1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the L2CAP API code
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_l2cap"
26
27 #include <base/logging.h>
28 #include <base/strings/stringprintf.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32
33 #include "bt_common.h"
34 #include "bt_types.h"
35 #include "btm_api.h"
36 #include "btu.h"
37 #include "device/include/controller.h"
38 #include "hcidefs.h"
39 #include "hcimsgs.h"
40 #include "l2c_int.h"
41 #include "l2cdefs.h"
42 #include "main/shim/l2c_api.h"
43 #include "main/shim/shim.h"
44 #include "osi/include/allocator.h"
45 #include "osi/include/log.h"
46
47 using base::StringPrintf;
48
49 /*******************************************************************************
50 *
51 * Function L2CA_Register
52 *
53 * Description Other layers call this function to register for L2CAP
54 * services.
55 *
56 * Returns PSM to use or zero if error. Typically, the PSM returned
57 * is the same as was passed in, but for an outgoing-only
58 * connection to a dynamic PSM, a "virtual" PSM is returned
59 * and should be used in the calls to L2CA_ConnectReq(),
60 * L2CA_ErtmConnectReq() and L2CA_Deregister()
61 *
62 ******************************************************************************/
L2CA_Register(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info,bool enable_snoop,tL2CAP_ERTM_INFO * p_ertm_info,uint16_t required_mtu)63 uint16_t L2CA_Register(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info,
64 bool enable_snoop, tL2CAP_ERTM_INFO* p_ertm_info,
65 uint16_t required_mtu) {
66 if (bluetooth::shim::is_gd_shim_enabled()) {
67 return bluetooth::shim::L2CA_Register(psm, p_cb_info, enable_snoop,
68 p_ertm_info, required_mtu);
69 }
70
71 tL2C_RCB* p_rcb;
72 uint16_t vpsm = psm;
73
74 L2CAP_TRACE_API("L2CAP - L2CA_Register() called for PSM: 0x%04x", psm);
75
76 /* Verify that the required callback info has been filled in
77 ** Note: Connection callbacks are required but not checked
78 ** for here because it is possible to be only a client
79 ** or only a server.
80 */
81 if ((!p_cb_info->pL2CA_ConfigCfm_Cb) || (!p_cb_info->pL2CA_ConfigInd_Cb) ||
82 (!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
83 L2CAP_TRACE_ERROR("L2CAP - no cb registering PSM: 0x%04x", psm);
84 return (0);
85 }
86
87 /* Verify PSM is valid */
88 if (L2C_INVALID_PSM(psm)) {
89 L2CAP_TRACE_ERROR("L2CAP - invalid PSM value, PSM: 0x%04x", psm);
90 return (0);
91 }
92
93 /* Check if this is a registration for an outgoing-only connection to */
94 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
95 if ((psm >= 0x1001) && (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
96 for (vpsm = 0x1002; vpsm < 0x8000; vpsm += 2) {
97 p_rcb = l2cu_find_rcb_by_psm(vpsm);
98 if (p_rcb == NULL) break;
99 }
100
101 L2CAP_TRACE_API("L2CA_Register - Real PSM: 0x%04x Virtual PSM: 0x%04x",
102 psm, vpsm);
103 }
104
105 /* If registration block already there, just overwrite it */
106 p_rcb = l2cu_find_rcb_by_psm(vpsm);
107 if (p_rcb == NULL) {
108 p_rcb = l2cu_allocate_rcb(vpsm);
109 if (p_rcb == NULL) {
110 L2CAP_TRACE_WARNING("L2CAP - no RCB available, PSM: 0x%04x vPSM: 0x%04x",
111 psm, vpsm);
112 return (0);
113 }
114 }
115
116 p_rcb->log_packets = enable_snoop;
117 p_rcb->api = *p_cb_info;
118 p_rcb->real_psm = psm;
119
120 return (vpsm);
121 }
122
123 /*******************************************************************************
124 *
125 * Function L2CA_Deregister
126 *
127 * Description Other layers call this function to de-register for L2CAP
128 * services.
129 *
130 * Returns void
131 *
132 ******************************************************************************/
L2CA_Deregister(uint16_t psm)133 void L2CA_Deregister(uint16_t psm) {
134 if (bluetooth::shim::is_gd_shim_enabled()) {
135 return bluetooth::shim::L2CA_Deregister(psm);
136 }
137
138 tL2C_RCB* p_rcb;
139 tL2C_CCB* p_ccb;
140 tL2C_LCB* p_lcb;
141 int ii;
142
143 L2CAP_TRACE_API("L2CAP - L2CA_Deregister() called for PSM: 0x%04x", psm);
144
145 p_rcb = l2cu_find_rcb_by_psm(psm);
146 if (p_rcb != NULL) {
147 p_lcb = &l2cb.lcb_pool[0];
148 for (ii = 0; ii < MAX_L2CAP_LINKS; ii++, p_lcb++) {
149 if (p_lcb->in_use) {
150 p_ccb = p_lcb->ccb_queue.p_first_ccb;
151 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) {
152 continue;
153 }
154
155 if ((p_ccb->in_use) &&
156 ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) ||
157 (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))) {
158 continue;
159 }
160
161 if (p_ccb->p_rcb == p_rcb) {
162 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
163 }
164 }
165 }
166 l2cu_release_rcb(p_rcb);
167 } else {
168 L2CAP_TRACE_WARNING("L2CAP - PSM: 0x%04x not found for deregistration",
169 psm);
170 }
171 }
172
173 /*******************************************************************************
174 *
175 * Function L2CA_AllocatePSM
176 *
177 * Description Other layers call this function to find an unused PSM for
178 * L2CAP services.
179 *
180 * Returns PSM to use.
181 *
182 ******************************************************************************/
L2CA_AllocatePSM(void)183 uint16_t L2CA_AllocatePSM(void) {
184 if (bluetooth::shim::is_gd_shim_enabled()) {
185 return bluetooth::shim::L2CA_AllocatePSM();
186 }
187
188 bool done = false;
189 uint16_t psm = l2cb.dyn_psm;
190
191 L2CAP_TRACE_API("L2CA_AllocatePSM");
192 while (!done) {
193 psm += 2;
194 if (psm > 0xfeff) {
195 psm = 0x1001;
196 } else if (psm & 0x0100) {
197 /* the upper byte must be even */
198 psm += 0x0100;
199 }
200
201 /* if psm is in range of reserved BRCM Aware features */
202 if ((BRCM_RESERVED_PSM_START <= psm) && (psm <= BRCM_RESERVED_PSM_END))
203 continue;
204
205 /* make sure the newlly allocated psm is not used right now */
206 if ((l2cu_find_rcb_by_psm(psm)) == NULL) done = true;
207 }
208 l2cb.dyn_psm = psm;
209
210 return (psm);
211 }
212
213 /*******************************************************************************
214 *
215 * Function L2CA_AllocateLePSM
216 *
217 * Description To find an unused LE PSM for L2CAP services.
218 *
219 * Returns LE_PSM to use if success. Otherwise returns 0.
220 *
221 ******************************************************************************/
L2CA_AllocateLePSM(void)222 uint16_t L2CA_AllocateLePSM(void) {
223 if (bluetooth::shim::is_gd_shim_enabled()) {
224 return bluetooth::shim::L2CA_AllocateLePSM();
225 }
226
227 bool done = false;
228 uint16_t psm = l2cb.le_dyn_psm;
229 uint16_t count = 0;
230
231 L2CAP_TRACE_API("%s: last psm=%d", __func__, psm);
232 while (!done) {
233 count++;
234 if (count > LE_DYNAMIC_PSM_RANGE) {
235 L2CAP_TRACE_ERROR("%s: Out of free BLE PSM", __func__);
236 return 0;
237 }
238
239 psm++;
240 if (psm > LE_DYNAMIC_PSM_END) {
241 psm = LE_DYNAMIC_PSM_START;
242 }
243
244 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
245 /* make sure the newly allocated psm is not used right now */
246 if (l2cu_find_ble_rcb_by_psm(psm)) {
247 L2CAP_TRACE_WARNING("%s: supposedly-free PSM=%d have allocated rcb!",
248 __func__, psm);
249 continue;
250 }
251
252 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = true;
253 L2CAP_TRACE_DEBUG("%s: assigned PSM=%d", __func__, psm);
254 done = true;
255 break;
256 }
257 }
258 l2cb.le_dyn_psm = psm;
259
260 return (psm);
261 }
262
263 /*******************************************************************************
264 *
265 * Function L2CA_FreeLePSM
266 *
267 * Description Free an assigned LE PSM.
