1 /******************************************************************************
2 *
3 * Copyright (C) 2009-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * this file contains functions relating to BLE management.
22 *
23 ******************************************************************************/
24
25 #include <string.h>
26 #include "bt_target.h"
27 #include "bt_utils.h"
28 #include "l2cdefs.h"
29 #include "l2c_int.h"
30 #include "btu.h"
31 #include "btm_int.h"
32 #include "hcimsgs.h"
33 #include "device/include/controller.h"
34 #include "stack_config.h"
35 #include "btif_debug_l2c.h"
36
37 #if (BLE_INCLUDED == TRUE)
38
39 extern fixed_queue_t *btu_general_alarm_queue;
40
41 static void l2cble_start_conn_update (tL2C_LCB *p_lcb);
42
43 /*******************************************************************************
44 **
45 ** Function L2CA_CancelBleConnectReq
46 **
47 ** Description Cancel a pending connection attempt to a BLE device.
48 **
49 ** Parameters: BD Address of remote
50 **
51 ** Return value: TRUE if connection was cancelled
52 **
53 *******************************************************************************/
L2CA_CancelBleConnectReq(BD_ADDR rem_bda)54 BOOLEAN L2CA_CancelBleConnectReq (BD_ADDR rem_bda)
55 {
56 tL2C_LCB *p_lcb;
57
58 /* There can be only one BLE connection request outstanding at a time */
59 if (btm_ble_get_conn_st() == BLE_CONN_IDLE)
60 {
61 L2CAP_TRACE_WARNING ("L2CA_CancelBleConnectReq - no connection pending");
62 return(FALSE);
63 }
64
65 if (memcmp (rem_bda, l2cb.ble_connecting_bda, BD_ADDR_LEN))
66 {
67 L2CAP_TRACE_WARNING ("L2CA_CancelBleConnectReq - different BDA Connecting: %08x%04x Cancel: %08x%04x",
68 (l2cb.ble_connecting_bda[0]<<24)+(l2cb.ble_connecting_bda[1]<<16)+(l2cb.ble_connecting_bda[2]<<8)+l2cb.ble_connecting_bda[3],
69 (l2cb.ble_connecting_bda[4]<<8)+l2cb.ble_connecting_bda[5],
70 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3], (rem_bda[4]<<8)+rem_bda[5]);
71
72 return(FALSE);
73 }
74
75 if (btsnd_hcic_ble_create_conn_cancel())
76 {
77 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, BT_TRANSPORT_LE);
78 /* Do not remove lcb if an LE link is already up as a peripheral */
79 if (p_lcb != NULL &&
80 !(p_lcb->link_role == HCI_ROLE_SLAVE && btm_bda_to_acl(rem_bda, BT_TRANSPORT_LE) != NULL))
81 {
82 p_lcb->disc_reason = L2CAP_CONN_CANCEL;
83 l2cu_release_lcb (p_lcb);
84 }
85 /* update state to be cancel, wait for connection cancel complete */
86 btm_ble_set_conn_st (BLE_CONN_CANCEL);
87
88 return(TRUE);
89 }
90 else
91 return(FALSE);
92 }
93
94 /*******************************************************************************
95 **
96 ** Function L2CA_UpdateBleConnParams
97 **
98 ** Description Update BLE connection parameters.
99 **
100 ** Parameters: BD Address of remote
101 **
102 ** Return value: TRUE if update started
103 **
104 *******************************************************************************/
L2CA_UpdateBleConnParams(BD_ADDR rem_bda,UINT16 min_int,UINT16 max_int,UINT16 latency,UINT16 timeout)105 BOOLEAN L2CA_UpdateBleConnParams (BD_ADDR rem_bda, UINT16 min_int, UINT16 max_int,
106 UINT16 latency, UINT16 timeout)
107 {
108 tL2C_LCB *p_lcb;
109 tACL_CONN *p_acl_cb = btm_bda_to_acl(rem_bda, BT_TRANSPORT_LE);
110
111 /* See if we have a link control block for the remote device */
112 p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, BT_TRANSPORT_LE);
113
114 /* If we don't have one, create one and accept the connection. */
115 if (!p_lcb || !p_acl_cb)
116 {
117 L2CAP_TRACE_WARNING ("L2CA_UpdateBleConnParams - unknown BD_ADDR %08x%04x",
118 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
119 (rem_bda[4]<<8)+rem_bda[5]);
120 return(FALSE);
121 }
122
123 if (p_lcb->transport != BT_TRANSPORT_LE)
124 {
125 L2CAP_TRACE_WARNING ("L2CA_UpdateBleConnParams - BD_ADDR %08x%04x not LE",
126 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
127 (rem_bda[4]<<8)+rem_bda[5]);
128 return(FALSE);
129 }
130
131 p_lcb->min_interval = min_int;
132 p_lcb->max_interval = max_int;
133 p_lcb->latency = latency;
134 p_lcb->timeout = timeout;
135 p_lcb->conn_update_mask |= L2C_BLE_NEW_CONN_PARAM;
136
137 l2cble_start_conn_update(p_lcb);
138
139 return(TRUE);
140 }
141
142
143 /*******************************************************************************
144 **
145 ** Function L2CA_EnableUpdateBleConnParams
146 **
147 ** Description Enable or disable update based on the request from the peer
148 **
149 ** Parameters: BD Address of remote
150 **
151 ** Return value: TRUE if update started
152 **
153 *******************************************************************************/
L2CA_EnableUpdateBleConnParams(BD_ADDR rem_bda,BOOLEAN enable)154 BOOLEAN L2CA_EnableUpdateBleConnParams (BD_ADDR rem_bda, BOOLEAN enable)
155 {
156 if (stack_config_get_interface()->get_pts_conn_updates_disabled())
157 return false;
158
159 tL2C_LCB *p_lcb;
160
161 /* See if we have a link control block for the remote device */
162 p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, BT_TRANSPORT_LE);
163
164 if (!p_lcb)
165 {
166 L2CAP_TRACE_WARNING ("L2CA_EnableUpdateBleConnParams - unknown BD_ADDR %08x%04x",
167 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
168 (rem_bda[4]<<8)+rem_bda[5]);
169 return (FALSE);
170 }
171
172 L2CAP_TRACE_API ("%s - BD_ADDR %08x%04x enable %d current upd state 0x%02x",__FUNCTION__,
173 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
174 (rem_bda[4]<<8)+rem_bda[5], enable, p_lcb->conn_update_mask);
175
176 if (p_lcb->transport != BT_TRANSPORT_LE)
177 {
178 L2CAP_TRACE_WARNING ("%s - BD_ADDR %08x%04x not LE (link role %d)", __FUNCTION__,
179 (rem_bda[0]<<24)+(rem_bda[1]<<16)+(rem_bda[2]<<8)+rem_bda[3],
180 (rem_bda[4]<<8)+rem_bda[5], p_lcb->link_role);
181 return (FALSE);
182 }
183
184 if (enable)
185 p_lcb->conn_update_mask &= ~L2C_BLE_CONN_UPDATE_DISABLE;
186 else
187 p_lcb->conn_update_mask |= L2C_BLE_CONN_UPDATE_DISABLE;
188
189 l2cble_start_conn_update(p_lcb);
190
191 return (TRUE);
192 }
193
194
195 /*******************************************************************************
196 **
197 ** Function L2CA_GetBleConnRole
198 **
199 ** Description This function returns the connection role.
200 **
201 ** Returns link role.
202 **
203 *******************************************************************************/
L2CA_GetBleConnRole(BD_ADDR bd_addr)204 UINT8 L2CA_GetBleConnRole (BD_ADDR bd_addr)
205 {
206 UINT8 role = HCI_ROLE_UNKNOWN;
207
208 tL2C_LCB *p_lcb;
209
210 if ((p_lcb = l2cu_find_lcb_by_bd_addr (bd_addr, BT_TRANSPORT_LE)) != NULL)
211 role = p_lcb->link_role;
212
213 return role;
214 }
215 /*******************************************************************************
216 **
217 ** Function L2CA_GetDisconnectReason
218 **
219 ** Description This function returns the disconnect reason code.
