1 /****************************************************************************** 2 * 3 * Copyright (C) 2010-2013 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 20 /****************************************************************************** 21 * 22 * This file contains the LLCP Link Management 23 * 24 ******************************************************************************/ 25 26 #include <string.h> 27 #include "gki.h" 28 #include "nfc_target.h" 29 #include "bt_types.h" 30 #include "trace_api.h" 31 #include "llcp_int.h" 32 #include "llcp_defs.h" 33 #include "nfc_int.h" 34 35 const UINT16 llcp_link_rwt[15] = /* RWT = (302us)*2**WT; 302us = 256*16/fc; fc = 13.56MHz */ 36 { 37 1, /* WT=0, 302us */ 38 1, /* WT=1, 604us */ 39 2, /* WT=2, 1208us */ 40 3, /* WT=3, 2.4ms */ 41 5, /* WT=4, 4.8ms */ 42 10, /* WT=5, 9.7ms */ 43 20, /* WT=6, 19.3ms */ 44 39, /* WT=7, 38.7ms */ 45 78, /* WT=8, 77.3ms */ 46 155, /* WT=9, 154.6ms */ 47 310, /* WT=10, 309.2ms */ 48 619, /* WT=11, 618.5ms */ 49 1237, /* WT=12, 1237.0ms */ 50 2474, /* WT=13, 2474.0ms */ 51 4948, /* WT=14, 4948.0ms */ 52 }; 53 54 static BOOLEAN llcp_link_parse_gen_bytes (UINT8 gen_bytes_len, UINT8 *p_gen_bytes); 55 static BOOLEAN llcp_link_version_agreement (void); 56 57 static void llcp_link_send_SYMM (void); 58 static void llcp_link_update_status (BOOLEAN is_activated); 59 static void llcp_link_check_congestion (void); 60 static void llcp_link_check_uncongested (void); 61 static void llcp_link_proc_ui_pdu (UINT8 local_sap, UINT8 remote_sap, UINT16 ui_pdu_length, UINT8 *p_ui_pdu, BT_HDR *p_msg); 62 static void llcp_link_proc_agf_pdu (BT_HDR *p_msg); 63 static void llcp_link_proc_rx_pdu (UINT8 dsap, UINT8 ptype, UINT8 ssap, BT_HDR *p_msg); 64 static void llcp_link_proc_rx_data (BT_HDR *p_msg); 65 66 static BT_HDR *llcp_link_get_next_pdu (BOOLEAN length_only, UINT16 *p_next_pdu_length); 67 static BT_HDR *llcp_link_build_next_pdu (BT_HDR *p_agf); 68 static void llcp_link_send_to_lower (BT_HDR *p_msg); 69 70 #if (LLCP_TEST_INCLUDED == TRUE) /* this is for LLCP testing */ 71 extern tLLCP_TEST_PARAMS llcp_test_params; 72 #endif 73 74 /* debug functions type */ 75 #if (BT_TRACE_VERBOSE == TRUE) 76 static char *llcp_pdu_type (UINT8 ptype); 77 #endif 78 79 /******************************************************************************* 80 ** 81 ** Function llcp_link_start_inactivity_timer 82 ** 83 ** Description This function start LLCP link inactivity timer. 84 ** 85 ** Returns void 86 ** 87 *******************************************************************************/ 88 static void llcp_link_start_inactivity_timer (void) 89 { 90 if ( (llcp_cb.lcb.inact_timer.in_use == FALSE) 91 &&(llcp_cb.lcb.inact_timeout > 0) ) 92 { 93 LLCP_TRACE_DEBUG1 ("Start inactivity_timer: %d ms", llcp_cb.lcb.inact_timeout); 94 95 nfc_start_quick_timer (&llcp_cb.lcb.inact_timer, NFC_TTYPE_LLCP_LINK_INACT, 96 ((UINT32) llcp_cb.lcb.inact_timeout) * QUICK_TIMER_TICKS_PER_SEC / 1000); 97 } 98 } 99 100 /******************************************************************************* 101 ** 102 ** Function llcp_link_stop_inactivity_timer 103 ** 104 ** Description This function stop LLCP link inactivity timer. 105 ** 106 ** Returns void 107 ** 108 *******************************************************************************/ 109 static void llcp_link_stop_inactivity_timer (void) 110 { 111 if (llcp_cb.lcb.inact_timer.in_use) 112 { 113 LLCP_TRACE_DEBUG0 ("Stop inactivity_timer"); 114 115 nfc_stop_quick_timer (&llcp_cb.lcb.inact_timer); 116 } 117 } 118 119 /******************************************************************************* 120 ** 121 ** Function llcp_link_start_link_timer 122 ** 123 ** Description This function starts LLCP link timer (LTO or delay response). 124 ** 125 ** Returns void 126 ** 127 *******************************************************************************/ 128 static void llcp_link_start_link_timer (void) 129 { 130 if (llcp_cb.lcb.symm_state == LLCP_LINK_SYMM_LOCAL_XMIT_NEXT) 131 { 132 /* wait for application layer sending data */ 133 nfc_start_quick_timer (&llcp_cb.lcb.timer, NFC_TTYPE_LLCP_LINK_MANAGER, 134 (((UINT32) llcp_cb.lcb.symm_delay) * QUICK_TIMER_TICKS_PER_SEC) / 1000); 135 } 136 else 137 { 138 /* wait for data to receive from remote */ 139 nfc_start_quick_timer (&llcp_cb.lcb.timer, NFC_TTYPE_LLCP_LINK_MANAGER, 140 ((UINT32) llcp_cb.lcb.peer_lto) * QUICK_TIMER_TICKS_PER_SEC / 1000); 141 } 142 } 143 144 /******************************************************************************* 145 ** 146 ** Function llcp_link_stop_link_timer 147 ** 148 ** Description This function stop LLCP link timer (LTO or delay response). 149 ** 150 ** Returns void 151 ** 152 *******************************************************************************/ 153 static void llcp_link_stop_link_timer (void) 154 { 155 nfc_stop_quick_timer (&llcp_cb.lcb.timer); 156 } 157 158 /******************************************************************************* 159 ** 160 ** Function llcp_link_activate 161 ** 162 ** Description Activate LLCP link 163 ** 164 ** Returns tLLCP_STATUS 165 ** 166 *******************************************************************************/ 167 tLLCP_STATUS llcp_link_activate (tLLCP_ACTIVATE_CONFIG *p_config) 168 { 169 LLCP_TRACE_DEBUG0 ("llcp_link_activate ()"); 170 171 /* At this point, MAC link activation procedure has been successfully completed */ 172 173 /* The Length Reduction values LRi and LRt MUST be 11b. (254bytes) */ 174 if (p_config->max_payload_size != LLCP_NCI_MAX_PAYL_SIZE) 175 { 176 LLCP_TRACE_WARNING2 ("llcp_link_activate (): max payload size (%d) must be %d bytes", 177 p_config->max_payload_size, LLCP_NCI_MAX_PAYL_SIZE); 178 } 179 180 /* Processing the parametes that have been received with the MAC link activation */ 181 if (llcp_link_parse_gen_bytes (p_config->gen_bytes_len, 182 p_config->p_gen_bytes ) == FALSE) 183 { 184 LLCP_TRACE_ERROR0 ("llcp_link_activate (): Failed to parse general bytes"); 185 (*llcp_cb.lcb.p_link_cback) (LLCP_LINK_ACTIVATION_FAILED_EVT, LLCP_LINK_BAD_GEN_BYTES); 186 187 if (p_config->is_initiator == FALSE) 188 { 189 /* repond to any incoming PDU with invalid LLCP PDU */ 190 llcp_cb.lcb.link_state = LLCP_LINK_STATE_ACTIVATION_FAILED; 191 NFC_SetStaticRfCback (llcp_link_connection_cback); 192 } 193 return LLCP_STATUS_FAIL; 194 } 195 196 /* 197 ** For the Target device, the scaled value of RWT MUST be less than or equal to the 198 ** scaled value of the LLC Link Timeout (LTO). 