Home | History | Annotate | Download | only in l2cap
      1 /******************************************************************************
      2  *
      3  *  Copyright (C) 1999-2012 Broadcom Corporation
      4  *
      5  *  Licensed under the Apache License, Version 2.0 (the "License");
      6  *  you may not use this file except in compliance with the License.
      7  *  You may obtain a copy of the License at:
      8  *
      9  *  http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  *  Unless required by applicable law or agreed to in writing, software
     12  *  distributed under the License is distributed on an "AS IS" BASIS,
     13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  *  See the License for the specific language governing permissions and
     15  *  limitations under the License.
     16  *
     17  ******************************************************************************/
     18 
     19 /******************************************************************************
     20  *
     21  *  This file contains the L2CAP API code
     22  *
     23  ******************************************************************************/
     24 
     25 #include <stdlib.h>
     26 #include <string.h>
     27 #include <stdio.h>
     28 
     29 #include "gki.h"
     30 #include "bt_types.h"
     31 #include "hcidefs.h"
     32 #include "hcimsgs.h"
     33 #include "l2cdefs.h"
     34 #include "l2c_int.h"
     35 #include "btu.h"
     36 #include "btm_api.h"
     37 
     38 /*******************************************************************************
     39 **
     40 ** Function         L2CA_Register
     41 **
     42 ** Description      Other layers call this function to register for L2CAP
     43 **                  services.
     44 **
     45 ** Returns          PSM to use or zero if error. Typically, the PSM returned
     46 **                  is the same as was passed in, but for an outgoing-only
     47 **                  connection to a dynamic PSM, a "virtual" PSM is returned
     48 **                  and should be used in the calls to L2CA_ConnectReq(),
     49 **                  L2CA_ErtmConnectReq() and L2CA_Deregister()
     50 **
     51 *******************************************************************************/
     52 UINT16 L2CA_Register (UINT16 psm, tL2CAP_APPL_INFO *p_cb_info)
     53 {
     54     tL2C_RCB    *p_rcb;
     55     UINT16      vpsm = psm;
     56 
     57     L2CAP_TRACE_API ("L2CAP - L2CA_Register() called for PSM: 0x%04x", psm);
     58 
     59     /* Verify that the required callback info has been filled in
     60     **      Note:  Connection callbacks are required but not checked
     61     **             for here because it is possible to be only a client
     62     **             or only a server.
     63     */
     64     if ((!p_cb_info->pL2CA_ConfigCfm_Cb)
     65      || (!p_cb_info->pL2CA_ConfigInd_Cb)
     66      || (!p_cb_info->pL2CA_DataInd_Cb)
     67      || (!p_cb_info->pL2CA_DisconnectInd_Cb))
     68     {
     69         L2CAP_TRACE_ERROR ("L2CAP - no cb registering PSM: 0x%04x", psm);
     70         return (0);
     71     }
     72 
     73     /* Verify PSM is valid */
     74     if (L2C_INVALID_PSM(psm))
     75     {
     76         L2CAP_TRACE_ERROR ("L2CAP - invalid PSM value, PSM: 0x%04x", psm);
     77         return (0);
     78     }
     79 
     80     /* Check if this is a registration for an outgoing-only connection to */
     81     /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
     82     if ( (psm >= 0x1001) && (p_cb_info->pL2CA_ConnectInd_Cb == NULL) )
     83     {
     84         for (vpsm = 0x1002; vpsm < 0x8000; vpsm += 2)
     85         {
     86             if ((p_rcb = l2cu_find_rcb_by_psm (vpsm)) == NULL)
     87                 break;
     88         }
     89 
     90         L2CAP_TRACE_API ("L2CA_Register - Real PSM: 0x%04x  Virtual PSM: 0x%04x", psm, vpsm);
     91     }
     92 
     93     /* If registration block already there, just overwrite it */
     94     if ((p_rcb = l2cu_find_rcb_by_psm (vpsm)) == NULL)
     95     {
     96         if ((p_rcb = l2cu_allocate_rcb (vpsm)) == NULL)
     97         {
     98             L2CAP_TRACE_WARNING ("L2CAP - no RCB available, PSM: 0x%04x  vPSM: 0x%04x", psm, vpsm);
     99             return (0);
    100         }
    101     }
    102 
    103     p_rcb->api      = *p_cb_info;
    104     p_rcb->real_psm = psm;
    105 
    106     return (vpsm);
    107 }
    108 
    109 
    110 
    111 /*******************************************************************************
    112 **
    113 ** Function         L2CA_Deregister
    114 **
    115 ** Description      Other layers call this function to de-register for L2CAP
    116 **                  services.
    117 **
    118 ** Returns          void
    119 **
    120 *******************************************************************************/
    121 void L2CA_Deregister (UINT16 psm)
    122 {
    123     tL2C_RCB    *p_rcb;
    124     tL2C_CCB    *p_ccb;
    125     tL2C_LCB    *p_lcb;
    126     int         ii;
    127 
    128     L2CAP_TRACE_API ("L2CAP - L2CA_Deregister() called for PSM: 0x%04x", psm);
    129 
    130     if ((p_rcb = l2cu_find_rcb_by_psm (psm)) != NULL)
    131     {
    132         p_lcb = &l2cb.lcb_pool[0];
    133         for (ii = 0; ii < MAX_L2CAP_LINKS; ii++, p_lcb++)
    134         {
    135             if (p_lcb->in_use)
    136             {
    137                 if (((p_ccb = p_lcb->ccb_queue.p_first_ccb) == NULL)
    138                  || (p_lcb->link_state == LST_DISCONNECTING))
    139                     continue;
    140 
    141                 if ((p_ccb->in_use) &&
    142                     ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) ||
    143                      (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP)))
    144                     continue;
    145 
    146                 if (p_ccb->p_rcb == p_rcb)
    147                     l2c_csm_execute (p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
    148             }
    149         }
    150         l2cu_release_rcb (p_rcb);
    151     }
    152     else
    153     {
    154         L2CAP_TRACE_WARNING ("L2CAP - PSM: 0x%04x not found for deregistration", psm);
    155     }
    156 }
    157 
    158 /*******************************************************************************
    159 **
    160 ** Function         L2CA_AllocatePSM
    161 **
    162 ** Description      Other layers call this function to find an unused PSM for L2CAP
    163 **                  services.
    164 **
    165 ** Returns          PSM to use.
    166 **
    167 *******************************************************************************/
    168 UINT16 L2CA_AllocatePSM(void)
    169 {
    170     BOOLEAN done = FALSE;
    171     UINT16 psm = l2cb.dyn_psm;
    172 
    173     L2CAP_TRACE_API( "L2CA_AllocatePSM");
    174     while (!done)
    175     {
    176         psm += 2;
    177         if (psm > 0xfeff)
    178         {
    179             psm = 0x1001;
    180         }
    181         else if (psm & 0x0100)
    182         {
    183             /* the upper byte must be even */
    184             psm += 0x0100;
    185         }
    186 
    187         /* if psm is in range of reserved BRCM Aware features */
    188         if ((BRCM_RESERVED_PSM_START <= psm)&&(psm <= BRCM_RESERVED_PSM_END))
    189             continue;
    190 
    191         /* make sure the newlly allocated psm is not used right now */
    192         if ((l2cu_find_rcb_by_psm (psm)) == NULL)
    193             done = TRUE;
    194     }
    195     l2cb.dyn_psm = psm;
    196 
    197     return(psm);
    198 }
    199 
    200 /*******************************************************************************
    201 **
    202 ** Function         L2CA_ConnectReq
    203 **
    204 ** Description      Higher layers call this function to create an L2CAP connection.
    205 **                  Note that the connection is not established at this time, but
    206 **                  connection establishment gets started. The callback function
    207 **                  will be invoked when connection establishes or fails.
    208 **
    209 ** Returns          the CID of the connection, or 0 if it failed to start
    210 **
    211 *******************************************************************************/
    212 UINT16 L2CA_ConnectReq (UINT16 psm, BD_ADDR p_bd_addr)
    213 {
    214     return L2CA_ErtmConnectReq (psm, p_bd_addr, NULL);
    215 }
    216 
    217 /*******************************************************************************
    218 **
    219 ** Function         L2CA_ErtmConnectReq
    220 **
    221 ** Description      Higher layers call this function to create an L2CAP connection.
    222 **                  Note that the connection is not established at this time, but
    223 **                  connection establishment gets started. The callback function
    224 **                  will be invoked when connection establishes or fails.
