1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains state machine and action routines for multiplexer
22 * channel of the RFCOMM unit
23 *
24 ******************************************************************************/
25 #include <string.h>
26 #include "bt_common.h"
27 #include "bt_types.h"
28 #include "bt_utils.h"
29 #include "l2c_api.h"
30 #include "l2cdefs.h"
31 #include "osi/include/osi.h"
32 #include "port_api.h"
33 #include "port_int.h"
34 #include "rfc_int.h"
35 #include "rfcdefs.h"
36
37 #define L2CAP_SUCCESS 0
38 #define L2CAP_ERROR 1
39
40 /******************************************************************************/
41 /* L O C A L F U N C T I O N P R O T O T Y P E S */
42 /******************************************************************************/
43 static void rfc_mx_sm_state_idle(tRFC_MCB* p_mcb, uint16_t event, void* p_data);
44 static void rfc_mx_sm_state_wait_conn_cnf(tRFC_MCB* p_mcb, uint16_t event,
45 void* p_data);
46 static void rfc_mx_sm_state_configure(tRFC_MCB* p_mcb, uint16_t event,
47 void* p_data);
48 static void rfc_mx_sm_sabme_wait_ua(tRFC_MCB* p_mcb, uint16_t event,
49 void* p_data);
50 static void rfc_mx_sm_state_wait_sabme(tRFC_MCB* p_mcb, uint16_t event,
51 void* p_data);
52 static void rfc_mx_sm_state_connected(tRFC_MCB* p_mcb, uint16_t event,
53 UNUSED_ATTR void* p_data);
54 static void rfc_mx_sm_state_disc_wait_ua(tRFC_MCB* p_mcb, uint16_t event,
55 void* p_data);
56
57 static void rfc_mx_send_config_req(tRFC_MCB* p_mcb);
58 static void rfc_mx_conf_ind(tRFC_MCB* p_mcb, tL2CAP_CFG_INFO* p_cfg);
59 static void rfc_mx_conf_cnf(tRFC_MCB* p_mcb, tL2CAP_CFG_INFO* p_cfg);
60
61 /*******************************************************************************
62 *
63 * Function rfc_mx_sm_execute
64 *
65 * Description This function sends multiplexor events through the state
66 * machine.
67 *
68 * Returns void
69 *
70 ******************************************************************************/
rfc_mx_sm_execute(tRFC_MCB * p_mcb,uint16_t event,void * p_data)71 void rfc_mx_sm_execute(tRFC_MCB* p_mcb, uint16_t event, void* p_data) {
72 CHECK(p_mcb != nullptr) << __func__ << ": NULL mcb for event " << event;
73 VLOG(1) << __func__ << ": bd_addr=" << p_mcb->bd_addr
74 << ", state=" << std::to_string(p_mcb->state) << ", event=" << event;
75 switch (p_mcb->state) {
76 case RFC_MX_STATE_IDLE:
77 rfc_mx_sm_state_idle(p_mcb, event, p_data);
78 break;
79
80 case RFC_MX_STATE_WAIT_CONN_CNF:
81 rfc_mx_sm_state_wait_conn_cnf(p_mcb, event, p_data);
82 break;
83
84 case RFC_MX_STATE_CONFIGURE:
85 rfc_mx_sm_state_configure(p_mcb, event, p_data);
86 break;
87
88 case RFC_MX_STATE_SABME_WAIT_UA:
89 rfc_mx_sm_sabme_wait_ua(p_mcb, event, p_data);
90 break;
91
92 case RFC_MX_STATE_WAIT_SABME:
93 rfc_mx_sm_state_wait_sabme(p_mcb, event, p_data);
94 break;
95
96 case RFC_MX_STATE_CONNECTED:
97 rfc_mx_sm_state_connected(p_mcb, event, p_data);
98 break;
99
100 case RFC_MX_STATE_DISC_WAIT_UA:
101 rfc_mx_sm_state_disc_wait_ua(p_mcb, event, p_data);
102 break;
103 }
104 }
105
106 /*******************************************************************************
107 *
108 * Function rfc_mx_sm_state_idle
109 *
110 * Description This function handles events when the multiplexer is in
111 * IDLE state. This state exists when connection is being
112 * initially established.