199 */ 200 if ((p_config->is_initiator) && (llcp_link_rwt[p_config->waiting_time] > llcp_cb.lcb.peer_lto)) 201 { 202 LLCP_TRACE_WARNING3 ("llcp_link_activate (): WT (%d, %dms) must be less than or equal to LTO (%dms)", 203 p_config->waiting_time, 204 llcp_link_rwt[p_config->waiting_time], 205 llcp_cb.lcb.peer_lto); 206 } 207 208 /* extend LTO as much as internally required processing time and propagation delays */ 209 llcp_cb.lcb.peer_lto += LLCP_INTERNAL_TX_DELAY + LLCP_INTERNAL_RX_DELAY; 210 211 /* LLCP version number agreement */ 212 if (llcp_link_version_agreement () == FALSE) 213 { 214 LLCP_TRACE_ERROR0 ("llcp_link_activate (): Failed to agree version"); 215 (*llcp_cb.lcb.p_link_cback) (LLCP_LINK_ACTIVATION_FAILED_EVT, LLCP_LINK_VERSION_FAILED); 216 217 if (p_config->is_initiator == FALSE) 218 { 219 /* repond to any incoming PDU with invalid LLCP PDU */ 220 llcp_cb.lcb.link_state = LLCP_LINK_STATE_ACTIVATION_FAILED; 221 NFC_SetStaticRfCback (llcp_link_connection_cback); 222 } 223 return LLCP_STATUS_FAIL; 224 } 225 226 llcp_cb.lcb.received_first_packet = FALSE; 227 llcp_cb.lcb.is_initiator = p_config->is_initiator; 228 229 /* reset internal flags */ 230 llcp_cb.lcb.flags = 0x00; 231 232 /* set tx MIU to MIN (MIU of local LLCP, MIU of peer LLCP) */ 233 234 if (llcp_cb.lcb.local_link_miu >= llcp_cb.lcb.peer_miu) 235 llcp_cb.lcb.effective_miu = llcp_cb.lcb.peer_miu; 236 else 237 llcp_cb.lcb.effective_miu = llcp_cb.lcb.local_link_miu; 238 239 /* 240 ** When entering the normal operation phase, LLCP shall initialize the symmetry 241 ** procedure. 242 */ 243 if (llcp_cb.lcb.is_initiator) 244 { 245 LLCP_TRACE_DEBUG0 ("llcp_link_activate (): Connected as Initiator"); 246 247 llcp_cb.lcb.inact_timeout = llcp_cb.lcb.inact_timeout_init; 248 llcp_cb.lcb.symm_state = LLCP_LINK_SYMM_LOCAL_XMIT_NEXT; 249 250 if (llcp_cb.lcb.delay_first_pdu_timeout > 0) 251 { 252 /* give a chance to upper layer to send PDU if need */ 253 nfc_start_quick_timer (&llcp_cb.lcb.timer, NFC_TTYPE_LLCP_DELAY_FIRST_PDU, 254 (((UINT32) llcp_cb.lcb.delay_first_pdu_timeout) * QUICK_TIMER_TICKS_PER_SEC) / 1000); 255 } 256 else 257 { 258 llcp_link_send_SYMM (); 259 } 260 } 261 else 262 { 263 LLCP_TRACE_DEBUG0 ("llcp_link_activate (): Connected as Target"); 264 llcp_cb.lcb.inact_timeout = llcp_cb.lcb.inact_timeout_target; 265 llcp_cb.lcb.symm_state = LLCP_LINK_SYMM_REMOTE_XMIT_NEXT; 266 267 /* wait for data to receive from remote */ 268 llcp_link_start_link_timer (); 269 } 270 271 272 /* 273 ** Set state to LLCP_LINK_STATE_ACTIVATED and notify activation before set data callback 274 ** because LLCP PDU could be in NCI queue. 275 */ 276 llcp_cb.lcb.link_state = LLCP_LINK_STATE_ACTIVATED; 277 278 /* LLCP Link Activation completed */ 279 (*llcp_cb.lcb.p_link_cback) (LLCP_LINK_ACTIVATION_COMPLETE_EVT, LLCP_LINK_SUCCESS); 280 281 /* Update link status to service layer */ 282 llcp_link_update_status (TRUE); 283 284 NFC_SetStaticRfCback (llcp_link_connection_cback); 285 286 return (LLCP_STATUS_SUCCESS); 287 } 288 289 /******************************************************************************* 290 ** 291 ** Function llcp_deactivate_cleanup 292 ** 293 ** Description Clean up for link deactivation 294 ** 295 ** Returns void 296 ** 297 *******************************************************************************/ 298 static void llcp_deactivate_cleanup (UINT8 reason) 299 { 300 /* report SDP failure for any pending request */ 301 llcp_sdp_proc_deactivation (); 302 303 /* Update link status to service layer */ 304 llcp_link_update_status (FALSE); 305 306 /* We had sent out DISC */ 307 llcp_cb.lcb.link_state = LLCP_LINK_STATE_DEACTIVATED; 308 309 llcp_link_stop_link_timer (); 310 311 /* stop inactivity timer */ 312 llcp_link_stop_inactivity_timer (); 313 314 /* Let upper layer deactivate local link */ 315 (*llcp_cb.lcb.p_link_cback) (LLCP_LINK_DEACTIVATED_EVT, reason); 316 } 317 318 /******************************************************************************* 319 ** 320 ** Function llcp_link_process_link_timeout 321 ** 322 ** Description Process timeout events for LTO, SYMM and deactivating 323 ** 324 ** Returns void 325 ** 326 *******************************************************************************/ 327 void llcp_link_process_link_timeout (void) 328 { 329 if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_ACTIVATED) 330 { 331 if ((llcp_cb.lcb.symm_delay > 0) && (llcp_cb.lcb.symm_state == LLCP_LINK_SYMM_LOCAL_XMIT_NEXT)) 332 { 333 /* upper layer doesn't have anything to send */ 334 LLCP_TRACE_DEBUG0 ("llcp_link_process_link_timeout (): LEVT_TIMEOUT in state of LLCP_LINK_SYMM_LOCAL_XMIT_NEXT"); 335 llcp_link_send_SYMM (); 336 337 /* wait for data to receive from remote */ 338 llcp_link_start_link_timer (); 339 340 /* start inactivity timer */ 341 if (llcp_cb.num_data_link_connection == 0) 342 { 343 llcp_link_start_inactivity_timer (); 344 } 345 } 346 else 347 { 348 LLCP_TRACE_ERROR0 ("llcp_link_process_link_timeout (): LEVT_TIMEOUT in state of LLCP_LINK_SYMM_REMOTE_XMIT_NEXT"); 349 llcp_link_deactivate (LLCP_LINK_TIMEOUT); 350 } 351 } 352 else if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_DEACTIVATING) 353 { 354 llcp_deactivate_cleanup (llcp_cb.lcb.link_deact_reason); 355 356 NFC_SetStaticRfCback (NULL); 357 } 358 } 359 360 /******************************************************************************* 361 ** 362 ** Function llcp_link_deactivate 363 ** 364 ** Description Deactivate LLCP link 365 ** 366 ** Returns void 367 ** 368 *******************************************************************************/ 369 void llcp_link_deactivate (UINT8 reason) 370 { 371 UINT8 local_sap, idx; 372 tLLCP_DLCB *p_dlcb; 373 tLLCP_APP_CB *p_app_cb; 374 375 LLCP_TRACE_DEBUG1 ("llcp_link_deactivate () reason = 0x%x", reason); 376 377 /* Release any held buffers in signaling PDU queue */ 378 while (llcp_cb.lcb.sig_xmit_q.p_first) 379 GKI_freebuf (GKI_dequeue (&llcp_cb.lcb.sig_xmit_q)); 380 381 /* Release any held buffers in UI PDU queue */ 382 for (local_sap = LLCP_SAP_SDP + 1; local_sap < LLCP_NUM_SAPS; local_sap++) 383 { 384 p_app_cb = llcp_util_get_app_cb (local_sap); 385 386 if ( (p_app_cb) 387 &&(p_app_cb->p_app_cback) ) 388 { 389 while (p_app_cb->ui_xmit_q.p_first) 390 GKI_freebuf (GKI_dequeue (&p_app_cb->ui_xmit_q)); 391 392 p_app_cb->is_ui_tx_congested = FALSE; 393 394 while (p_app_cb->ui_rx_q.p_first) 395 GKI_freebuf (GKI_dequeue (&p_app_cb->ui_rx_q)); 396 } 397 } 398 399 llcp_cb.total_tx_ui_pdu = 0; 400 llcp_cb.total_rx_ui_pdu = 0; 401 402 /* Notify all of data link */ 403 for (idx = 0; idx < LLCP_MAX_DATA_LINK; idx++) 404 { 405 if (llcp_cb.dlcb[idx].state != LLCP_DLC_STATE_IDLE) 406 { 407 p_dlcb = &(llcp_cb.dlcb[idx]); 408 409 llcp_dlsm_execute (p_dlcb, LLCP_DLC_EVENT_LINK_ERROR, NULL); 410 } 411 } 412 llcp_cb.total_tx_i_pdu = 0; 413 llcp_cb.total_rx_i_pdu = 0; 414 415 llcp_cb.overall_tx_congested = FALSE; 416 llcp_cb.overall_rx_congested = FALSE; 417 418 if ( (reason == LLCP_LINK_FRAME_ERROR) 419 ||(reason == LLCP_LINK_LOCAL_INITIATED) ) 420 { 421 /* get