1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19
20 /******************************************************************************
21 *
22 * This file contains functions that interface with the NFC NCI transport.
23 * On the receive side, it routes events to the appropriate handler
24 * (callback). On the transmit side, it manages the command transmission.
25 *
26 ******************************************************************************/
27 #include <stdlib.h>
28 #include <string.h>
29 #include "nfc_target.h"
30
31 #if NFC_INCLUDED == TRUE
32 #include "nfc_hal_api.h"
33 #include "nfc_api.h"
34 #include "nci_defs.h"
35 #include "nci_hmsgs.h"
36 #include "nfc_int.h"
37 #include "rw_api.h"
38 #include "rw_int.h"
39 #include "hcidefs.h"
40 #include "nfc_hal_api.h"
41
42 #if (NFC_RW_ONLY == FALSE)
43 static const UINT8 nfc_mpl_code_to_size[] =
44 {64, 128, 192, 254};
45
46 #endif /* NFC_RW_ONLY */
47
48
49 #define NFC_PB_ATTRIB_REQ_FIXED_BYTES 1
50 #define NFC_LB_ATTRIB_REQ_FIXED_BYTES 8
51
52
53 /*******************************************************************************
54 **
55 ** Function nfc_ncif_update_window
56 **
57 ** Description Update tx cmd window to indicate that NFCC can received
58 **
59 ** Returns void
60 **
61 *********************************************************************************/
nfc_ncif_update_window(void)62 void nfc_ncif_update_window (void)
63 {
64 /* Sanity check - see if we were expecting a update_window */
65 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
66 {
67 if (nfc_cb.nfc_state != NFC_STATE_W4_HAL_CLOSE)
68 {
69 NFC_TRACE_ERROR0("nfc_ncif_update_window: Unexpected call");
70 }
71 return;
72 }
73
74 /* Stop command-pending timer */
75 nfc_stop_timer (&nfc_cb.nci_wait_rsp_timer);
76
77 nfc_cb.p_vsc_cback = NULL;
78 nfc_cb.nci_cmd_window++;
79
80 /* Check if there were any commands waiting to be sent */
81 nfc_ncif_check_cmd_queue (NULL);
82 }
83
84 /*******************************************************************************
85 **
86 ** Function nfc_ncif_cmd_timeout
87 **
88 ** Description Handle a command timeout
89 **
90 ** Returns void
91 **
92 *******************************************************************************/
nfc_ncif_cmd_timeout(void)93 void nfc_ncif_cmd_timeout (void)
94 {
95 NFC_TRACE_ERROR0 ("nfc_ncif_cmd_timeout");
96
97 /* report an error */
98 nfc_ncif_event_status(NFC_GEN_ERROR_REVT, NFC_STATUS_HW_TIMEOUT);
99 nfc_ncif_event_status(NFC_NFCC_TIMEOUT_REVT, NFC_STATUS_HW_TIMEOUT);
100
101 /* if enabling NFC, notify upper layer of failure */
102 if (nfc_cb.nfc_state == NFC_STATE_CORE_INIT)
103 {
104 nfc_enabled (NFC_STATUS_FAILED, NULL);
105 }
106
107 /* XXX maco since this failure is unrecoverable, abort the process */
108 abort();
109 }
110
111 /*******************************************************************************
112 **
113 ** Function nfc_wait_2_deactivate_timeout
114 **
115 ** Description Handle a command timeout
116 **
117 ** Returns void
118 **
119 *******************************************************************************/
nfc_wait_2_deactivate_timeout(void)120 void nfc_wait_2_deactivate_timeout (void)
121 {
122 NFC_TRACE_ERROR0 ("nfc_wait_2_deactivate_timeout");
123 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
124 nci_snd_deactivate_cmd ((UINT8) ((TIMER_PARAM_TYPE) nfc_cb.deactivate_timer.param));
125 }
126
127
128 /*******************************************************************************
129 **
130 ** Function nfc_ncif_send_data
131 **
132 ** Description This function is called to add the NCI data header
133 ** and send it to NCIT task for sending it to transport
134 ** as credits are available.
135 **
136 ** Returns void
137 **
138 *******************************************************************************/
nfc_ncif_send_data(tNFC_CONN_CB * p_cb,BT_HDR * p_data)139 UINT8 nfc_ncif_send_data (tNFC_CONN_CB *p_cb, BT_HDR *p_data)
140 {
141 UINT8 *pp;
142 UINT8 *ps;
143 UINT8 ulen = NCI_MAX_PAYLOAD_SIZE;
144 BT_HDR *p;
145 UINT8 pbf = 1;
146 UINT8 buffer_size = p_cb->buff_size;
147 UINT8 hdr0 = p_cb->conn_id;
148 BOOLEAN fragmented = FALSE;
149
150 NFC_TRACE_DEBUG3 ("nfc_ncif_send_data :%d, num_buff:%d qc:%d", p_cb->conn_id, p_cb->num_buff, p_cb->tx_q.count);
151 if (p_cb->id == NFC_RF_CONN_ID)
152 {
153 if (nfc_cb.nfc_state != NFC_STATE_OPEN)
154 {
155 if (nfc_cb.nfc_state == NFC_STATE_CLOSING)
156 {
157 if ((p_data == NULL) && /* called because credit from NFCC */
158 (nfc_cb.flags & NFC_FL_DEACTIVATING))
159 {
160 if (p_cb->init_credits == p_cb->num_buff)
161 {
162 /* all the credits are back */
163 nfc_cb.flags &= ~NFC_FL_DEACTIVATING;
164 NFC_TRACE_DEBUG2 ("deactivating NFC-DEP init_credits:%d, num_buff:%d", p_cb->init_credits, p_cb->num_buff);
165 nfc_stop_timer(&nfc_cb.deactivate_timer);
166 nci_snd_deactivate_cmd ((UINT8)((TIMER_PARAM_TYPE)nfc_cb.deactivate_timer.param));
167 }
168 }
169 }
170 return NCI_STATUS_FAILED;
171 }
172 }
173
174 if (p_data)
175 {
176 /* always enqueue the data to the tx queue */
177 GKI_enqueue (&p_cb->tx_q, p_data);
178 }
179
180 /* try to send the first data packet in the tx queue */
181 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
182
183 /* post data fragment to NCIT task as credits are available */
184 while (p_data && (p_data->len >= 0) && (p_cb->num_buff > 0))
185 {
186 if (p_data->len <= buffer_size)
187 {
188 pbf = 0; /* last fragment */
189 ulen = (UINT8)(p_data->len);
190 fragmented = FALSE;
191 }
192 else
193 {
194 fragmented = TRUE;
195 ulen = buffer_size;
196 }
197
198 if (!fragmented)
199 {
200 /* if data packet is not fragmented, use the original buffer */
201 p = p_data;
202 p_data = (BT_HDR *)GKI_dequeue (&p_cb->tx_q);
203 }
204 else
205 {
206 /* the data packet is too big and need to be fragmented
207 * prepare a new GKI buffer
208 * (even the last fragment to avoid issues) */
209 if ((p = NCI_GET_CMD_BUF(ulen)) == NULL)
210 return (NCI_STATUS_BUFFER_FULL);
211 p->len = ulen;
212 p->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE + 1;
213 if (p->len)
214 {
215 pp = (UINT8 *)(p + 1) + p->offset;
216 ps = (UINT8 *)(p_data + 1) + p_data->offset;
217 memcpy (pp, ps, ulen);
218 }
219 /* adjust the BT_HDR on the old fragment */
220 p_data->len -= ulen;
221 p_data->offset += ulen;
222 }
223
224 p->event = BT_EVT_TO_NFC_NCI;
225 p->layer_specific = pbf;
226 p->len += NCI_DATA_HDR_SIZE;
227 p->offset -= NCI_DATA_HDR_SIZE;
228 pp = (UINT8 *)(p + 1) + p->offset;
229 /* build NCI Data packet header */
