1 /****************************************************************************** 2 * 3 * Copyright (C) 1999-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * this file contains the functions relating to link management. A "link" 22 * is a connection between this device and another device. Only ACL links 23 * are managed. 24 * 25 ******************************************************************************/ 26 27 #include <stdlib.h> 28 #include <string.h> 29 #include <stdio.h> 30 31 #include "gki.h" 32 #include "bt_types.h" 33 #include "hcimsgs.h" 34 #include "l2cdefs.h" 35 #include "l2c_int.h" 36 #include "l2c_api.h" 37 #include "btu.h" 38 #include "btm_api.h" 39 #include "btm_int.h" 40 41 static BOOLEAN l2c_link_send_to_lower (tL2C_LCB *p_lcb, BT_HDR *p_buf); 42 43 #define L2C_LINK_SEND_ACL_DATA(x) HCI_ACL_DATA_TO_LOWER((x)) 44 45 #if (BLE_INCLUDED == TRUE) 46 #define L2C_LINK_SEND_BLE_ACL_DATA(x) HCI_BLE_ACL_DATA_TO_LOWER((x)) 47 #endif 48 49 /******************************************************************************* 50 ** 51 ** Function l2c_link_hci_conn_req 52 ** 53 ** Description This function is called when an HCI Connection Request 54 ** event is received. 55 ** 56 ** Returns TRUE, if accept conn 57 ** 58 *******************************************************************************/ 59 BOOLEAN l2c_link_hci_conn_req (BD_ADDR bd_addr) 60 { 61 tL2C_LCB *p_lcb; 62 tL2C_LCB *p_lcb_cur; 63 int xx; 64 BOOLEAN no_links; 65 66 /* See if we have a link control block for the remote device */ 67 p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr); 68 69 /* If we don't have one, create one and accept the connection. */ 70 if (!p_lcb) 71 { 72 p_lcb = l2cu_allocate_lcb (bd_addr, FALSE); 73 if (!p_lcb) 74 { 75 btsnd_hcic_reject_conn (bd_addr, HCI_ERR_HOST_REJECT_RESOURCES); 76 L2CAP_TRACE_ERROR0 ("L2CAP failed to allocate LCB"); 77 return FALSE; 78 } 79 80 no_links = TRUE; 81 82 /* If we already have connection, accept as a master */ 83 for (xx = 0, p_lcb_cur = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS; xx++, p_lcb_cur++) 84 { 85 if (p_lcb_cur == p_lcb) 86 continue; 87 88 if (p_lcb_cur->in_use) 89 { 90 no_links = FALSE; 91 p_lcb->link_role = HCI_ROLE_MASTER; 92 break; 93 } 94 } 95 96 if (no_links) 97 { 98 if (!btm_dev_support_switch (bd_addr)) 99 p_lcb->link_role = HCI_ROLE_SLAVE; 100 else 101 p_lcb->link_role = l2cu_get_conn_role(p_lcb); 102 } 103 104 /* Tell the other side we accept the connection */ 105 btsnd_hcic_accept_conn (bd_addr, p_lcb->link_role); 106 107 p_lcb->link_state = LST_CONNECTING; 108 109 /* Start a timer waiting for connect complete */ 110 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_CONNECT_TOUT); 111 return (TRUE); 112 } 113 114 /* We already had a link control block to the guy. Check what state it is in */ 115 if ((p_lcb->link_state == LST_CONNECTING) || (p_lcb->link_state == LST_CONNECT_HOLDING)) 116 { 117 /* Connection collision. Accept the connection anyways. */ 118 119 if (!btm_dev_support_switch (bd_addr)) 120 p_lcb->link_role = HCI_ROLE_SLAVE; 121 else 122 p_lcb->link_role = l2cu_get_conn_role(p_lcb); 123 124 btsnd_hcic_accept_conn (bd_addr, p_lcb->link_role); 125 126 p_lcb->link_state = LST_CONNECTING; 127 return (TRUE); 128 } 129 else if (p_lcb->link_state == LST_DISCONNECTING) 130 { 131 /* In disconnecting state, reject the connection. */ 132 btsnd_hcic_reject_conn (bd_addr, HCI_ERR_HOST_REJECT_DEVICE); 133 } 134 else 135 { 136 L2CAP_TRACE_ERROR0 ("L2CAP got conn_req while connected"); 137 } 138 return (FALSE); 139 } 140 141 /******************************************************************************* 142 ** 143 ** Function l2c_link_hci_conn_comp 144 ** 145 ** Description This function is called when an HCI Connection Complete 146 ** event is received. 147 ** 148 ** Returns void 149 ** 150 *******************************************************************************/ 151 BOOLEAN l2c_link_hci_conn_comp (UINT8 status, UINT16 handle, BD_ADDR p_bda) 152 { 153 tL2C_CONN_INFO ci; 154 tL2C_LCB *p_lcb; 155 tL2C_CCB *p_ccb; 156 tBTM_SEC_DEV_REC *p_dev_info = NULL; 157 158 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE) 159 btm_acl_update_busy_level (BTM_BLI_PAGE_DONE_EVT); 160 #endif 161 162 /* Save the parameters */ 163 ci.status = status; 164 memcpy (ci.bd_addr, p_bda, BD_ADDR_LEN); 165 166 /* See if we have a link control block for the remote device */ 167 p_lcb = l2cu_find_lcb_by_bd_addr (ci.bd_addr); 168 169 /* If we don't have one, this is an error */ 170 if (!p_lcb) 171 { 172 L2CAP_TRACE_WARNING0 ("L2CAP got conn_comp for unknown BD_ADDR"); 173 return (FALSE); 174 } 175 176 if (p_lcb->link_state != LST_CONNECTING) 177 { 178 L2CAP_TRACE_ERROR2 ("L2CAP got conn_comp in bad state: %d status: 0x%d", p_lcb->link_state, status); 179 180 if (status != HCI_SUCCESS) 181 l2c_link_hci_disc_comp (p_lcb->handle, status); 182 183 return (FALSE); 184 } 185 186 /* Save the handle */ 187 p_lcb->handle = handle; 188 189 if (ci.status == HCI_SUCCESS) 190 { 191 /* Connected OK. Change state to connected */ 192 p_lcb->link_state = LST_CONNECTED; 193 194 /* Get the peer information if the l2cap flow-control/rtrans is supported */ 195 l2cu_send_peer_info_req (p_lcb, L2CAP_EXTENDED_FEATURES_INFO_TYPE); 196 197 /* Tell BTM Acl management about the link */ 198 if ((p_dev_info = btm_find_dev (p_bda)) != NULL) 199 btm_acl_created (ci.bd_addr, p_dev_info->dev_class, 200 p_dev_info->sec_bd_name, handle, 201 p_lcb->link_role, FALSE); 202 else 203 btm_acl_created (ci.bd_addr, NULL, NULL, handle, p_lcb->link_role, FALSE); 204 205 /* If dedicated bonding do not process any further */ 206 if (p_lcb->is_bonding) 207 { 208 if (l2cu_start_post_bond_timer(handle)) 209 return (TRUE); 210 } 211 212 /* Update the timeouts in the hold queue */ 213 l2c_process_held_packets(FALSE); 214 215 btu_stop_timer (&p_lcb->timer_entry); 216 217 /* For all channels, send the event through their FSMs */ 218 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 219 { 220 l2c_csm_execute (p_ccb, L2CEVT_LP_CONNECT_CFM, &ci); 221 } 222 223 if (p_lcb->p_echo_rsp_cb) 224 { 225 l2cu_send_peer_echo_req (p_lcb, NULL, 0); 226 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_ECHO_RSP_TOUT); 227 } 228 else if (!p_lcb->ccb_queue.p_first_ccb) 229 { 230 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_STARTUP_TOUT); 231 } 232 } 233 /* Max number of acl connections. */ 234 /* If there's an lcb disconnecting set this one to holding */ 235 else if ((ci.status == HCI_ERR_MAX_NUM_OF_CONNECTIONS) && l2cu_lcb_disconnecting()) 236 { 237 p_lcb->link_state = LST_CONNECT_HOLDING; 238 p_lcb->handle = HCI_INVALID_HANDLE; 239 } 240 else 241 { 242 /* Just in case app decides to try again in the callback context */ 243 p_lcb->link_state = LST_DISCONNECTING; 244 245 /* Connection failed. For all channels, send the event through */ 246 /* their FSMs. The CCBs should remove themselves from the LCB */ 247 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; ) 248 { 249 tL2C_CCB *pn = p_ccb->p_next_ccb; 250 251 l2c_csm_execute (p_ccb, L2CEVT_LP_CONNECT_CFM_NEG, &ci); 252 253 p_ccb = pn; 254 } 255 256 p_lcb->disc_reason = status; 257 /* Release the LCB */ 258 if (p_lcb->ccb_queue.p_first_ccb == NULL) 259 l2cu_release_lcb (p_lcb); 260 else /* there are any CCBs remaining */ 261 { 262 if (ci.status == HCI_ERR_CONNECTION_EXISTS) 263 { 264 /* we are in collision situation, wait for connecttion request from controller */ 265 p_lcb->link_state = LST_CONNECTING; 266 } 267 else 268 { 269 l2cu_create_conn(p_lcb); 270 } 271 } 272 } 273 return (TRUE); 274 } 275 276 277 /******************************************************************************* 278 ** 279 ** Function l2c_link_sec_comp 280 ** 281 ** Description This function is called when required security procedures 282 ** are completed. 283 ** 284 ** Returns void 285 ** 286 *******************************************************************************/ 287 void l2c_link_sec_comp (BD_ADDR p_bda, void *p_ref_data, UINT8 status) 288 { 289 tL2C_CONN_INFO ci; 290 tL2C_LCB *p_lcb; 291 tL2C_CCB *p_ccb; 292 tL2C_CCB *p_next_ccb; 293 UINT8 event; 294 295 L2CAP_TRACE_DEBUG2 ("l2c_link_sec_comp: %d, 0x%x", status, p_ref_data); 296 297 if (status == BTM_SUCCESS_NO_SECURITY) 298 status = BTM_SUCCESS; 299 300 /* Save the parameters */ 301 ci.status = status; 302 memcpy (ci.bd_addr, p_bda, BD_ADDR_LEN); 303 304 p_lcb = l2cu_find_lcb_by_bd_addr (p_bda); 305 306 /* If we don't have one, this is an error */ 307 if (!p_lcb) 308 { 309 L2CAP_TRACE_WARNING0 ("L2CAP got sec_comp for unknown BD_ADDR"); 310 return; 311 } 312 313 /* Match p_ccb with p_ref_data returned by sec manager */ 314 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_next_ccb) 315 { 316 p_next_ccb = p_ccb->p_next_ccb; 317 318 if (p_ccb == p_ref_data) 319 { 320 switch(status) 321 { 322 case BTM_SUCCESS: 323 L2CAP_TRACE_DEBUG1 ("ccb timer ticks: %u", p_ccb->timer_entry.ticks); 324 event = L2CEVT_SEC_COMP; 325 break; 326 327 case BTM_DELAY_CHECK: 328 /* start a timer - encryption change not received before L2CAP connect req */ 329 btu_start_timer (&p_ccb->timer_entry, BTU_TTYPE_L2CAP_CHNL, L2CAP_DELAY_CHECK_SM4); 330 return; 331 332 default: 333 event = L2CEVT_SEC_COMP_NEG; 334 } 335 l2c_csm_execute (p_ccb, event, &ci); 336 break; 337 } 338 } 339 } 340 341 342 /******************************************************************************* 343 ** 344 ** Function l2c_link_hci_disc_comp 345 ** 346 ** Description This function is called when an HCI Disconnect Complete 347 ** event is received. 348 ** 349 ** Returns TRUE if the link is known about, else FALSE 350 ** 351 *******************************************************************************/ 352 BOOLEAN l2c_link_hci_disc_comp (UINT16 handle, UINT8 reason) 353 { 354 tL2C_LCB *p_lcb; 355 tL2C_CCB *p_ccb; 356 BOOLEAN status = TRUE; 357 BOOLEAN lcb_is_free = TRUE; 358 359 /* See if we have a link control block for the connection */ 360 p_lcb = l2cu_find_lcb_by_handle (handle); 361 362 /* If we don't have one, maybe an SCO link. Send to MM */ 363 if (!p_lcb) 364 { 365 status = FALSE; 366 } 367 else 368 { 369 /* There can be a case when we rejected PIN code authentication */ 370 /* otherwise save a new reason */ 371 if (btm_cb.acl_disc_reason != HCI_ERR_HOST_REJECT_SECURITY) 372 btm_cb.acl_disc_reason = reason; 373 374 p_lcb->disc_reason = btm_cb.acl_disc_reason; 375 376 /* Just in case app decides to try again in the callback context */ 377 p_lcb->link_state = LST_DISCONNECTING; 378 379 /* Link is disconnected. For all channels, send the event through */ 380 /* their FSMs. The CCBs should remove themselves from the LCB */ 381 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; ) 382 { 383 tL2C_CCB *pn = p_ccb->p_next_ccb; 384 385 /* Keep connect pending control block (if exists) 386 * Possible Race condition when a reconnect occurs 387 * on the channel during a disconnect of link. This 388 * ccb will be automatically retried after link disconnect 389 * arrives 390 */ 391 if (p_ccb != p_lcb->p_pending_ccb) 392 { 393 l2c_csm_execute (p_ccb, L2CEVT_LP_DISCONNECT_IND, &reason); 394 } 395 p_ccb = pn; 396 } 397 398 #if BTM_SCO_INCLUDED == TRUE 399 /* Tell SCO management to drop any SCOs on this ACL */ 400 btm_sco_acl_removed (p_lcb->remote_bd_addr); 401 #endif 402 403 /* If waiting for disconnect and reconnect is pending start the reconnect now 404 race condition where layer above issued connect request on link that was 405 disconnecting 406 */ 407 if (p_lcb->ccb_queue.p_first_ccb != NULL) 408 { 409 #if (L2CAP_NUM_FIXED_CHNLS > 0) 410 /* If we are going to re-use the LCB without dropping it, release all fixed channels here */ 411 int xx; 412 413 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 414 { 415 if (p_lcb->p_fixed_ccbs[xx]) 416 { 417 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason); 418 l2cu_release_ccb (p_lcb->p_fixed_ccbs[xx]); 419 420 p_lcb->p_fixed_ccbs[xx] = NULL; 421 } 422 } 423 #endif 424 L2CAP_TRACE_DEBUG0("l2c_link_hci_disc_comp: Restarting pending ACL request"); 425 426 if (l2cu_create_conn(p_lcb)) 427 lcb_is_free = FALSE; /* still using this lcb */ 428 } 429 430 p_lcb->p_pending_ccb = NULL; 431 432 /* Release the LCB */ 433 if (lcb_is_free) 434 l2cu_release_lcb (p_lcb); 435 } 436 437 /* Now that we have a free acl connection, see if any lcbs are pending */ 438 if (lcb_is_free && ((p_lcb = l2cu_find_lcb_by_state(LST_CONNECT_HOLDING)) != NULL)) 439 { 440 /* we found one-- create a connection */ 441 l2cu_create_conn(p_lcb); 442 } 443 444 return status; 445 } 446 447 448 /******************************************************************************* 449 ** 450 ** Function l2c_link_hci_qos_violation 451 ** 452 ** Description This function is called when an HCI QOS Violation 453 ** event is received. 