1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2013 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19
20 /******************************************************************************
21 *
22 * This file contains functions that interface with the NFC NCI transport.
23 * On the receive side, it routes events to the appropriate handler
24 * (callback). On the transmit side, it manages the command transmission.
25 *
26 ******************************************************************************/
27 #include <string.h>
28 #include "nfc_target.h"
29
30 #if NFC_INCLUDED == TRUE
31 #include "nfc_hal_api.h"
32 #include "nfc_api.h"
33 #include "nci_defs.h"
34 #include "nci_hmsgs.h"
35 #include "nfc_int.h"
36 #include "rw_api.h"
37 #include "rw_int.h"
38 #include "hcidefs.h"
39 #include "nfc_hal_api.h"
40
41 #if (NFC_RW_ONLY == FALSE)
42 static const UINT8 nfc_mpl_code_to_size[] =
43 {64, 128, 192, 254};
44
45 #endif /* NFC_RW_ONLY */
46
47
48 #define NFC_PB_ATTRIB_REQ_FIXED_BYTES 1
49 #define NFC_LB_ATTRIB_REQ_FIXED_BYTES 8
50
51
52 /*******************************************************************************
53 **
54 ** Function nfc_ncif_update_window
55 **
56 ** Description Update tx cmd window to indicate that NFCC can received
57 **
58 ** Returns void
59 **
60 *********************************************************************************/
nfc_ncif_update_window(void)61 void nfc_ncif_update_window (void)
62 {
63 /* Sanity check - see if we were expecting a update_window */
64 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
65 {
66 if (nfc_cb.nfc_state != NFC_STATE_W4_HAL_CLOSE)
67 {
68 NFC_TRACE_ERROR0("nfc_ncif_update_window: Unexpected call");
69 }
70 return;
71 }
72
73 /* Stop command-pending timer */
74 nfc_stop_timer (&nfc_cb.nci_wait_rsp_timer);
75
76 nfc_cb.p_vsc_cback = NULL;
77 nfc_cb.nci_cmd_window++;
78
79 /* Check if there were any commands waiting to be sent */
80 nfc_ncif_check_cmd_queue (NULL);
81 }
82
83 /*******************************************************************************
84 **
85 ** Function nfc_ncif_cmd_timeout
86 **
87 ** Description Handle a command timeout
88 **
89 ** Returns void
90 **
91 *******************************************************************************/
nfc_ncif_cmd_timeout(void)92 void nfc_ncif_cmd_timeout (void)
93 {
94 NFC_TRACE_ERROR0 ("nfc_ncif_cmd_timeout");
95
96 /* report an error */
97 nfc_ncif_event_status(NFC_GEN_ERROR_REVT, NFC_STATUS_HW_TIMEOUT);
98 nfc_ncif_event_status(NFC_NFCC_TIMEOUT_REVT, NFC_STATUS_HW_TIMEOUT);
99
100 /* if enabling NFC, notify upper layer of failure */
101 if (nfc_cb.nfc_state == NFC_STATE_CORE_INIT)
102 {
103 nfc_enabled (NFC_STATUS_FAILED, NULL);
104 }
105
106 /* terminate the process so we'll try again */
107 NFC_TRACE_ERROR0 ("NFC controller stopped responding, aborting the NFC process");
108 abort();
109 }
110
111 /*******************************************************************************
112 **
113 ** Function nfc_wait_2_deactivate_timeout
114 **
115 ** Description Handle a command timeout
116 **
117 ** Returns void
118 **
119 *******************************************************************************/
nfc_wait_2_deactivate_timeout(void)120 void nfc_wait_2_deactivate_timeout (void)
121 {
122 NFC_TRACE_ERROR0 ("nfc_wait_2_deactivate_timeout");
123 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
124 nci_snd_deactivate_cmd ((UINT8) ((TIMER_PARAM_TYPE) nfc_cb.deactivate_timer.param));
125 }
126
127
128 /*******************************************************************************
129 **
130 ** Function nfc_ncif_send_data
131 **
132 ** Description This function is called to add the NCI data header
133 ** and send it to NCIT task for sending it to transport
134 ** as credits are available.
135 **
136 ** Returns void
137 **
138 *******************************************************************************/
nfc_ncif_send_data(tNFC_CONN_CB * p_cb,BT_HDR * p_data)139 UINT8 nfc_ncif_send_data (tNFC_CONN_CB *p_cb, BT_HDR *p_data)
140 {
141 UINT8 *pp;
142 UINT8 *ps;
143 UINT8 ulen = NCI_MAX_PAYLOAD_SIZE;
144 BT_HDR *p;
145 UINT8 pbf = 1;
146 UINT8 buffer_size = p_cb->buff_size;
147 UINT8 hdr0 = p_cb->conn_id;
148 BOOLEAN fragmented = FALSE;
149
150 NFC_TRACE_DEBUG3 ("nfc_ncif_send_data :%d, num_buff:%d qc:%d", p_cb->conn_id, p_cb->num_buff, p_cb->tx_q.count);
151 if (p_cb->id == NFC_RF_CONN_ID)
152 {
153 if (nfc_cb.nfc_state != NFC_STATE_OPEN)
154 {
155 if (nfc_cb.nfc_state == NFC_STATE_CLOSING)
156 {
157 if ((p_data == NULL) && /* called because credit from NFCC */
158 (nfc_cb.flags & NFC_FL_DEACTIVATING))
159 {
160 if (p_cb->init_credits == p_cb->num_buff)
161 {
162 /* all the credits are back */
163 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
164 NFC_TRACE_DEBUG2 ("deactivating NFC-DEP init_credits:%d, num_buff:%d", p_cb->init_credits, p_cb->num_buff);
165 nfc_stop_timer(&nfc_cb.deactivate_timer);
166 nci_snd_deactivate_cmd ((UINT8)((TIMER_PARAM_TYPE)nfc_cb.deactivate_timer.param));
167 }
168 }
169 }
170 return NCI_STATUS_FAILED;
171 }
172 }
173
174 if (p_data)
175 {
176 /* always enqueue the data to the tx queue */
177 GKI_enqueue (&p_cb->tx_q, p_data);
178 }
179
180 /* try to send the first data packet in the tx queue */
181 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
182
183 /* post data fragment to NCIT task as credits are available */
184 while (p_data && (p_data->len > 0) && (p_cb->num_buff > 0))
185 {
186 if (p_data->len <= buffer_size)
187 {
188 pbf = 0; /* last fragment */
189 ulen = (UINT8)(p_data->len);
190 fragmented = FALSE;
191 }
192 else
193 {
194 fragmented = TRUE;
195 ulen = buffer_size;
196 }
197
198 if (!fragmented)
199 {
200 /* if data packet is not fragmented, use the original buffer */
201 p = p_data;
202 p_data = (BT_HDR *)GKI_dequeue (&p_cb->tx_q);
203 }
204 else
205 {
206 /* the data packet is too big and need to be fragmented
207 * prepare a new GKI buffer
208 * (even the last fragment to avoid issues) */
209 if ((p = NCI_GET_CMD_BUF(ulen)) == NULL)
210 return (NCI_STATUS_BUFFER_FULL);
211 p->len = ulen;
212 p->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE + 1;
213 pp = (UINT8 *)(p + 1) + p->offset;
214 ps = (UINT8 *)(p_data + 1) + p_data->offset;
215 memcpy (pp, ps, ulen);
216 /* adjust the BT_HDR on the old fragment */
217 p_data->len -= ulen;
218 p_data->offset += ulen;
219 }
220
221 p->event = BT_EVT_TO_NFC_NCI;
222 p->layer_specific = pbf;
223 p->len += NCI_DATA_HDR_SIZE;
224 p->offset -= NCI_DATA_HDR_SIZE;
