1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the L2CAP API code
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_l2cap"
26
27 #include <base/logging.h>
28 #include <base/strings/stringprintf.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32
33 #include "bt_common.h"
34 #include "bt_types.h"
35 #include "btm_api.h"
36 #include "btu.h"
37 #include "device/include/controller.h"
38 #include "hcidefs.h"
39 #include "hcimsgs.h"
40 #include "l2c_int.h"
41 #include "l2cdefs.h"
42 #include "osi/include/allocator.h"
43 #include "osi/include/log.h"
44
45 using base::StringPrintf;
46
47 /*******************************************************************************
48 *
49 * Function L2CA_Register
50 *
51 * Description Other layers call this function to register for L2CAP
52 * services.
53 *
54 * Returns PSM to use or zero if error. Typically, the PSM returned
55 * is the same as was passed in, but for an outgoing-only
56 * connection to a dynamic PSM, a "virtual" PSM is returned
57 * and should be used in the calls to L2CA_ConnectReq(),
58 * L2CA_ErtmConnectReq() and L2CA_Deregister()
59 *
60 ******************************************************************************/
L2CA_Register(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info)61 uint16_t L2CA_Register(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info) {
62 tL2C_RCB* p_rcb;
63 uint16_t vpsm = psm;
64
65 L2CAP_TRACE_API("L2CAP - L2CA_Register() called for PSM: 0x%04x", psm);
66
67 /* Verify that the required callback info has been filled in
68 ** Note: Connection callbacks are required but not checked
69 ** for here because it is possible to be only a client
70 ** or only a server.
71 */
72 if ((!p_cb_info->pL2CA_ConfigCfm_Cb) || (!p_cb_info->pL2CA_ConfigInd_Cb) ||
73 (!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
74 L2CAP_TRACE_ERROR("L2CAP - no cb registering PSM: 0x%04x", psm);
75 return (0);
76 }
77
78 /* Verify PSM is valid */
79 if (L2C_INVALID_PSM(psm)) {
80 L2CAP_TRACE_ERROR("L2CAP - invalid PSM value, PSM: 0x%04x", psm);
81 return (0);
82 }
83
84 /* Check if this is a registration for an outgoing-only connection to */
85 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
86 if ((psm >= 0x1001) && (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
87 for (vpsm = 0x1002; vpsm < 0x8000; vpsm += 2) {
88 p_rcb = l2cu_find_rcb_by_psm(vpsm);
89 if (p_rcb == NULL) break;
90 }
91
92 L2CAP_TRACE_API("L2CA_Register - Real PSM: 0x%04x Virtual PSM: 0x%04x",
93 psm, vpsm);
94 }
95
96 /* If registration block already there, just overwrite it */
97 p_rcb = l2cu_find_rcb_by_psm(vpsm);
98 if (p_rcb == NULL) {
99 p_rcb = l2cu_allocate_rcb(vpsm);
100 if (p_rcb == NULL) {
101 L2CAP_TRACE_WARNING("L2CAP - no RCB available, PSM: 0x%04x vPSM: 0x%04x",
102 psm, vpsm);
103 return (0);
104 }
105 }
106
107 p_rcb->api = *p_cb_info;
108 p_rcb->real_psm = psm;
109
110 return (vpsm);
111 }
112
113 /*******************************************************************************
114 *
115 * Function L2CA_Deregister
116 *
117 * Description Other layers call this function to de-register for L2CAP
118 * services.
119 *
120 * Returns void
121 *
122 ******************************************************************************/
L2CA_Deregister(uint16_t psm)123 void L2CA_Deregister(uint16_t psm) {
124 tL2C_RCB* p_rcb;
125 tL2C_CCB* p_ccb;
126 tL2C_LCB* p_lcb;
127 int ii;
128
129 L2CAP_TRACE_API("L2CAP - L2CA_Deregister() called for PSM: 0x%04x", psm);
130
131 p_rcb = l2cu_find_rcb_by_psm(psm);
132 if (p_rcb != NULL) {
133 p_lcb = &l2cb.lcb_pool[0];
134 for (ii = 0; ii < MAX_L2CAP_LINKS; ii++, p_lcb++) {
135 if (p_lcb->in_use) {
136 p_ccb = p_lcb->ccb_queue.p_first_ccb;
137 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) {
138 continue;
139 }
140
141 if ((p_ccb->in_use) &&
142 ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) ||
143 (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))) {
144 continue;
145 }
146
147 if (p_ccb->p_rcb == p_rcb) {
148 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
149 }
150 }
151 }
152 l2cu_release_rcb(p_rcb);
153 } else {
154 L2CAP_TRACE_WARNING("L2CAP - PSM: 0x%04x not found for deregistration",
155 psm);
156 }
157 }
158
159 /*******************************************************************************
160 *
161 * Function L2CA_AllocatePSM
162 *
163 * Description Other layers call this function to find an unused PSM for
164 * L2CAP services.
165 *
166 * Returns PSM to use.
167 *
168 ******************************************************************************/
L2CA_AllocatePSM(void)169 uint16_t L2CA_AllocatePSM(void) {
170 bool done = false;
171 uint16_t psm = l2cb.dyn_psm;
172
173 L2CAP_TRACE_API("L2CA_AllocatePSM");
174 while (!done) {
175 psm += 2;
176 if (psm > 0xfeff) {
177 psm = 0x1001;
178 } else if (psm & 0x0100) {
179 /* the upper byte must be even */
180 psm += 0x0100;
181 }
182
183 /* if psm is in range of reserved BRCM Aware features */
184 if ((BRCM_RESERVED_PSM_START <= psm) && (psm <= BRCM_RESERVED_PSM_END))
185 continue;
186
187 /* make sure the newlly allocated psm is not used right now */
188 if ((l2cu_find_rcb_by_psm(psm)) == NULL) done = true;
189 }
190 l2cb.dyn_psm = psm;
191
192 return (psm);
193 }
194
195 /*******************************************************************************
196 *
197 * Function L2CA_ConnectReq
198 *
199 * Description Higher layers call this function to create an L2CAP
200 * connection. Note that the connection is not established at
201 * this time, but connection establishment gets started. The
202 * callback function will be invoked when connection
203 * establishes or fails.
204 *
205 * Returns the CID of the connection, or 0 if it failed to start
206 *
207 ******************************************************************************/
L2CA_ConnectReq(uint16_t psm,const RawAddress & p_bd_addr)208 uint16_t L2CA_ConnectReq(uint16_t psm, const RawAddress& p_bd_addr) {
209 return L2CA_ErtmConnectReq(psm, p_bd_addr, NULL);
210 }
211
212 /*******************************************************************************
213 *
214 * Function L2CA_ErtmConnectReq
215 *
216 * Description Higher layers call this function to create an L2CAP
217 * connection. Note that the connection is not established at
218 * this time, but connection establishment gets started. The
219 * callback function will be invoked when connection
220 * establishes or fails.
221 *
222 * Parameters: PSM: L2CAP PSM for the connection
223 * BD address of the peer
224 * Enhaced retransmission mode configurations
225
226 * Returns the CID of the connection, or 0 if it failed to start
227 *
228 ******************************************************************************/
L2CA_ErtmConnectReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_ERTM_INFO * p_ertm_info)229 uint16_t L2CA_ErtmConnectReq(uint16_t psm, const RawAddress& p_bd_addr,
230 tL2CAP_ERTM_INFO* p_ertm_info) {
231 tL2C_LCB* p_lcb;
232 tL2C_CCB* p_ccb;
233 tL2C_RCB* p_rcb;
234
235 VLOG(1) << __func__ << "BDA " << p_bd_addr
236 << StringPrintf(" PSM: 0x%04x allowed:0x%x preferred:%d", psm,
237 (p_ertm_info) ? p_ertm_info->allowed_modes : 0,
238 (p_ertm_info) ? p_ertm_info->preferred_mode : 0);
239
240 /* Fail if we have not established communications with the controller */
241 if (!BTM_IsDeviceUp()) {
242 L2CAP_TRACE_WARNING("L2CAP connect req - BTU not ready");
243 return (0);
244 }
245 /* Fail if the PSM is not registered */
246 p_rcb = l2cu_find_rcb_by_psm(psm);
247 if (p_rcb == NULL) {
248 L2CAP_TRACE_WARNING("L2CAP - no RCB for L2CA_conn_req, PSM: 0x%04x", psm);
249 return (0);
250 }
251
252 /* First, see if we already have a link to the remote */
253 /* assume all ERTM l2cap connection is going over BR/EDR for now */
254 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
255 if (p_lcb == NULL) {
256 /* No link. Get an LCB and start link establishment */
257 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
258 /* currently use BR/EDR for ERTM mode l2cap connection */
259 if ((p_lcb == NULL) ||
260 (l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR) == false)) {
261 L2CAP_TRACE_WARNING(
262 "L2CAP - conn not started for PSM: 0x%04x p_lcb: 0x%08x", psm,
263 p_lcb);
264 return (0);
265 }
266 }
267
268 /* Allocate a channel control block */
269 p_ccb = l2cu_allocate_ccb(p_lcb, 0);
270 if (p_ccb == NULL) {
271 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_req, PSM: 0x%04x", psm);
272 return (0);
273 }
274
275 /* Save registration info */
276 p_ccb->p_rcb = p_rcb;
277
278 if (p_ertm_info) {
279 p_ccb->ertm_info = *p_ertm_info;
280
281 /* Replace default indicators with the actual default pool */
282 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
283 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
284
285 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
286 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
287
288 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
289 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
290
291 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
292 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
293
294 p_ccb->max_rx_mtu =
295 p_ertm_info->user_rx_buf_size -
296 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
297 }
298
299 /* If link is up, start the L2CAP connection */
300 if (p_lcb->link_state == LST_CONNECTED) {
301 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
302 }
303
304 /* If link is disconnecting, save link info to retry after disconnect
305 * Possible Race condition when a reconnect occurs
306 * on the channel during a disconnect of link. This
307 * ccb will be automatically retried after link disconnect
308 * arrives
309 */
310 else if (p_lcb->link_state == LST_DISCONNECTING) {
311 L2CAP_TRACE_DEBUG("L2CAP API - link disconnecting: RETRY LATER");
312
313 /* Save ccb so it can be started after disconnect is finished */
314 p_lcb->p_pending_ccb = p_ccb;
315 }
316
317 L2CAP_TRACE_API("L2CAP - L2CA_conn_req(psm: 0x%04x) returned CID: 0x%04x",
318 psm, p_ccb->local_cid);
319
320 /* Return the local CID as our handle */
321 return (p_ccb->local_cid);
322 }
323
324 /*******************************************************************************
325 *
326 * Function L2CA_RegisterLECoc
327 *
328 * Description Other layers call this function to register for L2CAP
329 * Connection Oriented Channel.
