1 /******************************************************************************
2 *
3 * Copyright (C) 2009-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * Filename: hci_h4.c
22 *
23 * Description: Contains HCI transport send/receive functions
24 *
25 ******************************************************************************/
26
27 #define LOG_TAG "bt_h4"
28
29 #include <utils/Log.h>
30 #include <stdlib.h>
31 #include <fcntl.h>
32 #include "bt_hci_bdroid.h"
33 #include "hci.h"
34 #include "userial.h"
35 #include "utils.h"
36
37 /******************************************************************************
38 ** Constants & Macros
39 ******************************************************************************/
40
41 #ifndef HCI_DBG
42 #define HCI_DBG FALSE
43 #endif
44
45 #if (HCI_DBG == TRUE)
46 #define HCIDBG(param, ...) {LOGD(param, ## __VA_ARGS__);}
47 #else
48 #define HCIDBG(param, ...) {}
49 #endif
50
51 /* Preamble length for HCI Commands:
52 ** 2-bytes for opcode and 1 byte for length
53 */
54 #define HCI_CMD_PREAMBLE_SIZE 3
55
56 /* Preamble length for HCI Events:
57 ** 1-byte for opcode and 1 byte for length
58 */
59 #define HCI_EVT_PREAMBLE_SIZE 2
60
61 /* Preamble length for SCO Data:
62 ** 2-byte for Handle and 1 byte for length
63 */
64 #define HCI_SCO_PREAMBLE_SIZE 3
65
66 /* Preamble length for ACL Data:
67 ** 2-byte for Handle and 2 byte for length
68 */
69 #define HCI_ACL_PREAMBLE_SIZE 4
70
71 /* Table of HCI preamble sizes for the different HCI message types */
72 static const uint8_t hci_preamble_table[] =
73 {
74 HCI_CMD_PREAMBLE_SIZE,
75 HCI_ACL_PREAMBLE_SIZE,
76 HCI_SCO_PREAMBLE_SIZE,
77 HCI_EVT_PREAMBLE_SIZE
78 };
79
80 /* HCI H4 message type definitions */
81 #define H4_TYPE_COMMAND 1
82 #define H4_TYPE_ACL_DATA 2
83 #define H4_TYPE_SCO_DATA 3
84 #define H4_TYPE_EVENT 4
85
86 static const uint16_t msg_evt_table[] =
87 {
88 MSG_HC_TO_STACK_HCI_ERR, /* H4_TYPE_COMMAND */
89 MSG_HC_TO_STACK_HCI_ACL, /* H4_TYPE_ACL_DATA */
90 MSG_HC_TO_STACK_HCI_SCO, /* H4_TYPE_SCO_DATA */
91 MSG_HC_TO_STACK_HCI_EVT /* H4_TYPE_EVENT */
92 };
93
94 #define ACL_RX_PKT_START 2
95 #define ACL_RX_PKT_CONTINUE 1
96 #define L2CAP_HEADER_SIZE 4
97
98 /* Maximum numbers of allowed internal
99 ** outstanding command packets at any time
100 */
101 #define INT_CMD_PKT_MAX_COUNT 8
102 #define INT_CMD_PKT_IDX_MASK 0x07
103
104 #define HCI_COMMAND_COMPLETE_EVT 0x0E
105 #define HCI_COMMAND_STATUS_EVT 0x0F
106 #define HCI_READ_BUFFER_SIZE 0x1005
107 #define HCI_LE_READ_BUFFER_SIZE 0x2002
108
109 /******************************************************************************
110 ** Local type definitions
111 ******************************************************************************/
112
113 /* H4 Rx States */
114 typedef enum {
115 H4_RX_MSGTYPE_ST,
116 H4_RX_LEN_ST,
117 H4_RX_DATA_ST,
118 H4_RX_IGNORE_ST
119 } tHCI_H4_RCV_STATE;
120
121 /* Callback function for the returned event of internal issued command */
122 typedef void (*tINT_CMD_CBACK)(void *p_mem);
123
124 typedef struct
125 {
126 uint16_t opcode; /* OPCODE of outstanding internal commands */
127 tINT_CMD_CBACK cback; /* Callback function when return of internal
128 * command is received */
129 } tINT_CMD_Q;
130
131 /* Control block for HCISU_H4 */
132 typedef struct
133 {
134 HC_BT_HDR *p_rcv_msg; /* Buffer to hold current rx HCI message */
135 uint16_t rcv_len; /* Size of current incoming message */
136 uint8_t rcv_msg_type; /* Current incoming message type */
137 tHCI_H4_RCV_STATE rcv_state; /* Receive state of current rx message */
138 uint16_t hc_acl_data_size; /* Controller's max ACL data length */
139 uint16_t hc_ble_acl_data_size; /* Controller's max BLE ACL data length */
140 BUFFER_Q acl_rx_q; /* Queue of base buffers for fragmented ACL pkts */
