1 /*
2 * Copyright (C) 2012-2019 NXP Semiconductors
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 #include <log/log.h>
17 #include <phDal4Nfc_messageQueueLib.h>
18 #include <phNxpConfig.h>
19 #include <phNxpLog.h>
20 #include <phNxpNciHal.h>
21 #include <phNxpNciHal_Adaptation.h>
22 #include <phNxpNciHal_NfcDepSWPrio.h>
23 #include <phNxpNciHal_ext.h>
24 #include <phTmlNfc.h>
25 #include "hal_nxpese.h"
26 #include "hal_nxpnfc.h"
27 /* Timeout value to wait for response from PN548AD */
28 #define HAL_EXTNS_WRITE_RSP_TIMEOUT (1000)
29
30 #undef P2P_PRIO_LOGIC_HAL_IMP
31
32 /******************* Global variables *****************************************/
33 extern phNxpNciHal_Control_t nxpncihal_ctrl;
34 extern phNxpNciProfile_Control_t nxpprofile_ctrl;
35 extern uint32_t cleanup_timer;
36 extern bool nfc_debug_enabled;
37 uint8_t icode_detected = 0x00;
38 uint8_t icode_send_eof = 0x00;
39 static uint8_t ee_disc_done = 0x00;
40 uint8_t EnableP2P_PrioLogic = false;
41 extern bool bEnableMfcExtns;
42 extern bool bEnableMfcReader;
43 extern bool bDisableLegacyMfcExtns;
44 static uint32_t RfDiscID = 1;
45 static uint32_t RfProtocolType = 4;
46 /* NFCEE Set mode */
47 static uint8_t setEEModeDone = 0x00;
48 /* External global variable to get FW version from NCI response*/
49 extern uint32_t wFwVerRsp;
50 /* External global variable to get FW version from FW file*/
51 extern uint16_t wFwVer;
52
53 uint16_t fw_maj_ver;
54 uint16_t rom_version;
55
56 extern uint32_t timeoutTimerId;
57
58 /************** HAL extension functions ***************************************/
59 static void hal_extns_write_rsp_timeout_cb(uint32_t TimerId, void* pContext);
60
61 /*Proprietary cmd sent to HAL to send reader mode flag
62 * Last byte of 4 byte proprietary cmd data contains ReaderMode flag
63 * If this flag is enabled, NFC-DEP protocol is modified to T3T protocol
64 * if FrameRF interface is selected. This needs to be done as the FW
65 * always sends Ntf for FrameRF with NFC-DEP even though FrameRF with T3T is
66 * previously selected with DISCOVER_SELECT_CMD
67 */
68 #define PROPRIETARY_CMD_FELICA_READER_MODE 0xFE
69 static uint8_t gFelicaReaderMode;
70
71 static NFCSTATUS phNxpNciHal_ext_process_nfc_init_rsp(uint8_t* p_ntf,
72 uint16_t* p_len);
73 /*******************************************************************************
74 **
75 ** Function phNxpNciHal_ext_init
76 **
77 ** Description initialize extension function
78 **
79 *******************************************************************************/
phNxpNciHal_ext_init(void)80 void phNxpNciHal_ext_init(void) {
81 icode_detected = 0x00;
82 icode_send_eof = 0x00;
83 setEEModeDone = 0x00;
84 EnableP2P_PrioLogic = false;
85 }
86
87 /*******************************************************************************
88 **
89 ** Function phNxpNciHal_process_ext_rsp
90 **
91 ** Description Process extension function response
92 **
93 ** Returns NFCSTATUS_SUCCESS if success
94 **
95 *******************************************************************************/
phNxpNciHal_process_ext_rsp(uint8_t * p_ntf,uint16_t * p_len)96 NFCSTATUS phNxpNciHal_process_ext_rsp(uint8_t* p_ntf, uint16_t* p_len) {
97 NFCSTATUS status = NFCSTATUS_SUCCESS;
98
99 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && *p_len < 14) {
100 if (*p_len <= 6) {
101 android_errorWriteLog(0x534e4554, "118152591");
102 }
103 NXPLOG_NCIHAL_E("RF_INTF_ACTIVATED_NTF length error!");
104 status = NFCSTATUS_FAILED;
105 return status;
106 }
107
108 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x03 &&
109 p_ntf[5] == 0x05 && nxpprofile_ctrl.profile_type == EMV_CO_PROFILE) {
110 p_ntf[4] = 0xFF;
111 p_ntf[5] = 0xFF;
112 p_ntf[6] = 0xFF;
113 NXPLOG_NCIHAL_D("Nfc-Dep Detect in EmvCo profile - Restart polling");
114 }
115
116 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x01 &&
117 p_ntf[5] == 0x05 && p_ntf[6] == 0x02 && gFelicaReaderMode) {
118 /*If FelicaReaderMode is enabled,Change Protocol to T3T from NFC-DEP
119 * when FrameRF interface is selected*/
120 p_ntf[5] = 0x03;
121 NXPLOG_NCIHAL_D("FelicaReaderMode:Activity 1.1");
122 }
123
124 #ifdef P2P_PRIO_LOGIC_HAL_IMP
125 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x02 &&
126 p_ntf[5] == 0x04 && nxpprofile_ctrl.profile_type == NFC_FORUM_PROFILE) {
127 EnableP2P_PrioLogic = true;
128 }
129
