1 /*
2 * Copyright 2012-2021 NXP
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 #include <log/log.h>
17 #include <phDal4Nfc_messageQueueLib.h>
18 #include <phNxpConfig.h>
19 #include <phNxpLog.h>
20 #include <phNxpNciHal.h>
21 #include <phNxpNciHal_Adaptation.h>
22 #include <phNxpNciHal_NfcDepSWPrio.h>
23 #include <phNxpNciHal_ext.h>
24 #include <phTmlNfc.h>
25 #include "hal_nxpese.h"
26 #include "hal_nxpnfc.h"
27 /* Timeout value to wait for response from PN548AD */
28 #define HAL_EXTNS_WRITE_RSP_TIMEOUT (1000)
29
30 #undef P2P_PRIO_LOGIC_HAL_IMP
31
32 /******************* Global variables *****************************************/
33 extern phNxpNciHal_Control_t nxpncihal_ctrl;
34 extern phNxpNciProfile_Control_t nxpprofile_ctrl;
35 extern uint32_t cleanup_timer;
36 extern bool nfc_debug_enabled;
37 uint8_t icode_detected = 0x00;
38 uint8_t icode_send_eof = 0x00;
39 static uint8_t ee_disc_done = 0x00;
40 uint8_t EnableP2P_PrioLogic = false;
41 extern bool bEnableMfcExtns;
42 extern bool bEnableMfcReader;
43 extern bool bDisableLegacyMfcExtns;
44 static uint32_t RfDiscID = 1;
45 static uint32_t RfProtocolType = 4;
46 /* NFCEE Set mode */
47 static uint8_t setEEModeDone = 0x00;
48 /* External global variable to get FW version from NCI response*/
49 extern uint32_t wFwVerRsp;
50 /* External global variable to get FW version from FW file*/
51 extern uint16_t wFwVer;
52
53 uint16_t rom_version;
54
55 extern uint32_t timeoutTimerId;
56
57 /************** HAL extension functions ***************************************/
58 static void hal_extns_write_rsp_timeout_cb(uint32_t TimerId, void* pContext);
59
60 /*Proprietary cmd sent to HAL to send reader mode flag
61 * Last byte of 4 byte proprietary cmd data contains ReaderMode flag
62 * If this flag is enabled, NFC-DEP protocol is modified to T3T protocol
63 * if FrameRF interface is selected. This needs to be done as the FW
64 * always sends Ntf for FrameRF with NFC-DEP even though FrameRF with T3T is
65 * previously selected with DISCOVER_SELECT_CMD
66 */
67 #define PROPRIETARY_CMD_FELICA_READER_MODE 0xFE
68 static uint8_t gFelicaReaderMode;
69
70 static NFCSTATUS phNxpNciHal_ext_process_nfc_init_rsp(uint8_t* p_ntf,
71 uint16_t* p_len);
72 /*******************************************************************************
73 **
74 ** Function phNxpNciHal_ext_init
75 **
76 ** Description initialize extension function
77 **
78 *******************************************************************************/
phNxpNciHal_ext_init(void)79 void phNxpNciHal_ext_init(void) {
80 icode_detected = 0x00;
81 icode_send_eof = 0x00;
82 setEEModeDone = 0x00;
83 EnableP2P_PrioLogic = false;
84 }
85
86 /*******************************************************************************
87 **
88 ** Function phNxpNciHal_process_ext_rsp
89 **
90 ** Description Process extension function response
91 **
92 ** Returns NFCSTATUS_SUCCESS if success
93 **
94 *******************************************************************************/
phNxpNciHal_process_ext_rsp(uint8_t * p_ntf,uint16_t * p_len)95 NFCSTATUS phNxpNciHal_process_ext_rsp(uint8_t* p_ntf, uint16_t* p_len) {
96 NFCSTATUS status = NFCSTATUS_SUCCESS;
97
98 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && *p_len < 14) {
99 if (*p_len <= 6) {
100 android_errorWriteLog(0x534e4554, "118152591");
101 }
102 NXPLOG_NCIHAL_E("RF_INTF_ACTIVATED_NTF length error!");
103 status = NFCSTATUS_FAILED;
104 return status;
105 }
106
107 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x03 &&
108 p_ntf[5] == 0x05 && nxpprofile_ctrl.profile_type == EMV_CO_PROFILE) {
109 p_ntf[4] = 0xFF;
110 p_ntf[5] = 0xFF;
111 p_ntf[6] = 0xFF;
112 NXPLOG_NCIHAL_D("Nfc-Dep Detect in EmvCo profile - Restart polling");
113 }
114
115 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x01 &&
116 p_ntf[5] == 0x05 && p_ntf[6] == 0x02 && gFelicaReaderMode) {
117 /*If FelicaReaderMode is enabled,Change Protocol to T3T from NFC-DEP
118 * when FrameRF interface is selected*/
119 p_ntf[5] = 0x03;
120 NXPLOG_NCIHAL_D("FelicaReaderMode:Activity 1.1");
121 }
122
123 #ifdef P2P_PRIO_LOGIC_HAL_IMP
124 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x02 &&
125 p_ntf[5] == 0x04 && nxpprofile_ctrl.profile_type == NFC_FORUM_PROFILE) {
126 EnableP2P_PrioLogic = true;
127 }
128
129 NXPLOG_NCIHAL_D("Is EnableP2P_PrioLogic: 0x0%X", EnableP2P_PrioLogic);
