1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19
20 /******************************************************************************
21 *
22 * This file contains functions that interface with the NFC NCI transport.
23 * On the receive side, it routes events to the appropriate handler
24 * (callback). On the transmit side, it manages the command transmission.
25 *
26 ******************************************************************************/
27 #include <stdlib.h>
28 #include <string.h>
29 #include "nfc_target.h"
30
31 #if NFC_INCLUDED == TRUE
32 #include "nfc_hal_api.h"
33 #include "nfc_api.h"
34 #include "nci_defs.h"
35 #include "nci_hmsgs.h"
36 #include "nfc_int.h"
37 #include "rw_api.h"
38 #include "rw_int.h"
39 #include "hcidefs.h"
40 #include "nfc_hal_api.h"
41
42 #if (NFC_RW_ONLY == FALSE)
43 static const UINT8 nfc_mpl_code_to_size[] =
44 {64, 128, 192, 254};
45
46 #endif /* NFC_RW_ONLY */
47
48
49 #define NFC_PB_ATTRIB_REQ_FIXED_BYTES 1
50 #define NFC_LB_ATTRIB_REQ_FIXED_BYTES 8
51
52
53 /*******************************************************************************
54 **
55 ** Function nfc_ncif_update_window
56 **
57 ** Description Update tx cmd window to indicate that NFCC can received
58 **
59 ** Returns void
60 **
61 *********************************************************************************/
nfc_ncif_update_window(void)62 void nfc_ncif_update_window (void)
63 {
64 /* Sanity check - see if we were expecting a update_window */
65 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
66 {
67 if (nfc_cb.nfc_state != NFC_STATE_W4_HAL_CLOSE)
68 {
69 NFC_TRACE_ERROR0("nfc_ncif_update_window: Unexpected call");
70 }
71 return;
72 }
73
74 /* Stop command-pending timer */
75 nfc_stop_timer (&nfc_cb.nci_wait_rsp_timer);
76
77 nfc_cb.p_vsc_cback = NULL;
78 nfc_cb.nci_cmd_window++;
79
80 /* Check if there were any commands waiting to be sent */
81 nfc_ncif_check_cmd_queue (NULL);
82 }
83
84 /*******************************************************************************
85 **
86 ** Function nfc_ncif_cmd_timeout
87 **
88 ** Description Handle a command timeout
89 **
90 ** Returns void
91 **
92 *******************************************************************************/
nfc_ncif_cmd_timeout(void)93 void nfc_ncif_cmd_timeout (void)
94 {
95 NFC_TRACE_ERROR0 ("nfc_ncif_cmd_timeout");
96
97 /* report an error */
98 nfc_ncif_event_status(NFC_GEN_ERROR_REVT, NFC_STATUS_HW_TIMEOUT);
99 nfc_ncif_event_status(NFC_NFCC_TIMEOUT_REVT, NFC_STATUS_HW_TIMEOUT);
100
101 /* if enabling NFC, notify upper layer of failure */
102 if (nfc_cb.nfc_state == NFC_STATE_CORE_INIT)
103 {
104 nfc_enabled (NFC_STATUS_FAILED, NULL);
105 }
106
107 /* XXX maco since this failure is unrecoverable, abort the process */
108 abort();
109 }
110
111 /*******************************************************************************
112 **
113 ** Function nfc_wait_2_deactivate_timeout
114 **
115 ** Description Handle a command timeout
116 **
117 ** Returns void
118 **
119 *******************************************************************************/
nfc_wait_2_deactivate_timeout(void)120 void nfc_wait_2_deactivate_timeout (void)
121 {
122 NFC_TRACE_ERROR0 ("nfc_wait_2_deactivate_timeout");
123 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
124 nci_snd_deactivate_cmd ((UINT8) ((TIMER_PARAM_TYPE) nfc_cb.deactivate_timer.param));
125 }
126
127
128 /*******************************************************************************
129 **
130 ** Function nfc_ncif_send_data
131 **
132 ** Description This function is called to add the NCI data header
133 ** and send it to NCIT task for sending it to transport
134 ** as credits are available.
135 **
136 ** Returns void
137 **
138 *******************************************************************************/
nfc_ncif_send_data(tNFC_CONN_CB * p_cb,BT_HDR * p_data)139 UINT8 nfc_ncif_send_data (tNFC_CONN_CB *p_cb, BT_HDR *p_data)
140 {
141 UINT8 *pp;
142 UINT8 *ps;
143 UINT8 ulen = NCI_MAX_PAYLOAD_SIZE;
144 BT_HDR *p;
145 UINT8 pbf = 1;
146 UINT8 buffer_size = p_cb->buff_size;
147 UINT8 hdr0 = p_cb->conn_id;
148 BOOLEAN fragmented = FALSE;
149
150 NFC_TRACE_DEBUG3 ("nfc_ncif_send_data :%d, num_buff:%d qc:%d", p_cb->conn_id, p_cb->num_buff, p_cb->tx_q.count);
151 if (p_cb->id == NFC_RF_CONN_ID)
152 {
153 if (nfc_cb.nfc_state != NFC_STATE_OPEN)
154 {
155 if (nfc_cb.nfc_state == NFC_STATE_CLOSING)
156 {
157 if ((p_data == NULL) && /* called because credit from NFCC */
158 (nfc_cb.flags & NFC_FL_DEACTIVATING))
159 {
160 if (p_cb->init_credits == p_cb->num_buff)
161 {
162 /* all the credits are back */
163 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
164 NFC_TRACE_DEBUG2 ("deactivating NFC-DEP init_credits:%d, num_buff:%d", p_cb->init_credits, p_cb->num_buff);
165 nfc_stop_timer(&nfc_cb.deactivate_timer);
166 nci_snd_deactivate_cmd ((UINT8)((TIMER_PARAM_TYPE)nfc_cb.deactivate_timer.param));
167 }
168 }
169 }
170 return NCI_STATUS_FAILED;
171 }
172 }
173
174 if (p_data)
175 {
176 /* always enqueue the data to the tx queue */
177 GKI_enqueue (&p_cb->tx_q, p_data);
178 }
179
180 /* try to send the first data packet in the tx queue */
181 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
182
183 /* post data fragment to NCIT task as credits are available */
184 while (p_data && (p_data->len >= 0) && (p_cb->num_buff > 0))
185 {
186 if (p_data->len <= buffer_size)
187 {
188 pbf = 0; /* last fragment */
189 ulen = (UINT8)(p_data->len);
190 fragmented = FALSE;
191 }
192 else
193 {
194 fragmented = TRUE;
195 ulen = buffer_size;
196 }
197
198 if (!fragmented)
199 {
200 /* if data packet is not fragmented, use the original buffer */
201 p = p_data;
202 p_data = (BT_HDR *)GKI_dequeue (&p_cb->tx_q);
203 }
204 else
205 {
206 /* the data packet is too big and need to be fragmented
207 * prepare a new GKI buffer
208 * (even the last fragment to avoid issues) */
209 if ((p = NCI_GET_CMD_BUF(ulen)) == NULL)
210 return (NCI_STATUS_BUFFER_FULL);
211 p->len = ulen;
212 p->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE + 1;
213 if (p->len)
214 {
215 pp = (UINT8 *)(p + 1) + p->offset;
216 ps = (UINT8 *)(p_data + 1) + p_data->offset;
217 memcpy (pp, ps, ulen);
218 }
219 /* adjust the BT_HDR on the old fragment */
220 p_data->len -= ulen;
221 p_data->offset += ulen;
222 }
223
224 p->event = BT_EVT_TO_NFC_NCI;
225 p->layer_specific = pbf;
226 p->len += NCI_DATA_HDR_SIZE;
227 p->offset -= NCI_DATA_HDR_SIZE;
228 pp = (UINT8 *)(p + 1) + p->offset;
229 /* build NCI Data packet header */