130 NXPLOG_NCIHAL_D("Is EnableP2P_PrioLogic: 0x0%X", EnableP2P_PrioLogic);
131 if (phNxpDta_IsEnable() == false) {
132 if ((icode_detected != 1) && (EnableP2P_PrioLogic == true)) {
133 if (phNxpNciHal_NfcDep_comapre_ntf(p_ntf, *p_len) == NFCSTATUS_FAILED) {
134 status = phNxpNciHal_NfcDep_rsp_ext(p_ntf, p_len);
135 if (status != NFCSTATUS_INVALID_PARAMETER) {
136 return status;
137 }
138 }
139 }
140 }
141 #endif
142
143 status = NFCSTATUS_SUCCESS;
144
145 if (bDisableLegacyMfcExtns && bEnableMfcExtns && p_ntf[0] == 0) {
146 if (*p_len < NCI_HEADER_SIZE) {
147 android_errorWriteLog(0x534e4554, "169258743");
148 return NFCSTATUS_FAILED;
149 }
150 uint16_t extlen;
151 extlen = *p_len - NCI_HEADER_SIZE;
152 NxpMfcReaderInstance.AnalyzeMfcResp(&p_ntf[3], &extlen);
153 p_ntf[2] = extlen;
154 *p_len = extlen + NCI_HEADER_SIZE;
155 }
156
157 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05) {
158 bEnableMfcExtns = false;
159 if (bDisableLegacyMfcExtns && p_ntf[4] == 0x80 && p_ntf[5] == 0x80) {
160 bEnableMfcExtns = true;
161 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Mifare Enable MifareExtns");
162 }
163 switch (p_ntf[4]) {
164 case 0x00:
165 NXPLOG_NCIHAL_D("NxpNci: RF Interface = NFCEE Direct RF");
166 break;
167 case 0x01:
168 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Frame RF");
169 break;
170 case 0x02:
171 NXPLOG_NCIHAL_D("NxpNci: RF Interface = ISO-DEP");
172 break;
173 case 0x03:
174 NXPLOG_NCIHAL_D("NxpNci: RF Interface = NFC-DEP");
175 break;
176 case 0x80:
177 NXPLOG_NCIHAL_D("NxpNci: RF Interface = MIFARE");
178 break;
179 default:
180 NXPLOG_NCIHAL_D("NxpNci: RF Interface = Unknown");
181 break;
182 }
183
184 switch (p_ntf[5]) {
185 case 0x01:
186 NXPLOG_NCIHAL_D("NxpNci: Protocol = T1T");
187 phNxpDta_T1TEnable();
188 break;
189 case 0x02:
190 NXPLOG_NCIHAL_D("NxpNci: Protocol = T2T");
191 break;
192 case 0x03:
193 NXPLOG_NCIHAL_D("NxpNci: Protocol = T3T");
194 break;
195 case 0x04:
196 NXPLOG_NCIHAL_D("NxpNci: Protocol = ISO-DEP");
197 break;
198 case 0x05:
199 NXPLOG_NCIHAL_D("NxpNci: Protocol = NFC-DEP");
200 break;
201 case 0x06:
202 NXPLOG_NCIHAL_D("NxpNci: Protocol = 15693");
203 break;
204 case 0x80:
205 NXPLOG_NCIHAL_D("NxpNci: Protocol = MIFARE");
206 break;
207 case 0x81:
208 NXPLOG_NCIHAL_D("NxpNci: Protocol = Kovio");
209 break;
210 default:
211 NXPLOG_NCIHAL_D("NxpNci: Protocol = Unknown");
212 break;
213 }
214
215 switch (p_ntf[6]) {
216 case 0x00:
217 NXPLOG_NCIHAL_D("NxpNci: Mode = A Passive Poll");
218 break;
219 case 0x01:
220 NXPLOG_NCIHAL_D("NxpNci: Mode = B Passive Poll");
221 break;
222 case 0x02:
223 NXPLOG_NCIHAL_D("NxpNci: Mode = F Passive Poll");
224 break;
225 case 0x03:
226 NXPLOG_NCIHAL_D("NxpNci: Mode = A Active Poll");
227 break;
228 case 0x05:
229 NXPLOG_NCIHAL_D("NxpNci: Mode = F Active Poll");
230 break;
231 case 0x06:
232 NXPLOG_NCIHAL_D("NxpNci: Mode = 15693 Passive Poll");
233 break;
234 case 0x70:
235 NXPLOG_NCIHAL_D("NxpNci: Mode = Kovio");
236 break;
237 case 0x80:
238 NXPLOG_NCIHAL_D("NxpNci: Mode = A Passive Listen");
239 break;
240 case 0x81:
241 NXPLOG_NCIHAL_D("NxpNci: Mode = B Passive Listen");
242 break;
243 case 0x82:
244 NXPLOG_NCIHAL_D("NxpNci: Mode = F Passive Listen");
245 break;
246 case 0x83:
247 NXPLOG_NCIHAL_D("NxpNci: Mode = A Active Listen");
248 break;
249 case 0x85:
250 NXPLOG_NCIHAL_D("NxpNci: Mode = F Active Listen");
251 break;
252 case 0x86:
253 NXPLOG_NCIHAL_D("NxpNci: Mode = 15693 Passive Listen");
254 break;
255 default:
256 NXPLOG_NCIHAL_D("NxpNci: Mode = Unknown");
257 break;
258 }
259 }
260 phNxpNciHal_ext_process_nfc_init_rsp(p_ntf, p_len);
261
262 if (p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[2] == 0x15 &&
263 p_ntf[4] == 0x01 && p_ntf[5] == 0x06 && p_ntf[6] == 0x06) {
264 NXPLOG_NCIHAL_D("> Going through workaround - notification of ISO 15693");
265 icode_detected = 0x01;
266 p_ntf[21] = 0x01;
267 p_ntf[22] = 0x01;
268 } else if (icode_detected == 1 && icode_send_eof == 2) {
269 icode_send_eof = 3;
270 } else if (p_ntf[0] == 0x00 && p_ntf[1] == 0x00 && icode_detected == 1) {
271 if (icode_send_eof == 3) {
272 icode_send_eof = 0;
273 }
274 if (nxpncihal_ctrl.nci_info.nci_version != NCI_VERSION_2_0) {
275 if (*p_len <= (p_ntf[2] + 2)) {
276 android_errorWriteLog(0x534e4554, "181660091");
277 NXPLOG_NCIHAL_E("length error!");
278 return NFCSTATUS_FAILED;
279 }
280 if (p_ntf[p_ntf[2] + 2] == 0x00) {
