1 /******************************************************************************
2  *
3  *  Copyright (C) 2010-2014 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains function of the NCI unit to format and send NCI
22  *  commands (for DH).
23  *
24  ******************************************************************************/
25 #include "nci_hmsgs.h"
26 
27 #include <string.h>
28 
29 #include "include/debug_lmrt.h"
30 #include "nci_defs.h"
31 #include "nfc_api.h"
32 #include "nfc_int.h"
33 #include "nfc_target.h"
34 
35 /*******************************************************************************
36 **
37 ** Function         nci_snd_tlv_parameter_generic_cmd
38 **
39 ** Description      compose and send RF Management RF TLV Parameter
40 **                  generic command to command queue
41 **
42 ** Returns          status
43 **
44 *******************************************************************************/
nci_snd_tlv_parameter_generic_cmd(uint8_t oid,uint8_t * p_param_tlvs,uint8_t tlv_size)45 static uint8_t nci_snd_tlv_parameter_generic_cmd(uint8_t oid,
46                                                  uint8_t* p_param_tlvs,
47                                                  uint8_t tlv_size) {
48   NFC_HDR* p;
49   uint8_t* pp;
50   uint8_t num = 0, ulen, len, *pt;
51 
52   p = NCI_GET_CMD_BUF(tlv_size + 1);
53   if (p == nullptr) return (NCI_STATUS_FAILED);
54 
55   p->event = BT_EVT_TO_NFC_NCI;
56   p->len = NCI_MSG_HDR_SIZE + tlv_size + 1;
57   p->offset = NCI_MSG_OFFSET_SIZE;
58   pp = (uint8_t*)(p + 1) + p->offset;
59 
60   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
61   NCI_MSG_BLD_HDR1(pp, oid);
62   UINT8_TO_STREAM(pp, (uint8_t)(tlv_size + 1));
63   len = tlv_size;
64   pt = p_param_tlvs;
65   while (len > 1) {
66     len -= 2;
67     pt++;
68     num++;
69     ulen = *pt++;
70     pt += ulen;
71     if (len >= ulen) {
72       len -= ulen;
73     } else {
74       GKI_freebuf(p);
75       return NCI_STATUS_FAILED;
76     }
77   }
78 
79   UINT8_TO_STREAM(pp, num);
80   ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
81   nfc_ncif_send_cmd(p);
82 
83   return (NCI_STATUS_OK);
84 }
85 
86 /*******************************************************************************
87 **
88 ** Function         nci_snd_core_reset
89 **
90 ** Description      compose and send CORE RESET command to command queue
91 **
92 ** Returns          status
93 **
94 *******************************************************************************/
nci_snd_core_reset(uint8_t reset_type)95 uint8_t nci_snd_core_reset(uint8_t reset_type) {
96   NFC_HDR* p;
97   uint8_t* pp;
98 
99   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_RESET);
100   if (p == nullptr) return (NCI_STATUS_FAILED);
101 
102   p->event = BT_EVT_TO_NFC_NCI;
103   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_RESET;
104   p->offset = NCI_MSG_OFFSET_SIZE;
105   p->layer_specific = 0;
106   pp = (uint8_t*)(p + 1) + p->offset;
107 
108   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
109   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_RESET);
110   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_RESET);
111   UINT8_TO_STREAM(pp, reset_type);
112 
113   nfc_ncif_send_cmd(p);
114   return (NCI_STATUS_OK);
115 }
116 
117 /*******************************************************************************
118 **
119 ** Function         nci_snd_core_init
120 **
121 ** Description      compose and send CORE INIT command to command queue
122 **
123 ** Returns          status
124 **
125 *******************************************************************************/
nci_snd_core_init(uint8_t nci_version)126 uint8_t nci_snd_core_init(uint8_t nci_version) {
127   NFC_HDR* p;
128   uint8_t* pp;
129 
130   if ((p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_INIT(nci_version))) == nullptr)
131     return (NCI_STATUS_FAILED);
132 
133   p->event = BT_EVT_TO_NFC_NCI;
134   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_INIT(nci_version);
135   p->offset = NCI_MSG_OFFSET_SIZE;
136   p->layer_specific = 0;
137   pp = (uint8_t*)(p + 1) + p->offset;
138 
139   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
140   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_INIT);