220 **
221 ** Returns disconnect reason
222 **
223 *******************************************************************************/
L2CA_GetDisconnectReason(BD_ADDR remote_bda,tBT_TRANSPORT transport)224 UINT16 L2CA_GetDisconnectReason (BD_ADDR remote_bda, tBT_TRANSPORT transport)
225 {
226 tL2C_LCB *p_lcb;
227 UINT16 reason = 0;
228
229 if ((p_lcb = l2cu_find_lcb_by_bd_addr (remote_bda, transport)) != NULL)
230 reason = p_lcb->disc_reason;
231
232 L2CAP_TRACE_DEBUG ("L2CA_GetDisconnectReason=%d ",reason);
233
234 return reason;
235 }
236
237 /*******************************************************************************
238 **
239 ** Function l2cble_notify_le_connection
240 **
241 ** Description This function notifiy the l2cap connection to the app layer
242 **
243 ** Returns none
244 **
245 *******************************************************************************/
l2cble_notify_le_connection(BD_ADDR bda)246 void l2cble_notify_le_connection (BD_ADDR bda)
247 {
248 tL2C_LCB *p_lcb = l2cu_find_lcb_by_bd_addr (bda, BT_TRANSPORT_LE);
249 tACL_CONN *p_acl = btm_bda_to_acl(bda, BT_TRANSPORT_LE) ;
250 tL2C_CCB *p_ccb;
251
252 if (p_lcb != NULL && p_acl != NULL && p_lcb->link_state != LST_CONNECTED)
253 {
254 /* update link status */
255 btm_establish_continue(p_acl);
256 /* update l2cap link status and send callback */
257 p_lcb->link_state = LST_CONNECTED;
258 l2cu_process_fixed_chnl_resp (p_lcb);
259 }
260
261 if (p_lcb != NULL) {
262 /* For all channels, send the event through their FSMs */
263 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb)
264 {
265 if (p_ccb->chnl_state == CST_CLOSED)
266 l2c_csm_execute (p_ccb, L2CEVT_LP_CONNECT_CFM, NULL);
267 }
268 }
269 }
270
271 /*******************************************************************************
272 **
273 ** Function l2cble_scanner_conn_comp
274 **
275 ** Description This function is called when an HCI Connection Complete
276 ** event is received while we are a scanner (so we are master).
277 **
278 ** Returns void
279 **
280 *******************************************************************************/
l2cble_scanner_conn_comp(UINT16 handle,BD_ADDR bda,tBLE_ADDR_TYPE type,UINT16 conn_interval,UINT16 conn_latency,UINT16 conn_timeout)281 void l2cble_scanner_conn_comp (UINT16 handle, BD_ADDR bda, tBLE_ADDR_TYPE type,
282 UINT16 conn_interval, UINT16 conn_latency, UINT16 conn_timeout)
283 {
284 tL2C_LCB *p_lcb;
285 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_or_alloc_dev (bda);
286
287 L2CAP_TRACE_DEBUG ("l2cble_scanner_conn_comp: HANDLE=%d addr_type=%d conn_interval=%d slave_latency=%d supervision_tout=%d",
288 handle, type, conn_interval, conn_latency, conn_timeout);
289
290 l2cb.is_ble_connecting = FALSE;
291
292 /* See if we have a link control block for the remote device */
293 p_lcb = l2cu_find_lcb_by_bd_addr (bda, BT_TRANSPORT_LE);
294
295 /* If we don't have one, create one. this is auto connection complete. */
296 if (!p_lcb)
297 {
298 p_lcb = l2cu_allocate_lcb (bda, FALSE, BT_TRANSPORT_LE);
299 if (!p_lcb)
300 {
301 btm_sec_disconnect (handle, HCI_ERR_NO_CONNECTION);
302 L2CAP_TRACE_ERROR ("l2cble_scanner_conn_comp - failed to allocate LCB");
303 return;
304 }
305 else
306 {
307 if (!l2cu_initialize_fixed_ccb (p_lcb, L2CAP_ATT_CID, &l2cb.fixed_reg[L2CAP_ATT_CID - L2CAP_FIRST_FIXED_CHNL].fixed_chnl_opts))
308 {
309 btm_sec_disconnect (handle, HCI_ERR_NO_CONNECTION);
310 L2CAP_TRACE_WARNING ("l2cble_scanner_conn_comp - LCB but no CCB");
311 return ;
312 }
313 }
314 }
315 else if (p_lcb->link_state != LST_CONNECTING)
316 {
317 L2CAP_TRACE_ERROR ("L2CAP got BLE scanner conn_comp in bad state: %d", p_lcb->link_state);
318 return;
319 }
320 alarm_cancel(p_lcb->l2c_lcb_timer);
321
322 /* Save the handle */
323 p_lcb->handle = handle;
324
325 /* Connected OK. Change state to connected, we were scanning so we are master */
326 p_lcb->link_role = HCI_ROLE_MASTER;
327 p_lcb->transport = BT_TRANSPORT_LE;
328
329 /* update link parameter, set slave link as non-spec default upon link up */
330 p_lcb->min_interval = p_lcb->max_interval = conn_interval;
331 p_lcb->timeout = conn_timeout;
332 p_lcb->latency = conn_latency;
333 p_lcb->conn_update_mask = L2C_BLE_NOT_DEFAULT_PARAM;
334
335 /* Tell BTM Acl management about the link */
336 btm_acl_created (bda, NULL, p_dev_rec->sec_bd_name, handle, p_lcb->link_role, BT_TRANSPORT_LE);
337
338 p_lcb->peer_chnl_mask[0] = L2CAP_FIXED_CHNL_ATT_BIT | L2CAP_FIXED_CHNL_BLE_SIG_BIT | L2CAP_FIXED_CHNL_SMP_BIT;
339
340 btm_ble_set_conn_st(BLE_CONN_IDLE);
341
342 #if BLE_PRIVACY_SPT == TRUE
343 btm_ble_disable_resolving_list(BTM_BLE_RL_INIT, TRUE);
344 #endif
345 }
346
347
348 /*******************************************************************************
349 **
350 ** Function l2cble_advertiser_conn_comp
351 **
352 ** Description This function is called when an HCI Connection Complete
353 ** event is received while we are an advertiser (so we are slave).
354 **
355 ** Returns void
356 **
357 *******************************************************************************/
l2cble_advertiser_conn_comp(UINT16 handle,BD_ADDR bda,tBLE_ADDR_TYPE type,UINT16 conn_interval,UINT16 conn_latency,UINT16 conn_timeout)358 void l2cble_advertiser_conn_comp (UINT16 handle, BD_ADDR bda, tBLE_ADDR_TYPE type,
359 UINT16 conn_interval, UINT16 conn_latency, UINT16 conn_timeout)
360 {
361 tL2C_LCB *p_lcb;
362 tBTM_SEC_DEV_REC *p_dev_rec;
363 UNUSED(type);
364 UNUSED(conn_interval);
365 UNUSED(conn_latency);
366 UNUSED(conn_timeout);
367
368 /* See if we have a link control block for the remote device */
369 p_lcb = l2cu_find_lcb_by_bd_addr (bda, BT_TRANSPORT_LE);
370
371 /* If we don't have one, create one and accept the connection. */
372 if (!p_lcb)
373 {
374 p_lcb = l2cu_allocate_lcb (bda, FALSE, BT_TRANSPORT_LE);
375 if (!p_lcb)
376 {
377 btm_sec_disconnect (handle, HCI_ERR_NO_CONNECTION);
378 L2CAP_TRACE_ERROR ("l2cble_advertiser_conn_comp - failed to allocate LCB");
379 return;
380 }
381 else
382 {
383 if (!l2cu_initialize_fixed_ccb (p_lcb, L2CAP_ATT_CID, &l2cb.fixed_reg[L2CAP_ATT_CID - L2CAP_FIRST_FIXED_CHNL].fixed_chnl_opts))
384 {
385 btm_sec_disconnect (handle, HCI_ERR_NO_CONNECTION);
386 L2CAP_TRACE_WARNING ("l2cble_scanner_conn_comp - LCB but no CCB");
387 return ;
388 }
389 }
390 }
391
392 /* Save the handle */
393 p_lcb->handle = handle;
394
395 /* Connected OK. Change state to connected, we were advertising, so we are slave */
396 p_lcb->link_role = HCI_ROLE_SLAVE;
397 p_lcb->transport = BT_TRANSPORT_LE;
398
399 /* update link parameter, set slave link as non-spec default upon link up */
400 p_lcb->min_interval = p_lcb->max_interval = conn_interval;
401 p_lcb->timeout = conn_timeout;
402 p_lcb->latency = conn_latency;
403 p_lcb->conn_update_mask = L2C_BLE_NOT_DEFAULT_PARAM;
404
405 /* Tell BTM Acl management about the link */
406 p_dev_rec = btm_find_or_alloc_dev (bda);
407
408 btm_acl_created (bda, NULL, p_dev_rec->sec_bd_name, handle, p_lcb->link_role, BT_TRANSPORT_LE);
409
410 #if BLE_PRIVACY_SPT == TRUE
411 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
412 #endif
413
414 p_lcb->peer_chnl_mask[0] = L2CAP_FIXED_CHNL_ATT_BIT | L2CAP_FIXED_CHNL_BLE_SIG_BIT | L2CAP_FIXED_CHNL_SMP_BIT;
415
416 if (!HCI_LE_SLAVE_INIT_FEAT_EXC_SUPPORTED(controller_get_interface()->get_features_ble()->as_array))
417 {
418 p_lcb->link_state = LST_CONNECTED;
419 l2cu_process_fixed_chnl_resp (p_lcb);
420 }
421
422 /* when adv and initiating are both active, cancel the direct connection */
423 if (l2cb.is_ble_connecting && memcmp(bda, l2cb.ble_connecting_bda, BD_ADDR_LEN) == 0)
424 {
425 L2CA_CancelBleConnectReq(bda);
426 }
427 }
428
429 /*******************************************************************************
430 **
431 ** Function l2cble_conn_comp
432 **
433 ** Description This function is called when an HCI Connection Complete
434 ** event is received.
