1 /******************************************************************************
2  *
3  *  Copyright (C) 2010-2014 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains function of the NCI unit to format and send NCI
22  *  commands (for DH).
23  *
24  ******************************************************************************/
25 #include "nci_hmsgs.h"
26 
27 #include <string.h>
28 
29 #include "include/debug_lmrt.h"
30 #include "nci_defs.h"
31 #include "nfc_api.h"
32 #include "nfc_int.h"
33 #include "nfc_target.h"
34 
35 /*******************************************************************************
36 **
37 ** Function         nci_snd_tlv_parameter_generic_cmd
38 **
39 ** Description      compose and send RF Management RF TLV Parameter
40 **                  generic command to command queue
41 **
42 ** Returns          status
43 **
44 *******************************************************************************/
nci_snd_tlv_parameter_generic_cmd(uint8_t oid,uint8_t * p_param_tlvs,uint8_t tlv_size)45 static uint8_t nci_snd_tlv_parameter_generic_cmd(uint8_t oid,
46                                                  uint8_t* p_param_tlvs,
47                                                  uint8_t tlv_size) {
48   NFC_HDR* p;
49   uint8_t* pp;
50   uint8_t num = 0, ulen, len, *pt;
51 
52   p = NCI_GET_CMD_BUF(tlv_size + 1);
53   if (p == nullptr) return (NCI_STATUS_FAILED);
54 
55   p->event = BT_EVT_TO_NFC_NCI;
56   p->len = NCI_MSG_HDR_SIZE + tlv_size + 1;
57   p->offset = NCI_MSG_OFFSET_SIZE;
58   pp = (uint8_t*)(p + 1) + p->offset;
59 
60   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
61   NCI_MSG_BLD_HDR1(pp, oid);
62   UINT8_TO_STREAM(pp, (uint8_t)(tlv_size + 1));
63   len = tlv_size;
64   pt = p_param_tlvs;
65   while (len > 1) {
66     len -= 2;
67     pt++;
68     num++;
69     ulen = *pt++;
70     pt += ulen;
71     if (len >= ulen) {
72       len -= ulen;
73     } else {
74       GKI_freebuf(p);
75       return NCI_STATUS_FAILED;
76     }
77   }
78 
79   UINT8_TO_STREAM(pp, num);
80   ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
81   nfc_ncif_send_cmd(p);
82 
83   return (NCI_STATUS_OK);
84 }
85 
86 /*******************************************************************************
87 **
88 ** Function         nci_snd_core_reset
89 **
90 ** Description      compose and send CORE RESET command to command queue
91 **
92 ** Returns          status
93 **
94 *******************************************************************************/
nci_snd_core_reset(uint8_t reset_type)95 uint8_t nci_snd_core_reset(uint8_t reset_type) {
96   NFC_HDR* p;
97   uint8_t* pp;
98 
99   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_RESET);
100   if (p == nullptr) return (NCI_STATUS_FAILED);
101 
102   p->event = BT_EVT_TO_NFC_NCI;
103   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_RESET;
104   p->offset = NCI_MSG_OFFSET_SIZE;
105   p->layer_specific = 0;
106   pp = (uint8_t*)(p + 1) + p->offset;
107 
108   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
109   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_RESET);
110   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_RESET);
111   UINT8_TO_STREAM(pp, reset_type);
112 
113   nfc_ncif_send_cmd(p);
114   return (NCI_STATUS_OK);
115 }
116 
117 /*******************************************************************************
118 **
119 ** Function         nci_snd_core_init
120 **
121 ** Description      compose and send CORE INIT command to command queue
122 **
123 ** Returns          status
124 **