281 NXPLOG_NCIHAL_D("> Going through workaround - data of ISO 15693");
282 p_ntf[2]--;
283 (*p_len)--;
284 } else {
285 p_ntf[p_ntf[2] + 2] |= 0x01;
286 }
287 }
288 } else if (p_ntf[2] == 0x02 && p_ntf[1] == 0x00 && icode_detected == 1) {
289 NXPLOG_NCIHAL_D("> ICODE EOF response do not send to upper layer");
290 } else if (p_ntf[0] == 0x61 && p_ntf[1] == 0x06 && icode_detected == 1) {
291 NXPLOG_NCIHAL_D("> Polling Loop Re-Started");
292 icode_detected = 0;
293 icode_send_eof = 0;
294 } else if (*p_len == 4 && p_ntf[0] == 0x40 && p_ntf[1] == 0x02 &&
295 p_ntf[2] == 0x01 && p_ntf[3] == 0x06) {
296 /* NXPLOG_NCIHAL_D("> Deinit workaround for LLCP set_config 0x%x 0x%x 0x%x",
297 p_ntf[21], p_ntf[22], p_ntf[23]); */
298 p_ntf[0] = 0x40;
299 p_ntf[1] = 0x02;
300 p_ntf[2] = 0x02;
301 p_ntf[3] = 0x00;
302 p_ntf[4] = 0x00;
303 *p_len = 5;
304 }
305 // 4200 02 00 01
306 else if (p_ntf[0] == 0x42 && p_ntf[1] == 0x00 && ee_disc_done == 0x01) {
307 NXPLOG_NCIHAL_D("Going through workaround - NFCEE_DISCOVER_RSP");
308 if (p_ntf[4] == 0x01) {
309 p_ntf[4] = 0x00;
310
311 ee_disc_done = 0x00;
312 }
313 NXPLOG_NCIHAL_D("Going through workaround - NFCEE_DISCOVER_RSP - END");
314
315 } else if (p_ntf[0] == 0x61 && p_ntf[1] == 0x03 /*&& cleanup_timer!=0*/) {
316 if (cleanup_timer != 0) {
317 /* if RF Notification Type of RF_DISCOVER_NTF is Last Notification */
318 if (0 == (*(p_ntf + 2 + (*(p_ntf + 2))))) {
319 phNxpNciHal_select_RF_Discovery(RfDiscID, RfProtocolType);
320 status = NFCSTATUS_FAILED;
321 return status;
322 } else {
323 RfDiscID = p_ntf[3];
324 RfProtocolType = p_ntf[4];
325 }
326 status = NFCSTATUS_FAILED;
327 return status;
328 }
329 } else if (p_ntf[0] == 0x41 && p_ntf[1] == 0x04 && cleanup_timer != 0) {
330 status = NFCSTATUS_FAILED;
331 return status;
332 } else if (*p_len == 4 && p_ntf[0] == 0x4F && p_ntf[1] == 0x11 &&
333 p_ntf[2] == 0x01) {
334 if (p_ntf[3] == 0x00) {
335 NXPLOG_NCIHAL_D(
336 "> Workaround for ISO-DEP Presence Check, ignore response and wait "
337 "for notification");
338 p_ntf[0] = 0x60;
339 p_ntf[1] = 0x06;
340 p_ntf[2] = 0x03;
341 p_ntf[3] = 0x01;
342 p_ntf[4] = 0x00;
343 p_ntf[5] = 0x01;
344 *p_len = 6;
345 } else {
346 NXPLOG_NCIHAL_D(
347 "> Workaround for ISO-DEP Presence Check, presence check return "
348 "failed");
349 p_ntf[0] = 0x60;
350 p_ntf[1] = 0x08;
351 p_ntf[2] = 0x02;
352 p_ntf[3] = 0xB2;
353 p_ntf[4] = 0x00;
354 *p_len = 5;
355 }
356 } else if (*p_len == 4 && p_ntf[0] == 0x6F && p_ntf[1] == 0x11 &&
357 p_ntf[2] == 0x01) {
358 if (p_ntf[3] == 0x01) {
359 NXPLOG_NCIHAL_D(
360 "> Workaround for ISO-DEP Presence Check - Card still in field");
361 p_ntf[0] = 0x00;
362 p_ntf[1] = 0x00;
363 p_ntf[2] = 0x01;
364 p_ntf[3] = 0x7E;
365 } else {
366 NXPLOG_NCIHAL_D(
367 "> Workaround for ISO-DEP Presence Check - Card not in field");
368 p_ntf[0] = 0x60;
369 p_ntf[1] = 0x08;
370 p_ntf[2] = 0x02;
371 p_ntf[3] = 0xB2;
372 p_ntf[4] = 0x00;
373 *p_len = 5;
374 }
375 }
376
377 if (*p_len == 4 && p_ntf[0] == 0x61 && p_ntf[1] == 0x07) {
378 unsigned long rf_update_enable = 0;
379 if (GetNxpNumValue(NAME_RF_STATUS_UPDATE_ENABLE, &rf_update_enable,
380 sizeof(unsigned long))) {
381 NXPLOG_NCIHAL_D("RF_STATUS_UPDATE_ENABLE : %lu", rf_update_enable);
382 }
383 if (rf_update_enable == 0x01) {
384 nfc_nci_IoctlInOutData_t inpOutData;
385 uint8_t rf_state_update[] = {0x00};
386 memset(&inpOutData, 0x00, sizeof(nfc_nci_IoctlInOutData_t));
387 inpOutData.inp.data.nciCmd.cmd_len = sizeof(rf_state_update);
388 rf_state_update[0] = p_ntf[3];
389 memcpy(inpOutData.inp.data.nciCmd.p_cmd, rf_state_update,
390 sizeof(rf_state_update));
391 inpOutData.inp.data_source = 2;
392 phNxpNciHal_ioctl(HAL_NFC_IOCTL_RF_STATUS_UPDATE, &inpOutData);
393 }
394 }
395 /*
396 else if(p_ntf[0] == 0x61 && p_ntf[1] == 0x05 && p_ntf[4] == 0x01 && p_ntf[5]
397 == 0x00 && p_ntf[6] == 0x01)
398 {
399 NXPLOG_NCIHAL_D("Picopass type 3-B with undefined protocol is not
400 supported, disabling");
401 p_ntf[4] = 0xFF;
402 p_ntf[5] = 0xFF;
403 p_ntf[6] = 0xFF;
404 }*/
405
406 return status;
407 }
408
409 /******************************************************************************
410 * Function phNxpNciHal_ext_process_nfc_init_rsp
411 *
412 * Description This function is used to process the HAL NFC core reset rsp
413 * and ntf and core init rsp of NCI 1.0 or NCI2.0 and update
414 * NCI version.