230 NCI_DATA_PBLD_HDR(pp, pbf, hdr0, ulen);
231
232 if (p_cb->num_buff != NFC_CONN_NO_FC)
233 p_cb->num_buff--;
234
235 /* send to HAL */
236 HAL_WRITE(p);
237
238 if (!fragmented)
239 {
240 /* check if there are more data to send */
241 p_data = (BT_HDR *)GKI_getfirst (&p_cb->tx_q);
242 }
243 }
244
245 return (NCI_STATUS_OK);
246 }
247
248 /*******************************************************************************
249 **
250 ** Function nfc_ncif_check_cmd_queue
251 **
252 ** Description Send NCI command to the transport
253 **
254 ** Returns void
255 **
256 *******************************************************************************/
nfc_ncif_check_cmd_queue(BT_HDR * p_buf)257 void nfc_ncif_check_cmd_queue (BT_HDR *p_buf)
258 {
259 UINT8 *ps;
260 /* If there are commands waiting in the xmit queue, or if the controller cannot accept any more commands, */
261 /* then enqueue this command */
262 if (p_buf)
263 {
264 if ((nfc_cb.nci_cmd_xmit_q.count) || (nfc_cb.nci_cmd_window == 0))
265 {
266 GKI_enqueue (&nfc_cb.nci_cmd_xmit_q, p_buf);
267 p_buf = NULL;
268 }
269 }
270
271 /* If controller can accept another command, then send the next command */
272 if (nfc_cb.nci_cmd_window > 0)
273 {
274 /* If no command was provided, or if older commands were in the queue, then get cmd from the queue */
275 if (!p_buf)
276 p_buf = (BT_HDR *)GKI_dequeue (&nfc_cb.nci_cmd_xmit_q);
277
278 if (p_buf)
279 {
280 /* save the message header to double check the response */
281 ps = (UINT8 *)(p_buf + 1) + p_buf->offset;
282 memcpy(nfc_cb.last_hdr, ps, NFC_SAVED_HDR_SIZE);
283 memcpy(nfc_cb.last_cmd, ps + NCI_MSG_HDR_SIZE, NFC_SAVED_CMD_SIZE);
284 if (p_buf->layer_specific == NFC_WAIT_RSP_VSC)
285 {
286 /* save the callback for NCI VSCs) */
287 nfc_cb.p_vsc_cback = (void *)((tNFC_NCI_VS_MSG *)p_buf)->p_cback;
288 }
289
290 /* send to HAL */
291 HAL_WRITE(p_buf);
292
293 /* Indicate command is pending */
294 nfc_cb.nci_cmd_window--;
295
296 /* start NFC command-timeout timer */
297 nfc_start_timer (&nfc_cb.nci_wait_rsp_timer, (UINT16)(NFC_TTYPE_NCI_WAIT_RSP), nfc_cb.nci_wait_rsp_tout);
298 }
299 }
300
301 if (nfc_cb.nci_cmd_window == NCI_MAX_CMD_WINDOW)
302 {
303 /* the command queue must be empty now */
304 if (nfc_cb.flags & NFC_FL_CONTROL_REQUESTED)
305 {
306 /* HAL requested control or stack needs to handle pre-discover */
307 nfc_cb.flags &= ~NFC_FL_CONTROL_REQUESTED;
308 if (nfc_cb.flags & NFC_FL_DISCOVER_PENDING)
309 {
310 if (nfc_cb.p_hal->prediscover ())
311 {
312 /* HAL has the command window now */
313 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
314 nfc_cb.nci_cmd_window = 0;
315 }
316 else
317 {
318 /* HAL does not need to send command,
319 * - restore the command window and issue the discovery command now */
320 nfc_cb.flags &= ~NFC_FL_DISCOVER_PENDING;
321 ps = (UINT8 *)nfc_cb.p_disc_pending;
322 nci_snd_discover_cmd (*ps, (tNFC_DISCOVER_PARAMS *)(ps + 1));
323 GKI_freebuf (nfc_cb.p_disc_pending);
324 nfc_cb.p_disc_pending = NULL;
325 }
326 }
327 else if (nfc_cb.flags & NFC_FL_HAL_REQUESTED)
328 {
329 /* grant the control to HAL */
330 nfc_cb.flags &= ~NFC_FL_HAL_REQUESTED;
331 nfc_cb.flags |= NFC_FL_CONTROL_GRANTED;
332 nfc_cb.nci_cmd_window = 0;
333 nfc_cb.p_hal->control_granted ();
334 }
335 }
336 }
337 }
338
339
340 /*******************************************************************************
341 **
342 ** Function nfc_ncif_send_cmd
343 **
344 ** Description Send NCI command to the NCIT task
345 **
346 ** Returns void
347 **
348 *******************************************************************************/
nfc_ncif_send_cmd(BT_HDR * p_buf)349 void nfc_ncif_send_cmd (BT_HDR *p_buf)
350 {
351 /* post the p_buf to NCIT task */
352 p_buf->event = BT_EVT_TO_NFC_NCI;
353 p_buf->layer_specific = 0;
354 nfc_ncif_check_cmd_queue (p_buf);
355 }
356
357
358 /*******************************************************************************
359 **
360 ** Function nfc_ncif_process_event
361 **
362 ** Description This function is called to process the data/response/notification
363 ** from NFCC
364 **
365 ** Returns TRUE if need to free buffer
366 **
367 *******************************************************************************/
nfc_ncif_process_event(BT_HDR * p_msg)368 BOOLEAN nfc_ncif_process_event (BT_HDR *p_msg)
369 {
370 UINT8 mt, pbf, gid, *p, *pp;
371 BOOLEAN free = TRUE;
372 UINT8 oid;
373 UINT8 *p_old, old_gid, old_oid, old_mt;
374
375 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
376
377 pp = p;
378 NCI_MSG_PRS_HDR0 (pp, mt, pbf, gid);
379
380 switch (mt)
381 {
382 case NCI_MT_DATA:
383 NFC_TRACE_DEBUG0 ("NFC received data");
384 nfc_ncif_proc_data (p_msg);
385 free = FALSE;
386 break;
387
388 case NCI_MT_RSP:
389 NFC_TRACE_DEBUG1 ("NFC received rsp gid:%d", gid);
390 oid = ((*pp) & NCI_OID_MASK);
391 p_old = nfc_cb.last_hdr;
392 NCI_MSG_PRS_HDR0(p_old, old_mt, pbf, old_gid);
393 old_oid = ((*p_old) & NCI_OID_MASK);
394 /* make sure this is the RSP we are waiting for before updating the command window */
395 if ((old_gid != gid) || (old_oid != oid))
396 {
397 NFC_TRACE_ERROR2 ("nfc_ncif_process_event unexpected rsp: gid:0x%x, oid:0x%x", gid, oid);
398 return TRUE;
399 }
400
401 switch (gid)
402 {
403 case NCI_GID_CORE: /* 0000b NCI Core group */
404 free = nci_proc_core_rsp (p_msg);
405 break;
406 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
407 nci_proc_rf_management_rsp (p_msg);
408 break;
409 #if (NFC_NFCEE_INCLUDED == TRUE)
410 #if (NFC_RW_ONLY == FALSE)
411 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
412 nci_proc_ee_management_rsp (p_msg);
413 break;
414 #endif
415 #endif
416 case NCI_GID_PROP: /* 1111b Proprietary */
417 nci_proc_prop_rsp (p_msg);
418 break;
419 default:
420 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
421 break;
422 }
423
424 nfc_ncif_update_window ();
425 break;
426
427 case NCI_MT_NTF:
428 NFC_TRACE_DEBUG1 ("NFC received ntf gid:%d", gid);
429 switch (gid)
430 {
431 case NCI_GID_CORE: /* 0000b NCI Core group */
432 nci_proc_core_ntf (p_msg);
433 break;
434 case NCI_GID_RF_MANAGE: /* 0001b NCI Discovery group */
435 nci_proc_rf_management_ntf (p_msg);
436 break;
437 #if (NFC_NFCEE_INCLUDED == TRUE)
438 #if (NFC_RW_ONLY == FALSE)
439 case NCI_GID_EE_MANAGE: /* 0x02 0010b NFCEE Discovery group */
440 nci_proc_ee_management_ntf (p_msg);
441 break;
442 #endif
443 #endif
444 case NCI_GID_PROP: /* 1111b Proprietary */
445 nci_proc_prop_ntf (p_msg);
446 break;
447 default:
448 NFC_TRACE_ERROR1 ("NFC: Unknown gid:%d", gid);
449 break;