141 uint8_t preload_count; /* Count numbers of preload bytes */
142 uint8_t preload_buffer[6]; /* HCI_ACL_PREAMBLE_SIZE + 2 */
143 int int_cmd_rsp_pending; /* Num of internal cmds pending for ack */
144 uint8_t int_cmd_rd_idx; /* Read index of int_cmd_opcode queue */
145 uint8_t int_cmd_wrt_idx; /* Write index of int_cmd_opcode queue */
146 tINT_CMD_Q int_cmd[INT_CMD_PKT_MAX_COUNT]; /* FIFO queue */
147 } tHCI_H4_CB;
148
149 /******************************************************************************
150 ** Externs
151 ******************************************************************************/
152
153 extern BUFFER_Q tx_q;
154
155 void btsnoop_init(void);
156 void btsnoop_close(void);
157 void btsnoop_cleanup (void);
158 void btsnoop_capture(HC_BT_HDR *p_buf, uint8_t is_rcvd);
159 uint8_t hci_h4_send_int_cmd(uint16_t opcode, HC_BT_HDR *p_buf, \
160 tINT_CMD_CBACK p_cback);
161 void lpm_wake_assert(void);
162 void lpm_tx_done(uint8_t is_tx_done);
163
164 /******************************************************************************
165 ** Variables
166 ******************************************************************************/
167
168 /* Num of allowed outstanding HCI CMD packets */
169 volatile int num_hci_cmd_pkts = 1;
170
171 /******************************************************************************
172 ** Static variables
173 ******************************************************************************/
174
175 static tHCI_H4_CB h4_cb;
176
177 /******************************************************************************
178 ** Static functions
179 ******************************************************************************/
180
181 /*******************************************************************************
182 **
183 ** Function get_acl_data_length_cback
184 **
185 ** Description Callback function for HCI_READ_BUFFER_SIZE and
186 ** HCI_LE_READ_BUFFER_SIZE commands if they were sent because
187 ** of internal request.
188 **
189 ** Returns None
190 **
191 *******************************************************************************/
get_acl_data_length_cback(void * p_mem)192 void get_acl_data_length_cback(void *p_mem)
193 {
194 uint8_t *p, status;
195 uint16_t opcode, len=0;
196 HC_BT_HDR *p_buf = (HC_BT_HDR *) p_mem;
197
198 p = (uint8_t *)(p_buf + 1) + 3;
199 STREAM_TO_UINT16(opcode, p)
200 status = *p++;
201 if (status == 0) /* Success */
202 STREAM_TO_UINT16(len, p)
203
204 if (opcode == HCI_READ_BUFFER_SIZE)
205 {
206 if (status == 0)
207 h4_cb.hc_acl_data_size = len;
208
209 /* reuse the rx buffer for sending HCI_LE_READ_BUFFER_SIZE command */
210 p_buf->event = MSG_STACK_TO_HC_HCI_CMD;
211 p_buf->offset = 0;
212 p_buf->layer_specific = 0;
213 p_buf->len = 3;
214
215 p = (uint8_t *) (p_buf + 1);
216 UINT16_TO_STREAM(p, HCI_LE_READ_BUFFER_SIZE);
217 *p = 0;
218
219 if ((status = hci_h4_send_int_cmd(HCI_LE_READ_BUFFER_SIZE, p_buf, \
220 get_acl_data_length_cback)) == FALSE)
221 {
222 bt_hc_cbacks->dealloc((TRANSAC) p_buf, (char *) (p_buf + 1));
223 bt_hc_cbacks->postload_cb(NULL, BT_HC_POSTLOAD_SUCCESS);
224 }
225 }
226 else if (opcode == HCI_LE_READ_BUFFER_SIZE)
227 {
228 if (status == 0)
229 h4_cb.hc_ble_acl_data_size = (len) ? len : h4_cb.hc_acl_data_size;
230
231 if (bt_hc_cbacks)
232 {
233 bt_hc_cbacks->dealloc((TRANSAC) p_buf, (char *) (p_buf + 1));
234 ALOGE("vendor lib postload completed");
235 bt_hc_cbacks->postload_cb(NULL, BT_HC_POSTLOAD_SUCCESS);
236 }
237 }
238 }
239
240
241 /*******************************************************************************
242 **
243 ** Function internal_event_intercept
244 **
245 ** Description This function is called to parse received HCI event and
246 ** - update the Num_HCI_Command_Packets
247 ** - intercept the event if it is the result of an early
248 ** issued internal command.