268 *
269 * Returns void
270 *
271 ******************************************************************************/
L2CA_FreeLePSM(uint16_t psm)272 void L2CA_FreeLePSM(uint16_t psm) {
273 if (bluetooth::shim::is_gd_shim_enabled()) {
274 return bluetooth::shim::L2CA_FreeLePSM(psm);
275 }
276
277 L2CAP_TRACE_API("%s: to free psm=%d", __func__, psm);
278
279 if ((psm < LE_DYNAMIC_PSM_START) || (psm > LE_DYNAMIC_PSM_END)) {
280 L2CAP_TRACE_ERROR("%s: Invalid PSM=%d value!", __func__, psm);
281 return;
282 }
283
284 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
285 L2CAP_TRACE_WARNING("%s: PSM=%d was not allocated!", __func__, psm);
286 }
287 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = false;
288 }
289
290 /*******************************************************************************
291 *
292 * Function L2CA_ConnectReq
293 *
294 * Description Higher layers call this function to create an L2CAP
295 * connection. Note that the connection is not established at
296 * this time, but connection establishment gets started. The
297 * callback function will be invoked when connection
298 * establishes or fails.
299 *
300 * Returns the CID of the connection, or 0 if it failed to start
301 *
302 ******************************************************************************/
L2CA_ConnectReq(uint16_t psm,const RawAddress & p_bd_addr)303 uint16_t L2CA_ConnectReq(uint16_t psm, const RawAddress& p_bd_addr) {
304 if (bluetooth::shim::is_gd_shim_enabled()) {
305 return bluetooth::shim::L2CA_ConnectReq(psm, p_bd_addr);
306 }
307
308 return L2CA_ErtmConnectReq(psm, p_bd_addr, nullptr);
309 }
310
311 /*******************************************************************************
312 *
313 * Function L2CA_ErtmConnectReq
314 *
315 * Description Higher layers call this function to create an L2CAP
316 * connection. Note that the connection is not established at
317 * this time, but connection establishment gets started. The
318 * callback function will be invoked when connection
319 * establishes or fails.
320 *
321 * Parameters: PSM: L2CAP PSM for the connection
322 * BD address of the peer
323 * Enhaced retransmission mode configurations
324
325 * Returns the CID of the connection, or 0 if it failed to start
326 *
327 ******************************************************************************/
L2CA_ErtmConnectReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_ERTM_INFO * p_ertm_info)328 uint16_t L2CA_ErtmConnectReq(uint16_t psm, const RawAddress& p_bd_addr,
329 tL2CAP_ERTM_INFO* p_ertm_info) {
330 if (bluetooth::shim::is_gd_shim_enabled()) {
331 return bluetooth::shim::L2CA_ErtmConnectReq(psm, p_bd_addr, p_ertm_info);
332 }
333
334 VLOG(1) << __func__ << "BDA " << p_bd_addr
335 << StringPrintf(" PSM: 0x%04x allowed:0x%x preferred:%d", psm,
336 (p_ertm_info) ? p_ertm_info->allowed_modes : 0,
337 (p_ertm_info) ? p_ertm_info->preferred_mode : 0);
338
339 /* Fail if we have not established communications with the controller */
340 if (!BTM_IsDeviceUp()) {
341 LOG(WARNING) << __func__ << ": BTU not ready";
342 return 0;
343 }
344 /* Fail if the PSM is not registered */
345 tL2C_RCB* p_rcb = l2cu_find_rcb_by_psm(psm);
346 if (p_rcb == nullptr) {
347 LOG(WARNING) << __func__ << ": no RCB, PSM=" << loghex(psm);
348 return 0;
349 }
350
351 /* First, see if we already have a link to the remote */
352 /* assume all ERTM l2cap connection is going over BR/EDR for now */
353 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
354 if (p_lcb == nullptr) {
355 /* No link. Get an LCB and start link establishment */
356 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
357 /* currently use BR/EDR for ERTM mode l2cap connection */
358 if ((p_lcb == nullptr) || (!l2cu_create_conn_br_edr(p_lcb))) {
359 LOG(WARNING) << __func__
360 << ": connection not started for PSM=" << loghex(psm)
361 << ", p_lcb=" << p_lcb;
362 return 0;
363 }
364 }
365
366 /* Allocate a channel control block */
367 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
368 if (p_ccb == nullptr) {
369 LOG(WARNING) << __func__ << ": no CCB, PSM=" << loghex(psm);
370 return 0;
371 }
372
373 /* Save registration info */
374 p_ccb->p_rcb = p_rcb;
375
376 if (p_ertm_info) {
377 p_ccb->ertm_info = *p_ertm_info;
378
379 /* Replace default indicators with the actual default pool */
380 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
381 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
382
383 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
384 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
385
386 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
387 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
388
389 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
390 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
391
392 p_ccb->max_rx_mtu =
393 p_ertm_info->user_rx_buf_size -
394 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
395 }
396
397 /* If link is up, start the L2CAP connection */
398 if (p_lcb->link_state == LST_CONNECTED) {
399 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, nullptr);
400 } else if (p_lcb->link_state == LST_DISCONNECTING) {
401 /* If link is disconnecting, save link info to retry after disconnect
402 * Possible Race condition when a reconnect occurs
403 * on the channel during a disconnect of link. This
404 * ccb will be automatically retried after link disconnect
405 * arrives
406 */
407 L2CAP_TRACE_DEBUG("L2CAP API - link disconnecting: RETRY LATER");
408
409 /* Save ccb so it can be started after disconnect is finished */
410 p_lcb->p_pending_ccb = p_ccb;
411 }
412
413 L2CAP_TRACE_API("L2CAP - L2CA_conn_req(psm: 0x%04x) returned CID: 0x%04x",
414 psm, p_ccb->local_cid);
415
416 /* Return the local CID as our handle */
417 return p_ccb->local_cid;
418 }
419
420 /*******************************************************************************
421 *
422 * Function L2CA_RegisterLECoc
423 *
424 * Description Other layers call this function to register for L2CAP
425 * Connection Oriented Channel.
426 *
427 * Returns PSM to use or zero if error. Typically, the PSM returned
428 * is the same as was passed in, but for an outgoing-only
429 * connection to a dynamic PSM, a "virtual" PSM is returned
430 * and should be used in the calls to L2CA_ConnectLECocReq()
431 * and L2CA_DeregisterLECoc()
432 *
433 ******************************************************************************/
L2CA_RegisterLECoc(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info)434 uint16_t L2CA_RegisterLECoc(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info) {
435 if (bluetooth::shim::is_gd_shim_enabled()) {
436 return bluetooth::shim::L2CA_RegisterLECoc(psm, p_cb_info);
437 }
438
439 L2CAP_TRACE_API("%s called for LE PSM: 0x%04x", __func__, psm);
440
441 /* Verify that the required callback info has been filled in
442 ** Note: Connection callbacks are required but not checked
443 ** for here because it is possible to be only a client
444 ** or only a server.
445 */
446 if ((!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
447 L2CAP_TRACE_ERROR("%s No cb registering BLE PSM: 0x%04x", __func__, psm);
448 return 0;
449 }
450
451 /* Verify PSM is valid */
452 if (!L2C_IS_VALID_LE_PSM(psm)) {
453 L2CAP_TRACE_ERROR("%s Invalid BLE PSM value, PSM: 0x%04x", __func__, psm);
454 return 0;
455 }
456
457 tL2C_RCB* p_rcb;
458 uint16_t vpsm = psm;
459
460 /* Check if this is a registration for an outgoing-only connection to */
461 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
462 if ((psm >= LE_DYNAMIC_PSM_START) &&
463 (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
464 vpsm = L2CA_AllocateLePSM();
465 if (vpsm == 0) {
466 L2CAP_TRACE_ERROR("%s: Out of free BLE PSM", __func__);
467 return 0;
468 }
469
470 L2CAP_TRACE_API("%s Real PSM: 0x%04x Virtual PSM: 0x%04x", __func__, psm,
471 vpsm);
472 }
473
474 /* If registration block already there, just overwrite it */
475 p_rcb = l2cu_find_ble_rcb_by_psm(vpsm);
476 if (p_rcb == NULL) {
477 L2CAP_TRACE_API("%s Allocate rcp for Virtual PSM: 0x%04x", __func__, vpsm);
478 p_rcb = l2cu_allocate_ble_rcb(vpsm);
479 if (p_rcb == NULL) {
480 L2CAP_TRACE_WARNING("%s No BLE RCB available, PSM: 0x%04x vPSM: 0x%04x",
481 __func__, psm, vpsm);
482 return 0;
483 }
484 }
485
486 p_rcb->api = *p_cb_info;
487 p_rcb->real_psm = psm;
488
489 return vpsm;
490 }
491
492 /*******************************************************************************
493 *
494 * Function L2CA_DeregisterLECoc
495 *
496 * Description Other layers call this function to de-register for L2CAP
497 * Connection Oriented Channel.
