndef_buf);
70     nfa_rw_cb.p_ndef_buf = nullptr;
71   }
72 }
73 
74 /*******************************************************************************
75 **
76 ** Function         nfa_rw_store_ndef_rx_buf
77 **
78 ** Description      Store data into NDEF buffer
79 **
80 ** Returns          Nothing
81 **
82 *******************************************************************************/
nfa_rw_store_ndef_rx_buf(tRW_DATA * p_rw_data)83 static void nfa_rw_store_ndef_rx_buf(tRW_DATA* p_rw_data) {
84   uint8_t* p;
85 
86   p = (uint8_t*)(p_rw_data->data.p_data + 1) + p_rw_data->data.p_data->offset;
87 
88   if ((nfa_rw_cb.ndef_rd_offset + p_rw_data->data.p_data->len) <=
89       nfa_rw_cb.ndef_cur_size) {
90     /* Save data into buffer */
91     memcpy(&nfa_rw_cb.p_ndef_buf[nfa_rw_cb.ndef_rd_offset], p,
92            p_rw_data->data.p_data->len);
93     nfa_rw_cb.ndef_rd_offset += p_rw_data->data.p_data->len;
94   } else {
95     LOG(ERROR) << StringPrintf("Exceed ndef_cur_size error");
96     android_errorWriteLog(0x534e4554, "123583388");
97   }
98 
99   GKI_freebuf(p_rw_data->data.p_data);
100   p_rw_data->data.p_data = nullptr;
101 }
102 
103 /*******************************************************************************
104 **
105 ** Function         nfa_rw_send_data_to_upper
106 **
107 ** Description      Send data to upper layer
108 **
109 ** Returns          Nothing
110 **
111 *******************************************************************************/
nfa_rw_send_data_to_upper(tRW_DATA * p_rw_data)112 static void nfa_rw_send_data_to_upper(tRW_DATA* p_rw_data) {
113   tNFA_CONN_EVT_DATA conn_evt_data;
114 
115   if ((p_rw_data->status == NFC_STATUS_TIMEOUT) ||
116       (p_rw_data->data.p_data == nullptr))
117     return;
118 
119   DLOG_IF(INFO, nfc_debug_enabled)
120       << StringPrintf("nfa_rw_send_data_to_upper: Len [0x%X] Status [%s]",
121                       p_rw_data->data.p_data->len,
122                       NFC_GetStatusName(p_rw_data->data.status).c_str());
123 
124   /* Notify conn cback of NFA_DATA_EVT */
125   conn_evt_data.data.status = p_rw_data->data.status;
126   conn_evt_data.data.p_data =
127       (uint8_t*)(p_rw_data->data.p_data + 1) + p_rw_data->data.p_data->offset;
128   conn_evt_data.data.len = p_rw_data->data.p_data->len;
129 
130   nfa_dm_act_conn_cback_notify(NFA_DATA_EVT, &conn_evt_data);
131 
132   GKI_freebuf(p_rw_data->data.p_data);
133   p_rw_data->data.p_data = nullptr;
134 }
135 
136 /*******************************************************************************
137 **
138 ** Function         nfa_rw_error_cleanup
139 **
140 ** Description      Handle failure - signal command complete and notify app
141 **
142 ** Returns          Nothing
143 **
144 *******************************************************************************/
nfa_rw_error_cleanup(uint8_t event)145 static void nfa_rw_error_cleanup(uint8_t event) {
146   tNFA_CONN_EVT_DATA conn_evt_data;
147 
148   nfa_rw_command_complete();
149 
150   conn_evt_data.status = NFA_STATUS_FAILED;
151 
152   nfa_dm_act_conn_cback_notify(event, &conn_evt_data);
153 }
154 
155 /*******************************************************************************
156 **
157 ** Function         nfa_rw_check_start_presence_check_timer
158 **
159 ** Description      Start timer to wait for specified time before presence check
160 **
161 ** Returns          Nothing
162 **
163 *******************************************************************************/
nfa_rw_check_start_presence_check_timer(uint16_t presence_check_start_delay)164 static void nfa_rw_check_start_presence_check_timer(
165     uint16_t presence_check_start_delay) {
166   if (!p_nfa_dm_cfg->auto_presence_check) return;
167 
168   if (nfa_rw_cb.flags & NFA_RW_FL_NOT_EXCL_RF_MODE) {
169     if (presence_check_start_delay) {
170       DLOG_IF(INFO, nfc_debug_enabled)
171           << StringPrintf("Starting presence check timer...");
172       nfa_sys_start_timer(&nfa_rw_cb.tle, NFA_RW_PRESENCE_CHECK_TICK_EVT,
173                           presence_check_start_delay);
174     } else {
175       /* Presence check now */
176       nfa_rw_presence_check(nullptr);
177     }
178   }
179 }
180 
181 /*******************************************************************************
182 **
183 ** Function         nfa_rw_stop_presence_check_timer
184 **
185 ** Description      Stop timer for presence check
186 **
187 ** Returns          Nothing
188 **
189 *******************************************************************************/
nfa_rw_stop_presence_check_timer(void)190 void nfa_rw_stop_presence_check_timer(void) {
191   nfa_sys_stop_timer(&nfa_rw_cb.tle);
192   DLOG_IF(INFO, nfc_debug_enabled)
193       << StringPrintf("Stopped presence check timer (if started)");
194 }
195 
196 /*******************************************************************************
197 **
198 ** Function         nfa_rw_handle_ndef_detect
199 **
200 ** Description      Handler for NDEF detection reader/writer event
201 **
202 ** Returns          Nothing
203 **
204 *******************************************************************************/
nfa_rw_handle_ndef_detect(tRW_DATA * p_rw_data)205 static void nfa_rw_handle_ndef_detect(tRW_DATA* p_rw_data) {
206   tNFA_CONN_EVT_DATA conn_evt_data;
207 
208   DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
209       "NDEF Detection completed: cur_size=%i, max_size=%i, flags=0x%x",
210       p_rw_data->ndef.cur_size, p_rw_data->ndef.max_size,
211       p_rw_data->ndef.flags);
212 
213   /* Check if NDEF detection succeeded */
214   if (p_rw_data->ndef.status == NFC_STATUS_OK) {
215     /* Set NDEF detection state */
216     nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_TRUE;
217     nfa_rw_cb.flags |= NFA_RW_FL_NDEF_OK;
218 
219     /* Store ndef properties */
220     conn_evt_data.ndef_detect.status = NFA_STATUS_OK;
221     conn_evt_data.ndef_detect.protocol = p_rw_data->ndef.protocol;
222     conn_evt_data.ndef_detect.cur_size = nfa_rw_cb.ndef_cur_size =
223         p_rw_data->ndef.cur_size;
224     conn_evt_data.ndef_detect.max_size = nfa_rw_cb.ndef_max_size =
225         p_rw_data->ndef.max_size;
226     conn_evt_data.ndef_detect.flags = p_rw_data->ndef.flags;
227 
228     if (p_rw_data->ndef.flags & RW_NDEF_FL_READ_ONLY)
229       nfa_rw_cb.flags |= NFA_RW_FL_TAG_IS_READONLY;
230     else
231       nfa_rw_cb.flags &= ~NFA_RW_FL_TAG_IS_READONLY;
232 
233     /* Determine what operation triggered the NDEF detection procedure */
234     if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
235       /* if ndef detection was done as part of ndef-read operation, then perform
236        * ndef read now */
237       conn_evt_data.status = nfa_rw_start_ndef_read();
238       if (conn_evt_data.status != NFA_STATUS_OK) {
239         /* Failed to start NDEF Read */
240 
241         /* Command complete - perform cleanup, notify app */
242         nfa_rw_command_complete();
243         nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
244       }
245     } else if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
246       /* if ndef detection was done as part of ndef-write operation, then
247        * perform ndef write now */
248       conn_evt_data.status = nfa_rw_start_ndef_write();
249       if (conn_evt_data.status != NFA_STATUS_OK) {
250         /* Failed to start NDEF Write.  */
251 
252         /* Command complete - perform cleanup, notify app */
253         nfa_rw_command_complete();
254         nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
255       }
256     } else {
257       /* current op was stand-alone NFA_DetectNDef. Command complete - perform
258        * cleanup and notify app */
259       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
260       nfa_rw_command_complete();
261 
262       nfa_dm_act_conn_cback_notify(NFA_NDEF_DETECT_EVT, &conn_evt_data);
263     }
264   } else {
265     /* NDEF detection failed... */
266 
267     /* Command complete - perform cleanup, notify app */
268     nfa_rw_command_complete();
269     nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_FALSE;
270     conn_evt_data.status = p_rw_data->ndef.status;
271 
272     if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
273       /* if ndef detection was done as part of ndef-read operation, then notify
274        * NDEF handlers of failure */
275       nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
276 
277       /* Notify app of read status */
278       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
279     } else if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
280       /* if ndef detection was done as part of ndef-write operation, then notify
281        * app of failure */
282       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
283     } else if (nfa_rw_cb.cur_op == NFA_RW_OP_DETECT_NDEF) {
284       conn_evt_data.ndef_detect.protocol = p_rw_data->ndef.protocol;
285       /* current op was stand-alone NFA_DetectNDef. Notify app of failure */
286       if (p_rw_data->ndef.status == NFC_STATUS_TIMEOUT) {
287         /* Tag could have moved away */
288         conn_evt_data.ndef_detect.cur_size = 0;
289         conn_evt_data.ndef_detect.max_size = 0;
290         conn_evt_data.ndef_detect.flags = RW_NDEF_FL_UNKNOWN;
291         conn_evt_data.ndef_detect.status = NFA_STATUS_TIMEOUT;
292       } else {
293         /* NDEF Detection failed for other reasons */
294         conn_evt_data.ndef_detect.cur_size = nfa_rw_cb.ndef_cur_size =
295             p_rw_data->ndef.cur_size;
296         conn_evt_data.ndef_detect.max_size = nfa_rw_cb.ndef_max_size =
297             p_rw_data->ndef.max_size;
298         conn_evt_data.ndef_detect.flags = p_rw_data->ndef.flags;
299       }
300       nfa_dm_act_conn_cback_notify(NFA_NDEF_DETECT_EVT, &conn_evt_data);
301     }
302 
303     nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
304   }
305 }
306 
307 /*******************************************************************************
308 **
309 ** Function         nfa_rw_handle_tlv_detect
310 **
311 ** Description      Handler for TLV detection reader/writer event
312 **
313 ** Returns          Nothing
314 **
315 *******************************************************************************/
nfa_rw_handle_tlv_detect(tRW_DATA * p_rw_data)316 static void nfa_rw_handle_tlv_detect(tRW_DATA* p_rw_data) {
317   tNFA_CONN_EVT_DATA conn_evt_data;
318 
319   /* Set TLV detection state */
320   if (nfa_rw_cb.cur_op == NFA_RW_OP_SET_TAG_RO) {
321     if (nfa_rw_cb.tlv_st == NFA_RW_TLV_DETECT_ST_OP_NOT_STARTED) {
322       nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_LOCK_TLV_OP_COMPLETE;
323     } else {
324       nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_COMPLETE;
325     }
326   } else {
327     if (nfa_rw_cb.cur_op == NFA_RW_OP_DETECT_LOCK_TLV) {
328       nfa_rw_cb.tlv_st |= NFA_RW_TLV_DETECT_ST_LOCK_TLV_OP_COMPLETE;
329     } else if (nfa_rw_cb.cur_op == NFA_RW_OP_DETECT_MEM_TLV) {
330       nfa_rw_cb.tlv_st |= NFA_RW_TLV_DETECT_ST_MEM_TLV_OP_COMPLETE;
331     }
332   }
333 
334   /* Check if TLV detection succeeded */
335   if (p_rw_data->tlv.status == NFC_STATUS_OK) {
336     DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
337         "TLV Detection succeeded: num_bytes=%i", p_rw_data->tlv.num_bytes);
338 
339     /* Store tlv properties */
340     conn_evt_data.tlv_detect.status = NFA_STATUS_OK;
341     conn_evt_data.tlv_detect.protocol = p_rw_data->tlv.protocol;
342     conn_evt_data.tlv_detect.num_bytes = p_rw_data->tlv.num_bytes;
343 
344     /* Determine what operation triggered the TLV detection procedure */
345     if (nfa_rw_cb.cur_op == NFA_RW_OP_SET_TAG_RO) {
346       if (nfa_rw_config_tag_ro(nfa_rw_cb.b_hard_lock) != NFC_STATUS_OK) {
347         /* Failed to set tag read only */
348         conn_evt_data.tlv_detect.status = NFA_STATUS_FAILED;
349         nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
350       }
351     } else {
352       /* current op was stand-alone NFA_DetectTlv. Command complete - perform
353        * cleanup and notify app */
354       nfa_rw_command_complete();
355       nfa_dm_act_conn_cback_notify(NFA_TLV_DETECT_EVT, &conn_evt_data);
356     }
357   }
358 
359   /* Handle failures */
360   if (p_rw_data->tlv.status != NFC_STATUS_OK) {
361     /* Command complete - perform cleanup, notify the app */
362     nfa_rw_command_complete();
363 
364     conn_evt_data.tlv_detect.status = NFA_STATUS_FAILED;
365     if ((nfa_rw_cb.cur_op == NFA_RW_OP_DETECT_LOCK_TLV) ||
366         (nfa_rw_cb.cur_op == NFA_RW_OP_DETECT_MEM_TLV)) {
367       nfa_dm_act_conn_cback_notify(NFA_TLV_DETECT_EVT, &conn_evt_data);
368     } else if (nfa_rw_cb.cur_op == NFA_RW_OP_SET_TAG_RO) {
369       if (nfa_rw_config_tag_ro(nfa_rw_cb.b_hard_lock) != NFC_STATUS_OK) {
370         /* Failed to set tag read only */
371         conn_evt_data.tlv_detect.status = NFA_STATUS_FAILED;
372         nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
373       }
374     }
375   }
376 }
377 
378 /*******************************************************************************
379 **
380 ** Function         nfa_rw_handle_sleep_wakeup_rsp
381 **
382 ** Description      Handl sleep wakeup
383 **
384 ** Returns          Nothing
385 **
386 *******************************************************************************/
nfa_rw_handle_sleep_wakeup_rsp(tNFC_STATUS status)387 void nfa_rw_handle_sleep_wakeup_rsp(tNFC_STATUS status) {
388   tNFC_ACTIVATE_DEVT activate_params;
389   tRW_EVENT event;
390 
391   if ((nfa_rw_cb.halt_event != RW_T2T_MAX_EVT) &&
392       (nfa_rw_cb.activated_tech_mode == NFC_DISCOVERY_TYPE_POLL_A) &&
393       (nfa_rw_cb.protocol == NFC_PROTOCOL_T2T) &&
394       (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T)) {
395     DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
396         "nfa_rw_handle_sleep_wakeup_rsp; Attempt to wake up Type 2 tag from "
397         "HALT State is complete");
398     if (status == NFC_STATUS_OK) {
399       /* Type 2 Tag is wakeup from HALT state */
400       DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
401           "nfa_rw_handle_sleep_wakeup_rsp; Handle the NACK rsp received now");
402       /* Initialize control block */
403       activate_params.protocol = nfa_rw_cb.protocol;
404       activate_params.rf_tech_param.param.pa.sel_rsp = nfa_rw_cb.pa_sel_res;
405       activate_params.rf_tech_param.mode = nfa_rw_cb.activated_tech_mode;
406 
407       /* Initialize RW module */
408       if ((RW_SetActivatedTagType(&activate_params, nfa_rw_cback)) !=
409           NFC_STATUS_OK) {
410         /* Log error (stay in NFA_RW_ST_ACTIVATED state until deactivation) */
411         LOG(ERROR) << StringPrintf("RW_SetActivatedTagType failed.");
412         if (nfa_rw_cb.halt_event == RW_T2T_READ_CPLT_EVT) {
413           if (nfa_rw_cb.rw_data.data.p_data)
414             GKI_freebuf(nfa_rw_cb.rw_data.data.p_data);
415           nfa_rw_cb.rw_data.data.p_data = nullptr;
416         }
417         /* Do not try to detect NDEF again but just notify current operation
418          * failed */
419         nfa_rw_cb.halt_event = RW_T2T_MAX_EVT;
420       }
421     }
422 
423     /* The current operation failed with NACK rsp from type 2 tag */
424     nfa_rw_cb.rw_data.status = NFC_STATUS_FAILED;
425     event = nfa_rw_cb.halt_event;
426 
427     /* Got NACK rsp during presence check and legacy presence check performed */
428     if (nfa_rw_cb.cur_op == NFA_RW_OP_PRESENCE_CHECK)
429       nfa_rw_cb.rw_data.status = status;
430 
431     /* If cannot Sleep wakeup tag, then NDEF Detect operation is complete */
432     if ((status != NFC_STATUS_OK) &&