rid of the data pending in NFC tx queue, so DISC PDU can be sent ASAP */ 422 NFC_FlushData (NFC_RF_CONN_ID); 423 424 llcp_util_send_disc (LLCP_SAP_LM, LLCP_SAP_LM); 425 426 /* Wait until DISC is sent to peer */ 427 LLCP_TRACE_DEBUG0 ("llcp_link_deactivate (): Wait until DISC is sent to peer"); 428 429 llcp_cb.lcb.link_state = LLCP_LINK_STATE_DEACTIVATING; 430 431 if (llcp_cb.lcb.sig_xmit_q.count == 0) 432 { 433 /* if DISC is sent to NFCC, wait for short period for NFCC to send it to peer */ 434 nfc_start_quick_timer (&llcp_cb.lcb.timer, NFC_TTYPE_LLCP_LINK_MANAGER, 435 ((UINT32) 50) * QUICK_TIMER_TICKS_PER_SEC / 1000); 436 } 437 438 llcp_cb.lcb.link_deact_reason = reason; 439 return; 440 } 441 else if ( (reason == LLCP_LINK_REMOTE_INITIATED) 442 &&(!llcp_cb.lcb.is_initiator) ) 443 { 444 /* if received DISC to deactivate LLCP link as target role, send SYMM PDU */ 445 llcp_link_send_SYMM (); 446 } 447 else /* for link timeout and interface error */ 448 { 449 /* if got RF link loss receiving no LLC PDU from peer */ 450 NFC_FlushData (NFC_RF_CONN_ID); 451 } 452 453 llcp_deactivate_cleanup (reason); 454 } 455 456 /******************************************************************************* 457 ** 458 ** Function llcp_link_parse_gen_bytes 459 ** 460 ** Description Check LLCP magic number and get parameters in general bytes 461 ** 462 ** Returns TRUE if success 463 ** 464 *******************************************************************************/ 465 static BOOLEAN llcp_link_parse_gen_bytes (UINT8 gen_bytes_len, UINT8 *p_gen_bytes) 466 { 467 UINT8 *p = p_gen_bytes + LLCP_MAGIC_NUMBER_LEN; 468 UINT8 length = gen_bytes_len - LLCP_MAGIC_NUMBER_LEN; 469 470 if ( (gen_bytes_len >= LLCP_MAGIC_NUMBER_LEN) 471 &&(*(p_gen_bytes) == LLCP_MAGIC_NUMBER_BYTE0) 472 &&(*(p_gen_bytes + 1) == LLCP_MAGIC_NUMBER_BYTE1) 473 &&(*(p_gen_bytes + 2) == LLCP_MAGIC_NUMBER_BYTE2) ) 474 { 475 /* in case peer didn't include these */ 476 llcp_cb.lcb.peer_miu = LLCP_DEFAULT_MIU; 477 llcp_cb.lcb.peer_lto = LLCP_DEFAULT_LTO_IN_MS; 478 479 return (llcp_util_parse_link_params (length, p)); 480 } 481 else /* if this is not LLCP */ 482 { 483 return (FALSE); 484 } 485 486 return (TRUE); 487 } 488 489 /******************************************************************************* 490 ** 491 ** Function llcp_link_version_agreement 492 ** 493 ** Description LLCP version number agreement 494 ** 495 ** Returns TRUE if success 496 ** 497 *******************************************************************************/ 498 static BOOLEAN llcp_link_version_agreement (void) 499 { 500 UINT8 peer_major_version, peer_minor_version; 501 502 peer_major_version = LLCP_GET_MAJOR_VERSION (llcp_cb.lcb.peer_version); 503 peer_minor_version = LLCP_GET_MINOR_VERSION (llcp_cb.lcb.peer_version); 504 505 if (peer_major_version < LLCP_MIN_MAJOR_VERSION) 506 { 507 LLCP_TRACE_ERROR1("llcp_link_version_agreement(): unsupported peer version number. Peer Major Version:%d", peer_major_version); 508 return FALSE; 509 } 510 else 511 { 512 if (peer_major_version == LLCP_VERSION_MAJOR) 513 { 514 llcp_cb.lcb.agreed_major_version = LLCP_VERSION_MAJOR; 515 if (peer_minor_version >= LLCP_VERSION_MINOR) 516 { 517 llcp_cb.lcb.agreed_minor_version = LLCP_VERSION_MINOR; 518 } 519 else 520 { 521 llcp_cb.lcb.agreed_minor_version = peer_minor_version; 522 } 523 } 524 else if (peer_major_version < LLCP_VERSION_MAJOR) 525 { 526 /* so far we can support backward compatibility */ 527 llcp_cb.lcb.agreed_major_version = peer_major_version; 528 llcp_cb.lcb.agreed_minor_version = peer_minor_version; 529 } 530 else 531 { 532 /* let peer (higher major version) decide it */ 533 llcp_cb.lcb.agreed_major_version = LLCP_VERSION_MAJOR; 534 llcp_cb.lcb.agreed_minor_version = LLCP_VERSION_MINOR; 535 } 536 537 LLCP_TRACE_DEBUG6 ("local version:%d.%d, remote version:%d.%d, agreed version:%d.%d", 538 LLCP_VERSION_MAJOR, LLCP_VERSION_MINOR, 539 peer_major_version, peer_minor_version, 540 llcp_cb.lcb.agreed_major_version, llcp_cb.lcb.agreed_minor_version); 541 542 return (TRUE); 543 } 544 } 545 546 /******************************************************************************* 547 ** 548 ** Function llcp_link_update_status 549 ** 550 ** Description Notify all of service layer client link status change 551 ** 552 ** Returns void 553 ** 554 *******************************************************************************/ 555 static void llcp_link_update_status (BOOLEAN is_activated) 556 { 557 tLLCP_SAP_CBACK_DATA data; 558 tLLCP_APP_CB *p_app_cb; 559 UINT8 sap; 560 561 data.link_status.event = LLCP_SAP_EVT_LINK_STATUS; 562 data.link_status.is_activated = is_activated; 563 data.link_status.is_initiator = llcp_cb.lcb.is_initiator; 564 565 /* notify all SAP so they can create connection while link is activated */ 566 for (sap = LLCP_SAP_SDP + 1; sap < LLCP_NUM_SAPS; sap++) 567 { 568 p_app_cb = llcp_util_get_app_cb (sap); 569 570 if ( (p_app_cb) 571 &&(p_app_cb->p_app_cback) ) 572 { 573 data.link_status.local_sap = sap; 574 p_app_cb->p_app_cback (&data); 575 } 576 } 577 } 578 579 /******************************************************************************* 580 ** 581 ** Function llcp_link_check_congestion 582 ** 583 ** Description Check overall congestion status 584 ** Notify to all of upper layer if congested 585 ** 586 ** Returns void 587 ** 588 *******************************************************************************/ 589 static void llcp_link_check_congestion (void) 590 { 591 tLLCP_SAP_CBACK_DATA data; 592 tLLCP_APP_CB *p_app_cb; 593 UINT8 sap, idx; 594 595 if (llcp_cb.overall_tx_congested) 596 { 597 /* already congested so no need to check again */ 598 return; 599 } 600 601 if (llcp_cb.total_tx_ui_pdu + llcp_cb.total_tx_i_pdu >= llcp_cb.max_num_tx_buff) 602 { 603 /* overall buffer usage is high */ 604 llcp_cb.overall_tx_congested = TRUE; 605 606 LLCP_TRACE_WARNING2 ("overall tx congestion start: total_tx_ui_pdu=%d, total_tx_i_pdu=%d", 607 llcp_cb.total_tx_ui_pdu, llcp_cb.total_tx_i_pdu); 608 609 data.congest.event = LLCP_SAP_EVT_CONGEST; 610 data.congest.is_congested = TRUE; 611 612 /* notify logical data link congestion status */ 613 data.congest.remote_sap = LLCP_INVALID_SAP; 614 data.congest.link_type = LLCP_LINK_TYPE_LOGICAL_DATA_LINK; 615 616 for (sap = LLCP_SAP_SDP + 1; sap < LLCP_NUM_SAPS; sap++) 617 { 618 p_app_cb = llcp_util_get_app_cb (sap); 619 620 if ( (p_app_cb) 621 &&(p_app_cb->p_app_cback) 622 &&(p_app_cb->link_type & LLCP_LINK_TYPE_LOGICAL_DATA_LINK) ) 623 { 624 /* if already congested then no need to notify again */ 625 if (!p_app_cb->is_ui_tx_congested) 626 { 627 p_app_cb->is_ui_tx_congested = TRUE; 628 629 LLCP_TRACE_WARNING2 ("Logical link (SAP=0x%X) congestion start: count=%d", 630 sap, p_app_cb->ui_xmit_q.count); 631 632 