    225 **
    226 **  Parameters:       PSM: L2CAP PSM for the connection
    227 **                    BD address of the peer
    228 **                   Enhaced retransmission mode configurations
    229 
    230 ** Returns          the CID of the connection, or 0 if it failed to start
    231 **
    232 *******************************************************************************/
    233 UINT16 L2CA_ErtmConnectReq (UINT16 psm, BD_ADDR p_bd_addr, tL2CAP_ERTM_INFO *p_ertm_info)
    234 {
    235     tL2C_LCB        *p_lcb;
    236     tL2C_CCB        *p_ccb;
    237     tL2C_RCB        *p_rcb;
    238 
    239     L2CAP_TRACE_API ("L2CA_ErtmConnectReq()  PSM: 0x%04x  BDA: %08x%04x  p_ertm_info: 0x%08x allowed:0x%x preferred:%d", psm,
    240                       (p_bd_addr[0]<<24)+(p_bd_addr[1]<<16)+(p_bd_addr[2]<<8)+p_bd_addr[3],
    241                       (p_bd_addr[4]<<8)+p_bd_addr[5], p_ertm_info,
    242                       (p_ertm_info) ? p_ertm_info->allowed_modes : 0,
    243                       (p_ertm_info) ? p_ertm_info->preferred_mode : 0);
    244 
    245     /* Fail if we have not established communications with the controller */
    246     if (!BTM_IsDeviceUp())
    247     {
    248         L2CAP_TRACE_WARNING ("L2CAP connect req - BTU not ready");
    249         return (0);
    250     }
    251     /* Fail if the PSM is not registered */
    252     if ((p_rcb = l2cu_find_rcb_by_psm (psm)) == NULL)
    253     {
    254         L2CAP_TRACE_WARNING ("L2CAP - no RCB for L2CA_conn_req, PSM: 0x%04x", psm);
    255         return (0);
    256     }
    257 
    258     /* First, see if we already have a link to the remote */
    259     /* assume all ERTM l2cap connection is going over BR/EDR for now */
    260     if ((p_lcb = l2cu_find_lcb_by_bd_addr (p_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL)
    261     {
    262         /* No link. Get an LCB and start link establishment */
    263         if ( ((p_lcb = l2cu_allocate_lcb (p_bd_addr, FALSE, BT_TRANSPORT_BR_EDR)) == NULL)
    264              /* currently use BR/EDR for ERTM mode l2cap connection */
    265          ||  (l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR) == FALSE) )
    266         {
    267             L2CAP_TRACE_WARNING ("L2CAP - conn not started for PSM: 0x%04x  p_lcb: 0x%08x", psm, p_lcb);
    268             return (0);
    269         }
    270     }
    271 
    272     /* Allocate a channel control block */
    273     if ((p_ccb = l2cu_allocate_ccb (p_lcb, 0)) == NULL)
    274     {
    275         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_conn_req, PSM: 0x%04x", psm);
    276         return (0);
    277     }
    278 
    279     /* Save registration info */
    280     p_ccb->p_rcb = p_rcb;
    281 
    282     if (p_ertm_info)
    283     {
    284         p_ccb->ertm_info  = *p_ertm_info;
    285 
    286         /* Replace default indicators with the actual default pool */
    287         if (p_ccb->ertm_info.fcr_rx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    288             p_ccb->ertm_info.fcr_rx_pool_id = L2CAP_FCR_RX_POOL_ID;
    289 
    290         if (p_ccb->ertm_info.fcr_tx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    291             p_ccb->ertm_info.fcr_tx_pool_id = L2CAP_FCR_TX_POOL_ID;
    292 
    293         if (p_ccb->ertm_info.user_rx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    294             p_ccb->ertm_info.user_rx_pool_id = HCI_ACL_POOL_ID;
    295 
    296         if (p_ccb->ertm_info.user_tx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    297             p_ccb->ertm_info.user_tx_pool_id = HCI_ACL_POOL_ID;
    298 
    299         p_ccb->max_rx_mtu = GKI_get_pool_bufsize (p_ertm_info->user_rx_pool_id) -
    300             (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
    301     }
    302 
    303     /* If link is up, start the L2CAP connection */
    304     if (p_lcb->link_state == LST_CONNECTED)
    305     {
    306         l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
    307     }
    308 
    309     /* If link is disconnecting, save link info to retry after disconnect
    310      * Possible Race condition when a reconnect occurs
    311      * on the channel during a disconnect of link. This
    312      * ccb will be automatically retried after link disconnect
    313      * arrives
    314      */
    315     else if (p_lcb->link_state == LST_DISCONNECTING)
    316     {
    317         L2CAP_TRACE_DEBUG ("L2CAP API - link disconnecting: RETRY LATER");
    318 
    319         /* Save ccb so it can be started after disconnect is finished */
    320         p_lcb->p_pending_ccb = p_ccb;
    321     }
    322 
    323     L2CAP_TRACE_API ("L2CAP - L2CA_conn_req(psm: 0x%04x) returned CID: 0x%04x", psm, p_ccb->local_cid);
    324 
    325     /* Return the local CID as our handle */
    326     return (p_ccb->local_cid);
    327 }
    328 
    329 
    330 /*******************************************************************************
    331 **
    332 ** Function         L2CA_ConnectRsp
    333 **
    334 ** Description      Higher layers call this function to accept an incoming
    335 **                  L2CAP connection, for which they had gotten an connect
    336 **                  indication callback.
    337 **
    338 ** Returns          TRUE for success, FALSE for failure
    339 **
    340 *******************************************************************************/
    341 BOOLEAN L2CA_ConnectRsp (BD_ADDR p_bd_addr, UINT8 id, UINT16 lcid,
    342                               UINT16 result, UINT16 status)
    343 {
    344     return L2CA_ErtmConnectRsp (p_bd_addr, id, lcid, result, status, NULL);
    345 }
    346 
    347 
    348 /*******************************************************************************
    349 **
    350 ** Function         L2CA_ErtmConnectRsp
    351 **
    352 ** Description      Higher layers call this function to accept an incoming
    353 **                  L2CAP connection, for which they had gotten an connect
    354 **                  indication callback.
    355 **
    356 ** Returns          TRUE for success, FALSE for failure
    357 **
    358 *******************************************************************************/
    359 BOOLEAN L2CA_ErtmConnectRsp (BD_ADDR p_bd_addr, UINT8 id, UINT16 lcid, UINT16 result,
    360                              UINT16 status, tL2CAP_ERTM_INFO *p_ertm_info)
    361 {
    362     tL2C_LCB        *p_lcb;
    363     tL2C_CCB        *p_ccb;
    364 
    365     L2CAP_TRACE_API ("L2CA_ErtmConnectRsp()  CID: 0x%04x  Result: %d  Status: %d  BDA: %08x%04x  p_ertm_info:0x%08x",
    366                       lcid, result, status,
    367                       (p_bd_addr[0]<<24)+(p_bd_addr[1]<<16)+(p_bd_addr[2]<<8)+p_bd_addr[3],
    368                       (p_bd_addr[4]<<8)+p_bd_addr[5], p_ertm_info);
    369 
    370     /* First, find the link control block */
    371     if ((p_lcb = l2cu_find_lcb_by_bd_addr (p_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL)
    372     {
    373         /* No link. Get an LCB and start link establishment */
    374         L2CAP_TRACE_WARNING ("L2CAP - no LCB for L2CA_conn_rsp");
    375         return (FALSE);
    376     }
    377 
    378     /* Now, find the channel control block */
    379     if ((p_ccb = l2cu_find_ccb_by_cid (p_lcb, lcid)) == NULL)
    380     {
    381         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_conn_rsp");
    382         return (FALSE);
    383     }
    384 
    385     /* The IDs must match */
    386     if (p_ccb->remote_id != id)
    387     {
    388         L2CAP_TRACE_WARNING ("L2CAP - bad id in L2CA_conn_rsp. Exp: %d  Got: %d", p_ccb->remote_id, id);
    389         return (FALSE);
    390     }
    391 
    392     if (p_ertm_info)
    393     {
    394         p_ccb->ertm_info  = *p_ertm_info;
    395 
    396         /* Replace default indicators with the actual default pool */
    397         if (p_ccb->ertm_info.fcr_rx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    398             p_ccb->ertm_info.fcr_rx_pool_id = L2CAP_FCR_RX_POOL_ID;
    399 
    400         if (p_ccb->ertm_info.fcr_tx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    401             p_ccb->ertm_info.fcr_tx_pool_id = L2CAP_FCR_TX_POOL_ID;
    402 
    403         if (p_ccb->ertm_info.user_rx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    404             p_ccb->ertm_info.user_rx_pool_id = HCI_ACL_POOL_ID;
    405 
    406         if (p_ccb->ertm_info.user_tx_pool_id == L2CAP_DEFAULT_ERM_POOL_ID)
    407             p_ccb->ertm_info.user_tx_pool_id = HCI_ACL_POOL_ID;
    408 
    409         p_ccb->max_rx_mtu = GKI_get_pool_bufsize (p_ertm_info->user_rx_pool_id) - (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
    410     }
    411 
    412     if (result == L2CAP_CONN_OK)
    413     {
    414         l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
    415     }
    416     else
    417     {
    418         tL2C_CONN_INFO   conn_info;
    419 
    420         conn_info.l2cap_result = result;
    421         conn_info.l2cap_status = status;
    422 
    423         if (result == L2CAP_CONN_PENDING)
    424             l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONNECT_RSP, &conn_info);
    425         else
    426             l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
    427     }
    428 
    429     return (TRUE);
    430 }
    431 
    432 
    433 /*******************************************************************************
    434 **
    435 ** Function         L2CA_ConfigReq
    436 **
    437 ** Description      Higher layers call this function to send configuration.
    438 **
    439 **                  Note:  The FCR options of p_cfg are not used.
    440 **
    441 ** Returns          TRUE if configuration sent, else FALSE
    442 **
    443 *******************************************************************************/
    444 BOOLEAN L2CA_ConfigReq (UINT16 cid, tL2CAP_CFG_INFO *p_cfg)
    445 {
    446     tL2C_CCB        *p_ccb;
    447 
    448     L2CAP_TRACE_API ("L2CA_ConfigReq()  CID 0x%04x: fcr_present:%d (mode %d) mtu_present:%d (%d)",
    449         cid, p_cfg->fcr_present, p_cfg->fcr.mode, p_cfg->mtu_present, p_cfg->mtu);
    450 
    451     /* Find the channel control block. We don't know the link it is on. */
    452     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    453     {
    454         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_cfg_req, CID: %d", cid);
    455         return (FALSE);
    456     }
    457 
    458     /* We need to have at least one mode type common with the peer */
    459     if (!l2c_fcr_adj_our_req_options(p_ccb, p_cfg))
    460         return (FALSE);
    461 
    462     /* Don't adjust FCR options if not used */
    463     if ((!p_cfg->fcr_present)||(p_cfg->fcr.mode == L2CAP_FCR_BASIC_MODE))
    464     {
    465         /* FCR and FCS options are not used in basic mode */
    466         p_cfg->fcs_present = FALSE;
    467         p_cfg->ext_flow_spec_present = FALSE;
    468 
    469         if ( (p_cfg->mtu_present) && (p_cfg->mtu > L2CAP_MTU_SIZE) )
    470         {
    471             L2CAP_TRACE_WARNING ("L2CAP - adjust MTU: %u too large", p_cfg->mtu);
    472             p_cfg->mtu = L2CAP_MTU_SIZE;
    473         }
    474     }
    475 
    476     /* Save the adjusted configuration in case it needs to be used for renegotiation */
    477     p_ccb->our_cfg = *p_cfg;
    478 
    479     l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONFIG_REQ, p_cfg);
    480 
    481     return (TRUE);
    482 }
    483 
    484 
    485 /*******************************************************************************
    486 **
    487 ** Function         L2CA_ConfigRsp
    488 **
    489 ** Description      Higher layers call this function to send a configuration
    490 **                  response.