249 **
250 ** Returns TRUE : if the event had been intercepted for internal process
251 ** FALSE : send this event to core stack
252 **
253 *******************************************************************************/
internal_event_intercept(void)254 uint8_t internal_event_intercept(void)
255 {
256 uint8_t *p;
257 uint8_t event_code;
258 uint16_t opcode, len;
259 tHCI_H4_CB *p_cb = &h4_cb;
260
261 p = (uint8_t *)(p_cb->p_rcv_msg + 1);
262
263 event_code = *p++;
264 len = *p++;
265
266 if (event_code == HCI_COMMAND_COMPLETE_EVT)
267 {
268 num_hci_cmd_pkts = *p++;
269
270 if (p_cb->int_cmd_rsp_pending > 0)
271 {
272 STREAM_TO_UINT16(opcode, p)
273
274 if (opcode == p_cb->int_cmd[p_cb->int_cmd_rd_idx].opcode)
275 {
276 HCIDBG( \
277 "Intercept CommandCompleteEvent for internal command (0x%04X)",\
278 opcode);
279 if (p_cb->int_cmd[p_cb->int_cmd_rd_idx].cback != NULL)
280 {
281 p_cb->int_cmd[p_cb->int_cmd_rd_idx].cback(p_cb->p_rcv_msg);
282 }
283 else
284 {
285 // Missing cback function!
286 // Release the p_rcv_msg buffer.
287 if (bt_hc_cbacks)
288 {
289 bt_hc_cbacks->dealloc((TRANSAC) p_cb->p_rcv_msg, \
290 (char *) (p_cb->p_rcv_msg + 1));
291 }
292 }
293 p_cb->int_cmd_rd_idx = ((p_cb->int_cmd_rd_idx+1) & \
294 INT_CMD_PKT_IDX_MASK);
295 p_cb->int_cmd_rsp_pending--;
296 return TRUE;
297 }
298 }
299 }
300 else if (event_code == HCI_COMMAND_STATUS_EVT)
301 {
302 num_hci_cmd_pkts = *(++p);
303 }
304
305 return FALSE;
306 }
307
308 /*******************************************************************************
309 **
310 ** Function acl_rx_frame_buffer_alloc
311 **
312 ** Description This function is called from the HCI transport when the
313 ** first 4 or 6 bytes of an HCI ACL packet have been received:
314 ** - Allocate a new buffer if it is a start pakcet of L2CAP
315 ** message.
316 ** - Return the buffer address of the starting L2CAP message
317 ** frame if the packet is the next segment of a fragmented
318 ** L2CAP message.
319 **
320 ** Returns the address of the receive buffer H4 RX should use
321 ** (CR419: Modified to return NULL in case of error.)
322 **
323 ** NOTE This assumes that the L2CAP MTU size is less than the size
324 ** of an HCI ACL buffer, so the maximum L2CAP message will fit
325 ** into one buffer.
326 **
327 *******************************************************************************/
acl_rx_frame_buffer_alloc(void)328 static HC_BT_HDR *acl_rx_frame_buffer_alloc (void)
329 {
330 uint8_t *p;
331 uint16_t handle;
332 uint16_t hci_len;
333 uint16_t total_len;
334 uint8_t pkt_type;
335 HC_BT_HDR *p_return_buf = NULL;
336 tHCI_H4_CB *p_cb = &h4_cb;
337
338
339 p = p_cb->preload_buffer;
340
341 STREAM_TO_UINT16 (handle, p);
342 STREAM_TO_UINT16 (hci_len, p);
343 STREAM_TO_UINT16 (total_len, p);
344
345 pkt_type = (uint8_t)(((handle) >> 12) & 0x0003);
346 handle = (uint16_t)((handle) & 0x0FFF);
347
348 if (p_cb->acl_rx_q.count)
349 {
350 uint16_t save_handle;
351 HC_BT_HDR *p_hdr = p_cb->acl_rx_q.p_first;
352
353 while (p_hdr != NULL)
354 {
355 p = (uint8_t *)(p_hdr + 1);
356 STREAM_TO_UINT16 (save_handle, p);
357 save_handle = (uint16_t)((save_handle) & 0x0FFF);
358 if (save_handle == handle)
359 {
360 p_return_buf = p_hdr;
361 break;
362 }
363 p_hdr = utils_getnext(p_hdr);
364 }
365 }
366
367 if (pkt_type == ACL_RX_PKT_START) /*** START PACKET ***/
368 {
369 /* Might have read 2 bytes for the L2CAP payload length */
370 p_cb->rcv_len = (hci_len) ? (hci_len - 2) : 0;
371
372 /* Start of packet. If we were in the middle of receiving */
373 /* a packet on the same ACL handle, the original packet is incomplete.