230 NCI_DATA_PBLD_HDR(pp, pbf, hdr0, ulen);
231
232 if (p_cb->num_buff != NFC_CONN_NO_FC)
233 p_cb->num_buff--;
234
235 /* send to HAL */
236 HAL_WRITE(p);
237
238 if (!fragmented)
239 {
240 /* check if there are more data to send */
241 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
242 }
243 }
244
245 return (NCI_STATUS_OK);
246 }
247
248 /*******************************************************************************
249 **
250 ** Function nfc_ncif_check_cmd_queue
251 **
252 ** Description Send NCI command to the transport
253 **
254 ** Returns void
255 **
256 *******************************************************************************/
nfc_ncif_check_cmd_queue(BT_HDR * p_buf)257 void nfc_ncif_check_cmd_queue (BT_HDR *p_buf)
258 {
259 UINT8 *ps;
260 /* If there are commands waiting in the xmit queue, or if the controller cannot accept any more commands, */
261 /* then enqueue this command */
262 if (p_buf)
263 {
264 if ((nfc_cb.nci_cmd_xmit_q.count) || (nfc_cb.nci_cmd_window == 0))
265 {
266 GKI_enqueue (&nfc_cb.nci_cmd_xmit_q, p_buf);
267 p_buf = NULL;
268 }
269 }
270
271 /* If controller can accept another command, then send the next command */
272 if (nfc_cb.nci_cmd_window > 0)
273 {
274 /* If no command was provided, or if older commands were in the queue, then get cmd from the queue */
275 if (!p_buf)
276 p_buf = (BT_HDR *)GKI_dequeue (&nfc_cb.nci_cmd_xmit_q);
277
278 if (p_buf)
279 {
280 /* save the message header to double check the response */
281 ps = (UINT8 *)(p_buf + 1) + p_buf->offset;
282 memcpy(nfc_cb.last_hdr, ps, NFC_SAVED_HDR_SIZE);
283 memcpy(nfc_cb.last_cmd, ps + NCI_MSG_HDR_SIZE, NFC_SAVED_CMD_SIZE);
284 if (p_buf->layer_specific == NFC_WAIT_RSP_VSC)
285 {
286 /* save the callback for NCI VSCs) */
287 nfc_cb.p_vsc_cback = (void *)((tNFC_NCI_VS_MSG *)p_buf)->p_cback;
288 }
289
290 /* send to HAL */
291 HAL_WRITE(p_buf);
292
293 /* Indicate command is pending */
294 nfc_cb.nci_cmd_window--;
295
296 /* start NFC command-timeout timer */
297 nfc_start_timer (&nfc_cb.nci_wait_rsp_timer, (UINT16)(NFC_TTYPE_NCI_WAIT_RSP), nfc_cb.nci_wait_rsp_tout);
298 }
299 }
300
301 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
302 {
303 /* the command queue must be empty now */
304 if (nfc_cb.flags & NFC_FL_CONTROL_REQUESTED)
305 {
306 /* HAL requested control or stack needs to handle pre-discover */
307 nfc_cb.flags &= ~NFC_FL_CONTROL_REQUESTED;
308 if (nfc_cb.flags & NFC_FL_DISCOVER_PENDING)
309 {
310 if (nfc_cb.p_hal->prediscover ())
311 {
312 /* HAL has the command window now */
313 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
314 nfc_cb.nci_cmd_window = 0;
315 }
316 else
317 {
318 /* HAL does not need to send command,
319 * - restore the command window and issue the discovery command now */
320 nfc_cb.flags &= ~NFC_FL_DISCOVER_PENDING;
321 ps = (UINT8 *)nfc_cb.p_disc_pending;
322 nci_snd_discover_cmd (*ps, (tNFC_DISCOVER_PARAMS *)(ps + 1));
323 GKI_freebuf (nfc_cb.p_disc_pending);
324 nfc_cb.p_disc_pending = NULL;
325 }
326 }
327 else if (nfc_cb.flags & NFC_FL_HAL_REQUESTED)
328 {
329 /* grant the control to HAL */
330 nfc_cb.flags &= ~NFC_FL_HAL_REQUESTED;
331 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
332 nfc_cb.nci_cmd_window = 0;
333 nfc_cb.p_hal->control_granted ();
334 }
335 }
336 }
337 }
338
339
340 /*******************************************************************************
341 **
342 ** Function nfc_ncif_send_cmd
343 **
344 ** Description Send NCI command to the NCIT task
345 **
346 ** Returns void
347 **
348 *******************************************************************************/
nfc_ncif_send_cmd(BT_HDR * p_buf)349 void nfc_ncif_send_cmd (BT_HDR *p_buf)
350 {
351 /* post the p_buf to NCIT task */
352 p_buf->event = BT_EVT_TO_NFC_NCI;
353 p_buf->layer_specific = 0;
354 nfc_ncif_check_cmd_queue (p_buf);
355 }
356
357
358 /*******************************************************************************
359 **
360 ** Function nfc_ncif_process_event
361 **
362 ** Description This function is called to process the data/response/notification
363 ** from NFCC
364 **
365 ** Returns TRUE if need to free buffer
366 **
367 *******************************************************************************/
nfc_ncif_process_event(BT_HDR * p_msg)368 BOOLEAN nfc_ncif_process_event (BT_HDR *p_msg)
369 {
370 UINT8 mt, pbf, gid, *p, *pp;
371 BOOLEAN free = TRUE;
372 UINT8 oid;
373 UINT8 *p_old, old_gid, old_oid, old_mt;
374
375 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
376
377 pp = p;
378 NCI_MSG_PRS_HDR0 (pp, mt, pbf, gid);
379
380 switch (mt)
381 {
382 case NCI_MT_DATA:
383 NFC_TRACE_DEBUG0 ("NFC received data");
384 nfc_ncif_proc_data (p_msg);
385 free = FALSE;
386 break;
387
388 case NCI_MT_RSP:
389 NFC_TRACE_DEBUG1 ("NFC received rsp gid:%d", gid);
390 oid = ((*pp) & NCI_OID_MASK);
391 p_old = nfc_cb.last_hdr;
392 NCI_MSG_PRS_HDR0(p_old, old_mt, pbf, old_gid);
393 old_oid = ((*p_old) & NCI_OID_MASK);
394 /* make sure this is the RSP we are waiting for before updating the command window */
395 if ((old_gid != gid) || (old_oid != oid))
396 {
397 NFC_TRACE_ERROR2 ("nfc_ncif_process_event unexpected rsp: gid:0x%x, oid:0x%x", gid, oid);
398 return TRUE;
399 }
400
401 switch (gid)
402 {
403 case NCI_GID_CORE: /* 0000b NCI Core group */
404 free = nci_proc_core_rsp (p_msg);
405 break;
406 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
407 nci_proc_rf_management_rsp (p_msg);
408 break;
409 #if (NFC_NFCEE_INCLUDED == TRUE)
410 #if (NFC_RW_ONLY == FALSE)
411 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
412 nci_proc_ee_management_rsp (p_msg);
413 break;
414 #endif
415 #endif
416 case NCI_GID_PROP: /* 1111b Proprietary */
417 nci_proc_prop_rsp (p_msg);
418 break;
419 default:
420 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
421 break;
422 }
423
424 nfc_ncif_update_window ();
425 break;
426
427 case NCI_MT_NTF:
428 NFC_TRACE_DEBUG1 ("NFC received ntf gid:%d", gid);
429 switch (gid)
430 {
431 case NCI_GID_CORE: /* 0000b NCI Core group */
432 nci_proc_core_ntf (p_msg);
433 break;
434 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
435 nci_proc_rf_management_ntf (p_msg);
436 break;
437 #if (NFC_NFCEE_INCLUDED == TRUE)
438 #if (NFC_RW_ONLY == FALSE)
439 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
440 nci_proc_ee_management_ntf (p_msg);
441 break;
442 #endif
443 #endif
444 case NCI_GID_PROP: /* 1111b Proprietary */
445 nci_proc_prop_ntf (p_msg);
446 break;
447 default:
448 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