433         (nfa_rw_cb.halt_event == RW_T2T_NDEF_DETECT_EVT))
434       nfa_rw_cb.halt_event = RW_T2T_MAX_EVT;
435 
436     nfa_rw_handle_t2t_evt(event, &nfa_rw_cb.rw_data);
437     nfa_rw_cb.halt_event = RW_T2T_MAX_EVT;
438 
439     /* If Type 2 tag sleep wakeup failed and If in normal mode (not-exclusive RF
440      * mode) then deactivate the link if sleep wakeup failed */
441     if ((nfa_rw_cb.flags & NFA_RW_FL_NOT_EXCL_RF_MODE) &&
442         (status != NFC_STATUS_OK)) {
443       DLOG_IF(INFO, nfc_debug_enabled)
444           << StringPrintf("Sleep wakeup failed. Deactivating...");
445       nfa_dm_rf_deactivate(NFA_DEACTIVATE_TYPE_DISCOVERY);
446     }
447   } else {
448     DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
449         "nfa_rw_handle_sleep_wakeup_rsp; Legacy presence check performed");
450     /* Legacy presence check performed */
451     nfa_rw_handle_presence_check_rsp(status);
452   }
453 }
454 
455 /*******************************************************************************
456 **
457 ** Function         nfa_rw_handle_presence_check_rsp
458 **
459 ** Description      Handler RW_T#t_PRESENCE_CHECK_EVT
460 **
461 ** Returns          Nothing
462 **
463 *******************************************************************************/
nfa_rw_handle_presence_check_rsp(tNFC_STATUS status)464 void nfa_rw_handle_presence_check_rsp(tNFC_STATUS status) {
465   NFC_HDR* p_pending_msg;
466 
467   /* Stop the presence check timer - timer may have been started when presence
468    * check started */
469   nfa_rw_stop_presence_check_timer();
470   if (status == NFA_STATUS_OK) {
471     /* Clear the BUSY flag and restart the presence-check timer */
472     nfa_rw_command_complete();
473   } else {
474     /* If presence check failed just clear the BUSY flag */
475     nfa_rw_cb.flags &= ~NFA_RW_FL_API_BUSY;
476   }
477 
478   /* Handle presence check due to auto-presence-check  */
479   if (nfa_rw_cb.flags & NFA_RW_FL_AUTO_PRESENCE_CHECK_BUSY) {
480     nfa_rw_cb.flags &= ~NFA_RW_FL_AUTO_PRESENCE_CHECK_BUSY;
481 
482     /* If an API was called during auto-presence-check, then handle it now */
483     if (nfa_rw_cb.p_pending_msg) {
484       /* If NFA_RwPresenceCheck was called during auto-presence-check, notify
485        * app of result */
486       if (nfa_rw_cb.p_pending_msg->op_req.op == NFA_RW_OP_PRESENCE_CHECK) {
487         /* Notify app of presence check status */
488         tNFA_CONN_EVT_DATA nfa_conn_evt_data;
489         nfa_conn_evt_data.status = status;
490         nfa_dm_act_conn_cback_notify(NFA_PRESENCE_CHECK_EVT,
491                                      &nfa_conn_evt_data);
492         GKI_freebuf(nfa_rw_cb.p_pending_msg);
493         nfa_rw_cb.p_pending_msg = nullptr;
494       }
495       /* For all other APIs called during auto-presence check, perform the
496          command now (if tag is still present) */
497       else if (status == NFC_STATUS_OK) {
498         DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
499             "Performing deferred operation after presence check...");
500         p_pending_msg = (NFC_HDR*)nfa_rw_cb.p_pending_msg;
501         nfa_rw_cb.p_pending_msg = nullptr;
502         nfa_rw_handle_event(p_pending_msg);
503         GKI_freebuf(p_pending_msg);
504       } else {
505         /* Tag no longer present. Free command for pending API command */
506         GKI_freebuf(nfa_rw_cb.p_pending_msg);
507         nfa_rw_cb.p_pending_msg = nullptr;
508       }
509     }
510 
511     /* Auto-presence check failed. Deactivate */
512     if (status != NFC_STATUS_OK) {
513       DLOG_IF(INFO, nfc_debug_enabled)
514           << StringPrintf("Auto presence check failed. Deactivating...");
515       nfa_dm_rf_deactivate(NFA_DEACTIVATE_TYPE_DISCOVERY);
516     }
517   }
518   /* Handle presence check due to NFA_RwPresenceCheck API call */
519   else {
520     /* Notify app of presence check status */
521     tNFA_CONN_EVT_DATA nfa_conn_evt_data;
522     nfa_conn_evt_data.status = status;
523     nfa_dm_act_conn_cback_notify(NFA_PRESENCE_CHECK_EVT, &nfa_conn_evt_data);
524 
525     /* If in normal mode (not-exclusive RF mode) then deactivate the link if
526      * presence check failed */
527     if ((nfa_rw_cb.flags & NFA_RW_FL_NOT_EXCL_RF_MODE) &&
528         (nfa_conn_evt_data.status != NFC_STATUS_OK)) {
529       DLOG_IF(INFO, nfc_debug_enabled)
530           << StringPrintf("Presence check failed. Deactivating...");
531       nfa_dm_rf_deactivate(NFA_DEACTIVATE_TYPE_DISCOVERY);
532     }
533   }
534 }
535 
536 /*******************************************************************************
537 **
538 ** Function         nfa_rw_handle_t1t_evt
539 **
540 ** Description      Handler for Type-1 tag reader/writer events
541 **
542 ** Returns          Nothing
543 **
544 *******************************************************************************/
nfa_rw_handle_t1t_evt(tRW_EVENT event,tRW_DATA * p_rw_data)545 static void nfa_rw_handle_t1t_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
546   tNFA_CONN_EVT_DATA conn_evt_data;
547   tNFA_TAG_PARAMS tag_params;
548   uint8_t* p_rid_rsp;
549   tNFA_STATUS activation_status;
550 
551   conn_evt_data.status = p_rw_data->data.status;
552   switch (event) {
553     case RW_T1T_RID_EVT:
554       if (p_rw_data->data.p_data != nullptr) {
555         /* Assume the data is just the response byte sequence */
556         p_rid_rsp = (uint8_t*)(p_rw_data->data.p_data + 1) +
557                     p_rw_data->data.p_data->offset;
558         /* Fetch HR from RID response message */
559         STREAM_TO_ARRAY(tag_params.t1t.hr, p_rid_rsp, T1T_HR_LEN);
560         /* Fetch UID0-3 from RID response message */
561         STREAM_TO_ARRAY(tag_params.t1t.uid, p_rid_rsp, T1T_CMD_UID_LEN);
562         GKI_freebuf(p_rw_data->data.p_data);
563         p_rw_data->data.p_data = nullptr;
564       }
565 
566       /* Command complete - perform cleanup, notify the app */
567       nfa_rw_command_complete();
568 
569       if (p_rw_data->status == NFC_STATUS_TIMEOUT) {
570         activation_status = NFA_STATUS_TIMEOUT;
571       } else {
572         activation_status = NFA_STATUS_OK;
573       }
574 
575       nfa_dm_notify_activation_status(activation_status, &tag_params);
576       break;
577 
578     case RW_T1T_RALL_CPLT_EVT:
579     case RW_T1T_READ_CPLT_EVT:
580     case RW_T1T_RSEG_CPLT_EVT:
581     case RW_T1T_READ8_CPLT_EVT:
582       nfa_rw_send_data_to_upper(p_rw_data);
583 
584       /* Command complete - perform cleanup, notify the app */
585       nfa_rw_command_complete();
586       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
587       break;
588 
589     case RW_T1T_WRITE_E_CPLT_EVT:
590     case RW_T1T_WRITE_NE_CPLT_EVT:
591     case RW_T1T_WRITE_E8_CPLT_EVT:
592     case RW_T1T_WRITE_NE8_CPLT_EVT:
593       nfa_rw_send_data_to_upper(p_rw_data);
594 
595       /* Command complete - perform cleanup, notify the app */
596       nfa_rw_command_complete();
597       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
598       break;
599 
600     case RW_T1T_TLV_DETECT_EVT:
601       nfa_rw_handle_tlv_detect(p_rw_data);
602       break;
603 
604     case RW_T1T_NDEF_DETECT_EVT:
605       nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_COMPLETE;
606 
607       if ((p_rw_data->status != NFC_STATUS_OK) &&
608           (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) &&
609           (p_rw_data->ndef.flags & NFA_RW_NDEF_FL_FORMATABLE) &&
610           (!(p_rw_data->ndef.flags & NFA_RW_NDEF_FL_FORMATED)) &&
611           (p_rw_data->ndef.flags & NFA_RW_NDEF_FL_SUPPORTED)) {
612         /* Tag is in Initialized state, Format the tag first and then Write NDEF
613          */
614         if (RW_T1tFormatNDef() == NFC_STATUS_OK) break;
615       }
616 
617       nfa_rw_handle_ndef_detect(p_rw_data);
618 
619       break;
620 
621     case RW_T1T_NDEF_READ_EVT:
622       nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_COMPLETE;
623       if (p_rw_data->status == NFC_STATUS_OK) {
624         /* Process the ndef record */
625         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
626                                    nfa_rw_cb.ndef_cur_size);
627       } else {
628         /* Notify app of failure */
629         if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
630           /* If current operation is READ_NDEF, then notify ndef handlers of
631            * failure */
632           nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
633         }
634       }
635 
636       /* Command complete - perform cleanup, notify the app */
637       nfa_rw_command_complete();
638       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
639 
640       /* Free ndef buffer */
641       nfa_rw_free_ndef_rx_buf();
642       break;
643 
644     case RW_T1T_NDEF_WRITE_EVT:
645       if (p_rw_data->data.status != NFA_STATUS_OK)
646         nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
647       nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_COMPLETE;
648 
649       /* Command complete - perform cleanup, notify the app */
650       nfa_rw_command_complete();
651 
652       /* Notify app */
653       conn_evt_data.status = (p_rw_data->data.status == NFC_STATUS_OK)
654                                  ? NFA_STATUS_OK
655                                  : NFA_STATUS_FAILED;
656       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
657         /* Update local cursize of ndef message */
658         nfa_rw_cb.ndef_cur_size = nfa_rw_cb.ndef_wr_len;
659       }
660 
661       /* Notify app of ndef write complete status */
662       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
663       break;
664 
665     case RW_T1T_SET_TAG_RO_EVT:
666       /* Command complete - perform cleanup, notify the app */
667       nfa_rw_command_complete();
668       nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
669       break;
670 
671     case RW_T1T_RAW_FRAME_EVT:
672       nfa_rw_send_data_to_upper(p_rw_data);
673       /* Command complete - perform cleanup */
674       nfa_rw_command_complete();
675       break;
676 
677     case RW_T1T_PRESENCE_CHECK_EVT: /* Presence check completed */
678       nfa_rw_handle_presence_check_rsp(p_rw_data->status);
679       break;
680 
681     case RW_T1T_FORMAT_CPLT_EVT:
682 
683       if (p_rw_data->data.status == NFA_STATUS_OK)
684         nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
685 
686       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
687         /* if format operation was done as part of ndef-write operation, now
688          * start NDEF Write */
689         if ((p_rw_data->data.status != NFA_STATUS_OK) ||
690             ((conn_evt_data.status = RW_T1tDetectNDef()) != NFC_STATUS_OK)) {
691           /* Command complete - perform cleanup, notify app */
692           nfa_rw_command_complete();
693           nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_FALSE;
694 
695           /* if format operation failed or ndef detection did not start, then
696            * notify app of ndef-write operation failure */
697           conn_evt_data.status = NFA_STATUS_FAILED;
698           nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
699         }
700       } else {
701         /* Command complete - perform cleanup, notify the app */
702         nfa_rw_command_complete();
703         nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
704       }
705       break;
706 
707     case RW_T1T_INTF_ERROR_EVT:
708       nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
709       break;
710   }
711 }
712 
713 /*******************************************************************************
714 **
715 ** Function         nfa_rw_handle_t2t_evt
716 **
717 ** Description      Handler for Type-2 tag reader/writer events
718 **
719 ** Returns          Nothing
720 **
721 *******************************************************************************/
nfa_rw_handle_t2t_evt(tRW_EVENT event,tRW_DATA * p_rw_data)722 static void nfa_rw_handle_t2t_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
723   tNFA_CONN_EVT_DATA conn_evt_data;
724 
725   conn_evt_data.status = p_rw_data->status;
726 
727   if (p_rw_data->status == NFC_STATUS_REJECTED) {
728     DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
729         "; Waking the tag first before handling the "
730         "response!");
731     /* Received NACK. Let DM wakeup the tag first (by putting tag to sleep and
732      * then waking it up) */
733     p_rw_data->status = nfa_dm_disc_sleep_wakeup();
734     if (p_rw_data->status == NFC_STATUS_OK) {
735       nfa_rw_cb.halt_event = event;
736       memcpy(&nfa_rw_cb.rw_data, p_rw_data, sizeof(tRW_DATA));
737       return;
738     }
739   }
740 
741   switch (event) {
742     case RW_T2T_READ_CPLT_EVT: /* Read completed          */
743       nfa_rw_send_data_to_upper(p_rw_data);
744       /* Command complete - perform cleanup, notify the app */
745       nfa_rw_command_complete();
746       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
747       break;
748 
749     case RW_T2T_WRITE_CPLT_EVT: /* Write completed         */
750       /* Command complete - perform cleanup, notify the app */
751       nfa_rw_command_complete();
752       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
753       break;
754 
755     case RW_T2T_SELECT_CPLT_EVT: /* Sector select completed */
756       /* Command complete - perform cleanup, notify the app */
757       nfa_rw_command_complete();
758       nfa_dm_act_conn_cback_notify(NFA_SELECT_CPLT_EVT, &conn_evt_data);
759       break;
760 
761     case RW_T2T_NDEF_DETECT_EVT: /* NDEF detection complete */
762       if ((p_rw_data->status == NFC_STATUS_OK) ||
763           ((p_rw_data->status == NFC_STATUS_FAILED) &&
764            ((p_rw_data->ndef.flags == NFA_RW_NDEF_FL_UNKNOWN) ||
765             (nfa_rw_cb.halt_event == RW_T2T_MAX_EVT))) ||
766           (nfa_rw_cb.skip_dyn_locks == true)) {
767         /* NDEF Detection is complete */
768         nfa_rw_cb.skip_dyn_locks = false;
769         nfa_rw_handle_ndef_detect(p_rw_data);
770       } else {
771         /* Try to detect NDEF again, this time without reading dynamic lock
772          * bytes */
773         nfa_rw_cb.skip_dyn_locks = true;
774         nfa_rw_detect_ndef();
775       }
776       break;
777 
778     case RW_T2T_TLV_DETECT_EVT: /* Lock control/Mem/Prop tlv detection complete
779                                  */
780       nfa_rw_handle_tlv_detect(p_rw_data);
781       break;
782 
783     case RW_T2T_NDEF_READ_EVT: /* NDEF read completed     */
784       if (p_rw_data->status == NFC_STATUS_OK) {
785         /* Process the ndef record */
786         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
787                                    nfa_rw_cb.ndef_cur_size);
788       } else {
789         /* Notify app of failure */
790         if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
791           /* If current operation is READ_NDEF, then notify ndef handlers of
792            * failure */
793           nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
794         }
795       }
796 
797       /* Notify app of read status */
798       conn_evt_data.status = p_rw_data->status;
799       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
800       /* Free ndef buffer */
801       nfa_rw_free_ndef_rx_buf();
802 
803       /* Command complete - perform cleanup */
804       nfa_rw_command_complete();
805       break;
806 
807     case RW_T2T_NDEF_WRITE_EVT: /* NDEF write complete     */
808 
809       /* Command complete - perform cleanup, notify the app */
810       nfa_rw_command_complete();
811 
812       /* Notify app */