374 * Drop it. */
375 if (p_return_buf)
376 {
377 ALOGW("H4 - dropping incomplete ACL frame");
378
379 utils_remove_from_queue(&(p_cb->acl_rx_q), p_return_buf);
380
381 if (bt_hc_cbacks)
382 {
383 bt_hc_cbacks->dealloc((TRANSAC) p_return_buf, \
384 (char *) (p_return_buf + 1));
385 }
386 p_return_buf = NULL;
387 }
388
389 /* Allocate a buffer for message */
390 if (bt_hc_cbacks)
391 {
392 int len = total_len + HCI_ACL_PREAMBLE_SIZE + L2CAP_HEADER_SIZE + \
393 BT_HC_HDR_SIZE;
394 p_return_buf = (HC_BT_HDR *) bt_hc_cbacks->alloc(len);
395 }
396
397 if (p_return_buf)
398 {
399 /* Initialize buffer with preloaded data */
400 p_return_buf->offset = 0;
401 p_return_buf->layer_specific = 0;
402 p_return_buf->event = MSG_HC_TO_STACK_HCI_ACL;
403 p_return_buf->len = p_cb->preload_count;
404 memcpy((uint8_t *)(p_return_buf + 1), p_cb->preload_buffer, \
405 p_cb->preload_count);
406
407 if (hci_len && ((total_len + L2CAP_HEADER_SIZE) > hci_len))
408 {
409 /* Will expect to see fragmented ACL packets */
410 /* Keep the base buffer address in the watching queue */
411 utils_enqueue(&(p_cb->acl_rx_q), p_return_buf);
412 }
413 }
414 }
415 else /*** CONTINUATION PACKET ***/
416 {
417 p_cb->rcv_len = hci_len;
418
419 if (p_return_buf)
420 {
421 /* Packet continuation and found the original rx buffer */
422 uint8_t *p_f = p = (uint8_t *)(p_return_buf + 1) + 2;
423
424 STREAM_TO_UINT16 (total_len, p);
425
426 /* Update HCI header of first segment (base buffer) with new len */
427 total_len += hci_len;
428 UINT16_TO_STREAM (p_f, total_len);
429 }
430 }
431
432 return (p_return_buf);
433 }
434
435 /*******************************************************************************
436 **
437 ** Function acl_rx_frame_end_chk
438 **
439 ** Description This function is called from the HCI transport when the last
440 ** byte of an HCI ACL packet has been received. It checks if
441 ** the L2CAP message is complete, i.e. no more continuation
442 ** packets are expected.
443 **
444 ** Returns TRUE if message complete, FALSE if continuation expected
445 **
446 *******************************************************************************/
acl_rx_frame_end_chk(void)447 static uint8_t acl_rx_frame_end_chk (void)
448 {
449 uint8_t *p;
450 uint16_t handle, hci_len, l2cap_len;
451 HC_BT_HDR *p_buf;
452 tHCI_H4_CB *p_cb = &h4_cb;
453 uint8_t frame_end=TRUE;
454
455 p_buf = p_cb->p_rcv_msg;
456 p = (uint8_t *)(p_buf + 1);
457
458 STREAM_TO_UINT16 (handle, p);
459 STREAM_TO_UINT16 (hci_len, p);
460 STREAM_TO_UINT16 (l2cap_len, p);
461
462 if (hci_len > 0)
463 {
464 if (l2cap_len > (p_buf->len-(HCI_ACL_PREAMBLE_SIZE+L2CAP_HEADER_SIZE)) )
465 {
466 /* If the L2CAP length has not been reached, tell H4 not to send
467 * this buffer to stack */
468 frame_end = FALSE;
469 }
470 else
471 {
472 /*
473 * The current buffer coulb be in the watching list.
474 * Remove it from the list if it is in.
475 */
476 if (p_cb->acl_rx_q.count)
477 utils_remove_from_queue(&(p_cb->acl_rx_q), p_buf);
478 }
479 }
480
481 /****
482 ** Print snoop trace
483 ****/
484 if (p_buf->offset)
485 {
486 /* CONTINUATION PACKET */
487
488 /* save original p_buf->len content */
489 uint16_t tmp_u16 = p_buf->len;
490
491 /* borrow HCI_ACL_PREAMBLE_SIZE bytes from the payload section */
492 p = (uint8_t *)(p_buf + 1) + p_buf->offset - HCI_ACL_PREAMBLE_SIZE;
493
494 /* save contents */
495 memcpy(p_cb->preload_buffer, p, HCI_ACL_PREAMBLE_SIZE);
496
497 /* Set packet boundary flags to "continuation packet" */
498 handle = (handle & 0xCFFF) | 0x1000;
499
500 /* write handl & length info */
501 UINT16_TO_STREAM (p, handle);
502 UINT16_TO_STREAM (p, (p_buf->len - p_buf->offset));
503
504 /* roll pointer back */
505 p = p - HCI_ACL_PREAMBLE_SIZE;
506
507 /* adjust `p_buf->offset` & `p_buf->len`
508 * before calling btsnoop_capture() */
509 p_buf->offset = p_buf->offset - HCI_ACL_PREAMBLE_SIZE;
510 p_buf->len = p_buf->len - p_buf->offset;
511
512 btsnoop_capture(p_buf, TRUE);
513
514 /* restore contents */
515 memcpy(p, p_cb->preload_buffer, HCI_ACL_PREAMBLE_SIZE);
516
517 /* restore p_buf->len */
518 p_buf->len = tmp_u16;