449 break;
450 }
451 break;
452
453 default:
454 NFC_TRACE_DEBUG2 ("NFC received unknown mt:0x%x, gid:%d", mt, gid);
455 }
456
457 return (free);
458 }
459
460 /*******************************************************************************
461 **
462 ** Function nfc_ncif_rf_management_status
463 **
464 ** Description This function is called to report an event
465 **
466 ** Returns void
467 **
468 *******************************************************************************/
nfc_ncif_rf_management_status(tNFC_DISCOVER_EVT event,UINT8 status)469 void nfc_ncif_rf_management_status (tNFC_DISCOVER_EVT event, UINT8 status)
470 {
471 tNFC_DISCOVER evt_data;
472 if (nfc_cb.p_discv_cback)
473 {
474 evt_data.status = (tNFC_STATUS) status;
475 (*nfc_cb.p_discv_cback) (event, &evt_data);
476 }
477 }
478
479 /*******************************************************************************
480 **
481 ** Function nfc_ncif_set_config_status
482 **
483 ** Description This function is called to report NFC_SET_CONFIG_REVT
484 **
485 ** Returns void
486 **
487 *******************************************************************************/
nfc_ncif_set_config_status(UINT8 * p,UINT8 len)488 void nfc_ncif_set_config_status (UINT8 *p, UINT8 len)
489 {
490 tNFC_RESPONSE evt_data;
491 if (nfc_cb.p_resp_cback)
492 {
493 evt_data.set_config.status = (tNFC_STATUS) *p++;
494 evt_data.set_config.num_param_id = NFC_STATUS_OK;
495 if (evt_data.set_config.status != NFC_STATUS_OK)
496 {
497 evt_data.set_config.num_param_id = *p++;
498 STREAM_TO_ARRAY (evt_data.set_config.param_ids, p, evt_data.set_config.num_param_id);
499 }
500
501 (*nfc_cb.p_resp_cback) (NFC_SET_CONFIG_REVT, &evt_data);
502 }
503 }
504
505 /*******************************************************************************
506 **
507 ** Function nfc_ncif_event_status
508 **
509 ** Description This function is called to report an event
510 **
511 ** Returns void
512 **
513 *******************************************************************************/
nfc_ncif_event_status(tNFC_RESPONSE_EVT event,UINT8 status)514 void nfc_ncif_event_status (tNFC_RESPONSE_EVT event, UINT8 status)
515 {
516 tNFC_RESPONSE evt_data;
517 if (nfc_cb.p_resp_cback)
518 {
519 evt_data.status = (tNFC_STATUS) status;
520 (*nfc_cb.p_resp_cback) (event, &evt_data);
521 }
522 }
523
524 /*******************************************************************************
525 **
526 ** Function nfc_ncif_error_status
527 **
528 ** Description This function is called to report an error event to data cback
529 **
530 ** Returns void
531 **
532 *******************************************************************************/
nfc_ncif_error_status(UINT8 conn_id,UINT8 status)533 void nfc_ncif_error_status (UINT8 conn_id, UINT8 status)
534 {
535 tNFC_CONN_CB * p_cb;
536 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
537 if (p_cb && p_cb->p_cback)
538 {
539 (*p_cb->p_cback) (conn_id, NFC_ERROR_CEVT, (tNFC_CONN *) &status);
540 }
541 }
542
543 /*******************************************************************************
544 **
545 ** Function nfc_ncif_proc_rf_field_ntf
546 **
547 ** Description This function is called to process RF field notification
548 **
549 ** Returns void
550 **
551 *******************************************************************************/
552 #if (NFC_RW_ONLY == FALSE)
nfc_ncif_proc_rf_field_ntf(UINT8 rf_status)553 void nfc_ncif_proc_rf_field_ntf (UINT8 rf_status)
554 {
555 tNFC_RESPONSE evt_data;
556 if (nfc_cb.p_resp_cback)
557 {
558 evt_data.status = (tNFC_STATUS) NFC_STATUS_OK;
559 evt_data.rf_field.rf_field = rf_status;
560 (*nfc_cb.p_resp_cback) (NFC_RF_FIELD_REVT, &evt_data);
561 }
562 }
563 #endif
564
565 /*******************************************************************************
566 **
567 ** Function nfc_ncif_proc_credits
568 **
569 ** Description This function is called to process data credits
570 **
571 ** Returns void
572 **
573 *******************************************************************************/
nfc_ncif_proc_credits(UINT8 * p,UINT16 plen)574 void nfc_ncif_proc_credits(UINT8 *p, UINT16 plen)
575 {
576 UINT8 num, xx;
577 tNFC_CONN_CB * p_cb;
578
579 num = *p++;
580 for (xx = 0; xx < num; xx++)
581 {
582 p_cb = nfc_find_conn_cb_by_conn_id(*p++);
583 if (p_cb && p_cb->num_buff != NFC_CONN_NO_FC)
584 {
585 p_cb->num_buff += (*p);
586 #if (BT_USE_TRACES == TRUE)
587 if (p_cb->num_buff > p_cb->init_credits)
588 {
589 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
590 {
591 /* if this happens in activated state, it's very likely that our NFCC has issues */
592 /* However, credit may be returned after deactivation */
593 NFC_TRACE_ERROR2( "num_buff:0x%x, init_credits:0x%x", p_cb->num_buff, p_cb->init_credits);
594 }
595 p_cb->num_buff = p_cb->init_credits;
596 }
597 #endif
598 /* check if there's nay data in tx q to be sent */
599 nfc_ncif_send_data (p_cb, NULL);
600 }
601 p++;
602 }
603 }
604 /*******************************************************************************
605 **
606 ** Function nfc_ncif_decode_rf_params
607 **
608 ** Description This function is called to process the detected technology
609 ** and mode and the associated parameters for DISCOVER_NTF and
610 ** ACTIVATE_NTF
611 **
612 ** Returns void
613 **
614 *******************************************************************************/
nfc_ncif_decode_rf_params(tNFC_RF_TECH_PARAMS * p_param,UINT8 * p)615 UINT8 * nfc_ncif_decode_rf_params (tNFC_RF_TECH_PARAMS *p_param, UINT8 *p)
616 {
617 tNFC_RF_PA_PARAMS *p_pa;
618 UINT8 len, *p_start, u8;
619 tNFC_RF_PB_PARAMS *p_pb;
620 tNFC_RF_LF_PARAMS *p_lf;
621 tNFC_RF_PF_PARAMS *p_pf;
622 tNFC_RF_PISO15693_PARAMS *p_i93;
623
624 len = *p++;
625 p_start = p;
626 memset ( &p_param->param, 0, sizeof (tNFC_RF_TECH_PARAMU));
627 switch (p_param->mode)
628 {
629 case NCI_DISCOVERY_TYPE_POLL_A:
630 case NCI_DISCOVERY_TYPE_POLL_A_ACTIVE:
631 p_pa = &p_param->param.pa;
632 /*
633 SENS_RES Response 2 bytes Defined in [DIGPROT] Available after Technology Detection
634 NFCID1 length 1 byte Length of NFCID1 Available after Collision Resolution
635 NFCID1 4, 7, or 10 bytes Defined in [DIGPROT]Available after Collision Resolution
636 SEL_RES Response 1 byte Defined in [DIGPROT]Available after Collision Resolution
637 HRx Length 1 Octets Length of HRx Parameters collected from the response to the T1T RID command.
638 HRx 0 or 2 Octets If present, the first byte SHALL contain HR0 and the second byte SHALL contain HR1 as defined in [DIGITAL].