113 *
114 * Returns void
115 *
116 ******************************************************************************/
rfc_mx_sm_state_idle(tRFC_MCB * p_mcb,uint16_t event,void * p_data)117 void rfc_mx_sm_state_idle(tRFC_MCB* p_mcb, uint16_t event, void* p_data) {
118 RFCOMM_TRACE_EVENT("%s: evt %d", __func__, event);
119 switch (event) {
120 case RFC_MX_EVENT_START_REQ: {
121 /* Initialize L2CAP MTU */
122 p_mcb->peer_l2cap_mtu = L2CAP_DEFAULT_MTU - RFCOMM_MIN_OFFSET - 1;
123
124 uint16_t lcid = L2CA_ConnectReq(BT_PSM_RFCOMM, p_mcb->bd_addr);
125 if (lcid == 0) {
126 LOG(ERROR) << __func__ << ": failed to open L2CAP channel for "
127 << p_mcb->bd_addr;
128 rfc_save_lcid_mcb(nullptr, p_mcb->lcid);
129 p_mcb->lcid = 0;
130 PORT_StartCnf(p_mcb, RFCOMM_ERROR);
131 return;
132 }
133 p_mcb->lcid = lcid;
134 /* Save entry for quicker access to mcb based on the LCID */
135 rfc_save_lcid_mcb(p_mcb, p_mcb->lcid);
136
137 p_mcb->state = RFC_MX_STATE_WAIT_CONN_CNF;
138 return;
139 }
140
141 case RFC_MX_EVENT_START_RSP:
142 case RFC_MX_EVENT_CONN_CNF:
143 case RFC_MX_EVENT_CONF_IND:
144 case RFC_MX_EVENT_CONF_CNF:
145 RFCOMM_TRACE_ERROR("Mx error state %d event %d", p_mcb->state, event);
146 return;
147
148 case RFC_MX_EVENT_CONN_IND:
149
150 rfc_timer_start(p_mcb, RFCOMM_CONN_TIMEOUT);
151 L2CA_ConnectRsp(p_mcb->bd_addr, *((uint8_t*)p_data), p_mcb->lcid,
152 L2CAP_CONN_OK, 0);
153
154 rfc_mx_send_config_req(p_mcb);
155
156 p_mcb->state = RFC_MX_STATE_CONFIGURE;
157 return;
158
159 case RFC_EVENT_SABME:
160 break;
161
162 case RFC_EVENT_UA:
163 case RFC_EVENT_DM:
164 return;
165
166 case RFC_EVENT_DISC:
167 rfc_send_dm(p_mcb, RFCOMM_MX_DLCI, true);
168 return;
169
170 case RFC_EVENT_UIH:
171 rfc_send_dm(p_mcb, RFCOMM_MX_DLCI, false);
172 return;
173 }
174 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
175 p_mcb->state);
176 }
177
178 /*******************************************************************************
179 *
180 * Function rfc_mx_sm_state_wait_conn_cnf
181 *
182 * Description This function handles events when the multiplexer is
183 * waiting for Connection Confirm from L2CAP.