519 }
520 else
521 {
522 /* START PACKET */
523 btsnoop_capture(p_buf, TRUE);
524 }
525
526 if (frame_end == TRUE)
527 p_buf->offset = 0;
528 else
529 p_buf->offset = p_buf->len; /* save current buffer-end position */
530
531 return frame_end;
532 }
533
534 /*****************************************************************************
535 ** HCI H4 INTERFACE FUNCTIONS
536 *****************************************************************************/
537
538 /*******************************************************************************
539 **
540 ** Function hci_h4_init
541 **
542 ** Description Initialize H4 module
543 **
544 ** Returns None
545 **
546 *******************************************************************************/
hci_h4_init(void)547 void hci_h4_init(void)
548 {
549 HCIDBG("hci_h4_init");
550
551 memset(&h4_cb, 0, sizeof(tHCI_H4_CB));
552 utils_queue_init(&(h4_cb.acl_rx_q));
553
554 /* Per HCI spec., always starts with 1 */
555 num_hci_cmd_pkts = 1;
556
557 /* Give an initial values of Host Controller's ACL data packet length
558 * Will update with an internal HCI(_LE)_Read_Buffer_Size request
559 */
560 h4_cb.hc_acl_data_size = 1021;
561 h4_cb.hc_ble_acl_data_size = 27;
562
563 btsnoop_init();
564 }
565
566 /*******************************************************************************
567 **
568 ** Function hci_h4_cleanup
569 **
570 ** Description Clean H4 module
571 **
572 ** Returns None
573 **
574 *******************************************************************************/
hci_h4_cleanup(void)575 void hci_h4_cleanup(void)
576 {
577 HCIDBG("hci_h4_cleanup");
578
579 btsnoop_close();
580 btsnoop_cleanup();
581 }
582
583 /*******************************************************************************
584 **
585 ** Function hci_h4_send_msg
586 **
587 ** Description Determine message type, set HCI H4 packet indicator, and
588 ** send message through USERIAL driver
589 **
590 ** Returns None
591 **
592 *******************************************************************************/
hci_h4_send_msg(HC_BT_HDR * p_msg)593 void hci_h4_send_msg(HC_BT_HDR *p_msg)
594 {
595 uint8_t type = 0;
596 uint16_t handle;
597 uint16_t bytes_to_send, lay_spec;
598 uint8_t *p = ((uint8_t *)(p_msg + 1)) + p_msg->offset;
599 uint16_t event = p_msg->event & MSG_EVT_MASK;
600 uint16_t sub_event = p_msg->event & MSG_SUB_EVT_MASK;
601 uint16_t acl_pkt_size = 0, acl_data_size = 0;
602 uint16_t bytes_sent;
603
604 /* wake up BT device if its in sleep mode */
605 lpm_wake_assert();
606
607 if (event == MSG_STACK_TO_HC_HCI_ACL)
608 type = H4_TYPE_ACL_DATA;
609 else if (event == MSG_STACK_TO_HC_HCI_SCO)
610 type = H4_TYPE_SCO_DATA;
611 else if (event == MSG_STACK_TO_HC_HCI_CMD)
612 type = H4_TYPE_COMMAND;
613
614 if (sub_event == LOCAL_BR_EDR_CONTROLLER_ID)
615 {
616 acl_data_size = h4_cb.hc_acl_data_size;
617 acl_pkt_size = h4_cb.hc_acl_data_size + HCI_ACL_PREAMBLE_SIZE;
618 }
619 else
620 {
621 acl_data_size = h4_cb.hc_ble_acl_data_size;
622 acl_pkt_size = h4_cb.hc_ble_acl_data_size + HCI_ACL_PREAMBLE_SIZE;
623 }
624
625 /* Check if sending ACL data that needs fragmenting */
626 if ((event == MSG_STACK_TO_HC_HCI_ACL) && (p_msg->len > acl_pkt_size))
627 {
628 /* Get the handle from the packet */
629 STREAM_TO_UINT16 (handle, p);
630
631 /* Set packet boundary flags to "continuation packet" */
632 handle = (handle & 0xCFFF) | 0x1000;
633
634 /* Do all the first chunks */
635 while (p_msg->len > acl_pkt_size)
636 {
637 /* remember layer_specific because uart borrow
638 one byte from layer_specific for packet type */
639 lay_spec = p_msg->layer_specific;
640
641 p = ((uint8_t *)(p_msg + 1)) + p_msg->offset - 1;
642 *p = type;
643 bytes_to_send = acl_pkt_size + 1; /* packet_size + message type */
644
645 bytes_sent = userial_write(event,(uint8_t *) p,bytes_to_send);
646
647 /* generate snoop trace message */
648 btsnoop_capture(p_msg, FALSE);
649
650 p_msg->layer_specific = lay_spec;
651 /* Adjust offset and length for what we just sent */
652 p_msg->offset += acl_data_size;
653 p_msg->len -= acl_data_size;
654