125 *******************************************************************************/
nci_snd_core_init(uint8_t nci_version)126 uint8_t nci_snd_core_init(uint8_t nci_version) {
127   NFC_HDR* p;
128   uint8_t* pp;
129 
130   if ((p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_INIT(nci_version))) == nullptr)
131     return (NCI_STATUS_FAILED);
132 
133   p->event = BT_EVT_TO_NFC_NCI;
134   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_INIT(nci_version);
135   p->offset = NCI_MSG_OFFSET_SIZE;
136   p->layer_specific = 0;
137   pp = (uint8_t*)(p + 1) + p->offset;
138 
139   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
140   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_INIT);
141   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_INIT(nci_version));
142   if (nfc_cb.nci_version >= NCI_VERSION_2_0) {
143     UINT8_TO_STREAM(pp, NCI2_X_CORE_INIT_CMD_BYTE_0);
144     UINT8_TO_STREAM(pp, NCI2_X_CORE_INIT_CMD_BYTE_1);
145   }
146 
147   nfc_ncif_send_cmd(p);
148   return (NCI_STATUS_OK);
149 }
150 
151 /*******************************************************************************
152 **
153 ** Function         nci_snd_core_get_config
154 **
155 ** Description      compose and send CORE GET_CONFIG command to command queue
156 **
157 ** Returns          status
158 **
159 *******************************************************************************/
nci_snd_core_get_config(uint8_t * param_ids,uint8_t num_ids)160 uint8_t nci_snd_core_get_config(uint8_t* param_ids, uint8_t num_ids) {
161   NFC_HDR* p;
162   uint8_t* pp;
163 
164   p = NCI_GET_CMD_BUF(num_ids);
165   if (p == nullptr) return (NCI_STATUS_FAILED);
166 
167   p->event = BT_EVT_TO_NFC_NCI;
168   p->len = NCI_MSG_HDR_SIZE + num_ids + 1;
169   p->offset = NCI_MSG_OFFSET_SIZE;
170   p->layer_specific = 0;
171   pp = (uint8_t*)(p + 1) + p->offset;
172 
173   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
174   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_GET_CONFIG);
175   UINT8_TO_STREAM(pp, (uint8_t)(num_ids + 1));
176   UINT8_TO_STREAM(pp, num_ids);
177   ARRAY_TO_STREAM(pp, param_ids, num_ids);
178 
179   nfc_ncif_send_cmd(p);
180   return (NCI_STATUS_OK);
181 }
182 
183 /*******************************************************************************
184 **
185 ** Function         nci_snd_core_set_config
186 **
187 ** Description      compose and send CORE SET_CONFIG command to command queue
188 **
189 ** Returns          status
190 **
191 *******************************************************************************/
nci_snd_core_set_config(uint8_t * p_param_tlvs,uint8_t tlv_size)192 uint8_t nci_snd_core_set_config(uint8_t* p_param_tlvs, uint8_t tlv_size) {
193   NFC_HDR* p;
194   uint8_t* pp;
195   uint8_t num = 0, ulen, len, *pt;
196 
197   p = NCI_GET_CMD_BUF(tlv_size + 1);
198   if (p == nullptr) return (NCI_STATUS_FAILED);
199 
200   p->event = BT_EVT_TO_NFC_NCI;
201   p->len = NCI_MSG_HDR_SIZE + tlv_size + 1;
202   p->offset = NCI_MSG_OFFSET_SIZE;
203   pp = (uint8_t*)(p + 1) + p->offset;
204 
205   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
206   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_SET_CONFIG);
207   UINT8_TO_STREAM(pp, (uint8_t)(tlv_size + 1));
208   len = tlv_size;
209   pt = p_param_tlvs;
210   while (len > 1) {
211     len -= 2;
212     ++pt;
213     ++num;
214     ulen = *pt++;
215     pt += ulen;
216     if (len >= ulen) {
217       len -= ulen;
218     } else {
219       GKI_freebuf(p);
220       return NCI_STATUS_FAILED;
221     }
222   }
223 