498 *
499 * Returns void
500 *
501 ******************************************************************************/
L2CA_DeregisterLECoc(uint16_t psm)502 void L2CA_DeregisterLECoc(uint16_t psm) {
503 if (bluetooth::shim::is_gd_shim_enabled()) {
504 return bluetooth::shim::L2CA_DeregisterLECoc(psm);
505 }
506
507 L2CAP_TRACE_API("%s called for PSM: 0x%04x", __func__, psm);
508
509 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
510 if (p_rcb == NULL) {
511 L2CAP_TRACE_WARNING("%s PSM: 0x%04x not found for deregistration", __func__,
512 psm);
513 return;
514 }
515
516 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
517 for (int i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) {
518 if (!p_lcb->in_use || p_lcb->transport != BT_TRANSPORT_LE) continue;
519
520 tL2C_CCB* p_ccb = p_lcb->ccb_queue.p_first_ccb;
521 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) continue;
522
523 if (p_ccb->in_use && (p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP ||
524 p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))
525 continue;
526
527 if (p_ccb->p_rcb == p_rcb)
528 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
529 }
530
531 l2cu_release_ble_rcb(p_rcb);
532 }
533
534 /*******************************************************************************
535 *
536 * Function L2CA_ConnectLECocReq
537 *
538 * Description Higher layers call this function to create an L2CAP
539 * connection. Note that the connection is not established at
540 * this time, but connection establishment gets started. The
541 * callback function will be invoked when connection
542 * establishes or fails.
543 *
544 * Parameters: PSM: L2CAP PSM for the connection
545 * BD address of the peer
546 * Local Coc configurations
547
548 * Returns the CID of the connection, or 0 if it failed to start
549 *
550 ******************************************************************************/
L2CA_ConnectLECocReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_LE_CFG_INFO * p_cfg)551 uint16_t L2CA_ConnectLECocReq(uint16_t psm, const RawAddress& p_bd_addr,
552 tL2CAP_LE_CFG_INFO* p_cfg) {
553 if (bluetooth::shim::is_gd_shim_enabled()) {
554 return bluetooth::shim::L2CA_ConnectLECocReq(psm, p_bd_addr, p_cfg);
555 }
556
557 VLOG(1) << __func__ << " BDA: " << p_bd_addr
558 << StringPrintf(" PSM: 0x%04x", psm);
559
560 /* Fail if we have not established communications with the controller */
561 if (!BTM_IsDeviceUp()) {
562 L2CAP_TRACE_WARNING("%s BTU not ready", __func__);
563 return 0;
564 }
565
566 /* Fail if the PSM is not registered */
567 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
568 if (p_rcb == NULL) {
569 L2CAP_TRACE_WARNING("%s No BLE RCB, PSM: 0x%04x", __func__, psm);
570 return 0;
571 }
572
573 /* First, see if we already have a le link to the remote */
574 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
575 if (p_lcb == NULL) {
576 /* No link. Get an LCB and start link establishment */
577 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_LE);
578 if ((p_lcb == NULL)
579 /* currently use BR/EDR for ERTM mode l2cap connection */
580 || (!l2cu_create_conn_le(p_lcb))) {
581 L2CAP_TRACE_WARNING("%s conn not started for PSM: 0x%04x p_lcb: 0x%08x",
582 __func__, psm, p_lcb);
583 return 0;
584 }
585 }
586
587 /* Allocate a channel control block */
588 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
589 if (p_ccb == NULL) {
590 L2CAP_TRACE_WARNING("%s no CCB, PSM: 0x%04x", __func__, psm);
591 return 0;
592 }
593
594 /* Save registration info */
595 p_ccb->p_rcb = p_rcb;
596
597 /* Save the configuration */
598 if (p_cfg) {
599 memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
600 p_ccb->remote_credit_count = p_cfg->credits;
601 }
602
603 /* If link is up, start the L2CAP connection */
604 if (p_lcb->link_state == LST_CONNECTED) {
605 if (p_ccb->p_lcb->transport == BT_TRANSPORT_LE) {
606 L2CAP_TRACE_DEBUG("%s LE Link is up", __func__);
607 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
608 }
609 }
610
611 /* If link is disconnecting, save link info to retry after disconnect
612 * Possible Race condition when a reconnect occurs
613 * on the channel during a disconnect of link. This
614 * ccb will be automatically retried after link disconnect
615 * arrives
616 */
617 else if (p_lcb->link_state == LST_DISCONNECTING) {
618 L2CAP_TRACE_DEBUG("%s link disconnecting: RETRY LATER", __func__);
619
620 /* Save ccb so it can be started after disconnect is finished */
621 p_lcb->p_pending_ccb = p_ccb;
622 }
623
624 L2CAP_TRACE_API("%s(psm: 0x%04x) returned CID: 0x%04x", __func__, psm,
625 p_ccb->local_cid);
626
627 /* Return the local CID as our handle */
628 return p_ccb->local_cid;
629 }
630
631 /*******************************************************************************
632 *
633 * Function L2CA_ConnectLECocRsp
634 *
635 * Description Higher layers call this function to accept an incoming
636 * L2CAP COC connection, for which they had gotten an connect
637 * indication callback.
638 *
639 * Returns true for success, false for failure
640 *
641 ******************************************************************************/
L2CA_ConnectLECocRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_LE_CFG_INFO * p_cfg)642 bool L2CA_ConnectLECocRsp(const RawAddress& p_bd_addr, uint8_t id,
643 uint16_t lcid, uint16_t result, uint16_t status,
644 tL2CAP_LE_CFG_INFO* p_cfg) {
645 if (bluetooth::shim::is_gd_shim_enabled()) {
646 return bluetooth::shim::L2CA_ConnectLECocRsp(p_bd_addr, id, lcid, result,
647 status, p_cfg);
648 }
649
650 VLOG(1) << __func__ << " BDA: " << p_bd_addr
651 << StringPrintf(" CID: 0x%04x Result: %d Status: %d", lcid, result,
652 status);
653
654 /* First, find the link control block */
655 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
656 if (p_lcb == NULL) {
657 /* No link. Get an LCB and start link establishment */
658 L2CAP_TRACE_WARNING("%s no LCB", __func__);
659 return false;
660 }
661
662 /* Now, find the channel control block */
663 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
664 if (p_ccb == NULL) {
665 L2CAP_TRACE_WARNING("%s no CCB", __func__);
666 return false;
667 }
668
669 /* The IDs must match */
670 if (p_ccb->remote_id != id) {
671 L2CAP_TRACE_WARNING("%s bad id. Expected: %d Got: %d", __func__,
672 p_ccb->remote_id, id);
673 return false;
674 }
675
676 if (p_cfg) {
677 memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
678 p_ccb->remote_credit_count = p_cfg->credits;
679 }
680
681 if (result == L2CAP_CONN_OK)
682 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
683 else {
684 tL2C_CONN_INFO conn_info;
685 conn_info.bd_addr = p_bd_addr;
686 conn_info.l2cap_result = result;
687 conn_info.l2cap_status = status;
688 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
689 }
690
691 return true;
692 }
693
694 /*******************************************************************************
695 *
696 * Function L2CA_GetPeerLECocConfig
697 *
698 * Description Get a peers configuration for LE Connection Oriented
699 * Channel.
700 *
701 * Parameters: local channel id
702 * Pointers to peers configuration storage area
703 *
704 * Return value: true if peer is connected
705 *
706 ******************************************************************************/
L2CA_GetPeerLECocConfig(uint16_t lcid,tL2CAP_LE_CFG_INFO * peer_cfg)707 bool L2CA_GetPeerLECocConfig(uint16_t lcid, tL2CAP_LE_CFG_INFO* peer_cfg) {
708 if (bluetooth::shim::is_gd_shim_enabled()) {
709 return bluetooth::shim::L2CA_GetPeerLECocConfig(lcid, peer_cfg);
710 }
711
712 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
713
714 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
715 if (p_ccb == NULL) {
716 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
717 return false;
718 }
719
720 if (peer_cfg != NULL)
721 memcpy(peer_cfg, &p_ccb->peer_conn_cfg, sizeof(tL2CAP_LE_CFG_INFO));
722
723 return true;
724 }
725
726 /*******************************************************************************
727 *
728 * Function L2CA_ConnectRsp
729 *
730 * Description Higher layers call this function to accept an incoming
731 * L2CAP connection, for which they had gotten an connect
732 * indication callback.
733 *
734 * Returns true for success, false for failure
735 *
736 ******************************************************************************/
L2CA_ConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status)737 bool L2CA_ConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
738 uint16_t result, uint16_t status) {
739 if (bluetooth::shim::is_gd_shim_enabled()) {
740 return bluetooth::shim::L2CA_ConnectRsp(p_bd_addr, id, lcid, result,
741 status);
742 }
743
744 return L2CA_ErtmConnectRsp(p_bd_addr, id, lcid, result, status, NULL);
745 }
746
747 /*******************************************************************************
748 *
749 * Function L2CA_ErtmConnectRsp
750 *
751 * Description Higher layers call this function to accept an incoming
752 * L2CAP connection, for which they had gotten an connect
753 * indication callback.