655 p = ((uint8_t *)(p_msg + 1)) + p_msg->offset;
656
657 UINT16_TO_STREAM (p, handle);
658
659 if (p_msg->len > acl_pkt_size)
660 {
661 UINT16_TO_STREAM (p, acl_data_size);
662 }
663 else
664 {
665 UINT16_TO_STREAM (p, p_msg->len - HCI_ACL_PREAMBLE_SIZE);
666 }
667
668 /* If we were only to send partial buffer, stop when done. */
669 /* Send the buffer back to L2CAP to send the rest of it later */
670 if (p_msg->layer_specific)
671 {
672 if (--p_msg->layer_specific == 0)
673 {
674 p_msg->event = MSG_HC_TO_STACK_L2C_SEG_XMIT;
675
676 if (bt_hc_cbacks)
677 {
678 bt_hc_cbacks->tx_result((TRANSAC) p_msg, \
679 (char *) (p_msg + 1), \
680 BT_HC_TX_FRAGMENT);
681 }
682
683 return;
684 }
685 }
686 }
687 }
688
689
690 /* remember layer_specific because uart borrow
691 one byte from layer_specific for packet type */
692 lay_spec = p_msg->layer_specific;
693
694 /* Put the HCI Transport packet type 1 byte before the message */
695 p = ((uint8_t *)(p_msg + 1)) + p_msg->offset - 1;
696 *p = type;
697 bytes_to_send = p_msg->len + 1; /* message_size + message type */
698
699 bytes_sent = userial_write(event,(uint8_t *) p, bytes_to_send);
700
701 p_msg->layer_specific = lay_spec;
702
703 if (event == MSG_STACK_TO_HC_HCI_CMD)
704 {
705 num_hci_cmd_pkts--;
706
707 /* If this is an internal Cmd packet, the layer_specific field would
708 * have stored with the opcode of HCI command.
709 * Retrieve the opcode from the Cmd packet.
710 */
711 p++;
712 STREAM_TO_UINT16(lay_spec, p);
713 }
714
715 /* generate snoop trace message */
716 btsnoop_capture(p_msg, FALSE);
717
718 if (bt_hc_cbacks)
719 {
720 if ((event == MSG_STACK_TO_HC_HCI_CMD) && \
721 (h4_cb.int_cmd_rsp_pending > 0) && \
722 (p_msg->layer_specific == lay_spec))
723 {
724 /* dealloc buffer of internal command */
725 bt_hc_cbacks->dealloc((TRANSAC) p_msg, (char *) (p_msg + 1));
726 }
727 else
728 {
729 bt_hc_cbacks->tx_result((TRANSAC) p_msg, (char *) (p_msg + 1), \
730 BT_HC_TX_SUCCESS);
731 }
732 }
733
734 lpm_tx_done(TRUE);
735
736 return;
737 }
738
739
740 /*******************************************************************************
741 **
742 ** Function hci_h4_receive_msg
743 **
744 ** Description Construct HCI EVENT/ACL packets and send them to stack once
745 ** complete packet has been received.
746 **
747 ** Returns Number of read bytes
748 **
749 *******************************************************************************/
hci_h4_receive_msg(void)750 uint16_t hci_h4_receive_msg(void)
751 {
752 uint16_t bytes_read = 0;
753 uint8_t byte;
754 uint16_t msg_len, len;
755 uint8_t msg_received;
756 tHCI_H4_CB *p_cb=&h4_cb;
757
758 while (TRUE)
759 {
760 /* Read one byte to see if there is anything waiting to be read */
761 if (userial_read(0 /*dummy*/, &byte, 1) == 0)
762 {
763 break;
764 }
765
766 bytes_read++;
767 msg_received = FALSE;
768
769 switch (p_cb->rcv_state)
770 {
771 case H4_RX_MSGTYPE_ST:
772 /* Start of new message */
773 if ((byte < H4_TYPE_ACL_DATA) || (byte > H4_TYPE_EVENT))
774 {
775 /* Unknown HCI message type */
776 /* Drop this byte */
777 ALOGE("[h4] Unknown HCI message type drop this byte 0x%x", byte);
778 break;
779 }
780
781 /* Initialize rx parameters */
782 p_cb->rcv_msg_type = byte;
783 p_cb->rcv_len = hci_preamble_table[byte-1];
784 memset(p_cb->preload_buffer, 0 , 6);
785 p_cb->preload_count = 0;
786 // p_cb->p_rcv_msg = NULL;
787 p_cb->rcv_state = H4_RX_LEN_ST; /* Next, wait for length to come */
788 break;
789
790 case H4_RX_LEN_ST:
791 /* Receiving preamble */
792 p_cb->preload_buffer[p_cb->preload_count++] = byte;
793 p_cb->rcv_len--;
794
795 /* Check if we received entire preamble yet */
796 if (p_cb->rcv_len == 0)
797 {
798 if (p_cb->rcv_msg_type == H4_TYPE_ACL_DATA)
799 {
800 /* ACL data lengths are 16-bits */
801 msg_len = p_cb->preload_buffer[3];
802 msg_len = (msg_len << 8) + p_cb->preload_buffer[2];
803
804 if (msg_len && (p_cb->preload_count == 4))
805 {
806 /* Check if this is a start packet */
807 byte = ((p_cb->preload_buffer[1] >> 4) & 0x03);
808
809 if (byte == ACL_RX_PKT_START)
810 {
811 /*
812 * A start packet & with non-zero data payload length.
