1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the L2CAP API code
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_l2cap"
26
27 #include <base/logging.h>
28 #include <base/strings/stringprintf.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32
33 #include "bt_common.h"
34 #include "bt_types.h"
35 #include "btm_api.h"
36 #include "btu.h"
37 #include "device/include/controller.h"
38 #include "hcidefs.h"
39 #include "hcimsgs.h"
40 #include "l2c_int.h"
41 #include "l2cdefs.h"
42 #include "osi/include/allocator.h"
43 #include "osi/include/log.h"
44
45 using base::StringPrintf;
46
47 /*******************************************************************************
48 *
49 * Function L2CA_Register
50 *
51 * Description Other layers call this function to register for L2CAP
52 * services.
53 *
54 * Returns PSM to use or zero if error. Typically, the PSM returned
55 * is the same as was passed in, but for an outgoing-only
56 * connection to a dynamic PSM, a "virtual" PSM is returned
57 * and should be used in the calls to L2CA_ConnectReq(),
58 * L2CA_ErtmConnectReq() and L2CA_Deregister()
59 *
60 ******************************************************************************/
L2CA_Register(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info,bool enable_snoop)61 uint16_t L2CA_Register(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info,
62 bool enable_snoop) {
63 tL2C_RCB* p_rcb;
64 uint16_t vpsm = psm;
65
66 L2CAP_TRACE_API("L2CAP - L2CA_Register() called for PSM: 0x%04x", psm);
67
68 /* Verify that the required callback info has been filled in
69 ** Note: Connection callbacks are required but not checked
70 ** for here because it is possible to be only a client
71 ** or only a server.
72 */
73 if ((!p_cb_info->pL2CA_ConfigCfm_Cb) || (!p_cb_info->pL2CA_ConfigInd_Cb) ||
74 (!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
75 L2CAP_TRACE_ERROR("L2CAP - no cb registering PSM: 0x%04x", psm);
76 return (0);
77 }
78
79 /* Verify PSM is valid */
80 if (L2C_INVALID_PSM(psm)) {
81 L2CAP_TRACE_ERROR("L2CAP - invalid PSM value, PSM: 0x%04x", psm);
82 return (0);
83 }
84
85 /* Check if this is a registration for an outgoing-only connection to */
86 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
87 if ((psm >= 0x1001) && (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
88 for (vpsm = 0x1002; vpsm < 0x8000; vpsm += 2) {
89 p_rcb = l2cu_find_rcb_by_psm(vpsm);
90 if (p_rcb == NULL) break;
91 }
92
93 L2CAP_TRACE_API("L2CA_Register - Real PSM: 0x%04x Virtual PSM: 0x%04x",
94 psm, vpsm);
95 }
96
97 /* If registration block already there, just overwrite it */
98 p_rcb = l2cu_find_rcb_by_psm(vpsm);
99 if (p_rcb == NULL) {
100 p_rcb = l2cu_allocate_rcb(vpsm);
101 if (p_rcb == NULL) {
102 L2CAP_TRACE_WARNING("L2CAP - no RCB available, PSM: 0x%04x vPSM: 0x%04x",
103 psm, vpsm);
104 return (0);
105 }
106 }
107
108 p_rcb->log_packets = enable_snoop;
109 p_rcb->api = *p_cb_info;
110 p_rcb->real_psm = psm;
111
112 return (vpsm);
113 }
114
115 /*******************************************************************************
116 *
117 * Function L2CA_Deregister
118 *
119 * Description Other layers call this function to de-register for L2CAP
120 * services.
121 *
122 * Returns void
123 *
124 ******************************************************************************/
L2CA_Deregister(uint16_t psm)125 void L2CA_Deregister(uint16_t psm) {
126 tL2C_RCB* p_rcb;
127 tL2C_CCB* p_ccb;
128 tL2C_LCB* p_lcb;
129 int ii;
130
131 L2CAP_TRACE_API("L2CAP - L2CA_Deregister() called for PSM: 0x%04x", psm);
132
133 p_rcb = l2cu_find_rcb_by_psm(psm);
134 if (p_rcb != NULL) {
135 p_lcb = &l2cb.lcb_pool[0];
136 for (ii = 0; ii < MAX_L2CAP_LINKS; ii++, p_lcb++) {
137 if (p_lcb->in_use) {
138 p_ccb = p_lcb->ccb_queue.p_first_ccb;
139 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) {
140 continue;
141 }
142
143 if ((p_ccb->in_use) &&
144 ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) ||
145 (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))) {
146 continue;
147 }
148
149 if (p_ccb->p_rcb == p_rcb) {
150 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
151 }
152 }
153 }
154 l2cu_release_rcb(p_rcb);
155 } else {
156 L2CAP_TRACE_WARNING("L2CAP - PSM: 0x%04x not found for deregistration",
157 psm);
158 }
159 }
160
161 /*******************************************************************************
162 *
163 * Function L2CA_AllocatePSM
164 *
165 * Description Other layers call this function to find an unused PSM for
166 * L2CAP services.
167 *
168 * Returns PSM to use.
169 *
170 ******************************************************************************/
L2CA_AllocatePSM(void)171 uint16_t L2CA_AllocatePSM(void) {
172 bool done = false;
173 uint16_t psm = l2cb.dyn_psm;
174
175 L2CAP_TRACE_API("L2CA_AllocatePSM");
176 while (!done) {
177 psm += 2;
178 if (psm > 0xfeff) {
179 psm = 0x1001;
180 } else if (psm & 0x0100) {
181 /* the upper byte must be even */
182 psm += 0x0100;
183 }
184
185 /* if psm is in range of reserved BRCM Aware features */
186 if ((BRCM_RESERVED_PSM_START <= psm) && (psm <= BRCM_RESERVED_PSM_END))
187 continue;
188
189 /* make sure the newlly allocated psm is not used right now */
190 if ((l2cu_find_rcb_by_psm(psm)) == NULL) done = true;
191 }
192 l2cb.dyn_psm = psm;
193
194 return (psm);
195 }
196
197 /*******************************************************************************
198 *
199 * Function L2CA_AllocateLePSM
200 *
201 * Description To find an unused LE PSM for L2CAP services.
202 *
203 * Returns LE_PSM to use if success. Otherwise returns 0.
204 *
205 ******************************************************************************/
L2CA_AllocateLePSM(void)206 uint16_t L2CA_AllocateLePSM(void) {
207 bool done = false;
208 uint16_t psm = l2cb.le_dyn_psm;
209 uint16_t count = 0;
210
211 L2CAP_TRACE_API("%s: last psm=%d", __func__, psm);
212 while (!done) {
213 count++;
214 if (count > LE_DYNAMIC_PSM_RANGE) {
215 L2CAP_TRACE_ERROR("%s: Out of free BLE PSM", __func__);
216 return 0;
217 }
218
219 psm++;
220 if (psm > LE_DYNAMIC_PSM_END) {
221 psm = LE_DYNAMIC_PSM_START;
222 }
223
224 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
225 /* make sure the newly allocated psm is not used right now */
226 if (l2cu_find_ble_rcb_by_psm(psm)) {
227 L2CAP_TRACE_WARNING("%s: supposedly-free PSM=%d have allocated rcb!",
228 __func__, psm);
229 continue;
230 }
231
232 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = true;
233 L2CAP_TRACE_DEBUG("%s: assigned PSM=%d", __func__, psm);
234 done = true;
235 break;
236 }
237 }
238 l2cb.le_dyn_psm = psm;
239
240 return (psm);
241 }
242
243 /*******************************************************************************
244 *
245 * Function L2CA_FreeLePSM
246 *
247 * Description Free an assigned LE PSM.
248 *
249 * Returns void
250 *
251 ******************************************************************************/
L2CA_FreeLePSM(uint16_t psm)252 void L2CA_FreeLePSM(uint16_t psm) {
253 L2CAP_TRACE_API("%s: to free psm=%d", __func__, psm);
254
255 if ((psm < LE_DYNAMIC_PSM_START) || (psm > LE_DYNAMIC_PSM_END)) {
256 L2CAP_TRACE_ERROR("%s: Invalid PSM=%d value!", __func__, psm);
257 return;
258 }
259
260 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
261 L2CAP_TRACE_WARNING("%s: PSM=%d was not allocated!", __func__, psm);
262 }
263 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = false;
264 }
265
266 /*******************************************************************************
267 *
268 * Function L2CA_ConnectReq
269 *
270 * Description Higher layers call this function to create an L2CAP
271 * connection. Note that the connection is not established at
272 * this time, but connection establishment gets started. The
273 * callback function will be invoked when connection
274 * establishes or fails.
275 *
276 * Returns the CID of the connection, or 0 if it failed to start
277 *
278 ******************************************************************************/
L2CA_ConnectReq(uint16_t psm,const RawAddress & p_bd_addr)279 uint16_t L2CA_ConnectReq(uint16_t psm, const RawAddress& p_bd_addr) {
280 return L2CA_ErtmConnectReq(psm, p_bd_addr, nullptr);
281 }
282
283 /*******************************************************************************
284 *
285 * Function L2CA_ErtmConnectReq
286 *
287 * Description Higher layers call this function to create an L2CAP
288 * connection. Note that the connection is not established at
289 * this time, but connection establishment gets started. The
290 * callback function will be invoked when connection
291 * establishes or fails.
