1 /****************************************************************************** 2 * 3 * Copyright (C) 1999-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains L2CAP utility functions 22 * 23 ******************************************************************************/ 24 25 #include <stdlib.h> 26 #include <string.h> 27 #include <stdio.h> 28 29 #include "device/include/controller.h" 30 #include "btcore/include/counter.h" 31 #include "gki.h" 32 #include "bt_types.h" 33 #include "hcimsgs.h" 34 #include "l2cdefs.h" 35 #include "l2c_int.h" 36 #include "hcidefs.h" 37 #include "btu.h" 38 #include "btm_api.h" 39 #include "btm_int.h" 40 #include "hcidefs.h" 41 #include "bt_utils.h" 42 #include "osi/include/allocator.h" 43 44 /******************************************************************************* 45 ** 46 ** Function l2cu_allocate_lcb 47 ** 48 ** Description Look for an unused LCB 49 ** 50 ** Returns LCB address or NULL if none found 51 ** 52 *******************************************************************************/ 53 tL2C_LCB *l2cu_allocate_lcb (BD_ADDR p_bd_addr, BOOLEAN is_bonding, tBT_TRANSPORT transport) 54 { 55 int xx; 56 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 57 58 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 59 { 60 if (!p_lcb->in_use) 61 { 62 memset (p_lcb, 0, sizeof (tL2C_LCB)); 63 64 memcpy (p_lcb->remote_bd_addr, p_bd_addr, BD_ADDR_LEN); 65 66 p_lcb->in_use = TRUE; 67 p_lcb->link_state = LST_DISCONNECTED; 68 p_lcb->handle = HCI_INVALID_HANDLE; 69 p_lcb->link_flush_tout = 0xFFFF; 70 p_lcb->timer_entry.param = (TIMER_PARAM_TYPE)p_lcb; 71 p_lcb->info_timer_entry.param = (TIMER_PARAM_TYPE)p_lcb; 72 p_lcb->idle_timeout = l2cb.idle_timeout; 73 p_lcb->id = 1; /* spec does not allow '0' */ 74 p_lcb->is_bonding = is_bonding; 75 #if (BLE_INCLUDED == TRUE) 76 p_lcb->transport = transport; 77 p_lcb->tx_data_len = controller_get_interface()->get_ble_default_data_packet_length(); 78 79 if (transport == BT_TRANSPORT_LE) 80 { 81 l2cb.num_ble_links_active++; 82 l2c_ble_link_adjust_allocation(); 83 } 84 else 85 #endif 86 { 87 l2cb.num_links_active++; 88 l2c_link_adjust_allocation(); 89 } 90 p_lcb->link_xmit_data_q = list_new(NULL); 91 return (p_lcb); 92 } 93 } 94 95 /* If here, no free LCB found */ 96 return (NULL); 97 } 98 99 /******************************************************************************* 100 ** 101 ** Function l2cu_update_lcb_4_bonding 102 ** 103 ** Description Mark the lcb for bonding. Used when bonding takes place on 104 ** an existing ACL connection. (Pre-Lisbon devices) 105 ** 106 ** Returns Nothing 107 ** 108 *******************************************************************************/ 109 void l2cu_update_lcb_4_bonding (BD_ADDR p_bd_addr, BOOLEAN is_bonding) 110 { 111 tL2C_LCB *p_lcb = l2cu_find_lcb_by_bd_addr (p_bd_addr, BT_TRANSPORT_BR_EDR); 112 113 if (p_lcb) 114 { 115 L2CAP_TRACE_DEBUG ("l2cu_update_lcb_4_bonding BDA: %08x%04x is_bonding: %d", 116 (p_bd_addr[0]<<24)+(p_bd_addr[1]<<16)+(p_bd_addr[2]<<8)+p_bd_addr[3], 117 (p_bd_addr[4]<<8)+p_bd_addr[5], is_bonding); 118 p_lcb->is_bonding = is_bonding; 119 } 120 } 121 122 /******************************************************************************* 123 ** 124 ** Function l2cu_release_lcb 125 ** 126 ** Description Release an LCB. All timers will be stopped, channels 127 ** dropped, buffers returned etc. 128 ** 129 ** Returns void 130 ** 131 *******************************************************************************/ 132 void l2cu_release_lcb (tL2C_LCB *p_lcb) 133 { 134 tL2C_CCB *p_ccb; 135 136 p_lcb->in_use = FALSE; 137 p_lcb->is_bonding = FALSE; 138 139 /* Stop timers */ 140 btu_stop_timer (&p_lcb->timer_entry); 141 btu_stop_timer (&p_lcb->info_timer_entry); 142 143 /* Release any unfinished L2CAP packet on this link */ 144 if (p_lcb->p_hcit_rcv_acl) 145 { 146 GKI_freebuf(p_lcb->p_hcit_rcv_acl); 147 p_lcb->p_hcit_rcv_acl = NULL; 148 } 149 150 #if BTM_SCO_INCLUDED == TRUE 151 #if (BLE_INCLUDED == TRUE) 152 if (p_lcb->transport == BT_TRANSPORT_BR_EDR) 153 #endif 154 /* Release all SCO links */ 155 btm_remove_sco_links(p_lcb->remote_bd_addr); 156 #endif 157 158 if (p_lcb->sent_not_acked > 0) 159 { 160 #if (BLE_INCLUDED == TRUE) 161 if (p_lcb->transport == BT_TRANSPORT_LE) 162 { 163 l2cb.controller_le_xmit_window += p_lcb->sent_not_acked; 164 if (l2cb.controller_le_xmit_window > l2cb.num_lm_ble_bufs) 165 { 166 l2cb.controller_le_xmit_window = l2cb.num_lm_ble_bufs; 167 } 168 } 169 else 170 #endif 171 { 172 l2cb.controller_xmit_window += p_lcb->sent_not_acked; 173 if (l2cb.controller_xmit_window > l2cb.num_lm_acl_bufs) 174 { 175 l2cb.controller_xmit_window = l2cb.num_lm_acl_bufs; 176 } 177 } 178 } 179 180 #if (BLE_INCLUDED == TRUE) 181 // Reset BLE connecting flag only if the address matches 182 if (!memcmp(l2cb.ble_connecting_bda, p_lcb->remote_bd_addr, BD_ADDR_LEN)) 183 l2cb.is_ble_connecting = FALSE; 184 #endif 185 186 #if (L2CAP_NUM_FIXED_CHNLS > 0) 187 l2cu_process_fixed_disc_cback(p_lcb); 188 #endif 189 190 /* Ensure no CCBs left on this LCB */ 191 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_lcb->ccb_queue.p_first_ccb) 192 { 193 l2cu_release_ccb (p_ccb); 194 } 195 196 /* Tell BTM Acl management the link was removed */ 197 if ((p_lcb->link_state == LST_CONNECTED) || (p_lcb->link_state == LST_DISCONNECTING)) 198 #if (BLE_INCLUDED == TRUE) 199 btm_acl_removed (p_lcb->remote_bd_addr, p_lcb->transport); 200 #else 201 btm_acl_removed (p_lcb->remote_bd_addr, BT_TRANSPORT_BR_EDR); 202 #endif 203 204 /* Release any held buffers */ 205 if (p_lcb->link_xmit_data_q) 206 { 207 while (!list_is_empty(p_lcb->link_xmit_data_q)) { 208 BT_HDR *p_buf = list_front(p_lcb->link_xmit_data_q); 209 list_remove(p_lcb->link_xmit_data_q, p_buf); 210 GKI_freebuf(p_buf); 211 } 212 list_free(p_lcb->link_xmit_data_q); 213 p_lcb->link_xmit_data_q = NULL; 214 } 215 216 #if (L2CAP_UCD_INCLUDED == TRUE) 217 /* clean up any security pending UCD */ 218 l2c_ucd_delete_sec_pending_q(p_lcb); 219 #endif 220 221 #if BLE_INCLUDED == TRUE 222 /* Re-adjust flow control windows make sure it does not go negative */ 223 if (p_lcb->transport == BT_TRANSPORT_LE) 224 { 225 if (l2cb.num_ble_links_active >= 1) 226 l2cb.num_ble_links_active--; 227 228 l2c_ble_link_adjust_allocation(); 229 } 230 else 231 #endif 232 { 233 if (l2cb.num_links_active >= 1) 234 l2cb.num_links_active--; 235 236 l2c_link_adjust_allocation(); 237 } 238 239 /* Check for ping outstanding */ 240 if (p_lcb->p_echo_rsp_cb) 241 { 242 tL2CA_ECHO_RSP_CB *p_cb = p_lcb->p_echo_rsp_cb; 243 244 /* Zero out the callback in case app immediately calls us again */ 245 p_lcb->p_echo_rsp_cb = NULL; 246 247 (*p_cb) (L2CAP_PING_RESULT_NO_LINK); 248 } 249 } 250 251 252 /******************************************************************************* 253 ** 254 ** Function l2cu_find_lcb_by_bd_addr 255 ** 256 ** Description Look through all active LCBs for a match based on the 257 ** remote BD address. 258 ** 259 ** Returns pointer to matched LCB, or NULL if no match 260 ** 261 *******************************************************************************/ 262 tL2C_LCB *l2cu_find_lcb_by_bd_addr (BD_ADDR p_bd_addr, tBT_TRANSPORT transport) 263 { 264 int xx; 265 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 266 267 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 268 { 269 if ((p_lcb->in_use) && 270 #if BLE_INCLUDED == TRUE 271 p_lcb->transport == transport && 272 #endif 273 (!memcmp (p_lcb->remote_bd_addr, p_bd_addr, BD_ADDR_LEN))) 274 { 275 return (p_lcb); 276 } 277 } 278 279 /* If here, no match found */ 280 return (NULL); 281 } 282 283 /******************************************************************************* 284 ** 285 ** Function l2cu_get_conn_role 286 ** 287 ** Description Determine the desired role (master or slave) of a link. 288 ** If already got a slave link, this one must be a master. If 289 ** already got at least 1 link where we are the master, make this 290 ** also a master. 291 ** 292 ** Returns HCI_ROLE_MASTER or HCI_ROLE_SLAVE 293 ** 294 *******************************************************************************/ 295 UINT8 l2cu_get_conn_role (tL2C_LCB *p_this_lcb) 296 { 297 return l2cb.desire_role; 298 } 299 300 /******************************************************************************* 301 ** 302 ** Function l2c_is_cmd_rejected 303 ** 304 ** Description Checks if cmd_code is command or response 305 ** If a command it will be rejected per spec. 306 ** This function is used when a illegal packet length is detected 307 ** 308 ** Returns BOOLEAN - TRUE if cmd_code is a command and it is rejected, 309 ** FALSE if response code. (command not rejected) 310 ** 311 *******************************************************************************/ 312 BOOLEAN l2c_is_cmd_rejected (UINT8 cmd_code, UINT8 id, tL2C_LCB *p_lcb) 313 { 314 switch(cmd_code) 315 { 316 case L2CAP_CMD_CONN_REQ: 317 case L2CAP_CMD_CONFIG_REQ: 318 case L2CAP_CMD_DISC_REQ: 319 case L2CAP_CMD_ECHO_REQ: 320 case L2CAP_CMD_INFO_REQ: 321 case L2CAP_CMD_AMP_CONN_REQ: 322 case L2CAP_CMD_AMP_MOVE_REQ: 323 case L2CAP_CMD_BLE_UPDATE_REQ: 324 l2cu_send_peer_cmd_reject (p_lcb, L2CAP_CMD_REJ_MTU_EXCEEDED, id, L2CAP_DEFAULT_MTU, 0); 325 L2CAP_TRACE_WARNING ("Dumping first Command (%d)", cmd_code); 326 return TRUE; 327 328 default: /* Otherwise a response */ 329 return FALSE; 330 } 331 } 332 333 /******************************************************************************* 334 ** 335 ** Function l2cu_build_header 336 ** 337 ** Description Builds the L2CAP command packet header 338 ** 339 ** Returns Pointer to allocated packet or NULL if no resources 340 ** 341 *******************************************************************************/ 342 BT_HDR *l2cu_build_header (tL2C_LCB *p_lcb, UINT16 len, UINT8 cmd, UINT8 id) 343 { 344 BT_HDR *p_buf = (BT_HDR *)GKI_getpoolbuf (L2CAP_CMD_POOL_ID); 345 UINT8 *p; 346 347 if (!p_buf) 348 { 349 L2CAP_TRACE_ERROR ("l2cu_build_header - no buffer"); 350 return (NULL); 351 } 352 353 p_buf->offset = L2CAP_SEND_CMD_OFFSET; 354 p_buf->len = len + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 355 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET; 356 357 /* Put in HCI header - handle + pkt boundary */ 358 #if (BLE_INCLUDED == TRUE) 359 if (p_lcb->transport == BT_TRANSPORT_LE) 360 { 361 UINT16_TO_STREAM (p, (p_lcb->handle | (L2CAP_PKT_START_NON_FLUSHABLE << L2CAP_PKT_TYPE_SHIFT))); 362 } 363 else 364 #endif 365 { 366 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE) 367 UINT16_TO_STREAM (p, p_lcb->handle | l2cb.non_flushable_pbf); 368 #else 369 UINT16_TO_STREAM (p, (p_lcb->handle | (L2CAP_PKT_START << L2CAP_PKT_TYPE_SHIFT))); 370 #endif 371 } 372 373 UINT16_TO_STREAM (p, len + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD); 374 UINT16_TO_STREAM (p, len + L2CAP_CMD_OVERHEAD); 375 376 #if (BLE_INCLUDED == TRUE) 377 if (p_lcb->transport == BT_TRANSPORT_LE) 378 { 379 counter_add("l2cap.ble.tx.bytes", p_buf->len); 380 counter_add("l2cap.ble.tx.pkts", 1); 381 382 UINT16_TO_STREAM (p, L2CAP_BLE_SIGNALLING_CID); 383 } 384 else 385 #endif 386 { 387 counter_add("l2cap.sig.tx.bytes", p_buf->len); 388 counter_add("l2cap.sig.tx.pkts", 1); 389 UINT16_TO_STREAM (p, L2CAP_SIGNALLING_CID); 390 } 391 392 /* Put in L2CAP command header */ 393 UINT8_TO_STREAM (p, cmd); 394 UINT8_TO_STREAM (p, id); 395 UINT16_TO_STREAM (p, len); 396 397 return (p_buf); 398 } 399 400 /******************************************************************************* 401 ** 402 ** Function l2cu_adj_id 403 ** 404 ** Description Checks for valid ID based on specified mask 405 ** and adjusts the id if invalid. 406 ** 407 ** Returns void 408 ** 409 *******************************************************************************/ 410 void l2cu_adj_id (tL2C_LCB *p_lcb, UINT8 adj_mask) 411 { 412 if ((adj_mask & L2CAP_ADJ_ZERO_ID) && !p_lcb->id) 413 { 414 p_lcb->id++; 415 } 416 } 417 418 /******************************************************************************* 419 ** 420 ** Function l2cu_send_peer_cmd_reject 421 ** 422 ** Description Build and send an L2CAP "command reject" message 423 ** to the peer. 424 ** 425 ** Returns void 426 ** 427 *******************************************************************************/ 428 void l2cu_send_peer_cmd_reject (tL2C_LCB *p_lcb, UINT16 reason, UINT8 rem_id, 429 UINT16 p1, UINT16 p2) 430 { 431 UINT16 param_len; 432 BT_HDR *p_buf; 433 UINT8 *p; 434 435 /* Put in L2CAP packet header */ 436 if (reason == L2CAP_CMD_REJ_MTU_EXCEEDED) 437 param_len = 2; 438 else if (reason == L2CAP_CMD_REJ_INVALID_CID) 439 param_len = 4; 440 else 441 param_len = 0; 442 443 if ((p_buf = l2cu_build_header (p_lcb, (UINT16) (L2CAP_CMD_REJECT_LEN + param_len), L2CAP_CMD_REJECT, rem_id)) == NULL ) 444 { 445 L2CAP_TRACE_WARNING ("L2CAP - no buffer cmd_rej"); 446 return; 447 } 448 449 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 450 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 451 452 UINT16_TO_STREAM (p, reason); 453 454 if (param_len >= 2) 455 UINT16_TO_STREAM (p, p1); 456 457 if (param_len >= 4) 458 UINT16_TO_STREAM (p, p2); 459 460 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 461 } 462 463 464 /******************************************************************************* 465 ** 466 ** Function l2cu_send_peer_connect_req 467 ** 468 ** Description Build and send an L2CAP "connection request" message 469 ** to the peer. 470 ** 471 ** Returns void 472 ** 473 *******************************************************************************/ 474 void l2cu_send_peer_connect_req (tL2C_CCB *p_ccb) 475 { 476 BT_HDR *p_buf; 477 UINT8 *p; 478 479 /* Create an identifier for this packet */ 480 p_ccb->p_lcb->id++; 481 l2cu_adj_id(p_ccb->p_lcb, L2CAP_ADJ_ID); 482 483 p_ccb->local_id = p_ccb->p_lcb->id; 484 485 if ((p_buf = l2cu_build_header (p_ccb->p_lcb, L2CAP_CONN_REQ_LEN, L2CAP_CMD_CONN_REQ, 486 p_ccb->local_id)) == NULL) 487 { 488 L2CAP_TRACE_WARNING ("L2CAP - no buffer for conn_req"); 489 return; 490 } 491 492 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET+HCI_DATA_PREAMBLE_SIZE + 493 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 494 495 UINT16_TO_STREAM (p, p_ccb->p_rcb->real_psm); 496 UINT16_TO_STREAM (p, p_ccb->local_cid); 497 498 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 499 } 500 501 502 /******************************************************************************* 503 ** 504 ** Function l2cu_send_peer_connect_rsp 505 ** 506 ** Description Build and send an L2CAP "connection response" message 507 ** to the peer. 508 ** 509 ** Returns void 510 ** 511 *******************************************************************************/ 512 void l2cu_send_peer_connect_rsp (tL2C_CCB *p_ccb, UINT16 result, UINT16 status) 513 { 514 BT_HDR *p_buf; 515 UINT8 *p; 516 517 if (result == L2CAP_CONN_PENDING) 518 { 519 /* if we already sent pending response */ 520 if (p_ccb->flags & CCB_FLAG_SENT_PENDING) 521 return; 522 else 523 p_ccb->flags |= CCB_FLAG_SENT_PENDING; 524 } 525 526 if ((p_buf=l2cu_build_header(p_ccb->p_lcb, L2CAP_CONN_RSP_LEN, L2CAP_CMD_CONN_RSP, p_ccb->remote_id)) == NULL) 527 { 528 L2CAP_TRACE_WARNING ("L2CAP - no buffer for conn_rsp"); 529 return; 530 } 531 532 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET+HCI_DATA_PREAMBLE_SIZE + 533 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 534 535 UINT16_TO_STREAM (p, p_ccb->local_cid); 536 UINT16_TO_STREAM (p, p_ccb->remote_cid); 537 UINT16_TO_STREAM (p, result); 538 UINT16_TO_STREAM (p, status); 539 540 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 541 } 542 543 544 /******************************************************************************* 545 ** 546 ** Function l2cu_reject_connection 547 ** 548 ** Description Build and send an L2CAP "connection response neg" message 549 ** to the peer. This function is called when there is no peer 550 ** CCB (non-existant PSM or no resources). 