450 }
451 break;
452
453 default:
454 NFC_TRACE_DEBUG2 ("NFC received unknown mt:0x%x, gid:%d", mt, gid);
455 }
456
457 return (free);
458 }
459
460 /*******************************************************************************
461 **
462 ** Function nfc_ncif_rf_management_status
463 **
464 ** Description This function is called to report an event
465 **
466 ** Returns void
467 **
468 *******************************************************************************/
nfc_ncif_rf_management_status(tNFC_DISCOVER_EVT event,UINT8 status)469 void nfc_ncif_rf_management_status (tNFC_DISCOVER_EVT event, UINT8 status)
470 {
471 tNFC_DISCOVER evt_data;
472 if (nfc_cb.p_discv_cback)
473 {
474 evt_data.status = (tNFC_STATUS) status;
475 (*nfc_cb.p_discv_cback) (event, &evt_data);
476 }
477 }
478
479 /*******************************************************************************
480 **
481 ** Function nfc_ncif_set_config_status
482 **
483 ** Description This function is called to report NFC_SET_CONFIG_REVT
484 **
485 ** Returns void
486 **
487 *******************************************************************************/
nfc_ncif_set_config_status(UINT8 * p,UINT8 len)488 void nfc_ncif_set_config_status (UINT8 *p, UINT8 len)
489 {
490 tNFC_RESPONSE evt_data;
491 if (nfc_cb.p_resp_cback)
492 {
493 evt_data.set_config.status = (tNFC_STATUS) *p++;
494 evt_data.set_config.num_param_id = NFC_STATUS_OK;
495 if (evt_data.set_config.status != NFC_STATUS_OK)
496 {
497 evt_data.set_config.num_param_id = *p++;
498 STREAM_TO_ARRAY (evt_data.set_config.param_ids, p, evt_data.set_config.num_param_id);
499 }
500
501 (*nfc_cb.p_resp_cback) (NFC_SET_CONFIG_REVT, &evt_data);
502 }
503 }
504
505 /*******************************************************************************
506 **
507 ** Function nfc_ncif_event_status
508 **
509 ** Description This function is called to report an event
510 **
511 ** Returns void
512 **
513 *******************************************************************************/
nfc_ncif_event_status(tNFC_RESPONSE_EVT event,UINT8 status)514 void nfc_ncif_event_status (tNFC_RESPONSE_EVT event, UINT8 status)
515 {
516 tNFC_RESPONSE evt_data;
517 if (nfc_cb.p_resp_cback)
518 {
519 evt_data.status = (tNFC_STATUS) status;
520 (*nfc_cb.p_resp_cback) (event, &evt_data);
521 }
522 }
523
524 /*******************************************************************************
525 **
526 ** Function nfc_ncif_error_status
527 **
528 ** Description This function is called to report an error event to data cback
529 **
530 ** Returns void
531 **
532 *******************************************************************************/
nfc_ncif_error_status(UINT8 conn_id,UINT8 status)533 void nfc_ncif_error_status (UINT8 conn_id, UINT8 status)
534 {
535 tNFC_CONN_CB * p_cb;
536 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
537 if (p_cb && p_cb->p_cback)
538 {
539 (*p_cb->p_cback) (conn_id, NFC_ERROR_CEVT, (tNFC_CONN *) &status);
540 }
541 }
542
543 /*******************************************************************************
544 **
545 ** Function nfc_ncif_proc_rf_field_ntf
546 **
547 ** Description This function is called to process RF field notification
548 **
549 ** Returns void
550 **
551 *******************************************************************************/
552 #if (NFC_RW_ONLY == FALSE)
nfc_ncif_proc_rf_field_ntf(UINT8 rf_status)553 void nfc_ncif_proc_rf_field_ntf (UINT8 rf_status)
554 {
555 tNFC_RESPONSE evt_data;
556 if (nfc_cb.p_resp_cback)
557 {
558 evt_data.status = (tNFC_STATUS) NFC_STATUS_OK;
559 evt_data.rf_field.rf_field = rf_status;
560 (*nfc_cb.p_resp_cback) (NFC_RF_FIELD_REVT, &evt_data);
561 }
562 }
563 #endif
564
565 /*******************************************************************************
566 **
567 ** Function nfc_ncif_proc_credits
568 **
569 ** Description This function is called to process data credits
570 **
571 ** Returns void
572 **
573 *******************************************************************************/
nfc_ncif_proc_credits(UINT8 * p,UINT16 plen)574 void nfc_ncif_proc_credits(UINT8 *p, UINT16 plen)
575 {
576 UINT8 num, xx;
577 tNFC_CONN_CB * p_cb;
578
579 num = *p++;
580 for (xx = 0; xx < num; xx++)
581 {
582 p_cb = nfc_find_conn_cb_by_conn_id(*p++);
583 if (p_cb && p_cb->num_buff != NFC_CONN_NO_FC)
584 {
585 p_cb->num_buff += (*p);
586 #if (BT_USE_TRACES == TRUE)
587 if (p_cb->num_buff > p_cb->init_credits)
588 {
589 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
590 {
591 /* if this happens in activated state, it's very likely that our NFCC has issues */
592 /* However, credit may be returned after deactivation */
593 NFC_TRACE_ERROR2( "num_buff:0x%x, init_credits:0x%x", p_cb->num_buff, p_cb->init_credits);
594 }
595 p_cb->num_buff = p_cb->init_credits;
596 }
597 #endif
598 /* check if there's nay data in tx q to be sent */
599 nfc_ncif_send_data (p_cb, NULL);
600 }
601 p++;
602 }
603 }
604 /*******************************************************************************
605 **
606 ** Function nfc_ncif_decode_rf_params
607 **
608 ** Description This function is called to process the detected technology
609 ** and mode and the associated parameters for DISCOVER_NTF and
610 ** ACTIVATE_NTF
611 **
612 ** Returns void
613 **
614 *******************************************************************************/
nfc_ncif_decode_rf_params(tNFC_RF_TECH_PARAMS * p_param,UINT8 * p)615 UINT8 * nfc_ncif_decode_rf_params (tNFC_RF_TECH_PARAMS *p_param, UINT8 *p)
616 {
617 tNFC_RF_PA_PARAMS *p_pa;
618 UINT8 len, *p_start, u8;
619 tNFC_RF_PB_PARAMS *p_pb;
620 tNFC_RF_LF_PARAMS *p_lf;
621 tNFC_RF_PF_PARAMS *p_pf;
622 tNFC_RF_PISO15693_PARAMS *p_i93;
623
624 len = *p++;
625 p_start = p;
626 memset ( &p_param->param, 0, sizeof (tNFC_RF_TECH_PARAMU));
627
628 if ( NCI_DISCOVERY_TYPE_POLL_A == p_param->mode
629 || NCI_DISCOVERY_TYPE_POLL_A_ACTIVE == p_param->mode )
630 {
631 p_pa = &p_param->param.pa;
632 /*
633 SENS_RES Response 2 bytes Defined in [DIGPROT] Available after Technology Detection
634 NFCID1 length 1 byte Length of NFCID1 Available after Collision Resolution
635 NFCID1 4, 7, or 10 bytes Defined in [DIGPROT]Available after Collision Resolution
636 SEL_RES Response 1 byte Defined in [DIGPROT]Available after Collision Resolution
637 HRx Length 1 Octets Length of HRx Parameters collected from the response to the T1T RID command.
638 HRx 0 or 2 Octets If present, the first byte SHALL contain HR0 and the second byte SHALL contain HR1 as defined in [DIGITAL].