754 *
755 * Returns true for success, false for failure
756 *
757 ******************************************************************************/
L2CA_ErtmConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_ERTM_INFO * p_ertm_info)758 bool L2CA_ErtmConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
759 uint16_t result, uint16_t status,
760 tL2CAP_ERTM_INFO* p_ertm_info) {
761 if (bluetooth::shim::is_gd_shim_enabled()) {
762 return bluetooth::shim::L2CA_ErtmConnectRsp(p_bd_addr, id, lcid, result,
763 status, p_ertm_info);
764 }
765
766 tL2C_LCB* p_lcb;
767 tL2C_CCB* p_ccb;
768
769 VLOG(1) << __func__ << " BDA: " << p_bd_addr
770 << StringPrintf(" CID:0x%04x Result:%d Status:%d", lcid, result,
771 status);
772
773 /* First, find the link control block */
774 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
775 if (p_lcb == NULL) {
776 /* No link. Get an LCB and start link establishment */
777 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_conn_rsp");
778 return (false);
779 }
780
781 /* Now, find the channel control block */
782 p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
783 if (p_ccb == NULL) {
784 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_rsp");
785 return (false);
786 }
787
788 /* The IDs must match */
789 if (p_ccb->remote_id != id) {
790 L2CAP_TRACE_WARNING("L2CAP - bad id in L2CA_conn_rsp. Exp: %d Got: %d",
791 p_ccb->remote_id, id);
792 return (false);
793 }
794
795 if (p_ertm_info) {
796 p_ccb->ertm_info = *p_ertm_info;
797
798 /* Replace default indicators with the actual default pool */
799 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
800 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
801
802 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
803 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
804
805 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
806 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
807
808 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
809 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
810
811 p_ccb->max_rx_mtu =
812 p_ertm_info->user_rx_buf_size -
813 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
814 }
815
816 if (result == L2CAP_CONN_OK) {
817 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
818 } else {
819 tL2C_CONN_INFO conn_info;
820
821 conn_info.l2cap_result = result;
822 conn_info.l2cap_status = status;
823
824 if (result == L2CAP_CONN_PENDING)
825 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, &conn_info);
826 else
827 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
828 }
829
830 return (true);
831 }
832
833 /*******************************************************************************
834 *
835 * Function L2CA_ConfigReq
836 *
837 * Description Higher layers call this function to send configuration.
838 *
839 * Note: The FCR options of p_cfg are not used.
840 *
841 * Returns true if configuration sent, else false
842 *
843 ******************************************************************************/
L2CA_ConfigReq(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)844 bool L2CA_ConfigReq(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
845 if (bluetooth::shim::is_gd_shim_enabled()) {
846 return bluetooth::shim::L2CA_ConfigReq(cid, p_cfg);
847 }
848
849 tL2C_CCB* p_ccb;
850
851 L2CAP_TRACE_API(
852 "L2CA_ConfigReq() CID 0x%04x: fcr_present:%d (mode %d) mtu_present:%d "
853 "(%d)",
854 cid, p_cfg->fcr_present, p_cfg->fcr.mode, p_cfg->mtu_present, p_cfg->mtu);
855
856 /* Find the channel control block. We don't know the link it is on. */
857 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
858 if (p_ccb == NULL) {
859 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_req, CID: %d", cid);
860 return (false);
861 }
862
863 /* We need to have at least one mode type common with the peer */
864 if (!l2c_fcr_adj_our_req_options(p_ccb, p_cfg)) return (false);
865
866 /* Don't adjust FCR options if not used */
867 if ((!p_cfg->fcr_present) || (p_cfg->fcr.mode == L2CAP_FCR_BASIC_MODE)) {
868 /* FCR and FCS options are not used in basic mode */
869 p_cfg->fcs_present = false;
870 p_cfg->ext_flow_spec_present = false;
871
872 if ((p_cfg->mtu_present) && (p_cfg->mtu > L2CAP_MTU_SIZE)) {
873 L2CAP_TRACE_WARNING("L2CAP - adjust MTU: %u too large", p_cfg->mtu);
874 p_cfg->mtu = L2CAP_MTU_SIZE;
875 }
876 }
877
878 /* Save the adjusted configuration in case it needs to be used for
879 * renegotiation */
880 p_ccb->our_cfg = *p_cfg;
881
882 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_REQ, p_cfg);
883
884 return (true);
885 }
886
887 /*******************************************************************************
888 *
889 * Function L2CA_ConfigRsp
890 *
891 * Description Higher layers call this function to send a configuration
892 * response.
893 *
894 * Returns true if configuration response sent, else false
895 *
896 ******************************************************************************/
L2CA_ConfigRsp(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)897 bool L2CA_ConfigRsp(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
898 if (bluetooth::shim::is_gd_shim_enabled()) {
899 return bluetooth::shim::L2CA_ConfigRsp(cid, p_cfg);
900 }
901
902 tL2C_CCB* p_ccb;
903
904 L2CAP_TRACE_API(
905 "L2CA_ConfigRsp() CID: 0x%04x Result: %d MTU present:%d Flush TO:%d "
906 "FCR:%d FCS:%d",
907 cid, p_cfg->result, p_cfg->mtu_present, p_cfg->flush_to_present,
908 p_cfg->fcr_present, p_cfg->fcs_present);
909
910 /* Find the channel control block. We don't know the link it is on. */
911 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
912 if (p_ccb == NULL) {
913 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_rsp, CID: %d", cid);
914 return (false);
915 }
916
917 if ((p_cfg->result == L2CAP_CFG_OK) || (p_cfg->result == L2CAP_CFG_PENDING))
918 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP, p_cfg);
919 else {
920 p_cfg->fcr_present =
921 false; /* FCR options already negotiated before this point */
922
923 /* Clear out any cached options that are being returned as an error
924 * (excluding FCR) */
925 if (p_cfg->mtu_present) p_ccb->peer_cfg.mtu_present = false;
926 if (p_cfg->flush_to_present) p_ccb->peer_cfg.flush_to_present = false;
927 if (p_cfg->qos_present) p_ccb->peer_cfg.qos_present = false;
928
929 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP_NEG, p_cfg);
930 }
931
932 return (true);
933 }
934
935 /*******************************************************************************
936 *
937 * Function L2CA_DisconnectReq
938 *
939 * Description Higher layers call this function to disconnect a channel.
940 *
941 * Returns true if disconnect sent, else false
942 *
943 ******************************************************************************/
L2CA_DisconnectReq(uint16_t cid)944 bool L2CA_DisconnectReq(uint16_t cid) {
945 if (bluetooth::shim::is_gd_shim_enabled()) {
946 return bluetooth::shim::L2CA_DisconnectReq(cid);
947 }
948
949 tL2C_CCB* p_ccb;
950
951 L2CAP_TRACE_API("L2CA_DisconnectReq() CID: 0x%04x", cid);
952
953 /* Find the channel control block. We don't know the link it is on. */
954 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
955 if (p_ccb == NULL) {
956 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_req, CID: %d", cid);
957 return (false);
958 }
959
960 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
961
962 return (true);
963 }
964
965 /*******************************************************************************
966 *
967 * Function L2CA_DisconnectRsp
968 *
969 * Description Higher layers call this function to acknowledge the
970 * disconnection of a channel.
971 *
972 * Returns void
973 *
974 ******************************************************************************/
L2CA_DisconnectRsp(uint16_t cid)975 bool L2CA_DisconnectRsp(uint16_t cid) {
976 if (bluetooth::shim::is_gd_shim_enabled()) {
977 return bluetooth::shim::L2CA_DisconnectRsp(cid);
978 }
979
980 tL2C_CCB* p_ccb;
981
982 L2CAP_TRACE_API("L2CA_DisconnectRsp() CID: 0x%04x", cid);
983
984 /* Find the channel control block. We don't know the link it is on. */
985 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
986 if (p_ccb == NULL) {
987 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_rsp, CID: %d", cid);
988 return (false);
989 }
990
991 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_RSP, NULL);
992
993 return (true);
994 }
995
L2CA_GetRemoteCid(uint16_t lcid,uint16_t * rcid)996 bool L2CA_GetRemoteCid(uint16_t lcid, uint16_t* rcid) {
997 if (bluetooth::shim::is_gd_shim_enabled()) {
998 return bluetooth::shim::L2CA_GetRemoteCid(lcid, rcid);
999 }
1000
1001 tL2C_CCB* control_block = l2cu_find_ccb_by_cid(NULL, lcid);
1002 if (!control_block) return false;
1003
1004 if (rcid) *rcid = control_block->remote_cid;
1005
1006 return true;
1007 }
1008
1009 /*******************************************************************************
1010 *
1011 * Function L2CA_SetIdleTimeout
1012 *
1013 * Description Higher layers call this function to set the idle timeout for
1014 * a connection, or for all future connections. The "idle
1015 * timeout" is the amount of time that a connection can remain
1016 * up with no L2CAP channels on it. A timeout of zero means
1017 * that the connection will be torn down immediately when the
1018 * last channel is removed. A timeout of 0xFFFF means no
1019 * timeout. Values are in seconds.
