• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /******************************************************************************
2  *
3  *  Copyright (C) 1999-2012 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains functions that interface with the NFC NCI transport.
22  *  On the receive side, it routes events to the appropriate handler
23  *  (callback). On the transmit side, it manages the command transmission.
24  *
25  ******************************************************************************/
26 #include <string.h>
27 #include "nfc_target.h"
28 
29 #if NFC_INCLUDED == TRUE
30 #include "nfc_hal_api.h"
31 #include "nfc_api.h"
32 #include "nci_defs.h"
33 #include "nci_hmsgs.h"
34 #include "nfc_int.h"
35 #include "rw_api.h"
36 #include "rw_int.h"
37 #include "hcidefs.h"
38 #include "nfc_hal_api.h"
39 
40 #if (NFC_RW_ONLY == FALSE)
41 static const UINT8 nfc_mpl_code_to_size[] =
42 {64, 128, 192, 254};
43 
44 #endif /* NFC_RW_ONLY */
45 
46 
47 #define NFC_PB_ATTRIB_REQ_FIXED_BYTES   1
48 #define NFC_LB_ATTRIB_REQ_FIXED_BYTES   8
49 
50 
51 /*******************************************************************************
52 **
53 ** Function         nfc_ncif_update_window
54 **
55 ** Description      Update tx cmd window to indicate that NFCC can received
56 **
57 ** Returns          void
58 **
59 *********************************************************************************/
nfc_ncif_update_window(void)60 void nfc_ncif_update_window (void)
61 {
62     /* Sanity check - see if we were expecting a update_window */
63     if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
64     {
65         if (nfc_cb.nfc_state != NFC_STATE_W4_HAL_CLOSE)
66         {
67             NFC_TRACE_ERROR0("nfc_ncif_update_window: Unexpected call");
68         }
69         return;
70     }
71 
72     /* Stop command-pending timer */
73     nfc_stop_timer (&nfc_cb.nci_wait_rsp_timer);
74 
75     nfc_cb.p_vsc_cback = NULL;
76     nfc_cb.nci_cmd_window++;
77 
78     /* Check if there were any commands waiting to be sent */
79     nfc_ncif_check_cmd_queue (NULL);
80 }
81 
82 /*******************************************************************************
83 **
84 ** Function         nfc_ncif_cmd_timeout
85 **
86 ** Description      Handle a command timeout
87 **
88 ** Returns          void
89 **
90 *******************************************************************************/
nfc_ncif_cmd_timeout(void)91 void nfc_ncif_cmd_timeout (void)
92 {
93     NFC_TRACE_ERROR0 ("nfc_ncif_cmd_timeout");
94 
95     /* report an error */
96     nfc_ncif_event_status(NFC_GEN_ERROR_REVT, NFC_STATUS_HW_TIMEOUT);
97     nfc_ncif_event_status(NFC_NFCC_TIMEOUT_REVT, NFC_STATUS_HW_TIMEOUT);
98 
99     /* if enabling NFC, notify upper layer of failure */
100     if (nfc_cb.nfc_state == NFC_STATE_CORE_INIT)
101     {
102         nfc_enabled (NFC_STATUS_FAILED, NULL);
103     }
104 
105     /* terminate the process so we'll try again */
106     NFC_TRACE_ERROR0 ("NFC controller stopped responding, aborting the NFC process");
107     abort();
108 }
109 
110 /*******************************************************************************
111 **
112 ** Function         nfc_wait_2_deactivate_timeout
113 **
114 ** Description      Handle a command timeout
115 **
116 ** Returns          void
117 **
118 *******************************************************************************/
nfc_wait_2_deactivate_timeout(void)119 void nfc_wait_2_deactivate_timeout (void)
120 {
121     NFC_TRACE_ERROR0 ("nfc_wait_2_deactivate_timeout");
122     nfc_cb.flags  &= ~NFC_FL_DEACTIVATING;
123     nci_snd_deactivate_cmd ((UINT8) ((TIMER_PARAM_TYPE) nfc_cb.deactivate_timer.param));
124 }
125 
126 
127 /*******************************************************************************
128 **
129 ** Function         nfc_ncif_send_data
130 **
131 ** Description      This function is called to add the NCI data header
132 **                  and send it to NCIT task for sending it to transport
133 **                  as credits are available.
134 **
135 ** Returns          void
136 **
137 *******************************************************************************/
nfc_ncif_send_data(tNFC_CONN_CB * p_cb,BT_HDR * p_data)138 UINT8 nfc_ncif_send_data (tNFC_CONN_CB *p_cb, BT_HDR *p_data)
139 {
140     UINT8 *pp;
141     UINT8 *ps;
142     UINT8   ulen = NCI_MAX_PAYLOAD_SIZE;
143     BT_HDR *p;
144     UINT8   pbf = 1;
145     UINT8   buffer_size = p_cb->buff_size;
146     UINT8   hdr0 = p_cb->conn_id;
147     BOOLEAN fragmented = FALSE;
148 
149     NFC_TRACE_DEBUG3 ("nfc_ncif_send_data :%d, num_buff:%d qc:%d", p_cb->conn_id, p_cb->num_buff, p_cb->tx_q.count);
150     if (p_cb->id == NFC_RF_CONN_ID)
151     {
152         if (nfc_cb.nfc_state != NFC_STATE_OPEN)
153         {
154             if (nfc_cb.nfc_state == NFC_STATE_CLOSING)
155             {
156                 if ((p_data == NULL) && /* called because credit from NFCC */
157                     (nfc_cb.flags  & NFC_FL_DEACTIVATING))
158                 {
159                     if (p_cb->init_credits == p_cb->num_buff)
160                     {
161                         /* all the credits are back */
162                         nfc_cb.flags  &= ~NFC_FL_DEACTIVATING;
163                         NFC_TRACE_DEBUG2 ("deactivating NFC-DEP init_credits:%d, num_buff:%d", p_cb->init_credits, p_cb->num_buff);
164                         nfc_stop_timer(&nfc_cb.deactivate_timer);
165                         nci_snd_deactivate_cmd ((UINT8)((TIMER_PARAM_TYPE)nfc_cb.deactivate_timer.param));
166                     }
167                 }
168             }
169             return NCI_STATUS_FAILED;
170         }
171     }
172 
173     if (p_data)
174     {
175         /* always enqueue the data to the tx queue */
176         GKI_enqueue (&p_cb->tx_q, p_data);
177     }
178 
179     /* try to send the first data packet in the tx queue  */
180     p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
181 
182     /* post data fragment to NCIT task as credits are available */
183     while (p_data && (p_data->len > 0) && (p_cb->num_buff > 0))
184     {
185         if (p_data->len <= buffer_size)
186         {
187             pbf         = 0;   /* last fragment */
188             ulen        = (UINT8)(p_data->len);
189             fragmented  = FALSE;
190         }
191         else
192         {
193             fragmented  = TRUE;
194             ulen        = buffer_size;
195         }
196 
197         if (!fragmented)
198         {
199             /* if data packet is not fragmented, use the original buffer */
200             p         = p_data;
201             p_data    = (BT_HDR *)GKI_dequeue (&p_cb->tx_q);
202         }
203         else
204         {
205             /* the data packet is too big and need to be fragmented
206              * prepare a new GKI buffer
207              * (even the last fragment to avoid issues) */
208             if ((p = NCI_GET_CMD_BUF(ulen)) == NULL)
209                 return (NCI_STATUS_BUFFER_FULL);
210             p->len    = ulen;
211             p->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE + 1;
212             pp        = (UINT8 *)(p + 1) + p->offset;
213             ps        = (UINT8 *)(p_data + 1) + p_data->offset;
214             memcpy (pp, ps, ulen);
215             /* adjust the BT_HDR on the old fragment */
216             p_data->len     -= ulen;
217             p_data->offset  += ulen;
218         }
219 
220         p->event             = BT_EVT_TO_NFC_NCI;