    491 **
    492 ** Returns          TRUE if configuration response sent, else FALSE
    493 **
    494 *******************************************************************************/
    495 BOOLEAN L2CA_ConfigRsp (UINT16 cid, tL2CAP_CFG_INFO *p_cfg)
    496 {
    497     tL2C_CCB        *p_ccb;
    498 
    499     L2CAP_TRACE_API ("L2CA_ConfigRsp()  CID: 0x%04x  Result: %d MTU present:%d Flush TO:%d FCR:%d FCS:%d",
    500         cid, p_cfg->result, p_cfg->mtu_present, p_cfg->flush_to_present, p_cfg->fcr_present, p_cfg->fcs_present);
    501 
    502     /* Find the channel control block. We don't know the link it is on. */
    503     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    504     {
    505         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_cfg_rsp, CID: %d", cid);
    506         return (FALSE);
    507     }
    508 
    509     if ( (p_cfg->result == L2CAP_CFG_OK) || (p_cfg->result == L2CAP_CFG_PENDING) )
    510         l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONFIG_RSP, p_cfg);
    511     else
    512     {
    513         p_cfg->fcr_present = FALSE; /* FCR options already negotiated before this point */
    514 
    515         /* Clear out any cached options that are being returned as an error (excluding FCR) */
    516         if (p_cfg->mtu_present)
    517             p_ccb->peer_cfg.mtu_present = FALSE;
    518         if (p_cfg->flush_to_present)
    519             p_ccb->peer_cfg.flush_to_present = FALSE;
    520         if (p_cfg->qos_present)
    521             p_ccb->peer_cfg.qos_present = FALSE;
    522 
    523         l2c_csm_execute (p_ccb, L2CEVT_L2CA_CONFIG_RSP_NEG, p_cfg);
    524     }
    525 
    526     return (TRUE);
    527 }
    528 
    529 
    530 /*******************************************************************************
    531 **
    532 ** Function         L2CA_DisconnectReq
    533 **
    534 ** Description      Higher layers call this function to disconnect a channel.
    535 **
    536 ** Returns          TRUE if disconnect sent, else FALSE
    537 **
    538 *******************************************************************************/
    539 BOOLEAN L2CA_DisconnectReq (UINT16 cid)
    540 {
    541     tL2C_CCB        *p_ccb;
    542 
    543     L2CAP_TRACE_API ("L2CA_DisconnectReq()  CID: 0x%04x", cid);
    544 
    545     /* Find the channel control block. We don't know the link it is on. */
    546     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    547     {
    548         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_disc_req, CID: %d", cid);
    549         return (FALSE);
    550     }
    551 
    552     l2c_csm_execute (p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
    553 
    554     return (TRUE);
    555 }
    556 
    557 /*******************************************************************************
    558 **
    559 ** Function         L2CA_DisconnectRsp
    560 **
    561 ** Description      Higher layers call this function to acknowledge the
    562 **                  disconnection of a channel.
    563 **
    564 ** Returns          void
    565 **
    566 *******************************************************************************/
    567 BOOLEAN L2CA_DisconnectRsp (UINT16 cid)
    568 {
    569     tL2C_CCB        *p_ccb;
    570 
    571     L2CAP_TRACE_API ("L2CA_DisconnectRsp()  CID: 0x%04x", cid);
    572 
    573     /* Find the channel control block. We don't know the link it is on. */
    574     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    575     {
    576         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_disc_rsp, CID: %d", cid);
    577         return (FALSE);
    578     }
    579 
    580     l2c_csm_execute (p_ccb, L2CEVT_L2CA_DISCONNECT_RSP, NULL);
    581 
    582     return (TRUE);
    583 }
    584 
    585 /*******************************************************************************
    586 **
    587 ** Function         L2CA_Ping
    588 **
    589 ** Description      Higher layers call this function to send an echo request.
    590 **
    591 ** Returns          TRUE if echo request sent, else FALSE.
    592 **
    593 *******************************************************************************/
    594 BOOLEAN  L2CA_Ping (BD_ADDR p_bd_addr, tL2CA_ECHO_RSP_CB *p_callback)
    595 {
    596     tL2C_LCB        *p_lcb;
    597 
    598     L2CAP_TRACE_API ("L2CA_Ping()  BDA: %02x-%02x-%02x-%02x-%02x-%02x",
    599                       p_bd_addr[0], p_bd_addr[1], p_bd_addr[2], p_bd_addr[3], p_bd_addr[4], p_bd_addr[5]);
    600 
    601     /* Fail if we have not established communications with the controller */
    602     if (!BTM_IsDeviceUp())
    603         return (FALSE);
    604 
    605     /* First, see if we already have a link to the remote */
    606     if ((p_lcb = l2cu_find_lcb_by_bd_addr (p_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL)
    607     {
    608         /* No link. Get an LCB and start link establishment */
    609         if ((p_lcb = l2cu_allocate_lcb (p_bd_addr, FALSE, BT_TRANSPORT_BR_EDR)) == NULL)
    610         {
    611             L2CAP_TRACE_WARNING ("L2CAP - no LCB for L2CA_ping");
    612             return (FALSE);
    613         }
    614         if (l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR) == FALSE)
    615         {
    616             return (FALSE);
    617         }
    618 
    619         p_lcb->p_echo_rsp_cb = p_callback;
    620 
    621         return (TRUE);
    622     }
    623 
    624     /* We only allow 1 ping outstanding at a time */
    625     if (p_lcb->p_echo_rsp_cb != NULL)
    626     {
    627         L2CAP_TRACE_WARNING ("L2CAP - rejected second L2CA_ping");
    628         return (FALSE);
    629     }
    630 
    631     /* Have a link control block. If link is disconnecting, tell user to retry later */
    632     if (p_lcb->link_state == LST_DISCONNECTING)
    633     {
    634         L2CAP_TRACE_WARNING ("L2CAP - L2CA_ping rejected - link disconnecting");
    635         return (FALSE);
    636     }
    637 
    638     /* Save address of callback */
    639     p_lcb->p_echo_rsp_cb = p_callback;
    640 
    641     if (p_lcb->link_state == LST_CONNECTED)
    642     {
    643         l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID);  /* Make sure not using Broadcom ID */
    644         l2cu_send_peer_echo_req (p_lcb, NULL, 0);
    645         btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_ECHO_RSP_TOUT);
    646     }
    647 
    648     return (TRUE);
    649 }
    650 
    651 /*******************************************************************************
    652 **
    653 ** Function         L2CA_Echo
    654 **
    655 ** Description      Higher layers call this function to send an echo request
    656 **                  with application-specific data.
    657 **
    658 ** Returns          TRUE if echo request sent, else FALSE.
    659 **
    660 *******************************************************************************/
    661 BOOLEAN  L2CA_Echo (BD_ADDR p_bd_addr, BT_HDR *p_data, tL2CA_ECHO_DATA_CB *p_callback)
    662 {
    663     tL2C_LCB    *p_lcb;
    664     UINT8       *pp;
    665 
    666     L2CAP_TRACE_API ("L2CA_Echo() BDA: %08X%04X",
    667             ((p_bd_addr[0] << 24) + (p_bd_addr[1] << 16) + (p_bd_addr[2] <<  8) + (p_bd_addr[3])),
    668             ((p_bd_addr[4] <<  8) + (p_bd_addr[5])));
    669 
    670     /* Fail if we have not established communications with the controller */
    671     if (!BTM_IsDeviceUp())
    672         return (FALSE);
    673 
    674     if ((memcmp(BT_BD_ANY, p_bd_addr, BD_ADDR_LEN) == 0) && (p_data == NULL))
    675     {
    676         /* Only register callback without sending message. */
    677         l2cb.p_echo_data_cb = p_callback;
    678         return TRUE;
    679     }
    680 
    681     /* We assume the upper layer will call this function only when the link is established. */
    682     if ((p_lcb = l2cu_find_lcb_by_bd_addr (p_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL)
    683     {
    684         L2CAP_TRACE_ERROR ("L2CA_Echo ERROR : link not established");
    685         return FALSE;
    686     }
    687 
    688     if (p_lcb->link_state != LST_CONNECTED)
    689     {
    690         L2CAP_TRACE_ERROR ("L2CA_Echo ERROR : link is not connected");
    691         return FALSE;
    692     }
    693 
    694     /* Save address of callback */
    695     l2cb.p_echo_data_cb = p_callback;
    696 
    697     /* Set the pointer to the beginning of the data */
    698     pp = (UINT8 *)(p_data + 1) + p_data->offset;
    699     l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID);  /* Make sure not using Broadcom ID */
    700     l2cu_send_peer_echo_req (p_lcb, pp, p_data->len);
    701 
    702     return (TRUE);
    703 
    704 }
    705 
    706 /*******************************************************************************
    707 **
    708 ** Function         L2CA_SetIdleTimeout
    709 **
    710 ** Description      Higher layers call this function to set the idle timeout for
    711 **                  a connection, or for all future connections. The "idle timeout"
    712 **                  is the amount of time that a connection can remain up with
    713 **                  no L2CAP channels on it. A timeout of zero means that the
    714 **                  connection will be torn down immediately when the last channel
    715 **                  is removed. A timeout of 0xFFFF means no timeout. Values are
    716 **                  in seconds.
    717 **
    718 ** Returns          TRUE if command succeeded, FALSE if failed
    719 **
    720 ** NOTE             This timeout takes effect after at least 1 channel has been
    721 **                  established and removed. L2CAP maintains its own timer from
    722 **                  whan a connection is established till the first channel is
    723 **                  set up.
    724 *******************************************************************************/
    725 BOOLEAN L2CA_SetIdleTimeout (UINT16 cid, UINT16 timeout, BOOLEAN is_global)
    726 {
    727     tL2C_CCB        *p_ccb;
    728     tL2C_LCB        *p_lcb;
    729 
    730     if (is_global)
    731     {
    732         l2cb.idle_timeout = timeout;
    733     }
    734     else
    735     {
    736         /* Find the channel control block. We don't know the link it is on. */
    737         if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    738         {
    739             L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_SetIdleTimeout, CID: %d", cid);
    740             return (FALSE);
    741         }
    742 
    743         p_lcb = p_ccb->p_lcb;
    744 
    745         if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
    746             p_lcb->idle_timeout = timeout;
    747         else
    748             return (FALSE);
    749     }
    750 
    751     return (TRUE);
    752 }
    753 
    754 /*******************************************************************************
    755 **
    756 ** Function         L2CA_SetIdleTimeoutByBdAddr
    757 **
    758 ** Description      Higher layers call this function to set the idle timeout for
    759 **                  a connection. The "idle timeout" is the amount of time that
    760 **                  a connection can remain up with no L2CAP channels on it.