224   UINT8_TO_STREAM(pp, num);
225   ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
226   nfc_ncif_send_cmd(p);
227 
228   return (NCI_STATUS_OK);
229 }
230 
231 /*******************************************************************************
232 **
233 ** Function         nci_snd_core_conn_create
234 **
235 ** Description      compose and send CORE CONN_CREATE command to command queue
236 **
237 ** Returns          status
238 **
239 *******************************************************************************/
nci_snd_core_conn_create(uint8_t dest_type,uint8_t num_tlv,uint8_t tlv_size,uint8_t * p_param_tlvs)240 uint8_t nci_snd_core_conn_create(uint8_t dest_type, uint8_t num_tlv,
241                                  uint8_t tlv_size, uint8_t* p_param_tlvs) {
242   NFC_HDR* p;
243   uint8_t* pp;
244   uint8_t size = NCI_CORE_PARAM_SIZE_CON_CREATE + tlv_size;
245 
246   p = NCI_GET_CMD_BUF(size);
247   if (p == nullptr) return (NCI_STATUS_FAILED);
248 
249   p->event = BT_EVT_TO_NFC_NCI;
250   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_CON_CREATE;
251   p->offset = NCI_MSG_OFFSET_SIZE;
252   p->layer_specific = 0;
253   pp = (uint8_t*)(p + 1) + p->offset;
254 
255   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
256   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_CONN_CREATE);
257   UINT8_TO_STREAM(pp, size);
258   UINT8_TO_STREAM(pp, dest_type);
259   UINT8_TO_STREAM(pp, num_tlv);
260   if (tlv_size) {
261     ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
262     p->len += tlv_size;
263   }
264 
265   nfc_ncif_send_cmd(p);
266   return (NCI_STATUS_OK);
267 }
268 
269 /*******************************************************************************
270 **
271 ** Function         nci_snd_core_conn_close
272 **
273 ** Description      compose and send CORE CONN_CLOSE command to command queue
274 **
275 ** Returns          status
276 **
277 *******************************************************************************/
nci_snd_core_conn_close(uint8_t conn_id)278 uint8_t nci_snd_core_conn_close(uint8_t conn_id) {
279   NFC_HDR* p;
280   uint8_t* pp;
281 
282   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_CON_CLOSE);
283   if (p == nullptr) return (NCI_STATUS_FAILED);
284 
285   p->event = BT_EVT_TO_NFC_NCI;
286   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_CON_CLOSE;
287   p->offset = NCI_MSG_OFFSET_SIZE;
288   p->layer_specific = 0;
289   pp = (uint8_t*)(p + 1) + p->offset;
290 
291   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
292   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_CONN_CLOSE);
293   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_CON_CLOSE);
294   UINT8_TO_STREAM(pp, conn_id);
295 
296   nfc_ncif_send_cmd(p);
297   return (NCI_STATUS_OK);
298 }
299 
300 #if (NFC_NFCEE_INCLUDED == TRUE)
301 #if (NFC_RW_ONLY == FALSE)
302 /*******************************************************************************
303 **
304 ** Function         nci_snd_nfcee_discover
305 **
306 ** Description      compose and send NFCEE Management NFCEE_DISCOVER command
307 **                  to command queue
308 **
309 ** Returns          status
310 **
311 *******************************************************************************/
nci_snd_nfcee_discover(uint8_t discover_action)312 uint8_t nci_snd_nfcee_discover(uint8_t discover_action) {
313   NFC_HDR* p;
314   uint8_t* pp;
315 
316   p = NCI_GET_CMD_BUF(NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion()));
317   if (p == nullptr) return (NCI_STATUS_FAILED);
318 
319   p->event = BT_EVT_TO_NFC_NCI;