141   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_INIT(nci_version));
142   if (nfc_cb.nci_version >= NCI_VERSION_2_0) {
143     UINT8_TO_STREAM(pp, NCI2_X_CORE_INIT_CMD_BYTE_0);
144     UINT8_TO_STREAM(pp, NCI2_X_CORE_INIT_CMD_BYTE_1);
145   }
146 
147   nfc_ncif_send_cmd(p);
148   return (NCI_STATUS_OK);
149 }
150 
151 /*******************************************************************************
152 **
153 ** Function         nci_snd_core_get_config
154 **
155 ** Description      compose and send CORE GET_CONFIG command to command queue
156 **
157 ** Returns          status
158 **
159 *******************************************************************************/
nci_snd_core_get_config(uint8_t * param_ids,uint8_t num_ids)160 uint8_t nci_snd_core_get_config(uint8_t* param_ids, uint8_t num_ids) {
161   NFC_HDR* p;
162   uint8_t* pp;
163 
164   p = NCI_GET_CMD_BUF(num_ids);
165   if (p == nullptr) return (NCI_STATUS_FAILED);
166 
167   p->event = BT_EVT_TO_NFC_NCI;
168   p->len = NCI_MSG_HDR_SIZE + num_ids + 1;
169   p->offset = NCI_MSG_OFFSET_SIZE;
170   p->layer_specific = 0;
171   pp = (uint8_t*)(p + 1) + p->offset;
172 
173   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
174   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_GET_CONFIG);
175   UINT8_TO_STREAM(pp, (uint8_t)(num_ids + 1));
176   UINT8_TO_STREAM(pp, num_ids);
177   ARRAY_TO_STREAM(pp, param_ids, num_ids);
178 
179   nfc_ncif_send_cmd(p);
180   return (NCI_STATUS_OK);
181 }
182 
183 /*******************************************************************************
184 **
185 ** Function         nci_snd_core_set_config
186 **
187 ** Description      compose and send CORE SET_CONFIG command to command queue
188 **
189 ** Returns          status
190 **
191 *******************************************************************************/
nci_snd_core_set_config(uint8_t * p_param_tlvs,uint8_t tlv_size)192 uint8_t nci_snd_core_set_config(uint8_t* p_param_tlvs, uint8_t tlv_size) {
193   NFC_HDR* p;
194   uint8_t* pp;
195   uint8_t num = 0, ulen, len, *pt;
196 
197   p = NCI_GET_CMD_BUF(tlv_size + 1);
198   if (p == nullptr) return (NCI_STATUS_FAILED);
199 
200   p->event = BT_EVT_TO_NFC_NCI;
201   p->len = NCI_MSG_HDR_SIZE + tlv_size + 1;
202   p->offset = NCI_MSG_OFFSET_SIZE;
203   pp = (uint8_t*)(p + 1) + p->offset;
204 
205   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
206   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_SET_CONFIG);
207   UINT8_TO_STREAM(pp, (uint8_t)(tlv_size + 1));
208   len = tlv_size;
209   pt = p_param_tlvs;
210   while (len > 1) {
211     len -= 2;
212     ++pt;
213     ++num;
214     ulen = *pt++;
215     pt += ulen;
216     if (len >= ulen) {
217       len -= ulen;
218     } else {
219       GKI_freebuf(p);
220       return NCI_STATUS_FAILED;
221     }
222   }
223 
224   UINT8_TO_STREAM(pp, num);
225   ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
226   nfc_ncif_send_cmd(p);
227 
228   return (NCI_STATUS_OK);
229 }
230 
231 /*******************************************************************************
232 **
233 ** Function         nci_snd_core_conn_create
234 **
235 ** Description      compose and send CORE CONN_CREATE command to command queue
236 **
237 ** Returns          status
238 **
239 *******************************************************************************/
nci_snd_core_conn_create(uint8_t dest_type,uint8_t num_tlv,uint8_t tlv_size,uint8_t * p_param_tlvs)240 uint8_t nci_snd_core_conn_create(uint8_t dest_type, uint8_t num_tlv,
241                                  uint8_t tlv_size, uint8_t* p_param_tlvs) {
242   NFC_HDR* p;
243   uint8_t* pp;
244   uint8_t size = NCI_CORE_PARAM_SIZE_CON_CREATE + tlv_size;
245   if (!gki_utils) {
246     gki_utils = new GkiUtils();
247   }
248   p = NCI_GET_CMD_BUF(size);
249   if (p == nullptr) return (NCI_STATUS_FAILED);
250 
251   p->event = BT_EVT_TO_NFC_NCI;
252   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_CON_CREATE;
253   p->offset = NCI_MSG_OFFSET_SIZE;
254   p->layer_specific = 0;
255   pp = (uint8_t*)(p + 1) + p->offset;
256 
257   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
258   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_CONN_CREATE);
259   UINT8_TO_STREAM(pp, size);
260   UINT8_TO_STREAM(pp, dest_type);
261   UINT8_TO_STREAM(pp, num_tlv);