130 if (phNxpDta_IsEnable() == false) {
131 if ((icode_detected != 1) && (EnableP2P_PrioLogic == true)) {
132 if (phNxpNciHal_NfcDep_comapre_ntf(p_ntf, *p_len) == NFCSTATUS_FAILED) {
133 status = phNxpNciHal_NfcDep_rsp_ext(p_ntf, p_len);
134 if (status != NFCSTATUS_INVALID_PARAMETER) {
135 return status;
136 }
137 }
138 }
139 }
140 #endif
141
142 status = NFCSTATUS_SUCCESS;
143
144 if (bDisableLegacyMfcExtns && bEnableMfcExtns && p_ntf[0] == 0) {
145 if (*p_len < NCI_HEADER_SIZE) {
146 android_errorWriteLog(0x534e4554, "169258743");
147 return NFCSTATUS_FAILED;
148 }
149 uint16_t extlen;
150 extlen = *p_len - NCI_HEADER_SIZE;
151 NxpMfcReaderInstance.AnalyzeMfcResp(&p_ntf[3], &extlen);
152 p_ntf[2] = extlen;
153 *p_len = extlen + NCI_HEADER_SIZE;
154 }
155
156 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05) {
157 bEnableMfcExtns = false;
158 if (bDisableLegacyMfcExtns && p_ntf[4] == 0x80 && p_ntf[5] == 0x80) {
159 bEnableMfcExtns = true;
160 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Mifare Enable MifareExtns");
161 }
162 switch (p_ntf[4]) {
163 case 0x00:
164 NXPLOG_NCIHAL_D("NxpNci: RF Interface = NFCEE Direct RF");
165 break;
166 case 0x01:
167 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Frame RF");
168 break;
169 case 0x02:
170 NXPLOG_NCIHAL_D("NxpNci: RF Interface = ISO-DEP");
171 break;
172 case 0x03:
173 NXPLOG_NCIHAL_D("NxpNci: RF Interface = NFC-DEP");
174 break;
175 case 0x80:
176 NXPLOG_NCIHAL_D("NxpNci: RF Interface = MIFARE");
177 break;
178 default:
179 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Unknown");
180 break;
181 }
182
183 switch (p_ntf[5]) {
184 case 0x01:
185 NXPLOG_NCIHAL_D("NxpNci: Protocol = T1T");
186 phNxpDta_T1TEnable();
187 break;
188 case 0x02:
189 NXPLOG_NCIHAL_D("NxpNci: Protocol = T2T");
190 break;
191 case 0x03:
192 NXPLOG_NCIHAL_D("NxpNci: Protocol = T3T");
193 break;
194 case 0x04:
195 NXPLOG_NCIHAL_D("NxpNci: Protocol = ISO-DEP");
196 break;
197 case 0x05:
198 NXPLOG_NCIHAL_D("NxpNci: Protocol = NFC-DEP");
199 break;
200 case 0x06:
201 NXPLOG_NCIHAL_D("NxpNci: Protocol = 15693");
202 break;
203 case 0x80:
204 NXPLOG_NCIHAL_D("NxpNci: Protocol = MIFARE");
205 break;
206 case 0x81:
207 NXPLOG_NCIHAL_D("NxpNci: Protocol = Kovio");
208 break;
209 default:
210 NXPLOG_NCIHAL_D("NxpNci: Protocol = Unknown");
211 break;
212 }
213
214 switch (p_ntf[6]) {
215 case 0x00:
216 NXPLOG_NCIHAL_D("NxpNci: Mode = A Passive Poll");
217 break;
218 case 0x01:
219 NXPLOG_NCIHAL_D("NxpNci: Mode = B Passive Poll");
220 break;
221 case 0x02:
222 NXPLOG_NCIHAL_D("NxpNci: Mode = F Passive Poll");
223 break;
224 case 0x03:
225 NXPLOG_NCIHAL_D("NxpNci: Mode = A Active Poll");
226 break;
227 case 0x05:
228 NXPLOG_NCIHAL_D("NxpNci: Mode = F Active Poll");
229 break;
230 case 0x06:
231 NXPLOG_NCIHAL_D("NxpNci: Mode = 15693 Passive Poll");
232 break;
233 case 0x70:
234 NXPLOG_NCIHAL_D("NxpNci: Mode = Kovio");
235 break;
236 case 0x80:
237 NXPLOG_NCIHAL_D("NxpNci: Mode = A Passive Listen");
238 break;
239 case 0x81:
240 NXPLOG_NCIHAL_D("NxpNci: Mode = B Passive Listen");
241 break;
242 case 0x82:
243 NXPLOG_NCIHAL_D("NxpNci: Mode = F Passive Listen");
244 break;
245 case 0x83:
246 NXPLOG_NCIHAL_D("NxpNci: Mode = A Active Listen");
247 break;
248 case 0x85:
249 NXPLOG_NCIHAL_D("NxpNci: Mode = F Active Listen");
250 break;
251 case 0x86:
252 NXPLOG_NCIHAL_D("NxpNci: Mode = 15693 Passive Listen");
253 break;
254 default:
255 NXPLOG_NCIHAL_D("NxpNci: Mode = Unknown");
256 break;
257 }
258 }
259 phNxpNciHal_ext_process_nfc_init_rsp(p_ntf, p_len);
260
261 if (*p_len > 22 && p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[2] == 0x15 &&
262 p_ntf[4] == 0x01 && p_ntf[5] == 0x06 && p_ntf[6] == 0x06) {
263 NXPLOG_NCIHAL_D("> Going through workaround - notification of ISO 15693");
264 icode_detected = 0x01;
265 p_ntf[21] = 0x01;
266 p_ntf[22] = 0x01;
267 } else if (icode_detected == 1 && icode_send_eof == 2) {
268 icode_send_eof = 3;
269 } else if (p_ntf[0] == 0x00 && p_ntf[1] == 0x00 && icode_detected == 1) {
270 if (icode_send_eof == 3) {
271 icode_send_eof = 0;
272 }
273 if (nxpncihal_ctrl.nci_info.nci_version != NCI_VERSION_2_0) {
274 if (*p_len <= (p_ntf[2] + 2)) {
275 android_errorWriteLog(0x534e4554, "181660091");
276 NXPLOG_NCIHAL_E("length error!");
277 return NFCSTATUS_FAILED;
278 }
279 if (p_ntf[p_ntf[2] + 2] == 0x00) {