data.congest.local_sap = sap; 633 p_app_cb->p_app_cback (&data); 634 } 635 } 636 } 637 638 /* notify data link connection congestion status */ 639 data.congest.link_type = LLCP_LINK_TYPE_DATA_LINK_CONNECTION; 640 641 for (idx = 0; idx < LLCP_MAX_DATA_LINK; idx++ ) 642 { 643 if ( (llcp_cb.dlcb[idx].state == LLCP_DLC_STATE_CONNECTED) 644 &&(llcp_cb.dlcb[idx].remote_busy == FALSE) 645 &&(llcp_cb.dlcb[idx].is_tx_congested == FALSE) ) 646 { 647 llcp_cb.dlcb[idx].is_tx_congested = TRUE; 648 649 LLCP_TRACE_WARNING3 ("Data link (SSAP:DSAP=0x%X:0x%X) congestion start: count=%d", 650 llcp_cb.dlcb[idx].local_sap, llcp_cb.dlcb[idx].remote_sap, 651 llcp_cb.dlcb[idx].i_xmit_q.count); 652 653 data.congest.local_sap = llcp_cb.dlcb[idx].local_sap; 654 data.congest.remote_sap = llcp_cb.dlcb[idx].remote_sap; 655 656 (*llcp_cb.dlcb[idx].p_app_cb->p_app_cback) (&data); 657 } 658 } 659 } 660 } 661 662 /******************************************************************************* 663 ** 664 ** Function llcp_link_check_uncongested 665 ** 666 ** Description Check overall congestion status, logical data link and 667 ** data link connection congestion status 668 ** Notify to each upper layer if uncongested 669 ** 670 ** Returns void 671 ** 672 *******************************************************************************/ 673 static void llcp_link_check_uncongested (void) 674 { 675 tLLCP_SAP_CBACK_DATA data; 676 tLLCP_APP_CB *p_app_cb; 677 UINT8 xx, sap, idx; 678 679 if (llcp_cb.overall_tx_congested) 680 { 681 if (llcp_cb.total_tx_ui_pdu + llcp_cb.total_tx_i_pdu <= llcp_cb.max_num_tx_buff / 2) 682 { 683 /* overall congestion is cleared */ 684 llcp_cb.overall_tx_congested = FALSE; 685 686 LLCP_TRACE_WARNING2 ("overall tx congestion end: total_tx_ui_pdu=%d, total_tx_i_pdu=%d", 687 llcp_cb.total_tx_ui_pdu, llcp_cb.total_tx_i_pdu); 688 } 689 else 690 { 691 /* wait until more data packets are sent out */ 692 return; 693 } 694 } 695 696 data.congest.event = LLCP_SAP_EVT_CONGEST; 697 data.congest.is_congested = FALSE; 698 699 /* if total number of UI PDU is below threshold */ 700 if (llcp_cb.total_tx_ui_pdu < llcp_cb.max_num_ll_tx_buff) 701 { 702 /* check and notify logical data link congestion status */ 703 data.congest.remote_sap = LLCP_INVALID_SAP; 704 data.congest.link_type = LLCP_LINK_TYPE_LOGICAL_DATA_LINK; 705 706 /* 707 ** start point of uncongested status notification is in round robin 708 ** so each logical data link has equal chance of transmitting. 709 */ 710 sap = llcp_cb.ll_tx_uncongest_ntf_start_sap; 711 712 for (xx = LLCP_SAP_SDP + 1; xx < LLCP_NUM_SAPS; xx++) 713 { 714 /* no logical data link on LM and SDP */ 715 if (sap > LLCP_SAP_SDP) 716 { 717 p_app_cb = llcp_util_get_app_cb (sap); 718 719 if ( (p_app_cb) 720 &&(p_app_cb->p_app_cback) 721 &&(p_app_cb->link_type & LLCP_LINK_TYPE_LOGICAL_DATA_LINK) 722 &&(p_app_cb->is_ui_tx_congested) 723 &&(p_app_cb->ui_xmit_q.count <= llcp_cb.ll_tx_congest_end) ) 724 { 725 /* if it was congested but now tx queue count is below threshold */ 726 p_app_cb->is_ui_tx_congested = FALSE; 727 728 LLCP_TRACE_DEBUG2 ("Logical link (SAP=0x%X) congestion end: count=%d", 729 sap, p_app_cb->ui_xmit_q.count); 730 731 data.congest.local_sap = sap; 732 p_app_cb->p_app_cback (&data); 733 } 734 } 735 736 sap = (sap + 1) % LLCP_NUM_SAPS; 737 } 738 739 /* move start point for next logical data link */ 740 for (xx = 0; xx < LLCP_NUM_SAPS; xx++) 741 { 742 sap = (llcp_cb.ll_tx_uncongest_ntf_start_sap + 1) % LLCP_NUM_SAPS; 743 744 if (sap > LLCP_SAP_SDP) 745 { 746 p_app_cb = llcp_util_get_app_cb (sap); 747 748 if ( (p_app_cb) 749 &&(p_app_cb->p_app_cback) 750 &&(p_app_cb->link_type & LLCP_LINK_TYPE_LOGICAL_DATA_LINK) ) 751 { 752 llcp_cb.ll_tx_uncongest_ntf_start_sap = sap; 753 break; 754 } 755 } 756 } 757 } 758 759 /* notify data link connection congestion status */ 760 data.congest.link_type = LLCP_LINK_TYPE_DATA_LINK_CONNECTION; 761 762 /* 763 ** start point of uncongested status notification is in round robin 764 ** so each data link connection has equal chance of transmitting. 765 */ 766 idx = llcp_cb.dl_tx_uncongest_ntf_start_idx; 767 768 for (xx = 0; xx < LLCP_MAX_DATA_LINK; xx++ ) 769 { 770 /* if it was congested but now tx queue is below threshold (receiving window) */ 771 if ( (llcp_cb.dlcb[idx].state == LLCP_DLC_STATE_CONNECTED) 772 &&(llcp_cb.dlcb[idx].is_tx_congested) 773 &&(llcp_cb.dlcb[idx].i_xmit_q.count <= llcp_cb.dlcb[idx].remote_rw / 2) ) 774 { 775 llcp_cb.dlcb[idx].is_tx_congested = FALSE; 776 777 if (llcp_cb.dlcb[idx].remote_busy == FALSE) 778 { 779 LLCP_TRACE_DEBUG3 ("Data link (SSAP:DSAP=0x%X:0x%X) congestion end: count=%d", 780 llcp_cb.dlcb[idx].local_sap, llcp_cb.dlcb[idx].remote_sap, 781 llcp_cb.dlcb[idx].i_xmit_q.count); 782 783 data.congest.local_sap = llcp_cb.dlcb[idx].local_sap; 784 data.congest.remote_sap = llcp_cb.dlcb[idx].remote_sap; 785 786 (*llcp_cb.dlcb[idx].p_app_cb->p_app_cback) (&data); 787 } 788 } 789 idx = (idx + 1) % LLCP_MAX_DATA_LINK; 790 } 791 792 /* move start point for next data link connection */ 793 for (xx = 0; xx < LLCP_MAX_DATA_LINK; xx++ ) 794 { 795 idx = (llcp_cb.dl_tx_uncongest_ntf_start_idx + 1) % LLCP_MAX_DATA_LINK; 796 if (llcp_cb.dlcb[idx].state == LLCP_DLC_STATE_CONNECTED) 797 { 798 llcp_cb.dl_tx_uncongest_ntf_start_idx = idx; 799 break; 800 } 801 } 802 } 803 804 /******************************************************************************* 805 ** 806 ** Function llcp_link_send_SYMM 807 ** 808 ** Description Send SYMM PDU 809 ** 810 ** Returns void 811 ** 812 *******************************************************************************/ 813 static void llcp_link_send_SYMM (void) 814 { 815 BT_HDR *p_msg; 816 UINT8 *p; 817 818 p_msg = (BT_HDR*) GKI_getpoolbuf (LLCP_POOL_ID); 819 820 if (p_msg) 821 { 822 p_msg->len = LLCP_PDU_SYMM_SIZE; 823 p_msg->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE; 824 825 p = (UINT8 *) (p_msg + 1) + p_msg->offset; 826 UINT16_TO_BE_STREAM (p, LLCP_GET_PDU_HEADER (LLCP_SAP_LM, LLCP_PDU_SYMM_TYPE, LLCP_SAP_LM )); 827 828 llcp_link_send_to_lower (p_msg); 829 } 830 } 831 832 /******************************************************************************* 833 ** 834 ** Function llcp_link_send_invalid_pdu 835 ** 836 ** Description Send invalid LLC PDU in LLCP_LINK_STATE_ACTIVATION_FAILED 837 ** 838 ** Returns void 839 ** 840 *******************************************************************************/ 841 static void llcp_link_send_invalid_pdu (void) 842 { 843 BT_HDR *p_msg; 844 UINT8 *p; 845 846 p_msg = (BT_HDR*) GKI_getpoolbuf (LLCP_POOL_ID); 847 848 if (p_msg) 849 { 850 /* send one byte of 0x00 as invalid LLC PDU */ 851 p_msg->len = 1; 852 p_msg->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE; 853 854 p = (UINT8 *) (p_msg + 1) + p_msg->offset; 855 *p = 