813       conn_evt_data.status = (p_rw_data->data.status == NFC_STATUS_OK)
814                                  ? NFA_STATUS_OK
815                                  : NFA_STATUS_FAILED;
816       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
817         /* Update local cursize of ndef message */
818         nfa_rw_cb.ndef_cur_size = nfa_rw_cb.ndef_wr_len;
819       }
820 
821       /* Notify app of ndef write complete status */
822       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
823 
824       break;
825 
826     case RW_T2T_SET_TAG_RO_EVT:
827       /* Command complete - perform cleanup, notify the app */
828       nfa_rw_command_complete();
829       nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
830       break;
831 
832     case RW_T2T_RAW_FRAME_EVT:
833       nfa_rw_send_data_to_upper(p_rw_data);
834       /* Command complete - perform cleanup */
835       if (p_rw_data->status != NFC_STATUS_CONTINUE) {
836         nfa_rw_command_complete();
837       }
838       break;
839 
840     case RW_T2T_PRESENCE_CHECK_EVT: /* Presence check completed */
841       nfa_rw_handle_presence_check_rsp(p_rw_data->status);
842       break;
843 
844     case RW_T2T_FORMAT_CPLT_EVT:
845       if (p_rw_data->data.status == NFA_STATUS_OK)
846         nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
847 
848       /* Command complete - perform cleanup, notify the app */
849       nfa_rw_command_complete();
850       nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
851       break;
852 
853     case RW_T2T_INTF_ERROR_EVT:
854       nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
855       break;
856   }
857 }
858 
859 /*******************************************************************************
860 **
861 ** Function         nfa_rw_handle_t3t_evt
862 **
863 ** Description      Handler for Type-3 tag reader/writer events
864 **
865 ** Returns          Nothing
866 **
867 *******************************************************************************/
nfa_rw_handle_t3t_evt(tRW_EVENT event,tRW_DATA * p_rw_data)868 static void nfa_rw_handle_t3t_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
869   tNFA_CONN_EVT_DATA conn_evt_data;
870   tNFA_TAG_PARAMS tag_params;
871 
872   switch (event) {
873     case RW_T3T_NDEF_DETECT_EVT: /* NDEF detection complete */
874       nfa_rw_handle_ndef_detect(p_rw_data);
875       break;
876 
877     case RW_T3T_UPDATE_CPLT_EVT: /* Write completed */
878       /* Command complete - perform cleanup, notify the app */
879       nfa_rw_command_complete();
880 
881       /* Notify app */
882       conn_evt_data.status = (p_rw_data->data.status == NFC_STATUS_OK)
883                                  ? NFA_STATUS_OK
884                                  : NFA_STATUS_FAILED;
885       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
886         /* Update local cursize of ndef message */
887         nfa_rw_cb.ndef_cur_size = nfa_rw_cb.ndef_wr_len;
888       }
889 
890       /* Notify app of ndef write complete status */
891       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
892 
893       break;
894 
895     case RW_T3T_CHECK_CPLT_EVT: /* Read completed */
896       if (p_rw_data->status == NFC_STATUS_OK) {
897         /* Process the ndef record */
898         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
899                                    nfa_rw_cb.ndef_cur_size);
900       } else {
901         /* Notify app of failure */
902         if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
903           /* If current operation is READ_NDEF, then notify ndef handlers of
904            * failure */
905           nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
906         }
907       }
908 
909       /* Free ndef buffer */
910       nfa_rw_free_ndef_rx_buf();
911 
912       /* Command complete - perform cleanup, notify the app */
913       nfa_rw_command_complete();
914       conn_evt_data.status = p_rw_data->status;
915       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
916       break;
917 
918     case RW_T3T_CHECK_EVT: /* Segment of data received from type 3 tag */
919       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
920         nfa_rw_store_ndef_rx_buf(p_rw_data);
921       } else {
922         nfa_rw_send_data_to_upper(p_rw_data);
923       }
924       break;
925 
926     case RW_T3T_RAW_FRAME_EVT: /* SendRawFrame response */
927       nfa_rw_send_data_to_upper(p_rw_data);
928 
929       if (p_rw_data->status != NFC_STATUS_CONTINUE) {
930         /* Command complete - perform cleanup */
931         nfa_rw_command_complete();
932       }
933       break;
934 
935     case RW_T3T_PRESENCE_CHECK_EVT: /* Presence check completed */
936       nfa_rw_handle_presence_check_rsp(p_rw_data->status);
937       break;
938 
939     case RW_T3T_GET_SYSTEM_CODES_EVT: /* Presence check completed */
940       /* Command complete - perform cleanup */
941       nfa_rw_command_complete();
942 
943       /* System codes retrieved - notify app of ACTIVATION */
944       if (p_rw_data->status == NFC_STATUS_OK) {
945         tag_params.t3t.num_system_codes = p_rw_data->t3t_sc.num_system_codes;
946         tag_params.t3t.p_system_codes = p_rw_data->t3t_sc.p_system_codes;
947       } else {
948         tag_params.t3t.num_system_codes = 0;
949         tag_params.t3t.p_system_codes = nullptr;
950       }
951 
952       nfa_dm_notify_activation_status(NFA_STATUS_OK, &tag_params);
953       break;
954 
955     case RW_T3T_FORMAT_CPLT_EVT: /* Format completed */
956       /* Command complete - perform cleanup, notify the app */
957       nfa_rw_command_complete();
958 
959       /* Notify app */
960       conn_evt_data.status = (p_rw_data->data.status == NFC_STATUS_OK)
961                                  ? NFA_STATUS_OK
962                                  : NFA_STATUS_FAILED;
963 
964       /* Notify app of ndef write complete status */
965       nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
966       break;
967 
968     case RW_T3T_INTF_ERROR_EVT:
969       DLOG_IF(INFO, nfc_debug_enabled)
970           << StringPrintf("%s; send deactivate", __func__);
971       nfa_dm_rf_deactivate(NFA_DEACTIVATE_TYPE_DISCOVERY);
972       conn_evt_data.status = p_rw_data->status;
973       nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
974       break;
975 
976     case RW_T3T_SET_READ_ONLY_CPLT_EVT:
977       /* Command complete - perform cleanup, notify the app */
978       nfa_rw_command_complete();
979 
980       conn_evt_data.status = p_rw_data->status;
981       nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
982       break;
983 
984     default:
985       DLOG_IF(INFO, nfc_debug_enabled)
986           << StringPrintf("; Unhandled RW event 0x%X", event);
987       break;
988   }
989 }
990 
991 /*******************************************************************************
992 **
993 ** Function         nfa_rw_handle_t4t_evt
994 **
995 ** Description      Handler for Type-4 tag reader/writer events
996 **
997 ** Returns          Nothing
998 **
999 *******************************************************************************/
nfa_rw_handle_t4t_evt(tRW_EVENT event,tRW_DATA * p_rw_data)1000 static void nfa_rw_handle_t4t_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
1001   tNFA_CONN_EVT_DATA conn_evt_data;
1002 
1003   switch (event) {
1004     case RW_T4T_NDEF_DETECT_EVT: /* Result of NDEF detection procedure */
1005       nfa_rw_handle_ndef_detect(p_rw_data);
1006       break;
1007 
1008     case RW_T4T_NDEF_FORMAT_CPLT_EVT:
1009       /* Command complete - perform cleanup, notify the app */
1010       nfa_rw_command_complete();
1011       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1012       nfa_rw_cb.ndef_cur_size = p_rw_data->ndef.cur_size;
1013       nfa_rw_cb.ndef_max_size = p_rw_data->ndef.max_size;
1014       conn_evt_data.status = (p_rw_data->status == NFC_STATUS_OK)
1015                                  ? NFA_STATUS_OK
1016                                  : NFA_STATUS_FAILED;
1017 
1018       nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
1019       break;
1020 
1021     case RW_T4T_NDEF_READ_EVT: /* Segment of data received from type 4 tag */
1022       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1023         nfa_rw_store_ndef_rx_buf(p_rw_data);
1024       } else {
1025         nfa_rw_send_data_to_upper(p_rw_data);
1026       }
1027       break;
1028 
1029     case RW_T4T_NDEF_READ_CPLT_EVT: /* Read operation completed           */
1030       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1031         nfa_rw_store_ndef_rx_buf(p_rw_data);
1032 
1033         /* Process the ndef record */
1034         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
1035                                    nfa_rw_cb.ndef_cur_size);
1036 
1037         /* Free ndef buffer */
1038         nfa_rw_free_ndef_rx_buf();
1039       } else {
1040         nfa_rw_send_data_to_upper(p_rw_data);
1041       }
1042 
1043       /* Command complete - perform cleanup, notify the app */
1044       nfa_rw_command_complete();
1045       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1046       conn_evt_data.status = NFC_STATUS_OK;
1047       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1048       break;
1049 
1050     case RW_T4T_NDEF_READ_FAIL_EVT: /* Read operation failed              */
1051       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1052         /* If current operation is READ_NDEF, then notify ndef handlers of
1053          * failure */
1054         nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
1055 
1056         /* Free ndef buffer */
1057         nfa_rw_free_ndef_rx_buf();
1058       }
1059 
1060       /* Command complete - perform cleanup, notify the app */
1061       nfa_rw_command_complete();
1062       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1063       conn_evt_data.status = NFA_STATUS_FAILED;
1064       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1065       break;
1066 
1067     case RW_T4T_NDEF_UPDATE_CPLT_EVT: /* Update operation completed         */
1068     case RW_T4T_NDEF_UPDATE_FAIL_EVT: /* Update operation failed            */
1069 
1070       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
1071         /* Update local cursize of ndef message */
1072         nfa_rw_cb.ndef_cur_size = nfa_rw_cb.ndef_wr_len;
1073       }
1074 
1075       /* Notify app */
1076       if (event == RW_T4T_NDEF_UPDATE_CPLT_EVT)
1077         conn_evt_data.status = NFA_STATUS_OK;
1078       else
1079         conn_evt_data.status = NFA_STATUS_FAILED;
1080 
1081       /* Command complete - perform cleanup, notify the app */
1082       nfa_rw_command_complete();
1083       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1084       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
1085       break;
1086 
1087     case RW_T4T_RAW_FRAME_EVT: /* Raw Frame data event         */
1088       nfa_rw_send_data_to_upper(p_rw_data);
1089 
1090       if (p_rw_data->status != NFC_STATUS_CONTINUE) {
1091         /* Command complete - perform cleanup */
1092         nfa_rw_command_complete();
1093         nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1094       }
1095       break;
1096 
1097     case RW_T4T_SET_TO_RO_EVT: /* Tag is set as read only          */
1098       conn_evt_data.status = p_rw_data->status;
1099       nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
1100 
1101       nfa_rw_command_complete();
1102       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1103       break;
1104 
1105     case RW_T4T_INTF_ERROR_EVT: /* RF Interface error event         */
1106       conn_evt_data.status = p_rw_data->status;
1107       nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
1108 
1109       nfa_rw_command_complete();
1110       nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1111       break;
1112 
1113     case RW_T4T_PRESENCE_CHECK_EVT: /* Presence check completed */
1114       nfa_rw_handle_presence_check_rsp(p_rw_data->status);
1115       break;
1116 
1117     default:
1118       DLOG_IF(INFO, nfc_debug_enabled)
1119           << StringPrintf("; Unhandled RW event 0x%X", event);
1120       break;
1121   }
1122 }
1123 
1124 /*******************************************************************************
1125 **
1126 ** Function         nfa_rw_handle_i93_evt
1127 **
1128 ** Description      Handler for ISO 15693 tag reader/writer events
1129 **
1130 ** Returns          Nothing
1131 **
1132 *******************************************************************************/
nfa_rw_handle_i93_evt(tRW_EVENT event,tRW_DATA * p_rw_data)1133 static void nfa_rw_handle_i93_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
1134   tNFA_CONN_EVT_DATA conn_evt_data;
1135   tNFA_TAG_PARAMS i93_params;
1136 
1137   switch (event) {
1138     case RW_I93_NDEF_DETECT_EVT: /* Result of NDEF detection procedure */
1139       nfa_rw_handle_ndef_detect(p_rw_data);
1140       break;
1141 
1142     case RW_I93_NDEF_READ_EVT: /* Segment of data received from type 4 tag */
1143       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1144         nfa_rw_store_ndef_rx_buf(p_rw_data);
1145       } else {
1146         nfa_rw_send_data_to_upper(p_rw_data);
1147       }
1148       break;
1149 
1150     case RW_I93_NDEF_READ_CPLT_EVT: /* Read operation completed           */
1151       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1152         nfa_rw_store_ndef_rx_buf(p_rw_data);
1153 
1154         /* Process the ndef record */
1155         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
1156                                    nfa_rw_cb.ndef_cur_size);
1157 
1158         /* Free ndef buffer */
1159         nfa_rw_free_ndef_rx_buf();
1160       } else {
1161         nfa_rw_send_data_to_upper(p_rw_data);
1162       }
1163 
1164       /* Command complete - perform cleanup, notify app */
1165       nfa_rw_command_complete();
1166       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1167       conn_evt_data.status = NFC_STATUS_OK;
1168       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1169       break;
1170 
1171     case RW_I93_NDEF_READ_FAIL_EVT: /* Read operation failed              */
1172       if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1173         /* If current operation is READ_NDEF, then notify ndef handlers of
1174          * failure */
1175         nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, nullptr, 0);
1176 
1177         /* Free ndef buffer */
1178         nfa_rw_free_ndef_rx_buf();
1179       }
1180 
1181       /* Command complete - perform cleanup, notify app */
1182       nfa_rw_command_complete();
1183       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1184       conn_evt_data.status = NFA_STATUS_FAILED;
1185       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1186       break;
1187 
1188     case RW_I93_NDEF_UPDATE_CPLT_EVT: /* Update operation completed         */
1189     case RW_I93_NDEF_UPDATE_FAIL_EVT: /* Update operation failed            */
1190 
1191       if (nfa_rw_cb.cur_op == NFA_RW_OP_WRITE_NDEF) {
1192         /* Update local cursize of ndef message */
1193         nfa_rw_cb.ndef_cur_size = nfa_rw_cb.ndef_wr_len;
1194       }
1195 
1196       /* Command complete - perform cleanup, notify app */
1197       nfa_rw_command_complete();
1198       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1199 
1200       if (event == RW_I93_NDEF_UPDATE_CPLT_EVT)
1201         conn_evt_data.status = NFA_STATUS_OK;
1202       else
1203         conn_evt_data.status = NFA_STATUS_FAILED;
1204 
1205       /* Notify app of ndef write complete status */