320   p->len =
321       NCI_MSG_HDR_SIZE + NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion());
322   p->offset = NCI_MSG_OFFSET_SIZE;
323   p->layer_specific = 0;
324   pp = (uint8_t*)(p + 1) + p->offset;
325 
326   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
327   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_DISCOVER);
328   UINT8_TO_STREAM(pp, NCI_PARAM_SIZE_DISCOVER_NFCEE(NFC_GetNCIVersion()));
329   if (NFC_GetNCIVersion() < NCI_VERSION_2_0) {
330     UINT8_TO_STREAM(pp, discover_action);
331   }
332   nfc_ncif_send_cmd(p);
333   return (NCI_STATUS_OK);
334 }
335 
336 /*******************************************************************************
337 **
338 ** Function         nci_snd_nfcee_mode_set
339 **
340 ** Description      compose and send NFCEE Management NFCEE MODE SET command
341 **                  to command queue
342 **
343 ** Returns          status
344 **
345 *******************************************************************************/
nci_snd_nfcee_mode_set(uint8_t nfcee_id,uint8_t nfcee_mode)346 uint8_t nci_snd_nfcee_mode_set(uint8_t nfcee_id, uint8_t nfcee_mode) {
347   NFC_HDR* p;
348   uint8_t* pp;
349 
350   p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET);
351   if (p == nullptr) return (NCI_STATUS_FAILED);
352 
353   p->event = BT_EVT_TO_NFC_NCI;
354   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET;
355   p->offset = NCI_MSG_OFFSET_SIZE;
356   p->layer_specific = 0;
357   pp = (uint8_t*)(p + 1) + p->offset;
358 
359   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
360   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_MODE_SET);
361   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_NFCEE_MODE_SET);
362   UINT8_TO_STREAM(pp, nfcee_id);
363   UINT8_TO_STREAM(pp, nfcee_mode);
364 
365   nfc_ncif_send_cmd(p);
366   return (NCI_STATUS_OK);
367 }
368 
369 /*******************************************************************************
370 **
371 ** Function         nci_snd_iso_dep_nak_presence_check_cmd
372 **
373 ** Description      compose and send RF Management presence check ISO-DEP NAK
374 **                  command.
375 **
376 **
377 ** Returns          status
378 **
379 *******************************************************************************/
nci_snd_iso_dep_nak_presence_check_cmd()380 uint8_t nci_snd_iso_dep_nak_presence_check_cmd() {
381   NFC_HDR* p;
382   uint8_t* pp;
383 
384   if ((p = NCI_GET_CMD_BUF(0)) == nullptr) return (NCI_STATUS_FAILED);
385 
386   p->event = BT_EVT_TO_NFC_NCI;
387   p->offset = NCI_MSG_OFFSET_SIZE;
388   p->len = NCI_MSG_HDR_SIZE + 0;
389   p->layer_specific = 0;
390   pp = (uint8_t*)(p + 1) + p->offset;
391 
392   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
393   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_ISO_DEP_NAK_PRESENCE);
394   UINT8_TO_STREAM(pp, 0x00);
395   nfc_ncif_send_cmd(p);
396   return (NCI_STATUS_OK);
397 }
398 #endif
399 #endif
400 
401 /*******************************************************************************
402 **
403 ** Function         nci_snd_discover_cmd
404 **
405 ** Description      compose and send RF Management DISCOVER command to command
406 **                  queue
407 **
408 ** Returns          status
409 **
410 *******************************************************************************/
nci_snd_discover_cmd(uint8_t num,tNCI_DISCOVER_PARAMS * p_param)411 uint8_t nci_snd_discover_cmd(uint8_t num, tNCI_DISCOVER_PARAMS* p_param) {
412   NFC_HDR* p;
413   uint8_t *pp, *p_size, *p_start;