435 **
436 ** Returns void
437 **
438 *******************************************************************************/
l2cble_conn_comp(UINT16 handle,UINT8 role,BD_ADDR bda,tBLE_ADDR_TYPE type,UINT16 conn_interval,UINT16 conn_latency,UINT16 conn_timeout)439 void l2cble_conn_comp(UINT16 handle, UINT8 role, BD_ADDR bda, tBLE_ADDR_TYPE type,
440 UINT16 conn_interval, UINT16 conn_latency, UINT16 conn_timeout)
441 {
442 btm_ble_update_link_topology_mask(role, TRUE);
443
444 if (role == HCI_ROLE_MASTER)
445 {
446 l2cble_scanner_conn_comp(handle, bda, type, conn_interval, conn_latency, conn_timeout);
447 }
448 else
449 {
450 l2cble_advertiser_conn_comp(handle, bda, type, conn_interval, conn_latency, conn_timeout);
451 }
452 }
453
454 /*******************************************************************************
455 **
456 ** Function l2cble_start_conn_update
457 **
458 ** Description start BLE connection parameter update process based on status
459 **
460 ** Parameters: lcb : l2cap link control block
461 **
462 ** Return value: none
463 **
464 *******************************************************************************/
l2cble_start_conn_update(tL2C_LCB * p_lcb)465 static void l2cble_start_conn_update (tL2C_LCB *p_lcb)
466 {
467 UINT16 min_conn_int, max_conn_int, slave_latency, supervision_tout;
468 tACL_CONN *p_acl_cb = btm_bda_to_acl(p_lcb->remote_bd_addr, BT_TRANSPORT_LE);
469
470 // TODO(armansito): The return value of this call wasn't being used but the
471 // logic of this function might be depending on its side effects. We should
472 // verify if this call is needed at all and remove it otherwise.
473 btm_find_or_alloc_dev(p_lcb->remote_bd_addr);
474
475 if (p_lcb->conn_update_mask & L2C_BLE_UPDATE_PENDING) return;
476
477 if (p_lcb->conn_update_mask & L2C_BLE_CONN_UPDATE_DISABLE)
478 {
479 /* application requests to disable parameters update.
480 If parameters are already updated, lets set them
481 up to what has been requested during connection establishement */
482 if (p_lcb->conn_update_mask & L2C_BLE_NOT_DEFAULT_PARAM &&
483 /* current connection interval is greater than default min */
484 p_lcb->min_interval > BTM_BLE_CONN_INT_MIN)
485 {
486 /* use 7.5 ms as fast connection parameter, 0 slave latency */
487 min_conn_int = max_conn_int = BTM_BLE_CONN_INT_MIN;
488 slave_latency = BTM_BLE_CONN_SLAVE_LATENCY_DEF;
489 supervision_tout = BTM_BLE_CONN_TIMEOUT_DEF;
490
491 /* if both side 4.1, or we are master device, send HCI command */
492 if (p_lcb->link_role == HCI_ROLE_MASTER
493 #if (defined BLE_LLT_INCLUDED) && (BLE_LLT_INCLUDED == TRUE)
494 || (HCI_LE_CONN_PARAM_REQ_SUPPORTED(controller_get_interface()->get_features_ble()->as_array) &&
495 HCI_LE_CONN_PARAM_REQ_SUPPORTED(p_acl_cb->peer_le_features))
496 #endif
497 )
498 {
499 btsnd_hcic_ble_upd_ll_conn_params(p_lcb->handle, min_conn_int, max_conn_int,
500 slave_latency, supervision_tout, 0, 0);
501 p_lcb->conn_update_mask |= L2C_BLE_UPDATE_PENDING;
502 }
503 else
504 {
505 l2cu_send_peer_ble_par_req (p_lcb, min_conn_int, max_conn_int, slave_latency, supervision_tout);
506 }
507 p_lcb->conn_update_mask &= ~L2C_BLE_NOT_DEFAULT_PARAM;
508 p_lcb->conn_update_mask |= L2C_BLE_NEW_CONN_PARAM;
509 }
510 }
511 else
512 {
513 /* application allows to do update, if we were delaying one do it now */
514 if (p_lcb->conn_update_mask & L2C_BLE_NEW_CONN_PARAM)
515 {
516 /* if both side 4.1, or we are master device, send HCI command */
517 if (p_lcb->link_role == HCI_ROLE_MASTER
518 #if (defined BLE_LLT_INCLUDED) && (BLE_LLT_INCLUDED == TRUE)
519 || (HCI_LE_CONN_PARAM_REQ_SUPPORTED(controller_get_interface()->get_features_ble()->as_array) &&
520 HCI_LE_CONN_PARAM_REQ_SUPPORTED(p_acl_cb->peer_le_features))
521 #endif
522 )
523 {
524 btsnd_hcic_ble_upd_ll_conn_params(p_lcb->handle, p_lcb->min_interval,
525 p_lcb->max_interval, p_lcb->latency, p_lcb->timeout, 0, 0);
526 p_lcb->conn_update_mask |= L2C_BLE_UPDATE_PENDING;
527 }
528 else
529 {
530 l2cu_send_peer_ble_par_req (p_lcb, p_lcb->min_interval, p_lcb->max_interval,
531 p_lcb->latency, p_lcb->timeout);
532 }
533 p_lcb->conn_update_mask &= ~L2C_BLE_NEW_CONN_PARAM;
534 p_lcb->conn_update_mask |= L2C_BLE_NOT_DEFAULT_PARAM;
535 }
536 }
537
538 /* Record the BLE connection update request. */
539 if (p_lcb->conn_update_mask & L2C_BLE_UPDATE_PENDING) {
540 bt_bdaddr_t bd_addr;
541 bdcpy(bd_addr.address, p_lcb->remote_bd_addr);
542 btif_debug_ble_connection_update_request(bd_addr, min_conn_int, max_conn_int, slave_latency,
543 supervision_tout);
544 }
545 }
546
547 /*******************************************************************************
548 **
549 ** Function l2cble_process_conn_update_evt
550 **
551 ** Description This function enables the connection update request from remote
552 ** after a successful connection update response is received.