262   if (tlv_size) {
263     ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
264     p->len += tlv_size;
265   }
266 
267   nfc_ncif_send_cmd(p);
268   return (NCI_STATUS_OK);
269 }
270 
271 /*******************************************************************************
272 **
273 ** Function         nci_snd_core_conn_close
274 **
275 ** Description      compose and send CORE CONN_CLOSE command to command queue
276 **
277 ** Returns          status
278 **
279 *******************************************************************************/
nci_snd_core_conn_close(uint8_t conn_id)280 uint8_t nci_snd_core_conn_close(uint8_t conn_id) {
281   NFC_HDR* p;
282   uint8_t* pp;
283 
284   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_CON_CLOSE);
285   if (p == nullptr) return (NCI_STATUS_FAILED);
286 
287   p->event = BT_EVT_TO_NFC_NCI;
288   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_CON_CLOSE;
289   p->offset = NCI_MSG_OFFSET_SIZE;
290   p->layer_specific = 0;
291   pp = (uint8_t*)(p + 1) + p->offset;
292 
293   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
294   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_CONN_CLOSE);
295   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_CON_CLOSE);
296   UINT8_TO_STREAM(pp, conn_id);
297 
298   nfc_ncif_send_cmd(p);
299   return (NCI_STATUS_OK);
300 }
301 
302 #if (NFC_NFCEE_INCLUDED == TRUE)
303 #if (NFC_RW_ONLY == FALSE)
304 /*******************************************************************************
305 **
306 ** Function         nci_snd_nfcee_discover
307 **
308 ** Description      compose and send NFCEE Management NFCEE_DISCOVER command
309 **                  to command queue
310 **
311 ** Returns          status
312 **
313 *******************************************************************************/
nci_snd_nfcee_discover(uint8_t discover_action)314 uint8_t nci_snd_nfcee_discover(uint8_t discover_action) {
315   NFC_HDR* p;
316   uint8_t* pp;
317 
318   p = NCI_GET_CMD_BUF(NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion()));
319   if (p == nullptr) return (NCI_STATUS_FAILED);
320 
321   p->event = BT_EVT_TO_NFC_NCI;
322   p->len =
323       NCI_MSG_HDR_SIZE + NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion());
324   p->offset = NCI_MSG_OFFSET_SIZE;
325   p->layer_specific = 0;
326   pp = (uint8_t*)(p + 1) + p->offset;
327 
328   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
329   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_DISCOVER);
330   UINT8_TO_STREAM(pp, NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion()));
331   if (NFC_GetNCIVersion() < NCI_VERSION_2_0) {
332     UINT8_TO_STREAM(pp, discover_action);
333   }
334   nfc_ncif_send_cmd(p);
335   return (NCI_STATUS_OK);
336 }
337 
338 /*******************************************************************************
339 **
340 ** Function         nci_snd_nfcee_mode_set
341 **
342 ** Description      compose and send NFCEE Management NFCEE MODE SET command
343 **                  to command queue
344 **
345 ** Returns          status
346 **
347 *******************************************************************************/
nci_snd_nfcee_mode_set(uint8_t nfcee_id,uint8_t nfcee_mode)348 uint8_t nci_snd_nfcee_mode_set(uint8_t nfcee_id, uint8_t nfcee_mode) {
349   NFC_HDR* p;
350   uint8_t* pp;
351 
352   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET);
353   if (p == nullptr) return (NCI_STATUS_FAILED);
354 
355   p->event = BT_EVT_TO_NFC_NCI;
356   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET;
357   p->offset = NCI_MSG_OFFSET_SIZE;
358   p->layer_specific = 0;
359   pp = (uint8_t*)(p + 1) + p->offset;
360 
361   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
362   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_MODE_SET);
363   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET);
364   UINT8_TO_STREAM(pp, nfcee_id);
365   UINT8_TO_STREAM(pp, nfcee_mode);
366 
367   nfc_ncif_send_cmd(p);
368   return (NCI_STATUS_OK);
369 }
370 
371 /*******************************************************************************
372 **
373 ** Function         nci_snd_iso_dep_nak_presence_check_cmd
374 **
375 ** Description      compose and send RF Management presence check ISO-DEP NAK
376 **                  command.