813 * We want to read 2 more bytes to get L2CAP payload
814 * length.
815 */
816 p_cb->rcv_len = 2;
817
818 break;
819 }
820 }
821
822 /*
823 * Check for segmented packets. If this is a continuation
824 * packet, then we will continue appending data to the
825 * original rcv buffer.
826 */
827 p_cb->p_rcv_msg = acl_rx_frame_buffer_alloc();
828 }
829 else
830 {
831 /* Received entire preamble.
832 * Length is in the last received byte */
833 msg_len = byte;
834 p_cb->rcv_len = msg_len;
835
836 /* Allocate a buffer for message */
837 if (bt_hc_cbacks)
838 {
839 len = msg_len + p_cb->preload_count + BT_HC_HDR_SIZE;
840 p_cb->p_rcv_msg = \
841 (HC_BT_HDR *) bt_hc_cbacks->alloc(len);
842 }
843
844 if (p_cb->p_rcv_msg)
845 {
846 /* Initialize buffer with preloaded data */
847 p_cb->p_rcv_msg->offset = 0;
848 p_cb->p_rcv_msg->layer_specific = 0;
849 p_cb->p_rcv_msg->event = \
850 msg_evt_table[p_cb->rcv_msg_type-1];
851 p_cb->p_rcv_msg->len = p_cb->preload_count;
852 memcpy((uint8_t *)(p_cb->p_rcv_msg + 1), \
853 p_cb->preload_buffer, p_cb->preload_count);
854 }
855 }
856
857 if (p_cb->p_rcv_msg == NULL)
858 {
859 /* Unable to acquire message buffer. */
860 ALOGE( \
861 "H4: Unable to acquire buffer for incoming HCI message." \
862 );
863
864 if (msg_len == 0)
865 {
866 /* Wait for next message */
867 p_cb->rcv_state = H4_RX_MSGTYPE_ST;
868 }
869 else
870 {
871 /* Ignore rest of the packet */
872 p_cb->rcv_state = H4_RX_IGNORE_ST;
873 }
874
875 break;
876 }
877
878 /* Message length is valid */
879 if (msg_len)
880 {
881 /* Read rest of message */
882 p_cb->rcv_state = H4_RX_DATA_ST;
883 }
884 else
885 {
886 /* Message has no additional parameters.
887 * (Entire message has been received) */
888 if (p_cb->rcv_msg_type == H4_TYPE_ACL_DATA)
889 acl_rx_frame_end_chk(); /* to print snoop trace */
890
891 msg_received = TRUE;
892
893 /* Next, wait for next message */
894 p_cb->rcv_state = H4_RX_MSGTYPE_ST;
895 }
896 }
897 break;
898
899 case H4_RX_DATA_ST:
900 *((uint8_t *)(p_cb->p_rcv_msg + 1) + p_cb->p_rcv_msg->len++) = byte;
901 p_cb->rcv_len--;
902
903 if (p_cb->rcv_len > 0)
904 {
905 /* Read in the rest of the message */
906 len = userial_read(0 /*dummy*/, \
907 ((uint8_t *)(p_cb->p_rcv_msg+1) + p_cb->p_rcv_msg->len), \
908 p_cb->rcv_len);
909 p_cb->p_rcv_msg->len += len;
910 p_cb->rcv_len -= len;
911 bytes_read += len;
912 }
913
914 /* Check if we read in entire message yet */
915 if (p_cb->rcv_len == 0)
916 {
917 /* Received entire packet. */
918 /* Check for segmented l2cap packets */
919 if ((p_cb->rcv_msg_type == H4_TYPE_ACL_DATA) &&
920 !acl_rx_frame_end_chk())
921 {
922 /* Not the end of packet yet. */
923 /* Next, wait for next message */
924 p_cb->rcv_state = H4_RX_MSGTYPE_ST;
925 }
926 else
927 {
928 msg_received = TRUE;
929 /* Next, wait for next message */
930 p_cb->rcv_state = H4_RX_MSGTYPE_ST;
931 }
932 }
933 break;
934
935
936 case H4_RX_IGNORE_ST:
937 /* Ignore reset of packet */
938 p_cb->rcv_len--;
939
940 /* Check if we read in entire message yet */
941 if (p_cb->rcv_len == 0)
942 {
943 /* Next, wait for next message */
944 p_cb->rcv_state = H4_RX_MSGTYPE_ST;
945 }
946 break;
947 }
948
949
950 /* If we received entire message, then send it to the task */
951 if (msg_received)
952 {
953 uint8_t intercepted = FALSE;
954
955 /* generate snoop trace message */
956 /* ACL packet tracing had done in acl_rx_frame_end_chk() */
957 if (p_cb->p_rcv_msg->event != MSG_HC_TO_STACK_HCI_ACL)
958 btsnoop_capture(p_cb->p_rcv_msg, TRUE);
959
960 if (p_cb->p_rcv_msg->event == MSG_HC_TO_STACK_HCI_EVT)
961 intercepted = internal_event_intercept();
962
963 if ((bt_hc_cbacks) && (intercepted == FALSE))
964 {
965 bt_hc_cbacks->data_ind((TRANSAC) p_cb->p_rcv_msg, \
966 (char *) (p_cb->p_rcv_msg + 1), \
967 p_cb->p_rcv_msg->len + BT_HC_HDR_SIZE);
968 }
969 p_cb->p_rcv_msg = NULL;
970 }
971 }
972
973 return (bytes_read);
974 }
975
976
977 /*******************************************************************************
978 **
979 ** Function hci_h4_send_int_cmd
980 **
981 ** Description Place the internal commands (issued internally by vendor lib)
982 ** in the tx_q.