553 **
554 ** Returns void
555 **
556 *******************************************************************************/
l2cble_process_conn_update_evt(UINT16 handle,UINT8 status,UINT16 interval,UINT16 latency,UINT16 timeout)557 void l2cble_process_conn_update_evt (UINT16 handle, UINT8 status,
558 UINT16 interval, UINT16 latency, UINT16 timeout)
559 {
560 L2CAP_TRACE_DEBUG("%s", __func__);
561
562 /* See if we have a link control block for the remote device */
563 tL2C_LCB *p_lcb = l2cu_find_lcb_by_handle(handle);
564 if (!p_lcb)
565 {
566 L2CAP_TRACE_WARNING("%s: Invalid handle: %d", __func__, handle);
567 return;
568 }
569
570 p_lcb->conn_update_mask &= ~L2C_BLE_UPDATE_PENDING;
571
572 if (status != HCI_SUCCESS)
573 {
574 L2CAP_TRACE_WARNING("%s: Error status: %d", __func__, status);
575 }
576
577 l2cble_start_conn_update(p_lcb);
578
579 /* Record the BLE connection update response. */
580 bt_bdaddr_t bd_addr;
581 bdcpy(bd_addr.address, p_lcb->remote_bd_addr);
582 btif_debug_ble_connection_update_response(bd_addr, status, interval,
583 latency, timeout);
584
585 L2CAP_TRACE_DEBUG("%s: conn_update_mask=%d", __func__, p_lcb->conn_update_mask);
586 }
587
588 /*******************************************************************************
589 **
590 ** Function l2cble_process_sig_cmd
591 **
592 ** Description This function is called when a signalling packet is received
593 ** on the BLE signalling CID
594 **
595 ** Returns void
596 **
597 *******************************************************************************/
l2cble_process_sig_cmd(tL2C_LCB * p_lcb,UINT8 * p,UINT16 pkt_len)598 void l2cble_process_sig_cmd (tL2C_LCB *p_lcb, UINT8 *p, UINT16 pkt_len)
599 {
600 UINT8 *p_pkt_end;
601 UINT8 cmd_code, id;
602 UINT16 cmd_len;
603 UINT16 min_interval, max_interval, latency, timeout;
604 tL2C_CONN_INFO con_info;
605 UINT16 lcid = 0, rcid = 0, mtu = 0, mps = 0, initial_credit = 0;
606 tL2C_CCB *p_ccb = NULL, *temp_p_ccb = NULL;
607 tL2C_RCB *p_rcb;
608 UINT16 credit;
609 p_pkt_end = p + pkt_len;
610
611 STREAM_TO_UINT8 (cmd_code, p);
612 STREAM_TO_UINT8 (id, p);
613 STREAM_TO_UINT16 (cmd_len, p);
614
615 /* Check command length does not exceed packet length */
616 if ((p + cmd_len) > p_pkt_end)
617 {
618 L2CAP_TRACE_WARNING ("L2CAP - LE - format error, pkt_len: %d cmd_len: %d code: %d", pkt_len, cmd_len, cmd_code);
619 return;
620 }
621
622 switch (cmd_code)
623 {
624 case L2CAP_CMD_REJECT:
625 p += 2;
626 break;
627
628 case L2CAP_CMD_ECHO_REQ:
629 case L2CAP_CMD_ECHO_RSP:
630 case L2CAP_CMD_INFO_RSP:
631 case L2CAP_CMD_INFO_REQ:
632 l2cu_send_peer_cmd_reject (p_lcb, L2CAP_CMD_REJ_NOT_UNDERSTOOD, id, 0, 0);
633 break;
634
635 case L2CAP_CMD_BLE_UPDATE_REQ:
636 STREAM_TO_UINT16 (min_interval, p); /* 0x0006 - 0x0C80 */
637 STREAM_TO_UINT16 (max_interval, p); /* 0x0006 - 0x0C80 */
638 STREAM_TO_UINT16 (latency, p); /* 0x0000 - 0x03E8 */
639 STREAM_TO_UINT16 (timeout, p); /* 0x000A - 0x0C80 */
640 /* If we are a master, the slave wants to update the parameters */
641 if (p_lcb->link_role == HCI_ROLE_MASTER)
642 {
643 if (min_interval < BTM_BLE_CONN_INT_MIN_LIMIT)
644 min_interval = BTM_BLE_CONN_INT_MIN_LIMIT;
645
646 if (min_interval < BTM_BLE_CONN_INT_MIN || min_interval > BTM_BLE_CONN_INT_MAX ||
647 max_interval < BTM_BLE_CONN_INT_MIN || max_interval > BTM_BLE_CONN_INT_MAX ||
648 latency > BTM_BLE_CONN_LATENCY_MAX ||
649 /*(timeout >= max_interval && latency > (timeout * 10/(max_interval * 1.25) - 1)) ||*/
650 timeout < BTM_BLE_CONN_SUP_TOUT_MIN || timeout > BTM_BLE_CONN_SUP_TOUT_MAX ||
651 max_interval < min_interval)
652 {
653 l2cu_send_peer_ble_par_rsp (p_lcb, L2CAP_CFG_UNACCEPTABLE_PARAMS, id);
654 }
655 else
656 {
657
658 l2cu_send_peer_ble_par_rsp (p_lcb, L2CAP_CFG_OK, id);
659
660 p_lcb->min_interval = min_interval;
661 p_lcb->max_interval = max_interval;
662 p_lcb->latency = latency;
663 p_lcb->timeout = timeout;
664 p_lcb->conn_update_mask |= L2C_BLE_NEW_CONN_PARAM;
665
666 l2cble_start_conn_update(p_lcb);
667 }
668 }
669 else
670 l2cu_send_peer_cmd_reject (p_lcb, L2CAP_CMD_REJ_NOT_UNDERSTOOD, id, 0, 0);
671 break;
672
673 case L2CAP_CMD_BLE_UPDATE_RSP:
674 p += 2;
675 break;
676
677 case L2CAP_CMD_BLE_CREDIT_BASED_CONN_REQ:
678 STREAM_TO_UINT16 (con_info.psm, p);
679 STREAM_TO_UINT16 (rcid, p);
680 STREAM_TO_UINT16 (mtu, p);
681 STREAM_TO_UINT16 (mps, p);
682 STREAM_TO_UINT16 (initial_credit, p);
683
684 L2CAP_TRACE_DEBUG ("Recv L2CAP_CMD_BLE_CREDIT_BASED_CONN_REQ with "
685 "mtu = %d, "
686 "mps = %d, "
687 "initial credit = %d", mtu, mps, initial_credit);
688
689 if ((p_rcb = l2cu_find_ble_rcb_by_psm (con_info.psm)) == NULL)
690 {
691 L2CAP_TRACE_WARNING ("L2CAP - rcvd conn req for unknown PSM: 0x%04x", con_info.psm);
692 l2cu_reject_ble_connection (p_lcb, id, L2CAP_LE_NO_PSM);
693 break;
694 }
695 else
696 {
697 if (!p_rcb->api.pL2CA_ConnectInd_Cb)
698 {
699 L2CAP_TRACE_WARNING ("L2CAP - rcvd conn req for outgoing-only connection PSM: %d", con_info.psm);
700 l2cu_reject_ble_connection (p_lcb, id, L2CAP_CONN_NO_PSM);
701 break;
702 }
703 }
704
705 /* Allocate a ccb for this.*/
706 if ((p_ccb = l2cu_allocate_ccb (p_lcb, 0)) == NULL)
707 {
708 L2CAP_TRACE_ERROR ("L2CAP - unable to allocate CCB");
709 l2cu_reject_ble_connection (p_lcb, id, L2CAP_CONN_NO_RESOURCES);
710 break;
711 }
712
713 /* validate the parameters */
714 if (mtu < L2CAP_LE_MIN_MTU || mps < L2CAP_LE_MIN_MPS || mps > L2CAP_LE_MAX_MPS)
715 {
716 L2CAP_TRACE_ERROR ("L2CAP don't like the params");
717 l2cu_reject_ble_connection (p_lcb, id, L2CAP_CONN_NO_RESOURCES);
718 break;
719 }
720
721 p_ccb->remote_id = id;
722 p_ccb->p_rcb = p_rcb;
723 p_ccb->remote_cid = rcid;
724
725 p_ccb->peer_conn_cfg.mtu = mtu;
726 p_ccb->peer_conn_cfg.mps = mps;
727 p_ccb->peer_conn_cfg.credits = initial_credit;
728
729 p_ccb->tx_mps = mps;
730 p_ccb->ble_sdu = NULL;
731 p_ccb->ble_sdu_length = 0;
732 p_ccb->is_first_seg = TRUE;
733 p_ccb->peer_cfg.fcr.mode = L2CAP_FCR_LE_COC_MODE;
734
735 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_CONNECT_REQ, &con_info);
736 break;
737
738 case L2CAP_CMD_BLE_CREDIT_BASED_CONN_RES:
739 L2CAP_TRACE_DEBUG ("Recv L2CAP_CMD_BLE_CREDIT_BASED_CONN_RES");