639 */
640 STREAM_TO_ARRAY (p_pa->sens_res, p, 2);
641 p_pa->nfcid1_len = *p++;
642 if (p_pa->nfcid1_len > NCI_NFCID1_MAX_LEN)
643 p_pa->nfcid1_len = NCI_NFCID1_MAX_LEN;
644 STREAM_TO_ARRAY (p_pa->nfcid1, p, p_pa->nfcid1_len);
645 u8 = *p++;
646 if (u8)
647 p_pa->sel_rsp = *p++;
648 if (len == (7 + p_pa->nfcid1_len + u8)) /* 2(sens_res) + 1(len) + p_pa->nfcid1_len + 1(len) + u8 + hr (1:len + 2) */
649 {
650 p_pa->hr_len = *p++;
651 if (p_pa->hr_len == NCI_T1T_HR_LEN)
652 {
653 p_pa->hr[0] = *p++;
654 p_pa->hr[1] = *p;
655 }
656 }
657 break;
658
659 case NCI_DISCOVERY_TYPE_POLL_B:
660 /*
661 SENSB_RES Response length (n) 1 byte Length of SENSB_RES Response (Byte 2 - Byte 12 or 13)Available after Technology Detection
662 SENSB_RES Response Byte 2 - Byte 12 or 13 11 or 12 bytes Defined in [DIGPROT] Available after Technology Detection
663 */
664 p_pb = &p_param->param.pb;
665 p_pb->sensb_res_len = *p++;
666 if (p_pb->sensb_res_len > NCI_MAX_SENSB_RES_LEN)
667 p_pb->sensb_res_len = NCI_MAX_SENSB_RES_LEN;
668 STREAM_TO_ARRAY (p_pb->sensb_res, p, p_pb->sensb_res_len);
669 memcpy (p_pb->nfcid0, p_pb->sensb_res, NFC_NFCID0_MAX_LEN);
670 break;
671
672 case NCI_DISCOVERY_TYPE_POLL_F:
673 case NCI_DISCOVERY_TYPE_POLL_F_ACTIVE:
674 /*
675 Bit Rate 1 byte 1 212 kbps/2 424 kbps/0 and 3 to 255 RFU
676 SENSF_RES Response length.(n) 1 byte Length of SENSF_RES (Byte 2 - Byte 17 or 19).Available after Technology Detection
677 SENSF_RES Response Byte 2 - Byte 17 or 19 n bytes Defined in [DIGPROT] Available after Technology Detection
678 */
679 p_pf = &p_param->param.pf;
680 p_pf->bit_rate = *p++;
681 p_pf->sensf_res_len = *p++;
682 if (p_pf->sensf_res_len > NCI_MAX_SENSF_RES_LEN)
683 p_pf->sensf_res_len = NCI_MAX_SENSF_RES_LEN;
684 STREAM_TO_ARRAY (p_pf->sensf_res, p, p_pf->sensf_res_len);
685 memcpy (p_pf->nfcid2, p_pf->sensf_res, NCI_NFCID2_LEN);
686 p_pf->mrti_check = p_pf->sensf_res[NCI_MRTI_CHECK_INDEX];
687 p_pf->mrti_update = p_pf->sensf_res[NCI_MRTI_UPDATE_INDEX];
688 break;
689
690 case NCI_DISCOVERY_TYPE_LISTEN_F:
691 case NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE:
692 p_lf = &p_param->param.lf;
693 u8 = *p++;
694 if (u8)
695 {
696 STREAM_TO_ARRAY (p_lf->nfcid2, p, NCI_NFCID2_LEN);
697 }
698 break;
699
700 case NCI_DISCOVERY_TYPE_POLL_ISO15693:
701 p_i93 = &p_param->param.pi93;
702 p_i93->flag = *p++;
703 p_i93->dsfid = *p++;
704 STREAM_TO_ARRAY (p_i93->uid, p, NFC_ISO15693_UID_LEN);
705 break;
706
707 case NCI_DISCOVERY_TYPE_POLL_KOVIO:
708 p_param->param.pk.uid_len = *p++;
709 if (p_param->param.pk.uid_len > NFC_KOVIO_MAX_LEN)
710 {
711 NFC_TRACE_ERROR2( "Kovio UID len:0x%x exceeds max(0x%x)", p_param->param.pk.uid_len, NFC_KOVIO_MAX_LEN);
712 p_param->param.pk.uid_len = NFC_KOVIO_MAX_LEN;
713 }
714 STREAM_TO_ARRAY (p_param->param.pk.uid, p, p_param->param.pk.uid_len);
715 break;
716 }
717
718 return (p_start + len);
719 }
720
721 /*******************************************************************************
722 **
723 ** Function nfc_ncif_proc_discover_ntf
724 **
725 ** Description This function is called to process discover notification
726 **
727 ** Returns void
728 **
729 *******************************************************************************/
nfc_ncif_proc_discover_ntf(UINT8 * p,UINT16 plen)730 void nfc_ncif_proc_discover_ntf (UINT8 *p, UINT16 plen)
731 {
732 tNFC_DISCOVER evt_data;
733
734 if (nfc_cb.p_discv_cback)
735 {
736 p += NCI_MSG_HDR_SIZE;
737 evt_data.status = NCI_STATUS_OK;
738 evt_data.result.rf_disc_id = *p++;
739 evt_data.result.protocol = *p++;
740
741 /* fill in tNFC_RESULT_DEVT */
742 evt_data.result.rf_tech_param.mode = *p++;
743 p = nfc_ncif_decode_rf_params (&evt_data.result.rf_tech_param, p);
744
745 evt_data.result.more = *p++;
746 (*nfc_cb.p_discv_cback) (NFC_RESULT_DEVT, &evt_data);
747 }
748 }
749
750 /*******************************************************************************
751 **
752 ** Function nfc_ncif_proc_activate
753 **
754 ** Description This function is called to process de-activate
755 ** response and notification
756 **
757 ** Returns void
758 **
759 *******************************************************************************/
nfc_ncif_proc_activate(UINT8 * p,UINT8 len)760 void nfc_ncif_proc_activate (UINT8 *p, UINT8 len)
761 {
762 tNFC_DISCOVER evt_data;
763 tNFC_INTF_PARAMS *p_intf = &evt_data.activate.intf_param;
764 tNFC_INTF_PA_ISO_DEP *p_pa_iso;
765 tNFC_INTF_LB_ISO_DEP *p_lb_iso;
766 tNFC_INTF_PB_ISO_DEP *p_pb_iso;
767 #if (NFC_RW_ONLY == FALSE)
768 tNFC_INTF_PA_NFC_DEP *p_pa_nfc;
769 int mpl_idx = 0;
770 UINT8 gb_idx = 0, mpl;
771 #endif
772 UINT8 t0;
773 tNCI_DISCOVERY_TYPE mode;
774 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
775 UINT8 *pp, len_act;
776 UINT8 buff_size, num_buff;
777 tNFC_RF_PA_PARAMS *p_pa;
778
779 nfc_set_state (NFC_STATE_OPEN);
780
781 memset (p_intf, 0, sizeof (tNFC_INTF_PARAMS));
782 evt_data.activate.rf_disc_id = *p++;
783 p_intf->type = *p++;
784 evt_data.activate.protocol = *p++;
785
786 if (evt_data.activate.protocol == NCI_PROTOCOL_18092_ACTIVE)
787 evt_data.activate.protocol = NCI_PROTOCOL_NFC_DEP;
788
789 evt_data.activate.rf_tech_param.mode = *p++;
790 buff_size = *p++;
791 num_buff = *p++;
792 /* fill in tNFC_activate_DEVT */
793 p = nfc_ncif_decode_rf_params (&evt_data.activate.rf_tech_param, p);
794
795 evt_data.activate.data_mode = *p++;
796 evt_data.activate.tx_bitrate = *p++;
797 evt_data.activate.rx_bitrate = *p++;
798 mode = evt_data.activate.rf_tech_param.mode;
799 len_act = *p++;
800 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_activate:%d %d, mode:0x%02x", len, len_act, mode);
801 /* just in case the interface reports activation parameters not defined in the NCI spec */
802 p_intf->intf_param.frame.param_len = len_act;
803 if (p_intf->intf_param.frame.param_len > NFC_MAX_RAW_PARAMS)
804 p_intf->intf_param.frame.param_len = NFC_MAX_RAW_PARAMS;
805 pp = p;
806 STREAM_TO_ARRAY (p_intf->intf_param.frame.param, pp, p_intf->intf_param.frame.param_len);
807 if (evt_data.activate.intf_param.type == NCI_INTERFACE_ISO_DEP)
808 {
809 /* Make max payload of NCI aligned to max payload of ISO-DEP for better performance */