415 * It also handles error response such as core_reset_ntf with
416 * error status in both NCI2.0 and NCI1.0.
417 *
418 * Returns Returns NFCSTATUS_SUCCESS if parsing response is successful
419 * or returns failure.
420 *
421 *******************************************************************************/
phNxpNciHal_ext_process_nfc_init_rsp(uint8_t * p_ntf,uint16_t * p_len)422 static NFCSTATUS phNxpNciHal_ext_process_nfc_init_rsp(uint8_t* p_ntf,
423 uint16_t* p_len) {
424 NFCSTATUS status = NFCSTATUS_SUCCESS;
425
426 /* Parsing CORE_RESET_RSP and CORE_RESET_NTF to update NCI version.*/
427 if (p_ntf == NULL || *p_len < 2) {
428 return NFCSTATUS_FAILED;
429 }
430 if (p_ntf[0] == NCI_MT_RSP &&
431 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_RESET)) {
432 if (*p_len < 4) {
433 android_errorWriteLog(0x534e4554, "169258455");
434 return NFCSTATUS_FAILED;
435 }
436 if (p_ntf[2] == 0x01 && p_ntf[3] == 0x00) {
437 NXPLOG_NCIHAL_D("CORE_RESET_RSP NCI2.0");
438 if (nxpncihal_ctrl.hal_ext_enabled == TRUE) {
439 nxpncihal_ctrl.nci_info.wait_for_ntf = TRUE;
440 }
441 } else if (p_ntf[2] == 0x03 && p_ntf[3] == 0x00) {
442 if (*p_len < 5) {
443 android_errorWriteLog(0x534e4554, "169258455");
444 return NFCSTATUS_FAILED;
445 }
446 NXPLOG_NCIHAL_D("CORE_RESET_RSP NCI1.0");
447 nxpncihal_ctrl.nci_info.nci_version = p_ntf[4];
448 }
449 } else if (p_ntf[0] == NCI_MT_NTF &&
450 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_RESET)) {
451 if (*p_len < 4) {
452 android_errorWriteLog(0x534e4554, "169258455");
453 return NFCSTATUS_FAILED;
454 }
455 if (p_ntf[3] == CORE_RESET_TRIGGER_TYPE_CORE_RESET_CMD_RECEIVED ||
456 p_ntf[3] == CORE_RESET_TRIGGER_TYPE_POWERED_ON) {
457 if (*p_len < 6) {
458 android_errorWriteLog(0x534e4554, "169258455");
459 return NFCSTATUS_FAILED;
460 }
461 NXPLOG_NCIHAL_D("CORE_RESET_NTF NCI2.0 reason CORE_RESET_CMD received !");
462 nxpncihal_ctrl.nci_info.nci_version = p_ntf[5];
463 NXPLOG_NCIHAL_D("nci_version : 0x%02x",
464 nxpncihal_ctrl.nci_info.nci_version);
465 if (!nxpncihal_ctrl.hal_open_status) {
466 phNxpNciHal_configFeatureList(p_ntf, *p_len);
467 }
468 int len = p_ntf[2] + 2; /*include 2 byte header*/
469 if (len != *p_len - 1) {
470 NXPLOG_NCIHAL_E(
471 "phNxpNciHal_ext_process_nfc_init_rsp invalid NTF length");
472 android_errorWriteLog(0x534e4554, "121263487");
473 return NFCSTATUS_FAILED;
474 }
475 wFwVerRsp = (((uint32_t)p_ntf[len - 2]) << 16U) |
476 (((uint32_t)p_ntf[len - 1]) << 8U) | p_ntf[len];
477 NXPLOG_NCIHAL_D("NxpNci> FW Version: %x.%x.%x", p_ntf[len - 2],
478 p_ntf[len - 1], p_ntf[len]);
479 fw_maj_ver = p_ntf[len - 1];
480 rom_version = p_ntf[len - 2];
481 } else {
482 uint32_t i;
483 char print_buffer[*p_len * 3 + 1];
484
485 memset(print_buffer, 0, sizeof(print_buffer));
486 for (i = 0; i < *p_len; i++) {
487 snprintf(&print_buffer[i * 2], 3, "%02X", p_ntf[i]);
488 }
489 NXPLOG_NCIHAL_D("CORE_RESET_NTF received !");
490 NXPLOG_NCIR_E("len = %3d > %s", *p_len, print_buffer);
491 phNxpNciHal_emergency_recovery();
492 status = NFCSTATUS_FAILED;
493 } /* Parsing CORE_INIT_RSP*/
494 } else if (p_ntf[0] == NCI_MT_RSP &&
495 ((p_ntf[1] & NCI_OID_MASK) == NCI_MSG_CORE_INIT)) {
496 if (nxpncihal_ctrl.nci_info.nci_version == NCI_VERSION_2_0) {
497 NXPLOG_NCIHAL_D("CORE_INIT_RSP NCI2.0 received !");
498 } else {
499 NXPLOG_NCIHAL_D("CORE_INIT_RSP NCI1.0 received !");
500 if (!nxpncihal_ctrl.hal_open_status) {
501 phNxpNciHal_configFeatureList(p_ntf, *p_len);
502 }
503 if (*p_len < 3) {
504 android_errorWriteLog(0x534e4554, "169258455");
505 return NFCSTATUS_FAILED;
506 }
507 int len = p_ntf[2] + 2; /*include 2 byte header*/
508 if (len != *p_len - 1) {
509 NXPLOG_NCIHAL_E(
510 "phNxpNciHal_ext_process_nfc_init_rsp invalid NTF length");
511 android_errorWriteLog(0x534e4554, "121263487");
512 return NFCSTATUS_FAILED;
513 }
514 wFwVerRsp = (((uint32_t)p_ntf[len - 2]) << 16U) |
515 (((uint32_t)p_ntf[len - 1]) << 8U) | p_ntf[len];
516 if (wFwVerRsp == 0) status = NFCSTATUS_FAILED;
517 NXPLOG_NCIHAL_D("NxpNci> FW Version: %x.%x.%x", p_ntf[len - 2],
518 p_ntf[len - 1], p_ntf[len]);
519 fw_maj_ver = p_ntf[len - 1];
520 rom_version = p_ntf[len - 2];
521 }
522 }
523 return status;
524 }
525
526 /******************************************************************************
527 * Function phNxpNciHal_process_ext_cmd_rsp
528 *
529 * Description This function process the extension command response. It
530 * also checks the received response to expected response.