280 NXPLOG_NCIHAL_D("> Going through workaround - data of ISO 15693");
281 p_ntf[2]--;
282 (*p_len)--;
283 } else {
284 p_ntf[p_ntf[2] + 2] |= 0x01;
285 }
286 }
287 } else if (p_ntf[2] == 0x02 && p_ntf[1] == 0x00 && icode_detected == 1) {
288 NXPLOG_NCIHAL_D("> ICODE EOF response do not send to upper layer");
289 } else if (p_ntf[0] == 0x61 && p_ntf[1] == 0x06 && icode_detected == 1) {
290 NXPLOG_NCIHAL_D("> Polling Loop Re-Started");
291 icode_detected = 0;
292 icode_send_eof = 0;
293 } else if (*p_len == 4 && p_ntf[0] == 0x40 && p_ntf[1] == 0x02 &&
294 p_ntf[2] == 0x01 && p_ntf[3] == 0x06) {
295 /* NXPLOG_NCIHAL_D("> Deinit workaround for LLCP set_config 0x%x 0x%x 0x%x",
296 p_ntf[21], p_ntf[22], p_ntf[23]); */
297 p_ntf[0] = 0x40;
298 p_ntf[1] = 0x02;
299 p_ntf[2] = 0x02;
300 p_ntf[3] = 0x00;
301 p_ntf[4] = 0x00;
302 *p_len = 5;
303 }
304 // 4200 02 00 01
305 else if (p_ntf[0] == 0x42 && p_ntf[1] == 0x00 && ee_disc_done == 0x01) {
306 NXPLOG_NCIHAL_D("Going through workaround - NFCEE_DISCOVER_RSP");
307 if (p_ntf[4] == 0x01) {
308 p_ntf[4] = 0x00;
309
310 ee_disc_done = 0x00;
311 }
312 NXPLOG_NCIHAL_D("Going through workaround - NFCEE_DISCOVER_RSP - END");
313
314 } else if (p_ntf[0] == 0x61 && p_ntf[1] == 0x03 /*&& cleanup_timer!=0*/) {
315 if (cleanup_timer != 0) {
316 /* if RF Notification Type of RF_DISCOVER_NTF is Last Notification */
317 if (0 == (*(p_ntf + 2 + (*(p_ntf + 2))))) {
318 phNxpNciHal_select_RF_Discovery(RfDiscID, RfProtocolType);
319 status = NFCSTATUS_FAILED;
320 return status;
321 } else {
322 RfDiscID = p_ntf[3];
323 RfProtocolType = p_ntf[4];
324 }
325 status = NFCSTATUS_FAILED;
326 return status;
327 }
328 } else if (p_ntf[0] == 0x41 && p_ntf[1] == 0x04 && cleanup_timer != 0) {
329 status = NFCSTATUS_FAILED;
330 return status;
331 } else if (*p_len == 4 && p_ntf[0] == 0x4F && p_ntf[1] == 0x11 &&
332 p_ntf[2] == 0x01) {
333 if (p_ntf[3] == 0x00) {
334 NXPLOG_NCIHAL_D(
335 "> Workaround for ISO-DEP Presence Check, ignore response and wait "
336 "for notification");
337 p_ntf[0] = 0x60;
338 p_ntf[1] = 0x06;
339 p_ntf[2] = 0x03;
340 p_ntf[3] = 0x01;
341 p_ntf[4] = 0x00;
342 p_ntf[5] = 0x01;
343 *p_len = 6;
344 } else {
345 NXPLOG_NCIHAL_D(
346 "> Workaround for ISO-DEP Presence Check, presence check return "
347 "failed");
348 p_ntf[0] = 0x60;
349 p_ntf[1] = 0x08;
350 p_ntf[2] = 0x02;
351 p_ntf[3] = 0xB2;
352 p_ntf[4] = 0x00;
353 *p_len = 5;
354 }
355 } else if (*p_len == 4 && p_ntf[0] == 0x6F && p_ntf[1] == 0x11 &&
356 p_ntf[2] == 0x01) {
357 if (p_ntf[3] == 0x01) {
358 NXPLOG_NCIHAL_D(
359 "> Workaround for ISO-DEP Presence Check - Card still in field");
360 p_ntf[0] = 0x00;
361 p_ntf[1] = 0x00;
362 p_ntf[2] = 0x01;
363 p_ntf[3] = 0x7E;
364 } else {
365 NXPLOG_NCIHAL_D(
366 "> Workaround for ISO-DEP Presence Check - Card not in field");
367 p_ntf[0] = 0x60;
368 p_ntf[1] = 0x08;
369 p_ntf[2] = 0x02;
370 p_ntf[3] = 0xB2;
371 p_ntf[4] = 0x00;
372 *p_len = 5;
373 }
374 }
375
376 if (*p_len == 4 && p_ntf[0] == 0x61 && p_ntf[1] == 0x07) {
377 unsigned long rf_update_enable = 0;
378 if (GetNxpNumValue(NAME_RF_STATUS_UPDATE_ENABLE, &rf_update_enable,
379 sizeof(unsigned long))) {
380 NXPLOG_NCIHAL_D("RF_STATUS_UPDATE_ENABLE : %lu", rf_update_enable);
381 }
382 if (rf_update_enable == 0x01) {
383 nfc_nci_IoctlInOutData_t inpOutData;
384 uint8_t rf_state_update[] = {0x00};
385 memset(&inpOutData, 0x00, sizeof(nfc_nci_IoctlInOutData_t));
386 inpOutData.inp.data.nciCmd.cmd_len = sizeof(rf_state_update);
387 rf_state_update[0] = p_ntf[3];
388 memcpy(inpOutData.inp.data.nciCmd.p_cmd, rf_state_update,
389 sizeof(rf_state_update));
390 inpOutData.inp.data_source = 2;
391 phNxpNciHal_ioctl(HAL_NFC_IOCTL_RF_STATUS_UPDATE, &inpOutData);
392 }
393 }
394 /*
395 else if(p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x01 && p_ntf[5]
396 == 0x00 && p_ntf[6] == 0x01)
397 {
398 NXPLOG_NCIHAL_D("Picopass type 3-B with undefined protocol is not
399 supported, disabling");
400 p_ntf[4] = 0xFF;
401 p_ntf[5] = 0xFF;
402 p_ntf[6] = 0xFF;
403 }*/
404
405 return status;
406 }
407
408 /******************************************************************************
409 * Function phNxpNciHal_ext_process_nfc_init_rsp
410 *
411 * Description This function is used to process the HAL NFC core reset rsp
412 * and ntf and core init rsp of NCI 1.0 or NCI2.0 and update
413 * NCI version.