221         p->layer_specific    = pbf;
222         p->len              += NCI_DATA_HDR_SIZE;
223         p->offset           -= NCI_DATA_HDR_SIZE;
224         pp = (UINT8 *)(p + 1) + p->offset;
225         /* build NCI Data packet header */
226         NCI_DATA_PBLD_HDR(pp, pbf, hdr0, ulen);
227 
228         if (p_cb->num_buff != NFC_CONN_NO_FC)
229             p_cb->num_buff--;
230 
231         /* send to HAL */
232         nfc_cb.p_hal->write(p->len, (UINT8 *)(p+1) + p->offset);
233         GKI_freebuf(p);
234 
235         if (!fragmented)
236         {
237             /* check if there are more data to send */
238             p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
239         }
240     }
241 
242     return (NCI_STATUS_OK);
243 }
244 
245 /*******************************************************************************
246 **
247 ** Function         nfc_ncif_check_cmd_queue
248 **
249 ** Description      Send NCI command to the transport
250 **
251 ** Returns          void
252 **
253 *******************************************************************************/
nfc_ncif_check_cmd_queue(BT_HDR * p_buf)254 void nfc_ncif_check_cmd_queue (BT_HDR *p_buf)
255 {
256     UINT8   *ps;
257     /* If there are commands waiting in the xmit queue, or if the controller cannot accept any more commands, */
258     /* then enqueue this command */
259     if (p_buf)
260     {
261         if ((nfc_cb.nci_cmd_xmit_q.count) || (nfc_cb.nci_cmd_window == 0))
262         {
263             GKI_enqueue (&nfc_cb.nci_cmd_xmit_q, p_buf);
264             p_buf = NULL;
265         }
266     }
267 
268     /* If controller can accept another command, then send the next command */
269     if (nfc_cb.nci_cmd_window > 0)
270     {
271         /* If no command was provided, or if older commands were in the queue, then get cmd from the queue */
272         if (!p_buf)
273             p_buf = (BT_HDR *)GKI_dequeue (&nfc_cb.nci_cmd_xmit_q);
274 
275         if (p_buf)
276         {
277             /* save the message header to double check the response */
278             ps   = (UINT8 *)(p_buf + 1) + p_buf->offset;
279             memcpy(nfc_cb.last_hdr, ps, NFC_SAVED_HDR_SIZE);
280             memcpy(nfc_cb.last_cmd, ps + NCI_MSG_HDR_SIZE, NFC_SAVED_CMD_SIZE);
281             if (p_buf->layer_specific == NFC_WAIT_RSP_VSC)
282             {
283                 /* save the callback for NCI VSCs)  */
284                 nfc_cb.p_vsc_cback = (void *)((tNFC_NCI_VS_MSG *)p_buf)->p_cback;
285             }
286 
287             /* send to HAL */
288             nfc_cb.p_hal->write(p_buf->len, (UINT8 *)(p_buf+1) + p_buf->offset);
289             GKI_freebuf(p_buf);
290 
291             /* Indicate command is pending */
292             nfc_cb.nci_cmd_window--;
293 
294             /* start NFC command-timeout timer */
295             nfc_start_timer (&nfc_cb.nci_wait_rsp_timer, (UINT16)(NFC_TTYPE_NCI_WAIT_RSP), nfc_cb.nci_wait_rsp_tout);
296         }
297     }
298 
299     if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
300     {
301         /* the command queue must be empty now */
302         if (nfc_cb.flags & NFC_FL_CONTROL_REQUESTED)
303         {
304             /* HAL requested control or stack needs to handle pre-discover */
305             nfc_cb.flags &= ~NFC_FL_CONTROL_REQUESTED;
306             if (nfc_cb.flags & NFC_FL_DISCOVER_PENDING)
307             {
308                 if (nfc_cb.p_hal->prediscover ())
309                 {
310                     /* HAL has the command window now */
311                     nfc_cb.flags         |= NFC_FL_CONTROL_GRANTED;
312                     nfc_cb.nci_cmd_window = 0;
313                 }
314                 else
315                 {
316                     /* HAL does not need to send command,
317                      * - restore the command window and issue the discovery command now */
318                     nfc_cb.flags         &= ~NFC_FL_DISCOVER_PENDING;
319                     ps                    = (UINT8 *)nfc_cb.p_disc_pending;
320                     nci_snd_discover_cmd (*ps, (tNFC_DISCOVER_PARAMS *)(ps + 1));
321                     GKI_freebuf (nfc_cb.p_disc_pending);
322                     nfc_cb.p_disc_pending = NULL;
323                 }
324             }
325             else
326             {
327                 /* grant the control to HAL */
328                 nfc_cb.flags         |= NFC_FL_CONTROL_GRANTED;
329                 nfc_cb.nci_cmd_window = 0;
330                 nfc_cb.p_hal->control_granted ();
331             }
332         }
333     }
334 }
335 
336 
337 /*******************************************************************************
338 **
339 ** Function         nfc_ncif_send_cmd
340 **
341 ** Description      Send NCI command to the NCIT task
342 **
343 ** Returns          void
344 **
345 *******************************************************************************/
nfc_ncif_send_cmd(BT_HDR * p_buf)346 void nfc_ncif_send_cmd (BT_HDR *p_buf)
347 {
348     /* post the p_buf to NCIT task */
349     p_buf->event            = BT_EVT_TO_NFC_NCI;
350     p_buf->layer_specific   = 0;
351     nfc_ncif_check_cmd_queue (p_buf);
352 }
353 
354 
355 /*******************************************************************************
356 **
357 ** Function         nfc_ncif_process_event
358 **
359 ** Description      This function is called to process the data/response/notification
360 **                  from NFCC
361 **
362 ** Returns          TRUE if need to free buffer
363 **
364 *******************************************************************************/
nfc_ncif_process_event(BT_HDR * p_msg)365 BOOLEAN nfc_ncif_process_event (BT_HDR *p_msg)
366 {
367     UINT8   mt, pbf, gid, *p, *pp;
368     BOOLEAN free = TRUE;
369     UINT8   oid;
370     UINT8   *p_old, old_gid, old_oid, old_mt;
371 
372     p = (UINT8 *) (p_msg + 1) + p_msg->offset;
373 
374     pp = p;
375     NCI_MSG_PRS_HDR0 (pp, mt, pbf, gid);
376 
377     switch (mt)
378     {
379     case NCI_MT_DATA:
380         NFC_TRACE_DEBUG0 ("NFC received data");
381         nfc_ncif_proc_data (p_msg);
382         free = FALSE;
383         break;
384 
385     case NCI_MT_RSP:
386         NFC_TRACE_DEBUG1 ("NFC received rsp gid:%d", gid);
387         oid = ((*pp) & NCI_OID_MASK);
388         p_old   = nfc_cb.last_hdr;
389         NCI_MSG_PRS_HDR0(p_old, old_mt, pbf, old_gid);
390         old_oid = ((*p_old) & NCI_OID_MASK);
391         /* make sure this is the RSP we are waiting for before updating the command window */
392         if ((old_gid != gid) || (old_oid != oid))
393         {
394             NFC_TRACE_ERROR2 ("nfc_ncif_process_event unexpected rsp: gid:0x%x, oid:0x%x", gid, oid);
395             return TRUE;
396         }
397 
398         switch (gid)
399         {
400         case NCI_GID_CORE:      /* 0000b NCI Core group */
401             free = nci_proc_core_rsp (p_msg);
402             break;
403         case NCI_GID_RF_MANAGE:   /* 0001b NCI Discovery group */
404             nci_proc_rf_management_rsp (p_msg);
405             break;
406 #if (NFC_NFCEE_INCLUDED == TRUE)
407 #if (NFC_RW_ONLY == FALSE)
408         case NCI_GID_EE_MANAGE:  /* 0x02 0010b NFCEE Discovery group */
409             nci_proc_ee_management_rsp (p_msg);
410             break;
411 #endif
412 #endif
413         case NCI_GID_PROP:      /* 1111b Proprietary */
414                 nci_proc_prop_rsp (p_msg);
415             break;
416         default:
417             NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
418             break;
419         }
420 
421         nfc_ncif_update_window ();
422         break;
423 
424     case NCI_MT_NTF:
425         NFC_TRACE_DEBUG1 ("NFC received ntf gid:%d", gid);
426         switch (gid)
427         {
428         case NCI_GID_CORE:      /* 0000b NCI Core group */
429             nci_proc_core_ntf (p_msg);
430             break;
431         case NCI_GID_RF_MANAGE:   /* 0001b NCI Discovery group */
432             nci_proc_rf_management_ntf (p_msg);
433             break;
434 #if (NFC_NFCEE_INCLUDED == TRUE)
435 #if (NFC_RW_ONLY == FALSE)
436         case NCI_GID_EE_MANAGE:  /* 0x02 0010b NFCEE Discovery group */
437             nci_proc_ee_management_ntf (p_msg);
438             break;
439 #endif
440 #endif
441         case NCI_GID_PROP:      /* 1111b Proprietary */
442                 nci_proc_prop_ntf (p_msg);
443             break;
444         default:
445             NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
446             break;
447         }
448         break;
449 
450     default:
451         NFC_TRACE_DEBUG2 ("NFC received unknown mt:0x%x, gid:%d", mt, gid);
452     }
453 
454     return (free);
455 }
456 
457 /*******************************************************************************
458 **
459 ** Function         nfc_ncif_rf_management_status
460 **
461 ** Description      This function is called to report an event
462 **
463 ** Returns          void
464 **
465 *******************************************************************************/
nfc_ncif_rf_management_status(tNFC_DISCOVER_EVT event,UINT8 status)466 void nfc_ncif_rf_management_status (tNFC_DISCOVER_EVT event, UINT8 status)
467 {
468     tNFC_DISCOVER   evt_data;
469     if (nfc_cb.p_discv_cback)
470     {
471         evt_data.status = (tNFC_STATUS) status;
472         (*nfc_cb.p_discv_cback) (event, &evt_data);
473     }
474 }
475 
476 /*******************************************************************************
477 **
478 ** Function         nfc_ncif_set_config_status
479 **
480 ** Description      This function is called to report NFC_SET_CONFIG_REVT
481 **
482 ** Returns          void
483 **
484 *******************************************************************************/
nfc_ncif_set_config_status(UINT8 * p,UINT8 len)485 void nfc_ncif_set_config_status (UINT8 *p, UINT8 len)
486 {
487     tNFC_RESPONSE   evt_data;
488     if (nfc_cb.p_resp_cback)
489     {
490         evt_data.set_config.status          = (tNFC_STATUS) *p++;
491         evt_data.set_config.num_param_id    = NFC_STATUS_OK;
492         if (evt_data.set_config.status != NFC_STATUS_OK)
493         {
494             evt_data.set_config.num_param_id    = *p++;
495             STREAM_TO_ARRAY (evt_data.set_config.param_ids, p, evt_data.set_config.num_param_id);
496         }
497 
498         (*nfc_cb.p_resp_cback) (NFC_SET_CONFIG_REVT, &evt_data);
499     }
500 }
501 
502 /*******************************************************************************
503 **
504 ** Function         nfc_ncif_event_status
505 **
506 ** Description      This function is called to report an event
507 **
508 ** Returns          void
509 **
510 *******************************************************************************/
nfc_ncif_event_status(tNFC_RESPONSE_EVT event,UINT8 status)511 void nfc_ncif_event_status (tNFC_RESPONSE_EVT event, UINT8 status)
512 {
513     tNFC_RESPONSE   evt_data;
514     if (nfc_cb.p_resp_cback)
515     {
516         evt_data.status = (tNFC_STATUS) status;
517         (*nfc_cb.p_resp_cback) (event, &evt_data);
518     }
519 }
520 
521 /*******************************************************************************
522 **
523 ** Function         nfc_ncif_error_status
524 **
525 ** Description      This function is called to report an error event to data cback
526 **
527 ** Returns          void
528 **
529 *******************************************************************************/
nfc_ncif_error_status(UINT8 conn_id,UINT8 status)530 void nfc_ncif_error_status (UINT8 conn_id, UINT8 status)
531 {
532     tNFC_CONN_CB * p_cb;
533     p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
534     if (p_cb && p_cb->p_cback)
535     {
536         (*p_cb->p_cback) (conn_id, NFC_ERROR_CEVT, (tNFC_CONN *) &status);
537     }
538 }
539 
540 /*******************************************************************************
541 **
542 ** Function         nfc_ncif_proc_rf_field_ntf
543 **
544 ** Description      This function is called to process RF field notification
545 **
546 ** Returns          void
547 **
548 *******************************************************************************/
549 #if (NFC_RW_ONLY == FALSE)
nfc_ncif_proc_rf_field_ntf(UINT8 rf_status)550 void nfc_ncif_proc_rf_field_ntf (UINT8 rf_status)
551 {
552     tNFC_RESPONSE   evt_data;
553     if (nfc_cb.p_resp_cback)
554     {
555         evt_data.status            = (tNFC_STATUS) NFC_STATUS_OK;
556         evt_data.rf_field.rf_field = rf_status;
557         (*nfc_cb.p_resp_cback) (NFC_RF_FIELD_REVT, &evt_data);
558     }
559 }
560 #endif
561 
562 /*******************************************************************************
563 **
564 ** Function         nfc_ncif_proc_credits
565 **
566 ** Description      This function is called to process data credits
567 **
568 ** Returns          void
569 **
570 *******************************************************************************/
nfc_ncif_proc_credits(UINT8 * p,UINT16 plen)571 void nfc_ncif_proc_credits(UINT8 *p, UINT16 plen)
572 {
573     UINT8   num, xx;
574     tNFC_CONN_CB * p_cb;
575 
576     num = *p++;
577     for (xx = 0; xx < num; xx++)
578     {
579         p_cb = nfc_find_conn_cb_by_conn_id(*p++);
580         if (p_cb && p_cb->num_buff != NFC_CONN_NO_FC)
581         {
582             p_cb->num_buff += (*p);
583 #if (BT_USE_TRACES == TRUE)
584             if (p_cb->num_buff > p_cb->init_credits)
585             {
586                 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
587                 {
588                     /* if this happens in activated state, it's very likely that our NFCC has issues */
589                     /* However, credit may be returned after deactivation */
590                     NFC_TRACE_ERROR2( "num_buff:0x%x, init_credits:0x%x", p_cb->num_buff, p_cb->init_credits);
591                 }
592                 p_cb->num_buff = p_cb->init_credits;
593             }
594 #endif
595             /* check if there's nay data in tx q to be sent */
596             nfc_ncif_send_data (p_cb, NULL);
597         }
598         p++;
599     }
600 }
601 /*******************************************************************************
602 **
603 ** Function         nfc_ncif_decode_rf_params
604 **
605 ** Description      This function is called to process the detected technology
606 **                  and mode and the associated parameters for DISCOVER_NTF and
607 **                  ACTIVATE_NTF
608 **
609 ** Returns          void
610 **
611 *******************************************************************************/
nfc_ncif_decode_rf_params(tNFC_RF_TECH_PARAMS * p_param,UINT8 * p)612 UINT8 * nfc_ncif_decode_rf_params (tNFC_RF_TECH_PARAMS *p_param, UINT8 *p)
613 {
614     tNFC_RF_PA_PARAMS   *p_pa;
615     UINT8               len, *p_start, u8;
616     tNFC_RF_PB_PARAMS   *p_pb;
617     tNFC_RF_LF_PARAMS   *p_lf;
618     tNFC_RF_PF_PARAMS   *p_pf;
619     tNFC_RF_PISO15693_PARAMS *p_i93;
620 