454 ** 455 ** Returns TRUE if the link is known about, else FALSE 456 ** 457 *******************************************************************************/ 458 BOOLEAN l2c_link_hci_qos_violation (UINT16 handle) 459 { 460 tL2C_LCB *p_lcb; 461 tL2C_CCB *p_ccb; 462 463 /* See if we have a link control block for the connection */ 464 p_lcb = l2cu_find_lcb_by_handle (handle); 465 466 /* If we don't have one, maybe an SCO link. */ 467 if (!p_lcb) 468 return (FALSE); 469 470 /* For all channels, tell the upper layer about it */ 471 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 472 { 473 if (p_ccb->p_rcb->api.pL2CA_QoSViolationInd_Cb) 474 l2c_csm_execute (p_ccb, L2CEVT_LP_QOS_VIOLATION_IND, NULL); 475 } 476 477 return (TRUE); 478 } 479 480 481 482 /******************************************************************************* 483 ** 484 ** Function l2c_link_timeout 485 ** 486 ** Description This function is called when a link timer expires 487 ** 488 ** Returns void 489 ** 490 *******************************************************************************/ 491 void l2c_link_timeout (tL2C_LCB *p_lcb) 492 { 493 tL2C_CCB *p_ccb; 494 UINT16 timeout; 495 tBTM_STATUS rc; 496 497 L2CAP_TRACE_EVENT3 ("L2CAP - l2c_link_timeout() link state %d first CCB %p is_bonding:%d", 498 p_lcb->link_state, p_lcb->ccb_queue.p_first_ccb, p_lcb->is_bonding); 499 500 /* If link was connecting or disconnecting, clear all channels and drop the LCB */ 501 if ((p_lcb->link_state == LST_CONNECTING_WAIT_SWITCH) || 502 (p_lcb->link_state == LST_CONNECTING) || 503 (p_lcb->link_state == LST_CONNECT_HOLDING) || 504 (p_lcb->link_state == LST_DISCONNECTING)) 505 { 506 p_lcb->p_pending_ccb = NULL; 507 508 /* For all channels, send a disconnect indication event through */ 509 /* their FSMs. The CCBs should remove themselves from the LCB */ 510 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; ) 511 { 512 tL2C_CCB *pn = p_ccb->p_next_ccb; 513 514 l2c_csm_execute (p_ccb, L2CEVT_LP_DISCONNECT_IND, NULL); 515 516 p_ccb = pn; 517 } 518 #if (BLE_INCLUDED == TRUE) 519 if (p_lcb->link_state == LST_CONNECTING && 520 l2cb.is_ble_connecting == TRUE) 521 { 522 L2CA_CancelBleConnectReq(l2cb.ble_connecting_bda); 523 } 524 #endif 525 /* Release the LCB */ 526 l2cu_release_lcb (p_lcb); 527 } 528 529 /* If link is connected, check for inactivity timeout */ 530 if (p_lcb->link_state == LST_CONNECTED) 531 { 532 /* Check for ping outstanding */ 533 if (p_lcb->p_echo_rsp_cb) 534 { 535 tL2CA_ECHO_RSP_CB *p_cb = p_lcb->p_echo_rsp_cb; 536 537 /* Zero out the callback in case app immediately calls us again */ 538 p_lcb->p_echo_rsp_cb = NULL; 539 540 (*p_cb) (L2CAP_PING_RESULT_NO_RESP); 541 542 L2CAP_TRACE_WARNING0 ("L2CAP - ping timeout"); 543 544 /* For all channels, send a disconnect indication event through */ 545 /* their FSMs. The CCBs should remove themselves from the LCB */ 546 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; ) 547 { 548 tL2C_CCB *pn = p_ccb->p_next_ccb; 549 550 l2c_csm_execute (p_ccb, L2CEVT_LP_DISCONNECT_IND, NULL); 551 552 p_ccb = pn; 553 } 554 } 555 556 /* If no channels in use, drop the link. */ 557 if (!p_lcb->ccb_queue.p_first_ccb) 558 { 559 rc = btm_sec_disconnect (p_lcb->handle, HCI_ERR_PEER_USER); 560 561 if (rc == BTM_CMD_STORED) 562 { 563 /* Security Manager will take care of disconnecting, state will be updated at that time */ 564 timeout = 0xFFFF; 565 } 566 else if (rc == BTM_CMD_STARTED) 567 { 568 p_lcb->link_state = LST_DISCONNECTING; 569 timeout = L2CAP_LINK_DISCONNECT_TOUT; 570 } 571 else if (rc == BTM_SUCCESS) 572 { 573 /* BTM SEC will make sure that link is release (probably after pairing is done) */ 574 p_lcb->link_state = LST_DISCONNECTING; 575 timeout = 0xFFFF; 576 } 577 else if (rc == BTM_BUSY) 578 { 579 /* BTM is still executing security process. Let lcb stay as connected */ 580 timeout = 0xFFFF; 581 } 582 else if ((p_lcb->is_bonding) 583 && (btsnd_hcic_disconnect (p_lcb->handle, HCI_ERR_PEER_USER))) 584 { 585 p_lcb->link_state = LST_DISCONNECTING; 586 timeout = L2CAP_LINK_DISCONNECT_TOUT; 587 } 588 else 589 { 590 /* probably no buffer to send disconnect */ 591 timeout = BT_1SEC_TIMEOUT; 592 } 593 594 if (timeout != 0xFFFF) 595 { 596 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, timeout); 597 } 598 } 599 else 600 { 601 /* Check in case we were flow controlled */ 602 l2c_link_check_send_pkts (p_lcb, NULL, NULL); 603 } 604 } 605 } 606 607 /******************************************************************************* 608 ** 609 ** Function l2c_info_timeout 610 ** 611 ** Description This function is called when an info request times out 612 ** 613 ** Returns void 614 ** 615 *******************************************************************************/ 616 void l2c_info_timeout (tL2C_LCB *p_lcb) 617 { 618 tL2C_CCB *p_ccb; 619 tL2C_CONN_INFO ci; 620 621 /* If we timed out waiting for info response, just continue using basic if allowed */ 622 if (p_lcb->w4_info_rsp) 623 { 624 /* If waiting for security complete, restart the info response timer */ 625 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 626 { 627 if ( (p_ccb->chnl_state == CST_ORIG_W4_SEC_COMP) || (p_ccb->chnl_state == CST_TERM_W4_SEC_COMP) ) 628 { 629 btu_start_timer (&p_lcb->info_timer_entry, BTU_TTYPE_L2CAP_INFO, L2CAP_WAIT_INFO_RSP_TOUT); 630 return; 631 } 632 } 633 634 p_lcb->w4_info_rsp = FALSE; 635 636 /* If link is in process of being brought up */ 637 if ((p_lcb->link_state != LST_DISCONNECTED) && 638 (p_lcb->link_state != LST_DISCONNECTING)) 639 { 640 /* Notify active channels that peer info is finished */ 641 if (p_lcb->ccb_queue.p_first_ccb) 642 { 643 ci.status = HCI_SUCCESS; 644 memcpy (ci.bd_addr, p_lcb->remote_bd_addr, sizeof(BD_ADDR)); 645 646 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 647 { 648 l2c_csm_execute (p_ccb, L2CEVT_L2CAP_INFO_RSP, &ci); 649 } 650 } 651 } 652 } 653 } 654 655 /******************************************************************************* 656 ** 657 ** Function l2c_link_adjust_allocation 658 ** 659 ** Description This function is called when a link is created or removed 660 ** to calculate the amount of packets each link may send to 661 ** the HCI without an ack coming back. 662 ** 663 ** Currently, this is a simple allocation, dividing the 664 ** number of Controller Packets by the number of links. In 665 ** the future, QOS configuration should be examined. 666 ** 667 ** Returns void 668 ** 669 *******************************************************************************/ 670 void l2c_link_adjust_allocation (void) 671 { 672 UINT16 qq, yy, qq_remainder; 673 tL2C_LCB *p_lcb; 674 UINT16 hi_quota, low_quota; 675 UINT16 num_lowpri_links = 0; 676 UINT16 num_hipri_links = 0; 677 UINT16 controller_xmit_quota = l2cb.num_lm_acl_bufs; 678 UINT16 high_pri_link_quota = L2CAP_HIGH_PRI_MIN_XMIT_QUOTA_A; 679 680 /* If no links active, nothing to do. */ 681 if (l2cb.num_links_active == 0) 682 { 683 l2cb.controller_xmit_window = l2cb.num_lm_acl_bufs; 684 l2cb.round_robin_quota = l2cb.round_robin_unacked = 0; 685 return; 686 } 687 688 /* First, count the links */ 689 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++) 690 { 691 if (p_lcb->in_use) 692 { 693 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) 694 num_hipri_links++; 695 else 696 num_lowpri_links++; 697 } 698 } 699 700 /* now adjust high priority link quota */ 701 low_quota = num_lowpri_links ? 