292 *
293 * Parameters: PSM: L2CAP PSM for the connection
294 * BD address of the peer
295 * Enhaced retransmission mode configurations
296
297 * Returns the CID of the connection, or 0 if it failed to start
298 *
299 ******************************************************************************/
L2CA_ErtmConnectReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_ERTM_INFO * p_ertm_info)300 uint16_t L2CA_ErtmConnectReq(uint16_t psm, const RawAddress& p_bd_addr,
301 tL2CAP_ERTM_INFO* p_ertm_info) {
302 VLOG(1) << __func__ << "BDA " << p_bd_addr
303 << StringPrintf(" PSM: 0x%04x allowed:0x%x preferred:%d", psm,
304 (p_ertm_info) ? p_ertm_info->allowed_modes : 0,
305 (p_ertm_info) ? p_ertm_info->preferred_mode : 0);
306
307 /* Fail if we have not established communications with the controller */
308 if (!BTM_IsDeviceUp()) {
309 LOG(WARNING) << __func__ << ": BTU not ready";
310 return 0;
311 }
312 /* Fail if the PSM is not registered */
313 tL2C_RCB* p_rcb = l2cu_find_rcb_by_psm(psm);
314 if (p_rcb == nullptr) {
315 LOG(WARNING) << __func__ << ": no RCB, PSM=" << loghex(psm);
316 return 0;
317 }
318
319 /* First, see if we already have a link to the remote */
320 /* assume all ERTM l2cap connection is going over BR/EDR for now */
321 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
322 if (p_lcb == nullptr) {
323 /* No link. Get an LCB and start link establishment */
324 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
325 /* currently use BR/EDR for ERTM mode l2cap connection */
326 if ((p_lcb == nullptr) || (!l2cu_create_conn_br_edr(p_lcb))) {
327 LOG(WARNING) << __func__
328 << ": connection not started for PSM=" << loghex(psm)
329 << ", p_lcb=" << p_lcb;
330 return 0;
331 }
332 }
333
334 /* Allocate a channel control block */
335 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
336 if (p_ccb == nullptr) {
337 LOG(WARNING) << __func__ << ": no CCB, PSM=" << loghex(psm);
338 return 0;
339 }
340
341 /* Save registration info */
342 p_ccb->p_rcb = p_rcb;
343
344 if (p_ertm_info) {
345 p_ccb->ertm_info = *p_ertm_info;
346
347 /* Replace default indicators with the actual default pool */
348 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
349 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
350
351 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
352 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
353
354 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
355 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
356
357 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
358 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
359
360 p_ccb->max_rx_mtu =
361 p_ertm_info->user_rx_buf_size -
362 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
363 }
364
365 /* If link is up, start the L2CAP connection */
366 if (p_lcb->link_state == LST_CONNECTED) {
367 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, nullptr);
368 } else if (p_lcb->link_state == LST_DISCONNECTING) {
369 /* If link is disconnecting, save link info to retry after disconnect
370 * Possible Race condition when a reconnect occurs
371 * on the channel during a disconnect of link. This
372 * ccb will be automatically retried after link disconnect
373 * arrives
374 */
375 L2CAP_TRACE_DEBUG("L2CAP API - link disconnecting: RETRY LATER");
376
377 /* Save ccb so it can be started after disconnect is finished */
378 p_lcb->p_pending_ccb = p_ccb;
379 }
380
381 L2CAP_TRACE_API("L2CAP - L2CA_conn_req(psm: 0x%04x) returned CID: 0x%04x",
382 psm, p_ccb->local_cid);
383
384 /* Return the local CID as our handle */
385 return p_ccb->local_cid;
386 }
387
388 /*******************************************************************************
389 *
390 * Function L2CA_RegisterLECoc
391 *
392 * Description Other layers call this function to register for L2CAP
393 * Connection Oriented Channel.
394 *
395 * Returns PSM to use or zero if error. Typically, the PSM returned
396 * is the same as was passed in, but for an outgoing-only
397 * connection to a dynamic PSM, a "virtual" PSM is returned
398 * and should be used in the calls to L2CA_ConnectLECocReq()
399 * and L2CA_DeregisterLECoc()
400 *
401 ******************************************************************************/
L2CA_RegisterLECoc(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info)402 uint16_t L2CA_RegisterLECoc(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info) {
403 L2CAP_TRACE_API("%s called for LE PSM: 0x%04x", __func__, psm);
404
405 /* Verify that the required callback info has been filled in
406 ** Note: Connection callbacks are required but not checked
407 ** for here because it is possible to be only a client
408 ** or only a server.
409 */
410 if ((!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
411 L2CAP_TRACE_ERROR("%s No cb registering BLE PSM: 0x%04x", __func__, psm);
412 return 0;
413 }
414
415 /* Verify PSM is valid */
416 if (!L2C_IS_VALID_LE_PSM(psm)) {
417 L2CAP_TRACE_ERROR("%s Invalid BLE PSM value, PSM: 0x%04x", __func__, psm);
418 return 0;
419 }
420
421 tL2C_RCB* p_rcb;
422 uint16_t vpsm = psm;
423
424 /* Check if this is a registration for an outgoing-only connection to */
425 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
426 if ((psm >= LE_DYNAMIC_PSM_START) &&
427 (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
428 vpsm = L2CA_AllocateLePSM();
429 if (vpsm == 0) {
430 L2CAP_TRACE_ERROR("%s: Out of free BLE PSM", __func__);
431 return 0;
432 }
433
434 L2CAP_TRACE_API("%s Real PSM: 0x%04x Virtual PSM: 0x%04x", __func__, psm,
435 vpsm);
436 }
437
438 /* If registration block already there, just overwrite it */
439 p_rcb = l2cu_find_ble_rcb_by_psm(vpsm);
440 if (p_rcb == NULL) {
441 L2CAP_TRACE_API("%s Allocate rcp for Virtual PSM: 0x%04x", __func__, vpsm);
442 p_rcb = l2cu_allocate_ble_rcb(vpsm);
443 if (p_rcb == NULL) {
444 L2CAP_TRACE_WARNING("%s No BLE RCB available, PSM: 0x%04x vPSM: 0x%04x",
445 __func__, psm, vpsm);
446 return 0;
447 }
448 }
449
450 p_rcb->api = *p_cb_info;
451 p_rcb->real_psm = psm;
452
453 return vpsm;
454 }
455
456 /*******************************************************************************
457 *
458 * Function L2CA_DeregisterLECoc
459 *
460 * Description Other layers call this function to de-register for L2CAP
461 * Connection Oriented Channel.
462 *
463 * Returns void
464 *
465 ******************************************************************************/
L2CA_DeregisterLECoc(uint16_t psm)466 void L2CA_DeregisterLECoc(uint16_t psm) {
467 L2CAP_TRACE_API("%s called for PSM: 0x%04x", __func__, psm);
468
469 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
470 if (p_rcb == NULL) {
471 L2CAP_TRACE_WARNING("%s PSM: 0x%04x not found for deregistration", __func__,
472 psm);
473 return;
474 }
475
476 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
477 for (int i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) {
478 if (!p_lcb->in_use || p_lcb->transport != BT_TRANSPORT_LE) continue;
479
480 tL2C_CCB* p_ccb = p_lcb->ccb_queue.p_first_ccb;
481 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) continue;
482
483 if (p_ccb->in_use && (p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP ||
484 p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))
485 continue;
486
487 if (p_ccb->p_rcb == p_rcb)
488 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
489 }
490
491 l2cu_release_ble_rcb(p_rcb);
492 }
493
494 /*******************************************************************************
495 *
496 * Function L2CA_ConnectLECocReq
497 *
498 * Description Higher layers call this function to create an L2CAP
499 * connection. Note that the connection is not established at
500 * this time, but connection establishment gets started. The
501 * callback function will be invoked when connection
502 * establishes or fails.
503 *
504 * Parameters: PSM: L2CAP PSM for the connection
505 * BD address of the peer
506 * Local Coc configurations
507
508 * Returns the CID of the connection, or 0 if it failed to start
509 *
510 ******************************************************************************/
L2CA_ConnectLECocReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_LE_CFG_INFO * p_cfg)511 uint16_t L2CA_ConnectLECocReq(uint16_t psm, const RawAddress& p_bd_addr,
512 tL2CAP_LE_CFG_INFO* p_cfg) {
513 VLOG(1) << __func__ << " BDA: " << p_bd_addr
514 << StringPrintf(" PSM: 0x%04x", psm);
515
516 /* Fail if we have not established communications with the controller */
517 if (!BTM_IsDeviceUp()) {
518 L2CAP_TRACE_WARNING("%s BTU not ready", __func__);
519 return 0;
520 }
521
522 /* Fail if the PSM is not registered */
523 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
524 if (p_rcb == NULL) {
525 L2CAP_TRACE_WARNING("%s No BLE RCB, PSM: 0x%04x", __func__, psm);
526 return 0;
527 }
528
529 /* First, see if we already have a le link to the remote */
530 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
531 if (p_lcb == NULL) {
532 /* No link. Get an LCB and start link establishment */
533 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_LE);
534 if ((p_lcb == NULL)
535 /* currently use BR/EDR for ERTM mode l2cap connection */
536 || (!l2cu_create_conn_le(p_lcb))) {
537 L2CAP_TRACE_WARNING("%s conn not started for PSM: 0x%04x p_lcb: 0x%08x",
538 __func__, psm, p_lcb);
539 return 0;
540 }
541 }
542
543 /* Allocate a channel control block */
544 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
545 if (p_ccb == NULL) {
546 L2CAP_TRACE_WARNING("%s no CCB, PSM: 0x%04x", __func__, psm);
547 return 0;
548 }
549
550 /* Save registration info */
551 p_ccb->p_rcb = p_rcb;
552
553 /* Save the configuration */
554 if (p_cfg) {
555 memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
556 p_ccb->remote_credit_count = p_cfg->credits;
557 }
558
559 /* If link is up, start the L2CAP connection */
560 if (p_lcb->link_state == LST_CONNECTED) {
561 if (p_ccb->p_lcb->transport == BT_TRANSPORT_LE) {
562 L2CAP_TRACE_DEBUG("%s LE Link is up", __func__);
563 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
564 }
565 }
566
567 /* If link is disconnecting, save link info to retry after disconnect
568 * Possible Race condition when a reconnect occurs
569 * on the channel during a disconnect of link. This
570 * ccb will be automatically retried after link disconnect
571 * arrives
572 */
573 else if (p_lcb->link_state == LST_DISCONNECTING) {
574 L2CAP_TRACE_DEBUG("%s link disconnecting: RETRY LATER", __func__);
575
576 /* Save ccb so it can be started after disconnect is finished */
577 p_lcb->p_pending_ccb = p_ccb;
578 }
579
580 L2CAP_TRACE_API("%s(psm: 0x%04x) returned CID: 0x%04x", __func__, psm,
581 p_ccb->local_cid);
582
583 /* Return the local CID as our handle */
584 return p_ccb->local_cid;
585 }
586
587 /*******************************************************************************
588 *
589 * Function L2CA_ConnectLECocRsp
590 *
591 * Description Higher layers call this function to accept an incoming
592 * L2CAP COC connection, for which they had gotten an connect
593 * indication callback.