621     len             = *p++;
622     p_start         = p;
623     switch (p_param->mode)
624     {
625     case NCI_DISCOVERY_TYPE_POLL_A:
626     case NCI_DISCOVERY_TYPE_POLL_A_ACTIVE:
627         p_pa        = &p_param->param.pa;
628         /*
629 SENS_RES Response   2 bytes Defined in [DIGPROT] Available after Technology Detection
630 NFCID1 length   1 byte  Length of NFCID1 Available after Collision Resolution
631 NFCID1  4, 7, or 10 bytes   Defined in [DIGPROT]Available after Collision Resolution
632 SEL_RES Response    1 byte  Defined in [DIGPROT]Available after Collision Resolution
633         */
634         STREAM_TO_ARRAY (p_pa->sens_res, p, 2);
635         p_pa->nfcid1_len     = *p++;
636         if (p_pa->nfcid1_len > NCI_NFCID1_MAX_LEN)
637             p_pa->nfcid1_len = NCI_NFCID1_MAX_LEN;
638         STREAM_TO_ARRAY (p_pa->nfcid1, p, p_pa->nfcid1_len);
639         u8                   = *p++;
640         if (u8)
641             p_pa->sel_rsp    = *p++;
642         break;
643 
644     case NCI_DISCOVERY_TYPE_POLL_B:
645         /*
646 SENSB_RES Response length (n)   1 byte  Length of SENSB_RES Response (Byte 2 - Byte 12 or 13)Available after Technology Detection
647 SENSB_RES Response Byte 2 - Byte 12 or 13   11 or 12 bytes  Defined in [DIGPROT] Available after Technology Detection
648         */
649         p_pb                = &p_param->param.pb;
650         p_pb->sensb_res_len = *p++;
651         if (p_pb->sensb_res_len > NCI_MAX_SENSB_RES_LEN)
652             p_pb->sensb_res_len = NCI_MAX_SENSB_RES_LEN;
653         STREAM_TO_ARRAY (p_pb->sensb_res, p, p_pb->sensb_res_len);
654         memcpy (p_pb->nfcid0, p_pb->sensb_res, NFC_NFCID0_MAX_LEN);
655         break;
656 
657     case NCI_DISCOVERY_TYPE_POLL_F:
658     case NCI_DISCOVERY_TYPE_POLL_F_ACTIVE:
659         /*
660 Bit Rate    1 byte  1   212 kbps/2   424 kbps/0 and 3 to 255  RFU
661 SENSF_RES Response length.(n) 1 byte  Length of SENSF_RES (Byte 2 - Byte 17 or 19).Available after Technology Detection
662 SENSF_RES Response Byte 2 - Byte 17 or 19  n bytes Defined in [DIGPROT] Available after Technology Detection
663         */
664         p_pf                = &p_param->param.pf;
665         p_pf->bit_rate      = *p++;
666         p_pf->sensf_res_len = *p++;
667         if (p_pf->sensf_res_len > NCI_MAX_SENSF_RES_LEN)
668             p_pf->sensf_res_len = NCI_MAX_SENSF_RES_LEN;
669         STREAM_TO_ARRAY (p_pf->sensf_res, p, p_pf->sensf_res_len);
670         memcpy (p_pf->nfcid2, p_pf->sensf_res, NCI_NFCID2_LEN);
671         p_pf->mrti_check    = p_pf->sensf_res[NCI_MRTI_CHECK_INDEX];
672         p_pf->mrti_update   = p_pf->sensf_res[NCI_MRTI_UPDATE_INDEX];
673         break;
674 
675     case NCI_DISCOVERY_TYPE_LISTEN_F:
676     case NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE:
677         p_lf                = &p_param->param.lf;
678         u8                  = *p++;
679         if (u8)
680         {
681             STREAM_TO_ARRAY (p_lf->nfcid2, p, NCI_NFCID2_LEN);
682         }
683         break;
684 
685     case NCI_DISCOVERY_TYPE_POLL_ISO15693:
686         p_i93               = &p_param->param.pi93;
687         p_i93->flag         = *p++;
688         p_i93->dsfid        = *p++;
689         STREAM_TO_ARRAY (p_i93->uid, p, NFC_ISO15693_UID_LEN);
690         break;
691 
692     case NCI_DISCOVERY_TYPE_POLL_KOVIO:
693         p_param->param.pk.uid_len = *p++;
694         STREAM_TO_ARRAY (p_param->param.pk.uid, p, NFC_KOVIO_MAX_LEN);
695         break;
696     }
697 
698     return (p_start + len);
699 }
700 
701 /*******************************************************************************
702 **
703 ** Function         nfc_ncif_proc_discover_ntf
704 **
705 ** Description      This function is called to process discover notification
706 **
707 ** Returns          void
708 **
709 *******************************************************************************/
nfc_ncif_proc_discover_ntf(UINT8 * p,UINT16 plen)710 void nfc_ncif_proc_discover_ntf (UINT8 *p, UINT16 plen)
711 {
712     tNFC_DISCOVER   evt_data;
713 
714     if (nfc_cb.p_discv_cback)
715     {
716         p                              += NCI_MSG_HDR_SIZE;
717         evt_data.status                 = NCI_STATUS_OK;
718         evt_data.result.rf_disc_id      = *p++;
719         evt_data.result.protocol        = *p++;
720 
721         /* fill in tNFC_RESULT_DEVT */
722         evt_data.result.rf_tech_param.mode  = *p++;
723         p = nfc_ncif_decode_rf_params (&evt_data.result.rf_tech_param, p);
724 
725         evt_data.result.more            = *p++;
726         (*nfc_cb.p_discv_cback) (NFC_RESULT_DEVT, &evt_data);
727     }
728 }
729 
730 /*******************************************************************************
731 **
732 ** Function         nfc_ncif_proc_activate
733 **
734 ** Description      This function is called to process de-activate
735 **                  response and notification
736 **
737 ** Returns          void
738 **
739 *******************************************************************************/
nfc_ncif_proc_activate(UINT8 * p,UINT8 len)740 void nfc_ncif_proc_activate (UINT8 *p, UINT8 len)
741 {
742     tNFC_DISCOVER   evt_data;
743     tNFC_INTF_PARAMS        *p_intf = &evt_data.activate.intf_param;
744     tNFC_INTF_PA_ISO_DEP    *p_pa_iso;
745     tNFC_INTF_LB_ISO_DEP    *p_lb_iso;
746     tNFC_INTF_PB_ISO_DEP    *p_pb_iso;
747 #if (NFC_RW_ONLY == FALSE)
748     tNFC_INTF_PA_NFC_DEP    *p_pa_nfc;
749     int                     mpl_idx = 0;
750     UINT8                   gb_idx = 0, mpl;
751 #endif
752     UINT8                   t0;
753     tNCI_DISCOVERY_TYPE     mode;
754     tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
755     UINT8                   *pp, len_act;
756     UINT8                   buff_size, num_buff;
757 
758     nfc_set_state (NFC_STATE_OPEN);
759 
760     memset (p_intf, 0, sizeof (tNFC_INTF_PARAMS));
761     evt_data.activate.rf_disc_id    = *p++;
762     p_intf->type                    = *p++;
763     evt_data.activate.protocol      = *p++;
764 
765     if (evt_data.activate.protocol == NCI_PROTOCOL_18092_ACTIVE)
766         evt_data.activate.protocol = NCI_PROTOCOL_NFC_DEP;
767 
768     evt_data.activate.rf_tech_param.mode    = *p++;
769     buff_size                               = *p++;
770     num_buff                                = *p++;
771     /* fill in tNFC_activate_DEVT */
772     p = nfc_ncif_decode_rf_params (&evt_data.activate.rf_tech_param, p);
773 
774     evt_data.activate.rf_tech_param.mode    = *p++;
775     evt_data.activate.tx_bitrate            = *p++;
776     evt_data.activate.rx_bitrate            = *p++;
777     mode         = evt_data.activate.rf_tech_param.mode;
778     len_act      = *p++;
779     NFC_TRACE_DEBUG3 ("nfc_ncif_proc_activate:%d %d, mode:0x%02x", len, len_act, mode);
780     /* just in case the interface reports activation parameters not defined in the NCI spec */
781     p_intf->intf_param.frame.param_len      = len_act;
782     if (p_intf->intf_param.frame.param_len > NFC_MAX_RAW_PARAMS)
783         p_intf->intf_param.frame.param_len = NFC_MAX_RAW_PARAMS;
784     pp = p;
785     STREAM_TO_ARRAY (p_intf->intf_param.frame.param, pp, p_intf->intf_param.frame.param_len);
786     if (evt_data.activate.intf_param.type == NCI_INTERFACE_ISO_DEP)
787     {
788         /* Make max payload of NCI aligned to max payload of ISO-DEP for better performance */
789         if (buff_size > NCI_ISO_DEP_MAX_INFO)
790             buff_size = NCI_ISO_DEP_MAX_INFO;