330 *
331 * Returns PSM to use or zero if error. Typically, the PSM returned
332 * is the same as was passed in, but for an outgoing-only
333 * connection to a dynamic PSM, a "virtual" PSM is returned
334 * and should be used in the calls to L2CA_ConnectLECocReq()
335 * and L2CA_DeregisterLECoc()
336 *
337 ******************************************************************************/
L2CA_RegisterLECoc(uint16_t psm,tL2CAP_APPL_INFO * p_cb_info)338 uint16_t L2CA_RegisterLECoc(uint16_t psm, tL2CAP_APPL_INFO* p_cb_info) {
339 L2CAP_TRACE_API("%s called for LE PSM: 0x%04x", __func__, psm);
340
341 /* Verify that the required callback info has been filled in
342 ** Note: Connection callbacks are required but not checked
343 ** for here because it is possible to be only a client
344 ** or only a server.
345 */
346 if ((!p_cb_info->pL2CA_DataInd_Cb) || (!p_cb_info->pL2CA_DisconnectInd_Cb)) {
347 L2CAP_TRACE_ERROR("%s No cb registering BLE PSM: 0x%04x", __func__, psm);
348 return 0;
349 }
350
351 /* Verify PSM is valid */
352 if (!L2C_IS_VALID_LE_PSM(psm)) {
353 L2CAP_TRACE_ERROR("%s Invalid BLE PSM value, PSM: 0x%04x", __func__, psm);
354 return 0;
355 }
356
357 tL2C_RCB* p_rcb;
358 uint16_t vpsm = psm;
359
360 /* Check if this is a registration for an outgoing-only connection to */
361 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
362 if ((psm >= 0x0080) && (p_cb_info->pL2CA_ConnectInd_Cb == NULL)) {
363 for (vpsm = 0x0080; vpsm < 0x0100; vpsm++) {
364 p_rcb = l2cu_find_ble_rcb_by_psm(vpsm);
365 if (p_rcb == NULL) break;
366 }
367
368 L2CAP_TRACE_API("%s Real PSM: 0x%04x Virtual PSM: 0x%04x", __func__, psm,
369 vpsm);
370 }
371
372 /* If registration block already there, just overwrite it */
373 p_rcb = l2cu_find_ble_rcb_by_psm(vpsm);
374 if (p_rcb == NULL) {
375 p_rcb = l2cu_allocate_ble_rcb(vpsm);
376 if (p_rcb == NULL) {
377 L2CAP_TRACE_WARNING("%s No BLE RCB available, PSM: 0x%04x vPSM: 0x%04x",
378 __func__, psm, vpsm);
379 return 0;
380 }
381 }
382
383 p_rcb->api = *p_cb_info;
384 p_rcb->real_psm = psm;
385
386 return vpsm;
387 }
388
389 /*******************************************************************************
390 *
391 * Function L2CA_DeregisterLECoc
392 *
393 * Description Other layers call this function to de-register for L2CAP
394 * Connection Oriented Channel.
395 *
396 * Returns void
397 *
398 ******************************************************************************/
L2CA_DeregisterLECoc(uint16_t psm)399 void L2CA_DeregisterLECoc(uint16_t psm) {
400 L2CAP_TRACE_API("%s called for PSM: 0x%04x", __func__, psm);
401
402 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
403 if (p_rcb == NULL) {
404 L2CAP_TRACE_WARNING("%s PSM: 0x%04x not found for deregistration", psm);
405 return;
406 }
407
408 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
409 for (int i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) {
410 if (!p_lcb->in_use || p_lcb->transport != BT_TRANSPORT_LE) continue;
411
412 tL2C_CCB* p_ccb = p_lcb->ccb_queue.p_first_ccb;
413 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) continue;
414
415 if (p_ccb->in_use && (p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP ||
416 p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))
417 continue;
418
419 if (p_ccb->p_rcb == p_rcb)
420 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
421 }
422
423 l2cu_release_rcb(p_rcb);
424 }
425
426 /*******************************************************************************
427 *
428 * Function L2CA_ConnectLECocReq
429 *
430 * Description Higher layers call this function to create an L2CAP
431 * connection. Note that the connection is not established at
432 * this time, but connection establishment gets started. The
433 * callback function will be invoked when connection
434 * establishes or fails.
435 *
436 * Parameters: PSM: L2CAP PSM for the connection
437 * BD address of the peer
438 * Local Coc configurations
439
440 * Returns the CID of the connection, or 0 if it failed to start
441 *
442 ******************************************************************************/
L2CA_ConnectLECocReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_LE_CFG_INFO * p_cfg)443 uint16_t L2CA_ConnectLECocReq(uint16_t psm, const RawAddress& p_bd_addr,
444 tL2CAP_LE_CFG_INFO* p_cfg) {
445 VLOG(1) << __func__ << " BDA: " << p_bd_addr
446 << StringPrintf(" PSM: 0x%04x", psm);
447
448 /* Fail if we have not established communications with the controller */
449 if (!BTM_IsDeviceUp()) {
450 L2CAP_TRACE_WARNING("%s BTU not ready", __func__);
451 return 0;
452 }
453
454 /* Fail if the PSM is not registered */
455 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
456 if (p_rcb == NULL) {
457 L2CAP_TRACE_WARNING("%s No BLE RCB, PSM: 0x%04x", __func__, psm);
458 return 0;
459 }
460
461 /* First, see if we already have a le link to the remote */
462 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
463 if (p_lcb == NULL) {
464 /* No link. Get an LCB and start link establishment */
465 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_LE);
466 if ((p_lcb == NULL)
467 /* currently use BR/EDR for ERTM mode l2cap connection */
468 || (l2cu_create_conn(p_lcb, BT_TRANSPORT_LE) == false)) {
469 L2CAP_TRACE_WARNING("%s conn not started for PSM: 0x%04x p_lcb: 0x%08x",
470 __func__, psm, p_lcb);
471 return 0;
472 }
473 }
474
475 /* Allocate a channel control block */
476 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
477 if (p_ccb == NULL) {
478 L2CAP_TRACE_WARNING("%s no CCB, PSM: 0x%04x", __func__, psm);
479 return 0;
480 }
481
482 /* Save registration info */
483 p_ccb->p_rcb = p_rcb;
484
485 /* Save the configuration */
486 if (p_cfg) memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
487
488 /* If link is up, start the L2CAP connection */
489 if (p_lcb->link_state == LST_CONNECTED) {
490 if (p_ccb->p_lcb->transport == BT_TRANSPORT_LE) {
491 L2CAP_TRACE_DEBUG("%s LE Link is up", __func__);
492 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
493 }
494 }
495
496 /* If link is disconnecting, save link info to retry after disconnect
497 * Possible Race condition when a reconnect occurs
498 * on the channel during a disconnect of link. This
499 * ccb will be automatically retried after link disconnect
500 * arrives
501 */
502 else if (p_lcb->link_state == LST_DISCONNECTING) {
503 L2CAP_TRACE_DEBUG("%s link disconnecting: RETRY LATER", __func__);
504
505 /* Save ccb so it can be started after disconnect is finished */
506 p_lcb->p_pending_ccb = p_ccb;
507 }
508
509 L2CAP_TRACE_API("%s(psm: 0x%04x) returned CID: 0x%04x", __func__, psm,
510 p_ccb->local_cid);
511
512 /* Return the local CID as our handle */
513 return p_ccb->local_cid;
514 }
515
516 /*******************************************************************************
517 *
518 * Function L2CA_ConnectLECocRsp
519 *
520 * Description Higher layers call this function to accept an incoming
521 * L2CAP COC connection, for which they had gotten an connect
522 * indication callback.
523 *
524 * Returns true for success, false for failure
525 *
526 ******************************************************************************/
L2CA_ConnectLECocRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_LE_CFG_INFO * p_cfg)527 bool L2CA_ConnectLECocRsp(const RawAddress& p_bd_addr, uint8_t id,
528 uint16_t lcid, uint16_t result, uint16_t status,
529 tL2CAP_LE_CFG_INFO* p_cfg) {
530 VLOG(1) << __func__ << " BDA: " << p_bd_addr
531 << StringPrintf(" CID: 0x%04x Result: %d Status: %d", lcid, result,
532 status);
533
534 /* First, find the link control block */
535 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
536 if (p_lcb == NULL) {
537 /* No link. Get an LCB and start link establishment */
538 L2CAP_TRACE_WARNING("%s no LCB", __func__);
539 return false;
540 }
541
542 /* Now, find the channel control block */
543 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
544 if (p_ccb == NULL) {
545 L2CAP_TRACE_WARNING("%s no CCB", __func__);
546 return false;
547 }
548
549 /* The IDs must match */
550 if (p_ccb->remote_id != id) {
551 L2CAP_TRACE_WARNING("%s bad id. Expected: %d Got: %d", __func__,
552 p_ccb->remote_id, id);
553 return false;
554 }
555
556 if (p_cfg) memcpy(&p_ccb->local_conn_cfg, p_cfg, sizeof(tL2CAP_LE_CFG_INFO));
557
558 if (result == L2CAP_CONN_OK)
559 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
560 else {
561 tL2C_CONN_INFO conn_info;
562 conn_info.bd_addr = p_bd_addr;
563 conn_info.l2cap_result = result;
564 conn_info.l2cap_status = status;
565 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
566 }
567
568 return true;
569 }
570
571 /*******************************************************************************
572 *
573 * Function L2CA_GetPeerLECocConfig
574 *
575 * Description Get a peers configuration for LE Connection Oriented
576 * Channel.