414   int xx;
415 
416   const int size [[maybe_unused]] = num * sizeof(tNCI_DISCOVER_PARAMS) + 1;
417   p = NCI_GET_CMD_BUF(size);
418 
419   if (p == nullptr) return (NCI_STATUS_FAILED);
420 
421   p->event = BT_EVT_TO_NFC_NCI;
422   p->offset = NCI_MSG_OFFSET_SIZE;
423   p->layer_specific = 0;
424   pp = (uint8_t*)(p + 1) + p->offset;
425 
426   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
427   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER);
428   p_size = pp;
429   ++pp;
430   p_start = pp;
431   UINT8_TO_STREAM(pp, num);
432   for (xx = 0; xx < num; ++xx) {
433     UINT8_TO_STREAM(pp, p_param[xx].type);
434     UINT8_TO_STREAM(pp, p_param[xx].frequency);
435   }
436   *p_size = (uint8_t)(pp - p_start);
437   p->len = NCI_MSG_HDR_SIZE + *p_size;
438 
439   nfc_ncif_send_cmd(p);
440   return (NCI_STATUS_OK);
441 }
442 
443 /*******************************************************************************
444 **
445 ** Function         nci_snd_discover_select_cmd
446 **
447 ** Description      compose and send RF Management DISCOVER SELECT command
448 **                  to command queue
449 **
450 ** Returns          status
451 **
452 *******************************************************************************/
nci_snd_discover_select_cmd(uint8_t rf_disc_id,uint8_t protocol,uint8_t rf_interface)453 uint8_t nci_snd_discover_select_cmd(uint8_t rf_disc_id, uint8_t protocol,
454                                     uint8_t rf_interface) {
455   NFC_HDR* p;
456   uint8_t* pp;
457 
458   p = NCI_GET_CMD_BUF(NCI_DISCOVER_PARAM_SIZE_SELECT);
459   if (p == nullptr) return (NCI_STATUS_FAILED);
460 
461   p->event = BT_EVT_TO_NFC_NCI;
462   p->len = NCI_MSG_HDR_SIZE + NCI_DISCOVER_PARAM_SIZE_SELECT;
463   p->offset = NCI_MSG_OFFSET_SIZE;
464   p->layer_specific = 0;
465   pp = (uint8_t*)(p + 1) + p->offset;
466 
467   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
468   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER_SELECT);
469   UINT8_TO_STREAM(pp, NCI_DISCOVER_PARAM_SIZE_SELECT);
470   UINT8_TO_STREAM(pp, rf_disc_id);
471   UINT8_TO_STREAM(pp, protocol);
472   UINT8_TO_STREAM(pp, rf_interface);
473 
474   nfc_ncif_send_cmd(p);
475   return (NCI_STATUS_OK);
476 }
477 
478 /*******************************************************************************
479 **
480 ** Function         nci_snd_rf_wpt_control_cmd
481 **
482 ** Description      compose and send RF Management WPT_START command
483 **                  to command queue
484 **
485 ** Returns          status
486 **
487 *******************************************************************************/
nci_snd_rf_wpt_control_cmd(uint8_t * p_param_tlvs,uint8_t tlv_size)488 uint8_t nci_snd_rf_wpt_control_cmd(uint8_t* p_param_tlvs, uint8_t tlv_size) {
489   return nci_snd_tlv_parameter_generic_cmd(NCI_MSG_WPT_START, p_param_tlvs,
490                                            tlv_size);
491 }
492 
493 /*******************************************************************************
494 **
495 ** Function         nci_snd_deactivate_cmd
496 **
497 ** Description      compose and send RF Management DEACTIVATE command
498 **                  to command queue
499 **
500 ** Returns          status
501 **
502 *******************************************************************************/
nci_snd_deactivate_cmd(uint8_t de_act_type)503 uint8_t nci_snd_deactivate_cmd(uint8_t de_act_type) {
504   NFC_HDR* p;
505   uint8_t* pp;
506 
507   nfc_cb.reassembly = true;
508 
509   p = NCI_GET_CMD_BUF(NCI_DISCOVER_PARAM_SIZE_DEACT);