791 
792         switch (mode)
793         {
794         case NCI_DISCOVERY_TYPE_POLL_A:
795             p_pa_iso                  = &p_intf->intf_param.pa_iso;
796             p_pa_iso->ats_res_len     = *p++;
797 
798             if (p_pa_iso->ats_res_len == 0)
799                 break;
800 
801             if (p_pa_iso->ats_res_len > NFC_MAX_ATS_LEN)
802                 p_pa_iso->ats_res_len = NFC_MAX_ATS_LEN;
803             STREAM_TO_ARRAY (p_pa_iso->ats_res, p, p_pa_iso->ats_res_len);
804             pp = &p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
805             t0 = p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
806             pp++;       /* T0 */
807             if (t0 & NCI_ATS_TA_MASK)
808                 pp++;   /* TA */
809             if (t0 & NCI_ATS_TB_MASK)
810             {
811                 /* FWI (Frame Waiting time Integer) & SPGI (Start-up Frame Guard time Integer) */
812                 p_pa_iso->fwi       = (((*pp) >> 4) & 0x0F);
813                 p_pa_iso->sfgi      = ((*pp) & 0x0F);
814                 pp++;   /* TB */
815             }
816             if (t0 & NCI_ATS_TC_MASK)
817             {
818                 p_pa_iso->nad_used  = ((*pp) & 0x01);
819                 pp++;   /* TC */
820             }
821             p_pa_iso->his_byte_len  = (UINT8) (p_pa_iso->ats_res_len - (pp - p_pa_iso->ats_res));
822             memcpy (p_pa_iso->his_byte,  pp, p_pa_iso->his_byte_len);
823             break;
824 
825         case NCI_DISCOVERY_TYPE_LISTEN_A:
826             p_intf->intf_param.la_iso.rats = *p++;
827             break;
828 
829         case NCI_DISCOVERY_TYPE_POLL_B:
830             /* ATTRIB RSP
831             Byte 1   Byte 2 ~ 2+n-1
832             MBLI/DID Higher layer - Response
833             */
834             p_pb_iso                     = &p_intf->intf_param.pb_iso;
835             p_pb_iso->attrib_res_len     = *p++;
836 
837             if (p_pb_iso->attrib_res_len == 0)
838                 break;
839 
840             if (p_pb_iso->attrib_res_len > NFC_MAX_ATTRIB_LEN)
841                 p_pb_iso->attrib_res_len = NFC_MAX_ATTRIB_LEN;
842             STREAM_TO_ARRAY (p_pb_iso->attrib_res, p, p_pb_iso->attrib_res_len);
843             p_pb_iso->mbli = (p_pb_iso->attrib_res[0]) >> 4;
844             if (p_pb_iso->attrib_res_len > NFC_PB_ATTRIB_REQ_FIXED_BYTES)
845             {
846                 p_pb_iso->hi_info_len    = p_pb_iso->attrib_res_len - NFC_PB_ATTRIB_REQ_FIXED_BYTES;
847                 if (p_pb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
848                     p_pb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
849                 memcpy (p_pb_iso->hi_info, &p_pb_iso->attrib_res[NFC_PB_ATTRIB_REQ_FIXED_BYTES], p_pb_iso->hi_info_len);
850             }
851             break;
852 
853         case NCI_DISCOVERY_TYPE_LISTEN_B:
854             /* ATTRIB CMD
855             Byte 2~5 Byte 6  Byte 7  Byte 8  Byte 9  Byte 10 ~ 10+k-1
856             NFCID0   Param 1 Param 2 Param 3 Param 4 Higher layer - INF
857             */
858             p_lb_iso                     = &p_intf->intf_param.lb_iso;
859             p_lb_iso->attrib_req_len     = *p++;
860 
861             if (p_lb_iso->attrib_req_len == 0)
862                 break;
863 
864             if (p_lb_iso->attrib_req_len > NFC_MAX_ATTRIB_LEN)
865                 p_lb_iso->attrib_req_len = NFC_MAX_ATTRIB_LEN;
866             STREAM_TO_ARRAY (p_lb_iso->attrib_req, p, p_lb_iso->attrib_req_len);
867             memcpy (p_lb_iso->nfcid0, p_lb_iso->attrib_req, NFC_NFCID0_MAX_LEN);
868             if (p_lb_iso->attrib_req_len > NFC_LB_ATTRIB_REQ_FIXED_BYTES)
869             {
870                 p_lb_iso->hi_info_len    = p_lb_iso->attrib_req_len - NFC_LB_ATTRIB_REQ_FIXED_BYTES;
871                 if (p_lb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
872                     p_lb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
873                 memcpy (p_lb_iso->hi_info, &p_lb_iso->attrib_req[NFC_LB_ATTRIB_REQ_FIXED_BYTES], p_lb_iso->hi_info_len);
874             }
875             break;
876         }
877 
878     }
879 #if (NFC_RW_ONLY == FALSE)
880     else if (evt_data.activate.intf_param.type == NCI_INTERFACE_NFC_DEP)
881     {
882         /* Make max payload of NCI aligned to max payload of NFC-DEP for better performance */
883         if (buff_size > NCI_NFC_DEP_MAX_DATA)
884             buff_size = NCI_NFC_DEP_MAX_DATA;
885 
886         p_pa_nfc                  = &p_intf->intf_param.pa_nfc;
887         p_pa_nfc->atr_res_len     = *p++;
888 
889         if (p_pa_nfc->atr_res_len > 0)
890         {
891             if (p_pa_nfc->atr_res_len > NFC_MAX_ATS_LEN)
892                 p_pa_nfc->atr_res_len = NFC_MAX_ATS_LEN;
893             STREAM_TO_ARRAY (p_pa_nfc->atr_res, p, p_pa_nfc->atr_res_len);
894             if (  (mode == NCI_DISCOVERY_TYPE_POLL_A)
895                 ||(mode == NCI_DISCOVERY_TYPE_POLL_F)
896                 ||(mode == NCI_DISCOVERY_TYPE_POLL_A_ACTIVE)
897                 ||(mode == NCI_DISCOVERY_TYPE_POLL_F_ACTIVE)  )
898             {
899                 /* ATR_RES
900                 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17 Byte 18~18+n
901                 NFCID3T   DIDT    BST     BRT     TO      PPT     [GT0 ... GTn] */
902                 mpl_idx                 = 14;
903                 gb_idx                  = NCI_P_GEN_BYTE_INDEX;
904                 p_pa_nfc->waiting_time  = p_pa_nfc->atr_res[NCI_L_NFC_DEP_TO_INDEX] & 0x0F;
905             }
906             else if (  (mode == NCI_DISCOVERY_TYPE_LISTEN_A)
907                      ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F)
908                      ||(mode == NCI_DISCOVERY_TYPE_LISTEN_A_ACTIVE)
909                      ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE)  )
910             {
911                 /* ATR_REQ
912                 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17~17+n
913                 NFCID3I   DIDI    BSI     BRI     PPI     [GI0 ... GIn] */
914                 mpl_idx = 13;
915                 gb_idx  = NCI_L_GEN_BYTE_INDEX;
916             }
917 
918             mpl                         = ((p_pa_nfc->atr_res[mpl_idx]) >> 4) & 0x03;
919             p_pa_nfc->max_payload_size  = nfc_mpl_code_to_size[mpl];
920             if (p_pa_nfc->atr_res_len > gb_idx)
921             {
922                 p_pa_nfc->gen_bytes_len = p_pa_nfc->atr_res_len - gb_idx;
923                 if (p_pa_nfc->gen_bytes_len > NFC_MAX_GEN_BYTES_LEN)
924                     p_pa_nfc->gen_bytes_len = NFC_MAX_GEN_BYTES_LEN;
925                 memcpy (p_pa_nfc->gen_bytes, &p_pa_nfc->atr_res[gb_idx], p_pa_nfc->gen_bytes_len);
926             }
927         }
928     }
929 #endif
930     p_cb->act_protocol  = evt_data.activate.protocol;
931     p_cb->buff_size     = buff_size;
932     p_cb->num_buff      = num_buff;
933     p_cb->init_credits  = num_buff;
934 
935     if (nfc_cb.p_discv_cback)
936     {
937         (*nfc_cb.p_discv_cback) (NFC_ACTIVATE_DEVT, &evt_data);
938     }
939 }
940 
941 /*******************************************************************************
942 **
943 ** Function         nfc_ncif_proc_deactivate
944 **
945 ** Description      This function is called to process de-activate
946 **                  response and notification
947 **
948 ** Returns          void
949 **
950 *******************************************************************************/