594 *
595 * Returns true for success, false for failure
596 *
597 ******************************************************************************/
L2CA_ConnectLECocRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_LE_CFG_INFO * p_cfg)598 bool L2CA_ConnectLECocRsp(const RawAddress& p_bd_addr, uint8_t id,
599 uint16_t lcid, uint16_t result, uint16_t status,
600 tL2CAP_LE_CFG_INFO* p_cfg) {
601 VLOG(1) << __func__ << " BDA: " << p_bd_addr
602 << StringPrintf(" CID: 0x%04x Result: %d Status: %d", lcid, result,
603 status);
604
605 /* First, find the link control block */
606 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
607 if (p_lcb == NULL) {
608 /* No link. Get an LCB and start link establishment */
609 L2CAP_TRACE_WARNING("%s no LCB", __func__);
610 return false;
611 }
612
613 /* Now, find the channel control block */
614 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
615 if (p_ccb == NULL) {
616 L2CAP_TRACE_WARNING("%s no CCB", __func__);
617 return false;
618 }
619
620 /* The IDs must match */
621 if (p_ccb->remote_id != id) {
622 L2CAP_TRACE_WARNING("%s bad id. Expected: %d Got: %d", __func__,
623 p_ccb->remote_id, id);
624 return false;
625 }
626
627 if (p_cfg) {
628 memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
629 p_ccb->remote_credit_count = p_cfg->credits;
630 }
631
632 if (result == L2CAP_CONN_OK)
633 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
634 else {
635 tL2C_CONN_INFO conn_info;
636 conn_info.bd_addr = p_bd_addr;
637 conn_info.l2cap_result = result;
638 conn_info.l2cap_status = status;
639 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
640 }
641
642 return true;
643 }
644
645 /*******************************************************************************
646 *
647 * Function L2CA_GetPeerLECocConfig
648 *
649 * Description Get a peers configuration for LE Connection Oriented
650 * Channel.
651 *
652 * Parameters: local channel id
653 * Pointers to peers configuration storage area
654 *
655 * Return value: true if peer is connected
656 *
657 ******************************************************************************/
L2CA_GetPeerLECocConfig(uint16_t lcid,tL2CAP_LE_CFG_INFO * peer_cfg)658 bool L2CA_GetPeerLECocConfig(uint16_t lcid, tL2CAP_LE_CFG_INFO* peer_cfg) {
659 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
660
661 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
662 if (p_ccb == NULL) {
663 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
664 return false;
665 }
666
667 if (peer_cfg != NULL)
668 memcpy(peer_cfg, &p_ccb->peer_conn_cfg, sizeof(tL2CAP_LE_CFG_INFO));
669
670 return true;
671 }
672
L2CA_SetConnectionCallbacks(uint16_t local_cid,const tL2CAP_APPL_INFO * callbacks)673 bool L2CA_SetConnectionCallbacks(uint16_t local_cid,
674 const tL2CAP_APPL_INFO* callbacks) {
675 CHECK(callbacks != NULL);
676 CHECK(callbacks->pL2CA_ConnectInd_Cb == NULL);
677 CHECK(callbacks->pL2CA_ConnectCfm_Cb != NULL);
678 CHECK(callbacks->pL2CA_ConfigInd_Cb != NULL);
679 CHECK(callbacks->pL2CA_ConfigCfm_Cb != NULL);
680 CHECK(callbacks->pL2CA_DisconnectInd_Cb != NULL);
681 CHECK(callbacks->pL2CA_DisconnectCfm_Cb != NULL);
682 CHECK(callbacks->pL2CA_CongestionStatus_Cb != NULL);
683 CHECK(callbacks->pL2CA_DataInd_Cb != NULL);
684 CHECK(callbacks->pL2CA_TxComplete_Cb != NULL);
685
686 tL2C_CCB* channel_control_block = l2cu_find_ccb_by_cid(NULL, local_cid);
687 if (!channel_control_block) {
688 LOG_ERROR(LOG_TAG,
689 "%s no channel control block found for L2CAP LCID=0x%04x.",
690 __func__, local_cid);
691 return false;
692 }
693
694 // We're making a connection-specific registration control block so we check
695 // if we already have a private one allocated to us on the heap. If not, we
696 // make a new allocation, mark it as heap-allocated, and inherit the fields
697 // from the old control block.
698 tL2C_RCB* registration_control_block = channel_control_block->p_rcb;
699 if (!channel_control_block->should_free_rcb) {
700 registration_control_block = (tL2C_RCB*)osi_calloc(sizeof(tL2C_RCB));
701
702 *registration_control_block = *channel_control_block->p_rcb;
703 channel_control_block->p_rcb = registration_control_block;
704 channel_control_block->should_free_rcb = true;
705 }
706
707 registration_control_block->api = *callbacks;
708 return true;
709 }
710
711 /*******************************************************************************
712 *
713 * Function L2CA_ConnectRsp
714 *
715 * Description Higher layers call this function to accept an incoming
716 * L2CAP connection, for which they had gotten an connect
717 * indication callback.
718 *
719 * Returns true for success, false for failure
720 *
721 ******************************************************************************/
L2CA_ConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status)722 bool L2CA_ConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
723 uint16_t result, uint16_t status) {
724 return L2CA_ErtmConnectRsp(p_bd_addr, id, lcid, result, status, NULL);
725 }
726
727 /*******************************************************************************
728 *
729 * Function L2CA_ErtmConnectRsp
730 *
731 * Description Higher layers call this function to accept an incoming
732 * L2CAP connection, for which they had gotten an connect
733 * indication callback.
734 *
735 * Returns true for success, false for failure
736 *
737 ******************************************************************************/
L2CA_ErtmConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_ERTM_INFO * p_ertm_info)738 bool L2CA_ErtmConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
739 uint16_t result, uint16_t status,
740 tL2CAP_ERTM_INFO* p_ertm_info) {
741 tL2C_LCB* p_lcb;
742 tL2C_CCB* p_ccb;
743
744 VLOG(1) << __func__ << " BDA: " << p_bd_addr
745 << StringPrintf(" CID:0x%04x Result:%d Status:%d", lcid, result,
746 status);
747
748 /* First, find the link control block */
749 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
750 if (p_lcb == NULL) {
751 /* No link. Get an LCB and start link establishment */
752 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_conn_rsp");
753 return (false);
754 }
755
756 /* Now, find the channel control block */
757 p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
758 if (p_ccb == NULL) {
759 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_rsp");
760 return (false);
761 }
762
763 /* The IDs must match */
764 if (p_ccb->remote_id != id) {
765 L2CAP_TRACE_WARNING("L2CAP - bad id in L2CA_conn_rsp. Exp: %d Got: %d",
766 p_ccb->remote_id, id);
767 return (false);
768 }
769
770 if (p_ertm_info) {
771 p_ccb->ertm_info = *p_ertm_info;
772
773 /* Replace default indicators with the actual default pool */
774 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
775 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
776
777 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
778 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
779
780 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
781 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
782
783 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
784 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
785
786 p_ccb->max_rx_mtu =
787 p_ertm_info->user_rx_buf_size -
788 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
789 }
790
791 if (result == L2CAP_CONN_OK) {
792 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
793 } else {
794 tL2C_CONN_INFO conn_info;
795
796 conn_info.l2cap_result = result;
797 conn_info.l2cap_status = status;
798
799 if (result == L2CAP_CONN_PENDING)
800 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, &conn_info);
801 else
802 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
803 }
804
805 return (true);
806 }
807
808 /*******************************************************************************
809 *
810 * Function L2CA_ConfigReq
811 *
812 * Description Higher layers call this function to send configuration.
813 *
814 * Note: The FCR options of p_cfg are not used.
815 *
816 * Returns true if configuration sent, else false
817 *
818 ******************************************************************************/
L2CA_ConfigReq(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)819 bool L2CA_ConfigReq(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
820 tL2C_CCB* p_ccb;
821
822 L2CAP_TRACE_API(
823 "L2CA_ConfigReq() CID 0x%04x: fcr_present:%d (mode %d) mtu_present:%d "
824 "(%d)",
825 cid, p_cfg->fcr_present, p_cfg->fcr.mode, p_cfg->mtu_present, p_cfg->mtu);
826
827 /* Find the channel control block. We don't know the link it is on. */
828 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
829 if (p_ccb == NULL) {
830 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_req, CID: %d", cid);
831 return (false);
832 }
833
834 /* We need to have at least one mode type common with the peer */
835 if (!l2c_fcr_adj_our_req_options(p_ccb, p_cfg)) return (false);
836
837 /* Don't adjust FCR options if not used */
838 if ((!p_cfg->fcr_present) || (p_cfg->fcr.mode == L2CAP_FCR_BASIC_MODE)) {
839 /* FCR and FCS options are not used in basic mode */
840 p_cfg->fcs_present = false;
841 p_cfg->ext_flow_spec_present = false;
842
843 if ((p_cfg->mtu_present) && (p_cfg->mtu > L2CAP_MTU_SIZE)) {
844 L2CAP_TRACE_WARNING("L2CAP - adjust MTU: %u too large", p_cfg->mtu);
845 p_cfg->mtu = L2CAP_MTU_SIZE;
846 }
847 }
848
849 /* Save the adjusted configuration in case it needs to be used for
850 * renegotiation */
851 p_ccb->our_cfg = *p_cfg;
852
853 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_REQ, p_cfg);
854
855 return (true);
856 }
857
858 /*******************************************************************************
859 *
860 * Function L2CA_ConfigRsp
861 *
862 * Description Higher layers call this function to send a configuration
863 * response.
864 *
865 * Returns true if configuration response sent, else false
866 *
867 ******************************************************************************/
L2CA_ConfigRsp(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)868 bool L2CA_ConfigRsp(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
869 tL2C_CCB* p_ccb;
870
871 L2CAP_TRACE_API(
872 "L2CA_ConfigRsp() CID: 0x%04x Result: %d MTU present:%d Flush TO:%d "
873 "FCR:%d FCS:%d",
874 cid, p_cfg->result, p_cfg->mtu_present, p_cfg->flush_to_present,
875 p_cfg->fcr_present, p_cfg->fcs_present);
876
877 /* Find the channel control block. We don't know the link it is on. */
878 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
879 if (p_ccb == NULL) {
880 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_rsp, CID: %d", cid);
881 return (false);
882 }
883
884 if ((p_cfg->result == L2CAP_CFG_OK) || (p_cfg->result == L2CAP_CFG_PENDING))
885 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP, p_cfg);
886 else {
887 p_cfg->fcr_present =
888 false; /* FCR options already negotiated before this point */
889
890 /* Clear out any cached options that are being returned as an error
891 * (excluding FCR) */
892 if (p_cfg->mtu_present) p_ccb->peer_cfg.mtu_present = false;
893 if (p_cfg->flush_to_present) p_ccb->peer_cfg.flush_to_present = false;
894 if (p_cfg->qos_present) p_ccb->peer_cfg.qos_present = false;
895
896 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP_NEG, p_cfg);
897 }
898
899 return (true);
900 }
901
902 /*******************************************************************************
903 *
904 * Function L2CA_DisconnectReq
905 *
906 * Description Higher layers call this function to disconnect a channel.