    761 **                  A timeout of zero means that the connection will be torn
    762 **                  down immediately when the last channel is removed.
    763 **                  A timeout of 0xFFFF means no timeout. Values are in seconds.
    764 **                  A bd_addr is the remote BD address. If bd_addr = BT_BD_ANY,
    765 **                  then the idle timeouts for all active l2cap links will be
    766 **                  changed.
    767 **
    768 ** Returns          TRUE if command succeeded, FALSE if failed
    769 **
    770 ** NOTE             This timeout applies to all logical channels active on the
    771 **                  ACL link.
    772 *******************************************************************************/
    773 BOOLEAN L2CA_SetIdleTimeoutByBdAddr(BD_ADDR bd_addr, UINT16 timeout)
    774 {
    775     tL2C_LCB        *p_lcb;
    776 
    777     if (memcmp (BT_BD_ANY, bd_addr, BD_ADDR_LEN))
    778     {
    779         p_lcb = l2cu_find_lcb_by_bd_addr( bd_addr, BT_TRANSPORT_BR_EDR);
    780         if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
    781             p_lcb->idle_timeout = timeout;
    782         else
    783             return (FALSE);
    784     }
    785     else
    786     {
    787         int         xx;
    788         tL2C_LCB    *p_lcb = &l2cb.lcb_pool[0];
    789 
    790         for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++)
    791         {
    792             if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
    793             {
    794                 p_lcb->idle_timeout = timeout;
    795             }
    796         }
    797     }
    798 
    799     return (TRUE);
    800 }
    801 
    802 /*******************************************************************************
    803 **
    804 ** Function         L2CA_SetTraceLevel
    805 **
    806 ** Description      This function sets the trace level for L2CAP. If called with
    807 **                  a value of 0xFF, it simply reads the current trace level.
    808 **
    809 ** Returns          the new (current) trace level
    810 **
    811 *******************************************************************************/
    812 UINT8 L2CA_SetTraceLevel (UINT8 new_level)
    813 {
    814     if (new_level != 0xFF)
    815         l2cb.l2cap_trace_level = new_level;
    816 
    817     return (l2cb.l2cap_trace_level);
    818 }
    819 
    820 
    821 /*******************************************************************************
    822 **
    823 ** Function     L2CA_SetDesireRole
    824 **
    825 ** Description  This function sets the desire role for L2CAP.
    826 **              If the new role is L2CAP_ROLE_ALLOW_SWITCH, allow switch on
    827 **              HciCreateConnection.
    828 **              If the new role is L2CAP_ROLE_DISALLOW_SWITCH, do not allow switch on
    829 **              HciCreateConnection.
    830 **
    831 **              If the new role is a valid role (HCI_ROLE_MASTER or HCI_ROLE_SLAVE),
    832 **              the desire role is set to the new value. Otherwise, it is not changed.
    833 **
    834 ** Returns      the new (current) role
    835 **
    836 *******************************************************************************/
    837 UINT8 L2CA_SetDesireRole (UINT8 new_role)
    838 {
    839     L2CAP_TRACE_API ("L2CA_SetDesireRole() new:x%x, disallow_switch:%d",
    840         new_role, l2cb.disallow_switch);
    841 
    842     if (L2CAP_ROLE_CHECK_SWITCH != (L2CAP_ROLE_CHECK_SWITCH & new_role))
    843     {
    844         /* do not process the allow_switch when both bits are set */
    845         if (new_role & L2CAP_ROLE_ALLOW_SWITCH)
    846         {
    847             l2cb.disallow_switch = FALSE;
    848         }
    849         if (new_role & L2CAP_ROLE_DISALLOW_SWITCH)
    850         {
    851             l2cb.disallow_switch = TRUE;
    852         }
    853     }
    854 
    855     if (new_role == HCI_ROLE_MASTER || new_role == HCI_ROLE_SLAVE)
    856         l2cb.desire_role = new_role;
    857 
    858     return (l2cb.desire_role);
    859 }
    860 
    861 /*******************************************************************************
    862 **
    863 ** Function     L2CA_LocalLoopbackReq
    864 **
    865 ** Description  This function sets up a CID for local loopback
    866 **
    867 ** Returns      CID of 0 if none.
    868 **
    869 *******************************************************************************/
    870 UINT16 L2CA_LocalLoopbackReq (UINT16 psm, UINT16 handle, BD_ADDR p_bd_addr)
    871 {
    872     tL2C_LCB        *p_lcb;
    873     tL2C_CCB        *p_ccb;
    874     tL2C_RCB        *p_rcb;
    875 
    876     L2CAP_TRACE_API ("L2CA_LocalLoopbackReq()  PSM: %d  Handle: 0x%04x", psm, handle);
    877 
    878     /* Fail if we have not established communications with the controller */
    879     if (!BTM_IsDeviceUp())
    880     {
    881         L2CAP_TRACE_WARNING ("L2CAP loop req - BTU not ready");
    882         return (0);
    883     }
    884 
    885     /* Fail if the PSM is not registered */
    886     if ((p_rcb = l2cu_find_rcb_by_psm (psm)) == NULL)
    887     {
    888         L2CAP_TRACE_WARNING ("L2CAP - no RCB for L2CA_conn_req, PSM: %d", psm);
    889         return (0);
    890     }
    891 
    892     if ((p_lcb = l2cu_allocate_lcb (p_bd_addr, FALSE, BT_TRANSPORT_BR_EDR)) == NULL)
    893     {
    894         L2CAP_TRACE_WARNING ("L2CAP - no LCB for L2CA_conn_req");
    895         return (0);
    896     }
    897 
    898     p_lcb->link_state = LST_CONNECTED;
    899     p_lcb->handle     = handle;
    900 
    901     /* Allocate a channel control block */
    902     if ((p_ccb = l2cu_allocate_ccb (p_lcb, 0)) == NULL)
    903     {
    904         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_conn_req");
    905         return (0);
    906     }
    907 
    908     /* Save registration info */
    909     p_ccb->p_rcb        = p_rcb;
    910     p_ccb->chnl_state   = CST_OPEN;
    911     p_ccb->remote_cid   = p_ccb->local_cid;
    912     p_ccb->config_done  = CFG_DONE_MASK;
    913 
    914     /* Return the local CID as our handle */
    915     return (p_ccb->local_cid);
    916 }
    917 
    918 /*******************************************************************************
    919 **
    920 ** Function         L2CA_SetAclPriority
    921 **
    922 ** Description      Sets the transmission priority for a channel.
    923 **                  (For initial implementation only two values are valid.
    924 **                  L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH).
    925 **
    926 ** Returns          TRUE if a valid channel, else FALSE
    927 **
    928 *******************************************************************************/
    929 BOOLEAN L2CA_SetAclPriority (BD_ADDR bd_addr, UINT8 priority)
    930 {
    931     L2CAP_TRACE_API ("L2CA_SetAclPriority()  bdaddr: %02x%02x%02x%02x%04x, priority:%d",
    932                     bd_addr[0], bd_addr[1], bd_addr[2],
    933                     bd_addr[3], (bd_addr[4] << 8) + bd_addr[5], priority);
    934 
    935     return (l2cu_set_acl_priority(bd_addr, priority, FALSE));
    936 }
    937 
    938 /*******************************************************************************
    939 **
    940 ** Function         L2CA_FlowControl
    941 **
    942 ** Description      Higher layers call this function to flow control a channel.
    943 **
    944 **                  data_enabled - TRUE data flows, FALSE data is stopped
    945 **
    946 ** Returns          TRUE if valid channel, else FALSE
    947 **
    948 *******************************************************************************/
    949 BOOLEAN L2CA_FlowControl (UINT16 cid, BOOLEAN data_enabled)
    950 {
    951     tL2C_CCB  *p_ccb;
    952     BOOLEAN   on_off = !data_enabled;
    953 
    954     L2CAP_TRACE_API ("L2CA_FlowControl(%d)  CID: 0x%04x", on_off, cid);
    955 
    956     /* Find the channel control block. We don't know the link it is on. */
    957     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
    958     {
    959         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_FlowControl, CID: 0x%04x  data_enabled: %d", cid, data_enabled);
    960         return (FALSE);
    961     }
    962 
    963     if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE)
    964     {
    965         L2CAP_TRACE_EVENT ("L2CA_FlowControl()  invalid mode:%d", p_ccb->peer_cfg.fcr.mode);
    966         return (FALSE);
    967     }
    968     if (p_ccb->fcrb.local_busy != on_off)
    969     {
    970         p_ccb->fcrb.local_busy = on_off;
    971 
    972         if ( (p_ccb->chnl_state == CST_OPEN) && (!p_ccb->fcrb.wait_ack) )
    973         {
    974             if (on_off)
    975                 l2c_fcr_send_S_frame (p_ccb, L2CAP_FCR_SUP_RNR, 0);
    976             else
    977                 l2c_fcr_send_S_frame (p_ccb, L2CAP_FCR_SUP_RR, L2CAP_FCR_P_BIT);
    978         }
    979     }
    980 
    981     return (TRUE);
    982 }
    983 
    984 /*******************************************************************************
    985 **
    986 ** Function         L2CA_SendTestSFrame
    987 **
    988 ** Description      Higher layers call this function to send a test S-frame.