1206       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
1207       break;
1208 
1209     case RW_I93_RAW_FRAME_EVT: /* Raw Frame data event         */
1210       nfa_rw_send_data_to_upper(p_rw_data);
1211       if (p_rw_data->status != NFC_STATUS_CONTINUE) {
1212         /* Command complete - perform cleanup */
1213         nfa_rw_command_complete();
1214       }
1215       break;
1216 
1217     case RW_I93_INTF_ERROR_EVT: /* RF Interface error event         */
1218       /* Command complete - perform cleanup, notify app */
1219       nfa_rw_command_complete();
1220 
1221       if (nfa_rw_cb.flags & NFA_RW_FL_ACTIVATION_NTF_PENDING) {
1222         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
1223 
1224         memset(&i93_params, 0x00, sizeof(tNFA_TAG_PARAMS));
1225         memcpy(i93_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
1226 
1227         nfa_dm_notify_activation_status(NFA_STATUS_OK, &i93_params);
1228       } else {
1229         conn_evt_data.status = p_rw_data->status;
1230         nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
1231       }
1232 
1233       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1234       break;
1235 
1236     case RW_I93_PRESENCE_CHECK_EVT: /* Presence check completed */
1237       nfa_rw_handle_presence_check_rsp(p_rw_data->status);
1238       break;
1239 
1240     case RW_I93_FORMAT_CPLT_EVT: /* Format procedure complete          */
1241       if (p_rw_data->data.status == NFA_STATUS_OK)
1242         nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
1243 
1244       /* Command complete - perform cleanup, notify app */
1245       nfa_rw_command_complete();
1246       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1247       conn_evt_data.status = p_rw_data->status;
1248       nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
1249       break;
1250 
1251     case RW_I93_SET_TAG_RO_EVT: /* Set read-only procedure complete   */
1252       nfa_rw_cb.flags |= NFA_RW_FL_TAG_IS_READONLY;
1253 
1254       /* Command complete - perform cleanup, notify app */
1255       nfa_rw_command_complete();
1256       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1257       conn_evt_data.status = p_rw_data->status;
1258       nfa_dm_act_conn_cback_notify(NFA_SET_TAG_RO_EVT, &conn_evt_data);
1259       break;
1260 
1261     case RW_I93_INVENTORY_EVT: /* Response of Inventory              */
1262 
1263       /* Command complete - perform cleanup, notify app */
1264       nfa_rw_command_complete();
1265 
1266       conn_evt_data.i93_cmd_cplt.status = p_rw_data->i93_inventory.status;
1267       conn_evt_data.i93_cmd_cplt.sent_command = I93_CMD_INVENTORY;
1268 
1269       conn_evt_data.i93_cmd_cplt.params.inventory.dsfid =
1270           p_rw_data->i93_inventory.dsfid;
1271       memcpy(conn_evt_data.i93_cmd_cplt.params.inventory.uid,
1272              p_rw_data->i93_inventory.uid, I93_UID_BYTE_LEN);
1273 
1274       nfa_dm_act_conn_cback_notify(NFA_I93_CMD_CPLT_EVT, &conn_evt_data);
1275 
1276       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1277       break;
1278 
1279     case RW_I93_DATA_EVT: /* Response of Read, Get Multi Security */
1280 
1281       /* Command complete - perform cleanup, notify app */
1282       nfa_rw_command_complete();
1283 
1284       conn_evt_data.data.p_data = (uint8_t*)(p_rw_data->i93_data.p_data + 1) +
1285                                   p_rw_data->i93_data.p_data->offset;
1286 
1287       if (nfa_rw_cb.flags & NFA_RW_FL_ACTIVATION_NTF_PENDING) {
1288         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
1289 
1290         i93_params.i93.info_flags =
1291             (I93_INFO_FLAG_DSFID | I93_INFO_FLAG_MEM_SIZE | I93_INFO_FLAG_AFI);
1292         i93_params.i93.afi =
1293             *(conn_evt_data.data.p_data +
1294               nfa_rw_cb.i93_afi_location % nfa_rw_cb.i93_block_size);
1295         i93_params.i93.dsfid = nfa_rw_cb.i93_dsfid;
1296         i93_params.i93.block_size = nfa_rw_cb.i93_block_size;
1297         i93_params.i93.num_block = nfa_rw_cb.i93_num_block;
1298         memcpy(i93_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
1299 
1300         nfa_dm_notify_activation_status(NFA_STATUS_OK, &i93_params);
1301       } else {
1302         conn_evt_data.data.len = p_rw_data->i93_data.p_data->len;
1303 
1304         nfa_dm_act_conn_cback_notify(NFA_DATA_EVT, &conn_evt_data);
1305       }
1306 
1307       GKI_freebuf(p_rw_data->i93_data.p_data);
1308       p_rw_data->i93_data.p_data = nullptr;
1309 
1310       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1311       break;
1312 
1313     case RW_I93_SYS_INFO_EVT: /* Response of System Information     */
1314 
1315       /* Command complete - perform cleanup, notify app */
1316       nfa_rw_command_complete();
1317 
1318       if (nfa_rw_cb.flags & NFA_RW_FL_ACTIVATION_NTF_PENDING) {
1319         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
1320 
1321         nfa_rw_cb.i93_block_size = p_rw_data->i93_sys_info.block_size;
1322         nfa_rw_cb.i93_num_block = p_rw_data->i93_sys_info.num_block;
1323 
1324         i93_params.i93.info_flags = p_rw_data->i93_sys_info.info_flags;
1325         i93_params.i93.dsfid = p_rw_data->i93_sys_info.dsfid;
1326         i93_params.i93.afi = p_rw_data->i93_sys_info.afi;
1327         i93_params.i93.num_block = p_rw_data->i93_sys_info.num_block;
1328         i93_params.i93.block_size = p_rw_data->i93_sys_info.block_size;
1329         i93_params.i93.IC_reference = p_rw_data->i93_sys_info.IC_reference;
1330         memcpy(i93_params.i93.uid, p_rw_data->i93_sys_info.uid,
1331                I93_UID_BYTE_LEN);
1332 
1333         nfa_dm_notify_activation_status(NFA_STATUS_OK, &i93_params);
1334       } else {
1335         conn_evt_data.i93_cmd_cplt.status = p_rw_data->i93_sys_info.status;
1336         conn_evt_data.i93_cmd_cplt.sent_command = I93_CMD_GET_SYS_INFO;
1337 
1338         conn_evt_data.i93_cmd_cplt.params.sys_info.info_flags =
1339             p_rw_data->i93_sys_info.info_flags;
1340         memcpy(conn_evt_data.i93_cmd_cplt.params.sys_info.uid,
1341                p_rw_data->i93_sys_info.uid, I93_UID_BYTE_LEN);
1342         conn_evt_data.i93_cmd_cplt.params.sys_info.dsfid =
1343             p_rw_data->i93_sys_info.dsfid;
1344         conn_evt_data.i93_cmd_cplt.params.sys_info.afi =
1345             p_rw_data->i93_sys_info.afi;
1346         conn_evt_data.i93_cmd_cplt.params.sys_info.num_block =
1347             p_rw_data->i93_sys_info.num_block;
1348         conn_evt_data.i93_cmd_cplt.params.sys_info.block_size =
1349             p_rw_data->i93_sys_info.block_size;
1350         conn_evt_data.i93_cmd_cplt.params.sys_info.IC_reference =
1351             p_rw_data->i93_sys_info.IC_reference;
1352 
1353         /* store tag memory information for writing blocks */
1354         nfa_rw_cb.i93_block_size = p_rw_data->i93_sys_info.block_size;
1355         nfa_rw_cb.i93_num_block = p_rw_data->i93_sys_info.num_block;
1356 
1357         nfa_dm_act_conn_cback_notify(NFA_I93_CMD_CPLT_EVT, &conn_evt_data);
1358       }
1359 
1360       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1361       break;
1362 
1363     case RW_I93_CMD_CMPL_EVT: /* Command complete                   */
1364       /* Command complete - perform cleanup, notify app */
1365       nfa_rw_command_complete();
1366 
1367       if (nfa_rw_cb.flags & NFA_RW_FL_ACTIVATION_NTF_PENDING) {
1368         /* Reader got error code from tag */
1369 
1370         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
1371 
1372         memset(&i93_params, 0x00, sizeof(i93_params));
1373         memcpy(i93_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
1374 
1375         nfa_dm_notify_activation_status(NFA_STATUS_OK, &i93_params);
1376       } else {
1377         conn_evt_data.i93_cmd_cplt.status = p_rw_data->i93_cmd_cmpl.status;
1378         conn_evt_data.i93_cmd_cplt.sent_command =
1379             p_rw_data->i93_cmd_cmpl.command;
1380 
1381         if (conn_evt_data.i93_cmd_cplt.status != NFC_STATUS_OK)
1382           conn_evt_data.i93_cmd_cplt.params.error_code =
1383               p_rw_data->i93_cmd_cmpl.error_code;
1384 
1385         nfa_dm_act_conn_cback_notify(NFA_I93_CMD_CPLT_EVT, &conn_evt_data);
1386       }
1387 
1388       nfa_rw_cb.cur_op = NFA_RW_OP_MAX; /* clear current operation */
1389       break;
1390 
1391     default:
1392       DLOG_IF(INFO, nfc_debug_enabled)
1393           << StringPrintf("; Unhandled RW event 0x%X", event);
1394       break;
1395   }
1396 }
1397 
1398 /*******************************************************************************
1399 **
1400 ** Function         nfa_rw_handle_mfc_evt
1401 **
1402 ** Description      Handler for Mifare Classic tag reader/writer events
1403 **
1404 ** Returns          Nothing
1405 **
1406 *******************************************************************************/
nfa_rw_handle_mfc_evt(tRW_EVENT event,tRW_DATA * p_rw_data)1407 static void nfa_rw_handle_mfc_evt(tRW_EVENT event, tRW_DATA* p_rw_data) {
1408   tNFA_CONN_EVT_DATA conn_evt_data;
1409 
1410   conn_evt_data.status = p_rw_data->status;
1411   DLOG_IF(INFO, nfc_debug_enabled)
1412       << StringPrintf("nfa_rw_handle_mfc_evt() event = 0x%X", event);
1413 
1414   switch (event) {
1415     /* Read completed */
1416     case RW_MFC_NDEF_READ_CPLT_EVT:
1417       nfa_rw_send_data_to_upper(p_rw_data);
1418       /* Command complete - perform cleanup, notify the app */
1419       nfa_rw_command_complete();
1420       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1421       break;
1422 
1423     /* NDEF detection complete */
1424     case RW_MFC_NDEF_DETECT_EVT:
1425       nfa_rw_handle_ndef_detect(p_rw_data);
1426       break;
1427 
1428     /* NDEF read completed */
1429     case RW_MFC_NDEF_READ_EVT:
1430       if (p_rw_data->status == NFC_STATUS_OK) {
1431         /* Process the ndef record */
1432         nfa_dm_ndef_handle_message(NFA_STATUS_OK, nfa_rw_cb.p_ndef_buf,
1433                                    nfa_rw_cb.ndef_cur_size);
1434       } else {
1435         /* Notify app of failure */
1436         if (nfa_rw_cb.cur_op == NFA_RW_OP_READ_NDEF) {
1437           /* If current operation is READ_NDEF, then notify ndef handlers of
1438            * failure */
1439           nfa_dm_ndef_handle_message(NFA_STATUS_FAILED, NULL, 0);
1440         }
1441       }
1442 
1443       /* Notify app of read status */
1444       conn_evt_data.status = p_rw_data->status;
1445       nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1446       /* Free ndef buffer */
1447       nfa_rw_free_ndef_rx_buf();
1448 
1449       /* Command complete - perform cleanup */
1450       nfa_rw_command_complete();
1451       break;
1452 
1453     /* Raw Frame data event */
1454     case RW_MFC_RAW_FRAME_EVT:
1455       nfa_rw_send_data_to_upper(p_rw_data);
1456 
1457       if (p_rw_data->status != NFC_STATUS_CONTINUE) {
1458         /* Command complete - perform cleanup */
1459         nfa_rw_command_complete();
1460         nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
1461       }
1462       break;
1463 
1464     /* RF Interface error event */
1465     case RW_MFC_INTF_ERROR_EVT:
1466       nfa_dm_act_conn_cback_notify(NFA_RW_INTF_ERROR_EVT, &conn_evt_data);
1467       break;
1468 
1469     case RW_MFC_NDEF_FORMAT_CPLT_EVT:
1470       /* Command complete - perform cleanup, notify the app */
1471       nfa_rw_command_complete();
1472       nfa_dm_act_conn_cback_notify(NFA_FORMAT_CPLT_EVT, &conn_evt_data);
1473       break;
1474 
1475     /* NDEF write completed or failed*/
1476     case RW_MFC_NDEF_WRITE_CPLT_EVT:
1477     case RW_MFC_NDEF_WRITE_FAIL_EVT:
1478       /* Command complete - perform cleanup, notify the app */
1479       nfa_rw_command_complete();
1480       nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
1481       break;
1482 
1483     default:
1484       DLOG_IF(INFO, nfc_debug_enabled)
1485           << StringPrintf("; Unhandled RW event 0x%X", event);
1486   }
1487 }
1488 
1489 /*******************************************************************************
1490 **
1491 ** Function         nfa_rw_cback
1492 **
1493 ** Description      Callback for reader/writer event notification
1494 **
1495 ** Returns          Nothing
1496 **
1497 *******************************************************************************/
nfa_rw_cback(tRW_EVENT event,tRW_DATA * p_rw_data)1498 static void nfa_rw_cback(tRW_EVENT event, tRW_DATA* p_rw_data) {
1499   DLOG_IF(INFO, nfc_debug_enabled)
1500       << StringPrintf("nfa_rw_cback: event=0x%02x", event);
1501 
1502   /* Call appropriate event handler for tag type */
1503   if (event < RW_T1T_MAX_EVT) {
1504     /* Handle Type-1 tag events */
1505     nfa_rw_handle_t1t_evt(event, p_rw_data);
1506   } else if (event < RW_T2T_MAX_EVT) {
1507     /* Handle Type-2 tag events */
1508     nfa_rw_handle_t2t_evt(event, p_rw_data);
1509   } else if (event < RW_T3T_MAX_EVT) {
1510     /* Handle Type-3 tag events */
1511     nfa_rw_handle_t3t_evt(event, p_rw_data);
1512   } else if (event < RW_T4T_MAX_EVT) {
1513     /* Handle Type-4 tag events */
1514     nfa_rw_handle_t4t_evt(event, p_rw_data);
1515   } else if (event < RW_I93_MAX_EVT) {
1516     /* Handle ISO 15693 tag events */
1517     nfa_rw_handle_i93_evt(event, p_rw_data);
1518   } else if (event < RW_MFC_MAX_EVT) {
1519     /* Handle Mifare Classic tag events */
1520     nfa_rw_handle_mfc_evt(event, p_rw_data);
1521   } else {
1522     LOG(ERROR) << StringPrintf("nfa_rw_cback: unhandled event=0x%02x", event);
1523   }
1524 }
1525 
1526 /*******************************************************************************
1527 **
1528 ** Function         nfa_rw_start_ndef_detection
1529 **
1530 ** Description      Start NDEF detection on activated tag
1531 **
1532 ** Returns          Nothing
1533 **
1534 *******************************************************************************/
nfa_rw_start_ndef_detection(void)1535 static tNFC_STATUS nfa_rw_start_ndef_detection(void) {
1536   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
1537   tNFC_STATUS status = NFC_STATUS_FAILED;
1538 
1539   if (NFC_PROTOCOL_T1T == protocol) {
1540     /* Type1Tag    - NFC-A */
1541     status = RW_T1tDetectNDef();
1542   } else if (NFC_PROTOCOL_T2T == protocol) {
1543     /* Type2Tag    - NFC-A */
1544     if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
1545       status = RW_T2tDetectNDef(nfa_rw_cb.skip_dyn_locks);
1546     }
1547   } else if (NFC_PROTOCOL_T3T == protocol) {
1548     /* Type3Tag    - NFC-F */
1549     status = RW_T3tDetectNDef();
1550   } else if (NFC_PROTOCOL_ISO_DEP == protocol) {
1551     /* ISODEP/4A,4B- NFC-A or NFC-B */
1552     status = RW_T4tDetectNDef();
1553   } else if (NFC_PROTOCOL_T5T == protocol) {
1554     /* ISO 15693 */
1555     status = RW_I93DetectNDef();
1556   } else if (NFC_PROTOCOL_MIFARE == protocol) {
1557     status = RW_MfcDetectNDef();
1558   }
1559 
1560   return (status);
1561 }
1562 
1563 /*******************************************************************************
1564 **
1565 ** Function         nfa_rw_start_ndef_read
1566 **
1567 ** Description      Start NDEF read on activated tag
1568 **
1569 ** Returns          Nothing
1570 **
1571 *******************************************************************************/
nfa_rw_start_ndef_read(void)1572 static tNFC_STATUS nfa_rw_start_ndef_read(void) {
1573   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
1574   tNFC_STATUS status = NFC_STATUS_FAILED;
1575   tNFA_CONN_EVT_DATA conn_evt_data;
1576 
1577   /* Handle zero length NDEF message */
1578   if (nfa_rw_cb.ndef_cur_size == 0) {
1579     DLOG_IF(INFO, nfc_debug_enabled)