377 **
378 **
379 ** Returns          status
380 **
381 *******************************************************************************/
nci_snd_iso_dep_nak_presence_check_cmd()382 uint8_t nci_snd_iso_dep_nak_presence_check_cmd() {
383   NFC_HDR* p;
384   uint8_t* pp;
385 
386   if ((p = NCI_GET_CMD_BUF(0)) == nullptr) return (NCI_STATUS_FAILED);
387 
388   p->event = BT_EVT_TO_NFC_NCI;
389   p->offset = NCI_MSG_OFFSET_SIZE;
390   p->len = NCI_MSG_HDR_SIZE + 0;
391   p->layer_specific = 0;
392   pp = (uint8_t*)(p + 1) + p->offset;
393 
394   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
395   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_ISO_DEP_NAK_PRESENCE);
396   UINT8_TO_STREAM(pp, 0x00);
397   nfc_ncif_send_cmd(p);
398   return (NCI_STATUS_OK);
399 }
400 #endif
401 #endif
402 
403 /*******************************************************************************
404 **
405 ** Function         nci_snd_discover_cmd
406 **
407 ** Description      compose and send RF Management DISCOVER command to command
408 **                  queue
409 **
410 ** Returns          status
411 **
412 *******************************************************************************/
nci_snd_discover_cmd(uint8_t num,tNCI_DISCOVER_PARAMS * p_param)413 uint8_t nci_snd_discover_cmd(uint8_t num, tNCI_DISCOVER_PARAMS* p_param) {
414   NFC_HDR* p;
415   uint8_t *pp, *p_size, *p_start;
416   int xx;
417 
418   const int size [[maybe_unused]] = num * sizeof(tNCI_DISCOVER_PARAMS) + 1;
419   p = NCI_GET_CMD_BUF(size);
420 
421   if (p == nullptr) return (NCI_STATUS_FAILED);
422 
423   p->event = BT_EVT_TO_NFC_NCI;
424   p->offset = NCI_MSG_OFFSET_SIZE;
425   p->layer_specific = 0;
426   pp = (uint8_t*)(p + 1) + p->offset;
427 
428   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
429   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER);
430   p_size = pp;
431   ++pp;
432   p_start = pp;
433   UINT8_TO_STREAM(pp, num);
434   for (xx = 0; xx < num; ++xx) {
435     UINT8_TO_STREAM(pp, p_param[xx].type);
436     UINT8_TO_STREAM(pp, p_param[xx].frequency);
437   }
438   *p_size = (uint8_t)(pp - p_start);
439   p->len = NCI_MSG_HDR_SIZE + *p_size;
440 
441   nfc_ncif_send_cmd(p);
442   return (NCI_STATUS_OK);
443 }
444 
445 /*******************************************************************************
446 **
447 ** Function         nci_snd_discover_select_cmd
448 **
449 ** Description      compose and send RF Management DISCOVER SELECT command
450 **                  to command queue
451 **
452 ** Returns          status
453 **
454 *******************************************************************************/
nci_snd_discover_select_cmd(uint8_t rf_disc_id,uint8_t protocol,uint8_t rf_interface)455 uint8_t nci_snd_discover_select_cmd(uint8_t rf_disc_id, uint8_t protocol,
456                                     uint8_t rf_interface) {
457   NFC_HDR* p;
458   uint8_t* pp;
459 
460   p = NCI_GET_CMD_BUF(NCI_DISCOVER_PARAM_SIZE_SELECT);
461   if (p == nullptr) return (NCI_STATUS_FAILED);
462 
463   p->event = BT_EVT_TO_NFC_NCI;
464   p->len = NCI_MSG_HDR_SIZE + NCI_DISCOVER_PARAM_SIZE_SELECT;
465   p->offset = NCI_MSG_OFFSET_SIZE;
466   p->layer_specific = 0;
467   pp = (uint8_t*)(p + 1) + p->offset;
468 
469   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
470   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER_SELECT);
471   UINT8_TO_STREAM(pp, NCI_DISCOVER_PARAM_SIZE_SELECT);
472   UINT8_TO_STREAM(pp, rf_disc_id);
473   UINT8_TO_STREAM(pp, protocol);
474   UINT8_TO_STREAM(pp, rf_interface);
475 
476   nfc_ncif_send_cmd(p);
477   return (NCI_STATUS_OK);
478 }
479 
480 /*******************************************************************************
481 **