551 ** 552 ** Returns void 553 ** 554 *******************************************************************************/ 555 void l2cu_reject_connection (tL2C_LCB *p_lcb, UINT16 remote_cid, UINT8 rem_id, UINT16 result) 556 { 557 BT_HDR *p_buf; 558 UINT8 *p; 559 560 if ((p_buf = l2cu_build_header(p_lcb, L2CAP_CONN_RSP_LEN, L2CAP_CMD_CONN_RSP, rem_id)) == NULL ) 561 { 562 L2CAP_TRACE_WARNING ("L2CAP - no buffer for conn_req"); 563 return; 564 } 565 566 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET+HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 567 568 UINT16_TO_STREAM (p, 0); /* Local CID of 0 */ 569 UINT16_TO_STREAM (p, remote_cid); 570 UINT16_TO_STREAM (p, result); 571 UINT16_TO_STREAM (p, 0); /* Status of 0 */ 572 573 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 574 } 575 576 /******************************************************************************* 577 ** 578 ** Function l2cu_send_peer_config_req 579 ** 580 ** Description Build and send an L2CAP "configuration request" message 581 ** to the peer. 582 ** 583 ** Returns void 584 ** 585 *******************************************************************************/ 586 void l2cu_send_peer_config_req (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 587 { 588 BT_HDR *p_buf; 589 UINT16 cfg_len=0; 590 UINT8 *p; 591 592 /* Create an identifier for this packet */ 593 p_ccb->p_lcb->id++; 594 l2cu_adj_id(p_ccb->p_lcb, L2CAP_ADJ_ID); 595 596 p_ccb->local_id = p_ccb->p_lcb->id; 597 598 if (p_cfg->mtu_present) 599 cfg_len += L2CAP_CFG_MTU_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 600 if (p_cfg->flush_to_present) 601 cfg_len += L2CAP_CFG_FLUSH_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 602 if (p_cfg->qos_present) 603 cfg_len += L2CAP_CFG_QOS_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 604 if (p_cfg->fcr_present) 605 cfg_len += L2CAP_CFG_FCR_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 606 if (p_cfg->fcs_present) 607 cfg_len += L2CAP_CFG_FCS_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 608 if (p_cfg->ext_flow_spec_present) 609 cfg_len += L2CAP_CFG_EXT_FLOW_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 610 611 if ((p_buf = l2cu_build_header (p_ccb->p_lcb, (UINT16) (L2CAP_CONFIG_REQ_LEN + cfg_len), 612 L2CAP_CMD_CONFIG_REQ, p_ccb->local_id)) == NULL ) 613 { 614 L2CAP_TRACE_WARNING ("L2CAP - no buffer for conn_req"); 615 return; 616 } 617 618 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 619 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 620 621 UINT16_TO_STREAM (p, p_ccb->remote_cid); 622 UINT16_TO_STREAM (p, p_cfg->flags); /* Flags (continuation) */ 623 624 /* Now, put the options */ 625 if (p_cfg->mtu_present) 626 { 627 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_MTU); 628 UINT8_TO_STREAM (p, L2CAP_CFG_MTU_OPTION_LEN); 629 UINT16_TO_STREAM (p, p_cfg->mtu); 630 } 631 if (p_cfg->flush_to_present) 632 { 633 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_FLUSH_TOUT); 634 UINT8_TO_STREAM (p, L2CAP_CFG_FLUSH_OPTION_LEN); 635 UINT16_TO_STREAM (p, p_cfg->flush_to); 636 } 637 if (p_cfg->qos_present) 638 { 639 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_QOS); 640 UINT8_TO_STREAM (p, L2CAP_CFG_QOS_OPTION_LEN); 641 UINT8_TO_STREAM (p, p_cfg->qos.qos_flags); 642 UINT8_TO_STREAM (p, p_cfg->qos.service_type); 643 UINT32_TO_STREAM (p, p_cfg->qos.token_rate); 644 UINT32_TO_STREAM (p, p_cfg->qos.token_bucket_size); 645 UINT32_TO_STREAM (p, p_cfg->qos.peak_bandwidth); 646 UINT32_TO_STREAM (p, p_cfg->qos.latency); 647 UINT32_TO_STREAM (p, p_cfg->qos.delay_variation); 648 } 649 if (p_cfg->fcr_present) 650 { 651 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_FCR); 652 UINT8_TO_STREAM (p, L2CAP_CFG_FCR_OPTION_LEN); 653 UINT8_TO_STREAM (p, p_cfg->fcr.mode); 654 UINT8_TO_STREAM (p, p_cfg->fcr.tx_win_sz); 655 UINT8_TO_STREAM (p, p_cfg->fcr.max_transmit); 656 UINT16_TO_STREAM (p, p_cfg->fcr.rtrans_tout); 657 UINT16_TO_STREAM (p, p_cfg->fcr.mon_tout); 658 UINT16_TO_STREAM (p, p_cfg->fcr.mps); 659 } 660 661 if (p_cfg->fcs_present) 662 { 663 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_FCS); 664 UINT8_TO_STREAM (p, L2CAP_CFG_FCS_OPTION_LEN); 665 UINT8_TO_STREAM (p, p_cfg->fcs); 666 } 667 668 if (p_cfg->ext_flow_spec_present) 669 { 670 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_EXT_FLOW); 671 UINT8_TO_STREAM (p, L2CAP_CFG_EXT_FLOW_OPTION_LEN); 672 UINT8_TO_STREAM (p, p_cfg->ext_flow_spec.id); 673 UINT8_TO_STREAM (p, p_cfg->ext_flow_spec.stype); 674 UINT16_TO_STREAM (p, p_cfg->ext_flow_spec.max_sdu_size); 675 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.sdu_inter_time); 676 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.access_latency); 677 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.flush_timeout); 678 } 679 680 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 681 } 682 683 /******************************************************************************* 684 ** 685 ** Function l2cu_send_peer_config_rsp 686 ** 687 ** Description Build and send an L2CAP "configuration response" message 688 ** to the peer. 689 ** 690 ** Returns void 691 ** 692 *******************************************************************************/ 693 void l2cu_send_peer_config_rsp (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 694 { 695 BT_HDR *p_buf; 696 UINT16 cfg_len = 0; 697 UINT8 *p; 698 699 /* Create an identifier for this packet */ 700 if (p_cfg->mtu_present) 701 cfg_len += L2CAP_CFG_MTU_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 702 if (p_cfg->flush_to_present) 703 cfg_len += L2CAP_CFG_FLUSH_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 704 if (p_cfg->qos_present) 705 cfg_len += L2CAP_CFG_QOS_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 706 if (p_cfg->fcr_present) 707 cfg_len += L2CAP_CFG_FCR_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 708 if (p_cfg->ext_flow_spec_present) 709 cfg_len += L2CAP_CFG_EXT_FLOW_OPTION_LEN + L2CAP_CFG_OPTION_OVERHEAD; 710 711 if ((p_buf = l2cu_build_header (p_ccb->p_lcb, (UINT16)(L2CAP_CONFIG_RSP_LEN + cfg_len), 712 L2CAP_CMD_CONFIG_RSP, p_ccb->remote_id)) == NULL ) 713 { 714 L2CAP_TRACE_WARNING ("L2CAP - no buffer for conn_req"); 715 return; 716 } 717 718 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET+HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 719 720 UINT16_TO_STREAM (p, p_ccb->remote_cid); 721 UINT16_TO_STREAM (p, p_cfg->flags); /* Flags (continuation) Must match request */ 722 UINT16_TO_STREAM (p, p_cfg->result); 723 724 /* Now, put the options */ 725 if (p_cfg->mtu_present) 726 { 727 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_MTU); 728 UINT8_TO_STREAM (p, L2CAP_CFG_MTU_OPTION_LEN); 729 UINT16_TO_STREAM (p, p_cfg->mtu); 730 } 731 if (p_cfg->flush_to_present) 732 { 733 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_FLUSH_TOUT); 734 UINT8_TO_STREAM (p, L2CAP_CFG_FLUSH_OPTION_LEN); 735 UINT16_TO_STREAM (p, p_cfg->flush_to); 736 } 737 if (p_cfg->qos_present) 738 { 739 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_QOS); 740 UINT8_TO_STREAM (p, L2CAP_CFG_QOS_OPTION_LEN); 741 UINT8_TO_STREAM (p, p_cfg->qos.qos_flags); 742 UINT8_TO_STREAM (p, p_cfg->qos.service_type); 743 UINT32_TO_STREAM (p, p_cfg->qos.token_rate); 744 UINT32_TO_STREAM (p, p_cfg->qos.token_bucket_size); 745 UINT32_TO_STREAM (p, p_cfg->qos.peak_bandwidth); 746 UINT32_TO_STREAM (p, p_cfg->qos.latency); 747 UINT32_TO_STREAM (p, p_cfg->qos.delay_variation); 748 } 749 if (p_cfg->fcr_present) 750 { 751 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_FCR); 752 UINT8_TO_STREAM (p, L2CAP_CFG_FCR_OPTION_LEN); 753 UINT8_TO_STREAM (p, p_cfg->fcr.mode); 754 UINT8_TO_STREAM (p, p_cfg->fcr.tx_win_sz); 755 UINT8_TO_STREAM (p, p_cfg->fcr.max_transmit); 756 UINT16_TO_STREAM (p, p_ccb->our_cfg.fcr.rtrans_tout); 757 UINT16_TO_STREAM (p, p_ccb->our_cfg.fcr.mon_tout); 758 UINT16_TO_STREAM (p, p_cfg->fcr.mps); 759 } 760 761 if (p_cfg->ext_flow_spec_present) 762 { 763 UINT8_TO_STREAM (p, L2CAP_CFG_TYPE_EXT_FLOW); 764 UINT8_TO_STREAM (p, L2CAP_CFG_EXT_FLOW_OPTION_LEN); 765 UINT8_TO_STREAM (p, p_cfg->ext_flow_spec.id); 766 UINT8_TO_STREAM (p, p_cfg->ext_flow_spec.stype); 767 UINT16_TO_STREAM (p, p_cfg->ext_flow_spec.max_sdu_size); 768 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.sdu_inter_time); 769 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.access_latency); 770 UINT32_TO_STREAM (p, p_cfg->ext_flow_spec.flush_timeout); 771 } 772 773 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 774 } 775 776 /******************************************************************************* 777 ** 778 ** Function l2cu_send_peer_config_rej 779 ** 780 ** Description Build and send an L2CAP "configuration reject" message 781 ** to the peer. 782 ** 783 ** Returns void 784 ** 785 *******************************************************************************/ 786 void l2cu_send_peer_config_rej (tL2C_CCB *p_ccb, UINT8 *p_data, UINT16 data_len, UINT16 rej_len) 787 { 788 BT_HDR *p_buf; 789 UINT16 len, cfg_len, buf_space, len1; 790 UINT8 *p, *p_hci_len, *p_data_end; 791 UINT8 cfg_code; 792 793 L2CAP_TRACE_DEBUG("l2cu_send_peer_config_rej: data_len=%d, rej_len=%d", data_len, rej_len); 794 795 796 len = BT_HDR_SIZE + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD + L2CAP_CONFIG_RSP_LEN; 797 len1 = 0xFFFF - len; 798 if (rej_len > len1) 799 { 800 L2CAP_TRACE_ERROR ("L2CAP - cfg_rej pkt size exceeds buffer design max limit."); 801 return; 802 } 803 804 p_buf = (BT_HDR *)GKI_getbuf (len + rej_len); 805 806 if (!p_buf) 807 { 808 L2CAP_TRACE_ERROR ("L2CAP - no buffer for cfg_rej"); 809 return; 810 } 811 812 p_buf->offset = L2CAP_SEND_CMD_OFFSET; 813 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET; 814 815 /* Put in HCI header - handle + pkt boundary */ 816 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE) 817 if (HCI_NON_FLUSHABLE_PB_SUPPORTED(BTM_ReadLocalFeatures ())) 818 { 819 UINT16_TO_STREAM (p, (p_ccb->p_lcb->handle | (L2CAP_PKT_START_NON_FLUSHABLE << L2CAP_PKT_TYPE_SHIFT))); 820 } 821 else 822 #endif 823 { 824 UINT16_TO_STREAM (p, (p_ccb->p_lcb->handle | (L2CAP_PKT_START << L2CAP_PKT_TYPE_SHIFT))); 825 } 826 827 /* Remember the HCI header length position, and save space for it */ 828 p_hci_len = p; 829 p += 2; 830 831 /* Put in L2CAP packet header */ 832 UINT16_TO_STREAM (p, L2CAP_CMD_OVERHEAD + L2CAP_CONFIG_RSP_LEN + rej_len); 833 UINT16_TO_STREAM (p, L2CAP_SIGNALLING_CID); 834 835 /* Put in L2CAP command header */ 836 UINT8_TO_STREAM (p, L2CAP_CMD_CONFIG_RSP); 837 UINT8_TO_STREAM (p, p_ccb->remote_id); 838 839 UINT16_TO_STREAM (p, L2CAP_CONFIG_RSP_LEN + rej_len); 840 841 UINT16_TO_STREAM (p, p_ccb->remote_cid); 842 UINT16_TO_STREAM (p, 0); /* Flags = 0 (no continuation) */ 843 UINT16_TO_STREAM (p, L2CAP_CFG_UNKNOWN_OPTIONS); 844 845 buf_space = rej_len; 846 847 /* Now, put the rejected options */ 848 p_data_end = p_data + data_len; 849 while (p_data < p_data_end) 850 { 851 cfg_code = *p_data; 852 cfg_len = *(p_data + 1); 853 854 switch (cfg_code & 0x7F) 855 { 856 /* skip known options */ 857 case L2CAP_CFG_TYPE_MTU: 858 case L2CAP_CFG_TYPE_FLUSH_TOUT: 859 case L2CAP_CFG_TYPE_QOS: 860 p_data += cfg_len + L2CAP_CFG_OPTION_OVERHEAD; 861 break; 862 863 /* unknown options; copy into rsp if not hints */ 864 default: 865 /* sanity check option length */ 866 if ((cfg_len + L2CAP_CFG_OPTION_OVERHEAD) <= data_len) 867 { 868 if ((cfg_code & 0x80) == 0) 869 { 870 if (buf_space >= (cfg_len + L2CAP_CFG_OPTION_OVERHEAD)) 871 { 872 memcpy(p, p_data, cfg_len + L2CAP_CFG_OPTION_OVERHEAD); 873 p += cfg_len + L2CAP_CFG_OPTION_OVERHEAD; 874 buf_space -= (cfg_len + L2CAP_CFG_OPTION_OVERHEAD); 875 } 876 else 877 { 878 L2CAP_TRACE_WARNING("L2CAP - cfg_rej exceeds allocated buffer"); 879 p_data = p_data_end; /* force loop exit */ 880 break; 881 } 882 } 883 p_data += cfg_len + L2CAP_CFG_OPTION_OVERHEAD; 884 } 885 /* bad length; force loop exit */ 886 else 887 { 888 p_data = p_data_end; 889 } 890 break; 891 } 892 } 893 894 len = (UINT16) (p - p_hci_len - 2); 895 UINT16_TO_STREAM (p_hci_len, len); 896 897 p_buf->len = len + 4; 898 899 L2CAP_TRACE_DEBUG ("L2CAP - cfg_rej pkt hci_len=%d, l2cap_len=%d", 900 len, (L2CAP_CMD_OVERHEAD+L2CAP_CONFIG_RSP_LEN+rej_len)); 901 902 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 903 } 904 905 /******************************************************************************* 906 ** 907 ** Function l2cu_send_peer_disc_req 908 ** 909 ** Description Build and send an L2CAP "disconnect request" message 910 ** to the peer. 911 ** 912 ** Returns void 913 ** 914 *******************************************************************************/ 915 void l2cu_send_peer_disc_req (tL2C_CCB *p_ccb) 916 { 917 BT_HDR *p_buf, *p_buf2; 918 UINT8 *p; 919 920 /* Create an identifier for this packet */ 921 p_ccb->p_lcb->id++; 922 l2cu_adj_id(p_ccb->p_lcb, L2CAP_ADJ_ID); 923 924 p_ccb->local_id = p_ccb->p_lcb->id; 925 926 if ((p_buf = l2cu_build_header(p_ccb->p_lcb, L2CAP_DISC_REQ_LEN, L2CAP_CMD_DISC_REQ, p_ccb->local_id)) == NULL) 927 { 928 L2CAP_TRACE_WARNING ("L2CAP - no buffer for disc_req"); 929 return; 930 } 931 932 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 933 934 UINT16_TO_STREAM (p, p_ccb->remote_cid); 935 UINT16_TO_STREAM (p, p_ccb->local_cid); 936 937 /* Move all queued data packets to the LCB. In FCR mode, assume the higher 938 layer checks that all buffers are sent before disconnecting. 