225 pp = (UINT8 *)(p + 1) + p->offset;
226 /* build NCI Data packet header */
227 NCI_DATA_PBLD_HDR(pp, pbf, hdr0, ulen);
228
229 if (p_cb->num_buff != NFC_CONN_NO_FC)
230 p_cb->num_buff--;
231
232 /* send to HAL */
233 HAL_WRITE(p);
234
235 if (!fragmented)
236 {
237 /* check if there are more data to send */
238 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
239 }
240 }
241
242 return (NCI_STATUS_OK);
243 }
244
245 /*******************************************************************************
246 **
247 ** Function nfc_ncif_check_cmd_queue
248 **
249 ** Description Send NCI command to the transport
250 **
251 ** Returns void
252 **
253 *******************************************************************************/
nfc_ncif_check_cmd_queue(BT_HDR * p_buf)254 void nfc_ncif_check_cmd_queue (BT_HDR *p_buf)
255 {
256 UINT8 *ps;
257 /* If there are commands waiting in the xmit queue, or if the controller cannot accept any more commands, */
258 /* then enqueue this command */
259 if (p_buf)
260 {
261 if ((nfc_cb.nci_cmd_xmit_q.count) || (nfc_cb.nci_cmd_window == 0))
262 {
263 GKI_enqueue (&nfc_cb.nci_cmd_xmit_q, p_buf);
264 p_buf = NULL;
265 }
266 }
267
268 /* If controller can accept another command, then send the next command */
269 if (nfc_cb.nci_cmd_window > 0)
270 {
271 /* If no command was provided, or if older commands were in the queue, then get cmd from the queue */
272 if (!p_buf)
273 p_buf = (BT_HDR *)GKI_dequeue (&nfc_cb.nci_cmd_xmit_q);
274
275 if (p_buf)
276 {
277 /* save the message header to double check the response */
278 ps = (UINT8 *)(p_buf + 1) + p_buf->offset;
279 memcpy(nfc_cb.last_hdr, ps, NFC_SAVED_HDR_SIZE);
280 memcpy(nfc_cb.last_cmd, ps + NCI_MSG_HDR_SIZE, NFC_SAVED_CMD_SIZE);
281 if (p_buf->layer_specific == NFC_WAIT_RSP_VSC)
282 {
283 /* save the callback for NCI VSCs) */
284 nfc_cb.p_vsc_cback = (void *)((tNFC_NCI_VS_MSG *)p_buf)->p_cback;
285 }
286
287 /* send to HAL */
288 HAL_WRITE(p_buf);
289
290 /* Indicate command is pending */
291 nfc_cb.nci_cmd_window--;
292
293 /* start NFC command-timeout timer */
294 nfc_start_timer (&nfc_cb.nci_wait_rsp_timer, (UINT16)(NFC_TTYPE_NCI_WAIT_RSP), nfc_cb.nci_wait_rsp_tout);
295 }
296 }
297
298 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
299 {
300 /* the command queue must be empty now */
301 if (nfc_cb.flags & NFC_FL_CONTROL_REQUESTED)
302 {
303 /* HAL requested control or stack needs to handle pre-discover */
304 nfc_cb.flags &= ~NFC_FL_CONTROL_REQUESTED;
305 if (nfc_cb.flags & NFC_FL_DISCOVER_PENDING)
306 {
307 if (nfc_cb.p_hal->prediscover ())
308 {
309 /* HAL has the command window now */
310 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
311 nfc_cb.nci_cmd_window = 0;
312 }
313 else
314 {
315 /* HAL does not need to send command,
316 * - restore the command window and issue the discovery command now */
317 nfc_cb.flags &= ~NFC_FL_DISCOVER_PENDING;
318 ps = (UINT8 *)nfc_cb.p_disc_pending;
319 nci_snd_discover_cmd (*ps, (tNFC_DISCOVER_PARAMS *)(ps + 1));
320 GKI_freebuf (nfc_cb.p_disc_pending);
321 nfc_cb.p_disc_pending = NULL;
322 }
323 }
324 else
325 {
326 /* grant the control to HAL */
327 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
328 nfc_cb.nci_cmd_window = 0;
329 nfc_cb.p_hal->control_granted ();
330 }
331 }
332 }
333 }
334
335
336 /*******************************************************************************
337 **
338 ** Function nfc_ncif_send_cmd
339 **
340 ** Description Send NCI command to the NCIT task
341 **
342 ** Returns void
343 **
344 *******************************************************************************/
nfc_ncif_send_cmd(BT_HDR * p_buf)345 void nfc_ncif_send_cmd (BT_HDR *p_buf)
346 {
347 /* post the p_buf to NCIT task */
348 p_buf->event = BT_EVT_TO_NFC_NCI;
349 p_buf->layer_specific = 0;
350 nfc_ncif_check_cmd_queue (p_buf);
351 }
352
353
354 /*******************************************************************************
355 **
356 ** Function nfc_ncif_process_event
357 **
358 ** Description This function is called to process the data/response/notification
359 ** from NFCC
360 **
361 ** Returns TRUE if need to free buffer
362 **
363 *******************************************************************************/
nfc_ncif_process_event(BT_HDR * p_msg)364 BOOLEAN nfc_ncif_process_event (BT_HDR *p_msg)
365 {
366 UINT8 mt, pbf, gid, *p, *pp;
367 BOOLEAN free = TRUE;
368 UINT8 oid;
369 UINT8 *p_old, old_gid, old_oid, old_mt;
370
371 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
372
373 pp = p;
374 NCI_MSG_PRS_HDR0 (pp, mt, pbf, gid);
375
376 switch (mt)
377 {
378 case NCI_MT_DATA:
379 NFC_TRACE_DEBUG0 ("NFC received data");
380 nfc_ncif_proc_data (p_msg);
381 free = FALSE;
382 break;
383
384 case NCI_MT_RSP:
385 NFC_TRACE_DEBUG1 ("NFC received rsp gid:%d", gid);
386 oid = ((*pp) & NCI_OID_MASK);
387 p_old = nfc_cb.last_hdr;
388 NCI_MSG_PRS_HDR0(p_old, old_mt, pbf, old_gid);
389 old_oid = ((*p_old) & NCI_OID_MASK);
390 /* make sure this is the RSP we are waiting for before updating the command window */
391 if ((old_gid != gid) || (old_oid != oid))
392 {
393 NFC_TRACE_ERROR2 ("nfc_ncif_process_event unexpected rsp: gid:0x%x, oid:0x%x", gid, oid);
394 return TRUE;
395 }
396
397 switch (gid)
398 {
399 case NCI_GID_CORE: /* 0000b NCI Core group */
400 free = nci_proc_core_rsp (p_msg);
401 break;
402 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
403 nci_proc_rf_management_rsp (p_msg);
404 break;
405 #if (NFC_NFCEE_INCLUDED == TRUE)
406 #if (NFC_RW_ONLY == FALSE)
407 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
408 nci_proc_ee_management_rsp (p_msg);
409 break;
410 #endif
411 #endif
412 case NCI_GID_PROP: /* 1111b Proprietary */
413 nci_proc_prop_rsp (p_msg);
414 break;
415 default:
416 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
417 break;
418 }
419
420 nfc_ncif_update_window ();
421 break;
422
423 case NCI_MT_NTF:
424 NFC_TRACE_DEBUG1 ("NFC received ntf gid:%d", gid);
425 switch (gid)
426 {
427 case NCI_GID_CORE: /* 0000b NCI Core group */
428 nci_proc_core_ntf (p_msg);
429 break;
430 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
431 nci_proc_rf_management_ntf (p_msg);
432 break;
433 #if (NFC_NFCEE_INCLUDED == TRUE)
434 #if (NFC_RW_ONLY == FALSE)
435 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
436 nci_proc_ee_management_ntf (p_msg);
437 break;
438 #endif
439 #endif
440 case NCI_GID_PROP: /* 1111b Proprietary */
441 nci_proc_prop_ntf (p_msg);
442 break;
443 default:
444 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