740 /* For all channels, see whose identifier matches this id */
741 for (temp_p_ccb = p_lcb->ccb_queue.p_first_ccb; temp_p_ccb; temp_p_ccb = temp_p_ccb->p_next_ccb)
742 {
743 if (temp_p_ccb->local_id == id)
744 {
745 p_ccb = temp_p_ccb;
746 break;
747 }
748 }
749 if (p_ccb)
750 {
751 L2CAP_TRACE_DEBUG ("I remember the connection req");
752 STREAM_TO_UINT16 (p_ccb->remote_cid, p);
753 STREAM_TO_UINT16 (p_ccb->peer_conn_cfg.mtu, p);
754 STREAM_TO_UINT16 (p_ccb->peer_conn_cfg.mps, p);
755 STREAM_TO_UINT16 (p_ccb->peer_conn_cfg.credits, p);
756 STREAM_TO_UINT16 (con_info.l2cap_result, p);
757 con_info.remote_cid = p_ccb->remote_cid;
758
759 L2CAP_TRACE_DEBUG ("remote_cid = %d, "
760 "mtu = %d, "
761 "mps = %d, "
762 "initial_credit = %d, "
763 "con_info.l2cap_result = %d",
764 p_ccb->remote_cid, p_ccb->peer_conn_cfg.mtu, p_ccb->peer_conn_cfg.mps,
765 p_ccb->peer_conn_cfg.credits, con_info.l2cap_result);
766
767 /* validate the parameters */
768 if (p_ccb->peer_conn_cfg.mtu < L2CAP_LE_MIN_MTU ||
769 p_ccb->peer_conn_cfg.mps < L2CAP_LE_MIN_MPS ||
770 p_ccb->peer_conn_cfg.mps > L2CAP_LE_MAX_MPS)
771 {
772 L2CAP_TRACE_ERROR ("L2CAP don't like the params");
773 con_info.l2cap_result = L2CAP_LE_NO_RESOURCES;
774 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_CONNECT_RSP_NEG, &con_info);
775 break;
776 }
777
778 p_ccb->tx_mps = p_ccb->peer_conn_cfg.mps;
779 p_ccb->ble_sdu = NULL;
780 p_ccb->ble_sdu_length = 0;
781 p_ccb->is_first_seg = TRUE;
782 p_ccb->peer_cfg.fcr.mode = L2CAP_FCR_LE_COC_MODE;
783
784 if (con_info.l2cap_result == L2CAP_LE_CONN_OK)
785 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_CONNECT_RSP, &con_info);
786 else
787 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_CONNECT_RSP_NEG, &con_info);
788 }
789 else
790 {
791 L2CAP_TRACE_DEBUG ("I DO NOT remember the connection req");
792 con_info.l2cap_result = L2CAP_LE_INVALID_SOURCE_CID;
793 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_CONNECT_RSP_NEG, &con_info);
794 }
795 break;
796
797 case L2CAP_CMD_BLE_FLOW_CTRL_CREDIT:
798 STREAM_TO_UINT16(lcid, p);
799 if((p_ccb = l2cu_find_ccb_by_remote_cid(p_lcb, lcid)) == NULL)
800 {
801 L2CAP_TRACE_DEBUG ("%s Credit received for unknown channel id %d", __func__, lcid);
802 break;
803 }
804
805 STREAM_TO_UINT16(credit ,p);
806 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_RECV_FLOW_CONTROL_CREDIT, &credit);
807 L2CAP_TRACE_DEBUG ("%s Credit received", __func__);
808 break;
809
810 case L2CAP_CMD_DISC_REQ:
811 STREAM_TO_UINT16 (lcid, p);
812 STREAM_TO_UINT16 (rcid, p);
813
814 if ((p_ccb = l2cu_find_ccb_by_cid (p_lcb, lcid)) != NULL)
815 {
816 if (p_ccb->remote_cid == rcid)
817 {
818 p_ccb->remote_id = id;
819 l2c_csm_execute (p_ccb, L2CEVT_L2CAP_DISCONNECT_REQ, NULL);
820 }
821 }
822 else
823 l2cu_send_peer_disc_rsp (p_lcb, id, lcid, rcid);
824
825 break;
826
827 case L2CAP_CMD_DISC_RSP:
828 STREAM_TO_UINT16 (rcid, p);
829 STREAM_TO_UINT16 (lcid, p);
830
831 if ((p_ccb = l2cu_find_ccb_by_cid (p_lcb, lcid)) != NULL)
832 {
833 if ((p_ccb->remote_cid == rcid) && (p_ccb->local_id == id))
834 l2c_csm_execute (p_ccb, L2CEVT_L2CAP_DISCONNECT_RSP, NULL);
835 }
836 break;
837
838 default:
839 L2CAP_TRACE_WARNING ("L2CAP - LE - unknown cmd code: %d", cmd_code);
840 l2cu_send_peer_cmd_reject (p_lcb, L2CAP_CMD_REJ_NOT_UNDERSTOOD, id, 0, 0);
841 break;
842 }
843 }
844
845 /*******************************************************************************
846 **
847 ** Function l2cble_init_direct_conn
848 **
849 ** Description This function is to initate a direct connection
850 **
851 ** Returns TRUE connection initiated, FALSE otherwise.
852 **
853 *******************************************************************************/
l2cble_init_direct_conn(tL2C_LCB * p_lcb)854 BOOLEAN l2cble_init_direct_conn (tL2C_LCB *p_lcb)
855 {
856 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_or_alloc_dev (p_lcb->remote_bd_addr);
857 tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
858 UINT16 scan_int;
859 UINT16 scan_win;
860 BD_ADDR peer_addr;
861 UINT8 peer_addr_type = BLE_ADDR_PUBLIC;
862 UINT8 own_addr_type = BLE_ADDR_PUBLIC;
863
864 /* There can be only one BLE connection request outstanding at a time */
865 if (p_dev_rec == NULL)
866 {
867 L2CAP_TRACE_WARNING ("unknown device, can not initate connection");
868 return(FALSE);
869 }
870
871 scan_int = (p_cb->scan_int == BTM_BLE_SCAN_PARAM_UNDEF) ? BTM_BLE_SCAN_FAST_INT : p_cb->scan_int;
872 scan_win = (p_cb->scan_win == BTM_BLE_SCAN_PARAM_UNDEF) ? BTM_BLE_SCAN_FAST_WIN : p_cb->scan_win;
873
874 peer_addr_type = p_lcb->ble_addr_type;
875 memcpy(peer_addr, p_lcb->remote_bd_addr, BD_ADDR_LEN);
876
877 #if ( (defined BLE_PRIVACY_SPT) && (BLE_PRIVACY_SPT == TRUE))
878 own_addr_type = btm_cb.ble_ctr_cb.privacy_mode ? BLE_ADDR_RANDOM : BLE_ADDR_PUBLIC;
879 if (p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)
880 {
881 if (btm_cb.ble_ctr_cb.privacy_mode >= BTM_PRIVACY_1_2)
882 own_addr_type |= BLE_ADDR_TYPE_ID_BIT;
883
884 btm_ble_enable_resolving_list(BTM_BLE_RL_INIT);
885 btm_random_pseudo_to_identity_addr(peer_addr, &peer_addr_type);
886 } else {
887 btm_ble_disable_resolving_list(BTM_BLE_RL_INIT, TRUE);
888
889 // If we have a current RPA, use that instead.
890 if (!bdaddr_is_empty((const bt_bdaddr_t *)p_dev_rec->ble.cur_rand_addr)) {
891 memcpy(peer_addr, p_dev_rec->ble.cur_rand_addr, BD_ADDR_LEN);
892 }
893 }
894 #endif
895
896 if (!btm_ble_topology_check(BTM_BLE_STATE_INIT))
897 {
898 l2cu_release_lcb (p_lcb);
899 L2CAP_TRACE_ERROR("initate direct connection fail, topology limitation");
900 return FALSE;
901 }
902
903 if (!btsnd_hcic_ble_create_ll_conn (scan_int,/* UINT16 scan_int */
904 scan_win, /* UINT16 scan_win */
905 FALSE, /* UINT8 white_list */
906 peer_addr_type, /* UINT8 addr_type_peer */
907 peer_addr, /* BD_ADDR bda_peer */
908 own_addr_type, /* UINT8 addr_type_own */
909 (UINT16) ((p_dev_rec->conn_params.min_conn_int != BTM_BLE_CONN_PARAM_UNDEF) ?
910 p_dev_rec->conn_params.min_conn_int : BTM_BLE_CONN_INT_MIN_DEF), /* UINT16 conn_int_min */
911 (UINT16) ((p_dev_rec->conn_params.max_conn_int != BTM_BLE_CONN_PARAM_UNDEF) ?