    989 **
    990 ** Returns          TRUE if valid Channel, else FALSE
    991 **
    992 *******************************************************************************/
    993 BOOLEAN L2CA_SendTestSFrame (UINT16 cid, UINT8 sup_type, UINT8 back_track)
    994 {
    995     tL2C_CCB        *p_ccb;
    996 
    997     L2CAP_TRACE_API ("L2CA_SendTestSFrame()  CID: 0x%04x  Type: 0x%02x  back_track: %u", cid, sup_type, back_track);
    998 
    999     /* Find the channel control block. We don't know the link it is on. */
   1000     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
   1001     {
   1002         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_SendTestSFrame, CID: %d", cid);
   1003         return (FALSE);
   1004     }
   1005 
   1006     if ( (p_ccb->chnl_state != CST_OPEN) || (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) )
   1007         return (FALSE);
   1008 
   1009     p_ccb->fcrb.next_seq_expected -= back_track;
   1010 
   1011     l2c_fcr_send_S_frame (p_ccb, (UINT16)(sup_type & 3), (UINT16)(sup_type & (L2CAP_FCR_P_BIT | L2CAP_FCR_F_BIT)));
   1012 
   1013     return (TRUE);
   1014 }
   1015 
   1016 
   1017 /*******************************************************************************
   1018 **
   1019 ** Function         L2CA_SetTxPriority
   1020 **
   1021 ** Description      Sets the transmission priority for a channel.
   1022 **
   1023 ** Returns          TRUE if a valid channel, else FALSE
   1024 **
   1025 *******************************************************************************/
   1026 BOOLEAN L2CA_SetTxPriority (UINT16 cid, tL2CAP_CHNL_PRIORITY priority)
   1027 {
   1028     tL2C_CCB        *p_ccb;
   1029 
   1030     L2CAP_TRACE_API ("L2CA_SetTxPriority()  CID: 0x%04x, priority:%d", cid, priority);
   1031 
   1032     /* Find the channel control block. We don't know the link it is on. */
   1033     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
   1034     {
   1035         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_SetTxPriority, CID: %d", cid);
   1036         return (FALSE);
   1037     }
   1038 
   1039     /* it will update the order of CCB in LCB by priority and update round robin service variables */
   1040     l2cu_change_pri_ccb (p_ccb, priority);
   1041 
   1042     return (TRUE);
   1043 }
   1044 
   1045 /*******************************************************************************
   1046 **
   1047 ** Function         L2CA_SetChnlDataRate
   1048 **
   1049 ** Description      Sets the tx/rx data rate for a channel.
   1050 **
   1051 ** Returns          TRUE if a valid channel, else FALSE
   1052 **
   1053 *******************************************************************************/
   1054 BOOLEAN L2CA_SetChnlDataRate (UINT16 cid, tL2CAP_CHNL_DATA_RATE tx, tL2CAP_CHNL_DATA_RATE rx)
   1055 {
   1056     tL2C_CCB        *p_ccb;
   1057 
   1058     L2CAP_TRACE_API ("L2CA_SetChnlDataRate()  CID: 0x%04x, tx:%d, rx:%d", cid, tx, rx);
   1059 
   1060     /* Find the channel control block. We don't know the link it is on. */
   1061     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
   1062     {
   1063         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_SetChnlDataRate, CID: %d", cid);
   1064         return (FALSE);
   1065     }
   1066 
   1067     p_ccb->tx_data_rate = tx;
   1068     p_ccb->rx_data_rate = rx;
   1069 
   1070     /* Adjust channel buffer allocation */
   1071     l2c_link_adjust_chnl_allocation ();
   1072 
   1073     return(TRUE);
   1074 }
   1075 
   1076 /*******************************************************************************
   1077 **
   1078 ** Function         L2CA_SetFlushTimeout
   1079 **
   1080 ** Description      This function set the automatic flush time out in Baseband
   1081 **                  for ACL-U packets.
   1082 **                  BdAddr : the remote BD address of ACL link. If it is BT_DB_ANY
   1083 **                           then the flush time out will be applied to all ACL link.
   1084 **                  FlushTimeout: flush time out in ms
   1085 **                           0x0000 : No automatic flush
   1086 **                           L2CAP_NO_RETRANSMISSION : No retransmission
   1087 **                           0x0002 - 0xFFFE : flush time out, if (flush_tout*8)+3/5)
   1088 **                                    <= HCI_MAX_AUTO_FLUSH_TOUT (in 625us slot).
   1089 **                                    Otherwise, return FALSE.
   1090 **                           L2CAP_NO_AUTOMATIC_FLUSH : No automatic flush
   1091 **
   1092 ** Returns          TRUE if command succeeded, FALSE if failed
   1093 **
   1094 ** NOTE             This flush timeout applies to all logical channels active on the
   1095 **                  ACL link.
   1096 *******************************************************************************/
   1097 BOOLEAN L2CA_SetFlushTimeout (BD_ADDR bd_addr, UINT16 flush_tout)
   1098 {
   1099     tL2C_LCB    *p_lcb;
   1100     UINT16      hci_flush_to;
   1101     UINT32      temp;
   1102 
   1103     /* no automatic flush (infinite timeout) */
   1104     if (flush_tout == 0x0000)
   1105     {
   1106         hci_flush_to = flush_tout;
   1107         flush_tout   = L2CAP_NO_AUTOMATIC_FLUSH;
   1108     }
   1109     /* no retransmission */
   1110     else if (flush_tout == L2CAP_NO_RETRANSMISSION)
   1111     {
   1112         /* not mandatory range for controller */
   1113         /* Packet is flushed before getting any ACK/NACK */
   1114         /* To do this, flush timeout should be 1 baseband slot */
   1115         hci_flush_to = flush_tout;
   1116     }
   1117     /* no automatic flush (infinite timeout) */
   1118     else if (flush_tout == L2CAP_NO_AUTOMATIC_FLUSH)
   1119     {
   1120         hci_flush_to = 0x0000;
   1121     }
   1122     else
   1123     {
   1124         /* convert L2CAP flush_to to 0.625 ms units, with round */
   1125         temp = (((UINT32)flush_tout * 8) + 3) / 5;
   1126 
   1127         /* if L2CAP flush_to within range of HCI, set HCI flush timeout */
   1128         if (temp > HCI_MAX_AUTO_FLUSH_TOUT)
   1129         {
   1130             L2CAP_TRACE_WARNING("WARNING L2CA_SetFlushTimeout timeout(0x%x) is out of range", flush_tout);
   1131             return FALSE;
   1132         }
   1133         else
   1134         {
   1135             hci_flush_to = (UINT16)temp;
   1136         }
   1137     }
   1138 
   1139     if (memcmp (BT_BD_ANY, bd_addr, BD_ADDR_LEN))
   1140     {
   1141         p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr, BT_TRANSPORT_BR_EDR);
   1142 
   1143         if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
   1144         {
   1145             if (p_lcb->link_flush_tout != flush_tout)
   1146             {
   1147                 p_lcb->link_flush_tout = flush_tout;
   1148 
   1149                 L2CAP_TRACE_API ("L2CA_SetFlushTimeout 0x%04x ms for bd_addr [...;%02x%02x%02x]",
   1150                                   flush_tout, bd_addr[3], bd_addr[4], bd_addr[5]);
   1151 
   1152                 if (!btsnd_hcic_write_auto_flush_tout (p_lcb->handle, hci_flush_to))
   1153                     return (FALSE);
   1154             }
   1155         }
   1156         else
   1157         {
   1158             L2CAP_TRACE_WARNING ("WARNING L2CA_SetFlushTimeout No lcb for bd_addr [...;%02x%02x%02x]",
   1159                                   bd_addr[3], bd_addr[4], bd_addr[5]);
   1160             return (FALSE);
   1161         }
   1162     }
   1163     else
   1164     {
   1165         int   xx;
   1166         p_lcb = &l2cb.lcb_pool[0];
   1167 
   1168         for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++)
   1169         {
   1170             if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
   1171             {
   1172                 if (p_lcb->link_flush_tout != flush_tout)
   1173                 {
   1174                     p_lcb->link_flush_tout = flush_tout;
   1175 
   1176                     L2CAP_TRACE_API ("L2CA_SetFlushTimeout 0x%04x ms for bd_addr [...;%02x%02x%02x]",
   1177                                       flush_tout, p_lcb->remote_bd_addr[3],
   1178                                       p_lcb->remote_bd_addr[4], p_lcb->remote_bd_addr[5]);
   1179 
   1180                     if (!btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to))
   1181                         return (FALSE);
   1182                 }
   1183             }
   1184         }
   1185     }
   1186 
   1187     return (TRUE);
   1188 }
   1189 
   1190 /*******************************************************************************
   1191 **
   1192 **  Function         L2CA_GetPeerFeatures
   1193 **
   1194 **  Description      Get a peers features and fixed channel map
   1195 **
   1196 **  Parameters:      BD address of the peer
   1197 **                   Pointers to features and channel mask storage area
   1198 **
   1199 **  Return value:    TRUE if peer is connected
   1200 **
   1201 *******************************************************************************/
   1202 BOOLEAN L2CA_GetPeerFeatures (BD_ADDR bd_addr, UINT32 *p_ext_feat, UINT8 *p_chnl_mask)
   1203 {
   1204     tL2C_LCB        *p_lcb;
   1205 
   1206     /* We must already have a link to the remote */
   1207     if ((p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr, BT_TRANSPORT_BR_EDR)) == NULL)
   1208     {
   1209         L2CAP_TRACE_WARNING ("L2CA_GetPeerFeatures() No BDA: %08x%04x",
   1210                               (bd_addr[0]<<24)+(bd_addr[1]<<16)+(bd_addr[2]<<8)+bd_addr[3],
   1211                               (bd_addr[4]<<8)+bd_addr[5]);
   1212         return (FALSE);
   1213     }
   1214 
   1215     L2CAP_TRACE_API ("L2CA_GetPeerFeatures() BDA: %08x%04x  ExtFea: 0x%08x  Chnl_Mask[0]: 0x%02x",
   1216                       (bd_addr[0]<<24)+(bd_addr[1]<<16)+(bd_addr[2]<<8)+bd_addr[3],
   1217                       (bd_addr[4]<<8)+bd_addr[5], p_lcb->peer_ext_fea, p_lcb->peer_chnl_mask[0]);
   1218 
   1219     *p_ext_feat = p_lcb->peer_ext_fea;
   1220 
   1221     memcpy (p_chnl_mask, p_lcb->peer_chnl_mask, L2CAP_FIXED_CHNL_ARRAY_SIZE);
   1222 
   1223     return (TRUE);
   1224 }
   1225 
   1226 /*******************************************************************************
   1227 **
   1228 **  Function         L2CA_GetBDAddrbyHandle
   1229 **
   1230 **  Description      Get BD address for the given HCI handle
   1231 **
   1232 **  Parameters:      HCI handle
   1233 **                   BD address of the peer
   1234 **
   1235 **  Return value:    TRUE if found lcb for the given handle, FALSE otherwise
   1236 **
   1237 *******************************************************************************/
   1238 BOOLEAN L2CA_GetBDAddrbyHandle (UINT16 handle, BD_ADDR bd_addr)
   1239 {
   1240     tL2C_LCB *p_lcb = NULL;
   1241     BOOLEAN found_dev = FALSE;
   1242 
   1243     p_lcb = l2cu_find_lcb_by_handle (handle);
   1244     if (p_lcb)
   1245     {
   1246         found_dev = TRUE;
   1247         memcpy (bd_addr, p_lcb->remote_bd_addr, BD_ADDR_LEN);
   1248     }
   1249 
   1250     return found_dev;
   1251 }
   1252 
   1253 /*******************************************************************************
   1254 **
   1255 **  Function         L2CA_GetChnlFcrMode
   1256 **
   1257 **  Description      Get the channel FCR mode
   1258 **
   1259 **  Parameters:      Local CID
   1260 **
   1261 **  Return value:    Channel mode
   1262 **
   1263 *******************************************************************************/
   1264 UINT8 L2CA_GetChnlFcrMode (UINT16 lcid)
   1265 {
   1266     tL2C_CCB    *p_ccb = l2cu_find_ccb_by_cid (NULL, lcid);
   1267 
   1268     if (p_ccb)
   1269     {
   1270         L2CAP_TRACE_API ("L2CA_GetChnlFcrMode() returns mode %d", p_ccb->peer_cfg.fcr.mode);
   1271         return (p_ccb->peer_cfg.fcr.mode);
   1272     }
   1273 
   1274     L2CAP_TRACE_API ("L2CA_GetChnlFcrMode() returns mode L2CAP_FCR_BASIC_MODE");
   1275     return (L2CAP_FCR_BASIC_MODE);
   1276 }
   1277 
   1278 #if (L2CAP_NUM_FIXED_CHNLS > 0)
   1279 /*******************************************************************************
   1280 **
   1281 **  Function        L2CA_RegisterFixedChannel
   1282 **
   1283 **  Description     Register a fixed channel.