531 *
532 * Returns returns NFCSTATUS_SUCCESS if response is as expected else
533 * returns failure.
534 *
535 ******************************************************************************/
phNxpNciHal_process_ext_cmd_rsp(uint16_t cmd_len,uint8_t * p_cmd)536 static NFCSTATUS phNxpNciHal_process_ext_cmd_rsp(uint16_t cmd_len,
537 uint8_t* p_cmd) {
538 NFCSTATUS status = NFCSTATUS_FAILED;
539 uint16_t data_written = 0;
540
541 /* Create the local semaphore */
542 if (phNxpNciHal_init_cb_data(&nxpncihal_ctrl.ext_cb_data, NULL) !=
543 NFCSTATUS_SUCCESS) {
544 NXPLOG_NCIHAL_D("Create ext_cb_data failed");
545 return NFCSTATUS_FAILED;
546 }
547
548 nxpncihal_ctrl.ext_cb_data.status = NFCSTATUS_SUCCESS;
549
550 /* Send ext command */
551 data_written = phNxpNciHal_write_unlocked(cmd_len, p_cmd);
552 if (data_written != cmd_len) {
553 NXPLOG_NCIHAL_D("phNxpNciHal_write failed for hal ext");
554 goto clean_and_return;
555 }
556
557 /* Start timer */
558 status = phOsalNfc_Timer_Start(timeoutTimerId, HAL_EXTNS_WRITE_RSP_TIMEOUT,
559 &hal_extns_write_rsp_timeout_cb, NULL);
560 if (NFCSTATUS_SUCCESS == status) {
561 NXPLOG_NCIHAL_D("Response timer started");
562 } else {
563 NXPLOG_NCIHAL_E("Response timer not started!!!");
564 status = NFCSTATUS_FAILED;
565 goto clean_and_return;
566 }
567
568 /* Wait for rsp */
569 NXPLOG_NCIHAL_D("Waiting after ext cmd sent");
570 if (SEM_WAIT(nxpncihal_ctrl.ext_cb_data)) {
571 NXPLOG_NCIHAL_E("p_hal_ext->ext_cb_data.sem semaphore error");
572 goto clean_and_return;
573 }
574
575 /* Stop Timer */
576 status = phOsalNfc_Timer_Stop(timeoutTimerId);
577 if (NFCSTATUS_SUCCESS == status) {
578 NXPLOG_NCIHAL_D("Response timer stopped");
579 } else {
580 NXPLOG_NCIHAL_E("Response timer stop ERROR!!!");
581 status = NFCSTATUS_FAILED;
582 goto clean_and_return;
583 }
584
585 if (cmd_len < 3) {
586 android_errorWriteLog(0x534e4554, "153880630");
587 status = NFCSTATUS_FAILED;
588 goto clean_and_return;
589 }
590
591 /* No NTF expected for OMAPI command */
592 if (p_cmd[0] == 0x2F && p_cmd[1] == 0x1 && p_cmd[2] == 0x01) {
593 nxpncihal_ctrl.nci_info.wait_for_ntf = FALSE;
594 }
595 /* Start timer to wait for NTF*/
596 if (nxpncihal_ctrl.nci_info.wait_for_ntf == TRUE) {
597 status = phOsalNfc_Timer_Start(timeoutTimerId, HAL_EXTNS_WRITE_RSP_TIMEOUT,
598 &hal_extns_write_rsp_timeout_cb, NULL);
599 if (NFCSTATUS_SUCCESS == status) {
600 NXPLOG_NCIHAL_D("Response timer started");
601 } else {
602 NXPLOG_NCIHAL_E("Response timer not started!!!");
603 status = NFCSTATUS_FAILED;
604 goto clean_and_return;
605 }
606 if (SEM_WAIT(nxpncihal_ctrl.ext_cb_data)) {
607 NXPLOG_NCIHAL_E("p_hal_ext->ext_cb_data.sem semaphore error");
608 /* Stop Timer */
609 status = phOsalNfc_Timer_Stop(timeoutTimerId);
610 goto clean_and_return;
611 }
612 status = phOsalNfc_Timer_Stop(timeoutTimerId);
613 if (NFCSTATUS_SUCCESS == status) {
614 NXPLOG_NCIHAL_D("Response timer stopped");
615 } else {
616 NXPLOG_NCIHAL_E("Response timer stop ERROR!!!");
617 status = NFCSTATUS_FAILED;
618 goto clean_and_return;
619 }
620 }
621
622 if (nxpncihal_ctrl.ext_cb_data.status != NFCSTATUS_SUCCESS &&
623 p_cmd[0] != 0x2F && p_cmd[1] != 0x1 && p_cmd[2] == 0x01) {
624 NXPLOG_NCIHAL_E(
625 "Callback Status is failed!! Timer Expired!! Couldn't read it! 0x%x",
626 nxpncihal_ctrl.ext_cb_data.status);
627 status = NFCSTATUS_FAILED;
628 goto clean_and_return;
629 }
630
631 NXPLOG_NCIHAL_D("Checking response");
632 status = NFCSTATUS_SUCCESS;
633
634 clean_and_return:
635 phNxpNciHal_cleanup_cb_data(&nxpncihal_ctrl.ext_cb_data);
636 nxpncihal_ctrl.nci_info.wait_for_ntf = FALSE;
637 return status;
638 }
639
640 /******************************************************************************
641 * Function phNxpNciHal_write_ext
642 *
643 * Description This function inform the status of phNxpNciHal_open
644 * function to libnfc-nci.