912 p_dev_rec->conn_params.max_conn_int : BTM_BLE_CONN_INT_MAX_DEF), /* UINT16 conn_int_max */
913 (UINT16) ((p_dev_rec->conn_params.slave_latency != BTM_BLE_CONN_PARAM_UNDEF) ?
914 p_dev_rec->conn_params.slave_latency : BTM_BLE_CONN_SLAVE_LATENCY_DEF), /* UINT16 conn_latency */
915 (UINT16) ((p_dev_rec->conn_params.supervision_tout != BTM_BLE_CONN_PARAM_UNDEF) ?
916 p_dev_rec->conn_params.supervision_tout : BTM_BLE_CONN_TIMEOUT_DEF), /* conn_timeout */
917 0, /* UINT16 min_len */
918 0)) /* UINT16 max_len */
919 {
920 l2cu_release_lcb (p_lcb);
921 L2CAP_TRACE_ERROR("initate direct connection fail, no resources");
922 return (FALSE);
923 }
924 else
925 {
926 p_lcb->link_state = LST_CONNECTING;
927 l2cb.is_ble_connecting = TRUE;
928 memcpy (l2cb.ble_connecting_bda, p_lcb->remote_bd_addr, BD_ADDR_LEN);
929 alarm_set_on_queue(p_lcb->l2c_lcb_timer,
930 L2CAP_BLE_LINK_CONNECT_TIMEOUT_MS,
931 l2c_lcb_timer_timeout, p_lcb,
932 btu_general_alarm_queue);
933 btm_ble_set_conn_st (BLE_DIR_CONN);
934
935 return (TRUE);
936 }
937 }
938
939 /*******************************************************************************
940 **
941 ** Function l2cble_create_conn
942 **
943 ** Description This function initiates an acl connection via HCI
944 **
945 ** Returns TRUE if successful, FALSE if connection not started.
946 **
947 *******************************************************************************/
l2cble_create_conn(tL2C_LCB * p_lcb)948 BOOLEAN l2cble_create_conn (tL2C_LCB *p_lcb)
949 {
950 tBTM_BLE_CONN_ST conn_st = btm_ble_get_conn_st();
951 BOOLEAN rt = FALSE;
952
953 /* There can be only one BLE connection request outstanding at a time */
954 if (conn_st == BLE_CONN_IDLE)
955 {
956 rt = l2cble_init_direct_conn(p_lcb);
957 }
958 else
959 {
960 L2CAP_TRACE_WARNING ("L2CAP - LE - cannot start new connection at conn st: %d", conn_st);
961
962 btm_ble_enqueue_direct_conn_req(p_lcb);
963
964 if (conn_st == BLE_BG_CONN)
965 btm_ble_suspend_bg_conn();
966
967 rt = TRUE;
968 }
969 return rt;
970 }
971
972 /*******************************************************************************
973 **
974 ** Function l2c_link_processs_ble_num_bufs
975 **
976 ** Description This function is called when a "controller buffer size"
977 ** event is first received from the controller. It updates
978 ** the L2CAP values.
979 **
980 ** Returns void
981 **
982 *******************************************************************************/
l2c_link_processs_ble_num_bufs(UINT16 num_lm_ble_bufs)983 void l2c_link_processs_ble_num_bufs (UINT16 num_lm_ble_bufs)
984 {
985 if (num_lm_ble_bufs == 0)
986 {
987 num_lm_ble_bufs = L2C_DEF_NUM_BLE_BUF_SHARED;
988 l2cb.num_lm_acl_bufs -= L2C_DEF_NUM_BLE_BUF_SHARED;
989 }
990
991 l2cb.num_lm_ble_bufs = l2cb.controller_le_xmit_window = num_lm_ble_bufs;
992 }
993
994 /*******************************************************************************
995 **
996 ** Function l2c_ble_link_adjust_allocation
997 **
998 ** Description This function is called when a link is created or removed
999 ** to calculate the amount of packets each link may send to
1000 ** the HCI without an ack coming back.
1001 **
1002 ** Currently, this is a simple allocation, dividing the
1003 ** number of Controller Packets by the number of links. In
1004 ** the future, QOS configuration should be examined.
1005 **
1006 ** Returns void
1007 **
1008 *******************************************************************************/
l2c_ble_link_adjust_allocation(void)1009 void l2c_ble_link_adjust_allocation (void)
1010 {
1011 UINT16 qq, yy, qq_remainder;
1012 tL2C_LCB *p_lcb;
1013 UINT16 hi_quota, low_quota;
1014 UINT16 num_lowpri_links = 0;
1015 UINT16 num_hipri_links = 0;
1016 UINT16 controller_xmit_quota = l2cb.num_lm_ble_bufs;
1017 UINT16 high_pri_link_quota = L2CAP_HIGH_PRI_MIN_XMIT_QUOTA_A;
1018
1019 /* If no links active, reset buffer quotas and controller buffers */
1020 if (l2cb.num_ble_links_active == 0)
1021 {
1022 l2cb.controller_le_xmit_window = l2cb.num_lm_ble_bufs;
1023 l2cb.ble_round_robin_quota = l2cb.ble_round_robin_unacked = 0;
1024 return;
1025 }
1026
1027 /* First, count the links */
1028 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++)
1029 {
1030 if (p_lcb->in_use && p_lcb->transport == BT_TRANSPORT_LE)
1031 {
1032 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH)
1033 num_hipri_links++;
1034 else
1035 num_lowpri_links++;
1036 }
1037 }
1038
1039 /* now adjust high priority link quota */
1040 low_quota = num_lowpri_links ? 1 : 0;
1041 while ( (num_hipri_links * high_pri_link_quota + low_quota) > controller_xmit_quota )
1042 high_pri_link_quota--;
1043
1044
1045 /* Work out the xmit quota and buffer quota high and low priorities */
1046 hi_quota = num_hipri_links * high_pri_link_quota;
1047 low_quota = (hi_quota < controller_xmit_quota) ? controller_xmit_quota - hi_quota : 1;
1048
1049 /* Work out and save the HCI xmit quota for each low priority link */
1050
1051 /* If each low priority link cannot have at least one buffer */
1052 if (num_lowpri_links > low_quota)
1053 {
1054 l2cb.ble_round_robin_quota = low_quota;
1055 qq = qq_remainder = 0;
1056 }
1057 /* If each low priority link can have at least one buffer */
1058 else if (num_lowpri_links > 0)
1059 {
1060 l2cb.ble_round_robin_quota = 0;
1061 l2cb.ble_round_robin_unacked = 0;
1062 qq = low_quota / num_lowpri_links;
1063 qq_remainder = low_quota % num_lowpri_links;
1064 }
1065 /* If no low priority link */
1066 else
1067 {
1068 l2cb.ble_round_robin_quota = 0;
1069 l2cb.ble_round_robin_unacked = 0;
1070 qq = qq_remainder = 0;
1071 }
1072 L2CAP_TRACE_EVENT ("l2c_ble_link_adjust_allocation num_hipri: %u num_lowpri: %u low_quota: %u round_robin_quota: %u qq: %u",
1073 num_hipri_links, num_lowpri_links, low_quota,
1074 l2cb.ble_round_robin_quota, qq);
1075
1076 /* Now, assign the quotas to each link */
1077 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++)
1078 {
1079 if (p_lcb->in_use && p_lcb->transport == BT_TRANSPORT_LE)
1080 {
1081 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH)
1082 {
1083 p_lcb->link_xmit_quota = high_pri_link_quota;
1084 }
1085 else
1086 {
1087 /* Safety check in case we switched to round-robin with something outstanding */
1088 /* if sent_not_acked is added into round_robin_unacked then don't add it again */
1089 /* l2cap keeps updating sent_not_acked for exiting from round robin */
1090 if (( p_lcb->link_xmit_quota > 0 )&&( qq == 0 ))
1091 l2cb.ble_round_robin_unacked += p_lcb->sent_not_acked;
1092
1093 p_lcb->link_xmit_quota = qq;
1094 if (qq_remainder > 0)
1095 {
1096 p_lcb->link_xmit_quota++;
1097 qq_remainder--;
1098 }
1099 }
1100
1101 L2CAP_TRACE_EVENT("l2c_ble_link_adjust_allocation LCB %d Priority: %d XmitQuota: %d",
1102 yy, p_lcb->acl_priority, p_lcb->link_xmit_quota);
1103
1104 L2CAP_TRACE_EVENT(" SentNotAcked: %d RRUnacked: %d",
1105 p_lcb->sent_not_acked, l2cb.round_robin_unacked);
1106
1107 /* There is a special case where we have readjusted the link quotas and */
1108 /* this link may have sent anything but some other link sent packets so */
1109 /* so we may need a timer to kick off this link's transmissions. */
1110 if ( (p_lcb->link_state == LST_CONNECTED)
1111 && (!list_is_empty(p_lcb->link_xmit_data_q))
1112 && (p_lcb->sent_not_acked < p_lcb->link_xmit_quota) ) {
1113 alarm_set_on_queue(p_lcb->l2c_lcb_timer,
1114 L2CAP_LINK_FLOW_CONTROL_TIMEOUT_MS,
1115 l2c_lcb_timer_timeout, p_lcb,
1116 btu_general_alarm_queue);
1117 }
1118 }
1119 }
1120 }
1121
1122 #if (defined BLE_LLT_INCLUDED) && (BLE_LLT_INCLUDED == TRUE)
1123 /*******************************************************************************
1124 **
1125 ** Function l2cble_process_rc_param_request_evt
1126 **
1127 ** Description process LE Remote Connection Parameter Request Event.