577 *
578 * Parameters: local channel id
579 * Pointers to peers configuration storage area
580 *
581 * Return value: true if peer is connected
582 *
583 ******************************************************************************/
L2CA_GetPeerLECocConfig(uint16_t lcid,tL2CAP_LE_CFG_INFO * peer_cfg)584 bool L2CA_GetPeerLECocConfig(uint16_t lcid, tL2CAP_LE_CFG_INFO* peer_cfg) {
585 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
586
587 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
588 if (p_ccb == NULL) {
589 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
590 return false;
591 }
592
593 if (peer_cfg != NULL)
594 memcpy(peer_cfg, &p_ccb->peer_conn_cfg, sizeof(tL2CAP_LE_CFG_INFO));
595
596 return true;
597 }
598
L2CA_SetConnectionCallbacks(uint16_t local_cid,const tL2CAP_APPL_INFO * callbacks)599 bool L2CA_SetConnectionCallbacks(uint16_t local_cid,
600 const tL2CAP_APPL_INFO* callbacks) {
601 CHECK(callbacks != NULL);
602 CHECK(callbacks->pL2CA_ConnectInd_Cb == NULL);
603 CHECK(callbacks->pL2CA_ConnectCfm_Cb != NULL);
604 CHECK(callbacks->pL2CA_ConfigInd_Cb != NULL);
605 CHECK(callbacks->pL2CA_ConfigCfm_Cb != NULL);
606 CHECK(callbacks->pL2CA_DisconnectInd_Cb != NULL);
607 CHECK(callbacks->pL2CA_DisconnectCfm_Cb != NULL);
608 CHECK(callbacks->pL2CA_CongestionStatus_Cb != NULL);
609 CHECK(callbacks->pL2CA_DataInd_Cb != NULL);
610 CHECK(callbacks->pL2CA_TxComplete_Cb != NULL);
611
612 tL2C_CCB* channel_control_block = l2cu_find_ccb_by_cid(NULL, local_cid);
613 if (!channel_control_block) {
614 LOG_ERROR(LOG_TAG,
615 "%s no channel control block found for L2CAP LCID=0x%04x.",
616 __func__, local_cid);
617 return false;
618 }
619
620 // We're making a connection-specific registration control block so we check
621 // if we already have a private one allocated to us on the heap. If not, we
622 // make a new allocation, mark it as heap-allocated, and inherit the fields
623 // from the old control block.
624 tL2C_RCB* registration_control_block = channel_control_block->p_rcb;
625 if (!channel_control_block->should_free_rcb) {
626 registration_control_block = (tL2C_RCB*)osi_calloc(sizeof(tL2C_RCB));
627
628 *registration_control_block = *channel_control_block->p_rcb;
629 channel_control_block->p_rcb = registration_control_block;
630 channel_control_block->should_free_rcb = true;
631 }
632
633 registration_control_block->api = *callbacks;
634 return true;
635 }
636
637 /*******************************************************************************
638 *
639 * Function L2CA_ConnectRsp
640 *
641 * Description Higher layers call this function to accept an incoming
642 * L2CAP connection, for which they had gotten an connect
643 * indication callback.
644 *
645 * Returns true for success, false for failure
646 *
647 ******************************************************************************/
L2CA_ConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status)648 bool L2CA_ConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
649 uint16_t result, uint16_t status) {
650 return L2CA_ErtmConnectRsp(p_bd_addr, id, lcid, result, status, NULL);
651 }
652
653 /*******************************************************************************
654 *
655 * Function L2CA_ErtmConnectRsp
656 *
657 * Description Higher layers call this function to accept an incoming
658 * L2CAP connection, for which they had gotten an connect
659 * indication callback.
660 *
661 * Returns true for success, false for failure
662 *
663 ******************************************************************************/
L2CA_ErtmConnectRsp(const RawAddress & p_bd_addr,uint8_t id,uint16_t lcid,uint16_t result,uint16_t status,tL2CAP_ERTM_INFO * p_ertm_info)664 bool L2CA_ErtmConnectRsp(const RawAddress& p_bd_addr, uint8_t id, uint16_t lcid,
665 uint16_t result, uint16_t status,
666 tL2CAP_ERTM_INFO* p_ertm_info) {
667 tL2C_LCB* p_lcb;
668 tL2C_CCB* p_ccb;
669
670 VLOG(1) << __func__ << " BDA: " << p_bd_addr
671 << StringPrintf(" CID:0x%04x Result:%d Status:%d", lcid, result,
672 status);
673
674 /* First, find the link control block */
675 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
676 if (p_lcb == NULL) {
677 /* No link. Get an LCB and start link establishment */
678 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_conn_rsp");
679 return (false);
680 }
681
682 /* Now, find the channel control block */
683 p_ccb = l2cu_find_ccb_by_cid(p_lcb, lcid);
684 if (p_ccb == NULL) {
685 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_rsp");
686 return (false);
687 }
688
689 /* The IDs must match */
690 if (p_ccb->remote_id != id) {
691 L2CAP_TRACE_WARNING("L2CAP - bad id in L2CA_conn_rsp. Exp: %d Got: %d",
692 p_ccb->remote_id, id);
693 return (false);
694 }
695
696 if (p_ertm_info) {
697 p_ccb->ertm_info = *p_ertm_info;
698
699 /* Replace default indicators with the actual default pool */
700 if (p_ccb->ertm_info.fcr_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
701 p_ccb->ertm_info.fcr_rx_buf_size = L2CAP_FCR_RX_BUF_SIZE;
702
703 if (p_ccb->ertm_info.fcr_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
704 p_ccb->ertm_info.fcr_tx_buf_size = L2CAP_FCR_TX_BUF_SIZE;
705
706 if (p_ccb->ertm_info.user_rx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
707 p_ccb->ertm_info.user_rx_buf_size = L2CAP_USER_RX_BUF_SIZE;
708
709 if (p_ccb->ertm_info.user_tx_buf_size == L2CAP_INVALID_ERM_BUF_SIZE)
710 p_ccb->ertm_info.user_tx_buf_size = L2CAP_USER_TX_BUF_SIZE;
711
712 p_ccb->max_rx_mtu =
713 p_ertm_info->user_rx_buf_size -
714 (L2CAP_MIN_OFFSET + L2CAP_SDU_LEN_OFFSET + L2CAP_FCS_LEN);
715 }
716
717 if (result == L2CAP_CONN_OK) {
718 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, NULL);
719 } else {
720 tL2C_CONN_INFO conn_info;
721
722 conn_info.l2cap_result = result;
723 conn_info.l2cap_status = status;
724
725 if (result == L2CAP_CONN_PENDING)
726 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP, &conn_info);
727 else
728 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_RSP_NEG, &conn_info);
729 }
730
731 return (true);
732 }
733
734 /*******************************************************************************
735 *
736 * Function L2CA_ConfigReq
737 *
738 * Description Higher layers call this function to send configuration.
739 *
740 * Note: The FCR options of p_cfg are not used.
741 *
742 * Returns true if configuration sent, else false
743 *
744 ******************************************************************************/
L2CA_ConfigReq(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)745 bool L2CA_ConfigReq(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
746 tL2C_CCB* p_ccb;
747
748 L2CAP_TRACE_API(
749 "L2CA_ConfigReq() CID 0x%04x: fcr_present:%d (mode %d) mtu_present:%d "
750 "(%d)",
751 cid, p_cfg->fcr_present, p_cfg->fcr.mode, p_cfg->mtu_present, p_cfg->mtu);
752
753 /* Find the channel control block. We don't know the link it is on. */
754 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
755 if (p_ccb == NULL) {
756 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_req, CID: %d", cid);
757 return (false);
758 }
759
760 /* We need to have at least one mode type common with the peer */
761 if (!l2c_fcr_adj_our_req_options(p_ccb, p_cfg)) return (false);
762
763 /* Don't adjust FCR options if not used */
764 if ((!p_cfg->fcr_present) || (p_cfg->fcr.mode == L2CAP_FCR_BASIC_MODE)) {
765 /* FCR and FCS options are not used in basic mode */
766 p_cfg->fcs_present = false;
767 p_cfg->ext_flow_spec_present = false;
768
769 if ((p_cfg->mtu_present) && (p_cfg->mtu > L2CAP_MTU_SIZE)) {
770 L2CAP_TRACE_WARNING("L2CAP - adjust MTU: %u too large", p_cfg->mtu);
771 p_cfg->mtu = L2CAP_MTU_SIZE;
772 }
773 }
774
775 /* Save the adjusted configuration in case it needs to be used for
776 * renegotiation */
777 p_ccb->our_cfg = *p_cfg;
778
779 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_REQ, p_cfg);
780
781 return (true);
782 }
783
784 /*******************************************************************************
785 *
786 * Function L2CA_ConfigRsp
787 *
788 * Description Higher layers call this function to send a configuration
789 * response.
790 *
791 * Returns true if configuration response sent, else false
792 *
793 ******************************************************************************/
L2CA_ConfigRsp(uint16_t cid,tL2CAP_CFG_INFO * p_cfg)794 bool L2CA_ConfigRsp(uint16_t cid, tL2CAP_CFG_INFO* p_cfg) {
795 tL2C_CCB* p_ccb;
796
797 L2CAP_TRACE_API(
798 "L2CA_ConfigRsp() CID: 0x%04x Result: %d MTU present:%d Flush TO:%d "
799 "FCR:%d FCS:%d",
800 cid, p_cfg->result, p_cfg->mtu_present, p_cfg->flush_to_present,
801 p_cfg->fcr_present, p_cfg->fcs_present);
802
803 /* Find the channel control block. We don't know the link it is on. */
804 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
805 if (p_ccb == NULL) {
806 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_rsp, CID: %d", cid);
807 return (false);
808 }
809
810 if ((p_cfg->result == L2CAP_CFG_OK) || (p_cfg->result == L2CAP_CFG_PENDING))
811 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP, p_cfg);
812 else {
813 p_cfg->fcr_present =
814 false; /* FCR options already negotiated before this point */
815
816 /* Clear out any cached options that are being returned as an error
817 * (excluding FCR) */
818 if (p_cfg->mtu_present) p_ccb->peer_cfg.mtu_present = false;
819 if (p_cfg->flush_to_present) p_ccb->peer_cfg.flush_to_present = false;
820 if (p_cfg->qos_present) p_ccb->peer_cfg.qos_present = false;
821
822 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONFIG_RSP_NEG, p_cfg);
823 }
824
825 return (true);
826 }
827
828 /*******************************************************************************
829 *
830 * Function L2CA_DisconnectReq
831 *
832 * Description Higher layers call this function to disconnect a channel.
833 *
834 * Returns true if disconnect sent, else false
835 *
836 ******************************************************************************/
L2CA_DisconnectReq(uint16_t cid)837 bool L2CA_DisconnectReq(uint16_t cid) {
838 tL2C_CCB* p_ccb;
839
840 L2CAP_TRACE_API("L2CA_DisconnectReq() CID: 0x%04x", cid);
841
842 /* Find the channel control block. We don't know the link it is on. */
843 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
844 if (p_ccb == NULL) {
845 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_req, CID: %d", cid);
846 return (false);
847 }
848
849 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
850
851 return (true);
852 }
853
854 /*******************************************************************************
855 *
856 * Function L2CA_DisconnectRsp
857 *
858 * Description Higher layers call this function to acknowledge the
859 * disconnection of a channel.