907 *
908 * Returns true if disconnect sent, else false
909 *
910 ******************************************************************************/
L2CA_DisconnectReq(uint16_t cid)911 bool L2CA_DisconnectReq(uint16_t cid) {
912 tL2C_CCB* p_ccb;
913
914 L2CAP_TRACE_API("L2CA_DisconnectReq() CID: 0x%04x", cid);
915
916 /* Find the channel control block. We don't know the link it is on. */
917 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
918 if (p_ccb == NULL) {
919 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_req, CID: %d", cid);
920 return (false);
921 }
922
923 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
924
925 return (true);
926 }
927
928 /*******************************************************************************
929 *
930 * Function L2CA_DisconnectRsp
931 *
932 * Description Higher layers call this function to acknowledge the
933 * disconnection of a channel.
934 *
935 * Returns void
936 *
937 ******************************************************************************/
L2CA_DisconnectRsp(uint16_t cid)938 bool L2CA_DisconnectRsp(uint16_t cid) {
939 tL2C_CCB* p_ccb;
940
941 L2CAP_TRACE_API("L2CA_DisconnectRsp() CID: 0x%04x", cid);
942
943 /* Find the channel control block. We don't know the link it is on. */
944 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
945 if (p_ccb == NULL) {
946 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_rsp, CID: %d", cid);
947 return (false);
948 }
949
950 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_RSP, NULL);
951
952 return (true);
953 }
954
955 /*******************************************************************************
956 *
957 * Function L2CA_Ping
958 *
959 * Description Higher layers call this function to send an echo request.
960 *
961 * Returns true if echo request sent, else false.
962 *
963 ******************************************************************************/
L2CA_Ping(const RawAddress & p_bd_addr,tL2CA_ECHO_RSP_CB * p_callback)964 bool L2CA_Ping(const RawAddress& p_bd_addr, tL2CA_ECHO_RSP_CB* p_callback) {
965 tL2C_LCB* p_lcb;
966
967 VLOG(1) << __func__ << " BDA: " << p_bd_addr;
968
969 /* Fail if we have not established communications with the controller */
970 if (!BTM_IsDeviceUp()) return (false);
971
972 /* First, see if we already have a link to the remote */
973 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
974 if (p_lcb == NULL) {
975 /* No link. Get an LCB and start link establishment */
976 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
977 if (p_lcb == NULL) {
978 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_ping");
979 return (false);
980 }
981 if (!l2cu_create_conn_br_edr(p_lcb)) {
982 return (false);
983 }
984
985 p_lcb->p_echo_rsp_cb = p_callback;
986
987 return (true);
988 }
989
990 /* We only allow 1 ping outstanding at a time */
991 if (p_lcb->p_echo_rsp_cb != NULL) {
992 L2CAP_TRACE_WARNING("L2CAP - rejected second L2CA_ping");
993 return (false);
994 }
995
996 /* Have a link control block. If link is disconnecting, tell user to retry
997 * later */
998 if (p_lcb->link_state == LST_DISCONNECTING) {
999 L2CAP_TRACE_WARNING("L2CAP - L2CA_ping rejected - link disconnecting");
1000 return (false);
1001 }
1002
1003 /* Save address of callback */
1004 p_lcb->p_echo_rsp_cb = p_callback;
1005
1006 if (p_lcb->link_state == LST_CONNECTED) {
1007 l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID); /* Make sure not using Broadcom ID */
1008 l2cu_send_peer_echo_req(p_lcb, NULL, 0);
1009 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, L2CAP_ECHO_RSP_TIMEOUT_MS,
1010 l2c_lcb_timer_timeout, p_lcb);
1011 }
1012
1013 return (true);
1014 }
1015
1016 /*******************************************************************************
1017 *
1018 * Function L2CA_Echo
1019 *
1020 * Description Higher layers call this function to send an echo request
1021 * with application-specific data.
1022 *
1023 * Returns true if echo request sent, else false.
1024 *
1025 ******************************************************************************/
L2CA_Echo(const RawAddress & p_bd_addr,BT_HDR * p_data,tL2CA_ECHO_DATA_CB * p_callback)1026 bool L2CA_Echo(const RawAddress& p_bd_addr, BT_HDR* p_data,
1027 tL2CA_ECHO_DATA_CB* p_callback) {
1028 tL2C_LCB* p_lcb;
1029 uint8_t* pp;
1030
1031 VLOG(1) << __func__ << " BDA: " << p_bd_addr;
1032 ;
1033
1034 /* Fail if we have not established communications with the controller */
1035 if (!BTM_IsDeviceUp()) return (false);
1036
1037 if (RawAddress::kAny == p_bd_addr && (p_data == NULL)) {
1038 /* Only register callback without sending message. */
1039 l2cb.p_echo_data_cb = p_callback;
1040 return true;
1041 }
1042
1043 /* We assume the upper layer will call this function only when the link is
1044 * established. */
1045 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
1046 if (p_lcb == NULL) {
1047 L2CAP_TRACE_ERROR("L2CA_Echo ERROR : link not established");
1048 return false;
1049 }
1050
1051 if (p_lcb->link_state != LST_CONNECTED) {
1052 L2CAP_TRACE_ERROR("L2CA_Echo ERROR : link is not connected");
1053 return false;
1054 }
1055
1056 /* Save address of callback */
1057 l2cb.p_echo_data_cb = p_callback;
1058
1059 /* Set the pointer to the beginning of the data */
1060 pp = (uint8_t*)(p_data + 1) + p_data->offset;
1061 l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID); /* Make sure not using Broadcom ID */
1062 l2cu_send_peer_echo_req(p_lcb, pp, p_data->len);
1063
1064 return (true);
1065 }
1066
L2CA_GetIdentifiers(uint16_t lcid,uint16_t * rcid,uint16_t * handle)1067 bool L2CA_GetIdentifiers(uint16_t lcid, uint16_t* rcid, uint16_t* handle) {
1068 tL2C_CCB* control_block = l2cu_find_ccb_by_cid(NULL, lcid);
1069 if (!control_block) return false;
1070
1071 if (rcid) *rcid = control_block->remote_cid;
1072 if (handle) *handle = control_block->p_lcb->handle;
1073
1074 return true;
1075 }
1076
1077 /*******************************************************************************
1078 *
1079 * Function L2CA_SetIdleTimeout
1080 *
1081 * Description Higher layers call this function to set the idle timeout for
1082 * a connection, or for all future connections. The "idle
1083 * timeout" is the amount of time that a connection can remain
1084 * up with no L2CAP channels on it. A timeout of zero means
1085 * that the connection will be torn down immediately when the
1086 * last channel is removed. A timeout of 0xFFFF means no
1087 * timeout. Values are in seconds.
1088 *
1089 * Returns true if command succeeded, false if failed
1090 *
1091 * NOTE This timeout takes effect after at least 1 channel has been
1092 * established and removed. L2CAP maintains its own timer from
1093 * whan a connection is established till the first channel is
1094 * set up.
1095 ******************************************************************************/
L2CA_SetIdleTimeout(uint16_t cid,uint16_t timeout,bool is_global)1096 bool L2CA_SetIdleTimeout(uint16_t cid, uint16_t timeout, bool is_global) {
1097 tL2C_CCB* p_ccb;
1098 tL2C_LCB* p_lcb;
1099
1100 if (is_global) {
1101 l2cb.idle_timeout = timeout;
1102 } else {
1103 /* Find the channel control block. We don't know the link it is on. */
1104 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1105 if (p_ccb == NULL) {
1106 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetIdleTimeout, CID: %d",
1107 cid);
1108 return (false);
1109 }
1110
1111 p_lcb = p_ccb->p_lcb;
1112
1113 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
1114 p_lcb->idle_timeout = timeout;
1115 else
1116 return (false);
1117 }
1118
1119 return (true);
1120 }
1121
1122 /*******************************************************************************
1123 *
1124 * Function L2CA_SetIdleTimeoutByBdAddr
1125 *
1126 * Description Higher layers call this function to set the idle timeout for
1127 * a connection. The "idle timeout" is the amount of time that
1128 * a connection can remain up with no L2CAP channels on it.
1129 * A timeout of zero means that the connection will be torn
1130 * down immediately when the last channel is removed.
1131 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1132 * A bd_addr is the remote BD address. If bd_addr =
1133 * RawAddress::kAny, then the idle timeouts for all active
1134 * l2cap links will be changed.
1135 *
1136 * Returns true if command succeeded, false if failed
1137 *
1138 * NOTE This timeout applies to all logical channels active on the
1139 * ACL link.
1140 ******************************************************************************/
L2CA_SetIdleTimeoutByBdAddr(const RawAddress & bd_addr,uint16_t timeout,tBT_TRANSPORT transport)1141 bool L2CA_SetIdleTimeoutByBdAddr(const RawAddress& bd_addr, uint16_t timeout,
1142 tBT_TRANSPORT transport) {
1143 tL2C_LCB* p_lcb;
1144
1145 if (RawAddress::kAny != bd_addr) {
1146 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, transport);
1147 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1148 p_lcb->idle_timeout = timeout;
1149
1150 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1151 } else
1152 return false;
1153 } else {
1154 int xx;
1155 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
1156
1157 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1158 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1159 p_lcb->idle_timeout = timeout;
1160
1161 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1162 }
1163 }
1164 }
1165
1166 return true;
1167 }
1168
1169 /*******************************************************************************
1170 *
1171 * Function L2CA_SetTraceLevel
1172 *
1173 * Description This function sets the trace level for L2CAP. If called with
1174 * a value of 0xFF, it simply reads the current trace level.
1175 *
1176 * Returns the new (current) trace level
1177 *
1178 ******************************************************************************/
L2CA_SetTraceLevel(uint8_t new_level)1179 uint8_t L2CA_SetTraceLevel(uint8_t new_level) {
1180 if (new_level != 0xFF) l2cb.l2cap_trace_level = new_level;
1181
1182 return (l2cb.l2cap_trace_level);
1183 }
1184
1185 /*******************************************************************************
1186 *
1187 * Function L2CA_SetDesireRole
1188 *
1189 * Description This function sets the desire role for L2CAP.
1190 * If the new role is L2CAP_ROLE_ALLOW_SWITCH, allow switch on
1191 * HciCreateConnection.
1192 * If the new role is L2CAP_ROLE_DISALLOW_SWITCH, do not allow
1193 * switch on HciCreateConnection.