1128 **
1129 ** Returns void
1130 **
1131 *******************************************************************************/
l2cble_process_rc_param_request_evt(UINT16 handle,UINT16 int_min,UINT16 int_max,UINT16 latency,UINT16 timeout)1132 void l2cble_process_rc_param_request_evt(UINT16 handle, UINT16 int_min, UINT16 int_max,
1133 UINT16 latency, UINT16 timeout)
1134 {
1135 tL2C_LCB *p_lcb = l2cu_find_lcb_by_handle (handle);
1136
1137 if (p_lcb != NULL)
1138 {
1139 p_lcb->min_interval = int_min;
1140 p_lcb->max_interval = int_max;
1141 p_lcb->latency = latency;
1142 p_lcb->timeout = timeout;
1143
1144 /* if update is enabled, always accept connection parameter update */
1145 if ((p_lcb->conn_update_mask & L2C_BLE_CONN_UPDATE_DISABLE) == 0)
1146 {
1147 btsnd_hcic_ble_rc_param_req_reply(handle, int_min, int_max, latency, timeout, 0, 0);
1148 }
1149 else
1150 {
1151 L2CAP_TRACE_EVENT ("L2CAP - LE - update currently disabled");
1152 p_lcb->conn_update_mask |= L2C_BLE_NEW_CONN_PARAM;
1153 btsnd_hcic_ble_rc_param_req_neg_reply (handle,HCI_ERR_UNACCEPT_CONN_INTERVAL);
1154 }
1155
1156 }
1157 else
1158 {
1159 L2CAP_TRACE_WARNING("No link to update connection parameter")
1160 }
1161 }
1162 #endif
1163
1164 /*******************************************************************************
1165 **
1166 ** Function l2cble_update_data_length
1167 **
1168 ** Description This function update link tx data length if applicable
1169 **
1170 ** Returns void
1171 **
1172 *******************************************************************************/
l2cble_update_data_length(tL2C_LCB * p_lcb)1173 void l2cble_update_data_length(tL2C_LCB *p_lcb)
1174 {
1175 UINT16 tx_mtu = 0;
1176 UINT16 i = 0;
1177
1178 L2CAP_TRACE_DEBUG("%s", __FUNCTION__);
1179
1180 /* See if we have a link control block for the connection */
1181 if (p_lcb == NULL)
1182 return;
1183
1184 for (i = 0; i < L2CAP_NUM_FIXED_CHNLS; i++)
1185 {
1186 if (i + L2CAP_FIRST_FIXED_CHNL != L2CAP_BLE_SIGNALLING_CID)
1187 {
1188 if ((p_lcb->p_fixed_ccbs[i] != NULL) &&
1189 (tx_mtu < (p_lcb->p_fixed_ccbs[i]->tx_data_len + L2CAP_PKT_OVERHEAD)))
1190 tx_mtu = p_lcb->p_fixed_ccbs[i]->tx_data_len + L2CAP_PKT_OVERHEAD;
1191 }
1192 }
1193
1194 if (tx_mtu > BTM_BLE_DATA_SIZE_MAX)
1195 tx_mtu = BTM_BLE_DATA_SIZE_MAX;
1196
1197 /* update TX data length if changed */
1198 if (p_lcb->tx_data_len != tx_mtu)
1199 BTM_SetBleDataLength(p_lcb->remote_bd_addr, tx_mtu);
1200
1201 }
1202
1203 /*******************************************************************************
1204 **
1205 ** Function l2cble_process_data_length_change_evt
1206 **
1207 ** Description This function process the data length change event
1208 **
1209 ** Returns void
1210 **
1211 *******************************************************************************/
l2cble_process_data_length_change_event(UINT16 handle,UINT16 tx_data_len,UINT16 rx_data_len)1212 void l2cble_process_data_length_change_event(UINT16 handle, UINT16 tx_data_len, UINT16 rx_data_len)
1213 {
1214 tL2C_LCB *p_lcb = l2cu_find_lcb_by_handle(handle);
1215
1216 L2CAP_TRACE_DEBUG("%s TX data len = %d", __FUNCTION__, tx_data_len);
1217 if (p_lcb == NULL)
1218 return;
1219
1220 if (tx_data_len > 0)
1221 p_lcb->tx_data_len = tx_data_len;
1222
1223 /* ignore rx_data len for now */
1224 }
1225
1226 /*******************************************************************************
1227 **
1228 ** Function l2cble_set_fixed_channel_tx_data_length
1229 **
1230 ** Description This function update max fixed channel tx data length if applicable
1231 **
1232 ** Returns void
1233 **
1234 *******************************************************************************/
l2cble_set_fixed_channel_tx_data_length(BD_ADDR remote_bda,UINT16 fix_cid,UINT16 tx_mtu)1235 void l2cble_set_fixed_channel_tx_data_length(BD_ADDR remote_bda, UINT16 fix_cid, UINT16 tx_mtu)
1236 {
1237 tL2C_LCB *p_lcb = l2cu_find_lcb_by_bd_addr(remote_bda, BT_TRANSPORT_LE);
1238 UINT16 cid = fix_cid - L2CAP_FIRST_FIXED_CHNL;
1239
1240 L2CAP_TRACE_DEBUG("%s TX MTU = %d", __FUNCTION__, tx_mtu);
1241
1242 if (!controller_get_interface()->supports_ble_packet_extension())
1243 {
1244 L2CAP_TRACE_WARNING("%s, request not supported", __FUNCTION__);
1245 return;
1246 }
1247
1248 /* See if we have a link control block for the connection */
1249 if (p_lcb == NULL)
1250 return;
1251
1252 if (p_lcb->p_fixed_ccbs[cid] != NULL)
1253 {
1254 if (tx_mtu > BTM_BLE_DATA_SIZE_MAX)
1255 tx_mtu = BTM_BLE_DATA_SIZE_MAX;
1256
1257 p_lcb->p_fixed_ccbs[cid]->tx_data_len = tx_mtu;
1258 }
1259
1260 l2cble_update_data_length(p_lcb);
1261 }
1262
1263 /*******************************************************************************
1264 **
1265 ** Function l2cble_credit_based_conn_req
1266 **
1267 ** Description This function sends LE Credit Based Connection Request for
1268 ** LE connection oriented channels.
1269 **
1270 ** Returns void
1271 **
1272 *******************************************************************************/
l2cble_credit_based_conn_req(tL2C_CCB * p_ccb)1273 void l2cble_credit_based_conn_req (tL2C_CCB *p_ccb)
1274 {
1275 if (!p_ccb)
1276 return;
1277
1278 if (p_ccb->p_lcb && p_ccb->p_lcb->transport != BT_TRANSPORT_LE)
1279 {
1280 L2CAP_TRACE_WARNING ("LE link doesn't exist");
1281 return;
1282 }
1283
1284 l2cu_send_peer_ble_credit_based_conn_req (p_ccb);
1285 return;
1286 }
1287
1288 /*******************************************************************************
1289 **
1290 ** Function l2cble_credit_based_conn_res
1291 **
1292 ** Description This function sends LE Credit Based Connection Response for
1293 ** LE connection oriented channels.