445 break;
446 }
447 break;
448
449 default:
450 NFC_TRACE_DEBUG2 ("NFC received unknown mt:0x%x, gid:%d", mt, gid);
451 }
452
453 return (free);
454 }
455
456 /*******************************************************************************
457 **
458 ** Function nfc_ncif_rf_management_status
459 **
460 ** Description This function is called to report an event
461 **
462 ** Returns void
463 **
464 *******************************************************************************/
nfc_ncif_rf_management_status(tNFC_DISCOVER_EVT event,UINT8 status)465 void nfc_ncif_rf_management_status (tNFC_DISCOVER_EVT event, UINT8 status)
466 {
467 tNFC_DISCOVER evt_data;
468 if (nfc_cb.p_discv_cback)
469 {
470 evt_data.status = (tNFC_STATUS) status;
471 (*nfc_cb.p_discv_cback) (event, &evt_data);
472 }
473 }
474
475 /*******************************************************************************
476 **
477 ** Function nfc_ncif_set_config_status
478 **
479 ** Description This function is called to report NFC_SET_CONFIG_REVT
480 **
481 ** Returns void
482 **
483 *******************************************************************************/
nfc_ncif_set_config_status(UINT8 * p,UINT8 len)484 void nfc_ncif_set_config_status (UINT8 *p, UINT8 len)
485 {
486 tNFC_RESPONSE evt_data;
487 if (nfc_cb.p_resp_cback)
488 {
489 evt_data.set_config.status = (tNFC_STATUS) *p++;
490 evt_data.set_config.num_param_id = NFC_STATUS_OK;
491 if (evt_data.set_config.status != NFC_STATUS_OK)
492 {
493 evt_data.set_config.num_param_id = *p++;
494 STREAM_TO_ARRAY (evt_data.set_config.param_ids, p, evt_data.set_config.num_param_id);
495 }
496
497 (*nfc_cb.p_resp_cback) (NFC_SET_CONFIG_REVT, &evt_data);
498 }
499 }
500
501 /*******************************************************************************
502 **
503 ** Function nfc_ncif_event_status
504 **
505 ** Description This function is called to report an event
506 **
507 ** Returns void
508 **
509 *******************************************************************************/
nfc_ncif_event_status(tNFC_RESPONSE_EVT event,UINT8 status)510 void nfc_ncif_event_status (tNFC_RESPONSE_EVT event, UINT8 status)
511 {
512 tNFC_RESPONSE evt_data;
513 if (nfc_cb.p_resp_cback)
514 {
515 evt_data.status = (tNFC_STATUS) status;
516 (*nfc_cb.p_resp_cback) (event, &evt_data);
517 }
518 }
519
520 /*******************************************************************************
521 **
522 ** Function nfc_ncif_error_status
523 **
524 ** Description This function is called to report an error event to data cback
525 **
526 ** Returns void
527 **
528 *******************************************************************************/
nfc_ncif_error_status(UINT8 conn_id,UINT8 status)529 void nfc_ncif_error_status (UINT8 conn_id, UINT8 status)
530 {
531 tNFC_CONN_CB * p_cb;
532 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
533 if (p_cb && p_cb->p_cback)
534 {
535 (*p_cb->p_cback) (conn_id, NFC_ERROR_CEVT, (tNFC_CONN *) &status);
536 }
537 }
538
539 /*******************************************************************************
540 **
541 ** Function nfc_ncif_proc_rf_field_ntf
542 **
543 ** Description This function is called to process RF field notification
544 **
545 ** Returns void
546 **
547 *******************************************************************************/
548 #if (NFC_RW_ONLY == FALSE)
nfc_ncif_proc_rf_field_ntf(UINT8 rf_status)549 void nfc_ncif_proc_rf_field_ntf (UINT8 rf_status)
550 {
551 tNFC_RESPONSE evt_data;
552 if (nfc_cb.p_resp_cback)
553 {
554 evt_data.status = (tNFC_STATUS) NFC_STATUS_OK;
555 evt_data.rf_field.rf_field = rf_status;
556 (*nfc_cb.p_resp_cback) (NFC_RF_FIELD_REVT, &evt_data);
557 }
558 }
559 #endif
560
561 /*******************************************************************************
562 **
563 ** Function nfc_ncif_proc_credits
564 **
565 ** Description This function is called to process data credits
566 **
567 ** Returns void
568 **
569 *******************************************************************************/
nfc_ncif_proc_credits(UINT8 * p,UINT16 plen)570 void nfc_ncif_proc_credits(UINT8 *p, UINT16 plen)
571 {
572 UINT8 num, xx;
573 tNFC_CONN_CB * p_cb;
574
575 num = *p++;
576 for (xx = 0; xx < num; xx++)
577 {
578 p_cb = nfc_find_conn_cb_by_conn_id(*p++);
579 if (p_cb && p_cb->num_buff != NFC_CONN_NO_FC)
580 {
581 p_cb->num_buff += (*p);
582 #if (BT_USE_TRACES == TRUE)
583 if (p_cb->num_buff > p_cb->init_credits)
584 {
585 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
586 {
587 /* if this happens in activated state, it's very likely that our NFCC has issues */
588 /* However, credit may be returned after deactivation */
589 NFC_TRACE_ERROR2( "num_buff:0x%x, init_credits:0x%x", p_cb->num_buff, p_cb->init_credits);
590 }
591 p_cb->num_buff = p_cb->init_credits;
592 }
593 #endif
594 /* check if there's nay data in tx q to be sent */
595 nfc_ncif_send_data (p_cb, NULL);
596 }
597 p++;
598 }
599 }
600 /*******************************************************************************
601 **
602 ** Function nfc_ncif_decode_rf_params
603 **
604 ** Description This function is called to process the detected technology
605 ** and mode and the associated parameters for DISCOVER_NTF and
606 ** ACTIVATE_NTF
607 **
608 ** Returns void
609 **
610 *******************************************************************************/
nfc_ncif_decode_rf_params(tNFC_RF_TECH_PARAMS * p_param,UINT8 * p)611 UINT8 * nfc_ncif_decode_rf_params (tNFC_RF_TECH_PARAMS *p_param, UINT8 *p)
612 {
613 tNFC_RF_PA_PARAMS *p_pa;
614 UINT8 len, *p_start, u8;
615 tNFC_RF_PB_PARAMS *p_pb;
616 tNFC_RF_LF_PARAMS *p_lf;
617 tNFC_RF_PF_PARAMS *p_pf;
618 tNFC_RF_PISO15693_PARAMS *p_i93;
619
620 len = *p++;
621 p_start = p;
622 memset ( &p_param->param, 0, sizeof (tNFC_RF_TECH_PARAMU));
623 switch (p_param->mode)
624 {
625 case NCI_DISCOVERY_TYPE_POLL_A:
626 case NCI_DISCOVERY_TYPE_POLL_A_ACTIVE:
627 p_pa = &p_param->param.pa;
628 /*
629 SENS_RES Response 2 bytes Defined in [DIGPROT] Available after Technology Detection
630 NFCID1 length 1 byte Length of NFCID1 Available after Collision Resolution
631 NFCID1 4, 7, or 10 bytes Defined in [DIGPROT]Available after Collision Resolution
632 SEL_RES Response 1 byte Defined in [DIGPROT]Available after Collision Resolution
633 HRx Length 1 Octets Length of HRx Parameters collected from the response to the T1T RID command.
634 HRx 0 or 2 Octets If present, the first byte SHALL contain HR0 and the second byte SHALL contain HR1 as defined in [DIGITAL].