510   if (p == nullptr) return (NCI_STATUS_FAILED);
511 
512   p->event = BT_EVT_TO_NFC_NCI;
513   p->len = NCI_MSG_HDR_SIZE + NCI_DISCOVER_PARAM_SIZE_DEACT;
514   p->offset = NCI_MSG_OFFSET_SIZE;
515   p->layer_specific = 0;
516   pp = (uint8_t*)(p + 1) + p->offset;
517 
518   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
519   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DEACTIVATE);
520   UINT8_TO_STREAM(pp, NCI_DISCOVER_PARAM_SIZE_DEACT);
521   UINT8_TO_STREAM(pp, de_act_type);
522 
523   nfc_ncif_send_cmd(p);
524   return (NCI_STATUS_OK);
525 }
526 
527 /*******************************************************************************
528 **
529 ** Function         nci_snd_discover_map_cmd
530 **
531 ** Description      compose and send RF Management DISCOVER MAP command
532 **                  to command queue
533 **
534 ** Returns          status
535 **
536 *******************************************************************************/
nci_snd_discover_map_cmd(uint8_t num,tNCI_DISCOVER_MAPS * p_maps)537 uint8_t nci_snd_discover_map_cmd(uint8_t num, tNCI_DISCOVER_MAPS* p_maps) {
538   NFC_HDR* p;
539   uint8_t *pp, *p_size, *p_start;
540   int xx;
541 
542   const int size [[maybe_unused]] = num * sizeof(tNCI_DISCOVER_MAPS) + 1;
543 
544   p = NCI_GET_CMD_BUF(size);
545 
546   if (p == nullptr) return (NCI_STATUS_FAILED);
547 
548   p->event = BT_EVT_TO_NFC_NCI;
549   p->offset = NCI_MSG_OFFSET_SIZE;
550   p->layer_specific = 0;
551   pp = (uint8_t*)(p + 1) + p->offset;
552 
553   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
554   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_DISCOVER_MAP);
555   p_size = pp;
556   ++pp;
557   p_start = pp;
558   UINT8_TO_STREAM(pp, num);
559   for (xx = 0; xx < num; ++xx) {
560     UINT8_TO_STREAM(pp, p_maps[xx].protocol);
561     UINT8_TO_STREAM(pp, p_maps[xx].mode);
562     UINT8_TO_STREAM(pp, p_maps[xx].intf_type);
563   }
564   *p_size = (uint8_t)(pp - p_start);
565   p->len = NCI_MSG_HDR_SIZE + *p_size;
566   nfc_ncif_send_cmd(p);
567   return (NCI_STATUS_OK);
568 }
569 /*******************************************************************************
570 **
571 ** Function         nci_snd_t3t_polling
572 **
573 ** Description      compose and send RF Management T3T POLLING command
574 **                  to command queue
575 **
576 ** Returns          status
577 **
578 *******************************************************************************/
nci_snd_t3t_polling(uint16_t system_code,uint8_t rc,uint8_t tsn)579 uint8_t nci_snd_t3t_polling(uint16_t system_code, uint8_t rc, uint8_t tsn) {
580   NFC_HDR* p;
581   uint8_t* pp;
582 
583   p = NCI_GET_CMD_BUF(NCI_RF_PARAM_SIZE_T3T_POLLING);
584   if (p == nullptr) return (NCI_STATUS_FAILED);
585 
586   p->event = BT_EVT_TO_NFC_NCI;
587   p->len = NCI_MSG_HDR_SIZE + NCI_RF_PARAM_SIZE_T3T_POLLING;
588   p->offset = NCI_MSG_OFFSET_SIZE;
589   p->layer_specific = 0;
590   pp = (uint8_t*)(p + 1) + p->offset;
591 
592   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
593   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_T3T_POLLING);
594   UINT8_TO_STREAM(pp, NCI_RF_PARAM_SIZE_T3T_POLLING);
595   UINT16_TO_BE_STREAM(pp, system_code);
596   UINT8_TO_STREAM(pp, rc);
597   UINT8_TO_STREAM(pp, tsn);
598 
599   nfc_ncif_send_cmd(p);
600   return (NCI_STATUS_OK);
601 }
602 
603 /*******************************************************************************
604 **
605 ** Function         nci_snd_parameter_update_cmd
606 **
607 ** Description      compose and send RF Management RF Communication Parameter