414 * It also handles error response such as core_reset_ntf with
415 * error status in both NCI2.0 and NCI1.0.
416 *
417 * Returns Returns NFCSTATUS_SUCCESS if parsing response is successful
418 * or returns failure.
419 *
420 *******************************************************************************/
phNxpNciHal_ext_process_nfc_init_rsp(uint8_t * p_ntf,uint16_t * p_len)421 static NFCSTATUS phNxpNciHal_ext_process_nfc_init_rsp(uint8_t* p_ntf,
422 uint16_t* p_len) {
423 NFCSTATUS status = NFCSTATUS_SUCCESS;
424
425 /* Parsing CORE_RESET_RSP and CORE_RESET_NTF to update NCI version.*/
426 if (p_ntf == NULL || *p_len < 2) {
427 return NFCSTATUS_FAILED;
428 }
429 if (p_ntf[0] == NCI_MT_RSP &&
430 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_RESET)) {
431 if (*p_len < 4) {
432 android_errorWriteLog(0x534e4554, "169258455");
433 return NFCSTATUS_FAILED;
434 }
435 if (p_ntf[2] == 0x01 && p_ntf[3] == 0x00) {
436 NXPLOG_NCIHAL_D("CORE_RESET_RSP NCI2.0");
437 if (nxpncihal_ctrl.hal_ext_enabled == TRUE) {
438 nxpncihal_ctrl.nci_info.wait_for_ntf = TRUE;
439 }
440 } else if (p_ntf[2] == 0x03 && p_ntf[3] == 0x00) {
441 if (*p_len < 5) {
442 android_errorWriteLog(0x534e4554, "169258455");
443 return NFCSTATUS_FAILED;
444 }
445 NXPLOG_NCIHAL_D("CORE_RESET_RSP NCI1.0");
446 nxpncihal_ctrl.nci_info.nci_version = p_ntf[4];
447 }
448 } else if (p_ntf[0] == NCI_MT_NTF &&
449 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_RESET)) {
450 if (*p_len < 4) {
451 android_errorWriteLog(0x534e4554, "169258455");
452 return NFCSTATUS_FAILED;
453 }
454 if (p_ntf[3] == CORE_RESET_TRIGGER_TYPE_CORE_RESET_CMD_RECEIVED ||
455 p_ntf[3] == CORE_RESET_TRIGGER_TYPE_POWERED_ON) {
456 if (*p_len < 6) {
457 android_errorWriteLog(0x534e4554, "169258455");
458 return NFCSTATUS_FAILED;
459 }
460 NXPLOG_NCIHAL_D("CORE_RESET_NTF NCI2.0 reason CORE_RESET_CMD received !");
461 nxpncihal_ctrl.nci_info.nci_version = p_ntf[5];
462 NXPLOG_NCIHAL_D("nci_version : 0x%02x",
463 nxpncihal_ctrl.nci_info.nci_version);
464 if (!nxpncihal_ctrl.hal_open_status) {
465 phNxpNciHal_configFeatureList(p_ntf, *p_len);
466 }
467 int len = p_ntf[2] + 2; /*include 2 byte header*/
468 if (len != *p_len - 1) {
469 NXPLOG_NCIHAL_E(
470 "phNxpNciHal_ext_process_nfc_init_rsp invalid NTF length");
471 android_errorWriteLog(0x534e4554, "121263487");
472 return NFCSTATUS_FAILED;
473 }
474 wFwVerRsp = (((uint32_t)p_ntf[len - 2]) << 16U) |
475 (((uint32_t)p_ntf[len - 1]) << 8U) | p_ntf[len];
476 NXPLOG_NCIHAL_D("NxpNci> FW Version: %x.%x.%x", p_ntf[len - 2],
477 p_ntf[len - 1], p_ntf[len]);
478 rom_version = p_ntf[len - 2];
479 } else {
480 uint32_t i;
481 char print_buffer[*p_len * 3 + 1];
482
483 memset(print_buffer, 0, sizeof(print_buffer));
484 for (i = 0; i < *p_len; i++) {
485 snprintf(&print_buffer[i * 2], 3, "%02X", p_ntf[i]);
486 }
487 NXPLOG_NCIHAL_D("CORE_RESET_NTF received !");
488 NXPLOG_NCIR_E("len = %3d > %s", *p_len, print_buffer);
489 phNxpNciHal_emergency_recovery();
490 status = NFCSTATUS_FAILED;
491 } /* Parsing CORE_INIT_RSP*/
492 } else if (p_ntf[0] == NCI_MT_RSP &&
493 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_INIT)) {
494 if (nxpncihal_ctrl.nci_info.nci_version == NCI_VERSION_2_0) {
495 NXPLOG_NCIHAL_D("CORE_INIT_RSP NCI2.0 received !");
496 } else {
497 NXPLOG_NCIHAL_D("CORE_INIT_RSP NCI1.0 received !");
498 if (!nxpncihal_ctrl.hal_open_status) {
499 phNxpNciHal_configFeatureList(p_ntf, *p_len);
500 }
501 if (*p_len < 3) {
502 android_errorWriteLog(0x534e4554, "169258455");
503 return NFCSTATUS_FAILED;
504 }
505 int len = p_ntf[2] + 2; /*include 2 byte header*/
506 if (len != *p_len - 1) {
507 NXPLOG_NCIHAL_E(
508 "phNxpNciHal_ext_process_nfc_init_rsp invalid NTF length");
509 android_errorWriteLog(0x534e4554, "121263487");
510 return NFCSTATUS_FAILED;
511 }
512 wFwVerRsp = (((uint32_t)p_ntf[len - 2]) << 16U) |
513 (((uint32_t)p_ntf[len - 1]) << 8U) | p_ntf[len];
514 if (wFwVerRsp == 0) status = NFCSTATUS_FAILED;
515 NXPLOG_NCIHAL_D("NxpNci> FW Version: %x.%x.%x", p_ntf[len - 2],
516 p_ntf[len - 1], p_ntf[len]);
517 rom_version = p_ntf[len - 2];
518 }
519 }
520 return status;
521 }
522
523 /******************************************************************************
524 * Function phNxpNciHal_process_ext_cmd_rsp
525 *
526 * Description This function process the extension command response. It
527 * also checks the received response to expected response.