983 **
984 ** Returns TRUE/FALSE
985 **
986 *******************************************************************************/
hci_h4_send_int_cmd(uint16_t opcode,HC_BT_HDR * p_buf,tINT_CMD_CBACK p_cback)987 uint8_t hci_h4_send_int_cmd(uint16_t opcode, HC_BT_HDR *p_buf, \
988 tINT_CMD_CBACK p_cback)
989 {
990 if (h4_cb.int_cmd_rsp_pending > INT_CMD_PKT_MAX_COUNT)
991 {
992 ALOGE( \
993 "Allow only %d outstanding internal commands at a time [Reject 0x%04X]"\
994 , INT_CMD_PKT_MAX_COUNT, opcode);
995 return FALSE;
996 }
997
998 h4_cb.int_cmd_rsp_pending++;
999 h4_cb.int_cmd[h4_cb.int_cmd_wrt_idx].opcode = opcode;
1000 h4_cb.int_cmd[h4_cb.int_cmd_wrt_idx].cback = p_cback;
1001 h4_cb.int_cmd_wrt_idx = ((h4_cb.int_cmd_wrt_idx+1) & INT_CMD_PKT_IDX_MASK);
1002
1003 /* stamp signature to indicate an internal command */
1004 p_buf->layer_specific = opcode;
1005
1006 utils_enqueue(&tx_q, (void *) p_buf);
1007 bthc_signal_event(HC_EVENT_TX);
1008
1009 return TRUE;
1010 }
1011
1012
1013 /*******************************************************************************
1014 **
1015 ** Function hci_h4_get_acl_data_length
1016 **
1017 ** Description Issue HCI_READ_BUFFER_SIZE command to retrieve Controller's
1018 ** ACL data length setting
1019 **
1020 ** Returns None
1021 **
1022 *******************************************************************************/
hci_h4_get_acl_data_length(void)1023 void hci_h4_get_acl_data_length(void)
1024 {
1025 HC_BT_HDR *p_buf = NULL;
1026 uint8_t *p, ret;
1027
1028 if (bt_hc_cbacks)
1029 {
1030 p_buf = (HC_BT_HDR *) bt_hc_cbacks->alloc(BT_HC_HDR_SIZE + \
1031 HCI_CMD_PREAMBLE_SIZE);
1032 }
1033
1034 if (p_buf)
1035 {
1036 p_buf->event = MSG_STACK_TO_HC_HCI_CMD;
1037 p_buf->offset = 0;
1038 p_buf->layer_specific = 0;
1039 p_buf->len = HCI_CMD_PREAMBLE_SIZE;
1040
1041 p = (uint8_t *) (p_buf + 1);
1042 UINT16_TO_STREAM(p, HCI_READ_BUFFER_SIZE);
1043 *p = 0;
1044
1045 if ((ret = hci_h4_send_int_cmd(HCI_READ_BUFFER_SIZE, p_buf, \
1046 get_acl_data_length_cback)) == FALSE)
1047 {
1048 bt_hc_cbacks->dealloc((TRANSAC) p_buf, (char *) (p_buf + 1));
1049 }
1050 else
1051 return;
1052 }
1053
1054 if (bt_hc_cbacks)
1055 {
1056 ALOGE("vendor lib postload aborted");
1057 bt_hc_cbacks->postload_cb(NULL, BT_HC_POSTLOAD_FAIL);
1058 }
1059 }
1060
1061
1062 /******************************************************************************
1063 ** HCI H4 Services interface table
1064 ******************************************************************************/
1065
1066 const tHCI_IF hci_h4_func_table =
1067 {
1068 hci_h4_init,
1069 hci_h4_cleanup,
1070 hci_h4_send_msg,
1071 hci_h4_send_int_cmd,
1072 hci_h4_get_acl_data_length,
1073 hci_h4_receive_msg
1074 };
1075
1076