1580         << StringPrintf("NDEF message is zero-length");
1581 
1582     /* Send zero-lengh NDEF message to ndef callback */
1583     nfa_dm_ndef_handle_message(NFA_STATUS_OK, nullptr, 0);
1584 
1585     /* Command complete - perform cleanup, notify app */
1586     nfa_rw_command_complete();
1587     conn_evt_data.status = NFA_STATUS_OK;
1588     nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1589     return NFC_STATUS_OK;
1590   }
1591 
1592   /* Allocate buffer for incoming NDEF message (free previous NDEF rx buffer, if
1593    * needed) */
1594   nfa_rw_free_ndef_rx_buf();
1595   nfa_rw_cb.p_ndef_buf = (uint8_t*)nfa_mem_co_alloc(nfa_rw_cb.ndef_cur_size);
1596   if (nfa_rw_cb.p_ndef_buf == nullptr) {
1597     LOG(ERROR) << StringPrintf(
1598         "Unable to allocate a buffer for reading NDEF (size=%i)",
1599         nfa_rw_cb.ndef_cur_size);
1600 
1601     /* Command complete - perform cleanup, notify app */
1602     nfa_rw_command_complete();
1603     conn_evt_data.status = NFA_STATUS_FAILED;
1604     nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1605     return NFC_STATUS_FAILED;
1606   }
1607   nfa_rw_cb.ndef_rd_offset = 0;
1608 
1609   if (NFC_PROTOCOL_T1T == protocol) {
1610     /* Type1Tag    - NFC-A */
1611     status =
1612         RW_T1tReadNDef(nfa_rw_cb.p_ndef_buf, (uint16_t)nfa_rw_cb.ndef_cur_size);
1613   } else if (NFC_PROTOCOL_T2T == protocol) {
1614     /* Type2Tag    - NFC-A */
1615     if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
1616       status = RW_T2tReadNDef(nfa_rw_cb.p_ndef_buf,
1617                               (uint16_t)nfa_rw_cb.ndef_cur_size);
1618     }
1619   } else if (NFC_PROTOCOL_T3T == protocol) {
1620     /* Type3Tag    - NFC-F */
1621     status = RW_T3tCheckNDef();
1622   } else if (NFC_PROTOCOL_ISO_DEP == protocol) {
1623     /* ISODEP/4A,4B- NFC-A or NFC-B */
1624     status = RW_T4tReadNDef();
1625   } else if (NFC_PROTOCOL_T5T == protocol) {
1626     /* ISO 15693 */
1627     status = RW_I93ReadNDef();
1628   } else if (NFC_PROTOCOL_MIFARE == protocol) {
1629     /* Mifare Classic*/
1630     status =
1631         RW_MfcReadNDef(nfa_rw_cb.p_ndef_buf, (uint16_t)nfa_rw_cb.ndef_cur_size);
1632   }
1633 
1634   return (status);
1635 }
1636 
1637 /*******************************************************************************
1638 **
1639 ** Function         nfa_rw_detect_ndef
1640 **
1641 ** Description      Handler for NFA_RW_API_DETECT_NDEF_EVT
1642 **
1643 ** Returns          TRUE (message buffer to be freed by caller)
1644 **
1645 *******************************************************************************/
nfa_rw_detect_ndef()1646 static bool nfa_rw_detect_ndef() {
1647   tNFA_CONN_EVT_DATA conn_evt_data;
1648   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1649 
1650   conn_evt_data.ndef_detect.status = nfa_rw_start_ndef_detection();
1651   if (conn_evt_data.ndef_detect.status != NFC_STATUS_OK) {
1652     /* Command complete - perform cleanup, notify app */
1653     nfa_rw_command_complete();
1654     conn_evt_data.ndef_detect.cur_size = 0;
1655     conn_evt_data.ndef_detect.max_size = 0;
1656     conn_evt_data.ndef_detect.flags = RW_NDEF_FL_UNKNOWN;
1657     nfa_dm_act_conn_cback_notify(NFA_NDEF_DETECT_EVT, &conn_evt_data);
1658   }
1659 
1660   return true;
1661 }
1662 
1663 /*******************************************************************************
1664 **
1665 ** Function         nfa_rw_start_ndef_write
1666 **
1667 ** Description      Start NDEF write on activated tag
1668 **
1669 ** Returns          Nothing
1670 **
1671 *******************************************************************************/
nfa_rw_start_ndef_write(void)1672 static tNFC_STATUS nfa_rw_start_ndef_write(void) {
1673   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
1674   tNFC_STATUS status = NFC_STATUS_FAILED;
1675 
1676   if (nfa_rw_cb.flags & NFA_RW_FL_TAG_IS_READONLY) {
1677     /* error: ndef tag is read-only */
1678     status = NFC_STATUS_FAILED;
1679     LOG(ERROR) << StringPrintf("Unable to write NDEF. Tag is read-only");
1680   } else if (nfa_rw_cb.ndef_max_size < nfa_rw_cb.ndef_wr_len) {
1681     /* error: ndef tag size is too small */
1682     status = NFC_STATUS_BUFFER_FULL;
1683     LOG(ERROR) << StringPrintf(
1684         "Unable to write NDEF. Tag maxsize=%i, request write size=%i",
1685         nfa_rw_cb.ndef_max_size, nfa_rw_cb.ndef_wr_len);
1686   } else {
1687     if (NFC_PROTOCOL_T1T == protocol) {
1688       /* Type1Tag    - NFC-A */
1689       status = RW_T1tWriteNDef((uint16_t)nfa_rw_cb.ndef_wr_len,
1690                                nfa_rw_cb.p_ndef_wr_buf);
1691     } else if (NFC_PROTOCOL_T2T == protocol) {
1692       /* Type2Tag    - NFC-A */
1693       if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
1694         status = RW_T2tWriteNDef((uint16_t)nfa_rw_cb.ndef_wr_len,
1695                                  nfa_rw_cb.p_ndef_wr_buf);
1696       }
1697     } else if (NFC_PROTOCOL_T3T == protocol) {
1698       /* Type3Tag    - NFC-F */
1699       status = RW_T3tUpdateNDef(nfa_rw_cb.ndef_wr_len, nfa_rw_cb.p_ndef_wr_buf);
1700     } else if (NFC_PROTOCOL_ISO_DEP == protocol) {
1701       /* ISODEP/4A,4B- NFC-A or NFC-B */
1702       status = RW_T4tUpdateNDef(nfa_rw_cb.ndef_wr_len, nfa_rw_cb.p_ndef_wr_buf);
1703     } else if (NFC_PROTOCOL_T5T == protocol) {
1704       /* ISO 15693 */
1705       status = RW_I93UpdateNDef((uint16_t)nfa_rw_cb.ndef_wr_len,
1706                                 nfa_rw_cb.p_ndef_wr_buf);
1707     } else if (NFC_PROTOCOL_MIFARE == protocol) {
1708       /* Mifare Tag */
1709       status = RW_MfcWriteNDef((uint16_t)nfa_rw_cb.ndef_wr_len,
1710                                nfa_rw_cb.p_ndef_wr_buf);
1711     }
1712   }
1713 
1714   return (status);
1715 }
1716 
1717 /*******************************************************************************
1718 **
1719 ** Function         nfa_rw_read_ndef
1720 **
1721 ** Description      Handler for NFA_RW_API_READ_NDEF_EVT
1722 **
1723 ** Returns          TRUE (message buffer to be freed by caller)
1724 **
1725 *******************************************************************************/
nfa_rw_read_ndef()1726 static bool nfa_rw_read_ndef() {
1727   tNFA_STATUS status = NFA_STATUS_OK;
1728   tNFA_CONN_EVT_DATA conn_evt_data;
1729 
1730   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1731 
1732   /* Check if ndef detection has been performed yet */
1733   if (nfa_rw_cb.ndef_st == NFA_RW_NDEF_ST_UNKNOWN) {
1734     /* Perform ndef detection first */
1735     status = nfa_rw_start_ndef_detection();
1736   } else if (nfa_rw_cb.ndef_st == NFA_RW_NDEF_ST_FALSE) {
1737     /* Tag is not NDEF */
1738     status = NFA_STATUS_FAILED;
1739   } else {
1740     /* Perform the NDEF read operation */
1741     status = nfa_rw_start_ndef_read();
1742   }
1743 
1744   /* Handle failure */
1745   if (status != NFA_STATUS_OK) {
1746     /* Command complete - perform cleanup, notify app */
1747     nfa_rw_command_complete();
1748     conn_evt_data.status = status;
1749     nfa_dm_act_conn_cback_notify(NFA_READ_CPLT_EVT, &conn_evt_data);
1750   }
1751 
1752   return true;
1753 }
1754 
1755 /*******************************************************************************
1756 **
1757 ** Function         nfa_rw_write_ndef
1758 **
1759 ** Description      Handler for NFA_RW_API_WRITE_NDEF_EVT
1760 **
1761 ** Returns          TRUE (message buffer to be freed by caller)
1762 **
1763 *******************************************************************************/
nfa_rw_write_ndef(tNFA_RW_MSG * p_data)1764 static bool nfa_rw_write_ndef(tNFA_RW_MSG* p_data) {
1765   tNDEF_STATUS ndef_status;
1766   tNFA_STATUS write_status = NFA_STATUS_OK;
1767   tNFA_CONN_EVT_DATA conn_evt_data;
1768   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1769 
1770   /* Validate NDEF message */
1771   ndef_status = NDEF_MsgValidate(p_data->op_req.params.write_ndef.p_data,
1772                                  p_data->op_req.params.write_ndef.len, false);
1773   if (ndef_status != NDEF_OK) {
1774     LOG(ERROR) << StringPrintf(
1775         "Invalid NDEF message. NDEF_MsgValidate returned %i", ndef_status);
1776 
1777     /* Command complete - perform cleanup, notify app */
1778     nfa_rw_command_complete();
1779     conn_evt_data.status = NFA_STATUS_FAILED;
1780     nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
1781     return true;
1782   }
1783 
1784   /* Store pointer to source NDEF */
1785   nfa_rw_cb.p_ndef_wr_buf = p_data->op_req.params.write_ndef.p_data;
1786   nfa_rw_cb.ndef_wr_len = p_data->op_req.params.write_ndef.len;
1787 
1788   /* Check if ndef detection has been performed yet */
1789   if (nfa_rw_cb.ndef_st == NFA_RW_NDEF_ST_UNKNOWN) {
1790     /* Perform ndef detection first */
1791     write_status = nfa_rw_start_ndef_detection();
1792   } else if (nfa_rw_cb.ndef_st == NFA_RW_NDEF_ST_FALSE) {
1793     if (nfa_rw_cb.protocol == NFC_PROTOCOL_T1T) {
1794       /* For Type 1 tag, NDEF can be written on Initialized tag
1795        *  Perform ndef detection first to check if tag is in Initialized state
1796        * to Write NDEF */
1797       write_status = nfa_rw_start_ndef_detection();
1798     } else {
1799       /* Tag is not NDEF */
1800       write_status = NFA_STATUS_FAILED;
1801     }
1802   } else {
1803     /* Perform the NDEF read operation */
1804     write_status = nfa_rw_start_ndef_write();
1805   }
1806 
1807   /* Handle failure */
1808   if (write_status != NFA_STATUS_OK) {
1809     /* Command complete - perform cleanup, notify app */
1810     nfa_rw_command_complete();
1811     conn_evt_data.status = write_status;
1812     nfa_dm_act_conn_cback_notify(NFA_WRITE_CPLT_EVT, &conn_evt_data);
1813   }
1814 
1815   return true;
1816 }
1817 
1818 /*******************************************************************************
1819 **
1820 ** Function         nfa_rw_presence_check
1821 **
1822 ** Description      Handler for NFA_RW_API_PRESENCE_CHECK
1823 **
1824 ** Returns          Nothing
1825 **
1826 *******************************************************************************/
nfa_rw_presence_check(tNFA_RW_MSG * p_data)1827 void nfa_rw_presence_check(tNFA_RW_MSG* p_data) {
1828   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
1829   uint8_t sel_res = nfa_rw_cb.pa_sel_res;
1830   tNFC_STATUS status = NFC_STATUS_FAILED;
1831   bool unsupported = false;
1832   uint8_t option = NFA_RW_OPTION_INVALID;
1833   tNFA_RW_PRES_CHK_OPTION op_param = NFA_RW_PRES_CHK_DEFAULT;
1834 
1835   if (NFC_PROTOCOL_T1T == protocol) {
1836     /* Type1Tag    - NFC-A */
1837     status = RW_T1tPresenceCheck();
1838   } else if (NFC_PROTOCOL_T2T == protocol) {
1839     /* If T2T NFC-Forum, then let RW handle presence check */
1840     if (sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
1841       /* Type 2 tag have not sent NACK after activation */
1842       status = RW_T2tPresenceCheck();
1843     } else {
1844       /* Will fall back to deactivate/reactivate */
1845       unsupported = true;
1846     }
1847   } else if (NFC_PROTOCOL_T3T == protocol) {
1848     /* Type3Tag    - NFC-F */
1849     status = RW_T3tPresenceCheck();
1850   } else if (NFC_PROTOCOL_ISO_DEP == protocol) {
1851     /* ISODEP/4A,4B- NFC-A or NFC-B */
1852     if (p_data) {
1853       op_param = p_data->op_req.params.option;
1854     }
1855 
1856     switch (op_param) {
1857       case NFA_RW_PRES_CHK_I_BLOCK:
1858         option = RW_T4T_CHK_EMPTY_I_BLOCK;
1859         break;
1860 
1861       case NFA_RW_PRES_CHK_ISO_DEP_NAK:
1862         if (NFC_GetNCIVersion() == NCI_VERSION_2_0) {
1863           option = RW_T4T_CHK_ISO_DEP_NAK_PRES_CHK;
1864         }
1865         break;
1866       default:
1867         /* empty I block */
1868         option = RW_T4T_CHK_EMPTY_I_BLOCK;
1869     }
1870 
1871     if (option != NFA_RW_OPTION_INVALID) {
1872       /* use the presence check with the chosen option */
1873       status = RW_T4tPresenceCheck(option);
1874     } else {
1875       /* use sleep/wake for presence check */
1876       unsupported = true;
1877     }
1878   } else if (NFC_PROTOCOL_T5T == protocol) {
1879     /* T5T/ISO 15693 */
1880     status = RW_I93PresenceCheck();
1881   } else {
1882     /* Protocol unsupported by RW module... */
1883     unsupported = true;
1884   }
1885 
1886   if (unsupported) {
1887     if (nfa_rw_cb.activated_tech_mode == NFC_DISCOVERY_TYPE_POLL_KOVIO) {
1888       /* start Kovio presence check (deactivate and wait for activation) */
1889       status = nfa_dm_disc_start_kovio_presence_check();
1890     } else {
1891       /* Let DM perform presence check (by putting tag to sleep and then waking
1892        * it up) */
1893       status = nfa_dm_disc_sleep_wakeup();
1894     }
1895   }
1896 
1897   /* Handle presence check failure */
1898   if (status != NFC_STATUS_OK)
1899     nfa_rw_handle_presence_check_rsp(NFC_STATUS_FAILED);
1900   else if (!unsupported) {
1901     nfa_sys_start_timer(&nfa_rw_cb.tle, NFA_RW_PRESENCE_CHECK_TIMEOUT_EVT,
1902                         p_nfa_dm_cfg->presence_check_timeout);
1903   }
1904 }
1905 
1906 /*******************************************************************************
1907 **
1908 ** Function         nfa_rw_presence_check_tick
1909 **
1910 ** Description      Called on expiration of NFA_RW_PRESENCE_CHECK_INTERVAL
1911 **                  Initiate presence check
1912 **
1913 ** Returns          TRUE (caller frees message buffer)
1914 **
1915 *******************************************************************************/
nfa_rw_presence_check_tick(tNFA_RW_MSG * p_data)1916 bool nfa_rw_presence_check_tick(__attribute__((unused)) tNFA_RW_MSG* p_data) {
1917   /* Store the current operation */
1918   nfa_rw_cb.cur_op = NFA_RW_OP_PRESENCE_CHECK;
1919   nfa_rw_cb.flags |= NFA_RW_FL_AUTO_PRESENCE_CHECK_BUSY;
1920   DLOG_IF(INFO, nfc_debug_enabled)
1921       << StringPrintf("Auto-presence check starting...");
1922 
1923   /* Perform presence check */
1924   nfa_rw_presence_check(nullptr);
1925 
1926   return true;
1927 }
1928 
1929 /*******************************************************************************
1930 **
1931 ** Function         nfa_rw_presence_check_timeout
1932 **
1933 ** Description      presence check timeout: report presence check failure
1934 **
1935 ** Returns          TRUE (caller frees message buffer)
1936 **
1937 *******************************************************************************/
nfa_rw_presence_check_timeout(tNFA_RW_MSG * p_data)1938 bool nfa_rw_presence_check_timeout(__attribute__((unused))
1939                                    tNFA_RW_MSG* p_data) {
1940   nfa_rw_handle_presence_check_rsp(NFC_STATUS_FAILED);
1941   return true;
1942 }
1943 
1944 /*******************************************************************************
1945 **
1946 ** Function         nfa_rw_format_tag
1947 **
1948 ** Description      Handler for NFA_RW_API_FORMAT_TAG
1949 **
1950 ** Returns          Nothing
1951 **
1952 *******************************************************************************/
nfa_rw_format_tag()1953 static void nfa_rw_format_tag() {
1954   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
1955   tNFC_STATUS status = NFC_STATUS_FAILED;
1956 
1957   if (protocol == NFC_PROTOCOL_T1T) {
1958     status = RW_T1tFormatNDef();
1959   } else if ((protocol == NFC_PROTOCOL_T2T) &&
1960              (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T)) {
1961     status = RW_T2tFormatNDef();
1962   } else if (protocol == NFC_PROTOCOL_T3T) {
1963     status = RW_T3tFormatNDef();
1964   } else if (protocol == NFC_PROTOCOL_T5T) {
1965     status = RW_I93FormatNDef();
1966   } else if (protocol == NFC_PROTOCOL_ISO_DEP) {