1 : 0; 702 while ( (num_hipri_links * high_pri_link_quota + low_quota) > controller_xmit_quota ) 703 high_pri_link_quota--; 704 705 /* Work out the xmit quota and buffer quota high and low priorities */ 706 hi_quota = num_hipri_links * high_pri_link_quota; 707 low_quota = (hi_quota < controller_xmit_quota) ? controller_xmit_quota - hi_quota : 1; 708 709 /* Work out and save the HCI xmit quota for each low priority link */ 710 711 /* If each low priority link cannot have at least one buffer */ 712 if (num_lowpri_links > low_quota) 713 { 714 l2cb.round_robin_quota = low_quota; 715 qq = qq_remainder = 0; 716 } 717 /* If each low priority link can have at least one buffer */ 718 else if (num_lowpri_links > 0) 719 { 720 l2cb.round_robin_quota = 0; 721 l2cb.round_robin_unacked = 0; 722 qq = low_quota / num_lowpri_links; 723 qq_remainder = low_quota % num_lowpri_links; 724 } 725 /* If no low priority link */ 726 else 727 { 728 l2cb.round_robin_quota = 0; 729 l2cb.round_robin_unacked = 0; 730 qq = qq_remainder = 0; 731 } 732 733 L2CAP_TRACE_EVENT5 ("l2c_link_adjust_allocation num_hipri: %u num_lowpri: %u low_quota: %u round_robin_quota: %u qq: %u", 734 num_hipri_links, num_lowpri_links, low_quota, 735 l2cb.round_robin_quota, qq); 736 737 /* Now, assign the quotas to each link */ 738 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++) 739 { 740 if (p_lcb->in_use) 741 { 742 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) 743 { 744 p_lcb->link_xmit_quota = high_pri_link_quota; 745 } 746 else 747 { 748 /* Safety check in case we switched to round-robin with something outstanding */ 749 /* if sent_not_acked is added into round_robin_unacked then don't add it again */ 750 /* l2cap keeps updating sent_not_acked for exiting from round robin */ 751 if (( p_lcb->link_xmit_quota > 0 )&&( qq == 0 )) 752 l2cb.round_robin_unacked += p_lcb->sent_not_acked; 753 754 p_lcb->link_xmit_quota = qq; 755 if (qq_remainder > 0) 756 { 757 p_lcb->link_xmit_quota++; 758 qq_remainder--; 759 } 760 } 761 762 #if L2CAP_HOST_FLOW_CTRL 763 p_lcb->link_ack_thresh = L2CAP_HOST_FC_ACL_BUFS / l2cb.num_links_active; 764 #endif 765 L2CAP_TRACE_EVENT3 ("l2c_link_adjust_allocation LCB %d Priority: %d XmitQuota: %d", 766 yy, p_lcb->acl_priority, p_lcb->link_xmit_quota); 767 768 L2CAP_TRACE_EVENT2 (" SentNotAcked: %d RRUnacked: %d", 769 p_lcb->sent_not_acked, l2cb.round_robin_unacked); 770 771 /* There is a special case where we have readjusted the link quotas and */ 772 /* this link may have sent anything but some other link sent packets so */ 773 /* so we may need a timer to kick off this link's transmissions. */ 774 if ( (p_lcb->link_state == LST_CONNECTED) 775 && (p_lcb->link_xmit_data_q.count) 776 && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota) ) 777 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_FLOW_CONTROL_TOUT); 778 } 779 } 780 781 } 782 783 /******************************************************************************* 784 ** 785 ** Function l2c_link_adjust_chnl_allocation 786 ** 787 ** Description This function is called to calculate the amount of packets each 788 ** non-F&EC channel may have outstanding. 789 ** 790 ** Currently, this is a simple allocation, dividing the number 791 ** of packets allocated to the link by the number of channels. In 792 ** the future, QOS configuration should be examined. 793 ** 794 ** Returns void 795 ** 796 *******************************************************************************/ 797 void l2c_link_adjust_chnl_allocation (void) 798 { 799 tL2C_CCB *p_ccb; 800 UINT8 xx; 801 802 UINT16 weighted_chnls[GKI_NUM_TOTAL_BUF_POOLS]; 803 UINT16 quota_per_weighted_chnls[GKI_NUM_TOTAL_BUF_POOLS]; 804 UINT16 reserved_buff[GKI_NUM_TOTAL_BUF_POOLS]; 805 806 L2CAP_TRACE_DEBUG0 ("l2c_link_adjust_chnl_allocation"); 807 808 /* initialize variables */ 809 for (xx = 0; xx < GKI_NUM_TOTAL_BUF_POOLS; xx++ ) 810 { 811 weighted_chnls[xx] = 0; 812 reserved_buff[xx] = 0; 813 } 814 815 /* add up all of tx and rx data rate requirement */ 816 /* channel required higher data rate will get more buffer quota */ 817 for (xx = 0; xx < MAX_L2CAP_CHANNELS; xx++) 818 { 819 p_ccb = l2cb.ccb_pool + xx; 820 821 if (!p_ccb->in_use) 822 continue; 823 824 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_BASIC_MODE) 825 { 826 weighted_chnls[p_ccb->ertm_info.user_tx_pool_id] += p_ccb->tx_data_rate; 827 weighted_chnls[p_ccb->ertm_info.user_rx_pool_id] += p_ccb->rx_data_rate; 828 829 if (p_ccb->ertm_info.fcr_tx_pool_id == HCI_ACL_POOL_ID) 830 { 831 /* reserve buffers only for wait_for_ack_q to maximize throughput */ 832 /* retrans_q will work based on buffer status */ 833 reserved_buff[HCI_ACL_POOL_ID] += p_ccb->peer_cfg.fcr.tx_win_sz; 834 } 835 836 if (p_ccb->ertm_info.fcr_rx_pool_id == HCI_ACL_POOL_ID) 837 { 838 /* reserve buffers for srej_rcv_hold_q */ 839 reserved_buff[HCI_ACL_POOL_ID] += p_ccb->peer_cfg.fcr.tx_win_sz; 840 } 841 } 842 else 843 { 844 /* low data rate is 1, medium is 2, high is 3 and no traffic is 0 */ 845 weighted_chnls[HCI_ACL_POOL_ID] += p_ccb->tx_data_rate + p_ccb->rx_data_rate; 846 } 847 } 848 849 850 /* get unit quota per pool */ 851 for (xx = 0; xx < GKI_NUM_TOTAL_BUF_POOLS; xx++ ) 852 { 853 if ( weighted_chnls[xx] > 0 ) 854 { 855 if (GKI_poolcount(xx) > reserved_buff[xx]) 856 quota_per_weighted_chnls[xx] = ((GKI_poolcount(xx) - reserved_buff[xx])/weighted_chnls[xx]) + 1; 857 else 858 quota_per_weighted_chnls[xx] = 1; 859 860 L2CAP_TRACE_DEBUG5 ("POOL ID:%d, GKI_poolcount = %d, reserved_buff = %d, weighted_chnls = %d, quota_per_weighted_chnls = %d", 861 xx, GKI_poolcount(xx), reserved_buff[xx], weighted_chnls[xx], quota_per_weighted_chnls[xx] ); 862 } 863 else 864 quota_per_weighted_chnls[xx] = 0; 865 } 866 867 868 /* assign buffer quota to each channel based on its data rate requirement */ 869 for (xx = 0; xx < MAX_L2CAP_CHANNELS; xx++) 870 { 871 p_ccb = l2cb.ccb_pool + xx; 872 873 if (!p_ccb->in_use) 874 continue; 875 876 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_BASIC_MODE) 877 { 878 p_ccb->buff_quota = quota_per_weighted_chnls[p_ccb->ertm_info.user_tx_pool_id] * p_ccb->tx_data_rate; 