482 ** Function         nci_snd_rf_extension_control_cmd
483 **
484 ** Description      compose and send RF Management INTF EXT START or STOP
485 *command
486 **                  to command queue
487 **
488 ** Returns          status
489 **
490 *******************************************************************************/
nci_snd_rf_extension_control_cmd(uint8_t mode,uint8_t rf_ext_id,uint8_t * p_data,uint8_t data_len)491 uint8_t nci_snd_rf_extension_control_cmd(uint8_t mode, uint8_t rf_ext_id,
492                                          uint8_t* p_data, uint8_t data_len) {
493   NFC_HDR* p;
494   uint8_t* pp;
495   int size;
496 
497   size = NCI_DISCOVER_PARAM_SIZE_EXT + data_len;
498 
499   p = NCI_GET_CMD_BUF(size);
500   if (p == nullptr) return (NCI_STATUS_FAILED);
501 
502   p->event = BT_EVT_TO_NFC_NCI;
503   p->len = NCI_MSG_HDR_SIZE + size;
504   p->offset = NCI_MSG_OFFSET_SIZE;
505   p->layer_specific = 0;
506   pp = (uint8_t*)(p + 1) + p->offset;
507 
508   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
509   if (mode == NFC_RF_INTF_EXT_START) {
510     NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_INTF_EXT_START);
511   } else {
512     NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_INTF_EXT_STOP);
513   }
514   UINT8_TO_STREAM(pp, size);
515 
516   /* Set Extension value */
517   UINT8_TO_STREAM(pp, rf_ext_id);
518   /* Parameter Length */
519   UINT8_TO_STREAM(pp, data_len);
520   /* Parameter */
521   ARRAY_TO_BE_STREAM(pp, p_data, data_len);
522 
523   /* Set flag to reject NCI Data transmission till response
524      to command is received */
525   nfc_cb.flags |= NFC_FL_WAIT_RF_INTF_EXT_RSP;
526 
527   nfc_ncif_send_cmd(p);
528   return (NCI_STATUS_OK);
529 }
530 
531 /*******************************************************************************
532 **
533 ** Function         nci_snd_ep_removal_detection_cmd
534 **
535 ** Description      compose and send RF Management REMOVAL_DETECTION command
536 **                  to command queue
537 **
538 ** Returns          status
539 **
540 *******************************************************************************/
nci_snd_ep_removal_detection_cmd(uint8_t waiting_time)541 uint8_t nci_snd_ep_removal_detection_cmd(uint8_t waiting_time) {
542   NFC_HDR* p;
543   uint8_t* pp;
544 
545   p = NCI_GET_CMD_BUF(NCI_DISCOVER_PARAM_SIZE_DETECT);
546   if (p == nullptr) return (NCI_STATUS_FAILED);
547 
548   p->event = BT_EVT_TO_NFC_NCI;
549   p->len = NCI_MSG_HDR_SIZE + NCI_DISCOVER_PARAM_SIZE_DETECT;
550   p->offset = NCI_MSG_OFFSET_SIZE;
551   p->layer_specific = 0;
552   pp = (uint8_t*)(p + 1) + p->offset;
553 
554   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
555   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_REMOVAL_DETECTION);
556   UINT8_TO_STREAM(pp, NCI_DISCOVER_PARAM_SIZE_DETECT);
557   UINT8_TO_STREAM(pp, waiting_time);
558 
559   nfc_ncif_send_cmd(p);
560   return (NCI_STATUS_OK);
561 }
562 
563 /*******************************************************************************
564 **
565 ** Function         nci_snd_rf_wpt_control_cmd
566 **
567 ** Description      compose and send RF Management WPT_START command
568 **                  to command queue
569 **
570 ** Returns          status
571 **
572 *******************************************************************************/
nci_snd_rf_wpt_control_cmd(uint8_t * p_param_tlvs,uint8_t tlv_size)573 uint8_t nci_snd_rf_wpt_control_cmd(uint8_t* p_param_tlvs, uint8_t tlv_size) {
574   return nci_snd_tlv_parameter_generic_cmd(NCI_MSG_WPT_START, p_param_tlvs,
575                                            tlv_size);
576 }
577 
578 /*******************************************************************************
579 **