939 */ 940 if (p_ccb->peer_cfg.fcr.mode == L2CAP_FCR_BASIC_MODE) 941 { 942 while (GKI_getfirst(&p_ccb->xmit_hold_q)) 943 { 944 p_buf2 = (BT_HDR *)GKI_dequeue (&p_ccb->xmit_hold_q); 945 l2cu_set_acl_hci_header (p_buf2, p_ccb); 946 l2c_link_check_send_pkts (p_ccb->p_lcb, p_ccb, p_buf2); 947 } 948 } 949 950 l2c_link_check_send_pkts (p_ccb->p_lcb, NULL, p_buf); 951 } 952 953 954 /******************************************************************************* 955 ** 956 ** Function l2cu_send_peer_disc_rsp 957 ** 958 ** Description Build and send an L2CAP "disconnect response" message 959 ** to the peer. 960 ** 961 ** This function is passed the parameters for the disconnect 962 ** response instead of the CCB address, as it may be called 963 ** to send a disconnect response when there is no CCB. 964 ** 965 ** Returns void 966 ** 967 *******************************************************************************/ 968 void l2cu_send_peer_disc_rsp (tL2C_LCB *p_lcb, UINT8 remote_id, UINT16 local_cid, 969 UINT16 remote_cid) 970 { 971 BT_HDR *p_buf; 972 UINT8 *p; 973 974 if ((p_buf=l2cu_build_header(p_lcb, L2CAP_DISC_RSP_LEN, L2CAP_CMD_DISC_RSP, remote_id)) == NULL) 975 { 976 L2CAP_TRACE_WARNING ("L2CAP - no buffer for disc_rsp"); 977 return; 978 } 979 980 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 981 982 UINT16_TO_STREAM (p, local_cid); 983 UINT16_TO_STREAM (p, remote_cid); 984 985 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 986 } 987 988 989 /******************************************************************************* 990 ** 991 ** Function l2cu_send_peer_echo_req 992 ** 993 ** Description Build and send an L2CAP "echo request" message 994 ** to the peer. Note that we do not currently allow 995 ** data in the echo request. 996 ** 997 ** Returns void 998 ** 999 *******************************************************************************/ 1000 void l2cu_send_peer_echo_req (tL2C_LCB *p_lcb, UINT8 *p_data, UINT16 data_len) 1001 { 1002 BT_HDR *p_buf; 1003 UINT8 *p; 1004 1005 p_lcb->id++; 1006 l2cu_adj_id(p_lcb, L2CAP_ADJ_ZERO_ID); /* check for wrap to '0' */ 1007 1008 if ((p_buf = l2cu_build_header(p_lcb, (UINT16) (L2CAP_ECHO_REQ_LEN + data_len), L2CAP_CMD_ECHO_REQ, p_lcb->id)) == NULL) 1009 { 1010 L2CAP_TRACE_WARNING ("L2CAP - no buffer for echo_req"); 1011 return; 1012 } 1013 1014 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 1015 1016 if (data_len) 1017 { 1018 ARRAY_TO_STREAM (p, p_data, data_len); 1019 } 1020 1021 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 1022 } 1023 1024 1025 /******************************************************************************* 1026 ** 1027 ** Function l2cu_send_peer_echo_rsp 1028 ** 1029 ** Description Build and send an L2CAP "echo response" message 1030 ** to the peer. 1031 ** 1032 ** Returns void 1033 ** 1034 *******************************************************************************/ 1035 void l2cu_send_peer_echo_rsp (tL2C_LCB *p_lcb, UINT8 id, UINT8 *p_data, UINT16 data_len) 1036 { 1037 BT_HDR *p_buf; 1038 UINT8 *p; 1039 UINT16 maxlen; 1040 /* Filter out duplicate IDs or if available buffers are low (intruder checking) */ 1041 if (!id || id == p_lcb->cur_echo_id) 1042 { 1043 /* Dump this request since it is illegal */ 1044 L2CAP_TRACE_WARNING ("L2CAP ignoring duplicate echo request (%d)", id); 1045 return; 1046 } 1047 else 1048 p_lcb->cur_echo_id = id; 1049 /* Don't respond if we more than 10% of our buffers are used */ 1050 if (GKI_poolutilization (L2CAP_CMD_POOL_ID) > 10) 1051 { 1052 L2CAP_TRACE_WARNING ("L2CAP gki pool used up to more than 10%%, ignore echo response"); 1053 return; 1054 } 1055 1056 uint16_t acl_data_size = controller_get_interface()->get_acl_data_size_classic(); 1057 uint16_t acl_packet_size = controller_get_interface()->get_acl_packet_size_classic(); 1058 /* Don't return data if it does not fit in ACL and L2CAP MTU */ 1059 maxlen = (GKI_get_pool_bufsize(L2CAP_CMD_POOL_ID) > acl_packet_size) ? 1060 acl_data_size : (UINT16)GKI_get_pool_bufsize(L2CAP_CMD_POOL_ID); 1061 maxlen -= (UINT16)(BT_HDR_SIZE + HCI_DATA_PREAMBLE_SIZE + L2CAP_PKT_OVERHEAD + 1062 L2CAP_CMD_OVERHEAD + L2CAP_ECHO_RSP_LEN); 1063 1064 if (data_len > maxlen) 1065 data_len = 0; 1066 1067 if ((p_buf = l2cu_build_header (p_lcb, (UINT16)(L2CAP_ECHO_RSP_LEN + data_len), L2CAP_CMD_ECHO_RSP, id)) == NULL) 1068 { 1069 L2CAP_TRACE_WARNING ("L2CAP - no buffer for echo_rsp"); 1070 return; 1071 } 1072 1073 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 1074 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 1075 1076 if (data_len) 1077 { 1078 ARRAY_TO_STREAM (p, p_data, data_len); 1079 } 1080 1081 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 1082 } 1083 1084 /******************************************************************************* 1085 ** 1086 ** Function l2cu_send_peer_info_req 1087 ** 1088 ** Description Build and send an L2CAP "info request" message 1089 ** to the peer. 1090 ** Returns void 1091 ** 1092 *******************************************************************************/ 1093 void l2cu_send_peer_info_req (tL2C_LCB *p_lcb, UINT16 info_type) 1094 { 1095 BT_HDR *p_buf; 1096 UINT8 *p; 1097 1098 /* check for wrap and/or BRCM ID */ 1099 p_lcb->id++; 1100 l2cu_adj_id(p_lcb, L2CAP_ADJ_ID); 1101 1102 if ((p_buf = l2cu_build_header(p_lcb, 2, L2CAP_CMD_INFO_REQ, p_lcb->id)) == NULL) 1103 { 1104 L2CAP_TRACE_WARNING ("L2CAP - no buffer for info_req"); 1105 return; 1106 } 1107 1108 L2CAP_TRACE_EVENT ("l2cu_send_peer_info_req: type 0x%04x", info_type); 1109 1110 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET+HCI_DATA_PREAMBLE_SIZE + 1111 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 1112 1113 UINT16_TO_STREAM (p, info_type); 1114 1115 p_lcb->w4_info_rsp = TRUE; 1116 btu_start_timer (&p_lcb->info_timer_entry, BTU_TTYPE_L2CAP_INFO, L2CAP_WAIT_INFO_RSP_TOUT); 1117 1118 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 1119 } 1120 1121 1122 /******************************************************************************* 1123 ** 1124 ** Function l2cu_send_peer_info_rsp 1125 ** 1126 ** Description Build and send an L2CAP "info response" message 1127 ** to the peer. 1128 ** 1129 ** Returns void 1130 ** 1131 *******************************************************************************/ 1132 void l2cu_send_peer_info_rsp (tL2C_LCB *p_lcb, UINT8 remote_id, UINT16 info_type) 1133 { 1134 BT_HDR *p_buf; 1135 UINT8 *p; 1136 UINT16 len = L2CAP_INFO_RSP_LEN; 1137 1138 #if (L2CAP_CONFORMANCE_TESTING == TRUE) 1139 if ((info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) 1140 && (l2cb.test_info_resp & (L2CAP_EXTFEA_ENH_RETRANS | L2CAP_EXTFEA_STREAM_MODE | 1141 L2CAP_EXTFEA_NO_CRC | L2CAP_EXTFEA_EXT_FLOW_SPEC | 1142 L2CAP_EXTFEA_FIXED_CHNLS | L2CAP_EXTFEA_EXT_WINDOW | 1143 L2CAP_EXTFEA_UCD_RECEPTION )) ) 1144 #else 1145 if ((info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) 1146 && (L2CAP_EXTFEA_SUPPORTED_MASK & (L2CAP_EXTFEA_ENH_RETRANS | L2CAP_EXTFEA_STREAM_MODE | 1147 L2CAP_EXTFEA_NO_CRC |L2CAP_EXTFEA_FIXED_CHNLS | 1148 L2CAP_EXTFEA_UCD_RECEPTION )) ) 1149 #endif 1150 { 1151 len += L2CAP_EXTENDED_FEATURES_ARRAY_SIZE; 1152 } 1153 else if (info_type == L2CAP_FIXED_CHANNELS_INFO_TYPE) 1154 { 1155 len += L2CAP_FIXED_CHNL_ARRAY_SIZE; 1156 } 1157 else if (info_type == L2CAP_CONNLESS_MTU_INFO_TYPE) 1158 { 1159 len += L2CAP_CONNLESS_MTU_INFO_SIZE; 1160 } 1161 1162 if ((p_buf = l2cu_build_header(p_lcb, len, L2CAP_CMD_INFO_RSP, remote_id)) == NULL) 1163 { 1164 L2CAP_TRACE_WARNING ("L2CAP - no buffer for info_rsp"); 1165 return; 1166 } 1167 1168 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 1169 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 1170 1171 UINT16_TO_STREAM (p, info_type); 1172 1173 #if (L2CAP_CONFORMANCE_TESTING == TRUE) 1174 if ((info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) 1175 && (l2cb.test_info_resp & ( L2CAP_EXTFEA_ENH_RETRANS | L2CAP_EXTFEA_STREAM_MODE 1176 | L2CAP_EXTFEA_UCD_RECEPTION )) ) 1177 #else 1178 if ((info_type == L2CAP_EXTENDED_FEATURES_INFO_TYPE) 1179 && (L2CAP_EXTFEA_SUPPORTED_MASK & ( L2CAP_EXTFEA_ENH_RETRANS | L2CAP_EXTFEA_STREAM_MODE 1180 | L2CAP_EXTFEA_UCD_RECEPTION )) ) 1181 #endif 1182 { 1183 UINT16_TO_STREAM (p, L2CAP_INFO_RESP_RESULT_SUCCESS); 1184 #if (BLE_INCLUDED == TRUE) 1185 if (p_lcb->transport == BT_TRANSPORT_LE) 1186 { 1187 /* optional data are not added for now */ 1188 UINT32_TO_STREAM (p, L2CAP_BLE_EXTFEA_MASK); 1189 } 1190 else 1191 #endif 1192 { 1193 #if L2CAP_CONFORMANCE_TESTING == TRUE 1194 UINT32_TO_STREAM (p, l2cb.test_info_resp); 1195 #else 1196 #if (L2CAP_NUM_FIXED_CHNLS > 0) 1197 UINT32_TO_STREAM (p, L2CAP_EXTFEA_SUPPORTED_MASK | L2CAP_EXTFEA_FIXED_CHNLS); 1198 #else 1199 UINT32_TO_STREAM (p, L2CAP_EXTFEA_SUPPORTED_MASK); 1200 #endif 1201 #endif 1202 } 1203 } 1204 else if (info_type == L2CAP_FIXED_CHANNELS_INFO_TYPE) 1205 { 1206 UINT16_TO_STREAM (p, L2CAP_INFO_RESP_RESULT_SUCCESS); 1207 memset (p, 0, L2CAP_FIXED_CHNL_ARRAY_SIZE); 1208 1209 p[0] = L2CAP_FIXED_CHNL_SIG_BIT; 1210 1211 if ( L2CAP_EXTFEA_SUPPORTED_MASK & L2CAP_EXTFEA_UCD_RECEPTION ) 1212 p[0] |= L2CAP_FIXED_CHNL_CNCTLESS_BIT; 1213 1214 #if (L2CAP_NUM_FIXED_CHNLS > 0) 1215 { 1216 int xx; 1217 1218 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 1219 if (l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb != NULL) 1220 p[(xx + L2CAP_FIRST_FIXED_CHNL) / 8] |= 1 << ((xx + L2CAP_FIRST_FIXED_CHNL) % 8); 1221 } 1222 #endif 1223 } 1224 else if (info_type == L2CAP_CONNLESS_MTU_INFO_TYPE) 1225 { 1226 UINT16_TO_STREAM (p, L2CAP_INFO_RESP_RESULT_SUCCESS); 1227 UINT16_TO_STREAM (p, L2CAP_UCD_MTU); 1228 } 1229 else 1230 { 1231 UINT16_TO_STREAM (p, L2CAP_INFO_RESP_RESULT_NOT_SUPPORTED); /* 'not supported' */ 1232 } 1233 1234 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 1235 } 1236 1237 /****************************************************************************** 1238 ** 1239 ** Function l2cu_enqueue_ccb 1240 ** 1241 ** Description queue CCB by priority. The first CCB is highest priority and 1242 ** is served at first. The CCB is queued to an LLCB or an LCB. 1243 ** 1244 ** Returns None 1245 ** 1246 *******************************************************************************/ 1247 void l2cu_enqueue_ccb (tL2C_CCB *p_ccb) 1248 { 1249 tL2C_CCB *p_ccb1; 1250 tL2C_CCB_Q *p_q = NULL; 1251 1252 /* Find out which queue the channel is on 1253 */ 1254 if (p_ccb->p_lcb != NULL) 1255 p_q = &p_ccb->p_lcb->ccb_queue; 1256 1257 if ( (!p_ccb->in_use) || (p_q == NULL) ) 1258 { 1259 L2CAP_TRACE_ERROR ("l2cu_enqueue_ccb CID: 0x%04x ERROR in_use: %u p_lcb: 0x%08x", 1260 p_ccb->local_cid, p_ccb->in_use, p_ccb->p_lcb); 1261 return; 1262 } 1263 1264 L2CAP_TRACE_DEBUG ("l2cu_enqueue_ccb CID: 0x%04x priority: %d", 1265 p_ccb->local_cid, p_ccb->ccb_priority); 1266 1267 /* If the queue is empty, we go at the front */ 1268 if (!p_q->p_first_ccb) 1269 { 1270 p_q->p_first_ccb = p_q->p_last_ccb = p_ccb; 1271 p_ccb->p_next_ccb = p_ccb->p_prev_ccb = NULL; 1272 } 1273 else 1274 { 1275 p_ccb1 = p_q->p_first_ccb; 1276 1277 while (p_ccb1 != NULL) 1278 { 1279 /* Insert new ccb at the end of the same priority. Lower number, higher priority */ 1280 if (p_ccb->ccb_priority < p_ccb1->ccb_priority) 1281 { 1282 /* Are we at the head of the queue ? */ 1283 if (p_ccb1 == p_q->p_first_ccb) 1284 p_q->p_first_ccb = p_ccb; 1285 else 1286 p_ccb1->p_prev_ccb->p_next_ccb = p_ccb; 1287 1288 p_ccb->p_next_ccb = p_ccb1; 1289 p_ccb->p_prev_ccb = p_ccb1->p_prev_ccb; 1290 p_ccb1->p_prev_ccb = p_ccb; 1291 break; 1292 } 1293 1294 p_ccb1 = p_ccb1->p_next_ccb; 1295 } 1296 1297 /* If we are lower then anyone in the list, we go at the end */ 1298 if (!p_ccb1) 1299 { 1300 /* add new ccb at the end of the list */ 1301 p_q->p_last_ccb->p_next_ccb = p_ccb; 1302 1303 p_ccb->p_next_ccb = NULL; 1304 p_ccb->p_prev_ccb = p_q->p_last_ccb; 1305 p_q->p_last_ccb = p_ccb; 1306 } 1307 } 1308 1309 #if (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) 1310 /* Adding CCB into round robin service table of its LCB */ 1311 if (p_ccb->p_lcb != NULL) 1312 { 1313 /* if this is the first channel in this priority group */ 1314 if (p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb == 0 ) 1315 { 1316 /* Set the first channel to this CCB */ 1317 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb = p_ccb; 1318 /* Set the next serving channel in this group to this CCB */ 1319 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb = p_ccb; 1320 /* Initialize quota of this priority group based on its priority */ 1321 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].quota = L2CAP_GET_PRIORITY_QUOTA(p_ccb->ccb_priority); 1322 } 1323 /* increase number of channels in this group */ 1324 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb++; 1325 } 1326 #endif 1327 1328 } 1329 1330 /****************************************************************************** 1331 ** 1332 ** Function l2cu_dequeue_ccb 1333 ** 1334 ** Description dequeue CCB from a queue 1335 ** 1336 ** Returns - 1337 ** 1338 *******************************************************************************/ 1339 void l2cu_dequeue_ccb (tL2C_CCB *p_ccb) 1340 { 1341 tL2C_CCB_Q *p_q = NULL; 1342 1343 L2CAP_TRACE_DEBUG ("l2cu_dequeue_ccb CID: 0x%04x", p_ccb->local_cid); 1344 1345 /* Find out which queue the channel is on 1346 */ 1347 if (p_ccb->p_lcb != NULL) 1348 p_q = &p_ccb->p_lcb->ccb_queue; 1349 1350 if ( (!p_ccb->in_use) || (p_q == NULL) || (p_q->p_first_ccb == NULL) ) 1351 { 1352 L2CAP_TRACE_ERROR ("l2cu_dequeue_ccb CID: 0x%04x ERROR in_use: %u p_lcb: 0x%08x