860 *
861 * Returns void
862 *
863 ******************************************************************************/
L2CA_DisconnectRsp(uint16_t cid)864 bool L2CA_DisconnectRsp(uint16_t cid) {
865 tL2C_CCB* p_ccb;
866
867 L2CAP_TRACE_API("L2CA_DisconnectRsp() CID: 0x%04x", cid);
868
869 /* Find the channel control block. We don't know the link it is on. */
870 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
871 if (p_ccb == NULL) {
872 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_disc_rsp, CID: %d", cid);
873 return (false);
874 }
875
876 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_RSP, NULL);
877
878 return (true);
879 }
880
881 /*******************************************************************************
882 *
883 * Function L2CA_Ping
884 *
885 * Description Higher layers call this function to send an echo request.
886 *
887 * Returns true if echo request sent, else false.
888 *
889 ******************************************************************************/
L2CA_Ping(const RawAddress & p_bd_addr,tL2CA_ECHO_RSP_CB * p_callback)890 bool L2CA_Ping(const RawAddress& p_bd_addr, tL2CA_ECHO_RSP_CB* p_callback) {
891 tL2C_LCB* p_lcb;
892
893 VLOG(1) << __func__ << " BDA: " << p_bd_addr;
894
895 /* Fail if we have not established communications with the controller */
896 if (!BTM_IsDeviceUp()) return (false);
897
898 /* First, see if we already have a link to the remote */
899 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
900 if (p_lcb == NULL) {
901 /* No link. Get an LCB and start link establishment */
902 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
903 if (p_lcb == NULL) {
904 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_ping");
905 return (false);
906 }
907 if (l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR) == false) {
908 return (false);
909 }
910
911 p_lcb->p_echo_rsp_cb = p_callback;
912
913 return (true);
914 }
915
916 /* We only allow 1 ping outstanding at a time */
917 if (p_lcb->p_echo_rsp_cb != NULL) {
918 L2CAP_TRACE_WARNING("L2CAP - rejected second L2CA_ping");
919 return (false);
920 }
921
922 /* Have a link control block. If link is disconnecting, tell user to retry
923 * later */
924 if (p_lcb->link_state == LST_DISCONNECTING) {
925 L2CAP_TRACE_WARNING("L2CAP - L2CA_ping rejected - link disconnecting");
926 return (false);
927 }
928
929 /* Save address of callback */
930 p_lcb->p_echo_rsp_cb = p_callback;
931
932 if (p_lcb->link_state == LST_CONNECTED) {
933 l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID); /* Make sure not using Broadcom ID */
934 l2cu_send_peer_echo_req(p_lcb, NULL, 0);
935 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, L2CAP_ECHO_RSP_TIMEOUT_MS,
936 l2c_lcb_timer_timeout, p_lcb);
937 }
938
939 return (true);
940 }
941
942 /*******************************************************************************
943 *
944 * Function L2CA_Echo
945 *
946 * Description Higher layers call this function to send an echo request
947 * with application-specific data.
948 *
949 * Returns true if echo request sent, else false.
950 *
951 ******************************************************************************/
L2CA_Echo(const RawAddress & p_bd_addr,BT_HDR * p_data,tL2CA_ECHO_DATA_CB * p_callback)952 bool L2CA_Echo(const RawAddress& p_bd_addr, BT_HDR* p_data,
953 tL2CA_ECHO_DATA_CB* p_callback) {
954 tL2C_LCB* p_lcb;
955 uint8_t* pp;
956
957 VLOG(1) << __func__ << " BDA: " << p_bd_addr;
958 ;
959
960 /* Fail if we have not established communications with the controller */
961 if (!BTM_IsDeviceUp()) return (false);
962
963 if (RawAddress::kAny == p_bd_addr && (p_data == NULL)) {
964 /* Only register callback without sending message. */
965 l2cb.p_echo_data_cb = p_callback;
966 return true;
967 }
968
969 /* We assume the upper layer will call this function only when the link is
970 * established. */
971 p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
972 if (p_lcb == NULL) {
973 L2CAP_TRACE_ERROR("L2CA_Echo ERROR : link not established");
974 return false;
975 }
976
977 if (p_lcb->link_state != LST_CONNECTED) {
978 L2CAP_TRACE_ERROR("L2CA_Echo ERROR : link is not connected");
979 return false;
980 }
981
982 /* Save address of callback */
983 l2cb.p_echo_data_cb = p_callback;
984
985 /* Set the pointer to the beginning of the data */
986 pp = (uint8_t*)(p_data + 1) + p_data->offset;
987 l2cu_adj_id(p_lcb, L2CAP_ADJ_BRCM_ID); /* Make sure not using Broadcom ID */
988 l2cu_send_peer_echo_req(p_lcb, pp, p_data->len);
989
990 return (true);
991 }
992
L2CA_GetIdentifiers(uint16_t lcid,uint16_t * rcid,uint16_t * handle)993 bool L2CA_GetIdentifiers(uint16_t lcid, uint16_t* rcid, uint16_t* handle) {
994 tL2C_CCB* control_block = l2cu_find_ccb_by_cid(NULL, lcid);
995 if (!control_block) return false;
996
997 if (rcid) *rcid = control_block->remote_cid;
998 if (handle) *handle = control_block->p_lcb->handle;
999
1000 return true;
1001 }
1002
1003 /*******************************************************************************
1004 *
1005 * Function L2CA_SetIdleTimeout
1006 *
1007 * Description Higher layers call this function to set the idle timeout for
1008 * a connection, or for all future connections. The "idle
1009 * timeout" is the amount of time that a connection can remain
1010 * up with no L2CAP channels on it. A timeout of zero means
1011 * that the connection will be torn down immediately when the
1012 * last channel is removed. A timeout of 0xFFFF means no
1013 * timeout. Values are in seconds.
1014 *
1015 * Returns true if command succeeded, false if failed
1016 *
1017 * NOTE This timeout takes effect after at least 1 channel has been
1018 * established and removed. L2CAP maintains its own timer from
1019 * whan a connection is established till the first channel is
1020 * set up.
1021 ******************************************************************************/
L2CA_SetIdleTimeout(uint16_t cid,uint16_t timeout,bool is_global)1022 bool L2CA_SetIdleTimeout(uint16_t cid, uint16_t timeout, bool is_global) {
1023 tL2C_CCB* p_ccb;
1024 tL2C_LCB* p_lcb;
1025
1026 if (is_global) {
1027 l2cb.idle_timeout = timeout;
1028 } else {
1029 /* Find the channel control block. We don't know the link it is on. */
1030 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1031 if (p_ccb == NULL) {
1032 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetIdleTimeout, CID: %d",
1033 cid);
1034 return (false);
1035 }
1036
1037 p_lcb = p_ccb->p_lcb;
1038
1039 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED))
1040 p_lcb->idle_timeout = timeout;
1041 else
1042 return (false);
1043 }
1044
1045 return (true);
1046 }
1047
1048 /*******************************************************************************
1049 *
1050 * Function L2CA_SetIdleTimeoutByBdAddr
1051 *
1052 * Description Higher layers call this function to set the idle timeout for
1053 * a connection. The "idle timeout" is the amount of time that
1054 * a connection can remain up with no L2CAP channels on it.
1055 * A timeout of zero means that the connection will be torn
1056 * down immediately when the last channel is removed.
1057 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1058 * A bd_addr is the remote BD address. If bd_addr =
1059 * RawAddress::kAny, then the idle timeouts for all active
1060 * l2cap links will be changed.
1061 *
1062 * Returns true if command succeeded, false if failed
1063 *
1064 * NOTE This timeout applies to all logical channels active on the
1065 * ACL link.
1066 ******************************************************************************/
L2CA_SetIdleTimeoutByBdAddr(const RawAddress & bd_addr,uint16_t timeout,tBT_TRANSPORT transport)1067 bool L2CA_SetIdleTimeoutByBdAddr(const RawAddress& bd_addr, uint16_t timeout,
1068 tBT_TRANSPORT transport) {
1069 tL2C_LCB* p_lcb;
1070
1071 if (RawAddress::kAny != bd_addr) {
1072 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, transport);
1073 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1074 p_lcb->idle_timeout = timeout;
1075
1076 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1077 } else
1078 return false;
1079 } else {
1080 int xx;
1081 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
1082
1083 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1084 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1085 p_lcb->idle_timeout = timeout;
1086
1087 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
1088 }
1089 }
1090 }
1091
1092 return true;
1093 }
1094
1095 /*******************************************************************************
1096 *
1097 * Function L2CA_SetTraceLevel
1098 *
1099 * Description This function sets the trace level for L2CAP. If called with
1100 * a value of 0xFF, it simply reads the current trace level.
1101 *
1102 * Returns the new (current) trace level
1103 *
1104 ******************************************************************************/
L2CA_SetTraceLevel(uint8_t new_level)1105 uint8_t L2CA_SetTraceLevel(uint8_t new_level) {
1106 if (new_level != 0xFF) l2cb.l2cap_trace_level = new_level;
1107
1108 return (l2cb.l2cap_trace_level);
1109 }
1110
1111 /*******************************************************************************
1112 *
1113 * Function L2CA_SetDesireRole
1114 *
1115 * Description This function sets the desire role for L2CAP.
1116 * If the new role is L2CAP_ROLE_ALLOW_SWITCH, allow switch on
1117 * HciCreateConnection.
1118 * If the new role is L2CAP_ROLE_DISALLOW_SWITCH, do not allow
1119 * switch on HciCreateConnection.
1120 *
1121 * If the new role is a valid role (HCI_ROLE_MASTER or
1122 * HCI_ROLE_SLAVE), the desire role is set to the new value.
1123 * Otherwise, it is not changed.