184 *
185 * Returns void
186 *
187 ******************************************************************************/
rfc_mx_sm_state_wait_conn_cnf(tRFC_MCB * p_mcb,uint16_t event,void * p_data)188 void rfc_mx_sm_state_wait_conn_cnf(tRFC_MCB* p_mcb, uint16_t event,
189 void* p_data) {
190 RFCOMM_TRACE_EVENT("%s: evt %d", __func__, event);
191 switch (event) {
192 case RFC_MX_EVENT_START_REQ:
193 RFCOMM_TRACE_ERROR("Mx error state %d event %d", p_mcb->state, event);
194 return;
195
196 /* There is some new timing so that Config Ind comes before security is
197 completed
198 so we are still waiting fo the confirmation. */
199 case RFC_MX_EVENT_CONF_IND:
200 rfc_mx_conf_ind(p_mcb, (tL2CAP_CFG_INFO*)p_data);
201 return;
202
203 case RFC_MX_EVENT_CONN_CNF:
204 if (*((uint16_t*)p_data) != L2CAP_SUCCESS) {
205 p_mcb->state = RFC_MX_STATE_IDLE;
206
207 PORT_StartCnf(p_mcb, *((uint16_t*)p_data));
208 return;
209 }
210 p_mcb->state = RFC_MX_STATE_CONFIGURE;
211 rfc_mx_send_config_req(p_mcb);
212 return;
213
214 case RFC_MX_EVENT_DISC_IND:
215 p_mcb->state = RFC_MX_STATE_IDLE;
216 PORT_CloseInd(p_mcb);
217 return;
218
219 case RFC_EVENT_TIMEOUT:
220 p_mcb->state = RFC_MX_STATE_IDLE;
221 L2CA_DisconnectReq(p_mcb->lcid);
222
223 /* we gave up outgoing connection request then try peer's request */
224 if (p_mcb->pending_lcid) {
225 uint16_t i;
226 uint8_t handle;
227
228 RFCOMM_TRACE_DEBUG(
229 "RFCOMM MX retry as acceptor in collision case - evt:%d in "
230 "state:%d",
231 event, p_mcb->state);
232
233 rfc_save_lcid_mcb(NULL, p_mcb->lcid);
234 p_mcb->lcid = p_mcb->pending_lcid;
235 rfc_save_lcid_mcb(p_mcb, p_mcb->lcid);
236
237 p_mcb->is_initiator = false;
238
239 /* update direction bit */
240 for (i = 0; i < RFCOMM_MAX_DLCI; i += 2) {
241 handle = p_mcb->port_handles[i];
242 if (handle != 0) {
243 p_mcb->port_handles[i] = 0;
244 p_mcb->port_handles[i + 1] = handle;
245 rfc_cb.port.port[handle - 1].dlci += 1;
246 RFCOMM_TRACE_DEBUG("RFCOMM MX - DLCI:%d -> %d", i,
247 rfc_cb.port.port[handle - 1].dlci);
248 }
249 }
250
251 rfc_mx_sm_execute(p_mcb, RFC_MX_EVENT_CONN_IND, &(p_mcb->pending_id));
252 } else {
253 PORT_CloseInd(p_mcb);
254 }
255 return;
256 }
257 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
258 p_mcb->state);
259 }
260
261 /*******************************************************************************
262 *
263 * Function rfc_mx_sm_state_configure
264 *
265 * Description This function handles events when the multiplexer in the
266 * configuration state.
267 *
268 * Returns void
269 *
270 ******************************************************************************/
rfc_mx_sm_state_configure(tRFC_MCB * p_mcb,uint16_t event,void * p_data)271 void rfc_mx_sm_state_configure(tRFC_MCB* p_mcb, uint16_t event, void* p_data) {
272 RFCOMM_TRACE_EVENT("%s: event %d", __func__, event);
273 switch (event) {
274 case RFC_MX_EVENT_START_REQ:
275 case RFC_MX_EVENT_CONN_CNF:
276
277 RFCOMM_TRACE_ERROR("Mx error state %d event %d", p_mcb->state, event);
278 return;
279
280 case RFC_MX_EVENT_CONF_IND:
281 rfc_mx_conf_ind(p_mcb, (tL2CAP_CFG_INFO*)p_data);
282 return;
283
284 case RFC_MX_EVENT_CONF_CNF:
285 rfc_mx_conf_cnf(p_mcb, (tL2CAP_CFG_INFO*)p_data);
286 return;
287
288 case RFC_MX_EVENT_DISC_IND:
289 p_mcb->state = RFC_MX_STATE_IDLE;
290 PORT_CloseInd(p_mcb);
291 return;
292
293 case RFC_EVENT_TIMEOUT:
294 LOG(ERROR) << __func__ << ": L2CAP configuration timeout for "
295 << p_mcb->bd_addr;
296 p_mcb->state = RFC_MX_STATE_IDLE;
297 L2CA_DisconnectReq(p_mcb->lcid);
298
299 PORT_StartCnf(p_mcb, RFCOMM_ERROR);
300 return;
301 }
302 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
303 p_mcb->state);
304 }
305
306 /*******************************************************************************
307 *
308 * Function rfc_mx_sm_sabme_wait_ua
309 *
310 * Description This function handles events when the multiplexer sent
311 * SABME and is waiting for UA reply.