p_q: 0x%08x p_q->p_first_ccb: 0x%08x", 1353 p_ccb->local_cid, p_ccb->in_use, p_ccb->p_lcb, p_q, p_q ? p_q->p_first_ccb : 0); 1354 return; 1355 } 1356 1357 #if (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) 1358 /* Removing CCB from round robin service table of its LCB */ 1359 if (p_ccb->p_lcb != NULL) 1360 { 1361 /* decrease number of channels in this priority group */ 1362 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb--; 1363 1364 /* if it was the last channel in the priority group */ 1365 if (p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb == 0 ) 1366 { 1367 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb = NULL; 1368 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb = NULL; 1369 } 1370 else 1371 { 1372 /* if it is the first channel of this group */ 1373 if ( p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb == p_ccb ) 1374 { 1375 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb = p_ccb->p_next_ccb; 1376 } 1377 /* if it is the next serving channel of this group */ 1378 if ( p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb == p_ccb ) 1379 { 1380 /* simply, start serving from the first channel */ 1381 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb 1382 = p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb; 1383 } 1384 } 1385 } 1386 #endif 1387 1388 if (p_ccb == p_q->p_first_ccb) 1389 { 1390 /* We are removing the first in a queue */ 1391 p_q->p_first_ccb = p_ccb->p_next_ccb; 1392 1393 if (p_q->p_first_ccb) 1394 p_q->p_first_ccb->p_prev_ccb = NULL; 1395 else 1396 p_q->p_last_ccb = NULL; 1397 } 1398 else if (p_ccb == p_q->p_last_ccb) 1399 { 1400 /* We are removing the last in a queue */ 1401 p_q->p_last_ccb = p_ccb->p_prev_ccb; 1402 p_q->p_last_ccb->p_next_ccb = NULL; 1403 } 1404 else 1405 { 1406 /* In the middle of a chain. */ 1407 p_ccb->p_prev_ccb->p_next_ccb = p_ccb->p_next_ccb; 1408 p_ccb->p_next_ccb->p_prev_ccb = p_ccb->p_prev_ccb; 1409 } 1410 1411 p_ccb->p_next_ccb = p_ccb->p_prev_ccb = NULL; 1412 } 1413 1414 /****************************************************************************** 1415 ** 1416 ** Function l2cu_change_pri_ccb 1417 ** 1418 ** Description 1419 ** 1420 ** Returns - 1421 ** 1422 *******************************************************************************/ 1423 void l2cu_change_pri_ccb (tL2C_CCB *p_ccb, tL2CAP_CHNL_PRIORITY priority) 1424 { 1425 if (p_ccb->ccb_priority != priority) 1426 { 1427 /* If CCB is not the only guy on the queue */ 1428 if ( (p_ccb->p_next_ccb != NULL) || (p_ccb->p_prev_ccb != NULL) ) 1429 { 1430 L2CAP_TRACE_DEBUG ("Update CCB list in logical link"); 1431 1432 /* Remove CCB from queue and re-queue it at new priority */ 1433 l2cu_dequeue_ccb (p_ccb); 1434 1435 p_ccb->ccb_priority = priority; 1436 l2cu_enqueue_ccb (p_ccb); 1437 } 1438 #if (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) 1439 else 1440 { 1441 /* If CCB is the only guy on the queue, no need to re-enqueue */ 1442 /* update only round robin service data */ 1443 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb = 0; 1444 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb = NULL; 1445 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb = NULL; 1446 1447 p_ccb->ccb_priority = priority; 1448 1449 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_first_ccb = p_ccb; 1450 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].p_serve_ccb = p_ccb; 1451 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].quota = L2CAP_GET_PRIORITY_QUOTA(p_ccb->ccb_priority); 1452 p_ccb->p_lcb->rr_serv[p_ccb->ccb_priority].num_ccb = 1; 1453 } 1454 #endif 1455 } 1456 } 1457 1458 /******************************************************************************* 1459 ** 1460 ** Function l2cu_allocate_ccb 1461 ** 1462 ** Description This function allocates a Channel Control Block and 1463 ** attaches it to a link control block. The local CID 1464 ** is also assigned. 1465 ** 1466 ** Returns pointer to CCB, or NULL if none 1467 ** 1468 *******************************************************************************/ 1469 tL2C_CCB *l2cu_allocate_ccb (tL2C_LCB *p_lcb, UINT16 cid) 1470 { 1471 tL2C_CCB *p_ccb; 1472 tL2C_CCB *p_prev; 1473 1474 L2CAP_TRACE_DEBUG ("l2cu_allocate_ccb: cid 0x%04x", cid); 1475 1476 if (!l2cb.p_free_ccb_first) 1477 return (NULL); 1478 1479 /* If a CID was passed in, use that, else take the first free one */ 1480 if (cid == 0) 1481 { 1482 p_ccb = l2cb.p_free_ccb_first; 1483 l2cb.p_free_ccb_first = p_ccb->p_next_ccb; 1484 } 1485 else 1486 { 1487 p_prev = NULL; 1488 1489 p_ccb = &l2cb.ccb_pool[cid - L2CAP_BASE_APPL_CID]; 1490 1491 if (p_ccb == l2cb.p_free_ccb_first) 1492 l2cb.p_free_ccb_first = p_ccb->p_next_ccb; 1493 else 1494 { 1495 for (p_prev = l2cb.p_free_ccb_first; p_prev != NULL; p_prev = p_prev->p_next_ccb) 1496 { 1497 if (p_prev->p_next_ccb == p_ccb) 1498 { 1499 p_prev->p_next_ccb = p_ccb->p_next_ccb; 1500 1501 if (p_ccb == l2cb.p_free_ccb_last) 1502 l2cb.p_free_ccb_last = p_prev; 1503 1504 break; 1505 } 1506 } 1507 if (p_prev == NULL) 1508 { 1509 L2CAP_TRACE_ERROR ("l2cu_allocate_ccb: could not find CCB for CID 0x%04x in the free list", cid); 1510 return NULL; 1511 } 1512 } 1513 } 1514 1515 p_ccb->p_next_ccb = p_ccb->p_prev_ccb = NULL; 1516 1517 p_ccb->in_use = TRUE; 1518 1519 /* Get a CID for the connection */ 1520 p_ccb->local_cid = L2CAP_BASE_APPL_CID + (UINT16)(p_ccb - l2cb.ccb_pool); 1521 1522 p_ccb->p_lcb = p_lcb; 1523 p_ccb->p_rcb = NULL; 1524 p_ccb->should_free_rcb = false; 1525 1526 /* Set priority then insert ccb into LCB queue (if we have an LCB) */ 1527 p_ccb->ccb_priority = L2CAP_CHNL_PRIORITY_LOW; 1528 1529 if (p_lcb) 1530 l2cu_enqueue_ccb (p_ccb); 1531 1532 /* clear what peer wants to configure */ 1533 p_ccb->peer_cfg_bits = 0; 1534 1535 /* Put in default values for configuration */ 1536 memset (&p_ccb->our_cfg, 0, sizeof(tL2CAP_CFG_INFO)); 1537 memset (&p_ccb->peer_cfg, 0, sizeof(tL2CAP_CFG_INFO)); 1538 1539 /* Put in default values for local/peer configurations */ 1540 p_ccb->our_cfg.flush_to = p_ccb->peer_cfg.flush_to = L2CAP_DEFAULT_FLUSH_TO; 1541 p_ccb->our_cfg.mtu = p_ccb->peer_cfg.mtu = L2CAP_DEFAULT_MTU; 1542 p_ccb->our_cfg.qos.service_type = p_ccb->peer_cfg.qos.service_type = L2CAP_DEFAULT_SERV_TYPE; 1543 p_ccb->our_cfg.qos.token_rate = p_ccb->peer_cfg.qos.token_rate = L2CAP_DEFAULT_TOKEN_RATE; 1544 p_ccb->our_cfg.qos.token_bucket_size = p_ccb->peer_cfg.qos.token_bucket_size = L2CAP_DEFAULT_BUCKET_SIZE; 1545 p_ccb->our_cfg.qos.peak_bandwidth = p_ccb->peer_cfg.qos.peak_bandwidth = L2CAP_DEFAULT_PEAK_BANDWIDTH; 1546 p_ccb->our_cfg.qos.latency = p_ccb->peer_cfg.qos.latency = L2CAP_DEFAULT_LATENCY; 1547 p_ccb->our_cfg.qos.delay_variation = p_ccb->peer_cfg.qos.delay_variation = L2CAP_DEFAULT_DELAY; 1548 1549 p_ccb->bypass_fcs = 0; 1550 memset (&p_ccb->ertm_info, 0, sizeof(tL2CAP_ERTM_INFO)); 1551 p_ccb->peer_cfg_already_rejected = FALSE; 1552 p_ccb->fcr_cfg_tries = L2CAP_MAX_FCR_CFG_TRIES; 1553 p_ccb->fcrb.ack_timer.param = (TIMER_PARAM_TYPE)p_ccb; 1554 1555 /* if timer is running, remove it from timer list */ 1556 if (p_ccb->fcrb.ack_timer.in_use) 1557 btu_stop_quick_timer (&p_ccb->fcrb.ack_timer); 1558 1559 p_ccb->fcrb.mon_retrans_timer.param = (TIMER_PARAM_TYPE)p_ccb; 1560 1561 // btla-specific ++ 1562 /* CSP408639 Fix: When L2CAP send amp move channel request or receive 1563 * L2CEVT_AMP_MOVE_REQ do following sequence. Send channel move 1564 * request -> Stop retrans/monitor timer -> Change channel state to CST_AMP_MOVING. */ 1565 if (p_ccb->fcrb.mon_retrans_timer.in_use) 1566 btu_stop_quick_timer (&p_ccb->fcrb.mon_retrans_timer); 1567 // btla-specific -- 1568 1569 l2c_fcr_stop_timer (p_ccb); 1570 1571 p_ccb->ertm_info.preferred_mode = L2CAP_FCR_BASIC_MODE; /* Default mode for channel is basic mode */ 1572 p_ccb->ertm_info.allowed_modes = L2CAP_FCR_CHAN_OPT_BASIC; /* Default mode for channel is basic mode */ 1573 p_ccb->ertm_info.fcr_rx_pool_id = L2CAP_FCR_RX_POOL_ID; 1574 p_ccb->ertm_info.fcr_tx_pool_id = L2CAP_FCR_TX_POOL_ID; 1575 p_ccb->ertm_info.user_rx_pool_id = HCI_ACL_POOL_ID; 1576 p_ccb->ertm_info.user_tx_pool_id = HCI_ACL_POOL_ID; 1577 p_ccb->max_rx_mtu = L2CAP_MTU_SIZE; 1578 p_ccb->tx_mps = GKI_get_pool_bufsize(HCI_ACL_POOL_ID) - 32; 1579 1580 GKI_init_q (&p_ccb->xmit_hold_q); 1581 1582 p_ccb->cong_sent = FALSE; 1583 p_ccb->buff_quota = 2; /* This gets set after config */ 1584 1585 /* If CCB was reserved Config_Done can already have some value */ 1586 if (cid == 0) 1587 p_ccb->config_done = 0; 1588 else 1589 { 1590 L2CAP_TRACE_DEBUG ("l2cu_allocate_ccb: cid 0x%04x config_done:0x%x", cid, p_ccb->config_done); 1591 } 1592 1593 p_ccb->chnl_state = CST_CLOSED; 1594 p_ccb->flags = 0; 1595 p_ccb->tx_data_rate = L2CAP_CHNL_DATA_RATE_LOW; 1596 p_ccb->rx_data_rate = L2CAP_CHNL_DATA_RATE_LOW; 1597 1598 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE) 1599 p_ccb->is_flushable = FALSE; 1600 #endif 1601 1602 p_ccb->timer_entry.param = (TIMER_PARAM_TYPE)p_ccb; 1603 p_ccb->timer_entry.in_use = 0; 1604 1605 l2c_link_adjust_chnl_allocation (); 1606 1607 return (p_ccb); 1608 } 1609 1610 /******************************************************************************* 1611 ** 1612 ** Function l2cu_start_post_bond_timer 1613 ** 1614 ** Description This function starts the ACL Link inactivity timer after 1615 ** dedicated bonding 1616 ** This timer can be longer than the normal link inactivity 1617 ** timer for some platforms. 1618 ** 1619 ** Returns BOOLEAN - TRUE if idle timer started or disconnect initiated 1620 ** FALSE if there's one or more pending CCB's exist 1621 ** 1622 *******************************************************************************/ 1623 BOOLEAN l2cu_start_post_bond_timer (UINT16 handle) 1624 { 1625 UINT16 timeout; 1626 tL2C_LCB *p_lcb = l2cu_find_lcb_by_handle(handle); 1627 1628 if (!p_lcb) 1629 return (TRUE); 1630 1631 p_lcb->is_bonding = FALSE; 1632 1633 /* Only start timer if no control blocks allocated */ 1634 if (p_lcb->ccb_queue.p_first_ccb != NULL) 1635 return (FALSE); 1636 1637 /* If no channels on the connection, start idle timeout */ 1638 if ( (p_lcb->link_state == LST_CONNECTED) || (p_lcb->link_state == LST_CONNECTING) || (p_lcb->link_state == LST_DISCONNECTING) ) 1639 { 1640 if (p_lcb->idle_timeout == 0) 1641 { 1642 if (btsnd_hcic_disconnect (p_lcb->handle, HCI_ERR_PEER_USER)) 1643 { 1644 p_lcb->link_state = LST_DISCONNECTING; 1645 timeout = L2CAP_LINK_DISCONNECT_TOUT; 1646 } 1647 else 1648 timeout = BT_1SEC_TIMEOUT; 1649 } 1650 else 1651 { 1652 timeout = L2CAP_BONDING_TIMEOUT; 1653 } 1654 1655 if (timeout != 0xFFFF) 1656 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, timeout); 1657 1658 return (TRUE); 1659 } 1660 1661 return (FALSE); 1662 } 1663 1664 /******************************************************************************* 1665 ** 1666 ** Function l2cu_release_ccb 1667 ** 1668 ** Description This function releases a Channel Control Block. The timer 1669 ** is stopped, any attached buffers freed, and the CCB is removed 1670 ** from the link control block. 1671 ** 1672 ** Returns void 1673 ** 1674 *******************************************************************************/ 1675 void l2cu_release_ccb (tL2C_CCB *p_ccb) 1676 { 1677 tL2C_LCB *p_lcb = p_ccb->p_lcb; 1678 tL2C_RCB *p_rcb = p_ccb->p_rcb; 1679 1680 L2CAP_TRACE_DEBUG ("l2cu_release_ccb: cid 0x%04x in_use: %u", p_ccb->local_cid, p_ccb->in_use); 1681 1682 /* If already released, could be race condition */ 1683 if (!p_ccb->in_use) 1684 return; 1685 1686 if (p_rcb && (p_rcb->psm != p_rcb->real_psm)) 1687 { 1688 btm_sec_clr_service_by_psm(p_rcb->psm); 1689 } 1690 1691 if (p_ccb->should_free_rcb) 1692 { 1693 osi_free(p_rcb); 1694 p_ccb->p_rcb = NULL; 1695 p_ccb->should_free_rcb = false; 1696 } 1697 1698 btm_sec_clr_temp_auth_service (p_lcb->remote_bd_addr); 1699 1700 /* Stop the timer */ 1701 btu_stop_timer (&p_ccb->timer_entry); 1702 1703 while (!GKI_queue_is_empty(&p_ccb->xmit_hold_q)) 1704 GKI_freebuf (GKI_dequeue (&p_ccb->xmit_hold_q)); 1705 1706 l2c_fcr_cleanup (p_ccb); 1707 1708 /* Channel may not be assigned to any LCB if it was just pre-reserved */ 1709 if ( (p_lcb) && 1710 ( (p_ccb->local_cid >= L2CAP_BASE_APPL_CID) 1711 #if (L2CAP_UCD_INCLUDED == TRUE) 1712 ||(p_ccb->local_cid == L2CAP_CONNECTIONLESS_CID) 1713 #endif 1714 ) 1715 ) 1716 { 1717 l2cu_dequeue_ccb (p_ccb); 1718 1719 /* Delink the CCB from the LCB */ 1720 p_ccb->p_lcb = NULL; 1721 } 1722 1723 /* Put the CCB back on the free pool */ 1724 if (!l2cb.p_free_ccb_first) 1725 { 1726 l2cb.p_free_ccb_first = p_ccb; 1727 l2cb.p_free_ccb_last = p_ccb; 1728 p_ccb->p_next_ccb = NULL; 1729 p_ccb->p_prev_ccb = NULL; 1730 } 1731 else 1732 { 1733 p_ccb->p_next_ccb = NULL; 1734 p_ccb->p_prev_ccb = l2cb.p_free_ccb_last; 1735 l2cb.p_free_ccb_last->p_next_ccb = p_ccb; 1736 l2cb.p_free_ccb_last = p_ccb; 1737 } 1738 1739 /* Flag as not in use */ 1740 p_ccb->in_use = FALSE; 1741 1742 /* If no channels on the connection, start idle timeout */ 1743 if ((p_lcb) && p_lcb->in_use && (p_lcb->link_state == LST_CONNECTED)) 1744 { 1745 if (!p_lcb->ccb_queue.p_first_ccb) 1746 { 1747 l2cu_no_dynamic_ccbs (p_lcb); 1748 } 1749 else 1750 { 1751 /* Link is still active, adjust channel quotas. */ 1752 l2c_link_adjust_chnl_allocation (); 1753 } 1754 } 1755 } 1756 1757 /******************************************************************************* 1758 ** 1759 ** Function l2cu_find_ccb_by_remote_cid 1760 ** 1761 ** Description Look through all active CCBs on a link for a match based 1762 ** on the remote CID. 1763 ** 1764 ** Returns pointer to matched CCB, or NULL if no match 1765 ** 1766 *******************************************************************************/ 1767 tL2C_CCB *l2cu_find_ccb_by_remote_cid (tL2C_LCB *p_lcb, UINT16 remote_cid) 1768 { 1769 tL2C_CCB *p_ccb; 1770 1771 /* If LCB is NULL, look through all active links */ 1772 if (!p_lcb) 1773 { 1774 return NULL; 1775 } 1776 else 1777 { 1778 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 1779 if ((p_ccb->in_use) && (p_ccb->remote_cid == remote_cid)) 1780 return (p_ccb); 1781 } 1782 1783 /* If here, no match found */ 1784 return (NULL); 1785 } 1786 1787 /******************************************************************************* 1788 ** 1789 ** Function l2cu_allocate_rcb 1790 ** 1791 ** Description Look through the Registration Control Blocks for a free 1792 ** one. 1793 ** 1794 ** Returns Pointer to the RCB or NULL if not found 1795 ** 1796 *******************************************************************************/ 1797 tL2C_RCB *l2cu_allocate_rcb (UINT16 psm) 1798 { 1799 tL2C_RCB *p_rcb = &l2cb.rcb_pool[0]; 1800 UINT16 xx; 1801 1802 for (xx = 0; xx < MAX_L2CAP_CLIENTS; xx++, p_rcb++) 1803 { 1804 if (!p_rcb->in_use) 1805 { 1806 p_rcb->in_use = TRUE; 1807 p_rcb->psm = psm; 1808 #if (L2CAP_UCD_INCLUDED == TRUE) 1809 p_rcb->ucd.state = L2C_UCD_STATE_UNUSED; 1810 #endif 1811 return (p_rcb); 1812 } 1813 } 1814 1815 /* If here, no free RCB found */ 1816 return (NULL); 1817 } 1818 1819 1820 /******************************************************************************* 1821 ** 1822 ** Function l2cu_release_rcb 1823 ** 1824 ** Description Mark an RCB as no longet in use 1825 ** 1826 ** Returns void 1827 ** 1828 *******************************************************************************/ 1829 void l2cu_release_rcb (tL2C_RCB *p_rcb) 1830 { 1831 p_rcb->in_use = FALSE; 1832 p_rcb->psm = 0; 1833 } 1834 1835 1836 /******************************************************************************* 1837 ** 1838 ** Function l2cu_disconnect_chnl 1839 ** 1840 ** Description Disconnect a channel. Typically, this is due to either 1841 ** receiving a bad configuration, bad packet or max_retries expiring. 