1124 *
1125 * Returns the new (current) role
1126 *
1127 ******************************************************************************/
L2CA_SetDesireRole(uint8_t new_role)1128 uint8_t L2CA_SetDesireRole(uint8_t new_role) {
1129 L2CAP_TRACE_API("L2CA_SetDesireRole() new:x%x, disallow_switch:%d", new_role,
1130 l2cb.disallow_switch);
1131
1132 if (L2CAP_ROLE_CHECK_SWITCH != (L2CAP_ROLE_CHECK_SWITCH & new_role)) {
1133 /* do not process the allow_switch when both bits are set */
1134 if (new_role & L2CAP_ROLE_ALLOW_SWITCH) {
1135 l2cb.disallow_switch = false;
1136 }
1137 if (new_role & L2CAP_ROLE_DISALLOW_SWITCH) {
1138 l2cb.disallow_switch = true;
1139 }
1140 }
1141
1142 if (new_role == HCI_ROLE_MASTER || new_role == HCI_ROLE_SLAVE)
1143 l2cb.desire_role = new_role;
1144
1145 return (l2cb.desire_role);
1146 }
1147
1148 /*******************************************************************************
1149 *
1150 * Function L2CA_LocalLoopbackReq
1151 *
1152 * Description This function sets up a CID for local loopback
1153 *
1154 * Returns CID of 0 if none.
1155 *
1156 ******************************************************************************/
L2CA_LocalLoopbackReq(uint16_t psm,uint16_t handle,const RawAddress & p_bd_addr)1157 uint16_t L2CA_LocalLoopbackReq(uint16_t psm, uint16_t handle,
1158 const RawAddress& p_bd_addr) {
1159 tL2C_LCB* p_lcb;
1160 tL2C_CCB* p_ccb;
1161 tL2C_RCB* p_rcb;
1162
1163 L2CAP_TRACE_API("L2CA_LocalLoopbackReq() PSM: %d Handle: 0x%04x", psm,
1164 handle);
1165
1166 /* Fail if we have not established communications with the controller */
1167 if (!BTM_IsDeviceUp()) {
1168 L2CAP_TRACE_WARNING("L2CAP loop req - BTU not ready");
1169 return (0);
1170 }
1171
1172 /* Fail if the PSM is not registered */
1173 p_rcb = l2cu_find_rcb_by_psm(psm);
1174 if (p_rcb == NULL) {
1175 L2CAP_TRACE_WARNING("L2CAP - no RCB for L2CA_conn_req, PSM: %d", psm);
1176 return (0);
1177 }
1178
1179 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
1180 if (p_lcb == NULL) {
1181 L2CAP_TRACE_WARNING("L2CAP - no LCB for L2CA_conn_req");
1182 return (0);
1183 }
1184
1185 p_lcb->link_state = LST_CONNECTED;
1186 p_lcb->handle = handle;
1187
1188 /* Allocate a channel control block */
1189 p_ccb = l2cu_allocate_ccb(p_lcb, 0);
1190 if (p_ccb == NULL) {
1191 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_conn_req");
1192 return (0);
1193 }
1194
1195 /* Save registration info */
1196 p_ccb->p_rcb = p_rcb;
1197 p_ccb->chnl_state = CST_OPEN;
1198 p_ccb->remote_cid = p_ccb->local_cid;
1199 p_ccb->config_done = CFG_DONE_MASK;
1200
1201 /* Return the local CID as our handle */
1202 return (p_ccb->local_cid);
1203 }
1204
1205 /*******************************************************************************
1206 *
1207 * Function L2CA_SetAclPriority
1208 *
1209 * Description Sets the transmission priority for a channel.
1210 * (For initial implementation only two values are valid.
1211 * L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH).
1212 *
1213 * Returns true if a valid channel, else false
1214 *
1215 ******************************************************************************/
L2CA_SetAclPriority(const RawAddress & bd_addr,uint8_t priority)1216 bool L2CA_SetAclPriority(const RawAddress& bd_addr, uint8_t priority) {
1217 VLOG(1) << __func__ << " BDA: " << bd_addr << ", priority: " << priority;
1218 return (l2cu_set_acl_priority(bd_addr, priority, false));
1219 }
1220
1221 /*******************************************************************************
1222 *
1223 * Function L2CA_FlowControl
1224 *
1225 * Description Higher layers call this function to flow control a channel.
1226 *
1227 * data_enabled - true data flows, false data is stopped
1228 *
1229 * Returns true if valid channel, else false
1230 *
1231 ******************************************************************************/
L2CA_FlowControl(uint16_t cid,bool data_enabled)1232 bool L2CA_FlowControl(uint16_t cid, bool data_enabled) {
1233 tL2C_CCB* p_ccb;
1234 bool on_off = !data_enabled;
1235
1236 L2CAP_TRACE_API("L2CA_FlowControl(%d) CID: 0x%04x", on_off, cid);
1237
1238 /* Find the channel control block. We don't know the link it is on. */
1239 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1240 if (p_ccb == NULL) {
1241 L2CAP_TRACE_WARNING(
1242 "L2CAP - no CCB for L2CA_FlowControl, CID: 0x%04x data_enabled: %d",
1243 cid, data_enabled);
1244 return (false);
1245 }
1246
1247 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
1248 L2CAP_TRACE_EVENT("L2CA_FlowControl() invalid mode:%d",
1249 p_ccb->peer_cfg.fcr.mode);
1250 return (false);
1251 }
1252 if (p_ccb->fcrb.local_busy != on_off) {
1253 p_ccb->fcrb.local_busy = on_off;
1254
1255 if ((p_ccb->chnl_state == CST_OPEN) && (!p_ccb->fcrb.wait_ack)) {
1256 if (on_off)
1257 l2c_fcr_send_S_frame(p_ccb, L2CAP_FCR_SUP_RNR, 0);
1258 else
1259 l2c_fcr_send_S_frame(p_ccb, L2CAP_FCR_SUP_RR, L2CAP_FCR_P_BIT);
1260 }
1261 }
1262
1263 return (true);
1264 }
1265
1266 /*******************************************************************************
1267 *
1268 * Function L2CA_SendTestSFrame
1269 *
1270 * Description Higher layers call this function to send a test S-frame.
1271 *
1272 * Returns true if valid Channel, else false
1273 *
1274 ******************************************************************************/
L2CA_SendTestSFrame(uint16_t cid,uint8_t sup_type,uint8_t back_track)1275 bool L2CA_SendTestSFrame(uint16_t cid, uint8_t sup_type, uint8_t back_track) {
1276 tL2C_CCB* p_ccb;
1277
1278 L2CAP_TRACE_API(
1279 "L2CA_SendTestSFrame() CID: 0x%04x Type: 0x%02x back_track: %u", cid,
1280 sup_type, back_track);
1281
1282 /* Find the channel control block. We don't know the link it is on. */
1283 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1284 if (p_ccb == NULL) {
1285 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SendTestSFrame, CID: %d", cid);
1286 return (false);
1287 }
1288
1289 if ((p_ccb->chnl_state != CST_OPEN) ||
1290 (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE))
1291 return (false);
1292
1293 p_ccb->fcrb.next_seq_expected -= back_track;
1294
1295 l2c_fcr_send_S_frame(
1296 p_ccb, (uint16_t)(sup_type & 3),
1297 (uint16_t)(sup_type & (L2CAP_FCR_P_BIT | L2CAP_FCR_F_BIT)));
1298
1299 return (true);
1300 }
1301
1302 /*******************************************************************************
1303 *
1304 * Function L2CA_SetTxPriority
1305 *
1306 * Description Sets the transmission priority for a channel.
1307 *
1308 * Returns true if a valid channel, else false
1309 *
1310 ******************************************************************************/
L2CA_SetTxPriority(uint16_t cid,tL2CAP_CHNL_PRIORITY priority)1311 bool L2CA_SetTxPriority(uint16_t cid, tL2CAP_CHNL_PRIORITY priority) {
1312 tL2C_CCB* p_ccb;
1313
1314 L2CAP_TRACE_API("L2CA_SetTxPriority() CID: 0x%04x, priority:%d", cid,
1315 priority);
1316
1317 /* Find the channel control block. We don't know the link it is on. */
1318 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1319 if (p_ccb == NULL) {
1320 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetTxPriority, CID: %d", cid);
1321 return (false);
1322 }
1323
1324 /* it will update the order of CCB in LCB by priority and update round robin
1325 * service variables */
1326 l2cu_change_pri_ccb(p_ccb, priority);
1327
1328 return (true);
1329 }
1330
1331 /*******************************************************************************
1332 *
1333 * Function L2CA_SetChnlDataRate
1334 *
1335 * Description Sets the tx/rx data rate for a channel.
1336 *
1337 * Returns true if a valid channel, else false
1338 *
1339 ******************************************************************************/
L2CA_SetChnlDataRate(uint16_t cid,tL2CAP_CHNL_DATA_RATE tx,tL2CAP_CHNL_DATA_RATE rx)1340 bool L2CA_SetChnlDataRate(uint16_t cid, tL2CAP_CHNL_DATA_RATE tx,
1341 tL2CAP_CHNL_DATA_RATE rx) {
1342 tL2C_CCB* p_ccb;
1343
1344 L2CAP_TRACE_API("L2CA_SetChnlDataRate() CID: 0x%04x, tx:%d, rx:%d", cid, tx,
1345 rx);
1346
1347 /* Find the channel control block. We don't know the link it is on. */
1348 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1349 if (p_ccb == NULL) {
1350 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlDataRate, CID: %d",
1351 cid);
1352 return (false);
1353 }
1354
1355 p_ccb->tx_data_rate = tx;
1356 p_ccb->rx_data_rate = rx;
1357
1358 /* Adjust channel buffer allocation */
1359 l2c_link_adjust_chnl_allocation();
1360
1361 return (true);
1362 }
1363
1364 /*******************************************************************************
1365 *
1366 * Function L2CA_SetFlushTimeout
1367 *
1368 * Description This function set the automatic flush time out in Baseband
1369 * for ACL-U packets.
1370 * BdAddr : the remote BD address of ACL link. If it is
1371 * BT_DB_ANY then the flush time out will be applied to
1372 * all ACL links.
1373 * FlushTimeout: flush time out in ms
1374 * 0x0000 : No automatic flush
1375 * L2CAP_NO_RETRANSMISSION : No retransmission
1376 * 0x0002 - 0xFFFE : flush time out, if
1377 * (flush_tout * 8) + 3 / 5) <=
1378 * HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT
1379 * (in 625us slot).
1380 * Otherwise, return false.
1381 * L2CAP_NO_AUTOMATIC_FLUSH : No automatic flush
1382 *
1383 * Returns true if command succeeded, false if failed
1384 *
1385 * NOTE This flush timeout applies to all logical channels active on
1386 * the ACL link.