879 880 L2CAP_TRACE_EVENT6 ("CID:0x%04x FCR Mode:%u UserTxPool:%u Priority:%u TxDataRate:%u Quota:%u", 881 p_ccb->local_cid, p_ccb->peer_cfg.fcr.mode, p_ccb->ertm_info.user_tx_pool_id, 882 p_ccb->ccb_priority, p_ccb->tx_data_rate, p_ccb->buff_quota); 883 884 } 885 else 886 { 887 p_ccb->buff_quota = quota_per_weighted_chnls[HCI_ACL_POOL_ID] * p_ccb->tx_data_rate; 888 889 L2CAP_TRACE_EVENT4 ("CID:0x%04x Priority:%u TxDataRate:%u Quota:%u", 890 p_ccb->local_cid, 891 p_ccb->ccb_priority, p_ccb->tx_data_rate, p_ccb->buff_quota); 892 } 893 894 /* quota may be change so check congestion */ 895 l2cu_check_channel_congestion (p_ccb); 896 } 897 } 898 899 /******************************************************************************* 900 ** 901 ** Function l2c_link_processs_num_bufs 902 ** 903 ** Description This function is called when a "controller buffer size" 904 ** event is first received from the controller. It updates 905 ** the L2CAP values. 906 ** 907 ** Returns void 908 ** 909 *******************************************************************************/ 910 void l2c_link_processs_num_bufs (UINT16 num_lm_acl_bufs) 911 { 912 l2cb.num_lm_acl_bufs = l2cb.controller_xmit_window = num_lm_acl_bufs; 913 914 } 915 916 /******************************************************************************* 917 ** 918 ** Function l2c_link_pkts_rcvd 919 ** 920 ** Description This function is called from the HCI transport when it is time 921 ** tto send a "Host ready for packets" command. This is only when 922 ** host to controller flow control is used. If fills in the arrays 923 ** of numbers of packets and handles. 924 ** 925 ** Returns count of number of entries filled in 926 ** 927 *******************************************************************************/ 928 UINT8 l2c_link_pkts_rcvd (UINT16 *num_pkts, UINT16 *handles) 929 { 930 UINT8 num_found = 0; 931 932 #if (L2CAP_HOST_FLOW_CTRL == TRUE) 933 934 int xx; 935 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 936 937 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 938 { 939 if ((p_lcb->in_use) && (p_lcb->link_pkts_unacked)) 940 { 941 num_pkts[num_found] = p_lcb->link_pkts_unacked; 942 handles[num_found] = p_lcb->handle; 943 p_lcb->link_pkts_unacked = 0; 944 num_found++; 945 } 946 } 947 948 #endif 949 950 return (num_found); 951 } 952 953 /******************************************************************************* 954 ** 955 ** Function l2c_link_role_changed 956 ** 957 ** Description This function is called whan a link's master/slave role change 958 ** event is received. It simply updates the link control block. 959 ** 960 ** Returns void 961 ** 962 *******************************************************************************/ 963 void l2c_link_role_changed (BD_ADDR bd_addr, UINT8 new_role, UINT8 hci_status) 964 { 965 tL2C_LCB *p_lcb; 966 int xx; 967 968 /* Make sure not called from HCI Command Status (bd_addr and new_role are invalid) */ 969 if (bd_addr) 970 { 971 /* If here came form hci role change event */ 972 p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr); 973 if (p_lcb) 974 { 975 p_lcb->link_role = new_role; 976 977 /* Reset high priority link if needed */ 978 if (hci_status == HCI_SUCCESS) 979 l2cu_set_acl_priority(bd_addr, p_lcb->acl_priority, TRUE); 980 } 981 } 982 983 /* Check if any LCB was waiting for switch to be completed */ 984 for (xx = 0, p_lcb = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 985 { 986 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTING_WAIT_SWITCH)) 987 { 988 l2cu_create_conn_after_switch (p_lcb); 989 } 990 } 991 } 992 993 /******************************************************************************* 994 ** 995 ** Function l2c_pin_code_request 996 ** 997 ** Description This function is called whan a pin-code request is received 998 ** on a connection. If there are no channels active yet on the 999 ** link, it extends the link first connection timer. Make sure 1000 ** that inactivity timer is not extended if PIN code happens 1001 ** to be after last ccb released. 1002 ** 1003 ** Returns void 1004 ** 1005 *******************************************************************************/ 1006 void l2c_pin_code_request (BD_ADDR bd_addr) 1007 { 1008 tL2C_LCB *p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr); 1009 1010 if ( (p_lcb) && (!p_lcb->ccb_queue.p_first_ccb) ) 1011 { 1012 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_CONNECT_TOUT_EXT); 1013 } 1014 } 1015 1016 #if ((BTM_PWR_MGR_INCLUDED == TRUE) && L2CAP_WAKE_PARKED_LINK == TRUE) 1017 /******************************************************************************* 1018 ** 1019 ** Function l2c_link_check_power_mode 1020 ** 1021 ** Description This function is called to check power mode. 1022 ** 1023 ** Returns TRUE if link is going to be active from park 1024 ** FALSE if nothing to send or not in park mode 1025 ** 1026 *******************************************************************************/ 1027 BOOLEAN l2c_link_check_power_mode (tL2C_LCB *p_lcb) 1028 { 1029 tBTM_PM_MODE mode; 1030 tBTM_PM_PWR_MD pm; 1031 tL2C_CCB *p_ccb; 1032 BOOLEAN need_to_active = FALSE; 1033 1034 /* 1035 * We only switch park to active only if we have unsent packets 1036 */ 1037 if ( p_lcb->link_xmit_data_q.count == 0 ) 1038 { 1039 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 1040 { 1041 if (p_ccb->xmit_hold_q.count != 0) 1042 { 1043 need_to_active = TRUE; 1044 break; 1045 } 1046 } 1047 } 1048 else 1049 need_to_active = TRUE; 1050 1051 /* if we have packets to send */ 1052 if ( need_to_active ) 1053 { 1054 /* check power mode */ 1055 if (BTM_ReadPowerMode(p_lcb->remote_bd_addr, &mode) == BTM_SUCCESS) 1056 { 1057 /* 1058 if ( mode == BTM_PM_MD_PARK ) 1059 { 1060 L2CAP_TRACE_DEBUG1 ("LCB(0x%x) is in park mode", p_lcb->handle); 1061 // Coverity: 1062 // FALSE-POSITIVE error from Coverity test tool. Please do NOT remove following comment. 