639 */
640 STREAM_TO_ARRAY (p_pa->sens_res, p, 2);
641 p_pa->nfcid1_len = *p++;
642 if (p_pa->nfcid1_len > NCI_NFCID1_MAX_LEN)
643 p_pa->nfcid1_len = NCI_NFCID1_MAX_LEN;
644 STREAM_TO_ARRAY (p_pa->nfcid1, p, p_pa->nfcid1_len);
645 u8 = *p++;
646 if (u8)
647 p_pa->sel_rsp = *p++;
648 if (len == (7 + p_pa->nfcid1_len + u8)) /* 2(sens_res) + 1(len) + p_pa->nfcid1_len + 1(len) + u8 + hr (1:len + 2) */
649 {
650 p_pa->hr_len = *p++;
651 if (p_pa->hr_len == NCI_T1T_HR_LEN)
652 {
653 p_pa->hr[0] = *p++;
654 p_pa->hr[1] = *p;
655 }
656 }
657 }
658 else if (NCI_DISCOVERY_TYPE_POLL_B == p_param->mode)
659 {
660 /*
661 SENSB_RES Response length (n) 1 byte Length of SENSB_RES Response (Byte 2 - Byte 12 or 13)Available after Technology Detection
662 SENSB_RES Response Byte 2 - Byte 12 or 13 11 or 12 bytes Defined in [DIGPROT] Available after Technology Detection
663 */
664 p_pb = &p_param->param.pb;
665 p_pb->sensb_res_len = *p++;
666 if (p_pb->sensb_res_len > NCI_MAX_SENSB_RES_LEN)
667 p_pb->sensb_res_len = NCI_MAX_SENSB_RES_LEN;
668 STREAM_TO_ARRAY (p_pb->sensb_res, p, p_pb->sensb_res_len);
669 memcpy (p_pb->nfcid0, p_pb->sensb_res, NFC_NFCID0_MAX_LEN);
670 }
671 else if ( NCI_DISCOVERY_TYPE_POLL_F == p_param->mode
672 || NCI_DISCOVERY_TYPE_POLL_F_ACTIVE == p_param->mode )
673 {
674 /*
675 Bit Rate 1 byte 1 212 kbps/2 424 kbps/0 and 3 to 255 RFU
676 SENSF_RES Response length.(n) 1 byte Length of SENSF_RES (Byte 2 - Byte 17 or 19).Available after Technology Detection
677 SENSF_RES Response Byte 2 - Byte 17 or 19 n bytes Defined in [DIGPROT] Available after Technology Detection
678 */
679 p_pf = &p_param->param.pf;
680 p_pf->bit_rate = *p++;
681 p_pf->sensf_res_len = *p++;
682 if (p_pf->sensf_res_len > NCI_MAX_SENSF_RES_LEN)
683 p_pf->sensf_res_len = NCI_MAX_SENSF_RES_LEN;
684 STREAM_TO_ARRAY (p_pf->sensf_res, p, p_pf->sensf_res_len);
685 memcpy (p_pf->nfcid2, p_pf->sensf_res, NCI_NFCID2_LEN);
686 p_pf->mrti_check = p_pf->sensf_res[NCI_MRTI_CHECK_INDEX];
687 p_pf->mrti_update = p_pf->sensf_res[NCI_MRTI_UPDATE_INDEX];
688 }
689 else if ( NCI_DISCOVERY_TYPE_LISTEN_F == p_param->mode
690 || NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE == p_param->mode )
691 {
692 p_lf = &p_param->param.lf;
693 u8 = *p++;
694 if (u8)
695 {
696 STREAM_TO_ARRAY (p_lf->nfcid2, p, NCI_NFCID2_LEN);
697 }
698 }
699 else if (NCI_DISCOVERY_TYPE_POLL_ISO15693 == p_param->mode)
700 {
701 p_i93 = &p_param->param.pi93;
702 p_i93->flag = *p++;
703 p_i93->dsfid = *p++;
704 STREAM_TO_ARRAY (p_i93->uid, p, NFC_ISO15693_UID_LEN);
705 }
706 else if (NCI_DISCOVERY_TYPE_POLL_KOVIO == p_param->mode)
707 {
708 p_param->param.pk.uid_len = *p++;
709 if (p_param->param.pk.uid_len > NFC_KOVIO_MAX_LEN)
710 {
711 NFC_TRACE_ERROR2( "Kovio UID len:0x%x exceeds max(0x%x)", p_param->param.pk.uid_len, NFC_KOVIO_MAX_LEN);
712 p_param->param.pk.uid_len = NFC_KOVIO_MAX_LEN;
713 }
714 STREAM_TO_ARRAY (p_param->param.pk.uid, p, p_param->param.pk.uid_len);
715 }
716
717 return (p_start + len);
718 }
719
720 /*******************************************************************************
721 **
722 ** Function nfc_ncif_proc_discover_ntf
723 **
724 ** Description This function is called to process discover notification
725 **
726 ** Returns void
727 **
728 *******************************************************************************/
nfc_ncif_proc_discover_ntf(UINT8 * p,UINT16 plen)729 void nfc_ncif_proc_discover_ntf (UINT8 *p, UINT16 plen)
730 {
731 tNFC_DISCOVER evt_data;
732
733 if (nfc_cb.p_discv_cback)
734 {
735 p += NCI_MSG_HDR_SIZE;
736 evt_data.status = NCI_STATUS_OK;
737 evt_data.result.rf_disc_id = *p++;
738 evt_data.result.protocol = *p++;
739
740 /* fill in tNFC_RESULT_DEVT */
741 evt_data.result.rf_tech_param.mode = *p++;
742 p = nfc_ncif_decode_rf_params (&evt_data.result.rf_tech_param, p);
743
744 evt_data.result.more = *p++;
745 (*nfc_cb.p_discv_cback) (NFC_RESULT_DEVT, &evt_data);
746 }
747 }
748
749 /*******************************************************************************
750 **
751 ** Function nfc_ncif_proc_activate
752 **
753 ** Description This function is called to process de-activate
754 ** response and notification
755 **
756 ** Returns void
757 **
758 *******************************************************************************/
nfc_ncif_proc_activate(UINT8 * p,UINT8 len)759 void nfc_ncif_proc_activate (UINT8 *p, UINT8 len)
760 {
761 tNFC_DISCOVER evt_data;
762 tNFC_INTF_PARAMS *p_intf = &evt_data.activate.intf_param;
763 tNFC_INTF_PA_ISO_DEP *p_pa_iso;
764 tNFC_INTF_LB_ISO_DEP *p_lb_iso;
765 tNFC_INTF_PB_ISO_DEP *p_pb_iso;
766 #if (NFC_RW_ONLY == FALSE)
767 tNFC_INTF_PA_NFC_DEP *p_pa_nfc;
768 int mpl_idx = 0;
769 UINT8 gb_idx = 0, mpl;
770 #endif
771 UINT8 t0;
772 tNCI_DISCOVERY_TYPE mode;
773 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
774 UINT8 *pp, len_act;
775 UINT8 buff_size, num_buff;
776 tNFC_RF_PA_PARAMS *p_pa;
777
778 nfc_set_state (NFC_STATE_OPEN);
779
780 memset (p_intf, 0, sizeof (tNFC_INTF_PARAMS));
781 evt_data.activate.rf_disc_id = *p++;
782 p_intf->type = *p++;
783 evt_data.activate.protocol = *p++;
784
785 if (evt_data.activate.protocol == NCI_PROTOCOL_18092_ACTIVE)
786 evt_data.activate.protocol = NCI_PROTOCOL_NFC_DEP;
787
788 evt_data.activate.rf_tech_param.mode = *p++;
789 buff_size = *p++;
790 num_buff = *p++;
791 /* fill in tNFC_activate_DEVT */
792 p = nfc_ncif_decode_rf_params (&evt_data.activate.rf_tech_param, p);
793
794 evt_data.activate.data_mode = *p++;
795 evt_data.activate.tx_bitrate = *p++;
796 evt_data.activate.rx_bitrate = *p++;
797 mode = evt_data.activate.rf_tech_param.mode;
798 len_act = *p++;
799 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_activate:%d %d, mode:0x%02x", len, len_act, mode);
800 /* just in case the interface reports activation parameters not defined in the NCI spec */
801 p_intf->intf_param.frame.param_len = len_act;
802 if (p_intf->intf_param.frame.param_len > NFC_MAX_RAW_PARAMS)
803 p_intf->intf_param.frame.param_len = NFC_MAX_RAW_PARAMS;
804 pp = p;
805 STREAM_TO_ARRAY (p_intf->intf_param.frame.param, pp, p_intf->intf_param.frame.param_len);
806 if (evt_data.activate.intf_param.type == NCI_INTERFACE_ISO_DEP)