1020 *
1021 * Returns true if command succeeded, false if failed
1022 *
1023 * NOTE This timeout takes effect after at least 1 channel has been
1024 * established and removed. L2CAP maintains its own timer from
1025 * whan a connection is established till the first channel is
1026 * set up.
1027 ******************************************************************************/
L2CA_SetIdleTimeout(uint16_t cid,uint16_t timeout,bool is_global)1028 bool L2CA_SetIdleTimeout(uint16_t cid, uint16_t timeout, bool is_global) {
1029 if (bluetooth::shim::is_gd_shim_enabled()) {
1030 return bluetooth::shim::L2CA_SetIdleTimeout(cid, timeout, is_global);
1031 }
1032
1033 tL2C_CCB* p_ccb;
1034 tL2C_LCB* p_lcb;
1035
1036 if (is_global) {
1037 l2cb.idle_timeout = timeout;
1038 } else {
1039 /* Find the channel control block. We don't know the link it is on. */
1040 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1041 if (p_ccb == NULL) {
1042 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetIdleTimeout, CID: %d",
1043 cid);
1044 return (false);
1045 }
1046
1047 p_lcb = p_ccb->p_lcb;
1048
1049 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
1050 p_lcb->idle_timeout = timeout;
1051 else
1052 return (false);
1053 }
1054
1055 return (true);
1056 }
1057
1058 /*******************************************************************************
1059 *
1060 * Function L2CA_SetIdleTimeoutByBdAddr
1061 *
1062 * Description Higher layers call this function to set the idle timeout for
1063 * a connection. The "idle timeout" is the amount of time that
1064 * a connection can remain up with no L2CAP channels on it.
1065 * A timeout of zero means that the connection will be torn
1066 * down immediately when the last channel is removed.
1067 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1068 * A bd_addr is the remote BD address. If bd_addr =
1069 * RawAddress::kAny, then the idle timeouts for all active
1070 * l2cap links will be changed.
1071 *
1072 * Returns true if command succeeded, false if failed
1073 *
1074 * NOTE This timeout applies to all logical channels active on the
1075 * ACL link.
1076 ******************************************************************************/
L2CA_SetIdleTimeoutByBdAddr(const RawAddress & bd_addr,uint16_t timeout,tBT_TRANSPORT transport)1077 bool L2CA_SetIdleTimeoutByBdAddr(const RawAddress& bd_addr, uint16_t timeout,
1078 tBT_TRANSPORT transport) {
1079 if (bluetooth::shim::is_gd_shim_enabled()) {
1080 return bluetooth::shim::L2CA_SetIdleTimeoutByBdAddr(bd_addr, timeout,
1081 transport);
1082 }
1083
1084 tL2C_LCB* p_lcb;
1085
1086 if (RawAddress::kAny != bd_addr) {
1087 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, transport);
1088 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1089 p_lcb->idle_timeout = timeout;
1090
1091 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1092 } else
1093 return false;
1094 } else {
1095 int xx;
1096 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
1097
1098 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1099 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1100 p_lcb->idle_timeout = timeout;
1101
1102 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1103 }
1104 }
1105 }
1106
1107 return true;
1108 }
1109
1110 /*******************************************************************************
1111 *
1112 * Function L2CA_SetTraceLevel
1113 *
1114 * Description This function sets the trace level for L2CAP. If called with
1115 * a value of 0xFF, it simply reads the current trace level.
1116 *
1117 * Returns the new (current) trace level
1118 *
1119 ******************************************************************************/
L2CA_SetTraceLevel(uint8_t new_level)1120 uint8_t L2CA_SetTraceLevel(uint8_t new_level) {
1121 if (new_level != 0xFF) l2cb.l2cap_trace_level = new_level;
1122
1123 return (l2cb.l2cap_trace_level);
1124 }
1125
1126 /*******************************************************************************
1127 *
1128 * Function L2CA_SetDesireRole
1129 *
1130 * Description This function sets the desire role for L2CAP.
1131 * If the new role is L2CAP_ROLE_ALLOW_SWITCH, allow switch on
1132 * HciCreateConnection.
1133 * If the new role is L2CAP_ROLE_DISALLOW_SWITCH, do not allow
1134 * switch on HciCreateConnection.
1135 *
1136 * If the new role is a valid role (HCI_ROLE_MASTER or
1137 * HCI_ROLE_SLAVE), the desire role is set to the new value.
1138 * Otherwise, it is not changed.
1139 *
1140 * Returns the new (current) role
1141 *
1142 ******************************************************************************/
L2CA_SetDesireRole(uint8_t new_role)1143 uint8_t L2CA_SetDesireRole(uint8_t new_role) {
1144 if (bluetooth::shim::is_gd_shim_enabled()) {
1145 return bluetooth::shim::L2CA_SetDesireRole(new_role);
1146 }
1147
1148 L2CAP_TRACE_API("L2CA_SetDesireRole() new:x%x, disallow_switch:%d", new_role,
1149 l2cb.disallow_switch);
1150
1151 if (L2CAP_ROLE_CHECK_SWITCH != (L2CAP_ROLE_CHECK_SWITCH & new_role)) {
1152 /* do not process the allow_switch when both bits are set */
1153 if (new_role & L2CAP_ROLE_ALLOW_SWITCH) {
1154 l2cb.disallow_switch = false;
1155 }
1156 if (new_role & L2CAP_ROLE_DISALLOW_SWITCH) {
1157 l2cb.disallow_switch = true;
1158 }
1159 }
1160
1161 if (new_role == HCI_ROLE_MASTER || new_role == HCI_ROLE_SLAVE)
1162 l2cb.desire_role = new_role;
1163
1164 return (l2cb.desire_role);
1165 }
1166
1167 /*******************************************************************************
1168 *
1169 * Function L2CA_SetAclPriority
1170 *
1171 * Description Sets the transmission priority for a channel.
1172 * (For initial implementation only two values are valid.
1173 * L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH).
1174 *
1175 * Returns true if a valid channel, else false
1176 *
1177 ******************************************************************************/
L2CA_SetAclPriority(const RawAddress & bd_addr,uint8_t priority)1178 bool L2CA_SetAclPriority(const RawAddress& bd_addr, uint8_t priority) {
1179 if (bluetooth::shim::is_gd_shim_enabled()) {
1180 return bluetooth::shim::L2CA_SetAclPriority(bd_addr, priority);
1181 }
1182
1183 VLOG(1) << __func__ << " BDA: " << bd_addr
1184 << ", priority: " << std::to_string(priority);
1185 return (l2cu_set_acl_priority(bd_addr, priority, false));
1186 }
1187
1188 /*******************************************************************************
1189 *
1190 * Function L2CA_SetTxPriority
1191 *
1192 * Description Sets the transmission priority for a channel.
1193 *
1194 * Returns true if a valid channel, else false
1195 *
1196 ******************************************************************************/
L2CA_SetTxPriority(uint16_t cid,tL2CAP_CHNL_PRIORITY priority)1197 bool L2CA_SetTxPriority(uint16_t cid, tL2CAP_CHNL_PRIORITY priority) {
1198 if (bluetooth::shim::is_gd_shim_enabled()) {
1199 return bluetooth::shim::L2CA_SetTxPriority(cid, priority);
1200 }
1201
1202 tL2C_CCB* p_ccb;
1203
1204 L2CAP_TRACE_API("L2CA_SetTxPriority() CID: 0x%04x, priority:%d", cid,
1205 priority);
1206
1207 /* Find the channel control block. We don't know the link it is on. */
1208 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1209 if (p_ccb == NULL) {
1210 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetTxPriority, CID: %d", cid);
1211 return (false);
1212 }
1213
1214 /* it will update the order of CCB in LCB by priority and update round robin
1215 * service variables */
1216 l2cu_change_pri_ccb(p_ccb, priority);
1217
1218 return (true);
1219 }
1220
1221 /*******************************************************************************
1222 *
1223 * Function L2CA_SetFlushTimeout
1224 *
1225 * Description This function set the automatic flush time out in Baseband
1226 * for ACL-U packets.
1227 * BdAddr : the remote BD address of ACL link. If it is
1228 * BT_DB_ANY then the flush time out will be applied to
1229 * all ACL links.
1230 * FlushTimeout: flush time out in ms
1231 * 0x0000 : No automatic flush
1232 * L2CAP_NO_RETRANSMISSION : No retransmission
1233 * 0x0002 - 0xFFFE : flush time out, if
1234 * (flush_tout * 8) + 3 / 5) <=
1235 * HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT
1236 * (in 625us slot).