0x00; 856 857 NFC_SendData (NFC_RF_CONN_ID, p_msg); 858 } 859 } 860 861 /******************************************************************************* 862 ** 863 ** Function llcp_link_check_send_data 864 ** 865 ** Description Send PDU to peer 866 ** 867 ** Returns void 868 ** 869 *******************************************************************************/ 870 void llcp_link_check_send_data (void) 871 { 872 BT_HDR *p_pdu; 873 874 /* don't re-enter while processing to prevent out of sequence */ 875 if (llcp_cb.lcb.is_sending_data) 876 return; 877 else 878 llcp_cb.lcb.is_sending_data = TRUE; 879 880 /* 881 ** check overall congestion due to high usage of buffer pool 882 ** if congested then notify all of upper layers not to send any more data 883 */ 884 llcp_link_check_congestion (); 885 886 if (llcp_cb.lcb.symm_state == LLCP_LINK_SYMM_LOCAL_XMIT_NEXT) 887 { 888 LLCP_TRACE_DEBUG0 ("llcp_link_check_send_data () in state of LLCP_LINK_SYMM_LOCAL_XMIT_NEXT"); 889 890 p_pdu = llcp_link_build_next_pdu (NULL); 891 892 /* 893 ** For data link connection, 894 ** V(RA) was updated and N(R) was set to V(RA), if I PDU was added in this transmission. 895 ** If there was no I PDU to carry V(RA) and V(RA) is not V(R) and it's not congested, 896 ** then RR PDU will be sent. 897 ** If there was no I PDU to carry V(RA) and V(RA) is not V(R) and it's congested, 898 ** then RNR PDU will be sent. 899 ** If local busy state has been changed then RR or RNR PDU may be sent. 900 */ 901 llcp_dlc_check_to_send_rr_rnr (); 902 903 /* add RR/RNR PDU to be sent if any */ 904 p_pdu = llcp_link_build_next_pdu (p_pdu); 905 906 if (p_pdu != NULL) 907 { 908 llcp_link_send_to_lower (p_pdu); 909 910 /* stop inactivity timer */ 911 llcp_link_stop_inactivity_timer (); 912 913 /* check congestion status after sending out some data */ 914 llcp_link_check_uncongested (); 915 } 916 else 917 { 918 /* There is no data to send, so send SYMM */ 919 if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_ACTIVATED) 920 { 921 if (llcp_cb.lcb.symm_delay > 0) 922 { 923 /* wait for application layer sending data */ 924 llcp_link_start_link_timer (); 925 llcp_cb.lcb.is_sending_data = FALSE; 926 return; 927 } 928 else 929 { 930 llcp_link_send_SYMM (); 931 932 /* start inactivity timer */ 933 if (llcp_cb.num_data_link_connection == 0) 934 { 935 llcp_link_start_inactivity_timer (); 936 } 937 } 938 } 939 else 940 { 941 llcp_cb.lcb.is_sending_data = FALSE; 942 return; 943 } 944 } 945 946 if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_DEACTIVATING) 947 { 948 /* wait for short period for NFCC to send DISC */ 949 nfc_start_quick_timer (&llcp_cb.lcb.timer, NFC_TTYPE_LLCP_LINK_MANAGER, 950 ((UINT32) 50) * QUICK_TIMER_TICKS_PER_SEC / 1000); 951 } 952 else 953 { 954 /* wait for data to receive from remote */ 955 llcp_link_start_link_timer (); 956 } 957 } 958 959 llcp_cb.lcb.is_sending_data = FALSE; 960 } 961 962 /******************************************************************************* 963 ** 964 ** Function llcp_link_proc_ui_pdu 965 ** 966 ** Description Process UI PDU from peer device 967 ** 968 ** Returns None 969 ** 970 *******************************************************************************/ 971 static void llcp_link_proc_ui_pdu (UINT8 local_sap, 972 UINT8 remote_sap, 973 UINT16 ui_pdu_length, 974 UINT8 *p_ui_pdu, 975 BT_HDR *p_msg) 976 { 977 BOOLEAN appended; 978 BT_HDR *p_last_buf; 979 UINT16 available_bytes; 980 UINT8 *p_dst; 981 tLLCP_APP_CB *p_app_cb; 982 tLLCP_SAP_CBACK_DATA data; 983 tLLCP_DLCB *p_dlcb; 984 985 p_app_cb = llcp_util_get_app_cb (local_sap); 986 /*if UI PDU sent to SAP with data link connection*/ 987 if ((p_dlcb = llcp_dlc_find_dlcb_by_sap (local_sap, remote_sap))) 988 { 989 llcp_util_send_frmr (p_dlcb, LLCP_FRMR_W_ERROR_FLAG, LLCP_PDU_UI_TYPE, 0); 990 llcp_dlsm_execute (p_dlcb, LLCP_DLC_EVENT_FRAME_ERROR, NULL); 991 if (p_msg) 992 { 993 GKI_freebuf (p_msg); 994 } 995 return; 996 } 997 998 /* if application is registered and expecting UI PDU on logical data link */ 999 if ( (p_app_cb) 1000 &&(p_app_cb->p_app_cback) 1001 &&(p_app_cb->link_type & LLCP_LINK_TYPE_LOGICAL_DATA_LINK) ) 1002 { 1003 LLCP_TRACE_DEBUG2 ("llcp_link_proc_ui_pdu () Local SAP:0x%x, Remote SAP:0x%x", local_sap, remote_sap); 1004 1005 /* if this is not from AGF PDU */ 1006 if (p_msg) 1007 { 1008 ui_pdu_length = p_msg->len; /* including LLCP header */ 1009 p_ui_pdu = (UINT8*) (p_msg + 1) + p_msg->offset; 1010 } 1011 1012 appended = FALSE; 1013 1014 /* get last buffer in rx queue */ 1015 p_last_buf = (BT_HDR *) GKI_getlast (&p_app_cb->ui_rx_q); 1016 1017 if (p_last_buf) 1018 { 1019 /* get max length to append at the end of buffer */ 1020 available_bytes = GKI_get_buf_size (p_last_buf) - BT_HDR_SIZE - p_last_buf->offset - p_last_buf->len; 1021 1022 /* if new UI PDU with length can be attached at the end of buffer */ 1023 if (available_bytes >= LLCP_PDU_AGF_LEN_SIZE + ui_pdu_length) 1024 { 1025 p_dst = (UINT8*) (p_last_buf + 1) + p_last_buf->offset + p_last_buf->len; 1026 1027 /* add length of UI PDU */ 1028 UINT16_TO_BE_STREAM (p_dst, ui_pdu_length); 1029 1030 /* copy UI PDU with LLCP header */ 1031 memcpy (p_dst, p_ui_pdu, ui_pdu_length); 1032 1033 p_last_buf->len += LLCP_PDU_AGF_LEN_SIZE + ui_pdu_length; 1034 1035 if (p_msg) 1036 GKI_freebuf (p_msg); 1037 1038 appended = TRUE; 1039 } 1040 } 1041 1042 /* if it is not available to append */ 1043 if (!appended) 1044 { 1045 /* if it's not from AGF PDU */ 1046 if (p_msg) 1047 { 1048 /* add length of PDU in front of UI PDU (reuse room for NCI header) */ 1049 p_ui_pdu -= LLCP_PDU_AGF_LEN_SIZE; 1050 UINT16_TO_BE_STREAM (p_ui_pdu, ui_pdu_length); 1051 1052 p_msg->offset -= LLCP_PDU_AGF_LEN_SIZE; 1053 p_msg->len += LLCP_PDU_AGF_LEN_SIZE; 1054 p_msg->layer_specific = 0; 1055 } 1056 else 1057 { 1058 p_msg = (BT_HDR *) GKI_getpoolbuf (LLCP_POOL_ID); 1059 1060 if (p_msg) 1061 { 1062 p_dst = (UINT8*) (p_msg + 1); 1063 1064 /* add length of PDU in front of UI PDU */ 1065 UINT16_TO_BE_STREAM (p_dst, ui_pdu_length); 1066 1067 memcpy (p_dst, p_ui_pdu, ui_pdu_length); 1068 1069 p_msg->offset = 0; 1070 p_msg->len = LLCP_PDU_AGF_LEN_SIZE + ui_pdu_length; 1071 p_msg->layer_specific = 0; 1072 } 1073 else 1074 { 1075 LLCP_TRACE_ERROR0 ("llcp_link_proc_ui_pdu (): out of buffer"); 1076 } 1077 } 1078 1079 /* insert UI PDU in rx queue */ 1080 if (p_msg) 1081 { 1082 GKI_enqueue (&p_app_cb->ui_rx_q, p_msg); 1083 llcp_cb.total_rx_ui_pdu++; 1084 } 1085 } 1086 1087 if (p_app_cb->ui_rx_q.count > llcp_cb.ll_rx_congest_start) 1088 { 1089 LLCP_TRACE_WARNING2 ("llcp_link_proc_ui_pdu (): SAP:0x%x, rx link is congested (%d), discard oldest UI PDU", 1090 local_sap, p_app_cb->ui_rx_q.count); 1091 1092 GKI_freebuf (GKI_dequeue (&p_app_cb->ui_rx_q)); 1093 llcp_cb.total_rx_ui_pdu--; 1094 } 1095 1096 