nfc_ncif_proc_deactivate(UINT8 status,UINT8 deact_type,BOOLEAN is_ntf)951 void nfc_ncif_proc_deactivate (UINT8 status, UINT8 deact_type, BOOLEAN is_ntf)
952 {
953     tNFC_DISCOVER   evt_data;
954     tNFC_DEACTIVATE_DEVT    *p_deact;
955     tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
956     void    *p_data;
957 
958     nfc_set_state (NFC_STATE_IDLE);
959     p_deact             = &evt_data.deactivate;
960     p_deact->status     = status;
961     p_deact->type       = deact_type;
962     p_deact->is_ntf     = is_ntf;
963 
964     while ((p_data = GKI_dequeue (&p_cb->rx_q)) != NULL)
965     {
966         GKI_freebuf (p_data);
967     }
968 
969     while ((p_data = GKI_dequeue (&p_cb->tx_q)) != NULL)
970     {
971         GKI_freebuf (p_data);
972     }
973 
974     if (p_cb->p_cback)
975         (*p_cb->p_cback) (NFC_RF_CONN_ID, NFC_DEACTIVATE_CEVT, (tNFC_CONN *) p_deact);
976 
977     if (nfc_cb.p_discv_cback)
978     {
979         (*nfc_cb.p_discv_cback) (NFC_DEACTIVATE_DEVT, &evt_data);
980     }
981 }
982 /*******************************************************************************
983 **
984 ** Function         nfc_ncif_proc_ee_action
985 **
986 ** Description      This function is called to process NFCEE ACTION NTF
987 **
988 ** Returns          void
989 **
990 *******************************************************************************/
991 #if ((NFC_NFCEE_INCLUDED == TRUE) && (NFC_RW_ONLY == FALSE))
nfc_ncif_proc_ee_action(UINT8 * p,UINT16 plen)992 void nfc_ncif_proc_ee_action (UINT8 *p, UINT16 plen)
993 {
994     tNFC_EE_ACTION_REVT evt_data;
995     tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
996     UINT8   data_len, ulen, tag, *p_data;
997     UINT8   max_len;
998 
999     if (p_cback)
1000     {
1001         memset (&evt_data.act_data, 0, sizeof (tNFC_ACTION_DATA));
1002         evt_data.status             = NFC_STATUS_OK;
1003         evt_data.nfcee_id           = *p++;
1004         evt_data.act_data.trigger   = *p++;
1005         data_len                    = *p++;
1006         if (plen >= 3)
1007             plen -= 3;
1008         if (data_len > plen)
1009             data_len = (UINT8) plen;
1010 
1011         switch (evt_data.act_data.trigger)
1012         {
1013         case NCI_EE_TRIG_7816_SELECT:
1014             if (data_len > NFC_MAX_AID_LEN)
1015                 data_len = NFC_MAX_AID_LEN;
1016             evt_data.act_data.param.aid.len_aid = data_len;
1017             STREAM_TO_ARRAY (evt_data.act_data.param.aid.aid, p, data_len);
1018             break;
1019         case NCI_EE_TRIG_RF_PROTOCOL:
1020             evt_data.act_data.param.protocol    = *p++;
1021             break;
1022         case NCI_EE_TRIG_RF_TECHNOLOGY:
1023             evt_data.act_data.param.technology  = *p++;
1024             break;
1025         case NCI_EE_TRIG_APP_INIT:
1026             while (data_len > NFC_TL_SIZE)
1027             {
1028                 data_len    -= NFC_TL_SIZE;
1029                 tag         = *p++;
1030                 ulen        = *p++;
1031                 if (ulen > data_len)
1032                     ulen = data_len;
1033                 p_data      = NULL;
1034                 max_len     = ulen;
1035                 switch (tag)
1036                 {
1037                 case NCI_EE_ACT_TAG_AID:    /* AID                 */
1038                     if (max_len > NFC_MAX_AID_LEN)
1039                         max_len = NFC_MAX_AID_LEN;
1040                     evt_data.act_data.param.app_init.len_aid = max_len;
1041                     p_data = evt_data.act_data.param.app_init.aid;
1042                     break;
1043                 case NCI_EE_ACT_TAG_DATA:   /* hex data for app    */
1044                     if (max_len > NFC_MAX_APP_DATA_LEN)
1045                         max_len = NFC_MAX_APP_DATA_LEN;
1046                     evt_data.act_data.param.app_init.len_data   = max_len;
1047                     p_data                                      = evt_data.act_data.param.app_init.data;
1048                     break;
1049                 }
1050                 if (p_data)
1051                 {
1052                     STREAM_TO_ARRAY (p_data, p, max_len);
1053                 }
1054                 data_len -= ulen;
1055             }
1056             break;
1057         }
1058         (*p_cback) (NFC_EE_ACTION_REVT, (tNFC_RESPONSE *) &evt_data);
1059     }
1060 }
1061 
1062 /*******************************************************************************
1063 **
1064 ** Function         nfc_ncif_proc_ee_discover_req
1065 **
1066 ** Description      This function is called to process NFCEE DISCOVER REQ NTF
1067 **
1068 ** Returns          void
1069 **
1070 *******************************************************************************/
nfc_ncif_proc_ee_discover_req(UINT8 * p,UINT16 plen)1071 void nfc_ncif_proc_ee_discover_req (UINT8 *p, UINT16 plen)
1072 {
1073     tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1074     tNFC_EE_DISCOVER_REQ_REVT   ee_disc_req;
1075     tNFC_EE_DISCOVER_INFO       *p_info;
1076     UINT8                       u8;
1077 
1078     NFC_TRACE_DEBUG2 ("nfc_ncif_proc_ee_discover_req %d len:%d", *p, plen);
1079     if (p_cback)
1080     {
1081         u8  = *p;
1082         ee_disc_req.status      = NFC_STATUS_OK;
1083         ee_disc_req.num_info    = *p++;
1084         p_info                  = ee_disc_req.info;
1085         if (plen)
1086             plen--;
1087         while ((u8 > 0) && (plen >= NFC_EE_DISCOVER_ENTRY_LEN))
1088         {
1089             p_info->op  = *p++;                  /* T */
1090             if (*p != NFC_EE_DISCOVER_INFO_LEN)/* L */
1091             {
1092                 NFC_TRACE_DEBUG1 ("bad entry len:%d", *p );
1093                 return;
1094             }
1095             p++;
1096             /* V */
1097             p_info->nfcee_id    = *p++;
1098             p_info->tech_n_mode = *p++;
1099             p_info->protocol    = *p++;
1100             u8--;
1101             plen    -=NFC_EE_DISCOVER_ENTRY_LEN;
1102             p_info++;
1103         }
1104         (*p_cback) (NFC_EE_DISCOVER_REQ_REVT, (tNFC_RESPONSE *) &ee_disc_req);
1105     }
1106 
1107 }
1108 
1109 /*******************************************************************************
1110 **
1111 ** Function         nfc_ncif_proc_get_routing
1112 **
1113 ** Description      This function is called to process get routing notification
1114 **
1115 ** Returns          void
1116 **
1117 *******************************************************************************/
nfc_ncif_proc_get_routing(UINT8 * p,UINT8 len)1118 void nfc_ncif_proc_get_routing (UINT8 *p, UINT8 len)
1119 {
1120     tNFC_GET_ROUTING_REVT evt_data;
1121     UINT8       more, num_entries, xx, yy, *pn, tl;
1122     tNFC_STATUS status = NFC_STATUS_CONTINUE;
1123 
1124     if (nfc_cb.p_resp_cback)
1125     {
1126         more        = *p++;
1127         num_entries = *p++;
1128         for (xx = 0; xx < num_entries; xx++)
1129         {
1130             if ((more == FALSE) && (xx == (num_entries - 1)))
1131                 status = NFC_STATUS_OK;
1132             evt_data.status         = (tNFC_STATUS) status;
1133             evt_data.nfcee_id       = *p++;
1134             evt_data.num_tlvs       = *p++;
1135             evt_data.tlv_size       = 0;
1136             pn                      = evt_data.param_tlvs;
1137             for (yy = 0; yy < evt_data.num_tlvs; yy++)
1138             {
1139                 tl                  = *(p+1);