1237 * Otherwise, return false.
1238 * L2CAP_NO_AUTOMATIC_FLUSH : No automatic flush
1239 *
1240 * Returns true if command succeeded, false if failed
1241 *
1242 * NOTE This flush timeout applies to all logical channels active on
1243 * the ACL link.
1244 ******************************************************************************/
L2CA_SetFlushTimeout(const RawAddress & bd_addr,uint16_t flush_tout)1245 bool L2CA_SetFlushTimeout(const RawAddress& bd_addr, uint16_t flush_tout) {
1246 if (bluetooth::shim::is_gd_shim_enabled()) {
1247 return bluetooth::shim::L2CA_SetFlushTimeout(bd_addr, flush_tout);
1248 }
1249
1250 tL2C_LCB* p_lcb;
1251 uint16_t hci_flush_to;
1252 uint32_t temp;
1253
1254 /* no automatic flush (infinite timeout) */
1255 if (flush_tout == 0x0000) {
1256 hci_flush_to = flush_tout;
1257 flush_tout = L2CAP_NO_AUTOMATIC_FLUSH;
1258 }
1259 /* no retransmission */
1260 else if (flush_tout == L2CAP_NO_RETRANSMISSION) {
1261 /* not mandatory range for controller */
1262 /* Packet is flushed before getting any ACK/NACK */
1263 /* To do this, flush timeout should be 1 baseband slot */
1264 hci_flush_to = flush_tout;
1265 }
1266 /* no automatic flush (infinite timeout) */
1267 else if (flush_tout == L2CAP_NO_AUTOMATIC_FLUSH) {
1268 hci_flush_to = 0x0000;
1269 } else {
1270 /* convert L2CAP flush_to to 0.625 ms units, with round */
1271 temp = (((uint32_t)flush_tout * 8) + 3) / 5;
1272
1273 /* if L2CAP flush_to within range of HCI, set HCI flush timeout */
1274 if (temp > HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT) {
1275 L2CAP_TRACE_WARNING(
1276 "WARNING L2CA_SetFlushTimeout timeout(0x%x) is out of range",
1277 flush_tout);
1278 return false;
1279 } else {
1280 hci_flush_to = (uint16_t)temp;
1281 }
1282 }
1283
1284 if (RawAddress::kAny != bd_addr) {
1285 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1286
1287 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1288 if (p_lcb->link_flush_tout != flush_tout) {
1289 p_lcb->link_flush_tout = flush_tout;
1290
1291 VLOG(1) << __func__ << " BDA: " << bd_addr << " " << flush_tout << "ms";
1292
1293 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1294 }
1295 } else {
1296 LOG(WARNING) << __func__ << " No lcb for bd_addr " << bd_addr;
1297 return (false);
1298 }
1299 } else {
1300 int xx;
1301 p_lcb = &l2cb.lcb_pool[0];
1302
1303 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1304 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1305 if (p_lcb->link_flush_tout != flush_tout) {
1306 p_lcb->link_flush_tout = flush_tout;
1307
1308 VLOG(1) << __func__ << " BDA: " << p_lcb->remote_bd_addr << " "
1309 << flush_tout << "ms";
1310
1311 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1312 }
1313 }
1314 }
1315 }
1316
1317 return (true);
1318 }
1319
1320 /*******************************************************************************
1321 *
1322 * Function L2CA_GetPeerFeatures
1323 *
1324 * Description Get a peers features and fixed channel map
1325 *
1326 * Parameters: BD address of the peer
1327 * Pointers to features and channel mask storage area
1328 *
1329 * Return value: true if peer is connected
1330 *
1331 ******************************************************************************/
L2CA_GetPeerFeatures(const RawAddress & bd_addr,uint32_t * p_ext_feat,uint8_t * p_chnl_mask)1332 bool L2CA_GetPeerFeatures(const RawAddress& bd_addr, uint32_t* p_ext_feat,
1333 uint8_t* p_chnl_mask) {
1334 if (bluetooth::shim::is_gd_shim_enabled()) {
1335 return bluetooth::shim::L2CA_GetPeerFeatures(bd_addr, p_ext_feat,
1336 p_chnl_mask);
1337 }
1338
1339 tL2C_LCB* p_lcb;
1340
1341 /* We must already have a link to the remote */
1342 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1343 if (p_lcb == NULL) {
1344 LOG(WARNING) << __func__ << " No BDA: " << bd_addr;
1345 return false;
1346 }
1347
1348 VLOG(1) << __func__ << " BDA: " << bd_addr
1349 << StringPrintf(" ExtFea: 0x%08x Chnl_Mask[0]: 0x%02x",
1350 p_lcb->peer_ext_fea, p_lcb->peer_chnl_mask[0]);
1351
1352 *p_ext_feat = p_lcb->peer_ext_fea;
1353
1354 memcpy(p_chnl_mask, p_lcb->peer_chnl_mask, L2CAP_FIXED_CHNL_ARRAY_SIZE);
1355
1356 return true;
1357 }
1358
1359 #if (L2CAP_NUM_FIXED_CHNLS > 0)
1360 /*******************************************************************************
1361 *
1362 * Function L2CA_RegisterFixedChannel
1363 *
1364 * Description Register a fixed channel.
1365 *
1366 * Parameters: Fixed Channel #
1367 * Channel Callbacks and config
1368 *
1369 * Return value: -
1370 *
1371 ******************************************************************************/
L2CA_RegisterFixedChannel(uint16_t fixed_cid,tL2CAP_FIXED_CHNL_REG * p_freg)1372 bool L2CA_RegisterFixedChannel(uint16_t fixed_cid,
1373 tL2CAP_FIXED_CHNL_REG* p_freg) {
1374 if (bluetooth::shim::is_gd_shim_enabled()) {
1375 return bluetooth::shim::L2CA_RegisterFixedChannel(fixed_cid, p_freg);
1376 }
1377
1378 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1379 (fixed_cid > L2CAP_LAST_FIXED_CHNL)) {
1380 L2CAP_TRACE_ERROR("L2CA_RegisterFixedChannel() Invalid CID: 0x%04x",
1381 fixed_cid);
1382
1383 return (false);
1384 }
1385
1386 l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = *p_freg;
1387 return (true);
1388 }
1389
1390 /*******************************************************************************
1391 *
1392 * Function L2CA_ConnectFixedChnl
1393 *
1394 * Description Connect an fixed signalling channel to a remote device.
1395 *
1396 * Parameters: Fixed CID
1397 * BD Address of remote
1398 *
1399 * Return value: true if connection started
1400 *
1401 ******************************************************************************/
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1402 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1403 if (bluetooth::shim::is_gd_shim_enabled()) {
1404 return bluetooth::shim::L2CA_ConnectFixedChnl(fixed_cid, rem_bda);
1405 }
1406 uint8_t phy = controller_get_interface()->get_le_all_initiating_phys();
1407 return L2CA_ConnectFixedChnl(fixed_cid, rem_bda, phy);
1408 }
1409
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda,uint8_t initiating_phys)1410 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda,
1411 uint8_t initiating_phys) {
1412 if (bluetooth::shim::is_gd_shim_enabled()) {
1413 return bluetooth::shim::L2CA_ConnectFixedChnl(fixed_cid, rem_bda,
1414 initiating_phys);
1415 }
1416
1417 tL2C_LCB* p_lcb;
1418 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1419
1420 VLOG(1) << __func__ << " BDA: " << rem_bda
1421 << StringPrintf("CID: 0x%04x ", fixed_cid);
1422
1423 // Check CID is valid and registered
1424 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1425 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1426 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1427 NULL)) {
1428 L2CAP_TRACE_ERROR("%s() Invalid CID: 0x%04x", __func__, fixed_cid);
1429 return (false);
1430 }
1431
1432 // Fail if BT is not yet up
1433 if (!BTM_IsDeviceUp()) {
1434 L2CAP_TRACE_WARNING("%s(0x%04x) - BTU not ready", __func__, fixed_cid);
1435 return (false);
1436 }
1437
1438 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1439 transport = BT_TRANSPORT_LE;
1440
1441 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1442
1443 // If we already have a link to the remote, check if it supports that CID
1444 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1445 if (p_lcb != NULL) {
1446 // Fixed channels are mandatory on LE transports so ignore the received
1447 // channel mask and use the locally cached LE channel mask.