645 *
646 * Returns It return NFCSTATUS_SUCCESS then continue with send else
647 * sends NFCSTATUS_FAILED direct response is prepared and
648 * do not send anything to NFCC.
649 *
650 ******************************************************************************/
651
phNxpNciHal_write_ext(uint16_t * cmd_len,uint8_t * p_cmd_data,uint16_t * rsp_len,uint8_t * p_rsp_data)652 NFCSTATUS phNxpNciHal_write_ext(uint16_t* cmd_len, uint8_t* p_cmd_data,
653 uint16_t* rsp_len, uint8_t* p_rsp_data) {
654 NFCSTATUS status = NFCSTATUS_SUCCESS;
655
656 phNxpNciHal_NfcDep_cmd_ext(p_cmd_data, cmd_len);
657
658 if (phNxpDta_IsEnable() == true) {
659 status = phNxpNHal_DtaUpdate(cmd_len, p_cmd_data, rsp_len, p_rsp_data);
660 }
661
662 if (p_cmd_data[0] == PROPRIETARY_CMD_FELICA_READER_MODE &&
663 p_cmd_data[1] == PROPRIETARY_CMD_FELICA_READER_MODE &&
664 p_cmd_data[2] == PROPRIETARY_CMD_FELICA_READER_MODE) {
665 NXPLOG_NCIHAL_D("Received proprietary command to set Felica Reader mode:%d",
666 p_cmd_data[3]);
667 gFelicaReaderMode = p_cmd_data[3];
668 /* frame the dummy response */
669 *rsp_len = 4;
670 p_rsp_data[0] = 0x00;
671 p_rsp_data[1] = 0x00;
672 p_rsp_data[2] = 0x00;
673 p_rsp_data[3] = 0x00;
674 status = NFCSTATUS_FAILED;
675 } else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 &&
676 p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x01 &&
677 p_cmd_data[4] == 0xA0 && p_cmd_data[5] == 0x44 &&
678 p_cmd_data[6] == 0x01 && p_cmd_data[7] == 0x01) {
679 nxpprofile_ctrl.profile_type = EMV_CO_PROFILE;
680 NXPLOG_NCIHAL_D("EMV_CO_PROFILE mode - Enabled");
681 status = NFCSTATUS_SUCCESS;
682 } else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 &&
683 p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x01 &&
684 p_cmd_data[4] == 0xA0 && p_cmd_data[5] == 0x44 &&
685 p_cmd_data[6] == 0x01 && p_cmd_data[7] == 0x00) {
686 NXPLOG_NCIHAL_D("NFC_FORUM_PROFILE mode - Enabled");
687 nxpprofile_ctrl.profile_type = NFC_FORUM_PROFILE;
688 status = NFCSTATUS_SUCCESS;
689 }
690
691 if (nxpprofile_ctrl.profile_type == EMV_CO_PROFILE) {
692 if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x06 &&
693 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x03) {
694 #if 0
695 //Needs clarification whether to keep it or not
696 NXPLOG_NCIHAL_D ("EmvCo Poll mode - RF Deactivate discard");
697 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
698 *rsp_len = 4;
699 p_rsp_data[0] = 0x41;
700 p_rsp_data[1] = 0x06;
701 p_rsp_data[2] = 0x01;
702 p_rsp_data[3] = 0x00;
703 phNxpNciHal_print_packet("RECV", p_rsp_data, 4);
704 status = NFCSTATUS_FAILED;
705 #endif
706 } else if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x03) {
707 NXPLOG_NCIHAL_D("EmvCo Poll mode - Discover map only for A and B");
708 p_cmd_data[2] = 0x05;
709 p_cmd_data[3] = 0x02;
710 p_cmd_data[4] = 0x00;
711 p_cmd_data[5] = 0x01;
712 p_cmd_data[6] = 0x01;
713 p_cmd_data[7] = 0x01;
714 *cmd_len = 8;
715 }
716 }
717
718 if (*cmd_len <= (NCI_MAX_DATA_LEN - 3) && bEnableMfcReader &&
719 p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x00) {
720 NXPLOG_NCIHAL_D("Going through extns - Adding Mifare in RF Discovery");
721 p_cmd_data[2] += 3;
722 p_cmd_data[3] += 1;
723 p_cmd_data[*cmd_len] = 0x80;
724 p_cmd_data[*cmd_len + 1] = 0x01;
725 p_cmd_data[*cmd_len + 2] = 0x80;
726 *cmd_len += 3;
727 status = NFCSTATUS_SUCCESS;
728 bEnableMfcExtns = false;
729 NXPLOG_NCIHAL_D(
730 "Going through extns - Adding Mifare in RF Discovery - END");
731 } else if (p_cmd_data[3] == 0x81 && p_cmd_data[4] == 0x01 &&
732 p_cmd_data[5] == 0x03) {
733 if (nxpncihal_ctrl.nci_info.nci_version != NCI_VERSION_2_0) {
734 NXPLOG_NCIHAL_D("> Going through workaround - set host list");
735
736 *cmd_len = 8;
737
738 p_cmd_data[2] = 0x05;
739 p_cmd_data[6] = 0x02;
740 p_cmd_data[7] = 0xC0;
741
742 NXPLOG_NCIHAL_D("> Going through workaround - set host list - END");
743 status = NFCSTATUS_SUCCESS;
744 }
745 } else if (icode_detected) {
746 if ((p_cmd_data[3] & 0x40) == 0x40 &&
747 (p_cmd_data[4] == 0x21 || p_cmd_data[4] == 0x22 ||
748 p_cmd_data[4] == 0x24 || p_cmd_data[4] == 0x27 ||
749 p_cmd_data[4] == 0x28 || p_cmd_data[4] == 0x29 ||
750 p_cmd_data[4] == 0x2a)) {
751 NXPLOG_NCIHAL_D("> Send EOF set");
752 icode_send_eof = 1;
753 }
754
755 if (p_cmd_data[3] == 0x20 || p_cmd_data[3] == 0x24 ||