580 ** Function         nci_snd_deactivate_cmd
581 **
582 ** Description      compose and send RF Management DEACTIVATE command
583 **                  to command queue
584 **
585 ** Returns          status
586 **
587 *******************************************************************************/
nci_snd_deactivate_cmd(uint8_t de_act_type)588 uint8_t nci_snd_deactivate_cmd(uint8_t de_act_type) {
589   NFC_HDR* p;
590   uint8_t* pp;
591 
592   nfc_cb.reassembly = true;
593 
594   p = NCI_GET_CMD_BUF(NCI_DISCOVER_PARAM_SIZE_DEACT);
595   if (p == nullptr) return (NCI_STATUS_FAILED);
596 
597   p->event = BT_EVT_TO_NFC_NCI;
598   p->len = NCI_MSG_HDR_SIZE + NCI_DISCOVER_PARAM_SIZE_DEACT;
599   p->offset = NCI_MSG_OFFSET_SIZE;
600   p->layer_specific = 0;
601   pp = (uint8_t*)(p + 1) + p->offset;
602 
603   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
604   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DEACTIVATE);
605   UINT8_TO_STREAM(pp, NCI_DISCOVER_PARAM_SIZE_DEACT);
606   UINT8_TO_STREAM(pp, de_act_type);
607 
608   nfc_ncif_send_cmd(p);
609   return (NCI_STATUS_OK);
610 }
611 
612 /*******************************************************************************
613 **
614 ** Function         nci_snd_discover_map_cmd
615 **
616 ** Description      compose and send RF Management DISCOVER MAP command
617 **                  to command queue
618 **
619 ** Returns          status
620 **
621 *******************************************************************************/
nci_snd_discover_map_cmd(uint8_t num,tNCI_DISCOVER_MAPS * p_maps)622 uint8_t nci_snd_discover_map_cmd(uint8_t num, tNCI_DISCOVER_MAPS* p_maps) {
623   NFC_HDR* p;
624   uint8_t *pp, *p_size, *p_start;
625   int xx;
626 
627   const int size [[maybe_unused]] = num * sizeof(tNCI_DISCOVER_MAPS) + 1;
628 
629   p = NCI_GET_CMD_BUF(size);
630 
631   if (p == nullptr) return (NCI_STATUS_FAILED);
632 
633   p->event = BT_EVT_TO_NFC_NCI;
634   p->offset = NCI_MSG_OFFSET_SIZE;
635   p->layer_specific = 0;
636   pp = (uint8_t*)(p + 1) + p->offset;
637 
638   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
639   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER_MAP);
640   p_size = pp;
641   ++pp;
642   p_start = pp;
643   UINT8_TO_STREAM(pp, num);
644   for (xx = 0; xx < num; ++xx) {
645     UINT8_TO_STREAM(pp, p_maps[xx].protocol);
646     UINT8_TO_STREAM(pp, p_maps[xx].mode);
647     UINT8_TO_STREAM(pp, p_maps[xx].intf_type);
648   }
649   *p_size = (uint8_t)(pp - p_start);
650   p->len = NCI_MSG_HDR_SIZE + *p_size;
651   nfc_ncif_send_cmd(p);
652   return (NCI_STATUS_OK);
653 }
654 /*******************************************************************************
655 **
656 ** Function         nci_snd_t3t_polling
657 **
658 ** Description      compose and send RF Management T3T POLLING command
659 **                  to command queue
660 **
661 ** Returns          status
662 **
663 *******************************************************************************/
nci_snd_t3t_polling(uint16_t system_code,uint8_t rc,uint8_t tsn)664 uint8_t nci_snd_t3t_polling(uint16_t system_code, uint8_t rc, uint8_t tsn) {
665   NFC_HDR* p;
666   uint8_t* pp;
667 
668   p = NCI_GET_CMD_BUF(NCI_RF_PARAM_SIZE_T3T_POLLING);
669   if (p == nullptr) return (NCI_STATUS_FAILED);
670 
671   p->event = BT_EVT_TO_NFC_NCI;
672   p->len = NCI_MSG_HDR_SIZE + NCI_RF_PARAM_SIZE_T3T_POLLING;
673   p->offset = NCI_MSG_OFFSET_SIZE;
674   p->layer_specific = 0;
675   pp = (uint8_t*)(p + 1) + p->offset;
676 
677   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
678   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_T3T_POLLING);
679   UINT8_TO_STREAM(pp, NCI_RF_PARAM_SIZE_T3T_POLLING);
680   UINT16_TO_BE_STREAM(pp, system_code);