312 *
313 * Returns void
314 *
315 ******************************************************************************/
rfc_mx_sm_sabme_wait_ua(tRFC_MCB * p_mcb,uint16_t event,UNUSED_ATTR void * p_data)316 void rfc_mx_sm_sabme_wait_ua(tRFC_MCB* p_mcb, uint16_t event,
317 UNUSED_ATTR void* p_data) {
318 RFCOMM_TRACE_EVENT("%s: event %d", __func__, event);
319 switch (event) {
320 case RFC_MX_EVENT_START_REQ:
321 case RFC_MX_EVENT_CONN_CNF:
322 RFCOMM_TRACE_ERROR("Mx error state %d event %d", p_mcb->state, event);
323 return;
324
325 /* workaround: we don't support reconfig */
326 /* commented out until we support reconfig
327 case RFC_MX_EVENT_CONF_IND:
328 rfc_mx_conf_ind (p_mcb, (tL2CAP_CFG_INFO *)p_data);
329 return;
330
331 case RFC_MX_EVENT_CONF_CNF:
332 rfc_mx_conf_cnf (p_mcb, (tL2CAP_CFG_INFO *)p_data);
333 return;
334 */
335
336 case RFC_MX_EVENT_DISC_IND:
337 p_mcb->state = RFC_MX_STATE_IDLE;
338 PORT_CloseInd(p_mcb);
339 return;
340
341 case RFC_EVENT_UA:
342 rfc_timer_stop(p_mcb);
343
344 p_mcb->state = RFC_MX_STATE_CONNECTED;
345 p_mcb->peer_ready = true;
346
347 PORT_StartCnf(p_mcb, RFCOMM_SUCCESS);
348 return;
349
350 case RFC_EVENT_DM:
351 rfc_timer_stop(p_mcb);
352 FALLTHROUGH_INTENDED; /* FALLTHROUGH */
353
354 case RFC_MX_EVENT_CONF_IND: /* workaround: we don't support reconfig */
355 case RFC_MX_EVENT_CONF_CNF: /* workaround: we don't support reconfig */
356 case RFC_EVENT_TIMEOUT:
357 p_mcb->state = RFC_MX_STATE_IDLE;
358 L2CA_DisconnectReq(p_mcb->lcid);
359
360 PORT_StartCnf(p_mcb, RFCOMM_ERROR);
361 return;
362 }
363 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
364 p_mcb->state);
365 }
366
367 /*******************************************************************************
368 *
369 * Function rfc_mx_sm_state_wait_sabme
370 *
371 * Description This function handles events when the multiplexer is
372 * waiting for SABME on the acceptor side after configuration
373 *
374 * Returns void
375 *
376 ******************************************************************************/
rfc_mx_sm_state_wait_sabme(tRFC_MCB * p_mcb,uint16_t event,void * p_data)377 void rfc_mx_sm_state_wait_sabme(tRFC_MCB* p_mcb, uint16_t event, void* p_data) {
378 RFCOMM_TRACE_EVENT("%s: event %d", __func__, event);
379 switch (event) {
380 case RFC_MX_EVENT_DISC_IND:
381 p_mcb->state = RFC_MX_STATE_IDLE;
382 PORT_CloseInd(p_mcb);
383 return;
384
385 case RFC_EVENT_SABME:
386 /* if we gave up outgoing connection request */
387 if (p_mcb->pending_lcid) {
388 p_mcb->pending_lcid = 0;
389
390 rfc_send_ua(p_mcb, RFCOMM_MX_DLCI);
391
392 rfc_timer_stop(p_mcb);
393 p_mcb->state = RFC_MX_STATE_CONNECTED;