810 if (buff_size > NCI_ISO_DEP_MAX_INFO)
811 buff_size = NCI_ISO_DEP_MAX_INFO;
812
813 switch (mode)
814 {
815 case NCI_DISCOVERY_TYPE_POLL_A:
816 p_pa_iso = &p_intf->intf_param.pa_iso;
817 p_pa_iso->ats_res_len = *p++;
818
819 if (p_pa_iso->ats_res_len == 0)
820 break;
821
822 if (p_pa_iso->ats_res_len > NFC_MAX_ATS_LEN)
823 p_pa_iso->ats_res_len = NFC_MAX_ATS_LEN;
824 STREAM_TO_ARRAY (p_pa_iso->ats_res, p, p_pa_iso->ats_res_len);
825 pp = &p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
826 t0 = p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
827 pp++; /* T0 */
828 if (t0 & NCI_ATS_TA_MASK)
829 pp++; /* TA */
830 if (t0 & NCI_ATS_TB_MASK)
831 {
832 /* FWI (Frame Waiting time Integer) & SPGI (Start-up Frame Guard time Integer) */
833 p_pa_iso->fwi = (((*pp) >> 4) & 0x0F);
834 p_pa_iso->sfgi = ((*pp) & 0x0F);
835 pp++; /* TB */
836 }
837 if (t0 & NCI_ATS_TC_MASK)
838 {
839 p_pa_iso->nad_used = ((*pp) & 0x01);
840 pp++; /* TC */
841 }
842 p_pa_iso->his_byte_len = (UINT8) (p_pa_iso->ats_res_len - (pp - p_pa_iso->ats_res));
843 memcpy (p_pa_iso->his_byte, pp, p_pa_iso->his_byte_len);
844 break;
845
846 case NCI_DISCOVERY_TYPE_LISTEN_A:
847 p_intf->intf_param.la_iso.rats = *p++;
848 break;
849
850 case NCI_DISCOVERY_TYPE_POLL_B:
851 /* ATTRIB RSP
852 Byte 1 Byte 2 ~ 2+n-1
853 MBLI/DID Higher layer - Response
854 */
855 p_pb_iso = &p_intf->intf_param.pb_iso;
856 p_pb_iso->attrib_res_len = *p++;
857
858 if (p_pb_iso->attrib_res_len == 0)
859 break;
860
861 if (p_pb_iso->attrib_res_len > NFC_MAX_ATTRIB_LEN)
862 p_pb_iso->attrib_res_len = NFC_MAX_ATTRIB_LEN;
863 STREAM_TO_ARRAY (p_pb_iso->attrib_res, p, p_pb_iso->attrib_res_len);
864 p_pb_iso->mbli = (p_pb_iso->attrib_res[0]) >> 4;
865 if (p_pb_iso->attrib_res_len > NFC_PB_ATTRIB_REQ_FIXED_BYTES)
866 {
867 p_pb_iso->hi_info_len = p_pb_iso->attrib_res_len - NFC_PB_ATTRIB_REQ_FIXED_BYTES;
868 if (p_pb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
869 p_pb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
870 memcpy (p_pb_iso->hi_info, &p_pb_iso->attrib_res[NFC_PB_ATTRIB_REQ_FIXED_BYTES], p_pb_iso->hi_info_len);
871 }
872 break;
873
874 case NCI_DISCOVERY_TYPE_LISTEN_B:
875 /* ATTRIB CMD
876 Byte 2~5 Byte 6 Byte 7 Byte 8 Byte 9 Byte 10 ~ 10+k-1
877 NFCID0 Param 1 Param 2 Param 3 Param 4 Higher layer - INF
878 */
879 p_lb_iso = &p_intf->intf_param.lb_iso;
880 p_lb_iso->attrib_req_len = *p++;
881
882 if (p_lb_iso->attrib_req_len == 0)
883 break;
884
885 if (p_lb_iso->attrib_req_len > NFC_MAX_ATTRIB_LEN)
886 p_lb_iso->attrib_req_len = NFC_MAX_ATTRIB_LEN;
887 STREAM_TO_ARRAY (p_lb_iso->attrib_req, p, p_lb_iso->attrib_req_len);
888 memcpy (p_lb_iso->nfcid0, p_lb_iso->attrib_req, NFC_NFCID0_MAX_LEN);
889 if (p_lb_iso->attrib_req_len > NFC_LB_ATTRIB_REQ_FIXED_BYTES)
890 {
891 p_lb_iso->hi_info_len = p_lb_iso->attrib_req_len - NFC_LB_ATTRIB_REQ_FIXED_BYTES;
892 if (p_lb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
893 p_lb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
894 memcpy (p_lb_iso->hi_info, &p_lb_iso->attrib_req[NFC_LB_ATTRIB_REQ_FIXED_BYTES], p_lb_iso->hi_info_len);
895 }
896 break;
897 }
898
899 }
900 #if (NFC_RW_ONLY == FALSE)
901 else if (evt_data.activate.intf_param.type == NCI_INTERFACE_NFC_DEP)
902 {
903 /* Make max payload of NCI aligned to max payload of NFC-DEP for better performance */
904 if (buff_size > NCI_NFC_DEP_MAX_DATA)
905 buff_size = NCI_NFC_DEP_MAX_DATA;
906
907 p_pa_nfc = &p_intf->intf_param.pa_nfc;
908 p_pa_nfc->atr_res_len = *p++;
909
910 if (p_pa_nfc->atr_res_len > 0)
911 {
912 if (p_pa_nfc->atr_res_len > NFC_MAX_ATS_LEN)
913 p_pa_nfc->atr_res_len = NFC_MAX_ATS_LEN;
914 STREAM_TO_ARRAY (p_pa_nfc->atr_res, p, p_pa_nfc->atr_res_len);
915 if ( (mode == NCI_DISCOVERY_TYPE_POLL_A)
916 ||(mode == NCI_DISCOVERY_TYPE_POLL_F)
917 ||(mode == NCI_DISCOVERY_TYPE_POLL_A_ACTIVE)
918 ||(mode == NCI_DISCOVERY_TYPE_POLL_F_ACTIVE) )
919 {
920 /* ATR_RES
921 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17 Byte 18~18+n
922 NFCID3T DIDT BST BRT TO PPT [GT0 ... GTn] */
923 mpl_idx = 14;
924 gb_idx = NCI_P_GEN_BYTE_INDEX;
925 p_pa_nfc->waiting_time = p_pa_nfc->atr_res[NCI_L_NFC_DEP_TO_INDEX] & 0x0F;
926 }
927 else if ( (mode == NCI_DISCOVERY_TYPE_LISTEN_A)
928 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F)
929 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_A_ACTIVE)
930 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE) )
931 {
932 /* ATR_REQ
933 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17~17+n
934 NFCID3I DIDI BSI BRI PPI [GI0 ... GIn] */
935 mpl_idx = 13;
936 gb_idx = NCI_L_GEN_BYTE_INDEX;
937 }
938
939 mpl = ((p_pa_nfc->atr_res[mpl_idx]) >> 4) & 0x03;
940 p_pa_nfc->max_payload_size = nfc_mpl_code_to_size[mpl];
941 if (p_pa_nfc->atr_res_len > gb_idx)
942 {
943 p_pa_nfc->gen_bytes_len = p_pa_nfc->atr_res_len - gb_idx;
944 if (p_pa_nfc->gen_bytes_len > NFC_MAX_GEN_BYTES_LEN)
945 p_pa_nfc->gen_bytes_len = NFC_MAX_GEN_BYTES_LEN;
946 memcpy (p_pa_nfc->gen_bytes, &p_pa_nfc->atr_res[gb_idx], p_pa_nfc->gen_bytes_len);
947 }
948 }
949 }
950 #endif
951 else if ((evt_data.activate.intf_param.type == NCI_INTERFACE_FRAME) && (evt_data.activate.protocol == NCI_PROTOCOL_T1T) )
952 {
953 p_pa = &evt_data.activate.rf_tech_param.param.pa;
954 if ((len_act == NCI_T1T_HR_LEN) && (p_pa->hr_len == 0))
955 {
956 p_pa->hr_len = NCI_T1T_HR_LEN;
957 p_pa->hr[0] = *p++;
958 p_pa->hr[1] = *p++;
959 }
960 }
961
962 p_cb->act_protocol = evt_data.activate.protocol;
963 p_cb->buff_size = buff_size;
964 p_cb->num_buff = num_buff;
965 p_cb->init_credits = num_buff;
966
967 if (nfc_cb.p_discv_cback)
968 {
969 (*nfc_cb.p_discv_cback) (NFC_ACTIVATE_DEVT, &evt_data);
970 }
971 }
972
973 /*******************************************************************************
974 **
975 ** Function nfc_ncif_proc_deactivate
976 **
977 ** Description This function is called to process de-activate
978 ** response and notification
979 **
980 ** Returns void
981 **
982 *******************************************************************************/
nfc_ncif_proc_deactivate(UINT8 status,UINT8 deact_type,BOOLEAN is_ntf)983 void nfc_ncif_proc_deactivate (UINT8 status, UINT8 deact_type, BOOLEAN is_ntf)