528 *
529 * Returns returns NFCSTATUS_SUCCESS if response is as expected else
530 * returns failure.
531 *
532 ******************************************************************************/
phNxpNciHal_process_ext_cmd_rsp(uint16_t cmd_len,uint8_t * p_cmd)533 static NFCSTATUS phNxpNciHal_process_ext_cmd_rsp(uint16_t cmd_len,
534 uint8_t* p_cmd) {
535 NFCSTATUS status = NFCSTATUS_FAILED;
536 uint16_t data_written = 0;
537
538 /* Create the local semaphore */
539 if (phNxpNciHal_init_cb_data(&nxpncihal_ctrl.ext_cb_data, NULL) !=
540 NFCSTATUS_SUCCESS) {
541 NXPLOG_NCIHAL_D("Create ext_cb_data failed");
542 return NFCSTATUS_FAILED;
543 }
544
545 nxpncihal_ctrl.ext_cb_data.status = NFCSTATUS_SUCCESS;
546
547 /* Send ext command */
548 data_written = phNxpNciHal_write_unlocked(cmd_len, p_cmd);
549 if (data_written != cmd_len) {
550 NXPLOG_NCIHAL_D("phNxpNciHal_write failed for hal ext");
551 goto clean_and_return;
552 }
553
554 /* Start timer */
555 status = phOsalNfc_Timer_Start(timeoutTimerId, HAL_EXTNS_WRITE_RSP_TIMEOUT,
556 &hal_extns_write_rsp_timeout_cb, NULL);
557 if (NFCSTATUS_SUCCESS == status) {
558 NXPLOG_NCIHAL_D("Response timer started");
559 } else {
560 NXPLOG_NCIHAL_E("Response timer not started!!!");
561 status = NFCSTATUS_FAILED;
562 goto clean_and_return;
563 }
564
565 /* Wait for rsp */
566 NXPLOG_NCIHAL_D("Waiting after ext cmd sent");
567 if (SEM_WAIT(nxpncihal_ctrl.ext_cb_data)) {
568 NXPLOG_NCIHAL_E("p_hal_ext->ext_cb_data.sem semaphore error");
569 goto clean_and_return;
570 }
571
572 /* Stop Timer */
573 status = phOsalNfc_Timer_Stop(timeoutTimerId);
574 if (NFCSTATUS_SUCCESS == status) {
575 NXPLOG_NCIHAL_D("Response timer stopped");
576 } else {
577 NXPLOG_NCIHAL_E("Response timer stop ERROR!!!");
578 status = NFCSTATUS_FAILED;
579 goto clean_and_return;
580 }
581
582 if (cmd_len < 3) {
583 android_errorWriteLog(0x534e4554, "153880630");
584 status = NFCSTATUS_FAILED;
585 goto clean_and_return;
586 }
587
588 /* No NTF expected for OMAPI command */
589 if (p_cmd[0] == 0x2F && p_cmd[1] == 0x1 && p_cmd[2] == 0x01) {
590 nxpncihal_ctrl.nci_info.wait_for_ntf = FALSE;
591 }
592 /* Start timer to wait for NTF*/
593 if (nxpncihal_ctrl.nci_info.wait_for_ntf == TRUE) {
594 status = phOsalNfc_Timer_Start(timeoutTimerId, HAL_EXTNS_WRITE_RSP_TIMEOUT,
595 &hal_extns_write_rsp_timeout_cb, NULL);
596 if (NFCSTATUS_SUCCESS == status) {
597 NXPLOG_NCIHAL_D("Response timer started");
598 } else {
599 NXPLOG_NCIHAL_E("Response timer not started!!!");
600 status = NFCSTATUS_FAILED;
601 goto clean_and_return;
602 }
603 if (SEM_WAIT(nxpncihal_ctrl.ext_cb_data)) {
604 NXPLOG_NCIHAL_E("p_hal_ext->ext_cb_data.sem semaphore error");
605 /* Stop Timer */
606 status = phOsalNfc_Timer_Stop(timeoutTimerId);
607 goto clean_and_return;
608 }
609 status = phOsalNfc_Timer_Stop(timeoutTimerId);
610 if (NFCSTATUS_SUCCESS == status) {
611 NXPLOG_NCIHAL_D("Response timer stopped");
612 } else {
613 NXPLOG_NCIHAL_E("Response timer stop ERROR!!!");
614 status = NFCSTATUS_FAILED;
615 goto clean_and_return;
616 }
617 }
618
619 if (nxpncihal_ctrl.ext_cb_data.status != NFCSTATUS_SUCCESS &&
620 p_cmd[0] != 0x2F && p_cmd[1] != 0x1 && p_cmd[2] == 0x01) {
621 NXPLOG_NCIHAL_E(
622 "Callback Status is failed!! Timer Expired!! Couldn't read it! 0x%x",
623 nxpncihal_ctrl.ext_cb_data.status);
624 status = NFCSTATUS_FAILED;
625 goto clean_and_return;
626 }
627
628 NXPLOG_NCIHAL_D("Checking response");
629 status = NFCSTATUS_SUCCESS;
630
631 clean_and_return:
632 phNxpNciHal_cleanup_cb_data(&nxpncihal_ctrl.ext_cb_data);
633 nxpncihal_ctrl.nci_info.wait_for_ntf = FALSE;
634 return status;
635 }
636
637 /******************************************************************************
638 * Function phNxpNciHal_write_ext
639 *
640 * Description This function inform the status of phNxpNciHal_open
641 * function to libnfc-nci.