1140                 tl                 += NFC_TL_SIZE;
1141                 STREAM_TO_ARRAY (pn, p, tl);
1142                 evt_data.tlv_size  += tl;
1143                 pn                 += tl;
1144             }
1145             (*nfc_cb.p_resp_cback) (NFC_GET_ROUTING_REVT, (tNFC_RESPONSE *) &evt_data);
1146         }
1147     }
1148 }
1149 #endif
1150 
1151 /*******************************************************************************
1152 **
1153 ** Function         nfc_ncif_proc_conn_create_rsp
1154 **
1155 ** Description      This function is called to process connection create
1156 **                  response
1157 **
1158 ** Returns          void
1159 **
1160 *******************************************************************************/
nfc_ncif_proc_conn_create_rsp(UINT8 * p,UINT16 plen,UINT8 dest_type)1161 void nfc_ncif_proc_conn_create_rsp (UINT8 *p, UINT16 plen, UINT8 dest_type)
1162 {
1163     tNFC_CONN_CB * p_cb;
1164     tNFC_STATUS    status;
1165     tNFC_CONN_CBACK *p_cback;
1166     tNFC_CONN   evt_data;
1167     UINT8           conn_id;
1168 
1169     /* find the pending connection control block */
1170     p_cb                = nfc_find_conn_cb_by_conn_id (NFC_PEND_CONN_ID);
1171     if (p_cb)
1172     {
1173         p                                  += NCI_MSG_HDR_SIZE;
1174         status                              = *p++;
1175         p_cb->buff_size                     = *p++;
1176         p_cb->num_buff = p_cb->init_credits = *p++;
1177         conn_id                             = *p++;
1178         evt_data.conn_create.status         = status;
1179         evt_data.conn_create.dest_type      = dest_type;
1180         evt_data.conn_create.id             = p_cb->id;
1181         evt_data.conn_create.buff_size      = p_cb->buff_size;
1182         evt_data.conn_create.num_buffs      = p_cb->num_buff;
1183         p_cback = p_cb->p_cback;
1184         if (status == NCI_STATUS_OK)
1185         {
1186             nfc_set_conn_id (p_cb, conn_id);
1187         }
1188         else
1189         {
1190             nfc_free_conn_cb (p_cb);
1191         }
1192 
1193 
1194         if (p_cback)
1195             (*p_cback) (conn_id, NFC_CONN_CREATE_CEVT, &evt_data);
1196     }
1197 }
1198 
1199 /*******************************************************************************
1200 **
1201 ** Function         nfc_ncif_report_conn_close_evt
1202 **
1203 ** Description      This function is called to report connection close event
1204 **
1205 ** Returns          void
1206 **
1207 *******************************************************************************/
nfc_ncif_report_conn_close_evt(UINT8 conn_id,tNFC_STATUS status)1208 void nfc_ncif_report_conn_close_evt (UINT8 conn_id, tNFC_STATUS status)
1209 {
1210     tNFC_CONN       evt_data;
1211     tNFC_CONN_CBACK *p_cback;
1212     tNFC_CONN_CB    *p_cb;
1213 
1214     p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
1215     if (p_cb)
1216     {
1217         p_cback         = p_cb->p_cback;
1218         nfc_free_conn_cb (p_cb);
1219         evt_data.status = status;
1220         if (p_cback)
1221             (*p_cback) (conn_id, NFC_CONN_CLOSE_CEVT, &evt_data);
1222     }
1223 }
1224 
1225 /*******************************************************************************
1226 **
1227 ** Function         nfc_ncif_proc_reset_rsp
1228 **
1229 ** Description      This function is called to process reset response/notification
1230 **
1231 ** Returns          void
1232 **
1233 *******************************************************************************/
nfc_ncif_proc_reset_rsp(UINT8 * p,BOOLEAN is_ntf)1234 void nfc_ncif_proc_reset_rsp (UINT8 *p, BOOLEAN is_ntf)
1235 {
1236     UINT8 status = *p++;
1237 
1238     if (is_ntf)
1239     {
1240         NFC_TRACE_ERROR1 ("reset notification!!:0x%x ", status);
1241         /* clean up, if the state is OPEN
1242          * FW does not report reset ntf right now */
1243         if (nfc_cb.nfc_state == NFC_STATE_OPEN)
1244         {
1245             /*if any conn_cb is connected, close it.
1246               if any pending outgoing packets are dropped.*/
1247             nfc_reset_all_conn_cbs ();
1248         }
1249         status = NCI_STATUS_OK;
1250     }
1251 
1252     if (nfc_cb.flags & (NFC_FL_RESTARTING|NFC_FL_POWER_CYCLE_NFCC))
1253     {
1254         nfc_reset_all_conn_cbs ();
1255     }
1256 
1257     if (status == NCI_STATUS_OK)
1258     {
1259         if ((*p) != NCI_VERSION)
1260         {
1261             NFC_TRACE_DEBUG2 ("NCI version mismatch!!:0x%02x != 0x%02x ", NCI_VERSION, *p);
1262             if ((*p) < NCI_VERSION_0_F)
1263             {
1264                 NFC_TRACE_ERROR0 ("NFCC version is too old");
1265                 status = NCI_STATUS_FAILED;
1266             }
1267         }
1268     }
1269 
1270     if (status == NCI_STATUS_OK)
1271     {
1272         nci_snd_core_init ();
1273     }
1274     else
1275     {
1276         NFC_TRACE_ERROR0 ("Failed to reset NFCC");
1277         nfc_enabled (status, NULL);
1278     }
1279 }
1280 
1281 /*******************************************************************************
1282 **
1283 ** Function         nfc_ncif_proc_init_rsp
1284 **
1285 ** Description      This function is called to process init response
1286 **
1287 ** Returns          void
1288 **
1289 *******************************************************************************/
nfc_ncif_proc_init_rsp(BT_HDR * p_msg)1290 void nfc_ncif_proc_init_rsp (BT_HDR *p_msg)
1291 {
1292     UINT8 *p, status;
1293     tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
1294 
1295     p = (UINT8 *) (p_msg + 1) + p_msg->offset;
1296 
1297     /* handle init params in nfc_enabled */
1298     status   = *(p + NCI_MSG_HDR_SIZE);
1299     if (status == NCI_STATUS_OK)
1300     {
1301         p_cb->id            = NFC_RF_CONN_ID;
1302         p_cb->act_protocol  = NCI_PROTOCOL_UNKNOWN;
1303 
1304         nfc_set_state (NFC_STATE_W4_POST_INIT_CPLT);
1305 
1306         nfc_cb.p_nci_init_rsp = p_msg;
1307         nfc_cb.p_hal->core_initialized (p);
1308     }
1309     else
1310     {
1311         nfc_enabled (status, NULL);
1312         GKI_freebuf (p_msg);
1313     }
1314 }
1315 
1316 /*******************************************************************************
1317 **
1318 ** Function         nfc_ncif_proc_get_config_rsp
1319 **
1320 ** Description      This function is called to process get config response
1321 **
1322 ** Returns          void
1323 **
1324 *******************************************************************************/
nfc_ncif_proc_get_config_rsp(BT_HDR * p_evt)1325 void nfc_ncif_proc_get_config_rsp (BT_HDR *p_evt)
1326 {
1327     UINT8   *p;
1328     tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1329     tNFC_RESPONSE  evt_data;
1330 
1331     p_evt->offset += NCI_MSG_HDR_SIZE;
1332     p_evt->len    -= NCI_MSG_HDR_SIZE;
1333     if (p_cback)
1334     {
1335         p                                = (UINT8 *) (p_evt + 1) + p_evt->offset;
1336         evt_data.get_config.status       = *p++;
1337         evt_data.get_config.tlv_size     = p_evt->len;
1338         evt_data.get_config.p_param_tlvs = p;
1339         (*p_cback) (NFC_GET_CONFIG_REVT, &evt_data);
1340     }
1341 }
1342 
1343 /*******************************************************************************
1344 **
1345 ** Function         nfc_ncif_proc_t3t_polling_ntf
1346 **
1347 ** Description      Handle NCI_MSG_RF_T3T_POLLING NTF
1348 **
1349 ** Returns          void