608 **                  Update commandto command queue
609 **
610 ** Returns          status
611 **
612 *******************************************************************************/
nci_snd_parameter_update_cmd(uint8_t * p_param_tlvs,uint8_t tlv_size)613 uint8_t nci_snd_parameter_update_cmd(uint8_t* p_param_tlvs, uint8_t tlv_size) {
614   return nci_snd_tlv_parameter_generic_cmd(NCI_MSG_RF_PARAMETER_UPDATE,
615                                            p_param_tlvs, tlv_size);
616 }
617 
618 /*******************************************************************************
619 **
620 ** Function         nci_snd_nfcee_power_link_control
621 **
622 ** Description      compose and send NFCEE Management NFCEE Power and Link
623 **                  Control command to command queue
624 **
625 ** Returns          status
626 **
627 *******************************************************************************/
nci_snd_nfcee_power_link_control(uint8_t nfcee_id,uint8_t pl_config)628 uint8_t nci_snd_nfcee_power_link_control(uint8_t nfcee_id, uint8_t pl_config) {
629   uint8_t* pp;
630   NFC_HDR* p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL);
631   if (p == nullptr) return NCI_STATUS_FAILED;
632 
633   p->event = NFC_EVT_TO_NFC_NCI;
634   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL;
635   p->offset = NCI_MSG_OFFSET_SIZE;
636   p->layer_specific = 0;
637   pp = (uint8_t*)(p + 1) + p->offset;
638 
639   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_EE_MANAGE);
640   NCI_MSG_BLD_HDR1(pp, NCI_MSG_NFCEE_POWER_LINK_CTRL);
641   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_NFCEE_PL_CTRL);
642   UINT8_TO_STREAM(pp, nfcee_id);
643   UINT8_TO_STREAM(pp, pl_config);
644 
645   nfc_ncif_send_cmd(p);
646   return NCI_STATUS_OK;
647 }
648 
649 #if (NFC_NFCEE_INCLUDED == TRUE)
650 #if (NFC_RW_ONLY == FALSE)
651 /*******************************************************************************
652 **
653 ** Function         nci_snd_set_routing_cmd
654 **
655 ** Description      compose and send RF Management SET_LISTEN_MODE_ROUTING
656 **                  command to command queue
657 **
658 ** Returns          status
659 **
660 *******************************************************************************/
nci_snd_set_routing_cmd(bool more,uint8_t num_tlv,uint8_t tlv_size,uint8_t * p_param_tlvs)661 uint8_t nci_snd_set_routing_cmd(bool more, uint8_t num_tlv, uint8_t tlv_size,
662                                 uint8_t* p_param_tlvs) {
663   NFC_HDR* p;
664   uint8_t* pp;
665   uint8_t size = tlv_size + 2;
666 
667   if (size < tlv_size) {
668     return (NCI_STATUS_FAILED);
669   }
670 
671   if (tlv_size == 0) {
672     /* just to terminate routing table
673      * 2 bytes (more=FALSE and num routing entries=0) */
674     size = 2;
675   }
676 
677   p = NCI_GET_CMD_BUF(size);
678   if (p == nullptr) return (NCI_STATUS_FAILED);
679 
680   p->event = BT_EVT_TO_NFC_NCI;
681   p->offset = NCI_MSG_OFFSET_SIZE;
682   p->len = NCI_MSG_HDR_SIZE + size;
683   p->layer_specific = 0;
684   pp = (uint8_t*)(p + 1) + p->offset;
685 
686   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
687   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_SET_ROUTING);
688   UINT8_TO_STREAM(pp, size);
689   UINT8_TO_STREAM(pp, more);
690   if (size == 2) {
691     UINT8_TO_STREAM(pp, 0);
692   } else {
693     UINT8_TO_STREAM(pp, num_tlv);
694     ARRAY_TO_STREAM(pp, p_param_tlvs, tlv_size);
695   }
696 
697   uint8_t* lmrt_head_ptr = (uint8_t*)(p + 1) + p->offset;