1842 ** 1843 *******************************************************************************/ 1844 void l2cu_disconnect_chnl (tL2C_CCB *p_ccb) 1845 { 1846 UINT16 local_cid = p_ccb->local_cid; 1847 1848 if (local_cid >= L2CAP_BASE_APPL_CID) 1849 { 1850 tL2CA_DISCONNECT_IND_CB *p_disc_cb = p_ccb->p_rcb->api.pL2CA_DisconnectInd_Cb; 1851 1852 L2CAP_TRACE_WARNING ("L2CAP - disconnect_chnl CID: 0x%04x", local_cid); 1853 1854 l2cu_send_peer_disc_req (p_ccb); 1855 1856 l2cu_release_ccb (p_ccb); 1857 1858 (*p_disc_cb)(local_cid, FALSE); 1859 } 1860 else 1861 { 1862 /* failure on the AMP channel, probably need to disconnect ACL */ 1863 L2CAP_TRACE_ERROR ("L2CAP - disconnect_chnl CID: 0x%04x Ignored", local_cid); 1864 } 1865 } 1866 1867 1868 /******************************************************************************* 1869 ** 1870 ** Function l2cu_find_rcb_by_psm 1871 ** 1872 ** Description Look through the Registration Control Blocks to see if 1873 ** anyone registered to handle the PSM in question 1874 ** 1875 ** Returns Pointer to the RCB or NULL if not found 1876 ** 1877 *******************************************************************************/ 1878 tL2C_RCB *l2cu_find_rcb_by_psm (UINT16 psm) 1879 { 1880 tL2C_RCB *p_rcb = &l2cb.rcb_pool[0]; 1881 UINT16 xx; 1882 1883 for (xx = 0; xx < MAX_L2CAP_CLIENTS; xx++, p_rcb++) 1884 { 1885 if ((p_rcb->in_use) && (p_rcb->psm == psm)) 1886 return (p_rcb); 1887 } 1888 1889 /* If here, no match found */ 1890 return (NULL); 1891 } 1892 1893 1894 /******************************************************************************* 1895 ** 1896 ** Function l2cu_process_peer_cfg_req 1897 ** 1898 ** Description This function is called when the peer sends us a "config request" 1899 ** message. It extracts the configuration of interest and saves 1900 ** it in the CCB. 1901 ** 1902 ** Note: Negotiation of the FCR channel type is handled internally, 1903 ** all others are passed to the upper layer. 1904 ** 1905 ** Returns UINT8 - L2CAP_PEER_CFG_OK if passed to upper layer, 1906 ** L2CAP_PEER_CFG_UNACCEPTABLE if automatically responded to 1907 ** because parameters are unnacceptable from a specification 1908 ** point of view. 1909 ** L2CAP_PEER_CFG_DISCONNECT if no compatible channel modes 1910 ** between the two devices, and shall be closed. 1911 ** 1912 *******************************************************************************/ 1913 UINT8 l2cu_process_peer_cfg_req (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 1914 { 1915 BOOLEAN mtu_ok = TRUE; 1916 BOOLEAN qos_type_ok = TRUE; 1917 BOOLEAN flush_to_ok = TRUE; 1918 BOOLEAN fcr_ok = TRUE; 1919 UINT8 fcr_status; 1920 1921 /* Ignore FCR parameters for basic mode */ 1922 if (!p_cfg->fcr_present) 1923 p_cfg->fcr.mode = L2CAP_FCR_BASIC_MODE; 1924 1925 /* Save the MTU that our peer can receive */ 1926 if (p_cfg->mtu_present) 1927 { 1928 /* Make sure MTU is at least the minimum */ 1929 if (p_cfg->mtu >= L2CAP_MIN_MTU) 1930 { 1931 /* In basic mode, limit the MTU to our buffer size */ 1932 if ( (p_cfg->fcr_present == FALSE) && (p_cfg->mtu > L2CAP_MTU_SIZE) ) 1933 p_cfg->mtu = L2CAP_MTU_SIZE; 1934 1935 /* Save the accepted value in case of renegotiation */ 1936 p_ccb->peer_cfg.mtu = p_cfg->mtu; 1937 p_ccb->peer_cfg.mtu_present = TRUE; 1938 p_ccb->peer_cfg_bits |= L2CAP_CH_CFG_MASK_MTU; 1939 } 1940 else /* Illegal MTU value */ 1941 { 1942 p_cfg->mtu = L2CAP_MIN_MTU; 1943 mtu_ok = FALSE; 1944 } 1945 } 1946 /* Reload mtu from a previously accepted config request */ 1947 else if (p_ccb->peer_cfg.mtu_present) 1948 { 1949 p_cfg->mtu_present = TRUE; 1950 p_cfg->mtu = p_ccb->peer_cfg.mtu; 1951 } 1952 1953 /* Verify that the flush timeout is a valid value (0 is illegal) */ 1954 if (p_cfg->flush_to_present) 1955 { 1956 if (!p_cfg->flush_to) 1957 { 1958 p_cfg->flush_to = 0xFFFF; /* Infinite retransmissions (spec default) */ 1959 flush_to_ok = FALSE; 1960 } 1961 else /* Save the accepted value in case of renegotiation */ 1962 { 1963 p_ccb->peer_cfg.flush_to_present = TRUE; 1964 p_ccb->peer_cfg.flush_to = p_cfg->flush_to; 1965 p_ccb->peer_cfg_bits |= L2CAP_CH_CFG_MASK_FLUSH_TO; 1966 } 1967 } 1968 /* Reload flush_to from a previously accepted config request */ 1969 else if (p_ccb->peer_cfg.flush_to_present) 1970 { 1971 p_cfg->flush_to_present = TRUE; 1972 p_cfg->flush_to = p_ccb->peer_cfg.flush_to; 1973 } 1974 1975 /* Save the QOS settings the the peer is using */ 1976 if (p_cfg->qos_present) 1977 { 1978 /* Make sure service type is not a reserved value; otherwise let upper 1979 layer decide if acceptable 1980 */ 1981 if (p_cfg->qos.service_type <= GUARANTEED) 1982 { 1983 p_ccb->peer_cfg.qos = p_cfg->qos; 1984 p_ccb->peer_cfg.qos_present = TRUE; 1985 p_ccb->peer_cfg_bits |= L2CAP_CH_CFG_MASK_QOS; 1986 } 1987 else /* Illegal service type value */ 1988 { 1989 p_cfg->qos.service_type = BEST_EFFORT; 1990 qos_type_ok = FALSE; 1991 } 1992 } 1993 /* Reload QOS from a previously accepted config request */ 1994 else if (p_ccb->peer_cfg.qos_present) 1995 { 1996 p_cfg->qos_present = TRUE; 1997 p_cfg->qos = p_ccb->peer_cfg.qos; 1998 } 1999 2000 if ((fcr_status = l2c_fcr_process_peer_cfg_req (p_ccb, p_cfg)) == L2CAP_PEER_CFG_DISCONNECT) 2001 { 2002 /* Notify caller to disconnect the channel (incompatible modes) */ 2003 p_cfg->result = L2CAP_CFG_FAILED_NO_REASON; 2004 p_cfg->mtu_present = p_cfg->qos_present = p_cfg->flush_to_present = 0; 2005 2006 return (L2CAP_PEER_CFG_DISCONNECT); 2007 } 2008 2009 fcr_ok = (fcr_status == L2CAP_PEER_CFG_OK); 2010 2011 /* Return any unacceptable parameters */ 2012 if (mtu_ok && flush_to_ok && qos_type_ok && fcr_ok) 2013 { 2014 l2cu_adjust_out_mps (p_ccb); 2015 return (L2CAP_PEER_CFG_OK); 2016 } 2017 else 2018 { 2019 p_cfg->result = L2CAP_CFG_UNACCEPTABLE_PARAMS; 2020 2021 if (mtu_ok) 2022 p_cfg->mtu_present = FALSE; 2023 if (flush_to_ok) 2024 p_cfg->flush_to_present = FALSE; 2025 if (qos_type_ok) 2026 p_cfg->qos_present = FALSE; 2027 if (fcr_ok) 2028 p_cfg->fcr_present = FALSE; 2029 2030 return (L2CAP_PEER_CFG_UNACCEPTABLE); 2031 } 2032 } 2033 2034 2035 /******************************************************************************* 2036 ** 2037 ** Function l2cu_process_peer_cfg_rsp 2038 ** 2039 ** Description This function is called when the peer sends us a "config response" 2040 ** message. It extracts the configuration of interest and saves 2041 ** it in the CCB. 2042 ** 2043 ** Returns void 2044 ** 2045 *******************************************************************************/ 2046 void l2cu_process_peer_cfg_rsp (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 2047 { 2048 /* If we wanted QoS and the peer sends us a positive response with QoS, use his values */ 2049 if ( (p_cfg->qos_present) && (p_ccb->our_cfg.qos_present) ) 2050 p_ccb->our_cfg.qos = p_cfg->qos; 2051 2052 if (p_cfg->fcr_present) 2053 { 2054 /* Save the retransmission and monitor timeout values */ 2055 if (p_cfg->fcr.mode == L2CAP_FCR_ERTM_MODE) 2056 { 2057 p_ccb->peer_cfg.fcr.rtrans_tout = p_cfg->fcr.rtrans_tout; 2058 p_ccb->peer_cfg.fcr.mon_tout = p_cfg->fcr.mon_tout; 2059 } 2060 2061 /* Calculate the max number of packets for which we can delay sending an ack */ 2062 if (p_cfg->fcr.tx_win_sz < p_ccb->our_cfg.fcr.tx_win_sz) 2063 p_ccb->fcrb.max_held_acks = p_cfg->fcr.tx_win_sz / 3; 2064 else 2065 p_ccb->fcrb.max_held_acks = p_ccb->our_cfg.fcr.tx_win_sz / 3; 2066 2067 L2CAP_TRACE_DEBUG ("l2cu_process_peer_cfg_rsp(): peer tx_win_sz: %d, our tx_win_sz: %d, max_held_acks: %d", 2068 p_cfg->fcr.tx_win_sz, p_ccb->our_cfg.fcr.tx_win_sz, p_ccb->fcrb.max_held_acks); 2069 } 2070 } 2071 2072 /******************************************************************************* 2073 ** 2074 ** Function l2cu_process_our_cfg_req 2075 ** 2076 ** Description This function is called when we send a "config request" 2077 ** message. It extracts the configuration of interest and saves 2078 ** it in the CCB. 2079 ** 2080 ** Returns void 2081 ** 2082 *******************************************************************************/ 2083 void l2cu_process_our_cfg_req (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 2084 { 2085 tL2C_LCB *p_lcb; 2086 UINT16 hci_flush_to; 2087 2088 /* Save the QOS settings we are using for transmit */ 2089 if (p_cfg->qos_present) 2090 { 2091 p_ccb->our_cfg.qos_present = TRUE; 2092 p_ccb->our_cfg.qos = p_cfg->qos; 2093 } 2094 2095 if (p_cfg->fcr_present) 2096 { 2097 /* Override FCR options if attempting streaming or basic */ 2098 if (p_cfg->fcr.mode == L2CAP_FCR_BASIC_MODE) 2099 memset(&p_cfg->fcr, 0, sizeof(tL2CAP_FCR_OPTS)); 2100 else 2101 { 2102 /* On BR/EDR, timer values are zero in config request */ 2103 /* On class 2 AMP, timer value in config request shall be non-0 processing time */ 2104 /* timer value in config response shall be greater than received processing time */ 2105 p_cfg->fcr.mon_tout = p_cfg->fcr.rtrans_tout = 0; 2106 2107 if (p_cfg->fcr.mode == L2CAP_FCR_STREAM_MODE) 2108 p_cfg->fcr.max_transmit = p_cfg->fcr.tx_win_sz = 0; 2109 } 2110 2111 /* Set the threshold to send acks (may be updated in the cfg response) */ 2112 p_ccb->fcrb.max_held_acks = p_cfg->fcr.tx_win_sz / 3; 2113 2114 /* Include FCS option only if peer can handle it */ 2115 if (p_ccb->p_lcb->peer_ext_fea & L2CAP_EXTFEA_NO_CRC) 2116 { 2117 /* FCS check can be bypassed if peer also desires to bypass */ 2118 if (p_cfg->fcs_present && p_cfg->fcs == L2CAP_CFG_FCS_BYPASS) 2119 p_ccb->bypass_fcs |= L2CAP_CFG_FCS_OUR; 2120 } 2121 else 2122 p_cfg->fcs_present = FALSE; 2123 } 2124 else 2125 { 2126 p_cfg->fcr.mode = L2CAP_FCR_BASIC_MODE; 2127 } 2128 2129 p_ccb->our_cfg.fcr.mode = p_cfg->fcr.mode; 2130 p_ccb->our_cfg.fcr_present = p_cfg->fcr_present; 2131 2132 /* Check the flush timeout. If it is lower than the current one used */ 2133 /* then we need to adjust the flush timeout sent to the controller */ 2134 if (p_cfg->flush_to_present) 2135 { 2136 if ((p_cfg->flush_to == 0)||(p_cfg->flush_to == L2CAP_NO_AUTOMATIC_FLUSH)) 2137 { 2138 /* don't send invalid flush timeout */ 2139 /* SPEC: The sender of the Request shall specify its flush timeout value */ 2140 /* if it differs from the default value of 0xFFFF */ 2141 p_cfg->flush_to_present = FALSE; 2142 } 2143 else 2144 { 2145 p_ccb->our_cfg.flush_to = p_cfg->flush_to; 2146 p_lcb = p_ccb->p_lcb; 2147 2148 if (p_cfg->flush_to < p_lcb->link_flush_tout) 2149 { 2150 p_lcb->link_flush_tout = p_cfg->flush_to; 2151 2152 /* If the timeout is within range of HCI, set the flush timeout */ 2153 if (p_cfg->flush_to <= ((HCI_MAX_AUTO_FLUSH_TOUT * 5) / 8)) 2154 { 2155 /* Convert flush timeout to 0.625 ms units, with round */ 2156 hci_flush_to = ((p_cfg->flush_to * 8) + 3) / 5; 2157 btsnd_hcic_write_auto_flush_tout (p_lcb->handle, hci_flush_to); 2158 } 2159 } 2160 } 2161 } 2162 } 2163 2164 2165 /******************************************************************************* 2166 ** 2167 ** Function l2cu_process_our_cfg_rsp 2168 ** 2169 ** Description This function is called when we send the peer a "config response" 2170 ** message. It extracts the configuration of interest and saves 2171 ** it in the CCB. 2172 ** 2173 ** Returns void 2174 ** 2175 *******************************************************************************/ 2176 void l2cu_process_our_cfg_rsp (tL2C_CCB *p_ccb, tL2CAP_CFG_INFO *p_cfg) 2177 { 2178 /* If peer wants QoS, we are allowed to change the values in a positive response */ 2179 if ( (p_cfg->qos_present) && (p_ccb->peer_cfg.qos_present) ) 2180 p_ccb->peer_cfg.qos = p_cfg->qos; 2181 else 2182 p_cfg->qos_present = FALSE; 2183 2184 l2c_fcr_adj_our_rsp_options (p_ccb, p_cfg); 2185 } 2186 2187 2188 /******************************************************************************* 2189 ** 2190 ** Function l2cu_device_reset 2191 ** 2192 ** Description This function is called when reset of the device is 2193 ** completed. For all active connection simulate HCI_DISC 2194 ** 2195 ** Returns void 2196 ** 2197 *******************************************************************************/ 2198 void l2cu_device_reset (void) 2199 { 2200 int xx; 2201 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 2202 2203 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 2204 { 2205 if ((p_lcb->in_use) && (p_lcb->handle != HCI_INVALID_HANDLE)) 2206 { 2207 l2c_link_hci_disc_comp (p_lcb->handle, (UINT8) -1); 2208 } 2209 } 2210 #if (BLE_INCLUDED == TRUE) 2211 l2cb.is_ble_connecting = FALSE; 2212 #endif 2213 } 2214 2215 /******************************************************************************* 2216 ** 2217 ** Function l2cu_create_conn 2218 ** 2219 ** Description This function initiates an acl connection via HCI 2220 ** 2221 ** Returns TRUE if successful, FALSE if gki get buffer fails. 