1063 // coverity[uninit_use_in_call] False-positive: setting the mode to BTM_PM_MD_ACTIVE only uses settings.mode 1064 the other data members of tBTM_PM_PWR_MD are ignored 1065 1066 memset((void*)&pm, 0, sizeof(pm)); 1067 pm.mode = BTM_PM_MD_ACTIVE; 1068 BTM_SetPowerMode(BTM_PM_SET_ONLY_ID, p_lcb->remote_bd_addr, &pm); 1069 btu_start_timer (&p_lcb->timer_entry, 1070 BTU_TTYPE_L2CAP_LINK, L2CAP_WAIT_UNPARK_TOUT); 1071 return TRUE; 1072 } 1073 */ 1074 if ( mode == BTM_PM_STS_PENDING ) 1075 { 1076 L2CAP_TRACE_DEBUG1 ("LCB(0x%x) is in PM pending state", p_lcb->handle); 1077 1078 btu_start_timer (&p_lcb->timer_entry, 1079 BTU_TTYPE_L2CAP_LINK, L2CAP_WAIT_UNPARK_TOUT); 1080 return TRUE; 1081 } 1082 } 1083 } 1084 return FALSE; 1085 } 1086 #endif /* ((BTM_PWR_MGR_INCLUDED == TRUE) && L2CAP_WAKE_PARKED_LINK == TRUE) */ 1087 1088 /******************************************************************************* 1089 ** 1090 ** Function l2c_link_check_send_pkts 1091 ** 1092 ** Description This function is called to check if it can send packets 1093 ** to the Host Controller. It may be passed the address of 1094 ** a packet to send. 1095 ** 1096 ** Returns void 1097 ** 1098 *******************************************************************************/ 1099 void l2c_link_check_send_pkts (tL2C_LCB *p_lcb, tL2C_CCB *p_ccb, BT_HDR *p_buf) 1100 { 1101 int xx; 1102 BOOLEAN single_write = FALSE; 1103 1104 /* Save the channel ID for faster counting */ 1105 if (p_buf) 1106 { 1107 if (p_ccb != NULL) 1108 { 1109 p_buf->event = p_ccb->local_cid; 1110 single_write = TRUE; 1111 } 1112 else 1113 p_buf->event = 0; 1114 1115 p_buf->layer_specific = 0; 1116 GKI_enqueue (&p_lcb->link_xmit_data_q, p_buf); 1117 1118 if (p_lcb->link_xmit_quota == 0) 1119 l2cb.check_round_robin = TRUE; 1120 } 1121 1122 /* If this is called from uncongested callback context break recursive calling. 1123 ** This LCB will be served when receiving number of completed packet event. 1124 */ 1125 if (l2cb.is_cong_cback_context) 1126 return; 1127 1128 /* If we are in a scenario where there are not enough buffers for each link to 1129 ** have at least 1, then do a round-robin for all the LCBs 1130 */ 1131 if ( (p_lcb == NULL) || (p_lcb->link_xmit_quota == 0) ) 1132 { 1133 if (p_lcb == NULL) 1134 p_lcb = l2cb.lcb_pool; 1135 else if (!single_write) 1136 p_lcb++; 1137 1138 /* Loop through, starting at the next */ 1139 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 1140 { 1141 /* If controller window is full, nothing to do */ 1142 if ( (l2cb.controller_xmit_window == 0 1143 #if (BLE_INCLUDED == TRUE) 1144 && !p_lcb->is_ble_link 1145 #endif 1146 ) 1147 #if (BLE_INCLUDED == TRUE) 1148 || (p_lcb->is_ble_link && l2cb.controller_le_xmit_window == 0 ) 1149 #endif 1150 || (l2cb.round_robin_unacked >= l2cb.round_robin_quota) ) 1151 break; 1152 1153 /* Check for wraparound */ 1154 if (p_lcb == &l2cb.lcb_pool[MAX_L2CAP_LINKS]) 1155 p_lcb = &l2cb.lcb_pool[0]; 1156 1157 if ( (!p_lcb->in_use) 1158 || (p_lcb->partial_segment_being_sent) 1159 || (p_lcb->link_state != LST_CONNECTED) 1160 || (p_lcb->link_xmit_quota != 0) 1161 || (L2C_LINK_CHECK_POWER_MODE (p_lcb)) ) 1162 continue; 1163 1164 /* See if we can send anything from the Link Queue */ 1165 if ((p_buf = (BT_HDR *)GKI_dequeue (&p_lcb->link_xmit_data_q)) != NULL) 1166 { 1167 l2c_link_send_to_lower (p_lcb, p_buf); 1168 } 1169 else if (single_write) 1170 { 1171 /* If only doing one write, break out */ 1172 break; 1173 } 1174 /* If nothing on the link queue, check the channel queue */ 1175 else if ((p_buf = l2cu_get_next_buffer_to_send (p_lcb)) != NULL) 1176 { 1177 l2c_link_send_to_lower (p_lcb, p_buf); 1178 } 1179 } 1180 1181 /* If we finished without using up our quota, no need for a safety check */ 1182 #if (BLE_INCLUDED == TRUE) 1183 if ( ((l2cb.controller_xmit_window > 0 && !p_lcb->is_ble_link) || 1184 (l2cb.controller_le_xmit_window > 0 && p_lcb->is_ble_link)) 1185 && (l2cb.round_robin_unacked < l2cb.round_robin_quota) ) 1186 #else 1187 if ( (l2cb.controller_xmit_window > 0) 1188 && (l2cb.round_robin_unacked < l2cb.round_robin_quota) ) 1189 1190 #endif 1191 l2cb.check_round_robin = FALSE; 1192 } 1193 else /* if this is not round-robin service */ 1194 { 1195 /* If a partial segment is being sent, can't send anything else */ 1196 if ( (p_lcb->partial_segment_being_sent) 1197 || (p_lcb->link_state != LST_CONNECTED) 1198 || (L2C_LINK_CHECK_POWER_MODE (p_lcb)) ) 1199 return; 1200 1201 /* See if we can send anything from the link queue */ 1202 #if (BLE_INCLUDED == TRUE) 1203 while ( ((l2cb.controller_xmit_window != 0 && !p_lcb->is_ble_link) || 1204 (l2cb.controller_le_xmit_window != 0 && p_lcb->is_ble_link)) 1205 && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) 1206 #else 1207 while ( (l2cb.controller_xmit_window != 0) 1208 && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) 1209 #endif 1210 { 1211 if ((p_buf = (BT_HDR *)GKI_dequeue (&p_lcb->link_xmit_data_q)) == NULL) 1212 break; 1213 1214 if (!l2c_link_send_to_lower (p_lcb, p_buf)) 1215 break; 1216 } 1217 1218 if (!single_write) 1219 { 1220 /* See if we can send anything for any channel */ 1221 #if (BLE_INCLUDED == TRUE) 1222 while ( ((l2cb.controller_xmit_window != 0 && !p_lcb->is_ble_link) || 1223 (l2cb.controller_le_xmit_window != 0 && p_lcb->is_ble_link)) 1224 && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) 1225 #else 1226 while ((l2cb.controller_xmit_window != 0) && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) 1227 #endif 1228 { 1229 if ((p_buf = l2cu_get_next_buffer_to_send (p_lcb)) == NULL) 1230 break; 1231 1232 if (!l2c_link_send_to_lower (p_lcb, p_buf)) 1233 break; 1234 } 1235 } 1236 1237 /* There is a special case where we have readjusted the link quotas and */ 1238 /* this link may have sent anything but some other link sent packets so */ 1239 /* so we may need a timer to kick off this link's transmissions. */ 1240 if ( (p_lcb->link_xmit_data_q.count) && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota) ) 1241 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_FLOW_CONTROL_TOUT); 1242 } 1243 1244 } 1245 1246 /******************************************************************************* 1247 ** 1248 ** Function l2c_link_send_to_lower 1249 ** 1250 ** Description This function queues the buffer for HCI transmission 1251 ** 1252 ** Returns TRUE for success, FALSE for fail 1253 ** 1254 *******************************************************************************/ 1255 static BOOLEAN l2c_link_send_to_lower (tL2C_LCB *p_lcb, BT_HDR *p_buf) 1256 { 1257 UINT16 num_segs; 1258 UINT16 xmit_window, acl_data_size; 1259 1260 #if (BLE_INCLUDED == TRUE) 1261 if ((!p_lcb->is_ble_link && (p_buf->len <= btu_cb.hcit_acl_pkt_size)) || 1262 (p_lcb->is_ble_link && (p_buf->len <= btu_cb.hcit_ble_acl_pkt_size))) 1263 #else 1264 if (p_buf->len <= btu_cb.hcit_acl_pkt_size) 1265 #endif 1266 { 1267 if (p_lcb->link_xmit_quota == 0) 1268 l2cb.round_robin_unacked++; 1269 1270 p_lcb->sent_not_acked++; 1271 p_buf->layer_specific = 0; 1272 1273 #if (BLE_INCLUDED == TRUE) 1274 if (p_lcb->is_ble_link) 1275 { 1276 l2cb.controller_le_xmit_window--; 1277 L2C_LINK_SEND_BLE_ACL_DATA (p_buf); 1278 } 1279 else 1280 #endif 