756 p_cmd_data[3] == 0x60) {
757 NXPLOG_NCIHAL_D("> NFC ISO_15693 Proprietary CMD ");
758 p_cmd_data[3] += 0x02;
759 }
760 } else if (p_cmd_data[0] == 0x21 && p_cmd_data[1] == 0x03) {
761 NXPLOG_NCIHAL_D("> Polling Loop Started");
762 icode_detected = 0;
763 icode_send_eof = 0;
764 }
765 // 22000100
766 else if (p_cmd_data[0] == 0x22 && p_cmd_data[1] == 0x00 &&
767 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x00) {
768 // ee_disc_done = 0x01;//Reader Over SWP event getting
769 *rsp_len = 0x05;
770 p_rsp_data[0] = 0x42;
771 p_rsp_data[1] = 0x00;
772 p_rsp_data[2] = 0x02;
773 p_rsp_data[3] = 0x00;
774 p_rsp_data[4] = 0x00;
775 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
776 status = NFCSTATUS_FAILED;
777 }
778 // 2002 0904 3000 3100 3200 5000
779 else if ((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
780 ((p_cmd_data[2] == 0x09 && p_cmd_data[3] == 0x04) /*||
781 (p_cmd_data[2] == 0x0D && p_cmd_data[3] == 0x04)*/
782 )) {
783 *cmd_len += 0x01;
784 p_cmd_data[2] += 0x01;
785 p_cmd_data[9] = 0x01;
786 p_cmd_data[10] = 0x40;
787 p_cmd_data[11] = 0x50;
788 p_cmd_data[12] = 0x00;
789
790 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
791 // phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
792 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
793 }
794 // 20020703300031003200
795 // 2002 0301 3200
796 else if ((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
797 ((p_cmd_data[2] == 0x07 && p_cmd_data[3] == 0x03) ||
798 (p_cmd_data[2] == 0x03 && p_cmd_data[3] == 0x01 &&
799 p_cmd_data[4] == 0x32))) {
800 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
801 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
802 *rsp_len = 5;
803 p_rsp_data[0] = 0x40;
804 p_rsp_data[1] = 0x02;
805 p_rsp_data[2] = 0x02;
806 p_rsp_data[3] = 0x00;
807 p_rsp_data[4] = 0x00;
808
809 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
810 status = NFCSTATUS_FAILED;
811 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
812 }
813
814 // 2002 0D04 300104 310100 320100 500100
815 // 2002 0401 320100
816 else if ((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
817 (
818 /*(p_cmd_data[2] == 0x0D && p_cmd_data[3] == 0x04)*/
819 (p_cmd_data[2] == 0x04 && p_cmd_data[3] == 0x01 &&
820 p_cmd_data[4] == 0x32 && p_cmd_data[5] == 0x00))) {
821 // p_cmd_data[12] = 0x40;
822
823 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config ");
824 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
825 p_cmd_data[6] = 0x60;
826
827 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
828 // status = NFCSTATUS_FAILED;
829 NXPLOG_NCIHAL_D("> Going through workaround - Dirty Set Config - End ");
830 } else if (*cmd_len <= (NCI_MAX_DATA_LEN - 3) && p_cmd_data[0] == 0x21 &&
831 p_cmd_data[1] == 0x00) {
832 NXPLOG_NCIHAL_D(
833 "> Going through workaround - Add Mifare Classic in Discovery Map");
834 p_cmd_data[*cmd_len] = 0x80;
835 p_cmd_data[*cmd_len + 1] = 0x01;
836 p_cmd_data[*cmd_len + 2] = 0x80;
837 p_cmd_data[5] = 0x01;
838 p_cmd_data[6] = 0x01;
839 p_cmd_data[2] += 3;
840 p_cmd_data[3] += 1;
841 *cmd_len += 3;
842 } else if (*cmd_len == 3 && p_cmd_data[0] == 0x00 && p_cmd_data[1] == 0x00 &&
843 p_cmd_data[2] == 0x00) {
844 NXPLOG_NCIHAL_D("> Going through workaround - ISO-DEP Presence Check ");
845 p_cmd_data[0] = 0x2F;
846 p_cmd_data[1] = 0x11;
847 p_cmd_data[2] = 0x00;
848 status = NFCSTATUS_SUCCESS;
849 NXPLOG_NCIHAL_D(
850 "> Going through workaround - ISO-DEP Presence Check - End");
851 }
852 #if 0
853 else if ( (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02 ) &&
854 ((p_cmd_data[2] == 0x09 && p_cmd_data[3] == 0x04) ||
855 (p_cmd_data[2] == 0x0B && p_cmd_data[3] == 0x05) ||
856 (p_cmd_data[2] == 0x07 && p_cmd_data[3] == 0x02) ||
857 (p_cmd_data[2] == 0x0A && p_cmd_data[3] == 0x03) ||
858 (p_cmd_data[2] == 0x0A && p_cmd_data[3] == 0x04) ||
859 (p_cmd_data[2] == 0x05 && p_cmd_data[3] == 0x02))
860 )
861 {
862 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config ");
863 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
864 *rsp_len = 5;
865 p_rsp_data[0] = 0x40;
866 p_rsp_data[1] = 0x02;
867 p_rsp_data[2] = 0x02;
868 p_rsp_data[3] = 0x00;
869 p_rsp_data[4] = 0x00;
870
871 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