635 */
636 STREAM_TO_ARRAY (p_pa->sens_res, p, 2);
637 p_pa->nfcid1_len = *p++;
638 if (p_pa->nfcid1_len > NCI_NFCID1_MAX_LEN)
639 p_pa->nfcid1_len = NCI_NFCID1_MAX_LEN;
640 STREAM_TO_ARRAY (p_pa->nfcid1, p, p_pa->nfcid1_len);
641 u8 = *p++;
642 if (u8)
643 p_pa->sel_rsp = *p++;
644 if (len == (7 + p_pa->nfcid1_len + u8)) /* 2(sens_res) + 1(len) + p_pa->nfcid1_len + 1(len) + u8 + hr (1:len + 2) */
645 {
646 p_pa->hr_len = *p++;
647 if (p_pa->hr_len == NCI_T1T_HR_LEN)
648 {
649 p_pa->hr[0] = *p++;
650 p_pa->hr[1] = *p;
651 }
652 }
653 break;
654
655 case NCI_DISCOVERY_TYPE_POLL_B:
656 /*
657 SENSB_RES Response length (n) 1 byte Length of SENSB_RES Response (Byte 2 - Byte 12 or 13)Available after Technology Detection
658 SENSB_RES Response Byte 2 - Byte 12 or 13 11 or 12 bytes Defined in [DIGPROT] Available after Technology Detection
659 */
660 p_pb = &p_param->param.pb;
661 p_pb->sensb_res_len = *p++;
662 if (p_pb->sensb_res_len > NCI_MAX_SENSB_RES_LEN)
663 p_pb->sensb_res_len = NCI_MAX_SENSB_RES_LEN;
664 STREAM_TO_ARRAY (p_pb->sensb_res, p, p_pb->sensb_res_len);
665 memcpy (p_pb->nfcid0, p_pb->sensb_res, NFC_NFCID0_MAX_LEN);
666 break;
667
668 case NCI_DISCOVERY_TYPE_POLL_F:
669 case NCI_DISCOVERY_TYPE_POLL_F_ACTIVE:
670 /*
671 Bit Rate 1 byte 1 212 kbps/2 424 kbps/0 and 3 to 255 RFU
672 SENSF_RES Response length.(n) 1 byte Length of SENSF_RES (Byte 2 - Byte 17 or 19).Available after Technology Detection
673 SENSF_RES Response Byte 2 - Byte 17 or 19 n bytes Defined in [DIGPROT] Available after Technology Detection
674 */
675 p_pf = &p_param->param.pf;
676 p_pf->bit_rate = *p++;
677 p_pf->sensf_res_len = *p++;
678 if (p_pf->sensf_res_len > NCI_MAX_SENSF_RES_LEN)
679 p_pf->sensf_res_len = NCI_MAX_SENSF_RES_LEN;
680 STREAM_TO_ARRAY (p_pf->sensf_res, p, p_pf->sensf_res_len);
681 memcpy (p_pf->nfcid2, p_pf->sensf_res, NCI_NFCID2_LEN);
682 p_pf->mrti_check = p_pf->sensf_res[NCI_MRTI_CHECK_INDEX];
683 p_pf->mrti_update = p_pf->sensf_res[NCI_MRTI_UPDATE_INDEX];
684 break;
685
686 case NCI_DISCOVERY_TYPE_LISTEN_F:
687 case NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE:
688 p_lf = &p_param->param.lf;
689 u8 = *p++;
690 if (u8)
691 {
692 STREAM_TO_ARRAY (p_lf->nfcid2, p, NCI_NFCID2_LEN);
693 }
694 break;
695
696 case NCI_DISCOVERY_TYPE_POLL_ISO15693:
697 p_i93 = &p_param->param.pi93;
698 p_i93->flag = *p++;
699 p_i93->dsfid = *p++;
700 STREAM_TO_ARRAY (p_i93->uid, p, NFC_ISO15693_UID_LEN);
701 break;
702
703 case NCI_DISCOVERY_TYPE_POLL_KOVIO:
704 p_param->param.pk.uid_len = *p++;
705 if (p_param->param.pk.uid_len > NFC_KOVIO_MAX_LEN)
706 {
707 NFC_TRACE_ERROR2( "Kovio UID len:0x%x exceeds max(0x%x)", p_param->param.pk.uid_len, NFC_KOVIO_MAX_LEN);
708 p_param->param.pk.uid_len = NFC_KOVIO_MAX_LEN;
709 }
710 STREAM_TO_ARRAY (p_param->param.pk.uid, p, p_param->param.pk.uid_len);
711 break;
712 }
713
714 return (p_start + len);
715 }
716
717 /*******************************************************************************
718 **
719 ** Function nfc_ncif_proc_discover_ntf
720 **
721 ** Description This function is called to process discover notification
722 **
723 ** Returns void
724 **
725 *******************************************************************************/
nfc_ncif_proc_discover_ntf(UINT8 * p,UINT16 plen)726 void nfc_ncif_proc_discover_ntf (UINT8 *p, UINT16 plen)
727 {
728 tNFC_DISCOVER evt_data;
729
730 if (nfc_cb.p_discv_cback)
731 {
732 p += NCI_MSG_HDR_SIZE;
733 evt_data.status = NCI_STATUS_OK;
734 evt_data.result.rf_disc_id = *p++;
735 evt_data.result.protocol = *p++;
736
737 /* fill in tNFC_RESULT_DEVT */
738 evt_data.result.rf_tech_param.mode = *p++;
739 p = nfc_ncif_decode_rf_params (&evt_data.result.rf_tech_param, p);
740
741 evt_data.result.more = *p++;
742 (*nfc_cb.p_discv_cback) (NFC_RESULT_DEVT, &evt_data);
743 }
744 }
745
746 /*******************************************************************************
747 **
748 ** Function nfc_ncif_proc_activate
749 **
750 ** Description This function is called to process de-activate
751 ** response and notification
752 **
753 ** Returns void
754 **
755 *******************************************************************************/
nfc_ncif_proc_activate(UINT8 * p,UINT8 len)756 void nfc_ncif_proc_activate (UINT8 *p, UINT8 len)
757 {
758 tNFC_DISCOVER evt_data;
759 tNFC_INTF_PARAMS *p_intf = &evt_data.activate.intf_param;
760 tNFC_INTF_PA_ISO_DEP *p_pa_iso;
761 tNFC_INTF_LB_ISO_DEP *p_lb_iso;
762 tNFC_INTF_PB_ISO_DEP *p_pb_iso;
763 #if (NFC_RW_ONLY == FALSE)
764 tNFC_INTF_PA_NFC_DEP *p_pa_nfc;
765 int mpl_idx = 0;
766 UINT8 gb_idx = 0, mpl;
767 #endif
768 UINT8 t0;
769 tNCI_DISCOVERY_TYPE mode;
770 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
771 UINT8 *pp, len_act;
772 UINT8 buff_size, num_buff;
773 tNFC_RF_PA_PARAMS *p_pa;
774
775 nfc_set_state (NFC_STATE_OPEN);
776
777 memset (p_intf, 0, sizeof (tNFC_INTF_PARAMS));
778 evt_data.activate.rf_disc_id = *p++;
779 p_intf->type = *p++;
780 evt_data.activate.protocol = *p++;
781
782 if (evt_data.activate.protocol == NCI_PROTOCOL_18092_ACTIVE)
783 evt_data.activate.protocol = NCI_PROTOCOL_NFC_DEP;
784
785 evt_data.activate.rf_tech_param.mode = *p++;
786 buff_size = *p++;
787 num_buff = *p++;
788 /* fill in tNFC_activate_DEVT */
789 p = nfc_ncif_decode_rf_params (&evt_data.activate.rf_tech_param, p);
790
791 evt_data.activate.data_mode = *p++;
792 evt_data.activate.tx_bitrate = *p++;
793 evt_data.activate.rx_bitrate = *p++;
794 mode = evt_data.activate.rf_tech_param.mode;
795 len_act = *p++;
796 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_activate:%d %d, mode:0x%02x", len, len_act, mode);
797 /* just in case the interface reports activation parameters not defined in the NCI spec */
798 p_intf->intf_param.frame.param_len = len_act;
799 if (p_intf->intf_param.frame.param_len > NFC_MAX_RAW_PARAMS)
800 p_intf->intf_param.frame.param_len = NFC_MAX_RAW_PARAMS;
801 pp = p;
802 STREAM_TO_ARRAY (p_intf->intf_param.frame.param, pp, p_intf->intf_param.frame.param_len);