1387 ******************************************************************************/
L2CA_SetFlushTimeout(const RawAddress & bd_addr,uint16_t flush_tout)1388 bool L2CA_SetFlushTimeout(const RawAddress& bd_addr, uint16_t flush_tout) {
1389 tL2C_LCB* p_lcb;
1390 uint16_t hci_flush_to;
1391 uint32_t temp;
1392
1393 /* no automatic flush (infinite timeout) */
1394 if (flush_tout == 0x0000) {
1395 hci_flush_to = flush_tout;
1396 flush_tout = L2CAP_NO_AUTOMATIC_FLUSH;
1397 }
1398 /* no retransmission */
1399 else if (flush_tout == L2CAP_NO_RETRANSMISSION) {
1400 /* not mandatory range for controller */
1401 /* Packet is flushed before getting any ACK/NACK */
1402 /* To do this, flush timeout should be 1 baseband slot */
1403 hci_flush_to = flush_tout;
1404 }
1405 /* no automatic flush (infinite timeout) */
1406 else if (flush_tout == L2CAP_NO_AUTOMATIC_FLUSH) {
1407 hci_flush_to = 0x0000;
1408 } else {
1409 /* convert L2CAP flush_to to 0.625 ms units, with round */
1410 temp = (((uint32_t)flush_tout * 8) + 3) / 5;
1411
1412 /* if L2CAP flush_to within range of HCI, set HCI flush timeout */
1413 if (temp > HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT) {
1414 L2CAP_TRACE_WARNING(
1415 "WARNING L2CA_SetFlushTimeout timeout(0x%x) is out of range",
1416 flush_tout);
1417 return false;
1418 } else {
1419 hci_flush_to = (uint16_t)temp;
1420 }
1421 }
1422
1423 if (RawAddress::kAny != bd_addr) {
1424 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1425
1426 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1427 if (p_lcb->link_flush_tout != flush_tout) {
1428 p_lcb->link_flush_tout = flush_tout;
1429
1430 VLOG(1) << __func__ << " BDA: " << bd_addr << " " << flush_tout << "ms";
1431
1432 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1433 }
1434 } else {
1435 LOG(WARNING) << __func__ << " No lcb for bd_addr " << bd_addr;
1436 return (false);
1437 }
1438 } else {
1439 int xx;
1440 p_lcb = &l2cb.lcb_pool[0];
1441
1442 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
1443 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
1444 if (p_lcb->link_flush_tout != flush_tout) {
1445 p_lcb->link_flush_tout = flush_tout;
1446
1447 VLOG(1) << __func__ << " BDA: " << p_lcb->remote_bd_addr << " "
1448 << flush_tout << "ms";
1449
1450 btsnd_hcic_write_auto_flush_tout(p_lcb->handle, hci_flush_to);
1451 }
1452 }
1453 }
1454 }
1455
1456 return (true);
1457 }
1458
1459 /*******************************************************************************
1460 *
1461 * Function L2CA_GetPeerFeatures
1462 *
1463 * Description Get a peers features and fixed channel map
1464 *
1465 * Parameters: BD address of the peer
1466 * Pointers to features and channel mask storage area
1467 *
1468 * Return value: true if peer is connected
1469 *
1470 ******************************************************************************/
L2CA_GetPeerFeatures(const RawAddress & bd_addr,uint32_t * p_ext_feat,uint8_t * p_chnl_mask)1471 bool L2CA_GetPeerFeatures(const RawAddress& bd_addr, uint32_t* p_ext_feat,
1472 uint8_t* p_chnl_mask) {
1473 tL2C_LCB* p_lcb;
1474
1475 /* We must already have a link to the remote */
1476 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1477 if (p_lcb == NULL) {
1478 LOG(WARNING) << __func__ << " No BDA: " << bd_addr;
1479 return false;
1480 }
1481
1482 VLOG(1) << __func__ << " BDA: " << bd_addr
1483 << StringPrintf(" ExtFea: 0x%08x Chnl_Mask[0]: 0x%02x",
1484 p_lcb->peer_ext_fea, p_lcb->peer_chnl_mask[0]);
1485
1486 *p_ext_feat = p_lcb->peer_ext_fea;
1487
1488 memcpy(p_chnl_mask, p_lcb->peer_chnl_mask, L2CAP_FIXED_CHNL_ARRAY_SIZE);
1489
1490 return true;
1491 }
1492
1493 /*******************************************************************************
1494 *
1495 * Function L2CA_GetBDAddrbyHandle
1496 *
1497 * Description Get BD address for the given HCI handle
1498 *
1499 * Parameters: HCI handle
1500 * BD address of the peer
1501 *
1502 * Return value: true if found lcb for the given handle, false otherwise
1503 *
1504 ******************************************************************************/
L2CA_GetBDAddrbyHandle(uint16_t handle,RawAddress & bd_addr)1505 bool L2CA_GetBDAddrbyHandle(uint16_t handle, RawAddress& bd_addr) {
1506 tL2C_LCB* p_lcb = NULL;
1507 bool found_dev = false;
1508
1509 p_lcb = l2cu_find_lcb_by_handle(handle);
1510 if (p_lcb) {
1511 found_dev = true;
1512 bd_addr = p_lcb->remote_bd_addr;
1513 }
1514
1515 return found_dev;
1516 }
1517
1518 /*******************************************************************************
1519 *
1520 * Function L2CA_GetChnlFcrMode
1521 *
1522 * Description Get the channel FCR mode
1523 *
1524 * Parameters: Local CID
1525 *
1526 * Return value: Channel mode
1527 *
1528 ******************************************************************************/
L2CA_GetChnlFcrMode(uint16_t lcid)1529 uint8_t L2CA_GetChnlFcrMode(uint16_t lcid) {
1530 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1531
1532 if (p_ccb) {
1533 L2CAP_TRACE_API("L2CA_GetChnlFcrMode() returns mode %d",
1534 p_ccb->peer_cfg.fcr.mode);
1535 return (p_ccb->peer_cfg.fcr.mode);
1536 }
1537
1538 L2CAP_TRACE_API("L2CA_GetChnlFcrMode() returns mode L2CAP_FCR_BASIC_MODE");
1539 return (L2CAP_FCR_BASIC_MODE);
1540 }
1541
1542 #if (L2CAP_NUM_FIXED_CHNLS > 0)
1543 /*******************************************************************************
1544 *
1545 * Function L2CA_RegisterFixedChannel
1546 *
1547 * Description Register a fixed channel.
1548 *
1549 * Parameters: Fixed Channel #
1550 * Channel Callbacks and config
1551 *
1552 * Return value: -
1553 *
1554 ******************************************************************************/
L2CA_RegisterFixedChannel(uint16_t fixed_cid,tL2CAP_FIXED_CHNL_REG * p_freg)1555 bool L2CA_RegisterFixedChannel(uint16_t fixed_cid,
1556 tL2CAP_FIXED_CHNL_REG* p_freg) {
1557 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1558 (fixed_cid > L2CAP_LAST_FIXED_CHNL)) {
1559 L2CAP_TRACE_ERROR("L2CA_RegisterFixedChannel() Invalid CID: 0x%04x",
1560 fixed_cid);
1561
1562 return (false);
1563 }
1564
1565 l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = *p_freg;
1566 return (true);
1567 }
1568
1569 /*******************************************************************************
1570 *
1571 * Function L2CA_ConnectFixedChnl
1572 *
1573 * Description Connect an fixed signalling channel to a remote device.
1574 *
1575 * Parameters: Fixed CID
1576 * BD Address of remote
1577 *
1578 * Return value: true if connection started
1579 *
1580 ******************************************************************************/
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1581 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1582 uint8_t phy = controller_get_interface()->get_le_all_initiating_phys();
1583 return L2CA_ConnectFixedChnl(fixed_cid, rem_bda, phy);
1584 }
1585
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda,uint8_t initiating_phys)1586 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda,
1587 uint8_t initiating_phys) {
1588 tL2C_LCB* p_lcb;
1589 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1590
1591 VLOG(1) << __func__ << " BDA: " << rem_bda
1592 << StringPrintf("CID: 0x%04x ", fixed_cid);
1593
1594 // Check CID is valid and registered
1595 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1596 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1597 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1598 NULL)) {
1599 L2CAP_TRACE_ERROR("%s() Invalid CID: 0x%04x", __func__, fixed_cid);
1600 return (false);
1601 }
1602
1603 // Fail if BT is not yet up
1604 if (!BTM_IsDeviceUp()) {
1605 L2CAP_TRACE_WARNING("%s(0x%04x) - BTU not ready", __func__, fixed_cid);
1606 return (false);
1607 }
1608
1609 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1610 transport = BT_TRANSPORT_LE;
1611
1612 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1613
1614 // If we already have a link to the remote, check if it supports that CID
1615 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1616 if (p_lcb != NULL) {
1617 // Fixed channels are mandatory on LE transports so ignore the received
1618 // channel mask and use the locally cached LE channel mask.
1619
1620 if (transport == BT_TRANSPORT_LE)
1621 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1622 else
1623 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1624
1625 // Check for supported channel
1626 if (!(peer_channel_mask & (1 << fixed_cid))) {
1627 VLOG(2) << __func__ << " BDA " << rem_bda
1628 << StringPrintf(" CID:0x%04x not supported", fixed_cid);
1629 return false;
1630 }
1631
1632 // Get a CCB and link the lcb to it
1633 if (!l2cu_initialize_fixed_ccb(
1634 p_lcb, fixed_cid,
1635 &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1636 .fixed_chnl_opts)) {
1637 L2CAP_TRACE_WARNING("%s(0x%04x) - LCB but no CCB", __func__, fixed_cid);
1638 return false;
1639 }
1640
1641 // racing with disconnecting, queue the connection request
1642 if (p_lcb->link_state == LST_DISCONNECTING) {
1643 L2CAP_TRACE_DEBUG("$s() - link disconnecting: RETRY LATER", __func__);
1644 /* Save ccb so it can be started after disconnect is finished */
1645 p_lcb->p_pending_ccb =
1646 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1647 return true;
1648 }
1649
1650 (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)(
1651 fixed_cid, p_lcb->remote_bd_addr, true, 0, p_lcb->transport);
1652 return true;
1653 }
1654
1655 // No link. Get an LCB and start link establishment
1656 p_lcb = l2cu_allocate_lcb(rem_bda, false, transport);
1657 if (p_lcb == NULL) {
1658 L2CAP_TRACE_WARNING("%s(0x%04x) - no LCB", __func__, fixed_cid);
1659 return false;
1660 }
1661
1662 // Get a CCB and link the lcb to it
1663 if (!l2cu_initialize_fixed_ccb(
1664 p_lcb, fixed_cid, &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1665 .fixed_chnl_opts)) {
1666 p_lcb->disc_reason = L2CAP_CONN_NO_RESOURCES;
1667 L2CAP_TRACE_WARNING("%s(0x%04x) - no CCB", __func__, fixed_cid);
1668 l2cu_release_lcb(p_lcb);
1669 return false;
1670 }
1671
1672 if (!l2cu_create_conn(p_lcb, transport, initiating_phys)) {
1673 L2CAP_TRACE_WARNING("%s() - create_conn failed", __func__);
1674 l2cu_release_lcb(p_lcb);
1675 return false;
1676 }
1677 return true;
1678 }
1679
1680 /*******************************************************************************
1681 *
1682 * Function L2CA_SendFixedChnlData
1683 *
1684 * Description Write data on a fixed channel.