   1284 **
   1285 **  Parameters:     Fixed Channel #
   1286 **                  Channel Callbacks and config
   1287 **
   1288 **  Return value:   -
   1289 **
   1290 *******************************************************************************/
   1291 BOOLEAN  L2CA_RegisterFixedChannel (UINT16 fixed_cid, tL2CAP_FIXED_CHNL_REG *p_freg)
   1292 {
   1293     if ( (fixed_cid < L2CAP_FIRST_FIXED_CHNL) || (fixed_cid > L2CAP_LAST_FIXED_CHNL) )
   1294     {
   1295         L2CAP_TRACE_ERROR ("L2CA_RegisterFixedChannel()  Invalid CID: 0x%04x", fixed_cid);
   1296 
   1297         return (FALSE);
   1298     }
   1299 
   1300     l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = *p_freg;
   1301     return (TRUE);
   1302 }
   1303 
   1304 /*******************************************************************************
   1305 **
   1306 **  Function        L2CA_ConnectFixedChnl
   1307 **
   1308 **  Description     Connect an fixed signalling channel to a remote device.
   1309 **
   1310 **  Parameters:     Fixed CID
   1311 **                  BD Address of remote
   1312 **
   1313 **  Return value:   TRUE if connection started
   1314 **
   1315 *******************************************************************************/
   1316 BOOLEAN L2CA_ConnectFixedChnl (UINT16 fixed_cid, BD_ADDR rem_bda)
   1317 {
   1318     tL2C_LCB        *p_lcb;
   1319     tBT_TRANSPORT   transport = BT_TRANSPORT_BR_EDR;
   1320     UINT16          reason;
   1321 
   1322     L2CAP_TRACE_API  ("L2CA_ConnectFixedChnl()  CID: 0x%04x  BDA: %08x%04x", fixed_cid,
   1323                     (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
   1324 
   1325     /* Check CID is valid and registered */
   1326     if ( (fixed_cid < L2CAP_FIRST_FIXED_CHNL) || (fixed_cid > L2CAP_LAST_FIXED_CHNL)
   1327      ||  (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb == NULL) )
   1328     {
   1329         L2CAP_TRACE_ERROR ("L2CA_ConnectFixedChnl()  Invalid CID: 0x%04x", fixed_cid);
   1330         return (FALSE);
   1331     }
   1332 
   1333     /* Fail if BT is not yet up */
   1334     if (!BTM_IsDeviceUp())
   1335     {
   1336         L2CAP_TRACE_WARNING ("L2CA_ConnectFixedChnl(0x%04x) - BTU not ready", fixed_cid);
   1337         return (FALSE);
   1338     }
   1339 
   1340 #if BLE_INCLUDED == TRUE
   1341     if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
   1342         transport = BT_TRANSPORT_LE;
   1343 #endif
   1344 
   1345     /* If we already have a link to the remote, check if it supports that CID */
   1346     if ((p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport)) != NULL)
   1347     {
   1348         if (!(p_lcb->peer_chnl_mask[0] & (1 << fixed_cid)))
   1349         {
   1350             L2CAP_TRACE_EVENT  ("L2CA_ConnectFixedChnl() CID:0x%04x  BDA: %08x%04x not supported",
   1351                 fixed_cid,(rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
   1352                 (rem_bda[4]<<8)+rem_bda[5]);
   1353             return (FALSE);
   1354         }
   1355         /* Get a CCB and link the lcb to it */
   1356         if (!l2cu_initialize_fixed_ccb (p_lcb, fixed_cid,
   1357             &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].fixed_chnl_opts))
   1358         {
   1359             L2CAP_TRACE_WARNING ("L2CA_ConnectFixedChnl(0x%04x) - LCB but no CCB", fixed_cid);
   1360             return (FALSE);
   1361         }
   1362 
   1363         /* racing with disconnecting, queue the connection request */
   1364         if (p_lcb->link_state == LST_DISCONNECTING)
   1365         {
   1366             L2CAP_TRACE_DEBUG ("L2CAP API - link disconnecting: RETRY LATER");
   1367             /* Save ccb so it can be started after disconnect is finished */
   1368             p_lcb->p_pending_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
   1369             return (TRUE);
   1370         }
   1371 
   1372 #if BLE_INCLUDED == TRUE
   1373         (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)
   1374         (p_lcb->remote_bd_addr, TRUE, 0, p_lcb->transport);
   1375 #else
   1376         (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)
   1377         (p_lcb->remote_bd_addr, TRUE, 0, BT_TRANSPORT_BR_EDR);
   1378 #endif
   1379         return (TRUE);
   1380     }
   1381 
   1382     /* No link. Get an LCB and start link establishment */
   1383     if ((p_lcb = l2cu_allocate_lcb (rem_bda, FALSE, transport)) == NULL)
   1384     {
   1385         L2CAP_TRACE_WARNING ("L2CA_ConnectFixedChnl(0x%04x) - no LCB", fixed_cid);
   1386         return (FALSE);
   1387     }
   1388 
   1389     /* Get a CCB and link the lcb to it */
   1390     if (!l2cu_initialize_fixed_ccb (p_lcb, fixed_cid,
   1391         &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].fixed_chnl_opts))
   1392     {
   1393         p_lcb->disc_reason = L2CAP_CONN_NO_RESOURCES;
   1394         L2CAP_TRACE_WARNING ("L2CA_ConnectFixedChnl(0x%04x) - no CCB", fixed_cid);
   1395         l2cu_release_lcb (p_lcb);
   1396         return (FALSE);
   1397     }
   1398 
   1399     if (!l2cu_create_conn(p_lcb, transport))
   1400     {
   1401         L2CAP_TRACE_WARNING ("L2CA_ConnectFixedChnl create_conn failed");
   1402         l2cu_release_lcb (p_lcb);
   1403         return (FALSE);
   1404     }
   1405     return (TRUE);
   1406 }
   1407 
   1408 /*******************************************************************************
   1409 **
   1410 **  Function        L2CA_SendFixedChnlData
   1411 **
   1412 **  Description     Write data on a fixed channel.