872 status = NFCSTATUS_FAILED;
873 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config - End ");
874 }
875
876 else if((p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x02) &&
877 ((p_cmd_data[3] == 0x00) ||
878 ((*cmd_len >= 0x06) && (p_cmd_data[5] == 0x00)))) /*If the length of the first param id is zero don't allow*/
879 {
880 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config ");
881 phNxpNciHal_print_packet("SEND", p_cmd_data, *cmd_len);
882 *rsp_len = 5;
883 p_rsp_data[0] = 0x40;
884 p_rsp_data[1] = 0x02;
885 p_rsp_data[2] = 0x02;
886 p_rsp_data[3] = 0x00;
887 p_rsp_data[4] = 0x00;
888
889 phNxpNciHal_print_packet("RECV", p_rsp_data, 5);
890 status = NFCSTATUS_FAILED;
891 NXPLOG_NCIHAL_D ("> Going through workaround - Dirty Set Config - End ");
892 }
893 #endif
894 else if ((wFwVerRsp & 0x0000FFFF) == wFwVer) {
895 /* skip CORE_RESET and CORE_INIT from Brcm */
896 if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x00 &&
897 p_cmd_data[2] == 0x01 && p_cmd_data[3] == 0x01) {
898 // *rsp_len = 6;
899 //
900 // NXPLOG_NCIHAL_D("> Going - core reset optimization");
901 //
902 // p_rsp_data[0] = 0x40;
903 // p_rsp_data[1] = 0x00;
904 // p_rsp_data[2] = 0x03;
905 // p_rsp_data[3] = 0x00;
906 // p_rsp_data[4] = 0x10;
907 // p_rsp_data[5] = 0x01;
908 //
909 // status = NFCSTATUS_FAILED;
910 // NXPLOG_NCIHAL_D("> Going - core reset optimization - END");
911 }
912 /* CORE_INIT */
913 else if (p_cmd_data[0] == 0x20 && p_cmd_data[1] == 0x01 &&
914 p_cmd_data[2] == 0x00) {
915 }
916 }
917
918 return status;
919 }
920
921 /******************************************************************************
922 * Function phNxpNciHal_send_ext_cmd
923 *
924 * Description This function send the extension command to NFCC. No
925 * response is checked by this function but it waits for
926 * the response to come.
927 *
928 * Returns Returns NFCSTATUS_SUCCESS if sending cmd is successful and
929 * response is received.
930 *
931 ******************************************************************************/
phNxpNciHal_send_ext_cmd(uint16_t cmd_len,uint8_t * p_cmd)932 NFCSTATUS phNxpNciHal_send_ext_cmd(uint16_t cmd_len, uint8_t* p_cmd) {
933 NFCSTATUS status = NFCSTATUS_FAILED;
934 HAL_ENABLE_EXT();
935 nxpncihal_ctrl.cmd_len = cmd_len;
936 memcpy(nxpncihal_ctrl.p_cmd_data, p_cmd, cmd_len);
937 status = phNxpNciHal_process_ext_cmd_rsp(nxpncihal_ctrl.cmd_len,
938 nxpncihal_ctrl.p_cmd_data);
939 HAL_DISABLE_EXT();
940
941 return status;
942 }
943
944 /******************************************************************************
945 * Function phNxpNciHal_send_ese_hal_cmd
946 *
947 * Description This function send the extension command to NFCC. No
948 * response is checked by this function but it waits for
949 * the response to come.
950 *
951 * Returns Returns NFCSTATUS_SUCCESS if sending cmd is successful and
952 * response is received.
953 *
954 ******************************************************************************/
phNxpNciHal_send_ese_hal_cmd(uint16_t cmd_len,uint8_t * p_cmd)955 NFCSTATUS phNxpNciHal_send_ese_hal_cmd(uint16_t cmd_len, uint8_t* p_cmd) {
956 NFCSTATUS status = NFCSTATUS_FAILED;
957 if (cmd_len > NCI_MAX_DATA_LEN) {
958 NXPLOG_NCIHAL_E("cmd_len exceeds limit NCI_MAX_DATA_LEN");
959 return status;
960 }
961 nxpncihal_ctrl.cmd_len = cmd_len;
962 memcpy(nxpncihal_ctrl.p_cmd_data, p_cmd, cmd_len);
963 status = phNxpNciHal_process_ext_cmd_rsp(nxpncihal_ctrl.cmd_len,
964 nxpncihal_ctrl.p_cmd_data);
965 return status;
966 }
967
968 /******************************************************************************
969 * Function hal_extns_write_rsp_timeout_cb
970 *
971 * Description Timer call back function
972 *
973 * Returns None
974 *
975 ******************************************************************************/
hal_extns_write_rsp_timeout_cb(uint32_t timerId,void * pContext)976 static void hal_extns_write_rsp_timeout_cb(uint32_t timerId, void* pContext) {
977 UNUSED(timerId);
978 UNUSED(pContext);
979 NXPLOG_NCIHAL_D("hal_extns_write_rsp_timeout_cb - write timeout!!!");
980 nxpncihal_ctrl.ext_cb_data.status = NFCSTATUS_FAILED;
981 usleep(1);
982 sem_post(&(nxpncihal_ctrl.syncSpiNfc));
983 SEM_POST(&(nxpncihal_ctrl.ext_cb_data));
984
985 return;
986 }
987