1350 **
1351 *******************************************************************************/
nfc_ncif_proc_t3t_polling_ntf(UINT8 * p,UINT16 plen)1352 void nfc_ncif_proc_t3t_polling_ntf (UINT8 *p, UINT16 plen)
1353 {
1354     UINT8 status;
1355     UINT8 num_responses;
1356 
1357     /* Pass result to RW_T3T for processing */
1358     STREAM_TO_UINT8 (status, p);
1359     STREAM_TO_UINT8 (num_responses, p);
1360     plen-=NFC_TL_SIZE;
1361     rw_t3t_handle_nci_poll_ntf (status, num_responses, (UINT8) plen, p);
1362 }
1363 
1364 /*******************************************************************************
1365 **
1366 ** Function         nfc_data_event
1367 **
1368 ** Description      Report Data event on the given connection control block
1369 **
1370 ** Returns          void
1371 **
1372 *******************************************************************************/
nfc_data_event(tNFC_CONN_CB * p_cb)1373 void nfc_data_event (tNFC_CONN_CB * p_cb)
1374 {
1375     BT_HDR      *p_evt;
1376     tNFC_DATA_CEVT data_cevt;
1377     UINT8       *p;
1378 
1379     if (p_cb->p_cback)
1380     {
1381         while ((p_evt = (BT_HDR *)GKI_getfirst (&p_cb->rx_q)) != NULL)
1382         {
1383             if (p_evt->layer_specific & NFC_RAS_FRAGMENTED)
1384             {
1385                 break;
1386             }
1387             p_evt = (BT_HDR *) GKI_dequeue (&p_cb->rx_q);
1388             /* report data event */
1389             p_evt->offset   += NCI_MSG_HDR_SIZE;
1390             p_evt->len      -= NCI_MSG_HDR_SIZE;
1391             if (p_evt->layer_specific)
1392                 data_cevt.status = NFC_STATUS_BAD_LENGTH;
1393             else
1394                 data_cevt.status = NFC_STATUS_OK;
1395             data_cevt.p_data = p_evt;
1396             /* adjust payload, if needed */
1397             if (p_cb->conn_id == NFC_RF_CONN_ID)
1398             {
1399                 /* if NCI_PROTOCOL_T1T/NCI_PROTOCOL_T2T/NCI_PROTOCOL_T3T, the status byte needs to be removed
1400                  */
1401                 if ((p_cb->act_protocol >= NCI_PROTOCOL_T1T) && (p_cb->act_protocol <= NCI_PROTOCOL_T3T))
1402                 {
1403                     p_evt->len--;
1404                     p                = (UINT8 *) (p_evt + 1);
1405                     data_cevt.status = *(p + p_evt->offset + p_evt->len);
1406                 }
1407             }
1408             (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_CEVT, (tNFC_CONN *) &data_cevt);
1409             p_evt = NULL;
1410         }
1411     }
1412 }
1413 
1414 /*******************************************************************************
1415 **
1416 ** Function         nfc_ncif_proc_data
1417 **
1418 ** Description      Find the connection control block associated with the data
1419 **                  packet. Assemble the data packet, if needed.
1420 **                  Report the Data event.
1421 **
1422 ** Returns          void
1423 **
1424 *******************************************************************************/
nfc_ncif_proc_data(BT_HDR * p_msg)1425 void nfc_ncif_proc_data (BT_HDR *p_msg)
1426 {
1427     UINT8   *pp, cid;
1428     tNFC_CONN_CB * p_cb;
1429     UINT8   pbf;
1430     BT_HDR  *p_last;
1431     UINT8   *ps, *pd;
1432     UINT16  size;
1433     BT_HDR  *p_max = NULL;
1434     UINT16  len;
1435     UINT16  error_mask = 0;
1436 
1437     pp   = (UINT8 *) (p_msg+1) + p_msg->offset;
1438     NFC_TRACE_DEBUG3 ("nfc_ncif_proc_data 0x%02x%02x%02x", pp[0], pp[1], pp[2]);
1439     NCI_DATA_PRS_HDR (pp, pbf, cid, len);
1440     p_cb = nfc_find_conn_cb_by_conn_id (cid);
1441     if (p_cb && (p_msg->len >= NCI_DATA_HDR_SIZE))
1442     {
1443         NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", len);
1444         if (len > 0)
1445         {
1446             p_msg->layer_specific       = 0;
1447             if (pbf)
1448                 p_msg->layer_specific   = NFC_RAS_FRAGMENTED;
1449             p_last = (BT_HDR *)GKI_getlast (&p_cb->rx_q);
1450             if (p_last && (p_last->layer_specific & NFC_RAS_FRAGMENTED))
1451             {
1452                 /* last data buffer is not last fragment, append this new packet to the last */
1453                 size = GKI_get_buf_size(p_last);
1454                 if (size < (BT_HDR_SIZE + p_last->len + p_last->offset + len))
1455                 {
1456                     /* the current size of p_last is not big enough to hold the new fragment, p_msg */
1457                     if (size != GKI_MAX_BUF_SIZE)
1458                     {
1459                         /* try the biggest GKI pool */
1460                         p_max = (BT_HDR *)GKI_getpoolbuf (GKI_MAX_BUF_SIZE_POOL_ID);
1461                         if (p_max)
1462                         {
1463                             /* copy the content of last buffer to the new buffer */
1464                             memcpy(p_max, p_last, BT_HDR_SIZE);
1465                             pd  = (UINT8 *)(p_max + 1) + p_max->offset;
1466                             ps  = (UINT8 *)(p_last + 1) + p_last->offset;
1467                             memcpy(pd, ps, p_last->len);
1468 
1469                             /* place the new buffer in the queue instead */
1470                             GKI_remove_from_queue (&p_cb->rx_q, p_last);
1471                             GKI_freebuf (p_last);
1472                             GKI_enqueue (&p_cb->rx_q, p_max);
1473                             p_last  = p_max;
1474                         }
1475                     }
1476                     if (p_max == NULL)
1477                     {
1478                         p_last->layer_specific  |= NFC_RAS_TOO_BIG;
1479                         NFC_TRACE_ERROR1 ("nci_reassemble_msg buffer overrun(%d)!!", len);
1480                     }
1481                 }
1482 
1483                 ps   = (UINT8 *)(p_msg + 1) + p_msg->offset + NCI_MSG_HDR_SIZE;
1484                 len  = p_msg->len - NCI_MSG_HDR_SIZE;
1485                 if ((p_last->layer_specific & NFC_RAS_TOO_BIG) == 0)
1486                 {
1487                     pd   = (UINT8 *)(p_last + 1) + p_last->offset + p_last->len;
1488                     memcpy(pd, ps, len);
1489                     p_last->len  += len;
1490                     /* do not need to update pbf and len in NCI header.
1491                      * They are stripped off at NFC_DATA_CEVT and len may exceed 255 */
1492                     NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", p_last->len);
1493                 }
1494 
1495                 error_mask              = (p_last->layer_specific & NFC_RAS_TOO_BIG);
1496                 p_last->layer_specific  = (p_msg->layer_specific | error_mask);
1497                 GKI_freebuf (p_msg);
1498 #ifdef DISP_NCI
1499                 if ((p_last->layer_specific & NFC_RAS_FRAGMENTED) == 0)
1500                 {
1501                     /* this packet was reassembled. display the complete packet */
1502                     DISP_NCI ((UINT8 *)(p_last + 1) + p_last->offset, p_last->len, TRUE);
1503                 }
1504 #endif
1505             }
1506             else
1507             {
1508                 /* enqueue the new buffer to the rx queue */
1509                 GKI_enqueue (&p_cb->rx_q, p_msg);
1510             }
1511             nfc_data_event (p_cb);
1512             return;
1513         }
1514         /* else an empty data packet*/
1515     }
1516     GKI_freebuf (p_msg);
1517 }
1518 
1519 #endif /* NFC_INCLUDED == TRUE*/
1520