642 *
643 * Returns It return NFCSTATUS_SUCCESS then continue with send else
644 * sends NFCSTATUS_FAILED direct response is prepared and
645 * do not send anything to NFCC.
646 *
647 ******************************************************************************/
648
phNxpNciHal_write_ext(uint16_t * cmd_len,uint8_t * p_cmd_data,uint16_t * rsp_len,uint8_t * p_rsp_data)649 NFCSTATUS phNxpNciHal_write_ext(uint16_t* cmd_len, uint8_t* p_cmd_data,
650 uint16_t* rsp_len, uint8_t* p_rsp_data) {
651 NFCSTATUS status = NFCSTATUS_SUCCESS;
652
653 phNxpNciHal_NfcDep_cmd_ext(p_cmd_data, cmd_len);
654
655 if (phNxpDta_IsEnable() == true) {
656 status = phNxpNHal_DtaUpdate(cmd_len, p_cmd_data, rsp_len, p_rsp_data);
657 }
658
659 if (p_cmd_data[0] == PROPRIETARY_CMD_FELICA_READER_MODE &&
660 p_cmd_data[1] == PROPRIETARY_CMD_FELICA_READER_MODE &&
661 p_cmd_data[2] == PROPRIETARY_CMD_FELICA_READER_MODE) {
662 NXPLOG_NCIHAL_D("Received proprietary command to set Felica Reader mode:%d",
663 p_cmd_data[3]);
664 gFelicaReaderMode = p_cmd_data[3];
665 /* frame the dummy response */
666 *rsp_len = 4;
667 p_rsp_data[0] = 0x00;
668 p_rsp_data[1] = 0x00;
669 p_rsp_data[2] = 0x00;
670 p_rsp_data[3] = 0x00;
671 status = NFCSTATUS_FAILED;
672 } else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 &&
673 p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x01 &&
674 p_cmd_data[4] == 0xA0 && p_cmd_data[5] == 0x44 &&
675 p_cmd_data[6] == 0x01 && p_cmd_data[7] == 0x01) {
676 nxpprofile_ctrl.profile_type = EMV_CO_PROFILE;
677 NXPLOG_NCIHAL_D("EMV_CO_PROFILE mode - Enabled");
678 status = NFCSTATUS_SUCCESS;
679 } else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 &&
680 p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x01 &&
681 p_cmd_data[4] == 0xA0 && p_cmd_data[5] == 0x44 &&
682 p_cmd_data[6] == 0x01 && p_cmd_data[7] == 0x00) {
683 NXPLOG_NCIHAL_D("NFC_FORUM_PROFILE mode - Enabled");
684 nxpprofile_ctrl.profile_type = NFC_FORUM_PROFILE;
685 status = NFCSTATUS_SUCCESS;
686 }
687
688 if (nxpprofile_ctrl.profile_type == EMV_CO_PROFILE) {
689 if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x06 &&
690 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x03) {
691 #if 0
692 //Needs clarification whether to keep it or not
693 NXPLOG_NCIHAL_D ("EmvCo Poll mode - RF Deactivate discard");
694 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
695 *rsp_len = 4;
696 p_rsp_data[0] = 0x41;
697 p_rsp_data[1] = 0x06;
698 p_rsp_data[2] = 0x01;
699 p_rsp_data[3] = 0x00;
700 phNxpNciHal_print_packet("RECV", p_rsp_data, 4);
701 status = NFCSTATUS_FAILED;
702 #endif
703 } else if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x03) {
704 NXPLOG_NCIHAL_D("EmvCo Poll mode - Discover map only for A and B");
705 p_cmd_data[2] = 0x05;
706 p_cmd_data[3] = 0x02;
707 p_cmd_data[4] = 0x00;
708 p_cmd_data[5] = 0x01;
709 p_cmd_data[6] = 0x01;
710 p_cmd_data[7] = 0x01;
711 *cmd_len = 8;
712 }
713 }
714
715 if (*cmd_len <= (NCI_MAX_DATA_LEN - 3) && bEnableMfcReader &&
716 p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x00) {
717 NXPLOG_NCIHAL_D("Going through extns - Adding Mifare in RF Discovery");
718 p_cmd_data[2] += 3;
719 p_cmd_data[3] += 1;
720 p_cmd_data[*cmd_len] = 0x80;
721 p_cmd_data[*cmd_len + 1] = 0x01;
722 p_cmd_data[*cmd_len + 2] = 0x80;
723 *cmd_len += 3;
724 status = NFCSTATUS_SUCCESS;
725 bEnableMfcExtns = false;
726 NXPLOG_NCIHAL_D(
727 "Going through extns - Adding Mifare in RF Discovery - END");
728 } else if (p_cmd_data[3] == 0x81 && p_cmd_data[4] == 0x01 &&
729 p_cmd_data[5] == 0x03) {
730 if (nxpncihal_ctrl.nci_info.nci_version != NCI_VERSION_2_0) {
731 NXPLOG_NCIHAL_D("> Going through workaround - set host list");
732
733 *cmd_len = 8;
734
735 p_cmd_data[2] = 0x05;
736 p_cmd_data[6] = 0x02;
737 p_cmd_data[7] = 0xC0;
738
739 NXPLOG_NCIHAL_D("> Going through workaround - set host list - END");
740 status = NFCSTATUS_SUCCESS;
741 }
742 } else if (icode_detected) {
743 if ((p_cmd_data[3] & 0x40) == 0x40 &&
744 (p_cmd_data[4] == 0x21 || p_cmd_data[4] == 0x22 ||
745 p_cmd_data[4] == 0x24 || p_cmd_data[4] == 0x27 ||
746 p_cmd_data[4] == 0x28 || p_cmd_data[4] == 0x29 ||
747 p_cmd_data[4] == 0x2a)) {
748 NXPLOG_NCIHAL_D("> Send EOF set");
749 icode_send_eof = 1;
750 }
751
752 if (p_cmd_data[3] == 0x20 || p_cmd_data[3] == 0x24 ||