807 {
808 /* Make max payload of NCI aligned to max payload of ISO-DEP for better performance */
809 if (buff_size > NCI_ISO_DEP_MAX_INFO)
810 buff_size = NCI_ISO_DEP_MAX_INFO;
811
812 switch (mode)
813 {
814 case NCI_DISCOVERY_TYPE_POLL_A:
815 p_pa_iso = &p_intf->intf_param.pa_iso;
816 p_pa_iso->ats_res_len = *p++;
817
818 if (p_pa_iso->ats_res_len == 0)
819 break;
820
821 if (p_pa_iso->ats_res_len > NFC_MAX_ATS_LEN)
822 p_pa_iso->ats_res_len = NFC_MAX_ATS_LEN;
823 STREAM_TO_ARRAY (p_pa_iso->ats_res, p, p_pa_iso->ats_res_len);
824 pp = &p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
825 t0 = p_pa_iso->ats_res[NCI_ATS_T0_INDEX];
826 pp++; /* T0 */
827 if (t0 & NCI_ATS_TA_MASK)
828 pp++; /* TA */
829 if (t0 & NCI_ATS_TB_MASK)
830 {
831 /* FWI (Frame Waiting time Integer) & SPGI (Start-up Frame Guard time Integer) */
832 p_pa_iso->fwi = (((*pp) >> 4) & 0x0F);
833 p_pa_iso->sfgi = ((*pp) & 0x0F);
834 pp++; /* TB */
835 }
836 if (t0 & NCI_ATS_TC_MASK)
837 {
838 p_pa_iso->nad_used = ((*pp) & 0x01);
839 pp++; /* TC */
840 }
841 p_pa_iso->his_byte_len = (UINT8) (p_pa_iso->ats_res_len - (pp - p_pa_iso->ats_res));
842 if (p_pa_iso->his_byte_len > NFC_MAX_HIS_BYTES_LEN)
843 p_pa_iso->his_byte_len = NFC_MAX_HIS_BYTES_LEN;
844 memcpy (p_pa_iso->his_byte, pp, p_pa_iso->his_byte_len);
845 break;
846
847 case NCI_DISCOVERY_TYPE_LISTEN_A:
848 p_intf->intf_param.la_iso.rats = *p++;
849 break;
850
851 case NCI_DISCOVERY_TYPE_POLL_B:
852 /* ATTRIB RSP
853 Byte 1 Byte 2 ~ 2+n-1
854 MBLI/DID Higher layer - Response
855 */
856 p_pb_iso = &p_intf->intf_param.pb_iso;
857 p_pb_iso->attrib_res_len = *p++;
858
859 if (p_pb_iso->attrib_res_len == 0)
860 break;
861
862 if (p_pb_iso->attrib_res_len > NFC_MAX_ATTRIB_LEN)
863 p_pb_iso->attrib_res_len = NFC_MAX_ATTRIB_LEN;
864 STREAM_TO_ARRAY (p_pb_iso->attrib_res, p, p_pb_iso->attrib_res_len);
865 p_pb_iso->mbli = (p_pb_iso->attrib_res[0]) >> 4;
866 if (p_pb_iso->attrib_res_len > NFC_PB_ATTRIB_REQ_FIXED_BYTES)
867 {
868 p_pb_iso->hi_info_len = p_pb_iso->attrib_res_len - NFC_PB_ATTRIB_REQ_FIXED_BYTES;
869 if (p_pb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
870 p_pb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
871 memcpy (p_pb_iso->hi_info, &p_pb_iso->attrib_res[NFC_PB_ATTRIB_REQ_FIXED_BYTES], p_pb_iso->hi_info_len);
872 }
873 break;
874
875 case NCI_DISCOVERY_TYPE_LISTEN_B:
876 /* ATTRIB CMD
877 Byte 2~5 Byte 6 Byte 7 Byte 8 Byte 9 Byte 10 ~ 10+k-1
878 NFCID0 Param 1 Param 2 Param 3 Param 4 Higher layer - INF
879 */
880 p_lb_iso = &p_intf->intf_param.lb_iso;
881 p_lb_iso->attrib_req_len = *p++;
882
883 if (p_lb_iso->attrib_req_len == 0)
884 break;
885
886 if (p_lb_iso->attrib_req_len > NFC_MAX_ATTRIB_LEN)
887 p_lb_iso->attrib_req_len = NFC_MAX_ATTRIB_LEN;
888 STREAM_TO_ARRAY (p_lb_iso->attrib_req, p, p_lb_iso->attrib_req_len);
889 memcpy (p_lb_iso->nfcid0, p_lb_iso->attrib_req, NFC_NFCID0_MAX_LEN);
890 if (p_lb_iso->attrib_req_len > NFC_LB_ATTRIB_REQ_FIXED_BYTES)
891 {
892 p_lb_iso->hi_info_len = p_lb_iso->attrib_req_len - NFC_LB_ATTRIB_REQ_FIXED_BYTES;
893 if (p_lb_iso->hi_info_len > NFC_MAX_GEN_BYTES_LEN)
894 p_lb_iso->hi_info_len = NFC_MAX_GEN_BYTES_LEN;
895 memcpy (p_lb_iso->hi_info, &p_lb_iso->attrib_req[NFC_LB_ATTRIB_REQ_FIXED_BYTES], p_lb_iso->hi_info_len);
896 }
897 break;
898 }
899
900 }
901 #if (NFC_RW_ONLY == FALSE)
902 else if (evt_data.activate.intf_param.type == NCI_INTERFACE_NFC_DEP)
903 {
904 /* Make max payload of NCI aligned to max payload of NFC-DEP for better performance */
905 if (buff_size > NCI_NFC_DEP_MAX_DATA)
906 buff_size = NCI_NFC_DEP_MAX_DATA;
907
908 p_pa_nfc = &p_intf->intf_param.pa_nfc;
909 p_pa_nfc->atr_res_len = *p++;
910
911 if (p_pa_nfc->atr_res_len > 0)
912 {
913 if (p_pa_nfc->atr_res_len > NFC_MAX_ATS_LEN)
914 p_pa_nfc->atr_res_len = NFC_MAX_ATS_LEN;
915 STREAM_TO_ARRAY (p_pa_nfc->atr_res, p, p_pa_nfc->atr_res_len);
916 if ( (mode == NCI_DISCOVERY_TYPE_POLL_A)
917 ||(mode == NCI_DISCOVERY_TYPE_POLL_F)
918 ||(mode == NCI_DISCOVERY_TYPE_POLL_A_ACTIVE)
919 ||(mode == NCI_DISCOVERY_TYPE_POLL_F_ACTIVE) )
920 {
921 /* ATR_RES
922 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17 Byte 18~18+n
923 NFCID3T DIDT BST BRT TO PPT [GT0 ... GTn] */
924 mpl_idx = 14;
925 gb_idx = NCI_P_GEN_BYTE_INDEX;
926 p_pa_nfc->waiting_time = p_pa_nfc->atr_res[NCI_L_NFC_DEP_TO_INDEX] & 0x0F;
927 }
928 else if ( (mode == NCI_DISCOVERY_TYPE_LISTEN_A)
929 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F)
930 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_A_ACTIVE)
931 ||(mode == NCI_DISCOVERY_TYPE_LISTEN_F_ACTIVE) )
932 {
933 /* ATR_REQ
934 Byte 3~12 Byte 13 Byte 14 Byte 15 Byte 16 Byte 17~17+n
935 NFCID3I DIDI BSI BRI PPI [GI0 ... GIn] */
936 mpl_idx = 13;
937 gb_idx = NCI_L_GEN_BYTE_INDEX;
938 }
939
940 mpl = ((p_pa_nfc->atr_res[mpl_idx]) >> 4) & 0x03;
941 p_pa_nfc->max_payload_size = nfc_mpl_code_to_size[mpl];
942 if (p_pa_nfc->atr_res_len > gb_idx)
943 {
944 p_pa_nfc->gen_bytes_len = p_pa_nfc->atr_res_len - gb_idx;
945 if (p_pa_nfc->gen_bytes_len > NFC_MAX_GEN_BYTES_LEN)
946 p_pa_nfc->gen_bytes_len = NFC_MAX_GEN_BYTES_LEN;
947 memcpy (p_pa_nfc->gen_bytes, &p_pa_nfc->atr_res[gb_idx], p_pa_nfc->gen_bytes_len);
948 }
949 }
950 }
951 #endif
952 else if ((evt_data.activate.intf_param.type == NCI_INTERFACE_FRAME) && (evt_data.activate.protocol == NCI_PROTOCOL_T1T) )
953 {
954 p_pa = &evt_data.activate.rf_tech_param.param.pa;
955 if ((len_act == NCI_T1T_HR_LEN) && (p_pa->hr_len == 0))
956 {
957 p_pa->hr_len = NCI_T1T_HR_LEN;
958 p_pa->hr[0] = *p++;
959 p_pa->hr[1] = *p++;
960 }
961 }
962
963 p_cb->act_protocol = evt_data.activate.protocol;
964 p_cb->buff_size = buff_size;
965 p_cb->num_buff = num_buff;
966 p_cb->init_credits = num_buff;
967
968 if (nfc_cb.p_discv_cback)
969 {
970 (*nfc_cb.p_discv_cback) (NFC_ACTIVATE_DEVT, &evt_data);
971 }
972 }
973
974 /*******************************************************************************
975 **
976 ** Function nfc_ncif_proc_deactivate
977 **
978 ** Description This function is called to process de-activate
979 ** response and notification
980 **
981 ** Returns void
982 **
983 *******************************************************************************/