   1413 **
   1414 **  Parameters:     Fixed CID
   1415 **                  BD Address of remote
   1416 **                  Pointer to buffer of type BT_HDR
   1417 **
   1418 ** Return value     L2CAP_DW_SUCCESS, if data accepted
   1419 **                  L2CAP_DW_FAILED,  if error
   1420 **
   1421 *******************************************************************************/
   1422 UINT16 L2CA_SendFixedChnlData (UINT16 fixed_cid, BD_ADDR rem_bda, BT_HDR *p_buf)
   1423 {
   1424     tL2C_LCB        *p_lcb;
   1425     tBT_TRANSPORT   transport = BT_TRANSPORT_BR_EDR;
   1426 
   1427     L2CAP_TRACE_API ("L2CA_SendFixedChnlData()  CID: 0x%04x  BDA: %08x%04x", fixed_cid,
   1428                      (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
   1429 
   1430 #if BLE_INCLUDED == TRUE
   1431     if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
   1432         transport = BT_TRANSPORT_LE;
   1433 #endif
   1434 
   1435     /* Check CID is valid and registered */
   1436     if ( (fixed_cid < L2CAP_FIRST_FIXED_CHNL) || (fixed_cid > L2CAP_LAST_FIXED_CHNL)
   1437      ||  (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb == NULL) )
   1438     {
   1439         L2CAP_TRACE_ERROR ("L2CA_SendFixedChnlData()  Invalid CID: 0x%04x", fixed_cid);
   1440         GKI_freebuf (p_buf);
   1441         return (L2CAP_DW_FAILED);
   1442     }
   1443 
   1444     /* Fail if BT is not yet up */
   1445     if (!BTM_IsDeviceUp())
   1446     {
   1447         L2CAP_TRACE_WARNING ("L2CA_SendFixedChnlData(0x%04x) - BTU not ready", fixed_cid);
   1448         GKI_freebuf (p_buf);
   1449         return (L2CAP_DW_FAILED);
   1450     }
   1451 
   1452     /* We need to have a link up */
   1453     if ((p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport)) == NULL ||
   1454         /* if link is disconnecting, also report data sending failure */
   1455         p_lcb->link_state == LST_DISCONNECTING)
   1456     {
   1457         L2CAP_TRACE_WARNING ("L2CA_SendFixedChnlData(0x%04x) - no LCB", fixed_cid);
   1458         GKI_freebuf (p_buf);
   1459         return (L2CAP_DW_FAILED);
   1460     }
   1461 
   1462     if ((p_lcb->peer_chnl_mask[0] & (1 << fixed_cid)) == 0)
   1463     {
   1464         L2CAP_TRACE_WARNING ("L2CA_SendFixedChnlData() - peer does not support fixed chnl: 0x%04x", fixed_cid);
   1465         GKI_freebuf (p_buf);
   1466         return (L2CAP_DW_FAILED);
   1467     }
   1468 
   1469     p_buf->event = 0;
   1470     p_buf->layer_specific = L2CAP_FLUSHABLE_CH_BASED;
   1471 
   1472     if (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])
   1473     {
   1474         if (!l2cu_initialize_fixed_ccb (p_lcb, fixed_cid, &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].fixed_chnl_opts))
   1475         {
   1476             L2CAP_TRACE_WARNING ("L2CA_SendFixedChnlData() - no CCB for chnl: 0x%4x", fixed_cid);
   1477             GKI_freebuf (p_buf);
   1478             return (L2CAP_DW_FAILED);
   1479         }
   1480     }
   1481 
   1482     /* If already congested, do not accept any more packets */
   1483     if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent)
   1484     {
   1485         L2CAP_TRACE_ERROR ("L2CAP - CID: 0x%04x cannot send, already congested \
   1486             xmit_hold_q.count: %u buff_quota: %u", fixed_cid,
   1487             p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->xmit_hold_q.count,
   1488             p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota);
   1489         GKI_freebuf (p_buf);
   1490         return (L2CAP_DW_FAILED);
   1491     }
   1492 
   1493     l2c_enqueue_peer_data (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL], p_buf);
   1494 
   1495     l2c_link_check_send_pkts (p_lcb, NULL, NULL);
   1496 
   1497     /* If there is no dynamic CCB on the link, restart the idle timer each time something is sent */
   1498     if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED && !p_lcb->ccb_queue.p_first_ccb)
   1499     {
   1500         l2cu_no_dynamic_ccbs (p_lcb);
   1501     }
   1502 
   1503     if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent)
   1504         return (L2CAP_DW_CONGESTED);
   1505 
   1506     return (L2CAP_DW_SUCCESS);
   1507 }
   1508 
   1509 /*******************************************************************************
   1510 **
   1511 **  Function        L2CA_RemoveFixedChnl
   1512 **
   1513 **  Description     Remove a fixed channel to a remote device.
   1514 **
   1515 **  Parameters:     Fixed CID
   1516 **                  BD Address of remote
   1517 **                  Idle timeout to use (or 0xFFFF if don't care)
   1518 **
   1519 **  Return value:   TRUE if channel removed
   1520 **
   1521 *******************************************************************************/
   1522 BOOLEAN L2CA_RemoveFixedChnl (UINT16 fixed_cid, BD_ADDR rem_bda)
   1523 {
   1524     tL2C_LCB    *p_lcb;
   1525     tL2C_CCB    *p_ccb;
   1526     tBT_TRANSPORT   transport = BT_TRANSPORT_BR_EDR;
   1527 
   1528     /* Check CID is valid and registered */
   1529     if ( (fixed_cid < L2CAP_FIRST_FIXED_CHNL) || (fixed_cid > L2CAP_LAST_FIXED_CHNL)
   1530      ||  (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb == NULL) )
   1531     {
   1532         L2CAP_TRACE_ERROR ("L2CA_RemoveFixedChnl()  Invalid CID: 0x%04x", fixed_cid);
   1533         return (FALSE);
   1534     }
   1535 
   1536 #if BLE_INCLUDED == TRUE
   1537     if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
   1538         transport = BT_TRANSPORT_LE;
   1539 #endif
   1540 
   1541     /* Is a fixed channel connected to the remote BDA ?*/
   1542     p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport);
   1543 
   1544     if ( ((p_lcb) == NULL) || (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) )
   1545     {
   1546         L2CAP_TRACE_WARNING ("L2CA_RemoveFixedChnl()  CID: 0x%04x  BDA: %08x%04x not connected", fixed_cid,
   1547                              (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
   1548         return (FALSE);
   1549     }
   1550 
   1551     L2CAP_TRACE_API ("L2CA_RemoveFixedChnl()  CID: 0x%04x  BDA: %08x%04x", fixed_cid,
   1552                       (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
   1553 
   1554     /* Release the CCB, starting an inactivity timeout on the LCB if no other CCBs exist */
   1555     p_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
   1556 
   1557     p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = NULL;
   1558     p_lcb->disc_reason = HCI_ERR_CONN_CAUSE_LOCAL_HOST;
   1559 
   1560 #if BLE_INCLUDED == TRUE
   1561     /* retain the link for a few more seconds after SMP pairing is done, since Android
   1562     platformalways do service discovery after pairing complete. This way would avoid
   1563     the link down (pairing is complete) and an immediate reconnection for service
   1564     discovery. Some devices do not do auto advertising when link is dropped, thus fail
   1565     the second connection and service discovery.
   1566     BEFORE :if ((fixed_cid == L2CAP_ATT_CID || fixed_cid == L2CAP_SMP_CID)
   1567                        && !p_lcb->ccb_queue.p_first_ccb)*/
   1568     if ((fixed_cid == L2CAP_ATT_CID ) && !p_lcb->ccb_queue.p_first_ccb)
   1569         p_lcb->idle_timeout = 0;
   1570 #endif
   1571 
   1572     l2cu_release_ccb (p_ccb);
   1573 
   1574     return (TRUE);
   1575 }
   1576 
   1577 /*******************************************************************************
   1578 **
   1579 ** Function         L2CA_SetFixedChannelTout
   1580 **
   1581 ** Description      Higher layers call this function to set the idle timeout for
   1582 **                  a fixed channel. The "idle timeout" is the amount of time that
   1583 **                  a connection can remain up with no L2CAP channels on it.
   1584 **                  A timeout of zero means that the connection will be torn
   1585 **                  down immediately when the last channel is removed.
   1586 **                  A timeout of 0xFFFF means no timeout. Values are in seconds.
   1587 **                  A bd_addr is the remote BD address. If bd_addr = BT_BD_ANY,
   1588 **                  then the idle timeouts for all active l2cap links will be
   1589 **                  changed.
   1590 **
   1591 ** Returns          TRUE if command succeeded, FALSE if failed
   1592 **
   1593 *******************************************************************************/
   1594 BOOLEAN L2CA_SetFixedChannelTout (BD_ADDR rem_bda, UINT16 fixed_cid, UINT16 idle_tout)
   1595 {
   1596     tL2C_LCB        *p_lcb;
   1597     tBT_TRANSPORT   transport = BT_TRANSPORT_BR_EDR;
   1598 
   1599 #if BLE_INCLUDED == TRUE
   1600     if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
   1601         transport = BT_TRANSPORT_LE;
   1602 #endif
   1603 
   1604     /* Is a fixed channel connected to the remote BDA ?*/
   1605     p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport);
   1606     if ( ((p_lcb) == NULL) || (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) )
   1607     {
   1608         L2CAP_TRACE_WARNING ("L2CA_SetFixedChannelTout()  CID: 0x%04x  BDA: %08x%04x not connected", fixed_cid,
   1609                              (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
   1610         return (FALSE);
   1611     }
   1612 
   1613     p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->fixed_chnl_idle_tout = idle_tout;
   1614 
   1615     if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED && !p_lcb->ccb_queue.p_first_ccb)
   1616     {
   1617         /* If there are no dynamic CCBs, (re)start the idle timer in case we changed it */
   1618         l2cu_no_dynamic_ccbs (p_lcb);
   1619     }
   1620 
   1621     return (TRUE);
   1622 }
   1623 
   1624 #endif /* #if (L2CAP_NUM_FIXED_CHNLS > 0) */
   1625 
   1626 /*******************************************************************************
   1627 **
   1628 ** Function     L2CA_GetCurrentConfig
   1629 **
   1630 ** Description  This function returns configurations of L2CAP channel
   1631 **              pp_our_cfg : pointer of our saved configuration options
   1632 **              p_our_cfg_bits : valid config in bitmap
   1633 **              pp_peer_cfg: pointer of peer's saved configuration options
   1634 **              p_peer_cfg_bits : valid config in bitmap
   1635 **
   1636 ** Returns      TRUE if successful
   1637 **
   1638 *******************************************************************************/
   1639 BOOLEAN L2CA_GetCurrentConfig (UINT16 lcid,
   1640                                tL2CAP_CFG_INFO **pp_our_cfg,  tL2CAP_CH_CFG_BITS *p_our_cfg_bits,
   1641                                tL2CAP_CFG_INFO **pp_peer_cfg, tL2CAP_CH_CFG_BITS *p_peer_cfg_bits)
   1642 {
   1643     tL2C_CCB    *p_ccb;
   1644 
   1645     L2CAP_TRACE_API ("L2CA_GetCurrentConfig()  CID: 0x%04x", lcid);
   1646 
   1647     p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
   1648 
   1649     if (p_ccb)
   1650     {
   1651         *pp_our_cfg  = &(p_ccb->our_cfg);
   1652 
   1653         /* convert valid config items into bitmap */
   1654         *p_our_cfg_bits = 0;
   1655         if (p_ccb->our_cfg.mtu_present)
   1656             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_MTU;
   1657         if (p_ccb->our_cfg.qos_present)
   1658             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_QOS;
   1659         if (p_ccb->our_cfg.flush_to_present)
   1660             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FLUSH_TO;
   1661         if (p_ccb->our_cfg.fcr_present)
   1662             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCR;
   1663         if (p_ccb->our_cfg.fcs_present)
   1664             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCS;
   1665         if (p_ccb->our_cfg.ext_flow_spec_present)
   1666             *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_EXT_FLOW_SPEC;
   1667 
   1668         *pp_peer_cfg = &(p_ccb->peer_cfg);
   1669         *p_peer_cfg_bits = p_ccb->peer_cfg_bits;
   1670 
   1671         return TRUE;
   1672     }
   1673     else
   1674     {
   1675         L2CAP_TRACE_ERROR ("No CCB for CID:0x%04x", lcid);
   1676         return FALSE;
   1677     }
   1678 }
   1679 
   1680 /*******************************************************************************
   1681 **
   1682 ** Function         L2CA_RegForNoCPEvt
   1683 **
   1684 ** Description      Register callback for Number of Completed Packets event.