1967     status = RW_T4tFormatNDef();
1968   } else if (protocol == NFC_PROTOCOL_MIFARE) {
1969     status = RW_MfcFormatNDef();
1970   }
1971 
1972   /* If unable to format NDEF, notify the app */
1973   if (status != NFC_STATUS_OK) nfa_rw_error_cleanup(NFA_FORMAT_CPLT_EVT);
1974 }
1975 
1976 /*******************************************************************************
1977 **
1978 ** Function         nfa_rw_detect_tlv
1979 **
1980 ** Description      Handler for NFA_RW_API_DETECT_NDEF_EVT
1981 **
1982 ** Returns          TRUE (message buffer to be freed by caller)
1983 **
1984 *******************************************************************************/
nfa_rw_detect_tlv(uint8_t tlv)1985 static bool nfa_rw_detect_tlv(uint8_t tlv) {
1986   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1987 
1988   switch (nfa_rw_cb.protocol) {
1989     case NFC_PROTOCOL_T1T:
1990       if (RW_T1tLocateTlv(tlv) != NFC_STATUS_OK)
1991         nfa_rw_error_cleanup(NFA_TLV_DETECT_EVT);
1992       break;
1993 
1994     case NFC_PROTOCOL_T2T:
1995       if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
1996         if (RW_T2tLocateTlv(tlv) != NFC_STATUS_OK)
1997           nfa_rw_error_cleanup(NFA_TLV_DETECT_EVT);
1998       }
1999       break;
2000 
2001     default:
2002       break;
2003   }
2004 
2005   return true;
2006 }
2007 
2008 /*******************************************************************************
2009 **
2010 ** Function         nfa_rw_config_tag_ro
2011 **
2012 ** Description      Handler for NFA_RW_OP_SET_TAG_RO
2013 **
2014 ** Returns          TRUE (message buffer to be freed by caller)
2015 **
2016 *******************************************************************************/
nfa_rw_config_tag_ro(bool b_hard_lock)2017 static tNFC_STATUS nfa_rw_config_tag_ro(bool b_hard_lock) {
2018   tNFC_PROTOCOL protocol = nfa_rw_cb.protocol;
2019   tNFC_STATUS status = NFC_STATUS_FAILED;
2020 
2021   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
2022 
2023   if (NFC_PROTOCOL_T1T == protocol) {
2024     /* Type1Tag    - NFC-A */
2025     if ((nfa_rw_cb.tlv_st == NFA_RW_TLV_DETECT_ST_OP_NOT_STARTED) ||
2026         (nfa_rw_cb.tlv_st == NFA_RW_TLV_DETECT_ST_MEM_TLV_OP_COMPLETE)) {
2027       status = RW_T1tLocateTlv(TAG_LOCK_CTRL_TLV);
2028       return (status);
2029     } else {
2030       status = RW_T1tSetTagReadOnly(b_hard_lock);
2031     }
2032   } else if (NFC_PROTOCOL_T2T == protocol) {
2033     /* Type2Tag    - NFC-A */
2034     if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T) {
2035       status = RW_T2tSetTagReadOnly(b_hard_lock);
2036     }
2037   } else if (NFC_PROTOCOL_T3T == protocol) {
2038     /* Type3Tag    - NFC-F */
2039     status = RW_T3tSetReadOnly(b_hard_lock);
2040   } else if (NFC_PROTOCOL_ISO_DEP == protocol) {
2041     /* ISODEP/4A,4B- NFC-A or NFC-B */
2042     status = RW_T4tSetNDefReadOnly();
2043   } else if (NFC_PROTOCOL_T5T == protocol) {
2044     /* ISO 15693 */
2045     status = RW_I93SetTagReadOnly();
2046   }
2047 
2048   if (status == NFC_STATUS_OK) {
2049     nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
2050   } else {
2051     nfa_rw_error_cleanup(NFA_SET_TAG_RO_EVT);
2052   }
2053 
2054   return (status);
2055 }
2056 
2057 /*******************************************************************************
2058 **
2059 ** Function         nfa_rw_t1t_rid
2060 **
2061 ** Description      Handler for T1T_RID API
2062 **
2063 ** Returns          TRUE (message buffer to be freed by caller)
2064 **
2065 *******************************************************************************/
nfa_rw_t1t_rid()2066 static bool nfa_rw_t1t_rid() {
2067   if (RW_T1tRid() != NFC_STATUS_OK) nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2068 
2069   return true;
2070 }
2071 
2072 /*******************************************************************************
2073 **
2074 ** Function         nfa_rw_t1t_rall
2075 **
2076 ** Description      Handler for T1T_ReadAll API
2077 **
2078 ** Returns          TRUE (message buffer to be freed by caller)
2079 **
2080 *******************************************************************************/
nfa_rw_t1t_rall()2081 static bool nfa_rw_t1t_rall() {
2082   if (RW_T1tReadAll() != NFC_STATUS_OK) nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2083 
2084   return true;
2085 }
2086 
2087 /*******************************************************************************
2088 **
2089 ** Function         nfa_rw_t1t_read
2090 **
2091 ** Description      Handler for T1T_Read API
2092 **
2093 ** Returns          TRUE (message buffer to be freed by caller)
2094 **
2095 *******************************************************************************/
nfa_rw_t1t_read(tNFA_RW_MSG * p_data)2096 static bool nfa_rw_t1t_read(tNFA_RW_MSG* p_data) {
2097   tNFA_RW_OP_PARAMS_T1T_READ* p_t1t_read =
2098       (tNFA_RW_OP_PARAMS_T1T_READ*)&(p_data->op_req.params.t1t_read);
2099 
2100   if (RW_T1tRead(p_t1t_read->block_number, p_t1t_read->index) != NFC_STATUS_OK)
2101     nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2102 
2103   return true;
2104 }
2105 
2106 /*******************************************************************************
2107 **
2108 ** Function         nfa_rw_t1t_write
2109 **
2110 ** Description      Handler for T1T_WriteErase/T1T_WriteNoErase API
2111 **
2112 ** Returns          TRUE (message buffer to be freed by caller)
2113 **
2114 *******************************************************************************/
nfa_rw_t1t_write(tNFA_RW_MSG * p_data)2115 static bool nfa_rw_t1t_write(tNFA_RW_MSG* p_data) {
2116   tNFA_RW_OP_PARAMS_T1T_WRITE* p_t1t_write =
2117       (tNFA_RW_OP_PARAMS_T1T_WRITE*)&(p_data->op_req.params.t1t_write);
2118   tNFC_STATUS status;
2119 
2120   if (p_t1t_write->b_erase) {
2121     status = RW_T1tWriteErase(p_t1t_write->block_number, p_t1t_write->index,
2122                               p_t1t_write->p_block_data[0]);
2123   } else {
2124     status = RW_T1tWriteNoErase(p_t1t_write->block_number, p_t1t_write->index,
2125                                 p_t1t_write->p_block_data[0]);
2126   }
2127 
2128   if (status != NFC_STATUS_OK) {
2129     nfa_rw_error_cleanup(NFA_WRITE_CPLT_EVT);
2130   } else {
2131     if (p_t1t_write->block_number == 0x01)
2132       nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
2133   }
2134 
2135   return true;
2136 }
2137 
2138 /*******************************************************************************
2139 **
2140 ** Function         nfa_rw_t1t_rseg
2141 **
2142 ** Description      Handler for T1t_ReadSeg API
2143 **
2144 ** Returns          TRUE (message buffer to be freed by caller)
2145 **
2146 *******************************************************************************/
nfa_rw_t1t_rseg(tNFA_RW_MSG * p_data)2147 static bool nfa_rw_t1t_rseg(tNFA_RW_MSG* p_data) {
2148   tNFA_RW_OP_PARAMS_T1T_READ* p_t1t_read =
2149       (tNFA_RW_OP_PARAMS_T1T_READ*)&(p_data->op_req.params.t1t_read);
2150 
2151   if (RW_T1tReadSeg(p_t1t_read->segment_number) != NFC_STATUS_OK)
2152     nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2153 
2154   return true;
2155 }
2156 
2157 /*******************************************************************************
2158 **
2159 ** Function         nfa_rw_t1t_read8
2160 **
2161 ** Description      Handler for T1T_Read8 API
2162 **
2163 ** Returns          TRUE (message buffer to be freed by caller)
2164 **
2165 *******************************************************************************/
nfa_rw_t1t_read8(tNFA_RW_MSG * p_data)2166 static bool nfa_rw_t1t_read8(tNFA_RW_MSG* p_data) {
2167   tNFA_RW_OP_PARAMS_T1T_READ* p_t1t_read =
2168       (tNFA_RW_OP_PARAMS_T1T_READ*)&(p_data->op_req.params.t1t_read);
2169 
2170   if (RW_T1tRead8(p_t1t_read->block_number) != NFC_STATUS_OK)
2171     nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2172 
2173   return true;
2174 }
2175 
2176 /*******************************************************************************
2177 **
2178 ** Function         nfa_rw_t1t_write8
2179 **
2180 ** Description      Handler for T1T_WriteErase8/T1T_WriteNoErase8 API
2181 **
2182 ** Returns          TRUE (message buffer to be freed by caller)
2183 **
2184 *******************************************************************************/
nfa_rw_t1t_write8(tNFA_RW_MSG * p_data)2185 static bool nfa_rw_t1t_write8(tNFA_RW_MSG* p_data) {
2186   tNFA_RW_OP_PARAMS_T1T_WRITE* p_t1t_write =
2187       (tNFA_RW_OP_PARAMS_T1T_WRITE*)&(p_data->op_req.params.t1t_write);
2188   tNFC_STATUS status;
2189 
2190   if (p_t1t_write->b_erase) {
2191     status =
2192         RW_T1tWriteErase8(p_t1t_write->block_number, p_t1t_write->p_block_data);
2193   } else {
2194     status = RW_T1tWriteNoErase8(p_t1t_write->block_number,
2195                                  p_t1t_write->p_block_data);
2196   }
2197 
2198   if (status != NFC_STATUS_OK) {
2199     nfa_rw_error_cleanup(NFA_WRITE_CPLT_EVT);
2200   } else {
2201     if (p_t1t_write->block_number == 0x01)
2202       nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
2203   }
2204 
2205   return true;
2206 }
2207 
2208 /*******************************************************************************
2209 **
2210 ** Function         nfa_rw_t2t_read
2211 **
2212 ** Description      Handler for T2T_Read API
2213 **
2214 ** Returns          TRUE (message buffer to be freed by caller)
2215 **
2216 *******************************************************************************/
nfa_rw_t2t_read(tNFA_RW_MSG * p_data)2217 static bool nfa_rw_t2t_read(tNFA_RW_MSG* p_data) {
2218   tNFA_RW_OP_PARAMS_T2T_READ* p_t2t_read =
2219       (tNFA_RW_OP_PARAMS_T2T_READ*)&(p_data->op_req.params.t2t_read);
2220   tNFC_STATUS status = NFC_STATUS_FAILED;
2221 
2222   if (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T)
2223     status = RW_T2tRead(p_t2t_read->block_number);
2224 
2225   if (status != NFC_STATUS_OK) nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2226 
2227   return true;
2228 }
2229 
2230 /*******************************************************************************
2231 **
2232 ** Function         nfa_rw_t2t_write
2233 **
2234 ** Description      Handler for T2T_Write API
2235 **
2236 ** Returns          TRUE (message buffer to be freed by caller)
2237 **
2238 *******************************************************************************/
nfa_rw_t2t_write(tNFA_RW_MSG * p_data)2239 static bool nfa_rw_t2t_write(tNFA_RW_MSG* p_data) {
2240   tNFA_RW_OP_PARAMS_T2T_WRITE* p_t2t_write =
2241       (tNFA_RW_OP_PARAMS_T2T_WRITE*)&(p_data->op_req.params.t2t_write);
2242 
2243   if (RW_T2tWrite(p_t2t_write->block_number, p_t2t_write->p_block_data) !=
2244       NFC_STATUS_OK) {
2245     nfa_rw_error_cleanup(NFA_WRITE_CPLT_EVT);
2246   } else {
2247     if (p_t2t_write->block_number == 0x03)
2248       nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
2249   }
2250 
2251   return true;
2252 }
2253 
2254 /*******************************************************************************
2255 **
2256 ** Function         nfa_rw_t2t_sector_select
2257 **
2258 ** Description      Handler for T2T_Sector_Select API
2259 **
2260 ** Returns          TRUE (message buffer to be freed by caller)
2261 **
2262 *******************************************************************************/
nfa_rw_t2t_sector_select(tNFA_RW_MSG * p_data)2263 static bool nfa_rw_t2t_sector_select(tNFA_RW_MSG* p_data) {
2264   tNFA_RW_OP_PARAMS_T2T_SECTOR_SELECT* p_t2t_sector_select =
2265       (tNFA_RW_OP_PARAMS_T2T_SECTOR_SELECT*)&(
2266           p_data->op_req.params.t2t_sector_select);
2267 
2268   if (RW_T2tSectorSelect(p_t2t_sector_select->sector_number) != NFC_STATUS_OK)
2269     nfa_rw_error_cleanup(NFA_SELECT_CPLT_EVT);
2270 
2271   return true;
2272 }
2273 
2274 /*******************************************************************************
2275 **
2276 ** Function         nfa_rw_t3t_read
2277 **
2278 ** Description      Handler for T3T_Read API
2279 **
2280 ** Returns          TRUE (message buffer to be freed by caller)
2281 **
2282 *******************************************************************************/
nfa_rw_t3t_read(tNFA_RW_MSG * p_data)2283 static bool nfa_rw_t3t_read(tNFA_RW_MSG* p_data) {
2284   tNFA_RW_OP_PARAMS_T3T_READ* p_t3t_read =
2285       (tNFA_RW_OP_PARAMS_T3T_READ*)&(p_data->op_req.params.t3t_read);
2286 
2287   if (RW_T3tCheck(p_t3t_read->num_blocks,
2288                   (tT3T_BLOCK_DESC*)p_t3t_read->p_block_desc) != NFC_STATUS_OK)
2289     nfa_rw_error_cleanup(NFA_READ_CPLT_EVT);
2290 
2291   return true;
2292 }
2293 
2294 /*******************************************************************************
2295 **
2296 ** Function         nfa_rw_t3t_write
2297 **
2298 ** Description      Handler for T3T_Write API
2299 **
2300 ** Returns          TRUE (message buffer to be freed by caller)
2301 **
2302 *******************************************************************************/
nfa_rw_t3t_write(tNFA_RW_MSG * p_data)2303 static bool nfa_rw_t3t_write(tNFA_RW_MSG* p_data) {
2304   tNFA_RW_OP_PARAMS_T3T_WRITE* p_t3t_write =
2305       (tNFA_RW_OP_PARAMS_T3T_WRITE*)&(p_data->op_req.params.t3t_write);
2306 
2307   if (RW_T3tUpdate(p_t3t_write->num_blocks,
2308                    (tT3T_BLOCK_DESC*)p_t3t_write->p_block_desc,
2309                    p_t3t_write->p_block_data) != NFC_STATUS_OK)
2310     nfa_rw_error_cleanup(NFA_WRITE_CPLT_EVT);
2311 
2312   return true;
2313 }
2314 
2315 /*******************************************************************************
2316 **
2317 ** Function         nfa_rw_t3t_get_system_codes
2318 **
2319 ** Description      Get system codes (initiated by NFA after activation)
2320 **
2321 ** Returns          TRUE (message buffer to be freed by caller)
2322 **
2323 *******************************************************************************/
nfa_rw_t3t_get_system_codes()2324 static bool nfa_rw_t3t_get_system_codes() {
2325   tNFC_STATUS status;
2326   tNFA_TAG_PARAMS tag_params;
2327 
2328   status = RW_T3tGetSystemCodes();
2329 
2330   if (status != NFC_STATUS_OK) {
2331     /* Command complete - perform cleanup, notify app */
2332     nfa_rw_command_complete();
2333     tag_params.t3t.num_system_codes = 0;
2334     tag_params.t3t.p_system_codes = nullptr;
2335 
2336     nfa_dm_notify_activation_status(NFA_STATUS_OK, &tag_params);
2337   }
2338 
2339   return true;
2340 }
2341 
2342 /*******************************************************************************
2343 **
2344 ** Function         nfa_rw_i93_command
2345 **
2346 ** Description      Handler for ISO 15693 command
2347 **
2348 ** Returns          TRUE (message buffer to be freed by caller)
2349 **
2350 *******************************************************************************/
nfa_rw_i93_command(tNFA_RW_MSG * p_data)2351 static bool nfa_rw_i93_command(tNFA_RW_MSG* p_data) {
2352   tNFA_CONN_EVT_DATA conn_evt_data;
2353   tNFC_STATUS status = NFC_STATUS_OK;
2354   uint8_t i93_command = I93_CMD_STAY_QUIET;
2355 
2356   switch (p_data->op_req.op) {
2357     case NFA_RW_OP_I93_INVENTORY:
2358       i93_command = I93_CMD_INVENTORY;
2359       if (p_data->op_req.params.i93_cmd.uid_present) {
2360         status = RW_I93Inventory(p_data->op_req.params.i93_cmd.afi_present,
2361                                  p_data->op_req.params.i93_cmd.afi,
2362                                  p_data->op_req.params.i93_cmd.uid);
2363       } else {
2364         status = RW_I93Inventory(p_data->op_req.params.i93_cmd.afi_present,
2365                                  p_data->op_req.params.i93_cmd.afi, nullptr);
2366       }
2367       break;
2368 
2369     case NFA_RW_OP_I93_STAY_QUIET:
2370       i93_command = I93_CMD_STAY_QUIET;