1281 { 1282 l2cb.controller_xmit_window--; 1283 L2C_LINK_SEND_ACL_DATA (p_buf); 1284 } 1285 } 1286 else 1287 { 1288 #if BLE_INCLUDED == TRUE 1289 if (p_lcb->is_ble_link) 1290 { 1291 acl_data_size = btu_cb.hcit_ble_acl_data_size; 1292 xmit_window = l2cb.controller_le_xmit_window; 1293 1294 } 1295 else 1296 #endif 1297 { 1298 acl_data_size = btu_cb.hcit_acl_data_size; 1299 xmit_window = l2cb.controller_xmit_window; 1300 } 1301 num_segs = (p_buf->len - HCI_DATA_PREAMBLE_SIZE + acl_data_size - 1) / acl_data_size; 1302 1303 1304 /* If doing round-robin, then only 1 segment each time */ 1305 if (p_lcb->link_xmit_quota == 0) 1306 { 1307 num_segs = 1; 1308 p_lcb->partial_segment_being_sent = TRUE; 1309 } 1310 else 1311 { 1312 /* Multi-segment packet. Make sure it can fit */ 1313 if (num_segs > xmit_window) 1314 { 1315 num_segs = xmit_window; 1316 p_lcb->partial_segment_being_sent = TRUE; 1317 } 1318 1319 if (num_segs > (p_lcb->link_xmit_quota - p_lcb->sent_not_acked)) 1320 { 1321 num_segs = (p_lcb->link_xmit_quota - p_lcb->sent_not_acked); 1322 p_lcb->partial_segment_being_sent = TRUE; 1323 } 1324 } 1325 1326 p_buf->layer_specific = num_segs; 1327 #if BLE_INCLUDED == TRUE 1328 if (p_lcb->is_ble_link) 1329 { 1330 l2cb.controller_le_xmit_window -= num_segs; 1331 1332 } 1333 else 1334 #endif 1335 l2cb.controller_xmit_window -= num_segs; 1336 1337 if (p_lcb->link_xmit_quota == 0) 1338 l2cb.round_robin_unacked += num_segs; 1339 1340 p_lcb->sent_not_acked += num_segs; 1341 #if BLE_INCLUDED == TRUE 1342 if (p_lcb->is_ble_link) 1343 { 1344 L2C_LINK_SEND_BLE_ACL_DATA(p_buf); 1345 } 1346 else 1347 #endif 1348 { 1349 L2C_LINK_SEND_ACL_DATA (p_buf); 1350 } 1351 } 1352 1353 #if (L2CAP_HCI_FLOW_CONTROL_DEBUG == TRUE) 1354 #if (BLE_INCLUDED == TRUE) 1355 if (p_lcb->is_ble_link) 1356 { 1357 L2CAP_TRACE_DEBUG6 ("TotalWin=%d,Hndl=0x%x,Quota=%d,Unack=%d,RRQuota=%d,RRUnack=%d", 1358 l2cb.controller_le_xmit_window, 1359 p_lcb->handle, 1360 p_lcb->link_xmit_quota, p_lcb->sent_not_acked, 1361 l2cb.round_robin_quota, l2cb.round_robin_unacked); 1362 } 1363 else 1364 #endif 1365 { 1366 L2CAP_TRACE_DEBUG6 ("TotalWin=%d,Hndl=0x%x,Quota=%d,Unack=%d,RRQuota=%d,RRUnack=%d", 1367 l2cb.controller_xmit_window, 1368 p_lcb->handle, 1369 p_lcb->link_xmit_quota, p_lcb->sent_not_acked, 1370 l2cb.round_robin_quota, l2cb.round_robin_unacked); 1371 } 1372 #endif 1373 1374 return TRUE; 1375 } 1376 1377 /******************************************************************************* 1378 ** 1379 ** Function l2c_link_process_num_completed_pkts 1380 ** 1381 ** Description This function is called when a "number-of-completed-packets" 1382 ** event is received from the controller. It updates all the 1383 ** LCB transmit counts. 1384 ** 1385 ** Returns void 1386 ** 1387 *******************************************************************************/ 1388 void l2c_link_process_num_completed_pkts (UINT8 *p) 1389 { 1390 UINT8 num_handles, xx; 1391 UINT16 handle; 1392 UINT16 num_sent; 1393 tL2C_LCB *p_lcb; 1394 1395 STREAM_TO_UINT8 (num_handles, p); 1396 1397 for (xx = 0; xx < num_handles; xx++) 1398 { 1399 STREAM_TO_UINT16 (handle, p); 1400 STREAM_TO_UINT16 (num_sent, p); 1401 1402 p_lcb = l2cu_find_lcb_by_handle (handle); 1403 1404 /* Callback for number of completed packet event */ 1405 /* Originally designed for [3DSG] */ 1406 if((p_lcb != NULL) && (p_lcb->p_nocp_cb)) 1407 { 1408 L2CAP_TRACE_DEBUG0 ("L2CAP - calling NoCP callback"); 1409 (*p_lcb->p_nocp_cb)(p_lcb->remote_bd_addr); 1410 } 1411 1412 #if (BLE_INCLUDED == TRUE) 1413 if (p_lcb && p_lcb->is_ble_link) 1414 l2cb.controller_le_xmit_window += num_sent; 1415 else 1416 #endif 1417 { 1418 1419 /* Maintain the total window to the controller */ 1420 l2cb.controller_xmit_window += num_sent; 1421 } 1422 1423 if (p_lcb) 1424 { 1425 /* If doing round-robin, adjust communal counts */ 1426 if (p_lcb->link_xmit_quota == 0) 1427 { 1428 /* Don't go negative */ 1429 if (l2cb.round_robin_unacked > num_sent) 1430 l2cb.round_robin_unacked -= num_sent; 1431 else 1432 l2cb.round_robin_unacked = 0; 1433 } 1434 1435 /* Don't go negative */ 1436 if (p_lcb->sent_not_acked > num_sent) 1437 p_lcb->sent_not_acked -= num_sent; 1438 else 1439 p_lcb->sent_not_acked = 0; 1440 1441 l2c_link_check_send_pkts (p_lcb, NULL, NULL); 1442 1443 /* If we were doing round-robin for low priority links, check 'em */ 1444 if ( (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) 1445 && (l2cb.check_round_robin) 1446 && (l2cb.round_robin_unacked < l2cb.round_robin_quota) ) 1447 { 1448 l2c_link_check_send_pkts (NULL, NULL, NULL); 1449 } 1450 } 1451 1452 #if (L2CAP_HCI_FLOW_CONTROL_DEBUG == TRUE) 1453 if (p_lcb) 1454 { 1455 #if (BLE_INCLUDED == TRUE) 1456 if (p_lcb->is_ble_link) 1457 { 1458 L2CAP_TRACE_DEBUG5 ("TotalWin=%d,LinkUnack(0x%x)=%d,RRCheck=%d,RRUnack=%d", 1459 l2cb.controller_le_xmit_window, 1460 p_lcb->handle, p_lcb->sent_not_acked, 1461 l2cb.check_round_robin, l2cb.round_robin_unacked); 1462 } 1463 else 1464 #endif 1465 { 1466 L2CAP_TRACE_DEBUG5 ("TotalWin=%d,LinkUnack(0x%x)=%d,RRCheck=%d,RRUnack=%d", 1467 l2cb.controller_xmit_window, 1468 p_lcb->handle, p_lcb->sent_not_acked, 1469 l2cb.check_round_robin, l2cb.round_robin_unacked); 1470 1471 } 1472 } 1473 else 1474 { 1475 #if (BLE_INCLUDED == TRUE) 1476 L2CAP_TRACE_DEBUG5 ("TotalWin=%d LE_Win: %d, Handle=0x%x, RRCheck=%d, RRUnack=%d", 1477 l2cb.controller_xmit_window, 1478 l2cb.controller_le_xmit_window, 1479 handle, 1480 l2cb.check_round_robin, l2cb.round_robin_unacked); 1481 #else 1482 L2CAP_TRACE_DEBUG4 ("TotalWin=%d Handle=0x%x RRCheck=%d RRUnack=%d", 1483 l2cb.controller_xmit_window, 1484 handle, 1485 l2cb.check_round_robin, l2cb.round_robin_unacked); 1486 #endif 1487 } 1488 #endif 1489 } 1490 1491 #if (defined(HCILP_INCLUDED) && HCILP_INCLUDED == TRUE) 1492 /* only full stack can enable sleep mode */ 1493 btu_check_bt_sleep (); 1494 #endif 1495 } 1496 1497 /******************************************************************************* 1498 ** 1499 ** Function l2cap_link_chk_pkt_start 1500 ** 1501 ** Description This function is called from the HCI transport when the first 1502 ** 4 bytes of an HCI ACL packet have been received. It checks if the 1503 ** packet is the next segment of a fragmented L2CAP message. If it 1504 ** is, and the length is OK, it returns the address of the 1505 ** starting L2CAP message segment buffer. 1506 ** 1507 ** Returns the address of the receive buffer HCIT should use 1508 ** (CR419: Modified to return NULL in case of error.) 