2222 ** 2223 *******************************************************************************/ 2224 BOOLEAN l2cu_create_conn (tL2C_LCB *p_lcb, tBT_TRANSPORT transport) 2225 { 2226 int xx; 2227 tL2C_LCB *p_lcb_cur = &l2cb.lcb_pool[0]; 2228 #if BTM_SCO_INCLUDED == TRUE 2229 BOOLEAN is_sco_active; 2230 #endif 2231 2232 #if (BLE_INCLUDED == TRUE) 2233 tBT_DEVICE_TYPE dev_type; 2234 tBLE_ADDR_TYPE addr_type; 2235 2236 2237 BTM_ReadDevInfo(p_lcb->remote_bd_addr, &dev_type, &addr_type); 2238 2239 if (transport == BT_TRANSPORT_LE) 2240 { 2241 if (!controller_get_interface()->supports_ble()) 2242 return FALSE; 2243 2244 p_lcb->ble_addr_type = addr_type; 2245 p_lcb->transport = BT_TRANSPORT_LE; 2246 2247 return (l2cble_create_conn(p_lcb)); 2248 } 2249 #endif 2250 2251 /* If there is a connection where we perform as a slave, try to switch roles 2252 for this connection */ 2253 for (xx = 0, p_lcb_cur = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS; xx++, p_lcb_cur++) 2254 { 2255 if (p_lcb_cur == p_lcb) 2256 continue; 2257 2258 if ((p_lcb_cur->in_use) && (p_lcb_cur->link_role == HCI_ROLE_SLAVE)) 2259 { 2260 2261 #if BTM_SCO_INCLUDED == TRUE 2262 /* The LMP_switch_req shall be sent only if the ACL logical transport 2263 is in active mode, when encryption is disabled, and all synchronous 2264 logical transports on the same physical link are disabled." */ 2265 2266 /* Check if there is any SCO Active on this BD Address */ 2267 is_sco_active = btm_is_sco_active_by_bdaddr(p_lcb_cur->remote_bd_addr); 2268 2269 L2CAP_TRACE_API ("l2cu_create_conn - btm_is_sco_active_by_bdaddr() is_sco_active = %s", \ 2270 (is_sco_active == TRUE) ? "TRUE":"FALSE"); 2271 2272 if (is_sco_active == TRUE) 2273 continue; /* No Master Slave switch not allowed when SCO Active */ 2274 #endif 2275 /*4_1_TODO check if btm_cb.devcb.local_features to be used instead */ 2276 if (HCI_SWITCH_SUPPORTED(BTM_ReadLocalFeatures())) 2277 { 2278 /* mark this lcb waiting for switch to be completed and 2279 start switch on the other one */ 2280 p_lcb->link_state = LST_CONNECTING_WAIT_SWITCH; 2281 p_lcb->link_role = HCI_ROLE_MASTER; 2282 2283 if (BTM_SwitchRole (p_lcb_cur->remote_bd_addr, HCI_ROLE_MASTER, NULL) == BTM_CMD_STARTED) 2284 { 2285 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, L2CAP_LINK_ROLE_SWITCH_TOUT); 2286 return (TRUE); 2287 } 2288 } 2289 } 2290 } 2291 2292 p_lcb->link_state = LST_CONNECTING; 2293 2294 return (l2cu_create_conn_after_switch (p_lcb)); 2295 } 2296 2297 /******************************************************************************* 2298 ** 2299 ** Function l2cu_get_num_hi_priority 2300 ** 2301 ** Description Gets the number of high priority channels. 2302 ** 2303 ** Returns 2304 ** 2305 *******************************************************************************/ 2306 UINT8 l2cu_get_num_hi_priority (void) 2307 { 2308 UINT8 no_hi = 0; 2309 int xx; 2310 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 2311 2312 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 2313 { 2314 if ((p_lcb->in_use) && (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH)) 2315 { 2316 no_hi++; 2317 } 2318 } 2319 return no_hi; 2320 } 2321 2322 2323 /******************************************************************************* 2324 ** 2325 ** Function l2cu_create_conn_after_switch 2326 ** 2327 ** Description This function initiates an acl connection via HCI 2328 ** If switch required to create connection it is already done. 2329 ** 2330 ** Returns TRUE if successful, FALSE if gki get buffer fails. 2331 ** 2332 *******************************************************************************/ 2333 2334 BOOLEAN l2cu_create_conn_after_switch (tL2C_LCB *p_lcb) 2335 { 2336 UINT8 allow_switch = HCI_CR_CONN_ALLOW_SWITCH; 2337 tBTM_INQ_INFO *p_inq_info; 2338 UINT8 page_scan_rep_mode; 2339 UINT8 page_scan_mode; 2340 UINT16 clock_offset; 2341 UINT8 *p_features; 2342 UINT16 num_acl = BTM_GetNumAclLinks(); 2343 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (p_lcb->remote_bd_addr); 2344 UINT8 no_hi_prio_chs = l2cu_get_num_hi_priority(); 2345 2346 p_features = BTM_ReadLocalFeatures(); 2347 2348 L2CAP_TRACE_DEBUG ("l2cu_create_conn_after_switch :%d num_acl:%d no_hi: %d is_bonding:%d", 2349 l2cb.disallow_switch, num_acl, no_hi_prio_chs, p_lcb->is_bonding); 2350 /* FW team says that we can participant in 4 piconets 2351 * typically 3 piconet + 1 for scanning. 2352 * We can enhance the code to count the number of piconets later. */ 2353 if ( ((!l2cb.disallow_switch && (num_acl < 3)) || (p_lcb->is_bonding && (no_hi_prio_chs==0))) 2354 && HCI_SWITCH_SUPPORTED(p_features)) 2355 allow_switch = HCI_CR_CONN_ALLOW_SWITCH; 2356 else 2357 allow_switch = HCI_CR_CONN_NOT_ALLOW_SWITCH; 2358 2359 p_lcb->link_state = LST_CONNECTING; 2360 2361 /* Check with the BT manager if details about remote device are known */ 2362 if ((p_inq_info = BTM_InqDbRead(p_lcb->remote_bd_addr)) != NULL) 2363 { 2364 page_scan_rep_mode = p_inq_info->results.page_scan_rep_mode; 2365 page_scan_mode = p_inq_info->results.page_scan_mode; 2366 clock_offset = (UINT16)(p_inq_info->results.clock_offset); 2367 } 2368 else 2369 { 2370 /* No info known. Use default settings */ 2371 page_scan_rep_mode = HCI_PAGE_SCAN_REP_MODE_R1; 2372 page_scan_mode = HCI_MANDATARY_PAGE_SCAN_MODE; 2373 2374 clock_offset = (p_dev_rec) ? p_dev_rec->clock_offset : 0; 2375 } 2376 2377 if (!btsnd_hcic_create_conn (p_lcb->remote_bd_addr, 2378 ( HCI_PKT_TYPES_MASK_DM1 | HCI_PKT_TYPES_MASK_DH1 2379 | HCI_PKT_TYPES_MASK_DM3 | HCI_PKT_TYPES_MASK_DH3 2380 | HCI_PKT_TYPES_MASK_DM5 | HCI_PKT_TYPES_MASK_DH5 ), 2381 page_scan_rep_mode, 2382 page_scan_mode, 2383 clock_offset, 2384 allow_switch)) 2385 2386 { 2387 L2CAP_TRACE_ERROR ("L2CAP - no buffer for l2cu_create_conn"); 2388 l2cu_release_lcb (p_lcb); 2389 return (FALSE); 2390 } 2391 2392 btm_acl_update_busy_level (BTM_BLI_PAGE_EVT); 2393 2394 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, 2395 L2CAP_LINK_CONNECT_TOUT); 2396 2397 return (TRUE); 2398 } 2399 2400 2401 /******************************************************************************* 2402 ** 2403 ** Function l2cu_find_lcb_by_state 2404 ** 2405 ** Description Look through all active LCBs for a match based on the 2406 ** LCB state. 2407 ** 2408 ** Returns pointer to first matched LCB, or NULL if no match 2409 ** 2410 *******************************************************************************/ 2411 tL2C_LCB *l2cu_find_lcb_by_state (tL2C_LINK_STATE state) 2412 { 2413 UINT16 i; 2414 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 2415 2416 for (i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) 2417 { 2418 if ((p_lcb->in_use) && (p_lcb->link_state == state)) 2419 { 2420 return (p_lcb); 2421 } 2422 } 2423 2424 /* If here, no match found */ 2425 return (NULL); 2426 } 2427 2428 2429 /******************************************************************************* 2430 ** 2431 ** Function l2cu_lcb_disconnecting 2432 ** 2433 ** Description On each active lcb, check if the lcb is in disconnecting 2434 ** state, or if there are no ccb's on the lcb (implying 2435 idle timeout is running), or if last ccb on the link 2436 is in disconnecting state. 2437 ** 2438 ** Returns TRUE if any of above conditions met, FALSE otherwise 2439 ** 2440 *******************************************************************************/ 2441 BOOLEAN l2cu_lcb_disconnecting (void) 2442 { 2443 tL2C_LCB *p_lcb; 2444 tL2C_CCB *p_ccb; 2445 UINT16 i; 2446 BOOLEAN status = FALSE; 2447 2448 p_lcb = &l2cb.lcb_pool[0]; 2449 2450 for (i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) 2451 { 2452 if (p_lcb->in_use) 2453 { 2454 /* no ccbs on lcb, or lcb is in disconnecting state */ 2455 if ((!p_lcb->ccb_queue.p_first_ccb) || (p_lcb->link_state == LST_DISCONNECTING)) 2456 { 2457 status = TRUE; 2458 break; 2459 } 2460 /* only one ccb left on lcb */ 2461 else if (p_lcb->ccb_queue.p_first_ccb == p_lcb->ccb_queue.p_last_ccb) 2462 { 2463 p_ccb = p_lcb->ccb_queue.p_first_ccb; 2464 2465 if ((p_ccb->in_use) && 2466 ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) || 2467 (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))) 2468 { 2469 status = TRUE; 2470 break; 2471 } 2472 } 2473 } 2474 } 2475 return status; 2476 } 2477 2478 2479 /******************************************************************************* 2480 ** 2481 ** Function l2cu_set_acl_priority 2482 ** 2483 ** Description Sets the transmission priority for a channel. 2484 ** (For initial implementation only two values are valid. 2485 ** L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH). 2486 ** 2487 ** Returns TRUE if a valid channel, else FALSE 2488 ** 2489 *******************************************************************************/ 2490 2491 BOOLEAN l2cu_set_acl_priority (BD_ADDR bd_addr, UINT8 priority, BOOLEAN reset_after_rs) 2492 { 2493 tL2C_LCB *p_lcb; 2494 UINT8 *pp; 2495 UINT8 command[HCI_BRCM_ACL_PRIORITY_PARAM_SIZE]; 2496 UINT8 vs_param; 2497 2498 APPL_TRACE_EVENT("SET ACL PRIORITY %d", priority); 2499 2500 /* Find the link control block for the acl channel */ 2501 if ((p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR)) == NULL) 2502 { 2503 L2CAP_TRACE_WARNING ("L2CAP - no LCB for L2CA_SetAclPriority"); 2504 return (FALSE); 2505 } 2506 2507 if (BTM_IS_BRCM_CONTROLLER()) 2508 { 2509 /* Called from above L2CAP through API; send VSC if changed */ 2510 if ((!reset_after_rs && (priority != p_lcb->acl_priority)) || 2511 /* Called because of a master/slave role switch; if high resend VSC */ 2512 ( reset_after_rs && p_lcb->acl_priority == L2CAP_PRIORITY_HIGH)) 2513 { 2514 pp = command; 2515 2516 vs_param = (priority == L2CAP_PRIORITY_HIGH) ? HCI_BRCM_ACL_PRIORITY_HIGH : HCI_BRCM_ACL_PRIORITY_LOW; 2517 2518 UINT16_TO_STREAM (pp, p_lcb->handle); 2519 UINT8_TO_STREAM (pp, vs_param); 2520 2521 BTM_VendorSpecificCommand (HCI_BRCM_SET_ACL_PRIORITY, HCI_BRCM_ACL_PRIORITY_PARAM_SIZE, command, NULL); 2522 2523 /* Adjust lmp buffer allocation for this channel if priority changed */ 2524 if (p_lcb->acl_priority != priority) 2525 { 2526 p_lcb->acl_priority = priority; 2527 l2c_link_adjust_allocation(); 2528 } 2529 } 2530 } 2531 return(TRUE); 2532 } 2533 2534 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE) 2535 /****************************************************************************** 2536 ** 2537 ** Function l2cu_set_non_flushable_pbf 2538 ** 2539 ** Description set L2CAP_PKT_START_NON_FLUSHABLE if controller supoorts 2540 ** 2541 ** Returns void 2542 ** 2543 *******************************************************************************/ 2544 void l2cu_set_non_flushable_pbf (BOOLEAN is_supported) 2545 { 2546 if (is_supported) 2547 l2cb.non_flushable_pbf = (L2CAP_PKT_START_NON_FLUSHABLE << L2CAP_PKT_TYPE_SHIFT); 2548 else 2549 l2cb.non_flushable_pbf = (L2CAP_PKT_START << L2CAP_PKT_TYPE_SHIFT); 2550 } 2551 #endif 2552 2553 /******************************************************************************* 2554 ** 2555 ** Function l2cu_resubmit_pending_sec_req 2556 ** 2557 ** Description This function is called when required security procedures 2558 ** are completed and any pending requests can be re-submitted. 2559 ** 2560 ** Returns void 2561 ** 2562 *******************************************************************************/ 2563 void l2cu_resubmit_pending_sec_req (BD_ADDR p_bda) 2564 { 2565 tL2C_LCB *p_lcb; 2566 tL2C_CCB *p_ccb; 2567 tL2C_CCB *p_next_ccb; 2568 int xx; 2569 2570 L2CAP_TRACE_DEBUG ("l2cu_resubmit_pending_sec_req p_bda: 0x%08x", p_bda); 2571 2572 /* If we are called with a BDA, only resubmit for that BDA */ 2573 if (p_bda) 2574 { 2575 p_lcb = l2cu_find_lcb_by_bd_addr (p_bda, BT_TRANSPORT_BR_EDR); 2576 2577 /* If we don't have one, this is an error */ 2578 if (p_lcb) 2579 { 2580 /* For all channels, send the event through their FSMs */ 2581 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_next_ccb) 2582 { 2583 p_next_ccb = p_ccb->p_next_ccb; 2584 l2c_csm_execute (p_ccb, L2CEVT_SEC_RE_SEND_CMD, NULL); 2585 } 2586 } 2587 else 2588 { 2589 L2CAP_TRACE_WARNING ("l2cu_resubmit_pending_sec_req - unknown BD_ADDR"); 2590 } 2591 } 2592 else 2593 { 2594 /* No BDA pasesed in, so check all links */ 2595 for (xx = 0, p_lcb = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 2596 { 2597 if (p_lcb->in_use) 2598 { 2599 /* For all channels, send the event through their FSMs */ 2600 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_next_ccb) 2601 { 2602 p_next_ccb = p_ccb->p_next_ccb; 2603 l2c_csm_execute (p_ccb, L2CEVT_SEC_RE_SEND_CMD, NULL); 2604 } 2605 } 2606 } 2607 } 2608 } 2609 2610 #if L2CAP_CONFORMANCE_TESTING == TRUE 2611 /******************************************************************************* 2612 ** 2613 ** Function l2cu_set_info_rsp_mask 2614 ** 2615 ** Description This function allows the script wrapper to change the 2616 ** info resp mask for conformance testing. 2617 ** 2618 ** Returns pointer to CCB, or NULL if none 2619 ** 2620 *******************************************************************************/ 2621 void l2cu_set_info_rsp_mask (UINT32 mask) 2622 { 2623 l2cb.test_info_resp = mask; 2624 } 2625 #endif /* L2CAP_CONFORMANCE_TESTING */ 2626 2627 /******************************************************************************* 2628 ** 2629 ** Function l2cu_adjust_out_mps 2630 ** 2631 ** Description Sets our MPS based on current controller capabilities 2632 ** 2633 ** Returns void 2634 ** 2635 *******************************************************************************/ 2636 void l2cu_adjust_out_mps (tL2C_CCB *p_ccb) 2637 { 2638 UINT16 packet_size; 2639 2640 /* on the tx side MTU is selected based on packet size of the controller */ 2641 packet_size = btm_get_max_packet_size (p_ccb->p_lcb->remote_bd_addr); 2642 2643 if (packet_size <= (L2CAP_PKT_OVERHEAD + L2CAP_FCR_OVERHEAD + L2CAP_SDU_LEN_OVERHEAD + L2CAP_FCS_LEN)) 2644 { 2645 /* something is very wrong */ 2646 L2CAP_TRACE_ERROR ("l2cu_adjust_out_mps bad packet size: %u will use MPS: %u", packet_size, p_ccb->peer_cfg.fcr.mps); 2647 p_ccb->tx_mps = p_ccb->peer_cfg.fcr.mps; 2648 } 2649 else 2650 { 2651 packet_size -= (L2CAP_PKT_OVERHEAD + L2CAP_FCR_OVERHEAD + L2CAP_SDU_LEN_OVERHEAD + L2CAP_FCS_LEN); 2652 2653 /* We try to negotiate MTU that each packet can be split into whole 2654 number of max packets. For example if link is 1.2 max packet size is 339 bytes. 2655 At first calculate how many whole packets it is. MAX L2CAP is 1691 + 4 overhead. 