984 {
985 tNFC_DISCOVER evt_data;
986 tNFC_DEACTIVATE_DEVT *p_deact;
987 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
988 void *p_data;
989
990 nfc_set_state (NFC_STATE_IDLE);
991 p_deact = &evt_data.deactivate;
992 p_deact->status = status;
993 p_deact->type = deact_type;
994 p_deact->is_ntf = is_ntf;
995
996 while ((p_data = GKI_dequeue (&p_cb->rx_q)) != NULL)
997 {
998 GKI_freebuf (p_data);
999 }
1000
1001 while ((p_data = GKI_dequeue (&p_cb->tx_q)) != NULL)
1002 {
1003 GKI_freebuf (p_data);
1004 }
1005
1006 if (p_cb->p_cback)
1007 (*p_cb->p_cback) (NFC_RF_CONN_ID, NFC_DEACTIVATE_CEVT, (tNFC_CONN *) p_deact);
1008
1009 if (nfc_cb.p_discv_cback)
1010 {
1011 (*nfc_cb.p_discv_cback) (NFC_DEACTIVATE_DEVT, &evt_data);
1012 }
1013 }
1014 /*******************************************************************************
1015 **
1016 ** Function nfc_ncif_proc_ee_action
1017 **
1018 ** Description This function is called to process NFCEE ACTION NTF
1019 **
1020 ** Returns void
1021 **
1022 *******************************************************************************/
1023 #if ((NFC_NFCEE_INCLUDED == TRUE) && (NFC_RW_ONLY == FALSE))
nfc_ncif_proc_ee_action(UINT8 * p,UINT16 plen)1024 void nfc_ncif_proc_ee_action (UINT8 *p, UINT16 plen)
1025 {
1026 tNFC_EE_ACTION_REVT evt_data;
1027 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1028 UINT8 data_len, ulen, tag, *p_data;
1029 UINT8 max_len;
1030
1031 if (p_cback)
1032 {
1033 memset (&evt_data.act_data, 0, sizeof (tNFC_ACTION_DATA));
1034 evt_data.status = NFC_STATUS_OK;
1035 evt_data.nfcee_id = *p++;
1036 evt_data.act_data.trigger = *p++;
1037 data_len = *p++;
1038 if (plen >= 3)
1039 plen -= 3;
1040 if (data_len > plen)
1041 data_len = (UINT8) plen;
1042
1043 switch (evt_data.act_data.trigger)
1044 {
1045 case NCI_EE_TRIG_7816_SELECT:
1046 if (data_len > NFC_MAX_AID_LEN)
1047 data_len = NFC_MAX_AID_LEN;
1048 evt_data.act_data.param.aid.len_aid = data_len;
1049 STREAM_TO_ARRAY (evt_data.act_data.param.aid.aid, p, data_len);
1050 break;
1051 case NCI_EE_TRIG_RF_PROTOCOL:
1052 evt_data.act_data.param.protocol = *p++;
1053 break;
1054 case NCI_EE_TRIG_RF_TECHNOLOGY:
1055 evt_data.act_data.param.technology = *p++;
1056 break;
1057 case NCI_EE_TRIG_APP_INIT:
1058 while (data_len > NFC_TL_SIZE)
1059 {
1060 data_len -= NFC_TL_SIZE;
1061 tag = *p++;
1062 ulen = *p++;
1063 if (ulen > data_len)
1064 ulen = data_len;
1065 p_data = NULL;
1066 max_len = ulen;
1067 switch (tag)
1068 {
1069 case NCI_EE_ACT_TAG_AID: /* AID */
1070 if (max_len > NFC_MAX_AID_LEN)
1071 max_len = NFC_MAX_AID_LEN;
1072 evt_data.act_data.param.app_init.len_aid = max_len;
1073 p_data = evt_data.act_data.param.app_init.aid;
1074 break;
1075 case NCI_EE_ACT_TAG_DATA: /* hex data for app */
1076 if (max_len > NFC_MAX_APP_DATA_LEN)
1077 max_len = NFC_MAX_APP_DATA_LEN;
1078 evt_data.act_data.param.app_init.len_data = max_len;
1079 p_data = evt_data.act_data.param.app_init.data;
1080 break;
1081 }
1082 if (p_data)
1083 {
1084 STREAM_TO_ARRAY (p_data, p, max_len);
1085 }
1086 data_len -= ulen;
1087 }
1088 break;
1089 }
1090 (*p_cback) (NFC_EE_ACTION_REVT, (tNFC_RESPONSE *) &evt_data);
1091 }
1092 }
1093
1094 /*******************************************************************************
1095 **
1096 ** Function nfc_ncif_proc_ee_discover_req
1097 **
1098 ** Description This function is called to process NFCEE DISCOVER REQ NTF
1099 **
1100 ** Returns void
1101 **
1102 *******************************************************************************/
nfc_ncif_proc_ee_discover_req(UINT8 * p,UINT16 plen)1103 void nfc_ncif_proc_ee_discover_req (UINT8 *p, UINT16 plen)
1104 {
1105 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1106 tNFC_EE_DISCOVER_REQ_REVT ee_disc_req;
1107 tNFC_EE_DISCOVER_INFO *p_info;
1108 UINT8 u8;
1109
1110 NFC_TRACE_DEBUG2 ("nfc_ncif_proc_ee_discover_req %d len:%d", *p, plen);
1111 if (p_cback)
1112 {
1113 u8 = *p;
1114 ee_disc_req.status = NFC_STATUS_OK;
1115 ee_disc_req.num_info = *p++;
1116 p_info = ee_disc_req.info;
1117 if (plen)
1118 plen--;
1119 while ((u8 > 0) && (plen >= NFC_EE_DISCOVER_ENTRY_LEN))
1120 {
1121 p_info->op = *p++; /* T */
1122 if (*p != NFC_EE_DISCOVER_INFO_LEN)/* L */
1123 {
1124 NFC_TRACE_DEBUG1 ("bad entry len:%d", *p );
1125 return;
1126 }
1127 p++;
1128 /* V */
1129 p_info->nfcee_id = *p++;
1130 p_info->tech_n_mode = *p++;
1131 p_info->protocol = *p++;
1132 u8--;
1133 plen -=NFC_EE_DISCOVER_ENTRY_LEN;
1134 p_info++;
1135 }
1136 (*p_cback) (NFC_EE_DISCOVER_REQ_REVT, (tNFC_RESPONSE *) &ee_disc_req);
1137 }
1138
1139 }
1140
1141 /*******************************************************************************
1142 **
1143 ** Function nfc_ncif_proc_get_routing
1144 **
1145 ** Description This function is called to process get routing notification
1146 **
1147 ** Returns void
1148 **
1149 *******************************************************************************/
nfc_ncif_proc_get_routing(UINT8 * p,UINT8 len)1150 void nfc_ncif_proc_get_routing (UINT8 *p, UINT8 len)
1151 {
1152 tNFC_GET_ROUTING_REVT evt_data;
1153 UINT8 more, num_entries, xx, yy, *pn, tl;
1154 tNFC_STATUS status = NFC_STATUS_CONTINUE;
1155
1156 if (nfc_cb.p_resp_cback)
1157 {
1158 more = *p++;
1159 num_entries = *p++;
1160 for (xx = 0; xx < num_entries; xx++)
1161 {
1162 if ((more == FALSE) && (xx == (num_entries - 1)))
1163 status = NFC_STATUS_OK;
1164 evt_data.status = (tNFC_STATUS) status;
1165 evt_data.nfcee_id = *p++;
1166 evt_data.num_tlvs = *p++;
1167 evt_data.tlv_size = 0;
1168 pn = evt_data.param_tlvs;
1169 for (yy = 0; yy < evt_data.num_tlvs; yy++)
1170 {
1171 tl = *(p+1);
1172 tl += NFC_TL_SIZE;
1173 STREAM_TO_ARRAY (pn, p, tl);
1174 evt_data.tlv_size += tl;
1175 pn += tl;
1176 }
1177 (*nfc_cb.p_resp_cback) (NFC_GET_ROUTING_REVT, (tNFC_RESPONSE *) &evt_data);
1178 }
1179 }
1180 }
1181 #endif
1182
1183 /*******************************************************************************
1184 **
1185 ** Function nfc_ncif_proc_conn_create_rsp
1186 **
1187 ** Description This function is called to process connection create
1188 ** response
1189 **