2371       status = RW_I93StayQuiet(p_data->op_req.params.i93_cmd.p_data);
2372       break;
2373 
2374     case NFA_RW_OP_I93_READ_SINGLE_BLOCK:
2375       i93_command = I93_CMD_READ_SINGLE_BLOCK;
2376       status = RW_I93ReadSingleBlock(
2377           p_data->op_req.params.i93_cmd.first_block_number);
2378       break;
2379 
2380     case NFA_RW_OP_I93_WRITE_SINGLE_BLOCK:
2381       i93_command = I93_CMD_WRITE_SINGLE_BLOCK;
2382       status = RW_I93WriteSingleBlock(
2383           p_data->op_req.params.i93_cmd.first_block_number,
2384           p_data->op_req.params.i93_cmd.p_data);
2385       break;
2386 
2387     case NFA_RW_OP_I93_LOCK_BLOCK:
2388       i93_command = I93_CMD_LOCK_BLOCK;
2389       status = RW_I93LockBlock(
2390           (uint8_t)p_data->op_req.params.i93_cmd.first_block_number);
2391       break;
2392 
2393     case NFA_RW_OP_I93_READ_MULTI_BLOCK:
2394       i93_command = I93_CMD_READ_MULTI_BLOCK;
2395       status = RW_I93ReadMultipleBlocks(
2396           p_data->op_req.params.i93_cmd.first_block_number,
2397           p_data->op_req.params.i93_cmd.number_blocks);
2398       break;
2399 
2400     case NFA_RW_OP_I93_WRITE_MULTI_BLOCK:
2401       i93_command = I93_CMD_WRITE_MULTI_BLOCK;
2402       status = RW_I93WriteMultipleBlocks(
2403           (uint8_t)p_data->op_req.params.i93_cmd.first_block_number,
2404           p_data->op_req.params.i93_cmd.number_blocks,
2405           p_data->op_req.params.i93_cmd.p_data);
2406       break;
2407 
2408     case NFA_RW_OP_I93_SELECT:
2409       i93_command = I93_CMD_SELECT;
2410       status = RW_I93Select(p_data->op_req.params.i93_cmd.p_data);
2411       break;
2412 
2413     case NFA_RW_OP_I93_RESET_TO_READY:
2414       i93_command = I93_CMD_RESET_TO_READY;
2415       status = RW_I93ResetToReady();
2416       break;
2417 
2418     case NFA_RW_OP_I93_WRITE_AFI:
2419       i93_command = I93_CMD_WRITE_AFI;
2420       status = RW_I93WriteAFI(p_data->op_req.params.i93_cmd.afi);
2421       break;
2422 
2423     case NFA_RW_OP_I93_LOCK_AFI:
2424       i93_command = I93_CMD_LOCK_AFI;
2425       status = RW_I93LockAFI();
2426       break;
2427 
2428     case NFA_RW_OP_I93_WRITE_DSFID:
2429       i93_command = I93_CMD_WRITE_DSFID;
2430       status = RW_I93WriteDSFID(p_data->op_req.params.i93_cmd.dsfid);
2431       break;
2432 
2433     case NFA_RW_OP_I93_LOCK_DSFID:
2434       i93_command = I93_CMD_LOCK_DSFID;
2435       status = RW_I93LockDSFID();
2436       break;
2437 
2438     case NFA_RW_OP_I93_GET_SYS_INFO:
2439       i93_command = I93_CMD_GET_SYS_INFO;
2440       if (p_data->op_req.params.i93_cmd.uid_present) {
2441         status = RW_I93GetSysInfo(p_data->op_req.params.i93_cmd.uid);
2442       } else {
2443         status = RW_I93GetSysInfo(nullptr);
2444       }
2445       break;
2446 
2447     case NFA_RW_OP_I93_GET_MULTI_BLOCK_STATUS:
2448       i93_command = I93_CMD_GET_MULTI_BLK_SEC;
2449       status = RW_I93GetMultiBlockSecurityStatus(
2450           p_data->op_req.params.i93_cmd.first_block_number,
2451           p_data->op_req.params.i93_cmd.number_blocks);
2452       break;
2453 
2454     case NFA_RW_OP_I93_SET_ADDR_MODE:
2455       i93_command = I93_CMD_SET_ADDR_MODE;
2456       DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2457           "%s - T5T addressing mode (0: addressed, "
2458           "1: non-addressed) is %d",
2459           __func__, p_data->op_req.params.i93_cmd.addr_mode);
2460 
2461       status = RW_I93SetAddressingMode(p_data->op_req.params.i93_cmd.addr_mode);
2462       if (status != NFC_STATUS_OK) {
2463         break;
2464       }
2465 
2466       /* Command complete - perform cleanup, notify app */
2467       nfa_rw_command_complete();
2468       conn_evt_data.i93_cmd_cplt.status = NFA_STATUS_OK;
2469       conn_evt_data.i93_cmd_cplt.sent_command = i93_command;
2470       nfa_dm_act_conn_cback_notify(NFA_I93_CMD_CPLT_EVT, &conn_evt_data);
2471       break;
2472 
2473     default:
2474       break;
2475   }
2476 
2477   if (status != NFC_STATUS_OK) {
2478     /* Command complete - perform cleanup, notify app */
2479     nfa_rw_command_complete();
2480 
2481     conn_evt_data.i93_cmd_cplt.status = NFA_STATUS_FAILED;
2482     conn_evt_data.i93_cmd_cplt.sent_command = i93_command;
2483 
2484     nfa_dm_act_conn_cback_notify(NFA_I93_CMD_CPLT_EVT, &conn_evt_data);
2485   }
2486 
2487   return true;
2488 }
2489 
2490 /*******************************************************************************
2491 **
2492 ** Function         nfa_rw_raw_mode_data_cback
2493 **
2494 ** Description      Handler for incoming tag data for unsupported tag protocols
2495 **                  (forward data to upper layer)
2496 **
2497 ** Returns          nothing
2498 **
2499 *******************************************************************************/
nfa_rw_raw_mode_data_cback(uint8_t conn_id,tNFC_CONN_EVT event,tNFC_CONN * p_data)2500 static void nfa_rw_raw_mode_data_cback(__attribute__((unused)) uint8_t conn_id,
2501                                        tNFC_CONN_EVT event, tNFC_CONN* p_data) {
2502   NFC_HDR* p_msg;
2503   tNFA_CONN_EVT_DATA evt_data;
2504 
2505   DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf("event = 0x%X", event);
2506 
2507   if ((event == NFC_DATA_CEVT) &&
2508       ((p_data->data.status == NFC_STATUS_OK) ||
2509        (p_data->data.status == NFC_STATUS_CONTINUE))) {
2510     p_msg = (NFC_HDR*)p_data->data.p_data;
2511 
2512     if (p_msg) {
2513       evt_data.data.status = p_data->data.status;
2514       evt_data.data.p_data = (uint8_t*)(p_msg + 1) + p_msg->offset;
2515       evt_data.data.len = p_msg->len;
2516 
2517       nfa_dm_conn_cback_event_notify(NFA_DATA_EVT, &evt_data);
2518 
2519       GKI_freebuf(p_msg);
2520     } else {
2521       LOG(ERROR) << StringPrintf(
2522           "received NFC_DATA_CEVT with NULL data pointer");
2523     }
2524   } else if (event == NFC_DEACTIVATE_CEVT) {
2525     NFC_SetStaticRfCback(nullptr);
2526   }
2527 }
2528 
2529 /*******************************************************************************
2530 **
2531 ** Function         nfa_rw_activate_ntf
2532 **
2533 ** Description      Handler for NFA_RW_ACTIVATE_NTF
2534 **
2535 ** Returns          TRUE (message buffer to be freed by caller)
2536 **
2537 *******************************************************************************/
nfa_rw_activate_ntf(tNFA_RW_MSG * p_data)2538 bool nfa_rw_activate_ntf(tNFA_RW_MSG* p_data) {
2539   tNFC_ACTIVATE_DEVT* p_activate_params =
2540       p_data->activate_ntf.p_activate_params;
2541   tNFA_TAG_PARAMS tag_params;
2542   bool activate_notify = true;
2543   uint8_t* p;
2544 
2545   if ((nfa_rw_cb.halt_event != RW_T2T_MAX_EVT) &&
2546       (nfa_rw_cb.activated_tech_mode == NFC_DISCOVERY_TYPE_POLL_A) &&
2547       (nfa_rw_cb.protocol == NFC_PROTOCOL_T2T) &&
2548       (nfa_rw_cb.pa_sel_res == NFC_SEL_RES_NFC_FORUM_T2T)) {
2549     /* Type 2 tag is wake up from HALT State */
2550     if (nfa_dm_cb.p_activate_ntf != nullptr) {
2551       GKI_freebuf(nfa_dm_cb.p_activate_ntf);
2552       nfa_dm_cb.p_activate_ntf = nullptr;
2553     }
2554     DLOG_IF(INFO, nfc_debug_enabled)
2555         << StringPrintf("- Type 2 tag wake up from HALT State");
2556     return true;
2557   }
2558 
2559   DLOG_IF(INFO, nfc_debug_enabled) << __func__;
2560 
2561   /* Initialize control block */
2562   nfa_rw_cb.protocol = p_activate_params->protocol;
2563   nfa_rw_cb.intf_type = p_activate_params->intf_param.type;
2564   nfa_rw_cb.pa_sel_res = p_activate_params->rf_tech_param.param.pa.sel_rsp;
2565   nfa_rw_cb.activated_tech_mode = p_activate_params->rf_tech_param.mode;
2566   nfa_rw_cb.flags = NFA_RW_FL_ACTIVATED;
2567   nfa_rw_cb.cur_op = NFA_RW_OP_MAX;
2568   nfa_rw_cb.halt_event = RW_T2T_MAX_EVT;
2569   nfa_rw_cb.skip_dyn_locks = false;
2570   nfa_rw_cb.ndef_st = NFA_RW_NDEF_ST_UNKNOWN;
2571   nfa_rw_cb.tlv_st = NFA_RW_TLV_DETECT_ST_OP_NOT_STARTED;
2572 
2573   memset(&tag_params, 0, sizeof(tNFA_TAG_PARAMS));
2574 
2575   /* Check if we are in exclusive RF mode */
2576   if (p_data->activate_ntf.excl_rf_not_active) {
2577     /* Not in exclusive RF mode */
2578     nfa_rw_cb.flags |= NFA_RW_FL_NOT_EXCL_RF_MODE;
2579   }
2580 
2581   /* check if the protocol is activated with supported interface */
2582   if (p_activate_params->intf_param.type == NCI_INTERFACE_FRAME) {
2583     if ((p_activate_params->protocol != NFA_PROTOCOL_T1T) &&
2584         (p_activate_params->protocol != NFA_PROTOCOL_T2T) &&
2585         (p_activate_params->protocol != NFA_PROTOCOL_T3T) &&
2586         (p_activate_params->protocol != NFA_PROTOCOL_T5T)) {
2587       nfa_rw_cb.protocol = NFA_PROTOCOL_INVALID;
2588     }
2589   } else if (p_activate_params->intf_param.type == NCI_INTERFACE_ISO_DEP) {
2590     if (p_activate_params->protocol != NFA_PROTOCOL_ISO_DEP) {
2591       nfa_rw_cb.protocol = NFA_PROTOCOL_INVALID;
2592     }
2593   }
2594 
2595   if (nfa_rw_cb.protocol == NFA_PROTOCOL_INVALID) {
2596     /* Only sending raw frame and presence check are supported in this state */
2597 
2598     NFC_SetStaticRfCback(nfa_rw_raw_mode_data_cback);
2599 
2600     /* Notify app of NFA_ACTIVATED_EVT and start presence check timer */
2601     nfa_dm_notify_activation_status(NFA_STATUS_OK, nullptr);
2602     nfa_rw_check_start_presence_check_timer(NFA_RW_PRESENCE_CHECK_INTERVAL);
2603     return true;
2604   }
2605 
2606   /* If protocol not supported by RW module, notify app of NFA_ACTIVATED_EVT and
2607    * start presence check if needed */
2608   if (!nfa_dm_is_protocol_supported(
2609           p_activate_params->protocol,
2610           p_activate_params->rf_tech_param.param.pa.sel_rsp)) {
2611     /* Notify upper layer of NFA_ACTIVATED_EVT if needed, and start presence
2612      * check timer */
2613     /* Set data callback (pass all incoming data to upper layer using
2614      * NFA_DATA_EVT) */
2615     NFC_SetStaticRfCback(nfa_rw_raw_mode_data_cback);
2616 
2617     /* Notify app of NFA_ACTIVATED_EVT and start presence check timer */
2618     nfa_dm_notify_activation_status(NFA_STATUS_OK, nullptr);
2619     nfa_rw_check_start_presence_check_timer(NFA_RW_PRESENCE_CHECK_INTERVAL);
2620     return true;
2621   }
2622 
2623   /* Initialize RW module */
2624   if ((RW_SetActivatedTagType(p_activate_params, nfa_rw_cback)) !=
2625       NFC_STATUS_OK) {
2626     /* Log error (stay in NFA_RW_ST_ACTIVATED state until deactivation) */
2627     LOG(ERROR) << StringPrintf("RW_SetActivatedTagType failed.");
2628     return true;
2629   }
2630 
2631   /* Perform protocol-specific actions */
2632   if (NFC_PROTOCOL_T1T == nfa_rw_cb.protocol) {
2633     /* Retrieve HR and UID fields from activation notification */
2634     memcpy(tag_params.t1t.uid, p_activate_params->rf_tech_param.param.pa.nfcid1,
2635            p_activate_params->rf_tech_param.param.pa.nfcid1_len);
2636 
2637     if (NFC_GetNCIVersion() == NCI_VERSION_2_0) {
2638       memcpy(tag_params.t1t.hr, p_activate_params->rf_tech_param.param.pa.hr,
2639              NFA_T1T_HR_LEN);
2640     } else {
2641       memcpy(tag_params.t1t.hr,
2642              p_activate_params->intf_param.intf_param.frame.param,
2643              NFA_T1T_HR_LEN);
2644       tNFA_RW_MSG msg;
2645       msg.op_req.op = NFA_RW_OP_T1T_RID;
2646       bool free_buf = nfa_rw_handle_op_req(&msg);
2647       CHECK(free_buf)
2648           << "nfa_rw_handle_op_req is holding on to soon-garbage stack memory.";
2649       /* Delay notifying upper layer of NFA_ACTIVATED_EVT
2650          until HR0/HR1 is received */
2651       activate_notify = false;
2652     }
2653   } else if (NFC_PROTOCOL_T2T == nfa_rw_cb.protocol) {
2654     /* Retrieve UID fields from activation notification */
2655     memcpy(tag_params.t2t.uid, p_activate_params->rf_tech_param.param.pa.nfcid1,
2656            p_activate_params->rf_tech_param.param.pa.nfcid1_len);
2657   } else if (NFC_PROTOCOL_T3T == nfa_rw_cb.protocol) {
2658     /* Delay notifying upper layer of NFA_ACTIVATED_EVT until system codes
2659      * are retrieved */
2660     activate_notify = false;
2661 
2662     /* Issue command to get Felica system codes */
2663     tNFA_RW_MSG msg;
2664     msg.op_req.op = NFA_RW_OP_T3T_GET_SYSTEM_CODES;
2665     bool free_buf = nfa_rw_handle_op_req(&msg);
2666     CHECK(free_buf)
2667         << "nfa_rw_handle_op_req is holding on to soon-garbage stack memory.";
2668   } else if (NFA_PROTOCOL_T5T == nfa_rw_cb.protocol) {
2669     /* Delay notifying upper layer of NFA_ACTIVATED_EVT to retrieve additional
2670      * tag infomation */
2671     nfa_rw_cb.flags |= NFA_RW_FL_ACTIVATION_NTF_PENDING;
2672     activate_notify = false;
2673 
2674     /* store DSFID and UID from activation NTF */
2675     nfa_rw_cb.i93_dsfid = p_activate_params->rf_tech_param.param.pi93.dsfid;
2676 
2677     p = nfa_rw_cb.i93_uid;
2678     ARRAY8_TO_STREAM(p, p_activate_params->rf_tech_param.param.pi93.uid);
2679 
2680     if ((nfa_rw_cb.i93_uid[1] == I93_UID_IC_MFG_CODE_TI) &&
2681         (((nfa_rw_cb.i93_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
2682           I93_UID_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2683          ((nfa_rw_cb.i93_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
2684           I93_UID_TAG_IT_HF_I_PRO_CHIP_INLAY))) {
2685       /* these don't support Get System Information Command */
2686       nfa_rw_cb.i93_block_size = I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_BLK_SIZE;
2687       nfa_rw_cb.i93_afi_location =
2688           I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_AFI_LOCATION;
2689 
2690       if ((nfa_rw_cb.i93_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
2691           I93_UID_TAG_IT_HF_I_STD_CHIP_INLAY) {
2692         nfa_rw_cb.i93_num_block = I93_TAG_IT_HF_I_STD_CHIP_INLAY_NUM_TOTAL_BLK;
2693       } else {
2694         nfa_rw_cb.i93_num_block = I93_TAG_IT_HF_I_PRO_CHIP_INLAY_NUM_TOTAL_BLK;
2695       }
2696 
2697       /* read AFI */
2698       if (RW_I93ReadSingleBlock((uint8_t)(nfa_rw_cb.i93_afi_location /
2699                                           nfa_rw_cb.i93_block_size)) !=
2700           NFC_STATUS_OK) {
2701         /* notify activation without AFI/IC-Ref */
2702         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
2703         activate_notify = true;
2704 
2705         tag_params.i93.info_flags =
2706             (I93_INFO_FLAG_DSFID | I93_INFO_FLAG_MEM_SIZE);
2707         tag_params.i93.dsfid = nfa_rw_cb.i93_dsfid;
2708         tag_params.i93.block_size = nfa_rw_cb.i93_block_size;
2709         tag_params.i93.num_block = nfa_rw_cb.i93_num_block;
2710         memcpy(tag_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
2711       }
2712     } else {
2713       /* All of ICODE supports Get System Information Command */
2714       /* Tag-it HF-I Plus Chip/Inlay supports Get System Information Command */
2715       /* just try for others */
2716 
2717       if (!appl_dta_mode_flag) {
2718         if (RW_I93GetSysInfo(nfa_rw_cb.i93_uid) != NFC_STATUS_OK) {
2719           /* notify activation without AFI/MEM size/IC-Ref */
2720           nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
2721           activate_notify = true;
2722 
2723           tag_params.i93.info_flags = I93_INFO_FLAG_DSFID;
2724           tag_params.i93.dsfid = nfa_rw_cb.i93_dsfid;
2725           tag_params.i93.block_size = 0;
2726           tag_params.i93.num_block = 0;
2727           memcpy(tag_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
2728         } else {
2729           /* reset memory size */
2730           nfa_rw_cb.i93_block_size = 0;
2731           nfa_rw_cb.i93_num_block = 0;
2732         }
2733       } else {