2656 1695, that will be 5 Dh5 packets. Now maximum L2CAP packet is 2657 5 * 339 = 1695. Minus 4 bytes L2CAP header 1691. 2658 2659 For EDR 2.0 packet size is 1027. So we better send RFCOMM packet as 1 3DH5 packet 2660 1 * 1027 = 1027. Minus 4 bytes L2CAP header 1023. */ 2661 if (p_ccb->peer_cfg.fcr.mps >= packet_size) 2662 p_ccb->tx_mps = p_ccb->peer_cfg.fcr.mps / packet_size * packet_size; 2663 else 2664 p_ccb->tx_mps = p_ccb->peer_cfg.fcr.mps; 2665 2666 L2CAP_TRACE_DEBUG ("l2cu_adjust_out_mps use %d Based on peer_cfg.fcr.mps: %u packet_size: %u", 2667 p_ccb->tx_mps, p_ccb->peer_cfg.fcr.mps, packet_size); 2668 } 2669 } 2670 2671 2672 /******************************************************************************* 2673 ** 2674 ** Function l2cu_initialize_fixed_ccb 2675 ** 2676 ** Description Initialize a fixed channel's CCB 2677 ** 2678 ** Returns TRUE or FALSE 2679 ** 2680 *******************************************************************************/ 2681 BOOLEAN l2cu_initialize_fixed_ccb (tL2C_LCB *p_lcb, UINT16 fixed_cid, tL2CAP_FCR_OPTS *p_fcr) 2682 { 2683 #if (L2CAP_NUM_FIXED_CHNLS > 0) 2684 tL2C_CCB *p_ccb; 2685 2686 /* If we already have a CCB, then simply return */ 2687 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] != NULL) 2688 return (TRUE); 2689 2690 if ((p_ccb = l2cu_allocate_ccb (NULL, 0)) == NULL) 2691 return (FALSE); 2692 2693 btu_stop_timer(&p_lcb->timer_entry); 2694 2695 /* Set CID for the connection */ 2696 p_ccb->local_cid = fixed_cid; 2697 p_ccb->remote_cid = fixed_cid; 2698 2699 GKI_init_q (&p_ccb->xmit_hold_q); 2700 2701 p_ccb->is_flushable = FALSE; 2702 2703 p_ccb->timer_entry.param = (TIMER_PARAM_TYPE)p_ccb; 2704 2705 2706 if (p_fcr) 2707 { 2708 /* Set the FCR parameters. For now, we will use default pools */ 2709 p_ccb->our_cfg.fcr = p_ccb->peer_cfg.fcr = *p_fcr; 2710 2711 p_ccb->ertm_info.fcr_rx_pool_id = HCI_ACL_POOL_ID; 2712 p_ccb->ertm_info.fcr_tx_pool_id = HCI_ACL_POOL_ID; 2713 p_ccb->ertm_info.user_rx_pool_id = HCI_ACL_POOL_ID; 2714 p_ccb->ertm_info.user_tx_pool_id = HCI_ACL_POOL_ID; 2715 2716 p_ccb->fcrb.max_held_acks = p_fcr->tx_win_sz / 3; 2717 } 2718 2719 /* Link ccb to lcb and lcb to ccb */ 2720 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = p_ccb; 2721 p_ccb->p_lcb = p_lcb; 2722 2723 /* There is no configuration, so if the link is up, the channel is up */ 2724 if (p_lcb->link_state == LST_CONNECTED) 2725 p_ccb->chnl_state = CST_OPEN; 2726 2727 /* Set the default idle timeout value to use */ 2728 p_ccb->fixed_chnl_idle_tout = l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].default_idle_tout; 2729 #endif 2730 return (TRUE); 2731 } 2732 2733 /******************************************************************************* 2734 ** 2735 ** Function l2cu_no_dynamic_ccbs 2736 ** 2737 ** Description Handles the case when there are no more dynamic CCBs. If there 2738 ** are any fixed CCBs, start the longest of the fixed CCB timeouts, 2739 ** otherwise start the default link idle timeout or disconnect. 2740 ** 2741 ** Returns void 2742 ** 2743 *******************************************************************************/ 2744 void l2cu_no_dynamic_ccbs (tL2C_LCB *p_lcb) 2745 { 2746 tBTM_STATUS rc; 2747 UINT16 timeout = p_lcb->idle_timeout; 2748 2749 #if (L2CAP_NUM_FIXED_CHNLS > 0) 2750 int xx; 2751 2752 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 2753 { 2754 if ( (p_lcb->p_fixed_ccbs[xx] != NULL) && (p_lcb->p_fixed_ccbs[xx]->fixed_chnl_idle_tout > timeout) ) 2755 timeout = p_lcb->p_fixed_ccbs[xx]->fixed_chnl_idle_tout; 2756 } 2757 #endif 2758 2759 /* If the link is pairing, do not mess with the timeouts */ 2760 if (p_lcb->is_bonding) 2761 return; 2762 2763 if (timeout == 0) 2764 { 2765 L2CAP_TRACE_DEBUG ("l2cu_no_dynamic_ccbs() IDLE timer 0, disconnecting link"); 2766 2767 rc = btm_sec_disconnect (p_lcb->handle, HCI_ERR_PEER_USER); 2768 if (rc == BTM_CMD_STARTED) 2769 { 2770 l2cu_process_fixed_disc_cback(p_lcb); 2771 p_lcb->link_state = LST_DISCONNECTING; 2772 timeout = L2CAP_LINK_DISCONNECT_TOUT; 2773 } 2774 else if (rc == BTM_SUCCESS) 2775 { 2776 l2cu_process_fixed_disc_cback(p_lcb); 2777 /* BTM SEC will make sure that link is release (probably after pairing is done) */ 2778 p_lcb->link_state = LST_DISCONNECTING; 2779 timeout = 0xFFFF; 2780 } 2781 else if ( (p_lcb->is_bonding) 2782 && (btsnd_hcic_disconnect (p_lcb->handle, HCI_ERR_PEER_USER)) ) 2783 { 2784 l2cu_process_fixed_disc_cback(p_lcb); 2785 p_lcb->link_state = LST_DISCONNECTING; 2786 timeout = L2CAP_LINK_DISCONNECT_TOUT; 2787 } 2788 else 2789 { 2790 /* probably no buffer to send disconnect */ 2791 timeout = BT_1SEC_TIMEOUT; 2792 } 2793 } 2794 2795 if (timeout != 0xFFFF) 2796 { 2797 L2CAP_TRACE_DEBUG ("l2cu_no_dynamic_ccbs() starting IDLE timeout: %d", timeout); 2798 btu_start_timer (&p_lcb->timer_entry, BTU_TTYPE_L2CAP_LINK, timeout); 2799 } 2800 else 2801 { 2802 btu_stop_timer(&p_lcb->timer_entry); 2803 } 2804 } 2805 2806 #if (L2CAP_NUM_FIXED_CHNLS > 0) 2807 /******************************************************************************* 2808 ** 2809 ** Function l2cu_process_fixed_chnl_resp 2810 ** 2811 ** Description handle a fixed channel response (or lack thereof) 2812 ** if the link failed, or a fixed channel response was 2813 ** not received, the bitfield is all zeros. 2814 ** 2815 *******************************************************************************/ 2816 void l2cu_process_fixed_chnl_resp (tL2C_LCB *p_lcb) 2817 { 2818 #if (BLE_INCLUDED == TRUE) 2819 if (p_lcb->transport == BT_TRANSPORT_BR_EDR) 2820 { 2821 /* ignore all not assigned BR/EDR channels */ 2822 p_lcb->peer_chnl_mask[0] &= (L2CAP_FIXED_CHNL_SIG_BIT| \ 2823 L2CAP_FIXED_CHNL_CNCTLESS_BIT| \ 2824 L2CAP_FIXED_CHNL_SMP_BR_BIT); 2825 } 2826 else 2827 p_lcb->peer_chnl_mask[0] = l2cb.l2c_ble_fixed_chnls_mask; 2828 #endif 2829 2830 /* Tell all registered fixed channels about the connection */ 2831 for (int xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 2832 { 2833 #if BLE_INCLUDED == TRUE 2834 /* skip sending LE fix channel callbacks on BR/EDR links */ 2835 if (p_lcb->transport == BT_TRANSPORT_BR_EDR && 2836 xx + L2CAP_FIRST_FIXED_CHNL >= L2CAP_ATT_CID && 2837 xx + L2CAP_FIRST_FIXED_CHNL <= L2CAP_SMP_CID) 2838 continue; 2839 #endif 2840 if (l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb != NULL) 2841 { 2842 if (p_lcb->peer_chnl_mask[(xx + L2CAP_FIRST_FIXED_CHNL) / 8] 2843 & (1 << ((xx + L2CAP_FIRST_FIXED_CHNL) % 8))) 2844 { 2845 if (p_lcb->p_fixed_ccbs[xx]) 2846 p_lcb->p_fixed_ccbs[xx]->chnl_state = CST_OPEN; 2847 #if BLE_INCLUDED == TRUE 2848 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2849 p_lcb->remote_bd_addr, TRUE, 0, p_lcb->transport); 2850 #else 2851 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2852 p_lcb->remote_bd_addr, TRUE, 0, BT_TRANSPORT_BR_EDR); 2853 #endif 2854 } 2855 else 2856 { 2857 #if BLE_INCLUDED == TRUE 2858 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2859 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, p_lcb->transport); 2860 #else 2861 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2862 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, BT_TRANSPORT_BR_EDR); 2863 #endif 2864 2865 if (p_lcb->p_fixed_ccbs[xx]) 2866 { 2867 l2cu_release_ccb (p_lcb->p_fixed_ccbs[xx]); 2868 p_lcb->p_fixed_ccbs[xx] = NULL; 2869 } 2870 } 2871 } 2872 } 2873 } 2874 #endif 2875 2876 2877 /******************************************************************************* 2878 ** 2879 ** Function l2cu_process_fixed_disc_cback 2880 ** 2881 ** Description send l2cap fixed channel disconnection callback to application 2882 ** 2883 ** 2884 ** Returns void 2885 ** 2886 *******************************************************************************/ 2887 void l2cu_process_fixed_disc_cback (tL2C_LCB *p_lcb) 2888 { 2889 #if (L2CAP_NUM_FIXED_CHNLS > 0) 2890 2891 /* Select peer channels mask to use depending on transport */ 2892 UINT8 peer_channel_mask = p_lcb->peer_chnl_mask[0]; 2893 2894 // For LE, reset the stored peer channel mask 2895 if (p_lcb->transport == BT_TRANSPORT_LE) 2896 p_lcb->peer_chnl_mask[0] = 0; 2897 2898 for (int xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 2899 { 2900 if (p_lcb->p_fixed_ccbs[xx]) 2901 { 2902 if (p_lcb->p_fixed_ccbs[xx] != p_lcb->p_pending_ccb) 2903 { 2904 tL2C_CCB *p_l2c_chnl_ctrl_block; 2905 p_l2c_chnl_ctrl_block = p_lcb->p_fixed_ccbs[xx]; 2906 p_lcb->p_fixed_ccbs[xx] = NULL; 2907 l2cu_release_ccb(p_l2c_chnl_ctrl_block); 2908 #if BLE_INCLUDED == TRUE 2909 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2910 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, p_lcb->transport); 2911 #else 2912 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2913 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, BT_TRANSPORT_BR_EDR); 2914 #endif 2915 } 2916 } 2917 else if ( (peer_channel_mask & (1 << (xx + L2CAP_FIRST_FIXED_CHNL))) 2918 && (l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb != NULL) ) 2919 #if BLE_INCLUDED == TRUE 2920 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2921 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, p_lcb->transport); 2922 #else 2923 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(xx + L2CAP_FIRST_FIXED_CHNL, 2924 p_lcb->remote_bd_addr, FALSE, p_lcb->disc_reason, BT_TRANSPORT_BR_EDR); 2925 #endif 2926 } 2927 #endif 2928 } 2929 2930 #if (BLE_INCLUDED == TRUE) 2931 /******************************************************************************* 2932 ** 2933 ** Function l2cu_send_peer_ble_par_req 2934 ** 2935 ** Description Build and send a BLE parameter update request message 2936 ** to the peer. 2937 ** 2938 ** Returns void 2939 ** 2940 *******************************************************************************/ 2941 void l2cu_send_peer_ble_par_req (tL2C_LCB *p_lcb, UINT16 min_int, UINT16 max_int, 2942 UINT16 latency, UINT16 timeout) 2943 { 2944 BT_HDR *p_buf; 2945 UINT8 *p; 2946 2947 /* Create an identifier for this packet */ 2948 p_lcb->id++; 2949 l2cu_adj_id (p_lcb, L2CAP_ADJ_ID); 2950 2951 if ((p_buf = l2cu_build_header (p_lcb, L2CAP_CMD_BLE_UPD_REQ_LEN, 2952 L2CAP_CMD_BLE_UPDATE_REQ, p_lcb->id)) == NULL ) 2953 { 2954 L2CAP_TRACE_WARNING ("l2cu_send_peer_ble_par_req - no buffer"); 2955 return; 2956 } 2957 2958 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 2959 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 2960 2961 UINT16_TO_STREAM (p, min_int); 2962 UINT16_TO_STREAM (p, max_int); 2963 UINT16_TO_STREAM (p, latency); 2964 UINT16_TO_STREAM (p, timeout); 2965 2966 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 2967 } 2968 2969 /******************************************************************************* 2970 ** 2971 ** Function l2cu_send_peer_ble_par_rsp 2972 ** 2973 ** Description Build and send a BLE parameter update response message 2974 ** to the peer. 2975 ** 2976 ** Returns void 2977 ** 2978 *******************************************************************************/ 2979 void l2cu_send_peer_ble_par_rsp (tL2C_LCB *p_lcb, UINT16 reason, UINT8 rem_id) 2980 { 2981 BT_HDR *p_buf; 2982 UINT8 *p; 2983 2984 if ((p_buf = l2cu_build_header (p_lcb, L2CAP_CMD_BLE_UPD_RSP_LEN, 2985 L2CAP_CMD_BLE_UPDATE_RSP, rem_id)) == NULL ) 2986 { 2987 L2CAP_TRACE_WARNING ("l2cu_send_peer_ble_par_rsp - no buffer"); 2988 return; 2989 } 2990 2991 p = (UINT8 *)(p_buf + 1) + L2CAP_SEND_CMD_OFFSET + HCI_DATA_PREAMBLE_SIZE + 2992 L2CAP_PKT_OVERHEAD + L2CAP_CMD_OVERHEAD; 2993 2994 UINT16_TO_STREAM (p, reason); 2995 2996 l2c_link_check_send_pkts (p_lcb, NULL, p_buf); 2997 } 2998 2999 #endif /* BLE_INCLUDED == TRUE */ 3000 3001 3002 /******************************************************************************* 3003 ** Functions used by both Full and Light Stack 3004 ********************************************************************************/ 3005 3006 /******************************************************************************* 3007 ** 3008 ** Function l2cu_find_lcb_by_handle 3009 ** 3010 ** Description Look through all active LCBs for a match based on the 3011 ** HCI handle. 3012 ** 3013 ** Returns pointer to matched LCB, or NULL if no match 3014 ** 3015 *******************************************************************************/ 3016 tL2C_LCB *l2cu_find_lcb_by_handle (UINT16 handle) 3017 { 3018 int xx; 3019 tL2C_LCB *p_lcb = &l2cb.lcb_pool[0]; 3020 3021 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) 3022 { 3023 if ((p_lcb->in_use) && (p_lcb->handle == handle)) 3024 { 3025 return (p_lcb); 3026 } 3027 } 3028 3029 /* If here, no match found */ 3030 return (NULL); 3031 } 3032 3033 /******************************************************************************* 3034 ** 3035 ** Function l2cu_find_ccb_by_cid 3036 ** 3037 ** Description Look through all active CCBs on a link for a match based 3038 ** on the local CID. If passed the link pointer is NULL, all 3039 ** active links are searched. 3040 ** 3041 ** Returns pointer to matched CCB, or NULL if no match 3042 ** 3043 *******************************************************************************/ 3044 tL2C_CCB *l2cu_find_ccb_by_cid (tL2C_LCB *p_lcb, UINT16 local_cid) 3045 { 3046 tL2C_CCB *p_ccb = NULL; 3047 #if (L2CAP_UCD_INCLUDED == TRUE) 3048 UINT8 xx; 3049 #endif 3050 3051 if (local_cid >= L2CAP_BASE_APPL_CID) 3052 { 3053 /* find the associated CCB by "index" */ 3054 local_cid -= L2CAP_BASE_APPL_CID; 3055 3056 if (local_cid >= MAX_L2CAP_CHANNELS) 3057 return NULL; 3058 3059 p_ccb = l2cb.ccb_pool + local_cid; 3060 3061 /* make sure the CCB is in use */ 3062 if (!p_ccb->in_use) 3063 { 3064 p_ccb = NULL; 3065 } 3066 /* make sure it's for the same LCB */ 3067 else if (p_lcb && p_lcb != p_ccb->p_lcb) 3068 { 3069 p_ccb = NULL; 3070 } 3071 } 3072 #if (L2CAP_UCD_INCLUDED == TRUE) 3073 else 3074 { 3075 /* searching fixed channel */ 3076 p_ccb = l2cb.ccb_pool; 3077 for ( xx = 0; xx < MAX_L2CAP_CHANNELS; xx++ ) 3078 { 3079 if ((p_ccb->local_cid == local_cid) 3080 &&(p_ccb->in_use) 3081 &&(p_lcb == p_ccb->p_lcb)) 3082 break; 3083 else 3084 p_ccb++; 3085 } 3086 if ( xx >= MAX_L2CAP_CHANNELS ) 3087 return NULL; 3088 } 3089 #endif 3090 3091 return (p_ccb); 3092 } 3093 3094 #if (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) 3095 3096 /****************************************************************************** 3097 ** 3098 ** Function l2cu_get_next_channel_in_rr 3099 ** 3100 ** Description get the next channel to send on a link. It also adjusts the 3101 ** CCB queue to do a basic priority and round-robin scheduling. 