698   lmrt_capture(lmrt_head_ptr, size + 3);
699 
700   nfc_ncif_send_cmd(p);
701 
702   return (NCI_STATUS_OK);
703 }
704 /*******************************************************************************
705 **
706 ** Function         nci_snd_set_power_sub_state_cmd
707 **
708 ** Description      compose and send core CORE_SET_POWER_SUB_STATE command
709 **                  to command queue
710 **
711 ** Returns          status
712 **
713 *******************************************************************************/
nci_snd_core_set_power_sub_state(uint8_t screen_state)714 uint8_t nci_snd_core_set_power_sub_state(uint8_t screen_state) {
715   NFC_HDR* p = NCI_GET_CMD_BUF(NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE);
716   uint8_t* pp;
717 
718   if (p == nullptr) return (NCI_STATUS_FAILED);
719 
720   p->event = BT_EVT_TO_NFC_NCI;
721   p->offset = NCI_MSG_OFFSET_SIZE;
722   p->len = NCI_MSG_HDR_SIZE + NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE;
723   p->layer_specific = 0;
724   pp = (uint8_t*)(p + 1) + p->offset;
725 
726   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_CORE);
727   NCI_MSG_BLD_HDR1(pp, NCI_MSG_CORE_SET_POWER_SUB_STATE);
728   UINT8_TO_STREAM(pp, NCI_CORE_PARAM_SIZE_SET_POWER_SUB_STATE);
729   UINT8_TO_STREAM(pp, screen_state);
730 
731   nfc_ncif_send_cmd(p);
732 
733   return (NCI_STATUS_OK);
734 }
735 /*******************************************************************************
736 **
737 ** Function         nci_snd_get_routing_cmd
738 **
739 ** Description      compose and send RF Management GET_LISTEN_MODE_ROUTING
740 **                  command to command queue
741 **
742 ** Returns          status
743 **
744 *******************************************************************************/
nci_snd_get_routing_cmd(void)745 uint8_t nci_snd_get_routing_cmd(void) {
746   NFC_HDR* p;
747   uint8_t* pp;
748   uint8_t param_size = 0;
749 
750   p = NCI_GET_CMD_BUF(param_size);
751   if (p == nullptr) return (NCI_STATUS_FAILED);
752 
753   p->event = BT_EVT_TO_NFC_NCI;
754   p->len = NCI_MSG_HDR_SIZE + param_size;
755   p->offset = NCI_MSG_OFFSET_SIZE;
756   p->layer_specific = 0;
757   pp = (uint8_t*)(p + 1) + p->offset;
758 
759   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_RF_MANAGE);
760   NCI_MSG_BLD_HDR1(pp, NCI_MSG_RF_GET_ROUTING);
761   UINT8_TO_STREAM(pp, param_size);
762 
763   nfc_ncif_send_cmd(p);
764   return (NCI_STATUS_OK);
765 }
766 /*******************************************************************************
767 **
768 ** Function         nci_snd_android_get_caps_cmd
769 **
770 ** Description      compose and send android GET_CAPS_COMMAND
771 **                  command to command queue
772 **
773 ** Returns          status
774 **
775 *******************************************************************************/
nci_snd_android_get_caps_cmd(void)776 uint8_t nci_snd_android_get_caps_cmd(void) {
777   NFC_HDR* p;
778   uint8_t* pp;
779   uint8_t param_size = 1;
780 
781   p = NCI_GET_CMD_BUF(param_size);
782   if (p == nullptr) return (NCI_STATUS_FAILED);
783 
784   p->event = BT_EVT_TO_NFC_NCI;
785   p->len = NCI_MSG_HDR_SIZE + param_size;
786   p->offset = NCI_MSG_OFFSET_SIZE;
787   p->layer_specific = 0;
788   pp = (uint8_t*)(p + 1) + p->offset;
789 
790   NCI_MSG_BLD_HDR0(pp, NCI_MT_CMD, NCI_GID_PROP);
791   NCI_MSG_BLD_HDR1(pp, NCI_MSG_PROP_ANDROID);
792   UINT8_TO_STREAM(pp, param_size);
793   UINT8_TO_STREAM(pp, NCI_ANDROID_GET_CAPS);
794 
795   nfc_ncif_send_cmd(p);
796   return (NCI_STATUS_OK);
797 }
798 #endif
799 #endif
800