1685 *
1686 * Parameters: Fixed CID
1687 * BD Address of remote
1688 * Pointer to buffer of type BT_HDR
1689 *
1690 * Return value L2CAP_DW_SUCCESS, if data accepted
1691 * L2CAP_DW_FAILED, if error
1692 *
1693 ******************************************************************************/
L2CA_SendFixedChnlData(uint16_t fixed_cid,const RawAddress & rem_bda,BT_HDR * p_buf)1694 uint16_t L2CA_SendFixedChnlData(uint16_t fixed_cid, const RawAddress& rem_bda,
1695 BT_HDR* p_buf) {
1696 tL2C_LCB* p_lcb;
1697 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1698
1699 VLOG(2) << __func__ << " BDA: " << rem_bda
1700 << StringPrintf(" CID: 0x%04x", fixed_cid);
1701
1702 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1703 transport = BT_TRANSPORT_LE;
1704
1705 // Check CID is valid and registered
1706 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1707 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1708 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1709 NULL)) {
1710 L2CAP_TRACE_ERROR("L2CA_SendFixedChnlData() Invalid CID: 0x%04x",
1711 fixed_cid);
1712 osi_free(p_buf);
1713 return (L2CAP_DW_FAILED);
1714 }
1715
1716 // Fail if BT is not yet up
1717 if (!BTM_IsDeviceUp()) {
1718 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - BTU not ready",
1719 fixed_cid);
1720 osi_free(p_buf);
1721 return (L2CAP_DW_FAILED);
1722 }
1723
1724 // We need to have a link up
1725 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1726 if (p_lcb == NULL || p_lcb->link_state == LST_DISCONNECTING) {
1727 /* if link is disconnecting, also report data sending failure */
1728 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData(0x%04x) - no LCB", fixed_cid);
1729 osi_free(p_buf);
1730 return (L2CAP_DW_FAILED);
1731 }
1732
1733 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1734
1735 // Select peer channels mask to use depending on transport
1736 if (transport == BT_TRANSPORT_LE)
1737 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1738 else
1739 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1740
1741 if ((peer_channel_mask & (1 << fixed_cid)) == 0) {
1742 L2CAP_TRACE_WARNING(
1743 "L2CA_SendFixedChnlData() - peer does not support fixed chnl: 0x%04x",
1744 fixed_cid);
1745 osi_free(p_buf);
1746 return (L2CAP_DW_FAILED);
1747 }
1748
1749 p_buf->event = 0;
1750 p_buf->layer_specific = L2CAP_FLUSHABLE_CH_BASED;
1751
1752 if (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) {
1753 if (!l2cu_initialize_fixed_ccb(
1754 p_lcb, fixed_cid,
1755 &l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1756 .fixed_chnl_opts)) {
1757 L2CAP_TRACE_WARNING("L2CA_SendFixedChnlData() - no CCB for chnl: 0x%4x",
1758 fixed_cid);
1759 osi_free(p_buf);
1760 return (L2CAP_DW_FAILED);
1761 }
1762 }
1763
1764 // If already congested, do not accept any more packets
1765 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) {
1766 L2CAP_TRACE_ERROR(
1767 "L2CAP - CID: 0x%04x cannot send, already congested \
1768 xmit_hold_q.count: %u buff_quota: %u",
1769 fixed_cid, fixed_queue_length(
1770 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1771 ->xmit_hold_q),
1772 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota);
1773 osi_free(p_buf);
1774 return (L2CAP_DW_FAILED);
1775 }
1776
1777 l2c_enqueue_peer_data(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL],
1778 p_buf);
1779
1780 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
1781
1782 // If there is no dynamic CCB on the link, restart the idle timer each time
1783 // something is sent
1784 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1785 !p_lcb->ccb_queue.p_first_ccb) {
1786 l2cu_no_dynamic_ccbs(p_lcb);
1787 }
1788
1789 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent)
1790 return (L2CAP_DW_CONGESTED);
1791
1792 return (L2CAP_DW_SUCCESS);
1793 }
1794
1795 /*******************************************************************************
1796 *
1797 * Function L2CA_RemoveFixedChnl
1798 *
1799 * Description Remove a fixed channel to a remote device.
1800 *
1801 * Parameters: Fixed CID
1802 * BD Address of remote
1803 * Idle timeout to use (or 0xFFFF if don't care)
1804 *
1805 * Return value: true if channel removed
1806 *
1807 ******************************************************************************/
L2CA_RemoveFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1808 bool L2CA_RemoveFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1809 tL2C_LCB* p_lcb;
1810 tL2C_CCB* p_ccb;
1811 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1812
1813 /* Check CID is valid and registered */
1814 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1815 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1816 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1817 NULL)) {
1818 L2CAP_TRACE_ERROR("L2CA_RemoveFixedChnl() Invalid CID: 0x%04x", fixed_cid);
1819 return (false);
1820 }
1821
1822 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1823 transport = BT_TRANSPORT_LE;
1824
1825 /* Is a fixed channel connected to the remote BDA ?*/
1826 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1827
1828 if (((p_lcb) == NULL) ||
1829 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1830 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1831 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1832 return (false);
1833 }
1834
1835 VLOG(2) << __func__ << " BDA: " << rem_bda
1836 << StringPrintf(" CID: 0x%04x", fixed_cid);
1837
1838 /* Release the CCB, starting an inactivity timeout on the LCB if no other CCBs
1839 * exist */
1840 p_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1841
1842 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = NULL;
1843 p_lcb->disc_reason = HCI_ERR_CONN_CAUSE_LOCAL_HOST;
1844
1845 // Retain the link for a few more seconds after SMP pairing is done, since
1846 // the Android platform always does service discovery after pairing is
1847 // complete. This will avoid the link down (pairing is complete) and an
1848 // immediate re-connection for service discovery.
1849 // Some devices do not do auto advertising when link is dropped, thus fail
1850 // the second connection and service discovery.
1851 if ((fixed_cid == L2CAP_ATT_CID) && !p_lcb->ccb_queue.p_first_ccb)
1852 p_lcb->idle_timeout = 0;
1853
1854 l2cu_release_ccb(p_ccb);
1855
1856 return (true);
1857 }
1858
1859 /*******************************************************************************
1860 *
1861 * Function L2CA_SetFixedChannelTout
1862 *
1863 * Description Higher layers call this function to set the idle timeout for
1864 * a fixed channel. The "idle timeout" is the amount of time
1865 * that a connection can remain up with no L2CAP channels on
1866 * it. A timeout of zero means that the connection will be torn
1867 * down immediately when the last channel is removed.
1868 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1869 * A bd_addr is the remote BD address.
1870 *
1871 * Returns true if command succeeded, false if failed
1872 *
1873 ******************************************************************************/
L2CA_SetFixedChannelTout(const RawAddress & rem_bda,uint16_t fixed_cid,uint16_t idle_tout)1874 bool L2CA_SetFixedChannelTout(const RawAddress& rem_bda, uint16_t fixed_cid,
1875 uint16_t idle_tout) {
1876 tL2C_LCB* p_lcb;
1877 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1878
1879 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1880 transport = BT_TRANSPORT_LE;
1881
1882 /* Is a fixed channel connected to the remote BDA ?*/
1883 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1884 if (((p_lcb) == NULL) ||
1885 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1886 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1887 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1888 return (false);
1889 }
1890
1891 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1892 ->fixed_chnl_idle_tout = idle_tout;
1893
1894 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1895 !p_lcb->ccb_queue.p_first_ccb) {
1896 /* If there are no dynamic CCBs, (re)start the idle timer in case we changed
1897 * it */
1898 l2cu_no_dynamic_ccbs(p_lcb);
1899 }
1900
1901 return true;
1902 }
1903
1904 #endif /* #if (L2CAP_NUM_FIXED_CHNLS > 0) */
1905
1906 /*******************************************************************************
1907 *
1908 * Function L2CA_GetCurrentConfig
1909 *
1910 * Description This function returns configurations of L2CAP channel
1911 * pp_our_cfg : pointer of our saved configuration options
1912 * p_our_cfg_bits : valid config in bitmap
1913 * pp_peer_cfg: pointer of peer's saved configuration options
1914 * p_peer_cfg_bits : valid config in bitmap
1915 *
1916 * Returns true if successful
1917 *
1918 ******************************************************************************/
L2CA_GetCurrentConfig(uint16_t lcid,tL2CAP_CFG_INFO ** pp_our_cfg,tL2CAP_CH_CFG_BITS * p_our_cfg_bits,tL2CAP_CFG_INFO ** pp_peer_cfg,tL2CAP_CH_CFG_BITS * p_peer_cfg_bits)1919 bool L2CA_GetCurrentConfig(uint16_t lcid, tL2CAP_CFG_INFO** pp_our_cfg,
1920 tL2CAP_CH_CFG_BITS* p_our_cfg_bits,
1921 tL2CAP_CFG_INFO** pp_peer_cfg,
1922 tL2CAP_CH_CFG_BITS* p_peer_cfg_bits) {
1923 tL2C_CCB* p_ccb;
1924
1925 L2CAP_TRACE_API("L2CA_GetCurrentConfig() CID: 0x%04x", lcid);
1926
1927 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1928
1929 if (p_ccb) {
1930 *pp_our_cfg = &(p_ccb->our_cfg);
1931
1932 /* convert valid config items into bitmap */
1933 *p_our_cfg_bits = 0;
1934 if (p_ccb->our_cfg.mtu_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_MTU;
1935 if (p_ccb->our_cfg.qos_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_QOS;
1936 if (p_ccb->our_cfg.flush_to_present)
1937 *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FLUSH_TO;
1938 if (p_ccb->our_cfg.fcr_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCR;
1939 if (p_ccb->our_cfg.fcs_present) *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_FCS;
1940 if (p_ccb->our_cfg.ext_flow_spec_present)
1941 *p_our_cfg_bits |= L2CAP_CH_CFG_MASK_EXT_FLOW_SPEC;
1942
1943 *pp_peer_cfg = &(p_ccb->peer_cfg);
1944 *p_peer_cfg_bits = p_ccb->peer_cfg_bits;
1945
1946 return true;
1947 } else {
1948 L2CAP_TRACE_ERROR("No CCB for CID:0x%04x", lcid);
1949 return false;
1950 }
1951 }
1952
1953 /*******************************************************************************
1954 *
1955 * Function L2CA_GetConnectionConfig
1956 *
1957 * Description This function returns configurations of L2CAP channel
1958 * pp_l2c_ccb : pointer to this channels L2CAP ccb data.