2734         nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATION_NTF_PENDING;
2735         activate_notify = true;
2736 
2737         tag_params.i93.info_flags = I93_INFO_FLAG_DSFID;
2738         tag_params.i93.dsfid = nfa_rw_cb.i93_dsfid;
2739         tag_params.i93.block_size = 0;
2740         tag_params.i93.num_block = 0;
2741         memcpy(tag_params.i93.uid, nfa_rw_cb.i93_uid, I93_UID_BYTE_LEN);
2742       }
2743     }
2744   }
2745 
2746   /* Notify upper layer of NFA_ACTIVATED_EVT if needed, and start presence check
2747    * timer */
2748   if (activate_notify) {
2749     nfa_dm_notify_activation_status(NFA_STATUS_OK, &tag_params);
2750     nfa_rw_check_start_presence_check_timer(NFA_RW_PRESENCE_CHECK_INTERVAL);
2751   }
2752 
2753   return true;
2754 }
2755 
2756 /*******************************************************************************
2757 **
2758 ** Function         nfa_rw_deactivate_ntf
2759 **
2760 ** Description      Handler for NFA_RW_DEACTIVATE_NTF
2761 **
2762 ** Returns          TRUE (message buffer to be freed by caller)
2763 **
2764 *******************************************************************************/
nfa_rw_deactivate_ntf(tNFA_RW_MSG * p_data)2765 bool nfa_rw_deactivate_ntf(__attribute__((unused)) tNFA_RW_MSG* p_data) {
2766   /* Clear the activated flag */
2767   nfa_rw_cb.flags &= ~NFA_RW_FL_ACTIVATED;
2768 
2769   /* Free buffer for incoming NDEF message, in case we were in the middle of a
2770    * read operation */
2771   nfa_rw_free_ndef_rx_buf();
2772 
2773   /* If there is a pending command message, then free it */
2774   if (nfa_rw_cb.p_pending_msg) {
2775     if ((nfa_rw_cb.p_pending_msg->op_req.op == NFA_RW_OP_SEND_RAW_FRAME) &&
2776         (nfa_rw_cb.p_pending_msg->op_req.params.send_raw_frame.p_data)) {
2777       GKI_freebuf(nfa_rw_cb.p_pending_msg->op_req.params.send_raw_frame.p_data);
2778     }
2779 
2780     GKI_freebuf(nfa_rw_cb.p_pending_msg);
2781     nfa_rw_cb.p_pending_msg = nullptr;
2782   }
2783 
2784   /* If we are in the process of waking up tag from HALT state */
2785   if (nfa_rw_cb.halt_event == RW_T2T_READ_CPLT_EVT) {
2786     if (nfa_rw_cb.rw_data.data.p_data)
2787       GKI_freebuf(nfa_rw_cb.rw_data.data.p_data);
2788     nfa_rw_cb.rw_data.data.p_data = nullptr;
2789   }
2790 
2791   /* Stop presence check timer (if started) */
2792   nfa_rw_stop_presence_check_timer();
2793 
2794   return true;
2795 }
2796 
2797 /*******************************************************************************
2798 **
2799 ** Function         nfa_rw_handle_op_req
2800 **
2801 ** Description      Handler for NFA_RW_OP_REQUEST_EVT, operation request
2802 **
2803 ** Returns          TRUE if caller should free p_data
2804 **                  FALSE if caller does not need to free p_data
2805 **
2806 *******************************************************************************/
nfa_rw_handle_op_req(tNFA_RW_MSG * p_data)2807 bool nfa_rw_handle_op_req(tNFA_RW_MSG* p_data) {
2808   tNFA_CONN_EVT_DATA conn_evt_data;
2809   bool freebuf = true;
2810   uint16_t presence_check_start_delay = 0;
2811 
2812   /* Check if activated */
2813   if (!(nfa_rw_cb.flags & NFA_RW_FL_ACTIVATED)) {
2814     LOG(ERROR) << StringPrintf("nfa_rw_handle_op_req: not activated");
2815     return (nfa_rw_op_req_while_inactive(p_data));
2816   }
2817   /* Check if currently busy with another API call */
2818   else if (nfa_rw_cb.flags & NFA_RW_FL_API_BUSY) {
2819     return (nfa_rw_op_req_while_busy(p_data));
2820   }
2821   /* Check if currently busy with auto-presence check */
2822   else if (nfa_rw_cb.flags & NFA_RW_FL_AUTO_PRESENCE_CHECK_BUSY) {
2823     /* Cache the command (will be handled once auto-presence check is completed)
2824      */
2825     DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2826         "Deferring operation %i until after auto-presence check is completed",
2827         p_data->op_req.op);
2828     nfa_rw_cb.p_pending_msg = p_data;
2829     nfa_rw_cb.flags |= NFA_RW_FL_API_BUSY;
2830     return false;
2831   }
2832 
2833   DLOG_IF(INFO, nfc_debug_enabled)
2834       << StringPrintf("nfa_rw_handle_op_req: op=0x%02x", p_data->op_req.op);
2835 
2836   nfa_rw_cb.flags |= NFA_RW_FL_API_BUSY;
2837 
2838   /* Stop the presence check timer */
2839   nfa_rw_stop_presence_check_timer();
2840 
2841   /* Store the current operation */
2842   nfa_rw_cb.cur_op = p_data->op_req.op;
2843 
2844   /* Call appropriate handler for requested operation */
2845   switch (p_data->op_req.op) {
2846     case NFA_RW_OP_DETECT_NDEF:
2847       nfa_rw_detect_ndef();
2848       break;
2849 
2850     case NFA_RW_OP_READ_NDEF:
2851       nfa_rw_read_ndef();
2852       break;
2853 
2854     case NFA_RW_OP_WRITE_NDEF:
2855       nfa_rw_write_ndef(p_data);
2856       break;
2857 
2858     case NFA_RW_OP_SEND_RAW_FRAME:
2859       presence_check_start_delay =
2860           p_data->op_req.params.send_raw_frame.p_data->layer_specific;
2861 
2862       NFC_SendData(NFC_RF_CONN_ID, p_data->op_req.params.send_raw_frame.p_data);
2863 
2864       /* Clear the busy flag */
2865       nfa_rw_cb.flags &= ~NFA_RW_FL_API_BUSY;
2866 
2867       /* Start presence_check after specified delay */
2868       nfa_rw_check_start_presence_check_timer(presence_check_start_delay);
2869       break;
2870 
2871     case NFA_RW_OP_PRESENCE_CHECK:
2872       nfa_rw_presence_check(p_data);
2873       break;
2874 
2875     case NFA_RW_OP_FORMAT_TAG:
2876       nfa_rw_format_tag();
2877       break;
2878 
2879     case NFA_RW_OP_DETECT_LOCK_TLV:
2880       nfa_rw_detect_tlv(TAG_LOCK_CTRL_TLV);
2881       break;
2882 
2883     case NFA_RW_OP_DETECT_MEM_TLV:
2884       nfa_rw_detect_tlv(TAG_MEM_CTRL_TLV);
2885       break;
2886 
2887     case NFA_RW_OP_SET_TAG_RO:
2888       nfa_rw_cb.b_hard_lock = p_data->op_req.params.set_readonly.b_hard_lock;
2889       nfa_rw_config_tag_ro(nfa_rw_cb.b_hard_lock);
2890       break;
2891 
2892     case NFA_RW_OP_T1T_RID:
2893       nfa_rw_t1t_rid();
2894       break;
2895 
2896     case NFA_RW_OP_T1T_RALL:
2897       nfa_rw_t1t_rall();
2898       break;
2899 
2900     case NFA_RW_OP_T1T_READ:
2901       nfa_rw_t1t_read(p_data);
2902       break;
2903 
2904     case NFA_RW_OP_T1T_WRITE:
2905       nfa_rw_t1t_write(p_data);
2906       break;
2907 
2908     case NFA_RW_OP_T1T_RSEG:
2909       nfa_rw_t1t_rseg(p_data);
2910       break;
2911 
2912     case NFA_RW_OP_T1T_READ8:
2913       nfa_rw_t1t_read8(p_data);
2914       break;
2915 
2916     case NFA_RW_OP_T1T_WRITE8:
2917       nfa_rw_t1t_write8(p_data);
2918       break;
2919 
2920     /* Type-2 tag commands */
2921     case NFA_RW_OP_T2T_READ:
2922       nfa_rw_t2t_read(p_data);
2923       break;
2924 
2925     case NFA_RW_OP_T2T_WRITE:
2926       nfa_rw_t2t_write(p_data);
2927       break;
2928 
2929     case NFA_RW_OP_T2T_SECTOR_SELECT:
2930       nfa_rw_t2t_sector_select(p_data);
2931       break;
2932 
2933     case NFA_RW_OP_T2T_READ_DYN_LOCKS:
2934       if (p_data->op_req.params.t2t_read_dyn_locks.read_dyn_locks == true) {
2935         nfa_rw_cb.skip_dyn_locks = false;
2936       } else {
2937         nfa_rw_cb.skip_dyn_locks = true;
2938       }
2939       DLOG_IF(INFO, nfc_debug_enabled)
2940           << StringPrintf("%s - Skip reading of dynamic lock bytes: %d",
2941                           __func__, nfa_rw_cb.skip_dyn_locks);
2942 
2943       /* Command complete - perform cleanup, notify app */
2944       nfa_rw_command_complete();
2945       conn_evt_data.status = NFA_STATUS_OK;
2946       nfa_dm_act_conn_cback_notify(NFA_T2T_CMD_CPLT_EVT, &conn_evt_data);
2947       break;
2948 
2949     /* Type-3 tag commands */
2950     case NFA_RW_OP_T3T_READ:
2951       nfa_rw_t3t_read(p_data);
2952       break;
2953 
2954     case NFA_RW_OP_T3T_WRITE:
2955       nfa_rw_t3t_write(p_data);
2956       break;
2957 
2958     case NFA_RW_OP_T3T_GET_SYSTEM_CODES:
2959       nfa_rw_t3t_get_system_codes();
2960       break;
2961 
2962     /* ISO 15693 tag commands */
2963     case NFA_RW_OP_I93_INVENTORY:
2964     case NFA_RW_OP_I93_STAY_QUIET:
2965     case NFA_RW_OP_I93_READ_SINGLE_BLOCK:
2966     case NFA_RW_OP_I93_WRITE_SINGLE_BLOCK:
2967     case NFA_RW_OP_I93_LOCK_BLOCK:
2968     case NFA_RW_OP_I93_READ_MULTI_BLOCK:
2969     case NFA_RW_OP_I93_WRITE_MULTI_BLOCK:
2970     case NFA_RW_OP_I93_SELECT:
2971     case NFA_RW_OP_I93_RESET_TO_READY:
2972     case NFA_RW_OP_I93_WRITE_AFI:
2973     case NFA_RW_OP_I93_LOCK_AFI:
2974     case NFA_RW_OP_I93_WRITE_DSFID:
2975     case NFA_RW_OP_I93_LOCK_DSFID:
2976     case NFA_RW_OP_I93_GET_SYS_INFO:
2977     case NFA_RW_OP_I93_GET_MULTI_BLOCK_STATUS:
2978     case NFA_RW_OP_I93_SET_ADDR_MODE:
2979       nfa_rw_i93_command(p_data);
2980       break;
2981 
2982     default:
2983       LOG(ERROR) << StringPrintf("nfa_rw_handle_api: unhandled operation: %i",
2984                                  p_data->op_req.op);
2985       break;
2986   }
2987 
2988   return (freebuf);
2989 }
2990 
2991 /*******************************************************************************
2992 **
2993 ** Function         nfa_rw_op_req_while_busy
2994 **
2995 ** Description      Handle operation request while busy
2996 **
2997 ** Returns          TRUE if caller should free p_data
2998 **                  FALSE if caller does not need to free p_data
2999 **
3000 *******************************************************************************/
nfa_rw_op_req_while_busy(tNFA_RW_MSG * p_data)3001 static bool nfa_rw_op_req_while_busy(tNFA_RW_MSG* p_data) {
3002   bool freebuf = true;
3003   tNFA_CONN_EVT_DATA conn_evt_data;
3004   uint8_t event;
3005 
3006   LOG(ERROR) << StringPrintf("nfa_rw_op_req_while_busy: unable to handle API");
3007 
3008   /* Return appropriate event for requested API, with status=BUSY */
3009   conn_evt_data.status = NFA_STATUS_BUSY;
3010 
3011   switch (p_data->op_req.op) {
3012     case NFA_RW_OP_DETECT_NDEF:
3013       conn_evt_data.ndef_detect.cur_size = 0;
3014       conn_evt_data.ndef_detect.max_size = 0;
3015       conn_evt_data.ndef_detect.flags = RW_NDEF_FL_UNKNOWN;
3016       event = NFA_NDEF_DETECT_EVT;
3017       break;
3018     case NFA_RW_OP_READ_NDEF:
3019     case NFA_RW_OP_T1T_RID:
3020     case NFA_RW_OP_T1T_RALL:
3021     case NFA_RW_OP_T1T_READ:
3022     case NFA_RW_OP_T1T_RSEG:
3023     case NFA_RW_OP_T1T_READ8:
3024     case NFA_RW_OP_T2T_READ:
3025     case NFA_RW_OP_T3T_READ:
3026       event = NFA_READ_CPLT_EVT;
3027       break;
3028     case NFA_RW_OP_WRITE_NDEF:
3029     case NFA_RW_OP_T1T_WRITE:
3030     case NFA_RW_OP_T1T_WRITE8:
3031     case NFA_RW_OP_T2T_WRITE:
3032     case NFA_RW_OP_T3T_WRITE:
3033       event = NFA_WRITE_CPLT_EVT;
3034       break;
3035     case NFA_RW_OP_FORMAT_TAG:
3036       event = NFA_FORMAT_CPLT_EVT;
3037       break;
3038     case NFA_RW_OP_DETECT_LOCK_TLV:
3039     case NFA_RW_OP_DETECT_MEM_TLV:
3040       event = NFA_TLV_DETECT_EVT;
3041       break;
3042     case NFA_RW_OP_SET_TAG_RO:
3043       event = NFA_SET_TAG_RO_EVT;
3044       break;
3045     case NFA_RW_OP_T2T_SECTOR_SELECT:
3046       event = NFA_SELECT_CPLT_EVT;
3047       break;
3048     case NFA_RW_OP_I93_INVENTORY:
3049     case NFA_RW_OP_I93_STAY_QUIET:
3050     case NFA_RW_OP_I93_READ_SINGLE_BLOCK:
3051     case NFA_RW_OP_I93_WRITE_SINGLE_BLOCK:
3052     case NFA_RW_OP_I93_LOCK_BLOCK:
3053     case NFA_RW_OP_I93_READ_MULTI_BLOCK:
3054     case NFA_RW_OP_I93_WRITE_MULTI_BLOCK:
3055     case NFA_RW_OP_I93_SELECT:
3056     case NFA_RW_OP_I93_RESET_TO_READY:
3057     case NFA_RW_OP_I93_WRITE_AFI:
3058     case NFA_RW_OP_I93_LOCK_AFI:
3059     case NFA_RW_OP_I93_WRITE_DSFID:
3060     case NFA_RW_OP_I93_LOCK_DSFID:
3061     case NFA_RW_OP_I93_GET_SYS_INFO:
3062     case NFA_RW_OP_I93_GET_MULTI_BLOCK_STATUS:
3063       event = NFA_I93_CMD_CPLT_EVT;
3064       break;
3065     default:
3066       return (freebuf);
3067   }
3068   nfa_dm_act_conn_cback_notify(event, &conn_evt_data);
3069 
3070   return (freebuf);
3071 }
3072 
3073 /*******************************************************************************
3074 **
3075 ** Function         nfa_rw_op_req_while_inactive
3076 **
3077 ** Description      Handle operation request while inactive
3078 **
3079 ** Returns          TRUE if caller should free p_data
3080 **                  FALSE if caller does not need to free p_data
3081 **
3082 *******************************************************************************/
nfa_rw_op_req_while_inactive(tNFA_RW_MSG * p_data)3083 static bool nfa_rw_op_req_while_inactive(tNFA_RW_MSG* p_data) {
3084   bool freebuf = true;
3085   tNFA_CONN_EVT_DATA conn_evt_data;
3086   uint8_t event;
3087 
3088   LOG(ERROR) << StringPrintf(
3089       "nfa_rw_op_req_while_inactive: unable to handle API");
3090 
3091   /* Return appropriate event for requested API, with status=REJECTED */
3092   conn_evt_data.status = NFA_STATUS_REJECTED;
3093 
3094   switch (p_data->op_req.op) {
3095     case NFA_RW_OP_DETECT_NDEF:
3096       conn_evt_data.ndef_detect.cur_size = 0;
3097       conn_evt_data.ndef_detect.max_size = 0;
3098       conn_evt_data.ndef_detect.flags = RW_NDEF_FL_UNKNOWN;
3099       event = NFA_NDEF_DETECT_EVT;
3100       break;
3101     case NFA_RW_OP_READ_NDEF:
3102     case NFA_RW_OP_T1T_RID:
3103     case NFA_RW_OP_T1T_RALL:
3104     case NFA_RW_OP_T1T_READ:
3105     case NFA_RW_OP_T1T_RSEG:
3106     case NFA_RW_OP_T1T_READ8:
3107     case NFA_RW_OP_T2T_READ:
3108     case NFA_RW_OP_T3T_READ:
3109       event = NFA_READ_CPLT_EVT;
3110       break;
3111     case NFA_RW_OP_WRITE_NDEF:
3112     case NFA_RW_OP_T1T_WRITE:
3113     case NFA_RW_OP_T1T_WRITE8:
3114     case NFA_RW_OP_T2T_WRITE:
3115     case NFA_RW_OP_T3T_WRITE:
3116       event = NFA_WRITE_CPLT_EVT;
3117       break;
3118     case NFA_RW_OP_FORMAT_TAG:
3119       event = NFA_FORMAT_CPLT_EVT;
3120       break;
3121     case NFA_RW_OP_DETECT_LOCK_TLV:
3122     case NFA_RW_OP_DETECT_MEM_TLV:
3123       event = NFA_TLV_DETECT_EVT;
3124       break;
3125     case NFA_RW_OP_SET_TAG_RO:
3126       event = NFA_SET_TAG_RO_EVT;
3127       break;
3128     case NFA_RW_OP_T2T_SECTOR_SELECT:
3129       event = NFA_SELECT_CPLT_EVT;
3130       break;
3131     case NFA_RW_OP_I93_INVENTORY:
3132     case NFA_RW_OP_I93_STAY_QUIET:
3133     case NFA_RW_OP_I93_READ_SINGLE_BLOCK:
3134     case NFA_RW_OP_I93_WRITE_SINGLE_BLOCK:
3135     case NFA_RW_OP_I93_LOCK_BLOCK:
3136     case NFA_RW_OP_I93_READ_MULTI_BLOCK:
3137     case NFA_RW_OP_I93_WRITE_MULTI_BLOCK:
3138     case NFA_RW_OP_I93_SELECT:
3139     case NFA_RW_OP_I93_RESET_TO_READY:
3140     case NFA_RW_OP_I93_WRITE_AFI:
3141     case NFA_RW_OP_I93_LOCK_AFI:
3142     case NFA_RW_OP_I93_WRITE_DSFID:
3143     case NFA_RW_OP_I93_LOCK_DSFID:
3144     case NFA_RW_OP_I93_GET_SYS_INFO:
3145     case NFA_RW_OP_I93_GET_MULTI_BLOCK_STATUS:
3146       event = NFA_I93_CMD_CPLT_EVT;
3147       break;
3148     default:
3149       return (freebuf);
3150   }
3151   nfa_dm_act_conn_cback_notify(event, &conn_evt_data);
3152 
3153   return (freebuf);
3154 }
3155 
3156 /*******************************************************************************
3157 **
3158 ** Function         nfa_rw_command_complete
3159 **
3160 ** Description      Handle command complete: clear the busy flag,
3161 **                  and start the presence check timer if applicable.
3162 **
3163 ** Returns          None
3164 **
3165 *******************************************************************************/
nfa_rw_command_complete(void)3166 void nfa_rw_command_complete(void) {
3167   /* Clear the busy flag */
3168   nfa_rw_cb.flags &= ~NFA_RW_FL_API_BUSY;
3169 
3170   /* Restart presence_check timer */
3171   nfa_rw_check_start_presence_check_timer(NFA_RW_PRESENCE_CHECK_INTERVAL);
3172 }
3173