1294 **
1295 ** Returns void
1296 **
1297 *******************************************************************************/
l2cble_credit_based_conn_res(tL2C_CCB * p_ccb,UINT16 result)1298 void l2cble_credit_based_conn_res (tL2C_CCB *p_ccb, UINT16 result)
1299 {
1300 if (!p_ccb)
1301 return;
1302
1303 if (p_ccb->p_lcb && p_ccb->p_lcb->transport != BT_TRANSPORT_LE)
1304 {
1305 L2CAP_TRACE_WARNING ("LE link doesn't exist");
1306 return;
1307 }
1308
1309 l2cu_send_peer_ble_credit_based_conn_res (p_ccb, result);
1310 return;
1311 }
1312
1313 /*******************************************************************************
1314 **
1315 ** Function l2cble_send_flow_control_credit
1316 **
1317 ** Description This function sends flow control credits for
1318 ** LE connection oriented channels.
1319 **
1320 ** Returns void
1321 **
1322 *******************************************************************************/
l2cble_send_flow_control_credit(tL2C_CCB * p_ccb,UINT16 credit_value)1323 void l2cble_send_flow_control_credit(tL2C_CCB *p_ccb, UINT16 credit_value)
1324 {
1325 if (!p_ccb)
1326 return;
1327
1328 if (p_ccb->p_lcb && p_ccb->p_lcb->transport != BT_TRANSPORT_LE)
1329 {
1330 L2CAP_TRACE_WARNING ("LE link doesn't exist");
1331 return;
1332 }
1333
1334 l2cu_send_peer_ble_flow_control_credit(p_ccb, credit_value);
1335 return;
1336
1337 }
1338
1339 /*******************************************************************************
1340 **
1341 ** Function l2cble_send_peer_disc_req
1342 **
1343 ** Description This function sends disconnect request
1344 ** to the peer LE device
1345 **
1346 ** Returns void
1347 **
1348 *******************************************************************************/
l2cble_send_peer_disc_req(tL2C_CCB * p_ccb)1349 void l2cble_send_peer_disc_req(tL2C_CCB *p_ccb)
1350 {
1351 L2CAP_TRACE_DEBUG ("%s",__func__);
1352 if (!p_ccb)
1353 return;
1354
1355 if (p_ccb->p_lcb && p_ccb->p_lcb->transport != BT_TRANSPORT_LE)
1356 {
1357 L2CAP_TRACE_WARNING ("LE link doesn't exist");
1358 return;
1359 }
1360
1361 l2cu_send_peer_ble_credit_based_disconn_req(p_ccb);
1362 return;
1363 }
1364
1365 /*******************************************************************************
1366 **
1367 ** Function l2cble_sec_comp
1368 **
1369 ** Description This function is called when security procedure for an LE COC
1370 ** link is done
1371 **
1372 ** Returns void
1373 **
1374 *******************************************************************************/
l2cble_sec_comp(BD_ADDR p_bda,tBT_TRANSPORT transport,void * p_ref_data,UINT8 status)1375 void l2cble_sec_comp(BD_ADDR p_bda, tBT_TRANSPORT transport, void *p_ref_data, UINT8 status)
1376 {
1377 tL2C_LCB *p_lcb = l2cu_find_lcb_by_bd_addr(p_bda, BT_TRANSPORT_LE);
1378 tL2CAP_SEC_DATA *p_buf = NULL;
1379 UINT8 sec_flag;
1380 UINT8 sec_act;
1381
1382 if (!p_lcb)
1383 {
1384 L2CAP_TRACE_WARNING ("%s security complete for unknown device", __func__);
1385 return;
1386 }
1387
1388 sec_act = p_lcb->sec_act;
1389 p_lcb->sec_act = 0;
1390
1391 if (!fixed_queue_is_empty(p_lcb->le_sec_pending_q))
1392 {
1393 p_buf = (tL2CAP_SEC_DATA*) fixed_queue_dequeue(p_lcb->le_sec_pending_q);
1394 if (!p_buf)
1395 {
1396 L2CAP_TRACE_WARNING ("%s Security complete for request not initiated from L2CAP",
1397 __func__);
1398 return;
1399 }
1400
1401 if (status != BTM_SUCCESS)
1402 {
1403 (*(p_buf->p_callback))(p_bda, BT_TRANSPORT_LE, p_buf->p_ref_data, status);
1404 }
1405 else
1406 {
1407 if (sec_act == BTM_SEC_ENCRYPT_MITM)
1408 {
1409 BTM_GetSecurityFlagsByTransport(p_bda, &sec_flag, transport);
1410 if (sec_flag & BTM_SEC_FLAG_LKEY_AUTHED)
1411 (*(p_buf->p_callback))(p_bda, BT_TRANSPORT_LE, p_buf->p_ref_data, status);
1412 else
1413 {
1414 L2CAP_TRACE_DEBUG ("%s MITM Protection Not present", __func__);
1415 (*(p_buf->p_callback))(p_bda, BT_TRANSPORT_LE, p_buf->p_ref_data,
1416 BTM_FAILED_ON_SECURITY);
1417 }
1418 }
1419 else
1420 {
1421 L2CAP_TRACE_DEBUG ("%s MITM Protection not required sec_act = %d",
1422 __func__, p_lcb->sec_act);
1423
1424 (*(p_buf->p_callback))(p_bda, BT_TRANSPORT_LE, p_buf->p_ref_data, status);
1425 }
1426 }
1427 }
1428 else
1429 {
1430 L2CAP_TRACE_WARNING ("%s Security complete for request not initiated from L2CAP", __func__);
1431 return;
1432 }
1433 osi_free(p_buf);
1434
1435 while (!fixed_queue_is_empty(p_lcb->le_sec_pending_q))
1436 {
1437 p_buf = (tL2CAP_SEC_DATA*) fixed_queue_dequeue(p_lcb->le_sec_pending_q);
1438
1439 if (status != BTM_SUCCESS)
1440 (*(p_buf->p_callback))(p_bda, BT_TRANSPORT_LE, p_buf->p_ref_data, status);
1441 else
1442 l2ble_sec_access_req(p_bda, p_buf->psm, p_buf->is_originator,
1443 p_buf->p_callback, p_buf->p_ref_data);
1444
1445 osi_free(p_buf);
1446 }
1447 }
1448
1449 /*******************************************************************************
1450 **
1451 ** Function l2ble_sec_access_req
1452 **
1453 ** Description This function is called by LE COC link to meet the
1454 ** security requirement for the link
1455 **
1456 ** Returns TRUE - security procedures are started
1457 ** FALSE - failure
1458 **
1459 *******************************************************************************/
l2ble_sec_access_req(BD_ADDR bd_addr,UINT16 psm,BOOLEAN is_originator,tL2CAP_SEC_CBACK * p_callback,void * p_ref_data)1460 BOOLEAN l2ble_sec_access_req(BD_ADDR bd_addr, UINT16 psm, BOOLEAN is_originator, tL2CAP_SEC_CBACK *p_callback, void *p_ref_data)
1461 {
1462 L2CAP_TRACE_DEBUG ("%s", __func__);
1463 BOOLEAN status;
1464 tL2C_LCB *p_lcb = NULL;
1465
1466 if (!p_callback)
1467 {
1468 L2CAP_TRACE_ERROR("%s No callback function", __func__);
1469 return FALSE;
1470 }
1471
1472 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_LE);
1473
1474 if (!p_lcb)
1475 {
1476 L2CAP_TRACE_ERROR ("%s Security check for unknown device", __func__);
1477 p_callback(bd_addr, BT_TRANSPORT_LE, p_ref_data, BTM_UNKNOWN_ADDR);
1478 return FALSE;
1479 }
1480
1481 tL2CAP_SEC_DATA *p_buf = (tL2CAP_SEC_DATA*) osi_malloc((UINT16)sizeof(tL2CAP_SEC_DATA));
1482 if (!p_buf)
1483 {
1484 p_callback(bd_addr, BT_TRANSPORT_LE, p_ref_data, BTM_NO_RESOURCES);
1485 return FALSE;
1486 }
1487
1488 p_buf->psm = psm;
1489 p_buf->is_originator = is_originator;
1490 p_buf->p_callback = p_callback;
1491 p_buf->p_ref_data = p_ref_data;
1492 fixed_queue_enqueue(p_lcb->le_sec_pending_q, p_buf);
1493 status = btm_ble_start_sec_check(bd_addr, psm, is_originator, &l2cble_sec_comp, p_ref_data);
1494
1495 return status;
1496 }
1497 #endif /* (BLE_INCLUDED == TRUE) */
1498