1448
1449 if (transport == BT_TRANSPORT_LE)
1450 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1451 else
1452 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1453
1454 // Check for supported channel
1455 if (!(peer_channel_mask & (1 << fixed_cid))) {
1456 VLOG(2) << __func__ << " BDA " << rem_bda
1457 << StringPrintf(" CID:0x%04x not supported", fixed_cid);
1458 return false;
1459 }
1460
1461 // Get a CCB and link the lcb to it
1462 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1463 L2CAP_TRACE_WARNING("%s(0x%04x) - LCB but no CCB", __func__, fixed_cid);
1464 return false;
1465 }
1466
1467 // racing with disconnecting, queue the connection request
1468 if (p_lcb->link_state == LST_DISCONNECTING) {
1469 L2CAP_TRACE_DEBUG("$s() - link disconnecting: RETRY LATER", __func__);
1470 /* Save ccb so it can be started after disconnect is finished */
1471 p_lcb->p_pending_ccb =
1472 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1473 return true;
1474 }
1475
1476 (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)(
1477 fixed_cid, p_lcb->remote_bd_addr, true, 0, p_lcb->transport);
1478 return true;
1479 }
1480
1481 // No link. Get an LCB and start link establishment
1482 p_lcb = l2cu_allocate_lcb(rem_bda, false, transport);
1483 if (p_lcb == NULL) {
1484 L2CAP_TRACE_WARNING("%s(0x%04x) - no LCB", __func__, fixed_cid);
1485 return false;
1486 }
1487
1488 // Get a CCB and link the lcb to it
1489 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1490 p_lcb->disc_reason = L2CAP_CONN_NO_RESOURCES;
1491 L2CAP_TRACE_WARNING("%s(0x%04x) - no CCB", __func__, fixed_cid);
1492 l2cu_release_lcb(p_lcb);
1493 return false;
1494 }
1495
1496 bool ret = ((transport == BT_TRANSPORT_LE)
1497 ? l2cu_create_conn_le(p_lcb, initiating_phys)
1498 : l2cu_create_conn_br_edr(p_lcb));
1499
1500 if (!ret) {
1501 L2CAP_TRACE_WARNING("%s() - create connection failed", __func__);
1502 l2cu_release_lcb(p_lcb);
1503 }
1504
1505 return ret;
1506 }
1507
1508 /*******************************************************************************
1509 *
1510 * Function L2CA_SendFixedChnlData
1511 *
1512 * Description Write data on a fixed channel.
1513 *
1514 * Parameters: Fixed CID
1515 * BD Address of remote
1516 * Pointer to buffer of type BT_HDR
1517 *
1518 * Return value L2CAP_DW_SUCCESS, if data accepted
1519 * L2CAP_DW_FAILED, if error
1520 *
1521 ******************************************************************************/
L2CA_SendFixedChnlData(uint16_t fixed_cid,const RawAddress & rem_bda,BT_HDR * p_buf)1522 uint16_t L2CA_SendFixedChnlData(uint16_t fixed_cid, const RawAddress& rem_bda,
1523 BT_HDR* p_buf) {
1524 if (bluetooth::shim::is_gd_shim_enabled()) {
1525 return bluetooth::shim::L2CA_SendFixedChnlData(fixed_cid, rem_bda, p_buf);
1526 }
1527
1528 tL2C_LCB* p_lcb;
1529 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1530
1531 VLOG(2) << __func__ << " BDA: " << rem_bda
1532 << StringPrintf(" CID: 0x%04x", fixed_cid);
1533
1534 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1535 transport = BT_TRANSPORT_LE;
1536
1537 // Check CID is valid and registered
1538 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1539 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1540 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1541 NULL)) {
1542 L2CAP_TRACE_ERROR("L2CA_SendFixedChnlData() Invalid CID: 0x%04x",
1543 fixed_cid);
1544 osi_free(p_buf);
1545 return (L2CAP_DW_FAILED);
1546 }
1547
1548 // Fail if BT is not yet up
1549 if (!BTM_IsDeviceUp()) {
1550 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - BTU not ready",
1551 fixed_cid);
1552 osi_free(p_buf);
1553 return (L2CAP_DW_FAILED);
1554 }
1555
1556 // We need to have a link up
1557 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1558 if (p_lcb == NULL || p_lcb->link_state == LST_DISCONNECTING) {
1559 /* if link is disconnecting, also report data sending failure */
1560 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - no LCB", fixed_cid);
1561 osi_free(p_buf);
1562 return (L2CAP_DW_FAILED);
1563 }
1564
1565 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1566
1567 // Select peer channels mask to use depending on transport
1568 if (transport == BT_TRANSPORT_LE)
1569 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1570 else
1571 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1572
1573 if ((peer_channel_mask & (1 << fixed_cid)) == 0) {
1574 L2CAP_TRACE_WARNING(
1575 "L2CA_SendFixedChnlData() - peer does not support fixed chnl: 0x%04x",
1576 fixed_cid);
1577 osi_free(p_buf);
1578 return (L2CAP_DW_FAILED);
1579 }
1580
1581 p_buf->event = 0;
1582 p_buf->layer_specific = L2CAP_FLUSHABLE_CH_BASED;
1583
1584 if (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) {
1585 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1586 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData() - no CCB for chnl: 0x%4x",
1587 fixed_cid);
1588 osi_free(p_buf);
1589 return (L2CAP_DW_FAILED);
1590 }
1591 }
1592
1593 // If already congested, do not accept any more packets
1594 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) {
1595 L2CAP_TRACE_ERROR(
1596 "L2CAP - CID: 0x%04x cannot send, already congested \
1597 xmit_hold_q.count: %u buff_quota: %u",
1598 fixed_cid, fixed_queue_length(
1599 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1600 ->xmit_hold_q),
1601 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota);
1602 osi_free(p_buf);
1603 return (L2CAP_DW_FAILED);
1604 }
1605
1606 l2c_enqueue_peer_data(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL],
1607 p_buf);
1608
1609 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
1610
1611 // If there is no dynamic CCB on the link, restart the idle timer each time
1612 // something is sent
1613 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1614 !p_lcb->ccb_queue.p_first_ccb) {
1615 l2cu_no_dynamic_ccbs(p_lcb);
1616 }
1617
1618 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent)
1619 return (L2CAP_DW_CONGESTED);
1620
1621 return (L2CAP_DW_SUCCESS);
1622 }
1623
1624 /*******************************************************************************
1625 *
1626 * Function L2CA_RemoveFixedChnl
1627 *
1628 * Description Remove a fixed channel to a remote device.
1629 *
1630 * Parameters: Fixed CID
1631 * BD Address of remote
1632 * Idle timeout to use (or 0xFFFF if don't care)
1633 *
1634 * Return value: true if channel removed
1635 *
1636 ******************************************************************************/
L2CA_RemoveFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1637 bool L2CA_RemoveFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1638 if (bluetooth::shim::is_gd_shim_enabled()) {
1639 return bluetooth::shim::L2CA_RemoveFixedChnl(fixed_cid, rem_bda);
1640 }
1641
1642 tL2C_LCB* p_lcb;
1643 tL2C_CCB* p_ccb;
1644 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1645
1646 /* Check CID is valid and registered */
1647 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1648 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1649 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1650 NULL)) {
1651 L2CAP_TRACE_ERROR("L2CA_RemoveFixedChnl() Invalid CID: 0x%04x", fixed_cid);
1652 return (false);
1653 }
1654
1655 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1656 transport = BT_TRANSPORT_LE;
1657
1658 /* Is a fixed channel connected to the remote BDA ?*/
1659 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1660
1661 if (((p_lcb) == NULL) ||
1662 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1663 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1664 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1665 return (false);
1666 }
1667
1668 VLOG(2) << __func__ << " BDA: " << rem_bda
1669 << StringPrintf(" CID: 0x%04x", fixed_cid);
1670
1671 /* Release the CCB, starting an inactivity timeout on the LCB if no other CCBs
1672 * exist */
1673 p_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1674
1675 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = NULL;
1676 p_lcb->disc_reason = HCI_ERR_CONN_CAUSE_LOCAL_HOST;
1677
1678 // Retain the link for a few more seconds after SMP pairing is done, since
1679 // the Android platform always does service discovery after pairing is
1680 // complete. This will avoid the link down (pairing is complete) and an
1681 // immediate re-connection for service discovery.
1682 // Some devices do not do auto advertising when link is dropped, thus fail
1683 // the second connection and service discovery.
1684 if ((fixed_cid == L2CAP_ATT_CID) && !p_lcb->ccb_queue.p_first_ccb)
1685 p_lcb->idle_timeout = 0;
1686
1687 l2cu_release_ccb(p_ccb);
1688
1689 return (true);
1690 }
1691
1692 /*******************************************************************************
1693 *
1694 * Function L2CA_SetFixedChannelTout
1695 *
1696 * Description Higher layers call this function to set the idle timeout for
1697 * a fixed channel. The "idle timeout" is the amount of time
1698 * that a connection can remain up with no L2CAP channels on
1699 * it. A timeout of zero means that the connection will be torn
1700 * down immediately when the last channel is removed.
1701 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1702 * A bd_addr is the remote BD address.