if ((p_app_cb->ui_rx_q.count == 1) && (appended == FALSE)) 1097 { 1098 data.data_ind.event = LLCP_SAP_EVT_DATA_IND; 1099 data.data_ind.local_sap = local_sap; 1100 data.data_ind.remote_sap = remote_sap; 1101 data.data_ind.link_type = LLCP_LINK_TYPE_LOGICAL_DATA_LINK; 1102 (*p_app_cb->p_app_cback) (&data); 1103 } 1104 } 1105 else 1106 { 1107 LLCP_TRACE_ERROR1 ("llcp_link_proc_ui_pdu (): Unregistered SAP:0x%x", local_sap); 1108 1109 if (p_msg) 1110 { 1111 GKI_freebuf (p_msg); 1112 } 1113 } 1114 } 1115 1116 /******************************************************************************* 1117 ** 1118 ** Function llcp_link_proc_agf_pdu 1119 ** 1120 ** Description Process AGF PDU from peer device 1121 ** 1122 ** Returns void 1123 ** 1124 *******************************************************************************/ 1125 static void llcp_link_proc_agf_pdu (BT_HDR *p_agf) 1126 { 1127 UINT16 agf_length; 1128 UINT8 *p, *p_info, *p_pdu_length; 1129 UINT16 pdu_hdr, pdu_length; 1130 UINT8 dsap, ptype, ssap; 1131 1132 p_agf->len -= LLCP_PDU_HEADER_SIZE; 1133 p_agf->offset += LLCP_PDU_HEADER_SIZE; 1134 1135 /* 1136 ** check integrity of AGF PDU and get number of PDUs in AGF PDU 1137 */ 1138 agf_length = p_agf->len; 1139 p = (UINT8 *) (p_agf + 1) + p_agf->offset; 1140 1141 while (agf_length > 0) 1142 { 1143 if (agf_length > LLCP_PDU_AGF_LEN_SIZE) 1144 { 1145 BE_STREAM_TO_UINT16 (pdu_length, p); 1146 agf_length -= LLCP_PDU_AGF_LEN_SIZE; 1147 } 1148 else 1149 { 1150 break; 1151 } 1152 1153 if (pdu_length <= agf_length) 1154 { 1155 p += pdu_length; 1156 agf_length -= pdu_length; 1157 } 1158 else 1159 { 1160 break; 1161 } 1162 } 1163 1164 if (agf_length != 0) 1165 { 1166 LLCP_TRACE_ERROR0 ("llcp_link_proc_agf_pdu (): Received invalid AGF PDU"); 1167 GKI_freebuf (p_agf); 1168 return; 1169 } 1170 1171 /* 1172 ** Process PDUs in AGF 1173 */ 1174 agf_length = p_agf->len; 1175 p = (UINT8 *) (p_agf + 1) + p_agf->offset; 1176 1177 while (agf_length > 0) 1178 { 1179 /* get length of PDU */ 1180 p_pdu_length = p; 1181 BE_STREAM_TO_UINT16 (pdu_length, p); 1182 agf_length -= LLCP_PDU_AGF_LEN_SIZE; 1183 1184 /* get DSAP/PTYPE/SSAP */ 1185 p_info = p; 1186 BE_STREAM_TO_UINT16 (pdu_hdr, p_info ); 1187 1188 dsap = LLCP_GET_DSAP (pdu_hdr); 1189 ptype = (UINT8) (LLCP_GET_PTYPE (pdu_hdr)); 1190 ssap = LLCP_GET_SSAP (pdu_hdr); 1191 1192 #if (BT_TRACE_VERBOSE == TRUE) 1193 LLCP_TRACE_DEBUG4 ("llcp_link_proc_agf_pdu (): Rx DSAP:0x%x, PTYPE:%s (0x%x), SSAP:0x%x in AGF", 1194 dsap, llcp_pdu_type (ptype), ptype, ssap); 1195 #endif 1196 1197 if ( (ptype == LLCP_PDU_DISC_TYPE) 1198 &&(dsap == LLCP_SAP_LM) 1199 &&(ssap == LLCP_SAP_LM) ) 1200 { 1201 GKI_freebuf (p_agf); 1202 llcp_link_deactivate (LLCP_LINK_REMOTE_INITIATED); 1203 return; 1204 } 1205 else if (ptype == LLCP_PDU_SYMM_TYPE) 1206 { 1207 LLCP_TRACE_ERROR0 ("llcp_link_proc_agf_pdu (): SYMM PDU exchange shall not be in AGF"); 1208 } 1209 else if (ptype == LLCP_PDU_PAX_TYPE) 1210 { 1211 LLCP_TRACE_ERROR0 ("llcp_link_proc_agf_pdu (): PAX PDU exchange shall not be used"); 1212 } 1213 else if (ptype == LLCP_PDU_SNL_TYPE) 1214 { 1215 llcp_sdp_proc_snl ((UINT16) (pdu_length - LLCP_PDU_HEADER_SIZE), p_info); 1216 } 1217 else if ((ptype == LLCP_PDU_UI_TYPE) && (pdu_length > LLCP_PDU_HEADER_SIZE)) 1218 { 1219 llcp_link_proc_ui_pdu (dsap, ssap, pdu_length, p, NULL); 1220 } 1221 else if (ptype == LLCP_PDU_I_TYPE) 1222 { 1223 llcp_dlc_proc_i_pdu (dsap, ssap, pdu_length, p, NULL); 1224 } 1225 else /* let data link connection handle PDU */ 1226 { 1227 llcp_dlc_proc_rx_pdu (dsap, ptype, ssap, (UINT16) (pdu_length - LLCP_PDU_HEADER_SIZE), p_info); 1228 } 1229 1230 p += pdu_length; 1231 agf_length -= pdu_length; 1232 } 1233 1234 GKI_freebuf (p_agf); 1235 } 1236 1237 /******************************************************************************* 1238 ** 1239 ** Function llcp_link_proc_rx_pdu 1240 ** 1241 ** Description Process received PDU from peer device 1242 ** 1243 ** Returns void 1244 ** 1245 *******************************************************************************/ 1246 static void llcp_link_proc_rx_pdu (UINT8 dsap, UINT8 ptype, UINT8 ssap, BT_HDR *p_msg) 1247 { 1248 BOOLEAN free_buffer = TRUE; 1249 UINT8 *p_data; 1250 1251 switch (ptype) 1252 { 1253 case LLCP_PDU_PAX_TYPE: 1254 LLCP_TRACE_ERROR0 ("llcp_link_proc_rx_pdu (); PAX PDU exchange shall not be used"); 1255 break; 1256 1257 case LLCP_PDU_DISC_TYPE: 1258 if ((dsap == LLCP_SAP_LM) && (ssap == LLCP_SAP_LM)) 1259 { 1260 llcp_link_deactivate (LLCP_LINK_REMOTE_INITIATED); 1261 } 1262 else 1263 { 1264 p_data = (UINT8 *) (p_msg + 1) + p_msg->offset + LLCP_PDU_HEADER_SIZE; 1265 llcp_dlc_proc_rx_pdu (dsap, ptype, ssap, (UINT16) (p_msg->len - LLCP_PDU_HEADER_SIZE), p_data); 1266 } 1267 break; 1268 1269 case LLCP_PDU_SNL_TYPE: 1270 p_data = (UINT8 *) (p_msg + 1) + p_msg->offset + LLCP_PDU_HEADER_SIZE; 1271 llcp_sdp_proc_snl ((UINT16) (p_msg->len - LLCP_PDU_HEADER_SIZE), p_data); 1272 break; 1273 1274 case LLCP_PDU_AGF_TYPE: 1275 llcp_link_proc_agf_pdu (p_msg); 1276 free_buffer = FALSE; 1277 break; 1278 1279 case LLCP_PDU_UI_TYPE: 1280 llcp_link_proc_ui_pdu (dsap, ssap, 0, NULL, p_msg); 1281 free_buffer = FALSE; 1282 break; 1283 1284 case LLCP_PDU_I_TYPE: 1285 llcp_dlc_proc_i_pdu (dsap, ssap, 0, NULL, p_msg); 1286 free_buffer = FALSE; 1287 break; 1288 1289 default: 1290 p_data = (UINT8 *) (p_msg + 1) + p_msg->offset + LLCP_PDU_HEADER_SIZE; 1291 llcp_dlc_proc_rx_pdu (dsap, ptype, ssap, (UINT16) (p_msg->len - LLCP_PDU_HEADER_SIZE), p_data); 1292 break; 1293 } 1294 1295 if (free_buffer) 1296 GKI_freebuf (p_msg); 1297 } 1298 1299 /******************************************************************************* 1300 ** 1301 ** Function llcp_link_proc_rx_data 1302 ** 1303 ** Description Process received data from NFCC and maintain symmetry state 1304 ** 1305 ** Returns void 1306 ** 1307 *******************************************************************************/ 1308 static void llcp_link_proc_rx_data (BT_HDR *p_msg) 1309 { 1310 UINT8 *p; 1311 UINT16 pdu_hdr, info_length = 0; 1312 UINT8 dsap, ptype, ssap; 1313 BOOLEAN free_buffer = TRUE; 1314 BOOLEAN frame_error = FALSE; 1315 1316 if (llcp_cb.lcb.symm_state == LLCP_LINK_SYMM_REMOTE_XMIT_NEXT) 1317 { 1318 llcp_link_stop_link_timer (); 1319 1320 if (llcp_cb.lcb.received_first_packet == FALSE) 1321 { 1322 llcp_cb.lcb.received_first_packet = TRUE; 1323 (*llcp_cb.lcb.p_link_cback) (LLCP_LINK_FIRST_PACKET_RECEIVED_EVT, LLCP_LINK_SUCCESS); 1324 } 1325 if ( (llcp_cb.lcb.link_state == LLCP_LINK_STATE_DEACTIVATING) 1326 &&(llcp_cb.lcb.sig_xmit_q.count == 0) ) 1327 { 1328 /* this indicates that DISC PDU had been sent out to peer */ 1329 /* initiator may wait for SYMM PDU */ 1330 llcp_link_process_link_timeout (); 1331 } 1332 else 1333 { 1334 if (p_msg->len < LLCP_PDU_HEADER_SIZE) 1335 { 1336 LLCP_TRACE_ERROR1 ("Received too small PDU: got %d bytes", p_msg->len); 1337 frame_error = TRUE; 1338 } 1339 else 1340 { 1341 p = (UINT8 *) (p_msg + 1) + p_msg->offset; 1342 BE_STREAM_TO_UINT16 (pdu_hdr, p ); 1343 1344 dsap = LLCP_GET_DSAP (pdu_hdr); 1345 ptype = (UINT8) (LLCP_GET_PTYPE (pdu_hdr)); 1346 ssap = LLCP_GET_SSAP (pdu_hdr); 1347 1348 /* get length of information per PDU type */ 1349 if ( (ptype == LLCP_PDU_I_TYPE) 1350 ||(ptype == LLCP_PDU_RR_TYPE) 1351 ||(ptype == LLCP_PDU_RNR_TYPE) ) 1352 { 1353 if (p_msg->len >= LLCP_PDU_HEADER_SIZE + LLCP_SEQUENCE_SIZE) 1354 { 1355 info_length = p_msg->len - LLCP_PDU_HEADER_SIZE - LLCP_SEQUENCE_SIZE; 1356 } 1357 else 1358 { 1359 LLCP_TRACE_ERROR0 ("Received I/RR/RNR PDU without sequence"); 1360 frame_error = TRUE; 1361 } 1362 } 1363 else 1364 { 1365 info_length = p_msg->len - LLCP_PDU_HEADER_SIZE; 1366 } 1367 1368 /* check if length of information is bigger than link MIU */ 1369 if ((!frame_error) && (info_length > llcp_cb.lcb.local_link_miu)) 1370 { 1371 LLCP_TRACE_ERROR2 ("Received exceeding MIU (%d): got %d bytes SDU", 1372 llcp_cb.lcb.local_link_miu, info_length); 1373 1374 frame_error = TRUE; 1375 } 1376 else 1377 { 1378 #if (BT_TRACE_VERBOSE == TRUE) 1379 LLCP_TRACE_DEBUG4 ("llcp_link_proc_rx_data (): DSAP:0x%x, PTYPE:%s (0x%x), SSAP:0x%x", 1380 dsap, llcp_pdu_type (ptype), ptype, ssap); 1381 #endif 1382 1383 if (ptype == LLCP_PDU_SYMM_TYPE) 1384 { 1385 if (info_length > 0) 1386 { 1387 LLCP_TRACE_ERROR1 ("Received extra data (%d bytes) in SYMM PDU", info_length); 1388 frame_error = TRUE; 1389 } 1390 } 1391 else 1392 { 1393 /* received other than SYMM */ 1394 llcp_link_stop_inactivity_timer (); 1395 1396 llcp_link_proc_rx_pdu (dsap, ptype, ssap, p_msg); 1397 free_buffer = FALSE; 1398 } 1399 } 1400 } 1401 1402 llcp_cb.lcb.symm_state = LLCP_LINK_SYMM_LOCAL_XMIT_NEXT; 1403 1404 /* check if any pending packet */ 1405 llcp_link_check_send_data (); 1406 } 1407 } 1408 else 1409 { 1410 LLCP_TRACE_ERROR0 ("Received PDU in state of SYMM_MUST_XMIT_NEXT"); 1411 } 1412 1413 if (free_buffer) 1414 GKI_freebuf (p_msg); 1415 } 1416 1417 /******************************************************************************* 1418 ** 1419 ** Function llcp_link_get_next_pdu 1420 ** 1421 ** Description Get next PDU from link manager or data links w/wo dequeue 1422 ** 1423 ** Returns pointer of a PDU to send if length_only is FALSE 1424 ** NULL otherwise 1425 ** 1426 *******************************************************************************/ 1427 static BT_HDR *llcp_link_get_next_pdu (BOOLEAN length_only, UINT16 *p_next_pdu_length) 1428 { 1429 BT_HDR *p_msg; 1430 int count, xx; 1431 tLLCP_APP_CB *p_app_cb; 1432 1433 /* processing signalling PDU first */ 1434 if (llcp_cb.lcb.sig_xmit_q.p_first) 1435 { 1436 if (length_only) 1437 { 1438 p_msg = (BT_HDR*) llcp_cb.lcb.sig_xmit_q.p_first; 1439 *p_next_pdu_length = p_msg->len; 1440 return NULL; 1441 } 1442 else 1443 p_msg = (BT_HDR*) GKI_dequeue (&llcp_cb.lcb.sig_xmit_q); 1444 1445 return p_msg; 1446 } 1447 else 1448 { 1449 /* transmitting logical data link and data link connection equaly */ 1450 for (xx = 0; xx < 2; xx++) 1451 { 1452 if (!llcp_cb.lcb.ll_served) 1453 { 1454 /* Get one from logical link connection */ 1455 for (count = 0; count < LLCP_NUM_SAPS; count++) 1456 { 1457 /* round robin schedule without priority */ 1458 p_app_cb = llcp_util_get_app_cb (llcp_cb.lcb.ll_idx); 1459 1460 if ( (p_app_cb) 1461 &&(p_app_cb->p_app_cback) 1462 &&(p_app_cb->ui_xmit_q.count) ) 1463 { 1464 if (length_only) 1465 { 1466 /* don't alternate next data link to return the same length of PDU */ 1467 p_msg = (BT_HDR *) p_app_cb->ui_xmit_q.p_first; 1468 *p_next_pdu_length = p_msg->len; 1469 return NULL; 1470 } 1471 else 1472 { 1473 /* check data link connection first in next time */ 1474 llcp_cb.lcb.ll_served = !llcp_cb.lcb.ll_served; 1475 1476 p_msg = (BT_HDR*) GKI_dequeue (&p_app_cb->ui_xmit_q); 1477 llcp_cb.total_tx_ui_pdu--; 1478 1479 /* this logical link has been served, so start from next logical link next time */ 1480 llcp_cb.lcb.ll_idx = (llcp_cb.lcb.ll_idx + 1) % LLCP_NUM_SAPS; 1481 1482 return p_msg; 1483 } 1484 } 1485 else 1486 { 1487 /* check next logical link connection */ 1488 llcp_cb.lcb.ll_idx = (llcp_cb.lcb.ll_idx + 1) % LLCP_NUM_SAPS; 1489 } 1490 } 1491 1492 /* no data, so check data link connection if not checked yet */ 1493 llcp_cb.lcb.ll_served = !llcp_cb.lcb.ll_served; 1494 } 1495 else 1496 { 1497 /* Get one from data link connection */ 1498 for (count = 0; count < LLCP_MAX_DATA_LINK; count++) 1499 { 1500 /* round robin schedule without priority */ 1501 if (llcp_cb.dlcb[llcp_cb.lcb.dl_idx].state != LLCP_DLC_STATE_IDLE) 1502 { 1503 if (length_only) 1504 { 1505 *p_next_pdu_length = llcp_dlc_get_next_pdu_length (&llcp_cb.dlcb[llcp_cb.lcb.dl_idx]); 1506 1507 if (*p_next_pdu_length > 0 ) 1508 { 1509 /* don't change data link connection to return the same length of PDU */ 1510 return NULL; 1511 } 1512 else 1513 { 1514 /* no data, so check next data link connection */ 1515 llcp_cb.lcb.dl_idx = (llcp_cb.lcb.dl_idx + 1) % LLCP_MAX_DATA_LINK; 1516 } 1517 } 1518 else 1519 { 1520 p_msg = llcp_dlc_get_next_pdu (&llcp_cb.dlcb[llcp_cb.lcb.dl_idx]); 1521 1522 /* this data link has been served, so start from next data link next time */ 1523 llcp_cb.lcb.dl_idx = (llcp_cb.lcb.dl_idx + 1) % LLCP_MAX_DATA_LINK; 1524 1525 if (p_msg) 1526 { 1527 /* serve logical data link next time */ 1528 llcp_cb.lcb.ll_served = !llcp_cb.lcb.ll_served; 1529 return p_msg; 1530 } 1531 } 1532 } 1533 else 1534 { 1535 /* check next data link connection */ 1536 llcp_cb.lcb.dl_idx = (llcp_cb.lcb.dl_idx + 1) % LLCP_MAX_DATA_LINK; 1537 } 1538 } 1539 1540 /* if all of data link connection doesn't have data to send */ 1541 if (count >= LLCP_MAX_DATA_LINK) 1542 { 1543 llcp_cb.lcb.ll_served = !llcp_cb.lcb.ll_served; 1544 } 1545 } 1546 } 1547 } 1548 1549 /* nothing to send */ 1550 *p_next_pdu_length = 0; 1551 return NULL; 1552 } 1553 1554 /******************************************************************************* 1555 ** 1556 ** Function llcp_link_build_next_pdu 1557 ** 1558 ** Description Build a PDU from Link Manager and Data Link 1559 ** Perform aggregation procedure if necessary 1560 ** 1561 ** Returns BT_HDR* if sent any PDU 1562 ** 1563 *******************************************************************************/ 1564 static BT_HDR *llcp_link_build_next_pdu (BT_HDR *p_pdu) 1565 { 1566 BT_HDR *p_agf = NULL, *p_msg = NULL, *p_next_pdu; 1567 UINT8 *p, ptype; 1568 UINT16 next_pdu_length, pdu_hdr; 1569 1570 LLCP_TRACE_DEBUG0 ("llcp_link_build_next_pdu ()"); 1571 1572 /* add any pending SNL PDU into sig_xmit_q for transmitting */ 1573 llcp_sdp_check_send_snl (); 1574 1575 if (p_pdu) 1576 { 1577 /* get PDU type */ 1578 p = (UINT8 *) (p_pdu + 1) + p_pdu->offset; 1579 BE_STREAM_TO_UINT16 (pdu_hdr, p); 1580 1581 ptype = (UINT8) (LLCP_GET_PTYPE (pdu_hdr)); 1582 1583 if (ptype == LLCP_PDU_AGF_TYPE) 1584 { 1585 /* add more PDU into this AGF PDU */ 1586 p_agf = p_pdu; 1587 } 1588 else 1589 { 1590 p_msg = p_pdu; 1591 } 1592 } 1593 else 1594 { 1595 /* Get a PDU from link manager or data links */ 1596 p_msg = llcp_link_get_next_pdu (FALSE, &next_pdu_length); 1597 1598 if (!p_msg) 1599 { 1600 return NULL; 1601 } 1602 } 1603 1604 /* Get length of next PDU from link manager or data links without dequeue */ 1605 llcp_link_get_next_pdu (TRUE, &next_pdu_length); 1606 while (next_pdu_length > 0) 1607 { 1608 /* if it's first visit */ 1609 if (!p_agf) 1610 { 1611 /* if next PDU fits into MIU, allocate AGF PDU and copy the first PDU */ 1612 if (2 + p_msg->len + 2 + next_pdu_length <= llcp_cb.lcb.effective_miu) 1613 { 1614 p_agf = (BT_HDR*) GKI_getpoolbuf (LLCP_POOL_ID); 1615 if (p_agf) 1616 { 1617 p_agf->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE; 1618 1619 p = (UINT8 *) (p_agf + 1) + p_agf->offset; 1620 1621 UINT16_TO_BE_STREAM (p, LLCP_GET_PDU_HEADER (LLCP_SAP_LM, LLCP_PDU_AGF_TYPE, LLCP_SAP_LM )); 1622 UINT16_TO_BE_STREAM (p, p_msg->len); 1623 memcpy(p, (UINT8 *) (p_msg + 1) + p_msg->offset, p_msg->len); 1624 1625 p_agf->len = LLCP_PDU_HEADER_SIZE + 2 + p_msg->len; 1626 1627 GKI_freebuf (p_msg); 1628 p_msg = p_agf; 1629 } 1630 else 1631 { 1632 LLCP_TRACE_ERROR0 ("llcp_link_build_next_pdu (): Out of buffer"); 1633 return p_msg; 1634 } 1635 } 1636 else 1637 { 1638 break; 1639 } 1640 } 1641 1642 /* if next PDU fits into MIU, copy the next PDU into AGF */ 1643 if (p_agf->len - LLCP_PDU_HEADER_SIZE + 2 + next_pdu_length <= llcp_cb.lcb.effective_miu) 1644 { 1645 /* Get a next PDU from link manager or data links */ 1646 p_next_pdu = llcp_link_get_next_pdu (FALSE, &next_pdu_length); 1647 1648 p = (UINT8 *) (p_agf + 1) + p_agf->offset + p_agf->len; 1649 1650 UINT16_TO_BE_STREAM (p, p_next_pdu->len); 1651 memcpy (p, (UINT8 *) (p_next_pdu + 1) + p_next_pdu->offset, p_next_pdu->len); 1652 1653 p_agf->len += 2 + p_next_pdu->len; 1654 1655 GKI_freebuf (p_next_pdu); 1656 1657 /* Get next PDU length from link manager or data links without dequeue */ 1658 llcp_link_get_next_pdu (TRUE, &next_pdu_length); 1659 } 1660 else 1661 { 1662 break; 1663 } 1664 } 1665 1666 if (p_agf) 1667 return p_agf; 1668 else 1669 return p_msg; 1670 } 1671 1672 /******************************************************************************* 1673 ** 1674 ** Function llcp_link_send_to_lower 1675 ** 1676 ** Description Send PDU to lower layer 1677 ** 1678 ** Returns void 1679 ** 1680 *******************************************************************************/ 1681 static void llcp_link_send_to_lower (BT_HDR *p_pdu) 1682 { 1683 #if (BT_TRACE_PROTOCOL == TRUE) 1684 DispLLCP (p_pdu, FALSE); 1685 #endif 1686 1687 llcp_cb.lcb.symm_state = LLCP_LINK_SYMM_REMOTE_XMIT_NEXT; 1688 1689 NFC_SendData (NFC_RF_CONN_ID, p_pdu); 1690 } 1691 1692 /******************************************************************************* 1693 ** 1694 ** Function llcp_link_connection_cback 1695 ** 1696 ** Description processing incoming data 1697 ** 1698 ** Returns void 1699 ** 1700 *******************************************************************************/ 1701 void llcp_link_connection_cback (UINT8 conn_id, tNFC_CONN_EVT event, tNFC_CONN *p_data) 1702 { 1703 if (event == NFC_DATA_CEVT) 1704 { 1705 #if (BT_TRACE_PROTOCOL == TRUE) 1706 DispLLCP ((BT_HDR *)p_data->data.p_data, TRUE); 1707 #endif 1708 if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_DEACTIVATED) 1709 { 1710 /* respoding SYMM while LLCP is deactivated but RF link is not deactivated yet */ 1711 llcp_link_send_SYMM (); 1712 GKI_freebuf ((BT_HDR *) p_data->data.p_data); 1713 } 1714 else if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_ACTIVATION_FAILED) 1715 { 1716 /* respoding with invalid LLC PDU until initiator deactivates RF link after LLCP activation was failed, 1717 ** so that initiator knows LLCP link activation was failed. 1718 */ 1719 llcp_link_send_invalid_pdu (); 1720 GKI_freebuf ((BT_HDR *) p_data->data.p_data); 1721 } 1722 else 1723 { 1724 llcp_cb.lcb.flags |= LLCP_LINK_FLAGS_RX_ANY_LLC_PDU; 1725 llcp_link_proc_rx_data ((BT_HDR *) p_data->data.p_data); 1726 } 1727 } 1728 else if (event == NFC_ERROR_CEVT) 1729 { 1730 /* RF interface specific status code */ 1731 llcp_link_deactivate (*(UINT8*) p_data); 1732 } 1733 else if (event == NFC_DEACTIVATE_CEVT) 1734 { 1735 if ( (llcp_cb.lcb.link_state == LLCP_LINK_STATE_DEACTIVATING) 1736 &&(!llcp_cb.lcb.is_initiator) ) 1737 { 1738 /* peer initiates NFC link deactivation before timeout */ 1739 llcp_link_stop_link_timer (); 1740 llcp_link_process_link_timeout (); 1741 } 1742 else if (llcp_cb.lcb.link_state == LLCP_LINK_STATE_ACTIVATION_FAILED) 1743 { 1744 /* do not notify to upper layer because activation failure was already notified */ 1745 NFC_FlushData (NFC_RF_CONN_ID); 1746 llcp_cb.lcb.link_state = LLCP_LINK_STATE_DEACTIVATED; 1747 } 1748 else if (llcp_cb.lcb.link_state != LLCP_LINK_STATE_DEACTIVATED) 1749 { 1750 llcp_link_deactivate (LLCP_LINK_RF_LINK_LOSS_ERR); 1751 } 1752 1753 NFC_SetStaticRfCback (NULL); 1754 } 1755 else if (event == NFC_DATA_START_CEVT) 1756 { 1757 if (llcp_cb.lcb.symm_state == LLCP_LINK_SYMM_REMOTE_XMIT_NEXT) 1758 { 1759 /* LLCP shall stop LTO timer when receiving the first bit of LLC PDU */ 1760 llcp_link_stop_link_timer (); 1761 } 1762 } 1763 1764 /* LLCP ignores the following events 1765 1766 NFC_CONN_CREATE_CEVT 1767 NFC_CONN_CLOSE_CEVT 1768 */ 1769 } 1770 1771 #if (BT_TRACE_VERBOSE == TRUE) 1772 /******************************************************************************* 1773 ** 1774 ** Function llcp_pdu_type 1775 ** 1776 ** Description 1777 ** 1778 ** Returns string of PDU type 1779 ** 1780 *******************************************************************************/ 1781 static char *llcp_pdu_type (UINT8 ptype) 1782 { 1783 switch(ptype) 1784 { 1785 case LLCP_PDU_SYMM_TYPE: 1786 return "SYMM"; 1787 case LLCP_PDU_PAX_TYPE: 1788 return "PAX"; 1789 case LLCP_PDU_AGF_TYPE: 1790 return "AGF"; 1791 case LLCP_PDU_UI_TYPE: 1792 return "UI"; 1793 case LLCP_PDU_CONNECT_TYPE: 1794 return "CONNECT"; 1795 case LLCP_PDU_DISC_TYPE: 1796 return "DISC"; 1797 case LLCP_PDU_CC_TYPE: 1798 return "CC"; 1799 case LLCP_PDU_DM_TYPE: 1800 return "DM"; 1801 case LLCP_PDU_FRMR_TYPE: 1802 return "FRMR"; 1803 case LLCP_PDU_SNL_TYPE: 1804 return "SNL"; 1805 case LLCP_PDU_I_TYPE: 1806 return "I"; 1807 case LLCP_PDU_RR_TYPE: 1808 return "RR"; 1809 case LLCP_PDU_RNR_TYPE: 1810 return "RNR"; 1811 1812 default: 1813 return "RESERVED"; 1814 } 1815 } 1816 1817 #endif 1818 1819