803 if (evt_data.activate.intf_param.type == NCI_INTERFACE_ISO_DEP)
804 {
805 /* Make max payload of NCI aligned to max payload of ISO-DEP for better performance */
806 if (buff_size > NCI_ISO_DEP_MAX_INFO)
807 buff_size = NCI_ISO_DEP_MAX_INFO;
808
809 switch (mode)
810 {
811 case NCI_DISCOVERY_TYPE_POLL_A:
812 p_pa_iso = &p_intf->intf_param.pa_iso;
813 p_pa_iso->ats_res_len = *p++;
814
815 if (p_pa_iso->ats_res_len == 0)
816 break;
817
818 if (p_pa_iso->ats_res_len > NFC_MAX_ATS_LEN)
819 p_pa_iso->ats_res_len = NFC_MAX_ATS_LEN;
820 STREAM_TO_ARRAY (p_pa_iso->ats_res, p, p_pa_iso->ats_res_len);
821 pp = &p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
822 t0 = p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
823 pp++; /* T0 */
824 if (t0 & NCI_ATS_TA_MASK)
825 pp++; /* TA */
826 if (t0 & NCI_ATS_TB_MASK)
827 {
828 /* FWI (Frame Waiting time Integer) & SPGI (Start-up Frame Guard time Integer) */
829 p_pa_iso->fwi = (((*pp) >> 4) & 0x0F);
830 p_pa_iso->sfgi = ((*pp) & 0x0F);
831 pp++; /* TB */
832 }
833 if (t0 & NCI_ATS_TC_MASK)
834 {
835 p_pa_iso->nad_used = ((*pp) & 0x01);
836 pp++; /* TC */
837 }
838 p_pa_iso->his_byte_len = (UINT8) (p_pa_iso->ats_res_len - (pp - p_pa_iso->ats_res));
839 memcpy (p_pa_iso->his_byte, pp, p_pa_iso->his_byte_len);
840 break;
841
842 case NCI_DISCOVERY_TYPE_LISTEN_A:
843 p_intf->intf_param.la_iso.rats = *p++;
844 break;
845
846 case NCI_DISCOVERY_TYPE_POLL_B:
847 /* ATTRIB RSP
848 Byte 1 Byte 2 ~ 2+n-1
849 MBLI/DID Higher layer - Response
850 */
851 p_pb_iso = &p_intf->intf_param.pb_iso;
852 p_pb_iso->attrib_res_len = *p++;
853
854 if (p_pb_iso->attrib_res_len == 0)
855 break;
856
857 if (p_pb_iso->attrib_res_len > NFC_MAX_ATTRIB_LEN)
858 p_pb_iso->attrib_res_len = NFC_MAX_ATTRIB_LEN;
859 STREAM_TO_ARRAY (p_pb_iso->attrib_res, p, p_pb_iso->attrib_res_len);
860 p_pb_iso->mbli = (p_pb_iso->attrib_res[0]) >> 4;
861 if (p_pb_iso->attrib_res_len > NFC_PB_ATTRIB_REQ_FIXED_BYTES)
862 {
863 p_pb_iso->hi_info_len = p_pb_iso->attrib_res_len - NFC_PB_ATTRIB_REQ_FIXED_BYTES;
864 if (p_pb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
865 p_pb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
866 memcpy (p_pb_iso->hi_info, &p_pb_iso->attrib_res[NFC_PB_ATTRIB_REQ_FIXED_BYTES], p_pb_iso->hi_info_len);
867 }
868 break;
869
870 case NCI_DISCOVERY_TYPE_LISTEN_B:
871 /* ATTRIB CMD
872 Byte 2~5 Byte 6 Byte 7 Byte 8 Byte 9 Byte 10 ~ 10+k-1
873 NFCID0 Param 1 Param 2 Param 3 Param 4 Higher layer - INF
874 */
875 p_lb_iso = &p_intf->intf_param.lb_iso;
876 p_lb_iso->attrib_req_len = *p++;
877
878 if (p_lb_iso->attrib_req_len == 0)
879 break;
880
881 if (p_lb_iso->attrib_req_len > NFC_MAX_ATTRIB_LEN)
882 p_lb_iso->attrib_req_len = NFC_MAX_ATTRIB_LEN;
883 STREAM_TO_ARRAY (p_lb_iso->attrib_req, p, p_lb_iso->attrib_req_len);
884 memcpy (p_lb_iso->nfcid0, p_lb_iso->attrib_req, NFC_NFCID0_MAX_LEN);
885 if (p_lb_iso->attrib_req_len > NFC_LB_ATTRIB_REQ_FIXED_BYTES)
886 {
887 p_lb_iso->hi_info_len = p_lb_iso->attrib_req_len - NFC_LB_ATTRIB_REQ_FIXED_BYTES;
888 if (p_lb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
889 p_lb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
890 memcpy (p_lb_iso->hi_info, &p_lb_iso->attrib_req[NFC_LB_ATTRIB_REQ_FIXED_BYTES], p_lb_iso->hi_info_len);
891 }
892 break;
893 }
894
895 }
896 #if (NFC_RW_ONLY == FALSE)
897 else if (evt_data.activate.intf_param.type == NCI_INTERFACE_NFC_DEP)
898 {
899 /* Make max payload of NCI aligned to max payload of NFC-DEP for better performance */
900 if (buff_size > NCI_NFC_DEP_MAX_DATA)
901 buff_size = NCI_NFC_DEP_MAX_DATA;
902
903 p_pa_nfc = &p_intf->intf_param.pa_nfc;
904 p_pa_nfc->atr_res_len = *p++;
905
906 if (p_pa_nfc->atr_res_len > 0)
907 {
908 if (p_pa_nfc->atr_res_len > NFC_MAX_ATS_LEN)
909 p_pa_nfc->atr_res_len = NFC_MAX_ATS_LEN;
910 STREAM_TO_ARRAY (p_pa_nfc->atr_res, p, p_pa_nfc->atr_res_len);
911 if ( (mode == NCI_DISCOVERY_TYPE_POLL_A)
912 ||(mode == NCI_DISCOVERY_TYPE_POLL_F)
913 ||(mode == NCI_DISCOVERY_TYPE_POLL_A_ACTIVE)
914 ||(mode == NCI_DISCOVERY_TYPE_POLL_F_ACTIVE) )
915 {
916 /* ATR_RES
917 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17 Byte 18~18+n
918 NFCID3T DIDT BST BRT TO PPT [GT0 ... GTn] */
919 mpl_idx = 14;
920 gb_idx = NCI_P_GEN_BYTE_INDEX;
921 p_pa_nfc->waiting_time = p_pa_nfc->atr_res[NCI_L_NFC_DEP_TO_INDEX] & 0x0F;
922 }
923 else if ( (mode == NCI_DISCOVERY_TYPE_LISTEN_A)
924 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F)
925 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_A_ACTIVE)
926 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE) )
927 {
928 /* ATR_REQ
929 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17~17+n
930 NFCID3I DIDI BSI BRI PPI [GI0 ... GIn] */
931 mpl_idx = 13;
932 gb_idx = NCI_L_GEN_BYTE_INDEX;
933 }
934
935 mpl = ((p_pa_nfc->atr_res[mpl_idx]) >> 4) & 0x03;
936 p_pa_nfc->max_payload_size = nfc_mpl_code_to_size[mpl];
937 if (p_pa_nfc->atr_res_len > gb_idx)
938 {
939 p_pa_nfc->gen_bytes_len = p_pa_nfc->atr_res_len - gb_idx;
940 if (p_pa_nfc->gen_bytes_len > NFC_MAX_GEN_BYTES_LEN)
941 p_pa_nfc->gen_bytes_len = NFC_MAX_GEN_BYTES_LEN;
942 memcpy (p_pa_nfc->gen_bytes, &p_pa_nfc->atr_res[gb_idx], p_pa_nfc->gen_bytes_len);
943 }
944 }
945 }
946 #endif
947 else if ((evt_data.activate.intf_param.type == NCI_INTERFACE_FRAME) && (evt_data.activate.protocol == NCI_PROTOCOL_T1T) )
948 {
949 p_pa = &evt_data.activate.rf_tech_param.param.pa;
950 if ((len_act == NCI_T1T_HR_LEN) && (p_pa->hr_len == 0))
951 {
952 p_pa->hr_len = NCI_T1T_HR_LEN;
953 p_pa->hr[0] = *p++;
954 p_pa->hr[1] = *p++;
955 }
956 }
957
958 p_cb->act_protocol = evt_data.activate.protocol;
959 p_cb->buff_size = buff_size;
960 p_cb->num_buff = num_buff;
961 p_cb->init_credits = num_buff;
962
963 if (nfc_cb.p_discv_cback)
964 {
965 (*nfc_cb.p_discv_cback) (NFC_ACTIVATE_DEVT, &evt_data);
966 }
967 }
968
969 /*******************************************************************************
970 **