681   UINT8_TO_STREAM(pp, rc);
682   UINT8_TO_STREAM(pp, tsn);
683 
684   nfc_ncif_send_cmd(p);
685   return (NCI_STATUS_OK);
686 }
687 
688 /*******************************************************************************
689 **
690 ** Function         nci_snd_parameter_update_cmd
691 **
692 ** Description      compose and send RF Management RF Communication Parameter
693 **                  Update commandto command queue
694 **
695 ** Returns          status
696 **
697 *******************************************************************************/
nci_snd_parameter_update_cmd(uint8_t * p_param_tlvs,uint8_t tlv_size)698 uint8_t nci_snd_parameter_update_cmd(uint8_t* p_param_tlvs, uint8_t tlv_size) {
699   return nci_snd_tlv_parameter_generic_cmd(NCI_MSG_RF_PARAMETER_UPDATE,
700                                            p_param_tlvs, tlv_size);
701 }
702 
703 /*******************************************************************************
704 **
705 ** Function         nci_snd_nfcee_power_link_control
706 **
707 ** Description      compose and send NFCEE Management NFCEE Power and Link
708 **                  Control command to command queue
709 **
710 ** Returns          status
711 **
712 *******************************************************************************/
nci_snd_nfcee_power_link_control(uint8_t nfcee_id,uint8_t pl_config)713 uint8_t nci_snd_nfcee_power_link_control(uint8_t nfcee_id, uint8_t pl_config) {
714   uint8_t* pp;
715   NFC_HDR* p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL);
716   if (p == nullptr) return NCI_STATUS_FAILED;
717 
718   p->event = NFC_EVT_TO_NFC_NCI;
719   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL;
720   p->offset = NCI_MSG_OFFSET_SIZE;
721   p->layer_specific = 0;
722   pp = (uint8_t*)(p + 1) + p->offset;
723 
724   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
725   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_POWER_LINK_CTRL);
726   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL);
727   UINT8_TO_STREAM(pp, nfcee_id);
728   UINT8_TO_STREAM(pp, pl_config);
729 
730   nfc_ncif_send_cmd(p);
731   return NCI_STATUS_OK;
732 }
733 
734 #if (NFC_NFCEE_INCLUDED == TRUE)
735 #if (NFC_RW_ONLY == FALSE)
736 /*******************************************************************************
737 **
738 ** Function         nci_snd_set_routing_cmd
739 **
740 ** Description      compose and send RF Management SET_LISTEN_MODE_ROUTING
741 **                  command to command queue
742 **
743 ** Returns          status
744 **
745 *******************************************************************************/
nci_snd_set_routing_cmd(bool more,uint8_t num_tlv,uint8_t tlv_size,uint8_t * p_param_tlvs)746 uint8_t nci_snd_set_routing_cmd(bool more, uint8_t num_tlv, uint8_t tlv_size,
747                                 uint8_t* p_param_tlvs) {
748   NFC_HDR* p;
749   uint8_t* pp;
750   uint8_t size = tlv_size + 2;
751 
752   if (size < tlv_size) {
753     return (NCI_STATUS_FAILED);
754   }
755 
756   if (tlv_size == 0) {
757     /* just to terminate routing table
758      * 2 bytes (more=FALSE and num routing entries=0) */
759     size = 2;
760   }
761 
762   p = NCI_GET_CMD_BUF(size);
763   if (p == nullptr) return (NCI_STATUS_FAILED);
764 
765   p->event = BT_EVT_TO_NFC_NCI;
766   p->offset = NCI_MSG_OFFSET_SIZE;
767   p->len = NCI_MSG_HDR_SIZE + size;
768   p->layer_specific = 0;
769   pp = (uint8_t*)(p + 1) + p->offset;
770 
771   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
772   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_SET_ROUTING);
773   UINT8_TO_STREAM(pp, size);
774   UINT8_TO_STREAM(pp, more);
775   if (size == 2) {
776     UINT8_TO_STREAM(pp, 0);
777   } else {