1509 ** 1510 ** NOTE This assumes that the L2CAP MTU size is less than the size 1511 ** of an HCI ACL buffer, so the maximum L2CAP message will fit 1512 ** into one buffer. 1513 ** 1514 *******************************************************************************/ 1515 BT_HDR *l2cap_link_chk_pkt_start (BT_HDR *p_cur_buf) 1516 { 1517 UINT8 *p; 1518 UINT16 handle; 1519 UINT16 hci_len; 1520 UINT16 pkt_type; 1521 tL2C_LCB *p_lcb; 1522 BT_HDR * p_return_buf; /* CR419: To avoid returning from too many places */ 1523 1524 1525 if (p_cur_buf) 1526 { 1527 p = (UINT8 *)(p_cur_buf + 1) + p_cur_buf->offset; 1528 } 1529 else 1530 { 1531 return (NULL); 1532 } 1533 1534 /* L2CAP expects all rcvd packets to have a layer-specific value of 0 */ 1535 p_cur_buf->layer_specific = 0; 1536 1537 STREAM_TO_UINT16 (handle, p); 1538 STREAM_TO_UINT16 (hci_len, p); 1539 1540 pkt_type = HCID_GET_EVENT (handle); 1541 handle = HCID_GET_HANDLE (handle); 1542 1543 l2cb.p_cur_hcit_lcb = NULL; 1544 1545 /* Find the link that is associated with this handle */ 1546 p_lcb = l2cu_find_lcb_by_handle (handle); 1547 1548 /* If no link for this handle, nothing to do. */ 1549 if (!p_lcb) 1550 return (p_cur_buf) ; 1551 1552 if (pkt_type == L2CAP_PKT_START) /*** START PACKET ***/ 1553 { 1554 /* Start of packet. If we were in the middle of receiving */ 1555 /* a packet, it is incomplete. Drop it. */ 1556 if (p_lcb->p_hcit_rcv_acl) 1557 { 1558 L2CAP_TRACE_WARNING0 ("L2CAP - dropping incomplete pkt"); 1559 GKI_freebuf (p_lcb->p_hcit_rcv_acl); 1560 p_lcb->p_hcit_rcv_acl = NULL; 1561 } 1562 1563 /* Save the active buffer address in the LCB */ 1564 if ((p_return_buf = p_cur_buf) != NULL) 1565 { 1566 p_lcb->p_hcit_rcv_acl = p_return_buf; 1567 l2cb.p_cur_hcit_lcb = p_lcb; 1568 } 1569 } 1570 else /*** CONTINUATION PACKET ***/ 1571 { 1572 /* Packet continuation. Check if we were expecting it */ 1573 if (p_lcb->p_hcit_rcv_acl) 1574 { 1575 UINT16 total_len; 1576 BT_HDR *p_base_buf = p_lcb->p_hcit_rcv_acl; 1577 UINT8 *p_f = (UINT8 *)(p_base_buf + 1) + p_base_buf->offset + 2; 1578 1579 STREAM_TO_UINT16 (total_len, p_f); 1580 1581 /* We were expecting the CONTINUATION packet. If length fits, it can go in the */ 1582 /* current buffer. */ 1583 if ((total_len + hci_len) <= (L2CAP_MTU_SIZE + HCI_DATA_PREAMBLE_SIZE)) 1584 { 1585 /* GKI_freebuf (p_cur_buf); CR419:Do not free it yet */ 1586 p_return_buf = p_lcb->p_hcit_rcv_acl; /* CR419: return base buffer */ 1587 l2cb.p_cur_hcit_lcb = p_lcb; 1588 1589 if ((p_cur_buf->len > HCI_DATA_PREAMBLE_SIZE)) 1590 { 1591 UINT8 * p = (UINT8 *)(p_cur_buf + 1) 1592 + p_cur_buf->offset 1593 + HCI_DATA_PREAMBLE_SIZE; 1594 UINT8 * p1 = (UINT8 *)(p_return_buf + 1) 1595 + p_return_buf->offset 1596 + p_return_buf->len; 1597 1598 /* Copy data from new buffer into base buffer then update the data */ 1599 /* count in the base buffer accordingly. */ 1600 memcpy (p1, p, p_cur_buf->len - HCI_DATA_PREAMBLE_SIZE); 1601 p_return_buf->len += (p_cur_buf->len - HCI_DATA_PREAMBLE_SIZE); 1602 } 1603 1604 GKI_freebuf (p_cur_buf); 1605 p_cur_buf = NULL; 1606 1607 /* Update HCI header of first segment (base buffer) with new length */ 1608 total_len += hci_len; 1609 p_f = (UINT8 *)(p_base_buf + 1) + p_base_buf->offset + 2; 1610 UINT16_TO_STREAM (p_f, total_len); 1611 } 1612 else 1613 { 1614 /* Packet too long. Drop the base packet */ 1615 L2CAP_TRACE_WARNING3 ("L2CAP - dropping too long pkt BufLen: %d total_len: %d hci_len: %d", 1616 p_lcb->p_hcit_rcv_acl->len, total_len, hci_len); 1617 1618 GKI_freebuf (p_lcb->p_hcit_rcv_acl); 1619 p_lcb->p_hcit_rcv_acl = NULL; 1620 p_return_buf = NULL ; /* Can't hold onto it any more */ 1621 } 1622 } 1623 else /*** NEITHER START OR CONTINUATION PACKET ***/ 1624 { 1625 p_return_buf = NULL ; 1626 } 1627 } 1628 1629 if (p_return_buf == NULL) /* if error is indicated.. */ 1630 { 1631 if (p_cur_buf != NULL) /* ..drop input buffer */ 1632 GKI_freebuf(p_cur_buf); /* (if present) */ 1633 } 1634 1635 return (p_return_buf); 1636 } 1637 1638 /******************************************************************************* 1639 ** 1640 ** Function l2cap_link_chk_pkt_end 1641 ** 1642 ** Description This function is called from the HCI transport when the last 1643 ** byte of an HCI ACL packet has been received. It checks if the 1644 ** L2CAP message is complete, i.e. no more continuation packets 1645 ** are expected. 1646 ** 1647 ** Returns TRUE if message complete, FALSE if continuation expected 1648 ** 1649 *******************************************************************************/ 1650 BOOLEAN l2cap_link_chk_pkt_end (void) 1651 { 1652 UINT8 *p; 1653 BT_HDR *p_buf; 1654 UINT16 l2cap_len; 1655 tL2C_LCB *p_lcb; 1656 1657 /* If link or buffer pointer not set up, let main line handle it */ 1658 if (((p_lcb = l2cb.p_cur_hcit_lcb) == NULL) || ((p_buf = p_lcb->p_hcit_rcv_acl) == NULL)) 1659 return (TRUE); 1660 1661 /* Point to the L2CAP length */ 1662 p = (UINT8 *)(p_buf + 1) + p_buf->offset + HCI_DATA_PREAMBLE_SIZE; 1663 1664 STREAM_TO_UINT16 (l2cap_len, p); 1665 1666 /* If the L2CAP length has not been reached, tell HCIT not to send this buffer to BTU */ 1667 if (l2cap_len > (p_buf->len - (HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD))) 1668 { 1669 return (FALSE); 1670 } 1671 else 1672 { 1673 p_lcb->p_hcit_rcv_acl = NULL; 1674 return (TRUE); 1675 } 1676 } 1677 1678 1679 /******************************************************************************* 1680 ** 1681 ** Function l2c_link_segments_xmitted 1682 ** 1683 ** Description This function is called from the HCI Interface when an ACL 1684 ** data packet segment is transmitted. 1685 ** 1686 ** Returns void 1687 ** 1688 *******************************************************************************/ 1689 void l2c_link_segments_xmitted (BT_HDR *p_msg) 1690 { 1691 UINT8 *p = (UINT8 *)(p_msg + 1) + p_msg->offset; 1692 UINT16 handle; 1693 tL2C_LCB *p_lcb; 1694 1695 /* Extract the handle */ 1696 STREAM_TO_UINT16 (handle, p); 1697 handle = HCID_GET_HANDLE (handle); 1698 1699 /* Find the LCB based on the handle */ 1700 if ((p_lcb = l2cu_find_lcb_by_handle (handle)) == NULL) 1701 { 1702 L2CAP_TRACE_WARNING1 ("L2CAP - rcvd segment complete, unknown handle: %d", handle); 1703 GKI_freebuf (p_msg); 1704 return; 1705 } 1706 1707 if (p_lcb->link_state == LST_CONNECTED) 1708 { 1709 /* Enqueue the buffer to the head of the transmit queue, and see */ 1710 /* if we can transmit anything more. */ 1711 GKI_enqueue_head (&p_lcb->link_xmit_data_q, p_msg); 1712 1713 p_lcb->partial_segment_being_sent = FALSE; 1714 1715 l2c_link_check_send_pkts (p_lcb, NULL, NULL); 1716 } 1717 else 1718 GKI_freebuf (p_msg); 1719 } 1720