971 ** Function nfc_ncif_proc_deactivate
972 **
973 ** Description This function is called to process de-activate
974 ** response and notification
975 **
976 ** Returns void
977 **
978 *******************************************************************************/
nfc_ncif_proc_deactivate(UINT8 status,UINT8 deact_type,BOOLEAN is_ntf)979 void nfc_ncif_proc_deactivate (UINT8 status, UINT8 deact_type, BOOLEAN is_ntf)
980 {
981 tNFC_DISCOVER evt_data;
982 tNFC_DEACTIVATE_DEVT *p_deact;
983 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
984 void *p_data;
985
986 nfc_set_state (NFC_STATE_IDLE);
987 p_deact = &evt_data.deactivate;
988 p_deact->status = status;
989 p_deact->type = deact_type;
990 p_deact->is_ntf = is_ntf;
991
992 while ((p_data = GKI_dequeue (&p_cb->rx_q)) != NULL)
993 {
994 GKI_freebuf (p_data);
995 }
996
997 while ((p_data = GKI_dequeue (&p_cb->tx_q)) != NULL)
998 {
999 GKI_freebuf (p_data);
1000 }
1001
1002 if (p_cb->p_cback)
1003 (*p_cb->p_cback) (NFC_RF_CONN_ID, NFC_DEACTIVATE_CEVT, (tNFC_CONN *) p_deact);
1004
1005 if (nfc_cb.p_discv_cback)
1006 {
1007 (*nfc_cb.p_discv_cback) (NFC_DEACTIVATE_DEVT, &evt_data);
1008 }
1009 }
1010 /*******************************************************************************
1011 **
1012 ** Function nfc_ncif_proc_ee_action
1013 **
1014 ** Description This function is called to process NFCEE ACTION NTF
1015 **
1016 ** Returns void
1017 **
1018 *******************************************************************************/
1019 #if ((NFC_NFCEE_INCLUDED == TRUE) && (NFC_RW_ONLY == FALSE))
nfc_ncif_proc_ee_action(UINT8 * p,UINT16 plen)1020 void nfc_ncif_proc_ee_action (UINT8 *p, UINT16 plen)
1021 {
1022 tNFC_EE_ACTION_REVT evt_data;
1023 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1024 UINT8 data_len, ulen, tag, *p_data;
1025 UINT8 max_len;
1026
1027 if (p_cback)
1028 {
1029 memset (&evt_data.act_data, 0, sizeof (tNFC_ACTION_DATA));
1030 evt_data.status = NFC_STATUS_OK;
1031 evt_data.nfcee_id = *p++;
1032 evt_data.act_data.trigger = *p++;
1033 data_len = *p++;
1034 if (plen >= 3)
1035 plen -= 3;
1036 if (data_len > plen)
1037 data_len = (UINT8) plen;
1038
1039 switch (evt_data.act_data.trigger)
1040 {
1041 case NCI_EE_TRIG_7816_SELECT:
1042 if (data_len > NFC_MAX_AID_LEN)
1043 data_len = NFC_MAX_AID_LEN;
1044 evt_data.act_data.param.aid.len_aid = data_len;
1045 STREAM_TO_ARRAY (evt_data.act_data.param.aid.aid, p, data_len);
1046 break;
1047 case NCI_EE_TRIG_RF_PROTOCOL:
1048 evt_data.act_data.param.protocol = *p++;
1049 break;
1050 case NCI_EE_TRIG_RF_TECHNOLOGY:
1051 evt_data.act_data.param.technology = *p++;
1052 break;
1053 case NCI_EE_TRIG_APP_INIT:
1054 while (data_len > NFC_TL_SIZE)
1055 {
1056 data_len -= NFC_TL_SIZE;
1057 tag = *p++;
1058 ulen = *p++;
1059 if (ulen > data_len)
1060 ulen = data_len;
1061 p_data = NULL;
1062 max_len = ulen;
1063 switch (tag)
1064 {
1065 case NCI_EE_ACT_TAG_AID: /* AID */
1066 if (max_len > NFC_MAX_AID_LEN)
1067 max_len = NFC_MAX_AID_LEN;
1068 evt_data.act_data.param.app_init.len_aid = max_len;
1069 p_data = evt_data.act_data.param.app_init.aid;
1070 break;
1071 case NCI_EE_ACT_TAG_DATA: /* hex data for app */
1072 if (max_len > NFC_MAX_APP_DATA_LEN)
1073 max_len = NFC_MAX_APP_DATA_LEN;
1074 evt_data.act_data.param.app_init.len_data = max_len;
1075 p_data = evt_data.act_data.param.app_init.data;
1076 break;
1077 }
1078 if (p_data)
1079 {
1080 STREAM_TO_ARRAY (p_data, p, max_len);
1081 }
1082 data_len -= ulen;
1083 }
1084 break;
1085 }
1086 (*p_cback) (NFC_EE_ACTION_REVT, (tNFC_RESPONSE *) &evt_data);
1087 }
1088 }
1089
1090 /*******************************************************************************
1091 **
1092 ** Function nfc_ncif_proc_ee_discover_req
1093 **
1094 ** Description This function is called to process NFCEE DISCOVER REQ NTF
1095 **
1096 ** Returns void
1097 **
1098 *******************************************************************************/
nfc_ncif_proc_ee_discover_req(UINT8 * p,UINT16 plen)1099 void nfc_ncif_proc_ee_discover_req (UINT8 *p, UINT16 plen)
1100 {
1101 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1102 tNFC_EE_DISCOVER_REQ_REVT ee_disc_req;
1103 tNFC_EE_DISCOVER_INFO *p_info;
1104 UINT8 u8;
1105
1106 NFC_TRACE_DEBUG2 ("nfc_ncif_proc_ee_discover_req %d len:%d", *p, plen);
1107 if (p_cback)
1108 {
1109 u8 = *p;
1110 ee_disc_req.status = NFC_STATUS_OK;
1111 ee_disc_req.num_info = *p++;
1112 p_info = ee_disc_req.info;
1113 if (plen)
1114 plen--;
1115 while ((u8 > 0) && (plen >= NFC_EE_DISCOVER_ENTRY_LEN))
1116 {
1117 p_info->op = *p++; /* T */
1118 if (*p != NFC_EE_DISCOVER_INFO_LEN)/* L */
1119 {
1120 NFC_TRACE_DEBUG1 ("bad entry len:%d", *p );
1121 return;
1122 }
1123 p++;
1124 /* V */
1125 p_info->nfcee_id = *p++;
1126 p_info->tech_n_mode = *p++;
1127 p_info->protocol = *p++;
1128 u8--;
1129 plen -=NFC_EE_DISCOVER_ENTRY_LEN;
1130 p_info++;
1131 }
1132 (*p_cback) (NFC_EE_DISCOVER_REQ_REVT, (tNFC_RESPONSE *) &ee_disc_req);
1133 }
1134
1135 }
1136
1137 /*******************************************************************************
1138 **
1139 ** Function nfc_ncif_proc_get_routing
1140 **
1141 ** Description This function is called to process get routing notification
1142 **
1143 ** Returns void
1144 **
1145 *******************************************************************************/
nfc_ncif_proc_get_routing(UINT8 * p,UINT8 len)1146 void nfc_ncif_proc_get_routing (UINT8 *p, UINT8 len)
1147 {
1148 tNFC_GET_ROUTING_REVT evt_data;
1149 UINT8 more, num_entries, xx, yy, *pn, tl;
1150 tNFC_STATUS status = NFC_STATUS_CONTINUE;
1151
1152 if (nfc_cb.p_resp_cback)
1153 {
1154 more = *p++;
1155 num_entries = *p++;
1156 for (xx = 0; xx < num_entries; xx++)
1157 {
1158 if ((more == FALSE) && (xx == (num_entries - 1)))
1159 status = NFC_STATUS_OK;
1160 evt_data.status = (tNFC_STATUS) status;
1161 evt_data.nfcee_id = *p++;
1162 evt_data.num_tlvs = *p++;
1163 evt_data.tlv_size = 0;
1164 pn = evt_data.param_tlvs;