1190 ** Returns void
1191 **
1192 *******************************************************************************/
nfc_ncif_proc_conn_create_rsp(UINT8 * p,UINT16 plen,UINT8 dest_type)1193 void nfc_ncif_proc_conn_create_rsp (UINT8 *p, UINT16 plen, UINT8 dest_type)
1194 {
1195 tNFC_CONN_CB * p_cb;
1196 tNFC_STATUS status;
1197 tNFC_CONN_CBACK *p_cback;
1198 tNFC_CONN evt_data;
1199 UINT8 conn_id;
1200
1201 /* find the pending connection control block */
1202 p_cb = nfc_find_conn_cb_by_conn_id (NFC_PEND_CONN_ID);
1203 if (p_cb)
1204 {
1205 p += NCI_MSG_HDR_SIZE;
1206 status = *p++;
1207 p_cb->buff_size = *p++;
1208 p_cb->num_buff = p_cb->init_credits = *p++;
1209 conn_id = *p++;
1210 evt_data.conn_create.status = status;
1211 evt_data.conn_create.dest_type = dest_type;
1212 evt_data.conn_create.id = p_cb->id;
1213 evt_data.conn_create.buff_size = p_cb->buff_size;
1214 evt_data.conn_create.num_buffs = p_cb->num_buff;
1215 p_cback = p_cb->p_cback;
1216 if (status == NCI_STATUS_OK)
1217 {
1218 nfc_set_conn_id (p_cb, conn_id);
1219 }
1220 else
1221 {
1222 nfc_free_conn_cb (p_cb);
1223 }
1224
1225
1226 if (p_cback)
1227 (*p_cback) (conn_id, NFC_CONN_CREATE_CEVT, &evt_data);
1228 }
1229 }
1230
1231 /*******************************************************************************
1232 **
1233 ** Function nfc_ncif_report_conn_close_evt
1234 **
1235 ** Description This function is called to report connection close event
1236 **
1237 ** Returns void
1238 **
1239 *******************************************************************************/
nfc_ncif_report_conn_close_evt(UINT8 conn_id,tNFC_STATUS status)1240 void nfc_ncif_report_conn_close_evt (UINT8 conn_id, tNFC_STATUS status)
1241 {
1242 tNFC_CONN evt_data;
1243 tNFC_CONN_CBACK *p_cback;
1244 tNFC_CONN_CB *p_cb;
1245
1246 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
1247 if (p_cb)
1248 {
1249 p_cback = p_cb->p_cback;
1250 nfc_free_conn_cb (p_cb);
1251 evt_data.status = status;
1252 if (p_cback)
1253 (*p_cback) (conn_id, NFC_CONN_CLOSE_CEVT, &evt_data);
1254 }
1255 }
1256
1257 /*******************************************************************************
1258 **
1259 ** Function nfc_ncif_proc_reset_rsp
1260 **
1261 ** Description This function is called to process reset response/notification
1262 **
1263 ** Returns void
1264 **
1265 *******************************************************************************/
nfc_ncif_proc_reset_rsp(UINT8 * p,BOOLEAN is_ntf)1266 void nfc_ncif_proc_reset_rsp (UINT8 *p, BOOLEAN is_ntf)
1267 {
1268 UINT8 status = *p++;
1269
1270 if (is_ntf)
1271 {
1272 NFC_TRACE_ERROR1 ("reset notification!!:0x%x ", status);
1273 /* clean up, if the state is OPEN
1274 * FW does not report reset ntf right now */
1275 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
1276 {
1277 /*if any conn_cb is connected, close it.
1278 if any pending outgoing packets are dropped.*/
1279 nfc_reset_all_conn_cbs ();
1280 }
1281 status = NCI_STATUS_OK;
1282 }
1283
1284 if (nfc_cb.flags & (NFC_FL_RESTARTING|NFC_FL_POWER_CYCLE_NFCC))
1285 {
1286 nfc_reset_all_conn_cbs ();
1287 }
1288
1289 if (status == NCI_STATUS_OK)
1290 {
1291 if ((*p) != NCI_VERSION)
1292 {
1293 NFC_TRACE_ERROR2 ("NCI version mismatch!!:0x%02x != 0x%02x ", NCI_VERSION, *p);
1294 if ((*p) < NCI_VERSION_0_F)
1295 {
1296 NFC_TRACE_ERROR0 ("NFCC version is too old");
1297 status = NCI_STATUS_FAILED;
1298 }
1299 }
1300 }
1301
1302 if (status == NCI_STATUS_OK)
1303 {
1304 nci_snd_core_init ();
1305 }
1306 else
1307 {
1308 NFC_TRACE_ERROR0 ("Failed to reset NFCC");
1309 nfc_enabled (status, NULL);
1310 }
1311 }
1312
1313 /*******************************************************************************
1314 **
1315 ** Function nfc_ncif_proc_init_rsp
1316 **
1317 ** Description This function is called to process init response
1318 **
1319 ** Returns void
1320 **
1321 *******************************************************************************/
nfc_ncif_proc_init_rsp(BT_HDR * p_msg)1322 void nfc_ncif_proc_init_rsp (BT_HDR *p_msg)
1323 {
1324 UINT8 *p, status;
1325 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
1326
1327 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
1328
1329 /* handle init params in nfc_enabled */
1330 status = *(p + NCI_MSG_HDR_SIZE);
1331 if (status == NCI_STATUS_OK)
1332 {
1333 p_cb->id = NFC_RF_CONN_ID;
1334 p_cb->act_protocol = NCI_PROTOCOL_UNKNOWN;
1335
1336 nfc_set_state (NFC_STATE_W4_POST_INIT_CPLT);
1337
1338 nfc_cb.p_nci_init_rsp = p_msg;
1339 nfc_cb.p_hal->core_initialized (p);
1340 }
1341 else
1342 {
1343 nfc_enabled (status, NULL);
1344 GKI_freebuf (p_msg);
1345 }
1346 }
1347
1348 /*******************************************************************************
1349 **
1350 ** Function nfc_ncif_proc_get_config_rsp
1351 **
1352 ** Description This function is called to process get config response
1353 **
1354 ** Returns void
1355 **
1356 *******************************************************************************/
nfc_ncif_proc_get_config_rsp(BT_HDR * p_evt)1357 void nfc_ncif_proc_get_config_rsp (BT_HDR *p_evt)
1358 {
1359 UINT8 *p;
1360 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1361 tNFC_RESPONSE evt_data;
1362
1363 p_evt->offset += NCI_MSG_HDR_SIZE;
1364 p_evt->len -= NCI_MSG_HDR_SIZE;
1365 if (p_cback)
1366 {
1367 p = (UINT8 *) (p_evt + 1) + p_evt->offset;
1368 evt_data.get_config.status = *p++;
1369 evt_data.get_config.tlv_size = p_evt->len;
1370 evt_data.get_config.p_param_tlvs = p;
1371 (*p_cback) (NFC_GET_CONFIG_REVT, &evt_data);
1372 }
1373 }
1374
1375 /*******************************************************************************
1376 **
1377 ** Function nfc_ncif_proc_t3t_polling_ntf
1378 **
1379 ** Description Handle NCI_MSG_RF_T3T_POLLING NTF
1380 **
1381 ** Returns void
1382 **
1383 *******************************************************************************/
nfc_ncif_proc_t3t_polling_ntf(UINT8 * p,UINT16 plen)1384 void nfc_ncif_proc_t3t_polling_ntf (UINT8 *p, UINT16 plen)
1385 {
1386 UINT8 status;
1387 UINT8 num_responses;
1388
1389 /* Pass result to RW_T3T for processing */
1390 STREAM_TO_UINT8 (status, p);
1391 STREAM_TO_UINT8 (num_responses, p);