1194 *
1195 * If the new role is a valid role (HCI_ROLE_MASTER or
1196 * HCI_ROLE_SLAVE), the desire role is set to the new value.
1197 * Otherwise, it is not changed.
1198 *
1199 * Returns the new (current) role
1200 *
1201 ******************************************************************************/
L2CA_SetDesireRole(uint8_t new_role)1202 uint8_t L2CA_SetDesireRole(uint8_t new_role) {
1203 L2CAP_TRACE_API("L2CA_SetDesireRole() new:x%x, disallow_switch:%d", new_role,
1204 l2cb.disallow_switch);
1205
1206 if (L2CAP_ROLE_CHECK_SWITCH != (L2CAP_ROLE_CHECK_SWITCH & new_role)) {
1207 /* do not process the allow_switch when both bits are set */
1208 if (new_role & L2CAP_ROLE_ALLOW_SWITCH) {
1209 l2cb.disallow_switch = false;
1210 }
1211 if (new_role & L2CAP_ROLE_DISALLOW_SWITCH) {
1212 l2cb.disallow_switch = true;
1213 }
1214 }
1215
1216 if (new_role == HCI_ROLE_MASTER || new_role == HCI_ROLE_SLAVE)
1217 l2cb.desire_role = new_role;
1218
1219 return (l2cb.desire_role);
1220 }
1221
1222 /*******************************************************************************
1223 *
1224 * Function L2CA_LocalLoopbackReq
1225 *
1226 * Description This function sets up a CID for local loopback
1227 *
1228 * Returns CID of 0 if none.
1229 *
1230 ******************************************************************************/
L2CA_LocalLoopbackReq(uint16_t psm,uint16_t handle,const RawAddress & p_bd_addr)1231 uint16_t L2CA_LocalLoopbackReq(uint16_t psm, uint16_t handle,
1232 const RawAddress& p_bd_addr) {
1233 tL2C_LCB* p_lcb;
1234 tL2C_CCB* p_ccb;
1235 tL2C_RCB* p_rcb;
1236
1237 L2CAP_TRACE_API("L2CA_LocalLoopbackReq() PSM: %d Handle: 0x%04x", psm,
1238 handle);
1239
1240 /* Fail if we have not established communications with the controller */
1241 if (!BTM_IsDeviceUp()) {
1242 L2CAP_TRACE_WARNING("L2CAP loop req - BTU not ready");
1243 return (0);
1244 }
1245
1246 /* Fail if the PSM is not registered */
1247 p_rcb = l2cu_find_rcb_by_psm(psm);
1248 if (p_rcb == NULL) {
1249 L2CAP_TRACE_WARNING("L2CAP - no RCB for L2CA_conn_req, PSM: %d", psm);
1250 return (0);
1251 }
1252
1253 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
1254 if (p_lcb == NULL) {
1255 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_conn_req");
1256 return (0);
1257 }
1258
1259 p_lcb->link_state = LST_CONNECTED;
1260 p_lcb->handle = handle;
1261
1262 /* Allocate a channel control block */
1263 p_ccb = l2cu_allocate_ccb(p_lcb, 0);
1264 if (p_ccb == NULL) {
1265 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_req");
1266 return (0);
1267 }
1268
1269 /* Save registration info */
1270 p_ccb->p_rcb = p_rcb;
1271 p_ccb->chnl_state = CST_OPEN;
1272 p_ccb->remote_cid = p_ccb->local_cid;
1273 p_ccb->config_done = CFG_DONE_MASK;
1274
1275 /* Return the local CID as our handle */
1276 return (p_ccb->local_cid);
1277 }
1278
1279 /*******************************************************************************
1280 *
1281 * Function L2CA_SetAclPriority
1282 *
1283 * Description Sets the transmission priority for a channel.
1284 * (For initial implementation only two values are valid.
1285 * L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH).
1286 *
1287 * Returns true if a valid channel, else false
1288 *
1289 ******************************************************************************/
L2CA_SetAclPriority(const RawAddress & bd_addr,uint8_t priority)1290 bool L2CA_SetAclPriority(const RawAddress& bd_addr, uint8_t priority) {
1291 VLOG(1) << __func__ << " BDA: " << bd_addr
1292 << ", priority: " << std::to_string(priority);
1293 return (l2cu_set_acl_priority(bd_addr, priority, false));
1294 }
1295
1296 /*******************************************************************************
1297 *
1298 * Function L2CA_FlowControl
1299 *
1300 * Description Higher layers call this function to flow control a channel.
1301 *
1302 * data_enabled - true data flows, false data is stopped
1303 *
1304 * Returns true if valid channel, else false
1305 *
1306 ******************************************************************************/
L2CA_FlowControl(uint16_t cid,bool data_enabled)1307 bool L2CA_FlowControl(uint16_t cid, bool data_enabled) {
1308 tL2C_CCB* p_ccb;
1309 bool on_off = !data_enabled;
1310
1311 L2CAP_TRACE_API("L2CA_FlowControl(%d) CID: 0x%04x", on_off, cid);
1312
1313 /* Find the channel control block. We don't know the link it is on. */
1314 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1315 if (p_ccb == NULL) {
1316 L2CAP_TRACE_WARNING(
1317 "L2CAP - no CCB for L2CA_FlowControl, CID: 0x%04x data_enabled: %d",
1318 cid, data_enabled);
1319 return (false);
1320 }
1321
1322 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
1323 L2CAP_TRACE_EVENT("L2CA_FlowControl() invalid mode:%d",
1324 p_ccb->peer_cfg.fcr.mode);
1325 return (false);
1326 }
1327 if (p_ccb->fcrb.local_busy != on_off) {
1328 p_ccb->fcrb.local_busy = on_off;
1329
1330 if ((p_ccb->chnl_state == CST_OPEN) && (!p_ccb->fcrb.wait_ack)) {
1331 if (on_off)
1332 l2c_fcr_send_S_frame(p_ccb, L2CAP_FCR_SUP_RNR, 0);
1333 else
1334 l2c_fcr_send_S_frame(p_ccb, L2CAP_FCR_SUP_RR, L2CAP_FCR_P_BIT);
1335 }
1336 }
1337
1338 return (true);
1339 }
1340
1341 /*******************************************************************************
1342 *
1343 * Function L2CA_SendTestSFrame
1344 *
1345 * Description Higher layers call this function to send a test S-frame.
1346 *
1347 * Returns true if valid Channel, else false
1348 *
1349 ******************************************************************************/
L2CA_SendTestSFrame(uint16_t cid,uint8_t sup_type,uint8_t back_track)1350 bool L2CA_SendTestSFrame(uint16_t cid, uint8_t sup_type, uint8_t back_track) {
1351 tL2C_CCB* p_ccb;
1352
1353 L2CAP_TRACE_API(
1354 "L2CA_SendTestSFrame() CID: 0x%04x Type: 0x%02x back_track: %u", cid,
1355 sup_type, back_track);
1356
1357 /* Find the channel control block. We don't know the link it is on. */
1358 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1359 if (p_ccb == NULL) {
1360 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SendTestSFrame, CID: %d", cid);
1361 return (false);
1362 }
1363
1364 if ((p_ccb->chnl_state != CST_OPEN) ||
1365 (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE))
1366 return (false);
1367
1368 p_ccb->fcrb.next_seq_expected -= back_track;
1369
1370 l2c_fcr_send_S_frame(
1371 p_ccb, (uint16_t)(sup_type & 3),
1372 (uint16_t)(sup_type & (L2CAP_FCR_P_BIT | L2CAP_FCR_F_BIT)));
1373
1374 return (true);
1375 }
1376
1377 /*******************************************************************************
1378 *
1379 * Function L2CA_SetTxPriority
1380 *
1381 * Description Sets the transmission priority for a channel.
1382 *
1383 * Returns true if a valid channel, else false
1384 *
1385 ******************************************************************************/
L2CA_SetTxPriority(uint16_t cid,tL2CAP_CHNL_PRIORITY priority)1386 bool L2CA_SetTxPriority(uint16_t cid, tL2CAP_CHNL_PRIORITY priority) {
1387 tL2C_CCB* p_ccb;
1388
1389 L2CAP_TRACE_API("L2CA_SetTxPriority() CID: 0x%04x, priority:%d", cid,
1390 priority);
1391
1392 /* Find the channel control block. We don't know the link it is on. */
1393 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1394 if (p_ccb == NULL) {
1395 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetTxPriority, CID: %d", cid);
1396 return (false);
1397 }
1398
1399 /* it will update the order of CCB in LCB by priority and update round robin
1400 * service variables */
1401 l2cu_change_pri_ccb(p_ccb, priority);
1402
1403 return (true);
1404 }
1405
1406 /*******************************************************************************
1407 *
1408 * Function L2CA_SetChnlDataRate
1409 *
1410 * Description Sets the tx/rx data rate for a channel.
1411 *
1412 * Returns true if a valid channel, else false
1413 *
1414 ******************************************************************************/
L2CA_SetChnlDataRate(uint16_t cid,tL2CAP_CHNL_DATA_RATE tx,tL2CAP_CHNL_DATA_RATE rx)1415 bool L2CA_SetChnlDataRate(uint16_t cid, tL2CAP_CHNL_DATA_RATE tx,
1416 tL2CAP_CHNL_DATA_RATE rx) {
1417 tL2C_CCB* p_ccb;
1418
1419 L2CAP_TRACE_API("L2CA_SetChnlDataRate() CID: 0x%04x, tx:%d, rx:%d", cid, tx,
1420 rx);
1421
1422 /* Find the channel control block. We don't know the link it is on. */
1423 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1424 if (p_ccb == NULL) {
1425 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlDataRate, CID: %d",
1426 cid);
1427 return (false);
1428 }
1429
1430 p_ccb->tx_data_rate = tx;
1431 p_ccb->rx_data_rate = rx;
1432
1433 /* Adjust channel buffer allocation */
1434 l2c_link_adjust_chnl_allocation();
1435
1436 return (true);
1437 }
1438
1439 /*******************************************************************************
1440 *
1441 * Function L2CA_SetFlushTimeout
1442 *
1443 * Description This function set the automatic flush time out in Baseband
1444 * for ACL-U packets.
1445 * BdAddr : the remote BD address of ACL link. If it is
1446 * BT_DB_ANY then the flush time out will be applied to
1447 * all ACL links.
1448 * FlushTimeout: flush time out in ms
1449 * 0x0000 : No automatic flush
1450 * L2CAP_NO_RETRANSMISSION : No retransmission
1451 * 0x0002 - 0xFFFE : flush time out, if
1452 * (flush_tout * 8) + 3 / 5) <=
1453 * HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT
1454 * (in 625us slot).