nfc_ncif_proc_deactivate(UINT8 status,UINT8 deact_type,BOOLEAN is_ntf)984 void nfc_ncif_proc_deactivate (UINT8 status, UINT8 deact_type, BOOLEAN is_ntf)
985 {
986 tNFC_DISCOVER evt_data;
987 tNFC_DEACTIVATE_DEVT *p_deact;
988 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
989 void *p_data;
990
991 nfc_set_state (NFC_STATE_IDLE);
992 p_deact = &evt_data.deactivate;
993 p_deact->status = status;
994 p_deact->type = deact_type;
995 p_deact->is_ntf = is_ntf;
996
997 while ((p_data = GKI_dequeue (&p_cb->rx_q)) != NULL)
998 {
999 GKI_freebuf (p_data);
1000 }
1001
1002 while ((p_data = GKI_dequeue (&p_cb->tx_q)) != NULL)
1003 {
1004 GKI_freebuf (p_data);
1005 }
1006
1007 if (p_cb->p_cback)
1008 (*p_cb->p_cback) (NFC_RF_CONN_ID, NFC_DEACTIVATE_CEVT, (tNFC_CONN *) p_deact);
1009
1010 if (nfc_cb.p_discv_cback)
1011 {
1012 (*nfc_cb.p_discv_cback) (NFC_DEACTIVATE_DEVT, &evt_data);
1013 }
1014 }
1015 /*******************************************************************************
1016 **
1017 ** Function nfc_ncif_proc_ee_action
1018 **
1019 ** Description This function is called to process NFCEE ACTION NTF
1020 **
1021 ** Returns void
1022 **
1023 *******************************************************************************/
1024 #if ((NFC_NFCEE_INCLUDED == TRUE) && (NFC_RW_ONLY == FALSE))
nfc_ncif_proc_ee_action(UINT8 * p,UINT16 plen)1025 void nfc_ncif_proc_ee_action (UINT8 *p, UINT16 plen)
1026 {
1027 tNFC_EE_ACTION_REVT evt_data;
1028 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1029 UINT8 data_len, ulen, tag, *p_data;
1030 UINT8 max_len;
1031
1032 if (p_cback)
1033 {
1034 memset (&evt_data.act_data, 0, sizeof (tNFC_ACTION_DATA));
1035 evt_data.status = NFC_STATUS_OK;
1036 evt_data.nfcee_id = *p++;
1037 evt_data.act_data.trigger = *p++;
1038 data_len = *p++;
1039 if (plen >= 3)
1040 plen -= 3;
1041 if (data_len > plen)
1042 data_len = (UINT8) plen;
1043
1044 switch (evt_data.act_data.trigger)
1045 {
1046 case NCI_EE_TRIG_7816_SELECT:
1047 if (data_len > NFC_MAX_AID_LEN)
1048 data_len = NFC_MAX_AID_LEN;
1049 evt_data.act_data.param.aid.len_aid = data_len;
1050 STREAM_TO_ARRAY (evt_data.act_data.param.aid.aid, p, data_len);
1051 break;
1052 case NCI_EE_TRIG_RF_PROTOCOL:
1053 evt_data.act_data.param.protocol = *p++;
1054 break;
1055 case NCI_EE_TRIG_RF_TECHNOLOGY:
1056 evt_data.act_data.param.technology = *p++;
1057 break;
1058 case NCI_EE_TRIG_APP_INIT:
1059 while (data_len > NFC_TL_SIZE)
1060 {
1061 data_len -= NFC_TL_SIZE;
1062 tag = *p++;
1063 ulen = *p++;
1064 if (ulen > data_len)
1065 ulen = data_len;
1066 p_data = NULL;
1067 max_len = ulen;
1068 switch (tag)
1069 {
1070 case NCI_EE_ACT_TAG_AID: /* AID */
1071 if (max_len > NFC_MAX_AID_LEN)
1072 max_len = NFC_MAX_AID_LEN;
1073 evt_data.act_data.param.app_init.len_aid = max_len;
1074 p_data = evt_data.act_data.param.app_init.aid;
1075 break;
1076 case NCI_EE_ACT_TAG_DATA: /* hex data for app */
1077 if (max_len > NFC_MAX_APP_DATA_LEN)
1078 max_len = NFC_MAX_APP_DATA_LEN;
1079 evt_data.act_data.param.app_init.len_data = max_len;
1080 p_data = evt_data.act_data.param.app_init.data;
1081 break;
1082 }
1083 if (p_data)
1084 {
1085 STREAM_TO_ARRAY (p_data, p, max_len);
1086 }
1087 data_len -= ulen;
1088 }
1089 break;
1090 }
1091 (*p_cback) (NFC_EE_ACTION_REVT, (tNFC_RESPONSE *) &evt_data);
1092 }
1093 }
1094
1095 /*******************************************************************************
1096 **
1097 ** Function nfc_ncif_proc_ee_discover_req
1098 **
1099 ** Description This function is called to process NFCEE DISCOVER REQ NTF
1100 **
1101 ** Returns void
1102 **
1103 *******************************************************************************/
nfc_ncif_proc_ee_discover_req(UINT8 * p,UINT16 plen)1104 void nfc_ncif_proc_ee_discover_req (UINT8 *p, UINT16 plen)
1105 {
1106 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1107 tNFC_EE_DISCOVER_REQ_REVT ee_disc_req;
1108 tNFC_EE_DISCOVER_INFO *p_info;
1109 UINT8 u8;
1110
1111 NFC_TRACE_DEBUG2 ("nfc_ncif_proc_ee_discover_req %d len:%d", *p, plen);
1112 if (p_cback)
1113 {
1114 u8 = *p;
1115 ee_disc_req.status = NFC_STATUS_OK;
1116 ee_disc_req.num_info = *p++;
1117 p_info = ee_disc_req.info;
1118 if (plen)
1119 plen--;
1120 while ((u8 > 0) && (plen >= NFC_EE_DISCOVER_ENTRY_LEN))
1121 {
1122 p_info->op = *p++; /* T */
1123 if (*p != NFC_EE_DISCOVER_INFO_LEN)/* L */
1124 {
1125 NFC_TRACE_DEBUG1 ("bad entry len:%d", *p );
1126 return;
1127 }
1128 p++;
1129 /* V */
1130 p_info->nfcee_id = *p++;
1131 p_info->tech_n_mode = *p++;
1132 p_info->protocol = *p++;
1133 u8--;
1134 plen -=NFC_EE_DISCOVER_ENTRY_LEN;
1135 p_info++;
1136 }
1137 (*p_cback) (NFC_EE_DISCOVER_REQ_REVT, (tNFC_RESPONSE *) &ee_disc_req);
1138 }
1139
1140 }
1141
1142 /*******************************************************************************
1143 **
1144 ** Function nfc_ncif_proc_get_routing
1145 **
1146 ** Description This function is called to process get routing notification
1147 **
1148 ** Returns void
1149 **
1150 *******************************************************************************/
nfc_ncif_proc_get_routing(UINT8 * p,UINT8 len)1151 void nfc_ncif_proc_get_routing (UINT8 *p, UINT8 len)
1152 {
1153 tNFC_GET_ROUTING_REVT evt_data;
1154 UINT8 more, num_entries, xx, yy, *pn, tl;
1155 tNFC_STATUS status = NFC_STATUS_CONTINUE;
1156
1157 if (nfc_cb.p_resp_cback)
1158 {
1159 more = *p++;
1160 num_entries = *p++;
1161 for (xx = 0; xx < num_entries; xx++)
1162 {
1163 if ((more == FALSE) && (xx == (num_entries - 1)))
1164 status = NFC_STATUS_OK;
1165 evt_data.status = (tNFC_STATUS) status;
1166 evt_data.nfcee_id = *p++;
1167 evt_data.num_tlvs = *p++;
1168 evt_data.tlv_size = 0;
1169 pn = evt_data.param_tlvs;
1170 for (yy = 0; yy < evt_data.num_tlvs; yy++)
1171 {
1172 tl = *(p+1);
1173 tl += NFC_TL_SIZE;
1174 STREAM_TO_ARRAY (pn, p, tl);
1175 evt_data.tlv_size += tl;
1176 pn += tl;
1177 }
1178 (*nfc_cb.p_resp_cback) (NFC_GET_ROUTING_REVT, (tNFC_RESPONSE *) &evt_data);
1179 }
1180 }
1181 }
1182 #endif
1183
1184 /*******************************************************************************
1185 **
1186 ** Function nfc_ncif_proc_conn_create_rsp