1392 plen-=NFC_TL_SIZE;
1393 rw_t3t_handle_nci_poll_ntf (status, num_responses, (UINT8) plen, p);
1394 }
1395
1396 /*******************************************************************************
1397 **
1398 ** Function nfc_data_event
1399 **
1400 ** Description Report Data event on the given connection control block
1401 **
1402 ** Returns void
1403 **
1404 *******************************************************************************/
nfc_data_event(tNFC_CONN_CB * p_cb)1405 void nfc_data_event (tNFC_CONN_CB * p_cb)
1406 {
1407 BT_HDR *p_evt;
1408 tNFC_DATA_CEVT data_cevt;
1409 UINT8 *p;
1410
1411 if (p_cb->p_cback)
1412 {
1413 while ((p_evt = (BT_HDR *)GKI_getfirst (&p_cb->rx_q)) != NULL)
1414 {
1415 if (p_evt->layer_specific & NFC_RAS_FRAGMENTED)
1416 {
1417 /* Not the last fragment */
1418 if (!(p_evt->layer_specific & NFC_RAS_TOO_BIG))
1419 {
1420 /* buffer can hold more */
1421 if ( (p_cb->conn_id != NFC_RF_CONN_ID)
1422 ||(nfc_cb.reassembly) )
1423 {
1424 /* If not rf connection or If rf connection and reassembly requested,
1425 * try to Reassemble next packet */
1426 break;
1427 }
1428 }
1429 }
1430
1431 p_evt = (BT_HDR *) GKI_dequeue (&p_cb->rx_q);
1432 /* report data event */
1433 p_evt->offset += NCI_MSG_HDR_SIZE;
1434 p_evt->len -= NCI_MSG_HDR_SIZE;
1435
1436 if (p_evt->layer_specific)
1437 data_cevt.status = NFC_STATUS_CONTINUE;
1438 else
1439 {
1440 nfc_cb.reassembly = TRUE;
1441 data_cevt.status = NFC_STATUS_OK;
1442 }
1443
1444 data_cevt.p_data = p_evt;
1445 /* adjust payload, if needed */
1446 if (p_cb->conn_id == NFC_RF_CONN_ID)
1447 {
1448 /* if NCI_PROTOCOL_T1T/NCI_PROTOCOL_T2T/NCI_PROTOCOL_T3T, the status byte needs to be removed
1449 */
1450 if ((p_cb->act_protocol >= NCI_PROTOCOL_T1T) && (p_cb->act_protocol <= NCI_PROTOCOL_T3T))
1451 {
1452 p_evt->len--;
1453 p = (UINT8 *) (p_evt + 1);
1454 data_cevt.status = *(p + p_evt->offset + p_evt->len);
1455 }
1456 }
1457 (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_CEVT, (tNFC_CONN *) &data_cevt);
1458 p_evt = NULL;
1459 }
1460 }
1461 }
1462
1463 /*******************************************************************************
1464 **
1465 ** Function nfc_ncif_proc_data
1466 **
1467 ** Description Find the connection control block associated with the data
1468 ** packet. Assemble the data packet, if needed.
1469 ** Report the Data event.
1470 **
1471 ** Returns void
1472 **
1473 *******************************************************************************/
nfc_ncif_proc_data(BT_HDR * p_msg)1474 void nfc_ncif_proc_data (BT_HDR *p_msg)
1475 {
1476 UINT8 *pp, cid;
1477 tNFC_CONN_CB * p_cb;
1478 UINT8 pbf;
1479 BT_HDR *p_last;
1480 UINT8 *ps, *pd;
1481 UINT16 size;
1482 BT_HDR *p_max = NULL;
1483 UINT16 len;
1484
1485 pp = (UINT8 *) (p_msg+1) + p_msg->offset;
1486 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_data 0x%02x%02x%02x", pp[0], pp[1], pp[2]);
1487 NCI_DATA_PRS_HDR (pp, pbf, cid, len);
1488 p_cb = nfc_find_conn_cb_by_conn_id (cid);
1489 if (p_cb && (p_msg->len >= NCI_DATA_HDR_SIZE))
1490 {
1491 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", len);
1492
1493 p_msg->layer_specific = 0;
1494 if (pbf)
1495 p_msg->layer_specific = NFC_RAS_FRAGMENTED;
1496 p_last = (BT_HDR *)GKI_getlast (&p_cb->rx_q);
1497 if (p_last && (p_last->layer_specific & NFC_RAS_FRAGMENTED))
1498 {
1499 /* last data buffer is not last fragment, append this new packet to the last */
1500 size = GKI_get_buf_size(p_last);
1501 if (size < (BT_HDR_SIZE + p_last->len + p_last->offset + len))
1502 {
1503 /* the current size of p_last is not big enough to hold the new fragment, p_msg */
1504 if (size != GKI_MAX_BUF_SIZE)
1505 {
1506 /* try the biggest GKI pool */
1507 p_max = (BT_HDR *)GKI_getpoolbuf (GKI_MAX_BUF_SIZE_POOL_ID);
1508 if (p_max)
1509 {
1510 /* copy the content of last buffer to the new buffer */
1511 memcpy(p_max, p_last, BT_HDR_SIZE);
1512 pd = (UINT8 *)(p_max + 1) + p_max->offset;
1513 ps = (UINT8 *)(p_last + 1) + p_last->offset;
1514 memcpy(pd, ps, p_last->len);
1515
1516 /* place the new buffer in the queue instead */
1517 GKI_remove_from_queue (&p_cb->rx_q, p_last);
1518 GKI_freebuf (p_last);
1519 GKI_enqueue (&p_cb->rx_q, p_max);
1520 p_last = p_max;
1521 }
1522 }
1523 if (p_max == NULL)
1524 {
1525 /* Biggest GKI Pool not available (or)
1526 * Biggest available GKI Pool is not big enough to hold the new fragment, p_msg */
1527 p_last->layer_specific |= NFC_RAS_TOO_BIG;
1528 }
1529 }
1530
1531 ps = (UINT8 *)(p_msg + 1) + p_msg->offset + NCI_MSG_HDR_SIZE;
1532 len = p_msg->len - NCI_MSG_HDR_SIZE;
1533
1534 if (!(p_last->layer_specific & NFC_RAS_TOO_BIG))
1535 {
1536 pd = (UINT8 *)(p_last + 1) + p_last->offset + p_last->len;
1537 memcpy(pd, ps, len);
1538 p_last->len += len;
1539 /* do not need to update pbf and len in NCI header.
1540 * They are stripped off at NFC_DATA_CEVT and len may exceed 255 */
1541 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", p_last->len);
1542 p_last->layer_specific = p_msg->layer_specific;
1543 GKI_freebuf (p_msg);
1544 #ifdef DISP_NCI
1545 if (!(p_last->layer_specific & NFC_RAS_FRAGMENTED))
1546 {
1547 /* this packet was reassembled. display the complete packet */
1548 DISP_NCI ((UINT8 *)(p_last + 1) + p_last->offset, p_last->len, TRUE);
1549 }
1550 #endif
1551 nfc_data_event (p_cb);
1552 }
1553 else
1554 {
1555 /* Not enough memory to add new buffer
1556 * Send data already in queue first with status Continue */
1557 nfc_data_event (p_cb);
1558 /* now enqueue the new buffer to the rx queue */
1559 GKI_enqueue (&p_cb->rx_q, p_msg);
1560 }
1561 }
1562 else
1563 {
1564 /* if this is the first fragment on RF link */
1565 if ( (p_msg->layer_specific & NFC_RAS_FRAGMENTED)
1566 &&(p_cb->conn_id == NFC_RF_CONN_ID)
1567 &&(p_cb->p_cback) )
1568 {
1569 /* Indicate upper layer that local device started receiving data */
1570 (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_START_CEVT, NULL);
1571 }
1572 /* enqueue the new buffer to the rx queue */
1573 GKI_enqueue (&p_cb->rx_q, p_msg);
1574 nfc_data_event (p_cb);
1575 }
1576 return;
1577 }
1578 GKI_freebuf (p_msg);
1579 }
1580
1581 #endif /* NFC_INCLUDED == TRUE*/
1582