1455 * Otherwise, return false.
1456 * L2CAP_NO_AUTOMATIC_FLUSH : No automatic flush
1457 *
1458 * Returns true if command succeeded, false if failed
1459 *
1460 * NOTE This flush timeout applies to all logical channels active on
1461 * the ACL link.
1462 ******************************************************************************/
L2CA_SetFlushTimeout(const RawAddress & bd_addr,uint16_t flush_tout)1463 bool L2CA_SetFlushTimeout(const RawAddress& bd_addr, uint16_t flush_tout) {
1464 tL2C_LCB* p_lcb;
1465 uint16_t hci_flush_to;
1466 uint32_t temp;
1467
1468 /* no automatic flush (infinite timeout) */
1469 if (flush_tout == 0x0000) {
1470 hci_flush_to = flush_tout;
1471 flush_tout = L2CAP_NO_AUTOMATIC_FLUSH;
1472 }
1473 /* no retransmission */
1474 else if (flush_tout == L2CAP_NO_RETRANSMISSION) {
1475 /* not mandatory range for controller */
1476 /* Packet is flushed before getting any ACK/NACK */
1477 /* To do this, flush timeout should be 1 baseband slot */
1478 hci_flush_to = flush_tout;
1479 }
1480 /* no automatic flush (infinite timeout) */
1481 else if (flush_tout == L2CAP_NO_AUTOMATIC_FLUSH) {
1482 hci_flush_to = 0x0000;
1483 } else {
1484 /* convert L2CAP flush_to to 0.625 ms units, with round */
1485 temp = (((uint32_t)flush_tout * 8) + 3) / 5;
1486
1487 /* if L2CAP flush_to within range of HCI, set HCI flush timeout */
1488 if (temp > HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT) {
1489 L2CAP_TRACE_WARNING(
1490 "WARNING L2CA_SetFlushTimeout timeout(0x%x) is out of range",
1491 flush_tout);
1492 return false;
1493 } else {
1494 hci_flush_to = (uint16_t)temp;
1495 }
1496 }
1497
1498 if (RawAddress::kAny != bd_addr) {
1499 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1500
1501 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1502 if (p_lcb->link_flush_tout != flush_tout) {
1503 p_lcb->link_flush_tout = flush_tout;
1504
1505 VLOG(1) << __func__ << " BDA: " << bd_addr << " " << flush_tout << "ms";
1506
1507 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1508 }
1509 } else {
1510 LOG(WARNING) << __func__ << " No lcb for bd_addr " << bd_addr;
1511 return (false);
1512 }
1513 } else {
1514 int xx;
1515 p_lcb = &l2cb.lcb_pool[0];
1516
1517 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1518 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1519 if (p_lcb->link_flush_tout != flush_tout) {
1520 p_lcb->link_flush_tout = flush_tout;
1521
1522 VLOG(1) << __func__ << " BDA: " << p_lcb->remote_bd_addr << " "
1523 << flush_tout << "ms";
1524
1525 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1526 }
1527 }
1528 }
1529 }
1530
1531 return (true);
1532 }
1533
1534 /*******************************************************************************
1535 *
1536 * Function L2CA_GetPeerFeatures
1537 *
1538 * Description Get a peers features and fixed channel map
1539 *
1540 * Parameters: BD address of the peer
1541 * Pointers to features and channel mask storage area
1542 *
1543 * Return value: true if peer is connected
1544 *
1545 ******************************************************************************/
L2CA_GetPeerFeatures(const RawAddress & bd_addr,uint32_t * p_ext_feat,uint8_t * p_chnl_mask)1546 bool L2CA_GetPeerFeatures(const RawAddress& bd_addr, uint32_t* p_ext_feat,
1547 uint8_t* p_chnl_mask) {
1548 tL2C_LCB* p_lcb;
1549
1550 /* We must already have a link to the remote */
1551 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1552 if (p_lcb == NULL) {
1553 LOG(WARNING) << __func__ << " No BDA: " << bd_addr;
1554 return false;
1555 }
1556
1557 VLOG(1) << __func__ << " BDA: " << bd_addr
1558 << StringPrintf(" ExtFea: 0x%08x Chnl_Mask[0]: 0x%02x",
1559 p_lcb->peer_ext_fea, p_lcb->peer_chnl_mask[0]);
1560
1561 *p_ext_feat = p_lcb->peer_ext_fea;
1562
1563 memcpy(p_chnl_mask, p_lcb->peer_chnl_mask, L2CAP_FIXED_CHNL_ARRAY_SIZE);
1564
1565 return true;
1566 }
1567
1568 /*******************************************************************************
1569 *
1570 * Function L2CA_GetBDAddrbyHandle
1571 *
1572 * Description Get BD address for the given HCI handle
1573 *
1574 * Parameters: HCI handle
1575 * BD address of the peer
1576 *
1577 * Return value: true if found lcb for the given handle, false otherwise
1578 *
1579 ******************************************************************************/
L2CA_GetBDAddrbyHandle(uint16_t handle,RawAddress & bd_addr)1580 bool L2CA_GetBDAddrbyHandle(uint16_t handle, RawAddress& bd_addr) {
1581 tL2C_LCB* p_lcb = NULL;
1582 bool found_dev = false;
1583
1584 p_lcb = l2cu_find_lcb_by_handle(handle);
1585 if (p_lcb) {
1586 found_dev = true;
1587 bd_addr = p_lcb->remote_bd_addr;
1588 }
1589
1590 return found_dev;
1591 }
1592
1593 /*******************************************************************************
1594 *
1595 * Function L2CA_GetChnlFcrMode
1596 *
1597 * Description Get the channel FCR mode
1598 *
1599 * Parameters: Local CID
1600 *
1601 * Return value: Channel mode
1602 *
1603 ******************************************************************************/
L2CA_GetChnlFcrMode(uint16_t lcid)1604 uint8_t L2CA_GetChnlFcrMode(uint16_t lcid) {
1605 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1606
1607 if (p_ccb) {
1608 L2CAP_TRACE_API("L2CA_GetChnlFcrMode() returns mode %d",
1609 p_ccb->peer_cfg.fcr.mode);
1610 return (p_ccb->peer_cfg.fcr.mode);
1611 }
1612
1613 L2CAP_TRACE_API("L2CA_GetChnlFcrMode() returns mode L2CAP_FCR_BASIC_MODE");
1614 return (L2CAP_FCR_BASIC_MODE);
1615 }
1616
1617 #if (L2CAP_NUM_FIXED_CHNLS > 0)
1618 /*******************************************************************************
1619 *
1620 * Function L2CA_RegisterFixedChannel
1621 *
1622 * Description Register a fixed channel.
1623 *
1624 * Parameters: Fixed Channel #
1625 * Channel Callbacks and config
1626 *
1627 * Return value: -
1628 *
1629 ******************************************************************************/
L2CA_RegisterFixedChannel(uint16_t fixed_cid,tL2CAP_FIXED_CHNL_REG * p_freg)1630 bool L2CA_RegisterFixedChannel(uint16_t fixed_cid,
1631 tL2CAP_FIXED_CHNL_REG* p_freg) {
1632 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1633 (fixed_cid > L2CAP_LAST_FIXED_CHNL)) {
1634 L2CAP_TRACE_ERROR("L2CA_RegisterFixedChannel() Invalid CID: 0x%04x",
1635 fixed_cid);
1636
1637 return (false);
1638 }
1639
1640 l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = *p_freg;
1641 return (true);
1642 }
1643
1644 /*******************************************************************************
1645 *
1646 * Function L2CA_ConnectFixedChnl
1647 *
1648 * Description Connect an fixed signalling channel to a remote device.
1649 *
1650 * Parameters: Fixed CID
1651 * BD Address of remote
1652 *
1653 * Return value: true if connection started
1654 *
1655 ******************************************************************************/
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1656 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1657 uint8_t phy = controller_get_interface()->get_le_all_initiating_phys();
1658 return L2CA_ConnectFixedChnl(fixed_cid, rem_bda, phy);
1659 }
1660
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda,uint8_t initiating_phys)1661 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda,
1662 uint8_t initiating_phys) {
1663 tL2C_LCB* p_lcb;
1664 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1665
1666 VLOG(1) << __func__ << " BDA: " << rem_bda
1667 << StringPrintf("CID: 0x%04x ", fixed_cid);
1668
1669 // Check CID is valid and registered
1670 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1671 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1672 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1673 NULL)) {
1674 L2CAP_TRACE_ERROR("%s() Invalid CID: 0x%04x", __func__, fixed_cid);
1675 return (false);
1676 }
1677
1678 // Fail if BT is not yet up
1679 if (!BTM_IsDeviceUp()) {
1680 L2CAP_TRACE_WARNING("%s(0x%04x) - BTU not ready", __func__, fixed_cid);
1681 return (false);
1682 }
1683
1684 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1685 transport = BT_TRANSPORT_LE;
1686
1687 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1688
1689 // If we already have a link to the remote, check if it supports that CID
1690 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1691 if (p_lcb != NULL) {
1692 // Fixed channels are mandatory on LE transports so ignore the received
1693 // channel mask and use the locally cached LE channel mask.
1694
1695 if (transport == BT_TRANSPORT_LE)
1696 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1697 else
1698 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1699
1700 // Check for supported channel
1701 if (!(peer_channel_mask & (1 << fixed_cid))) {
1702 VLOG(2) << __func__ << " BDA " << rem_bda
1703 << StringPrintf(" CID:0x%04x not supported", fixed_cid);
1704 return false;
1705 }
1706
1707 // Get a CCB and link the lcb to it
1708 if (!l2cu_initialize_fixed_ccb(
1709 p_lcb, fixed_cid,
1710 &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1711 .fixed_chnl_opts)) {
1712 L2CAP_TRACE_WARNING("%s(0x%04x) - LCB but no CCB", __func__, fixed_cid);
1713 return false;
1714 }
1715
1716 // racing with disconnecting, queue the connection request
1717 if (p_lcb->link_state == LST_DISCONNECTING) {
1718 L2CAP_TRACE_DEBUG("$s() - link disconnecting: RETRY LATER", __func__);
1719 /* Save ccb so it can be started after disconnect is finished */
1720 p_lcb->p_pending_ccb =
1721 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1722 return true;
1723 }
1724
1725 (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)(
1726 fixed_cid, p_lcb->remote_bd_addr, true, 0, p_lcb->transport);
1727 return true;
1728 }
1729
1730 // No link. Get an LCB and start link establishment
1731 p_lcb = l2cu_allocate_lcb(rem_bda, false, transport);
1732 if (p_lcb == NULL) {
1733 L2CAP_TRACE_WARNING("%s(0x%04x) - no LCB", __func__, fixed_cid);
1734 return false;
1735 }
1736
1737 // Get a CCB and link the lcb to it
1738 if (!l2cu_initialize_fixed_ccb(
1739 p_lcb, fixed_cid, &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1740 .fixed_chnl_opts)) {
1741 p_lcb->disc_reason = L2CAP_CONN_NO_RESOURCES;
1742 L2CAP_TRACE_WARNING("%s(0x%04x) - no CCB", __func__, fixed_cid);
1743 l2cu_release_lcb(p_lcb);
1744 return false;
1745 }
1746
1747 bool ret = ((transport == BT_TRANSPORT_LE)
1748 ? l2cu_create_conn_le(p_lcb, initiating_phys)
1749 : l2cu_create_conn_br_edr(p_lcb));
1750
1751 if (!ret) {
1752 L2CAP_TRACE_WARNING("%s() - create connection failed", __func__);
1753 l2cu_release_lcb(p_lcb);
1754 }
1755
1756 return ret;
1757 }
1758
1759 /*******************************************************************************
1760 *
1761 * Function L2CA_SendFixedChnlData
1762 *
1763 * Description Write data on a fixed channel.