1703 *
1704 * Returns true if command succeeded, false if failed
1705 *
1706 ******************************************************************************/
L2CA_SetFixedChannelTout(const RawAddress & rem_bda,uint16_t fixed_cid,uint16_t idle_tout)1707 bool L2CA_SetFixedChannelTout(const RawAddress& rem_bda, uint16_t fixed_cid,
1708 uint16_t idle_tout) {
1709 if (bluetooth::shim::is_gd_shim_enabled()) {
1710 return bluetooth::shim::L2CA_SetFixedChannelTout(rem_bda, fixed_cid,
1711 idle_tout);
1712 }
1713
1714 tL2C_LCB* p_lcb;
1715 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1716
1717 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1718 transport = BT_TRANSPORT_LE;
1719
1720 /* Is a fixed channel connected to the remote BDA ?*/
1721 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1722 if (((p_lcb) == NULL) ||
1723 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1724 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1725 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1726 return (false);
1727 }
1728
1729 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1730 ->fixed_chnl_idle_tout = idle_tout;
1731
1732 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1733 !p_lcb->ccb_queue.p_first_ccb) {
1734 /* If there are no dynamic CCBs, (re)start the idle timer in case we changed
1735 * it */
1736 l2cu_no_dynamic_ccbs(p_lcb);
1737 }
1738
1739 return true;
1740 }
1741
1742 #endif /* #if (L2CAP_NUM_FIXED_CHNLS > 0) */
1743
1744 /*******************************************************************************
1745 *
1746 * Function L2CA_DataWrite
1747 *
1748 * Description Higher layers call this function to write data.
1749 *
1750 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
1751 * L2CAP_DW_CONGESTED, if data accepted and the channel is
1752 * congested
1753 * L2CAP_DW_FAILED, if error
1754 *
1755 ******************************************************************************/
L2CA_DataWrite(uint16_t cid,BT_HDR * p_data)1756 uint8_t L2CA_DataWrite(uint16_t cid, BT_HDR* p_data) {
1757 if (bluetooth::shim::is_gd_shim_enabled()) {
1758 return bluetooth::shim::L2CA_DataWrite(cid, p_data);
1759 }
1760
1761 L2CAP_TRACE_API("L2CA_DataWrite() CID: 0x%04x Len: %d", cid, p_data->len);
1762 return l2c_data_write(cid, p_data, L2CAP_FLUSHABLE_CH_BASED);
1763 }
1764
1765 /*******************************************************************************
1766 *
1767 * Function L2CA_SetChnlFlushability
1768 *
1769 * Description Higher layers call this function to set a channels
1770 * flushability flags
1771 *
1772 * Returns true if CID found, else false
1773 *
1774 ******************************************************************************/
L2CA_SetChnlFlushability(uint16_t cid,bool is_flushable)1775 bool L2CA_SetChnlFlushability(uint16_t cid, bool is_flushable) {
1776 if (bluetooth::shim::is_gd_shim_enabled()) {
1777 return bluetooth::shim::L2CA_SetChnlFlushability(cid, is_flushable);
1778 }
1779
1780 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
1781 tL2C_CCB* p_ccb;
1782
1783 /* Find the channel control block. We don't know the link it is on. */
1784 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1785 if (p_ccb == NULL) {
1786 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlFlushability, CID: %d",
1787 cid);
1788 return (false);
1789 }
1790
1791 p_ccb->is_flushable = is_flushable;
1792
1793 L2CAP_TRACE_API("L2CA_SetChnlFlushability() CID: 0x%04x is_flushable: %d",
1794 cid, is_flushable);
1795
1796 #endif
1797
1798 return (true);
1799 }
1800
1801 /*******************************************************************************
1802 *
1803 * Function L2CA_FlushChannel
1804 *
1805 * Description This function flushes none, some or all buffers queued up
1806 * for xmission for a particular CID. If called with
1807 * L2CAP_FLUSH_CHANS_GET (0), it simply returns the number
1808 * of buffers queued for that CID L2CAP_FLUSH_CHANS_ALL (0xffff)
1809 * flushes all buffers. All other values specifies the maximum
1810 * buffers to flush.
1811 *
1812 * Returns Number of buffers left queued for that CID
1813 *
1814 ******************************************************************************/
L2CA_FlushChannel(uint16_t lcid,uint16_t num_to_flush)1815 uint16_t L2CA_FlushChannel(uint16_t lcid, uint16_t num_to_flush) {
1816 if (bluetooth::shim::is_gd_shim_enabled()) {
1817 return bluetooth::shim::L2CA_FlushChannel(lcid, num_to_flush);
1818 }
1819
1820 tL2C_CCB* p_ccb;
1821 tL2C_LCB* p_lcb;
1822 uint16_t num_left = 0, num_flushed1 = 0, num_flushed2 = 0;
1823
1824 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1825
1826 if (!p_ccb || (p_ccb->p_lcb == NULL)) {
1827 L2CAP_TRACE_WARNING(
1828 "L2CA_FlushChannel() abnormally returning 0 CID: 0x%04x", lcid);
1829 return (0);
1830 }
1831 p_lcb = p_ccb->p_lcb;
1832
1833 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
1834 L2CAP_TRACE_API(
1835 "L2CA_FlushChannel (FLUSH) CID: 0x%04x NumToFlush: %d QC: %u "
1836 "pFirst: 0x%08x",
1837 lcid, num_to_flush, fixed_queue_length(p_ccb->xmit_hold_q),
1838 fixed_queue_try_peek_first(p_ccb->xmit_hold_q));
1839 } else {
1840 L2CAP_TRACE_API("L2CA_FlushChannel (QUERY) CID: 0x%04x", lcid);
1841 }
1842
1843 /* Cannot flush eRTM buffers once they have a sequence number */
1844 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
1845 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
1846 const controller_t* controller = controller_get_interface();
1847 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
1848 /* If the controller supports enhanced flush, flush the data queued at the
1849 * controller */
1850 if (controller->supports_non_flushable_pb() &&
1851 (BTM_GetNumScoLinks() == 0)) {
1852 if (!l2cb.is_flush_active) {
1853 l2cb.is_flush_active = true;
1854
1855 /* The only packet type defined - 0 - Automatically-Flushable Only */
1856 btsnd_hcic_enhanced_flush(p_lcb->handle, 0);
1857 }
1858 }
1859 }
1860 #endif
1861
1862 // Iterate though list and flush the amount requested from
1863 // the transmit data queue that satisfy the layer and event conditions.
1864 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
1865 (num_to_flush > 0) && node != list_end(p_lcb->link_xmit_data_q);) {
1866 BT_HDR* p_buf = (BT_HDR*)list_node(node);
1867 node = list_next(node);
1868 if ((p_buf->layer_specific == 0) && (p_buf->event == lcid)) {
1869 num_to_flush--;
1870 num_flushed1++;
1871
1872 list_remove(p_lcb->link_xmit_data_q, p_buf);
1873 osi_free(p_buf);
1874 }
1875 }
1876 }
1877
1878 /* If needed, flush buffers in the CCB xmit hold queue */
1879 while ((num_to_flush != 0) && (!fixed_queue_is_empty(p_ccb->xmit_hold_q))) {
1880 BT_HDR* p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_ccb->xmit_hold_q);
1881 osi_free(p_buf);
1882 num_to_flush--;
1883 num_flushed2++;
1884 }
1885
1886 /* If app needs to track all packets, call it */
1887 if ((p_ccb->p_rcb) && (p_ccb->p_rcb->api.pL2CA_TxComplete_Cb) &&
1888 (num_flushed2))
1889 (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, num_flushed2);
1890
1891 /* Now count how many are left */
1892 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
1893 node != list_end(p_lcb->link_xmit_data_q); node = list_next(node)) {
1894 BT_HDR* p_buf = (BT_HDR*)list_node(node);
1895 if (p_buf->event == lcid) num_left++;
1896 }
1897
1898 /* Add in the number in the CCB xmit queue */
1899 num_left += fixed_queue_length(p_ccb->xmit_hold_q);
1900
1901 /* Return the local number of buffers left for the CID */
1902 L2CAP_TRACE_DEBUG("L2CA_FlushChannel() flushed: %u + %u, num_left: %u",
1903 num_flushed1, num_flushed2, num_left);
1904
1905 /* If we were congested, and now we are not, tell the app */
1906 l2cu_check_channel_congestion(p_ccb);
1907
1908 return (num_left);
1909 }
1910
L2CA_IsLinkEstablished(const RawAddress & bd_addr,tBT_TRANSPORT transport)1911 bool L2CA_IsLinkEstablished(const RawAddress& bd_addr,
1912 tBT_TRANSPORT transport) {
1913 if (bluetooth::shim::is_gd_shim_enabled()) {
1914 return bluetooth::shim::L2CA_IsLinkEstablished(bd_addr, transport);
1915 }
1916
1917 return l2cu_find_lcb_by_bd_addr(bd_addr, transport) != nullptr;
1918 }
1919