394 p_mcb->peer_ready = true;
395
396 /* MX channel collision has been resolved, continue to open ports */
397 PORT_StartCnf(p_mcb, RFCOMM_SUCCESS);
398 } else {
399 rfc_timer_stop(p_mcb);
400 PORT_StartInd(p_mcb);
401 }
402 return;
403
404 case RFC_MX_EVENT_START_RSP:
405 if (*((uint16_t*)p_data) != RFCOMM_SUCCESS)
406 rfc_send_dm(p_mcb, RFCOMM_MX_DLCI, true);
407 else {
408 rfc_send_ua(p_mcb, RFCOMM_MX_DLCI);
409
410 p_mcb->state = RFC_MX_STATE_CONNECTED;
411 p_mcb->peer_ready = true;
412 PORT_StartCnf(p_mcb, RFCOMM_SUCCESS);
413 }
414 return;
415
416 case RFC_MX_EVENT_CONF_IND: /* workaround: we don't support reconfig */
417 case RFC_MX_EVENT_CONF_CNF: /* workaround: we don't support reconfig */
418 case RFC_EVENT_TIMEOUT:
419 p_mcb->state = RFC_MX_STATE_IDLE;
420 L2CA_DisconnectReq(p_mcb->lcid);
421
422 PORT_CloseInd(p_mcb);
423 return;
424 }
425 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
426 p_mcb->state);
427 }
428
429 /*******************************************************************************
430 *
431 * Function rfc_mx_sm_state_connected
432 *
433 * Description This function handles events when the multiplexer is
434 * in the CONNECTED state
435 *
436 * Returns void
437 *
438 ******************************************************************************/
rfc_mx_sm_state_connected(tRFC_MCB * p_mcb,uint16_t event,UNUSED_ATTR void * p_data)439 void rfc_mx_sm_state_connected(tRFC_MCB* p_mcb, uint16_t event,
440 UNUSED_ATTR void* p_data) {
441 RFCOMM_TRACE_EVENT("%s: event %d", __func__, event);
442
443 switch (event) {
444 case RFC_EVENT_TIMEOUT:
445 case RFC_MX_EVENT_CLOSE_REQ:
446 rfc_timer_start(p_mcb, RFC_DISC_TIMEOUT);
447 p_mcb->state = RFC_MX_STATE_DISC_WAIT_UA;
448 rfc_send_disc(p_mcb, RFCOMM_MX_DLCI);
449 return;
450
451 case RFC_MX_EVENT_DISC_IND:
452 p_mcb->state = RFC_MX_STATE_IDLE;
453 PORT_CloseInd(p_mcb);
454 return;
455
456 case RFC_EVENT_DISC:
457 /* Reply with UA. If initiator bring down L2CAP connection */
458 /* If server wait for some time if client decide to reinitiate channel */
459 rfc_send_ua(p_mcb, RFCOMM_MX_DLCI);
460 if (p_mcb->is_initiator) {
461 L2CA_DisconnectReq(p_mcb->lcid);
462 }
463 /* notify all ports that connection is gone */
464 PORT_CloseInd(p_mcb);
465 return;
466 }
467 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
468 p_mcb->state);
469 }
470
471 /*******************************************************************************
472 *
473 * Function rfc_mx_sm_state_disc_wait_ua
474 *
475 * Description This function handles events when the multiplexer sent
476 * DISC and is waiting for UA reply.