   1685 **
   1686 ** Input Param      p_cb - callback for Number of completed packets event
   1687 **                  p_bda - BT address of remote device
   1688 **
   1689 ** Returns          TRUE if registered OK, else FALSE
   1690 **
   1691 *******************************************************************************/
   1692 BOOLEAN L2CA_RegForNoCPEvt(tL2CA_NOCP_CB *p_cb, BD_ADDR p_bda)
   1693 {
   1694     tL2C_LCB        *p_lcb;
   1695 
   1696     /* Find the link that is associated with this remote bdaddr */
   1697     p_lcb = l2cu_find_lcb_by_bd_addr (p_bda, BT_TRANSPORT_BR_EDR);
   1698 
   1699     /* If no link for this handle, nothing to do. */
   1700     if (!p_lcb)
   1701         return FALSE;
   1702 
   1703     p_lcb->p_nocp_cb = p_cb;
   1704 
   1705     return TRUE;
   1706 }
   1707 
   1708 /*******************************************************************************
   1709 **
   1710 ** Function         L2CA_DataWrite
   1711 **
   1712 ** Description      Higher layers call this function to write data.
   1713 **
   1714 ** Returns          L2CAP_DW_SUCCESS, if data accepted, else FALSE
   1715 **                  L2CAP_DW_CONGESTED, if data accepted and the channel is congested
   1716 **                  L2CAP_DW_FAILED, if error
   1717 **
   1718 *******************************************************************************/
   1719 UINT8 L2CA_DataWrite (UINT16 cid, BT_HDR *p_data)
   1720 {
   1721     L2CAP_TRACE_API ("L2CA_DataWrite()  CID: 0x%04x  Len: %d", cid, p_data->len);
   1722     return l2c_data_write (cid, p_data, L2CAP_FLUSHABLE_CH_BASED);
   1723 }
   1724 
   1725 /*******************************************************************************
   1726 **
   1727 ** Function         L2CA_SetChnlFlushability
   1728 **
   1729 ** Description      Higher layers call this function to set a channels
   1730 **                  flushability flags
   1731 **
   1732 ** Returns          TRUE if CID found, else FALSE
   1733 **
   1734 *******************************************************************************/
   1735 BOOLEAN L2CA_SetChnlFlushability (UINT16 cid, BOOLEAN is_flushable)
   1736 {
   1737 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
   1738 
   1739     tL2C_CCB        *p_ccb;
   1740 
   1741     /* Find the channel control block. We don't know the link it is on. */
   1742     if ((p_ccb = l2cu_find_ccb_by_cid (NULL, cid)) == NULL)
   1743     {
   1744         L2CAP_TRACE_WARNING ("L2CAP - no CCB for L2CA_SetChnlFlushability, CID: %d", cid);
   1745         return (FALSE);
   1746     }
   1747 
   1748     p_ccb->is_flushable = is_flushable;
   1749 
   1750     L2CAP_TRACE_API ("L2CA_SetChnlFlushability()  CID: 0x%04x  is_flushable: %d", cid, is_flushable);
   1751 
   1752 #endif
   1753 
   1754     return (TRUE);
   1755 }
   1756 
   1757 /*******************************************************************************
   1758 **
   1759 ** Function         L2CA_DataWriteEx
   1760 **
   1761 ** Description      Higher layers call this function to write data with extended
   1762 **                  flags.
   1763 **                  flags : L2CAP_FLUSHABLE_CH_BASED
   1764 **                          L2CAP_FLUSHABLE_PKT
   1765 **                          L2CAP_NON_FLUSHABLE_PKT
   1766 **
   1767 ** Returns          L2CAP_DW_SUCCESS, if data accepted, else FALSE
   1768 **                  L2CAP_DW_CONGESTED, if data accepted and the channel is congested
   1769 **                  L2CAP_DW_FAILED, if error
   1770 **
   1771 *******************************************************************************/
   1772 UINT8 L2CA_DataWriteEx (UINT16 cid, BT_HDR *p_data, UINT16 flags)
   1773 {
   1774     L2CAP_TRACE_API ("L2CA_DataWriteEx()  CID: 0x%04x  Len: %d Flags:0x%04X",
   1775                        cid, p_data->len, flags);
   1776     return l2c_data_write (cid, p_data, flags);
   1777 }
   1778 
   1779 /*******************************************************************************
   1780 **
   1781 ** Function     L2CA_FlushChannel
   1782 **
   1783 ** Description  This function flushes none, some or all buffers queued up
   1784 **              for xmission for a particular CID. If called with
   1785 **              L2CAP_FLUSH_CHANS_GET (0), it simply returns the number
   1786 **              of buffers queued for that CID L2CAP_FLUSH_CHANS_ALL (0xffff)
   1787 **              flushes all buffers.  All other values specifies the maximum
   1788 **              buffers to flush.
   1789 **
   1790 ** Returns      Number of buffers left queued for that CID
   1791 **
   1792 *******************************************************************************/
   1793 UINT16 L2CA_FlushChannel (UINT16 lcid, UINT16 num_to_flush)
   1794 {
   1795     tL2C_CCB        *p_ccb;
   1796     tL2C_LCB        *p_lcb;
   1797     UINT16          num_left = 0,
   1798                     num_flushed1 = 0,
   1799                     num_flushed2 = 0;
   1800     BT_HDR          *p_buf1, *p_buf;
   1801 
   1802     p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
   1803 
   1804     if ( !p_ccb || ((p_lcb = p_ccb->p_lcb) == NULL) )
   1805     {
   1806         L2CAP_TRACE_WARNING ("L2CA_FlushChannel()  abnormally returning 0  CID: 0x%04x", lcid);
   1807         return (0);
   1808     }
   1809 
   1810     if (num_to_flush != L2CAP_FLUSH_CHANS_GET)
   1811     {
   1812         L2CAP_TRACE_API ("L2CA_FlushChannel (FLUSH)  CID: 0x%04x  NumToFlush: %d  QC: %u  pFirst: 0x%08x",
   1813                            lcid, num_to_flush, p_ccb->xmit_hold_q.count, p_ccb->xmit_hold_q.p_first);
   1814     }
   1815     else
   1816     {
   1817         L2CAP_TRACE_API ("L2CA_FlushChannel (QUERY)  CID: 0x%04x", lcid);
   1818     }
   1819 
   1820     /* Cannot flush eRTM buffers once they have a sequence number */
   1821     if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE)
   1822     {
   1823 #if L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE
   1824         if (num_to_flush != L2CAP_FLUSH_CHANS_GET)
   1825         {
   1826             /* If the controller supports enhanced flush, flush the data queued at the controller */
   1827             if ( (HCI_NON_FLUSHABLE_PB_SUPPORTED(BTM_ReadLocalFeatures ()))
   1828              && (BTM_GetNumScoLinks() == 0) )
   1829             {
   1830                 if ( l2cb.is_flush_active == FALSE )
   1831                 {
   1832                     l2cb.is_flush_active = TRUE;
   1833 
   1834                     /* The only packet type defined - 0 - Automatically-Flushable Only */
   1835                     btsnd_hcic_enhanced_flush (p_lcb->handle, 0);
   1836                 }
   1837             }
   1838         }
   1839 #endif
   1840 
   1841         p_buf = (BT_HDR *)p_lcb->link_xmit_data_q.p_first;
   1842 
   1843         /* First flush the number we are asked to flush */
   1844         while ((p_buf != NULL) && (num_to_flush != 0))
   1845         {
   1846             /* Do not flush other CIDs or partial segments */
   1847             if ( (p_buf->layer_specific == 0) && (p_buf->event == lcid) )
   1848             {
   1849                 p_buf1 = p_buf;
   1850                 p_buf = (BT_HDR *)GKI_getnext (p_buf);
   1851                 num_to_flush--;
   1852                 num_flushed1++;
   1853 
   1854                 GKI_remove_from_queue (&p_lcb->link_xmit_data_q, p_buf1);
   1855                 GKI_freebuf (p_buf1);
   1856             }
   1857             else
   1858                 p_buf = (BT_HDR *)GKI_getnext (p_buf);
   1859         }
   1860     }
   1861 
   1862     /* If needed, flush buffers in the CCB xmit hold queue */
   1863     while ( (num_to_flush != 0) && (p_ccb->xmit_hold_q.count != 0) )
   1864     {
   1865         p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->xmit_hold_q);
   1866         if (p_buf)
   1867             GKI_freebuf (p_buf);
   1868         num_to_flush--;
   1869         num_flushed2++;
   1870     }
   1871 
   1872     /* If app needs to track all packets, call him */
   1873     if ( (p_ccb->p_rcb) && (p_ccb->p_rcb->api.pL2CA_TxComplete_Cb) && (num_flushed2) )
   1874         (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, num_flushed2);
   1875 
   1876     /* Now count how many are left */
   1877     p_buf = (BT_HDR *)p_lcb->link_xmit_data_q.p_first;
   1878 
   1879     while (p_buf != NULL)
   1880     {
   1881         if (p_buf->event == lcid)
   1882             num_left++;
   1883 
   1884         p_buf = (BT_HDR *)GKI_getnext (p_buf);
   1885     }
   1886 
   1887     /* Add in the number in the CCB xmit queue */
   1888     num_left += p_ccb->xmit_hold_q.count;
   1889 
   1890     /* Return the local number of buffers left for the CID */
   1891     L2CAP_TRACE_DEBUG ("L2CA_FlushChannel()  flushed: %u + %u,  num_left: %u", num_flushed1, num_flushed2, num_left);
   1892 
   1893     /* If we were congested, and now we are not, tell the app */
   1894     l2cu_check_channel_congestion (p_ccb);
   1895 
   1896     return (num_left);
   1897 }
   1898 
   1899