1165 for (yy = 0; yy < evt_data.num_tlvs; yy++)
1166 {
1167 tl = *(p+1);
1168 tl += NFC_TL_SIZE;
1169 STREAM_TO_ARRAY (pn, p, tl);
1170 evt_data.tlv_size += tl;
1171 pn += tl;
1172 }
1173 (*nfc_cb.p_resp_cback) (NFC_GET_ROUTING_REVT, (tNFC_RESPONSE *) &evt_data);
1174 }
1175 }
1176 }
1177 #endif
1178
1179 /*******************************************************************************
1180 **
1181 ** Function nfc_ncif_proc_conn_create_rsp
1182 **
1183 ** Description This function is called to process connection create
1184 ** response
1185 **
1186 ** Returns void
1187 **
1188 *******************************************************************************/
nfc_ncif_proc_conn_create_rsp(UINT8 * p,UINT16 plen,UINT8 dest_type)1189 void nfc_ncif_proc_conn_create_rsp (UINT8 *p, UINT16 plen, UINT8 dest_type)
1190 {
1191 tNFC_CONN_CB * p_cb;
1192 tNFC_STATUS status;
1193 tNFC_CONN_CBACK *p_cback;
1194 tNFC_CONN evt_data;
1195 UINT8 conn_id;
1196
1197 /* find the pending connection control block */
1198 p_cb = nfc_find_conn_cb_by_conn_id (NFC_PEND_CONN_ID);
1199 if (p_cb)
1200 {
1201 p += NCI_MSG_HDR_SIZE;
1202 status = *p++;
1203 p_cb->buff_size = *p++;
1204 p_cb->num_buff = p_cb->init_credits = *p++;
1205 conn_id = *p++;
1206 evt_data.conn_create.status = status;
1207 evt_data.conn_create.dest_type = dest_type;
1208 evt_data.conn_create.id = p_cb->id;
1209 evt_data.conn_create.buff_size = p_cb->buff_size;
1210 evt_data.conn_create.num_buffs = p_cb->num_buff;
1211 p_cback = p_cb->p_cback;
1212 if (status == NCI_STATUS_OK)
1213 {
1214 nfc_set_conn_id (p_cb, conn_id);
1215 }
1216 else
1217 {
1218 nfc_free_conn_cb (p_cb);
1219 }
1220
1221
1222 if (p_cback)
1223 (*p_cback) (conn_id, NFC_CONN_CREATE_CEVT, &evt_data);
1224 }
1225 }
1226
1227 /*******************************************************************************
1228 **
1229 ** Function nfc_ncif_report_conn_close_evt
1230 **
1231 ** Description This function is called to report connection close event
1232 **
1233 ** Returns void
1234 **
1235 *******************************************************************************/
nfc_ncif_report_conn_close_evt(UINT8 conn_id,tNFC_STATUS status)1236 void nfc_ncif_report_conn_close_evt (UINT8 conn_id, tNFC_STATUS status)
1237 {
1238 tNFC_CONN evt_data;
1239 tNFC_CONN_CBACK *p_cback;
1240 tNFC_CONN_CB *p_cb;
1241
1242 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
1243 if (p_cb)
1244 {
1245 p_cback = p_cb->p_cback;
1246 nfc_free_conn_cb (p_cb);
1247 evt_data.status = status;
1248 if (p_cback)
1249 (*p_cback) (conn_id, NFC_CONN_CLOSE_CEVT, &evt_data);
1250 }
1251 }
1252
1253 /*******************************************************************************
1254 **
1255 ** Function nfc_ncif_proc_reset_rsp
1256 **
1257 ** Description This function is called to process reset response/notification
1258 **
1259 ** Returns void
1260 **
1261 *******************************************************************************/
nfc_ncif_proc_reset_rsp(UINT8 * p,BOOLEAN is_ntf)1262 void nfc_ncif_proc_reset_rsp (UINT8 *p, BOOLEAN is_ntf)
1263 {
1264 UINT8 status = *p++;
1265
1266 if (is_ntf)
1267 {
1268 NFC_TRACE_ERROR1 ("reset notification!!:0x%x ", status);
1269 /* clean up, if the state is OPEN
1270 * FW does not report reset ntf right now */
1271 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
1272 {
1273 /*if any conn_cb is connected, close it.
1274 if any pending outgoing packets are dropped.*/
1275 nfc_reset_all_conn_cbs ();
1276 }
1277 status = NCI_STATUS_OK;
1278 }
1279
1280 if (nfc_cb.flags & (NFC_FL_RESTARTING|NFC_FL_POWER_CYCLE_NFCC))
1281 {
1282 nfc_reset_all_conn_cbs ();
1283 }
1284
1285 if (status == NCI_STATUS_OK)
1286 {
1287 if ((*p) != NCI_VERSION)
1288 {
1289 NFC_TRACE_DEBUG2 ("NCI version mismatch!!:0x%02x != 0x%02x ", NCI_VERSION, *p);
1290 if ((*p) < NCI_VERSION_0_F)
1291 {
1292 NFC_TRACE_ERROR0 ("NFCC version is too old");
1293 status = NCI_STATUS_FAILED;
1294 }
1295 }
1296 }
1297
1298 if (status == NCI_STATUS_OK)
1299 {
1300 nci_snd_core_init ();
1301 }
1302 else
1303 {
1304 NFC_TRACE_ERROR0 ("Failed to reset NFCC");
1305 nfc_enabled (status, NULL);
1306 }
1307 }
1308
1309 /*******************************************************************************
1310 **
1311 ** Function nfc_ncif_proc_init_rsp
1312 **
1313 ** Description This function is called to process init response
1314 **
1315 ** Returns void
1316 **
1317 *******************************************************************************/
nfc_ncif_proc_init_rsp(BT_HDR * p_msg)1318 void nfc_ncif_proc_init_rsp (BT_HDR *p_msg)
1319 {
1320 UINT8 *p, status;
1321 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
1322
1323 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
1324
1325 /* handle init params in nfc_enabled */
1326 status = *(p + NCI_MSG_HDR_SIZE);
1327 if (status == NCI_STATUS_OK)
1328 {
1329 p_cb->id = NFC_RF_CONN_ID;
1330 p_cb->act_protocol = NCI_PROTOCOL_UNKNOWN;
1331
1332 nfc_set_state (NFC_STATE_W4_POST_INIT_CPLT);
1333
1334 nfc_cb.p_nci_init_rsp = p_msg;
1335 nfc_cb.p_hal->core_initialized (p);
1336 }
1337 else
1338 {
1339 nfc_enabled (status, NULL);
1340 GKI_freebuf (p_msg);
1341 }
1342 }
1343
1344 /*******************************************************************************
1345 **
1346 ** Function nfc_ncif_proc_get_config_rsp
1347 **
1348 ** Description This function is called to process get config response
1349 **
1350 ** Returns void
1351 **
1352 *******************************************************************************/
nfc_ncif_proc_get_config_rsp(BT_HDR * p_evt)1353 void nfc_ncif_proc_get_config_rsp (BT_HDR *p_evt)
1354 {
1355 UINT8 *p;
1356 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1357 tNFC_RESPONSE evt_data;
1358
1359 p_evt->offset += NCI_MSG_HDR_SIZE;
1360 p_evt->len -= NCI_MSG_HDR_SIZE;
1361 if (p_cback)
1362 {
1363 p = (UINT8 *) (p_evt + 1) + p_evt->offset;
1364 evt_data.get_config.status = *p++;
1365 evt_data.get_config.tlv_size = p_evt->len;