477 *
478 * Returns void
479 *
480 ******************************************************************************/
rfc_mx_sm_state_disc_wait_ua(tRFC_MCB * p_mcb,uint16_t event,void * p_data)481 void rfc_mx_sm_state_disc_wait_ua(tRFC_MCB* p_mcb, uint16_t event,
482 void* p_data) {
483 BT_HDR* p_buf;
484
485 RFCOMM_TRACE_EVENT("%s: event %d", __func__, event);
486 switch (event) {
487 case RFC_EVENT_UA:
488 case RFC_EVENT_DM:
489 case RFC_EVENT_TIMEOUT:
490 L2CA_DisconnectReq(p_mcb->lcid);
491
492 if (p_mcb->restart_required) {
493 /* Start Request was received while disconnecting. Execute it again */
494 uint16_t lcid = L2CA_ConnectReq(BT_PSM_RFCOMM, p_mcb->bd_addr);
495 if (lcid == 0) {
496 rfc_save_lcid_mcb(NULL, p_mcb->lcid);
497 p_mcb->lcid = 0;
498 PORT_StartCnf(p_mcb, RFCOMM_ERROR);
499 return;
500 }
501 p_mcb->lcid = lcid;
502 /* Save entry for quicker access to mcb based on the LCID */
503 rfc_save_lcid_mcb(p_mcb, p_mcb->lcid);
504
505 /* clean up before reuse it */
506 while ((p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_mcb->cmd_q)) != NULL)
507 osi_free(p_buf);
508
509 rfc_timer_start(p_mcb, RFC_MCB_INIT_INACT_TIMER);
510
511 p_mcb->is_initiator = true;
512 p_mcb->restart_required = false;
513 p_mcb->local_cfg_sent = false;
514 p_mcb->peer_cfg_rcvd = false;
515
516 p_mcb->state = RFC_MX_STATE_WAIT_CONN_CNF;
517 return;
518 }
519 rfc_release_multiplexer_channel(p_mcb);
520 return;
521
522 case RFC_EVENT_DISC:
523 rfc_send_ua(p_mcb, RFCOMM_MX_DLCI);
524 return;
525
526 case RFC_EVENT_UIH:
527 osi_free(p_data);
528 rfc_send_dm(p_mcb, RFCOMM_MX_DLCI, false);
529 return;
530
531 case RFC_MX_EVENT_START_REQ:
532 p_mcb->restart_required = true;
533 return;
534
535 case RFC_MX_EVENT_DISC_IND:
536 p_mcb->state = RFC_MX_STATE_IDLE;
537 PORT_CloseInd(p_mcb);
538 return;
539
540 case RFC_MX_EVENT_CLOSE_REQ:
541 return;
542
543 case RFC_MX_EVENT_QOS_VIOLATION_IND:
544 break;
545 }
546 RFCOMM_TRACE_EVENT("RFCOMM MX ignored - evt:%d in state:%d", event,
547 p_mcb->state);
548 }
549
550 /*******************************************************************************
551 *
552 * Function rfc_mx_send_config_req
553 *
554 * Description This function handles L2CA_ConnectInd message from the
555 * L2CAP. Accept connection.
556 *
557 ******************************************************************************/
rfc_mx_send_config_req(tRFC_MCB * p_mcb)558 static void rfc_mx_send_config_req(tRFC_MCB* p_mcb) {
559 RFCOMM_TRACE_EVENT("rfc_mx_send_config_req");
560 tL2CAP_CFG_INFO cfg = {};
561 cfg.mtu_present = true;
562 cfg.mtu = L2CAP_MTU_SIZE;
563
564 /* Defaults set by memset
565 cfg.flush_to_present = false;
566 cfg.qos_present = false;
567 cfg.fcr_present = false;
568 cfg.fcr.mode = L2CAP_FCR_BASIC_MODE;
569 cfg.fcs_present = false;
570 cfg.fcs = N/A when fcs_present is false;
571 */
572 L2CA_ConfigReq(p_mcb->lcid, &cfg);
573 }
574
575 /*******************************************************************************
576 *
577 * Function rfc_mx_conf_cnf
578 *
579 * Description This function handles L2CA_ConfigCnf message from the
580 * L2CAP. If result is not success tell upper layer that
581 * start has not been accepted. If initiator send SABME
582 * on DLCI 0. T1 is still running.