1764 *
1765 * Parameters: Fixed CID
1766 * BD Address of remote
1767 * Pointer to buffer of type BT_HDR
1768 *
1769 * Return value L2CAP_DW_SUCCESS, if data accepted
1770 * L2CAP_DW_FAILED, if error
1771 *
1772 ******************************************************************************/
L2CA_SendFixedChnlData(uint16_t fixed_cid,const RawAddress & rem_bda,BT_HDR * p_buf)1773 uint16_t L2CA_SendFixedChnlData(uint16_t fixed_cid, const RawAddress& rem_bda,
1774 BT_HDR* p_buf) {
1775 tL2C_LCB* p_lcb;
1776 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1777
1778 VLOG(2) << __func__ << " BDA: " << rem_bda
1779 << StringPrintf(" CID: 0x%04x", fixed_cid);
1780
1781 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1782 transport = BT_TRANSPORT_LE;
1783
1784 // Check CID is valid and registered
1785 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1786 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1787 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1788 NULL)) {
1789 L2CAP_TRACE_ERROR("L2CA_SendFixedChnlData() Invalid CID: 0x%04x",
1790 fixed_cid);
1791 osi_free(p_buf);
1792 return (L2CAP_DW_FAILED);
1793 }
1794
1795 // Fail if BT is not yet up
1796 if (!BTM_IsDeviceUp()) {
1797 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - BTU not ready",
1798 fixed_cid);
1799 osi_free(p_buf);
1800 return (L2CAP_DW_FAILED);
1801 }
1802
1803 // We need to have a link up
1804 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1805 if (p_lcb == NULL || p_lcb->link_state == LST_DISCONNECTING) {
1806 /* if link is disconnecting, also report data sending failure */
1807 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - no LCB", fixed_cid);
1808 osi_free(p_buf);
1809 return (L2CAP_DW_FAILED);
1810 }
1811
1812 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1813
1814 // Select peer channels mask to use depending on transport
1815 if (transport == BT_TRANSPORT_LE)
1816 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1817 else
1818 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1819
1820 if ((peer_channel_mask & (1 << fixed_cid)) == 0) {
1821 L2CAP_TRACE_WARNING(
1822 "L2CA_SendFixedChnlData() - peer does not support fixed chnl: 0x%04x",
1823 fixed_cid);
1824 osi_free(p_buf);
1825 return (L2CAP_DW_FAILED);
1826 }
1827
1828 p_buf->event = 0;
1829 p_buf->layer_specific = L2CAP_FLUSHABLE_CH_BASED;
1830
1831 if (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) {
1832 if (!l2cu_initialize_fixed_ccb(
1833 p_lcb, fixed_cid,
1834 &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1835 .fixed_chnl_opts)) {
1836 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData() - no CCB for chnl: 0x%4x",
1837 fixed_cid);
1838 osi_free(p_buf);
1839 return (L2CAP_DW_FAILED);
1840 }
1841 }
1842
1843 // If already congested, do not accept any more packets
1844 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) {
1845 L2CAP_TRACE_ERROR(
1846 "L2CAP - CID: 0x%04x cannot send, already congested \
1847 xmit_hold_q.count: %u buff_quota: %u",
1848 fixed_cid, fixed_queue_length(
1849 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1850 ->xmit_hold_q),
1851 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota);
1852 osi_free(p_buf);
1853 return (L2CAP_DW_FAILED);
1854 }
1855
1856 l2c_enqueue_peer_data(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL],
1857 p_buf);
1858
1859 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
1860
1861 // If there is no dynamic CCB on the link, restart the idle timer each time
1862 // something is sent
1863 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1864 !p_lcb->ccb_queue.p_first_ccb) {
1865 l2cu_no_dynamic_ccbs(p_lcb);
1866 }
1867
1868 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent)
1869 return (L2CAP_DW_CONGESTED);
1870
1871 return (L2CAP_DW_SUCCESS);
1872 }
1873
1874 /*******************************************************************************
1875 *
1876 * Function L2CA_RemoveFixedChnl
1877 *
1878 * Description Remove a fixed channel to a remote device.
1879 *
1880 * Parameters: Fixed CID
1881 * BD Address of remote
1882 * Idle timeout to use (or 0xFFFF if don't care)
1883 *
1884 * Return value: true if channel removed
1885 *
1886 ******************************************************************************/
L2CA_RemoveFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1887 bool L2CA_RemoveFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1888 tL2C_LCB* p_lcb;
1889 tL2C_CCB* p_ccb;
1890 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1891
1892 /* Check CID is valid and registered */
1893 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1894 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1895 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1896 NULL)) {
1897 L2CAP_TRACE_ERROR("L2CA_RemoveFixedChnl() Invalid CID: 0x%04x", fixed_cid);
1898 return (false);
1899 }
1900
1901 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1902 transport = BT_TRANSPORT_LE;
1903
1904 /* Is a fixed channel connected to the remote BDA ?*/
1905 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1906
1907 if (((p_lcb) == NULL) ||
1908 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1909 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1910 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1911 return (false);
1912 }
1913
1914 VLOG(2) << __func__ << " BDA: " << rem_bda
1915 << StringPrintf(" CID: 0x%04x", fixed_cid);
1916
1917 /* Release the CCB, starting an inactivity timeout on the LCB if no other CCBs
1918 * exist */
1919 p_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1920
1921 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = NULL;
1922 p_lcb->disc_reason = HCI_ERR_CONN_CAUSE_LOCAL_HOST;
1923
1924 // Retain the link for a few more seconds after SMP pairing is done, since
1925 // the Android platform always does service discovery after pairing is
1926 // complete. This will avoid the link down (pairing is complete) and an
1927 // immediate re-connection for service discovery.
1928 // Some devices do not do auto advertising when link is dropped, thus fail
1929 // the second connection and service discovery.
1930 if ((fixed_cid == L2CAP_ATT_CID) && !p_lcb->ccb_queue.p_first_ccb)
1931 p_lcb->idle_timeout = 0;
1932
1933 l2cu_release_ccb(p_ccb);
1934
1935 return (true);
1936 }
1937
1938 /*******************************************************************************
1939 *
1940 * Function L2CA_SetFixedChannelTout
1941 *
1942 * Description Higher layers call this function to set the idle timeout for
1943 * a fixed channel. The "idle timeout" is the amount of time
1944 * that a connection can remain up with no L2CAP channels on
1945 * it. A timeout of zero means that the connection will be torn
1946 * down immediately when the last channel is removed.
1947 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1948 * A bd_addr is the remote BD address.
1949 *
1950 * Returns true if command succeeded, false if failed
1951 *
1952 ******************************************************************************/
L2CA_SetFixedChannelTout(const RawAddress & rem_bda,uint16_t fixed_cid,uint16_t idle_tout)1953 bool L2CA_SetFixedChannelTout(const RawAddress& rem_bda, uint16_t fixed_cid,
1954 uint16_t idle_tout) {
1955 tL2C_LCB* p_lcb;
1956 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1957
1958 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1959 transport = BT_TRANSPORT_LE;
1960
1961 /* Is a fixed channel connected to the remote BDA ?*/
1962 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1963 if (((p_lcb) == NULL) ||
1964 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1965 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1966 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1967 return (false);
1968 }
1969
1970 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1971 ->fixed_chnl_idle_tout = idle_tout;
1972
1973 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1974 !p_lcb->ccb_queue.p_first_ccb) {
1975 /* If there are no dynamic CCBs, (re)start the idle timer in case we changed
1976 * it */
1977 l2cu_no_dynamic_ccbs(p_lcb);
1978 }
1979
1980 return true;
1981 }
1982
1983 #endif /* #if (L2CAP_NUM_FIXED_CHNLS > 0) */
1984
1985 /*******************************************************************************
1986 *
1987 * Function L2CA_GetCurrentConfig
1988 *
1989 * Description This function returns configurations of L2CAP channel
1990 * pp_our_cfg : pointer of our saved configuration options
1991 * p_our_cfg_bits : valid config in bitmap
1992 * pp_peer_cfg: pointer of peer's saved configuration options
1993 * p_peer_cfg_bits : valid config in bitmap
1994 *
1995 * Returns true if successful
1996 *
1997 ******************************************************************************/
L2CA_GetCurrentConfig(uint16_t lcid,tL2CAP_CFG_INFO ** pp_our_cfg,tL2CAP_CH_CFG_BITS * p_our_cfg_bits,tL2CAP_CFG_INFO ** pp_peer_cfg,tL2CAP_CH_CFG_BITS * p_peer_cfg_bits)1998 bool L2CA_GetCurrentConfig(uint16_t lcid, tL2CAP_CFG_INFO** pp_our_cfg,
1999 tL2CAP_CH_CFG_BITS* p_our_cfg_bits,
2000 tL2CAP_CFG_INFO** pp_peer_cfg,
2001 tL2CAP_CH_CFG_BITS* p_peer_cfg_bits) {
2002 tL2C_CCB* p_ccb;
2003
2004 L2CAP_TRACE_API("L2CA_GetCurrentConfig() CID: 0x%04x", lcid);
2005
2006 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
2007
2008 if (p_ccb) {
2009 *pp_our_cfg = &(p_ccb->our_cfg);
2010
2011 /* convert valid config items into bitmap */
2012 *p_our_cfg_bits = 0;
2013 if (p_ccb->our_cfg.mtu_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_MTU;
2014 if (p_ccb->our_cfg.qos_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_QOS;
2015 if (p_ccb->our_cfg.flush_to_present)
2016 *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FLUSH_TO;
2017 if (p_ccb->our_cfg.fcr_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCR;
2018 if (p_ccb->our_cfg.fcs_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCS;
2019 if (p_ccb->our_cfg.ext_flow_spec_present)
2020 *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_EXT_FLOW_SPEC;
2021
2022 *pp_peer_cfg = &(p_ccb->peer_cfg);
2023 *p_peer_cfg_bits = p_ccb->peer_cfg_bits;
2024
2025 return true;
2026 } else {
2027 L2CAP_TRACE_ERROR("No CCB for CID:0x%04x", lcid);
2028 return false;
2029 }
2030 }
2031
2032 /*******************************************************************************
2033 *
2034 * Function L2CA_GetConnectionConfig
2035 *
2036 * Description This function returns configurations of L2CAP channel
2037 * pp_l2c_ccb : pointer to this channels L2CAP ccb data.