1366 evt_data.get_config.p_param_tlvs = p;
1367 (*p_cback) (NFC_GET_CONFIG_REVT, &evt_data);
1368 }
1369 }
1370
1371 /*******************************************************************************
1372 **
1373 ** Function nfc_ncif_proc_t3t_polling_ntf
1374 **
1375 ** Description Handle NCI_MSG_RF_T3T_POLLING NTF
1376 **
1377 ** Returns void
1378 **
1379 *******************************************************************************/
nfc_ncif_proc_t3t_polling_ntf(UINT8 * p,UINT16 plen)1380 void nfc_ncif_proc_t3t_polling_ntf (UINT8 *p, UINT16 plen)
1381 {
1382 UINT8 status;
1383 UINT8 num_responses;
1384
1385 /* Pass result to RW_T3T for processing */
1386 STREAM_TO_UINT8 (status, p);
1387 STREAM_TO_UINT8 (num_responses, p);
1388 plen-=NFC_TL_SIZE;
1389 rw_t3t_handle_nci_poll_ntf (status, num_responses, (UINT8) plen, p);
1390 }
1391
1392 /*******************************************************************************
1393 **
1394 ** Function nfc_data_event
1395 **
1396 ** Description Report Data event on the given connection control block
1397 **
1398 ** Returns void
1399 **
1400 *******************************************************************************/
nfc_data_event(tNFC_CONN_CB * p_cb)1401 void nfc_data_event (tNFC_CONN_CB * p_cb)
1402 {
1403 BT_HDR *p_evt;
1404 tNFC_DATA_CEVT data_cevt;
1405 UINT8 *p;
1406
1407 if (p_cb->p_cback)
1408 {
1409 while ((p_evt = (BT_HDR *)GKI_getfirst (&p_cb->rx_q)) != NULL)
1410 {
1411 if (p_evt->layer_specific & NFC_RAS_FRAGMENTED)
1412 {
1413 break;
1414 }
1415 p_evt = (BT_HDR *) GKI_dequeue (&p_cb->rx_q);
1416 /* report data event */
1417 p_evt->offset += NCI_MSG_HDR_SIZE;
1418 p_evt->len -= NCI_MSG_HDR_SIZE;
1419 if (p_evt->layer_specific)
1420 data_cevt.status = NFC_STATUS_BAD_LENGTH;
1421 else
1422 data_cevt.status = NFC_STATUS_OK;
1423 data_cevt.p_data = p_evt;
1424 /* adjust payload, if needed */
1425 if (p_cb->conn_id == NFC_RF_CONN_ID)
1426 {
1427 /* if NCI_PROTOCOL_T1T/NCI_PROTOCOL_T2T/NCI_PROTOCOL_T3T, the status byte needs to be removed
1428 */
1429 if ((p_cb->act_protocol >= NCI_PROTOCOL_T1T) && (p_cb->act_protocol <= NCI_PROTOCOL_T3T))
1430 {
1431 p_evt->len--;
1432 p = (UINT8 *) (p_evt + 1);
1433 data_cevt.status = *(p + p_evt->offset + p_evt->len);
1434 }
1435 }
1436 (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_CEVT, (tNFC_CONN *) &data_cevt);
1437 p_evt = NULL;
1438 }
1439 }
1440 }
1441
1442 /*******************************************************************************
1443 **
1444 ** Function nfc_ncif_proc_data
1445 **
1446 ** Description Find the connection control block associated with the data
1447 ** packet. Assemble the data packet, if needed.
1448 ** Report the Data event.
1449 **
1450 ** Returns void
1451 **
1452 *******************************************************************************/
nfc_ncif_proc_data(BT_HDR * p_msg)1453 void nfc_ncif_proc_data (BT_HDR *p_msg)
1454 {
1455 UINT8 *pp, cid;
1456 tNFC_CONN_CB * p_cb;
1457 UINT8 pbf;
1458 BT_HDR *p_last;
1459 UINT8 *ps, *pd;
1460 UINT16 size;
1461 BT_HDR *p_max = NULL;
1462 UINT16 len;
1463 UINT16 error_mask = 0;
1464
1465 pp = (UINT8 *) (p_msg+1) + p_msg->offset;
1466 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_data 0x%02x%02x%02x", pp[0], pp[1], pp[2]);
1467 NCI_DATA_PRS_HDR (pp, pbf, cid, len);
1468 p_cb = nfc_find_conn_cb_by_conn_id (cid);
1469 if (p_cb && (p_msg->len >= NCI_DATA_HDR_SIZE))
1470 {
1471 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", len);
1472 if (len > 0)
1473 {
1474 p_msg->layer_specific = 0;
1475 if (pbf)
1476 p_msg->layer_specific = NFC_RAS_FRAGMENTED;
1477 p_last = (BT_HDR *)GKI_getlast (&p_cb->rx_q);
1478 if (p_last && (p_last->layer_specific & NFC_RAS_FRAGMENTED))
1479 {
1480 /* last data buffer is not last fragment, append this new packet to the last */
1481 size = GKI_get_buf_size(p_last);
1482 if (size < (BT_HDR_SIZE + p_last->len + p_last->offset + len))
1483 {
1484 /* the current size of p_last is not big enough to hold the new fragment, p_msg */
1485 if (size != GKI_MAX_BUF_SIZE)
1486 {
1487 /* try the biggest GKI pool */
1488 p_max = (BT_HDR *)GKI_getpoolbuf (GKI_MAX_BUF_SIZE_POOL_ID);
1489 if (p_max)
1490 {
1491 /* copy the content of last buffer to the new buffer */
1492 memcpy(p_max, p_last, BT_HDR_SIZE);
1493 pd = (UINT8 *)(p_max + 1) + p_max->offset;
1494 ps = (UINT8 *)(p_last + 1) + p_last->offset;
1495 memcpy(pd, ps, p_last->len);
1496
1497 /* place the new buffer in the queue instead */
1498 GKI_remove_from_queue (&p_cb->rx_q, p_last);
1499 GKI_freebuf (p_last);
1500 GKI_enqueue (&p_cb->rx_q, p_max);
1501 p_last = p_max;
1502 }
1503 }
1504 if (p_max == NULL)
1505 {
1506 p_last->layer_specific |= NFC_RAS_TOO_BIG;
1507 NFC_TRACE_ERROR1 ("nci_reassemble_msg buffer overrun(%d)!!", len);
1508 }
1509 }
1510
1511 ps = (UINT8 *)(p_msg + 1) + p_msg->offset + NCI_MSG_HDR_SIZE;
1512 len = p_msg->len - NCI_MSG_HDR_SIZE;
1513 if ((p_last->layer_specific & NFC_RAS_TOO_BIG) == 0)
1514 {
1515 pd = (UINT8 *)(p_last + 1) + p_last->offset + p_last->len;
1516 memcpy(pd, ps, len);
1517 p_last->len += len;
1518 /* do not need to update pbf and len in NCI header.
1519 * They are stripped off at NFC_DATA_CEVT and len may exceed 255 */
1520 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", p_last->len);
1521 }
1522
1523 error_mask = (p_last->layer_specific & NFC_RAS_TOO_BIG);
1524 p_last->layer_specific = (p_msg->layer_specific | error_mask);
1525 GKI_freebuf (p_msg);
1526 #ifdef DISP_NCI
1527 if ((p_last->layer_specific & NFC_RAS_FRAGMENTED) == 0)
1528 {
1529 /* this packet was reassembled. display the complete packet */
1530 DISP_NCI ((UINT8 *)(p_last + 1) + p_last->offset, p_last->len, TRUE);
1531 }
1532 #endif
1533 }
1534 else
1535 {
1536 /* enqueue the new buffer to the rx queue */
1537 GKI_enqueue (&p_cb->rx_q, p_msg);
1538 }
1539 nfc_data_event (p_cb);
1540 return;
1541 }
1542 /* else an empty data packet*/
1543 }
1544 GKI_freebuf (p_msg);
1545 }
1546
1547 #endif /* NFC_INCLUDED == TRUE*/
1548