583 *
584 ******************************************************************************/
rfc_mx_conf_cnf(tRFC_MCB * p_mcb,tL2CAP_CFG_INFO * p_cfg)585 static void rfc_mx_conf_cnf(tRFC_MCB* p_mcb, tL2CAP_CFG_INFO* p_cfg) {
586 RFCOMM_TRACE_EVENT("rfc_mx_conf_cnf p_cfg:%08x result:%d ", p_cfg,
587 (p_cfg) ? p_cfg->result : 0);
588
589 if (p_cfg->result != L2CAP_CFG_OK) {
590 LOG(ERROR) << __func__ << ": failed to configure L2CAP for "
591 << p_mcb->bd_addr;
592 if (p_mcb->is_initiator) {
593 LOG(ERROR) << __func__ << ": disconnect L2CAP due to config failure for "
594 << p_mcb->bd_addr;
595 PORT_StartCnf(p_mcb, p_cfg->result);
596 L2CA_DisconnectReq(p_mcb->lcid);
597 }
598 rfc_release_multiplexer_channel(p_mcb);
599 return;
600 }
601
602 p_mcb->local_cfg_sent = true;
603 if ((p_mcb->state == RFC_MX_STATE_CONFIGURE) && p_mcb->peer_cfg_rcvd) {
604 if (p_mcb->is_initiator) {
605 p_mcb->state = RFC_MX_STATE_SABME_WAIT_UA;
606 rfc_send_sabme(p_mcb, RFCOMM_MX_DLCI);
607 rfc_timer_start(p_mcb, RFC_T1_TIMEOUT);
608 } else {
609 p_mcb->state = RFC_MX_STATE_WAIT_SABME;
610 rfc_timer_start(
611 p_mcb, RFCOMM_CONN_TIMEOUT); /* - increased from T2=20 to CONN=120
612 to allow the user more than 10 sec to type in the
613 pin which can be e.g. 16 digits */
614 }
615 }
616 }
617
618 /*******************************************************************************
619 *
620 * Function rfc_mx_conf_ind
621 *
622 * Description This function handles L2CA_ConfigInd message from the
623 * L2CAP. Send the L2CA_ConfigRsp message.
624 *
625 ******************************************************************************/
rfc_mx_conf_ind(tRFC_MCB * p_mcb,tL2CAP_CFG_INFO * p_cfg)626 static void rfc_mx_conf_ind(tRFC_MCB* p_mcb, tL2CAP_CFG_INFO* p_cfg) {
627 /* Save peer L2CAP MTU if present */
628 /* RFCOMM adds 3-4 bytes in the beginning and 1 bytes FCS */
629 if (p_cfg->mtu_present) {
630 p_mcb->peer_l2cap_mtu = p_cfg->mtu - RFCOMM_MIN_OFFSET - 1;
631 } else {
632 p_mcb->peer_l2cap_mtu = L2CAP_DEFAULT_MTU - RFCOMM_MIN_OFFSET - 1;
633 }
634
635 p_cfg->mtu_present = false;
636 p_cfg->flush_to_present = false;
637 p_cfg->qos_present = false;
638
639 p_cfg->result = L2CAP_CFG_OK;
640
641 L2CA_ConfigRsp(p_mcb->lcid, p_cfg);
642
643 p_mcb->peer_cfg_rcvd = true;
644 if ((p_mcb->state == RFC_MX_STATE_CONFIGURE) && p_mcb->local_cfg_sent) {
645 if (p_mcb->is_initiator) {
646 p_mcb->state = RFC_MX_STATE_SABME_WAIT_UA;
647 rfc_send_sabme(p_mcb, RFCOMM_MX_DLCI);
648 rfc_timer_start(p_mcb, RFC_T1_TIMEOUT);
649 } else {
650 p_mcb->state = RFC_MX_STATE_WAIT_SABME;
651 rfc_timer_start(
652 p_mcb, RFCOMM_CONN_TIMEOUT); /* - increased from T2=20 to CONN=120
653 to allow the user more than 10 sec to type in the
654 pin which can be e.g. 16 digits */
655 }
656 }
657 }
658