2038 *
2039 * Returns true if successful
2040 *
2041 ******************************************************************************/
L2CA_GetConnectionConfig(uint16_t lcid,uint16_t * mtu,uint16_t * rcid,uint16_t * handle)2042 bool L2CA_GetConnectionConfig(uint16_t lcid, uint16_t* mtu, uint16_t* rcid,
2043 uint16_t* handle) {
2044 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
2045 ;
2046
2047 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
2048
2049 if (p_ccb) {
2050 *mtu = L2CAP_MTU_SIZE;
2051 if (p_ccb->our_cfg.mtu_present) *mtu = p_ccb->our_cfg.mtu;
2052
2053 *rcid = p_ccb->remote_cid;
2054 *handle = p_ccb->p_lcb->handle;
2055 return true;
2056 }
2057
2058 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
2059 return false;
2060 }
2061
2062 /*******************************************************************************
2063 *
2064 * Function L2CA_RegForNoCPEvt
2065 *
2066 * Description Register callback for Number of Completed Packets event.
2067 *
2068 * Input Param p_cb - callback for Number of completed packets event
2069 * p_bda - BT address of remote device
2070 *
2071 * Returns true if registered OK, else false
2072 *
2073 ******************************************************************************/
L2CA_RegForNoCPEvt(tL2CA_NOCP_CB * p_cb,const RawAddress & p_bda)2074 bool L2CA_RegForNoCPEvt(tL2CA_NOCP_CB* p_cb, const RawAddress& p_bda) {
2075 tL2C_LCB* p_lcb;
2076
2077 /* Find the link that is associated with this remote bdaddr */
2078 p_lcb = l2cu_find_lcb_by_bd_addr(p_bda, BT_TRANSPORT_BR_EDR);
2079
2080 /* If no link for this handle, nothing to do. */
2081 if (!p_lcb) return false;
2082
2083 p_lcb->p_nocp_cb = p_cb;
2084
2085 return true;
2086 }
2087
2088 /*******************************************************************************
2089 *
2090 * Function L2CA_DataWrite
2091 *
2092 * Description Higher layers call this function to write data.
2093 *
2094 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
2095 * L2CAP_DW_CONGESTED, if data accepted and the channel is
2096 * congested
2097 * L2CAP_DW_FAILED, if error
2098 *
2099 ******************************************************************************/
L2CA_DataWrite(uint16_t cid,BT_HDR * p_data)2100 uint8_t L2CA_DataWrite(uint16_t cid, BT_HDR* p_data) {
2101 L2CAP_TRACE_API("L2CA_DataWrite() CID: 0x%04x Len: %d", cid, p_data->len);
2102 return l2c_data_write(cid, p_data, L2CAP_FLUSHABLE_CH_BASED);
2103 }
2104
2105 /*******************************************************************************
2106 *
2107 * Function L2CA_SetChnlFlushability
2108 *
2109 * Description Higher layers call this function to set a channels
2110 * flushability flags
2111 *
2112 * Returns true if CID found, else false
2113 *
2114 ******************************************************************************/
L2CA_SetChnlFlushability(uint16_t cid,bool is_flushable)2115 bool L2CA_SetChnlFlushability(uint16_t cid, bool is_flushable) {
2116 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
2117
2118 tL2C_CCB* p_ccb;
2119
2120 /* Find the channel control block. We don't know the link it is on. */
2121 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
2122 if (p_ccb == NULL) {
2123 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlFlushability, CID: %d",
2124 cid);
2125 return (false);
2126 }
2127
2128 p_ccb->is_flushable = is_flushable;
2129
2130 L2CAP_TRACE_API("L2CA_SetChnlFlushability() CID: 0x%04x is_flushable: %d",
2131 cid, is_flushable);
2132
2133 #endif
2134
2135 return (true);
2136 }
2137
2138 /*******************************************************************************
2139 *
2140 * Function L2CA_DataWriteEx
2141 *
2142 * Description Higher layers call this function to write data with extended
2143 * flags.
2144 * flags : L2CAP_FLUSHABLE_CH_BASED
2145 * L2CAP_FLUSHABLE_PKT
2146 * L2CAP_NON_FLUSHABLE_PKT
2147 *
2148 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
2149 * L2CAP_DW_CONGESTED, if data accepted and the channel is
2150 * congested
2151 * L2CAP_DW_FAILED, if error
2152 *
2153 ******************************************************************************/
L2CA_DataWriteEx(uint16_t cid,BT_HDR * p_data,uint16_t flags)2154 uint8_t L2CA_DataWriteEx(uint16_t cid, BT_HDR* p_data, uint16_t flags) {
2155 L2CAP_TRACE_API("L2CA_DataWriteEx() CID: 0x%04x Len: %d Flags:0x%04X", cid,
2156 p_data->len, flags);
2157 return l2c_data_write(cid, p_data, flags);
2158 }
2159
2160 /*******************************************************************************
2161 *
2162 * Function L2CA_FlushChannel
2163 *
2164 * Description This function flushes none, some or all buffers queued up
2165 * for xmission for a particular CID. If called with
2166 * L2CAP_FLUSH_CHANS_GET (0), it simply returns the number
2167 * of buffers queued for that CID L2CAP_FLUSH_CHANS_ALL (0xffff)
2168 * flushes all buffers. All other values specifies the maximum
2169 * buffers to flush.
2170 *
2171 * Returns Number of buffers left queued for that CID
2172 *
2173 ******************************************************************************/
L2CA_FlushChannel(uint16_t lcid,uint16_t num_to_flush)2174 uint16_t L2CA_FlushChannel(uint16_t lcid, uint16_t num_to_flush) {
2175 tL2C_CCB* p_ccb;
2176 tL2C_LCB* p_lcb;
2177 uint16_t num_left = 0, num_flushed1 = 0, num_flushed2 = 0;
2178
2179 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
2180
2181 if (!p_ccb || (p_ccb->p_lcb == NULL)) {
2182 L2CAP_TRACE_WARNING(
2183 "L2CA_FlushChannel() abnormally returning 0 CID: 0x%04x", lcid);
2184 return (0);
2185 }
2186 p_lcb = p_ccb->p_lcb;
2187
2188 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
2189 L2CAP_TRACE_API(
2190 "L2CA_FlushChannel (FLUSH) CID: 0x%04x NumToFlush: %d QC: %u "
2191 "pFirst: 0x%08x",
2192 lcid, num_to_flush, fixed_queue_length(p_ccb->xmit_hold_q),
2193 fixed_queue_try_peek_first(p_ccb->xmit_hold_q));
2194 } else {
2195 L2CAP_TRACE_API("L2CA_FlushChannel (QUERY) CID: 0x%04x", lcid);
2196 }
2197
2198 /* Cannot flush eRTM buffers once they have a sequence number */
2199 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
2200 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
2201 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
2202 /* If the controller supports enhanced flush, flush the data queued at the
2203 * controller */
2204 if ((HCI_NON_FLUSHABLE_PB_SUPPORTED(BTM_ReadLocalFeatures())) &&
2205 (BTM_GetNumScoLinks() == 0)) {
2206 if (!l2cb.is_flush_active) {
2207 l2cb.is_flush_active = true;
2208
2209 /* The only packet type defined - 0 - Automatically-Flushable Only */
2210 btsnd_hcic_enhanced_flush(p_lcb->handle, 0);
2211 }
2212 }
2213 }
2214 #endif
2215
2216 // Iterate though list and flush the amount requested from
2217 // the transmit data queue that satisfy the layer and event conditions.
2218 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
2219 (num_to_flush > 0) && node != list_end(p_lcb->link_xmit_data_q);) {
2220 BT_HDR* p_buf = (BT_HDR*)list_node(node);
2221 node = list_next(node);
2222 if ((p_buf->layer_specific == 0) && (p_buf->event == lcid)) {
2223 num_to_flush--;
2224 num_flushed1++;
2225
2226 list_remove(p_lcb->link_xmit_data_q, p_buf);
2227 osi_free(p_buf);
2228 }
2229 }
2230 }
2231
2232 /* If needed, flush buffers in the CCB xmit hold queue */
2233 while ((num_to_flush != 0) && (!fixed_queue_is_empty(p_ccb->xmit_hold_q))) {
2234 BT_HDR* p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_ccb->xmit_hold_q);
2235 osi_free(p_buf);
2236 num_to_flush--;
2237 num_flushed2++;
2238 }
2239
2240 /* If app needs to track all packets, call him */
2241 if ((p_ccb->p_rcb) && (p_ccb->p_rcb->api.pL2CA_TxComplete_Cb) &&
2242 (num_flushed2))
2243 (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, num_flushed2);
2244
2245 /* Now count how many are left */
2246 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
2247 node != list_end(p_lcb->link_xmit_data_q); node = list_next(node)) {
2248 BT_HDR* p_buf = (BT_HDR*)list_node(node);
2249 if (p_buf->event == lcid) num_left++;
2250 }
2251
2252 /* Add in the number in the CCB xmit queue */
2253 num_left += fixed_queue_length(p_ccb->xmit_hold_q);
2254
2255 /* Return the local number of buffers left for the CID */
2256 L2CAP_TRACE_DEBUG("L2CA_FlushChannel() flushed: %u + %u, num_left: %u",
2257 num_flushed1, num_flushed2, num_left);
2258
2259 /* If we were congested, and now we are not, tell the app */
2260 l2cu_check_channel_congestion(p_ccb);
2261
2262 return (num_left);
2263 }
2264