753 p_cmd_data[3] == 0x60) {
754 NXPLOG_NCIHAL_D("> NFC ISO_15693 Proprietary CMD ");
755 p_cmd_data[3] += 0x02;
756 }
757 } else if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x03) {
758 NXPLOG_NCIHAL_D("> Polling Loop Started");
759 icode_detected = 0;
760 icode_send_eof = 0;
761 }
762 // 22000100
763 else if (p_cmd_data[0] == 0x22 && p_cmd_data[1] == 0x00 &&
764 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x00) {
765 // ee_disc_done = 0x01;//Reader Over SWP event getting
766 *rsp_len = 0x05;
767 p_rsp_data[0] = 0x42;
768 p_rsp_data[1] = 0x00;
769 p_rsp_data[2] = 0x02;
770 p_rsp_data[3] = 0x00;
771 p_rsp_data[4] = 0x00;
772 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
773 status = NFCSTATUS_FAILED;
774 }
775 // 2002 0904 3000 3100 3200 5000
776 else if (*cmd_len <= (NCI_MAX_DATA_LEN - 1) &&
777 (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
778 ((p_cmd_data[2] == 0x09 && p_cmd_data[3] == 0x04) /*||
779 (p_cmd_data[2] == 0x0D && p_cmd_data[3] == 0x04)*/
780 )) {
781 *cmd_len += 0x01;
782 p_cmd_data[2] += 0x01;
783 p_cmd_data[9] = 0x01;
784 p_cmd_data[10] = 0x40;
785 p_cmd_data[11] = 0x50;
786 p_cmd_data[12] = 0x00;
787
788 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
789 // phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
790 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
791 }
792 // 20020703300031003200
793 // 2002 0301 3200
794 else if ((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
795 ((p_cmd_data[2] == 0x07 && p_cmd_data[3] == 0x03) ||
796 (p_cmd_data[2] == 0x03 && p_cmd_data[3] == 0x01 &&
797 p_cmd_data[4] == 0x32))) {
798 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
799 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
800 *rsp_len = 5;
801 p_rsp_data[0] = 0x40;
802 p_rsp_data[1] = 0x02;
803 p_rsp_data[2] = 0x02;
804 p_rsp_data[3] = 0x00;
805 p_rsp_data[4] = 0x00;
806
807 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
808 status = NFCSTATUS_FAILED;
809 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
810 }
811
812 // 2002 0D04 300104 310100 320100 500100
813 // 2002 0401 320100
814 else if ((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
815 (
816 /*(p_cmd_data[2] == 0x0D && p_cmd_data[3] == 0x04)*/
817 (p_cmd_data[2] == 0x04 && p_cmd_data[3] == 0x01 &&
818 p_cmd_data[4] == 0x32 && p_cmd_data[5] == 0x00))) {
819 // p_cmd_data[12] = 0x40;
820
821 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
822 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
823 p_cmd_data[6] = 0x60;
824
825 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
826 // status = NFCSTATUS_FAILED;
827 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
828 } else if (*cmd_len <= (NCI_MAX_DATA_LEN - 3) && p_cmd_data[0] == 0x21 &&
829 p_cmd_data[1] == 0x00) {
830 NXPLOG_NCIHAL_D(
831 "> Going through workaround - Add Mifare Classic in Discovery Map");
832 p_cmd_data[*cmd_len] = 0x80;
833 p_cmd_data[*cmd_len + 1] = 0x01;
834 p_cmd_data[*cmd_len + 2] = 0x80;
835 p_cmd_data[5] = 0x01;
836 p_cmd_data[6] = 0x01;
837 p_cmd_data[2] += 3;
838 p_cmd_data[3] += 1;
839 *cmd_len += 3;
840 } else if (*cmd_len == 3 && p_cmd_data[0] == 0x00 && p_cmd_data[1] == 0x00 &&
841 p_cmd_data[2] == 0x00) {
842 NXPLOG_NCIHAL_D("> Going through workaround - ISO-DEP Presence Check ");
843 p_cmd_data[0] = 0x2F;
844 p_cmd_data[1] = 0x11;
845 p_cmd_data[2] = 0x00;
846 status = NFCSTATUS_SUCCESS;
847 NXPLOG_NCIHAL_D(
848 "> Going through workaround - ISO-DEP Presence Check - End");
849 }
850 #if 0
851 else if ( (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 ) &&
852 ((p_cmd_data[2] == 0x09 && p_cmd_data[3] == 0x04) ||
853 (p_cmd_data[2] == 0x0B && p_cmd_data[3] == 0x05) ||
854 (p_cmd_data[2] == 0x07 && p_cmd_data[3] == 0x02) ||
855 (p_cmd_data[2] == 0x0A && p_cmd_data[3] == 0x03) ||
856 (p_cmd_data[2] == 0x0A && p_cmd_data[3] == 0x04) ||
857 (p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x02))
858 )
859 {
860 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config ");
861 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
862 *rsp_len = 5;
863 p_rsp_data[0] = 0x40;
864 p_rsp_data[1] = 0x02;
865 p_rsp_data[2] = 0x02;
866 p_rsp_data[3] = 0x00;
867 p_rsp_data[4] = 0x00;
868
869 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