1187 **
1188 ** Description This function is called to process connection create
1189 ** response
1190 **
1191 ** Returns void
1192 **
1193 *******************************************************************************/
nfc_ncif_proc_conn_create_rsp(UINT8 * p,UINT16 plen,UINT8 dest_type)1194 void nfc_ncif_proc_conn_create_rsp (UINT8 *p, UINT16 plen, UINT8 dest_type)
1195 {
1196 tNFC_CONN_CB * p_cb;
1197 tNFC_STATUS status;
1198 tNFC_CONN_CBACK *p_cback;
1199 tNFC_CONN evt_data;
1200 UINT8 conn_id;
1201
1202 /* find the pending connection control block */
1203 p_cb = nfc_find_conn_cb_by_conn_id (NFC_PEND_CONN_ID);
1204 if (p_cb)
1205 {
1206 p += NCI_MSG_HDR_SIZE;
1207 status = *p++;
1208 p_cb->buff_size = *p++;
1209 p_cb->num_buff = p_cb->init_credits = *p++;
1210 conn_id = *p++;
1211 evt_data.conn_create.status = status;
1212 evt_data.conn_create.dest_type = dest_type;
1213 evt_data.conn_create.id = p_cb->id;
1214 evt_data.conn_create.buff_size = p_cb->buff_size;
1215 evt_data.conn_create.num_buffs = p_cb->num_buff;
1216 p_cback = p_cb->p_cback;
1217 if (status == NCI_STATUS_OK)
1218 {
1219 nfc_set_conn_id (p_cb, conn_id);
1220 }
1221 else
1222 {
1223 nfc_free_conn_cb (p_cb);
1224 }
1225
1226
1227 if (p_cback)
1228 (*p_cback) (conn_id, NFC_CONN_CREATE_CEVT, &evt_data);
1229 }
1230 }
1231
1232 /*******************************************************************************
1233 **
1234 ** Function nfc_ncif_report_conn_close_evt
1235 **
1236 ** Description This function is called to report connection close event
1237 **
1238 ** Returns void
1239 **
1240 *******************************************************************************/
nfc_ncif_report_conn_close_evt(UINT8 conn_id,tNFC_STATUS status)1241 void nfc_ncif_report_conn_close_evt (UINT8 conn_id, tNFC_STATUS status)
1242 {
1243 tNFC_CONN evt_data;
1244 tNFC_CONN_CBACK *p_cback;
1245 tNFC_CONN_CB *p_cb;
1246
1247 p_cb = nfc_find_conn_cb_by_conn_id (conn_id);
1248 if (p_cb)
1249 {
1250 p_cback = p_cb->p_cback;
1251 nfc_free_conn_cb (p_cb);
1252 evt_data.status = status;
1253 if (p_cback)
1254 (*p_cback) (conn_id, NFC_CONN_CLOSE_CEVT, &evt_data);
1255 }
1256 }
1257
1258 /*******************************************************************************
1259 **
1260 ** Function nfc_ncif_proc_reset_rsp
1261 **
1262 ** Description This function is called to process reset response/notification
1263 **
1264 ** Returns void
1265 **
1266 *******************************************************************************/
nfc_ncif_proc_reset_rsp(UINT8 * p,BOOLEAN is_ntf)1267 void nfc_ncif_proc_reset_rsp (UINT8 *p, BOOLEAN is_ntf)
1268 {
1269 UINT8 status = *p++;
1270
1271 if (is_ntf)
1272 {
1273 NFC_TRACE_ERROR1 ("reset notification!!:0x%x ", status);
1274 /* clean up, if the state is OPEN
1275 * FW does not report reset ntf right now */
1276 if (nfc_cb.nfc_state == NFC_STATE_OPEN)
1277 {
1278 /*if any conn_cb is connected, close it.
1279 if any pending outgoing packets are dropped.*/
1280 nfc_reset_all_conn_cbs ();
1281 }
1282 status = NCI_STATUS_OK;
1283 }
1284
1285 if (nfc_cb.flags & (NFC_FL_RESTARTING|NFC_FL_POWER_CYCLE_NFCC))
1286 {
1287 nfc_reset_all_conn_cbs ();
1288 }
1289
1290 if (status == NCI_STATUS_OK)
1291 {
1292 if ((*p) != NCI_VERSION)
1293 {
1294 NFC_TRACE_ERROR2 ("NCI version mismatch!!:0x%02x != 0x%02x ", NCI_VERSION, *p);
1295 if ((*p) < NCI_VERSION_0_F)
1296 {
1297 NFC_TRACE_ERROR0 ("NFCC version is too old");
1298 status = NCI_STATUS_FAILED;
1299 }
1300 }
1301 }
1302
1303 if (status == NCI_STATUS_OK)
1304 {
1305 nci_snd_core_init ();
1306 }
1307 else
1308 {
1309 NFC_TRACE_ERROR0 ("Failed to reset NFCC");
1310 nfc_enabled (status, NULL);
1311 }
1312 }
1313
1314 /*******************************************************************************
1315 **
1316 ** Function nfc_ncif_proc_init_rsp
1317 **
1318 ** Description This function is called to process init response
1319 **
1320 ** Returns void
1321 **
1322 *******************************************************************************/
nfc_ncif_proc_init_rsp(BT_HDR * p_msg)1323 void nfc_ncif_proc_init_rsp (BT_HDR *p_msg)
1324 {
1325 UINT8 *p, status;
1326 tNFC_CONN_CB * p_cb = &nfc_cb.conn_cb[NFC_RF_CONN_ID];
1327
1328 p = (UINT8 *) (p_msg + 1) + p_msg->offset;
1329
1330 /* handle init params in nfc_enabled */
1331 status = *(p + NCI_MSG_HDR_SIZE);
1332 if (status == NCI_STATUS_OK)
1333 {
1334 p_cb->id = NFC_RF_CONN_ID;
1335 p_cb->act_protocol = NCI_PROTOCOL_UNKNOWN;
1336
1337 nfc_set_state (NFC_STATE_W4_POST_INIT_CPLT);
1338
1339 nfc_cb.p_nci_init_rsp = p_msg;
1340 nfc_cb.p_hal->core_initialized (p);
1341 }
1342 else
1343 {
1344 nfc_enabled (status, NULL);
1345 GKI_freebuf (p_msg);
1346 }
1347 }
1348
1349 /*******************************************************************************
1350 **
1351 ** Function nfc_ncif_proc_get_config_rsp
1352 **
1353 ** Description This function is called to process get config response
1354 **
1355 ** Returns void
1356 **
1357 *******************************************************************************/
nfc_ncif_proc_get_config_rsp(BT_HDR * p_evt)1358 void nfc_ncif_proc_get_config_rsp (BT_HDR *p_evt)
1359 {
1360 UINT8 *p;
1361 tNFC_RESPONSE_CBACK *p_cback = nfc_cb.p_resp_cback;
1362 tNFC_RESPONSE evt_data;
1363
1364 p_evt->offset += NCI_MSG_HDR_SIZE;
1365 p_evt->len -= NCI_MSG_HDR_SIZE;
1366 if (p_cback)
1367 {
1368 p = (UINT8 *) (p_evt + 1) + p_evt->offset;
1369 evt_data.get_config.status = *p++;
1370 evt_data.get_config.tlv_size = p_evt->len;
1371 evt_data.get_config.p_param_tlvs = p;
1372 (*p_cback) (NFC_GET_CONFIG_REVT, &evt_data);
1373 }
1374 }
1375
1376 /*******************************************************************************
1377 **
1378 ** Function nfc_ncif_proc_t3t_polling_ntf
1379 **
1380 ** Description Handle NCI_MSG_RF_T3T_POLLING NTF
1381 **
1382 ** Returns void
1383 **
1384 *******************************************************************************/
nfc_ncif_proc_t3t_polling_ntf(UINT8 * p,UINT16 plen)1385 void nfc_ncif_proc_t3t_polling_ntf (UINT8 *p, UINT16 plen)
1386 {
1387 UINT8 status;
1388 UINT8 num_responses;
1389
1390 /* Pass result to RW_T3T for processing */