778     UINT8_TO_STREAM(pp, num_tlv);
779     ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
780   }
781 
782   uint8_t* lmrt_head_ptr = (uint8_t*)(p + 1) + p->offset;
783   lmrt_capture(lmrt_head_ptr, size + 3);
784 
785   nfc_ncif_send_cmd(p);
786 
787   return (NCI_STATUS_OK);
788 }
789 /*******************************************************************************
790 **
791 ** Function         nci_snd_set_power_sub_state_cmd
792 **
793 ** Description      compose and send core CORE_SET_POWER_SUB_STATE command
794 **                  to command queue
795 **
796 ** Returns          status
797 **
798 *******************************************************************************/
nci_snd_core_set_power_sub_state(uint8_t screen_state)799 uint8_t nci_snd_core_set_power_sub_state(uint8_t screen_state) {
800   NFC_HDR* p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE);
801   uint8_t* pp;
802 
803   if (p == nullptr) return (NCI_STATUS_FAILED);
804 
805   p->event = BT_EVT_TO_NFC_NCI;
806   p->offset = NCI_MSG_OFFSET_SIZE;
807   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE;
808   p->layer_specific = 0;
809   pp = (uint8_t*)(p + 1) + p->offset;
810 
811   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
812   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_SET_POWER_SUB_STATE);
813   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE);
814   UINT8_TO_STREAM(pp, screen_state);
815 
816   nfc_ncif_send_cmd(p);
817 
818   return (NCI_STATUS_OK);
819 }
820 /*******************************************************************************
821 **
822 ** Function         nci_snd_get_routing_cmd
823 **
824 ** Description      compose and send RF Management GET_LISTEN_MODE_ROUTING
825 **                  command to command queue
826 **
827 ** Returns          status
828 **
829 *******************************************************************************/
nci_snd_get_routing_cmd(void)830 uint8_t nci_snd_get_routing_cmd(void) {
831   NFC_HDR* p;
832   uint8_t* pp;
833   uint8_t param_size = 0;
834 
835   p = NCI_GET_CMD_BUF(param_size);
836   if (p == nullptr) return (NCI_STATUS_FAILED);
837 
838   p->event = BT_EVT_TO_NFC_NCI;
839   p->len = NCI_MSG_HDR_SIZE + param_size;
840   p->offset = NCI_MSG_OFFSET_SIZE;
841   p->layer_specific = 0;
842   pp = (uint8_t*)(p + 1) + p->offset;
843 
844   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
845   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_GET_ROUTING);
846   UINT8_TO_STREAM(pp, param_size);
847 
848   nfc_ncif_send_cmd(p);
849   return (NCI_STATUS_OK);
850 }
851 /*******************************************************************************
852 **
853 ** Function         nci_snd_android_get_caps_cmd
854 **
855 ** Description      compose and send android GET_CAPS_COMMAND
856 **                  command to command queue
857 **
858 ** Returns          status
859 **
860 *******************************************************************************/
nci_snd_android_get_caps_cmd(void)861 uint8_t nci_snd_android_get_caps_cmd(void) {
862   NFC_HDR* p;
863   uint8_t* pp;
864   uint8_t param_size = 1;
865 
866   p = NCI_GET_CMD_BUF(param_size);
867   if (p == nullptr) return (NCI_STATUS_FAILED);
868 
869   p->event = BT_EVT_TO_NFC_NCI;
870   p->len = NCI_MSG_HDR_SIZE + param_size;
871   p->offset = NCI_MSG_OFFSET_SIZE;
872   p->layer_specific = 0;
873   pp = (uint8_t*)(p + 1) + p->offset;
874 
875   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_PROP);
876   NCI_MSG_BLD_HDR1(pp, NCI_MSG_PROP_ANDROID);
877   UINT8_TO_STREAM(pp, param_size);
878   UINT8_TO_STREAM(pp, NCI_ANDROID_GET_CAPS);
879 
880   nfc_ncif_send_cmd(p);
881   return (NCI_STATUS_OK);
882 }
883 #endif
884 #endif
885