870 status = NFCSTATUS_FAILED;
871 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config - End ");
872 }
873
874 else if((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
875 ((p_cmd_data[3] == 0x00) ||
876 ((*cmd_len >= 0x06) && (p_cmd_data[5] == 0x00)))) /*If the length of the first param id is zero don't allow*/
877 {
878 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config ");
879 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
880 *rsp_len = 5;
881 p_rsp_data[0] = 0x40;
882 p_rsp_data[1] = 0x02;
883 p_rsp_data[2] = 0x02;
884 p_rsp_data[3] = 0x00;
885 p_rsp_data[4] = 0x00;
886
887 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
888 status = NFCSTATUS_FAILED;
889 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config - End ");
890 }
891 #endif
892 else if ((wFwVerRsp & 0x0000FFFF) == wFwVer) {
893 /* skip CORE_RESET and CORE_INIT from Brcm */
894 if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x00 &&
895 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x01) {
896 // *rsp_len = 6;
897 //
898 // NXPLOG_NCIHAL_D("> Going - core reset optimization");
899 //
900 // p_rsp_data[0] = 0x40;
901 // p_rsp_data[1] = 0x00;
902 // p_rsp_data[2] = 0x03;
903 // p_rsp_data[3] = 0x00;
904 // p_rsp_data[4] = 0x10;
905 // p_rsp_data[5] = 0x01;
906 //
907 // status = NFCSTATUS_FAILED;
908 // NXPLOG_NCIHAL_D("> Going - core reset optimization - END");
909 }
910 /* CORE_INIT */
911 else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x01 &&
912 p_cmd_data[2] == 0x00) {
913 }
914 }
915
916 return status;
917 }
918
919 /******************************************************************************
920 * Function phNxpNciHal_send_ext_cmd
921 *
922 * Description This function send the extension command to NFCC. No
923 * response is checked by this function but it waits for
924 * the response to come.
925 *
926 * Returns Returns NFCSTATUS_SUCCESS if sending cmd is successful and
927 * response is received.
928 *
929 ******************************************************************************/
phNxpNciHal_send_ext_cmd(uint16_t cmd_len,uint8_t * p_cmd)930 NFCSTATUS phNxpNciHal_send_ext_cmd(uint16_t cmd_len, uint8_t* p_cmd) {
931 NFCSTATUS status = NFCSTATUS_FAILED;
932 HAL_ENABLE_EXT();
933 nxpncihal_ctrl.cmd_len = cmd_len;
934 memcpy(nxpncihal_ctrl.p_cmd_data, p_cmd, cmd_len);
935 status = phNxpNciHal_process_ext_cmd_rsp(nxpncihal_ctrl.cmd_len,
936 nxpncihal_ctrl.p_cmd_data);
937 HAL_DISABLE_EXT();
938
939 return status;
940 }
941
942 /******************************************************************************
943 * Function phNxpNciHal_send_ese_hal_cmd
944 *
945 * Description This function send the extension command to NFCC. No
946 * response is checked by this function but it waits for
947 * the response to come.
948 *
949 * Returns Returns NFCSTATUS_SUCCESS if sending cmd is successful and
950 * response is received.
951 *
952 ******************************************************************************/
phNxpNciHal_send_ese_hal_cmd(uint16_t cmd_len,uint8_t * p_cmd)953 NFCSTATUS phNxpNciHal_send_ese_hal_cmd(uint16_t cmd_len, uint8_t* p_cmd) {
954 NFCSTATUS status = NFCSTATUS_FAILED;
955 if (cmd_len > NCI_MAX_DATA_LEN) {
956 NXPLOG_NCIHAL_E("cmd_len exceeds limit NCI_MAX_DATA_LEN");
957 return status;
958 }
959 nxpncihal_ctrl.cmd_len = cmd_len;
960 memcpy(nxpncihal_ctrl.p_cmd_data, p_cmd, cmd_len);
961 status = phNxpNciHal_process_ext_cmd_rsp(nxpncihal_ctrl.cmd_len,
962 nxpncihal_ctrl.p_cmd_data);
963 return status;
964 }
965
966 /******************************************************************************
967 * Function hal_extns_write_rsp_timeout_cb
968 *
969 * Description Timer call back function
970 *
971 * Returns None
972 *
973 ******************************************************************************/
hal_extns_write_rsp_timeout_cb(uint32_t timerId,void * pContext)974 static void hal_extns_write_rsp_timeout_cb(uint32_t timerId, void* pContext) {
975 UNUSED(timerId);
976 UNUSED(pContext);
977 NXPLOG_NCIHAL_D("hal_extns_write_rsp_timeout_cb - write timeout!!!");
978 nxpncihal_ctrl.ext_cb_data.status = NFCSTATUS_FAILED;
979 usleep(1);
980 sem_post(&(nxpncihal_ctrl.syncSpiNfc));
981 SEM_POST(&(nxpncihal_ctrl.ext_cb_data));
982
983 return;
984 }
985