1391 STREAM_TO_UINT8 (status, p);
1392 STREAM_TO_UINT8 (num_responses, p);
1393 plen-=NFC_TL_SIZE;
1394 rw_t3t_handle_nci_poll_ntf (status, num_responses, (UINT8) plen, p);
1395 }
1396
1397 /*******************************************************************************
1398 **
1399 ** Function nfc_data_event
1400 **
1401 ** Description Report Data event on the given connection control block
1402 **
1403 ** Returns void
1404 **
1405 *******************************************************************************/
nfc_data_event(tNFC_CONN_CB * p_cb)1406 void nfc_data_event (tNFC_CONN_CB * p_cb)
1407 {
1408 BT_HDR *p_evt;
1409 tNFC_DATA_CEVT data_cevt;
1410 UINT8 *p;
1411
1412 if (p_cb->p_cback)
1413 {
1414 while ((p_evt = (BT_HDR *)GKI_getfirst (&p_cb->rx_q)) != NULL)
1415 {
1416 if (p_evt->layer_specific & NFC_RAS_FRAGMENTED)
1417 {
1418 /* Not the last fragment */
1419 if (!(p_evt->layer_specific & NFC_RAS_TOO_BIG))
1420 {
1421 /* buffer can hold more */
1422 if ( (p_cb->conn_id != NFC_RF_CONN_ID)
1423 ||(nfc_cb.reassembly) )
1424 {
1425 /* If not rf connection or If rf connection and reassembly requested,
1426 * try to Reassemble next packet */
1427 break;
1428 }
1429 }
1430 }
1431
1432 p_evt = (BT_HDR *) GKI_dequeue (&p_cb->rx_q);
1433 /* report data event */
1434 p_evt->offset += NCI_MSG_HDR_SIZE;
1435 p_evt->len -= NCI_MSG_HDR_SIZE;
1436
1437 if (p_evt->layer_specific)
1438 data_cevt.status = NFC_STATUS_CONTINUE;
1439 else
1440 {
1441 nfc_cb.reassembly = TRUE;
1442 data_cevt.status = NFC_STATUS_OK;
1443 }
1444
1445 data_cevt.p_data = p_evt;
1446 /* adjust payload, if needed */
1447 if (p_cb->conn_id == NFC_RF_CONN_ID)
1448 {
1449 /* if NCI_PROTOCOL_T1T/NCI_PROTOCOL_T2T/NCI_PROTOCOL_T3T, the status byte needs to be removed
1450 */
1451 if ((p_cb->act_protocol >= NCI_PROTOCOL_T1T) && (p_cb->act_protocol <= NCI_PROTOCOL_T3T))
1452 {
1453 p_evt->len--;
1454 p = (UINT8 *) (p_evt + 1);
1455 data_cevt.status = *(p + p_evt->offset + p_evt->len);
1456 }
1457 }
1458 (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_CEVT, (tNFC_CONN *) &data_cevt);
1459 p_evt = NULL;
1460 }
1461 }
1462 }
1463
1464 /*******************************************************************************
1465 **
1466 ** Function nfc_ncif_proc_data
1467 **
1468 ** Description Find the connection control block associated with the data
1469 ** packet. Assemble the data packet, if needed.
1470 ** Report the Data event.
1471 **
1472 ** Returns void
1473 **
1474 *******************************************************************************/
nfc_ncif_proc_data(BT_HDR * p_msg)1475 void nfc_ncif_proc_data (BT_HDR *p_msg)
1476 {
1477 UINT8 *pp, cid;
1478 tNFC_CONN_CB * p_cb;
1479 UINT8 pbf;
1480 BT_HDR *p_last;
1481 UINT8 *ps, *pd;
1482 UINT16 size;
1483 BT_HDR *p_max = NULL;
1484 UINT16 len;
1485
1486 pp = (UINT8 *) (p_msg+1) + p_msg->offset;
1487 NFC_TRACE_DEBUG3 ("nfc_ncif_proc_data 0x%02x%02x%02x", pp[0], pp[1], pp[2]);
1488 NCI_DATA_PRS_HDR (pp, pbf, cid, len);
1489 p_cb = nfc_find_conn_cb_by_conn_id (cid);
1490 if (p_cb && (p_msg->len >= NCI_DATA_HDR_SIZE))
1491 {
1492 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", len);
1493
1494 p_msg->layer_specific = 0;
1495 if (pbf)
1496 p_msg->layer_specific = NFC_RAS_FRAGMENTED;
1497 p_last = (BT_HDR *)GKI_getlast (&p_cb->rx_q);
1498 if (p_last && (p_last->layer_specific & NFC_RAS_FRAGMENTED))
1499 {
1500 /* last data buffer is not last fragment, append this new packet to the last */
1501 size = GKI_get_buf_size(p_last);
1502 if (size < (BT_HDR_SIZE + p_last->len + p_last->offset + len))
1503 {
1504 /* the current size of p_last is not big enough to hold the new fragment, p_msg */
1505 if (size != GKI_MAX_BUF_SIZE)
1506 {
1507 /* try the biggest GKI pool */
1508 p_max = (BT_HDR *)GKI_getpoolbuf (GKI_MAX_BUF_SIZE_POOL_ID);
1509 if (p_max)
1510 {
1511 /* copy the content of last buffer to the new buffer */
1512 memcpy(p_max, p_last, BT_HDR_SIZE);
1513 pd = (UINT8 *)(p_max + 1) + p_max->offset;
1514 ps = (UINT8 *)(p_last + 1) + p_last->offset;
1515 memcpy(pd, ps, p_last->len);
1516
1517 /* place the new buffer in the queue instead */
1518 GKI_remove_from_queue (&p_cb->rx_q, p_last);
1519 GKI_freebuf (p_last);
1520 GKI_enqueue (&p_cb->rx_q, p_max);
1521 p_last = p_max;
1522 }
1523 }
1524 if (p_max == NULL)
1525 {
1526 /* Biggest GKI Pool not available (or)
1527 * Biggest available GKI Pool is not big enough to hold the new fragment, p_msg */
1528 p_last->layer_specific |= NFC_RAS_TOO_BIG;
1529 }
1530 }
1531
1532 ps = (UINT8 *)(p_msg + 1) + p_msg->offset + NCI_MSG_HDR_SIZE;
1533 len = p_msg->len - NCI_MSG_HDR_SIZE;
1534
1535 if (!(p_last->layer_specific & NFC_RAS_TOO_BIG))
1536 {
1537 pd = (UINT8 *)(p_last + 1) + p_last->offset + p_last->len;
1538 memcpy(pd, ps, len);
1539 p_last->len += len;
1540 /* do not need to update pbf and len in NCI header.
1541 * They are stripped off at NFC_DATA_CEVT and len may exceed 255 */
1542 NFC_TRACE_DEBUG1 ("nfc_ncif_proc_data len:%d", p_last->len);
1543 p_last->layer_specific = p_msg->layer_specific;
1544 GKI_freebuf (p_msg);
1545 #ifdef DISP_NCI
1546 if (!(p_last->layer_specific & NFC_RAS_FRAGMENTED))
1547 {
1548 /* this packet was reassembled. display the complete packet */
1549 DISP_NCI ((UINT8 *)(p_last + 1) + p_last->offset, p_last->len, TRUE);
1550 }
1551 #endif
1552 nfc_data_event (p_cb);
1553 }
1554 else
1555 {
1556 /* Not enough memory to add new buffer
1557 * Send data already in queue first with status Continue */
1558 nfc_data_event (p_cb);
1559 /* now enqueue the new buffer to the rx queue */
1560 GKI_enqueue (&p_cb->rx_q, p_msg);
1561 }
1562 }
1563 else
1564 {
1565 /* if this is the first fragment on RF link */
1566 if ( (p_msg->layer_specific & NFC_RAS_FRAGMENTED)
1567 &&(p_cb->conn_id == NFC_RF_CONN_ID)
1568 &&(p_cb->p_cback) )
1569 {
1570 /* Indicate upper layer that local device started receiving data */
1571 (*p_cb->p_cback) (p_cb->conn_id, NFC_DATA_START_CEVT, NULL);
1572 }
1573 /* enqueue the new buffer to the rx queue */
1574 GKI_enqueue (&p_cb->rx_q, p_msg);
1575 nfc_data_event (p_cb);
1576 }
1577 return;
1578 }
1579 GKI_freebuf (p_msg);
1580 }
1581
1582 #endif /* NFC_INCLUDED == TRUE*/
1583