1959 *
1960 * Returns true if successful
1961 *
1962 ******************************************************************************/
L2CA_GetConnectionConfig(uint16_t lcid,uint16_t * mtu,uint16_t * rcid,uint16_t * handle)1963 bool L2CA_GetConnectionConfig(uint16_t lcid, uint16_t* mtu, uint16_t* rcid,
1964 uint16_t* handle) {
1965 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1966 ;
1967
1968 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
1969
1970 if (p_ccb) {
1971 *mtu = L2CAP_MTU_SIZE;
1972 if (p_ccb->our_cfg.mtu_present) *mtu = p_ccb->our_cfg.mtu;
1973
1974 *rcid = p_ccb->remote_cid;
1975 *handle = p_ccb->p_lcb->handle;
1976 return true;
1977 }
1978
1979 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
1980 return false;
1981 }
1982
1983 /*******************************************************************************
1984 *
1985 * Function L2CA_RegForNoCPEvt
1986 *
1987 * Description Register callback for Number of Completed Packets event.
1988 *
1989 * Input Param p_cb - callback for Number of completed packets event
1990 * p_bda - BT address of remote device
1991 *
1992 * Returns true if registered OK, else false
1993 *
1994 ******************************************************************************/
L2CA_RegForNoCPEvt(tL2CA_NOCP_CB * p_cb,const RawAddress & p_bda)1995 bool L2CA_RegForNoCPEvt(tL2CA_NOCP_CB* p_cb, const RawAddress& p_bda) {
1996 tL2C_LCB* p_lcb;
1997
1998 /* Find the link that is associated with this remote bdaddr */
1999 p_lcb = l2cu_find_lcb_by_bd_addr(p_bda, BT_TRANSPORT_BR_EDR);
2000
2001 /* If no link for this handle, nothing to do. */
2002 if (!p_lcb) return false;
2003
2004 p_lcb->p_nocp_cb = p_cb;
2005
2006 return true;
2007 }
2008
2009 /*******************************************************************************
2010 *
2011 * Function L2CA_DataWrite
2012 *
2013 * Description Higher layers call this function to write data.
2014 *
2015 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
2016 * L2CAP_DW_CONGESTED, if data accepted and the channel is
2017 * congested
2018 * L2CAP_DW_FAILED, if error
2019 *
2020 ******************************************************************************/
L2CA_DataWrite(uint16_t cid,BT_HDR * p_data)2021 uint8_t L2CA_DataWrite(uint16_t cid, BT_HDR* p_data) {
2022 L2CAP_TRACE_API("L2CA_DataWrite() CID: 0x%04x Len: %d", cid, p_data->len);
2023 return l2c_data_write(cid, p_data, L2CAP_FLUSHABLE_CH_BASED);
2024 }
2025
2026 /*******************************************************************************
2027 *
2028 * Function L2CA_SetChnlFlushability
2029 *
2030 * Description Higher layers call this function to set a channels
2031 * flushability flags
2032 *
2033 * Returns true if CID found, else false
2034 *
2035 ******************************************************************************/
L2CA_SetChnlFlushability(uint16_t cid,bool is_flushable)2036 bool L2CA_SetChnlFlushability(uint16_t cid, bool is_flushable) {
2037 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
2038
2039 tL2C_CCB* p_ccb;
2040
2041 /* Find the channel control block. We don't know the link it is on. */
2042 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
2043 if (p_ccb == NULL) {
2044 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlFlushability, CID: %d",
2045 cid);
2046 return (false);
2047 }
2048
2049 p_ccb->is_flushable = is_flushable;
2050
2051 L2CAP_TRACE_API("L2CA_SetChnlFlushability() CID: 0x%04x is_flushable: %d",
2052 cid, is_flushable);
2053
2054 #endif
2055
2056 return (true);
2057 }
2058
2059 /*******************************************************************************
2060 *
2061 * Function L2CA_DataWriteEx
2062 *
2063 * Description Higher layers call this function to write data with extended
2064 * flags.
2065 * flags : L2CAP_FLUSHABLE_CH_BASED
2066 * L2CAP_FLUSHABLE_PKT
2067 * L2CAP_NON_FLUSHABLE_PKT
2068 *
2069 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
2070 * L2CAP_DW_CONGESTED, if data accepted and the channel is
2071 * congested
2072 * L2CAP_DW_FAILED, if error
2073 *
2074 ******************************************************************************/
L2CA_DataWriteEx(uint16_t cid,BT_HDR * p_data,uint16_t flags)2075 uint8_t L2CA_DataWriteEx(uint16_t cid, BT_HDR* p_data, uint16_t flags) {
2076 L2CAP_TRACE_API("L2CA_DataWriteEx() CID: 0x%04x Len: %d Flags:0x%04X", cid,
2077 p_data->len, flags);
2078 return l2c_data_write(cid, p_data, flags);
2079 }
2080
2081 /*******************************************************************************
2082 *
2083 * Function L2CA_FlushChannel
2084 *
2085 * Description This function flushes none, some or all buffers queued up
2086 * for xmission for a particular CID. If called with
2087 * L2CAP_FLUSH_CHANS_GET (0), it simply returns the number
2088 * of buffers queued for that CID L2CAP_FLUSH_CHANS_ALL (0xffff)
2089 * flushes all buffers. All other values specifies the maximum
2090 * buffers to flush.
2091 *
2092 * Returns Number of buffers left queued for that CID
2093 *
2094 ******************************************************************************/
L2CA_FlushChannel(uint16_t lcid,uint16_t num_to_flush)2095 uint16_t L2CA_FlushChannel(uint16_t lcid, uint16_t num_to_flush) {
2096 tL2C_CCB* p_ccb;
2097 tL2C_LCB* p_lcb;
2098 uint16_t num_left = 0, num_flushed1 = 0, num_flushed2 = 0;
2099
2100 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
2101
2102 if (!p_ccb || (p_ccb->p_lcb == NULL)) {
2103 L2CAP_TRACE_WARNING(
2104 "L2CA_FlushChannel() abnormally returning 0 CID: 0x%04x", lcid);
2105 return (0);
2106 }
2107 p_lcb = p_ccb->p_lcb;
2108
2109 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
2110 L2CAP_TRACE_API(
2111 "L2CA_FlushChannel (FLUSH) CID: 0x%04x NumToFlush: %d QC: %u "
2112 "pFirst: 0x%08x",
2113 lcid, num_to_flush, fixed_queue_length(p_ccb->xmit_hold_q),
2114 fixed_queue_try_peek_first(p_ccb->xmit_hold_q));
2115 } else {
2116 L2CAP_TRACE_API("L2CA_FlushChannel (QUERY) CID: 0x%04x", lcid);
2117 }
2118
2119 /* Cannot flush eRTM buffers once they have a sequence number */
2120 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
2121 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
2122 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
2123 /* If the controller supports enhanced flush, flush the data queued at the
2124 * controller */
2125 if ((HCI_NON_FLUSHABLE_PB_SUPPORTED(BTM_ReadLocalFeatures())) &&
2126 (BTM_GetNumScoLinks() == 0)) {
2127 if (l2cb.is_flush_active == false) {
2128 l2cb.is_flush_active = true;
2129
2130 /* The only packet type defined - 0 - Automatically-Flushable Only */
2131 btsnd_hcic_enhanced_flush(p_lcb->handle, 0);
2132 }
2133 }
2134 }
2135 #endif
2136
2137 // Iterate though list and flush the amount requested from
2138 // the transmit data queue that satisfy the layer and event conditions.
2139 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
2140 (num_to_flush > 0) && node != list_end(p_lcb->link_xmit_data_q);) {
2141 BT_HDR* p_buf = (BT_HDR*)list_node(node);
2142 node = list_next(node);
2143 if ((p_buf->layer_specific == 0) && (p_buf->event == lcid)) {
2144 num_to_flush--;
2145 num_flushed1++;
2146
2147 list_remove(p_lcb->link_xmit_data_q, p_buf);
2148 osi_free(p_buf);
2149 }
2150 }
2151 }
2152
2153 /* If needed, flush buffers in the CCB xmit hold queue */
2154 while ((num_to_flush != 0) && (!fixed_queue_is_empty(p_ccb->xmit_hold_q))) {
2155 BT_HDR* p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_ccb->xmit_hold_q);
2156 osi_free(p_buf);
2157 num_to_flush--;
2158 num_flushed2++;
2159 }
2160
2161 /* If app needs to track all packets, call him */
2162 if ((p_ccb->p_rcb) && (p_ccb->p_rcb->api.pL2CA_TxComplete_Cb) &&
2163 (num_flushed2))
2164 (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, num_flushed2);
2165
2166 /* Now count how many are left */
2167 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
2168 node != list_end(p_lcb->link_xmit_data_q); node = list_next(node)) {
2169 BT_HDR* p_buf = (BT_HDR*)list_node(node);
2170 if (p_buf->event == lcid) num_left++;
2171 }
2172
2173 /* Add in the number in the CCB xmit queue */
2174 num_left += fixed_queue_length(p_ccb->xmit_hold_q);
2175
2176 /* Return the local number of buffers left for the CID */
2177 L2CAP_TRACE_DEBUG("L2CA_FlushChannel() flushed: %u + %u, num_left: %u",
2178 num_flushed1, num_flushed2, num_left);
2179
2180 /* If we were congested, and now we are not, tell the app */
2181 l2cu_check_channel_congestion(p_ccb);
2182
2183 return (num_left);
2184 }
2185