3102 ** 3103 ** Returns pointer to CCB or NULL 3104 ** 3105 *******************************************************************************/ 3106 static tL2C_CCB *l2cu_get_next_channel_in_rr(tL2C_LCB *p_lcb) 3107 { 3108 tL2C_CCB *p_serve_ccb = NULL; 3109 tL2C_CCB *p_ccb; 3110 3111 int i, j; 3112 3113 /* scan all of priority until finding a channel to serve */ 3114 for ( i = 0; (i < L2CAP_NUM_CHNL_PRIORITY)&&(!p_serve_ccb); i++ ) 3115 { 3116 /* scan all channel within serving priority group until finding a channel to serve */ 3117 for ( j = 0; (j < p_lcb->rr_serv[p_lcb->rr_pri].num_ccb)&&(!p_serve_ccb); j++) 3118 { 3119 /* scaning from next serving channel */ 3120 p_ccb = p_lcb->rr_serv[p_lcb->rr_pri].p_serve_ccb; 3121 3122 if (!p_ccb) 3123 { 3124 L2CAP_TRACE_ERROR("p_serve_ccb is NULL, rr_pri=%d", p_lcb->rr_pri); 3125 return NULL; 3126 } 3127 3128 L2CAP_TRACE_DEBUG("RR scan pri=%d, lcid=0x%04x, q_cout=%d", 3129 p_ccb->ccb_priority, p_ccb->local_cid, GKI_queue_length(&p_ccb->xmit_hold_q)); 3130 3131 /* store the next serving channel */ 3132 /* this channel is the last channel of its priority group */ 3133 if (( p_ccb->p_next_ccb == NULL ) 3134 ||( p_ccb->p_next_ccb->ccb_priority != p_ccb->ccb_priority )) 3135 { 3136 /* next serving channel is set to the first channel in the group */ 3137 p_lcb->rr_serv[p_lcb->rr_pri].p_serve_ccb = p_lcb->rr_serv[p_lcb->rr_pri].p_first_ccb; 3138 } 3139 else 3140 { 3141 /* next serving channel is set to the next channel in the group */ 3142 p_lcb->rr_serv[p_lcb->rr_pri].p_serve_ccb = p_ccb->p_next_ccb; 3143 } 3144 3145 if (p_ccb->chnl_state != CST_OPEN) 3146 continue; 3147 3148 /* eL2CAP option in use */ 3149 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_BASIC_MODE) 3150 { 3151 if (p_ccb->fcrb.wait_ack || p_ccb->fcrb.remote_busy) 3152 continue; 3153 3154 if ( GKI_queue_is_empty(&p_ccb->fcrb.retrans_q)) 3155 { 3156 if ( GKI_queue_is_empty(&p_ccb->xmit_hold_q)) 3157 continue; 3158 3159 /* If using the common pool, should be at least 10% free. */ 3160 if ( (p_ccb->ertm_info.fcr_tx_pool_id == HCI_ACL_POOL_ID) && (GKI_poolutilization (HCI_ACL_POOL_ID) > 90) ) 3161 continue; 3162 3163 /* If in eRTM mode, check for window closure */ 3164 if ( (p_ccb->peer_cfg.fcr.mode == L2CAP_FCR_ERTM_MODE) && (l2c_fcr_is_flow_controlled (p_ccb)) ) 3165 continue; 3166 } 3167 } 3168 else 3169 { 3170 if (GKI_queue_is_empty(&p_ccb->xmit_hold_q)) 3171 continue; 3172 } 3173 3174 /* found a channel to serve */ 3175 p_serve_ccb = p_ccb; 3176 /* decrease quota of its priority group */ 3177 p_lcb->rr_serv[p_lcb->rr_pri].quota--; 3178 } 3179 3180 /* if there is no more quota of the priority group or no channel to have data to send */ 3181 if ((p_lcb->rr_serv[p_lcb->rr_pri].quota == 0)||(!p_serve_ccb)) 3182 { 3183 /* serve next priority group */ 3184 p_lcb->rr_pri = (p_lcb->rr_pri + 1) % L2CAP_NUM_CHNL_PRIORITY; 3185 /* initialize its quota */ 3186 p_lcb->rr_serv[p_lcb->rr_pri].quota = L2CAP_GET_PRIORITY_QUOTA(p_lcb->rr_pri); 3187 } 3188 } 3189 3190 if (p_serve_ccb) 3191 { 3192 L2CAP_TRACE_DEBUG("RR service pri=%d, quota=%d, lcid=0x%04x", 3193 p_serve_ccb->ccb_priority, 3194 p_lcb->rr_serv[p_serve_ccb->ccb_priority].quota, 3195 p_serve_ccb->local_cid ); 3196 } 3197 3198 return p_serve_ccb; 3199 } 3200 3201 #else /* (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) */ 3202 3203 /****************************************************************************** 3204 ** 3205 ** Function l2cu_get_next_channel 3206 ** 3207 ** Description get the next channel to send on a link bassed on priority 3208 ** scheduling. 3209 ** 3210 ** Returns pointer to CCB or NULL 3211 ** 3212 *******************************************************************************/ 3213 static tL2C_CCB *l2cu_get_next_channel(tL2C_LCB *p_lcb) 3214 { 3215 tL2C_CCB *p_ccb; 3216 3217 /* Get the first CCB with data to send. 3218 */ 3219 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) 3220 { 3221 if (p_ccb->chnl_state != CST_OPEN) 3222 continue; 3223 3224 if (p_ccb->fcrb.wait_ack || p_ccb->fcrb.remote_busy) 3225 continue; 3226 3227 if (p_ccb->fcrb.retrans_q.count != 0) 3228 return p_ccb; 3229 3230 if (p_ccb->xmit_hold_q.count == 0) 3231 continue; 3232 3233 /* If using the common pool, should be at least 10% free. */ 3234 if ( (p_ccb->ertm_info.fcr_tx_pool_id == HCI_ACL_POOL_ID) && (GKI_poolutilization (HCI_ACL_POOL_ID) > 90) ) 3235 continue; 3236 3237 /* If in eRTM mode, check for window closure */ 3238 if ( (p_ccb->peer_cfg.fcr.mode == L2CAP_FCR_ERTM_MODE) && (l2c_fcr_is_flow_controlled (p_ccb)) ) 3239 continue; 3240 3241 /* If here, we found someone */ 3242 return p_ccb; 3243 } 3244 3245 return NULL; 3246 } 3247 #endif /* (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) */ 3248 3249 /****************************************************************************** 3250 ** 3251 ** Function l2cu_get_next_buffer_to_send 3252 ** 3253 ** Description get the next buffer to send on a link. It also adjusts the 3254 ** CCB queue to do a basic priority and round-robin scheduling. 3255 ** 3256 ** Returns pointer to buffer or NULL 3257 ** 3258 *******************************************************************************/ 3259 BT_HDR *l2cu_get_next_buffer_to_send (tL2C_LCB *p_lcb) 3260 { 3261 tL2C_CCB *p_ccb; 3262 BT_HDR *p_buf; 3263 3264 /* Highest priority are fixed channels */ 3265 #if (L2CAP_NUM_FIXED_CHNLS > 0) 3266 int xx; 3267 3268 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) 3269 { 3270 if ((p_ccb = p_lcb->p_fixed_ccbs[xx]) == NULL) 3271 continue; 3272 3273 /* eL2CAP option in use */ 3274 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_BASIC_MODE) 3275 { 3276 if (p_ccb->fcrb.wait_ack || p_ccb->fcrb.remote_busy) 3277 continue; 3278 3279 /* No more checks needed if sending from the reatransmit queue */ 3280 if (GKI_queue_is_empty(&p_ccb->fcrb.retrans_q)) 3281 { 3282 if (GKI_queue_is_empty(&p_ccb->xmit_hold_q)) 3283 continue; 3284 3285 /* If using the common pool, should be at least 10% free. */ 3286 if ( (p_ccb->ertm_info.fcr_tx_pool_id == HCI_ACL_POOL_ID) && (GKI_poolutilization (HCI_ACL_POOL_ID) > 90) ) 3287 continue; 3288 3289 /* If in eRTM mode, check for window closure */ 3290 if ( (p_ccb->peer_cfg.fcr.mode == L2CAP_FCR_ERTM_MODE) && (l2c_fcr_is_flow_controlled (p_ccb)) ) 3291 continue; 3292 } 3293 3294 if ((p_buf = l2c_fcr_get_next_xmit_sdu_seg(p_ccb, 0)) != NULL) 3295 { 3296 l2cu_check_channel_congestion (p_ccb); 3297 l2cu_set_acl_hci_header (p_buf, p_ccb); 3298 return (p_buf); 3299 } 3300 } 3301 else 3302 { 3303 if (!GKI_queue_is_empty(&p_ccb->xmit_hold_q)) 3304 { 3305 p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->xmit_hold_q); 3306 if(NULL == p_buf) 3307 { 3308 L2CAP_TRACE_ERROR("l2cu_get_buffer_to_send: No data to be sent"); 3309 return (NULL); 3310 } 3311 /* send tx complete */ 3312 if (l2cb.fixed_reg[xx].pL2CA_FixedTxComplete_Cb) 3313 (*l2cb.fixed_reg[xx].pL2CA_FixedTxComplete_Cb)(p_ccb->local_cid, 1); 3314 3315 l2cu_check_channel_congestion (p_ccb); 3316 l2cu_set_acl_hci_header (p_buf, p_ccb); 3317 return (p_buf); 3318 } 3319 } 3320 } 3321 #endif 3322 3323 #if (L2CAP_ROUND_ROBIN_CHANNEL_SERVICE == TRUE) 3324 /* get next serving channel in round-robin */ 3325 p_ccb = l2cu_get_next_channel_in_rr( p_lcb ); 3326 #else 3327 p_ccb = l2cu_get_next_channel( p_lcb ); 3328 #endif 3329 3330 /* Return if no buffer */ 3331 if (p_ccb == NULL) 3332 return (NULL); 3333 3334 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_BASIC_MODE) 3335 { 3336 if ((p_buf = l2c_fcr_get_next_xmit_sdu_seg(p_ccb, 0)) == NULL) 3337 return (NULL); 3338 } 3339 else 3340 { 3341 p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->xmit_hold_q); 3342 if(NULL == p_buf) 3343 { 3344 L2CAP_TRACE_ERROR("l2cu_get_buffer_to_send() #2: No data to be sent"); 3345 return (NULL); 3346 } 3347 } 3348 3349 if ( p_ccb->p_rcb && p_ccb->p_rcb->api.pL2CA_TxComplete_Cb && (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) ) 3350 (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, 1); 3351 3352 3353 l2cu_check_channel_congestion (p_ccb); 3354 3355 l2cu_set_acl_hci_header (p_buf, p_ccb); 3356 3357 return (p_buf); 3358 } 3359 3360 /****************************************************************************** 3361 ** 3362 ** Function l2cu_set_acl_hci_header 3363 ** 3364 ** Description Set HCI handle for ACL packet 3365 ** 3366 ** Returns None 3367 ** 3368 *******************************************************************************/ 3369 void l2cu_set_acl_hci_header (BT_HDR *p_buf, tL2C_CCB *p_ccb) 3370 { 3371 UINT8 *p; 3372 3373 /* Set the pointer to the beginning of the data minus 4 bytes for the packet header */ 3374 p = (UINT8 *)(p_buf + 1) + p_buf->offset - HCI_DATA_PREAMBLE_SIZE; 3375 3376 #if (BLE_INCLUDED == TRUE) 3377 if (p_ccb->p_lcb->transport == BT_TRANSPORT_LE) 3378 { 3379 UINT16_TO_STREAM (p, p_ccb->p_lcb->handle | (L2CAP_PKT_START_NON_FLUSHABLE << L2CAP_PKT_TYPE_SHIFT)); 3380 3381 uint16_t acl_data_size = controller_get_interface()->get_acl_data_size_ble(); 3382 /* The HCI transport will segment the buffers. */ 3383 if (p_buf->len > acl_data_size) 3384 { 3385 UINT16_TO_STREAM (p, acl_data_size); 3386 } 3387 else 3388 { 3389 UINT16_TO_STREAM (p, p_buf->len); 3390 } 3391 } /* (BLE_INCLUDED == TRUE) */ 3392 else 3393 #endif 3394 { 3395 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE) 3396 if ( (((p_buf->layer_specific & L2CAP_FLUSHABLE_MASK) == L2CAP_FLUSHABLE_CH_BASED) && (p_ccb->is_flushable)) 3397 || ((p_buf->layer_specific & L2CAP_FLUSHABLE_MASK) == L2CAP_FLUSHABLE_PKT) ) 3398 { 3399 UINT16_TO_STREAM (p, p_ccb->p_lcb->handle | (L2CAP_PKT_START << L2CAP_PKT_TYPE_SHIFT)); 3400 } 3401 else 3402 { 3403 UINT16_TO_STREAM (p, p_ccb->p_lcb->handle | l2cb.non_flushable_pbf); 3404 } 3405 #else 3406 UINT16_TO_STREAM (p, p_ccb->p_lcb->handle | (L2CAP_PKT_START << L2CAP_PKT_TYPE_SHIFT)); 3407 #endif 3408 3409 uint16_t acl_data_size = controller_get_interface()->get_acl_data_size_classic(); 3410 /* The HCI transport will segment the buffers. */ 3411 if (p_buf->len > acl_data_size) 3412 { 3413 UINT16_TO_STREAM (p, acl_data_size); 3414 } 3415 else 3416 { 3417 UINT16_TO_STREAM (p, p_buf->len); 3418 } 3419 } 3420 p_buf->offset -= HCI_DATA_PREAMBLE_SIZE; 3421 p_buf->len += HCI_DATA_PREAMBLE_SIZE; 3422 } 3423 3424 /****************************************************************************** 3425 ** 3426 ** Function l2cu_check_channel_congestion 3427 ** 3428 ** Description check if any change in congestion status 3429 ** 3430 ** Returns None 3431 ** 3432 *******************************************************************************/ 3433 void l2cu_check_channel_congestion (tL2C_CCB *p_ccb) 3434 { 3435 UINT16 q_count = GKI_queue_length(&p_ccb->xmit_hold_q); 3436 3437 #if (L2CAP_UCD_INCLUDED == TRUE) 3438 if ( p_ccb->local_cid == L2CAP_CONNECTIONLESS_CID ) 3439 { 3440 q_count += p_ccb->p_lcb->ucd_out_sec_pending_q.count; 3441 } 3442 #endif 3443 /* If the CCB queue limit is subject to a quota, check for congestion */ 3444 /* if this channel has outgoing traffic */ 3445 if (p_ccb->buff_quota != 0) 3446 { 3447 /* If this channel was congested */ 3448 if ( p_ccb->cong_sent ) 3449 { 3450 /* If the channel is not congested now, tell the app */ 3451 if (q_count <= (p_ccb->buff_quota / 2)) 3452 { 3453 p_ccb->cong_sent = FALSE; 3454 if (p_ccb->p_rcb && p_ccb->p_rcb->api.pL2CA_CongestionStatus_Cb) 3455 { 3456 L2CAP_TRACE_DEBUG ("L2CAP - Calling CongestionStatus_Cb (FALSE), CID: 0x%04x xmit_hold_q.count: %u buff_quota: %u", 3457 p_ccb->local_cid, q_count, p_ccb->buff_quota); 3458 3459 /* Prevent recursive calling */ 3460 l2cb.is_cong_cback_context = TRUE; 3461 (*p_ccb->p_rcb->api.pL2CA_CongestionStatus_Cb)(p_ccb->local_cid, FALSE); 3462 l2cb.is_cong_cback_context = FALSE; 3463 } 3464 #if (L2CAP_UCD_INCLUDED == TRUE) 3465 else if ( p_ccb->p_rcb && p_ccb->local_cid == L2CAP_CONNECTIONLESS_CID ) 3466 { 3467 if ( p_ccb->p_rcb->ucd.cb_info.pL2CA_UCD_Congestion_Status_Cb ) 3468 { 3469 L2CAP_TRACE_DEBUG ("L2CAP - Calling UCD CongestionStatus_Cb (FALSE), SecPendingQ:%u,XmitQ:%u,Quota:%u", 3470 p_ccb->p_lcb->ucd_out_sec_pending_q.count, 3471 p_ccb->xmit_hold_q.count, p_ccb->buff_quota); 3472 p_ccb->p_rcb->ucd.cb_info.pL2CA_UCD_Congestion_Status_Cb( p_ccb->p_lcb->remote_bd_addr, FALSE ); 3473 } 3474 } 3475 #endif 3476 #if (L2CAP_NUM_FIXED_CHNLS > 0) 3477 else 3478 { 3479 UINT8 xx; 3480 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx ++) 3481 { 3482 if (p_ccb->p_lcb->p_fixed_ccbs[xx] == p_ccb) 3483 { 3484 if (l2cb.fixed_reg[xx].pL2CA_FixedCong_Cb != NULL) 3485 (* l2cb.fixed_reg[xx].pL2CA_FixedCong_Cb)(p_ccb->p_lcb->remote_bd_addr, FALSE); 3486 break; 3487 } 3488 } 3489 } 3490 #endif 3491 } 3492 } 3493 else 3494 { 3495 /* If this channel was not congested but it is congested now, tell the app */ 3496 if (q_count > p_ccb->buff_quota) 3497 { 3498 p_ccb->cong_sent = TRUE; 3499 if (p_ccb->p_rcb && p_ccb->p_rcb->api.pL2CA_CongestionStatus_Cb) 3500 { 3501 L2CAP_TRACE_DEBUG ("L2CAP - Calling CongestionStatus_Cb (TRUE),CID:0x%04x,XmitQ:%u,Quota:%u", 3502 p_ccb->local_cid, q_count, p_ccb->buff_quota); 3503 3504 (*p_ccb->p_rcb->api.pL2CA_CongestionStatus_Cb)(p_ccb->local_cid, TRUE); 3505 } 3506 #if (L2CAP_UCD_INCLUDED == TRUE) 3507 else if ( p_ccb->p_rcb && p_ccb->local_cid == L2CAP_CONNECTIONLESS_CID ) 3508 { 3509 if ( p_ccb->p_rcb->ucd.cb_info.pL2CA_UCD_Congestion_Status_Cb ) 3510 { 3511 L2CAP_TRACE_DEBUG ("L2CAP - Calling UCD CongestionStatus_Cb (TRUE), SecPendingQ:%u,XmitQ:%u,Quota:%u", 3512 p_ccb->p_lcb->ucd_out_sec_pending_q.count, 3513 p_ccb->xmit_hold_q.count, p_ccb->buff_quota); 3514 p_ccb->p_rcb->ucd.cb_info.pL2CA_UCD_Congestion_Status_Cb( p_ccb->p_lcb->remote_bd_addr, TRUE ); 3515 } 3516 } 3517 #endif 3518 #if (L2CAP_NUM_FIXED_CHNLS > 0) 3519 else 3520 { 3521 UINT8 xx; 3522 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx ++) 3523 { 3524 if (p_ccb->p_lcb->p_fixed_ccbs[xx] == p_ccb) 3525 { 3526 if (l2cb.fixed_reg[xx].pL2CA_FixedCong_Cb != NULL) 3527 (* l2cb.fixed_reg[xx].pL2CA_FixedCong_Cb)(p_ccb->p_lcb->remote_bd_addr, TRUE); 3528 break; 3529 } 3530 } 3531 } 3532 #endif 3533 } 3534 } 3535 } 3536 } 3537 3538
